Java Code Examples for android.os.UserHandle#isSameApp()
The following examples show how to use
android.os.UserHandle#isSameApp() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: SenderPackageFilter.java From android_9.0.0_r45 with Apache License 2.0 | 6 votes |
|
@Override
public boolean matches(IntentFirewall ifw, ComponentName resolvedComponent, Intent intent,
int callerUid, int callerPid, String resolvedType, int receivingUid) {
IPackageManager pm = AppGlobals.getPackageManager();
int packageUid = -1;
try {
// USER_SYSTEM here is not important. Only app id is used and getPackageUid() will
// return a uid whether the app is installed for a user or not.
packageUid = pm.getPackageUid(mPackageName, PackageManager.MATCH_ANY_USER,
UserHandle.USER_SYSTEM);
} catch (RemoteException ex) {
// handled below
}
if (packageUid == -1) {
return false;
}
return UserHandle.isSameApp(packageUid, callerUid);
}
Example 2
| Source File: SliceManager.java From android_9.0.0_r45 with Apache License 2.0 | 6 votes |
|
/**
* Does the permission check to see if a caller has access to a specific slice.
* @hide
*/
public void enforceSlicePermission(Uri uri, String pkg, int pid, int uid,
String[] autoGrantPermissions) {
try {
if (UserHandle.isSameApp(uid, Process.myUid())) {
return;
}
if (pkg == null) {
throw new SecurityException("No pkg specified");
}
int result = mService.checkSlicePermission(uri, pkg, pid, uid, autoGrantPermissions);
if (result == PERMISSION_DENIED) {
throw new SecurityException("User " + uid + " does not have slice permission for "
+ uri + ".");
}
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
}
Example 3
| Source File: ActivityManager.java From AndroidComponentPlugin with Apache License 2.0 | 5 votes |
|
/** @hide */
public static int checkComponentPermission(String permission, int uid,
int owningUid, boolean exported) {
// Root, system server get to do everything.
final int appId = UserHandle.getAppId(uid);
if (appId == Process.ROOT_UID || appId == Process.SYSTEM_UID) {
return PackageManager.PERMISSION_GRANTED;
}
// Isolated processes don't get any permissions.
if (UserHandle.isIsolated(uid)) {
return PackageManager.PERMISSION_DENIED;
}
// If there is a uid that owns whatever is being accessed, it has
// blanket access to it regardless of the permissions it requires.
if (owningUid >= 0 && UserHandle.isSameApp(uid, owningUid)) {
return PackageManager.PERMISSION_GRANTED;
}
// If the target is not exported, then nobody else can get to it.
if (!exported) {
/*
RuntimeException here = new RuntimeException("here");
here.fillInStackTrace();
Slog.w(TAG, "Permission denied: checkComponentPermission() owningUid=" + owningUid,
here);
*/
return PackageManager.PERMISSION_DENIED;
}
if (permission == null) {
return PackageManager.PERMISSION_GRANTED;
}
try {
return AppGlobals.getPackageManager()
.checkUidPermission(permission, uid);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
}
Example 4
| Source File: UserManagerService.java From android_9.0.0_r45 with Apache License 2.0 | 5 votes |
|
/**
* @return whether the calling UID is system UID or root's UID or the calling app has the
* {@link android.Manifest.permission#MANAGE_USERS MANAGE_USERS}.
*/
private static final boolean hasManageUsersPermission() {
final int callingUid = Binder.getCallingUid();
return UserHandle.isSameApp(callingUid, Process.SYSTEM_UID)
|| callingUid == Process.ROOT_UID
|| hasPermissionGranted(android.Manifest.permission.MANAGE_USERS, callingUid);
}
Example 5
| Source File: UserManagerService.java From android_9.0.0_r45 with Apache License 2.0 | 5 votes |
|
/**
* @return whether the calling UID is system UID or root's UID or the calling app has the
* {@link android.Manifest.permission#MANAGE_USERS MANAGE_USERS} or
* {@link android.Manifest.permission#CREATE_USERS CREATE_USERS}.
*/
private static final boolean hasManageOrCreateUsersPermission() {
final int callingUid = Binder.getCallingUid();
return UserHandle.isSameApp(callingUid, Process.SYSTEM_UID)
|| callingUid == Process.ROOT_UID
|| hasPermissionGranted(android.Manifest.permission.MANAGE_USERS, callingUid)
|| hasPermissionGranted(android.Manifest.permission.CREATE_USERS, callingUid);
}
Example 6
| Source File: UserManagerService.java From android_9.0.0_r45 with Apache License 2.0 | 5 votes |
|
@Override
public Bundle getApplicationRestrictionsForUser(String packageName, int userId) {
if (UserHandle.getCallingUserId() != userId
|| !UserHandle.isSameApp(Binder.getCallingUid(), getUidForPackage(packageName))) {
checkSystemOrRoot("get application restrictions for other user/app " + packageName);
}
synchronized (mAppRestrictionsLock) {
// Read the restrictions from XML
return readApplicationRestrictionsLAr(packageName, userId);
}
}
Example 7
| Source File: ClipboardService.java From android_9.0.0_r45 with Apache License 2.0 | 5 votes |
|
private final void addActiveOwnerLocked(int uid, String pkg) {
final IPackageManager pm = AppGlobals.getPackageManager();
final int targetUserHandle = UserHandle.getCallingUserId();
final long oldIdentity = Binder.clearCallingIdentity();
try {
PackageInfo pi = pm.getPackageInfo(pkg, 0, targetUserHandle);
if (pi == null) {
throw new IllegalArgumentException("Unknown package " + pkg);
}
if (!UserHandle.isSameApp(pi.applicationInfo.uid, uid)) {
throw new SecurityException("Calling uid " + uid
+ " does not own package " + pkg);
}
} catch (RemoteException e) {
// Can't happen; the package manager is in the same process
} finally {
Binder.restoreCallingIdentity(oldIdentity);
}
PerUserClipboard clipboard = getClipboard();
if (clipboard.primaryClip != null && !clipboard.activePermissionOwners.contains(pkg)) {
final int N = clipboard.primaryClip.getItemCount();
for (int i=0; i<N; i++) {
grantItemLocked(clipboard.primaryClip.getItemAt(i), clipboard.primaryClipUid, pkg,
UserHandle.getUserId(uid));
}
clipboard.activePermissionOwners.add(pkg);
}
}
Example 8
| Source File: ActivityManager.java From android_9.0.0_r45 with Apache License 2.0 | 5 votes |
|
/** @hide */
public static int checkComponentPermission(String permission, int uid,
int owningUid, boolean exported) {
// Root, system server get to do everything.
final int appId = UserHandle.getAppId(uid);
if (appId == Process.ROOT_UID || appId == Process.SYSTEM_UID) {
return PackageManager.PERMISSION_GRANTED;
}
// Isolated processes don't get any permissions.
if (UserHandle.isIsolated(uid)) {
return PackageManager.PERMISSION_DENIED;
}
// If there is a uid that owns whatever is being accessed, it has
// blanket access to it regardless of the permissions it requires.
if (owningUid >= 0 && UserHandle.isSameApp(uid, owningUid)) {
return PackageManager.PERMISSION_GRANTED;
}
// If the target is not exported, then nobody else can get to it.
if (!exported) {
/*
RuntimeException here = new RuntimeException("here");
here.fillInStackTrace();
Slog.w(TAG, "Permission denied: checkComponentPermission() owningUid=" + owningUid,
here);
*/
return PackageManager.PERMISSION_DENIED;
}
if (permission == null) {
return PackageManager.PERMISSION_GRANTED;
}
try {
return AppGlobals.getPackageManager()
.checkUidPermission(permission, uid);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
}
Example 9
| Source File: ShortcutService.java From android_9.0.0_r45 with Apache License 2.0 | 4 votes |
|
private boolean isCallerSystem() {
final int callingUid = injectBinderCallingUid();
return UserHandle.isSameApp(callingUid, Process.SYSTEM_UID);
}
Example 10
| Source File: MediaSessionService.java From android_9.0.0_r45 with Apache License 2.0 | 4 votes |
|
@Override
public void setCallback(ICallback callback) {
final int pid = Binder.getCallingPid();
final int uid = Binder.getCallingUid();
final long token = Binder.clearCallingIdentity();
try {
if (!UserHandle.isSameApp(uid, Process.BLUETOOTH_UID)) {
throw new SecurityException("Only Bluetooth service processes can set"
+ " Callback");
}
synchronized (mLock) {
int userId = UserHandle.getUserId(uid);
FullUserRecord user = getFullUserRecordLocked(userId);
if (user == null || user.mFullUserId != userId) {
Log.w(TAG, "Only the full user can set the callback"
+ ", userId=" + userId);
return;
}
user.mCallback = callback;
Log.d(TAG, "The callback " + user.mCallback
+ " is set by " + getCallingPackageName(uid));
if (user.mCallback == null) {
return;
}
try {
user.mCallback.asBinder().linkToDeath(
new IBinder.DeathRecipient() {
@Override
public void binderDied() {
synchronized (mLock) {
user.mCallback = null;
}
}
}, 0);
user.pushAddressedPlayerChangedLocked();
} catch (RemoteException e) {
Log.w(TAG, "Failed to set callback", e);
user.mCallback = null;
}
}
} finally {
Binder.restoreCallingIdentity(token);
}
}
Example 11
| Source File: RecentTasks.java From android_9.0.0_r45 with Apache License 2.0 | 4 votes |
|
/**
* @return whether the current caller has the same uid as the recents component.
*/
boolean isCallerRecents(int callingUid) {
return UserHandle.isSameApp(callingUid, mRecentsUid);
}
Example 12
| Source File: UserManagerService.java From android_9.0.0_r45 with Apache License 2.0 | 3 votes |
|
/**
* Enforces that only the system UID or root's UID (on any user) can make certain calls to the
* UserManager.
*
* @param message used as message if SecurityException is thrown
* @throws SecurityException if the caller is not system or root
*/
private static void checkSystemOrRoot(String message) {
final int uid = Binder.getCallingUid();
if (!UserHandle.isSameApp(uid, Process.SYSTEM_UID) && uid != Process.ROOT_UID) {
throw new SecurityException("Only system may: " + message);
}
}
Example 13
| Source File: RecentTasks.java From android_9.0.0_r45 with Apache License 2.0 | 2 votes |
|
/**
* @return whether the given component is the recents component and shares the same uid as the
* recents component.
*/
boolean isRecentsComponent(ComponentName cn, int uid) {
return cn.equals(mRecentsComponent) && UserHandle.isSameApp(uid, mRecentsUid);
}
