Updating Eth Service to use Eth Network Permission
Updating Ethernet Service network management APIs to require the manage ethernet networks permission. Bug: 210485380 Test: atest EthernetServiceTests Change-Id: Ibc9b2930fc0069efd7c6f4b833aba7d6c8e93311
This commit is contained in:
James Mattis
@@ -208,6 +208,12 @@ public class EthernetServiceImpl extends IEthernetManager.Stub {
|
||||
pw.decreaseIndent();
|
||||
}
|
||||
|
||||
private void enforceNetworkManagementPermission() {
|
||||
mContext.enforceCallingOrSelfPermission(
|
||||
android.Manifest.permission.MANAGE_ETHERNET_NETWORKS,
|
||||
"EthernetServiceImpl");
|
||||
}
|
||||
|
||||
/**
|
||||
* Validate the state of ethernet for APIs tied to network management.
|
||||
*
|
||||
@@ -216,12 +222,12 @@ public class EthernetServiceImpl extends IEthernetManager.Stub {
|
||||
*/
|
||||
private void validateNetworkManagementState(@NonNull final String iface,
|
||||
final @NonNull String methodName) {
|
||||
enforceAutomotiveDevice(methodName);
|
||||
enforceNetworkManagementPermission();
|
||||
logIfEthernetNotStarted();
|
||||
|
||||
// TODO: add permission check here for MANAGE_INTERNAL_NETWORKS when it's available.
|
||||
Objects.requireNonNull(iface, "Pass a non-null iface.");
|
||||
Objects.requireNonNull(methodName, "Pass a non-null methodName.");
|
||||
enforceAutomotiveDevice(methodName);
|
||||
enforceInterfaceIsTracked(iface);
|
||||
}
|
||||
|
||||
|
||||
@@ -362,7 +362,7 @@ public class EthernetNetworkFactoryTest {
|
||||
|
||||
assertFalse(ret);
|
||||
verifyNoStopOrStart();
|
||||
assertFailedListener(listener, "can't be updated as it is not configured");
|
||||
assertFailedListener(listener, "can't be updated as it is not available");
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -18,10 +18,13 @@ package com.android.server.ethernet;
|
||||
|
||||
import static org.junit.Assert.assertThrows;
|
||||
|
||||
import static org.mockito.ArgumentMatchers.anyString;
|
||||
import static org.mockito.ArgumentMatchers.eq;
|
||||
import static org.mockito.Mockito.doReturn;
|
||||
import static org.mockito.Mockito.doThrow;
|
||||
import static org.mockito.Mockito.verify;
|
||||
|
||||
import android.Manifest;
|
||||
import android.annotation.NonNull;
|
||||
import android.content.Context;
|
||||
import android.content.pm.PackageManager;
|
||||
@@ -176,6 +179,36 @@ public class EthernetServiceImplTest {
|
||||
});
|
||||
}
|
||||
|
||||
private void denyManageEthPermission() {
|
||||
doThrow(new SecurityException("")).when(mContext)
|
||||
.enforceCallingOrSelfPermission(
|
||||
eq(Manifest.permission.MANAGE_ETHERNET_NETWORKS), anyString());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testUpdateConfigurationRejectsWithoutManageEthPermission() {
|
||||
denyManageEthPermission();
|
||||
assertThrows(SecurityException.class, () -> {
|
||||
mEthernetServiceImpl.updateConfiguration(TEST_IFACE, UPDATE_REQUEST, NULL_LISTENER);
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testConnectNetworkRejectsWithoutManageEthPermission() {
|
||||
denyManageEthPermission();
|
||||
assertThrows(SecurityException.class, () -> {
|
||||
mEthernetServiceImpl.connectNetwork(TEST_IFACE, NULL_LISTENER);
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testDisconnectNetworkRejectsWithoutManageEthPermission() {
|
||||
denyManageEthPermission();
|
||||
assertThrows(SecurityException.class, () -> {
|
||||
mEthernetServiceImpl.disconnectNetwork(TEST_IFACE, NULL_LISTENER);
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testUpdateConfiguration() {
|
||||
mEthernetServiceImpl.updateConfiguration(TEST_IFACE, UPDATE_REQUEST, NULL_LISTENER);
|
||||
|
||||
Reference in New Issue
Block a user