1 /*
2  * Copyright (C) 2020 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.appsecurity.cts.locationpolicy;
18 
19 import static org.junit.Assert.assertNotEquals;
20 import static org.junit.Assert.assertNotNull;
21 import static org.junit.Assert.fail;
22 
23 import android.Manifest;
24 import android.content.Context;
25 import android.content.pm.PackageManager;
26 import android.os.UserManager;
27 import android.platform.test.annotations.AsbSecurityTest;
28 import android.telephony.TelephonyManager;
29 import androidx.test.InstrumentationRegistry;
30 import androidx.test.runner.AndroidJUnit4;
31 import org.junit.Test;
32 import org.junit.runner.RunWith;
33 
34 @RunWith(AndroidJUnit4.class)
35 public class LocationPolicyTest {
36 
37     private final Context mContext = InstrumentationRegistry.getInstrumentation().getContext();
38 
39     @Test
40     @AsbSecurityTest(cveBugId = 148414207)
testLocationPolicyPermissions()41     public void testLocationPolicyPermissions() throws Exception {
42         assertNotNull(mContext);
43         PackageManager pm = mContext.getPackageManager();
44         assertNotNull(pm);
45         assertNotEquals(
46             PackageManager.PERMISSION_GRANTED,
47             pm.checkPermission(Manifest.permission.ACCESS_FINE_LOCATION,
48             mContext.getPackageName()));
49         assertNotEquals(
50             PackageManager.PERMISSION_GRANTED,
51             pm.checkPermission(Manifest.permission.ACCESS_COARSE_LOCATION,
52             mContext.getPackageName()));
53         UserManager manager = mContext.getSystemService(UserManager.class);
54         if (manager.isSystemUser()) {
55             return;
56         }
57         if (pm.hasSystemFeature(PackageManager.FEATURE_TELEPHONY)) {
58             TelephonyManager tele = mContext.getSystemService(TelephonyManager.class);
59             try {
60                 tele.getCellLocation();
61             fail(
62                 "ACCESS_FINE_LOCATION and ACCESS_COARSE_LOCATION Permissions not granted. Should"
63                   + " have received a security exception when invoking getCellLocation().");
64             } catch (SecurityException ignore) {
65               // That's what we want!
66             }
67         }
68     }
69 }
70