Allow carrier-priv apps to scan with location off
Allow carrier-priv apps to perform network scans with the location off,
subject to the same limitations as apps with the NETWORK_SCAN
permission.
Fixes: 129085751
Test: CTS
Change-Id: Ib1a7e60a8f4f3ded5d7ee8b32dc9a7d3742463bb
diff --git a/src/com/android/phone/PhoneInterfaceManager.java b/src/com/android/phone/PhoneInterfaceManager.java
index 97f62e8..63a34e8 100755
--- a/src/com/android/phone/PhoneInterfaceManager.java
+++ b/src/com/android/phone/PhoneInterfaceManager.java
@@ -4470,7 +4470,7 @@
.setMinSdkVersionForFine(Build.VERSION_CODES.Q)
.build());
if (locationResult != LocationAccessPolicy.LocationPermissionResult.ALLOWED) {
- SecurityException e = checkNetworkRequestForSanitizedLocationAccess(request);
+ SecurityException e = checkNetworkRequestForSanitizedLocationAccess(request, subId);
if (e != null) {
if (locationResult == LocationAccessPolicy.LocationPermissionResult.DENIED_HARD) {
throw e;
@@ -4493,11 +4493,16 @@
}
private SecurityException checkNetworkRequestForSanitizedLocationAccess(
- NetworkScanRequest request) {
- if (mApp.checkCallingOrSelfPermission(android.Manifest.permission.NETWORK_SCAN)
- != PERMISSION_GRANTED) {
- return new SecurityException("permission.NETWORK_SCAN is needed for network scans"
- + " without location access.");
+ NetworkScanRequest request, int subId) {
+ boolean hasCarrierPriv = getCarrierPrivilegeStatusForUid(subId, Binder.getCallingUid())
+ == TelephonyManager.CARRIER_PRIVILEGE_STATUS_HAS_ACCESS;
+ boolean hasNetworkScanPermission =
+ mApp.checkCallingOrSelfPermission(android.Manifest.permission.NETWORK_SCAN)
+ == PERMISSION_GRANTED;
+
+ if (!hasCarrierPriv && !hasNetworkScanPermission) {
+ return new SecurityException("permission.NETWORK_SCAN or carrier privileges is needed"
+ + " for network scans without location access.");
}
if (request.getSpecifiers() != null && request.getSpecifiers().length > 0) {