From 8d839e4985d0acc662e1019390c88fab20bacbd6 Mon Sep 17 00:00:00 2001
From: Nan Wu <wnan@google.com>
Date: Fri, 16 Jun 2023 14:42:24 +0000
Subject: DO NOT MERGE Fix BAL via notification.publicVersion

We stripped the token that allows app to retrieve their own notification
and fire their own PI to launch activities from background. But we
forgot to strip the token from notification.publicVersion

Bug: 278558814
Test: NotificationManagerTest#testActivityStartFromRetrievedNotification_isBlocked
Change-Id: I8f25d7a5e47890a0496af023149717e1df482f98
(cherry picked from commit cf851d81a954f0a6dd0c2fd7defa93932539e7f9)
---
 core/java/android/app/Notification.java                            | 7 +++++--
 .../android/server/notification/NotificationManagerService.java    | 2 +-
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/core/java/android/app/Notification.java b/core/java/android/app/Notification.java
index ba321f5928ec..485e68ef7727 100644
--- a/core/java/android/app/Notification.java
+++ b/core/java/android/app/Notification.java
@@ -3358,8 +3358,11 @@ public class Notification implements Parcelable
      *
      * @hide
      */
-    public void setAllowlistToken(@Nullable IBinder token) {
-        mAllowlistToken = token;
+    public void clearAllowlistToken() {
+        mAllowlistToken = null;
+        if (publicVersion != null) {
+            publicVersion.clearAllowlistToken();
+        }
     }
 
     /**
diff --git a/services/core/java/com/android/server/notification/NotificationManagerService.java b/services/core/java/com/android/server/notification/NotificationManagerService.java
index dea8c52927fe..595f9563aded 100755
--- a/services/core/java/com/android/server/notification/NotificationManagerService.java
+++ b/services/core/java/com/android/server/notification/NotificationManagerService.java
@@ -4319,7 +4319,7 @@ public class NotificationManagerService extends SystemService {
                     // Remove background token before returning notification to untrusted app, this
                     // ensures the app isn't able to perform background operations that are
                     // associated with notification interactions.
-                    notification.setAllowlistToken(null);
+                    notification.clearAllowlistToken();
                     return new StatusBarNotification(
                             sbn.getPackageName(),
                             sbn.getOpPkg(),
-- 
cgit v1.2.3-59-g8ed1b