Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 184b3753 authored by Amith Yamasani's avatar Amith Yamasani
Browse files

Add getPermissionGrantState method in device policy 

This is to have a way to query what permission state was set by
the profile owner.

Bug: 21356830
Change-Id: Ie396e946b4285267c1d95f82b9d9765b43697d3c
parent b0eb08b5

api/current.txt

+1 −0
Original line number Diff line number Diff line
@@ -5724,6 +5724,7 @@ package android.app.admin { 
    method public int getPasswordMinimumSymbols(android.content.ComponentName);

    method public int getPasswordMinimumUpperCase(android.content.ComponentName);

    method public int getPasswordQuality(android.content.ComponentName);

    method public int getPermissionGrantState(android.content.ComponentName, java.lang.String, java.lang.String);

    method public int getPermissionPolicy(android.content.ComponentName);

    method public java.util.List<java.lang.String> getPermittedAccessibilityServices(android.content.ComponentName);

    method public java.util.List<java.lang.String> getPermittedInputMethods(android.content.ComponentName);

api/system-current.txt

+1 −0
Original line number Diff line number Diff line
@@ -5827,6 +5827,7 @@ package android.app.admin { 
    method public int getPasswordMinimumSymbols(android.content.ComponentName);

    method public int getPasswordMinimumUpperCase(android.content.ComponentName);

    method public int getPasswordQuality(android.content.ComponentName);

    method public int getPermissionGrantState(android.content.ComponentName, java.lang.String, java.lang.String);

    method public int getPermissionPolicy(android.content.ComponentName);

    method public java.util.List<java.lang.String> getPermittedAccessibilityServices(android.content.ComponentName);

    method public java.util.List<java.lang.String> getPermittedAccessibilityServices(int);

core/java/android/app/admin/DevicePolicyManager.java

+27 −0
Original line number Diff line number Diff line
@@ -4448,4 +4448,31 @@ public class DevicePolicyManager { 
            return false;

        }

    }



    /**

     * Returns the current grant state of a runtime permission for a specific application.

     *

     * @param admin Which profile or device owner this request is associated with.

     * @param packageName The application to check the grant state for.

     * @param permission The permission to check for.

     * @return the current grant state specified by device policy. If the profile or device owner

     * has not set a grant state, the return value is {@link #PERMISSION_GRANT_STATE_DEFAULT}.

     * This does not indicate whether or not the permission is currently granted for the package.

     *

     * <p/>If a grant state was set by the profile or device owner, then the return value will

     * be one of {@link #PERMISSION_GRANT_STATE_DENIED} or {@link #PERMISSION_GRANT_STATE_GRANTED},

     * which indicates if the permission is currently denied or granted.

     *

     * @see #setPermissionGrantState(ComponentName, String, String, int)

     * @see PackageManager#checkPermission(String, String)

     */

    public int getPermissionGrantState(ComponentName admin, String packageName,

            String permission) {

        try {

            return mService.getPermissionGrantState(admin, packageName, permission);

        } catch (RemoteException re) {

            Log.w(TAG, "Failed talking with device policy service", re);

            return PERMISSION_GRANT_STATE_DEFAULT;

        }

    }

}

core/java/android/app/admin/IDevicePolicyManager.aidl

+1 −0
Original line number Diff line number Diff line
@@ -236,4 +236,5 @@ interface IDevicePolicyManager { 
    int  getPermissionPolicy(in ComponentName admin);

    boolean setPermissionGrantState(in ComponentName admin, String packageName,

            String permission, int grantState);

    int getPermissionGrantState(in ComponentName admin, String packageName, String permission);

}

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+30 −0
Original line number Diff line number Diff line
@@ -6429,4 +6429,34 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { 
            }

        }

    }



    @Override

    public int getPermissionGrantState(ComponentName admin, String packageName,

            String permission) throws RemoteException {

        PackageManager packageManager = mContext.getPackageManager();



        // Do this before clearing the caller's identity

        int granted = packageManager.checkPermission(permission, packageName);



        UserHandle user = Binder.getCallingUserHandle();

        synchronized (this) {

            getActiveAdminForCallerLocked(admin, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);

            long ident = Binder.clearCallingIdentity();

            try {

                int permFlags = packageManager.getPermissionFlags(permission, packageName, user);

                if ((permFlags & PackageManager.FLAG_PERMISSION_POLICY_FIXED)

                        != PackageManager.FLAG_PERMISSION_POLICY_FIXED) {

                    // Not controlled by policy

                    return DevicePolicyManager.PERMISSION_GRANT_STATE_DEFAULT;

                } else {

                    // Policy controlled so return result based on permission grant state

                    return granted == PackageManager.PERMISSION_GRANTED

                            ? DevicePolicyManager.PERMISSION_GRANT_STATE_GRANTED

                            : DevicePolicyManager.PERMISSION_GRANT_STATE_DENIED;

                }

            } finally {

                Binder.restoreCallingIdentity(ident);

            }

        }

    }

}