From 369d65653399f01e83a6cbb6dfa4eb7b356af648 Mon Sep 17 00:00:00 2001
From: Amith Yamasani <yamasani@google.com>
Date: Thu, 4 Jun 2015 17:58:11 -0700
Subject: [PATCH] Fix permission check in DPM.getPermissionGrantState

It was querying for permission of user 0 instead of the calling user.
Switched to passing in the explicity userId.
Also set the flags before granting/revoking permission from DPM.

Bug: 21430988
Change-Id: Id0d2dc65e20108cefa3eeb4363f866d49c791cc4
---
 .../server/devicepolicy/DevicePolicyManagerService.java       | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index ff748f23a48b..825ef1a70703 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -6395,18 +6395,18 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
                 PackageManager packageManager = mContext.getPackageManager();
                 switch (grantState) {
                     case DevicePolicyManager.PERMISSION_GRANT_STATE_GRANTED: {
-                        packageManager.grantRuntimePermission(packageName, permission, user);
                         packageManager.updatePermissionFlags(permission, packageName,
                                 PackageManager.FLAG_PERMISSION_POLICY_FIXED,
                                 PackageManager.FLAG_PERMISSION_POLICY_FIXED, user);
+                        packageManager.grantRuntimePermission(packageName, permission, user);
                     } break;
 
                     case DevicePolicyManager.PERMISSION_GRANT_STATE_DENIED: {
-                        packageManager.revokeRuntimePermission(packageName,
-                                permission, user);
                         packageManager.updatePermissionFlags(permission, packageName,
                                 PackageManager.FLAG_PERMISSION_POLICY_FIXED,
                                 PackageManager.FLAG_PERMISSION_POLICY_FIXED, user);
+                        packageManager.revokeRuntimePermission(packageName,
+                                permission, user);
                     } break;
 
                     case DevicePolicyManager.PERMISSION_GRANT_STATE_DEFAULT: {
@@ -6428,14 +6428,13 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
             String permission) throws RemoteException {
         PackageManager packageManager = mContext.getPackageManager();
 
-        // Do this before clearing the caller's identity
-        int granted = packageManager.checkPermission(permission, packageName);
-
         UserHandle user = Binder.getCallingUserHandle();
         synchronized (this) {
             getActiveAdminForCallerLocked(admin, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
             long ident = Binder.clearCallingIdentity();
             try {
+                int granted = AppGlobals.getPackageManager().checkPermission(permission,
+                        packageName, user.getIdentifier());
                 int permFlags = packageManager.getPermissionFlags(permission, packageName, user);
                 if ((permFlags & PackageManager.FLAG_PERMISSION_POLICY_FIXED)
                         != PackageManager.FLAG_PERMISSION_POLICY_FIXED) {
-- 
2.11.0