From a71907e873fd9a46ceffa86fa93c132a9759294e Mon Sep 17 00:00:00 2001
From: Tsung-Mao Fang <tmfang@google.com>
Date: Thu, 11 Aug 2022 13:18:23 +0800
Subject: [PATCH] Wi-Fi panel doesn't need to check permission

Prior to this cl, we use #getPackagesForUid()
to get a list of calling package names and
pick up 1st package name in the list as target
calling package. And then go to check the
Wi-Fi permission.

This implementation is ok for most apps without
sharing system uid. However, this may not work
if the caller is set as sharing system ui.
In this case, we get a list of packages
and we don't know which one is caller. So, if we
decide to choose the 1st package of list as our
calling package, then it could fail to pass
permission check since that package could not
a calling package.

In this cl, we skip permission check for those
packages running with system uid. So, it can resolve
this Wi-Fi Panel problem since Wi-Fi panel running
on settings process and also promise the security
issue at the same time.

Test: 1. adb shell am start -a android.settings.panel.action.WIFI
2. Verify on assistant app and system ui launcher and search app.
Bug: 240531998

Change-Id: Ia825853dde2e966e3d390cecfbe1a99f6439d31e
Merged-In: Ia825853dde2e966e3d390cecfbe1a99f6439d31e
---
 res/values/config.xml                           |  6 ++++++
 .../android/settings/wifi/slice/WifiSlice.java  | 17 ++++++++++++++++-
 .../wifi/slice/ContextualWifiSliceTest.java     |  1 +
 .../settings/wifi/slice/WifiSliceTest.java      |  4 ++++
 4 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/res/values/config.xml b/res/values/config.xml
index 00117d7bda0..8b255e6bc7d 100755
--- a/res/values/config.xml
+++ b/res/values/config.xml
@@ -624,4 +624,10 @@
 
     <!-- Whether to enable the advanced vpn feature. The default is not to. -->
     <bool name="config_advanced_vpn_enabled">false</bool>
+
+    <!-- An array of uid name for which packages exempt from Wi-Fi permission check. -->
+    <string-array name="config_exempt_wifi_permission_uid_name" translatable="false">
+        <item>@string/config_settingsintelligence_package_name</item>
+        <item>android.uid.system:1000</item>
+    </string-array>
 </resources>
diff --git a/src/com/android/settings/wifi/slice/WifiSlice.java b/src/com/android/settings/wifi/slice/WifiSlice.java
index 2e5524e5b45..c06e8693511 100644
--- a/src/com/android/settings/wifi/slice/WifiSlice.java
+++ b/src/com/android/settings/wifi/slice/WifiSlice.java
@@ -109,7 +109,7 @@ public class WifiSlice implements CustomSliceable {
 
         // If external calling package doesn't have Wi-Fi permission.
         final boolean isPermissionGranted =
-                Utils.isSettingsIntelligence(mContext) || isPermissionGranted(mContext);
+                isCallerExemptUid(mContext) || isPermissionGranted(mContext);
         ListBuilder listBuilder = getListBuilder(isWifiEnabled, null /* wifiSliceItem */,
                 isPermissionGranted);
         // If the caller doesn't have the permission granted, just return a slice without a toggle.
@@ -156,6 +156,21 @@ public class WifiSlice implements CustomSliceable {
         return userManager.isGuestUser();
     }
 
+    private boolean isCallerExemptUid(Context context) {
+        final String[] allowedUidNames = context.getResources().getStringArray(
+                R.array.config_exempt_wifi_permission_uid_name);
+        final String uidName =
+                context.getPackageManager().getNameForUid(Binder.getCallingUid());
+        Log.d(TAG, "calling uid name : " + uidName);
+
+        for (String allowedUidName : allowedUidNames) {
+            if (TextUtils.equals(uidName, allowedUidName)) {
+                return true;
+            }
+        }
+        return false;
+    }
+
     private static boolean isPermissionGranted(Context settingsContext) {
         final int callingUid = Binder.getCallingUid();
         final String callingPackage = settingsContext.getPackageManager()
diff --git a/tests/robotests/src/com/android/settings/wifi/slice/ContextualWifiSliceTest.java b/tests/robotests/src/com/android/settings/wifi/slice/ContextualWifiSliceTest.java
index 52dcb5282da..d9c726ab058 100644
--- a/tests/robotests/src/com/android/settings/wifi/slice/ContextualWifiSliceTest.java
+++ b/tests/robotests/src/com/android/settings/wifi/slice/ContextualWifiSliceTest.java
@@ -103,6 +103,7 @@ public class ContextualWifiSliceTest {
                 mContext.getString(R.string.config_settingsintelligence_package_name);
         ShadowBinder.setCallingUid(1);
         when(mPackageManager.getPackagesForUid(1)).thenReturn(new String[]{siPackageName});
+        when(mPackageManager.getNameForUid(1)).thenReturn(siPackageName);
         ShadowWifiSlice.setWifiPermissible(true);
         mWifiSlice = new ContextualWifiSlice(mContext);
     }
diff --git a/tests/robotests/src/com/android/settings/wifi/slice/WifiSliceTest.java b/tests/robotests/src/com/android/settings/wifi/slice/WifiSliceTest.java
index 33302ce8dc7..5ed2e8b9444 100644
--- a/tests/robotests/src/com/android/settings/wifi/slice/WifiSliceTest.java
+++ b/tests/robotests/src/com/android/settings/wifi/slice/WifiSliceTest.java
@@ -114,6 +114,7 @@ public class WifiSliceTest {
         mSIPackageName = mContext.getString(R.string.config_settingsintelligence_package_name);
         ShadowBinder.setCallingUid(USER_ID);
         when(mPackageManager.getPackagesForUid(USER_ID)).thenReturn(new String[]{mSIPackageName});
+        when(mPackageManager.getNameForUid(USER_ID)).thenReturn(mSIPackageName);
         ShadowWifiSlice.setWifiPermissible(true);
         mWifiSlice = new WifiSlice(mContext, mWifiRestriction);
     }
@@ -148,6 +149,7 @@ public class WifiSliceTest {
     @Test
     public void getWifiSlice_fromSIPackage_shouldHaveTitleAndToggle() {
         when(mPackageManager.getPackagesForUid(USER_ID)).thenReturn(new String[]{mSIPackageName});
+        when(mPackageManager.getNameForUid(USER_ID)).thenReturn(mSIPackageName);
         ShadowWifiSlice.setWifiPermissible(false);
 
         final Slice wifiSlice = mWifiSlice.getSlice();
@@ -163,6 +165,7 @@ public class WifiSliceTest {
     @Test
     public void getWifiSlice_notFromSIPackageAndWithWifiPermission_shouldHaveTitleAndToggle() {
         when(mPackageManager.getPackagesForUid(USER_ID)).thenReturn(new String[]{"com.test"});
+        when(mPackageManager.getNameForUid(USER_ID)).thenReturn("com.test");
         ShadowWifiSlice.setWifiPermissible(true);
 
         final Slice wifiSlice = mWifiSlice.getSlice();
@@ -177,6 +180,7 @@ public class WifiSliceTest {
     @Test
     public void getWifiSlice_notFromSIPackageAndWithoutWifiPermission_shouldReturnNoToggle() {
         when(mPackageManager.getPackagesForUid(USER_ID)).thenReturn(new String[]{"com.test"});
+        when(mPackageManager.getNameForUid(USER_ID)).thenReturn("com.test");
         ShadowWifiSlice.setWifiPermissible(false);
 
         final Slice wifiSlice = mWifiSlice.getSlice();