Allow privapp permission test to pass for updated module app with shared user am: c1459f3eb9 am: e0b0cb8e37 am: be2b17a007

Original change: https://android-review.googlesource.com/c/platform/packages/modules/Permission/+/3409560 Change-Id: I16776b1c5e35d0840d244a3fd9aec65b53b04779 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
author: Hai Zhang <zhanghai@google.com> 2024-12-18 00:17:56 -0800
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> 2024-12-18 00:17:56 -0800
commit: 741b2ca214ca04b3fe9e6b91fe5363f7205cfccc (patch)
tree: 773db6fbaa65b94e64e89ad902c8e825521c4c97
parent: 2b2fce169f161f2b139846c56d2fdb938941206c (diff)
parent: be2b17a007f054a4a9a217404460e324d9b2639e (diff)
1 files changed, 12 insertions, 1 deletions
diff --git a/tests/cts/permissionpolicy/src/android/permissionpolicy/cts/PrivappPermissionsTest.java b/tests/cts/permissionpolicy/src/android/permissionpolicy/cts/PrivappPermissionsTest.java
index f33e8a6e6..2c3faefaa 100644
--- a/tests/cts/permissionpolicy/src/android/permissionpolicy/cts/PrivappPermissionsTest.java
+++ b/tests/cts/permissionpolicy/src/android/permissionpolicy/cts/PrivappPermissionsTest.java
@@ -30,6 +30,7 @@ import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.fail;
 
+import android.content.pm.ApplicationInfo;
 import android.content.pm.PackageInfo;
 import android.content.pm.PackageManager;
 import android.content.pm.PermissionInfo;
@@ -142,6 +143,9 @@ public class PrivappPermissionsTest {
                 Set<String> granted = filterValues(requestedPrivPermissions,
                         isGranted -> isGranted).keySet();
 
+                Set<String> factoryGranted = intersection(factoryRequestedPrivPermissions,
+                        granted);
+
                 Set<String> factoryNotGranted = difference(factoryRequestedPrivPermissions,
                         granted);
 
@@ -176,7 +180,14 @@ public class PrivappPermissionsTest {
                     }
                 }
 
-                Set<String> grantedNotInWhitelist = difference(granted, whitelist);
+                // If an updated module app has a shared user, it may be getting a privileged
+                // permission through another APK-in-APEX which supports updatable privileged
+                // permission allowlist, and CTS should keep passing for it.
+                boolean isUpdatedSystemAppWithSharedUser =
+                        (pkg.applicationInfo.flags & ApplicationInfo.FLAG_UPDATED_SYSTEM_APP) != 0
+                                && pkg.sharedUserId != null;
+                Set<String> grantedNotInWhitelist = difference(
+                        isUpdatedSystemAppWithSharedUser ? factoryGranted : granted, whitelist);
                 Set<String> factoryNotGrantedNotRemovedNotInDenylist = difference(difference(
                         factoryNotGranted, removed), denylist);
author	Hai Zhang <zhanghai@google.com>	2024-12-18 00:17:56 -0800
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2024-12-18 00:17:56 -0800
commit	741b2ca214ca04b3fe9e6b91fe5363f7205cfccc (patch)
tree	773db6fbaa65b94e64e89ad902c8e825521c4c97
parent	2b2fce169f161f2b139846c56d2fdb938941206c (diff)
parent	be2b17a007f054a4a9a217404460e324d9b2639e (diff)