From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Jason Chiu Date: Wed, 31 Jan 2024 16:29:01 +0800 Subject: [PATCH] Replace getCallingActivity() with getLaunchedFromPackage() getLaunchedFromPackage() reports who launched this Activity or built PendingIntent used to launch it, whereas getCallingActivity() reports who will get result of Activity. Bug: 316891059 Test: robotest, manual (cherry picked from commit ddc11bc03ab48e885f652b89df5f92ff283bcd4a) (cherry picked from commit 8bdbb580da847d82f16fb57883a01a5e65ffa696) (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:c7a8127d3bb6010617e507c03f7207dd50082953) Merged-In: If97018c2741caef622f0596bbfeaa42ef1788b78 Change-Id: If97018c2741caef622f0596bbfeaa42ef1788b78 --- .../search/SearchFeatureProvider.java | 2 +- .../search/SearchFeatureProviderImpl.java | 26 +++++++++---------- .../search/SearchResultTrampoline.java | 11 +++++++- .../search/SearchFeatureProviderImplTest.java | 15 ++++++----- 4 files changed, 31 insertions(+), 23 deletions(-) diff --git a/src/com/android/settings/search/SearchFeatureProvider.java b/src/com/android/settings/search/SearchFeatureProvider.java index 896f6e5c78c..cc6662acf1e 100644 --- a/src/com/android/settings/search/SearchFeatureProvider.java +++ b/src/com/android/settings/search/SearchFeatureProvider.java @@ -47,7 +47,7 @@ public interface SearchFeatureProvider { * @throws IllegalArgumentException when caller is null * @throws SecurityException when caller is not allowed to launch search result page */ - void verifyLaunchSearchResultPageCaller(Context context, @NonNull ComponentName caller) + void verifyLaunchSearchResultPageCaller(@NonNull Context context, @NonNull String callerPackage) throws SecurityException, IllegalArgumentException; /** diff --git a/src/com/android/settings/search/SearchFeatureProviderImpl.java b/src/com/android/settings/search/SearchFeatureProviderImpl.java index 63bf420c027..3a62ddfb67e 100644 --- a/src/com/android/settings/search/SearchFeatureProviderImpl.java +++ b/src/com/android/settings/search/SearchFeatureProviderImpl.java @@ -17,13 +17,14 @@ package com.android.settings.search; -import android.content.ComponentName; import android.content.Context; import android.content.Intent; import android.net.Uri; import android.provider.Settings; import android.text.TextUtils; +import androidx.annotation.NonNull; + import com.android.settingslib.search.SearchIndexableResources; import com.android.settingslib.search.SearchIndexableResourcesMobile; @@ -32,26 +33,23 @@ import com.android.settingslib.search.SearchIndexableResourcesMobile; */ public class SearchFeatureProviderImpl implements SearchFeatureProvider { - private static final String TAG = "SearchFeatureProvider"; - private SearchIndexableResources mSearchIndexableResources; @Override - public void verifyLaunchSearchResultPageCaller(Context context, ComponentName caller) { - if (caller == null) { + public void verifyLaunchSearchResultPageCaller(@NonNull Context context, + @NonNull String callerPackage) { + if (TextUtils.isEmpty(callerPackage)) { throw new IllegalArgumentException("ExternalSettingsTrampoline intents " + "must be called with startActivityForResult"); } - final String packageName = caller.getPackageName(); - final boolean isSettingsPackage = TextUtils.equals(packageName, context.getPackageName()) - || TextUtils.equals(getSettingsIntelligencePkgName(context), packageName); - final boolean isWhitelistedPackage = - isSignatureWhitelisted(context, caller.getPackageName()); - if (isSettingsPackage || isWhitelistedPackage) { + final boolean isSettingsPackage = TextUtils.equals(callerPackage, context.getPackageName()) + || TextUtils.equals(getSettingsIntelligencePkgName(context), callerPackage); + final boolean isAllowlistedPackage = isSignatureAllowlisted(context, callerPackage); + if (isSettingsPackage || isAllowlistedPackage) { return; } - throw new SecurityException("Search result intents must be called with from a " - + "whitelisted package."); + throw new SecurityException("Search result intents must be called with from an " + + "allowlisted package."); } @Override @@ -69,7 +67,7 @@ public class SearchFeatureProviderImpl implements SearchFeatureProvider { .putExtra(Intent.EXTRA_REFERRER, buildReferrer(context, pageId)); } - protected boolean isSignatureWhitelisted(Context context, String callerPackage) { + protected boolean isSignatureAllowlisted(Context context, String callerPackage) { return false; } diff --git a/src/com/android/settings/search/SearchResultTrampoline.java b/src/com/android/settings/search/SearchResultTrampoline.java index 3bbe6bd58a7..3a14e874eae 100644 --- a/src/com/android/settings/search/SearchResultTrampoline.java +++ b/src/com/android/settings/search/SearchResultTrampoline.java @@ -19,8 +19,10 @@ package com.android.settings.search; import static com.android.settings.SettingsActivity.EXTRA_SHOW_FRAGMENT_ARGUMENTS; import android.app.Activity; +import android.app.ActivityTaskManager; import android.content.Intent; import android.os.Bundle; +import android.os.RemoteException; import com.android.settings.SettingsActivity; import com.android.settings.SubSettings; @@ -35,10 +37,17 @@ public class SearchResultTrampoline extends Activity { protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); + String callerPackage; + try { + callerPackage = ActivityTaskManager.getService().getLaunchedFromPackage(getActivityToken()); + } catch (RemoteException e) { + throw e.rethrowFromSystemServer(); + } + // First make sure caller has privilege to launch a search result page. FeatureFactory.getFactory(this) .getSearchFeatureProvider() - .verifyLaunchSearchResultPageCaller(this, getCallingActivity()); + .verifyLaunchSearchResultPageCaller(this, callerPackage); // Didn't crash, proceed and launch the result as a subsetting. final Intent intent = getIntent(); diff --git a/tests/robotests/src/com/android/settings/search/SearchFeatureProviderImplTest.java b/tests/robotests/src/com/android/settings/search/SearchFeatureProviderImplTest.java index 444a8137889..ebd935d3406 100644 --- a/tests/robotests/src/com/android/settings/search/SearchFeatureProviderImplTest.java +++ b/tests/robotests/src/com/android/settings/search/SearchFeatureProviderImplTest.java @@ -21,7 +21,6 @@ import static com.google.common.truth.Truth.assertThat; import android.app.Activity; import android.app.settings.SettingsEnums; -import android.content.ComponentName; import android.content.Intent; import android.content.pm.ActivityInfo; import android.content.pm.ResolveInfo; @@ -126,20 +125,22 @@ public class SearchFeatureProviderImplTest { @Test(expected = SecurityException.class) public void verifyLaunchSearchResultPageCaller_badCaller_shouldCrash() { - final ComponentName cn = new ComponentName("pkg", "class"); - mProvider.verifyLaunchSearchResultPageCaller(mActivity, cn); + final String packageName = "pkg"; + + mProvider.verifyLaunchSearchResultPageCaller(mActivity, packageName); } @Test public void verifyLaunchSearchResultPageCaller_settingsCaller_shouldNotCrash() { - final ComponentName cn = new ComponentName(mActivity.getPackageName(), "class"); - mProvider.verifyLaunchSearchResultPageCaller(mActivity, cn); + final String packageName = mActivity.getPackageName(); + + mProvider.verifyLaunchSearchResultPageCaller(mActivity, packageName); } @Test public void verifyLaunchSearchResultPageCaller_settingsIntelligenceCaller_shouldNotCrash() { final String packageName = mProvider.getSettingsIntelligencePkgName(mActivity); - final ComponentName cn = new ComponentName(packageName, "class"); - mProvider.verifyLaunchSearchResultPageCaller(mActivity, cn); + + mProvider.verifyLaunchSearchResultPageCaller(mActivity, packageName); } }