1 /* 2 * Copyright (C) 2009 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.permission.cts; 18 19 import android.content.ContentValues; 20 import android.content.Intent; 21 import android.content.pm.PackageInfo; 22 import android.content.pm.PackageManager; 23 import android.content.pm.ResolveInfo; 24 import android.provider.CallLog; 25 import android.provider.Contacts; 26 import android.provider.Settings; 27 import android.test.AndroidTestCase; 28 import android.test.suitebuilder.annotation.MediumTest; 29 30 import java.util.List; 31 import java.util.Objects; 32 33 /** 34 * Tests Permissions related to reading from and writing to providers 35 */ 36 @MediumTest 37 public class ProviderPermissionTest extends AndroidTestCase { 38 /** 39 * Verify that read and write to contact requires permissions. 40 * <p>Tests Permission: 41 * {@link android.Manifest.permission#READ_CONTACTS} 42 */ 43 public void testReadContacts() { 44 assertReadingContentUriRequiresPermission(Contacts.People.CONTENT_URI, 45 android.Manifest.permission.READ_CONTACTS); 46 } 47 48 /** 49 * Verify that write to contact requires permissions. 50 * <p>Tests Permission: 51 * {@link android.Manifest.permission#WRITE_CONTACTS} 52 */ 53 public void testWriteContacts() { 54 assertWritingContentUriRequiresPermission(Contacts.People.CONTENT_URI, 55 android.Manifest.permission.WRITE_CONTACTS); 56 } 57 58 /** 59 * Verify that reading call logs requires permissions. 60 * <p>Tests Permission: 61 * {@link android.Manifest.permission#READ_CALL_LOG} 62 */ 63 public void testReadCallLog() { 64 assertReadingContentUriRequiresPermission(CallLog.CONTENT_URI, 65 android.Manifest.permission.READ_CALL_LOG); 66 } 67 68 /** 69 * Verify that writing call logs requires permissions. 70 * <p>Tests Permission: 71 * {@link android.Manifest.permission#WRITE_CALL_LOG} 72 */ 73 public void testWriteCallLog() { 74 assertWritingContentUriRequiresPermission(CallLog.CONTENT_URI, 75 android.Manifest.permission.WRITE_CALL_LOG); 76 } 77 78 /** 79 * Verify that write to settings requires permissions. 80 * <p>Tests Permission: 81 * {@link android.Manifest.permission#WRITE_SETTINGS} 82 */ 83 public void testWriteSettings() { 84 final String permission = android.Manifest.permission.WRITE_SETTINGS; 85 ContentValues value = new ContentValues(); 86 value.put(Settings.System.NAME, "name"); 87 value.put(Settings.System.VALUE, "value_insert"); 88 89 try { 90 getContext().getContentResolver().insert(Settings.System.CONTENT_URI, value); 91 fail("expected SecurityException requiring " + permission); 92 } catch (SecurityException expected) { 93 assertNotNull("security exception's error message.", expected.getMessage()); 94 assertTrue("error message should contain \"" + permission + "\". Got: \"" 95 + expected.getMessage() + "\".", 96 expected.getMessage().contains(permission)); 97 } 98 } 99 100 /** 101 * Verify that the {@link android.Manifest.permission#MANAGE_DOCUMENTS} 102 * permission is only held by exactly one package: whoever handles the 103 * {@link android.content.Intent#ACTION_OPEN_DOCUMENT} intent. 104 * <p> 105 * No other apps should <em>ever</em> attempt to acquire this permission, 106 * since it would give those apps extremely broad access to all storage 107 * providers on the device without user involvement in the arbitration 108 * process. Apps should instead always rely on Uri permission grants for 109 * access, using 110 * {@link android.content.Intent#FLAG_GRANT_READ_URI_PERMISSION} and related 111 * APIs. 112 */ 113 public void testManageDocuments() { 114 final PackageManager pm = getContext().getPackageManager(); 115 116 final Intent intent = new Intent(Intent.ACTION_OPEN_DOCUMENT); 117 intent.addCategory(Intent.CATEGORY_OPENABLE); 118 intent.setType("*/*"); 119 final ResolveInfo ri = pm.resolveActivity(intent, 0); 120 final String validPkg = ri.activityInfo.packageName; 121 122 final List<PackageInfo> holding = pm.getPackagesHoldingPermissions(new String[] { 123 android.Manifest.permission.MANAGE_DOCUMENTS 124 }, PackageManager.MATCH_UNINSTALLED_PACKAGES); 125 for (PackageInfo pi : holding) { 126 if (!Objects.equals(pi.packageName, validPkg)) { 127 fail("Exactly one package (must be " + validPkg 128 + ") can request the MANAGE_DOCUMENTS permission; found package " 129 + pi.packageName + " which must be revoked for security reasons"); 130 } 131 } 132 } 133 } 134
