Skip to content

Commit 18f989e

Browse files
Fan Wuaoleary
authored andcommitted
Checks cross user permission before handling intent
Bug: 326057017 Test: atest Flag: EXEMPT bug fix (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:d3b3edd45167515579ab156533754e56ac813f35) (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:4a066bc09106566c7f77b0fca69579c3383132fe) Merged-In: I3444e55b22b7487f96b0e3e9deb3f844c4c4723a Change-Id: I3444e55b22b7487f96b0e3e9deb3f844c4c4723a
1 parent 6a49291 commit 18f989e

File tree

1 file changed

+31
-2
lines changed

1 file changed

+31
-2
lines changed

src/com/android/settings/applications/AppInfoBase.java

Lines changed: 31 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@
1818

1919
import static com.android.settingslib.RestrictedLockUtils.EnforcedAdmin;
2020

21+
import android.Manifest;
2122
import android.app.Activity;
2223
import android.app.Dialog;
2324
import android.app.admin.DevicePolicyManager;
@@ -38,6 +39,7 @@
3839
import android.text.TextUtils;
3940
import android.util.Log;
4041

42+
import androidx.annotation.VisibleForTesting;
4143
import androidx.appcompat.app.AlertDialog;
4244
import androidx.fragment.app.DialogFragment;
4345
import androidx.fragment.app.Fragment;
@@ -134,8 +136,13 @@ protected String retrieveAppEntry() {
134136
}
135137
}
136138
if (intent != null && intent.hasExtra(Intent.EXTRA_USER_HANDLE)) {
137-
mUserId = ((UserHandle) intent.getParcelableExtra(
138-
Intent.EXTRA_USER_HANDLE)).getIdentifier();
139+
mUserId = ((UserHandle) intent.getParcelableExtra(Intent.EXTRA_USER_HANDLE))
140+
.getIdentifier();
141+
if (mUserId != UserHandle.myUserId() && !hasInteractAcrossUsersPermission()) {
142+
Log.w(TAG, "Intent not valid.");
143+
finish();
144+
return "";
145+
}
139146
} else {
140147
mUserId = UserHandle.myUserId();
141148
}
@@ -158,6 +165,28 @@ protected String retrieveAppEntry() {
158165
return mPackageName;
159166
}
160167

168+
@VisibleForTesting
169+
protected boolean hasInteractAcrossUsersPermission() {
170+
Activity activity = getActivity();
171+
if (!(activity instanceof SettingsActivity)) {
172+
return false;
173+
}
174+
final String callingPackageName =
175+
((SettingsActivity) activity).getInitialCallingPackage();
176+
177+
if (TextUtils.isEmpty(callingPackageName)) {
178+
Log.w(TAG, "Not able to get calling package name for permission check");
179+
return false;
180+
}
181+
if (mPm.checkPermission(Manifest.permission.INTERACT_ACROSS_USERS_FULL, callingPackageName)
182+
!= PackageManager.PERMISSION_GRANTED) {
183+
Log.w(TAG, "Package " + callingPackageName + " does not have required permission "
184+
+ Manifest.permission.INTERACT_ACROSS_USERS_FULL);
185+
return false;
186+
}
187+
return true;
188+
}
189+
161190
protected void setIntentAndFinish(boolean appChanged) {
162191
Log.i(TAG, "appChanged=" + appChanged);
163192
Intent intent = new Intent();

0 commit comments

Comments
 (0)