diff options
| author | 2024-11-14 00:47:34 +0000 | |
|---|---|---|
| committer | 2024-11-14 06:41:07 +0000 | |
| commit | b148f0c79c65da9e8de997dbff0e3a35493bfd5a (patch) | |
| tree | 873cc84d46829560edb44baac5128ad1d86e480d /PermissionController/role-controller/java | |
| parent | 8f45dc40b9d97827f7fa63b79c4fd0292d9ed6c1 (diff) | |
Allow RoleBehavior to override exclusivity
Add RoleBehavior getExclusivity override.
Also update showNone to be false if role is not exclusive. This is normally enforced in role parser, but needs to be enforced here too now that RoleBehavior can override to be a non-exclusive role.
Relnote: N/A
Flag: com.android.permission.flags.cross_user_role_enabled
Bug: 373390494
Test: manual
LOW_COVERAGE_REASON=FLAG_NOT_ENABLED
Change-Id: I67d55f5c96c8040e65fa64f360c70648e0247c75
Diffstat (limited to 'PermissionController/role-controller/java')
2 files changed, 32 insertions, 5 deletions
diff --git a/PermissionController/role-controller/java/com/android/role/controller/model/Role.java b/PermissionController/role-controller/java/com/android/role/controller/model/Role.java index 67a37bdef..e3269a146 100644 --- a/PermissionController/role-controller/java/com/android/role/controller/model/Role.java +++ b/PermissionController/role-controller/java/com/android/role/controller/model/Role.java @@ -37,6 +37,7 @@ import android.text.TextUtils; import android.util.ArrayMap; import android.util.ArraySet; import android.util.Log; +import android.util.SparseBooleanArray; import androidx.annotation.IntDef; import androidx.annotation.NonNull; @@ -107,6 +108,14 @@ public class Role { */ public static final int EXCLUSIVITY_PROFILE_GROUP = 2; + /** Set of valid exclusivity values. */ + private static final SparseBooleanArray sExclusivityValues = new SparseBooleanArray(); + static { + sExclusivityValues.put(EXCLUSIVITY_NONE, true); + sExclusivityValues.put(EXCLUSIVITY_USER, true); + sExclusivityValues.put(EXCLUSIVITY_PROFILE_GROUP, true); + } + /** * The name of this role. Must be unique. */ @@ -323,12 +332,24 @@ public class Role { } public boolean isExclusive() { - // TODO(b/373390494): Allow RoleBehavior to override this getExclusivity - return mExclusivity != EXCLUSIVITY_NONE; + return getExclusivity() != EXCLUSIVITY_NONE; } + @Exclusivity public int getExclusivity() { - // TODO(b/373390494): Allow RoleBehavior to override this + if (com.android.permission.flags.Flags.crossUserRoleEnabled() && mBehavior != null) { + Integer exclusivity = mBehavior.getExclusivity(); + if (exclusivity != null) { + if (!sExclusivityValues.get(exclusivity)) { + throw new IllegalArgumentException("Invalid exclusivity: " + exclusivity); + } + if (mShowNone && exclusivity == EXCLUSIVITY_NONE) { + throw new IllegalArgumentException( + "Role cannot be non-exclusive when showNone is true: " + exclusivity); + } + return exclusivity; + } + } return mExclusivity; } @@ -384,8 +405,6 @@ public class Role { * @see #mShowNone */ public boolean shouldShowNone() { - // TODO(b/373390494): Ensure RoleBehavior override doesn't conflict with this. - // mShowNone can only be true if isExclusive=true return mShowNone; } diff --git a/PermissionController/role-controller/java/com/android/role/controller/model/RoleBehavior.java b/PermissionController/role-controller/java/com/android/role/controller/model/RoleBehavior.java index 3849a50e3..86ca8e2ce 100644 --- a/PermissionController/role-controller/java/com/android/role/controller/model/RoleBehavior.java +++ b/PermissionController/role-controller/java/com/android/role/controller/model/RoleBehavior.java @@ -32,6 +32,14 @@ import java.util.List; public interface RoleBehavior { /** + * @see Role#getExclusivity() + */ + @Nullable + default Integer getExclusivity() { + return null; + } + + /** * @see Role#onRoleAddedAsUser(UserHandle, Context) */ default void onRoleAddedAsUser(@NonNull Role role, @NonNull UserHandle user, |