1/*
2 * Copyright (C) 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
15 */
16package com.android.providers.contacts.util;
17
18import android.content.Context;
19import android.content.Intent;
20import android.content.pm.PackageManager;
21import android.net.Uri;
22import android.os.Binder;
23import android.os.Process;
24import android.util.Log;
25
26public class ContactsPermissions {
27    private static final String TAG = "ContactsPermissions";
28
29    private static final boolean DEBUG = false; // DO NOT submit with true
30
31    // Normally, we allow calls from self, *except* in unit tests, where we clear this flag
32    // to emulate calls from other apps.
33    public static boolean ALLOW_SELF_CALL = true;
34
35    private ContactsPermissions() {
36    }
37
38    public static boolean hasCallerOrSelfPermission(Context context, String permission) {
39        boolean ok = false;
40
41        if (ALLOW_SELF_CALL && Binder.getCallingPid() == Process.myPid()) {
42            ok = true; // Called by self; always allow.
43        } else {
44            ok = context.checkCallingOrSelfPermission(permission)
45                    == PackageManager.PERMISSION_GRANTED;
46        }
47        if (DEBUG) {
48            Log.d(TAG, "hasCallerOrSelfPermission: "
49                    + " perm=" + permission
50                    + " caller=" + Binder.getCallingPid()
51                    + " self=" + Process.myPid()
52                    + " ok=" + ok);
53        }
54        return ok;
55    }
56
57    public static void enforceCallingOrSelfPermission(Context context, String permission) {
58        final boolean ok = hasCallerOrSelfPermission(context, permission);
59        if (!ok) {
60            throw new SecurityException(String.format("The caller must have the %s permission.",
61                    permission));
62        }
63    }
64
65    public static boolean hasPackagePermission(Context context, String permission, String pkg) {
66        boolean ok = false;
67        if (ALLOW_SELF_CALL && context.getPackageName().equals(pkg)) {
68            ok =  true; // Called by self; always allow.
69        } else {
70            ok = context.getPackageManager().checkPermission(permission, pkg)
71                    == PackageManager.PERMISSION_GRANTED;
72        }
73        if (DEBUG) {
74            Log.d(TAG, "hasCallerOrSelfPermission: "
75                    + " perm=" + permission
76                    + " pkg=" + pkg
77                    + " self=" + context.getPackageName()
78                    + " ok=" + ok);
79        }
80        return ok;
81    }
82
83    public static boolean hasCallerUriPermission(Context context, Uri uri, int modeFlags) {
84        boolean ok = false;
85        if (ALLOW_SELF_CALL && Binder.getCallingPid() == Process.myPid()) {
86            ok =  true; // Called by self; always allow.
87        } else {
88            ok = context.checkCallingUriPermission(uri, modeFlags)
89                    == PackageManager.PERMISSION_GRANTED;
90        }
91        if (DEBUG) {
92            Log.d(TAG, "hasCallerUriPermission: "
93                    + " uri=" + uri
94                    + " caller=" + Binder.getCallingPid()
95                    + " self=" + Process.myPid()
96                    + " ok=" + ok);
97        }
98        return ok;
99    }
100}
101