Merge "Update telephony tests to use new phone number access check" into sc-dev (24b2f234) · Commits · e / os / android_frameworks_opt_telephony

tests/telephonytests/src/com/android/internal/telephony/PhoneSubInfoControllerTest.java

+26 −146

Original line number	Diff line number	Diff line
		@@ -16,8 +16,6 @@
		package com.android.internal.telephony;

		import static android.Manifest.permission.READ_PHONE_STATE;
		import static android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE;
		import static android.Manifest.permission.READ_SMS;

		import static org.junit.Assert.assertEquals;
		import static org.junit.Assert.assertNull;
		@@ -31,6 +29,7 @@ import static org.mockito.Mockito.eq;
		import android.app.AppOpsManager;
		import android.app.PropertyInvalidatedCache;
		import android.content.Context;
		import android.content.pm.PackageManager;
		import android.os.Build;
		import android.test.suitebuilder.annotation.SmallTest;

		@@ -589,16 +588,11 @@ public class PhoneSubInfoControllerTest extends TelephonyTest {

		/* case 1: no READ_PRIVILEGED_PHONE_STATE & READ_PHONE_STATE &
		READ_SMS and no OP_WRITE_SMS & OP_READ_SMS from appOsMgr */
		// All permission checks are handled by the LegacyPermissionManager, so this test only
		// requires three case; all permissions / appops denied, READ_PHONE_STATE permission
		// granted without the appop, and one or more of the permissions / appops granted.
		mContextFixture.removeCallingOrSelfPermission(ContextFixture.PERMISSION_ENABLE_ALL);
		doReturn(AppOpsManager.MODE_ERRORED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_READ_SMS), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		doReturn(AppOpsManager.MODE_ERRORED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_WRITE_SMS), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		doReturn(AppOpsManager.MODE_ERRORED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_READ_PHONE_STATE), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		setPhoneNumberAccess(PackageManager.PERMISSION_DENIED);
		try {
		mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(0, TAG, FEATURE_ID);
		Assert.fail("expected Security Exception Thrown");
		@@ -613,61 +607,13 @@ public class PhoneSubInfoControllerTest extends TelephonyTest {
		assertTrue(ex instanceof SecurityException);
		}

		/* case 2: only enable WRITE_SMS permission */
		doReturn(AppOpsManager.MODE_ALLOWED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_WRITE_SMS), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		assertEquals("+18051234567",
		mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(0, TAG, FEATURE_ID));
		assertEquals("+18052345678",
		mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(1, TAG, FEATURE_ID));

		/* case 3: only enable READ_PRIVILEGED_PHONE_STATE */
		doReturn(AppOpsManager.MODE_ERRORED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_WRITE_SMS), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		mContextFixture.addCallingOrSelfPermission(READ_PRIVILEGED_PHONE_STATE);
		assertEquals("+18051234567",
		mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(0, TAG, FEATURE_ID));
		assertEquals("+18052345678",
		mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(1, TAG, FEATURE_ID));

		/* case 4: only enable READ_PHONE_STATE permission */
		mContextFixture.removeCallingOrSelfPermission(READ_PRIVILEGED_PHONE_STATE);
		mContextFixture.addCallingOrSelfPermission(READ_PHONE_STATE);
		/* case 2: only enable READ_PHONE_STATE permission */
		setPhoneNumberAccess(AppOpsManager.MODE_IGNORED);
		assertNull(mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(0, TAG, FEATURE_ID));
		assertNull(mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(1, TAG, FEATURE_ID));

		/* case 5: enable appOsMgr READ_PHONE_PERMISSION & READ_PHONE_STATE */
		doReturn(AppOpsManager.MODE_ALLOWED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_READ_PHONE_STATE), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		assertEquals("+18051234567",
		mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(0, TAG, FEATURE_ID));
		assertEquals("+18052345678",
		mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(1, TAG, FEATURE_ID));

		/* case 6: only enable READ_SMS; without the appop should throw SecurityException */
		doReturn(AppOpsManager.MODE_ERRORED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_READ_PHONE_STATE), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		mContextFixture.removeCallingOrSelfPermission(READ_PHONE_STATE);
		mContextFixture.addCallingOrSelfPermission(READ_SMS);
		try {
		mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(0, TAG, FEATURE_ID);
		Assert.fail("expected SecurityException thrown");
		} catch (SecurityException expected) {
		}
		try {
		mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(1, TAG, FEATURE_ID);
		Assert.fail("expected SecurityException thrown");
		} catch (SecurityException expected) {
		}

		/* case 7: enable READ_SMS and OP_READ_SMS */
		doReturn(AppOpsManager.MODE_ALLOWED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_READ_SMS), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		/* case 3: enable READ_SMS and OP_READ_SMS */
		setPhoneNumberAccess(PackageManager.PERMISSION_GRANTED);
		assertEquals("+18051234567",
		mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(0, TAG, FEATURE_ID));
		assertEquals("+18052345678",
		@@ -684,33 +630,7 @@ public class PhoneSubInfoControllerTest extends TelephonyTest {
		/* case 1: no READ_PRIVILEGED_PHONE_STATE & READ_PHONE_STATE &
		READ_SMS and no OP_WRITE_SMS & OP_READ_SMS from appOsMgr */
		mContextFixture.removeCallingOrSelfPermission(ContextFixture.PERMISSION_ENABLE_ALL);
		doReturn(AppOpsManager.MODE_ERRORED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_READ_SMS), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		doReturn(AppOpsManager.MODE_ERRORED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_WRITE_SMS), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		doReturn(AppOpsManager.MODE_ERRORED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_READ_PHONE_STATE), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		try {
		mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(0, TAG, FEATURE_ID);
		Assert.fail("expected Security Exception Thrown");
		} catch (Exception ex) {
		assertTrue(ex instanceof SecurityException);
		}

		try {
		mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(1, TAG, FEATURE_ID);
		Assert.fail("expected Security Exception Thrown");
		} catch (Exception ex) {
		assertTrue(ex instanceof SecurityException);
		}

		/* case 2: enable READ_PHONE_STATE permission */
		doReturn(AppOpsManager.MODE_ALLOWED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_READ_PHONE_STATE), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		setPhoneNumberAccess(PackageManager.PERMISSION_DENIED);
		try {
		mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(0, TAG, FEATURE_ID);
		Assert.fail("expected Security Exception Thrown");
		@@ -725,14 +645,8 @@ public class PhoneSubInfoControllerTest extends TelephonyTest {
		assertTrue(ex instanceof SecurityException);
		}

		/* case 3: enable READ_SMS and OP_READ_SMS */
		doReturn(AppOpsManager.MODE_ERRORED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_READ_PHONE_STATE), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		mContextFixture.addCallingOrSelfPermission(READ_SMS);
		doReturn(AppOpsManager.MODE_ALLOWED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_READ_SMS), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		/* case 2: enable READ_SMS and OP_READ_SMS */
		setPhoneNumberAccess(PackageManager.PERMISSION_GRANTED);
		assertEquals("+18051234567",
		mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(0, TAG, FEATURE_ID));
		assertEquals("+18052345678",
		@@ -817,16 +731,10 @@ public class PhoneSubInfoControllerTest extends TelephonyTest {
		doReturn("+18052345678").when(mSecondPhone).getMsisdn();

		/* case 1: no READ_PRIVILEGED_PHONE_STATE & READ_PHONE_STATE from appOsMgr */
		// The LegacyPermissionManager handles these checks, so set its return code to indicate
		// none of these have been granted.
		mContextFixture.removeCallingOrSelfPermission(ContextFixture.PERMISSION_ENABLE_ALL);
		doReturn(AppOpsManager.MODE_ERRORED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_READ_SMS), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		doReturn(AppOpsManager.MODE_ERRORED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_WRITE_SMS), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		doReturn(AppOpsManager.MODE_ERRORED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_READ_PHONE_STATE), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		setPhoneNumberAccess(PackageManager.PERMISSION_DENIED);
		try {
		mPhoneSubInfoControllerUT.getMsisdnForSubscriber(0, TAG, FEATURE_ID);
		Assert.fail("expected Security Exception Thrown");
		@@ -842,14 +750,14 @@ public class PhoneSubInfoControllerTest extends TelephonyTest {
		}

		/* case 2: only enable READ_PHONE_STATE permission */
		mContextFixture.addCallingOrSelfPermission(READ_PHONE_STATE);
		// The LegacyPermissionManager will return AppOpsManager.MODE_IGNORED if the target SDK
		// version < R and the READ_PHONE_STATE permission has been granted without the appop.
		setPhoneNumberAccess(AppOpsManager.MODE_IGNORED);
		assertNull(mPhoneSubInfoControllerUT.getMsisdnForSubscriber(0, TAG, FEATURE_ID));
		assertNull(mPhoneSubInfoControllerUT.getMsisdnForSubscriber(1, TAG, FEATURE_ID));

		/* case 3: enable appOsMgr READ_PHONE_PERMISSION & READ_PHONE_STATE */
		doReturn(AppOpsManager.MODE_ALLOWED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_READ_PHONE_STATE), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		setPhoneNumberAccess(PackageManager.PERMISSION_GRANTED);
		assertEquals("+18051234567",
		mPhoneSubInfoControllerUT.getMsisdnForSubscriber(0, TAG, FEATURE_ID));
		assertEquals("+18052345678",
		@@ -865,16 +773,12 @@ public class PhoneSubInfoControllerTest extends TelephonyTest {

		/* case 1: no READ_PRIVILEGED_PHONE_STATE & READ_PHONE_STATE &
		READ_SMS and no OP_WRITE_SMS & OP_READ_SMS from appOsMgr */
		// Since the LegacyPermissionManager is performing this check the service will perform
		// the READ_PHONE_STATE checks based on target SDK version; for apps targeting R+ it
		// will not check the READ_PHONE_STATE permission and appop and will only return
		// permission granted / denied.
		mContextFixture.removeCallingOrSelfPermission(ContextFixture.PERMISSION_ENABLE_ALL);
		doReturn(AppOpsManager.MODE_ERRORED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_READ_SMS), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		doReturn(AppOpsManager.MODE_ERRORED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_WRITE_SMS), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		doReturn(AppOpsManager.MODE_ERRORED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_READ_PHONE_STATE), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		setPhoneNumberAccess(PackageManager.PERMISSION_DENIED);
		try {
		mPhoneSubInfoControllerUT.getMsisdnForSubscriber(0, TAG, FEATURE_ID);
		Assert.fail("expected Security Exception Thrown");
		@@ -889,32 +793,8 @@ public class PhoneSubInfoControllerTest extends TelephonyTest {
		assertTrue(ex instanceof SecurityException);
		}

		/* case 2: only enable READ_PHONE_STATE permission */
		doReturn(AppOpsManager.MODE_ALLOWED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_READ_PHONE_STATE), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		try {
		mPhoneSubInfoControllerUT.getMsisdnForSubscriber(0, TAG, FEATURE_ID);
		Assert.fail("expected Security Exception Thrown");
		} catch (Exception ex) {
		assertTrue(ex instanceof SecurityException);
		}

		try {
		mPhoneSubInfoControllerUT.getMsisdnForSubscriber(1, TAG, FEATURE_ID);
		Assert.fail("expected Security Exception Thrown");
		} catch (Exception ex) {
		assertTrue(ex instanceof SecurityException);
		}

		/* case 3: enable READ_SMS and OP_READ_SMS */
		doReturn(AppOpsManager.MODE_ERRORED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_READ_PHONE_STATE), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		mContextFixture.addCallingOrSelfPermission(READ_SMS);
		doReturn(AppOpsManager.MODE_ALLOWED).when(mAppOsMgr).noteOp(
		eq(AppOpsManager.OPSTR_READ_SMS), anyInt(), eq(TAG), eq(FEATURE_ID),
		nullable(String.class));
		/* case 2: enable READ_SMS and OP_READ_SMS */
		setPhoneNumberAccess(PackageManager.PERMISSION_GRANTED);
		assertEquals("+18051234567",
		mPhoneSubInfoControllerUT.getMsisdnForSubscriber(0, TAG, FEATURE_ID));
		assertEquals("+18052345678",

tests/telephonytests/src/com/android/internal/telephony/SubscriptionControllerTest.java

+22 −21

Original line number	Diff line number	Diff line
		@@ -31,7 +31,6 @@ import static org.mockito.ArgumentMatchers.any;
		import static org.mockito.ArgumentMatchers.anyInt;
		import static org.mockito.ArgumentMatchers.anyLong;
		import static org.mockito.ArgumentMatchers.anyString;
		import static org.mockito.ArgumentMatchers.nullable;
		import static org.mockito.Mockito.atLeast;
		import static org.mockito.Mockito.doReturn;
		import static org.mockito.Mockito.eq;
		@@ -40,10 +39,10 @@ import static org.mockito.Mockito.verify;
		import static org.mockito.Mockito.when;

		import android.Manifest;
		import android.app.AppOpsManager;
		import android.content.ContentResolver;
		import android.content.ContentValues;
		import android.content.Intent;
		import android.content.pm.PackageManager;
		import android.os.Build;
		import android.os.Bundle;
		import android.os.Handler;
		@@ -1328,12 +1327,13 @@ public class SubscriptionControllerTest extends TelephonyTest {
		}

		@Test
		public void testGetActiveSubscriptionWithReadPhoneNumbers() throws Exception {
		// If the calling package has the READ_PHONE_NUMBERS permission the number should be
		// available in the SubscriptionInfo.
		public void testGetActiveSubscriptionWithPhoneNumberAccess() throws Exception {
		// If the calling package meets any of the requirements for the
		// LegacyPermissionManager#checkPhoneNumberAccess test then the number should be available
		// in the SubscriptionInfo.
		testInsertSim();
		setupReadPhoneNumbersTest();
		mContextFixture.addCallingOrSelfPermission(Manifest.permission.READ_PHONE_NUMBERS);
		setPhoneNumberAccess(PackageManager.PERMISSION_GRANTED);
		int subId = getFirstSubId();

		SubscriptionInfo subscriptionInfo = mSubscriptionControllerUT.getActiveSubscriptionInfo(
		@@ -1411,13 +1411,14 @@ public class SubscriptionControllerTest extends TelephonyTest {
		}

		@Test
		public void testGetActiveSubscriptionInfoForSimSlotIndexWithReadPhoneNumbers()
		public void testGetActiveSubscriptionInfoForSimSlotIndexWithPhoneNumberAccess()
		throws Exception {
		// If the calling package has the READ_PHONE_NUMBERS permission the number should be
		// available in the SubscriptionInfo.
		// If the calling package meets any of the requirements for the
		// LegacyPermissionManager#checkPhoneNumberAccess test then the number should be available
		// in the SubscriptionInfo.
		testInsertSim();
		setupReadPhoneNumbersTest();
		mContextFixture.addCallingOrSelfPermission(Manifest.permission.READ_PHONE_NUMBERS);
		setPhoneNumberAccess(PackageManager.PERMISSION_GRANTED);

		SubscriptionInfo subscriptionInfo =
		mSubscriptionControllerUT.getActiveSubscriptionInfoForSimSlotIndex(0,
		@@ -1497,12 +1498,13 @@ public class SubscriptionControllerTest extends TelephonyTest {
		}

		@Test
		public void testGetActiveSubscriptionInfoListWithReadPhoneNumbers() throws Exception {
		// If the calling package has the READ_PHONE_NUMBERS permission the number should be
		// available in the SubscriptionInfo.
		public void testGetActiveSubscriptionInfoListWithPhoneNumberAccess() throws Exception {
		// If the calling package meets any of the requirements for the
		// LegacyPermissionManager#checkPhoneNumberAccess test then the number should be available
		// in the SubscriptionInfo.
		testInsertSim();
		setupReadPhoneNumbersTest();
		mContextFixture.addCallingOrSelfPermission(Manifest.permission.READ_PHONE_NUMBERS);
		setPhoneNumberAccess(PackageManager.PERMISSION_GRANTED);

		List<SubscriptionInfo> subInfoList =
		mSubscriptionControllerUT.getActiveSubscriptionInfoList(mCallingPackage,
		@@ -1656,12 +1658,13 @@ public class SubscriptionControllerTest extends TelephonyTest {
		}

		@Test
		public void testGetSubscriptionInGroupWithReadPhoneNumbers() throws Exception {
		// If the calling package has the READ_PHONE_NUMBERS permission the number should be
		// available in the SubscriptionInfo.
		public void testGetSubscriptionInGroupWithPhoneNumberAccess() throws Exception {
		// If the calling package meets any of the requirements for the
		// LegacyPermissionManager#checkPhoneNumberAccess test then the number should be available
		// in the SubscriptionInfo.
		ParcelUuid groupUuid = setupGetSubscriptionsInGroupTest();
		setupReadPhoneNumbersTest();
		mContextFixture.addCallingOrSelfPermission(Manifest.permission.READ_PHONE_NUMBERS);
		setPhoneNumberAccess(PackageManager.PERMISSION_GRANTED);

		List<SubscriptionInfo> subInfoList = mSubscriptionControllerUT.getSubscriptionsInGroup(
		groupUuid, mCallingPackage, mCallingFeature);
		@@ -1718,9 +1721,7 @@ public class SubscriptionControllerTest extends TelephonyTest {
		mContextFixture.removeCallingOrSelfPermission(ContextFixture.PERMISSION_ENABLE_ALL);
		mContextFixture.addCallingOrSelfPermission(Manifest.permission.READ_PHONE_STATE);
		setupMocksForTelephonyPermissions(Build.VERSION_CODES.R);
		doReturn(AppOpsManager.MODE_DEFAULT).when(mAppOpsManager).noteOp(
		eq(AppOpsManager.OPSTR_WRITE_SMS), anyInt(), anyString(),
		nullable(String.class), nullable(String.class));
		setPhoneNumberAccess(PackageManager.PERMISSION_DENIED);
		}

		private void setupIdentifierCarrierPrivilegesTest() throws Exception {

tests/telephonytests/src/com/android/internal/telephony/TelephonyPermissionsTest.java

+30 −65

File changed.

Preview size limit exceeded, changes collapsed.

tests/telephonytests/src/com/android/internal/telephony/TelephonyTest.java

+5 −0

Original line number	Diff line number	Diff line
		@@ -913,6 +913,11 @@ public abstract class TelephonyTest {
		.checkDeviceIdentifierAccess(any(), any(), any(), anyInt(), anyInt());
		}

		protected void setPhoneNumberAccess(int value) {
		doReturn(value).when(mMockLegacyPermissionManager).checkPhoneNumberAccess(any(), any(),
		any(), anyInt(), anyInt());
		}

		protected void setCarrierPrivileges(boolean hasCarrierPrivileges) {
		doReturn(mTelephonyManager).when(mTelephonyManager).createForSubscriptionId(anyInt());
		doReturn(hasCarrierPrivileges ? TelephonyManager.CARRIER_PRIVILEGE_STATUS_HAS_ACCESS