Merge "Permission-annotate all AIDL methods for IAccessibilityManager" into main
diff --git a/core/java/android/view/accessibility/IAccessibilityManager.aidl b/core/java/android/view/accessibility/IAccessibilityManager.aidl
index 614df7c..cd11314 100644
--- a/core/java/android/view/accessibility/IAccessibilityManager.aidl
+++ b/core/java/android/view/accessibility/IAccessibilityManager.aidl
@@ -42,112 +42,154 @@
*/
interface IAccessibilityManager {
+ @RequiresNoPermission
oneway void interrupt(int userId);
+ @RequiresNoPermission
oneway void sendAccessibilityEvent(in AccessibilityEvent uiEvent, int userId);
+ @RequiresNoPermission
long addClient(IAccessibilityManagerClient client, int userId);
+ @RequiresNoPermission
boolean removeClient(IAccessibilityManagerClient client, int userId);
+ @RequiresNoPermission
ParceledListSlice<AccessibilityServiceInfo> getInstalledAccessibilityServiceList(int userId);
+ @RequiresNoPermission
@UnsupportedAppUsage(maxTargetSdk = 30, trackingBug = 170729553)
List<AccessibilityServiceInfo> getEnabledAccessibilityServiceList(int feedbackType, int userId);
+ @RequiresNoPermission
int addAccessibilityInteractionConnection(IWindow windowToken, IBinder leashToken,
in IAccessibilityInteractionConnection connection,
String packageName, int userId);
+ @RequiresNoPermission
void removeAccessibilityInteractionConnection(IWindow windowToken);
+ @EnforcePermission("MODIFY_ACCESSIBILITY_DATA")
void setPictureInPictureActionReplacingConnection(
in IAccessibilityInteractionConnection connection);
+ @EnforcePermission("RETRIEVE_WINDOW_CONTENT")
void registerUiTestAutomationService(IBinder owner, IAccessibilityServiceClient client,
in AccessibilityServiceInfo info, int userId, int flags);
+ @RequiresNoPermission
void unregisterUiTestAutomationService(IAccessibilityServiceClient client);
// Used by UiAutomation
+ @EnforcePermission("RETRIEVE_WINDOW_CONTENT")
IBinder getWindowToken(int windowId, int userId);
+ @EnforcePermission("STATUS_BAR_SERVICE")
void notifyAccessibilityButtonClicked(int displayId, String targetName);
+
+ @EnforcePermission("STATUS_BAR_SERVICE")
void notifyAccessibilityButtonVisibilityChanged(boolean available);
- // Requires Manifest.permission.MANAGE_ACCESSIBILITY
+ @EnforcePermission("MANAGE_ACCESSIBILITY")
void performAccessibilityShortcut(String targetName);
- // Requires Manifest.permission.MANAGE_ACCESSIBILITY
+ @EnforcePermission("MANAGE_ACCESSIBILITY")
List<String> getAccessibilityShortcutTargets(int shortcutType);
// System process only
+ @RequiresNoPermission
boolean sendFingerprintGesture(int gestureKeyCode);
// System process only
+ @RequiresNoPermission
int getAccessibilityWindowId(IBinder windowToken);
+ @RequiresNoPermission
long getRecommendedTimeoutMillis();
+ @EnforcePermission("MANAGE_ACCESSIBILITY")
oneway void registerSystemAction(in RemoteAction action, int actionId);
+
+ @EnforcePermission("MANAGE_ACCESSIBILITY")
oneway void unregisterSystemAction(int actionId);
+
+ @EnforcePermission("STATUS_BAR_SERVICE")
oneway void setMagnificationConnection(in IMagnificationConnection connection);
+ @RequiresNoPermission
void associateEmbeddedHierarchy(IBinder host, IBinder embedded);
+ @RequiresNoPermission
void disassociateEmbeddedHierarchy(IBinder token);
+ @RequiresNoPermission
int getFocusStrokeWidth();
+ @RequiresNoPermission
int getFocusColor();
+ @RequiresNoPermission
boolean isAudioDescriptionByDefaultEnabled();
- @JavaPassthrough(annotation="@android.annotation.RequiresPermission(android.Manifest.permission.SET_SYSTEM_AUDIO_CAPTION)")
+ @EnforcePermission("SET_SYSTEM_AUDIO_CAPTION")
void setSystemAudioCaptioningEnabled(boolean isEnabled, int userId);
+ @RequiresNoPermission
boolean isSystemAudioCaptioningUiEnabled(int userId);
- @JavaPassthrough(annotation="@android.annotation.RequiresPermission(android.Manifest.permission.SET_SYSTEM_AUDIO_CAPTION)")
+ @EnforcePermission("SET_SYSTEM_AUDIO_CAPTION")
void setSystemAudioCaptioningUiEnabled(boolean isEnabled, int userId);
+ @RequiresNoPermission
oneway void setAccessibilityWindowAttributes(int displayId, int windowId, int userId, in AccessibilityWindowAttributes attributes);
- @JavaPassthrough(annotation="@android.annotation.RequiresPermission(android.Manifest.permission.MANAGE_ACCESSIBILITY)")
+ // Requires CREATE_VIRTUAL_DEVICE permission. Also requires either a11y permission or role.
+ @EnforcePermission("CREATE_VIRTUAL_DEVICE")
boolean registerProxyForDisplay(IAccessibilityServiceClient proxy, int displayId);
- @JavaPassthrough(annotation="@android.annotation.RequiresPermission(android.Manifest.permission.MANAGE_ACCESSIBILITY)")
+ // Requires CREATE_VIRTUAL_DEVICE permission. Also requires either a11y permission or role.
+ @EnforcePermission("CREATE_VIRTUAL_DEVICE")
boolean unregisterProxyForDisplay(int displayId);
// Used by UiAutomation for tests on the InputFilter
+ @EnforcePermission("INJECT_EVENTS")
void injectInputEventToInputFilter(in InputEvent event);
+ @RequiresNoPermission
boolean startFlashNotificationSequence(String opPkg, int reason, IBinder token);
+
+ @RequiresNoPermission
boolean stopFlashNotificationSequence(String opPkg);
+
+ @RequiresNoPermission
boolean startFlashNotificationEvent(String opPkg, int reason, String reasonPkg);
+ @RequiresNoPermission
boolean isAccessibilityTargetAllowed(String packageName, int uid, int userId);
+
+ @RequiresNoPermission
boolean sendRestrictedDialogIntent(String packageName, int uid, int userId);
- @JavaPassthrough(annotation="@android.annotation.RequiresPermission(android.Manifest.permission.MANAGE_ACCESSIBILITY)")
+ @EnforcePermission("MANAGE_ACCESSIBILITY")
boolean isAccessibilityServiceWarningRequired(in AccessibilityServiceInfo info);
parcelable WindowTransformationSpec {
float[] transformationMatrix;
MagnificationSpec magnificationSpec;
}
+ @RequiresNoPermission
WindowTransformationSpec getWindowTransformationSpec(int windowId);
- @JavaPassthrough(annotation="@android.annotation.RequiresPermission(android.Manifest.permission.INTERNAL_SYSTEM_WINDOW)")
+ @EnforcePermission("INTERNAL_SYSTEM_WINDOW")
void attachAccessibilityOverlayToDisplay(int displayId, in SurfaceControl surfaceControl);
- @JavaPassthrough(annotation="@android.annotation.RequiresPermission(allOf={android.Manifest.permission.STATUS_BAR_SERVICE,android.Manifest.permission.MANAGE_ACCESSIBILITY})")
+ @EnforcePermission(allOf={"STATUS_BAR_SERVICE","MANAGE_ACCESSIBILITY"})
oneway void notifyQuickSettingsTilesChanged(int userId, in List<ComponentName> tileComponentNames);
- @JavaPassthrough(annotation="@android.annotation.RequiresPermission(android.Manifest.permission.MANAGE_ACCESSIBILITY)")
+ @EnforcePermission("MANAGE_ACCESSIBILITY")
oneway void enableShortcutsForTargets(boolean enable, int shortcutTypes, in List<String> shortcutTargets, int userId);
- @JavaPassthrough(annotation="@android.annotation.RequiresPermission(android.Manifest.permission.MANAGE_ACCESSIBILITY)")
+ @EnforcePermission("MANAGE_ACCESSIBILITY")
Bundle getA11yFeatureToTileMap(int userId);
}
diff --git a/services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java b/services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java
index cadbd5e..fc0fb5b 100644
--- a/services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java
+++ b/services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java
@@ -16,7 +16,15 @@
package com.android.server.accessibility;
+import static android.Manifest.permission.CREATE_VIRTUAL_DEVICE;
+import static android.Manifest.permission.INJECT_EVENTS;
import static android.Manifest.permission.INTERNAL_SYSTEM_WINDOW;
+import static android.Manifest.permission.MANAGE_ACCESSIBILITY;
+import static android.Manifest.permission.MANAGE_BIND_INSTANT_SERVICE;
+import static android.Manifest.permission.MODIFY_ACCESSIBILITY_DATA;
+import static android.Manifest.permission.RETRIEVE_WINDOW_CONTENT;
+import static android.Manifest.permission.SET_SYSTEM_AUDIO_CAPTION;
+import static android.Manifest.permission.STATUS_BAR_SERVICE;
import static android.accessibilityservice.AccessibilityServiceInfo.FLAG_REQUEST_ACCESSIBILITY_BUTTON;
import static android.accessibilityservice.AccessibilityTrace.FLAGS_ACCESSIBILITY_MANAGER;
import static android.accessibilityservice.AccessibilityTrace.FLAGS_ACCESSIBILITY_MANAGER_CLIENT;
@@ -45,7 +53,6 @@
import static com.android.server.accessibility.AccessibilityUserState.doesShortcutTargetsStringContain;
import static com.android.settingslib.RestrictedLockUtils.EnforcedAdmin;
-import android.Manifest;
import android.accessibilityservice.AccessibilityGestureEvent;
import android.accessibilityservice.AccessibilityService;
import android.accessibilityservice.AccessibilityServiceInfo;
@@ -53,9 +60,11 @@
import android.accessibilityservice.IAccessibilityServiceClient;
import android.accessibilityservice.MagnificationConfig;
import android.accessibilityservice.TouchInteractionController;
+import android.annotation.EnforcePermission;
import android.annotation.NonNull;
import android.annotation.Nullable;
-import android.annotation.RequiresPermission;
+import android.annotation.PermissionManuallyEnforced;
+import android.annotation.RequiresNoPermission;
import android.annotation.UserIdInt;
import android.app.ActivityOptions;
import android.app.AlertDialog;
@@ -95,6 +104,7 @@
import android.os.IBinder;
import android.os.Looper;
import android.os.Message;
+import android.os.PermissionEnforcer;
import android.os.PowerManager;
import android.os.Process;
import android.os.RemoteCallbackList;
@@ -204,7 +214,6 @@
* event dispatch for {@link AccessibilityEvent}s generated across all processes
* on the device. Events are dispatched to {@link AccessibilityService}s.
*/
-@SuppressWarnings("MissingPermissionAnnotation")
public class AccessibilityManagerService extends IAccessibilityManager.Stub
implements AbstractAccessibilityServiceConnection.SystemSupport,
AccessibilityUserState.ServiceInfoChangeListener,
@@ -479,7 +488,9 @@
AccessibilityDisplayListener a11yDisplayListener,
MagnificationController magnificationController,
@Nullable AccessibilityInputFilter inputFilter,
- ProxyManager proxyManager) {
+ ProxyManager proxyManager,
+ PermissionEnforcer permissionEnforcer) {
+ super(permissionEnforcer);
mContext = context;
mPowerManager = (PowerManager) mContext.getSystemService(Context.POWER_SERVICE);
mWindowManagerService = LocalServices.getService(WindowManagerInternal.class);
@@ -514,6 +525,7 @@
* @param context A {@link Context} instance.
*/
public AccessibilityManagerService(Context context) {
+ super(PermissionEnforcer.fromContext(context));
mContext = context;
mPowerManager = context.getSystemService(PowerManager.class);
mWindowManagerService = LocalServices.getService(WindowManagerInternal.class);
@@ -627,6 +639,7 @@
}
@Override
+ @RequiresNoPermission
public IAccessibilityManager.WindowTransformationSpec getWindowTransformationSpec(
int windowId) {
IAccessibilityManager.WindowTransformationSpec windowTransformationSpec =
@@ -723,8 +736,7 @@
void setBindInstantServiceAllowed(int userId, boolean allowed) {
mContext.enforceCallingOrSelfPermission(
- Manifest.permission.MANAGE_BIND_INSTANT_SERVICE,
- "setBindInstantServiceAllowed");
+ MANAGE_BIND_INSTANT_SERVICE, "setBindInstantServiceAllowed");
synchronized (mLock) {
final AccessibilityUserState userState = getUserStateLocked(userId);
if (allowed != userState.getBindInstantServiceAllowedLocked()) {
@@ -1120,6 +1132,7 @@
}
@Override
+ @RequiresNoPermission
public long addClient(IAccessibilityManagerClient callback, int userId) {
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
mTraceManager.logTrace(LOG_TAG + ".addClient", FLAGS_ACCESSIBILITY_MANAGER,
@@ -1183,6 +1196,7 @@
}
@Override
+ @RequiresNoPermission
public boolean removeClient(IAccessibilityManagerClient callback, int userId) {
// TODO(b/190216606): Add tracing for removeClient when implementation is the same in master
@@ -1211,6 +1225,7 @@
}
@Override
+ @RequiresNoPermission
public void sendAccessibilityEvent(AccessibilityEvent event, int userId) {
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
mTraceManager.logTrace(LOG_TAG + ".sendAccessibilityEvent", FLAGS_ACCESSIBILITY_MANAGER,
@@ -1327,12 +1342,13 @@
* system action.
*/
@Override
+ @EnforcePermission(MANAGE_ACCESSIBILITY)
public void registerSystemAction(RemoteAction action, int actionId) {
+ registerSystemAction_enforcePermission();
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
mTraceManager.logTrace(LOG_TAG + ".registerSystemAction",
FLAGS_ACCESSIBILITY_MANAGER, "action=" + action + ";actionId=" + actionId);
}
- mSecurityPolicy.enforceCallingOrSelfPermission(Manifest.permission.MANAGE_ACCESSIBILITY);
getSystemActionPerformer().registerSystemAction(actionId, action);
}
@@ -1342,12 +1358,14 @@
* system action.
*/
@Override
+ @EnforcePermission(MANAGE_ACCESSIBILITY)
public void unregisterSystemAction(int actionId) {
+ unregisterSystemAction_enforcePermission();
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
mTraceManager.logTrace(LOG_TAG + ".unregisterSystemAction",
FLAGS_ACCESSIBILITY_MANAGER, "actionId=" + actionId);
}
- mSecurityPolicy.enforceCallingOrSelfPermission(Manifest.permission.MANAGE_ACCESSIBILITY);
+
getSystemActionPerformer().unregisterSystemAction(actionId);
}
@@ -1360,6 +1378,7 @@
}
@Override
+ @RequiresNoPermission
public ParceledListSlice<AccessibilityServiceInfo> getInstalledAccessibilityServiceList(
int userId) {
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
@@ -1403,6 +1422,7 @@
}
@Override
+ @RequiresNoPermission
public List<AccessibilityServiceInfo> getEnabledAccessibilityServiceList(int feedbackType,
int userId) {
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
@@ -1445,6 +1465,7 @@
}
@Override
+ @RequiresNoPermission
public void interrupt(int userId) {
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
mTraceManager.logTrace(LOG_TAG + ".interrupt",
@@ -1498,6 +1519,7 @@
}
@Override
+ @RequiresNoPermission
public int addAccessibilityInteractionConnection(IWindow windowToken, IBinder leashToken,
IAccessibilityInteractionConnection connection, String packageName,
int userId) throws RemoteException {
@@ -1513,6 +1535,7 @@
}
@Override
+ @RequiresNoPermission
public void removeAccessibilityInteractionConnection(IWindow window) {
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
mTraceManager.logTrace(LOG_TAG + ".removeAccessibilityInteractionConnection",
@@ -1522,23 +1545,25 @@
}
@Override
+ @EnforcePermission(MODIFY_ACCESSIBILITY_DATA)
public void setPictureInPictureActionReplacingConnection(
IAccessibilityInteractionConnection connection) throws RemoteException {
+ setPictureInPictureActionReplacingConnection_enforcePermission();
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
mTraceManager.logTrace(LOG_TAG + ".setPictureInPictureActionReplacingConnection",
FLAGS_ACCESSIBILITY_MANAGER, "connection=" + connection);
}
- mSecurityPolicy.enforceCallingPermission(Manifest.permission.MODIFY_ACCESSIBILITY_DATA,
- SET_PIP_ACTION_REPLACEMENT);
mA11yWindowManager.setPictureInPictureActionReplacingConnection(connection);
}
@Override
+ @EnforcePermission(RETRIEVE_WINDOW_CONTENT)
public void registerUiTestAutomationService(IBinder owner,
IAccessibilityServiceClient serviceClient,
AccessibilityServiceInfo accessibilityServiceInfo,
int userId,
int flags) {
+ registerUiTestAutomationService_enforcePermission();
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
mTraceManager.logTrace(LOG_TAG + ".registerUiTestAutomationService",
FLAGS_ACCESSIBILITY_MANAGER,
@@ -1546,9 +1571,6 @@
+ ";accessibilityServiceInfo=" + accessibilityServiceInfo + ";flags=" + flags);
}
- mSecurityPolicy.enforceCallingPermission(Manifest.permission.RETRIEVE_WINDOW_CONTENT,
- FUNCTION_REGISTER_UI_TEST_AUTOMATION_SERVICE);
-
synchronized (mLock) {
changeCurrentUserForTestAutomationIfNeededLocked(userId);
mUiAutomationManager.registerUiTestAutomationServiceLocked(owner, serviceClient,
@@ -1560,6 +1582,7 @@
}
@Override
+ @RequiresNoPermission
public void unregisterUiTestAutomationService(IAccessibilityServiceClient serviceClient) {
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
mTraceManager.logTrace(LOG_TAG + ".unregisterUiTestAutomationService",
@@ -1619,15 +1642,14 @@
}
@Override
+ @EnforcePermission(RETRIEVE_WINDOW_CONTENT)
public IBinder getWindowToken(int windowId, int userId) {
+ getWindowToken_enforcePermission();
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
mTraceManager.logTrace(LOG_TAG + ".getWindowToken",
FLAGS_ACCESSIBILITY_MANAGER, "windowId=" + windowId + ";userId=" + userId);
}
- mSecurityPolicy.enforceCallingPermission(
- Manifest.permission.RETRIEVE_WINDOW_TOKEN,
- GET_WINDOW_TOKEN);
synchronized (mLock) {
// We treat calls from a profile as if made by its parent as profiles
// share the accessibility state of the parent. The call below
@@ -1663,18 +1685,15 @@
* specified target.
*/
@Override
+ @EnforcePermission(STATUS_BAR_SERVICE)
public void notifyAccessibilityButtonClicked(int displayId, String targetName) {
+ notifyAccessibilityButtonClicked_enforcePermission();
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
mTraceManager.logTrace(LOG_TAG + ".notifyAccessibilityButtonClicked",
FLAGS_ACCESSIBILITY_MANAGER,
"displayId=" + displayId + ";targetName=" + targetName);
}
- if (mContext.checkCallingOrSelfPermission(android.Manifest.permission.STATUS_BAR_SERVICE)
- != PackageManager.PERMISSION_GRANTED) {
- throw new SecurityException("Caller does not hold permission "
- + android.Manifest.permission.STATUS_BAR_SERVICE);
- }
if (targetName == null) {
synchronized (mLock) {
final AccessibilityUserState userState = getCurrentUserStateLocked();
@@ -1694,37 +1713,27 @@
* user, {@code false} otherwise
*/
@Override
+ @EnforcePermission(STATUS_BAR_SERVICE)
public void notifyAccessibilityButtonVisibilityChanged(boolean shown) {
+ notifyAccessibilityButtonVisibilityChanged_enforcePermission();
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
mTraceManager.logTrace(LOG_TAG + ".notifyAccessibilityButtonVisibilityChanged",
FLAGS_ACCESSIBILITY_MANAGER, "shown=" + shown);
}
- mSecurityPolicy.enforceCallingOrSelfPermission(
- android.Manifest.permission.STATUS_BAR_SERVICE);
synchronized (mLock) {
notifyAccessibilityButtonVisibilityChangedLocked(shown);
}
}
@Override
- @RequiresPermission(allOf = {
- Manifest.permission.STATUS_BAR_SERVICE,
- Manifest.permission.MANAGE_ACCESSIBILITY
- })
+ @EnforcePermission(allOf = { STATUS_BAR_SERVICE, MANAGE_ACCESSIBILITY })
public void notifyQuickSettingsTilesChanged(
@UserIdInt int userId, @NonNull List<ComponentName> tileComponentNames) {
+ notifyQuickSettingsTilesChanged_enforcePermission();
if (!android.view.accessibility.Flags.a11yQsShortcut()) {
return;
}
-
- mContext.enforceCallingPermission(
- Manifest.permission.STATUS_BAR_SERVICE,
- /* function= */ "notifyQuickSettingsTilesChanged");
- mContext.enforceCallingPermission(
- Manifest.permission.MANAGE_ACCESSIBILITY,
- /* function= */ "notifyQuickSettingsTilesChanged");
-
if (DEBUG) {
Slog.d(LOG_TAG, TextUtils.formatSimple(
"notifyQuickSettingsTilesChanged userId: %d, tileComponentNames: %s",
@@ -3953,19 +3962,15 @@
* class implementing a supported accessibility feature, or {@code null} if there's no
* specified target.
*/
+ @EnforcePermission(MANAGE_ACCESSIBILITY)
@Override
public void performAccessibilityShortcut(String targetName) {
+ performAccessibilityShortcut_enforcePermission();
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
mTraceManager.logTrace(LOG_TAG + ".performAccessibilityShortcut",
FLAGS_ACCESSIBILITY_MANAGER, "targetName=" + targetName);
}
- if ((UserHandle.getAppId(Binder.getCallingUid()) != Process.SYSTEM_UID)
- && (mContext.checkCallingPermission(Manifest.permission.MANAGE_ACCESSIBILITY)
- != PackageManager.PERMISSION_GRANTED)) {
- throw new SecurityException(
- "performAccessibilityShortcut requires the MANAGE_ACCESSIBILITY permission");
- }
mMainHandler.sendMessage(obtainMessage(
AccessibilityManagerService::performAccessibilityShortcutInternal, this,
Display.DEFAULT_DISPLAY, UserShortcutType.HARDWARE, targetName));
@@ -4172,16 +4177,11 @@
* @hide
*/
@Override
+ @EnforcePermission(MANAGE_ACCESSIBILITY)
public void enableShortcutsForTargets(
boolean enable, @UserShortcutType int shortcutTypes,
@NonNull List<String> shortcutTargets, @UserIdInt int userId) {
- if (android.view.accessibility.Flags.migrateEnableShortcuts()) {
- mContext.enforceCallingOrSelfPermission(
- Manifest.permission.MANAGE_ACCESSIBILITY, "enableShortcutsForTargets");
- } else {
- mContext.enforceCallingPermission(
- Manifest.permission.MANAGE_ACCESSIBILITY, "enableShortcutsForTargets");
- }
+ enableShortcutsForTargets_enforcePermission();
for (int shortcutType : USER_SHORTCUT_TYPES) {
if ((shortcutTypes & shortcutType) == shortcutType) {
enableShortcutForTargets(enable, shortcutType, shortcutTargets, userId);
@@ -4376,10 +4376,9 @@
}
@Override
+ @EnforcePermission(MANAGE_ACCESSIBILITY)
public Bundle getA11yFeatureToTileMap(@UserIdInt int userId) {
- mContext.enforceCallingPermission(
- Manifest.permission.MANAGE_ACCESSIBILITY, "getA11yFeatureToTileMap");
-
+ getA11yFeatureToTileMap_enforcePermission();
Bundle bundle = new Bundle();
Map<ComponentName, ComponentName> a11yFeatureToTile =
getA11yFeatureToTileMapInternal(userId);
@@ -4435,17 +4434,13 @@
}
@Override
+ @EnforcePermission(MANAGE_ACCESSIBILITY)
public List<String> getAccessibilityShortcutTargets(@UserShortcutType int shortcutType) {
+ getAccessibilityShortcutTargets_enforcePermission();
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
mTraceManager.logTrace(LOG_TAG + ".getAccessibilityShortcutTargets",
FLAGS_ACCESSIBILITY_MANAGER, "shortcutType=" + shortcutType);
}
-
- if (mContext.checkCallingOrSelfPermission(Manifest.permission.MANAGE_ACCESSIBILITY)
- != PackageManager.PERMISSION_GRANTED) {
- throw new SecurityException(
- "getAccessibilityShortcutService requires the MANAGE_ACCESSIBILITY permission");
- }
return getAccessibilityShortcutTargetsInternal(shortcutType);
}
@@ -4536,6 +4531,7 @@
* doesn't.
*/
@Override
+ @RequiresNoPermission
public boolean sendFingerprintGesture(int gestureKeyCode) {
if (mTraceManager.isA11yTracingEnabledForTypes(
FLAGS_ACCESSIBILITY_MANAGER | FLAGS_FINGERPRINT)) {
@@ -4546,6 +4542,8 @@
synchronized(mLock) {
if (UserHandle.getAppId(Binder.getCallingUid()) != Process.SYSTEM_UID) {
+ // TODO(b/333547153) remove the AIDL definitions for these functions that are
+ // restricted to system server and move them to AccessibilityManagerInternal.
throw new SecurityException("Only SYSTEM can call sendFingerprintGesture");
}
}
@@ -4564,6 +4562,7 @@
* registered.
*/
@Override
+ @RequiresNoPermission
public int getAccessibilityWindowId(@Nullable IBinder windowToken) {
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
mTraceManager.logTrace(LOG_TAG + ".getAccessibilityWindowId",
@@ -4586,6 +4585,7 @@
* integer for non-interactive one.
*/
@Override
+ @RequiresNoPermission
public long getRecommendedTimeoutMillis() {
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
mTraceManager.logTrace(
@@ -4610,8 +4610,10 @@
}
@Override
+ @EnforcePermission(STATUS_BAR_SERVICE)
public void setMagnificationConnection(
IMagnificationConnection connection) throws RemoteException {
+ setMagnificationConnection_enforcePermission();
if (mTraceManager.isA11yTracingEnabledForTypes(
FLAGS_ACCESSIBILITY_MANAGER | FLAGS_MAGNIFICATION_CONNECTION)) {
mTraceManager.logTrace(LOG_TAG + ".setMagnificationConnection",
@@ -4619,9 +4621,6 @@
"connection=" + connection);
}
- mSecurityPolicy.enforceCallingOrSelfPermission(
- android.Manifest.permission.STATUS_BAR_SERVICE);
-
getMagnificationConnectionManager().setConnection(connection);
if (com.android.window.flags.Flags.alwaysDrawMagnificationFullscreenBorder()
@@ -4660,6 +4659,7 @@
}
@Override
+ @RequiresNoPermission
public void associateEmbeddedHierarchy(@NonNull IBinder host, @NonNull IBinder embedded) {
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
mTraceManager.logTrace(LOG_TAG + ".associateEmbeddedHierarchy",
@@ -4672,6 +4672,7 @@
}
@Override
+ @RequiresNoPermission
public void disassociateEmbeddedHierarchy(@NonNull IBinder token) {
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
mTraceManager.logTrace(LOG_TAG + ".disassociateEmbeddedHierarchy",
@@ -4688,6 +4689,7 @@
* @return The stroke width.
*/
@Override
+ @RequiresNoPermission
public int getFocusStrokeWidth() {
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
mTraceManager.logTrace(LOG_TAG + ".getFocusStrokeWidth", FLAGS_ACCESSIBILITY_MANAGER);
@@ -4709,6 +4711,7 @@
* @return The color.
*/
@Override
+ @RequiresNoPermission
public int getFocusColor() {
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
mTraceManager.logTrace(LOG_TAG + ".getFocusColor", FLAGS_ACCESSIBILITY_MANAGER);
@@ -4730,6 +4733,7 @@
* @return {@code true} if the audio description is enabled, {@code false} otherwise.
*/
@Override
+ @RequiresNoPermission
public boolean isAudioDescriptionByDefaultEnabled() {
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
mTraceManager.logTrace(LOG_TAG + ".isAudioDescriptionByDefaultEnabled",
@@ -4752,6 +4756,7 @@
* @param attributes The accessibility window attributes.
*/
@Override
+ @RequiresNoPermission
public void setAccessibilityWindowAttributes(int displayId, int windowId, int userId,
AccessibilityWindowAttributes attributes) {
if (mTraceManager.isA11yTracingEnabledForTypes(FLAGS_ACCESSIBILITY_MANAGER)) {
@@ -4763,34 +4768,30 @@
}
@Override
- @RequiresPermission(Manifest.permission.SET_SYSTEM_AUDIO_CAPTION)
+ @EnforcePermission(SET_SYSTEM_AUDIO_CAPTION)
public void setSystemAudioCaptioningEnabled(boolean isEnabled, int userId) {
- mContext.enforceCallingOrSelfPermission(
- Manifest.permission.SET_SYSTEM_AUDIO_CAPTION,
- "setSystemAudioCaptioningEnabled");
-
+ setSystemAudioCaptioningEnabled_enforcePermission();
mCaptioningManagerImpl.setSystemAudioCaptioningEnabled(isEnabled, userId);
}
@Override
+ @RequiresNoPermission
public boolean isSystemAudioCaptioningUiEnabled(int userId) {
return mCaptioningManagerImpl.isSystemAudioCaptioningUiEnabled(userId);
}
@Override
- @RequiresPermission(Manifest.permission.SET_SYSTEM_AUDIO_CAPTION)
+ @EnforcePermission(SET_SYSTEM_AUDIO_CAPTION)
public void setSystemAudioCaptioningUiEnabled(boolean isEnabled, int userId) {
- mContext.enforceCallingOrSelfPermission(
- Manifest.permission.SET_SYSTEM_AUDIO_CAPTION,
- "setSystemAudioCaptioningUiEnabled");
-
+ setSystemAudioCaptioningUiEnabled_enforcePermission();
mCaptioningManagerImpl.setSystemAudioCaptioningUiEnabled(isEnabled, userId);
}
@Override
+ @EnforcePermission(CREATE_VIRTUAL_DEVICE)
public boolean registerProxyForDisplay(IAccessibilityServiceClient client, int displayId)
throws RemoteException {
- mSecurityPolicy.enforceCallingOrSelfPermission(Manifest.permission.CREATE_VIRTUAL_DEVICE);
+ registerProxyForDisplay_enforcePermission();
mSecurityPolicy.checkForAccessibilityPermissionOrRole();
if (client == null) {
return false;
@@ -4826,8 +4827,9 @@
}
@Override
+ @EnforcePermission(CREATE_VIRTUAL_DEVICE)
public boolean unregisterProxyForDisplay(int displayId) {
- mSecurityPolicy.enforceCallingOrSelfPermission(Manifest.permission.CREATE_VIRTUAL_DEVICE);
+ unregisterProxyForDisplay_enforcePermission();
mSecurityPolicy.checkForAccessibilityPermissionOrRole();
final long identity = Binder.clearCallingIdentity();
try {
@@ -4842,6 +4844,7 @@
}
@Override
+ @RequiresNoPermission
public boolean startFlashNotificationSequence(String opPkg,
@FlashNotificationReason int reason, IBinder token) {
final long identity = Binder.clearCallingIdentity();
@@ -4854,6 +4857,7 @@
}
@Override
+ @RequiresNoPermission
public boolean stopFlashNotificationSequence(String opPkg) {
final long identity = Binder.clearCallingIdentity();
try {
@@ -4864,6 +4868,7 @@
}
@Override
+ @RequiresNoPermission
public boolean startFlashNotificationEvent(String opPkg,
@FlashNotificationReason int reason, String reasonPkg) {
final long identity = Binder.clearCallingIdentity();
@@ -4876,6 +4881,7 @@
}
@Override
+ @RequiresNoPermission
public boolean isAccessibilityTargetAllowed(String packageName, int uid, int userId) {
final long identity = Binder.clearCallingIdentity();
try {
@@ -4917,6 +4923,7 @@
}
@Override
+ @RequiresNoPermission
public boolean sendRestrictedDialogIntent(String packageName, int uid, int userId) {
// The accessibility service is allowed. Don't show the restricted dialog.
if (isAccessibilityTargetAllowed(packageName, uid, userId)) {
@@ -4950,8 +4957,9 @@
}
@Override
+ @EnforcePermission(MANAGE_ACCESSIBILITY)
public boolean isAccessibilityServiceWarningRequired(AccessibilityServiceInfo info) {
- mSecurityPolicy.enforceCallingOrSelfPermission(Manifest.permission.MANAGE_ACCESSIBILITY);
+ isAccessibilityServiceWarningRequired_enforcePermission();
final ComponentName componentName = info.getComponentName();
// Warning is not required if the service is already enabled.
@@ -4997,6 +5005,7 @@
}
@Override
+ @PermissionManuallyEnforced // DUMP
public void dump(FileDescriptor fd, final PrintWriter pw, String[] args) {
if (!DumpUtils.checkDumpPermission(mContext, LOG_TAG, pw)) return;
synchronized (mLock) {
@@ -5139,6 +5148,7 @@
}
@Override
+ @RequiresNoPermission
public void onShellCommand(FileDescriptor in, FileDescriptor out,
FileDescriptor err, String[] args, ShellCallback callback,
ResultReceiver resultReceiver) {
@@ -6159,9 +6169,9 @@
}
@Override
+ @EnforcePermission(INJECT_EVENTS)
public void injectInputEventToInputFilter(InputEvent event) {
- mSecurityPolicy.enforceCallingPermission(Manifest.permission.INJECT_EVENTS,
- "injectInputEventToInputFilter");
+ injectInputEventToInputFilter_enforcePermission();
synchronized (mLock) {
final long endMillis =
SystemClock.uptimeMillis() + WAIT_INPUT_FILTER_INSTALL_TIMEOUT_MS;
@@ -6246,11 +6256,11 @@
}
}
+ /** Used to attach accessibility overlays from the system itself i.e. magnification. */
+ @EnforcePermission(INTERNAL_SYSTEM_WINDOW)
@Override
- public void attachAccessibilityOverlayToDisplay(
- int displayId, SurfaceControl sc) {
- mContext.enforceCallingPermission(
- INTERNAL_SYSTEM_WINDOW, "attachAccessibilityOverlayToDisplay");
+ public void attachAccessibilityOverlayToDisplay(int displayId, SurfaceControl sc) {
+ attachAccessibilityOverlayToDisplay_enforcePermission();
mMainHandler.sendMessage(
obtainMessage(
AccessibilityManagerService::attachAccessibilityOverlayToDisplayInternal,
@@ -6261,6 +6271,7 @@
null));
}
+ /** Called by services to attach accessibility overlays. */
@Override
public void attachAccessibilityOverlayToDisplay(
int interactionId,
diff --git a/services/tests/servicestests/src/com/android/server/accessibility/AccessibilityManagerServiceTest.java b/services/tests/servicestests/src/com/android/server/accessibility/AccessibilityManagerServiceTest.java
index 6cc650f..cb4fc75 100644
--- a/services/tests/servicestests/src/com/android/server/accessibility/AccessibilityManagerServiceTest.java
+++ b/services/tests/servicestests/src/com/android/server/accessibility/AccessibilityManagerServiceTest.java
@@ -69,8 +69,10 @@
import android.os.Handler;
import android.os.IBinder;
import android.os.LocaleList;
+import android.os.PermissionEnforcer;
import android.os.RemoteException;
import android.os.UserHandle;
+import android.os.test.FakePermissionEnforcer;
import android.platform.test.annotations.DisableFlags;
import android.platform.test.annotations.EnableFlags;
import android.platform.test.flag.junit.SetFlagsRule;
@@ -200,25 +202,26 @@
private AccessibilityManagerService mA11yms;
private TestableLooper mTestableLooper;
private Handler mHandler;
+ private FakePermissionEnforcer mFakePermissionEnforcer;
@Before
public void setUp() throws Exception {
MockitoAnnotations.initMocks(this);
mTestableLooper = TestableLooper.get(this);
mHandler = new Handler(mTestableLooper.getLooper());
-
+ mFakePermissionEnforcer = new FakePermissionEnforcer();
LocalServices.removeServiceForTest(WindowManagerInternal.class);
LocalServices.removeServiceForTest(ActivityTaskManagerInternal.class);
LocalServices.removeServiceForTest(UserManagerInternal.class);
LocalServices.removeServiceForTest(StatusBarManagerInternal.class);
+ LocalServices.removeServiceForTest(PermissionEnforcer.class);
LocalServices.addService(
WindowManagerInternal.class, mMockWindowManagerService);
LocalServices.addService(
ActivityTaskManagerInternal.class, mMockActivityTaskManagerInternal);
LocalServices.addService(
UserManagerInternal.class, mMockUserManagerInternal);
- LocalServices.addService(
- StatusBarManagerInternal.class, mStatusBarManagerInternal);
+ LocalServices.addService(StatusBarManagerInternal.class, mStatusBarManagerInternal);
mInputFilter = Mockito.mock(FakeInputFilter.class);
when(mMockMagnificationController.getMagnificationConnectionManager()).thenReturn(
@@ -253,7 +256,8 @@
mMockA11yDisplayListener,
mMockMagnificationController,
mInputFilter,
- mProxyManager);
+ mProxyManager,
+ mFakePermissionEnforcer);
final AccessibilityUserState userState = new AccessibilityUserState(
mA11yms.getCurrentUserIdLocked(), mTestableContext, mA11yms);
@@ -310,9 +314,7 @@
@SmallTest
@Test
public void testRegisterSystemActionWithoutPermission() throws Exception {
- doThrow(SecurityException.class).when(mMockSecurityPolicy)
- .enforceCallingOrSelfPermission(Manifest.permission.MANAGE_ACCESSIBILITY);
-
+ mFakePermissionEnforcer.revoke(Manifest.permission.MANAGE_ACCESSIBILITY);
assertThrows(SecurityException.class,
() -> mA11yms.registerSystemAction(TEST_ACTION, ACTION_ID));
verify(mMockSystemActionPerformer, never()).registerSystemAction(ACTION_ID, TEST_ACTION);
@@ -321,15 +323,14 @@
@SmallTest
@Test
public void testRegisterSystemAction() throws Exception {
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
mA11yms.registerSystemAction(TEST_ACTION, ACTION_ID);
verify(mMockSystemActionPerformer).registerSystemAction(ACTION_ID, TEST_ACTION);
}
@Test
public void testUnregisterSystemActionWithoutPermission() throws Exception {
- doThrow(SecurityException.class).when(mMockSecurityPolicy)
- .enforceCallingOrSelfPermission(Manifest.permission.MANAGE_ACCESSIBILITY);
-
+ mFakePermissionEnforcer.revoke(Manifest.permission.MANAGE_ACCESSIBILITY);
assertThrows(SecurityException.class,
() -> mA11yms.unregisterSystemAction(ACTION_ID));
verify(mMockSystemActionPerformer, never()).unregisterSystemAction(ACTION_ID);
@@ -338,6 +339,7 @@
@SmallTest
@Test
public void testUnregisterSystemAction() throws Exception {
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
mA11yms.unregisterSystemAction(ACTION_ID);
verify(mMockSystemActionPerformer).unregisterSystemAction(ACTION_ID);
}
@@ -358,6 +360,7 @@
@SmallTest
@Test
public void testRegisterProxy() throws Exception {
+ mFakePermissionEnforcer.grant(Manifest.permission.CREATE_VIRTUAL_DEVICE);
when(mProxyManager.displayBelongsToCaller(anyInt(), anyInt())).thenReturn(true);
mA11yms.registerProxyForDisplay(mMockServiceClient, TEST_DISPLAY);
verify(mProxyManager).registerProxy(eq(mMockServiceClient), eq(TEST_DISPLAY), anyInt(),
@@ -369,6 +372,7 @@
@SmallTest
@Test
public void testRegisterProxyWithoutA11yPermissionOrRole() throws Exception {
+ mFakePermissionEnforcer.grant(Manifest.permission.CREATE_VIRTUAL_DEVICE);
doThrow(SecurityException.class).when(mMockSecurityPolicy)
.checkForAccessibilityPermissionOrRole();
@@ -381,9 +385,7 @@
@SmallTest
@Test
public void testRegisterProxyWithoutDevicePermission() throws Exception {
- doThrow(SecurityException.class).when(mMockSecurityPolicy)
- .enforceCallingOrSelfPermission(Manifest.permission.CREATE_VIRTUAL_DEVICE);
-
+ mFakePermissionEnforcer.revoke(Manifest.permission.CREATE_VIRTUAL_DEVICE);
assertThrows(SecurityException.class,
() -> mA11yms.registerProxyForDisplay(mMockServiceClient, TEST_DISPLAY));
verify(mProxyManager, never()).registerProxy(any(), anyInt(), anyInt(), any(),
@@ -402,6 +404,7 @@
@SmallTest
@Test
public void testRegisterProxyForInvalidDisplay() throws Exception {
+ mFakePermissionEnforcer.grant(Manifest.permission.CREATE_VIRTUAL_DEVICE);
assertThrows(IllegalArgumentException.class,
() -> mA11yms.registerProxyForDisplay(mMockServiceClient, Display.INVALID_DISPLAY));
verify(mProxyManager, never()).registerProxy(any(), anyInt(), anyInt(), any(),
@@ -411,6 +414,7 @@
@SmallTest
@Test
public void testUnRegisterProxyWithPermission() throws Exception {
+ mFakePermissionEnforcer.grant(Manifest.permission.CREATE_VIRTUAL_DEVICE);
when(mProxyManager.displayBelongsToCaller(anyInt(), anyInt())).thenReturn(true);
mA11yms.registerProxyForDisplay(mMockServiceClient, TEST_DISPLAY);
mA11yms.unregisterProxyForDisplay(TEST_DISPLAY);
@@ -432,9 +436,7 @@
@SmallTest
@Test
public void testUnRegisterProxyWithoutDevicePermission() {
- doThrow(SecurityException.class).when(mMockSecurityPolicy)
- .enforceCallingOrSelfPermission(Manifest.permission.CREATE_VIRTUAL_DEVICE);
-
+ mFakePermissionEnforcer.revoke(Manifest.permission.CREATE_VIRTUAL_DEVICE);
assertThrows(SecurityException.class,
() -> mA11yms.unregisterProxyForDisplay(TEST_DISPLAY));
verify(mProxyManager, never()).unregisterProxy(TEST_DISPLAY);
@@ -577,6 +579,7 @@
@EnableFlags(FLAG_ALWAYS_DRAW_MAGNIFICATION_FULLSCREEN_BORDER)
public void testSetConnectionNull_borderFlagEnabled_unregisterFullScreenMagnification()
throws RemoteException {
+ mFakePermissionEnforcer.grant(Manifest.permission.STATUS_BAR_SERVICE);
mA11yms.setMagnificationConnection(null);
verify(mMockFullScreenMagnificationController, atLeastOnce()).reset(
@@ -789,7 +792,7 @@
public void testPerformAccessibilityShortcut_hearingAids_startActivityWithExpectedComponent() {
final AccessibilityUserState userState = mA11yms.mUserStates.get(
mA11yms.getCurrentUserIdLocked());
- mockManageAccessibilityGranted(mTestableContext);
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
userState.mAccessibilityShortcutKeyTargets.add(
ACCESSIBILITY_HEARING_AIDS_COMPONENT_NAME.flattenToString());
@@ -807,7 +810,7 @@
public void testPerformAccessibilityShortcut_hearingAids_sendExpectedBroadcast() {
final AccessibilityUserState userState = mA11yms.mUserStates.get(
mA11yms.getCurrentUserIdLocked());
- mockManageAccessibilityGranted(mTestableContext);
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
userState.mAccessibilityShortcutKeyTargets.add(
ACCESSIBILITY_HEARING_AIDS_COMPONENT_NAME.flattenToString());
@@ -921,7 +924,7 @@
@Test
public void testIsAccessibilityServiceWarningRequired_requiredByDefault() {
- mockManageAccessibilityGranted(mTestableContext);
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
final AccessibilityServiceInfo info = mockAccessibilityServiceInfo(COMPONENT_NAME);
assertThat(mA11yms.isAccessibilityServiceWarningRequired(info)).isTrue();
@@ -929,7 +932,7 @@
@Test
public void testIsAccessibilityServiceWarningRequired_notRequiredIfAlreadyEnabled() {
- mockManageAccessibilityGranted(mTestableContext);
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
final AccessibilityServiceInfo info_a = mockAccessibilityServiceInfo(COMPONENT_NAME);
final AccessibilityServiceInfo info_b = mockAccessibilityServiceInfo(
new ComponentName("package_b", "class_b"));
@@ -943,7 +946,7 @@
@Test
public void testIsAccessibilityServiceWarningRequired_notRequiredIfExistingShortcut() {
- mockManageAccessibilityGranted(mTestableContext);
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
final AccessibilityServiceInfo info_a = mockAccessibilityServiceInfo(
new ComponentName("package_a", "class_a"));
final AccessibilityServiceInfo info_b = mockAccessibilityServiceInfo(
@@ -964,7 +967,7 @@
@Test
@EnableFlags(FLAG_SKIP_ACCESSIBILITY_WARNING_DIALOG_FOR_TRUSTED_SERVICES)
public void testIsAccessibilityServiceWarningRequired_notRequiredIfAllowlisted() {
- mockManageAccessibilityGranted(mTestableContext);
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
final AccessibilityServiceInfo info_a = mockAccessibilityServiceInfo(
new ComponentName("package_a", "class_a"),
/* isSystemApp= */ true, /* isAlwaysOnService= */ false);
@@ -1007,7 +1010,7 @@
// TODO(b/111889696): Remove the user 0 assumption once we support multi-user
Assume.assumeTrue("The test is setup to run as a user 0",
isSameCurrentUser(mA11yms, mTestableContext));
- mockManageAccessibilityGranted(mTestableContext);
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
setupShortcutTargetServices();
String target = TARGET_ALWAYS_ON_A11Y_SERVICE.flattenToString();
@@ -1035,7 +1038,7 @@
AccessibilityShortcutController.DialogStatus.NOT_SHOWN
);
- mockManageAccessibilityGranted(mTestableContext);
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
setupShortcutTargetServices();
String target = TARGET_ALWAYS_ON_A11Y_SERVICE.flattenToString();
@@ -1079,7 +1082,7 @@
// TODO(b/111889696): Remove the user 0 assumption once we support multi-user
Assume.assumeTrue("The test is setup to run as a user 0",
isSameCurrentUser(mA11yms, mTestableContext));
- mockManageAccessibilityGranted(mTestableContext);
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
mA11yms.enableShortcutsForTargets(
/* enable= */ true,
@@ -1098,7 +1101,7 @@
@Test
public void enableShortcutsForTargets_enableSoftwareShortcutWithMagnification_userConfigureSmallMenuSize_menuSizeNotChanged() {
- mockManageAccessibilityGranted(mTestableContext);
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
Settings.Secure.putInt(
mTestableContext.getContentResolver(),
Settings.Secure.ACCESSIBILITY_FLOATING_MENU_SIZE,
@@ -1125,7 +1128,7 @@
// TODO(b/111889696): Remove the user 0 assumption once we support multi-user
Assume.assumeTrue("The test is setup to run as a user 0",
isSameCurrentUser(mA11yms, mTestableContext));
- mockManageAccessibilityGranted(mTestableContext);
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
setupShortcutTargetServices();
mA11yms.enableShortcutsForTargets(
@@ -1167,7 +1170,7 @@
@Test
public void enableShortcutsForTargets_enableStandardServiceSoftwareShortcut_wontTurnOnService()
throws Exception {
- mockManageAccessibilityGranted(mTestableContext);
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
setupShortcutTargetServices();
mA11yms.enableShortcutsForTargets(
@@ -1213,7 +1216,7 @@
// TODO(b/111889696): Remove the user 0 assumption once we support multi-user
Assume.assumeTrue("The test is setup to run as a user 0",
isSameCurrentUser(mA11yms, mTestableContext));
- mockManageAccessibilityGranted(mTestableContext);
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
mA11yms.enableShortcutsForTargets(
/* enable= */ true,
@@ -1256,7 +1259,7 @@
// TODO(b/111889696): Remove the user 0 assumption once we support multi-user
Assume.assumeTrue("The test is setup to run as a user 0",
isSameCurrentUser(mA11yms, mTestableContext));
- mockManageAccessibilityGranted(mTestableContext);
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
mA11yms.enableShortcutsForTargets(
/* enable= */ true,
@@ -1300,7 +1303,7 @@
// TODO(b/111889696): Remove the user 0 assumption once we support multi-user
Assume.assumeTrue("The test is setup to run as a user 0",
isSameCurrentUser(mA11yms, mTestableContext));
- mockManageAccessibilityGranted(mTestableContext);
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
setupShortcutTargetServices();
mA11yms.enableShortcutsForTargets(
@@ -1332,10 +1335,11 @@
mTestableLooper.processAllMessages();
assertThat(
- ShortcutUtils.isComponentIdExistingInSettings(
- mTestableContext, ShortcutConstants.UserShortcutType.HARDWARE,
- TARGET_STANDARD_A11Y_SERVICE.flattenToString())
- ).isFalse();
+ ShortcutUtils.isComponentIdExistingInSettings(
+ mTestableContext,
+ ShortcutConstants.UserShortcutType.HARDWARE,
+ TARGET_STANDARD_A11Y_SERVICE.flattenToString()))
+ .isFalse();
}
@Test
@@ -1343,7 +1347,7 @@
// TODO(b/111889696): Remove the user 0 assumption once we support multi-user
Assume.assumeTrue("The test is setup to run as a user 0",
isSameCurrentUser(mA11yms, mTestableContext));
- mockManageAccessibilityGranted(mTestableContext);
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
setupShortcutTargetServices();
mA11yms.enableShortcutsForTargets(
@@ -1403,7 +1407,7 @@
@Test
public void getA11yFeatureToTileMap() {
- mockManageAccessibilityGranted(mTestableContext);
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
setupShortcutTargetServices();
Bundle bundle = mA11yms.getA11yFeatureToTileMap(mA11yms.getCurrentUserIdLocked());
@@ -1428,9 +1432,8 @@
@Test
@EnableFlags(android.view.accessibility.Flags.FLAG_A11Y_QS_SHORTCUT)
public void notifyQuickSettingsTilesChanged_statusBarServiceNotGranted_throwsException() {
- mTestableContext.getTestablePermissions().setPermission(
- Manifest.permission.STATUS_BAR_SERVICE, PackageManager.PERMISSION_DENIED);
- mockManageAccessibilityGranted(mTestableContext);
+ mFakePermissionEnforcer.revoke(Manifest.permission.STATUS_BAR_SERVICE);
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
assertThrows(SecurityException.class,
() -> mA11yms.notifyQuickSettingsTilesChanged(
@@ -1442,7 +1445,7 @@
@Test
@EnableFlags(android.view.accessibility.Flags.FLAG_A11Y_QS_SHORTCUT)
public void notifyQuickSettingsTilesChanged_manageAccessibilityNotGranted_throwsException() {
- mockStatusBarServiceGranted(mTestableContext);
+ mFakePermissionEnforcer.grant(Manifest.permission.STATUS_BAR_SERVICE);
mTestableContext.getTestablePermissions().setPermission(
Manifest.permission.STATUS_BAR_SERVICE, PackageManager.PERMISSION_DENIED);
@@ -1456,8 +1459,8 @@
@Test
@EnableFlags(android.view.accessibility.Flags.FLAG_A11Y_QS_SHORTCUT)
public void notifyQuickSettingsTilesChanged_qsTileChanges_updateA11yTilesInQsPanel() {
- mockStatusBarServiceGranted(mTestableContext);
- mockManageAccessibilityGranted(mTestableContext);
+ mFakePermissionEnforcer.grant(Manifest.permission.STATUS_BAR_SERVICE);
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
List<ComponentName> tiles = List.of(
AccessibilityShortcutController.DALTONIZER_TILE_COMPONENT_NAME,
AccessibilityShortcutController.COLOR_INVERSION_TILE_COMPONENT_NAME
@@ -1493,8 +1496,8 @@
@Test
@EnableFlags(android.view.accessibility.Flags.FLAG_A11Y_QS_SHORTCUT)
public void notifyQuickSettingsTilesChanged_serviceWarningRequired_qsShortcutRemainDisabled() {
- mockStatusBarServiceGranted(mTestableContext);
- mockManageAccessibilityGranted(mTestableContext);
+ mFakePermissionEnforcer.grant(Manifest.permission.STATUS_BAR_SERVICE);
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
setupShortcutTargetServices();
ComponentName tile = new ComponentName(
TARGET_ALWAYS_ON_A11Y_SERVICE.getPackageName(),
@@ -1511,8 +1514,8 @@
@Test
@EnableFlags(android.view.accessibility.Flags.FLAG_A11Y_QS_SHORTCUT)
public void notifyQuickSettingsTilesChanged_serviceWarningNotRequired_qsShortcutEnabled() {
- mockStatusBarServiceGranted(mTestableContext);
- mockManageAccessibilityGranted(mTestableContext);
+ mFakePermissionEnforcer.grant(Manifest.permission.STATUS_BAR_SERVICE);
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
setupShortcutTargetServices();
final AccessibilityUserState userState = mA11yms.getCurrentUserState();
userState.mAccessibilityButtonTargets.clear();
@@ -1533,8 +1536,8 @@
@Test
@EnableFlags(android.view.accessibility.Flags.FLAG_A11Y_QS_SHORTCUT)
public void notifyQuickSettingsTilesChanged_addFrameworkTile_qsShortcutEnabled() {
- mockStatusBarServiceGranted(mTestableContext);
- mockManageAccessibilityGranted(mTestableContext);
+ mFakePermissionEnforcer.grant(Manifest.permission.STATUS_BAR_SERVICE);
+ mFakePermissionEnforcer.grant(Manifest.permission.MANAGE_ACCESSIBILITY);
List<ComponentName> tiles = List.of(
AccessibilityShortcutController.DALTONIZER_TILE_COMPONENT_NAME,
AccessibilityShortcutController.COLOR_INVERSION_TILE_COMPONENT_NAME
@@ -1661,16 +1664,6 @@
return lockState;
}
- private void mockManageAccessibilityGranted(TestableContext context) {
- context.getTestablePermissions().setPermission(Manifest.permission.MANAGE_ACCESSIBILITY,
- PackageManager.PERMISSION_GRANTED);
- }
-
- private void mockStatusBarServiceGranted(TestableContext context) {
- context.getTestablePermissions().setPermission(Manifest.permission.STATUS_BAR_SERVICE,
- PackageManager.PERMISSION_GRANTED);
- }
-
private void assertStartActivityWithExpectedComponentName(Context mockContext,
String componentName) {
verify(mockContext).startActivityAsUser(mIntentArgumentCaptor.capture(),