diff options
| -rw-r--r-- | services/backup/java/com/android/server/backup/UserBackupManagerService.java | 2 | ||||
| -rw-r--r-- | services/robotests/backup/src/com/android/server/backup/UserBackupManagerServiceTest.java | 18 |
2 files changed, 20 insertions, 0 deletions
diff --git a/services/backup/java/com/android/server/backup/UserBackupManagerService.java b/services/backup/java/com/android/server/backup/UserBackupManagerService.java index 69154b49c96f..992e98473ae7 100644 --- a/services/backup/java/com/android/server/backup/UserBackupManagerService.java +++ b/services/backup/java/com/android/server/backup/UserBackupManagerService.java @@ -3120,6 +3120,8 @@ public class UserBackupManagerService { * to the backup agent during restore. */ public void excludeKeysFromRestore(String packageName, List<String> keys) { + mContext.enforceCallingOrSelfPermission(android.Manifest.permission.BACKUP, + "excludeKeysFromRestore"); mBackupPreferences.addExcludedKeys(packageName, keys); } diff --git a/services/robotests/backup/src/com/android/server/backup/UserBackupManagerServiceTest.java b/services/robotests/backup/src/com/android/server/backup/UserBackupManagerServiceTest.java index 8b2f15c2babb..fea61aa43442 100644 --- a/services/robotests/backup/src/com/android/server/backup/UserBackupManagerServiceTest.java +++ b/services/robotests/backup/src/com/android/server/backup/UserBackupManagerServiceTest.java @@ -85,6 +85,7 @@ import java.io.FileDescriptor; import java.io.IOException; import java.io.PrintWriter; import java.io.StringWriter; +import java.util.ArrayList; import java.util.List; /** @@ -519,6 +520,23 @@ public class UserBackupManagerServiceTest { expectThrows(SecurityException.class, backupManagerService::getCurrentTransportComponent); } + /** + * Test verifying that {@link UserBackupManagerService#excludeKeysFromRestore(String, List)} + * throws a {@link SecurityException} if the caller does not have backup permission. + */ + @Test + public void testExcludeKeysFromRestore_withoutPermission() throws Exception { + mShadowContext.denyPermissions(android.Manifest.permission.BACKUP); + UserBackupManagerService backupManagerService = createUserBackupManagerServiceAndRunTasks(); + + expectThrows( + SecurityException.class, + () -> + backupManagerService.excludeKeysFromRestore( + PACKAGE_1, + new ArrayList<String>(){})); + } + /* Tests for updating transport attributes */ private static final int PACKAGE_UID = 10; |