CTS:Allow READ_SMS if work telephony policy is set
Bug: 279559169
Test: atest android.devicepolicy.cts.PermissionGrantTest
Ignore-AOSP-First: NA
Change-Id: I7db0de02d24e25b3e80a1618fbe6374b1597d09b
diff --git a/common/device-side/bedstead/harrier/common/src/main/java/com/android/bedstead/harrier/policies/SetSmsPermissionGranted.java b/common/device-side/bedstead/harrier/common/src/main/java/com/android/bedstead/harrier/policies/SetSmsPermissionGranted.java
index 5d460d9..919ce75 100644
--- a/common/device-side/bedstead/harrier/common/src/main/java/com/android/bedstead/harrier/policies/SetSmsPermissionGranted.java
+++ b/common/device-side/bedstead/harrier/common/src/main/java/com/android/bedstead/harrier/policies/SetSmsPermissionGranted.java
@@ -18,8 +18,6 @@
import static com.android.bedstead.harrier.annotations.enterprise.EnterprisePolicy.APPLIED_BY_DEVICE_OWNER;
-import static com.android.bedstead.harrier.annotations.enterprise.EnterprisePolicy.APPLIED_BY_ORGANIZATION_OWNED_PROFILE_OWNER_PROFILE;
-import static com.android.bedstead.harrier.annotations.enterprise.EnterprisePolicy.APPLIED_BY_PROFILE_OWNER;
import static com.android.bedstead.harrier.annotations.enterprise.EnterprisePolicy.APPLIED_BY_PROFILE_OWNER_USER;
import static com.android.bedstead.harrier.annotations.enterprise.EnterprisePolicy.APPLIES_TO_OWN_USER;
import static com.android.bedstead.harrier.annotations.enterprise.EnterprisePolicy.CANNOT_BE_APPLIED_BY_ROLE_HOLDER;
@@ -40,7 +38,6 @@
@EnterprisePolicy(
dpc = {APPLIED_BY_DEVICE_OWNER | APPLIES_TO_OWN_USER | APPLIED_BY_PROFILE_OWNER_USER
| CAN_BE_DELEGATED | CANNOT_BE_APPLIED_BY_ROLE_HOLDER
- | APPLIED_BY_ORGANIZATION_OWNED_PROFILE_OWNER_PROFILE,
},
delegatedScopes = DELEGATION_PERMISSION_GRANT,
permissions = @EnterprisePolicy.Permission(
diff --git a/tests/devicepolicy/src/android/devicepolicy/cts/PermissionGrantTest.java b/tests/devicepolicy/src/android/devicepolicy/cts/PermissionGrantTest.java
index 4c6e646..19007db 100644
--- a/tests/devicepolicy/src/android/devicepolicy/cts/PermissionGrantTest.java
+++ b/tests/devicepolicy/src/android/devicepolicy/cts/PermissionGrantTest.java
@@ -34,6 +34,7 @@
import static android.app.admin.DevicePolicyManager.PERMISSION_POLICY_AUTO_GRANT;
import static android.app.admin.DevicePolicyManager.PERMISSION_POLICY_PROMPT;
+import static com.android.bedstead.harrier.UserType.WORK_PROFILE;
import static com.android.bedstead.nene.utils.Versions.U;
import static com.google.common.truth.Truth.assertThat;
@@ -43,13 +44,20 @@
import static org.junit.Assume.assumeTrue;
import static org.testng.Assert.assertThrows;
+import android.app.admin.ManagedSubscriptionsPolicy;
+import android.app.admin.RemoteDevicePolicyManager;
+import android.content.ComponentName;
+import android.provider.Settings;
+
import com.android.bedstead.harrier.BedsteadJUnit4;
import com.android.bedstead.harrier.DeviceState;
import com.android.bedstead.harrier.annotations.AfterClass;
+import com.android.bedstead.harrier.annotations.EnsureGlobalSettingSet;
import com.android.bedstead.harrier.annotations.EnsureScreenIsOn;
import com.android.bedstead.harrier.annotations.EnsureUnlocked;
import com.android.bedstead.harrier.annotations.IntTestParameter;
import com.android.bedstead.harrier.annotations.NotificationsTest;
+import com.android.bedstead.harrier.annotations.RequireRunOnWorkProfile;
import com.android.bedstead.harrier.annotations.StringTestParameter;
import com.android.bedstead.harrier.annotations.enterprise.AdditionalQueryParameters;
import com.android.bedstead.harrier.annotations.enterprise.CanSetPolicyTest;
@@ -1038,6 +1046,34 @@
}
}
+ @EnsureGlobalSettingSet(key =
+ Settings.Global.ALLOW_WORK_PROFILE_TELEPHONY_FOR_NON_DPM_ROLE_HOLDERS, value = "1")
+ @RequireRunOnWorkProfile(isOrganizationOwned = true)
+ @Test
+ public void grantSmsPermission_orgOwnedDeviceWithManagedSubscriptionsPolicySet_granted() {
+ RemoteDevicePolicyManager devicePolicyManager = sDeviceState.profileOwner(
+ WORK_PROFILE).devicePolicyManager();
+ ComponentName componentName = sDeviceState.profileOwner(WORK_PROFILE).componentName();
+ int existingGrantState = devicePolicyManager.getPermissionGrantState(componentName,
+ sTestApp.packageName(), READ_SMS);
+ try {
+ devicePolicyManager.setManagedSubscriptionsPolicy(new ManagedSubscriptionsPolicy(
+ ManagedSubscriptionsPolicy.TYPE_ALL_MANAGED_SUBSCRIPTIONS));
+
+ boolean wasSet = devicePolicyManager.setPermissionGrantState(componentName,
+ sTestApp.packageName(), READ_SMS, PERMISSION_GRANT_STATE_GRANTED);
+
+ assertWithMessage("setPermissionGrantState did not return true").that(wasSet).isTrue();
+ assertWithMessage("Permission should be granted but was not")
+ .that(sTestApp.pkg().hasPermission(READ_SMS)).isTrue();
+ } finally {
+ devicePolicyManager.setPermissionGrantState(componentName, sTestApp.packageName(),
+ READ_SMS, existingGrantState);
+ devicePolicyManager.setManagedSubscriptionsPolicy(new ManagedSubscriptionsPolicy(
+ ManagedSubscriptionsPolicy.TYPE_ALL_PERSONAL_SUBSCRIPTIONS));
+ }
+ }
+
private void skipTestForFinancedDevice() {
DeviceOwner deviceOwner = TestApis.devicePolicy().getDeviceOwner();
