From 6c589570c44752d96f35620de271ccae7d32502d Mon Sep 17 00:00:00 2001
From: Svetoslav <svetoslavganov@google.com>
Date: Thu, 16 Apr 2015 16:19:24 -0700
Subject: Remove unnecessary WRITE_SMS permission - framework

Currently only one app can write to the SMS provider and it has to
be set as the default SMS app by the user in the UI. The default
SMS app is set by enabling the write SMS app op for it and keeping
this op off for other SMS apps. Hence, this permission does not
guard anything and can be taken out. The API change is fine as if
an app refers to the permission in the manifest as string it will
be ignored and if it was referred in Java the value is statically
compiled in the source.

Change-Id: I1128c3b034e6c7dda4baa051500ac1ef46a53575
---
 api/current.txt                                    |  1 -
 api/system-current.txt                             |  1 -
 core/java/android/app/AppOpsManager.java           |  4 ++--
 core/res/AndroidManifest.xml                       |  7 -------
 core/res/res/values/strings.xml                    | 15 ---------------
 .../java/com/android/server/MmsServiceBroker.java  | 22 ++++++++--------------
 6 files changed, 10 insertions(+), 40 deletions(-)

diff --git a/api/current.txt b/api/current.txt
index 180f0d418983..c6620ef02f0b 100644
--- a/api/current.txt
+++ b/api/current.txt
@@ -156,7 +156,6 @@ package android {
     field public static final java.lang.String WRITE_PROFILE = "android.permission.WRITE_PROFILE";
     field public static final java.lang.String WRITE_SECURE_SETTINGS = "android.permission.WRITE_SECURE_SETTINGS";
     field public static final java.lang.String WRITE_SETTINGS = "android.permission.WRITE_SETTINGS";
-    field public static final java.lang.String WRITE_SMS = "android.permission.WRITE_SMS";
     field public static final deprecated java.lang.String WRITE_SOCIAL_STREAM = "android.permission.WRITE_SOCIAL_STREAM";
     field public static final java.lang.String WRITE_SYNC_SETTINGS = "android.permission.WRITE_SYNC_SETTINGS";
     field public static final java.lang.String WRITE_USER_DICTIONARY = "android.permission.WRITE_USER_DICTIONARY";
diff --git a/api/system-current.txt b/api/system-current.txt
index 76c0261f49b1..70df9bf42fa0 100644
--- a/api/system-current.txt
+++ b/api/system-current.txt
@@ -228,7 +228,6 @@ package android {
     field public static final java.lang.String WRITE_PROFILE = "android.permission.WRITE_PROFILE";
     field public static final java.lang.String WRITE_SECURE_SETTINGS = "android.permission.WRITE_SECURE_SETTINGS";
     field public static final java.lang.String WRITE_SETTINGS = "android.permission.WRITE_SETTINGS";
-    field public static final java.lang.String WRITE_SMS = "android.permission.WRITE_SMS";
     field public static final deprecated java.lang.String WRITE_SOCIAL_STREAM = "android.permission.WRITE_SOCIAL_STREAM";
     field public static final java.lang.String WRITE_SYNC_SETTINGS = "android.permission.WRITE_SYNC_SETTINGS";
     field public static final java.lang.String WRITE_USER_DICTIONARY = "android.permission.WRITE_USER_DICTIONARY";
diff --git a/core/java/android/app/AppOpsManager.java b/core/java/android/app/AppOpsManager.java
index 06ece8ee9c17..24ebb33a7cda 100644
--- a/core/java/android/app/AppOpsManager.java
+++ b/core/java/android/app/AppOpsManager.java
@@ -438,14 +438,14 @@ public class AppOpsManager {
             null, // neighboring cells shares the coarse location perm
             android.Manifest.permission.CALL_PHONE,
             android.Manifest.permission.READ_SMS,
-            android.Manifest.permission.WRITE_SMS,
+            null, // no permission required for writing sms
             android.Manifest.permission.RECEIVE_SMS,
             android.Manifest.permission.RECEIVE_EMERGENCY_BROADCAST,
             android.Manifest.permission.RECEIVE_MMS,
             android.Manifest.permission.RECEIVE_WAP_PUSH,
             android.Manifest.permission.SEND_SMS,
             android.Manifest.permission.READ_SMS,
-            android.Manifest.permission.WRITE_SMS,
+            null, // no permission required for writing icc sms
             android.Manifest.permission.WRITE_SETTINGS,
             android.Manifest.permission.SYSTEM_ALERT_WINDOW,
             android.Manifest.permission.ACCESS_NOTIFICATIONS,
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index ec57eba5d4da..e11c4a73e60b 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -417,13 +417,6 @@
         android:description="@string/permdesc_readSms"
         android:protectionLevel="dangerous" />
 
-    <!-- Allows an application to write SMS messages. -->
-    <permission android:name="android.permission.WRITE_SMS"
-        android:permissionGroup="android.permission-group.SMS"
-        android:label="@string/permlab_writeSms"
-        android:description="@string/permdesc_writeSms"
-        android:protectionLevel="dangerous" />
-
     <!-- Allows an application to receive WAP push messages. -->
     <permission android:name="android.permission.RECEIVE_WAP_PUSH"
         android:permissionGroup="android.permission-group.SMS"
diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml
index 59366cc934dc..3871a31c55a6 100644
--- a/core/res/res/values/strings.xml
+++ b/core/res/res/values/strings.xml
@@ -684,21 +684,6 @@
       messages stored on your phone or SIM card. This allows the app to read all
       SMS messages, regardless of content or confidentiality.</string>
 
-    <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
-    <string name="permlab_writeSms">edit your text messages (SMS or MMS)</string>
-    <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
-    <string name="permdesc_writeSms" product="tablet">Allows the app to write
-      to SMS messages stored on your tablet or SIM card. Malicious apps
-      may delete your messages.</string>
-    <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
-    <string name="permdesc_writeSms" product="tv">Allows the app to write
-      to SMS messages stored on your TV or SIM card. Malicious apps
-      may delete your messages.</string>
-    <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
-    <string name="permdesc_writeSms" product="default">Allows the app to write
-      to SMS messages stored on your phone or SIM card. Malicious apps
-      may delete your messages.</string>
-
     <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
     <string name="permlab_receiveWapPush">receive text messages (WAP)</string>
     <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
diff --git a/services/core/java/com/android/server/MmsServiceBroker.java b/services/core/java/com/android/server/MmsServiceBroker.java
index 94096152670d..e0352e091af7 100644
--- a/services/core/java/com/android/server/MmsServiceBroker.java
+++ b/services/core/java/com/android/server/MmsServiceBroker.java
@@ -372,7 +372,6 @@ public class MmsServiceBroker extends SystemService {
         @Override
         public Uri importTextMessage(String callingPkg, String address, int type, String text,
                 long timestampMillis, boolean seen, boolean read) throws RemoteException {
-            mContext.enforceCallingPermission(Manifest.permission.WRITE_SMS, "Import SMS message");
             if (getAppOpsManager().noteOp(AppOpsManager.OP_WRITE_SMS, Binder.getCallingUid(),
                     callingPkg) != AppOpsManager.MODE_ALLOWED) {
                 // Silently fail AppOps failure due to not being the default SMS app
@@ -387,7 +386,6 @@ public class MmsServiceBroker extends SystemService {
         public Uri importMultimediaMessage(String callingPkg, Uri contentUri,
                 String messageId, long timestampSecs, boolean seen, boolean read)
                         throws RemoteException {
-            mContext.enforceCallingPermission(Manifest.permission.WRITE_SMS, "Import MMS message");
             if (getAppOpsManager().noteOp(AppOpsManager.OP_WRITE_SMS, Binder.getCallingUid(),
                     callingPkg) != AppOpsManager.MODE_ALLOWED) {
                 // Silently fail AppOps failure due to not being the default SMS app
@@ -401,8 +399,6 @@ public class MmsServiceBroker extends SystemService {
         @Override
         public boolean deleteStoredMessage(String callingPkg, Uri messageUri)
                 throws RemoteException {
-            mContext.enforceCallingPermission(Manifest.permission.WRITE_SMS,
-                    "Delete SMS/MMS message");
             if (getAppOpsManager().noteOp(AppOpsManager.OP_WRITE_SMS, Binder.getCallingUid(),
                     callingPkg) != AppOpsManager.MODE_ALLOWED) {
                 return false;
@@ -413,7 +409,6 @@ public class MmsServiceBroker extends SystemService {
         @Override
         public boolean deleteStoredConversation(String callingPkg, long conversationId)
                 throws RemoteException {
-            mContext.enforceCallingPermission(Manifest.permission.WRITE_SMS, "Delete conversation");
             if (getAppOpsManager().noteOp(AppOpsManager.OP_WRITE_SMS, Binder.getCallingUid(),
                     callingPkg) != AppOpsManager.MODE_ALLOWED) {
                 return false;
@@ -424,8 +419,10 @@ public class MmsServiceBroker extends SystemService {
         @Override
         public boolean updateStoredMessageStatus(String callingPkg, Uri messageUri,
                 ContentValues statusValues) throws RemoteException {
-            mContext.enforceCallingPermission(Manifest.permission.WRITE_SMS,
-                    "Update SMS/MMS message");
+            if (getAppOpsManager().noteOp(AppOpsManager.OP_WRITE_SMS, Binder.getCallingUid(),
+                    callingPkg) != AppOpsManager.MODE_ALLOWED) {
+                return false;
+            }
             return getServiceGuarded()
                     .updateStoredMessageStatus(callingPkg, messageUri, statusValues);
         }
@@ -433,8 +430,10 @@ public class MmsServiceBroker extends SystemService {
         @Override
         public boolean archiveStoredConversation(String callingPkg, long conversationId,
                 boolean archived) throws RemoteException {
-            mContext.enforceCallingPermission(Manifest.permission.WRITE_SMS,
-                    "Update SMS/MMS message");
+            if (getAppOpsManager().noteOp(AppOpsManager.OP_WRITE_SMS, Binder.getCallingUid(),
+                    callingPkg) != AppOpsManager.MODE_ALLOWED) {
+                return false;
+            }
             return getServiceGuarded()
                     .archiveStoredConversation(callingPkg, conversationId, archived);
         }
@@ -442,7 +441,6 @@ public class MmsServiceBroker extends SystemService {
         @Override
         public Uri addTextMessageDraft(String callingPkg, String address, String text)
                 throws RemoteException {
-            mContext.enforceCallingPermission(Manifest.permission.WRITE_SMS, "Add SMS draft");
             if (getAppOpsManager().noteOp(AppOpsManager.OP_WRITE_SMS, Binder.getCallingUid(),
                     callingPkg) != AppOpsManager.MODE_ALLOWED) {
                 // Silently fail AppOps failure due to not being the default SMS app
@@ -455,7 +453,6 @@ public class MmsServiceBroker extends SystemService {
         @Override
         public Uri addMultimediaMessageDraft(String callingPkg, Uri contentUri)
                 throws RemoteException {
-            mContext.enforceCallingPermission(Manifest.permission.WRITE_SMS, "Add MMS draft");
             if (getAppOpsManager().noteOp(AppOpsManager.OP_WRITE_SMS, Binder.getCallingUid(),
                     callingPkg) != AppOpsManager.MODE_ALLOWED) {
                 // Silently fail AppOps failure due to not being the default SMS app
@@ -468,8 +465,6 @@ public class MmsServiceBroker extends SystemService {
         @Override
         public void sendStoredMessage(int subId, String callingPkg, Uri messageUri,
                 Bundle configOverrides, PendingIntent sentIntent) throws RemoteException {
-            mContext.enforceCallingPermission(Manifest.permission.SEND_SMS,
-                    "Send stored MMS message");
             if (getAppOpsManager().noteOp(AppOpsManager.OP_SEND_SMS, Binder.getCallingUid(),
                     callingPkg) != AppOpsManager.MODE_ALLOWED) {
                 return;
@@ -480,7 +475,6 @@ public class MmsServiceBroker extends SystemService {
 
         @Override
         public void setAutoPersisting(String callingPkg, boolean enabled) throws RemoteException {
-            mContext.enforceCallingPermission(Manifest.permission.WRITE_SMS, "Set auto persist");
             if (getAppOpsManager().noteOp(AppOpsManager.OP_WRITE_SMS, Binder.getCallingUid(),
                     callingPkg) != AppOpsManager.MODE_ALLOWED) {
                 return;
-- 
cgit v1.2.3-59-g8ed1b