Merge "Do not call noteOp if checkPermission fails"

commit: 513299e2c3c7bfd598e746975601983e936ca014 [log] [tgz]
author: TreeHugger Robot <treehugger-gerrit@google.com> Wed Mar 06 23:14:41 2019 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> Wed Mar 06 23:14:41 2019 +0000
tree: 37fe0333ecd800b8bb38ee402d7cce65332accde
parent: 863affdeef66ff04159d15262e4ce231f4b3e1dd [diff]
parent: 8f1fb1189e911f56df4415937c12f2372e064928 [diff]
diff --git a/telephony/java/android/telephony/LocationAccessPolicy.java b/telephony/java/android/telephony/LocationAccessPolicy.java
index d98f37d..b9d8eb6 100644
--- a/telephony/java/android/telephony/LocationAccessPolicy.java
+++ b/telephony/java/android/telephony/LocationAccessPolicy.java

@@ -174,22 +174,22 @@
         boolean hasManifestPermission = checkManifestPermission(context, query.callingPid,
                 query.callingUid, permissionToCheck);
 
-        int appOpMode = context.getSystemService(AppOpsManager.class)
-                .noteOpNoThrow(AppOpsManager.permissionToOpCode(permissionToCheck),
-                        query.callingUid, query.callingPackage);
-
-        if (hasManifestPermission && appOpMode == AppOpsManager.MODE_ALLOWED) {
-            // If the app did everything right, return without logging.
-            return LocationPermissionResult.ALLOWED;
-        }
-
-        // If the app has the manifest permission but not the app-op permission, it means that
-        // it's aware of the requirement and the user denied permission explicitly. If we see
-        // this, don't let any of the overrides happen.
         if (hasManifestPermission) {
-            Log.i(TAG, query.callingPackage + " is aware of " + locationTypeForLog + " but the"
-                    + " app-ops permission is specifically denied.");
-            return appOpsModeToPermissionResult(appOpMode);
+            // Only check the app op if the app has the permission.
+            int appOpMode = context.getSystemService(AppOpsManager.class)
+                    .noteOpNoThrow(AppOpsManager.permissionToOpCode(permissionToCheck),
+                            query.callingUid, query.callingPackage);
+            if (appOpMode == AppOpsManager.MODE_ALLOWED) {
+                // If the app did everything right, return without logging.
+                return LocationPermissionResult.ALLOWED;
+            } else {
+                // If the app has the manifest permission but not the app-op permission, it means
+                // that it's aware of the requirement and the user denied permission explicitly.
+                // If we see this, don't let any of the overrides happen.
+                Log.i(TAG, query.callingPackage + " is aware of " + locationTypeForLog + " but the"
+                        + " app-ops permission is specifically denied.");
+                return appOpsModeToPermissionResult(appOpMode);
+            }
         }
 
         int minSdkVersion = Manifest.permission.ACCESS_FINE_LOCATION.equals(permissionToCheck)
commit	513299e2c3c7bfd598e746975601983e936ca014	[log] [tgz]
author	TreeHugger Robot <treehugger-gerrit@google.com>	Wed Mar 06 23:14:41 2019 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	Wed Mar 06 23:14:41 2019 +0000
tree	37fe0333ecd800b8bb38ee402d7cce65332accde
parent	863affdeef66ff04159d15262e4ce231f4b3e1dd [diff]
parent	8f1fb1189e911f56df4415937c12f2372e064928 [diff]