diff options
author | Abhijith Shastry <ashastry@google.com> | 2016-03-10 11:24:02 -0800 |
---|---|---|
committer | Abhijith Shastry <ashastry@google.com> | 2016-03-10 12:10:23 -0800 |
commit | a42ead888255f167b2d5dc405974bddd12d7695b (patch) | |
tree | 14161e2393e2c76558d18fa1a88ace3f82f43d93 | |
parent | edc2a563e20f65192262fd72aca5d6d5db436082 (diff) | |
download | android_packages_providers_BlockedNumberProvider-a42ead888255f167b2d5dc405974bddd12d7695b.tar.gz android_packages_providers_BlockedNumberProvider-a42ead888255f167b2d5dc405974bddd12d7695b.tar.bz2 android_packages_providers_BlockedNumberProvider-a42ead888255f167b2d5dc405974bddd12d7695b.zip |
Fix canCurrentUserBlockUsers API for secondary users.
canCurrentUserBlockUsers should return gracefully for privileged apps instead of throwing UnsupportedOperationException.
BUG: 27596508
Change-Id: I74310c7aeb4e2b3247014438b3e457777871a50c
-rw-r--r-- | src/com/android/providers/blockednumber/BlockedNumberProvider.java | 45 | ||||
-rw-r--r-- | tests/src/com/android/providers/blockednumber/BlockedNumberProviderTest.java | 69 |
2 files changed, 95 insertions, 19 deletions
diff --git a/src/com/android/providers/blockednumber/BlockedNumberProvider.java b/src/com/android/providers/blockednumber/BlockedNumberProvider.java index 69337cd..837a35a 100644 --- a/src/com/android/providers/blockednumber/BlockedNumberProvider.java +++ b/src/com/android/providers/blockednumber/BlockedNumberProvider.java @@ -109,7 +109,7 @@ public class BlockedNumberProvider extends ContentProvider { @Override public Uri insert(@NonNull Uri uri, @Nullable ContentValues values) { - enforceWritePermission(); + enforceWritePermissionAndPrimaryUser(); final int match = sUriMatcher.match(uri); switch (match) { @@ -161,7 +161,7 @@ public class BlockedNumberProvider extends ContentProvider { @Override public int update(@NonNull Uri uri, @Nullable ContentValues values, @Nullable String selection, @Nullable String[] selectionArgs) { - enforceWritePermission(); + enforceWritePermissionAndPrimaryUser(); throw new UnsupportedOperationException( "Update is not supported. Use delete + insert instead"); @@ -170,7 +170,7 @@ public class BlockedNumberProvider extends ContentProvider { @Override public int delete(@NonNull Uri uri, @Nullable String selection, @Nullable String[] selectionArgs) { - enforceWritePermission(); + enforceWritePermissionAndPrimaryUser(); final int match = sUriMatcher.match(uri); int numRows; @@ -218,7 +218,7 @@ public class BlockedNumberProvider extends ContentProvider { @Override public Cursor query(@NonNull Uri uri, @Nullable String[] projection, @Nullable String selection, @Nullable String[] selectionArgs, @Nullable String sortOrder) { - enforceReadPermission(); + enforceReadPermissionAndPrimaryUser(); return query(uri, projection, selection, selectionArgs, sortOrder, null); } @@ -227,7 +227,7 @@ public class BlockedNumberProvider extends ContentProvider { public Cursor query(@NonNull Uri uri, @Nullable String[] projection, @Nullable String selection, @Nullable String[] selectionArgs, @Nullable String sortOrder, @Nullable CancellationSignal cancellationSignal) { - enforceReadPermission(); + enforceReadPermissionAndPrimaryUser(); final int match = sUriMatcher.match(uri); Cursor cursor; @@ -286,7 +286,7 @@ public class BlockedNumberProvider extends ContentProvider { final Bundle res = new Bundle(); switch (method) { case BlockedNumberContract.METHOD_IS_BLOCKED: - enforceReadPermission(); + enforceReadPermissionAndPrimaryUser(); res.putBoolean(BlockedNumberContract.RES_NUMBER_IS_BLOCKED, isBlocked(arg)); break; @@ -297,17 +297,17 @@ public class BlockedNumberProvider extends ContentProvider { BlockedNumberContract.RES_CAN_BLOCK_NUMBERS, canCurrentUserBlockUsers()); break; case SystemContract.METHOD_NOTIFY_EMERGENCY_CONTACT: - enforceSystemWritePermission(); + enforceSystemWritePermissionAndPrimaryUser(); notifyEmergencyContact(); break; case SystemContract.METHOD_END_BLOCK_SUPPRESSION: - enforceSystemWritePermission(); + enforceSystemWritePermissionAndPrimaryUser(); endBlockSuppression(); break; case SystemContract.METHOD_GET_BLOCK_SUPPRESSION_STATUS: - enforceSystemReadPermission(); + enforceSystemReadPermissionAndPrimaryUser(); SystemContract.BlockSuppressionStatus status = getBlockSuppressionStatus(); res.putBoolean(SystemContract.RES_IS_BLOCKING_SUPPRESSED, status.isSuppressed); @@ -315,12 +315,12 @@ public class BlockedNumberProvider extends ContentProvider { status.untilTimestampMillis); break; case SystemContract.METHOD_SHOULD_SYSTEM_BLOCK_NUMBER: - enforceSystemReadPermission(); + enforceSystemReadPermissionAndPrimaryUser(); res.putBoolean( BlockedNumberContract.RES_NUMBER_IS_BLOCKED, shouldSystemBlockNumber(arg)); break; default: - enforceReadPermission(); + enforceReadPermissionAndPrimaryUser(); throw new IllegalArgumentException("Unsupported method " + method); } @@ -471,15 +471,22 @@ public class BlockedNumberProvider extends ContentProvider { checkForPermission(android.Manifest.permission.READ_BLOCKED_NUMBERS); } - private void enforceWritePermission() { - checkForPermission(android.Manifest.permission.WRITE_BLOCKED_NUMBERS); + private void enforceReadPermissionAndPrimaryUser() { + checkForPermissionAndPrimaryUser(android.Manifest.permission.READ_BLOCKED_NUMBERS); } - private void checkForPermission(String permission) { + private void enforceWritePermissionAndPrimaryUser() { + checkForPermissionAndPrimaryUser(android.Manifest.permission.WRITE_BLOCKED_NUMBERS); + } + + private void checkForPermissionAndPrimaryUser(String permission) { + checkForPermission(permission); if (!canCurrentUserBlockUsers()) { throw new UnsupportedOperationException(); } + } + private void checkForPermission(String permission) { boolean permitted = passesSystemPermissionCheck(permission) || checkForPrivilegedApplications(); if (!permitted) { @@ -487,15 +494,15 @@ public class BlockedNumberProvider extends ContentProvider { } } - private void enforceSystemReadPermission() { - enforceSystemPermission(android.Manifest.permission.READ_BLOCKED_NUMBERS); + private void enforceSystemReadPermissionAndPrimaryUser() { + enforceSystemPermissionAndUser(android.Manifest.permission.READ_BLOCKED_NUMBERS); } - private void enforceSystemWritePermission() { - enforceSystemPermission(android.Manifest.permission.WRITE_BLOCKED_NUMBERS); + private void enforceSystemWritePermissionAndPrimaryUser() { + enforceSystemPermissionAndUser(android.Manifest.permission.WRITE_BLOCKED_NUMBERS); } - private void enforceSystemPermission(String permission) { + private void enforceSystemPermissionAndUser(String permission) { if (!canCurrentUserBlockUsers()) { throw new UnsupportedOperationException(); } diff --git a/tests/src/com/android/providers/blockednumber/BlockedNumberProviderTest.java b/tests/src/com/android/providers/blockednumber/BlockedNumberProviderTest.java index 6839925..de6a096 100644 --- a/tests/src/com/android/providers/blockednumber/BlockedNumberProviderTest.java +++ b/tests/src/com/android/providers/blockednumber/BlockedNumberProviderTest.java @@ -447,6 +447,8 @@ public class BlockedNumberProviderTest extends AndroidTestCase { } public void testIsBlocked() { + assertTrue(BlockedNumberContract.canCurrentUserBlockNumbers(mMockContext)); + // Prepare test data insert(cv(BlockedNumbers.COLUMN_ORIGINAL_NUMBER, "123")); insert(cv(BlockedNumbers.COLUMN_ORIGINAL_NUMBER, "+1.2-3")); @@ -487,6 +489,73 @@ public class BlockedNumberProviderTest extends AndroidTestCase { assertFalse(SystemContract.shouldSystemBlockNumber(mMockContext, emergencyNumber)); } + public void testPrivilegedAppAccessingApisAsSecondaryUser() { + when(mMockContext.mUserManager.isPrimaryUser()).thenReturn(false); + + assertFalse(BlockedNumberContract.canCurrentUserBlockNumbers(mMockContext)); + + try { + insert(cv(BlockedNumbers.COLUMN_ORIGINAL_NUMBER, "123")); + fail("UnsupportedOperationException expected"); + } catch (UnsupportedOperationException expected) { + } + + try { + mResolver.query(BlockedNumbers.CONTENT_URI, null, null, null, null); + fail("UnsupportedOperationException expected"); + } catch (UnsupportedOperationException expected) { + } + + try { + mResolver.delete(BlockedNumbers.CONTENT_URI, null, null); + fail("UnsupportedOperationException expected"); + } catch (UnsupportedOperationException expected) { + } + + try { + BlockedNumberContract.isBlocked(mMockContext, "123"); + fail("UnsupportedOperationException expected"); + } catch (UnsupportedOperationException expected) { + } + } + + public void testRegularAppAccessingApisAsSecondaryUser() { + when(mMockContext.mUserManager.isPrimaryUser()).thenReturn(false); + doReturn(PackageManager.PERMISSION_DENIED) + .when(mMockContext).checkCallingPermission(anyString()); + + try { + BlockedNumberContract.canCurrentUserBlockNumbers(mMockContext); + fail("SecurityException expected"); + } catch (SecurityException expected) { + } + + + try { + insert(cv(BlockedNumbers.COLUMN_ORIGINAL_NUMBER, "123")); + fail("SecurityException expected"); + } catch (SecurityException expected) { + } + + try { + mResolver.query(BlockedNumbers.CONTENT_URI, null, null, null, null); + fail("SecurityException expected"); + } catch (SecurityException expected) { + } + + try { + mResolver.delete(BlockedNumbers.CONTENT_URI, null, null); + fail("SecurityException expected"); + } catch (SecurityException expected) { + } + + try { + BlockedNumberContract.isBlocked(mMockContext, "123"); + fail("SecurityException expected"); + } catch (SecurityException expected) { + } + } + private void assertIsBlocked(boolean expected, String phoneNumber) { assertEquals(expected, BlockedNumberContract.isBlocked(mMockContext, phoneNumber)); } |