Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 9666107a authored by Anushreya Mahapatra's avatar Anushreya Mahapatra
Browse files

Adding an admin check before calling downloadSubscriptionPrivileged. 

When a device administrator requests a download without carrier privileges the download should be allowed since this is encountered in the resolvable error flow path.

Bug: 401243419
Test: Verified with test dpc that the download is working as expected in DO as well as COPE on Pixel 7 by adding 2 active eSIMs and then trying to add a third active eSIM which results in a resolvable error.
Flag: EXEMPT BugFix
Change-Id: I8bcb7a348f35ed4e84cedf16237c2ccf1f5c9149
parent ffc6b7e1

src/java/com/android/internal/telephony/euicc/EuiccController.java

+25 −5
Original line number Diff line number Diff line
@@ -625,6 +625,7 @@ public class EuiccController extends IEuiccController.Stub { 


        boolean callerHasAdminPrivileges =

                callerCanManageDevicePolicyManagedSubscriptions(callingPackage);



        if (callerHasAdminPrivileges && (switchAfterDownload && !shouldAllowSwitchAfterDownload(

                callingPackage))) {

            // Throw error if calling admin does not have privileges to enable
@@ -739,14 +740,20 @@ public class EuiccController extends IEuiccController.Stub { 
                    super.onGetMetadataComplete(cardId, result);

                    return;

                }

                boolean callerHasAdminPrivileges =

                callerCanManageDevicePolicyManagedSubscriptions(mCallingPackage, mCallingToken);

                // At this point, we already have the user's consent.

                // So the following operations can be done with maximum privileges.



                if (checkCarrierPrivilegeInMetadata(subscription, mCallingPackage)) {

                if (checkCarrierPrivilegeInMetadata(subscription, mCallingPackage)

                        || callerHasAdminPrivileges) {

                    // Caller can download this profile. Since we already have the user's consent,

                    // proceed to download.

                  downloadSubscriptionPrivileged(cardId, mPortIndex,

                            mCallingToken, subscription, mSwitchAfterDownload,  mForceDeactivateSim,

                            mCallingPackage, null /* resolvedBundle */,

                            mCallbackIntent);

                            mCallingToken, subscription, mSwitchAfterDownload,

                            mForceDeactivateSim, mCallingPackage, null /* resolvedBundle */,

                            mCallbackIntent, callerHasAdminPrivileges,

                      getCurrentEmbeddedSubscriptionIds(cardId));

                } else {

                    Log.e(TAG, "Caller does not have carrier privilege in metadata.");

                    sendResult(mCallbackIntent, ERROR, null /* extrasIntent */);
@@ -2208,6 +2215,19 @@ public class EuiccController extends IEuiccController.Stub { 
                == PackageManager.PERMISSION_GRANTED;

    }



    // Does the same thing as callerCanManageDevicePolicyManagedSubscriptions

    //but restores the calling identity before checking permissions.

    private boolean callerCanManageDevicePolicyManagedSubscriptions(String callingPackage,

      long callingToken) {

        long previousCallingIdentity = Binder.clearCallingIdentity();

        try {

            Binder.restoreCallingIdentity(callingToken);

            return callerCanManageDevicePolicyManagedSubscriptions(callingPackage);

        } finally {

            Binder.restoreCallingIdentity(previousCallingIdentity);

        }

    }



    private boolean shouldAllowSwitchAfterDownload(String callingPackage) {

        DevicePolicyManager devicePolicyManager = getDevicePolicyManager();

        return devicePolicyManager != null && (devicePolicyManager.isDeviceOwnerApp(callingPackage)