Merge "Enfore caller permission check before reading whether a user is ready for backup."

author: Piyush Mehrotra <piee@google.com> 2022-08-11 12:44:51 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2022-08-11 12:44:51 +0000
commit: 431faf4e311be458be91967260b0a6ec17e18811 (patch)
tree: d41258366ec99eea49a751d5e90337ee34e31cad /services/robotests/backup
parent: 0e2eb0e94c71c16b28b75d82691a2314706f97bc (diff)
parent: 57a56f9104dd523c6c727c053e8c537753123e09 (diff)
1 files changed, 29 insertions, 0 deletions
diff --git a/services/robotests/backup/src/com/android/server/backup/BackupManagerServiceRoboTest.java b/services/robotests/backup/src/com/android/server/backup/BackupManagerServiceRoboTest.java
index 2219d477630e..e2f56ba56f3d 100644
--- a/services/robotests/backup/src/com/android/server/backup/BackupManagerServiceRoboTest.java
+++ b/services/robotests/backup/src/com/android/server/backup/BackupManagerServiceRoboTest.java
@@ -301,6 +301,35 @@ public class BackupManagerServiceRoboTest {
         verify(mUserOneService, never()).initializeTransports(transports, /* observer */ null);
     }
 
+    /**
+     * Test that the backup services throws a {@link SecurityException} if the caller does not have
+     * INTERACT_ACROSS_USERS_FULL permission and passes a different user id.
+     */
+    @Test
+    public void testIsUserReadyForBackup_withoutPermission_throwsSecurityException() {
+        BackupManagerService backupManagerService = createService();
+        registerUser(backupManagerService, mUserOneId, mUserOneService);
+        setCallerAndGrantInteractUserPermission(mUserTwoId, /* shouldGrantPermission */ false);
+
+        expectThrows(
+                SecurityException.class,
+                () -> backupManagerService.isUserReadyForBackup(mUserOneId));
+    }
+
+    /**
+     * Test that the backup service does not throw a {@link SecurityException} if the caller has
+     * INTERACT_ACROSS_USERS_FULL permission and passes a different user id.
+     */
+    @Test
+    public void testIsUserReadyForBackup_withPermission_callsMethodForUser() {
+        BackupManagerService backupManagerService = createService();
+        registerUser(backupManagerService, UserHandle.USER_SYSTEM, mUserSystemService);
+        registerUser(backupManagerService, mUserOneId, mUserOneService);
+        setCallerAndGrantInteractUserPermission(mUserTwoId, /* shouldGrantPermission */ true);
+
+        assertThat(backupManagerService.isUserReadyForBackup(mUserOneId)).isTrue();
+    }
+
     /** Test that the backup service routes methods correctly to the user that requests it. */
     @Test
     public void testClearBackupData_onRegisteredUser_callsMethodForUser() throws Exception {
author	Piyush Mehrotra <piee@google.com>	2022-08-11 12:44:51 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2022-08-11 12:44:51 +0000
commit	431faf4e311be458be91967260b0a6ec17e18811 (patch)
tree	d41258366ec99eea49a751d5e90337ee34e31cad /services/robotests/backup
parent	0e2eb0e94c71c16b28b75d82691a2314706f97bc (diff)
parent	57a56f9104dd523c6c727c053e8c537753123e09 (diff)