Loading src/java/com/android/internal/telephony/euicc/EuiccController.java +16 −5 Original line number Diff line number Diff line Loading @@ -755,7 +755,9 @@ public class EuiccController extends IEuiccController.Stub { mCallbackIntent, callerHasAdminPrivileges, getCurrentEmbeddedSubscriptionIds(cardId)); } else { Log.e(TAG, "Caller does not have carrier privilege in metadata."); Log.e(TAG, "Caller does not have carrier privilege in metadata and is does not " + "have admin privileges, mCallingPackage=" + mCallingPackage); sendResult(mCallbackIntent, ERROR, null /* extrasIntent */); } } else { // !mWithUserConsent Loading Loading @@ -1082,7 +1084,6 @@ public class EuiccController extends IEuiccController.Stub { public void deleteSubscription(int cardId, int subscriptionId, String callingPackage, PendingIntent callbackIntent) { boolean callerCanWriteEmbeddedSubscriptions = callerCanWriteEmbeddedSubscriptions(); boolean callerIsAdmin = callerCanManageDevicePolicyManagedSubscriptions(callingPackage); mAppOpsManager.checkPackage(Binder.getCallingUid(), callingPackage); long token = Binder.clearCallingIdentity(); Loading @@ -1093,14 +1094,17 @@ public class EuiccController extends IEuiccController.Stub { sendResult(callbackIntent, ERROR, null /* extrasIntent */); return; } boolean adminOwned = callerIsAdmin && sub.getGroupOwner().equals(callingPackage); boolean managedByCallingAdminPackage = callerCanManageDevicePolicyManagedSubscriptions(callingPackage) && isSubscriptionDevicePolicyManaged( sub, callingPackage); // For both single active SIM device and multi-active SIM device, if the caller is // system or the caller manage the target subscription, we let it continue. This is // because deleting subscription won't change status of any other subscriptions. if (!callerCanWriteEmbeddedSubscriptions && !canManageSubscription(sub, callingPackage) && !adminOwned) { Log.e(TAG, "No permissions: " + subscriptionId + " adminOwned=" + adminOwned); && !managedByCallingAdminPackage) { Log.e(TAG, "No permissions to delete subscription: " + subscriptionId); sendResult(callbackIntent, ERROR, null /* extrasIntent */); return; } Loading Loading @@ -2204,6 +2208,13 @@ public class EuiccController extends IEuiccController.Stub { return userContext.getSystemService(DevicePolicyManager.class); } private boolean isSubscriptionDevicePolicyManaged(@NonNull SubscriptionInfo info, @NonNull String callingPackage) { DevicePolicyManager devicePolicyManager = getDevicePolicyManager(); return devicePolicyManager != null && devicePolicyManager.isSubscriptionEnterpriseManaged( info, callingPackage); } private boolean callerCanManageDevicePolicyManagedSubscriptions(String callingPackage) { DevicePolicyManager devicePolicyManager = getDevicePolicyManager(); boolean isAdmin = Loading tests/telephonytests/src/com/android/internal/telephony/euicc/EuiccControllerTest.java +6 −6 Original line number Diff line number Diff line Loading @@ -1097,21 +1097,21 @@ public class EuiccControllerTest extends TelephonyTest { public void testDeleteSubscription_adminOwned_success() throws Exception { setHasWriteEmbeddedPermission(false); setHasManageDevicePolicyManagedSubscriptionsPermission(true); String callingPackage = "whatever"; SubscriptionInfo subInfo1 = new SubscriptionInfo.Builder() .setId(SUBSCRIPTION_ID) .setEmbedded(true) .setIccId(ICC_ID) .setCardId(CARD_ID) .setPortIndex(TelephonyManager.DEFAULT_PORT_INDEX) .setGroupOwner(callingPackage) .build(); ArrayList<SubscriptionInfo> subInfos = new ArrayList<>(Arrays.asList(subInfo1)); doReturn(true).when(mDevicePolicyManager).isSubscriptionEnterpriseManaged(eq(subInfo1), anyString()); when(mSubscriptionManager.getAvailableSubscriptionInfoList()).thenReturn(subInfos); callDeleteSubscription( SUBSCRIPTION_ID, ICC_ID, true /* complete */, 0 /* result */, callingPackage /* callingPackage */); 0 /* result */, "whatever" /* callingPackage */); verifyIntentSent(EuiccManager.EMBEDDED_SUBSCRIPTION_RESULT_OK, 0 /* detailedCode */); Loading @@ -1121,21 +1121,21 @@ public class EuiccControllerTest extends TelephonyTest { public void testDeleteSubscription_adminOwned_noPermissions_error() throws Exception { setHasWriteEmbeddedPermission(false); setHasManageDevicePolicyManagedSubscriptionsPermission(false); String callingPackage = "whatever"; SubscriptionInfo subInfo1 = new SubscriptionInfo.Builder() .setId(SUBSCRIPTION_ID) .setEmbedded(true) .setIccId(ICC_ID) .setCardId(CARD_ID) .setPortIndex(TelephonyManager.DEFAULT_PORT_INDEX) .setGroupOwner(callingPackage) .build(); ArrayList<SubscriptionInfo> subInfos = new ArrayList<>(Arrays.asList(subInfo1)); doReturn(true).when(mDevicePolicyManager).isSubscriptionEnterpriseManaged(eq(subInfo1), anyString()); when(mSubscriptionManager.getAvailableSubscriptionInfoList()).thenReturn(subInfos); callDeleteSubscription( SUBSCRIPTION_ID, ICC_ID, true /* complete */, 0 /* result */, callingPackage /* callingPackage */); 0 /* result */, "whatever" /* callingPackage */); verifyIntentSent(EuiccManager.EMBEDDED_SUBSCRIPTION_RESULT_ERROR, 0 /* detailedCode */); Loading Loading
src/java/com/android/internal/telephony/euicc/EuiccController.java +16 −5 Original line number Diff line number Diff line Loading @@ -755,7 +755,9 @@ public class EuiccController extends IEuiccController.Stub { mCallbackIntent, callerHasAdminPrivileges, getCurrentEmbeddedSubscriptionIds(cardId)); } else { Log.e(TAG, "Caller does not have carrier privilege in metadata."); Log.e(TAG, "Caller does not have carrier privilege in metadata and is does not " + "have admin privileges, mCallingPackage=" + mCallingPackage); sendResult(mCallbackIntent, ERROR, null /* extrasIntent */); } } else { // !mWithUserConsent Loading Loading @@ -1082,7 +1084,6 @@ public class EuiccController extends IEuiccController.Stub { public void deleteSubscription(int cardId, int subscriptionId, String callingPackage, PendingIntent callbackIntent) { boolean callerCanWriteEmbeddedSubscriptions = callerCanWriteEmbeddedSubscriptions(); boolean callerIsAdmin = callerCanManageDevicePolicyManagedSubscriptions(callingPackage); mAppOpsManager.checkPackage(Binder.getCallingUid(), callingPackage); long token = Binder.clearCallingIdentity(); Loading @@ -1093,14 +1094,17 @@ public class EuiccController extends IEuiccController.Stub { sendResult(callbackIntent, ERROR, null /* extrasIntent */); return; } boolean adminOwned = callerIsAdmin && sub.getGroupOwner().equals(callingPackage); boolean managedByCallingAdminPackage = callerCanManageDevicePolicyManagedSubscriptions(callingPackage) && isSubscriptionDevicePolicyManaged( sub, callingPackage); // For both single active SIM device and multi-active SIM device, if the caller is // system or the caller manage the target subscription, we let it continue. This is // because deleting subscription won't change status of any other subscriptions. if (!callerCanWriteEmbeddedSubscriptions && !canManageSubscription(sub, callingPackage) && !adminOwned) { Log.e(TAG, "No permissions: " + subscriptionId + " adminOwned=" + adminOwned); && !managedByCallingAdminPackage) { Log.e(TAG, "No permissions to delete subscription: " + subscriptionId); sendResult(callbackIntent, ERROR, null /* extrasIntent */); return; } Loading Loading @@ -2204,6 +2208,13 @@ public class EuiccController extends IEuiccController.Stub { return userContext.getSystemService(DevicePolicyManager.class); } private boolean isSubscriptionDevicePolicyManaged(@NonNull SubscriptionInfo info, @NonNull String callingPackage) { DevicePolicyManager devicePolicyManager = getDevicePolicyManager(); return devicePolicyManager != null && devicePolicyManager.isSubscriptionEnterpriseManaged( info, callingPackage); } private boolean callerCanManageDevicePolicyManagedSubscriptions(String callingPackage) { DevicePolicyManager devicePolicyManager = getDevicePolicyManager(); boolean isAdmin = Loading
tests/telephonytests/src/com/android/internal/telephony/euicc/EuiccControllerTest.java +6 −6 Original line number Diff line number Diff line Loading @@ -1097,21 +1097,21 @@ public class EuiccControllerTest extends TelephonyTest { public void testDeleteSubscription_adminOwned_success() throws Exception { setHasWriteEmbeddedPermission(false); setHasManageDevicePolicyManagedSubscriptionsPermission(true); String callingPackage = "whatever"; SubscriptionInfo subInfo1 = new SubscriptionInfo.Builder() .setId(SUBSCRIPTION_ID) .setEmbedded(true) .setIccId(ICC_ID) .setCardId(CARD_ID) .setPortIndex(TelephonyManager.DEFAULT_PORT_INDEX) .setGroupOwner(callingPackage) .build(); ArrayList<SubscriptionInfo> subInfos = new ArrayList<>(Arrays.asList(subInfo1)); doReturn(true).when(mDevicePolicyManager).isSubscriptionEnterpriseManaged(eq(subInfo1), anyString()); when(mSubscriptionManager.getAvailableSubscriptionInfoList()).thenReturn(subInfos); callDeleteSubscription( SUBSCRIPTION_ID, ICC_ID, true /* complete */, 0 /* result */, callingPackage /* callingPackage */); 0 /* result */, "whatever" /* callingPackage */); verifyIntentSent(EuiccManager.EMBEDDED_SUBSCRIPTION_RESULT_OK, 0 /* detailedCode */); Loading @@ -1121,21 +1121,21 @@ public class EuiccControllerTest extends TelephonyTest { public void testDeleteSubscription_adminOwned_noPermissions_error() throws Exception { setHasWriteEmbeddedPermission(false); setHasManageDevicePolicyManagedSubscriptionsPermission(false); String callingPackage = "whatever"; SubscriptionInfo subInfo1 = new SubscriptionInfo.Builder() .setId(SUBSCRIPTION_ID) .setEmbedded(true) .setIccId(ICC_ID) .setCardId(CARD_ID) .setPortIndex(TelephonyManager.DEFAULT_PORT_INDEX) .setGroupOwner(callingPackage) .build(); ArrayList<SubscriptionInfo> subInfos = new ArrayList<>(Arrays.asList(subInfo1)); doReturn(true).when(mDevicePolicyManager).isSubscriptionEnterpriseManaged(eq(subInfo1), anyString()); when(mSubscriptionManager.getAvailableSubscriptionInfoList()).thenReturn(subInfos); callDeleteSubscription( SUBSCRIPTION_ID, ICC_ID, true /* complete */, 0 /* result */, callingPackage /* callingPackage */); 0 /* result */, "whatever" /* callingPackage */); verifyIntentSent(EuiccManager.EMBEDDED_SUBSCRIPTION_RESULT_ERROR, 0 /* detailedCode */); Loading
