Revert^3 "Drop VDM permissions from Shell role."

899eec59a38981a538ae0be7342c4fefb0ed9848 Change-Id: I0f4f1bfef84a035617dc11518d7b9fa437b152ef
author: Priyanka Advani (xWF) <padvani@google.com> 2024-10-08 20:41:10 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2024-10-08 20:41:25 +0000
commit: 0f45c1a6fe27a17495b0632c3835e75c30071ac6 (patch)
tree: f1e002f62f8b644c6b173e2d6bc479139fbb72e9
parent: 899eec59a38981a538ae0be7342c4fefb0ed9848 (diff)
6 files changed, 56 insertions, 15 deletions
diff --git a/PermissionController/res/xml/roles.xml b/PermissionController/res/xml/roles.xml
index fafe0f553..1d01f8208 100644
--- a/PermissionController/res/xml/roles.xml
+++ b/PermissionController/res/xml/roles.xml
@@ -625,6 +625,7 @@
         visible="false">
         <permissions>
             <!-- Used for CTS testing -->
+            <permission name="android.permission.CREATE_VIRTUAL_DEVICE" minSdkVersion="33" />
             <permission name="android.permission.ACCESS_RCS_USER_CAPABILITY_EXCHANGE" />
             <permission name="android.permission.ACCESS_AMBIENT_CONTEXT_EVENT" minSdkVersion="33"/>
             <permission name="android.permission.PERFORM_IMS_SINGLE_REGISTRATION" />
@@ -641,6 +642,8 @@
                 minSdkVersion="33" />
             <permission name="android.permission.MANAGE_SAFETY_CENTER"
                 minSdkVersion="33" />
+            <permission name="android.permission.ADD_TRUSTED_DISPLAY" minSdkVersion="33" />
+            <permission name="android.permission.ADD_ALWAYS_UNLOCKED_DISPLAY" minSdkVersion="33" />
             <permission name="android.permission.SUBSCRIBE_TO_KEYGUARD_LOCKED_STATE"
                 minSdkVersion="33" />
             <permission name="android.permission.MANAGE_DEVICE_POLICY_ACCOUNT_MANAGEMENT"
diff --git a/tests/cts/permission/AndroidManifest.xml b/tests/cts/permission/AndroidManifest.xml
index bb027b5f2..43fd97bb2 100644
--- a/tests/cts/permission/AndroidManifest.xml
+++ b/tests/cts/permission/AndroidManifest.xml
@@ -51,9 +51,6 @@
          android:label="@string/perm_group_c"
          android:name="android.permission.cts.groupC"/>
 
-    <!-- for android.permission.cts.DevicePermissionsTest -->
-    <uses-permission android:name="android.permission.CREATE_VIRTUAL_DEVICE"/>
-
     <uses-permission android:name="android.permission.INJECT_EVENTS"/>
     <uses-permission android:name="android.permission.QUERY_ALL_PACKAGES"/>
     <application>
diff --git a/tests/cts/permission/src/android/permission/cts/DevicePermissionsTest.kt b/tests/cts/permission/src/android/permission/cts/DevicePermissionsTest.kt
index ff333c6a0..dbda1f5e1 100644
--- a/tests/cts/permission/src/android/permission/cts/DevicePermissionsTest.kt
+++ b/tests/cts/permission/src/android/permission/cts/DevicePermissionsTest.kt
@@ -20,8 +20,10 @@ import android.Manifest
 import android.app.ActivityManager.RunningAppProcessInfo.IMPORTANCE_FOREGROUND
 import android.app.ActivityManager.RunningAppProcessInfo.IMPORTANCE_FOREGROUND_SERVICE
 import android.app.Instrumentation
+import android.companion.virtual.VirtualDeviceManager
 import android.companion.virtual.VirtualDeviceManager.PERSISTENT_DEVICE_ID_DEFAULT
 import android.companion.virtual.VirtualDeviceManager.VirtualDevice
+import android.companion.virtual.VirtualDeviceParams
 import android.content.Context
 import android.content.Intent
 import android.content.pm.PackageManager.FLAG_PERMISSION_ONE_TIME
@@ -38,15 +40,17 @@ import android.platform.test.annotations.AppModeFull
 import android.platform.test.annotations.RequiresFlagsDisabled
 import android.platform.test.annotations.RequiresFlagsEnabled
 import android.platform.test.flag.junit.DeviceFlagsValueProvider
-import android.virtualdevice.cts.common.VirtualDeviceRule
+import android.virtualdevice.cts.common.FakeAssociationRule
 import androidx.test.ext.junit.runners.AndroidJUnit4
 import androidx.test.filters.SdkSuppress
 import androidx.test.platform.app.InstrumentationRegistry
+import com.android.compatibility.common.util.AdoptShellPermissionsRule
 import com.android.compatibility.common.util.SystemUtil.eventually
 import com.android.compatibility.common.util.SystemUtil.runShellCommandOrThrow
 import com.android.compatibility.common.util.SystemUtil.waitForBroadcasts
 import com.google.common.truth.Truth.assertThat
 import org.junit.After
+import org.junit.Assume.assumeNotNull
 import org.junit.Before
 import org.junit.Rule
 import org.junit.Test
@@ -65,8 +69,13 @@ class DevicePermissionsTest {
 
     private lateinit var permissionManager: PermissionManager
 
+    @get:Rule var mFakeAssociationRule = FakeAssociationRule()
+
     @get:Rule
-    var mVirtualDeviceRule = VirtualDeviceRule.withAdditionalPermissions(
+    val mAdoptShellPermissionsRule =
+        AdoptShellPermissionsRule(
+            instrumentation.uiAutomation,
+            Manifest.permission.CREATE_VIRTUAL_DEVICE,
             Manifest.permission.GRANT_RUNTIME_PERMISSIONS,
             Manifest.permission.MANAGE_ONE_TIME_PERMISSION_SESSIONS,
             Manifest.permission.REVOKE_RUNTIME_PERMISSIONS,
@@ -77,7 +86,14 @@ class DevicePermissionsTest {
 
     @Before
     fun setup() {
-        virtualDevice = mVirtualDeviceRule.createManagedVirtualDevice()
+        val virtualDeviceManager =
+            defaultDeviceContext.getSystemService(VirtualDeviceManager::class.java)
+        assumeNotNull(virtualDeviceManager)
+        virtualDevice =
+            virtualDeviceManager!!.createVirtualDevice(
+                mFakeAssociationRule.getAssociationInfo().getId(),
+                VirtualDeviceParams.Builder().build()
+            )
         virtualDeviceContext = defaultDeviceContext.createDeviceContext(virtualDevice.deviceId)
         permissionManager = virtualDeviceContext.getSystemService(PermissionManager::class.java)!!
         persistentDeviceId = virtualDevice.persistentDeviceId!!
@@ -87,6 +103,9 @@ class DevicePermissionsTest {
     @After
     fun cleanup() {
         runShellCommandOrThrow("pm uninstall $TEST_PACKAGE_NAME")
+        if (this::virtualDevice.isInitialized) {
+            virtualDevice.close()
+        }
     }
 
     @RequiresFlagsEnabled(
@@ -207,7 +226,7 @@ class DevicePermissionsTest {
                 permissionManager.checkPermission(
                     deviceAwarePermission,
                     TEST_PACKAGE_NAME,
-                    PERSISTENT_DEVICE_ID_DEFAULT
+                    VirtualDeviceManager.PERSISTENT_DEVICE_ID_DEFAULT
                 )
             )
             .isEqualTo(PERMISSION_DENIED)
diff --git a/tests/cts/permission/src/android/permission/cts/PermissionUpdateListenerTest.java b/tests/cts/permission/src/android/permission/cts/PermissionUpdateListenerTest.java
index 4325ace79..e9e71af20 100644
--- a/tests/cts/permission/src/android/permission/cts/PermissionUpdateListenerTest.java
+++ b/tests/cts/permission/src/android/permission/cts/PermissionUpdateListenerTest.java
@@ -22,8 +22,10 @@ import static com.android.compatibility.common.util.SystemUtil.runWithShellPermi
 
 import static com.google.common.truth.Truth.assertThat;
 
+import static org.junit.Assume.assumeNotNull;
+
 import android.companion.virtual.VirtualDeviceManager;
-import android.companion.virtual.VirtualDeviceManager.VirtualDevice;
+import android.companion.virtual.VirtualDeviceParams;
 import android.content.Context;
 import android.content.pm.PackageManager;
 import android.content.pm.PackageManager.OnPermissionsChangedListener;
@@ -32,11 +34,12 @@ import android.platform.test.annotations.AppModeFull;
 import android.platform.test.annotations.RequiresFlagsEnabled;
 import android.platform.test.flag.junit.CheckFlagsRule;
 import android.platform.test.flag.junit.DeviceFlagsValueProvider;
-import android.virtualdevice.cts.common.VirtualDeviceRule;
+import android.virtualdevice.cts.common.FakeAssociationRule;
 
 import androidx.test.internal.runner.junit4.AndroidJUnit4ClassRunner;
 import androidx.test.platform.app.InstrumentationRegistry;
 
+import com.android.compatibility.common.util.AdoptShellPermissionsRule;
 import com.android.compatibility.common.util.SystemUtil;
 
 import org.junit.After;
@@ -68,8 +71,15 @@ public class PermissionUpdateListenerTest {
 
     private int mTestAppUid;
 
+    private VirtualDeviceManager mVirtualDeviceManager;
+
+    @Rule
+    public FakeAssociationRule mFakeAssociationRule = new FakeAssociationRule();
+
     @Rule
-    public VirtualDeviceRule mVirtualDeviceRule = VirtualDeviceRule.createDefault();
+    public AdoptShellPermissionsRule mAdoptShellPermissionsRule = new AdoptShellPermissionsRule(
+            InstrumentationRegistry.getInstrumentation().getUiAutomation(),
+            android.Manifest.permission.CREATE_VIRTUAL_DEVICE);
 
     @Rule
     public final CheckFlagsRule mCheckFlagsRule = DeviceFlagsValueProvider.createCheckFlagsRule();
@@ -82,6 +92,7 @@ public class PermissionUpdateListenerTest {
         SystemUtil.waitForBroadcasts();
         Thread.sleep(1000);
         mTestAppUid = mPackageManager.getPackageUid(PACKAGE_NAME, 0);
+        mVirtualDeviceManager = mDefaultContext.getSystemService(VirtualDeviceManager.class);
     }
 
     @After
@@ -116,7 +127,11 @@ public class PermissionUpdateListenerTest {
     @RequiresFlagsEnabled({Flags.FLAG_DEVICE_AWARE_PERMISSION_APIS_ENABLED,
             Flags.FLAG_DEVICE_AWARE_PERMISSIONS_ENABLED})
     public void testVirtualDeviceGrantPermissionNotifyListener() throws InterruptedException {
-        VirtualDevice virtualDevice = mVirtualDeviceRule.createManagedVirtualDevice();
+        assumeNotNull(mVirtualDeviceManager);
+        VirtualDeviceManager.VirtualDevice virtualDevice =
+                mVirtualDeviceManager.createVirtualDevice(
+                        mFakeAssociationRule.getAssociationInfo().getId(),
+                        new VirtualDeviceParams.Builder().build());
         Context deviceContext = mDefaultContext.createDeviceContext(virtualDevice.getDeviceId());
         testGrantPermissionNotifyListener(deviceContext, virtualDevice.getPersistentDeviceId());
     }
@@ -157,7 +172,11 @@ public class PermissionUpdateListenerTest {
     @RequiresFlagsEnabled({Flags.FLAG_DEVICE_AWARE_PERMISSION_APIS_ENABLED,
             Flags.FLAG_DEVICE_AWARE_PERMISSIONS_ENABLED})
     public void testVirtualDeviceRevokePermissionNotifyListener() throws InterruptedException {
-        VirtualDevice virtualDevice = mVirtualDeviceRule.createManagedVirtualDevice();
+        assumeNotNull(mVirtualDeviceManager);
+        VirtualDeviceManager.VirtualDevice virtualDevice =
+                mVirtualDeviceManager.createVirtualDevice(
+                        mFakeAssociationRule.getAssociationInfo().getId(),
+                        new VirtualDeviceParams.Builder().build());
         Context deviceContext = mDefaultContext.createDeviceContext(virtualDevice.getDeviceId());
         testRevokePermissionNotifyListener(
                 deviceContext, virtualDevice.getPersistentDeviceId());
@@ -194,7 +213,11 @@ public class PermissionUpdateListenerTest {
     @RequiresFlagsEnabled({Flags.FLAG_DEVICE_AWARE_PERMISSION_APIS_ENABLED,
             Flags.FLAG_DEVICE_AWARE_PERMISSIONS_ENABLED})
     public void testVirtualDeviceUpdatePermissionFlagsNotifyListener() throws InterruptedException {
-        VirtualDevice virtualDevice = mVirtualDeviceRule.createManagedVirtualDevice();
+        assumeNotNull(mVirtualDeviceManager);
+        VirtualDeviceManager.VirtualDevice virtualDevice =
+                mVirtualDeviceManager.createVirtualDevice(
+                        mFakeAssociationRule.getAssociationInfo().getId(),
+                        new VirtualDeviceParams.Builder().build());
         Context deviceContext = mDefaultContext.createDeviceContext(virtualDevice.getDeviceId());
         testUpdatePermissionFlagsNotifyListener(
                 deviceContext, virtualDevice.getPersistentDeviceId());
diff --git a/tests/cts/permissionmultidevice/AndroidManifest.xml b/tests/cts/permissionmultidevice/AndroidManifest.xml
index 7d04d140e..9bad85813 100644
--- a/tests/cts/permissionmultidevice/AndroidManifest.xml
+++ b/tests/cts/permissionmultidevice/AndroidManifest.xml
@@ -24,8 +24,6 @@
     <uses-permission android:name="android.permission.DISABLE_KEYGUARD" />
     <uses-permission android:name="android.permission.QUERY_ALL_PACKAGES" />
     <uses-permission android:name="android.permission.REQUEST_INSTALL_PACKAGES" />
-    <uses-permission android:name="android.permission.CREATE_VIRTUAL_DEVICE" />
-    <uses-permission android:name="android.permission.ADD_TRUSTED_DISPLAY" />
 
     <application>
         <uses-library android:name="android.test.runner" />
diff --git a/tests/cts/permissionmultidevice/src/android/permissionmultidevice/cts/AppPermissionsTest.kt b/tests/cts/permissionmultidevice/src/android/permissionmultidevice/cts/AppPermissionsTest.kt
index ac5564e37..4d166939a 100644
--- a/tests/cts/permissionmultidevice/src/android/permissionmultidevice/cts/AppPermissionsTest.kt
+++ b/tests/cts/permissionmultidevice/src/android/permissionmultidevice/cts/AppPermissionsTest.kt
@@ -62,6 +62,7 @@ class AppPermissionsTest {
             Manifest.permission.GRANT_RUNTIME_PERMISSIONS,
             Manifest.permission.MANAGE_ONE_TIME_PERMISSION_SESSIONS,
             Manifest.permission.REVOKE_RUNTIME_PERMISSIONS,
+            Manifest.permission.CREATE_VIRTUAL_DEVICE
         )
 
     private lateinit var persistentDeviceId: String
author	Priyanka Advani (xWF) <padvani@google.com>	2024-10-08 20:41:10 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2024-10-08 20:41:25 +0000
commit	0f45c1a6fe27a17495b0632c3835e75c30071ac6 (patch)
tree	f1e002f62f8b644c6b173e2d6bc479139fbb72e9
parent	899eec59a38981a538ae0be7342c4fefb0ed9848 (diff)