diff options
-rw-r--r-- | tests/Android.mk | 10 | ||||
-rw-r--r-- | tests/permission/Android.mk | 14 | ||||
-rw-r--r-- | tests/permission/AndroidManifest.xml | 39 | ||||
-rw-r--r-- | tests/permission/src/com/android/providers/downloads/permission/tests/DownloadProviderPermissionsTest.java | 116 |
4 files changed, 179 insertions, 0 deletions
diff --git a/tests/Android.mk b/tests/Android.mk new file mode 100644 index 00000000..e9e3a87a --- /dev/null +++ b/tests/Android.mk @@ -0,0 +1,10 @@ +LOCAL_PATH:= $(call my-dir) + +######################## + +include $(CLEAR_VARS) + +# no tests to build for now + +# additionally, build sub-tests in a separate .apk +include $(call all-makefiles-under,$(LOCAL_PATH))
\ No newline at end of file diff --git a/tests/permission/Android.mk b/tests/permission/Android.mk new file mode 100644 index 00000000..41ceabc2 --- /dev/null +++ b/tests/permission/Android.mk @@ -0,0 +1,14 @@ +LOCAL_PATH:= $(call my-dir) +include $(CLEAR_VARS) + +# We only want this apk build for tests. +LOCAL_MODULE_TAGS := tests + +# Include all test java files. +LOCAL_SRC_FILES := $(call all-java-files-under, src) + +LOCAL_JAVA_LIBRARIES := android.test.runner +LOCAL_PACKAGE_NAME := DownloadProviderPermissionTests + +include $(BUILD_PACKAGE) + diff --git a/tests/permission/AndroidManifest.xml b/tests/permission/AndroidManifest.xml new file mode 100644 index 00000000..c575fc43 --- /dev/null +++ b/tests/permission/AndroidManifest.xml @@ -0,0 +1,39 @@ +<?xml version="1.0" encoding="utf-8"?> +<!-- + * Copyright (C) 2009 Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + --> + +<manifest xmlns:android="http://schemas.android.com/apk/res/android" + package="com.android.providers.downloads.permission.tests"> + + <application> + <uses-library android:name="android.test.runner" /> + </application> + + <!-- + The tests in this package are intended to verify that protected APIs or data + cannot be accessed without the necessary permissions. Thus this manifest should not + include any uses-permissions tags + --> + + <!-- + The test declared in this instrumentation can be run via this command + "adb shell am instrument -w com.android.providers.downloads.permission.tests/android.test.InstrumentationTestRunner" + --> + <instrumentation android:name="android.test.InstrumentationTestRunner" + android:targetPackage="com.android.providers.downloads.permission.tests" + android:label="Tests for Download provider permissions"/> + +</manifest> diff --git a/tests/permission/src/com/android/providers/downloads/permission/tests/DownloadProviderPermissionsTest.java b/tests/permission/src/com/android/providers/downloads/permission/tests/DownloadProviderPermissionsTest.java new file mode 100644 index 00000000..020d1e45 --- /dev/null +++ b/tests/permission/src/com/android/providers/downloads/permission/tests/DownloadProviderPermissionsTest.java @@ -0,0 +1,116 @@ +/* + * Copyright (C) 2009 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.android.providers.downloads.permission.tests; + +import java.io.FileNotFoundException; +import java.io.FileOutputStream; +import java.io.IOException; + +import android.content.ContentResolver; +import android.content.ContentValues; +import android.content.Intent; +import android.provider.Downloads; +import android.test.AndroidTestCase; +import android.test.suitebuilder.annotation.MediumTest; + +/** + * Verify that protected Download provider actions require specific permissions. + * + * TODO: consider adding test where app has ACCESS_DOWNLOAD_MANAGER, but not + * ACCESS_DOWNLOAD_MANAGER_ADVANCED + */ +public class DownloadProviderPermissionsTest extends AndroidTestCase { + + private ContentResolver mContentResolver; + + @Override + protected void setUp() throws Exception { + super.setUp(); + mContentResolver = getContext().getContentResolver(); + } + + /** + * Test that an app cannot access the /cache filesystem + * <p>Tests Permission: + * {@link com.android.providers.downloads.Manifest.permission#ACCESS_CACHE_FILESYSTEM} + */ + @MediumTest + public void testAccessCacheFilesystem() throws IOException { + try { + String filePath = "/cache/this-should-not-exist.txt"; + FileOutputStream strm = new FileOutputStream(filePath); + strm.write("Oops!".getBytes()); + strm.flush(); + strm.close(); + fail("Was able to create and write to " + filePath); + } catch (SecurityException e) { + // expected + } catch (FileNotFoundException e) { + // also could be expected + } + } + + /** + * Test that an untrusted app cannot read from the download provider + * <p>Tests Permission: + * {@link com.android.providers.downloads.Manifest.permission#ACCESS_DOWNLOAD_MANAGER} + */ + @MediumTest + public void testReadDownloadProvider() throws IOException { + try { + mContentResolver.query(Downloads.CONTENT_URI, null, null, null, null); + fail("read from provider did not throw SecurityException as expected."); + } catch (SecurityException e) { + // expected + } + } + + /** + * Test that an untrusted app cannot write to the download provider + * <p>Tests Permission: + * {@link com.android.providers.downloads.Manifest.permission#ACCESS_DOWNLOAD_MANAGER} + */ + @MediumTest + public void testWriteDownloadProvider() throws IOException { + try { + ContentValues values = new ContentValues(); + values.put(Downloads.DESTINATION, "foo"); + mContentResolver.insert(Downloads.CONTENT_URI, values); + fail("write to provider did not throw SecurityException as expected."); + } catch (SecurityException e) { + // expected + } + } + + /** + * Test that an untrusted app cannot access the download service + * <p>Tests Permission: + * {@link com.android.providers.downloads.Manifest.permission#ACCESS_DOWNLOAD_MANAGER} + */ + @MediumTest + public void testStartDownloadService() throws IOException { + try { + Intent downloadServiceIntent = new Intent(); + downloadServiceIntent.setClassName("com.android.providers.downloads", + "com.android.providers.downloads.DownloadService"); + getContext().startService(downloadServiceIntent); + fail("starting download service did not throw SecurityException as expected."); + } catch (SecurityException e) { + // expected + } + } +} |