Fixed permissions so Shell can call netpolicy methods.

BUG: 27127112
Change-Id: I5548aba70a1c25be139462fbabe9a854fa96d2a6
diff --git a/packages/Shell/AndroidManifest.xml b/packages/Shell/AndroidManifest.xml
index 7416fb5..5b865f9 100644
--- a/packages/Shell/AndroidManifest.xml
+++ b/packages/Shell/AndroidManifest.xml
@@ -40,6 +40,7 @@
     <uses-permission android:name="android.permission.BLUETOOTH" />
     <uses-permission android:name="android.permission.EXPAND_STATUS_BAR" />
     <uses-permission android:name="android.permission.DISABLE_KEYGUARD" />
+    <uses-permission android:name="android.permission.MANAGE_NETWORK_POLICY" />
     <!-- System tool permissions granted to the shell. -->
     <uses-permission android:name="android.permission.REAL_GET_TASKS" />
     <uses-permission android:name="android.permission.CHANGE_CONFIGURATION" />
@@ -109,6 +110,7 @@
     <uses-permission android:name="android.permission.GET_APP_OPS_STATS" />
     <uses-permission android:name="android.permission.VIBRATE" />
     <uses-permission android:name="android.permission.MANAGE_ACTIVITY_STACKS" />
+    <uses-permission android:name="android.permission.CONNECTIVITY_INTERNAL" />
 
     <application android:label="@string/app_label"
                  android:forceDeviceEncrypted="true"
diff --git a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
index bc5b561..3421433 100644
--- a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
+++ b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
@@ -1742,13 +1742,18 @@
     public void setNetworkPolicies(NetworkPolicy[] policies) {
         mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG);
 
-        maybeRefreshTrustedTime();
-        synchronized (mRulesLock) {
-            normalizePoliciesLocked(policies);
-            updateNetworkEnabledLocked();
-            updateNetworkRulesLocked();
-            updateNotificationsLocked();
-            writePolicyLocked();
+        final long token = Binder.clearCallingIdentity();
+        try {
+            maybeRefreshTrustedTime();
+            synchronized (mRulesLock) {
+                normalizePoliciesLocked(policies);
+                updateNetworkEnabledLocked();
+                updateNetworkRulesLocked();
+                updateNotificationsLocked();
+                writePolicyLocked();
+            }
+        } finally {
+            Binder.restoreCallingIdentity(token);
         }
     }
 
@@ -1851,13 +1856,18 @@
     @Override
     public void setRestrictBackground(boolean restrictBackground) {
         mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG);
+        final long token = Binder.clearCallingIdentity();
+        try {
+            maybeRefreshTrustedTime();
+            synchronized (mRulesLock) {
+                mRestrictBackground = restrictBackground;
+                updateRulesForGlobalChangeLocked(true);
+                updateNotificationsLocked();
+                writePolicyLocked();
+            }
 
-        maybeRefreshTrustedTime();
-        synchronized (mRulesLock) {
-            mRestrictBackground = restrictBackground;
-            updateRulesForGlobalChangeLocked(true);
-            updateNotificationsLocked();
-            writePolicyLocked();
+        } finally {
+            Binder.restoreCallingIdentity(token);
         }
 
         mHandler.obtainMessage(MSG_RESTRICT_BACKGROUND_CHANGED, restrictBackground ? 1 : 0, 0)
diff --git a/services/core/java/com/android/server/net/NetworkPolicyManagerShellCommand.java b/services/core/java/com/android/server/net/NetworkPolicyManagerShellCommand.java
index 5cd1025..a5dc008 100644
--- a/services/core/java/com/android/server/net/NetworkPolicyManagerShellCommand.java
+++ b/services/core/java/com/android/server/net/NetworkPolicyManagerShellCommand.java
@@ -211,12 +211,7 @@
         if (enabled < 0) {
             return enabled;
         }
-        final long token = Binder.clearCallingIdentity();
-        try {
-            mInterface.setRestrictBackground(enabled > 0);
-        } finally {
-            Binder.restoreCallingIdentity(token);
-        }
+        mInterface.setRestrictBackground(enabled > 0);
         return 0;
     }
 
@@ -225,12 +220,7 @@
       if (uid < 0) {
           return uid;
       }
-      final long token = Binder.clearCallingIdentity();
-      try {
-          mInterface.addRestrictBackgroundWhitelistedUid(uid);
-      } finally {
-          Binder.restoreCallingIdentity(token);
-      }
+      mInterface.addRestrictBackgroundWhitelistedUid(uid);
       return 0;
     }
 
@@ -239,12 +229,7 @@
         if (uid < 0) {
             return uid;
         }
-        final long token = Binder.clearCallingIdentity();
-        try {
-            mInterface.removeRestrictBackgroundWhitelistedUid(uid);
-        } finally {
-            Binder.restoreCallingIdentity(token);
-        }
+        mInterface.removeRestrictBackgroundWhitelistedUid(uid);
         return 0;
     }