Merge "Make ag/18284930 work on Wear OS" into main (4e880200) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java

+25 −10

Original line number	Diff line number	Diff line
		@@ -165,6 +165,7 @@ import java.util.Iterator;
		import java.util.List;
		import java.util.Map;
		import java.util.Objects;
		import java.util.Optional;
		import java.util.Set;
		import java.util.concurrent.CompletableFuture;
		import java.util.concurrent.ExecutionException;
		@@ -368,18 +369,32 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt
		return false;
		}

		try {
		int userId = UserHandle.getUserId(uid);
		boolean isInSetup = Settings.Secure.getIntForUser(mContext.getContentResolver(),
		Settings.Secure.USER_SETUP_COMPLETE, userId) == 0;
		boolean isInDeferredSetup = Settings.Secure.getIntForUser(
		mContext.getContentResolver(),
		Settings.Secure.USER_SETUP_PERSONALIZATION_STATE, userId)
		== Settings.Secure.USER_SETUP_PERSONALIZATION_STARTED;
		return isInSetup \|\| isInDeferredSetup;

		boolean isInSetup =
		getSecureInt(Settings.Secure.USER_SETUP_COMPLETE, userId)
		.map(setupState -> setupState == 0)
		.orElse(false);
		if (isInSetup) {
		return true;
		}

		boolean isInDeferredSetup =
		getSecureInt(Settings.Secure.USER_SETUP_PERSONALIZATION_STATE, userId)
		.map(state ->
		state == Settings.Secure.USER_SETUP_PERSONALIZATION_STARTED)
		.orElse(false);
		return isInDeferredSetup;
		}

		private Optional<Integer> getSecureInt(String settingName, int userId) {
		try {
		return Optional.of(
		Settings.Secure.getIntForUser(
		mContext.getContentResolver(), settingName, userId));
		} catch (Settings.SettingNotFoundException e) {
		Slog.w(LOG_TAG, "Failed to check if the user is in restore: " + e);
		return false;
		Slog.i(LOG_TAG, "Setting " + settingName + " not found", e);
		return Optional.empty();
		}
		}

services/permission/java/com/android/server/permission/access/permission/PermissionService.kt

+22 −29

Original line number	Diff line number	Diff line
		@@ -533,8 +533,7 @@ class PermissionService(private val service: AccessCheckingService) :
		val packageState =
		packageManagerLocal.withFilteredSnapshot(Binder.getCallingUid(), userId).use {
		it.getPackageState(packageName)
		}
		?: return PackageManager.PERMISSION_DENIED
		} ?: return PackageManager.PERMISSION_DENIED

		val isPermissionGranted =
		service.getState { isPermissionGranted(packageState, userId, permissionName, deviceId) }
		@@ -1164,8 +1163,7 @@ class PermissionService(private val service: AccessCheckingService) :
		val packageState =
		packageManagerLocal.withFilteredSnapshot(Binder.getCallingUid(), userId).use {
		it.getPackageState(packageName)
		}
		?: return false
		} ?: return false

		service.getState {
		if (isPermissionGranted(packageState, userId, permissionName, deviceId)) {
		@@ -1216,8 +1214,7 @@ class PermissionService(private val service: AccessCheckingService) :
		val packageState =
		packageManagerLocal.withFilteredSnapshot(callingUid, userId).use {
		it.getPackageState(packageName)
		}
		?: return false
		} ?: return false
		val appId = packageState.appId
		if (UserHandle.getAppId(callingUid) != appId) {
		return false
		@@ -1546,8 +1543,7 @@ class PermissionService(private val service: AccessCheckingService) :
		val packageState =
		packageManagerLocal.withFilteredSnapshot(callingUid, userId).use {
		it.getPackageState(packageName)
		}
		?: return null
		} ?: return null
		val androidPackage = packageState.androidPackage ?: return null

		val isCallerPrivileged =
		@@ -1710,8 +1706,7 @@ class PermissionService(private val service: AccessCheckingService) :
		PackageManager.FLAG_PERMISSION_WHITELIST_INSTALLER,
		userId
		)
		?.let { ArraySet(permissionNames).apply { this += it }.toList() }
		?: permissionNames
		?.let { ArraySet(permissionNames).apply { this += it }.toList() } ?: permissionNames

		setAllowlistedRestrictedPermissionsUnchecked(
		androidPackage,
		@@ -2753,26 +2748,24 @@ class PermissionService(private val service: AccessCheckingService) :
		) {
		return false
		}
		return try {
		val contentResolver = context.contentResolver

		val userId = UserHandle.getUserId(uid)
		val isInSetup =
		Settings.Secure.getIntForUser(
		contentResolver,
		Settings.Secure.USER_SETUP_COMPLETE,
		userId
		) == 0

		val isInSetup = getSecureInt(Settings.Secure.USER_SETUP_COMPLETE, userId) == 0
		if (isInSetup) return true

		val isInDeferredSetup =
		Settings.Secure.getIntForUser(
		contentResolver,
		Settings.Secure.USER_SETUP_PERSONALIZATION_STATE,
		userId
		) == Settings.Secure.USER_SETUP_PERSONALIZATION_STARTED
		isInSetup \|\| isInDeferredSetup
		} catch (e: Settings.SettingNotFoundException) {
		Slog.w(LOG_TAG, "Failed to check if the user is in restore: $e")
		false
		getSecureInt(Settings.Secure.USER_SETUP_PERSONALIZATION_STATE, userId) ==
		Settings.Secure.USER_SETUP_PERSONALIZATION_STARTED
		return isInDeferredSetup
		}

		private fun getSecureInt(settingName: String, userId: Int): Int? =
		try {
		Settings.Secure.getIntForUser(context.contentResolver, settingName, userId)
		} catch (e: Settings.SettingNotFoundException) {
		Slog.i(LOG_TAG, "Setting $settingName not found", e)
		null
		}
		}