aflags: only permit enable/disable with root access.

Bug: 324436145
Test: adb unroot && adb shell aflags enable com.android.window.flags.sync_window_config_update_flag # Fails
Test: adb root && adb shell aflags enable com.android.window.flags.sync_window_config_update_flag # Succeeds
Change-Id: I88db174b51462199a234eeb3b6fb70c4da538700
diff --git a/tools/aconfig/aflags/Android.bp b/tools/aconfig/aflags/Android.bp
index c65da97..b36aa34 100644
--- a/tools/aconfig/aflags/Android.bp
+++ b/tools/aconfig/aflags/Android.bp
@@ -12,6 +12,7 @@
         "libaconfig_protos",
         "libanyhow",
         "libclap",
+        "libnix",
         "libprotobuf",
         "libregex",
     ],
diff --git a/tools/aconfig/aflags/Cargo.toml b/tools/aconfig/aflags/Cargo.toml
index 3350a6cd..6a08da6 100644
--- a/tools/aconfig/aflags/Cargo.toml
+++ b/tools/aconfig/aflags/Cargo.toml
@@ -10,3 +10,4 @@
 protobuf = "3.2.0"
 regex = "1.10.3"
 aconfig_protos = { path = "../aconfig_protos" }
+nix = { version = "0.28.0", features = ["user"] }
diff --git a/tools/aconfig/aflags/src/main.rs b/tools/aconfig/aflags/src/main.rs
index ef0195f..037bbd0 100644
--- a/tools/aconfig/aflags/src/main.rs
+++ b/tools/aconfig/aflags/src/main.rs
@@ -16,13 +16,13 @@
 
 //! `aflags` is a device binary to read and write aconfig flags.
 
-use anyhow::{anyhow, Result};
+use anyhow::{anyhow, ensure, Result};
 use clap::Parser;
 
 mod device_config_source;
 use device_config_source::DeviceConfigSource;
 
-#[derive(Clone)]
+#[derive(Clone, PartialEq)]
 enum FlagPermission {
     ReadOnly,
     ReadWrite,
@@ -145,16 +145,15 @@
 }
 
 fn set_flag(qualified_name: &str, value: &str) -> Result<()> {
+    ensure!(nix::unistd::Uid::current().is_root(), "must be root to mutate flags");
+
     let flags_binding = DeviceConfigSource::list_flags()?;
     let flag = flags_binding.iter().find(|f| f.qualified_name() == qualified_name).ok_or(
         anyhow!("no aconfig flag '{qualified_name}'. Does the flag have an .aconfig definition?"),
     )?;
 
-    if let FlagPermission::ReadOnly = flag.permission {
-        return Err(anyhow!(
-            "could not write flag '{qualified_name}', it is read-only for the current release configuration.",
-        ));
-    }
+    ensure!(flag.permission == FlagPermission::ReadWrite,
+            format!("could not write flag '{qualified_name}', it is read-only for the current release configuration."));
 
     DeviceConfigSource::override_flag(&flag.namespace, qualified_name, value)?;