Loading tests/telephonytests/src/com/android/internal/telephony/PhoneSubInfoControllerTest.java +11 −3 Original line number Original line Diff line number Diff line Loading @@ -647,14 +647,22 @@ public class PhoneSubInfoControllerTest extends TelephonyTest { assertEquals("+18052345678", assertEquals("+18052345678", mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(1, TAG, FEATURE_ID)); mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(1, TAG, FEATURE_ID)); /* case 6: only enable READ_SMS */ /* case 6: only enable READ_SMS; without the appop should throw SecurityException */ doReturn(AppOpsManager.MODE_ERRORED).when(mAppOsMgr).noteOp( doReturn(AppOpsManager.MODE_ERRORED).when(mAppOsMgr).noteOp( eq(AppOpsManager.OPSTR_READ_PHONE_STATE), anyInt(), eq(TAG), eq(FEATURE_ID), eq(AppOpsManager.OPSTR_READ_PHONE_STATE), anyInt(), eq(TAG), eq(FEATURE_ID), nullable(String.class)); nullable(String.class)); mContextFixture.removeCallingOrSelfPermission(READ_PHONE_STATE); mContextFixture.removeCallingOrSelfPermission(READ_PHONE_STATE); mContextFixture.addCallingOrSelfPermission(READ_SMS); mContextFixture.addCallingOrSelfPermission(READ_SMS); assertNull(mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(0, TAG, FEATURE_ID)); try { assertNull(mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(1, TAG, FEATURE_ID)); mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(0, TAG, FEATURE_ID); Assert.fail("expected SecurityException thrown"); } catch (SecurityException expected) { } try { mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(1, TAG, FEATURE_ID); Assert.fail("expected SecurityException thrown"); } catch (SecurityException expected) { } /* case 7: enable READ_SMS and OP_READ_SMS */ /* case 7: enable READ_SMS and OP_READ_SMS */ doReturn(AppOpsManager.MODE_ALLOWED).when(mAppOsMgr).noteOp( doReturn(AppOpsManager.MODE_ALLOWED).when(mAppOsMgr).noteOp( Loading tests/telephonytests/src/com/android/internal/telephony/SubscriptionControllerTest.java +3 −1 Original line number Original line Diff line number Diff line Loading @@ -119,6 +119,8 @@ public class SubscriptionControllerTest extends TelephonyTest { doReturn(1).when(mProxyController).getMaxRafSupported(); doReturn(1).when(mProxyController).getMaxRafSupported(); mContextFixture.putIntArrayResource(com.android.internal.R.array.sim_colors, new int[]{5}); mContextFixture.putIntArrayResource(com.android.internal.R.array.sim_colors, new int[]{5}); setupMocksForTelephonyPermissions(Build.VERSION_CODES.R); } } @After @After Loading Loading @@ -1386,7 +1388,7 @@ public class SubscriptionControllerTest extends TelephonyTest { mSubscriptionControllerUT.setDisplayNumber(DISPLAY_NUMBER, getFirstSubId()); mSubscriptionControllerUT.setDisplayNumber(DISPLAY_NUMBER, getFirstSubId()); mContextFixture.removeCallingOrSelfPermission(ContextFixture.PERMISSION_ENABLE_ALL); mContextFixture.removeCallingOrSelfPermission(ContextFixture.PERMISSION_ENABLE_ALL); mContextFixture.addCallingOrSelfPermission(Manifest.permission.READ_PHONE_STATE); mContextFixture.addCallingOrSelfPermission(Manifest.permission.READ_PHONE_STATE); setupMocksForTelephonyPermissions(mCallingPackage, Build.VERSION_CODES.R); setupMocksForTelephonyPermissions(Build.VERSION_CODES.R); doReturn(AppOpsManager.MODE_DEFAULT).when(mAppOpsManager).noteOp( doReturn(AppOpsManager.MODE_DEFAULT).when(mAppOpsManager).noteOp( eq(AppOpsManager.OPSTR_WRITE_SMS), anyInt(), anyString(), eq(AppOpsManager.OPSTR_WRITE_SMS), anyInt(), anyString(), nullable(String.class), nullable(String.class)); nullable(String.class), nullable(String.class)); Loading tests/telephonytests/src/com/android/internal/telephony/TelephonyPermissionsTest.java +35 −0 Original line number Original line Diff line number Diff line Loading @@ -272,6 +272,41 @@ public class TelephonyPermissionsTest { mMockContext, SUB_ID, PID, UID, PACKAGE, FEATURE, MSG)); mMockContext, SUB_ID, PID, UID, PACKAGE, FEATURE, MSG)); } } @Test public void testCheckReadPhoneNumber_hasReadSmsNoAppop() throws Exception { // If an app has been granted the READ_SMS permission, but the OPSTR_READ_SMS appop has been // revoked then instead of immediately returning false the phone number access check should // check if the caller has the READ_PHONE_NUMBERS permission and appop. setupMocksForDeviceIdentifiersErrorPath(); doNothing().when(mMockContext).enforcePermission( android.Manifest.permission.READ_SMS, PID, UID, MSG); doNothing().when(mMockContext).enforcePermission( android.Manifest.permission.READ_PHONE_NUMBERS, PID, UID, MSG); when(mMockAppOps.noteOp(eq(AppOpsManager.OPSTR_READ_PHONE_NUMBERS), eq(UID), eq(PACKAGE), eq(FEATURE), nullable(String.class))).thenReturn(AppOpsManager.MODE_ALLOWED); assertTrue(TelephonyPermissions.checkReadPhoneNumber( mMockContext, SUB_ID, PID, UID, PACKAGE, FEATURE, MSG)); } @Test public void testCheckReadPhoneNumber_hasReadSmsAndReadPhoneNumbersNoAppops() throws Exception { // If an app has both the READ_SMS and READ_PHONE_NUMBERS permissions granted but does not // have the corresponding appops instead of returning false for not having the appop granted // a SecurityException should be thrown. setupMocksForDeviceIdentifiersErrorPath(); doNothing().when(mMockContext).enforcePermission( android.Manifest.permission.READ_SMS, PID, UID, MSG); doNothing().when(mMockContext).enforcePermission( android.Manifest.permission.READ_PHONE_NUMBERS, PID, UID, MSG); try { TelephonyPermissions.checkReadPhoneNumber( mMockContext, SUB_ID, PID, UID, PACKAGE, FEATURE, MSG); fail("Should have thrown SecurityException"); } catch (SecurityException e) { // expected } } @Test @Test public void testCheckReadDeviceIdentifiers_noPermissions() throws Exception { public void testCheckReadDeviceIdentifiers_noPermissions() throws Exception { setupMocksForDeviceIdentifiersErrorPath(); setupMocksForDeviceIdentifiersErrorPath(); Loading tests/telephonytests/src/com/android/internal/telephony/TelephonyTest.java +9 −3 Original line number Original line Diff line number Diff line Loading @@ -774,17 +774,23 @@ public abstract class TelephonyTest { } } protected void setupMocksForTelephonyPermissions() throws Exception { protected void setupMocksForTelephonyPermissions() throws Exception { setupMocksForTelephonyPermissions(TAG, Build.VERSION_CODES.Q); setupMocksForTelephonyPermissions(Build.VERSION_CODES.Q); } } protected void setupMocksForTelephonyPermissions(String packageName, int targetSdkVersion) protected void setupMocksForTelephonyPermissions(int targetSdkVersion) throws Exception { throws Exception { // If the calling package does not meet the new requirements for device identifier access // If the calling package does not meet the new requirements for device identifier access // TelephonyPermissions will query the PackageManager for the ApplicationInfo of the package // TelephonyPermissions will query the PackageManager for the ApplicationInfo of the package // to determine the target SDK. For apps targeting Q a SecurityException is thrown // to determine the target SDK. For apps targeting Q a SecurityException is thrown // regardless of if the package satisfies the previous requirements for device ID access. // regardless of if the package satisfies the previous requirements for device ID access. // Any tests that query for SubscriptionInfo objects will trigger a phone number access // check that will first query the ApplicationInfo as apps targeting R+ can no longer // access the phone number with the READ_PHONE_STATE permission and instead must meet one of // the other requirements. This ApplicationInfo is generalized to any package name since // some tests will simulate invocation from other packages. mApplicationInfo.targetSdkVersion = targetSdkVersion; mApplicationInfo.targetSdkVersion = targetSdkVersion; doReturn(mApplicationInfo).when(mPackageManager).getApplicationInfoAsUser(eq(packageName), doReturn(mApplicationInfo).when(mPackageManager).getApplicationInfoAsUser(anyString(), anyInt(), any()); anyInt(), any()); // TelephonyPermissions uses a SystemAPI to check if the calling package meets any of the // TelephonyPermissions uses a SystemAPI to check if the calling package meets any of the Loading Loading
tests/telephonytests/src/com/android/internal/telephony/PhoneSubInfoControllerTest.java +11 −3 Original line number Original line Diff line number Diff line Loading @@ -647,14 +647,22 @@ public class PhoneSubInfoControllerTest extends TelephonyTest { assertEquals("+18052345678", assertEquals("+18052345678", mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(1, TAG, FEATURE_ID)); mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(1, TAG, FEATURE_ID)); /* case 6: only enable READ_SMS */ /* case 6: only enable READ_SMS; without the appop should throw SecurityException */ doReturn(AppOpsManager.MODE_ERRORED).when(mAppOsMgr).noteOp( doReturn(AppOpsManager.MODE_ERRORED).when(mAppOsMgr).noteOp( eq(AppOpsManager.OPSTR_READ_PHONE_STATE), anyInt(), eq(TAG), eq(FEATURE_ID), eq(AppOpsManager.OPSTR_READ_PHONE_STATE), anyInt(), eq(TAG), eq(FEATURE_ID), nullable(String.class)); nullable(String.class)); mContextFixture.removeCallingOrSelfPermission(READ_PHONE_STATE); mContextFixture.removeCallingOrSelfPermission(READ_PHONE_STATE); mContextFixture.addCallingOrSelfPermission(READ_SMS); mContextFixture.addCallingOrSelfPermission(READ_SMS); assertNull(mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(0, TAG, FEATURE_ID)); try { assertNull(mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(1, TAG, FEATURE_ID)); mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(0, TAG, FEATURE_ID); Assert.fail("expected SecurityException thrown"); } catch (SecurityException expected) { } try { mPhoneSubInfoControllerUT.getLine1NumberForSubscriber(1, TAG, FEATURE_ID); Assert.fail("expected SecurityException thrown"); } catch (SecurityException expected) { } /* case 7: enable READ_SMS and OP_READ_SMS */ /* case 7: enable READ_SMS and OP_READ_SMS */ doReturn(AppOpsManager.MODE_ALLOWED).when(mAppOsMgr).noteOp( doReturn(AppOpsManager.MODE_ALLOWED).when(mAppOsMgr).noteOp( Loading
tests/telephonytests/src/com/android/internal/telephony/SubscriptionControllerTest.java +3 −1 Original line number Original line Diff line number Diff line Loading @@ -119,6 +119,8 @@ public class SubscriptionControllerTest extends TelephonyTest { doReturn(1).when(mProxyController).getMaxRafSupported(); doReturn(1).when(mProxyController).getMaxRafSupported(); mContextFixture.putIntArrayResource(com.android.internal.R.array.sim_colors, new int[]{5}); mContextFixture.putIntArrayResource(com.android.internal.R.array.sim_colors, new int[]{5}); setupMocksForTelephonyPermissions(Build.VERSION_CODES.R); } } @After @After Loading Loading @@ -1386,7 +1388,7 @@ public class SubscriptionControllerTest extends TelephonyTest { mSubscriptionControllerUT.setDisplayNumber(DISPLAY_NUMBER, getFirstSubId()); mSubscriptionControllerUT.setDisplayNumber(DISPLAY_NUMBER, getFirstSubId()); mContextFixture.removeCallingOrSelfPermission(ContextFixture.PERMISSION_ENABLE_ALL); mContextFixture.removeCallingOrSelfPermission(ContextFixture.PERMISSION_ENABLE_ALL); mContextFixture.addCallingOrSelfPermission(Manifest.permission.READ_PHONE_STATE); mContextFixture.addCallingOrSelfPermission(Manifest.permission.READ_PHONE_STATE); setupMocksForTelephonyPermissions(mCallingPackage, Build.VERSION_CODES.R); setupMocksForTelephonyPermissions(Build.VERSION_CODES.R); doReturn(AppOpsManager.MODE_DEFAULT).when(mAppOpsManager).noteOp( doReturn(AppOpsManager.MODE_DEFAULT).when(mAppOpsManager).noteOp( eq(AppOpsManager.OPSTR_WRITE_SMS), anyInt(), anyString(), eq(AppOpsManager.OPSTR_WRITE_SMS), anyInt(), anyString(), nullable(String.class), nullable(String.class)); nullable(String.class), nullable(String.class)); Loading
tests/telephonytests/src/com/android/internal/telephony/TelephonyPermissionsTest.java +35 −0 Original line number Original line Diff line number Diff line Loading @@ -272,6 +272,41 @@ public class TelephonyPermissionsTest { mMockContext, SUB_ID, PID, UID, PACKAGE, FEATURE, MSG)); mMockContext, SUB_ID, PID, UID, PACKAGE, FEATURE, MSG)); } } @Test public void testCheckReadPhoneNumber_hasReadSmsNoAppop() throws Exception { // If an app has been granted the READ_SMS permission, but the OPSTR_READ_SMS appop has been // revoked then instead of immediately returning false the phone number access check should // check if the caller has the READ_PHONE_NUMBERS permission and appop. setupMocksForDeviceIdentifiersErrorPath(); doNothing().when(mMockContext).enforcePermission( android.Manifest.permission.READ_SMS, PID, UID, MSG); doNothing().when(mMockContext).enforcePermission( android.Manifest.permission.READ_PHONE_NUMBERS, PID, UID, MSG); when(mMockAppOps.noteOp(eq(AppOpsManager.OPSTR_READ_PHONE_NUMBERS), eq(UID), eq(PACKAGE), eq(FEATURE), nullable(String.class))).thenReturn(AppOpsManager.MODE_ALLOWED); assertTrue(TelephonyPermissions.checkReadPhoneNumber( mMockContext, SUB_ID, PID, UID, PACKAGE, FEATURE, MSG)); } @Test public void testCheckReadPhoneNumber_hasReadSmsAndReadPhoneNumbersNoAppops() throws Exception { // If an app has both the READ_SMS and READ_PHONE_NUMBERS permissions granted but does not // have the corresponding appops instead of returning false for not having the appop granted // a SecurityException should be thrown. setupMocksForDeviceIdentifiersErrorPath(); doNothing().when(mMockContext).enforcePermission( android.Manifest.permission.READ_SMS, PID, UID, MSG); doNothing().when(mMockContext).enforcePermission( android.Manifest.permission.READ_PHONE_NUMBERS, PID, UID, MSG); try { TelephonyPermissions.checkReadPhoneNumber( mMockContext, SUB_ID, PID, UID, PACKAGE, FEATURE, MSG); fail("Should have thrown SecurityException"); } catch (SecurityException e) { // expected } } @Test @Test public void testCheckReadDeviceIdentifiers_noPermissions() throws Exception { public void testCheckReadDeviceIdentifiers_noPermissions() throws Exception { setupMocksForDeviceIdentifiersErrorPath(); setupMocksForDeviceIdentifiersErrorPath(); Loading
tests/telephonytests/src/com/android/internal/telephony/TelephonyTest.java +9 −3 Original line number Original line Diff line number Diff line Loading @@ -774,17 +774,23 @@ public abstract class TelephonyTest { } } protected void setupMocksForTelephonyPermissions() throws Exception { protected void setupMocksForTelephonyPermissions() throws Exception { setupMocksForTelephonyPermissions(TAG, Build.VERSION_CODES.Q); setupMocksForTelephonyPermissions(Build.VERSION_CODES.Q); } } protected void setupMocksForTelephonyPermissions(String packageName, int targetSdkVersion) protected void setupMocksForTelephonyPermissions(int targetSdkVersion) throws Exception { throws Exception { // If the calling package does not meet the new requirements for device identifier access // If the calling package does not meet the new requirements for device identifier access // TelephonyPermissions will query the PackageManager for the ApplicationInfo of the package // TelephonyPermissions will query the PackageManager for the ApplicationInfo of the package // to determine the target SDK. For apps targeting Q a SecurityException is thrown // to determine the target SDK. For apps targeting Q a SecurityException is thrown // regardless of if the package satisfies the previous requirements for device ID access. // regardless of if the package satisfies the previous requirements for device ID access. // Any tests that query for SubscriptionInfo objects will trigger a phone number access // check that will first query the ApplicationInfo as apps targeting R+ can no longer // access the phone number with the READ_PHONE_STATE permission and instead must meet one of // the other requirements. This ApplicationInfo is generalized to any package name since // some tests will simulate invocation from other packages. mApplicationInfo.targetSdkVersion = targetSdkVersion; mApplicationInfo.targetSdkVersion = targetSdkVersion; doReturn(mApplicationInfo).when(mPackageManager).getApplicationInfoAsUser(eq(packageName), doReturn(mApplicationInfo).when(mPackageManager).getApplicationInfoAsUser(anyString(), anyInt(), any()); anyInt(), any()); // TelephonyPermissions uses a SystemAPI to check if the calling package meets any of the // TelephonyPermissions uses a SystemAPI to check if the calling package meets any of the Loading
