Test if VPN app can grant ACTIVATE_PLATFORM_VPN with CONTROL_VPN
Bug: 232051081
Test: atest FrameworksNetTests:VpnTest
Change-Id: I0580baca69df6a00d59f4a387ec9b357f6c988ab
diff --git a/tests/unit/java/com/android/server/connectivity/VpnTest.java b/tests/unit/java/com/android/server/connectivity/VpnTest.java
index 8f1d3b8..487a486 100644
--- a/tests/unit/java/com/android/server/connectivity/VpnTest.java
+++ b/tests/unit/java/com/android/server/connectivity/VpnTest.java
@@ -928,6 +928,31 @@
AppOpsManager.OPSTR_ACTIVATE_PLATFORM_VPN, AppOpsManager.OPSTR_ACTIVATE_VPN);
}
+ private void setAppOpsPermission() {
+ doAnswer(invocation -> {
+ when(mAppOps.noteOpNoThrow(AppOpsManager.OPSTR_ACTIVATE_PLATFORM_VPN,
+ Process.myUid(), TEST_VPN_PKG,
+ null /* attributionTag */, null /* message */))
+ .thenReturn(AppOpsManager.MODE_ALLOWED);
+ return null;
+ }).when(mAppOps).setMode(
+ eq(AppOpsManager.OPSTR_ACTIVATE_PLATFORM_VPN),
+ eq(Process.myUid()),
+ eq(TEST_VPN_PKG),
+ eq(AppOpsManager.MODE_ALLOWED));
+ }
+
+ @Test
+ public void testProvisionVpnProfileNotPreconsented_withControlVpnPermission() throws Exception {
+ setAppOpsPermission();
+ doReturn(PERMISSION_GRANTED).when(mContext).checkCallingOrSelfPermission(CONTROL_VPN);
+ final Vpn vpn = createVpnAndSetupUidChecks();
+
+ // ACTIVATE_PLATFORM_VPN will be granted if VPN app has CONTROL_VPN permission.
+ checkProvisionVpnProfile(vpn, true /* expectedResult */,
+ AppOpsManager.OPSTR_ACTIVATE_PLATFORM_VPN);
+ }
+
@Test
public void testProvisionVpnProfileVpnServicePreconsented() throws Exception {
final Vpn vpn = createVpnAndSetupUidChecks(AppOpsManager.OPSTR_ACTIVATE_VPN);