18669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot/* 28669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * Copyright (C) 2009 The Android Open Source Project 38669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * 48669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * Licensed under the Apache License, Version 2.0 (the "License"); 58669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * you may not use this file except in compliance with the License. 68669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * You may obtain a copy of the License at 78669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * 88669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * http://www.apache.org/licenses/LICENSE-2.0 98669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * 108669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * Unless required by applicable law or agreed to in writing, software 118669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * distributed under the License is distributed on an "AS IS" BASIS, 128669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 138669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * See the License for the specific language governing permissions and 148669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * limitations under the License. 158669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot */ 168669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot 178669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabotpackage com.android.providers.downloads.permission.tests; 188669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot 198669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabotimport java.io.FileNotFoundException; 208669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabotimport java.io.FileOutputStream; 218669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabotimport java.io.IOException; 228669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot 238669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabotimport android.content.ContentResolver; 248669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabotimport android.content.ContentValues; 258669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabotimport android.content.Intent; 268669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabotimport android.provider.Downloads; 278669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabotimport android.test.AndroidTestCase; 288669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabotimport android.test.suitebuilder.annotation.MediumTest; 298669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot 308669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot/** 318669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * Verify that protected Download provider actions require specific permissions. 328669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * 338669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * TODO: consider adding test where app has ACCESS_DOWNLOAD_MANAGER, but not 348669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * ACCESS_DOWNLOAD_MANAGER_ADVANCED 358669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot */ 368669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabotpublic class DownloadProviderPermissionsTest extends AndroidTestCase { 378669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot 388669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot private ContentResolver mContentResolver; 398669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot 408669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot @Override 418669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot protected void setUp() throws Exception { 428669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot super.setUp(); 438669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot mContentResolver = getContext().getContentResolver(); 448669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot } 458669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot 468669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot /** 478669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * Test that an app cannot access the /cache filesystem 488669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * <p>Tests Permission: 49b06b739b078ce4b00600487cfec31659647bf31fSteve Howard * {@link android.Manifest.permission#ACCESS_CACHE_FILESYSTEM} 508669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot */ 518669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot @MediumTest 528669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot public void testAccessCacheFilesystem() throws IOException { 538669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot try { 548669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot String filePath = "/cache/this-should-not-exist.txt"; 558669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot FileOutputStream strm = new FileOutputStream(filePath); 568669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot strm.write("Oops!".getBytes()); 578669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot strm.flush(); 588669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot strm.close(); 598669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot fail("Was able to create and write to " + filePath); 608669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot } catch (SecurityException e) { 618669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot // expected 628669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot } catch (FileNotFoundException e) { 638669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot // also could be expected 648669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot } 658669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot } 668669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot 678669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot /** 688669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * Test that an untrusted app cannot write to the download provider 698669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * <p>Tests Permission: 708669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * {@link com.android.providers.downloads.Manifest.permission#ACCESS_DOWNLOAD_MANAGER} 71b06b739b078ce4b00600487cfec31659647bf31fSteve Howard * and 72b06b739b078ce4b00600487cfec31659647bf31fSteve Howard * {@link android.Manifest.permission#INTERNET} 738669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot */ 748669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot @MediumTest 75b06b739b078ce4b00600487cfec31659647bf31fSteve Howard public void testWriteDownloadProvider() { 768669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot try { 778669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot ContentValues values = new ContentValues(); 787dd92fa94df0a13b4592ee636b7aa2b605f6b473Jean-Baptiste Queru values.put(Downloads.Impl.COLUMN_URI, "foo"); 797dd92fa94df0a13b4592ee636b7aa2b605f6b473Jean-Baptiste Queru mContentResolver.insert(Downloads.Impl.CONTENT_URI, values); 808669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot fail("write to provider did not throw SecurityException as expected."); 818669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot } catch (SecurityException e) { 828669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot // expected 838669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot } 848669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot } 858669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot 868669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot /** 878669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * Test that an untrusted app cannot access the download service 888669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * <p>Tests Permission: 898669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot * {@link com.android.providers.downloads.Manifest.permission#ACCESS_DOWNLOAD_MANAGER} 908669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot */ 918669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot @MediumTest 92b06b739b078ce4b00600487cfec31659647bf31fSteve Howard public void testStartDownloadService() { 938669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot try { 948669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot Intent downloadServiceIntent = new Intent(); 958669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot downloadServiceIntent.setClassName("com.android.providers.downloads", 968669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot "com.android.providers.downloads.DownloadService"); 978669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot getContext().startService(downloadServiceIntent); 988669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot fail("starting download service did not throw SecurityException as expected."); 998669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot } catch (SecurityException e) { 1008669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot // expected 1018669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot } 1028669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot } 1038669ad1117c7502d74ef24e2a7f9df387f5eddd2Brett Chabot} 104