Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 328c129f authored by TreeHugger Robot's avatar TreeHugger Robot Committed by Android (Google) Code Review
Browse files

Merge "DPC should not be allowed to grant development permission" into mnc-dev

parents 5470469d 2ce55390

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+15 −0
Original line number Diff line number Diff line
@@ -55,6 +55,7 @@ import android.content.pm.ApplicationInfo; 
import android.content.pm.IPackageManager;

import android.content.pm.PackageManager;

import android.content.pm.PackageManager.NameNotFoundException;

import android.content.pm.PermissionInfo;

import android.content.pm.ResolveInfo;

import android.content.pm.ServiceInfo;

import android.content.pm.UserInfo;
@@ -95,6 +96,7 @@ import android.security.KeyChain; 
import android.security.KeyChain.KeyChainConnection;

import android.service.persistentdata.PersistentDataBlockManager;

import android.text.TextUtils;

import android.util.EventLog;

import android.util.Log;

import android.util.PrintWriterPrinter;

import android.util.Printer;
@@ -6444,6 +6446,10 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { 
                if (targetSdkVersion < android.os.Build.VERSION_CODES.M) {

                    return false;

                }

                if (!isRuntimePermission(permission)) {

                    EventLog.writeEvent(0x534e4554, "62623498", user.getIdentifier(), "");

                    return false;

                }

                final PackageManager packageManager = mContext.getPackageManager();

                switch (grantState) {

                    case DevicePolicyManager.PERMISSION_GRANT_STATE_GRANTED: {
@@ -6469,12 +6475,21 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { 
                return true;

            } catch (SecurityException se) {

                return false;

            } catch (NameNotFoundException e) {

                return false;

            } finally {

                Binder.restoreCallingIdentity(ident);

            }

        }

    }



    public boolean isRuntimePermission(String permissionName) throws NameNotFoundException {

        final PackageManager packageManager = mContext.getPackageManager();

        PermissionInfo permissionInfo = packageManager.getPermissionInfo(permissionName, 0);

        return (permissionInfo.protectionLevel & PermissionInfo.PROTECTION_MASK_BASE)

                == PermissionInfo.PROTECTION_DANGEROUS;

    }



    @Override

    public int getPermissionGrantState(ComponentName admin, String packageName,

            String permission) throws RemoteException {