From 15eec4872d7b0fdfead3a8f5b4a1bb4d9ad82a0c Mon Sep 17 00:00:00 2001
From: Evan Chen <evanxinchen@google.com>
Date: Tue, 17 Oct 2023 21:31:23 +0000
Subject: Do not allow setting notification access across users.

For mutil user case, make sure the calling userid
matching the passing userid

Test: test it on sample app
Bug: 298635078
Change-Id: I6c478ebcc1d981faf2d125a4b41909c3b6a30a2a
Merged-In: I6c478ebcc1d981faf2d125a4b41909c3b6a30a2a
---
 .../android/server/companion/CompanionDeviceManagerService.java   | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java b/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java
index 3ac7b8e6668e..5f6211f158c2 100644
--- a/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java
+++ b/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java
@@ -543,8 +543,7 @@ public class CompanionDeviceManagerService extends SystemService {
         public PendingIntent requestNotificationAccess(ComponentName component, int userId)
                 throws RemoteException {
             String callingPackage = component.getPackageName();
-            checkCanCallNotificationApi(callingPackage);
-            // TODO: check userId.
+            checkCanCallNotificationApi(callingPackage, userId);
             if (component.flattenToString().length() > MAX_CN_LENGTH) {
                 throw new IllegalArgumentException("Component name is too long.");
             }
@@ -570,7 +569,7 @@ public class CompanionDeviceManagerService extends SystemService {
         @Deprecated
         @Override
         public boolean hasNotificationAccess(ComponentName component) throws RemoteException {
-            checkCanCallNotificationApi(component.getPackageName());
+            checkCanCallNotificationApi(component.getPackageName(), getCallingUserId());
             NotificationManager nm = getContext().getSystemService(NotificationManager.class);
             return nm.isNotificationListenerAccessGranted(component);
         }
@@ -727,8 +726,7 @@ public class CompanionDeviceManagerService extends SystemService {
             legacyCreateAssociation(userId, macAddress, packageName, null);
         }
 
-        private void checkCanCallNotificationApi(String callingPackage) {
-            final int userId = getCallingUserId();
+        private void checkCanCallNotificationApi(String callingPackage, int userId) {
             enforceCallerIsSystemOr(userId, callingPackage);
 
             if (getCallingUid() == SYSTEM_UID) return;
-- 
cgit v1.2.3-59-g8ed1b