Block guest user from Bluetooth tethering connect/disconnect
Guset user does not have permission to change WiFi network, block
guest user to connect WiFi through Bluetooth thethering to secure it.
Bug: 126206353
Test: atest BluetoothInstrumentationTests
Merged-In: Id863513f2e6b4bfa7ab56446e2a77389348e8934
Change-Id: Id863513f2e6b4bfa7ab56446e2a77389348e8934
(cherry picked from commit 312202c1d75013d55cc3fad6a333445a91dfd4ce)
diff --git a/src/com/android/bluetooth/pan/PanService.java b/src/com/android/bluetooth/pan/PanService.java
index aa5a1fd..92eab77 100644
--- a/src/com/android/bluetooth/pan/PanService.java
+++ b/src/com/android/bluetooth/pan/PanService.java
@@ -40,6 +40,7 @@
import com.android.bluetooth.btservice.AdapterService;
import com.android.bluetooth.btservice.MetricsLogger;
import com.android.bluetooth.btservice.ProfileService;
+import com.android.internal.annotations.VisibleForTesting;
import java.net.InetAddress;
import java.util.ArrayList;
@@ -67,6 +68,9 @@
private String mNapIfaceAddr;
private boolean mNativeAvailable;
+ @VisibleForTesting
+ UserManager mUserManager;
+
private static final int MESSAGE_CONNECT = 1;
private static final int MESSAGE_DISCONNECT = 2;
private static final int MESSAGE_CONNECT_STATE_CHANGED = 11;
@@ -116,6 +120,8 @@
initializeNative();
mNativeAvailable = true;
+ mUserManager = (UserManager) getSystemService(Context.USER_SERVICE);
+
mNetworkFactory =
new BluetoothTetheringNetworkFactory(getBaseContext(), getMainLooper(), this);
setPanService(this);
@@ -137,6 +143,9 @@
cleanupNative();
mNativeAvailable = false;
}
+
+ mUserManager = null;
+
if (mPanDevices != null) {
int[] desiredStates = {BluetoothProfile.STATE_CONNECTING, BluetoothProfile.STATE_CONNECTED,
BluetoothProfile.STATE_DISCONNECTING};
@@ -319,6 +328,10 @@
public boolean connect(BluetoothDevice device) {
enforceCallingOrSelfPermission(BLUETOOTH_PERM, "Need BLUETOOTH permission");
+ if (mUserManager.isGuestUser()) {
+ Log.w(TAG, "Guest user does not have the permission to change the WiFi network");
+ return false;
+ }
if (getConnectionState(device) != BluetoothProfile.STATE_DISCONNECTED) {
Log.e(TAG, "Pan Device not disconnected: " + device);
return false;
diff --git a/tests/unit/src/com/android/bluetooth/pan/PanServiceTest.java b/tests/unit/src/com/android/bluetooth/pan/PanServiceTest.java
index 6d4574f..3573f84 100644
--- a/tests/unit/src/com/android/bluetooth/pan/PanServiceTest.java
+++ b/tests/unit/src/com/android/bluetooth/pan/PanServiceTest.java
@@ -15,8 +15,12 @@
*/
package com.android.bluetooth.pan;
+import static org.mockito.Mockito.when;
+
import android.bluetooth.BluetoothAdapter;
+import android.bluetooth.BluetoothDevice;
import android.content.Context;
+import android.os.UserManager;
import androidx.test.InstrumentationRegistry;
import androidx.test.filters.MediumTest;
@@ -47,6 +51,7 @@
@Rule public final ServiceTestRule mServiceRule = new ServiceTestRule();
@Mock private AdapterService mAdapterService;
+ @Mock private UserManager mMockUserManager;
@Before
public void setUp() throws Exception {
@@ -61,6 +66,7 @@
// Try getting the Bluetooth adapter
mAdapter = BluetoothAdapter.getDefaultAdapter();
Assert.assertNotNull(mAdapter);
+ mService.mUserManager = mMockUserManager;
}
@After
@@ -78,4 +84,11 @@
public void testInitialize() {
Assert.assertNotNull(PanService.getPanService());
}
+
+ @Test
+ public void testGuestUserConnect() {
+ BluetoothDevice device = TestUtils.getTestDevice(mAdapter, 0);
+ when(mMockUserManager.isGuestUser()).thenReturn(true);
+ Assert.assertFalse(mService.connect(device));
+ }
}
