Merge "Fix blocked status error message"
diff --git a/staticlibs/framework/com/android/net/module/util/BestClock.java b/staticlibs/framework/com/android/net/module/util/BestClock.java
new file mode 100644
index 0000000..35391ad
--- /dev/null
+++ b/staticlibs/framework/com/android/net/module/util/BestClock.java
@@ -0,0 +1,78 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.net.module.util;
+
+import android.util.Log;
+
+import java.time.Clock;
+import java.time.DateTimeException;
+import java.time.Instant;
+import java.time.ZoneId;
+import java.util.Arrays;
+
+/**
+ * Single {@link Clock} that will return the best available time from a set of
+ * prioritized {@link Clock} instances.
+ * <p>
+ * For example, when {@link SystemClock#currentNetworkTimeClock()} isn't able to
+ * provide the time, this class could use {@link Clock#systemUTC()} instead.
+ *
+ * Note that this is re-implemented based on {@code android.os.BestClock} to be used inside
+ * the mainline module. And the class does NOT support serialization.
+ *
+ * @hide
+ */
+final public class BestClock extends Clock {
+ private static final String TAG = "BestClock";
+ private final ZoneId mZone;
+ private final Clock[] mClocks;
+
+ public BestClock(ZoneId zone, Clock... clocks) {
+ super();
+ this.mZone = zone;
+ this.mClocks = clocks;
+ }
+
+ @Override
+ public long millis() {
+ for (Clock clock : mClocks) {
+ try {
+ return clock.millis();
+ } catch (DateTimeException e) {
+ // Ignore and attempt the next clock
+ Log.w(TAG, e.toString());
+ }
+ }
+ throw new DateTimeException(
+ "No clocks in " + Arrays.toString(mClocks) + " were able to provide time");
+ }
+
+ @Override
+ public ZoneId getZone() {
+ return mZone;
+ }
+
+ @Override
+ public Clock withZone(ZoneId zone) {
+ return new BestClock(zone, mClocks);
+ }
+
+ @Override
+ public Instant instant() {
+ return Instant.ofEpochMilli(millis());
+ }
+}
diff --git a/staticlibs/framework/com/android/net/module/util/PermissionUtils.java b/staticlibs/framework/com/android/net/module/util/PermissionUtils.java
index 3ab2070..0f3dc15 100644
--- a/staticlibs/framework/com/android/net/module/util/PermissionUtils.java
+++ b/staticlibs/framework/com/android/net/module/util/PermissionUtils.java
@@ -16,11 +16,14 @@
package com.android.net.module.util;
+import static android.Manifest.permission.ACCESS_NETWORK_STATE;
+import static android.Manifest.permission.CONNECTIVITY_USE_RESTRICTED_NETWORKS;
import static android.Manifest.permission.NETWORK_STACK;
import static android.content.pm.PackageManager.PERMISSION_GRANTED;
import static android.net.NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK;
import android.annotation.NonNull;
+import android.annotation.Nullable;
import android.content.Context;
import android.os.Binder;
@@ -84,6 +87,30 @@
}
/**
+ * If the CONNECTIVITY_USE_RESTRICTED_NETWORKS is not allowed for a particular process, throw a
+ * {@link SecurityException}.
+ *
+ * @param context {@link android.content.Context} for the process.
+ * @param message A message to include in the exception if it is thrown.
+ */
+ public static void enforceRestrictedNetworkPermission(
+ final @NonNull Context context, final @Nullable String message) {
+ context.enforceCallingOrSelfPermission(CONNECTIVITY_USE_RESTRICTED_NETWORKS, message);
+ }
+
+ /**
+ * If the ACCESS_NETWORK_STATE is not allowed for a particular process, throw a
+ * {@link SecurityException}.
+ *
+ * @param context {@link android.content.Context} for the process.
+ * @param message A message to include in the exception if it is thrown.
+ */
+ public static void enforceAccessNetworkStatePermission(
+ final @NonNull Context context, final @Nullable String message) {
+ context.enforceCallingOrSelfPermission(ACCESS_NETWORK_STATE, message);
+ }
+
+ /**
* Return true if the context has DUMP permission.
*/
public static boolean checkDumpPermission(Context context, String tag, PrintWriter pw) {
@@ -97,4 +124,24 @@
return true;
}
}
+
+ /**
+ * Enforce that a given feature is available and if not, throw an
+ * {@link UnsupportedOperationException}.
+ *
+ * @param context {@link android.content.Context} for the process.
+ * @param feature the feature name to enforce.
+ * @param errorMessage an optional error message to include.
+ */
+ public static void enforceSystemFeature(final @NonNull Context context,
+ final @NonNull String feature, final @Nullable String errorMessage) {
+ final boolean hasSystemFeature =
+ context.getPackageManager().hasSystemFeature(feature);
+ if (!hasSystemFeature) {
+ if (null == errorMessage) {
+ throw new UnsupportedOperationException();
+ }
+ throw new UnsupportedOperationException(errorMessage);
+ }
+ }
}
diff --git a/staticlibs/netd/libnetdutils/include/netdutils/Status.h b/staticlibs/netd/libnetdutils/include/netdutils/Status.h
index bc347d5..7b0bd47 100644
--- a/staticlibs/netd/libnetdutils/include/netdutils/Status.h
+++ b/staticlibs/netd/libnetdutils/include/netdutils/Status.h
@@ -42,7 +42,7 @@
Status(int code, std::string msg) : mCode(code), mMsg(std::move(msg)) { assert(!ok()); }
Status(android::base::Result<void> result)
- : mCode(result.ok() ? 0 : result.error().code()),
+ : mCode(result.ok() ? 0 : static_cast<int>(result.error().code())),
mMsg(result.ok() ? "" : result.error().message()) {}
int code() const { return mCode; }
diff --git a/staticlibs/tests/unit/src/com/android/net/module/util/PermissionUtilsTest.kt b/staticlibs/tests/unit/src/com/android/net/module/util/PermissionUtilsTest.kt
index 6da5e7d..1b6cbcb 100644
--- a/staticlibs/tests/unit/src/com/android/net/module/util/PermissionUtilsTest.kt
+++ b/staticlibs/tests/unit/src/com/android/net/module/util/PermissionUtilsTest.kt
@@ -18,22 +18,28 @@
import android.Manifest.permission.NETWORK_STACK
import android.content.Context
+import android.content.pm.PackageManager
import android.content.pm.PackageManager.PERMISSION_DENIED
import android.content.pm.PackageManager.PERMISSION_GRANTED
import android.net.NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK
import androidx.test.filters.SmallTest
import androidx.test.runner.AndroidJUnit4
import com.android.net.module.util.PermissionUtils.checkAnyPermissionOf
+import com.android.net.module.util.PermissionUtils.enforceAnyPermissionOf
import com.android.net.module.util.PermissionUtils.enforceNetworkStackPermission
import com.android.net.module.util.PermissionUtils.enforceNetworkStackPermissionOr
-import com.android.net.module.util.PermissionUtils.enforceAnyPermissionOf
+import com.android.net.module.util.PermissionUtils.enforceSystemFeature
+import org.junit.Assert
import org.junit.Assert.assertFalse
import org.junit.Assert.assertTrue
+import org.junit.Before
import org.junit.Test
import org.junit.runner.RunWith
+import org.mockito.ArgumentMatchers
import org.mockito.ArgumentMatchers.any
import org.mockito.Mockito.doReturn
import org.mockito.Mockito.mock
+import kotlin.test.assertEquals
import kotlin.test.assertFailsWith
/** Tests for PermissionUtils */
@@ -43,6 +49,12 @@
private val TEST_PERMISSION1 = "android.permission.TEST_PERMISSION1"
private val TEST_PERMISSION2 = "android.permission.TEST_PERMISSION2"
private val context = mock(Context::class.java)
+ private val packageManager = mock(PackageManager::class.java)
+
+ @Before
+ fun setup() {
+ doReturn(packageManager).`when`(context).packageManager
+ }
@Test
fun testEnforceAnyPermissionOf() {
@@ -90,4 +102,26 @@
assertFailsWith<SecurityException>("Expect fail but permission granted.") {
enforceNetworkStackPermissionOr(context, TEST_PERMISSION2) }
}
+
+ private fun mockHasSystemFeature(featureName: String, hasFeature: Boolean) {
+ doReturn(hasFeature).`when`(packageManager)
+ .hasSystemFeature(ArgumentMatchers.eq(featureName))
+ }
+
+ @Test
+ fun testEnforceSystemFeature() {
+ val systemFeature = "test.system.feature"
+ val exceptionMessage = "test exception message"
+ mockHasSystemFeature(featureName = systemFeature, hasFeature = false)
+ val e = assertFailsWith<UnsupportedOperationException>("Should fail without feature") {
+ enforceSystemFeature(context, systemFeature, exceptionMessage) }
+ assertEquals(exceptionMessage, e.message)
+
+ mockHasSystemFeature(featureName = systemFeature, hasFeature = true)
+ try {
+ enforceSystemFeature(context, systemFeature, "")
+ } catch (e: UnsupportedOperationException) {
+ Assert.fail("Exception should have not been thrown with system feature enabled")
+ }
+ }
}