diff options
| author | Robert Greenwalt <rgreenwalt@google.com> | 2020-01-07 16:18:29 -0800 |
|---|---|---|
| committer | Sarah Chin <sarahchin@google.com> | 2020-04-14 11:41:53 -0700 |
| commit | 1ace38473c9eb9853aedbc908d45a91d155ff196 (patch) | |
| tree | 3c25965e0d85667e9180d6bd7db4e7461b6266e4 /telephony/common | |
| parent | 8d7c075bee99ffeb70b35ea0689cfc9a7559a74c (diff) | |
Move getMsisdn and getLine1Number to READ_PHONE_NUMBERS
This is done to get dangerous stuff off the READ_PHONE_STATE permission.
Also keeping READ_PHONE_STATE for apps targeting old SDK versions.
Refactored getPhoneNumber to allow READ_PHONE_STATE pre-R
Bug: 136160623
Test: atest SubInfoControllerTest, TelephonyPermissionsTest
Change-Id: I5c0adcbe432ffcbb22ac8959792ee60da7039f15
Merged-In: I5c0adcbe432ffcbb22ac8959792ee60da7039f15
Diffstat (limited to 'telephony/common')
| -rw-r--r-- | telephony/common/com/android/internal/telephony/TelephonyPermissions.java | 23 |
1 files changed, 14 insertions, 9 deletions
diff --git a/telephony/common/com/android/internal/telephony/TelephonyPermissions.java b/telephony/common/com/android/internal/telephony/TelephonyPermissions.java index 2077800cd808..333a4f703f8b 100644 --- a/telephony/common/com/android/internal/telephony/TelephonyPermissions.java +++ b/telephony/common/com/android/internal/telephony/TelephonyPermissions.java @@ -445,8 +445,9 @@ public final class TelephonyPermissions { /** * Returns whether the caller can read phone numbers. * - * <p>Besides apps with the ability to read phone state per {@link #checkReadPhoneState}, the - * default SMS app and apps with READ_SMS or READ_PHONE_NUMBERS can also read phone numbers. + * <p>Besides apps with the ability to read phone state per {@link #checkReadPhoneState} + * (only prior to R), the default SMS app and apps with READ_SMS or READ_PHONE_NUMBERS + * can also read phone numbers. */ public static boolean checkCallingOrSelfReadPhoneNumber( Context context, int subId, String callingPackage, @Nullable String callingFeatureId, @@ -459,8 +460,9 @@ public final class TelephonyPermissions { /** * Returns whether the caller can read phone numbers. * - * <p>Besides apps with the ability to read phone state per {@link #checkReadPhoneState}, the - * default SMS app and apps with READ_SMS or READ_PHONE_NUMBERS can also read phone numbers. + * <p>Besides apps with the ability to read phone state per {@link #checkReadPhoneState} + * (only prior to R), the default SMS app and apps with READ_SMS or READ_PHONE_NUMBERS + * can also read phone numbers. */ @VisibleForTesting public static boolean checkReadPhoneNumber( @@ -476,12 +478,15 @@ public final class TelephonyPermissions { // NOTE(b/73308711): If an app has one of the following AppOps bits explicitly revoked, they // will be denied access, even if they have another permission and AppOps bit if needed. - // First, check if we can read the phone state. + // First, check if we can read the phone state and the SDK version is below R. try { - return checkReadPhoneState( - context, subId, pid, uid, callingPackage, callingFeatureId, - message); - } catch (SecurityException readPhoneStateSecurityException) { + ApplicationInfo info = context.getPackageManager().getApplicationInfoAsUser( + callingPackage, 0, UserHandle.getUserHandleForUid(Binder.getCallingUid())); + if (info.targetSdkVersion <= Build.VERSION_CODES.Q) { + return checkReadPhoneState( + context, subId, pid, uid, callingPackage, callingFeatureId, message); + } + } catch (SecurityException | PackageManager.NameNotFoundException e) { } // Can be read with READ_SMS too. try { |