[DO NO MERGE] Enforce INTERACT_ACROSS_USERS_FULL permission for NotificationAccessDetails

 When using EXTRA_USER_HANDLE, check for INTERACT_ACROSS_USERS_FULL permission on calling package.

Bug: 259385017
Test: 1. Build a test app that creates and starts an intent to NOTIFICATION_LISTENER_DETAIL_SETTINGS while setting the intent extra  android.intent.extra.user_handle to UserHandle(secondaryUserId).
 2. Create and switch to a secondary user
Settings > System > Multiple users > Allow multiple users > Add user > Switch to New user
 3. Open Settings > Notifications > Device & app notifications and choose an app from the list (uses android.permission.BIND_NOTIFICATION_LISTENER_SERVICE). Enable Device & app notifications for selected app and disable all attributed permissions.
 4. Switch back to the Owner user.
 5. Get the userId of the secondary user: adb shell pm list users.
 6. Open the test app and enter the userId for the secondary user and the component name that uses android.permission.BIND_NOTIFICATION_LISTENER_SERVICE.
 8. In the settings window that open, enable all 4 sub-options.
 9. Switch to the secondary user and note that the all sub-options for the app are disabled.

Change-Id: I875b9f2fc32c252acdcf8374a14067836e0f1ac6
Merged-In: I875b9f2fc32c252acdcf8374a14067836e0f1ac6

Author: Valentin Iftime

src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java

@@ -16,6 +16,9 @@
 
 package com.android.settings.applications.specialaccess.notificationaccess;
 
+import static android.content.pm.PackageManager.PERMISSION_GRANTED;
+
+import android.Manifest;
 import android.app.Activity;
 import android.app.NotificationManager;
 import android.app.settings.SettingsEnums;
@@ -30,6 +33,7 @@
 import android.os.UserManager;
 import android.provider.Settings;
 import android.service.notification.NotificationListenerService;
+import android.text.TextUtils;
 import android.util.IconDrawableFactory;
 import android.util.Log;
 import android.util.Slog;
@@ -42,6 +46,7 @@
 import com.android.settings.R;
 import com.android.settings.applications.AppInfoBase;
 import com.android.settings.overlay.FeatureFactory;
+import com.android.settings.password.PasswordUtils;
 import com.android.settings.widget.EntityHeaderController;
 import com.android.settingslib.applications.AppUtils;
 
@@ -139,6 +144,41 @@ protected AlertDialog createDialog(int id, int errorCode) {
         return null;
     }
 
+    @Override
+    protected String retrieveAppEntry() {
+        final Bundle args = getArguments();
+        final Intent intent = (args == null) ?
+                getIntent() : (Intent) args.getParcelable("intent");
+        
+        if (intent != null && intent.hasExtra(Intent.EXTRA_USER_HANDLE)) {
+            if (!hasInteractAcrossUsersPermission()) {
+                finish();
+            }
+        }
+
+        return super.retrieveAppEntry();
+    }
+
+    private boolean hasInteractAcrossUsersPermission() {
+        final String callingPackageName = PasswordUtils.getCallingAppPackageName(
+                getActivity().getActivityToken());
+
+        if (TextUtils.isEmpty(callingPackageName)) {
+            Log.w(TAG, "Not able to get calling package name for permission check");
+            return false;
+        }
+
+        if (getContext().getPackageManager().checkPermission(
+                Manifest.permission.INTERACT_ACROSS_USERS_FULL, callingPackageName)
+                != PERMISSION_GRANTED) {
+            Log.w(TAG, "Package " + callingPackageName + " does not have required permission "
+                    + Manifest.permission.INTERACT_ACROSS_USERS_FULL);
+            return false;
+        }
+
+        return true;
+    }
+
     public void updatePreference(SwitchPreference preference) {
         final CharSequence label = mPackageInfo.applicationInfo.loadLabel(mPm);
         preference.setChecked(isServiceEnabled(mComponentName));