• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 package com.android.nfc;
2 
3 import android.app.ActivityManager;
4 import android.content.Context;
5 import android.os.UserHandle;
6 import android.os.UserManager;
7 
8 import java.util.List;
9 
10 public class NfcPermissions {
11 
12     /**
13      * NFC ADMIN permission - only for system apps
14      */
15     private static final String ADMIN_PERM = android.Manifest.permission.WRITE_SECURE_SETTINGS;
16     private static final String ADMIN_PERM_ERROR = "WRITE_SECURE_SETTINGS permission required";
17 
18     /**
19      * Regular NFC permission
20      */
21     static final String NFC_PERMISSION = android.Manifest.permission.NFC;
22     private static final String NFC_PERM_ERROR = "NFC permission required";
23 
24     /**
25      * NFC PREFERRED PAYMENT INFO permission
26      */
27     static final String NFC_PREFERRED_PAYMENT_INFO_PERMISSION =
28             android.Manifest.permission.NFC_PREFERRED_PAYMENT_INFO;
29     private static final String NFC_PREFERRED_PAYMENT_INFO_PERM_ERROR =
30             "NFC_PREFERRED_PAYMENT_INFO permission required";
31 
32     /**
33      * NFC SET CONTROLLER ALWAYS ON permission
34      */
35     static final String NFC_SET_CONTROLLER_ALWAYS_ON =
36             android.Manifest.permission.NFC_SET_CONTROLLER_ALWAYS_ON;
37     private static final String NFC_SET_CONTROLLER_ALWAYS_ON_ERROR =
38             "NFC_SET_CONTROLLER_ALWAYS_ON permission required";
39 
validateUserId(int userId)40     public static void validateUserId(int userId) {
41         if (userId != UserHandle.getCallingUserId()) {
42             throw new SecurityException("userId passed in is not the calling user.");
43         }
44     }
45 
46     /**
47      * Validate whether the profileId belongs to current user
48      */
validateProfileId(Context context, int profileId)49     public static void validateProfileId(Context context, int profileId) {
50         // Propagate the state change to all user profiles
51         UserManager um = context.createContextAsUser(
52                 UserHandle.of(ActivityManager.getCurrentUser()), /*flags=*/0)
53                 .getSystemService(UserManager.class);
54         List<UserHandle> luh = um.getEnabledProfiles();
55 
56         for (UserHandle uh : luh) {
57             if (profileId == uh.getIdentifier()) {
58                 return;
59             }
60         }
61 
62         throw new SecurityException("profileId passed in does not belong to the calling user.");
63     }
64 
enforceAdminPermissions(Context context)65     public static void enforceAdminPermissions(Context context) {
66         context.enforceCallingOrSelfPermission(ADMIN_PERM, ADMIN_PERM_ERROR);
67     }
68 
69 
enforceUserPermissions(Context context)70     public static void enforceUserPermissions(Context context) {
71         context.enforceCallingOrSelfPermission(NFC_PERMISSION, NFC_PERM_ERROR);
72     }
73 
enforcePreferredPaymentInfoPermissions(Context context)74     public static void enforcePreferredPaymentInfoPermissions(Context context) {
75         context.enforceCallingOrSelfPermission(NFC_PREFERRED_PAYMENT_INFO_PERMISSION,
76                 NFC_PREFERRED_PAYMENT_INFO_PERM_ERROR);
77     }
78 
79     /**
80      * Permission check for android.Manifest.permission.NFC_SET_CONTROLLER_ALWAYS_ON
81      */
enforceSetControllerAlwaysOnPermissions(Context context)82     public static void enforceSetControllerAlwaysOnPermissions(Context context) {
83         context.enforceCallingOrSelfPermission(NFC_SET_CONTROLLER_ALWAYS_ON,
84                 NFC_SET_CONTROLLER_ALWAYS_ON_ERROR);
85     }
86 }
87