Merge "Gate isForAllProfiles with permission" into main (4a92a425) · Commits · e / os / android_frameworks_opt_telephony

src/java/com/android/internal/telephony/subscription/SubscriptionManagerService.java

+9 −11

Original line number	Diff line number	Diff line
		@@ -1969,10 +1969,8 @@ public class SubscriptionManagerService extends ISub.Stub {

		enforceTelephonyFeatureWithException(callingPackage, "getActiveSubscriptionInfoList");

		if (isForAllProfiles && !hasAcrossAllUsersPermission()) {
		//TODO(b/308809058 to determine whether the permission enforcement is needed)
		loge("getActiveSubscriptionInfoList: "
		+ callingPackage + " has no appropriate permission.");
		if (isForAllProfiles) {
		enforcePermissionAccessAllUserProfiles();
		}
		return getSubscriptionInfoStreamAsUser(isForAllProfiles
		? UserHandle.ALL : BINDER_WRAPPER.getCallingUserHandle())
		@@ -2013,10 +2011,8 @@ public class SubscriptionManagerService extends ISub.Stub {
		throw new SecurityException("Need READ_PHONE_STATE, READ_PRIVILEGED_PHONE_STATE, or "
		+ "carrier privilege");
		}
		if (isForAllProfiles && !hasAcrossAllUsersPermission()) {
		//TODO(b/308809058 to determine whether the permission enforcement is needed)
		loge("getActiveSubInfoCount: "
		+ callingPackage + " has no appropriate permission.");
		if (isForAllProfiles) {
		enforcePermissionAccessAllUserProfiles();
		}

		enforceTelephonyFeatureWithException(callingPackage, "getActiveSubInfoCount");
		@@ -2025,9 +2021,11 @@ public class SubscriptionManagerService extends ISub.Stub {
		? UserHandle.ALL : BINDER_WRAPPER.getCallingUserHandle()).length;
		}

		/*@return {@code true} if the caller is permitted to see all subscriptions. /
		private boolean hasAcrossAllUsersPermission() {
		return hasPermissions(Manifest.permission.INTERACT_ACROSS_USERS,
		/** @throws SecurityException if caller doesn't have one of the requested permissions. */
		private void enforcePermissionAccessAllUserProfiles() {
		if (!mFeatureFlags.enforceSubscriptionUserFilter()) return;
		enforcePermissions("To access across profiles",
		Manifest.permission.INTERACT_ACROSS_USERS,
		Manifest.permission.INTERACT_ACROSS_USERS_FULL,
		Manifest.permission.INTERACT_ACROSS_PROFILES);
		}

tests/telephonytests/src/com/android/internal/telephony/subscription/SubscriptionManagerServiceTest.java

+40 −6

Original line number	Diff line number	Diff line
		@@ -63,7 +63,6 @@ import static org.mockito.Mockito.doReturn;
		import static org.mockito.Mockito.never;
		import static org.mockito.Mockito.times;
		import static org.mockito.Mockito.verify;
		import static org.mockito.Mockito.when;

		import android.Manifest;
		import android.annotation.NonNull;
		@@ -79,7 +78,6 @@ import android.os.Bundle;
		import android.os.Handler;
		import android.os.Looper;
		import android.os.ParcelUuid;
		import android.os.SystemProperties;
		import android.os.UserHandle;
		import android.provider.Settings;
		import android.provider.Telephony;
		@@ -1328,9 +1326,17 @@ public class SubscriptionManagerServiceTest extends TelephonyTest {
		// Test getActiveSubIdList, System
		assertThat(mSubscriptionManagerServiceUT.getActiveSubIdList(false/visible only/))
		.isEqualTo(new int[]{subId1, subId2});
		// Test get getActiveSubInfoCount
		// Test get getActiveSubInfoCount - forAllProfiles: false
		assertThat(mSubscriptionManagerServiceUT.getActiveSubInfoCount(
		CALLING_PACKAGE, CALLING_FEATURE, false)).isEqualTo(1);
		// Test get getActiveSubInfoCount - forAllProfiles: true
		assertThrows(SecurityException.class,
		() -> mSubscriptionManagerServiceUT.getActiveSubInfoCount(
		CALLING_PACKAGE, CALLING_FEATURE, true));
		mContextFixture.addCallingOrSelfPermission(Manifest.permission.INTERACT_ACROSS_PROFILES);
		assertThat(mSubscriptionManagerServiceUT.getActiveSubInfoCount(
		CALLING_PACKAGE, CALLING_FEATURE, true)).isEqualTo(2);
		mContextFixture.removeCallingOrSelfPermission(Manifest.permission.INTERACT_ACROSS_PROFILES);
		// Test getActiveSubscriptionInfo
		assertThat(mSubscriptionManagerServiceUT.getActiveSubscriptionInfo(
		subId1, CALLING_PACKAGE, CALLING_FEATURE).getSubscriptionId()).isEqualTo(subId1);
		@@ -1350,11 +1356,21 @@ public class SubscriptionManagerServiceTest extends TelephonyTest {
		assertThat(mSubscriptionManagerServiceUT.getActiveSubscriptionInfoForSimSlotIndex(
		1, CALLING_PACKAGE, CALLING_FEATURE).getSubscriptionId())
		.isEqualTo(subId2);
		// Test getActiveSubscriptionInfoList
		// Test getActiveSubscriptionInfoList - forAllProfiles: false
		assertThat(mSubscriptionManagerServiceUT.getActiveSubscriptionInfoList(
		CALLING_PACKAGE, CALLING_FEATURE, false)
		.stream().map(SubscriptionInfo::getSubscriptionId)
		.toList()).isEqualTo(List.of(subId1));
		// Test getActiveSubscriptionInfoList - forAllProfiles: true
		assertThrows(SecurityException.class,
		() -> mSubscriptionManagerServiceUT.getActiveSubscriptionInfoList(
		CALLING_PACKAGE, CALLING_FEATURE, true));
		mContextFixture.addCallingOrSelfPermission(Manifest.permission.INTERACT_ACROSS_PROFILES);
		assertThat(mSubscriptionManagerServiceUT.getActiveSubscriptionInfoList(
		CALLING_PACKAGE, CALLING_FEATURE, true)
		.stream().map(SubscriptionInfo::getSubscriptionId)
		.toList()).isEqualTo(List.of(subId1, subId2));
		mContextFixture.removeCallingOrSelfPermission(Manifest.permission.INTERACT_ACROSS_PROFILES);
		// Test getAllSubInfoList
		assertThat(mSubscriptionManagerServiceUT.getAllSubInfoList(CALLING_PACKAGE,
		CALLING_FEATURE).stream().map(SubscriptionInfo::getSubscriptionId).toList())
		@@ -1446,9 +1462,17 @@ public class SubscriptionManagerServiceTest extends TelephonyTest {
		// Test getActiveSubIdList, System
		assertThat(mSubscriptionManagerServiceUT.getActiveSubIdList(false/visible only/))
		.isEqualTo(new int[]{subId1, subId2});
		// Test get getActiveSubInfoCount
		// Test get getActiveSubInfoCount- forAllProfiles: false
		assertThat(mSubscriptionManagerServiceUT.getActiveSubInfoCount(
		CALLING_PACKAGE, CALLING_FEATURE, false)).isEqualTo(1);
		// Test get getActiveSubInfoCount - forAllProfiles: true
		assertThrows(SecurityException.class,
		() -> mSubscriptionManagerServiceUT.getActiveSubInfoCount(
		CALLING_PACKAGE, CALLING_FEATURE, true));
		mContextFixture.addCallingOrSelfPermission(Manifest.permission.INTERACT_ACROSS_PROFILES);
		assertThat(mSubscriptionManagerServiceUT.getActiveSubInfoCount(
		CALLING_PACKAGE, CALLING_FEATURE, true)).isEqualTo(2);
		mContextFixture.removeCallingOrSelfPermission(Manifest.permission.INTERACT_ACROSS_PROFILES);
		// Test getActiveSubscriptionInfo
		assertThat(mSubscriptionManagerServiceUT.getActiveSubscriptionInfo(
		subId1, CALLING_PACKAGE, CALLING_FEATURE).getSubscriptionId()).isEqualTo(subId1);
		@@ -1468,11 +1492,21 @@ public class SubscriptionManagerServiceTest extends TelephonyTest {
		assertThat(mSubscriptionManagerServiceUT.getActiveSubscriptionInfoForSimSlotIndex(
		1, CALLING_PACKAGE, CALLING_FEATURE).getSubscriptionId())
		.isEqualTo(subId2);
		// Test getActiveSubscriptionInfoList
		// Test getActiveSubscriptionInfoList - forAllProfiles: false
		assertThat(mSubscriptionManagerServiceUT.getActiveSubscriptionInfoList(
		CALLING_PACKAGE, CALLING_FEATURE, false).stream()
		.map(SubscriptionInfo::getSubscriptionId)
		.toList()).isEqualTo(List.of(subId1));
		// Test getActiveSubscriptionInfoList - forAllProfiles: true
		assertThrows(SecurityException.class,
		() -> mSubscriptionManagerServiceUT.getActiveSubscriptionInfoList(
		CALLING_PACKAGE, CALLING_FEATURE, true));
		mContextFixture.addCallingOrSelfPermission(Manifest.permission.INTERACT_ACROSS_PROFILES);
		assertThat(mSubscriptionManagerServiceUT.getActiveSubscriptionInfoList(
		CALLING_PACKAGE, CALLING_FEATURE, true)
		.stream().map(SubscriptionInfo::getSubscriptionId)
		.toList()).isEqualTo(List.of(subId1, subId2));
		mContextFixture.removeCallingOrSelfPermission(Manifest.permission.INTERACT_ACROSS_PROFILES);
		// Test getAllSubInfoList
		assertThat(mSubscriptionManagerServiceUT.getAllSubInfoList(CALLING_PACKAGE,
		CALLING_FEATURE).stream().map(SubscriptionInfo::getSubscriptionId).toList())