Wi-Fi panel doesn't need to check permission

Prior to this cl, we use #getPackagesForUid()
to get a list of calling package names and
pick up 1st package name in the list as target
calling package. And then go to check the
Wi-Fi permission.

This implementation is ok for most apps without
sharing system uid. However, this may not work
if the caller is set as sharing system ui.
In this case, we get a list of packages
and we don't know which one is caller. So, if we
decide to choose the 1st package of list as our
calling package, then it could fail to pass
permission check since that package could not
a calling package.

In this cl, we skip permission check for those
packages running with system uid. So, it can resolve
this Wi-Fi Panel problem since Wi-Fi panel running
on settings process and also promise the security
issue at the same time.

Test: 1. adb shell am start -a android.settings.panel.action.WIFI
2. Verify on assistant app and system ui launcher and search app.
Bug: 240531998

Change-Id: Ia825853dde2e966e3d390cecfbe1a99f6439d31e

res/values/config.xml

@@ -627,4 +627,10 @@
 
     <!-- Whether to enable the advanced vpn feature. The default is not to. -->
     <bool name="config_advanced_vpn_enabled">false</bool>
+
+    <!-- An array of uid name for which packages exempt from Wi-Fi permission check. -->
+    <string-array name="config_exempt_wifi_permission_uid_name" translatable="false">
+        <item>@string/config_settingsintelligence_package_name</item>
+        <item>android.uid.system:1000</item>
+    </string-array>
 </resources>

src/com/android/settings/wifi/slice/WifiSlice.java

@@ -109,7 +109,7 @@ public class WifiSlice implements CustomSliceable {
 
         // If external calling package doesn't have Wi-Fi permission.
         final boolean isPermissionGranted =
-                Utils.isSettingsIntelligence(mContext) || isPermissionGranted(mContext);
+                isCallerExemptUid(mContext) || isPermissionGranted(mContext);
         ListBuilder listBuilder = getListBuilder(isWifiEnabled, null /* wifiSliceItem */,
                 isPermissionGranted);
         // If the caller doesn't have the permission granted, just return a slice without a toggle.
@@ -156,6 +156,21 @@ public class WifiSlice implements CustomSliceable {
         return userManager.isGuestUser();
     }
 
+    private boolean isCallerExemptUid(Context context) {
+        final String[] allowedUidNames = context.getResources().getStringArray(
+                R.array.config_exempt_wifi_permission_uid_name);
+        final String uidName =
+                context.getPackageManager().getNameForUid(Binder.getCallingUid());
+        Log.d(TAG, "calling uid name : " + uidName);
+
+        for (String allowedUidName : allowedUidNames) {
+            if (TextUtils.equals(uidName, allowedUidName)) {
+                return true;
+            }
+        }
+        return false;
+    }
+
     private static boolean isPermissionGranted(Context settingsContext) {
         final int callingUid = Binder.getCallingUid();
         final String callingPackage = settingsContext.getPackageManager()

tests/robotests/src/com/android/settings/wifi/slice/ContextualWifiSliceTest.java

@@ -103,6 +103,7 @@ public class ContextualWifiSliceTest {
                 mContext.getString(R.string.config_settingsintelligence_package_name);
         ShadowBinder.setCallingUid(1);
         when(mPackageManager.getPackagesForUid(1)).thenReturn(new String[]{siPackageName});
+        when(mPackageManager.getNameForUid(1)).thenReturn(siPackageName);
         ShadowWifiSlice.setWifiPermissible(true);
         mWifiSlice = new ContextualWifiSlice(mContext);
     }

tests/robotests/src/com/android/settings/wifi/slice/WifiSliceTest.java

@@ -114,6 +114,7 @@ public class WifiSliceTest {
         mSIPackageName = mContext.getString(R.string.config_settingsintelligence_package_name);
         ShadowBinder.setCallingUid(USER_ID);
         when(mPackageManager.getPackagesForUid(USER_ID)).thenReturn(new String[]{mSIPackageName});
+        when(mPackageManager.getNameForUid(USER_ID)).thenReturn(mSIPackageName);
         ShadowWifiSlice.setWifiPermissible(true);
         mWifiSlice = new WifiSlice(mContext, mWifiRestriction);
     }
@@ -148,6 +149,7 @@ public class WifiSliceTest {
     @Test
     public void getWifiSlice_fromSIPackage_shouldHaveTitleAndToggle() {
         when(mPackageManager.getPackagesForUid(USER_ID)).thenReturn(new String[]{mSIPackageName});
+        when(mPackageManager.getNameForUid(USER_ID)).thenReturn(mSIPackageName);
         ShadowWifiSlice.setWifiPermissible(false);
 
         final Slice wifiSlice = mWifiSlice.getSlice();
@@ -163,6 +165,7 @@ public class WifiSliceTest {
     @Test
     public void getWifiSlice_notFromSIPackageAndWithWifiPermission_shouldHaveTitleAndToggle() {
         when(mPackageManager.getPackagesForUid(USER_ID)).thenReturn(new String[]{"com.test"});
+        when(mPackageManager.getNameForUid(USER_ID)).thenReturn("com.test");
         ShadowWifiSlice.setWifiPermissible(true);
 
         final Slice wifiSlice = mWifiSlice.getSlice();
@@ -177,6 +180,7 @@ public class WifiSliceTest {
     @Test
     public void getWifiSlice_notFromSIPackageAndWithoutWifiPermission_shouldReturnNoToggle() {
         when(mPackageManager.getPackagesForUid(USER_ID)).thenReturn(new String[]{"com.test"});
+        when(mPackageManager.getNameForUid(USER_ID)).thenReturn("com.test");
         ShadowWifiSlice.setWifiPermissible(false);
 
         final Slice wifiSlice = mWifiSlice.getSlice();