Merge "Throw on revoked location permission - framework"

author: Nathan Harold <nharold@google.com> 2018-08-02 22:16:07 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> 2018-08-02 22:16:07 +0000
commit: bb67bab55fb7fc8a94be7189fe8cbf910d4bbc5c (patch)
tree: dd271ba63e219b9d7c8abe3509059a5c127cc8d8
parent: c02b2ec3f179820c31c470d89b919ce721513472 (diff)
parent: 56c4148e4181d44608ad2b55851e7c9f2fa32f0d (diff)
2 files changed, 9 insertions, 6 deletions
diff --git a/services/core/java/com/android/server/TelephonyRegistry.java b/services/core/java/com/android/server/TelephonyRegistry.java
index 34d5b3f1a1db..02222cc6f963 100644
--- a/services/core/java/com/android/server/TelephonyRegistry.java
+++ b/services/core/java/com/android/server/TelephonyRegistry.java
@@ -1789,7 +1789,8 @@ class TelephonyRegistry extends ITelephonyRegistry.Stub {
         long token = Binder.clearCallingIdentity();
         try {
             return LocationAccessPolicy.canAccessCellLocation(mContext,
-                    r.callingPackage, r.callerUid, r.callerPid);
+                    r.callingPackage, r.callerUid, r.callerPid,
+                    /*throwOnDeniedPermission*/ false);
         } finally {
             Binder.restoreCallingIdentity(token);
         }
diff --git a/telephony/java/android/telephony/LocationAccessPolicy.java b/telephony/java/android/telephony/LocationAccessPolicy.java
index 19b3d0d41a0d..cc10eb9a1400 100644
--- a/telephony/java/android/telephony/LocationAccessPolicy.java
+++ b/telephony/java/android/telephony/LocationAccessPolicy.java
@@ -48,10 +48,11 @@ public final class LocationAccessPolicy {
      * @param pkgName Package name of the application requesting access
      * @param uid The uid of the package
      * @param pid The pid of the package
+     * @param throwOnDeniedPermission Whether to throw if the location permission is denied.
      * @return boolean true or false if permissions is granted
      */
     public static boolean canAccessCellLocation(@NonNull Context context, @NonNull String pkgName,
-            int uid, int pid) throws SecurityException {
+            int uid, int pid, boolean throwOnDeniedPermission) throws SecurityException {
         Trace.beginSection("TelephonyLocationCheck");
         try {
             // Always allow the phone process and system server to access location. This avoid
@@ -68,10 +69,11 @@ public final class LocationAccessPolicy {
             // where a legacy app the user is not using tracks their location.
             // Granting ACCESS_FINE_LOCATION to an app automatically grants it
             // ACCESS_COARSE_LOCATION.
-
-            if (context.checkPermission(Manifest.permission.ACCESS_COARSE_LOCATION, pid, uid) ==
-                    PackageManager.PERMISSION_DENIED) {
-                if (DBG) Log.w(TAG, "Permission checked failed (" + pid + "," + uid + ")");
+            if (throwOnDeniedPermission) {
+                context.enforcePermission(Manifest.permission.ACCESS_COARSE_LOCATION,
+                        pid, uid, "canAccessCellLocation");
+            } else if (context.checkPermission(Manifest.permission.ACCESS_COARSE_LOCATION,
+                    pid, uid) == PackageManager.PERMISSION_DENIED) {
                 return false;
             }
             final int opCode = AppOpsManager.permissionToOpCode(
author	Nathan Harold <nharold@google.com>	2018-08-02 22:16:07 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	2018-08-02 22:16:07 +0000
commit	bb67bab55fb7fc8a94be7189fe8cbf910d4bbc5c (patch)
tree	dd271ba63e219b9d7c8abe3509059a5c127cc8d8
parent	c02b2ec3f179820c31c470d89b919ce721513472 (diff)
parent	56c4148e4181d44608ad2b55851e7c9f2fa32f0d (diff)