commit ec2a7d46128888f025dc3248d083043b978a46f4
author Santos Cordon <santoscordon@google.com> Thu Oct 23 09:30:19 2014 -0700
committer The Android Automerger <android-build@google.com> Fri Oct 24 16:05:31 2014 -0700
tree 38acc6ea93a691fdef46c5849a278b09d9515a7f
parent df441ed20bec7f2ebe319afc57f52df5f3996920

Add permission to CONNECTION_MANAGER PhoneAccount registration.

We need to add a system-level permission for registering PhoneAccounts
to prevent third party apps from registering and being able to
control the call.

Bug: 18100571
Change-Id: I06de9311620b271904babc78f23faff90a15e1a9

AndroidManifest.xml

diff --git a/AndroidManifest.xml b/AndroidManifest.xml
index 5d11fb3..427b248 100644
--- a/AndroidManifest.xml
+++ b/AndroidManifest.xml
@@ -46,6 +46,11 @@
             android:protectionLevel="signature"/>
 
     <permission
+            android:name="com.android.server.telecom.permission.REGISTER_CONNECTION_MANAGER"
+            android:label="Register CONNECTION_MANAGER PhoneAccount"
+            android:protectionLevel="signature"/>
+
+    <permission
             android:name="android.permission.BROADCAST_CALLLOG_INFO"
             android:label="Broadcast the call type/duration information"
             android:protectionLevel="signature|system"/>

src/com/android/server/telecom/TelecomServiceImpl.java

diff --git a/src/com/android/server/telecom/TelecomServiceImpl.java b/src/com/android/server/telecom/TelecomServiceImpl.java
index fbbe1c9..aaa3d16 100644
--- a/src/com/android/server/telecom/TelecomServiceImpl.java
+++ b/src/com/android/server/telecom/TelecomServiceImpl.java
@@ -52,6 +52,8 @@
 public class TelecomServiceImpl extends ITelecomService.Stub {
     private static final String REGISTER_PROVIDER_OR_SUBSCRIPTION =
             "com.android.server.telecom.permission.REGISTER_PROVIDER_OR_SUBSCRIPTION";
+    private static final String REGISTER_CONNECTION_MANAGER =
+            "com.android.server.telecom.permission.REGISTER_CONNECTION_MANAGER";
 
     /** The context. */
     private Context mContext;
@@ -295,6 +297,9 @@
                 account.hasCapabilities(PhoneAccount.CAPABILITY_SIM_SUBSCRIPTION)) {
                 enforceRegisterProviderOrSubscriptionPermission();
             }
+            if (account.hasCapabilities(PhoneAccount.CAPABILITY_CONNECTION_MANAGER)) {
+                enforceRegisterConnectionManagerPermission();
+            }
 
             mPhoneAccountRegistrar.registerPhoneAccount(account);
         } catch (Exception e) {
@@ -573,6 +578,10 @@
         enforcePermission(REGISTER_PROVIDER_OR_SUBSCRIPTION);
     }
 
+    private void enforceRegisterConnectionManagerPermission() {
+        enforcePermission(REGISTER_CONNECTION_MANAGER);
+    }
+
     private void enforceReadPermission() {
         enforcePermission(Manifest.permission.READ_PHONE_STATE);
     }