1 /* 2 * Copyright (C) 2011 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License 15 */ 16 17 package com.android.providers.contacts; 18 19 import android.content.Context; 20 import android.os.Binder; 21 import android.telecom.TelecomManager; 22 import android.telephony.TelephonyManager; 23 import android.text.TextUtils; 24 25 import com.android.providers.contacts.util.ContactsPermissions; 26 27 /** 28 * Provides method related to check various voicemail permissions under the 29 * specified context. 30 * <p> This is an immutable object. 31 */ 32 public class VoicemailPermissions { 33 private final Context mContext; 34 VoicemailPermissions(Context context)35 public VoicemailPermissions(Context context) { 36 mContext = context; 37 } 38 39 /** Determines if the calling process has access to its own voicemails. */ callerHasOwnVoicemailAccess()40 public boolean callerHasOwnVoicemailAccess() { 41 return callerHasPermission(android.Manifest.permission.ADD_VOICEMAIL) 42 || callerHasCarrierPrivileges(); 43 } 44 isDefaultOrSystemDialer(String callingPackage)45 private boolean isDefaultOrSystemDialer(String callingPackage) { 46 // Note: Mimics previous dependency on DefaultDialerManager; that code just returns false 47 // here if the calling package is empty. 48 if (TextUtils.isEmpty(callingPackage)) { 49 return false; 50 } 51 TelecomManager tm = mContext.getSystemService(TelecomManager.class); 52 return (callingPackage.equals(tm.getDefaultDialerPackage()) 53 || callingPackage.equals(tm.getSystemDialerPackage())); 54 } 55 56 /** Determine if the calling process has full read access to all voicemails. */ callerHasReadAccess(String callingPackage)57 public boolean callerHasReadAccess(String callingPackage) { 58 if (isDefaultOrSystemDialer(callingPackage)) { 59 return true; 60 } 61 return callerHasPermission(android.Manifest.permission.READ_VOICEMAIL); 62 } 63 64 /** Determine if the calling process has the permission required to update and remove all 65 * voicemails */ callerHasWriteAccess(String callingPackage)66 public boolean callerHasWriteAccess(String callingPackage) { 67 if (isDefaultOrSystemDialer(callingPackage)) { 68 return true; 69 } 70 return callerHasPermission(android.Manifest.permission.WRITE_VOICEMAIL); 71 } 72 73 /** 74 * Checks that the caller has permissions to access its own voicemails. 75 * 76 * @throws SecurityException if the caller does not have the voicemail source permission. 77 */ checkCallerHasOwnVoicemailAccess()78 public void checkCallerHasOwnVoicemailAccess() { 79 if (!callerHasOwnVoicemailAccess()) { 80 throw new SecurityException("The caller must have permission: " + 81 android.Manifest.permission.ADD_VOICEMAIL + " or carrier privileges"); 82 } 83 } 84 85 /** 86 * Checks that the caller has permissions to read ALL voicemails. 87 * 88 * @throws SecurityException if the caller does not have the voicemail source permission. 89 */ checkCallerHasReadAccess(String callingPackage)90 public void checkCallerHasReadAccess(String callingPackage) { 91 if (!callerHasReadAccess(callingPackage)) { 92 throw new SecurityException(String.format("The caller must be the default or system " 93 + "dialer, or have the system-only %s permission: ", 94 android.Manifest.permission.READ_VOICEMAIL)); 95 } 96 } 97 checkCallerHasWriteAccess(String callingPackage)98 public void checkCallerHasWriteAccess(String callingPackage) { 99 if (!callerHasWriteAccess(callingPackage)) { 100 throw new SecurityException(String.format("The caller must be the default or system " 101 + "dialer, or have the system-only %s permission: ", 102 android.Manifest.permission.WRITE_VOICEMAIL)); 103 } 104 } 105 106 /** Determines if the given package has access to its own voicemails. */ packageHasOwnVoicemailAccess(String packageName)107 public boolean packageHasOwnVoicemailAccess(String packageName) { 108 return packageHasPermission(packageName, 109 android.Manifest.permission.ADD_VOICEMAIL) 110 || packageHasCarrierPrivileges(packageName); 111 } 112 113 /** Determines if the given package has read access. */ packageHasReadAccess(String packageName)114 public boolean packageHasReadAccess(String packageName) { 115 return packageHasPermission(packageName, android.Manifest.permission.READ_VOICEMAIL); 116 } 117 118 /** Determines if the given package has write access. */ packageHasWriteAccess(String packageName)119 public boolean packageHasWriteAccess(String packageName) { 120 return packageHasPermission(packageName, android.Manifest.permission.WRITE_VOICEMAIL); 121 } 122 123 /** Determines if the given package has the given permission. */ packageHasPermission(String packageName, String permission)124 private boolean packageHasPermission(String packageName, String permission) { 125 return ContactsPermissions.hasPackagePermission(mContext, permission, packageName); 126 } 127 128 /** Determines if the calling process has the given permission. */ callerHasPermission(String permission)129 private boolean callerHasPermission(String permission) { 130 return ContactsPermissions.hasCallerOrSelfPermission(mContext, permission); 131 } 132 133 /** Determines if the calling process has carrier privileges. */ callerHasCarrierPrivileges()134 public boolean callerHasCarrierPrivileges() { 135 TelephonyManager tm = 136 (TelephonyManager) mContext.getSystemService(Context.TELEPHONY_SERVICE); 137 String[] packages = mContext.getPackageManager().getPackagesForUid(Binder.getCallingUid()); 138 for (String packageName : packages) { 139 if (packageHasCarrierPrivileges(tm, packageName)) { 140 return true; 141 } 142 } 143 return false; 144 } 145 146 /** Determines if the given package has carrier privileges. */ packageHasCarrierPrivileges(String packageName)147 private boolean packageHasCarrierPrivileges(String packageName) { 148 TelephonyManager tm = 149 (TelephonyManager) mContext.getSystemService(Context.TELEPHONY_SERVICE); 150 return packageHasCarrierPrivileges(tm, packageName); 151 } 152 packageHasCarrierPrivileges(TelephonyManager tm, String packageName)153 private static boolean packageHasCarrierPrivileges(TelephonyManager tm, String packageName) { 154 final long token = Binder.clearCallingIdentity(); 155 try { 156 return tm.checkCarrierPrivilegesForPackageAnyPhone(packageName) 157 == TelephonyManager.CARRIER_PRIVILEGE_STATUS_HAS_ACCESS; 158 } finally { 159 Binder.restoreCallingIdentity(token); 160 } 161 } 162 } 163