Merge "Allow sysUI to send a11y events for other package and user" into rvc-dev (78b06a41) · Commits · e / os / android_frameworks_base

core/res/AndroidManifest.xml

+5 −0

Original line number	Diff line number	Diff line
		@@ -3201,6 +3201,11 @@
		<permission android:name="android.permission.MODIFY_ACCESSIBILITY_DATA"
		android:protectionLevel="signature" />

		<!-- @hide Allows an application to perform accessibility operations (e.g. send events) on
		behalf of another package. -->
		<permission android:name="android.permission.ACT_AS_PACKAGE_FOR_ACCESSIBILITY"
		android:protectionLevel="signature" />

		<!-- @hide Allows an application to change the accessibility volume. -->
		<permission android:name="android.permission.CHANGE_ACCESSIBILITY_VOLUME"
		android:protectionLevel="signature" />

+1 −0

Original line number	Diff line number	Diff line
		@@ -219,6 +219,7 @@
		<!-- accessibility -->
		<uses-permission android:name="android.permission.MODIFY_ACCESSIBILITY_DATA" />
		<uses-permission android:name="android.permission.MANAGE_ACCESSIBILITY" />
		<uses-permission android:name="android.permission.ACT_AS_PACKAGE_FOR_ACCESSIBILITY" />

		<!-- to control accessibility volume -->
		<uses-permission android:name="android.permission.CHANGE_ACCESSIBILITY_VOLUME" />

+2 −1

Original line number	Diff line number	Diff line
		@@ -603,7 +603,8 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub

		// Make sure the reported package is one the caller has access to.
		event.setPackageName(mSecurityPolicy.resolveValidReportedPackageLocked(
		event.getPackageName(), UserHandle.getCallingAppId(), resolvedUserId));
		event.getPackageName(), UserHandle.getCallingAppId(), resolvedUserId,
		getCallingPid()));

		// This method does nothing for a background user.
		if (resolvedUserId == mCurrentUserId) {

+8 −3

Original line number	Diff line number	Diff line
		@@ -167,11 +167,12 @@ public class AccessibilitySecurityPolicy {
		* @param packageName The package name the app wants to expose
		* @param appId The app's id
		* @param userId The app's user id
		* @param pid The app's process pid that requested this
		* @return A package name that is valid to report
		*/
		@Nullable
		public String resolveValidReportedPackageLocked(
		@Nullable CharSequence packageName, int appId, int userId) {
		@Nullable CharSequence packageName, int appId, int userId, int pid) {
		// Okay to pass no package
		if (packageName == null) {
		return null;
		@@ -191,6 +192,11 @@ public class AccessibilitySecurityPolicy {
		.getHostedWidgetPackages(resolvedUid), packageNameStr)) {
		return packageName.toString();
		}
		// If app has the targeted permission to act as another package
		if (mContext.checkPermission(Manifest.permission.ACT_AS_PACKAGE_FOR_ACCESSIBILITY,
		pid, resolvedUid) == PackageManager.PERMISSION_GRANTED) {
		return packageName.toString();
		}
		// Otherwise, set the package to the first one in the UID
		final String[] packageNames = mPackageManager.getPackagesForUid(resolvedUid);
		if (ArrayUtils.isEmpty(packageNames)) {
		@@ -403,8 +409,7 @@ public class AccessibilitySecurityPolicy {
		\|\| userId == UserHandle.USER_CURRENT_OR_SELF) {
		return currentUserId;
		}
		throw new IllegalArgumentException("Calling user can be changed to only "
		+ "UserHandle.USER_CURRENT or UserHandle.USER_CURRENT_OR_SELF.");
		return resolveProfileParentLocked(userId);
		}

		/**

+2 −1

Original line number	Diff line number	Diff line
		@@ -955,7 +955,8 @@ public class AccessibilityWindowManager {

		// Makes sure the reported package is one the caller has access to.
		packageName = mSecurityPolicy.resolveValidReportedPackageLocked(
		packageName, UserHandle.getCallingAppId(), resolvedUserId);
		packageName, UserHandle.getCallingAppId(), resolvedUserId,
		Binder.getCallingPid());

		windowId = sNextWindowId++;
		// If the window is from a process that runs across users such as