diff options
| author | Roshan Pius <rpius@google.com> | 2018-07-18 14:05:08 -0700 |
|---|---|---|
| committer | Roshan Pius <rpius@google.com> | 2018-07-24 13:30:26 -0700 |
| commit | a17a7c2fcc6cf9ed45297df1c6a8b204f79924d5 (patch) | |
| tree | 0c56451562d93fdbe8b9b479d5060d51314e5721 /tests | |
| parent | a20c154ab4d30b48b1fd6f638ae674473602fccb (diff) | |
WifiScanningService: Add permission for start/stop pno scan APIs
Only wifi service should invoke these calls.
Bug: 69862744
Test: Unit tests
Test: Verified that pno still works.
Change-Id: I62e617b6aef3808156625041782512bb9b6db1a0
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/wifitests/src/com/android/server/wifi/scanner/WifiScanningServiceTest.java | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/tests/wifitests/src/com/android/server/wifi/scanner/WifiScanningServiceTest.java b/tests/wifitests/src/com/android/server/wifi/scanner/WifiScanningServiceTest.java index b70834501..76222f77b 100644 --- a/tests/wifitests/src/com/android/server/wifi/scanner/WifiScanningServiceTest.java +++ b/tests/wifitests/src/com/android/server/wifi/scanner/WifiScanningServiceTest.java @@ -36,8 +36,10 @@ import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; import static org.mockito.Mockito.any; import static org.mockito.Mockito.anyBoolean; +import static org.mockito.Mockito.anyInt; import static org.mockito.Mockito.anyString; import static org.mockito.Mockito.argThat; +import static org.mockito.Mockito.doThrow; import static org.mockito.Mockito.eq; import static org.mockito.Mockito.inOrder; import static org.mockito.Mockito.mock; @@ -2387,4 +2389,48 @@ public class WifiScanningServiceTest { expectHwPnoScan(order, handler, requestId, pnoSettings.second, scanResults); verifyPnoNetworkFoundReceived(order, handler, requestId, scanResults.getRawScanResults()); } + + /** + * Verifies that only clients with NETWORK_STACK permission can issues restricted messages + * (from API's). + */ + @Test + public void rejectRestrictedMessagesFromNonPrivilegedApps() throws Exception { + mWifiScanningServiceImpl.startService(); + Handler handler = mock(Handler.class); + BidirectionalAsyncChannel controlChannel = connectChannel(handler); + + // Client doesn't have NETWORK_STACK permission. + doThrow(new SecurityException()).when(mContext).enforcePermission( + eq(Manifest.permission.NETWORK_STACK), anyInt(), eq(Binder.getCallingUid()), any()); + + controlChannel.sendMessage(Message.obtain(null, WifiScanner.CMD_ENABLE)); + mLooper.dispatchAll(); + + controlChannel.sendMessage(Message.obtain(null, WifiScanner.CMD_DISABLE)); + mLooper.dispatchAll(); + + controlChannel.sendMessage(Message.obtain(null, WifiScanner.CMD_START_PNO_SCAN)); + mLooper.dispatchAll(); + + controlChannel.sendMessage(Message.obtain(null, WifiScanner.CMD_STOP_PNO_SCAN)); + mLooper.dispatchAll(); + + // All 4 of the above messages should have been rejected because the app doesn't have + // the required permissions. + ArgumentCaptor<Message> messageCaptor = ArgumentCaptor.forClass(Message.class); + verify(handler, times(4)).handleMessage(messageCaptor.capture()); + assertFailedResponse(0, WifiScanner.REASON_NOT_AUTHORIZED, + "Not authorized", messageCaptor.getAllValues().get(0)); + assertFailedResponse(0, WifiScanner.REASON_NOT_AUTHORIZED, + "Not authorized", messageCaptor.getAllValues().get(1)); + assertFailedResponse(0, WifiScanner.REASON_NOT_AUTHORIZED, + "Not authorized", messageCaptor.getAllValues().get(2)); + assertFailedResponse(0, WifiScanner.REASON_NOT_AUTHORIZED, + "Not authorized", messageCaptor.getAllValues().get(3)); + + // Ensure we didn't create scanner instance. + verify(mWifiScannerImplFactory, never()).create(any(), any(), any()); + + } } |