[RFPM03] Check permission by uid.
PermissionMonitor check permission by each package name but only update the uid permission to netd. It's better to check permission by uid directly. Thus, use ActivityManager#checkUidPermission to check permissions for each uid. Bug: 132784544 Test: atest FrameworksNetTests Change-Id: I057d34383b4dc408b2773e4c6b146774ba0c5eb2
This commit is contained in:
paulhu
@@ -26,8 +26,6 @@ import static android.Manifest.permission.UPDATE_DEVICE_STATS;
|
||||
import static android.content.pm.ApplicationInfo.PRIVATE_FLAG_OEM;
|
||||
import static android.content.pm.ApplicationInfo.PRIVATE_FLAG_PRODUCT;
|
||||
import static android.content.pm.ApplicationInfo.PRIVATE_FLAG_VENDOR;
|
||||
import static android.content.pm.PackageInfo.REQUESTED_PERMISSION_GRANTED;
|
||||
import static android.content.pm.PackageInfo.REQUESTED_PERMISSION_REQUIRED;
|
||||
import static android.content.pm.PackageManager.GET_PERMISSIONS;
|
||||
import static android.content.pm.PackageManager.MATCH_ANY_USER;
|
||||
import static android.os.Process.SYSTEM_UID;
|
||||
@@ -97,7 +95,6 @@ public class PermissionMonitorTest {
|
||||
private static final int SYSTEM_UID1 = 1000;
|
||||
private static final int SYSTEM_UID2 = 1008;
|
||||
private static final int VPN_UID = 10002;
|
||||
private static final String REAL_SYSTEM_PACKAGE_NAME = "android";
|
||||
private static final String MOCK_PACKAGE1 = "appName1";
|
||||
private static final String MOCK_PACKAGE2 = "appName2";
|
||||
private static final String SYSTEM_PACKAGE1 = "sysName1";
|
||||
@@ -128,6 +125,7 @@ public class PermissionMonitorTest {
|
||||
new UserInfo(MOCK_USER1, "", 0),
|
||||
new UserInfo(MOCK_USER2, "", 0),
|
||||
}));
|
||||
doReturn(PackageManager.PERMISSION_DENIED).when(mDeps).uidPermission(anyString(), anyInt());
|
||||
|
||||
mPermissionMonitor = spy(new PermissionMonitor(mContext, mNetdService, mDeps));
|
||||
|
||||
@@ -140,35 +138,22 @@ public class PermissionMonitorTest {
|
||||
verify(mMockPmi).getPackageList(mPermissionMonitor);
|
||||
}
|
||||
|
||||
/**
|
||||
* Remove all permissions from the uid then build new package info and setup permissions to uid
|
||||
* for checking restricted network permission.
|
||||
*/
|
||||
private boolean hasRestrictedNetworkPermission(String partition, int targetSdkVersion, int uid,
|
||||
String... permissions) {
|
||||
final PackageInfo packageInfo =
|
||||
packageInfoWithPermissions(REQUESTED_PERMISSION_GRANTED, permissions, partition);
|
||||
final PackageInfo packageInfo = buildPackageInfo(partition, uid, MOCK_USER1);
|
||||
packageInfo.applicationInfo.targetSdkVersion = targetSdkVersion;
|
||||
packageInfo.applicationInfo.uid = uid;
|
||||
return mPermissionMonitor.hasRestrictedNetworkPermission(packageInfo);
|
||||
removeAllPermissions(uid);
|
||||
addPermissions(uid, permissions);
|
||||
return mPermissionMonitor.hasRestrictedNetworkPermission(packageInfo.applicationInfo);
|
||||
}
|
||||
|
||||
private static PackageInfo systemPackageInfoWithPermissions(String... permissions) {
|
||||
return packageInfoWithPermissions(
|
||||
REQUESTED_PERMISSION_GRANTED, permissions, PARTITION_SYSTEM);
|
||||
}
|
||||
|
||||
private static PackageInfo vendorPackageInfoWithPermissions(String... permissions) {
|
||||
return packageInfoWithPermissions(
|
||||
REQUESTED_PERMISSION_GRANTED, permissions, PARTITION_VENDOR);
|
||||
}
|
||||
|
||||
private static PackageInfo packageInfoWithPermissions(int permissionsFlags,
|
||||
String[] permissions, String partition) {
|
||||
int[] requestedPermissionsFlags = new int[permissions.length];
|
||||
for (int i = 0; i < permissions.length; i++) {
|
||||
requestedPermissionsFlags[i] = permissionsFlags;
|
||||
}
|
||||
private static PackageInfo packageInfoWithPartition(String partition) {
|
||||
final PackageInfo packageInfo = new PackageInfo();
|
||||
packageInfo.requestedPermissions = permissions;
|
||||
packageInfo.applicationInfo = new ApplicationInfo();
|
||||
packageInfo.requestedPermissionsFlags = requestedPermissionsFlags;
|
||||
int privateFlags = 0;
|
||||
switch (partition) {
|
||||
case PARTITION_OEM:
|
||||
@@ -185,84 +170,64 @@ public class PermissionMonitorTest {
|
||||
return packageInfo;
|
||||
}
|
||||
|
||||
private static PackageInfo buildPackageInfo(boolean hasSystemPermission, int uid, int userId) {
|
||||
final PackageInfo pkgInfo;
|
||||
if (hasSystemPermission) {
|
||||
pkgInfo = systemPackageInfoWithPermissions(
|
||||
CHANGE_NETWORK_STATE, NETWORK_STACK, CONNECTIVITY_USE_RESTRICTED_NETWORKS);
|
||||
} else {
|
||||
pkgInfo = packageInfoWithPermissions(REQUESTED_PERMISSION_GRANTED, new String[] {}, "");
|
||||
}
|
||||
private static PackageInfo buildPackageInfo(String partition, int uid, int userId) {
|
||||
final PackageInfo pkgInfo = packageInfoWithPartition(partition);
|
||||
pkgInfo.applicationInfo.uid = UserHandle.getUid(userId, UserHandle.getAppId(uid));
|
||||
return pkgInfo;
|
||||
}
|
||||
|
||||
/** This will REMOVE all previously set permissions from given uid. */
|
||||
private void removeAllPermissions(int uid) {
|
||||
doReturn(PackageManager.PERMISSION_DENIED).when(mDeps).uidPermission(anyString(), eq(uid));
|
||||
}
|
||||
|
||||
/** Set up mocks so that given UID has the requested permissions. */
|
||||
private void addPermissions(int uid, String... permissions) {
|
||||
for (String permission : permissions) {
|
||||
doReturn(PackageManager.PERMISSION_GRANTED)
|
||||
.when(mDeps).uidPermission(eq(permission), eq(uid));
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testHasPermission() {
|
||||
PackageInfo app = systemPackageInfoWithPermissions();
|
||||
assertFalse(mPermissionMonitor.hasPermission(app, CHANGE_NETWORK_STATE));
|
||||
assertFalse(mPermissionMonitor.hasPermission(app, NETWORK_STACK));
|
||||
assertFalse(mPermissionMonitor.hasPermission(app, CONNECTIVITY_USE_RESTRICTED_NETWORKS));
|
||||
assertFalse(mPermissionMonitor.hasPermission(app, CONNECTIVITY_INTERNAL));
|
||||
addPermissions(MOCK_UID1);
|
||||
assertFalse(mPermissionMonitor.hasPermission(CHANGE_NETWORK_STATE, MOCK_UID1));
|
||||
assertFalse(mPermissionMonitor.hasPermission(NETWORK_STACK, MOCK_UID1));
|
||||
assertFalse(mPermissionMonitor.hasPermission(
|
||||
CONNECTIVITY_USE_RESTRICTED_NETWORKS, MOCK_UID1));
|
||||
assertFalse(mPermissionMonitor.hasPermission(CONNECTIVITY_INTERNAL, MOCK_UID1));
|
||||
|
||||
app = systemPackageInfoWithPermissions(CHANGE_NETWORK_STATE, NETWORK_STACK);
|
||||
assertTrue(mPermissionMonitor.hasPermission(app, CHANGE_NETWORK_STATE));
|
||||
assertTrue(mPermissionMonitor.hasPermission(app, NETWORK_STACK));
|
||||
assertFalse(mPermissionMonitor.hasPermission(app, CONNECTIVITY_USE_RESTRICTED_NETWORKS));
|
||||
assertFalse(mPermissionMonitor.hasPermission(app, CONNECTIVITY_INTERNAL));
|
||||
addPermissions(MOCK_UID1, CHANGE_NETWORK_STATE, NETWORK_STACK);
|
||||
assertTrue(mPermissionMonitor.hasPermission(CHANGE_NETWORK_STATE, MOCK_UID1));
|
||||
assertTrue(mPermissionMonitor.hasPermission(NETWORK_STACK, MOCK_UID1));
|
||||
assertFalse(mPermissionMonitor.hasPermission(
|
||||
CONNECTIVITY_USE_RESTRICTED_NETWORKS, MOCK_UID1));
|
||||
assertFalse(mPermissionMonitor.hasPermission(CONNECTIVITY_INTERNAL, MOCK_UID1));
|
||||
assertFalse(mPermissionMonitor.hasPermission(CHANGE_NETWORK_STATE, MOCK_UID2));
|
||||
assertFalse(mPermissionMonitor.hasPermission(NETWORK_STACK, MOCK_UID2));
|
||||
|
||||
app = systemPackageInfoWithPermissions(
|
||||
CONNECTIVITY_USE_RESTRICTED_NETWORKS, CONNECTIVITY_INTERNAL);
|
||||
assertFalse(mPermissionMonitor.hasPermission(app, CHANGE_NETWORK_STATE));
|
||||
assertFalse(mPermissionMonitor.hasPermission(app, NETWORK_STACK));
|
||||
assertTrue(mPermissionMonitor.hasPermission(app, CONNECTIVITY_USE_RESTRICTED_NETWORKS));
|
||||
assertTrue(mPermissionMonitor.hasPermission(app, CONNECTIVITY_INTERNAL));
|
||||
|
||||
app = packageInfoWithPermissions(REQUESTED_PERMISSION_REQUIRED, new String[] {
|
||||
CONNECTIVITY_USE_RESTRICTED_NETWORKS, CONNECTIVITY_INTERNAL, NETWORK_STACK },
|
||||
PARTITION_SYSTEM);
|
||||
assertFalse(mPermissionMonitor.hasPermission(app, CHANGE_NETWORK_STATE));
|
||||
assertFalse(mPermissionMonitor.hasPermission(app, NETWORK_STACK));
|
||||
assertFalse(mPermissionMonitor.hasPermission(app, CONNECTIVITY_USE_RESTRICTED_NETWORKS));
|
||||
assertFalse(mPermissionMonitor.hasPermission(app, CONNECTIVITY_INTERNAL));
|
||||
|
||||
app = systemPackageInfoWithPermissions(CHANGE_NETWORK_STATE);
|
||||
app.requestedPermissions = null;
|
||||
assertFalse(mPermissionMonitor.hasPermission(app, CHANGE_NETWORK_STATE));
|
||||
|
||||
app = systemPackageInfoWithPermissions(CHANGE_NETWORK_STATE);
|
||||
app.requestedPermissionsFlags = null;
|
||||
assertFalse(mPermissionMonitor.hasPermission(app, CHANGE_NETWORK_STATE));
|
||||
addPermissions(MOCK_UID2, CONNECTIVITY_USE_RESTRICTED_NETWORKS, CONNECTIVITY_INTERNAL);
|
||||
assertFalse(mPermissionMonitor.hasPermission(
|
||||
CONNECTIVITY_USE_RESTRICTED_NETWORKS, MOCK_UID1));
|
||||
assertFalse(mPermissionMonitor.hasPermission(CONNECTIVITY_INTERNAL, MOCK_UID1));
|
||||
assertTrue(mPermissionMonitor.hasPermission(
|
||||
CONNECTIVITY_USE_RESTRICTED_NETWORKS, MOCK_UID2));
|
||||
assertTrue(mPermissionMonitor.hasPermission(CONNECTIVITY_INTERNAL, MOCK_UID2));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testIsVendorApp() {
|
||||
PackageInfo app = systemPackageInfoWithPermissions();
|
||||
PackageInfo app = packageInfoWithPartition(PARTITION_SYSTEM);
|
||||
assertFalse(mPermissionMonitor.isVendorApp(app.applicationInfo));
|
||||
app = packageInfoWithPermissions(REQUESTED_PERMISSION_GRANTED,
|
||||
new String[] {}, PARTITION_OEM);
|
||||
app = packageInfoWithPartition(PARTITION_OEM);
|
||||
assertTrue(mPermissionMonitor.isVendorApp(app.applicationInfo));
|
||||
app = packageInfoWithPermissions(REQUESTED_PERMISSION_GRANTED,
|
||||
new String[] {}, PARTITION_PRODUCT);
|
||||
app = packageInfoWithPartition(PARTITION_PRODUCT);
|
||||
assertTrue(mPermissionMonitor.isVendorApp(app.applicationInfo));
|
||||
app = vendorPackageInfoWithPermissions();
|
||||
app = packageInfoWithPartition(PARTITION_VENDOR);
|
||||
assertTrue(mPermissionMonitor.isVendorApp(app.applicationInfo));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testHasNetworkPermission() {
|
||||
PackageInfo app = systemPackageInfoWithPermissions();
|
||||
assertFalse(mPermissionMonitor.hasNetworkPermission(app));
|
||||
app = systemPackageInfoWithPermissions(CHANGE_NETWORK_STATE);
|
||||
assertTrue(mPermissionMonitor.hasNetworkPermission(app));
|
||||
app = systemPackageInfoWithPermissions(NETWORK_STACK);
|
||||
assertFalse(mPermissionMonitor.hasNetworkPermission(app));
|
||||
app = systemPackageInfoWithPermissions(CONNECTIVITY_USE_RESTRICTED_NETWORKS);
|
||||
assertFalse(mPermissionMonitor.hasNetworkPermission(app));
|
||||
app = systemPackageInfoWithPermissions(CONNECTIVITY_INTERNAL);
|
||||
assertFalse(mPermissionMonitor.hasNetworkPermission(app));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testHasRestrictedNetworkPermission() {
|
||||
assertFalse(hasRestrictedNetworkPermission(PARTITION_SYSTEM, VERSION_P, MOCK_UID1));
|
||||
@@ -323,30 +288,27 @@ public class PermissionMonitorTest {
|
||||
private void assertBackgroundPermission(boolean hasPermission, String name, int uid,
|
||||
String... permissions) throws Exception {
|
||||
when(mPackageManager.getPackageInfo(eq(name), anyInt()))
|
||||
.thenReturn(packageInfoWithPermissions(
|
||||
REQUESTED_PERMISSION_GRANTED, permissions, PARTITION_SYSTEM));
|
||||
.thenReturn(buildPackageInfo(PARTITION_SYSTEM, uid, MOCK_USER1));
|
||||
addPermissions(uid, permissions);
|
||||
mPermissionMonitor.onPackageAdded(name, uid);
|
||||
assertEquals(hasPermission, mPermissionMonitor.hasUseBackgroundNetworksPermission(uid));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testHasUseBackgroundNetworksPermission() throws Exception {
|
||||
doReturn(VERSION_Q).when(mDeps).getDeviceFirstSdkInt();
|
||||
assertFalse(mPermissionMonitor.hasUseBackgroundNetworksPermission(SYSTEM_UID));
|
||||
assertBackgroundPermission(false, SYSTEM_PACKAGE1, SYSTEM_UID);
|
||||
assertBackgroundPermission(false, SYSTEM_PACKAGE1, SYSTEM_UID, CONNECTIVITY_INTERNAL);
|
||||
assertBackgroundPermission(true, SYSTEM_PACKAGE1, SYSTEM_UID, CHANGE_NETWORK_STATE);
|
||||
assertBackgroundPermission(true, SYSTEM_PACKAGE1, SYSTEM_UID, NETWORK_STACK);
|
||||
assertBackgroundPermission(false, "system1", SYSTEM_UID);
|
||||
assertBackgroundPermission(false, "system2", SYSTEM_UID, CONNECTIVITY_INTERNAL);
|
||||
assertBackgroundPermission(true, "system3", SYSTEM_UID, CHANGE_NETWORK_STATE);
|
||||
|
||||
assertFalse(mPermissionMonitor.hasUseBackgroundNetworksPermission(MOCK_UID1));
|
||||
assertBackgroundPermission(false, MOCK_PACKAGE1, MOCK_UID1);
|
||||
assertBackgroundPermission(true, MOCK_PACKAGE1, MOCK_UID1,
|
||||
CONNECTIVITY_USE_RESTRICTED_NETWORKS);
|
||||
assertBackgroundPermission(false, "mock1", MOCK_UID1);
|
||||
assertBackgroundPermission(true, "mock2", MOCK_UID1, CONNECTIVITY_USE_RESTRICTED_NETWORKS);
|
||||
|
||||
assertFalse(mPermissionMonitor.hasUseBackgroundNetworksPermission(MOCK_UID2));
|
||||
assertBackgroundPermission(false, MOCK_PACKAGE2, MOCK_UID2);
|
||||
assertBackgroundPermission(false, MOCK_PACKAGE2, MOCK_UID2,
|
||||
CONNECTIVITY_INTERNAL);
|
||||
assertBackgroundPermission(true, MOCK_PACKAGE2, MOCK_UID2, NETWORK_STACK);
|
||||
assertBackgroundPermission(false, "mock3", MOCK_UID2, CONNECTIVITY_INTERNAL);
|
||||
assertBackgroundPermission(true, "mock4", MOCK_UID2, NETWORK_STACK);
|
||||
}
|
||||
|
||||
private class NetdMonitor {
|
||||
@@ -416,13 +378,14 @@ public class PermissionMonitorTest {
|
||||
// MOCK_UID1: MOCK_PACKAGE1 only has network permission.
|
||||
// SYSTEM_UID: SYSTEM_PACKAGE1 has system permission.
|
||||
// SYSTEM_UID: SYSTEM_PACKAGE2 only has network permission.
|
||||
doReturn(SYSTEM).when(mPermissionMonitor).highestPermissionForUid(eq(SYSTEM), anyString());
|
||||
doReturn(SYSTEM).when(mPermissionMonitor).highestPermissionForUid(eq(SYSTEM),
|
||||
anyString(), anyInt());
|
||||
doReturn(SYSTEM).when(mPermissionMonitor).highestPermissionForUid(any(),
|
||||
eq(SYSTEM_PACKAGE1));
|
||||
eq(SYSTEM_PACKAGE1), anyInt());
|
||||
doReturn(NETWORK).when(mPermissionMonitor).highestPermissionForUid(any(),
|
||||
eq(SYSTEM_PACKAGE2));
|
||||
eq(SYSTEM_PACKAGE2), anyInt());
|
||||
doReturn(NETWORK).when(mPermissionMonitor).highestPermissionForUid(any(),
|
||||
eq(MOCK_PACKAGE1));
|
||||
eq(MOCK_PACKAGE1), anyInt());
|
||||
|
||||
// Add SYSTEM_PACKAGE2, expect only have network permission.
|
||||
mPermissionMonitor.onUserAdded(MOCK_USER1);
|
||||
@@ -473,13 +436,15 @@ public class PermissionMonitorTest {
|
||||
public void testUidFilteringDuringVpnConnectDisconnectAndUidUpdates() throws Exception {
|
||||
when(mPackageManager.getInstalledPackages(eq(GET_PERMISSIONS | MATCH_ANY_USER))).thenReturn(
|
||||
Arrays.asList(new PackageInfo[] {
|
||||
buildPackageInfo(/* SYSTEM */ true, SYSTEM_UID1, MOCK_USER1),
|
||||
buildPackageInfo(/* SYSTEM */ false, MOCK_UID1, MOCK_USER1),
|
||||
buildPackageInfo(/* SYSTEM */ false, MOCK_UID2, MOCK_USER1),
|
||||
buildPackageInfo(/* SYSTEM */ false, VPN_UID, MOCK_USER1)
|
||||
buildPackageInfo(PARTITION_SYSTEM, SYSTEM_UID1, MOCK_USER1),
|
||||
buildPackageInfo(PARTITION_SYSTEM, MOCK_UID1, MOCK_USER1),
|
||||
buildPackageInfo(PARTITION_SYSTEM, MOCK_UID2, MOCK_USER1),
|
||||
buildPackageInfo(PARTITION_SYSTEM, VPN_UID, MOCK_USER1)
|
||||
}));
|
||||
when(mPackageManager.getPackageInfo(eq(MOCK_PACKAGE1), eq(GET_PERMISSIONS))).thenReturn(
|
||||
buildPackageInfo(false, MOCK_UID1, MOCK_USER1));
|
||||
buildPackageInfo(PARTITION_SYSTEM, MOCK_UID1, MOCK_USER1));
|
||||
addPermissions(SYSTEM_UID,
|
||||
CHANGE_NETWORK_STATE, NETWORK_STACK, CONNECTIVITY_USE_RESTRICTED_NETWORKS);
|
||||
mPermissionMonitor.startMonitoring();
|
||||
// Every app on user 0 except MOCK_UID2 are under VPN.
|
||||
final Set<UidRange> vpnRange1 = new HashSet<>(Arrays.asList(new UidRange[] {
|
||||
@@ -524,11 +489,11 @@ public class PermissionMonitorTest {
|
||||
public void testUidFilteringDuringPackageInstallAndUninstall() throws Exception {
|
||||
when(mPackageManager.getInstalledPackages(eq(GET_PERMISSIONS | MATCH_ANY_USER))).thenReturn(
|
||||
Arrays.asList(new PackageInfo[] {
|
||||
buildPackageInfo(true, SYSTEM_UID1, MOCK_USER1),
|
||||
buildPackageInfo(false, VPN_UID, MOCK_USER1)
|
||||
buildPackageInfo(PARTITION_SYSTEM, SYSTEM_UID1, MOCK_USER1),
|
||||
buildPackageInfo(PARTITION_SYSTEM, VPN_UID, MOCK_USER1)
|
||||
}));
|
||||
when(mPackageManager.getPackageInfo(eq(MOCK_PACKAGE1), eq(GET_PERMISSIONS))).thenReturn(
|
||||
buildPackageInfo(false, MOCK_UID1, MOCK_USER1));
|
||||
buildPackageInfo(PARTITION_SYSTEM, MOCK_UID1, MOCK_USER1));
|
||||
|
||||
mPermissionMonitor.startMonitoring();
|
||||
final Set<UidRange> vpnRange = Collections.singleton(UidRange.createForUser(MOCK_USER1));
|
||||
@@ -633,10 +598,10 @@ public class PermissionMonitorTest {
|
||||
|
||||
private PackageInfo setPackagePermissions(String packageName, int uid, String[] permissions)
|
||||
throws Exception {
|
||||
PackageInfo packageInfo = packageInfoWithPermissions(
|
||||
REQUESTED_PERMISSION_GRANTED, permissions, PARTITION_SYSTEM);
|
||||
final PackageInfo packageInfo = buildPackageInfo(PARTITION_SYSTEM, uid, MOCK_USER1);
|
||||
when(mPackageManager.getPackageInfo(eq(packageName), anyInt())).thenReturn(packageInfo);
|
||||
when(mPackageManager.getPackagesForUid(eq(uid))).thenReturn(new String[]{packageName});
|
||||
addPermissions(uid, permissions);
|
||||
return packageInfo;
|
||||
}
|
||||
|
||||
@@ -663,14 +628,13 @@ public class PermissionMonitorTest {
|
||||
public void testPackageInstallSharedUid() throws Exception {
|
||||
final NetdServiceMonitor mNetdServiceMonitor = new NetdServiceMonitor(mNetdService);
|
||||
|
||||
PackageInfo packageInfo1 = addPackage(MOCK_PACKAGE1, MOCK_UID1,
|
||||
new String[] {INTERNET, UPDATE_DEVICE_STATS});
|
||||
addPackage(MOCK_PACKAGE1, MOCK_UID1, new String[] {INTERNET, UPDATE_DEVICE_STATS});
|
||||
mNetdServiceMonitor.expectPermission(INetd.PERMISSION_INTERNET
|
||||
| INetd.PERMISSION_UPDATE_DEVICE_STATS, new int[]{MOCK_UID1});
|
||||
|
||||
// Install another package with the same uid and no permissions should not cause the UID to
|
||||
// lose permissions.
|
||||
PackageInfo packageInfo2 = systemPackageInfoWithPermissions();
|
||||
final PackageInfo packageInfo2 = buildPackageInfo(PARTITION_SYSTEM, MOCK_UID1, MOCK_USER1);
|
||||
when(mPackageManager.getPackageInfo(eq(MOCK_PACKAGE2), anyInt())).thenReturn(packageInfo2);
|
||||
when(mPackageManager.getPackagesForUid(MOCK_UID1))
|
||||
.thenReturn(new String[]{MOCK_PACKAGE1, MOCK_PACKAGE2});
|
||||
@@ -701,6 +665,7 @@ public class PermissionMonitorTest {
|
||||
| INetd.PERMISSION_UPDATE_DEVICE_STATS, new int[]{MOCK_UID1});
|
||||
|
||||
when(mPackageManager.getPackagesForUid(MOCK_UID1)).thenReturn(new String[]{});
|
||||
removeAllPermissions(MOCK_UID1);
|
||||
mPermissionMonitor.onPackageRemoved(MOCK_PACKAGE1, MOCK_UID1);
|
||||
mNetdServiceMonitor.expectPermission(INetd.PERMISSION_UNINSTALLED, new int[]{MOCK_UID1});
|
||||
|
||||
@@ -728,10 +693,12 @@ public class PermissionMonitorTest {
|
||||
| INetd.PERMISSION_UPDATE_DEVICE_STATS, new int[]{MOCK_UID1});
|
||||
|
||||
// Mock another package with the same uid but different permissions.
|
||||
PackageInfo packageInfo2 = systemPackageInfoWithPermissions(INTERNET);
|
||||
final PackageInfo packageInfo2 = buildPackageInfo(PARTITION_SYSTEM, MOCK_UID1, MOCK_USER1);
|
||||
when(mPackageManager.getPackageInfo(eq(MOCK_PACKAGE2), anyInt())).thenReturn(packageInfo2);
|
||||
when(mPackageManager.getPackagesForUid(MOCK_UID1)).thenReturn(new String[]{
|
||||
MOCK_PACKAGE2});
|
||||
removeAllPermissions(MOCK_UID1);
|
||||
addPermissions(MOCK_UID1, INTERNET);
|
||||
|
||||
mPermissionMonitor.onPackageRemoved(MOCK_PACKAGE1, MOCK_UID1);
|
||||
mNetdServiceMonitor.expectPermission(INetd.PERMISSION_INTERNET, new int[]{MOCK_UID1});
|
||||
@@ -743,9 +710,6 @@ public class PermissionMonitorTest {
|
||||
// necessary permission.
|
||||
final Context realContext = InstrumentationRegistry.getContext();
|
||||
final PermissionMonitor monitor = new PermissionMonitor(realContext, mNetdService);
|
||||
final PackageManager manager = realContext.getPackageManager();
|
||||
final PackageInfo systemInfo = manager.getPackageInfo(REAL_SYSTEM_PACKAGE_NAME,
|
||||
GET_PERMISSIONS | MATCH_ANY_USER);
|
||||
assertTrue(monitor.hasPermission(systemInfo, CONNECTIVITY_USE_RESTRICTED_NETWORKS));
|
||||
assertTrue(monitor.hasPermission(CONNECTIVITY_USE_RESTRICTED_NETWORKS, SYSTEM_UID));
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user