Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[Media ML] Copy over ActivityManager#handleIncomingUser

Browse Source 
This CL copies over the implementation of
ActivityManager#handleIncomingUser except for the case of
USER_CURRENT_OR_SELF. See go/replace-handleincominguser Section
"New Implementation" for reasoning behind this.

Bug: 163336589
Test: Manually test USER_CURRENT and USER_ALL cases via
PipMediaController and NotificationMediaManager.

Change-Id: Id6dbf61d1e66c8e20fc9608ec2bc1df0486b92e2
This commit is contained in:
Jin Seok Park
2020-12-11 02:37:48 +09:00
parent 3961654ded
commit 1d1547b11e
2 changed files with 75 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
media/java/android/media/session/MediaSessionManager.java
View File

@@ -180,7 +180,7 @@ public final class MediaSessionManager {
* be provided in priority order with the most important controller at index
* 0.
* <p>
* This requires the android.Manifest.permission.MEDIA_CONTENT_CONTROL
* This requires the {@link android.Manifest.permission#MEDIA_CONTENT_CONTROL}
* permission be held by the calling app. You may also retrieve this list if
* your app is an enabled notification listener using the
* {@link NotificationListenerService} APIs, in which case you must pass the
@@ -196,14 +196,18 @@ public final class MediaSessionManager {
}
/**
* Get active sessions for a specific user. To retrieve actions for a user
* other than your own you must hold the
* {@link android.Manifest.permission#INTERACT_ACROSS_USERS_FULL} permission
* in addition to any other requirements. If you are an enabled notification
* listener you may only get sessions for the users you are enabled for.
* Get active sessions for the given user.
* <p>
* This requires the {@link android.Manifest.permission#MEDIA_CONTENT_CONTROL} permission be
* held by the calling app. You may also retrieve this list if your app is an enabled
* notification listener using the {@link NotificationListenerService} APIs, in which case you
* must pass the {@link ComponentName} of your enabled listener.
* <p>
* The calling application needs to hold the
* {@link android.Manifest.permission#INTERACT_ACROSS_USERS_FULL} permission in order to
* retrieve sessions for user ids that do not belong to current process.
*
* @param notificationListener The enabled notification listener component.
* May be null.
* @param notificationListener The enabled notification listener component. May be null.
* @param userId The user id to fetch sessions for.
* @return A list of controllers for ongoing sessions.
* @hide
@@ -248,8 +252,9 @@ public final class MediaSessionManager {
* Gets a list of {@link Session2Token} with type {@link Session2Token#TYPE_SESSION} for the
* given user.
* <p>
* If you want to get tokens for another user, you must hold the
* android.Manifest.permission#INTERACT_ACROSS_USERS_FULL permission.
* The calling application needs to hold the
* {@link android.Manifest.permission#INTERACT_ACROSS_USERS_FULL} permission in order to
* retrieve session tokens for user ids that do not belong to current process.
*
* @param userId The user id to fetch sessions for.
* @return A list of {@link Session2Token}
@@ -267,11 +272,12 @@ public final class MediaSessionManager {
}
/**
* Add a listener to be notified when the list of active sessions changes. This requires the
* {@link android.Manifest.permission#MEDIA_CONTENT_CONTROL} permission be held by the calling
* app. You may also retrieve this list if your app is an enabled notification listener using
* the {@link NotificationListenerService} APIs, in which case you must pass the
* {@link ComponentName} of your enabled listener.
* Add a listener to be notified when the list of active sessions changes.
* <p>
* This requires the {@link android.Manifest.permission#MEDIA_CONTENT_CONTROL} permission be
* held by the calling app. You may also retrieve this list if your app is an enabled
* notificationlistener using the {@link NotificationListenerService} APIs, in which case you
* must pass the {@link ComponentName} of your enabled listener.
*
* @param sessionListener The listener to add.
* @param notificationListener The enabled notification listener component. May be null.
@@ -283,12 +289,13 @@ public final class MediaSessionManager {
}
/**
* Add a listener to be notified when the list of active sessions changes. This requires the
* {@link android.Manifest.permission#MEDIA_CONTENT_CONTROL} permission be held by the calling
* app. You may also retrieve this list if your app is an enabled notification listener using
* the {@link NotificationListenerService} APIs, in which case you must pass the
* {@link ComponentName} of your enabled listener. Updates will be posted to the handler
* specified or to the caller's thread if the handler is null.
* Add a listener to be notified when the list of active sessions changes.
* <p>
* This requires the {@link android.Manifest.permission#MEDIA_CONTENT_CONTROL} permission be
* held by the calling app. You may also retrieve this list if your app is an enabled
* notification listener using the {@link NotificationListenerService} APIs, in which case you
* must pass the {@link ComponentName} of your enabled listener. Updates will be posted to the
* handler specified or to the caller's thread if the handler is null.
*
* @param sessionListener The listener to add.
* @param notificationListener The enabled notification listener component. May be null.
@@ -302,15 +309,17 @@ public final class MediaSessionManager {
}
/**
* Add a listener to be notified when the list of active sessions changes for the given user.
* The calling app must have the {@link android.Manifest.permission#INTERACT_ACROSS_USERS_FULL}
* permission if it wants to call this method for a user that is not running the app.
* Add a listener to be notified when the list of active sessions changes.
* <p>
* This requires the {@link android.Manifest.permission#MEDIA_CONTENT_CONTROL} permission be
* held by the calling app. You may also retrieve this list if your app is an enabled
* notification listener using the {@link NotificationListenerService} APIs, in which case you
* must pass the {@link ComponentName} of your enabled listener. Updates will be posted to the
* handler specified or to the caller's thread if the handler is null.
* <p>
* The calling application needs to hold the
* {@link android.Manifest.permission#INTERACT_ACROSS_USERS_FULL} permission in order to
* add listeners for user ids that do not belong to current process.
*
* @param sessionListener The listener to add.
* @param notificationListener The enabled notification listener component. May be null.
@@ -407,6 +416,10 @@ public final class MediaSessionManager {
* Library</a> for consistent behavior across all devices.
* <p>
* Adds a listener to be notified when the {@link #getSession2Tokens()} changes.
* <p>
* The calling application needs to hold the
* {@link android.Manifest.permission#INTERACT_ACROSS_USERS_FULL} permission in order to
* add listeners for user ids that do not belong to current process.
*
* @param userId The userId to listen for changes on
* @param listener The listener to add
@@ -705,8 +718,9 @@ public final class MediaSessionManager {
/**
* Checks whether the remote user is a trusted app.
* <p>
* An app is trusted if the app holds the android.Manifest.permission.MEDIA_CONTENT_CONTROL
* permission or has an enabled notification listener.
* An app is trusted if the app holds the
* {@link android.Manifest.permission#MEDIA_CONTENT_CONTROL} permission or has an enabled
* notification listener.
*
* @param userInfo The remote user info from either
* {@link MediaSession#getCurrentControllerInfo()} or

51
services/core/java/com/android/server/media/MediaSessionService.java
View File

@@ -16,6 +16,7 @@
package com.android.server.media;
import static android.Manifest.permission.INTERACT_ACROSS_USERS_FULL;
import static android.os.UserHandle.ALL;
import static android.os.UserHandle.CURRENT;
@@ -1114,8 +1115,7 @@ public class MediaSessionService extends SystemService implements Monitor {
final long token = Binder.clearCallingIdentity();
try {
enforcePackageName(packageName, uid);
int resolvedUserId = ActivityManager.handleIncomingUser(pid, uid, userId,
false /* allowAll */, true /* requireFull */, "createSession", packageName);
int resolvedUserId = handleIncomingUser(pid, uid, userId, packageName);
if (cb == null) {
throw new IllegalArgumentException("Controller callback cannot be null");
}
@@ -1190,11 +1190,8 @@ public class MediaSessionService extends SystemService implements Monitor {
final long token = Binder.clearCallingIdentity();
try {
// Check that they can make calls on behalf of the user and
// get the final user id
int resolvedUserId = ActivityManager.handleIncomingUser(pid, uid, userId,
true /* allowAll */, true /* requireFull */, "getSession2Tokens",
null /* optional packageName */);
// Check that they can make calls on behalf of the user and get the final user id
int resolvedUserId = handleIncomingUser(pid, uid, userId, null);
List<Session2Token> result;
synchronized (mLock) {
FullUserRecord user = getFullUserRecordLocked(userId);
@@ -1261,9 +1258,7 @@ public class MediaSessionService extends SystemService implements Monitor {
try {
// Check that they can make calls on behalf of the user and get the final user id.
int resolvedUserId = ActivityManager.handleIncomingUser(pid, uid, userId,
true /* allowAll */, true /* requireFull */, "addSession2TokensListener",
null /* optional packageName */);
int resolvedUserId = handleIncomingUser(pid, uid, userId, null);
synchronized (mLock) {
int index = findIndexOfSession2TokensListenerLocked(listener);
if (index >= 0) {
@@ -1980,16 +1975,40 @@ public class MediaSessionService extends SystemService implements Monitor {
packageName = componentName.getPackageName();
enforcePackageName(packageName, uid);
}
// Check that they can make calls on behalf of the user and
// get the final user id
int resolvedUserId = ActivityManager.handleIncomingUser(pid, uid, userId,
true /* allowAll */, true /* requireFull */, "getSessions", packageName);
// Check if they have the permissions or their component is
// enabled for the user they're calling from.
// Check that they can make calls on behalf of the user and get the final user id
int resolvedUserId = handleIncomingUser(pid, uid, userId, packageName);
// Check if they have the permissions or their component is enabled for the user
// they're calling from.
enforceMediaPermissions(componentName, pid, uid, resolvedUserId);
return resolvedUserId;
}
// Handles incoming user by checking whether the caller has permission to access the
// given user id's information or not. Permission is not necessary if the given user id is
// equal to the caller's user id, but if not, the caller needs to have the
// INTERACT_ACROSS_USERS_FULL permission. Otherwise, a security exception will be thrown.
// The return value will be the given user id, unless the given user id is
// UserHandle.CURRENT, which will return the ActivityManager.getCurrentUser() value instead.
private int handleIncomingUser(int pid, int uid, int userId, String packageName) {
int callingUserId = UserHandle.getUserHandleForUid(uid).getIdentifier();
if (userId == callingUserId) {
return userId;
}
boolean canInteractAcrossUsersFull = mContext.checkPermission(
INTERACT_ACROSS_USERS_FULL, pid, uid) == PackageManager.PERMISSION_GRANTED;
if (canInteractAcrossUsersFull) {
if (userId == CURRENT.getIdentifier()) {
return ActivityManager.getCurrentUser();
}
return userId;
}
throw new SecurityException("Permission denied while calling from " + packageName
+ " with user id: " + userId + "; Need to run as either the calling user id ("
+ callingUserId + "), or with " + INTERACT_ACROSS_USERS_FULL + " permission");
}
private boolean hasEnabledNotificationListener(int callingUserId,
String controllerPackageName, int controllerUid) {
int controllerUserId = UserHandle.getUserHandleForUid(controllerUid).getIdentifier();