Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / tools / aidl / e79243a37c217e385ca89e6823b0a05d978889fc^! / . / aidl_unittest.cpp
commite79243a37c217e385ca89e6823b0a05d978889fc[log] [tgz]
authorThiƩbaud Weksteen <tweek@google.com>Tue Nov 02 14:36:25 2021 +1100
committerThiƩbaud Weksteen <tweek@google.com>Tue Nov 02 23:07:28 2021 +0000
tree6dba6756a5628c7870bb0b905342583dc7aad0d5
parent2e6d93fa31aa35fffdbfb2ae886c0aaeee7ac142 [diff] [blame]
Add further permission annotations

Introduce the @NoPermissionRequired annotation to explicitly declare
that an interface or method does not require any kind of permission when
called.

Add the @PermissionManuallyEnforced annotation to indicate that
permissions are manually verified within the implementation.

Ensure that these new annotations are not defined in a conflicted manner
with the @Enforce annotation.

Bug: 197828948
Test: atest --host aidl_unittests
Change-Id: Iff3b4c9c5d2a5b4c310d7a737b8d7628cc39ba20

diff --git a/aidl_unittest.cpp b/aidl_unittest.cpp
index 4e87ecb..0fda47c 100644
--- a/aidl_unittest.cpp
+++ b/aidl_unittest.cpp

@@ -3845,6 +3845,67 @@
   EXPECT_TRUE(compile_aidl(options, io_delegate_));
 }
 
+TEST_F(AidlTest, NoPermissionInterfaceEnforceMethod) {
+  io_delegate_.SetFileContents("a/IFoo.aidl", R"(package a;
+    @NoPermissionRequired
+    interface IFoo {
+        @Enforce(condition="permission = INTERNET")
+        void Protected();
+    })");
+
+  Options options = Options::From("aidl --lang=java -o out a/IFoo.aidl");
+  CaptureStderr();
+  EXPECT_FALSE(compile_aidl(options, io_delegate_));
+  EXPECT_THAT(GetCapturedStderr(),
+              HasSubstr("The interface IFoo is annotated as requiring no permission"));
+}
+
+TEST_F(AidlTest, ManualPermissionInterfaceEnforceMethod) {
+  io_delegate_.SetFileContents("a/IFoo.aidl", R"(package a;
+    @PermissionManuallyEnforced
+    interface IFoo {
+        @Enforce(condition="permission = INTERNET")
+        void Protected();
+    })");
+
+  Options options = Options::From("aidl --lang=java -o out a/IFoo.aidl");
+  CaptureStderr();
+  EXPECT_FALSE(compile_aidl(options, io_delegate_));
+  EXPECT_THAT(
+      GetCapturedStderr(),
+      HasSubstr("The interface IFoo is annotated as manually implementing permission checks"));
+}
+
+TEST_F(AidlTest, EnforceInterfaceNoPermissionsMethod) {
+  io_delegate_.SetFileContents("a/IFoo.aidl", R"(package a;
+    @Enforce(condition="permission = INTERNET")
+    interface IFoo {
+        @NoPermissionRequired
+        void Protected();
+    })");
+
+  Options options = Options::From("aidl --lang=java -o out a/IFoo.aidl");
+  CaptureStderr();
+  EXPECT_FALSE(compile_aidl(options, io_delegate_));
+  EXPECT_THAT(GetCapturedStderr(),
+              HasSubstr("The interface IFoo enforces permissions using annotations"));
+}
+
+TEST_F(AidlTest, EnforceInterfaceManualPermissionMethod) {
+  io_delegate_.SetFileContents("a/IFoo.aidl", R"(package a;
+    @Enforce(condition="permission = INTERNET")
+    interface IFoo {
+        @PermissionManuallyEnforced
+        void Protected();
+    })");
+
+  Options options = Options::From("aidl --lang=java -o out a/IFoo.aidl");
+  CaptureStderr();
+  EXPECT_FALSE(compile_aidl(options, io_delegate_));
+  EXPECT_THAT(GetCapturedStderr(),
+              HasSubstr("The interface IFoo enforces permissions using annotations"));
+}
+
 class AidlOutputPathTest : public AidlTest {
  protected:
   void SetUp() override {