Ask Perm Controller to set policy-fixed perms

    method public int getPasswordMinimumUpperCase(@Nullable android.content.ComponentName);

    method public int getPasswordQuality(@Nullable android.content.ComponentName);

    method @Nullable public android.app.admin.SystemUpdateInfo getPendingSystemUpdate(@NonNull android.content.ComponentName);

    method public int getPermissionGrantState(@Nullable android.content.ComponentName, String, String);

    method public int getPermissionGrantState(@Nullable android.content.ComponentName, @NonNull String, @NonNull String);

    method public int getPermissionPolicy(android.content.ComponentName);

    method @Nullable public java.util.List<java.lang.String> getPermittedAccessibilityServices(@NonNull android.content.ComponentName);

    method @Nullable public java.util.List<java.lang.String> getPermittedCrossProfileNotificationListeners(@NonNull android.content.ComponentName);

    method public void setPasswordMinimumSymbols(@NonNull android.content.ComponentName, int);

    method public void setPasswordMinimumUpperCase(@NonNull android.content.ComponentName, int);

    method public void setPasswordQuality(@NonNull android.content.ComponentName, int);

    method public boolean setPermissionGrantState(@NonNull android.content.ComponentName, String, String, int);

    method public boolean setPermissionGrantState(@NonNull android.content.ComponentName, @NonNull String, @NonNull String, int);

    method public void setPermissionPolicy(@NonNull android.content.ComponentName, int);

    method public boolean setPermittedAccessibilityServices(@NonNull android.content.ComponentName, java.util.List<java.lang.String>);

    method public boolean setPermittedCrossProfileNotificationListeners(@NonNull android.content.ComponentName, @Nullable java.util.List<java.lang.String>);

    method @BinderThread public abstract void onRestoreRuntimePermissionsBackup(@NonNull android.os.UserHandle, @NonNull java.io.InputStream);

    method public abstract void onRevokeRuntimePermission(@NonNull String, @NonNull String);

    method @NonNull public abstract java.util.Map<java.lang.String,java.util.List<java.lang.String>> onRevokeRuntimePermissions(@NonNull java.util.Map<java.lang.String,java.util.List<java.lang.String>>, boolean, int, @NonNull String);

    method public abstract boolean onSetRuntimePermissionGrantStateByDeviceAdmin(@NonNull String, @NonNull String, @NonNull String, int);

    field public static final String SERVICE_INTERFACE = "android.permission.PermissionControllerService";

  }

import android.os.Bundle;

import android.os.ParcelFileDescriptor;

import android.os.Parcelable;

import android.os.ParcelableException;

import android.os.PersistableBundle;

import android.os.Process;

import android.os.RemoteCallback;

import java.util.Collections;

import java.util.List;

import java.util.Set;

import java.util.concurrent.CompletableFuture;

import java.util.concurrent.ExecutionException;

import java.util.concurrent.Executor;

/**

     */

    public static final int PERMISSION_POLICY_AUTO_DENY = 2;

    /**

     * Possible policy values for permissions.

     *

     * @hide

     */

    @IntDef(prefix = { "PERMISSION_GRANT_STATE_" }, value = {

            PERMISSION_GRANT_STATE_DEFAULT,

            PERMISSION_GRANT_STATE_GRANTED,

            PERMISSION_GRANT_STATE_DENIED

    })

    @Retention(RetentionPolicy.SOURCE)

    public @interface PermissionGrantState {}

    /**

     * Runtime permission state: The user can manage the permission

     * through the UI.

     * Setting the grant state to {@link #PERMISSION_GRANT_STATE_DEFAULT default} does not revoke

     * the permission. It retains the previous grant, if any.

     * <p/>

     * Permissions can be granted or revoked only for applications built with a

     * {@code targetSdkVersion} of {@link android.os.Build.VERSION_CODES#M} or later.

     * Device admins with a {@code targetSdkVersion} < {@link android.os.Build.VERSION_CODES#Q}

     * cannot grant and revoke permissions for applications built with a {@code targetSdkVersion}

     * < {@link android.os.Build.VERSION_CODES#M}.

     * <p/>

     * Admins with a {@code targetSdkVersion} ≥ {@link android.os.Build.VERSION_CODES#Q} can

     * grant and revoke permissions of all apps. Similar to the user revoking a permission from a

     * application built with a {@code targetSdkVersion} <

     * {@link android.os.Build.VERSION_CODES#M} the app-op matching the permission is set to

     * {@link android.app.AppOpsManager#MODE_IGNORED}, but the permission stays granted.

     *

     * @param admin Which profile or device owner this request is associated with.

     * @param packageName The application to grant or revoke a permission to.

     * @see #setDelegatedScopes

     * @see #DELEGATION_PERMISSION_GRANT

     */

    public boolean setPermissionGrantState(@NonNull ComponentName admin, String packageName,

            String permission, int grantState) {

    public boolean setPermissionGrantState(@NonNull ComponentName admin,

            @NonNull String packageName, @NonNull String permission,

            @PermissionGrantState int grantState) {

        throwIfParentInstance("setPermissionGrantState");

        try {

            return mService.setPermissionGrantState(admin, mContext.getPackageName(), packageName,

                    permission, grantState);

            CompletableFuture<Boolean> result = new CompletableFuture<>();

            mService.setPermissionGrantState(admin, mContext.getPackageName(), packageName,

                    permission, grantState, new RemoteCallback((b) -> result.complete(b != null)));

            return result.get();

        } catch (RemoteException re) {

            throw re.rethrowFromSystemServer();

        } catch (InterruptedException | ExecutionException e) {

            throw new RuntimeException(e);

        }

    }

     * @see #setDelegatedScopes

     * @see #DELEGATION_PERMISSION_GRANT

     */

    public int getPermissionGrantState(@Nullable ComponentName admin, String packageName,

            String permission) {

    public @PermissionGrantState int getPermissionGrantState(@Nullable ComponentName admin,

            @NonNull String packageName, @NonNull String permission) {

        throwIfParentInstance("getPermissionGrantState");

        try {

            return mService.getPermissionGrantState(admin, mContext.getPackageName(), packageName,

    void setPermissionPolicy(in ComponentName admin, in String callerPackage, int policy);

    int  getPermissionPolicy(in ComponentName admin);

    boolean setPermissionGrantState(in ComponentName admin, in String callerPackage, String packageName,

            String permission, int grantState);

    void setPermissionGrantState(in ComponentName admin, in String callerPackage, String packageName,

            String permission, int grantState, in RemoteCallback resultReceiver);

    int getPermissionGrantState(in ComponentName admin, in String callerPackage, String packageName, String permission);

    boolean isProvisioningAllowed(String action, String packageName);

    int checkProvisioningPreCondition(String action, String packageName);

    void getPermissionUsages(boolean countSystem, long numMillis, in RemoteCallback callback);

    void isApplicationQualifiedForRole(String roleName, String packageName,

            in RemoteCallback callback);

    void setRuntimePermissionGrantStateByDeviceAdmin(String callerPackageName, String packageName,

            String permission, int grantState, in RemoteCallback callback);

}