Add new AppOp APIs to facilitate Privacy Indicators

    method public static String[] getOpStrs();

    method @NonNull @RequiresPermission(android.Manifest.permission.GET_APP_OPS_STATS) public java.util.List<android.app.AppOpsManager.PackageOps> getOpsForPackage(int, @NonNull String, @Nullable java.lang.String...);

    method @NonNull @RequiresPermission(android.Manifest.permission.GET_APP_OPS_STATS) public java.util.List<android.app.AppOpsManager.PackageOps> getPackagesForOps(@Nullable String[]);

    method @FlaggedApi("android.permission.flags.device_aware_permission_apis_enabled") @NonNull @RequiresPermission(android.Manifest.permission.GET_APP_OPS_STATS) public java.util.List<android.app.AppOpsManager.PackageOps> getPackagesForOps(@Nullable String[], @NonNull String);

    method @FlaggedApi("android.permission.flags.device_aware_permission_apis_enabled") @NonNull @RequiresPermission(android.Manifest.permission.GET_APP_OPS_STATS) public java.util.List<android.permission.PermissionGroupUsage> getPermissionGroupUsageForPrivacyIndicator(boolean);

    method public static int opToDefaultMode(@NonNull String);

    method @Nullable public static String opToPermission(@NonNull String);

    method @RequiresPermission("android.permission.MANAGE_APP_OPS_MODES") public void setMode(@NonNull String, int, @Nullable String, int);

    method public long getLastAccessTimeMillis();

    method @NonNull public String getPackageName();

    method @NonNull public String getPermissionGroupName();

    method @FlaggedApi("android.permission.flags.device_aware_permission_apis_enabled") @NonNull public String getPersistentDeviceId();

    method @Nullable public CharSequence getProxyLabel();

    method public int getUid();

    method public boolean isActive();

import android.os.SystemClock;

import android.os.UserHandle;

import android.os.UserManager;

import android.permission.PermissionGroupUsage;

import android.permission.PermissionUsageHelper;

import android.provider.DeviceConfig;

import android.util.ArrayMap;

import android.util.ArraySet;

    private static Boolean sFullLog = null;

    final Context mContext;

    private PermissionUsageHelper mUsageHelper;

    @UnsupportedAppUsage

    final IAppOpsService mService;

        return (result != null) ? result : Collections.emptyList();

    }

    /**

     * Retrieve current operation state for all applications for a device.

     *

     * The mode of the ops returned are set for the package but may not reflect their effective

     * state due to UID policy or because it's controlled by a different global op.

     *

     * Use {@link #unsafeCheckOp(String, int, String)}} or

     * {@link #noteOp(String, int, String, String, String)} if the effective mode is needed.

     *

     * @param ops The set of operations you are interested in, or null if you want all of them.

     * @param persistentDeviceId The device that the ops are attributed to.

     *

     * @hide

     */

    @SystemApi

    @FlaggedApi(android.permission.flags.Flags.FLAG_DEVICE_AWARE_PERMISSION_APIS_ENABLED)

    @RequiresPermission(android.Manifest.permission.GET_APP_OPS_STATS)

    public @NonNull List<AppOpsManager.PackageOps> getPackagesForOps(@Nullable String[] ops,

            @NonNull String persistentDeviceId) {

        final int[] opCodes;

        if (ops != null) {

            final int opCount = ops.length;

            opCodes = new int[opCount];

            for (int i = 0; i < opCount; i++) {

                opCodes[i] = sOpStrToOp.get(ops[i]);

            }

        } else {

            opCodes = null;

        }

        final List<AppOpsManager.PackageOps> result;

        try {

            result =  mService.getPackagesForOpsForDevice(opCodes, persistentDeviceId);

        } catch (RemoteException e) {

            throw e.rethrowFromSystemServer();

        }

        return (result != null) ? result : Collections.emptyList();

    }

    /**

     * Retrieve current operation state for all applications.

     *

    @UnsupportedAppUsage

    public List<AppOpsManager.PackageOps> getPackagesForOps(int[] ops) {

        try {

            return mService.getPackagesForOps(ops);

            return mService.getPackagesForOpsForDevice(ops,

                    VirtualDeviceManager.PERSISTENT_DEVICE_ID_DEFAULT);

        } catch (RemoteException e) {

            throw e.rethrowFromSystemServer();

        }

        appOpsNotedForAttribution.set(op);

    }

    /**

     * Get recent op usage data for CAMERA, MICROPHONE and LOCATION from all connected devices

     * to power privacy indicator.

     *

     * @param includeMicrophoneUsage whether to retrieve microphone usage

     * @return A list of permission groups currently or recently used by all apps by all users in

     * the current profile group.

     *

     * @hide

     */

    @SystemApi

    @NonNull

    @FlaggedApi(android.permission.flags.Flags.FLAG_DEVICE_AWARE_PERMISSION_APIS_ENABLED)

    @RequiresPermission(Manifest.permission.GET_APP_OPS_STATS)

    public List<PermissionGroupUsage> getPermissionGroupUsageForPrivacyIndicator(

            boolean includeMicrophoneUsage) {

        // Lazily initialize the usage helper

        if (mUsageHelper == null) {

            mUsageHelper = new PermissionUsageHelper(mContext);

        }

        return mUsageHelper.getOpUsageDataForAllDevices(includeMicrophoneUsage);

    }

    /** @hide */

    @Retention(RetentionPolicy.SOURCE)

    @IntDef(value = {

package android.permission;

import android.annotation.CurrentTimeMillisLong;

import android.annotation.FlaggedApi;

import android.annotation.NonNull;

import android.annotation.Nullable;

import android.annotation.SystemApi;

/**

 * Represents the usage of a permission group by an app. Supports package name, user, permission

 * group, whether or not the access is running or recent, whether the access is tied to a phone

 * call, and an optional special attribution tag, label and proxy label.

 * group, persistent device Id, whether or not the access is running or recent, whether the access

 * is tied to a phone call, and an optional special attribution tag, label and proxy label.

 *

 * @hide

 */

    private final @Nullable CharSequence mAttributionTag;

    private final @Nullable CharSequence mAttributionLabel;

    private final @Nullable CharSequence mProxyLabel;

    private final @NonNull String mPersistentDeviceId;

            boolean phoneCall,

            @Nullable CharSequence attributionTag,

            @Nullable CharSequence attributionLabel,

            @Nullable CharSequence proxyLabel) {

            @Nullable CharSequence proxyLabel,

            @NonNull String persistentDeviceId) {

        this.mPackageName = packageName;

        com.android.internal.util.AnnotationValidations.validate(

                NonNull.class, null, mPackageName);

        this.mAttributionTag = attributionTag;

        this.mAttributionLabel = attributionLabel;

        this.mProxyLabel = proxyLabel;

        this.mPersistentDeviceId = persistentDeviceId;

        com.android.internal.util.AnnotationValidations.validate(

                NonNull.class, null, mPersistentDeviceId);

        // onConstructed(); // You can define this method to get a callback

    }

        return mProxyLabel;

    }

    @DataClass.Generated.Member

    @FlaggedApi(android.permission.flags.Flags.FLAG_DEVICE_AWARE_PERMISSION_APIS_ENABLED)

    public @NonNull String getPersistentDeviceId() {

        return mPersistentDeviceId;

    }

    @Override

    @DataClass.Generated.Member

    public String toString() {

                "phoneCall = " + mPhoneCall + ", " +

                "attributionTag = " + mAttributionTag + ", " +

                "attributionLabel = " + mAttributionLabel + ", " +

                "proxyLabel = " + mProxyLabel +

                "proxyLabel = " + mProxyLabel + ", " +

                "persistentDeviceId = " + mPersistentDeviceId +

        " }";

    }

                && mPhoneCall == that.mPhoneCall

                && java.util.Objects.equals(mAttributionTag, that.mAttributionTag)

                && java.util.Objects.equals(mAttributionLabel, that.mAttributionLabel)

                && java.util.Objects.equals(mProxyLabel, that.mProxyLabel);

                && java.util.Objects.equals(mProxyLabel, that.mProxyLabel)

                && java.util.Objects.equals(mPersistentDeviceId, that.mPersistentDeviceId);

    }

    @Override

        _hash = 31 * _hash + java.util.Objects.hashCode(mAttributionTag);

        _hash = 31 * _hash + java.util.Objects.hashCode(mAttributionLabel);

        _hash = 31 * _hash + java.util.Objects.hashCode(mProxyLabel);

        _hash = 31 * _hash + java.util.Objects.hashCode(mPersistentDeviceId);

        return _hash;

    }

        if (mAttributionTag != null) dest.writeCharSequence(mAttributionTag);

        if (mAttributionLabel != null) dest.writeCharSequence(mAttributionLabel);

        if (mProxyLabel != null) dest.writeCharSequence(mProxyLabel);

        dest.writeString(mPersistentDeviceId);

    }

    @Override

        CharSequence attributionTag = (flg & 0x40) == 0 ? null : (CharSequence) in.readCharSequence();

        CharSequence attributionLabel = (flg & 0x80) == 0 ? null : (CharSequence) in.readCharSequence();

        CharSequence proxyLabel = (flg & 0x100) == 0 ? null : (CharSequence) in.readCharSequence();

        String persistentDeviceId = in.readString();

        this.mPackageName = packageName;

        com.android.internal.util.AnnotationValidations.validate(

        this.mAttributionTag = attributionTag;

        this.mAttributionLabel = attributionLabel;

        this.mProxyLabel = proxyLabel;

        this.mPersistentDeviceId = persistentDeviceId;

        com.android.internal.util.AnnotationValidations.validate(

                NonNull.class, null, mPersistentDeviceId);

        // onConstructed(); // You can define this method to get a callback

    }

    };

    @DataClass.Generated(

            time = 1645067417023L,

            time = 1706285211875L,

            codegenVersion = "1.0.23",

            sourceFile = "frameworks/base/core/java/android/permission/PermissionGroupUsage.java",

            inputSignatures = "private final @android.annotation.NonNull java.lang.String mPackageName\nprivate final  int mUid\nprivate final  long mLastAccessTimeMillis\nprivate final @android.annotation.NonNull java.lang.String mPermissionGroupName\nprivate final  boolean mActive\nprivate final  boolean mPhoneCall\nprivate final @android.annotation.Nullable java.lang.CharSequence mAttributionTag\nprivate final @android.annotation.Nullable java.lang.CharSequence mAttributionLabel\nprivate final @android.annotation.Nullable java.lang.CharSequence mProxyLabel\nclass PermissionGroupUsage extends java.lang.Object implements [android.os.Parcelable]\n@com.android.internal.util.DataClass(genHiddenConstructor=true, genEqualsHashCode=true, genToString=true)")

            inputSignatures = "private final @android.annotation.NonNull java.lang.String mPackageName\nprivate final  int mUid\nprivate final  long mLastAccessTimeMillis\nprivate final @android.annotation.NonNull java.lang.String mPermissionGroupName\nprivate final  boolean mActive\nprivate final  boolean mPhoneCall\nprivate final @android.annotation.Nullable java.lang.CharSequence mAttributionTag\nprivate final @android.annotation.Nullable java.lang.CharSequence mAttributionLabel\nprivate final @android.annotation.Nullable java.lang.CharSequence mProxyLabel\nprivate final @android.annotation.NonNull java.lang.String mPersistentDeviceId\nclass PermissionGroupUsage extends java.lang.Object implements [android.os.Parcelable]\n@com.android.internal.util.DataClass(genHiddenConstructor=true, genEqualsHashCode=true, genToString=true)")

    @Deprecated

    private void __metadata() {}

    public List<PermissionGroupUsage> getIndicatorAppOpUsageData(boolean micMuted) {

        // Lazily initialize the usage helper

        initializeUsageHelper();

        return mUsageHelper.getOpUsageData(micMuted);

        boolean includeMicrophoneUsage = !micMuted;

        return mUsageHelper.getOpUsageDataByDevice(includeMicrophoneUsage,

                VirtualDeviceManager.PERSISTENT_DEVICE_ID_DEFAULT);

    }

    /**

import android.annotation.NonNull;

import android.annotation.Nullable;

import android.app.AppOpsManager;

import android.companion.virtual.VirtualDevice;

import android.companion.virtual.VirtualDeviceManager;

import android.content.Context;

import android.content.pm.ApplicationInfo;

import android.content.pm.Attribution;

import android.media.AudioManager;

import android.os.Process;

import android.os.UserHandle;

import android.permission.flags.Flags;

import android.provider.DeviceConfig;

import android.telephony.TelephonyManager;

import android.util.ArrayMap;

import android.util.ArraySet;

import android.util.Slog;

import com.android.internal.annotations.GuardedBy;

public class PermissionUsageHelper implements AppOpsManager.OnOpActiveChangedListener,

        AppOpsManager.OnOpStartedListener {

    private static final String LOG_TAG = PermissionUsageHelper.class.getName();

    /**

     * Whether to show the mic and camera icons.

     */

    private ArrayMap<UserHandle, Context> mUserContexts;

    private PackageManager mPkgManager;

    private AppOpsManager mAppOpsManager;

    private VirtualDeviceManager mVirtualDeviceManager;

    @GuardedBy("mAttributionChains")

    private final ArrayMap<Integer, ArrayList<AccessChainLink>> mAttributionChains =

            new ArrayMap<>();

        mContext = context;

        mPkgManager = context.getPackageManager();

        mAppOpsManager = context.getSystemService(AppOpsManager.class);

        mVirtualDeviceManager = context.getSystemService(VirtualDeviceManager.class);

        mUserContexts = new ArrayMap<>();

        mUserContexts.put(Process.myUserHandle(), mContext);

        // TODO ntmyren: make this listen for flag enable/disable changes

    }

    /**

     * @see PermissionManager.getIndicatorAppOpUsageData

     * Return Op usage for CAMERA, LOCATION AND MICROPHONE for all packages for a device.

     * The returned data is to power privacy indicator.

     */

    public @NonNull List<PermissionGroupUsage> getOpUsageData(boolean isMicMuted) {

    public @NonNull List<PermissionGroupUsage> getOpUsageDataByDevice(

            boolean includeMicrophoneUsage, String deviceId) {

        List<PermissionGroupUsage> usages = new ArrayList<>();

        if (!shouldShowIndicators()) {

        if (shouldShowLocationIndicator()) {

            ops.addAll(LOCATION_OPS);

        }

        if (!isMicMuted) {

        if (includeMicrophoneUsage) {

            ops.addAll(MIC_OPS);

        }

        Map<String, List<OpUsage>> rawUsages = getOpUsages(ops);

        Map<String, List<OpUsage>> rawUsages = getOpUsagesByDevice(ops, deviceId);

        ArrayList<String> usedPermGroups = new ArrayList<>(rawUsages.keySet());

                        new PermissionGroupUsage(usage.packageName, usage.uid, usage.lastAccessTime,

                                permGroup,

                                usage.isRunning, isPhone, usage.attributionTag, attributionLabel,

                                usagesWithLabels.valueAt(usageNum)));

                                usagesWithLabels.valueAt(usageNum),

                                VirtualDeviceManager.PERSISTENT_DEVICE_ID_DEFAULT));

            }

        }

        return usages;

    }

    /**

     * Return Op usage for CAMERA, LOCATION AND MICROPHONE for all packages and all connected

     * devices.

     * The returned data is to power privacy indicator.

     */

    public @NonNull List<PermissionGroupUsage> getOpUsageDataForAllDevices(

            boolean includeMicrophoneUsage) {

        List<PermissionGroupUsage> allUsages = new ArrayList<>();

        List<VirtualDevice> virtualDevices = mVirtualDeviceManager.getVirtualDevices();

        ArraySet<String> persistentDeviceIds = new ArraySet<>();

        for (int num = 0; num < virtualDevices.size(); num++) {

            persistentDeviceIds.add(virtualDevices.get(num).getPersistentDeviceId());

        }

        persistentDeviceIds.add(VirtualDeviceManager.PERSISTENT_DEVICE_ID_DEFAULT);

        for (int index = 0; index < persistentDeviceIds.size(); index++) {

            allUsages.addAll(

                    getOpUsageDataByDevice(includeMicrophoneUsage,

                            persistentDeviceIds.valueAt(index)));

        }

        return allUsages;

    }

    private void updateSubattributionLabelsMap(List<OpUsage> usages,

            ArrayMap<String, Map<String, String>> subAttributionLabelsMap) {

        if (usages == null || usages.isEmpty()) {

     * running/recent info, if the usage is a phone call, per permission group.

     *

     * @param opNames a list of op names to get usage for

     * @param deviceId which device to get op usage for

     * @return A map of permission group -> list of usages that are recent or running

     */

    private Map<String, List<OpUsage>> getOpUsages(List<String> opNames) {

    private Map<String, List<OpUsage>> getOpUsagesByDevice(List<String> opNames, String deviceId) {

        List<AppOpsManager.PackageOps> ops;

        try {

            if (Flags.deviceAwarePermissionApisEnabled()) {

                ops = mAppOpsManager.getPackagesForOps(opNames.toArray(new String[opNames.size()]),

                        deviceId);

            } else if (!Objects.equals(deviceId,

                    VirtualDeviceManager.PERSISTENT_DEVICE_ID_DEFAULT)) {

                Slog.w(LOG_TAG,

                        "device_aware_permission_apis_enabled flag not enabled when deviceId is "

                                + "not default");

                return Collections.emptyMap();

            } else {

                ops = mAppOpsManager.getPackagesForOps(opNames.toArray(new String[opNames.size()]));

            }

        } catch (NullPointerException e) {

            // older builds might not support all the app-ops requested

            return Collections.emptyMap();