Enfore caller permission check before reading whether a user is ready for backup.

Adds a permission check at the beginning of BackupManagerService#isUserReadyForBackup() which ensures that the caller has appropriate permission ('INTERACT_ACROSS_USERS_FULL') if the target user id doesn't match caller. Fixes: 230866788 Test: atest -v BackupFrameworksServicesRoboTests Change-Id: I2423a4baa642901c13e7f18f17bdefa91b42605b
author: Piyush Mehrotra <piee@google.com> 2022-08-01 15:29:27 +0000
committer: Piyush Mehrotra <piee@google.com> 2022-08-11 12:44:07 +0000
commit: 57a56f9104dd523c6c727c053e8c537753123e09 (patch)
tree: cfe14f836d1b8f1474dc021fc5cfdc4e315f6a53 /services/robotests/backup
parent: ec5edadff717b53a2fcec6ebfd962063d2facb59 (diff)
1 files changed, 29 insertions, 0 deletions
diff --git a/services/robotests/backup/src/com/android/server/backup/BackupManagerServiceRoboTest.java b/services/robotests/backup/src/com/android/server/backup/BackupManagerServiceRoboTest.java
index 2219d477630e..e2f56ba56f3d 100644
--- a/services/robotests/backup/src/com/android/server/backup/BackupManagerServiceRoboTest.java
+++ b/services/robotests/backup/src/com/android/server/backup/BackupManagerServiceRoboTest.java
@@ -301,6 +301,35 @@ public class BackupManagerServiceRoboTest {
         verify(mUserOneService, never()).initializeTransports(transports, /* observer */ null);
     }
 
+    /**
+     * Test that the backup services throws a {@link SecurityException} if the caller does not have
+     * INTERACT_ACROSS_USERS_FULL permission and passes a different user id.
+     */
+    @Test
+    public void testIsUserReadyForBackup_withoutPermission_throwsSecurityException() {
+        BackupManagerService backupManagerService = createService();
+        registerUser(backupManagerService, mUserOneId, mUserOneService);
+        setCallerAndGrantInteractUserPermission(mUserTwoId, /* shouldGrantPermission */ false);
+
+        expectThrows(
+                SecurityException.class,
+                () -> backupManagerService.isUserReadyForBackup(mUserOneId));
+    }
+
+    /**
+     * Test that the backup service does not throw a {@link SecurityException} if the caller has
+     * INTERACT_ACROSS_USERS_FULL permission and passes a different user id.
+     */
+    @Test
+    public void testIsUserReadyForBackup_withPermission_callsMethodForUser() {
+        BackupManagerService backupManagerService = createService();
+        registerUser(backupManagerService, UserHandle.USER_SYSTEM, mUserSystemService);
+        registerUser(backupManagerService, mUserOneId, mUserOneService);
+        setCallerAndGrantInteractUserPermission(mUserTwoId, /* shouldGrantPermission */ true);
+
+        assertThat(backupManagerService.isUserReadyForBackup(mUserOneId)).isTrue();
+    }
+
     /** Test that the backup service routes methods correctly to the user that requests it. */
     @Test
     public void testClearBackupData_onRegisteredUser_callsMethodForUser() throws Exception {
author	Piyush Mehrotra <piee@google.com>	2022-08-01 15:29:27 +0000
committer	Piyush Mehrotra <piee@google.com>	2022-08-11 12:44:07 +0000
commit	57a56f9104dd523c6c727c053e8c537753123e09 (patch)
tree	cfe14f836d1b8f1474dc021fc5cfdc4e315f6a53 /services/robotests/backup
parent	ec5edadff717b53a2fcec6ebfd962063d2facb59 (diff)