Merge "Disable factory reset in DSU mode" into tm-qpr-dev
diff --git a/src/com/android/settings/applications/AppInfoBase.java b/src/com/android/settings/applications/AppInfoBase.java
index 0f21097..3e91d2d7 100644
--- a/src/com/android/settings/applications/AppInfoBase.java
+++ b/src/com/android/settings/applications/AppInfoBase.java
@@ -18,6 +18,7 @@
import static com.android.settingslib.RestrictedLockUtils.EnforcedAdmin;
+import android.Manifest;
import android.app.Activity;
import android.app.Dialog;
import android.app.admin.DevicePolicyManager;
@@ -38,6 +39,7 @@
import android.text.TextUtils;
import android.util.Log;
+import androidx.annotation.VisibleForTesting;
import androidx.appcompat.app.AlertDialog;
import androidx.fragment.app.DialogFragment;
import androidx.fragment.app.Fragment;
@@ -134,8 +136,13 @@
}
}
if (intent != null && intent.hasExtra(Intent.EXTRA_USER_HANDLE)) {
- mUserId = ((UserHandle) intent.getParcelableExtra(
- Intent.EXTRA_USER_HANDLE)).getIdentifier();
+ mUserId = ((UserHandle) intent.getParcelableExtra(Intent.EXTRA_USER_HANDLE))
+ .getIdentifier();
+ if (mUserId != UserHandle.myUserId() && !hasInteractAcrossUsersPermission()) {
+ Log.w(TAG, "Intent not valid.");
+ finish();
+ return "";
+ }
} else {
mUserId = UserHandle.myUserId();
}
@@ -158,6 +165,28 @@
return mPackageName;
}
+ @VisibleForTesting
+ protected boolean hasInteractAcrossUsersPermission() {
+ Activity activity = getActivity();
+ if (!(activity instanceof SettingsActivity)) {
+ return false;
+ }
+ final String callingPackageName =
+ ((SettingsActivity) activity).getInitialCallingPackage();
+
+ if (TextUtils.isEmpty(callingPackageName)) {
+ Log.w(TAG, "Not able to get calling package name for permission check");
+ return false;
+ }
+ if (mPm.checkPermission(Manifest.permission.INTERACT_ACROSS_USERS_FULL, callingPackageName)
+ != PackageManager.PERMISSION_GRANTED) {
+ Log.w(TAG, "Package " + callingPackageName + " does not have required permission "
+ + Manifest.permission.INTERACT_ACROSS_USERS_FULL);
+ return false;
+ }
+ return true;
+ }
+
protected void setIntentAndFinish(boolean appChanged) {
Log.i(TAG, "appChanged=" + appChanged);
Intent intent = new Intent();
diff --git a/src/com/android/settings/notification/NotificationAccessConfirmationActivity.java b/src/com/android/settings/notification/NotificationAccessConfirmationActivity.java
index 9ea8c58..74b8102 100644
--- a/src/com/android/settings/notification/NotificationAccessConfirmationActivity.java
+++ b/src/com/android/settings/notification/NotificationAccessConfirmationActivity.java
@@ -31,13 +31,15 @@
import android.content.ComponentName;
import android.content.Context;
import android.content.DialogInterface;
+import android.content.Intent;
import android.content.pm.ApplicationInfo;
import android.content.pm.PackageItemInfo;
import android.content.pm.PackageManager;
-import android.content.pm.ServiceInfo;
+import android.content.pm.ResolveInfo;
import android.os.Bundle;
import android.os.UserHandle;
import android.os.UserManager;
+import android.service.notification.NotificationListenerService;
import android.text.TextUtils;
import android.util.Slog;
import android.view.WindowManager;
@@ -48,6 +50,8 @@
import com.android.internal.app.AlertController;
import com.android.settings.R;
+import java.util.List;
+
/** @hide */
public class NotificationAccessConfirmationActivity extends Activity
implements DialogInterface {
@@ -112,6 +116,31 @@
return;
}
+ // Check NLS service info.
+ String requiredPermission = Manifest.permission.BIND_NOTIFICATION_LISTENER_SERVICE;
+ Intent NLSIntent = new Intent(NotificationListenerService.SERVICE_INTERFACE);
+ List<ResolveInfo> matchedServiceList = getPackageManager().queryIntentServicesAsUser(
+ NLSIntent, /* flags */ 0, mUserId);
+ boolean hasNLSIntentFilter = false;
+ for (ResolveInfo service : matchedServiceList) {
+ if (service.serviceInfo.packageName.equals(mComponentName.getPackageName())) {
+ if (!requiredPermission.equals(service.serviceInfo.permission)) {
+ Slog.e(LOG_TAG, "Service " + mComponentName + " lacks permission "
+ + requiredPermission);
+ finish();
+ return;
+ }
+ hasNLSIntentFilter = true;
+ break;
+ }
+ }
+ if (!hasNLSIntentFilter) {
+ Slog.e(LOG_TAG, "Service " + mComponentName + " lacks an intent-filter action "
+ + "for android.service.notification.NotificationListenerService.");
+ finish();
+ return;
+ }
+
AlertController.AlertParams p = new AlertController.AlertParams(this);
p.mTitle = getString(
R.string.notification_listener_security_warning_title,
@@ -146,19 +175,6 @@
}
private void onAllow() {
- String requiredPermission = Manifest.permission.BIND_NOTIFICATION_LISTENER_SERVICE;
- try {
- ServiceInfo serviceInfo = getPackageManager().getServiceInfo(mComponentName, 0);
- if (!requiredPermission.equals(serviceInfo.permission)) {
- Slog.e(LOG_TAG,
- "Service " + mComponentName + " lacks permission " + requiredPermission);
- return;
- }
- } catch (PackageManager.NameNotFoundException e) {
- Slog.e(LOG_TAG, "Failed to get service info for " + mComponentName, e);
- return;
- }
-
mNm.setNotificationListenerAccessGranted(mComponentName, true);
finish();
@@ -170,12 +186,6 @@
}
@Override
- public void onBackPressed() {
- // Suppress finishing the activity on back button press,
- // consistently with the permission dialog behavior
- }
-
- @Override
public void cancel() {
finish();
}
diff --git a/src/com/android/settings/users/AppRestrictionsFragment.java b/src/com/android/settings/users/AppRestrictionsFragment.java
index db7612f..0676ec8 100644
--- a/src/com/android/settings/users/AppRestrictionsFragment.java
+++ b/src/com/android/settings/users/AppRestrictionsFragment.java
@@ -655,7 +655,7 @@
int requestCode = generateCustomActivityRequestCode(
RestrictionsResultReceiver.this.preference);
AppRestrictionsFragment.this.startActivityForResult(
- restrictionsIntent, requestCode);
+ new Intent(restrictionsIntent), requestCode);
}
}
}