commit 450cacbee4df5cb2f336b7c7f6089660e86f67ee
author Iavor-Valentin Iftime <valiiftime@google.com> Mon Mar 06 17:06:11 2023 +0000
committer Android (Google) Code Review <android-gerrit@google.com> Mon Mar 06 17:06:11 2023 +0000
tree 0d485989db00c0edf1799f2311b165d6f9948bc8
parent 0e57ff90cdae3575c243d21d490e2b6384d33397
parent 5fb0705664449e2a62c6219a8a417749620bb937

Merge "[DO NO MERGE] Enforce INTERACT_ACROSS_USERS_FULL permission for NotificationAccessDetails" into rvc-dev

src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java

diff --git a/src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java b/src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java
index 58a6d7f..6a4c22e 100644
--- a/src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java
+++ b/src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java
@@ -16,6 +16,9 @@
 
 package com.android.settings.applications.specialaccess.notificationaccess;
 
+import static android.content.pm.PackageManager.PERMISSION_GRANTED;
+
+import android.Manifest;
 import android.app.Activity;
 import android.app.NotificationManager;
 import android.app.settings.SettingsEnums;
@@ -30,6 +33,7 @@
 import android.os.UserManager;
 import android.provider.Settings;
 import android.service.notification.NotificationListenerService;
+import android.text.TextUtils;
 import android.util.IconDrawableFactory;
 import android.util.Log;
 import android.util.Slog;
@@ -42,6 +46,7 @@
 import com.android.settings.R;
 import com.android.settings.applications.AppInfoBase;
 import com.android.settings.overlay.FeatureFactory;
+import com.android.settings.password.PasswordUtils;
 import com.android.settings.widget.EntityHeaderController;
 import com.android.settingslib.applications.AppUtils;
 
@@ -139,6 +144,41 @@
         return null;
     }
 
+    @Override
+    protected String retrieveAppEntry() {
+        final Bundle args = getArguments();
+        final Intent intent = (args == null) ?
+                getIntent() : (Intent) args.getParcelable("intent");
+        
+        if (intent != null && intent.hasExtra(Intent.EXTRA_USER_HANDLE)) {
+            if (!hasInteractAcrossUsersPermission()) {
+                finish();
+            }
+        }
+
+        return super.retrieveAppEntry();
+    }
+
+    private boolean hasInteractAcrossUsersPermission() {
+        final String callingPackageName = PasswordUtils.getCallingAppPackageName(
+                getActivity().getActivityToken());
+
+        if (TextUtils.isEmpty(callingPackageName)) {
+            Log.w(TAG, "Not able to get calling package name for permission check");
+            return false;
+        }
+
+        if (getContext().getPackageManager().checkPermission(
+                Manifest.permission.INTERACT_ACROSS_USERS_FULL, callingPackageName)
+                != PERMISSION_GRANTED) {
+            Log.w(TAG, "Package " + callingPackageName + " does not have required permission "
+                    + Manifest.permission.INTERACT_ACROSS_USERS_FULL);
+            return false;
+        }
+
+        return true;
+    }
+
     public void updatePreference(SwitchPreference preference) {
         final CharSequence label = mPackageInfo.applicationInfo.loadLabel(mPm);
         preference.setChecked(isServiceEnabled(mComponentName));