tests/tests/permission/src/android/permission/cts/ShellPermissionTest.java - platform/cts - Git at Google

 /*
  * Copyright (C) 2019 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 package android.permission.cts;

 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotEquals;
 import static org.junit.Assert.assertNotNull;

 import android.content.Context;
 import android.content.pm.PackageInfo;
 import android.content.pm.PackageManager;
 import android.os.Process;
 import android.platform.test.annotations.AppModeFull;
 import android.util.Log;

 import androidx.test.InstrumentationRegistry;
 import androidx.test.runner.AndroidJUnit4;

 import org.junit.Test;
 import org.junit.runner.RunWith;

 import java.util.Arrays;
 import java.util.HashSet;
 import java.util.Set;

 /**
  * Tests that shell has acceptable permissions.
  */
 @RunWith(AndroidJUnit4.class)
 public class ShellPermissionTest {
     private static final String LOG_TAG = ShellPermissionTest.class.getSimpleName();

     /** Permissions that shell is NOT permitted to have. */
     private static final String[] BLACKLISTED_PERMISSIONS = {
             "android.permission.MANAGE_USERS",
     };

     private static final Context sContext = InstrumentationRegistry.getTargetContext();

     /**
      * Verify that the shell uid does not have any of the permissions listed in
      *   {@link #BLACKLISTED_PERMISSIONS}.
      */
     @Test
     @AppModeFull(reason = "Instant apps cannot read properties of other packages. Also the shell "
             + "is never an instant app, hence this test does not matter for instant apps.")
     public void testBlacklistedPermissions() throws Exception {
         final Set<String> blacklist = new HashSet<>(Arrays.asList(BLACKLISTED_PERMISSIONS));

         final PackageManager pm = sContext.getPackageManager();
         final String[] pkgs = pm.getPackagesForUid(Process.SHELL_UID);
         assertNotNull("No SHELL packages were found", pkgs);
         assertNotEquals("SHELL package list had 0 size", 0, pkgs.length);
         String pkg = pkgs[0];

         final PackageInfo packageInfo = pm.getPackageInfo(pkg, PackageManager.GET_PERMISSIONS);
         assertNotNull("No permissions found for " + pkg, packageInfo.requestedPermissions);

         for (String permission : packageInfo.requestedPermissions) {
             Log.d(LOG_TAG, "SHELL as " + pkg + " uses permission " + permission);
             assertFalse("SHELL as " + pkg + " contains the illegal permission " + permission,
                     blacklist.contains(permission));
         }
     }
 }
	/*
	* Copyright (C) 2019 The Android Open Source Project
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	package android.permission.cts;

	import static org.junit.Assert.assertFalse;
	import static org.junit.Assert.assertNotEquals;
	import static org.junit.Assert.assertNotNull;

	import android.content.Context;
	import android.content.pm.PackageInfo;
	import android.content.pm.PackageManager;
	import android.os.Process;
	import android.platform.test.annotations.AppModeFull;
	import android.util.Log;

	import androidx.test.InstrumentationRegistry;
	import androidx.test.runner.AndroidJUnit4;

	import org.junit.Test;
	import org.junit.runner.RunWith;

	import java.util.Arrays;
	import java.util.HashSet;
	import java.util.Set;

	/**
	* Tests that shell has acceptable permissions.
	*/
	@RunWith(AndroidJUnit4.class)
	public class ShellPermissionTest {
	private static final String LOG_TAG = ShellPermissionTest.class.getSimpleName();

	/** Permissions that shell is NOT permitted to have. */
	private static final String[] BLACKLISTED_PERMISSIONS = {
	"android.permission.MANAGE_USERS",
	};

	private static final Context sContext = InstrumentationRegistry.getTargetContext();

	/**
	* Verify that the shell uid does not have any of the permissions listed in
	* {@link #BLACKLISTED_PERMISSIONS}.
	*/
	@Test
	@AppModeFull(reason = "Instant apps cannot read properties of other packages. Also the shell "
	+ "is never an instant app, hence this test does not matter for instant apps.")
	public void testBlacklistedPermissions() throws Exception {
	final Set<String> blacklist = new HashSet<>(Arrays.asList(BLACKLISTED_PERMISSIONS));

	final PackageManager pm = sContext.getPackageManager();
	final String[] pkgs = pm.getPackagesForUid(Process.SHELL_UID);
	assertNotNull("No SHELL packages were found", pkgs);
	assertNotEquals("SHELL package list had 0 size", 0, pkgs.length);
	String pkg = pkgs[0];

	final PackageInfo packageInfo = pm.getPackageInfo(pkg, PackageManager.GET_PERMISSIONS);
	assertNotNull("No permissions found for " + pkg, packageInfo.requestedPermissions);

	for (String permission : packageInfo.requestedPermissions) {
	Log.d(LOG_TAG, "SHELL as " + pkg + " uses permission " + permission);
	assertFalse("SHELL as " + pkg + " contains the illegal permission " + permission,
	blacklist.contains(permission));
	}
	}
	}