3 files changed, 49 insertions, 1 deletions

diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java
index 8c9e771dbd73..52c58e162289 100644
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -13088,6 +13088,10 @@ public class DevicePolicyManager {
      * @see #getCrossProfileCalendarPackages(ComponentName)
      * @hide
      */
+    @RequiresPermission(anyOf = {
+            permission.INTERACT_ACROSS_USERS_FULL,
+            permission.INTERACT_ACROSS_USERS
+    }, conditional = true)
     public boolean isPackageAllowedToAccessCalendar(@NonNull  String packageName) {
         throwIfParentInstance("isPackageAllowedToAccessCalendar");
         if (mService != null) {
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 1d27655055a0..0128d350bd10 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -16067,7 +16067,20 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
         Preconditions.checkArgumentNonnegative(userHandle, "Invalid userId");
 
         final CallerIdentity caller = getCallerIdentity();
-        Preconditions.checkCallAuthorization(hasCrossUsersPermission(caller, userHandle));
+        final int packageUid = mInjector.binderWithCleanCallingIdentity(() -> {
+            try {
+                return mInjector.getPackageManager().getPackageUidAsUser(packageName, userHandle);
+            } catch (NameNotFoundException e) {
+                Slogf.w(LOG_TAG, e,
+                        "Couldn't find package %s in user %d", packageName, userHandle);
+                return -1;
+            }
+        });
+        if (caller.getUid() != packageUid) {
+            Preconditions.checkCallAuthorization(
+                    hasCallingOrSelfPermission(permission.INTERACT_ACROSS_USERS)
+                            || hasCallingOrSelfPermission(permission.INTERACT_ACROSS_USERS_FULL));
+        }
 
         synchronized (getLockObject()) {
             if (mInjector.settingsSecureGetIntForUser(
diff --git a/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java b/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
index fd41b9c19a2e..5447a58a1643 100644
--- a/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
+++ b/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
@@ -6524,6 +6524,8 @@ public class DevicePolicyManagerTest extends DpmTestBase {
         when(getServices().settings.settingsSecureGetIntForUser(
                 Settings.Secure.CROSS_PROFILE_CALENDAR_ENABLED,
                 0, CALLER_USER_HANDLE)).thenReturn(1);
+        mContext.permissions.add(permission.INTERACT_ACROSS_USERS);
+
         assertThat(dpm.isPackageAllowedToAccessCalendar("TEST_PACKAGE")).isFalse();
     }
 
@@ -6535,6 +6537,8 @@ public class DevicePolicyManagerTest extends DpmTestBase {
         when(getServices().settings.settingsSecureGetIntForUser(
                 Settings.Secure.CROSS_PROFILE_CALENDAR_ENABLED,
                 0, CALLER_USER_HANDLE)).thenReturn(0);
+        mContext.permissions.add(permission.INTERACT_ACROSS_USERS);
+
         assertThat(dpm.isPackageAllowedToAccessCalendar(testPackage)).isFalse();
     }
 
@@ -6546,6 +6550,33 @@ public class DevicePolicyManagerTest extends DpmTestBase {
         when(getServices().settings.settingsSecureGetIntForUser(
                 Settings.Secure.CROSS_PROFILE_CALENDAR_ENABLED,
                 0, CALLER_USER_HANDLE)).thenReturn(1);
+        mContext.permissions.add(permission.INTERACT_ACROSS_USERS);
+
+        assertThat(dpm.isPackageAllowedToAccessCalendar(testPackage)).isTrue();
+    }
+
+    @Test
+    public void testIsPackageAllowedToAccessCalendar_requiresPermission() {
+        final String testPackage = "TEST_PACKAGE";
+
+        assertExpectException(SecurityException.class, /* messageRegex= */ null,
+                () -> dpm.isPackageAllowedToAccessCalendar(testPackage));
+    }
+
+    @Test
+    public void testIsPackageAllowedToAccessCalendar_samePackageAndSameUser_noPermissionRequired()
+            throws Exception {
+        final String testPackage = "TEST_PACKAGE";
+        setAsProfileOwner(admin1);
+        dpm.setCrossProfileCalendarPackages(admin1, null);
+        when(getServices().settings.settingsSecureGetIntForUser(
+                Settings.Secure.CROSS_PROFILE_CALENDAR_ENABLED,
+                0, CALLER_USER_HANDLE)).thenReturn(1);
+        doReturn(mContext.binder.callingUid)
+                .when(getServices().packageManager).getPackageUidAsUser(
+                eq(testPackage),
+                anyInt());
+
         assertThat(dpm.isPackageAllowedToAccessCalendar(testPackage)).isTrue();
     }