WifiPermissionsUtil: add checkConfigOverride

Add a helper method to allow callers to check the calling UID for the override config permission. This CL moves the call from WifiConfigManager to the util/WifiPermissionsUtil class and adds tests. Bug: 35870086 Test: frameworks/opt/net/wifi/tests/wifitests/runtests.sh Test: frameworks/base/wifi/tests/runtests.sh Change-Id: I5aa1bbc82eb86408272564365d45b7ddbf7cc661
author: Rebecca Silberstein <silberst@google.com> 2017-03-01 14:21:13 -0800
committer: Rebecca Silberstein <silberst@google.com> 2017-03-09 18:23:12 +0000
commit: 835e781643b79c30fabbab5595770cf01b5861fb (patch)
tree: 5a7570660631b8fa83efcaac761660ad6a9a1483 /tests
parent: a9f4a722ac91fe87352f2e0cfec72fdfbb35ba5d (diff)
3 files changed, 61 insertions, 52 deletions
diff --git a/tests/wifitests/src/com/android/server/wifi/WifiConfigManagerTest.java b/tests/wifitests/src/com/android/server/wifi/WifiConfigManagerTest.java
index a00458726..5c78d0de3 100644
--- a/tests/wifitests/src/com/android/server/wifi/WifiConfigManagerTest.java
+++ b/tests/wifitests/src/com/android/server/wifi/WifiConfigManagerTest.java
@@ -44,6 +44,7 @@ import android.util.Pair;
 
 import com.android.internal.R;
 import com.android.server.wifi.WifiConfigStoreLegacy.WifiConfigStoreDataLegacy;
+import com.android.server.wifi.util.WifiPermissionsUtil;
 import com.android.server.wifi.util.WifiPermissionsWrapper;
 
 import org.junit.After;
@@ -95,7 +96,6 @@ public class WifiConfigManagerTest {
     private static final String TEST_PAC_PROXY_LOCATION_2 = "http://blah";
 
     @Mock private Context mContext;
-    @Mock private FrameworkFacade mFrameworkFacade;
     @Mock private Clock mClock;
     @Mock private UserManager mUserManager;
     @Mock private TelephonyManager mTelephonyManager;
@@ -104,6 +104,7 @@ public class WifiConfigManagerTest {
     @Mock private WifiConfigStoreLegacy mWifiConfigStoreLegacy;
     @Mock private PackageManager mPackageManager;
     @Mock private DevicePolicyManagerInternal mDevicePolicyManagerInternal;
+    @Mock private WifiPermissionsUtil mWifiPermissionsUtil;
     @Mock private WifiPermissionsWrapper mWifiPermissionsWrapper;
     @Mock private NetworkListStoreData mNetworkListStoreData;
     @Mock private DeletedEphemeralSsidsStoreData mDeletedEphemeralSsidsStoreData;
@@ -163,17 +164,6 @@ public class WifiConfigManagerTest {
             }
         }).when(mPackageManager).getPackageUidAsUser(anyString(), anyInt(), anyInt());
 
-        // Both the UID's in the test have the configuration override permission granted by
-        // default. This maybe modified for particular tests if needed.
-        doAnswer(new AnswerWithArguments() {
-            public int answer(String permName, int uid) throws Exception {
-                if (uid == TEST_CREATOR_UID || uid == TEST_UPDATE_UID || uid == TEST_SYSUI_UID) {
-                    return PackageManager.PERMISSION_GRANTED;
-                }
-                return PackageManager.PERMISSION_DENIED;
-            }
-        }).when(mFrameworkFacade).checkUidPermission(anyString(), anyInt());
-
         when(mWifiKeyStore
                 .updateNetworkKeys(any(WifiConfiguration.class), any(WifiConfiguration.class)))
                 .thenReturn(true);
@@ -182,6 +172,7 @@ public class WifiConfigManagerTest {
 
         when(mDevicePolicyManagerInternal.isActiveAdminWithPolicy(anyInt(), anyInt()))
                 .thenReturn(false);
+        when(mWifiPermissionsUtil.checkConfigOverridePermission(anyInt())).thenReturn(true);
         when(mWifiPermissionsWrapper.getDevicePolicyManagerInternal())
                 .thenReturn(mDevicePolicyManagerInternal);
         createWifiConfigManager();
@@ -313,15 +304,7 @@ public class WifiConfigManagerTest {
         // Now change BSSID of the network.
         assertAndSetNetworkBSSID(openNetwork, TEST_BSSID);
 
-        // Deny permission for |UPDATE_UID|.
-        doAnswer(new AnswerWithArguments() {
-            public int answer(String permName, int uid) throws Exception {
-                if (uid == TEST_CREATOR_UID) {
-                    return PackageManager.PERMISSION_GRANTED;
-                }
-                return PackageManager.PERMISSION_DENIED;
-            }
-        }).when(mFrameworkFacade).checkUidPermission(anyString(), anyInt());
+        when(mWifiPermissionsUtil.checkConfigOverridePermission(anyInt())).thenReturn(false);
 
         // Update the same configuration and ensure that the operation failed.
         NetworkUpdateResult result = updateNetworkToWifiConfigManager(openNetwork);
@@ -344,13 +327,6 @@ public class WifiConfigManagerTest {
         // Now change BSSID of the network.
         assertAndSetNetworkBSSID(openNetwork, TEST_BSSID);
 
-        // Deny permission for all UIDs.
-        doAnswer(new AnswerWithArguments() {
-            public int answer(String permName, int uid) throws Exception {
-                return PackageManager.PERMISSION_DENIED;
-            }
-        }).when(mFrameworkFacade).checkUidPermission(anyString(), anyInt());
-
         // Update the same configuration using the creator UID.
         NetworkUpdateResult result =
                 mWifiConfigManager.addOrUpdateNetwork(openNetwork, TEST_CREATOR_UID);
@@ -746,15 +722,7 @@ public class WifiConfigManagerTest {
         assertTrue(retrievedStatus.isNetworkEnabled());
         verifyUpdateNetworkStatus(retrievedNetwork, WifiConfiguration.Status.ENABLED);
 
-        // Deny permission for |UPDATE_UID|.
-        doAnswer(new AnswerWithArguments() {
-            public int answer(String permName, int uid) throws Exception {
-                if (uid == TEST_CREATOR_UID) {
-                    return PackageManager.PERMISSION_GRANTED;
-                }
-                return PackageManager.PERMISSION_DENIED;
-            }
-        }).when(mFrameworkFacade).checkUidPermission(anyString(), anyInt());
+        when(mWifiPermissionsUtil.checkConfigOverridePermission(anyInt())).thenReturn(false);
 
         // Now try to set it disabled with |TEST_UPDATE_UID|, it should fail and the network
         // should remain enabled.
@@ -783,15 +751,7 @@ public class WifiConfigManagerTest {
                 mWifiConfigManager.getConfiguredNetwork(result.getNetworkId());
         assertEquals(TEST_CREATOR_UID, retrievedNetwork.lastConnectUid);
 
-        // Deny permission for |UPDATE_UID|.
-        doAnswer(new AnswerWithArguments() {
-            public int answer(String permName, int uid) throws Exception {
-                if (uid == TEST_CREATOR_UID) {
-                    return PackageManager.PERMISSION_GRANTED;
-                }
-                return PackageManager.PERMISSION_DENIED;
-            }
-        }).when(mFrameworkFacade).checkUidPermission(anyString(), anyInt());
+        when(mWifiPermissionsUtil.checkConfigOverridePermission(anyInt())).thenReturn(false);
 
         // Now try to update the last connect UID with |TEST_UPDATE_UID|, it should fail and
         // the lastConnectUid should remain the same.
@@ -3221,6 +3181,8 @@ public class WifiConfigManagerTest {
         when(mDevicePolicyManagerInternal.isActiveAdminWithPolicy(anyInt(),
                 eq(DeviceAdminInfo.USES_POLICY_DEVICE_OWNER)))
                 .thenReturn(withDeviceOwnerPolicy);
+        when(mWifiPermissionsUtil.checkConfigOverridePermission(anyInt()))
+                .thenReturn(withConfOverride);
         int uid = withConfOverride ? TEST_CREATOR_UID : TEST_NO_PERM_UID;
         NetworkUpdateResult result = mWifiConfigManager.addOrUpdateNetwork(network, uid);
         assertEquals(assertSuccess, result.getNetworkId() != WifiConfiguration.INVALID_NETWORK_ID);
@@ -3230,9 +3192,9 @@ public class WifiConfigManagerTest {
     private void createWifiConfigManager() {
         mWifiConfigManager =
                 new WifiConfigManager(
-                        mContext, mFrameworkFacade, mClock, mUserManager, mTelephonyManager,
+                        mContext, mClock, mUserManager, mTelephonyManager,
                         mWifiKeyStore, mWifiConfigStore, mWifiConfigStoreLegacy,
-                        mWifiPermissionsWrapper, mNetworkListStoreData,
+                        mWifiPermissionsUtil, mWifiPermissionsWrapper, mNetworkListStoreData,
                         mDeletedEphemeralSsidsStoreData);
         mWifiConfigManager.enableVerboseLogging(1);
     }
diff --git a/tests/wifitests/src/com/android/server/wifi/WifiStateMachineTest.java b/tests/wifitests/src/com/android/server/wifi/WifiStateMachineTest.java
index 9ab24c56b..a56773ec0 100644
--- a/tests/wifitests/src/com/android/server/wifi/WifiStateMachineTest.java
+++ b/tests/wifitests/src/com/android/server/wifi/WifiStateMachineTest.java
@@ -196,8 +196,6 @@ public class WifiStateMachineTest {
                     }
                 });
 
-        when(facade.checkUidPermission(eq(android.Manifest.permission.OVERRIDE_WIFI_CONFIG),
-                anyInt())).thenReturn(PackageManager.PERMISSION_GRANTED);
         return facade;
     }
 
diff --git a/tests/wifitests/src/com/android/server/wifi/util/WifiPermissionsUtilTest.java b/tests/wifitests/src/com/android/server/wifi/util/WifiPermissionsUtilTest.java
index c783933cc..33495f904 100644
--- a/tests/wifitests/src/com/android/server/wifi/util/WifiPermissionsUtilTest.java
+++ b/tests/wifitests/src/com/android/server/wifi/util/WifiPermissionsUtilTest.java
@@ -17,6 +17,8 @@
 package com.android.server.wifi.util;
 
 import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
 import static org.mockito.Matchers.anyInt;
 import static org.mockito.Matchers.anyString;
 import static org.mockito.Mockito.doAnswer;
@@ -32,13 +34,14 @@ import android.content.pm.PackageManager;
 import android.content.pm.UserInfo;
 import android.net.NetworkScoreManager;
 import android.os.Build;
+import android.os.RemoteException;
 import android.os.UserHandle;
 import android.os.UserManager;
 import android.provider.Settings;
 
 import com.android.server.wifi.BinderUtil;
+import com.android.server.wifi.FakeWifiLog;
 import com.android.server.wifi.WifiInjector;
-import com.android.server.wifi.WifiLog;
 import com.android.server.wifi.WifiSettingsStore;
 
 import org.junit.Before;
@@ -47,6 +50,7 @@ import org.junit.runner.RunWith;
 import org.junit.runners.JUnit4;
 import org.mockito.Mock;
 import org.mockito.MockitoAnnotations;
+import org.mockito.Spy;
 import org.mockito.invocation.InvocationOnMock;
 import org.mockito.stubbing.Answer;
 
@@ -70,7 +74,7 @@ public class WifiPermissionsUtilTest {
     @Mock private ContentResolver mMockContentResolver;
     @Mock private NetworkScoreManager mNetworkScoreManager;
     @Mock private WifiInjector mWifiInjector;
-    @Mock private WifiLog mWifiLog;
+    @Spy private FakeWifiLog mWifiLog;
 
     private static final String TEST_PACKAGE_NAME = "com.google.somePackage";
     private static final String INVALID_PACKAGE  = "BAD_PACKAGE";
@@ -113,6 +117,51 @@ public class WifiPermissionsUtilTest {
     }
 
     /**
+     * Verify we return true when the UID does have the override config permission
+     */
+    @Test
+    public void testCheckConfigOverridePermissionApproved() throws Exception {
+        mUid = MANAGED_PROFILE_UID;  // do not really care about this value
+        setupTestCase();
+        WifiPermissionsUtil codeUnderTest = new WifiPermissionsUtil(mMockPermissionsWrapper,
+                mMockContext, mMockWifiSettingsStore, mMockUserManager, mNetworkScoreManager,
+                mWifiInjector);
+        when(mMockPermissionsWrapper.getOverrideWifiConfigPermission(anyInt()))
+                .thenReturn(PackageManager.PERMISSION_GRANTED);
+        assertTrue(codeUnderTest.checkConfigOverridePermission(mUid));
+    }
+
+    /**
+     * Verify we return false when the UID does not have the override config permission.
+     */
+    @Test
+    public void testCheckConfigOverridePermissionDenied() throws Exception {
+        mUid = OTHER_USER_UID;  // do not really care about this value
+        setupTestCase();
+        WifiPermissionsUtil codeUnderTest = new WifiPermissionsUtil(mMockPermissionsWrapper,
+                mMockContext, mMockWifiSettingsStore, mMockUserManager, mNetworkScoreManager,
+                mWifiInjector);
+        when(mMockPermissionsWrapper.getOverrideWifiConfigPermission(anyInt()))
+                .thenReturn(PackageManager.PERMISSION_DENIED);
+        assertFalse(codeUnderTest.checkConfigOverridePermission(mUid));
+    }
+
+    /**
+     * Verify we return false when the override config permission check throws a RemoteException.
+     */
+    @Test
+    public void testCheckConfigOverridePermissionWithException() throws Exception {
+        mUid = OTHER_USER_UID;  // do not really care about this value
+        setupTestCase();
+        WifiPermissionsUtil codeUnderTest = new WifiPermissionsUtil(mMockPermissionsWrapper,
+                mMockContext, mMockWifiSettingsStore, mMockUserManager, mNetworkScoreManager,
+                mWifiInjector);
+        doThrow(new RemoteException("Failed to check permissions for " + mUid))
+                .when(mMockPermissionsWrapper).getOverrideWifiConfigPermission(mUid);
+        assertFalse(codeUnderTest.checkConfigOverridePermission(mUid));
+    }
+
+    /**
      * Test case setting: Package is valid
      *                    Caller can read peers mac address
      *                    This App has permission to request WIFI_SCAN
author	Rebecca Silberstein <silberst@google.com>	2017-03-01 14:21:13 -0800
committer	Rebecca Silberstein <silberst@google.com>	2017-03-09 18:23:12 +0000
commit	835e781643b79c30fabbab5595770cf01b5861fb (patch)
tree	5a7570660631b8fa83efcaac761660ad6a9a1483 /tests
parent	a9f4a722ac91fe87352f2e0cfec72fdfbb35ba5d (diff)