18
18
19
19
import static com .android .settingslib .RestrictedLockUtils .EnforcedAdmin ;
20
20
21
+ import android .Manifest ;
21
22
import android .app .Activity ;
22
23
import android .app .Dialog ;
23
24
import android .app .admin .DevicePolicyManager ;
38
39
import android .text .TextUtils ;
39
40
import android .util .Log ;
40
41
42
+ import androidx .annotation .VisibleForTesting ;
41
43
import androidx .appcompat .app .AlertDialog ;
42
44
import androidx .fragment .app .DialogFragment ;
43
45
import androidx .fragment .app .Fragment ;
@@ -134,8 +136,13 @@ protected String retrieveAppEntry() {
134
136
}
135
137
}
136
138
if (intent != null && intent .hasExtra (Intent .EXTRA_USER_HANDLE )) {
137
- mUserId = ((UserHandle ) intent .getParcelableExtra (
138
- Intent .EXTRA_USER_HANDLE )).getIdentifier ();
139
+ mUserId = ((UserHandle ) intent .getParcelableExtra (Intent .EXTRA_USER_HANDLE ))
140
+ .getIdentifier ();
141
+ if (mUserId != UserHandle .myUserId () && !hasInteractAcrossUsersPermission ()) {
142
+ Log .w (TAG , "Intent not valid." );
143
+ finish ();
144
+ return "" ;
145
+ }
139
146
} else {
140
147
mUserId = UserHandle .myUserId ();
141
148
}
@@ -158,6 +165,28 @@ protected String retrieveAppEntry() {
158
165
return mPackageName ;
159
166
}
160
167
168
+ @ VisibleForTesting
169
+ protected boolean hasInteractAcrossUsersPermission () {
170
+ Activity activity = getActivity ();
171
+ if (!(activity instanceof SettingsActivity )) {
172
+ return false ;
173
+ }
174
+ final String callingPackageName =
175
+ ((SettingsActivity ) activity ).getInitialCallingPackage ();
176
+
177
+ if (TextUtils .isEmpty (callingPackageName )) {
178
+ Log .w (TAG , "Not able to get calling package name for permission check" );
179
+ return false ;
180
+ }
181
+ if (mPm .checkPermission (Manifest .permission .INTERACT_ACROSS_USERS_FULL , callingPackageName )
182
+ != PackageManager .PERMISSION_GRANTED ) {
183
+ Log .w (TAG , "Package " + callingPackageName + " does not have required permission "
184
+ + Manifest .permission .INTERACT_ACROSS_USERS_FULL );
185
+ return false ;
186
+ }
187
+ return true ;
188
+ }
189
+
161
190
protected void setIntentAndFinish (boolean appChanged ) {
162
191
Log .i (TAG , "appChanged=" + appChanged );
163
192
Intent intent = new Intent ();
0 commit comments