1 /*
2  * Copyright (C) 2018 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 package android.net;
17 
18 import static android.Manifest.permission.NETWORK_STACK;
19 import static android.content.pm.PackageManager.PERMISSION_GRANTED;
20 
21 import android.annotation.NonNull;
22 import android.annotation.SystemApi;
23 import android.annotation.TestApi;
24 import android.content.Context;
25 
26 import java.util.ArrayList;
27 import java.util.Arrays;
28 /**
29  *
30  * Constants for client code communicating with the network stack service.
31  * @hide
32  */
33 @SystemApi
34 @TestApi
35 public class NetworkStack {
36     /**
37      * Permission granted only to the NetworkStack APK, defined in NetworkStackStub with signature
38      * protection level.
39      * @hide
40      */
41     @SystemApi
42     @TestApi
43     public static final String PERMISSION_MAINLINE_NETWORK_STACK =
44             "android.permission.MAINLINE_NETWORK_STACK";
45 
NetworkStack()46     private NetworkStack() {}
47 
48     /**
49      * If the NetworkStack, MAINLINE_NETWORK_STACK are not allowed for a particular process, throw a
50      * {@link SecurityException}.
51      *
52      * @param context {@link android.content.Context} for the process.
53      *
54      * @hide
55      */
checkNetworkStackPermission(final @NonNull Context context)56     public static void checkNetworkStackPermission(final @NonNull Context context) {
57         checkNetworkStackPermissionOr(context);
58     }
59 
60     /**
61      * If the NetworkStack, MAINLINE_NETWORK_STACK or other specified permissions are not allowed
62      * for a particular process, throw a {@link SecurityException}.
63      *
64      * @param context {@link android.content.Context} for the process.
65      * @param otherPermissions The set of permissions that could be the candidate permissions , or
66      *                         empty string if none of other permissions needed.
67      * @hide
68      */
checkNetworkStackPermissionOr(final @NonNull Context context, final @NonNull String... otherPermissions)69     public static void checkNetworkStackPermissionOr(final @NonNull Context context,
70             final @NonNull String... otherPermissions) {
71         ArrayList<String> permissions = new ArrayList<String>(Arrays.asList(otherPermissions));
72         permissions.add(NETWORK_STACK);
73         permissions.add(PERMISSION_MAINLINE_NETWORK_STACK);
74         enforceAnyPermissionOf(context, permissions.toArray(new String[0]));
75     }
76 
enforceAnyPermissionOf(final @NonNull Context context, final @NonNull String... permissions)77     private static void enforceAnyPermissionOf(final @NonNull Context context,
78             final @NonNull String... permissions) {
79         if (!checkAnyPermissionOf(context, permissions)) {
80             throw new SecurityException("Requires one of the following permissions: "
81                 + String.join(", ", permissions) + ".");
82         }
83     }
84 
checkAnyPermissionOf(final @NonNull Context context, final @NonNull String... permissions)85     private static boolean checkAnyPermissionOf(final @NonNull Context context,
86             final @NonNull String... permissions) {
87         for (String permission : permissions) {
88             if (context.checkCallingOrSelfPermission(permission) == PERMISSION_GRANTED) {
89                 return true;
90             }
91         }
92         return false;
93     }
94 
95 }
96