From 7f87c194836e479843d48a8bd398e9ba781b18b3 Mon Sep 17 00:00:00 2001
From: Nikhar Agrawal <niagra@google.com>
Date: Thu, 16 Apr 2020 14:42:10 +0000
Subject: [PATCH] Enforce BACKUP permission for
 BackupManager#excludeKeysFromRestore()

Bug: 153415469
Test: atest UserBackupManagerServiceTest

Change-Id: I3d3c0e518a2e9b3805da02f4b0850c428cb8ff0e
---
 .../backup/UserBackupManagerService.java       |  2 ++
 .../backup/UserBackupManagerServiceTest.java   | 18 ++++++++++++++++++
 2 files changed, 20 insertions(+)

diff --git a/services/backup/java/com/android/server/backup/UserBackupManagerService.java b/services/backup/java/com/android/server/backup/UserBackupManagerService.java
index 69154b49c96f7..992e98473ae75 100644
--- a/services/backup/java/com/android/server/backup/UserBackupManagerService.java
+++ b/services/backup/java/com/android/server/backup/UserBackupManagerService.java
@@ -3120,6 +3120,8 @@ public class UserBackupManagerService {
      * to the backup agent during restore.
      */
     public void excludeKeysFromRestore(String packageName, List<String> keys) {
+        mContext.enforceCallingOrSelfPermission(android.Manifest.permission.BACKUP,
+                "excludeKeysFromRestore");
         mBackupPreferences.addExcludedKeys(packageName, keys);
     }
 
diff --git a/services/robotests/backup/src/com/android/server/backup/UserBackupManagerServiceTest.java b/services/robotests/backup/src/com/android/server/backup/UserBackupManagerServiceTest.java
index 8b2f15c2babba..fea61aa434427 100644
--- a/services/robotests/backup/src/com/android/server/backup/UserBackupManagerServiceTest.java
+++ b/services/robotests/backup/src/com/android/server/backup/UserBackupManagerServiceTest.java
@@ -85,6 +85,7 @@ import java.io.FileDescriptor;
 import java.io.IOException;
 import java.io.PrintWriter;
 import java.io.StringWriter;
+import java.util.ArrayList;
 import java.util.List;
 
 /**
@@ -519,6 +520,23 @@ public class UserBackupManagerServiceTest {
         expectThrows(SecurityException.class, backupManagerService::getCurrentTransportComponent);
     }
 
+    /**
+     * Test verifying that {@link UserBackupManagerService#excludeKeysFromRestore(String, List)}
+     * throws a {@link SecurityException} if the caller does not have backup permission.
+     */
+    @Test
+    public void testExcludeKeysFromRestore_withoutPermission() throws Exception {
+        mShadowContext.denyPermissions(android.Manifest.permission.BACKUP);
+        UserBackupManagerService backupManagerService = createUserBackupManagerServiceAndRunTasks();
+
+        expectThrows(
+                SecurityException.class,
+                () ->
+                        backupManagerService.excludeKeysFromRestore(
+                                PACKAGE_1,
+                                new ArrayList<String>(){}));
+    }
+
     /* Tests for updating transport attributes */
 
     private static final int PACKAGE_UID = 10;