Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 3cb67dffb7758da16d06f7033b83128069a0be05^! / . / services / core / java / com / android / server / pm / UserManagerService.java
commit3cb67dffb7758da16d06f7033b83128069a0be05[log] [tgz]
authorBookatz <bookatz@google.com>Wed Oct 16 17:20:06 2019 -0400
committerBookatz <bookatz@google.com>Thu Oct 17 11:19:10 2019 -0400
tree75ef95c3c984ad1debbbda94fff7989a71889ff3
parentbbf394bf195d001a810e381492a107e91f1f0f25 [diff] [blame]
Wellbeing app can enable QUIET_MODE

The designated Wellbeing app now has permission
to toggle the "quiet mode" of a profile.

Additionally, callers can only toggle the quiet mode
of a userId that is of the same profile group as the caller
(unless the caller has MANAGE_PERMISSIONS).

Test: manual
Bug: 140485433
Change-Id: Ie6253799b97113aff7d364f8cf9214c69252f704

diff --git a/services/core/java/com/android/server/pm/UserManagerService.java b/services/core/java/com/android/server/pm/UserManagerService.java
index 5f86708..f024c9c 100644
--- a/services/core/java/com/android/server/pm/UserManagerService.java
+++ b/services/core/java/com/android/server/pm/UserManagerService.java

@@ -861,7 +861,7 @@
                     "target should only be specified when we are disabling quiet mode.");
         }
 
-        ensureCanModifyQuietMode(callingPackage, Binder.getCallingUid(), target != null);
+        ensureCanModifyQuietMode(callingPackage, Binder.getCallingUid(), userId, target != null);
         final long identity = Binder.clearCallingIdentity();
         try {
             boolean result = false;
@@ -893,13 +893,15 @@
      *     <li>Has system UID or root UID</li>
      *     <li>Has {@link Manifest.permission#MODIFY_QUIET_MODE}</li>
      *     <li>Has {@link Manifest.permission#MANAGE_USERS}</li>
+     *     <li>Is the foreground default launcher app</li>
      * </ul>
      * <p>
-     * If caller wants to start an intent after disabling the quiet mode, it must has
+     * If caller wants to start an intent after disabling the quiet mode, or if it is targeting a
+     * user in a different profile group from the caller, it must have
      * {@link Manifest.permission#MANAGE_USERS}.
      */
     private void ensureCanModifyQuietMode(String callingPackage, int callingUid,
-            boolean startIntent) {
+            @UserIdInt int targetUserId, boolean startIntent) {
         if (hasManageUsersPermission()) {
             return;
         }
@@ -907,6 +909,10 @@
             throw new SecurityException("MANAGE_USERS permission is required to start intent "
                     + "after disabling quiet mode.");
         }
+        if (!isSameProfileGroupNoChecks(UserHandle.getUserId(callingUid), targetUserId)) {
+            throw new SecurityException("MANAGE_USERS permission is required to modify quiet mode "
+                    + "for a different profile group.");
+        }
         final boolean hasModifyQuietModePermission = hasPermissionGranted(
                 Manifest.permission.MODIFY_QUIET_MODE, callingUid);
         if (hasModifyQuietModePermission) {