Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit fe4885e3 authored by Jason Monk's avatar Jason Monk
Browse files

Fix slice auto grant permissions 

Test: Use auto-grant permissions across processes
Bug: 110958430
Change-Id: I3100f0655dbeb4ff0cde6407684edaff45961e09
parent 55f09811

core/java/android/app/slice/ISliceManager.aidl

+1 −1
Original line number Diff line number Diff line
@@ -33,7 +33,7 @@ interface ISliceManager { 
    // Perms.

    void grantSlicePermission(String callingPkg, String toPkg, in Uri uri);

    void revokeSlicePermission(String callingPkg, String toPkg, in Uri uri);

    int checkSlicePermission(in Uri uri, String pkg, int pid, int uid,

    int checkSlicePermission(in Uri uri, String callingPkg, String pkg, int pid, int uid,

            in String[] autoGrantPermissions);

    void grantPermissionFromUser(in Uri uri, String pkg, String callingPkg, boolean allSlices);

}

core/java/android/app/slice/SliceManager.java

+4 −2
Original line number Diff line number Diff line
@@ -430,7 +430,8 @@ public class SliceManager { 
     */

    public @PermissionResult int checkSlicePermission(@NonNull Uri uri, int pid, int uid) {

        try {

            return mService.checkSlicePermission(uri, null, pid, uid, null);

            return mService.checkSlicePermission(uri, mContext.getPackageName(), null, pid, uid,

                    null);

        } catch (RemoteException e) {

            throw e.rethrowFromSystemServer();

        }
@@ -487,7 +488,8 @@ public class SliceManager { 
            if (pkg == null) {

                throw new SecurityException("No pkg specified");

            }

            int result = mService.checkSlicePermission(uri, pkg, pid, uid, autoGrantPermissions);

            int result = mService.checkSlicePermission(uri, mContext.getPackageName(), pkg, pid,

                    uid, autoGrantPermissions);

            if (result == PERMISSION_DENIED) {

                throw new SecurityException("User " + uid + " does not have slice permission for "

                        + uri + ".");

services/core/java/com/android/server/slice/SliceManagerService.java

+5 −5
Original line number Diff line number Diff line
@@ -219,12 +219,12 @@ public class SliceManagerService extends ISliceManager.Stub { 
    }



    @Override

    public int checkSlicePermission(Uri uri, String pkg, int pid, int uid,

    public int checkSlicePermission(Uri uri, String callingPkg, String pkg, int pid, int uid,

            String[] autoGrantPermissions) {

        int userId = UserHandle.getUserId(uid);

        if (pkg == null) {

            for (String p : mContext.getPackageManager().getPackagesForUid(uid)) {

                if (checkSlicePermission(uri, p, pid, uid, autoGrantPermissions)

                if (checkSlicePermission(uri, callingPkg, p, pid, uid, autoGrantPermissions)

                        == PERMISSION_GRANTED) {

                    return PERMISSION_GRANTED;

                }
@@ -237,9 +237,9 @@ public class SliceManagerService extends ISliceManager.Stub { 
        if (mPermissions.hasPermission(pkg, userId, uri)) {

            return PackageManager.PERMISSION_GRANTED;

        }

        if (autoGrantPermissions != null) {

        if (autoGrantPermissions != null && callingPkg != null) {

            // Need to own the Uri to call in with permissions to grant.

            enforceOwner(pkg, uri, userId);

            enforceOwner(callingPkg, uri, userId);

            for (String perm : autoGrantPermissions) {

                if (mContext.checkPermission(perm, pid, uid) == PERMISSION_GRANTED) {

                    int providerUser = ContentProvider.getUserIdFromUri(uri, userId);
@@ -391,7 +391,7 @@ public class SliceManagerService extends ISliceManager.Stub { 
    }



    protected int checkAccess(String pkg, Uri uri, int uid, int pid) {

        return checkSlicePermission(uri, pkg, uid, pid, null);

        return checkSlicePermission(uri, null, pkg, uid, pid, null);

    }



    private String getProviderPkg(Uri uri, int user) {

services/tests/uiservicestests/src/com/android/server/slice/SliceManagerServiceTest.java

+2 −1
Original line number Diff line number Diff line
@@ -120,7 +120,8 @@ public class SliceManagerServiceTest extends UiServiceTestCase { 
                .thenReturn(PERMISSION_DENIED);

        when(mContextSpy.checkPermission("perm2", Process.myPid(), Process.myUid()))

                .thenReturn(PERMISSION_GRANTED);

        mService.checkSlicePermission(TEST_URI, mContext.getPackageName(), Process.myPid(),

        mService.checkSlicePermission(TEST_URI, mContext.getPackageName(),

                mContext.getPackageName(), Process.myPid(),

                Process.myUid(), testPerms);



        verify(mContextSpy).checkPermission(eq("perm1"), eq(Process.myPid()), eq(Process.myUid()));