Note that an NLS that shouldn't be approvable (because its name is too long) but was already approved (either before the max length check was introduced, or through other means) will disappear from the list if the user revokes its access. This might be somewhat confusing, but since this is a very-edge case already it's fine.
Bug: 282932362
Test: manual
Change-Id: I4c9faea68e6d16b1a4ec7f472b5433cac1704c06
Note that an NLS that shouldn't be approvable (because its name is too long) but was already approved (either before the max length check was introduced, or through other means) will disappear from the list if the user revokes its access. This might be somewhat confusing, but since this is a very-edge case already it's fine.
Bug: 282932362
Test: manual
Change-Id: Iccfe7b53d643d6c9f9516f91d3cee3309b11551e
Currently selected IME can inject KeyEvent on DeviceAdminAdd screen to
activate itself as device admin and cause various DoS attacks.
This CL ensures KeyEvent on "Activate" button can only come from system
apps.
Bug: 280793427
Test: atest DeviceAdminActivationTest
Change-Id: I6470d1684d707f4b1e86f8b456be0b4e0af5f188
(cherry picked from commit 70a501d02e)
Currently selected IME can inject KeyEvent on DeviceAdminAdd screen to
activate itself as device admin and cause various DoS attacks.
This CL ensures KeyEvent on "Activate" button can only come from system
apps.
Bug: 280793427
Test: atest DeviceAdminActivationTest
Change-Id: I6470d1684d707f4b1e86f8b456be0b4e0af5f188
(cherry picked from commit 70a501d02e)
Currently selected IME can inject KeyEvent on DeviceAdminAdd screen to
activate itself as device admin and cause various DoS attacks.
This CL ensures KeyEvent on "Activate" button can only come from system
apps.
Bug: 280793427
Test: atest DeviceAdminActivationTest
Change-Id: I6470d1684d707f4b1e86f8b456be0b4e0af5f188
(cherry picked from commit 70a501d02e)
When DISALLOW_CONFIG_LOCATION is set, make location service's
MainSwitchPreference pages for wifi scanning and bluetooth scanning
unavailable too, so that intent direct access is disabled.
screenshot: http://shortn/_kkK3BMTSh1
Bug: 277333746
Bug: 277333781
Test: atest SettingsRoboTests, on device
Change-Id: I52f9a11b1dd78a5e5dbb1bbde3cda7381c87ae39
- Check the deep link activity instance before redirecting to the
internal activity for the managed profile invocation, so the caller
can't bypass the permission check.
- Get the referrer as the caller so that onNewIntent can recognize the
new caller and check if it has a permission to open the target page.
Test: robotest & manual
Bug: 268193384
Change-Id: Ie69742983fb74ee2316b7aad16461db95ed927c2
Merged-In: Ie69742983fb74ee2316b7aad16461db95ed927c2
Test: install test app with long CN
Test: ServiceListingTest
Bug: 260570119
Change-Id: I3ffd02f6cf6bf282e7fc264fd070ed3add4d8571
Merged-In: I3ffd02f6cf6bf282e7fc264fd070ed3add4d8571
Test: install test app with long CN
Test: ServiceListingTest
Bug: 260570119
Change-Id: I3ffd02f6cf6bf282e7fc264fd070ed3add4d8571
Merged-In: I3ffd02f6cf6bf282e7fc264fd070ed3add4d8571
Test: install test app with long CN
Test: ServiceListingTest
Bug: 260570119
Change-Id: I3ffd02f6cf6bf282e7fc264fd070ed3add4d8571
Merged-In: I3ffd02f6cf6bf282e7fc264fd070ed3add4d8571
When using EXTRA_USER_HANDLE, check for INTERACT_ACROSS_USERS_FULL permission on calling package.
Bug: 259385017
Test: 1. Build a test app that creates and starts an intent to NOTIFICATION_LISTENER_DETAIL_SETTINGS while setting the intent extra android.intent.extra.user_handle to UserHandle(secondaryUserId).
2. Create and switch to a secondary user
Settings > System > Multiple users > Allow multiple users > Add user > Switch to New user
3. Open Settings > Notifications > Device & app notifications and choose an app from the list (uses android.permission.BIND_NOTIFICATION_LISTENER_SERVICE). Enable Device & app notifications for selected app and disable all attributed permissions.
4. Switch back to the Owner user.
5. Get the userId of the secondary user: adb shell pm list users.
6. Open the test app and enter the userId for the secondary user and the component name that uses android.permission.BIND_NOTIFICATION_LISTENER_SERVICE.
8. In the settings window that open, enable all 4 sub-options.
9. Switch to the secondary user and note that the all sub-options for the app are disabled.
Change-Id: I875b9f2fc32c252acdcf8374a14067836e0f1ac6
When using EXTRA_USER_HANDLE, check for INTERACT_ACROSS_USERS_FULL permission on calling package.
Bug: 259385017
Test: 1. Build a test app that creates and starts an intent to NOTIFICATION_LISTENER_DETAIL_SETTINGS while setting the intent extra android.intent.extra.user_handle to UserHandle(secondaryUserId).
2. Create and switch to a secondary user
Settings > System > Multiple users > Allow multiple users > Add user > Switch to New user
3. Open Settings > Notifications > Device & app notifications and choose an app from the list (uses android.permission.BIND_NOTIFICATION_LISTENER_SERVICE). Enable Device & app notifications for selected app and disable all attributed permissions.
4. Switch back to the Owner user.
5. Get the userId of the secondary user: adb shell pm list users.
6. Open the test app and enter the userId for the secondary user and the component name that uses android.permission.BIND_NOTIFICATION_LISTENER_SERVICE.
8. In the settings window that open, enable all 4 sub-options.
9. Switch to the secondary user and note that the all sub-options for the app are disabled.
Change-Id: I875b9f2fc32c252acdcf8374a14067836e0f1ac6
Merged-In: I875b9f2fc32c252acdcf8374a14067836e0f1ac6
When using EXTRA_USER_HANDLE, check for INTERACT_ACROSS_USERS_FULL permission on calling package.
Bug: 259385017
Test:
1. Build a test app that creates and starts an intent to NOTIFICATION_LISTENER_DETAIL_SETTINGS while setting the intent extra "android.intent.extra.user_handle" to UserHandle(secondaryUserId).
2. Create and switch to a secondary user
Settings > System > Multiple users > Allow multiple users > Add user > Switch to New user
3. Open Settings > Notifications > Device & app notifications and choose an app from the list (uses android.permission.BIND_NOTIFICATION_LISTENER_SERVICE). Enable Device & app notifications for selected app and disable all attributed permissions.
4. Switch back to the Owner user.
5. Get the userId of the secondary user: adb shell pm list users.
6. Open the test app and enter the userId for the secondary user and the component name that uses android.permission.BIND_NOTIFICATION_LISTENER_SERVICE.
8. In the settings window that open, enable all 4 sub-options.
9. Switch to the secondary user and note that the all sub-options for the app are disabled.
Change-Id: I875b9f2fc32c252acdcf8374a14067836e0f1ac6
(cherry picked from commit 99b8b4cd60)
