Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ddd5bd83 authored Mar 24, 2021 by TreeHugger Robot Committed by Android (Google) Code Review Mar 24, 2021

Merge "Disallow domain user selector from querying autoVerify domains" into sc-dev

parents a390714d 4ef9a383

core/api/system-current.txt

+1 −1

Original line number	Diff line number	Diff line
		@@ -2874,7 +2874,7 @@ package android.content.pm.verify.domain {
		}

		public final class DomainVerificationManager {
		method @Nullable @RequiresPermission(anyOf={android.Manifest.permission.DOMAIN_VERIFICATION_AGENT, android.Manifest.permission.UPDATE_DOMAIN_VERIFICATION_USER_SELECTION}) public android.content.pm.verify.domain.DomainVerificationInfo getDomainVerificationInfo(@NonNull String) throws android.content.pm.PackageManager.NameNotFoundException;
		method @Nullable @RequiresPermission(android.Manifest.permission.DOMAIN_VERIFICATION_AGENT) public android.content.pm.verify.domain.DomainVerificationInfo getDomainVerificationInfo(@NonNull String) throws android.content.pm.PackageManager.NameNotFoundException;
		method @NonNull @RequiresPermission(android.Manifest.permission.UPDATE_DOMAIN_VERIFICATION_USER_SELECTION) public java.util.List<android.content.pm.verify.domain.DomainOwner> getOwnersForDomain(@NonNull String);
		method @NonNull @RequiresPermission(android.Manifest.permission.DOMAIN_VERIFICATION_AGENT) public java.util.List<java.lang.String> queryValidVerificationPackageNames();
		method @RequiresPermission(android.Manifest.permission.UPDATE_DOMAIN_VERIFICATION_USER_SELECTION) public void setDomainVerificationLinkHandlingAllowed(@NonNull String, boolean) throws android.content.pm.PackageManager.NameNotFoundException;

core/java/android/content/pm/verify/domain/DomainVerificationManager.java

+1 −4

Original line number	Diff line number	Diff line
		@@ -179,10 +179,7 @@ public final class DomainVerificationManager {
		*/
		@SystemApi
		@Nullable
		@RequiresPermission(anyOf = {
		android.Manifest.permission.DOMAIN_VERIFICATION_AGENT,
		android.Manifest.permission.UPDATE_DOMAIN_VERIFICATION_USER_SELECTION
		})
		@RequiresPermission(android.Manifest.permission.DOMAIN_VERIFICATION_AGENT)
		public DomainVerificationInfo getDomainVerificationInfo(@NonNull String packageName)
		throws NameNotFoundException {
		try {

services/core/java/com/android/server/pm/verify/domain/DomainVerificationEnforcer.java

+2 −5

Original line number	Diff line number	Diff line
		@@ -70,11 +70,8 @@ public class DomainVerificationEnforcer {
		break;
		default:
		if (!proxy.isCallerVerifier(callingUid)) {
		mContext.enforcePermission(
		android.Manifest.permission.UPDATE_DOMAIN_VERIFICATION_USER_SELECTION,
		Binder.getCallingPid(), callingUid,
		"Caller " + callingUid
		+ " is not allowed to query domain verification state");
		throw new SecurityException(
		"Caller is not allowed to query domain verification state");
		}

		mContext.enforcePermission(android.Manifest.permission.QUERY_ALL_PACKAGES,

services/tests/PackageManagerServiceTests/unit/src/com/android/server/pm/test/verify/domain/DomainVerificationEnforcerTest.kt

+2 −2

Original line number	Diff line number	Diff line
		@@ -417,7 +417,7 @@ class DomainVerificationEnforcerTest {

		allowQueryAll.set(true)

		runMethod(target, NON_VERIFIER_UID)
		assertFails { runMethod(target, NON_VERIFIER_UID) }
		}

		private fun approvedVerifier() {
		@@ -816,7 +816,7 @@ class DomainVerificationEnforcerTest {
		// System/shell only
		INTERNAL,

		// INTERNAL \|\| domain verification agent \|\| user setting permission holder
		// INTERNAL \|\| non-legacy domain verification agent
		QUERENT,

		// INTERNAL \|\| domain verification agent