Let the system server have CONNECTIVITY_USE_RESTRICTED_NETWORKS.
Also : - Fix testUidFilteringDuringVpnConnectDisconnectAndUidUpdates that was failing on devices with a first released SDK >= Q - Add a test actually tests that the system has the permission, as the test was only testing what's in the mock Bug: 119770201 Test: New test making sure this stays true Change-Id: I74cf5f0fa17fcf818f1fed78c7e3e4375c20152e
This commit is contained in:
Chalard Jean
@@ -65,6 +65,7 @@ import android.os.UserHandle;
|
|||||||
import android.os.UserManager;
|
import android.os.UserManager;
|
||||||
import android.util.SparseIntArray;
|
import android.util.SparseIntArray;
|
||||||
|
|
||||||
|
import androidx.test.InstrumentationRegistry;
|
||||||
import androidx.test.filters.SmallTest;
|
import androidx.test.filters.SmallTest;
|
||||||
import androidx.test.runner.AndroidJUnit4;
|
import androidx.test.runner.AndroidJUnit4;
|
||||||
|
|
||||||
@@ -96,6 +97,7 @@ public class PermissionMonitorTest {
|
|||||||
private static final int SYSTEM_UID1 = 1000;
|
private static final int SYSTEM_UID1 = 1000;
|
||||||
private static final int SYSTEM_UID2 = 1008;
|
private static final int SYSTEM_UID2 = 1008;
|
||||||
private static final int VPN_UID = 10002;
|
private static final int VPN_UID = 10002;
|
||||||
|
private static final String REAL_SYSTEM_PACKAGE_NAME = "android";
|
||||||
private static final String MOCK_PACKAGE1 = "appName1";
|
private static final String MOCK_PACKAGE1 = "appName1";
|
||||||
private static final String MOCK_PACKAGE2 = "appName2";
|
private static final String MOCK_PACKAGE2 = "appName2";
|
||||||
private static final String SYSTEM_PACKAGE1 = "sysName1";
|
private static final String SYSTEM_PACKAGE1 = "sysName1";
|
||||||
@@ -188,8 +190,10 @@ public class PermissionMonitorTest {
|
|||||||
private static PackageInfo buildPackageInfo(boolean hasSystemPermission, int uid, int userId) {
|
private static PackageInfo buildPackageInfo(boolean hasSystemPermission, int uid, int userId) {
|
||||||
final PackageInfo pkgInfo;
|
final PackageInfo pkgInfo;
|
||||||
if (hasSystemPermission) {
|
if (hasSystemPermission) {
|
||||||
pkgInfo = packageInfoWithPermissions(new String[] {CHANGE_NETWORK_STATE, NETWORK_STACK},
|
final String[] systemPermissions = new String[]{
|
||||||
PARTITION_SYSTEM);
|
CHANGE_NETWORK_STATE, NETWORK_STACK, CONNECTIVITY_USE_RESTRICTED_NETWORKS
|
||||||
|
};
|
||||||
|
pkgInfo = packageInfoWithPermissions(systemPermissions, PARTITION_SYSTEM);
|
||||||
} else {
|
} else {
|
||||||
pkgInfo = packageInfoWithPermissions(new String[] {}, "");
|
pkgInfo = packageInfoWithPermissions(new String[] {}, "");
|
||||||
}
|
}
|
||||||
@@ -646,4 +650,16 @@ public class PermissionMonitorTest {
|
|||||||
mObserver.onPackageRemoved(MOCK_PACKAGE1, MOCK_UID1);
|
mObserver.onPackageRemoved(MOCK_PACKAGE1, MOCK_UID1);
|
||||||
mNetdServiceMonitor.expectPermission(INetd.PERMISSION_INTERNET, new int[]{MOCK_UID1});
|
mNetdServiceMonitor.expectPermission(INetd.PERMISSION_INTERNET, new int[]{MOCK_UID1});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testRealSystemPermission() throws Exception {
|
||||||
|
// Use the real context as this test must ensure the *real* system package holds the
|
||||||
|
// necessary permission.
|
||||||
|
final Context realContext = InstrumentationRegistry.getContext();
|
||||||
|
final PermissionMonitor monitor = new PermissionMonitor(realContext, mNetdService);
|
||||||
|
final PackageManager manager = realContext.getPackageManager();
|
||||||
|
final PackageInfo systemInfo = manager.getPackageInfo(REAL_SYSTEM_PACKAGE_NAME,
|
||||||
|
GET_PERMISSIONS | MATCH_ANY_USER);
|
||||||
|
assertTrue(monitor.hasPermission(systemInfo, CONNECTIVITY_USE_RESTRICTED_NETWORKS));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user