Permission support for diagnostics.
This creates two permissions for access to diagnostic data:
- DIAGNOSTIC_READ, for read-only access to live and freeze frame data;
- DIAGNOSTIC_CLEAR, for deleting DTC data from the car.
It also extends the meaning of PERMISSION_VENDOR_EXTENSION to mean being allowed to read vendor-specific diagnostic sensor data.
Test: build
Bug: 35435164
For O-MR1.
Change-Id: I046bf6ae4a7aa2b2570ea5657bff9e1ce86edbce
diff --git a/service/src/com/android/car/ICarImpl.java b/service/src/com/android/car/ICarImpl.java
index ae28c7f..61aae91 100644
--- a/service/src/com/android/car/ICarImpl.java
+++ b/service/src/com/android/car/ICarImpl.java
@@ -206,7 +206,7 @@
case Car.DIAGNOSTIC_SERVICE:
FeatureUtil.assertFeature(FeatureConfiguration.ENABLE_DIAGNOSTIC);
if (FeatureConfiguration.ENABLE_DIAGNOSTIC) {
- //TODO(egranata): handle permissions
+ assertAnyDiagnosticPermission(mContext);
return mCarDiagnosticService;
}
case Car.HVAC_SERVICE:
@@ -298,6 +298,13 @@
}
@FutureFeature
+ public static void assertAnyDiagnosticPermission(Context context) {
+ assertAnyPermission(context,
+ Car.PERMISSION_CAR_DIAGNOSTIC_READ,
+ Car.PERMISSION_CAR_DIAGNOSTIC_CLEAR);
+ }
+
+ @FutureFeature
public static void assertVmsPublisherPermission(Context context) {
assertPermission(context, Car.PERMISSION_VMS_PUBLISHER);
}
@@ -313,6 +320,16 @@
}
}
+ public static void assertAnyPermission(Context context, String... permissions) {
+ for (String permission : permissions) {
+ if (context.checkCallingOrSelfPermission(permission) ==
+ PackageManager.PERMISSION_GRANTED) {
+ return;
+ }
+ }
+ throw new SecurityException("requires any of " + Arrays.toString(permissions));
+ }
+
void dump(PrintWriter writer) {
writer.println("*FutureConfig, DEFAULT:" + FeatureConfiguration.DEFAULT);
//TODO dump all feature flags by reflection