Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ff4daf4b authored by Fan Wu's avatar Fan Wu Committed by Chris Antol
Browse files

Checks cross user permission before handling intent 

Bug: 326057017

Test: atest

Flag: EXEMPT bug fix
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:d3b3edd45167515579ab156533754e56ac813f35)
Merged-In: I3444e55b22b7487f96b0e3e9deb3f844c4c4723a
Change-Id: I3444e55b22b7487f96b0e3e9deb3f844c4c4723a
parent 8d6f3c46

src/com/android/settings/applications/AppInfoBase.java

+31 −2
Original line number Diff line number Diff line
@@ -18,6 +18,7 @@ package com.android.settings.applications; 


import static com.android.settingslib.RestrictedLockUtils.EnforcedAdmin;



import android.Manifest;

import android.app.Activity;

import android.app.Dialog;

import android.app.admin.DevicePolicyManager;
@@ -38,6 +39,7 @@ import android.os.UserManager; 
import android.text.TextUtils;

import android.util.Log;



import androidx.annotation.VisibleForTesting;

import androidx.appcompat.app.AlertDialog;

import androidx.fragment.app.DialogFragment;

import androidx.fragment.app.Fragment;
@@ -134,8 +136,13 @@ public abstract class AppInfoBase extends SettingsPreferenceFragment 
            }

        }

        if (intent != null && intent.hasExtra(Intent.EXTRA_USER_HANDLE)) {

            mUserId = ((UserHandle) intent.getParcelableExtra(

                    Intent.EXTRA_USER_HANDLE)).getIdentifier();

            mUserId = ((UserHandle) intent.getParcelableExtra(Intent.EXTRA_USER_HANDLE))

                    .getIdentifier();

            if (mUserId != UserHandle.myUserId() && !hasInteractAcrossUsersPermission()) {

                Log.w(TAG, "Intent not valid.");

                finish();

                return "";

            }

        } else {

            mUserId = UserHandle.myUserId();

        }
@@ -158,6 +165,28 @@ public abstract class AppInfoBase extends SettingsPreferenceFragment 
        return mPackageName;

    }



    @VisibleForTesting

    protected boolean hasInteractAcrossUsersPermission() {

        Activity activity = getActivity();

        if (!(activity instanceof SettingsActivity)) {

            return false;

        }

        final String callingPackageName =

                ((SettingsActivity) activity).getInitialCallingPackage();



        if (TextUtils.isEmpty(callingPackageName)) {

            Log.w(TAG, "Not able to get calling package name for permission check");

            return false;

        }

        if (mPm.checkPermission(Manifest.permission.INTERACT_ACROSS_USERS_FULL, callingPackageName)

                != PackageManager.PERMISSION_GRANTED) {

            Log.w(TAG, "Package " + callingPackageName + " does not have required permission "

                    + Manifest.permission.INTERACT_ACROSS_USERS_FULL);

            return false;

        }

        return true;

    }



    protected void setIntentAndFinish(boolean appChanged) {

        Log.i(TAG, "appChanged=" + appChanged);

        Intent intent = new Intent();