Merge "Throw on revoked location permission - framework"

2018-08-02 22:16:07 +00:00
parent c02b2ec3f1 56c4148e41
commit bb67bab55f
2 changed files with 9 additions and 6 deletions
--- a/services/core/java/com/android/server/TelephonyRegistry.java
+++ b/services/core/java/com/android/server/TelephonyRegistry.java
@@ -1789,7 +1789,8 @@ class TelephonyRegistry extends ITelephonyRegistry.Stub {
        long token = Binder.clearCallingIdentity();
        try {
            return LocationAccessPolicy.canAccessCellLocation(mContext,
-                    r.callingPackage, r.callerUid, r.callerPid);
+                    r.callingPackage, r.callerUid, r.callerPid,
+                    /*throwOnDeniedPermission*/ false);
        } finally {
            Binder.restoreCallingIdentity(token);
        }
--- a/telephony/java/android/telephony/LocationAccessPolicy.java
+++ b/telephony/java/android/telephony/LocationAccessPolicy.java
@@ -48,10 +48,11 @@ public final class LocationAccessPolicy {
     * @param pkgName Package name of the application requesting access
     * @param uid The uid of the package
     * @param pid The pid of the package
+     * @param throwOnDeniedPermission Whether to throw if the location permission is denied.
     * @return boolean true or false if permissions is granted
     */
    public static boolean canAccessCellLocation(@NonNull Context context, @NonNull String pkgName,
-            int uid, int pid) throws SecurityException {
+            int uid, int pid, boolean throwOnDeniedPermission) throws SecurityException {
        Trace.beginSection("TelephonyLocationCheck");
        try {
            // Always allow the phone process and system server to access location. This avoid
@@ -68,10 +69,11 @@ public final class LocationAccessPolicy {
            // where a legacy app the user is not using tracks their location.
            // Granting ACCESS_FINE_LOCATION to an app automatically grants it
            // ACCESS_COARSE_LOCATION.
-
-            if (context.checkPermission(Manifest.permission.ACCESS_COARSE_LOCATION, pid, uid) ==
-                    PackageManager.PERMISSION_DENIED) {
-                if (DBG) Log.w(TAG, "Permission checked failed (" + pid + "," + uid + ")");
+            if (throwOnDeniedPermission) {
+                context.enforcePermission(Manifest.permission.ACCESS_COARSE_LOCATION,
+                        pid, uid, "canAccessCellLocation");
+            } else if (context.checkPermission(Manifest.permission.ACCESS_COARSE_LOCATION,
+                    pid, uid) == PackageManager.PERMISSION_DENIED) {
                return false;
            }
            final int opCode = AppOpsManager.permissionToOpCode(