[RCS UCE] Check the new added permission "ACCESS_RCS_USER_CAPABILITY_EXCHANGE" for UCE APIs
Bug: 174861641
Test: atest -c CtsTelephonyTestCases:android.telephony.ims.cts.RcsUceAdapterTest
Change-Id: Ie4bb5a7c836ce432617acec4d1eaa6ab520a934f
diff --git a/src/com/android/phone/ImsRcsController.java b/src/com/android/phone/ImsRcsController.java
index 9334078..701a759 100644
--- a/src/com/android/phone/ImsRcsController.java
+++ b/src/com/android/phone/ImsRcsController.java
@@ -16,6 +16,7 @@
package com.android.phone;
+import android.app.ActivityManager;
import android.content.pm.PackageManager;
import android.net.Uri;
import android.os.Binder;
@@ -270,7 +271,11 @@
@Override
public void requestCapabilities(int subId, String callingPackage, String callingFeatureId,
List<Uri> contactNumbers, IRcsUceControllerCallback c) {
- enforceReadPrivilegedPermission("requestCapabilities");
+ enforceAccessUserCapabilityExchangePermission("requestCapabilities");
+ enforceReadContactsPermission("requestCapabilities");
+ if (!isCallingProcessInForeground(Binder.getCallingUid())) {
+ throw new SecurityException("The caller is not in the foreground.");
+ }
final long token = Binder.clearCallingIdentity();
try {
UceControllerManager uceCtrlManager = getRcsFeatureController(subId).getFeature(
@@ -290,7 +295,11 @@
@Override
public void requestAvailability(int subId, String callingPackage,
String callingFeatureId, Uri contactNumber, IRcsUceControllerCallback c) {
- enforceReadPrivilegedPermission("requestAvailability");
+ enforceAccessUserCapabilityExchangePermission("requestAvailability");
+ enforceReadContactsPermission("requestAvailability");
+ if (!isCallingProcessInForeground(Binder.getCallingUid())) {
+ throw new SecurityException("The caller is not in the foreground.");
+ }
final long token = Binder.clearCallingIdentity();
try {
UceControllerManager uceCtrlManager = getRcsFeatureController(subId).getFeature(
@@ -548,6 +557,39 @@
}
/**
+ * Make sure the caller has the ACCESS_RCS_USER_CAPABILITY_EXCHANGE permission.
+ *
+ * @throws SecurityException if the caller does not have the required permission.
+ */
+ private void enforceAccessUserCapabilityExchangePermission(String message) {
+ mApp.enforceCallingOrSelfPermission(
+ android.Manifest.permission.ACCESS_RCS_USER_CAPABILITY_EXCHANGE, message);
+ }
+
+ /**
+ * Make sure the caller has the READ_CONTACTS permission.
+ *
+ * @throws SecurityException if the caller does not have the required permission.
+ */
+ private void enforceReadContactsPermission(String message) {
+ mApp.enforceCallingOrSelfPermission(
+ android.Manifest.permission.READ_CONTACTS, message);
+ }
+
+ /**
+ * Check if the calling process is in the foreground.
+ *
+ * @return true if the caller is in the foreground.
+ */
+ private boolean isCallingProcessInForeground(int uid) {
+ ActivityManager am = mApp.getSystemService(ActivityManager.class);
+ boolean isCallingProcessForeground = am != null
+ && am.getUidImportance(uid)
+ == ActivityManager.RunningAppProcessInfo.IMPORTANCE_FOREGROUND;
+ return isCallingProcessForeground;
+ }
+
+ /**
* Retrieve ImsPhone instance.
*
* @param subId the subscription ID
