android-35/android/os/PermissionEnforcer.java - platform/prebuilts/fullsdk/sources - Git at Google

 /*
  * Copyright (C) 2022 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 package android.os;

 import android.annotation.NonNull;
 import android.annotation.SystemService;
 import android.app.AppOpsManager;
 import android.content.AttributionSource;
 import android.content.Context;
 import android.content.PermissionChecker;
 import android.content.pm.PackageManager;
 import android.permission.PermissionCheckerManager;
 import android.permission.PermissionManager;

 /**
  * PermissionEnforcer check permissions for AIDL-generated services which use
  * the @EnforcePermission annotation.
  *
  * <p>AIDL services may be annotated with @EnforcePermission which will trigger
  * the generation of permission check code. This generated code relies on
  * PermissionEnforcer to validate the permissions. The methods available are
  * purposely similar to the AIDL annotation syntax.
  *
  * <p>The constructor of the Stub generated by AIDL expects a
  * PermissionEnforcer. It can be based on the current Context. For example:
  *
  * <pre>{@code
  * class MyFoo extends Foo.Stub {
  *     MyFoo(Context context) {
  *         super(PermissionEnforcer.fromContext(context));
  *     }
  *
  *     @Override
  *     @EnforcePermission(android.Manifest.permission.INTERNET)
  *     public MyMethod() {
  *         MyMethod_enforcePermission();
  *     }
  * }
  * }</pre>
  *
  * <p>A {@link android.os.test.FakePermissionEnforcer} is available for unit
  * testing. It can be attached to a mocked Context using:
  * <pre>{@code
  * @Mock private Context mContext;
  *
  * @Before
  * public setUp() {
  *   fakeEnforcer = new FakePermissionEnforcer();
  *   fakeEnforcer.grant(android.Manifest.permission.INTERNET);
  *
  *   doReturn(fakeEnforcer).when(mContext).getSystemService(
                 eq(Context.PERMISSION_ENFORCER_SERVICE));
  * }
  * }</pre>
  *
  * @see android.permission.PermissionManager
  *
  * @hide
  */
 @SystemService(Context.PERMISSION_ENFORCER_SERVICE)
 @android.ravenwood.annotation.RavenwoodKeepWholeClass
 public class PermissionEnforcer {

     private final Context mContext;
     private static final String ACCESS_DENIED = "Access denied, requires: ";

     /** Protected constructor. Allows subclasses to instantiate an object
      *  without using a Context.
      */
     protected PermissionEnforcer() {
         mContext = null;
     }

     /** Constructor, prefer using the fromContext static method when possible */
     @android.ravenwood.annotation.RavenwoodThrow(blockedBy = PermissionManager.class,
             reason = "Use subclass for unit tests, such as FakePermissionEnforcer")
     public PermissionEnforcer(@NonNull Context context) {
         mContext = context;
     }

     @PermissionCheckerManager.PermissionResult
     protected int checkPermission(@NonNull String permission, @NonNull AttributionSource source) {
         return PermissionChecker.checkPermissionForDataDelivery(
             mContext, permission, PermissionChecker.PID_UNKNOWN, source, "" /* message */);
     }

     @SuppressWarnings("AndroidFrameworkClientSidePermissionCheck")
     @PermissionCheckerManager.PermissionResult
     protected int checkPermission(@NonNull String permission, int pid, int uid) {
         if (mContext.checkPermission(permission, pid, uid) == PackageManager.PERMISSION_GRANTED) {
             return PermissionCheckerManager.PERMISSION_GRANTED;
         }
         return PermissionCheckerManager.PERMISSION_HARD_DENIED;
     }

     @android.ravenwood.annotation.RavenwoodReplace(blockedBy = AppOpsManager.class,
             reason = "Blocked on Mainline dependencies")
     private static int permissionToOpCode(String permission) {
         return AppOpsManager.permissionToOpCode(permission);
     }

     private static int permissionToOpCode$ravenwood(String permission) {
         return AppOpsManager.OP_NONE;
     }

     private boolean anyAppOps(@NonNull String[] permissions) {
         for (String permission : permissions) {
             if (permissionToOpCode(permission) != AppOpsManager.OP_NONE) {
                 return true;
             }
         }
         return false;
     }

     public void enforcePermission(@NonNull String permission, @NonNull
             AttributionSource source) throws SecurityException {
         int result = checkPermission(permission, source);
         if (result != PermissionCheckerManager.PERMISSION_GRANTED) {
             throw new SecurityException(ACCESS_DENIED + permission);
         }
     }

     public void enforcePermission(@NonNull String permission, int pid, int uid)
             throws SecurityException {
         if (permissionToOpCode(permission) != AppOpsManager.OP_NONE) {
             AttributionSource source = new AttributionSource(uid, null, null);
             enforcePermission(permission, source);
             return;
         }
         int result = checkPermission(permission, pid, uid);
         if (result != PermissionCheckerManager.PERMISSION_GRANTED) {
             throw new SecurityException(ACCESS_DENIED + permission);
         }
     }

     public void enforcePermissionAllOf(@NonNull String[] permissions,
             @NonNull AttributionSource source) throws SecurityException {
         for (String permission : permissions) {
             int result = checkPermission(permission, source);
             if (result != PermissionCheckerManager.PERMISSION_GRANTED) {
                 throw new SecurityException(ACCESS_DENIED + "allOf={"
                         + String.join(", ", permissions) + "}");
             }
         }
     }

     public void enforcePermissionAllOf(@NonNull String[] permissions,
             int pid, int uid) throws SecurityException {
         if (anyAppOps(permissions)) {
             AttributionSource source = new AttributionSource(uid, null, null);
             enforcePermissionAllOf(permissions, source);
             return;
         }
         for (String permission : permissions) {
             int result = checkPermission(permission, pid, uid);
             if (result != PermissionCheckerManager.PERMISSION_GRANTED) {
                 throw new SecurityException(ACCESS_DENIED + "allOf={"
                         + String.join(", ", permissions) + "}");
             }
         }
     }

     public void enforcePermissionAnyOf(@NonNull String[] permissions,
             @NonNull AttributionSource source) throws SecurityException {
         for (String permission : permissions) {
             int result = checkPermission(permission, source);
             if (result == PermissionCheckerManager.PERMISSION_GRANTED) {
                 return;
             }
         }
         throw new SecurityException(ACCESS_DENIED + "anyOf={"
                 + String.join(", ", permissions) + "}");
     }

     public void enforcePermissionAnyOf(@NonNull String[] permissions,
             int pid, int uid) throws SecurityException {
         if (anyAppOps(permissions)) {
             AttributionSource source = new AttributionSource(uid, null, null);
             enforcePermissionAnyOf(permissions, source);
             return;
         }
         for (String permission : permissions) {
             int result = checkPermission(permission, pid, uid);
             if (result == PermissionCheckerManager.PERMISSION_GRANTED) {
                 return;
             }
         }
         throw new SecurityException(ACCESS_DENIED + "anyOf={"
                 + String.join(", ", permissions) + "}");
     }

     /**
      * Returns a new PermissionEnforcer based on a Context.
      *
      * @hide
      */
     public static PermissionEnforcer fromContext(@NonNull Context context) {
         return (PermissionEnforcer) context.getSystemService(Context.PERMISSION_ENFORCER_SERVICE);
     }
 }
	/*
	* Copyright (C) 2022 The Android Open Source Project
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	package android.os;

	import android.annotation.NonNull;
	import android.annotation.SystemService;
	import android.app.AppOpsManager;
	import android.content.AttributionSource;
	import android.content.Context;
	import android.content.PermissionChecker;
	import android.content.pm.PackageManager;
	import android.permission.PermissionCheckerManager;
	import android.permission.PermissionManager;

	/**
	* PermissionEnforcer check permissions for AIDL-generated services which use
	* the @EnforcePermission annotation.
	*
	* <p>AIDL services may be annotated with @EnforcePermission which will trigger
	* the generation of permission check code. This generated code relies on
	* PermissionEnforcer to validate the permissions. The methods available are
	* purposely similar to the AIDL annotation syntax.
	*
	* <p>The constructor of the Stub generated by AIDL expects a
	* PermissionEnforcer. It can be based on the current Context. For example:
	*
	* <pre>{@code
	* class MyFoo extends Foo.Stub {
	* MyFoo(Context context) {
	* super(PermissionEnforcer.fromContext(context));
	* }
	*
	* @Override
	* @EnforcePermission(android.Manifest.permission.INTERNET)
	* public MyMethod() {
	* MyMethod_enforcePermission();
	* }
	* }
	* }</pre>
	*
	* <p>A {@link android.os.test.FakePermissionEnforcer} is available for unit
	* testing. It can be attached to a mocked Context using:
	* <pre>{@code
	* @Mock private Context mContext;
	*
	* @Before
	* public setUp() {
	* fakeEnforcer = new FakePermissionEnforcer();
	* fakeEnforcer.grant(android.Manifest.permission.INTERNET);
	*
	* doReturn(fakeEnforcer).when(mContext).getSystemService(
	eq(Context.PERMISSION_ENFORCER_SERVICE));
	* }
	* }</pre>
	*
	* @see android.permission.PermissionManager
	*
	* @hide
	*/
	@SystemService(Context.PERMISSION_ENFORCER_SERVICE)
	@android.ravenwood.annotation.RavenwoodKeepWholeClass
	public class PermissionEnforcer {

	private final Context mContext;
	private static final String ACCESS_DENIED = "Access denied, requires: ";

	/** Protected constructor. Allows subclasses to instantiate an object
	* without using a Context.
	*/
	protected PermissionEnforcer() {
	mContext = null;
	}

	/** Constructor, prefer using the fromContext static method when possible */
	@android.ravenwood.annotation.RavenwoodThrow(blockedBy = PermissionManager.class,
	reason = "Use subclass for unit tests, such as FakePermissionEnforcer")
	public PermissionEnforcer(@NonNull Context context) {
	mContext = context;
	}

	@PermissionCheckerManager.PermissionResult
	protected int checkPermission(@NonNull String permission, @NonNull AttributionSource source) {
	return PermissionChecker.checkPermissionForDataDelivery(
	mContext, permission, PermissionChecker.PID_UNKNOWN, source, "" /* message */);
	}

	@SuppressWarnings("AndroidFrameworkClientSidePermissionCheck")
	@PermissionCheckerManager.PermissionResult
	protected int checkPermission(@NonNull String permission, int pid, int uid) {
	if (mContext.checkPermission(permission, pid, uid) == PackageManager.PERMISSION_GRANTED) {
	return PermissionCheckerManager.PERMISSION_GRANTED;
	}
	return PermissionCheckerManager.PERMISSION_HARD_DENIED;
	}

	@android.ravenwood.annotation.RavenwoodReplace(blockedBy = AppOpsManager.class,
	reason = "Blocked on Mainline dependencies")
	private static int permissionToOpCode(String permission) {
	return AppOpsManager.permissionToOpCode(permission);
	}

	private static int permissionToOpCode$ravenwood(String permission) {
	return AppOpsManager.OP_NONE;
	}

	private boolean anyAppOps(@NonNull String[] permissions) {
	for (String permission : permissions) {
	if (permissionToOpCode(permission) != AppOpsManager.OP_NONE) {
	return true;
	}
	}
	return false;
	}

	public void enforcePermission(@NonNull String permission, @NonNull
	AttributionSource source) throws SecurityException {
	int result = checkPermission(permission, source);
	if (result != PermissionCheckerManager.PERMISSION_GRANTED) {
	throw new SecurityException(ACCESS_DENIED + permission);
	}
	}

	public void enforcePermission(@NonNull String permission, int pid, int uid)
	throws SecurityException {
	if (permissionToOpCode(permission) != AppOpsManager.OP_NONE) {
	AttributionSource source = new AttributionSource(uid, null, null);
	enforcePermission(permission, source);
	return;
	}
	int result = checkPermission(permission, pid, uid);
	if (result != PermissionCheckerManager.PERMISSION_GRANTED) {
	throw new SecurityException(ACCESS_DENIED + permission);
	}
	}

	public void enforcePermissionAllOf(@NonNull String[] permissions,
	@NonNull AttributionSource source) throws SecurityException {
	for (String permission : permissions) {
	int result = checkPermission(permission, source);
	if (result != PermissionCheckerManager.PERMISSION_GRANTED) {
	throw new SecurityException(ACCESS_DENIED + "allOf={"
	+ String.join(", ", permissions) + "}");
	}
	}
	}

	public void enforcePermissionAllOf(@NonNull String[] permissions,
	int pid, int uid) throws SecurityException {
	if (anyAppOps(permissions)) {
	AttributionSource source = new AttributionSource(uid, null, null);
	enforcePermissionAllOf(permissions, source);
	return;
	}
	for (String permission : permissions) {
	int result = checkPermission(permission, pid, uid);
	if (result != PermissionCheckerManager.PERMISSION_GRANTED) {
	throw new SecurityException(ACCESS_DENIED + "allOf={"
	+ String.join(", ", permissions) + "}");
	}
	}
	}

	public void enforcePermissionAnyOf(@NonNull String[] permissions,
	@NonNull AttributionSource source) throws SecurityException {
	for (String permission : permissions) {
	int result = checkPermission(permission, source);
	if (result == PermissionCheckerManager.PERMISSION_GRANTED) {
	return;
	}
	}
	throw new SecurityException(ACCESS_DENIED + "anyOf={"
	+ String.join(", ", permissions) + "}");
	}

	public void enforcePermissionAnyOf(@NonNull String[] permissions,
	int pid, int uid) throws SecurityException {
	if (anyAppOps(permissions)) {
	AttributionSource source = new AttributionSource(uid, null, null);
	enforcePermissionAnyOf(permissions, source);
	return;
	}
	for (String permission : permissions) {
	int result = checkPermission(permission, pid, uid);
	if (result == PermissionCheckerManager.PERMISSION_GRANTED) {
	return;
	}
	}
	throw new SecurityException(ACCESS_DENIED + "anyOf={"
	+ String.join(", ", permissions) + "}");
	}

	/**
	* Returns a new PermissionEnforcer based on a Context.
	*
	* @hide
	*/
	public static PermissionEnforcer fromContext(@NonNull Context context) {
	return (PermissionEnforcer) context.getSystemService(Context.PERMISSION_ENFORCER_SERVICE);
	}
	}