Merge cherrypicks of [14551043, 14550658, 14550659, 14550660, 14550661,...

    <protected-broadcast android:name="android.net.wifi.p2p.action.WIFI_P2P_PERSISTENT_GROUPS_CHANGED" />

    <protected-broadcast android:name="android.net.conn.TETHER_STATE_CHANGED" />

    <protected-broadcast android:name="android.net.conn.INET_CONDITION_ACTION" />

    <!-- This broadcast is no longer sent in S but it should stay protected to avoid third party

         apps broadcasting this and confusing old system apps that may not have been updated. -->

    <protected-broadcast android:name="android.net.conn.NETWORK_CONDITIONS_MEASURED" />

    <protected-broadcast

            android:name="android.net.ConnectivityService.action.PKT_CNT_SAMPLE_INTERVAL_ELAPSED" />

            final PendingIntent pi = PendingIntent.getBroadcast(getContext(),

                    REQUEST_CODE_TIMEOUT,

                    new Intent(ACTION_NOTIFICATION_TIMEOUT)

                            .setPackage(PackageManagerService.PLATFORM_PACKAGE_NAME)

                            .setData(new Uri.Builder().scheme(SCHEME_TIMEOUT)

                                    .appendPath(record.getKey()).build())

                            .addFlags(Intent.FLAG_RECEIVER_FOREGROUND)

        }

        final int callingUid = Binder.getCallingUid();

        final int userId = UserHandle.getUserId(newPackage.getUid());

        for (int userId: mUserManagerInt.getUserIds()) {

            int numRequestedPermissions = newPackage.getRequestedPermissions().size();

            for (int i = 0; i < numRequestedPermissions; i++) {

            PermissionInfo permInfo = getPermissionInfo(newPackage.getRequestedPermissions().get(i),

                PermissionInfo permInfo = getPermissionInfo(

                        newPackage.getRequestedPermissions().get(i),

                        newPackage.getPackageName(), 0);

                if (permInfo == null || !STORAGE_PERMISSIONS.contains(permInfo.name)) {

                    continue;

                                + downgradedSdk + " or newly requested legacy full storage "

                                + newlyRequestsLegacy);

                try {

                    revokeRuntimePermissionInternal(permInfo.name, newPackage.getPackageName(),

                            false, callingUid, userId, null, permissionCallback);

                } catch (IllegalStateException | SecurityException e) {

                    Log.e(TAG, "unable to revoke " + permInfo.name + " for "

                            + newPackage.getPackageName() + " user " + userId, e);

                }

            }

        }

    }

    }

    /**

     * Find all visible task stacks containing {@param userId} and intercept them with an activity

     * Find all task stacks containing {@param userId} and intercept them with an activity

     * to block out the contents and possibly start a credential-confirming intent.

     *

     * @param userId user handle for the locked managed profile.

    void lockAllProfileTasks(@UserIdInt int userId) {

        mService.deferWindowLayout();

        try {

            final PooledConsumer c = PooledLambda.obtainConsumer(

                    RootWindowContainer::taskTopActivityIsUser, this, PooledLambda.__(Task.class),

                    userId);

            forAllLeafTasks(c, true /* traverseTopToBottom */);

            c.recycle();

        } finally {

            mService.continueWindowLayout();

        }

    }

    /**

     * Detects whether we should show a lock screen in front of this task for a locked user.

     * <p>

     * We'll do this if either of the following holds:

     * <ul>

     *   <li>The top activity explicitly belongs to {@param userId}.</li>

     *   <li>The top activity returns a result to an activity belonging to {@param userId}.</li>

     * </ul>

     *

     * @return {@code true} if the top activity looks like it belongs to {@param userId}.

     */

    private void taskTopActivityIsUser(Task task, @UserIdInt int userId) {

        // To handle the case that work app is in the task but just is not the top one.

        final ActivityRecord activityRecord = task.getTopNonFinishingActivity();

        final ActivityRecord resultTo = (activityRecord != null ? activityRecord.resultTo : null);

        // Check the task for a top activity belonging to userId, or returning a

        // result to an activity belonging to userId. Example case: a document

        // picker for personal files, opened by a work app, should still get locked.

        if ((activityRecord != null && activityRecord.mUserId == userId)

                || (resultTo != null && resultTo.mUserId == userId)) {

            forAllLeafTasks(task -> {

                if (task.getActivity(activity -> !activity.finishing && activity.mUserId == userId)

                        != null) {

                    mService.getTaskChangeNotificationController().notifyTaskProfileLocked(

                            task.mTaskId, userId);

                }

            }, true /* traverseTopToBottom */);

        } finally {

            mService.continueWindowLayout();

        }

    }

    void cancelInitializingActivities() {

import android.app.ActivityManager;

import android.app.ActivityManagerInternal;

import android.app.AlarmManager;

import android.app.AppOpsManager;

import android.app.AutomaticZenRule;

import android.app.IActivityManager;

import com.android.server.lights.LogicalLight;

import com.android.server.notification.NotificationManagerService.NotificationAssistants;

import com.android.server.notification.NotificationManagerService.NotificationListeners;

import com.android.server.pm.PackageManagerService;

import com.android.server.statusbar.StatusBarManagerInternal;

import com.android.server.uri.UriGrantsManagerInternal;

import com.android.server.wm.ActivityTaskManagerInternal;

    NotificationHistoryManager mHistoryManager;

    @Mock

    StatsManager mStatsManager;

    @Mock

    AlarmManager mAlarmManager;

    NotificationRecordLoggerFake mNotificationRecordLogger = new NotificationRecordLoggerFake();

    private InstanceIdSequence mNotificationInstanceIdSequence = new InstanceIdSequenceFake(

            1 << 30);

        LocalServices.addService(DeviceIdleInternal.class, deviceIdleInternal);

        LocalServices.removeServiceForTest(ActivityManagerInternal.class);

        LocalServices.addService(ActivityManagerInternal.class, activityManagerInternal);

        mContext.addMockSystemService(Context.ALARM_SERVICE, mAlarmManager);

        doNothing().when(mContext).sendBroadcastAsUser(any(), any(), any());

        return nrSummary;

    }

    @Test

    public void testLimitTimeOutBroadcast() {

        NotificationChannel channel = new NotificationChannel("id", "name",

                NotificationManager.IMPORTANCE_HIGH);

        Notification.Builder nb = new Notification.Builder(mContext, channel.getId())

                .setContentTitle("foo")

                .setSmallIcon(android.R.drawable.sym_def_app_icon)

                .setTimeoutAfter(1);

        StatusBarNotification sbn = new StatusBarNotification(PKG, PKG, 8, "tag", mUid, 0,

                nb.build(), UserHandle.getUserHandleForUid(mUid), null, 0);

        NotificationRecord r = new NotificationRecord(mContext, sbn, channel);

        mService.scheduleTimeoutLocked(r);

        ArgumentCaptor<PendingIntent> captor = ArgumentCaptor.forClass(PendingIntent.class);

        verify(mAlarmManager).setExactAndAllowWhileIdle(anyInt(), anyLong(), captor.capture());

        assertEquals(PackageManagerService.PLATFORM_PACKAGE_NAME,

                captor.getValue().getIntent().getPackage());

    }

    @Test

    public void testDefaultAssistant_overrideDefault() {

        final int userId = 0;