Merge "Check for MANAGE_DEVICE_ADMINS permission instead of uids."

2016-01-20 18:09:54 +00:00
parent cdd5748df1 cd8d052f25
commit 737dab827e
1 changed files with 17 additions and 10 deletions
--- a/src/com/android/settings/ShowAdminSupportDetailsDialog.java
+++ b/src/com/android/settings/ShowAdminSupportDetailsDialog.java
@@ -26,6 +26,7 @@ import android.content.ComponentName;
 import android.content.DialogInterface;
 import android.content.Intent;
 import android.content.pm.ActivityInfo;
+import android.content.pm.PackageManager;
 import android.graphics.drawable.Drawable;
 import android.os.Bundle;
 import android.os.RemoteException;
@@ -52,16 +53,10 @@ public class ShowAdminSupportDetailsDialog extends Activity
        int userId = UserHandle.myUserId();
        Intent intent = getIntent();
        if (intent != null) {
-            IActivityManager am = ActivityManagerNative.getDefault();
-            try {
-                int uid = am.getLaunchedFromUid(getActivityToken());
-                // Only allow system to specify admin and user.
-                if (UserHandle.isSameApp(uid, android.os.Process.myUid())) {
-                    admin = intent.getParcelableExtra(DevicePolicyManager.EXTRA_DEVICE_ADMIN);
-                    userId = intent.getIntExtra(Intent.EXTRA_USER_ID, UserHandle.myUserId());
-                }
-            } catch (RemoteException e) {
-                Log.e(TAG, "Could not talk to activity manager.", e);
+            // Only allow apps with MANAGE_DEVICE_ADMINS permission to specify admin and user.
+            if (checkIfCallerHasPermission(android.Manifest.permission.MANAGE_DEVICE_ADMINS)) {
+                admin = intent.getParcelableExtra(DevicePolicyManager.EXTRA_DEVICE_ADMIN);
+                userId = intent.getIntExtra(Intent.EXTRA_USER_ID, UserHandle.myUserId());
            }
        }

@@ -76,6 +71,18 @@ public class ShowAdminSupportDetailsDialog extends Activity
                .show();
    }

+    private boolean checkIfCallerHasPermission(String permission) {
+        IActivityManager am = ActivityManagerNative.getDefault();
+        try {
+            final int uid = am.getLaunchedFromUid(getActivityToken());
+            return AppGlobals.getPackageManager().checkUidPermission(permission, uid)
+                    == PackageManager.PERMISSION_GRANTED;
+        } catch (RemoteException e) {
+            Log.e(TAG, "Could not talk to activity manager.", e);
+        }
+        return false;
+    }
+
    private void setAdminSupportDetails(View root, final ComponentName admin, final int userId) {
        if (admin != null) {
            CharSequence supportMessage = mDpm.getShortSupportMessageForUser(admin, userId);