Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Connectivity / 757159adca0931d6ba15af8a538d2069e8985642^! / .
commit757159adca0931d6ba15af8a538d2069e8985642[log] [tgz]
authorJames Mattis <jmattis@google.com>Tue Dec 28 18:27:25 2021 -0800
committerJames Mattis <jmattis@google.com>Wed Jan 05 13:54:24 2022 -0800
treea507dc180e4cccbf9e181e353421a47f2733ae4a
parent4e2be816f6a6fc9210d925c92fe39d75d3f0b87b [diff]
Moving reusable code for common net permissions.

Moving reusable code into PermissionUtils for commonly used permission
checks similar to what is already being done today for NETWORK_STACK.
Should be a no-op.

Bug: 210485380
Test: make, flash and boot
Change-Id: I3af10cf7f22f8efaa79d3c5d93119acf3ad14bac

diff --git a/staticlibs/framework/com/android/net/module/util/PermissionUtils.java b/staticlibs/framework/com/android/net/module/util/PermissionUtils.java
index 606c811..0f3dc15 100644
--- a/staticlibs/framework/com/android/net/module/util/PermissionUtils.java
+++ b/staticlibs/framework/com/android/net/module/util/PermissionUtils.java

@@ -16,6 +16,8 @@
 
 package com.android.net.module.util;
 
+import static android.Manifest.permission.ACCESS_NETWORK_STATE;
+import static android.Manifest.permission.CONNECTIVITY_USE_RESTRICTED_NETWORKS;
 import static android.Manifest.permission.NETWORK_STACK;
 import static android.content.pm.PackageManager.PERMISSION_GRANTED;
 import static android.net.NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK;
@@ -85,6 +87,30 @@
     }
 
     /**
+     * If the CONNECTIVITY_USE_RESTRICTED_NETWORKS is not allowed for a particular process, throw a
+     * {@link SecurityException}.
+     *
+     * @param context {@link android.content.Context} for the process.
+     * @param message A message to include in the exception if it is thrown.
+     */
+    public static void enforceRestrictedNetworkPermission(
+            final @NonNull Context context, final @Nullable String message) {
+        context.enforceCallingOrSelfPermission(CONNECTIVITY_USE_RESTRICTED_NETWORKS, message);
+    }
+
+    /**
+     * If the ACCESS_NETWORK_STATE is not allowed for a particular process, throw a
+     * {@link SecurityException}.
+     *
+     * @param context {@link android.content.Context} for the process.
+     * @param message A message to include in the exception if it is thrown.
+     */
+    public static void enforceAccessNetworkStatePermission(
+            final @NonNull Context context, final @Nullable String message) {
+        context.enforceCallingOrSelfPermission(ACCESS_NETWORK_STATE, message);
+    }
+
+    /**
      * Return true if the context has DUMP permission.
      */
     public static boolean checkDumpPermission(Context context, String tag, PrintWriter pw) {