Add CTS that prevent calling insert-debug-cert command from shell UID
Bug: 242892591
Test: atest FontManagerTest
Change-Id: Ie2ac14f2984a06a76fa1cebfceab880789f57515
diff --git a/tests/tests/graphics/src/android/graphics/fonts/FontManagerTest.java b/tests/tests/graphics/src/android/graphics/fonts/FontManagerTest.java
index fb091d7..d4bfdbf 100644
--- a/tests/tests/graphics/src/android/graphics/fonts/FontManagerTest.java
+++ b/tests/tests/graphics/src/android/graphics/fonts/FontManagerTest.java
@@ -187,6 +187,18 @@
}
@Test
+ public void fontManager_insertDebugCertPermissionTest() throws Exception {
+ UiAutomation ui = InstrumentationRegistry.getInstrumentation().getUiAutomation();
+
+ ui.adoptShellPermissionIdentity(Manifest.permission.UPDATE_FONTS);
+ try {
+ assertSecurityException("insert-debug-cert");
+ } finally {
+ ui.dropShellPermissionIdentity();
+ }
+ }
+
+ @Test
public void fontManager_updateFontFile_negativeBaseVersion() throws Exception {
FontManager fm = getContext().getSystemService(FontManager.class);
assertThat(fm).isNotNull();