add privapp_allowlist property to android_app
This change allows override_android_app to use the same
privapp_allowlist as the non-override module so that they will always
remain in sync.
Test: go test ./java -v -run TestPrivappAllowlist
Test: go test ./apex -v -run TestApexWithApps
Test: m com.android.permission com.google.android.permission and verify
manually that apex_payload.img contains correct privapp_allowlist
Test: m com.android.permission before and after change &&
`diffoscope apex_payload_reference.img apex_payload_with_change.img`
&& verify that there are no semantic changes
Bug: 242509786
Change-Id: Ifdcb28af40763aed7a4aac9a7f681153554bc256
diff --git a/java/app_test.go b/java/app_test.go
index 7e97b0f..daff94c 100644
--- a/java/app_test.go
+++ b/java/app_test.go
@@ -3539,3 +3539,51 @@
android.AssertStringDoesContain(t, testCase.desc, manifestFixerArgs, "--targetSdkVersion "+testCase.targetSdkVersionExpected)
}
}
+
+func TestPrivappAllowlist(t *testing.T) {
+ testJavaError(t, "privileged must be set in order to use privapp_allowlist", `
+ android_app {
+ name: "foo",
+ srcs: ["a.java"],
+ privapp_allowlist: "perms.xml",
+ }
+ `)
+
+ result := PrepareForTestWithJavaDefaultModules.RunTestWithBp(
+ t,
+ `
+ android_app {
+ name: "foo",
+ srcs: ["a.java"],
+ privapp_allowlist: "perms.xml",
+ privileged: true,
+ package_name: "com.android.foo",
+ sdk_version: "current",
+ }
+ override_android_app {
+ name: "bar",
+ base: "foo",
+ package_name: "com.google.android.foo",
+ }
+ `,
+ )
+ app := result.ModuleForTests("foo", "android_common")
+ overrideApp := result.ModuleForTests("foo", "android_common_bar")
+
+ // verify that privapp allowlist is created
+ app.Output("out/soong/.intermediates/foo/android_common/privapp_allowlist_com.android.foo.xml")
+ overrideApp.Output("out/soong/.intermediates/foo/android_common_bar/privapp_allowlist_com.google.android.foo.xml")
+ expectedAllowlist := "perms.xml"
+ actualAllowlist := app.Rule("modifyAllowlist").Input.String()
+ if expectedAllowlist != actualAllowlist {
+ t.Errorf("expected allowlist to be %q; got %q", expectedAllowlist, actualAllowlist)
+ }
+ overrideActualAllowlist := overrideApp.Rule("modifyAllowlist").Input.String()
+ if expectedAllowlist != overrideActualAllowlist {
+ t.Errorf("expected override allowlist to be %q; got %q", expectedAllowlist, overrideActualAllowlist)
+ }
+
+ // verify that permissions are copied to device
+ app.Output("out/soong/target/product/test_device/system/etc/permissions/privapp_allowlist_com.android.foo.xml")
+ overrideApp.Output("out/soong/target/product/test_device/system/etc/permissions/privapp_allowlist_com.google.android.foo.xml")
+}