commit 3a44807f37610164f2a0dd43a89a87966f1496e2
author Hai Zhang <zhanghai@google.com> Fri Sep 27 15:41:24 2019 -0700
committer Hai Zhang <zhanghai@google.com> Mon Sep 30 12:42:48 2019 -0700
tree c78b6eefed79806bbdf56acdb806d2e033e40a51
parent 2aadad460829c9258bdb0e6c981ce4a90fc0afd1

Mark all permissions as reviewed and test location permission better.

This change marks all requested permissions as reviewed after
installing an app, so that permission policy will start working for
foreground permissions which isn't restricted and thus wasn't marked
reviewed.

This change also grants the ACCESS_FINE_LOCATION for location
permission tests, so that we actually test something. Previously the
29 tests didn't grant the foreground permission so the assertion will
just accept any state of app op. The 22 tests was working with the
foreground location in granted state by default, but now we need to
grant it explicitly to remove the REVOKED_COMPAT flag.

Bug: 136503238
Test: manual
Change-Id: I96b7486f183ba33fe4b08c34f1ed97d57326b893

tests/tests/permission2/src/android/permission2/cts/RestrictedPermissionsTest.java

diff --git a/tests/tests/permission2/src/android/permission2/cts/RestrictedPermissionsTest.java b/tests/tests/permission2/src/android/permission2/cts/RestrictedPermissionsTest.java
index 429467f..e20b2af 100644
--- a/tests/tests/permission2/src/android/permission2/cts/RestrictedPermissionsTest.java
+++ b/tests/tests/permission2/src/android/permission2/cts/RestrictedPermissionsTest.java
@@ -16,6 +16,8 @@
 
 package android.permission2.cts;
 
+import static android.Manifest.permission.ACCESS_BACKGROUND_LOCATION;
+import static android.Manifest.permission.ACCESS_FINE_LOCATION;
 import static android.Manifest.permission.READ_SMS;
 import static android.permission.cts.PermissionUtils.eventually;
 import static android.permission.cts.PermissionUtils.isGranted;
@@ -59,6 +61,7 @@
 import java.io.FileInputStream;
 import java.io.InputStream;
 import java.io.OutputStream;
+import java.util.Arrays;
 import java.util.Collections;
 import java.util.Set;
 import java.util.concurrent.CountDownLatch;
@@ -221,28 +224,32 @@
     @Test
     @AppModeFull
     public void testLocationBackgroundPermissionWhitelistedAtInstall29() throws Exception {
-        installApp(APK_USES_LOCATION_29, null, null);
+        installApp(APK_USES_LOCATION_29, null, new ArraySet<>(Arrays.asList(ACCESS_FINE_LOCATION,
+                ACCESS_BACKGROUND_LOCATION)));
         assertAllRestrictedPermissionWhitelisted();
     }
 
     @Test
     @AppModeFull
     public void testLocationBackgroundPermissionNotWhitelistedAtInstall29() throws Exception {
-        installApp(APK_USES_LOCATION_29, Collections.EMPTY_SET, null);
+        installApp(APK_USES_LOCATION_29, Collections.emptySet(),
+                Collections.singleton(ACCESS_FINE_LOCATION));
         assertNoRestrictedPermissionWhitelisted();
     }
 
     @Test
     @AppModeFull
     public void testLocationBackgroundPermissionWhitelistedAtInstall22() throws Exception {
-        installApp(APK_USES_LOCATION_22, null, null);
+        installApp(APK_USES_LOCATION_22, null, new ArraySet<>(Arrays.asList(ACCESS_FINE_LOCATION,
+                ACCESS_BACKGROUND_LOCATION)));
         assertAllRestrictedPermissionWhitelisted();
     }
 
     @Test
     @AppModeFull
     public void testLocationBackgroundPermissionNotWhitelistedAtInstall22() throws Exception {
-        installApp(APK_USES_LOCATION_22, Collections.EMPTY_SET, null);
+        installApp(APK_USES_LOCATION_22, Collections.emptySet(),
+                Collections.singleton(ACCESS_FINE_LOCATION));
         assertNoRestrictedPermissionWhitelisted();
     }
 
@@ -914,20 +921,15 @@
 
     private @NonNull Set<String> getPermissionsOfAppWithAnyOfFlags(int flags) throws Exception {
         final PackageManager packageManager = getContext().getPackageManager();
-
-        final PackageInfo packageInfo = packageManager.getPackageInfo(PKG,
-                PackageManager.GET_PERMISSIONS);
-
-        final Set<String> hardRestrictedPermissions = new ArraySet<>();
-        for (String permission : packageInfo.requestedPermissions) {
+        final Set<String> restrictedPermissions = new ArraySet<>();
+        for (String permission : getRequestedPermissionsOfApp()) {
             PermissionInfo permInfo = packageManager.getPermissionInfo(permission, 0);
 
             if ((permInfo.flags & flags) != 0) {
-                hardRestrictedPermissions.add(permission);
+                restrictedPermissions.add(permission);
             }
         }
-
-        return hardRestrictedPermissions;
+        return restrictedPermissions;
     }
 
     private @NonNull Set<String> getRestrictedPermissionsOfApp() throws Exception {
@@ -935,6 +937,13 @@
                 PermissionInfo.FLAG_HARD_RESTRICTED | PermissionInfo.FLAG_SOFT_RESTRICTED);
     }
 
+    private @NonNull String[] getRequestedPermissionsOfApp() throws Exception {
+        final PackageManager packageManager = getContext().getPackageManager();
+        final PackageInfo packageInfo = packageManager.getPackageInfo(PKG,
+                PackageManager.GET_PERMISSIONS);
+        return packageInfo.requestedPermissions;
+    }
+
     private void assertAllRestrictedPermissionWhitelisted() throws Exception {
         assertRestrictedPermissionWhitelisted(getRestrictedPermissionsOfApp());
     }
@@ -1129,7 +1138,7 @@
         // applied until reviewed
         runWithShellPermissionIdentity(() -> {
             final PackageManager packageManager = getContext().getPackageManager();
-            for (String permission : getRestrictedPermissionsOfApp()) {
+            for (String permission : getRequestedPermissionsOfApp()) {
                 packageManager.updatePermissionFlags(permission, PKG,
                         PackageManager.FLAG_PERMISSION_REVIEW_REQUIRED, 0,
                         getContext().getUser());