Remove permission info from CallerIdentity

Location permission info is 1) location specific and 2) may change over
time, and thus shouldn't be in CallerIdentity. This CL moves the
information (temporarily) into LocationRequest. Follow up CLs will
include deeper refactors that eliminate the need for this information to
be in LocationRequest as well.

Test: manual + presubmits
Change-Id: I3b4b41941e386f644efce2effe6985b9c865586c

2 files changed, 83 insertions, 143 deletions

diff --git a/location/java/android/location/LocationRequest.java b/location/java/android/location/LocationRequest.java
index 5f0acc8f7647..bb36c2a1fc39 100644
--- a/location/java/android/location/LocationRequest.java
+++ b/location/java/android/location/LocationRequest.java
@@ -150,6 +150,8 @@ public final class LocationRequest implements Parcelable {
 
     @UnsupportedAppUsage
     private String mProvider;
+    // if true, client requests coarse location, if false, client requests fine location
+    private boolean mCoarseLocation;
     @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.P, trackingBug = 115609023)
     private int mQuality;
     @UnsupportedAppUsage
@@ -255,6 +257,7 @@ public final class LocationRequest implements Parcelable {
     public LocationRequest() {
         this(
                 /* provider= */ LocationManager.FUSED_PROVIDER,
+                /* coarseLocation= */ false,
                 /* quality= */ POWER_LOW,
                 /* interval= */ DEFAULT_INTERVAL_MS,
                 /* fastestInterval= */ (long) (DEFAULT_INTERVAL_MS / FASTEST_INTERVAL_FACTOR),
@@ -273,6 +276,7 @@ public final class LocationRequest implements Parcelable {
     public LocationRequest(LocationRequest src) {
         this(
                 src.mProvider,
+                src.mCoarseLocation,
                 src.mQuality,
                 src.mInterval,
                 src.mFastestInterval,
@@ -289,6 +293,7 @@ public final class LocationRequest implements Parcelable {
 
     private LocationRequest(
             @NonNull String provider,
+            boolean coarseLocation,
             int quality,
             long intervalMs,
             long fastestIntervalMs,
@@ -305,6 +310,7 @@ public final class LocationRequest implements Parcelable {
         checkQuality(quality);
 
         mProvider = provider;
+        mCoarseLocation = coarseLocation;
         mQuality = quality;
         mInterval = intervalMs;
         mFastestInterval = fastestIntervalMs;
@@ -321,6 +327,20 @@ public final class LocationRequest implements Parcelable {
     }
 
     /**
+     * @hide
+     */
+    public boolean isCoarse() {
+        return mCoarseLocation;
+    }
+
+    /**
+     * @hide
+     */
+    public void setCoarse(boolean coarse) {
+        mCoarseLocation = coarse;
+    }
+
+    /**
      * Set the quality of the request.
      *
      * <p>Use with a accuracy constant such as {@link #ACCURACY_FINE}, or a power
@@ -700,6 +720,7 @@ public final class LocationRequest implements Parcelable {
                 public LocationRequest createFromParcel(Parcel in) {
                     return new LocationRequest(
                             /* provider= */ in.readString(),
+                            /* coarseLocation= */ in.readBoolean(),
                             /* quality= */ in.readInt(),
                             /* interval= */ in.readLong(),
                             /* fastestInterval= */ in.readLong(),
@@ -728,6 +749,7 @@ public final class LocationRequest implements Parcelable {
     @Override
     public void writeToParcel(Parcel parcel, int flags) {
         parcel.writeString(mProvider);
+        parcel.writeBoolean(mCoarseLocation);
         parcel.writeInt(mQuality);
         parcel.writeLong(mInterval);
         parcel.writeLong(mFastestInterval);
diff --git a/location/java/android/location/util/identity/CallerIdentity.java b/location/java/android/location/util/identity/CallerIdentity.java
index d7da6a5ae6e1..9876a1b4df19 100644
--- a/location/java/android/location/util/identity/CallerIdentity.java
+++ b/location/java/android/location/util/identity/CallerIdentity.java
@@ -16,24 +16,16 @@
 
 package android.location.util.identity;
 
-import static android.Manifest.permission.ACCESS_COARSE_LOCATION;
-import static android.Manifest.permission.ACCESS_FINE_LOCATION;
-import static android.content.pm.PackageManager.PERMISSION_GRANTED;
-
-import android.annotation.IntDef;
 import android.annotation.Nullable;
-import android.app.AppOpsManager;
 import android.content.Context;
 import android.os.Binder;
 import android.os.Process;
 import android.os.UserHandle;
+import android.os.WorkSource;
 
 import com.android.internal.annotations.VisibleForTesting;
 import com.android.internal.util.ArrayUtils;
-import com.android.internal.util.Preconditions;
 
-import java.lang.annotation.Retention;
-import java.lang.annotation.RetentionPolicy;
 import java.util.Objects;
 
 /**
@@ -43,60 +35,21 @@ import java.util.Objects;
  */
 public final class CallerIdentity {
 
-    public static final int PERMISSION_NONE = 0;
-    public static final int PERMISSION_COARSE = 1;
-    public static final int PERMISSION_FINE = 2;
-
-    @IntDef({PERMISSION_NONE, PERMISSION_COARSE, PERMISSION_FINE})
-    @Retention(RetentionPolicy.SOURCE)
-    public @interface PermissionLevel {}
-
-    /**
-     * Converts the given permission level to the corresponding permission.
-     */
-    public static String asPermission(@PermissionLevel int permissionLevel) {
-        switch (permissionLevel) {
-            case PERMISSION_COARSE:
-                return ACCESS_COARSE_LOCATION;
-            case PERMISSION_FINE:
-                return ACCESS_FINE_LOCATION;
-            default:
-                throw new IllegalArgumentException();
-        }
-    }
-
-    /**
-     * Converts the given permission level to the corresponding appop.
-     */
-    public static int asAppOp(@PermissionLevel int permissionLevel) {
-        switch (permissionLevel) {
-            case PERMISSION_COARSE:
-                return AppOpsManager.OP_COARSE_LOCATION;
-            case PERMISSION_FINE:
-                return AppOpsManager.OP_FINE_LOCATION;
-            default:
-                throw new IllegalArgumentException();
-        }
-    }
-
     /**
      * Construct a CallerIdentity for test purposes.
      */
     @VisibleForTesting
     public static CallerIdentity forTest(int uid, int pid, String packageName,
-            @Nullable String attributionTag, @PermissionLevel int permissionLevel) {
-
-        return new CallerIdentity(uid, pid, packageName, attributionTag, null,
-                permissionLevel);
+            @Nullable String attributionTag) {
+        return new CallerIdentity(uid, pid, packageName, attributionTag, null);
     }
 
     /**
      * Creates a CallerIdentity for the current process and context.
      */
     public static CallerIdentity fromContext(Context context) {
-        return new CallerIdentity(Process.myUid(), Process.myPid(),
-                context.getPackageName(), context.getAttributionTag(), null,
-                getPermissionLevel(context, Binder.getCallingPid(), Binder.getCallingUid()));
+        return new CallerIdentity(Process.myUid(), Process.myPid(), context.getPackageName(),
+                context.getAttributionTag(), null);
     }
 
     /**
@@ -121,7 +74,7 @@ public final class CallerIdentity {
             throw new SecurityException("invalid package \"" + packageName + "\" for uid " + uid);
         }
 
-        return fromBinderUnsafe(context, packageName, attributionTag, listenerId);
+        return fromBinderUnsafe(packageName, attributionTag, listenerId);
     }
 
     /**
@@ -130,9 +83,9 @@ public final class CallerIdentity {
      * this method should only be used if the package will be validated by some other means, such as
      * an appops call.
      */
-    public static CallerIdentity fromBinderUnsafe(Context context, String packageName,
+    public static CallerIdentity fromBinderUnsafe(String packageName,
             @Nullable String attributionTag) {
-        return fromBinderUnsafe(context, packageName, attributionTag, null);
+        return fromBinderUnsafe(packageName, attributionTag, null);
     }
 
     /**
@@ -141,124 +94,89 @@ public final class CallerIdentity {
      * calling uid - this method should only be used if the package will be validated by some other
      * means, such as an appops call.
      */
-    public static CallerIdentity fromBinderUnsafe(Context context, String packageName,
+    public static CallerIdentity fromBinderUnsafe(String packageName,
             @Nullable String attributionTag, @Nullable String listenerId) {
         return new CallerIdentity(Binder.getCallingUid(), Binder.getCallingPid(),
-                packageName, attributionTag, listenerId,
-                getPermissionLevel(context, Binder.getCallingPid(), Binder.getCallingUid()));
+                packageName, attributionTag, listenerId);
     }
 
-    /**
-     * Throws a security exception if the caller does not hold a location permission.
-     */
-    public static void enforceCallingOrSelfLocationPermission(Context context,
-            @PermissionLevel int desiredPermissionLevel) {
-        enforceLocationPermission(Binder.getCallingUid(),
-                getPermissionLevel(context, Binder.getCallingPid(), Binder.getCallingUid()),
-                desiredPermissionLevel);
-    }
+    private final int mUid;
 
-    /**
-     * Returns false if the caller does not hold a location permission, true otherwise.
-     */
-    public static boolean checkCallingOrSelfLocationPermission(Context context,
-            @PermissionLevel int desiredPermissionLevel) {
-        return checkLocationPermission(
-                getPermissionLevel(context, Binder.getCallingPid(), Binder.getCallingUid()),
-                desiredPermissionLevel);
-    }
+    private final int mPid;
 
-    private static void enforceLocationPermission(int uid, @PermissionLevel int permissionLevel,
-            @PermissionLevel int desiredPermissionLevel) {
-        if (checkLocationPermission(permissionLevel, desiredPermissionLevel)) {
-            return;
-        }
+    private final String mPackageName;
 
-        if (desiredPermissionLevel == PERMISSION_COARSE) {
-            throw new SecurityException("uid " + uid + " does not have " + ACCESS_COARSE_LOCATION
-                    + " or " + ACCESS_FINE_LOCATION + ".");
-        } else if (desiredPermissionLevel == PERMISSION_FINE) {
-            throw new SecurityException("uid " + uid + " does not have " + ACCESS_FINE_LOCATION
-                    + ".");
-        }
-    }
-
-    private static boolean checkLocationPermission(@PermissionLevel int permissionLevel,
-            @PermissionLevel int desiredPermissionLevel) {
-        return permissionLevel >= desiredPermissionLevel;
-    }
+    private final @Nullable String mAttributionTag;
 
-    private static @PermissionLevel int getPermissionLevel(Context context, int pid, int uid) {
-        if (context.checkPermission(ACCESS_FINE_LOCATION, pid, uid) == PERMISSION_GRANTED) {
-            return PERMISSION_FINE;
-        }
-        if (context.checkPermission(ACCESS_COARSE_LOCATION, pid, uid) == PERMISSION_GRANTED) {
-            return PERMISSION_COARSE;
-        }
+    private final @Nullable String mListenerId;
 
-        return PERMISSION_NONE;
+    private CallerIdentity(int uid, int pid, String packageName,
+            @Nullable String attributionTag, @Nullable String listenerId) {
+        this.mUid = uid;
+        this.mPid = pid;
+        this.mPackageName = Objects.requireNonNull(packageName);
+        this.mAttributionTag = attributionTag;
+        this.mListenerId = listenerId;
     }
 
     /** The calling UID. */
-    public final int uid;
+    public int getUid() {
+        return mUid;
+    }
 
     /** The calling PID. */
-    public final int pid;
+    public int getPid() {
+        return mPid;
+    }
 
     /** The calling user. */
-    public final int userId;
+    public int getUserId() {
+        return UserHandle.getUserId(mUid);
+    }
 
     /** The calling package name. */
-    public final String packageName;
+    public String getPackageName() {
+        return mPackageName;
+    }
 
     /** The calling attribution tag. */
-    public final @Nullable String attributionTag;
+    public String getAttributionTag() {
+        return mAttributionTag;
+    }
 
     /** The calling listener id. */
-    public final @Nullable String listenerId;
-
-    /**
-     * The calling location permission level. This field should only be used for validating
-     * permissions for API access. It should not be used for validating permissions for location
-     * access - that must be done through appops.
-     */
-    public final @PermissionLevel int permissionLevel;
-
-    private CallerIdentity(int uid, int pid, String packageName,
-            @Nullable String attributionTag, @Nullable String listenerId,
-            @PermissionLevel int permissionLevel) {
-        this.uid = uid;
-        this.pid = pid;
-        this.userId = UserHandle.getUserId(uid);
-        this.packageName = Objects.requireNonNull(packageName);
-        this.attributionTag = attributionTag;
-        this.listenerId = listenerId;
-        this.permissionLevel = Preconditions.checkArgumentInRange(permissionLevel, PERMISSION_NONE,
-                PERMISSION_FINE, "permissionLevel");
+    public String getListenerId() {
+        return mListenerId;
     }
 
     /**
-     * Throws a security exception if the CallerIdentity does not hold a location permission.
+     * Adds this identity to the worksource supplied, or if not worksource is supplied, creates a
+     * new worksource representing this identity.
      */
-    public void enforceLocationPermission(@PermissionLevel int desiredPermissionLevel) {
-        enforceLocationPermission(uid, permissionLevel, desiredPermissionLevel);
+    public WorkSource addToWorkSource(@Nullable WorkSource workSource) {
+        if (workSource == null) {
+            return new WorkSource(mUid, mPackageName);
+        } else {
+            workSource.add(mUid, mPackageName);
+            return workSource;
+        }
     }
 
     @Override
     public String toString() {
-        int length = 10 + packageName.length();
-        if (attributionTag != null) {
-            length += attributionTag.length();
+        int length = 10 + mPackageName.length();
+        if (mAttributionTag != null) {
+            length += mAttributionTag.length();
         }
 
         StringBuilder builder = new StringBuilder(length);
-        builder.append(pid).append("/").append(packageName);
-        if (attributionTag != null) {
+        builder.append(mPid).append("/").append(mPackageName);
+        if (mAttributionTag != null) {
             builder.append("[");
-            if (attributionTag.startsWith(packageName)) {
-                builder.append(attributionTag.substring(packageName.length()));
+            if (mAttributionTag.startsWith(mPackageName)) {
+                builder.append(mAttributionTag.substring(mPackageName.length()));
             } else {
-                builder.append(attributionTag);
+                builder.append(mAttributionTag);
             }
             builder.append("]");
         }
@@ -274,14 +192,14 @@ public final class CallerIdentity {
             return false;
         }
         CallerIdentity that = (CallerIdentity) o;
-        return uid == that.uid
-                && pid == that.pid
-                && packageName.equals(that.packageName)
-                && Objects.equals(attributionTag, that.attributionTag);
+        return getUid() == that.getUid()
+                && mPid == that.mPid
+                && mPackageName.equals(that.mPackageName)
+                && Objects.equals(mAttributionTag, that.mAttributionTag);
     }
 
     @Override
     public int hashCode() {
-        return Objects.hash(uid, pid, packageName, attributionTag);
+        return Objects.hash(mUid, mPid, mPackageName, mAttributionTag);
     }
 }