Merge "Limit stage install to system and whitelisted packges only (1/2)" into...

    private ArrayMap<String, Set<String>> mPackageToUserTypeBlacklist = new ArrayMap<>();

    private ArrayMap<String, Set<String>> mPackageToUserTypeBlacklist = new ArrayMap<>();

    private final ArraySet<String> mRollbackWhitelistedPackages = new ArraySet<>();

    private final ArraySet<String> mRollbackWhitelistedPackages = new ArraySet<>();

    private final ArraySet<String> mWhitelistedStagedInstallers = new ArraySet<>();

    /**

    /**

     * Map of system pre-defined, uniquely named actors; keys are namespace,

     * Map of system pre-defined, uniquely named actors; keys are namespace,

        return mRollbackWhitelistedPackages;

        return mRollbackWhitelistedPackages;

    }

    }

    public Set<String> getWhitelistedStagedInstallers() {

        return mWhitelistedStagedInstallers;

    }

    public ArraySet<String> getAppDataIsolationWhitelistedApps() {

    public ArraySet<String> getAppDataIsolationWhitelistedApps() {

        return mAppDataIsolationWhitelistedApps;

        return mAppDataIsolationWhitelistedApps;

    }

    }

                        }

                        }

                        XmlUtils.skipCurrentTag(parser);

                        XmlUtils.skipCurrentTag(parser);

                    } break;

                    } break;

                    case "whitelisted-staged-installer": {

                        if (allowAppConfigs) {

                            String pkgname = parser.getAttributeValue(null, "package");

                            if (pkgname == null) {

                                Slog.w(TAG, "<" + name + "> without package in " + permFile

                                        + " at " + parser.getPositionDescription());

                            } else {

                                mWhitelistedStagedInstallers.add(pkgname);

                            }

                        } else {

                            logNotAllowedInPartition(name, permFile, parser);

                        }

                        XmlUtils.skipCurrentTag(parser);

                    } break;

                    default: {

                    default: {

                        Slog.w(TAG, "Tag " + name + " is unknown in "

                        Slog.w(TAG, "Tag " + name + " is unknown in "

                                + permFile + " at " + parser.getPositionDescription());

                                + permFile + " at " + parser.getPositionDescription());

package com.android.server.systemconfig;

package com.android.server.systemconfig;

import static com.google.common.truth.Truth.assertThat;

import static org.junit.Assert.assertEquals;

import static org.junit.Assert.assertEquals;

import android.platform.test.annotations.Presubmit;

import android.platform.test.annotations.Presubmit;

        assertEquals(packageTwoExpected, packageTwo);

        assertEquals(packageTwoExpected, packageTwo);

    }

    }

    /**

     * Tests that readPermissions works correctly with {@link SystemConfig#ALLOW_APP_CONFIGS}

     * permission flag for the tag: whitelisted-staged-installer.

     */

    @Test

    public void readPermissions_allowAppConfigs_parsesStagedInstallerWhitelist()

            throws IOException {

        final String contents =

                "<config>\n"

                + "    <whitelisted-staged-installer package=\"com.android.package1\" />\n"

                + "</config>";

        final File folder = createTempSubfolder("folder");

        createTempFile(folder, "staged-installer-whitelist.xml", contents);

        mSysConfig.readPermissions(folder, /* Grant all permission flags */ ~0);

        assertThat(mSysConfig.getWhitelistedStagedInstallers())

                .containsExactly("com.android.package1");

    }

    /**

     * Tests that readPermissions works correctly without {@link SystemConfig#ALLOW_APP_CONFIGS}

     * permission flag for the tag: whitelisted-staged-installer.

     */

    @Test

    public void readPermissions_notAllowAppConfigs_wontParseStagedInstallerWhitelist()

            throws IOException {

        final String contents =

                "<config>\n"

                + "    <whitelisted-staged-installer package=\"com.android.package1\" />\n"

                + "</config>";

        final File folder = createTempSubfolder("folder");

        createTempFile(folder, "staged-installer-whitelist.xml", contents);

        mSysConfig.readPermissions(folder, /* Grant all but ALLOW_APP_CONFIGS flag */ ~0x08);

        assertThat(mSysConfig.getWhitelistedStagedInstallers()).isEmpty();

    }

    /**

    /**

     * Creates folderName/fileName in the mTemporaryFolder and fills it with the contents.

     * Creates folderName/fileName in the mTemporaryFolder and fills it with the contents.

     *

     * @param folderName subdirectory of mTemporaryFolder to put the file, creating if needed

     * @param folderName subdirectory of mTemporaryFolder to put the file, creating if needed

     * @return the folder

     * @return the folder

     */

     */

    /**

    /**

     * Creates folderName/fileName in the mTemporaryFolder and fills it with the contents.

     * Creates folderName/fileName in the mTemporaryFolder and fills it with the contents.

     *

     * @param folder   pre-existing subdirectory of mTemporaryFolder to put the file

     * @param folder   pre-existing subdirectory of mTemporaryFolder to put the file

     * @param fileName name of the file (e.g. filename.xml) to create

     * @param fileName name of the file (e.g. filename.xml) to create

     * @param contents contents to write to the file

     * @param contents contents to write to the file