Enforce map the telephony features with APIs in

package com.android.internal.telephony.subscription;

import static android.content.pm.PackageManager.FEATURE_TELEPHONY_SUBSCRIPTION;

import static android.telephony.TelephonyManager.ENABLE_FEATURE_MAPPING;

import android.Manifest;

import android.annotation.CallbackExecutor;

import android.annotation.ColorInt;

    @Nullable

    private EuiccController mEuiccController;

    /** Package manager instance. */

    @NonNull

    private final PackageManager mPackageManager;

    /**

     * The main handler of subscription manager service. This is running on phone process's main

     * thread.

        mSubscriptionManager = context.getSystemService(SubscriptionManager.class);

        mEuiccManager = context.getSystemService(EuiccManager.class);

        mAppOpsManager = context.getSystemService(AppOpsManager.class);

        mPackageManager = context.getPackageManager();

        mUiccController = UiccController.getInstance();

        mHandler = new Handler(looper);

            throw new SecurityException("Need READ_PHONE_STATE, READ_PRIVILEGED_PHONE_STATE, or "

                    + "carrier privilege");

        }

        enforceTelephonyFeatureWithException(callingPackage, "getAllSubInfoList");

        return getSubscriptionInfoStreamAsUser(BINDER_WRAPPER.getCallingUserHandle())

                // callers have READ_PHONE_STATE or READ_PRIVILEGED_PHONE_STATE can get a full

                // list. Carrier apps can only get the subscriptions they have privileged.

                    + "carrier privilege");

        }

        enforceTelephonyFeatureWithException(callingPackage, "getActiveSubscriptionInfo");

        SubscriptionInfoInternal subInfo = mSubscriptionDatabaseManager

                .getSubscriptionInfoInternal(subId);

        if (subInfo != null && subInfo.isActive()) {

        enforcePermissions("getActiveSubscriptionInfoForIccId",

                Manifest.permission.READ_PRIVILEGED_PHONE_STATE);

        enforceTelephonyFeatureWithException(callingPackage, "getActiveSubscriptionInfoForIccId");

        final long identity = Binder.clearCallingIdentity();

        try {

            iccId = IccUtils.stripTrailingFs(iccId);

        }

        enforceTelephonyFeatureWithException(callingPackage,

                "getActiveSubscriptionInfoForSimSlotIndex");

        if (!SubscriptionManager.isValidSlotIndex(slotIndex)) {

            throw new IllegalArgumentException("Invalid slot index " + slotIndex);

        }

                    + "permission. Returning empty list here.");

            return Collections.emptyList();

        }

        enforceTelephonyFeatureWithException(callingPackage, "getActiveSubscriptionInfoList");

        if (isForAllProfiles && !hasAcrossAllUsersPermission()) {

            //TODO(b/308809058 to determine whether the permission enforcement is needed)

            loge("getActiveSubscriptionInfoList: "

            loge("getActiveSubInfoCount: "

                    + callingPackage + " has no appropriate permission.");

        }

        enforceTelephonyFeatureWithException(callingPackage, "getActiveSubInfoCount");

        return getActiveSubIdListAsUser(false, isForAllProfiles

                ? UserHandle.ALL : BINDER_WRAPPER.getCallingUserHandle()).length;

    }

            @Nullable String callingFeatureId) {

        enforcePermissions("getAvailableSubscriptionInfoList",

                Manifest.permission.READ_PRIVILEGED_PHONE_STATE);

        enforceTelephonyFeatureWithException(callingPackage, "getAvailableSubscriptionInfoList");

        return getAvailableSubscriptionsInternalStream()

                .sorted(Comparator.comparing(SubscriptionInfoInternal::getSimSlotIndex)

                        .thenComparing(SubscriptionInfoInternal::getSubscriptionId))

                + SubscriptionManager.subscriptionTypeToString(subscriptionType) + ", "

                + getCallingPackage());

        enforceTelephonyFeatureWithException(getCurrentPackageName(), "addSubInfo");

        // Now that all security checks passes, perform the operation as ourselves.

        final long identity = Binder.clearCallingIdentity();

        try {

        logl("removeSubInfo: uniqueId=" + SubscriptionInfo.getPrintableId(uniqueId) + ", "

                + SubscriptionManager.subscriptionTypeToString(subscriptionType) + ", "

                + getCallingPackage());

        enforceTelephonyFeatureWithException(getCurrentPackageName(), "removeSubInfo");

        final long identity = Binder.clearCallingIdentity();

        try {

            SubscriptionInfoInternal subInfo = mSubscriptionDatabaseManager

                mContext, Binder.getCallingUid(), subId, true, "setOpportunistic",

                Manifest.permission.MODIFY_PHONE_STATE);

        enforceTelephonyFeatureWithException(callingPackage, "setOpportunistic");

        long token = Binder.clearCallingIdentity();

        try {

            mSubscriptionDatabaseManager.setOpportunistic(subId, opportunistic);

                    + " carrier privilege permission on all specified subscriptions");

        }

        enforceTelephonyFeatureWithException(callingPackage, "createSubscriptionGroup");

        long identity = Binder.clearCallingIdentity();

        try {

            @Nullable ISetOpportunisticDataCallback callback) {

        enforcePermissions("setPreferredDataSubscriptionId",

                Manifest.permission.MODIFY_PHONE_STATE);

        enforceTelephonyFeatureWithException(getCurrentPackageName(),

                "setPreferredDataSubscriptionId");

        final long token = Binder.clearCallingIdentity();

        try {

            return Collections.emptyList();

        }

        enforceTelephonyFeatureWithException(callingPackage, "getOpportunisticSubscriptions");

        return mSubscriptionDatabaseManager.getAllSubscriptions().stream()

                // callers have READ_PHONE_STATE or READ_PRIVILEGED_PHONE_STATE can get a full

                // list. Carrier apps can only get the subscriptions they have privileged.

            throw new IllegalArgumentException("subIdList is empty.");

        }

        enforceTelephonyFeatureWithException(callingPackage, "removeSubscriptionsFromGroup");

        long identity = Binder.clearCallingIdentity();

        try {

                    + " permissions on subscriptions and the group.");

        }

        enforceTelephonyFeatureWithException(callingPackage, "addSubscriptionsIntoGroup");

        long identity = Binder.clearCallingIdentity();

        try {

            }

        }

        enforceTelephonyFeatureWithException(callingPackage, "getSubscriptionsInGroup");

        return mSubscriptionDatabaseManager.getAllSubscriptions().stream()

                .map(SubscriptionInfoInternal::toSubscriptionInfo)

                .filter(info -> groupUuid.equals(info.getGroupUuid())

     */

    @Override

    public int getDefaultSubIdAsUser(@UserIdInt int userId) {

        enforceTelephonyFeatureWithException(getCurrentPackageName(),

                "getDefaultVoiceSubIdAsUser");

        return getDefaultAsUser(userId, mDefaultSubId.get());

    }

            throw new RuntimeException("setDefaultDataSubId called with DEFAULT_SUBSCRIPTION_ID");

        }

        enforceTelephonyFeatureWithException(getCurrentPackageName(), "setDefaultDataSubId");

        final long token = Binder.clearCallingIdentity();

        try {

            if (mDefaultDataSubId.set(subId)) {

            throw new RuntimeException("setDefaultVoiceSubId called with DEFAULT_SUB_ID");

        }

        enforceTelephonyFeatureWithException(getCurrentPackageName(), "setDefaultVoiceSubId");

        final long token = Binder.clearCallingIdentity();

        try {

            if (mDefaultVoiceSubId.set(subId)) {

            throw new RuntimeException("setDefaultSmsSubId called with DEFAULT_SUB_ID");

        }

        enforceTelephonyFeatureWithException(getCurrentPackageName(), "setDefaultSmsSubId");

        final long token = Binder.clearCallingIdentity();

        try {

            if (mDefaultSmsSubId.set(subId)) {

    @RequiresPermission(Manifest.permission.READ_PRIVILEGED_PHONE_STATE)

    public int[] getActiveSubIdList(boolean visibleOnly) {

        enforcePermissions("getActiveSubIdList", Manifest.permission.READ_PRIVILEGED_PHONE_STATE);

        enforceTelephonyFeatureWithException(getCurrentPackageName(), "getActiveSubIdList");

        // UserHandle.ALL because this API is exposed as system API.

        return getActiveSubIdListAsUser(visibleOnly, UserHandle.ALL);

    }

                    + "accessed through getSubscriptionProperty.");

        }

        enforceTelephonyFeatureWithException(callingPackage, "getSubscriptionProperty");

        final long token = Binder.clearCallingIdentity();

        try {

            Object value = mSubscriptionDatabaseManager.getSubscriptionProperty(subId, columnName);

            throw new IllegalArgumentException("Invalid subscription id " + subId);

        }

        enforceTelephonyFeatureWithException(getCurrentPackageName(), "isSubscriptionEnabled");

        final long identity = Binder.clearCallingIdentity();

        try {

            SubscriptionInfoInternal subInfo = mSubscriptionDatabaseManager

            throw new IllegalArgumentException("Invalid slot index " + slotIndex);

        }

        enforceTelephonyFeatureWithException(getCurrentPackageName(), "getEnabledSubscriptionId");

        final long identity = Binder.clearCallingIdentity();

        try {

            return mSubscriptionDatabaseManager.getAllSubscriptions().stream()

            throw new SecurityException("Need READ_PHONE_STATE, READ_PRIVILEGED_PHONE_STATE, or "

                    + "carrier privilege");

        }

        enforceTelephonyFeatureWithException(callingPackage, "isActiveSubId");

        final long identity = Binder.clearCallingIdentity();

        try {

            SubscriptionInfoInternal subInfo = mSubscriptionDatabaseManager

        enforcePermissions("canDisablePhysicalSubscription",

                Manifest.permission.READ_PRIVILEGED_PHONE_STATE);

        enforceTelephonyFeatureWithException(getCurrentPackageName(),

                "canDisablePhysicalSubscription");

        final long identity = Binder.clearCallingIdentity();

        try {

            Phone phone = PhoneFactory.getDefaultPhone();

        logl("setUiccApplicationsEnabled: subId=" + subId + ", enabled=" + enabled

                + ", calling package=" + getCallingPackage());

        enforceTelephonyFeatureWithException(getCurrentPackageName(),

                "setUiccApplicationsEnabled");

        final long identity = Binder.clearCallingIdentity();

        try {

        enforcePermissions("setDeviceToDeviceStatusSharing",

                Manifest.permission.MODIFY_PHONE_STATE);

        enforceTelephonyFeatureWithException(getCurrentPackageName(),

                "setDeviceToDeviceStatusSharing");

        final long identity = Binder.clearCallingIdentity();

        try {

            if (sharing < SubscriptionManager.D2D_SHARING_DISABLED

        enforcePermissions("setDeviceToDeviceStatusSharingContacts",

                Manifest.permission.MODIFY_PHONE_STATE);

        enforceTelephonyFeatureWithException(getCurrentPackageName(),

                "setDeviceToDeviceStatusSharingContacts");

        final long identity = Binder.clearCallingIdentity();

        try {

            Objects.requireNonNull(contacts, "contacts");

                Manifest.permission.READ_PHONE_NUMBERS,

                Manifest.permission.READ_PRIVILEGED_PHONE_STATE);

        enforceTelephonyFeatureWithException(callingPackage, "getPhoneNumber");

        final long identity = Binder.clearCallingIdentity();

        SubscriptionInfoInternal subInfo = mSubscriptionDatabaseManager

                Manifest.permission.READ_PHONE_NUMBERS,

                Manifest.permission.READ_PRIVILEGED_PHONE_STATE);

        enforceTelephonyFeatureWithException(callingPackage,

                "getPhoneNumberFromFirstAvailableSource");

        String numberFromCarrier = getPhoneNumber(subId,

                SubscriptionManager.PHONE_NUMBER_SOURCE_CARRIER, callingPackage,

                callingFeatureId);

                    + SubscriptionManager.phoneNumberSourceToString(source));

        }

        enforceTelephonyFeatureWithException(callingPackage, "setPhoneNumber");

        Objects.requireNonNull(number, "number");

        final long identity = Binder.clearCallingIdentity();

        enforcePermissions("restoreAllSimSpecificSettingsFromBackup",

                Manifest.permission.MODIFY_PHONE_STATE);

        enforceTelephonyFeatureWithException(getCurrentPackageName(),

                "restoreAllSimSpecificSettingsFromBackup");

        long token = Binder.clearCallingIdentity();

        try {

            Bundle bundle = new Bundle();

        }

    }

    /**

     * Get the current calling package name.

     * @return the current calling package name

     */

    @Nullable

    private String getCurrentPackageName() {

        if (mPackageManager == null) return null;

        String[] callingUids = mPackageManager.getPackagesForUid(Binder.getCallingUid());

        return (callingUids == null) ? null : callingUids[0];

    }

    /**

     * Make sure the device has required telephony feature

     *

     * @throws UnsupportedOperationException if the device does not have required telephony feature

     */

    private void enforceTelephonyFeatureWithException(@Nullable String callingPackage,

            @NonNull String methodName) {

        if (callingPackage == null || mPackageManager == null) {

            return;

        }

        if (!mFeatureFlags.enforceTelephonyFeatureMappingForPublicApis()

                || !CompatChanges.isChangeEnabled(ENABLE_FEATURE_MAPPING, callingPackage,

                Binder.getCallingUserHandle())) {

            return;

        }

        if (!mPackageManager.hasSystemFeature(FEATURE_TELEPHONY_SUBSCRIPTION)) {

            throw new UnsupportedOperationException(

                    methodName + " is unsupported without " + FEATURE_TELEPHONY_SUBSCRIPTION);

        }

    }

    /**

     * @return The logical SIM slot/sub mapping to string.

     */

        "testables",

        "platform-compat-test-rules",

        "flag-junit",

        "telephony_flags_core_java_lib",

    ],

    jarjar_rules: ":jarjar-rules-telephony-tests",

import com.android.internal.telephony.uicc.IccCardStatus;

import com.android.internal.telephony.uicc.UiccSlot;

import libcore.junit.util.compat.CoreCompatChangeRule.DisableCompatChanges;

import libcore.junit.util.compat.CoreCompatChangeRule.EnableCompatChanges;

import org.junit.After;

        doReturn(true).when(mUserManager)

                .isManagedProfile(eq(FAKE_MANAGED_PROFILE_USER_HANDLE.getIdentifier()));

        // Due to affect exist implementation, bypass feature flag.

        doReturn(false).when(mFlags).enforceTelephonyFeatureMappingForPublicApis();

        doReturn(true).when(mPackageManager).hasSystemFeature(

                eq(PackageManager.FEATURE_TELEPHONY_SUBSCRIPTION));

        logd("SubscriptionManagerServiceTest -Setup!");

    }

    }

    @Test

    @DisableCompatChanges({TelephonyManager.ENABLE_FEATURE_MAPPING})

    public void testSetPhoneNumber() {

        doReturn(false).when(mFlags).enforceTelephonyFeatureMapping();

        doReturn(true).when(mPackageManager).hasSystemFeature(

                eq(PackageManager.FEATURE_TELEPHONY_SUBSCRIPTION));

        mContextFixture.addCallingOrSelfPermission(Manifest.permission.MODIFY_PHONE_STATE);

        mSubscriptionManagerServiceUT.addSubInfo(FAKE_ICCID1, FAKE_CARRIER_NAME1,

                0, SubscriptionManager.SUBSCRIPTION_TYPE_LOCAL_SIM);

        verify(mMockedSubscriptionManagerServiceCallback).onSubscriptionChanged(eq(1));

    }

    @Test

    @EnableCompatChanges({TelephonyManager.ENABLE_FEATURE_MAPPING})

    public void testSetPhoneNumber_EnabledEnforceTelephonyFeatureMappingForPublicApis() {

        mContextFixture.addCallingOrSelfPermission(Manifest.permission.MODIFY_PHONE_STATE);

        mSubscriptionManagerServiceUT.addSubInfo(FAKE_ICCID1, FAKE_CARRIER_NAME1,

                0, SubscriptionManager.SUBSCRIPTION_TYPE_LOCAL_SIM);

        processAllMessages();

        verify(mMockedSubscriptionManagerServiceCallback).onSubscriptionChanged(eq(1));

        Mockito.clearInvocations(mMockedSubscriptionManagerServiceCallback);

        // Grant carrier privilege

        setCarrierPrivilegesForSubId(true, 1);

        // Enabled FeatureFlags and ENABLE_FEATURE_MAPPING, telephony features are defined

        doReturn(true).when(mFlags).enforceTelephonyFeatureMappingForPublicApis();

        doReturn(true).when(mPackageManager).hasSystemFeature(

                eq(PackageManager.FEATURE_TELEPHONY_SUBSCRIPTION));

        try {

            mSubscriptionManagerServiceUT.setPhoneNumber(1,

                    SubscriptionManager.PHONE_NUMBER_SOURCE_CARRIER, FAKE_PHONE_NUMBER2,

                    CALLING_PACKAGE, CALLING_FEATURE);

        } catch (UnsupportedOperationException e) {

            fail("Not expect exception " + e.getMessage());

        }

        // Telephony features is not defined, expect UnsupportedOperationException.

        doReturn(false).when(mPackageManager).hasSystemFeature(

                eq(PackageManager.FEATURE_TELEPHONY_SUBSCRIPTION));

        assertThrows(UnsupportedOperationException.class,

                () -> mSubscriptionManagerServiceUT.setPhoneNumber(1,

                        SubscriptionManager.PHONE_NUMBER_SOURCE_CARRIER, FAKE_PHONE_NUMBER2,

                        CALLING_PACKAGE, CALLING_FEATURE));

    }

    @Test

    public void testGetAllSubInfoList() {

        mContextFixture.addCallingOrSelfPermission(Manifest.permission.MODIFY_PHONE_STATE);

    }

    @Test

    @DisableCompatChanges({TelephonyManager.ENABLE_FEATURE_MAPPING})

    public void testGetPhoneNumber() {

        mContextFixture.addCallingOrSelfPermission(Manifest.permission.READ_PRIVILEGED_PHONE_STATE);

        testSetPhoneNumber();