Use correct method for checking NETWORK_SETUP_WIZARD permission

New Passpoint and DPP APIs were not using the correct methods for checking NETWORK_SETUP_WIZARD and NETWORK_SETTINGS permissions. Updated the code to use the correct method. Bug: 134618695 Test: act.py -c ../WifiDppConfig.json -tc WifiDppTest Test: atest PasspointConfigSharedStoreDataTest PasspointNetworkEvaluatorTest PasspointProvisionerTest PasspointNetworkScoreTest PasspointXmlUtilsTest PasspointEventHandlerTest PasspointProviderTest PasspointManagerTest PasspointConfigUserStoreDataTest Test: Connect to Passpoint OSU network Test: atest DppManagerTest Test: atest WifiServiceImplTest Change-Id: I54d0ac31150c478fea7ec0a4ede36bd40240d662
author: Hai Shalom <haishalom@google.com> 2019-06-06 16:21:51 -0700
committer: Hai Shalom <haishalom@google.com> 2019-06-07 14:09:31 -0700
commit: 751d92efd542fae18c5c4a0e5597edd24ecb684b (patch)
tree: edd49e4f4e841723c8955eea7d16d6bd2b29c83f /service/java/com/android
parent: af9b7b297e43fe6fe347a6143d76bde2cb2363c6 (diff)
download: android_frameworks_opt_net_wifi-751d92efd542fae18c5c4a0e5597edd24ecb684b.tar.gz
android_frameworks_opt_net_wifi-751d92efd542fae18c5c4a0e5597edd24ecb684b.tar.bz2
android_frameworks_opt_net_wifi-751d92efd542fae18c5c4a0e5597edd24ecb684b.zip
1 files changed, 15 insertions, 32 deletions
diff --git a/service/java/com/android/server/wifi/WifiServiceImpl.java b/service/java/com/android/server/wifi/WifiServiceImpl.java
index ef57382bf..6bb36b3b9 100644
--- a/service/java/com/android/server/wifi/WifiServiceImpl.java
+++ b/service/java/com/android/server/wifi/WifiServiceImpl.java
@@ -747,6 +747,13 @@ public class WifiServiceImpl extends BaseWifiService {
                 || checkNetworkManagedProvisioningPermission(pid, uid);
     }
 
+    // Helper method to check if the entity initiating the binder call has setup wizard or settings
+    // permissions.
+    private boolean isSettingsOrSuw(int pid, int uid) {
+        return checkNetworkSettingsPermission(pid, uid)
+                || checkNetworkSetupWizardPermission(pid, uid);
+    }
+
     // Helper method to check if the entity initiating the binder call is a system app.
     private boolean isSystem(String packageName) {
         long ident = Binder.clearCallingIdentity();
@@ -1909,10 +1916,7 @@ public class WifiServiceImpl extends BaseWifiService {
     @Override
     public Map<String, Map<Integer, List<ScanResult>>> getAllMatchingFqdnsForScanResults(
             List<ScanResult> scanResults) {
-        if ((mContext.checkCallingOrSelfPermission(android.Manifest.permission.NETWORK_SETTINGS)
-                != PERMISSION_GRANTED)
-                && (mContext.checkSelfPermission(android.Manifest.permission.NETWORK_SETUP_WIZARD)
-                != PERMISSION_GRANTED)) {
+        if (!isSettingsOrSuw(Binder.getCallingPid(), Binder.getCallingUid())) {
             throw new SecurityException(TAG + ": Permission denied");
         }
         if (mVerboseLoggingEnabled) {
@@ -1934,10 +1938,7 @@ public class WifiServiceImpl extends BaseWifiService {
     @Override
     public Map<OsuProvider, List<ScanResult>> getMatchingOsuProviders(
             List<ScanResult> scanResults) {
-        if ((mContext.checkCallingOrSelfPermission(android.Manifest.permission.NETWORK_SETTINGS)
-                != PERMISSION_GRANTED)
-                && (mContext.checkSelfPermission(android.Manifest.permission.NETWORK_SETUP_WIZARD)
-                != PERMISSION_GRANTED)) {
+        if (!isSettingsOrSuw(Binder.getCallingPid(), Binder.getCallingUid())) {
             throw new SecurityException(TAG + ": Permission denied");
         }
         if (mVerboseLoggingEnabled) {
@@ -1958,10 +1959,7 @@ public class WifiServiceImpl extends BaseWifiService {
     @Override
     public Map<OsuProvider, PasspointConfiguration> getMatchingPasspointConfigsForOsuProviders(
             List<OsuProvider> osuProviders) {
-        if ((mContext.checkCallingOrSelfPermission(android.Manifest.permission.NETWORK_SETTINGS)
-                != PERMISSION_GRANTED)
-                && (mContext.checkSelfPermission(android.Manifest.permission.NETWORK_SETUP_WIZARD)
-                != PERMISSION_GRANTED)) {
+        if (!isSettingsOrSuw(Binder.getCallingPid(), Binder.getCallingUid())) {
             throw new SecurityException(TAG + ": Permission denied");
         }
         if (mVerboseLoggingEnabled) {
@@ -1990,10 +1988,7 @@ public class WifiServiceImpl extends BaseWifiService {
      */
     @Override
     public List<WifiConfiguration> getWifiConfigsForPasspointProfiles(List<String> fqdnList) {
-        if ((mContext.checkCallingOrSelfPermission(android.Manifest.permission.NETWORK_SETTINGS)
-                != PERMISSION_GRANTED)
-                && (mContext.checkSelfPermission(android.Manifest.permission.NETWORK_SETUP_WIZARD)
-                != PERMISSION_GRANTED)) {
+        if (!isSettingsOrSuw(Binder.getCallingPid(), Binder.getCallingUid())) {
             throw new SecurityException(TAG + ": Permission denied");
         }
         if (mVerboseLoggingEnabled) {
@@ -3123,10 +3118,7 @@ public class WifiServiceImpl extends BaseWifiService {
         if (callback == null) {
             throw new IllegalArgumentException("Callback must not be null");
         }
-        if ((mContext.checkCallingOrSelfPermission(android.Manifest.permission.NETWORK_SETTINGS)
-                != PERMISSION_GRANTED)
-                && (mContext.checkSelfPermission(android.Manifest.permission.NETWORK_SETUP_WIZARD)
-                != PERMISSION_GRANTED)) {
+        if (!isSettingsOrSuw(Binder.getCallingPid(), Binder.getCallingUid())) {
             throw new SecurityException(TAG + ": Permission denied");
         }
         if (!mContext.getPackageManager().hasSystemFeature(
@@ -3419,10 +3411,7 @@ public class WifiServiceImpl extends BaseWifiService {
 
         final int uid = getMockableCallingUid();
 
-        if ((mContext.checkCallingOrSelfPermission(android.Manifest.permission.NETWORK_SETTINGS)
-                != PERMISSION_GRANTED)
-                && (mContext.checkSelfPermission(android.Manifest.permission.NETWORK_SETUP_WIZARD)
-                != PERMISSION_GRANTED)) {
+        if (!isSettingsOrSuw(Binder.getCallingPid(), Binder.getCallingUid())) {
             throw new SecurityException(TAG + ": Permission denied");
         }
 
@@ -3456,10 +3445,7 @@ public class WifiServiceImpl extends BaseWifiService {
 
         final int uid = getMockableCallingUid();
 
-        if ((mContext.checkCallingOrSelfPermission(android.Manifest.permission.NETWORK_SETTINGS)
-                != PERMISSION_GRANTED)
-                && (mContext.checkSelfPermission(android.Manifest.permission.NETWORK_SETUP_WIZARD)
-                != PERMISSION_GRANTED)) {
+        if (!isSettingsOrSuw(Binder.getCallingPid(), Binder.getCallingUid())) {
             throw new SecurityException(TAG + ": Permission denied");
         }
 
@@ -3473,10 +3459,7 @@ public class WifiServiceImpl extends BaseWifiService {
      */
     @Override
     public void stopDppSession() throws android.os.RemoteException {
-        if ((mContext.checkCallingOrSelfPermission(android.Manifest.permission.NETWORK_SETTINGS)
-                != PERMISSION_GRANTED)
-                && (mContext.checkSelfPermission(android.Manifest.permission.NETWORK_SETUP_WIZARD)
-                != PERMISSION_GRANTED)) {
+        if (!isSettingsOrSuw(Binder.getCallingPid(), Binder.getCallingUid())) {
             throw new SecurityException(TAG + ": Permission denied");
         }
         final int uid = getMockableCallingUid();
author	Hai Shalom <haishalom@google.com>	2019-06-06 16:21:51 -0700
committer	Hai Shalom <haishalom@google.com>	2019-06-07 14:09:31 -0700
commit	751d92efd542fae18c5c4a0e5597edd24ecb684b (patch)
tree	edd49e4f4e841723c8955eea7d16d6bd2b29c83f /service/java/com/android
parent	af9b7b297e43fe6fe347a6143d76bde2cb2363c6 (diff)
download	android_frameworks_opt_net_wifi-751d92efd542fae18c5c4a0e5597edd24ecb684b.tar.gz android_frameworks_opt_net_wifi-751d92efd542fae18c5c4a0e5597edd24ecb684b.tar.bz2 android_frameworks_opt_net_wifi-751d92efd542fae18c5c4a0e5597edd24ecb684b.zip