RESTRICT AUTOMERGE Fix BAL via notification.publicVersion

We stripped the token that allows app to retrieve their own notification and fire their own PI to launch activities from background. But we forgot to strip the token from notification.publicVersion Bug: 278558814 Test: NotificationManagerTest#testActivityStartFromRetrievedNotification_isBlocked Merged-In: I8f25d7a5e47890a0496af023149717e1df482f98 Change-Id: I8f25d7a5e47890a0496af023149717e1df482f98
author: Nan Wu <wnan@google.com> 2023-06-16 14:42:24 +0000
committer: Nan Wu <wnan@google.com> 2023-08-16 21:08:32 +0000
commit: daed0a712abbfcba32cfbe7adc49fc4e725e02d6 (patch)
tree: 7369b667abd25e0797fb9c90f4129e4e6601245e
parent: f3efc8097693787a36457cbdb480af08b013655f (diff)
2 files changed, 6 insertions, 3 deletions
diff --git a/core/java/android/app/Notification.java b/core/java/android/app/Notification.java
index 11dd30b82e78..54c8cb09d7ea 100644
--- a/core/java/android/app/Notification.java
+++ b/core/java/android/app/Notification.java
@@ -3485,8 +3485,11 @@ public class Notification implements Parcelable
      *
      * @hide
      */
-    public void setAllowlistToken(@Nullable IBinder token) {
-        mAllowlistToken = token;
+    public void clearAllowlistToken() {
+        mAllowlistToken = null;
+        if (publicVersion != null) {
+            publicVersion.clearAllowlistToken();
+        }
     }
 
     /**
diff --git a/services/core/java/com/android/server/notification/NotificationManagerService.java b/services/core/java/com/android/server/notification/NotificationManagerService.java
index 7369e5ed5932..82892de7176d 100644
--- a/services/core/java/com/android/server/notification/NotificationManagerService.java
+++ b/services/core/java/com/android/server/notification/NotificationManagerService.java
@@ -4442,7 +4442,7 @@ public class NotificationManagerService extends SystemService {
                     // Remove background token before returning notification to untrusted app, this
                     // ensures the app isn't able to perform background operations that are
                     // associated with notification interactions.
-                    notification.setAllowlistToken(null);
+                    notification.clearAllowlistToken();
                     return new StatusBarNotification(
                             sbn.getPackageName(),
                             sbn.getOpPkg(),
author	Nan Wu <wnan@google.com>	2023-06-16 14:42:24 +0000
committer	Nan Wu <wnan@google.com>	2023-08-16 21:08:32 +0000
commit	daed0a712abbfcba32cfbe7adc49fc4e725e02d6 (patch)
tree	7369b667abd25e0797fb9c90f4129e4e6601245e
parent	f3efc8097693787a36457cbdb480af08b013655f (diff)