Merge "Create system server component for one-time permissions" (7f1ce8f9) · Commits · e / os / android_frameworks_base

api/system-current.txt

+5 −1

Original line number	Diff line number	Diff line
		@@ -2088,6 +2088,7 @@ package android.content.pm {
		field public static final int FLAG_PERMISSION_APPLY_RESTRICTION = 16384; // 0x4000
		field public static final int FLAG_PERMISSION_GRANTED_BY_DEFAULT = 32; // 0x20
		field public static final int FLAG_PERMISSION_GRANTED_BY_ROLE = 32768; // 0x8000
		field public static final int FLAG_PERMISSION_ONE_TIME = 65536; // 0x10000
		field public static final int FLAG_PERMISSION_POLICY_FIXED = 4; // 0x4
		field public static final int FLAG_PERMISSION_RESTRICTION_INSTALLER_EXEMPT = 2048; // 0x800
		field public static final int FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT = 4096; // 0x1000
		@@ -2162,7 +2163,7 @@ package android.content.pm {
		method public void onPermissionsChanged(int);
		}

		@IntDef(prefix={"FLAG_PERMISSION_"}, value={android.content.pm.PackageManager.FLAG_PERMISSION_USER_SET, android.content.pm.PackageManager.FLAG_PERMISSION_USER_FIXED, android.content.pm.PackageManager.FLAG_PERMISSION_POLICY_FIXED, android.content.pm.PackageManager.FLAG_PERMISSION_REVOKE_ON_UPGRADE, android.content.pm.PackageManager.FLAG_PERMISSION_SYSTEM_FIXED, android.content.pm.PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT, android.content.pm.PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_GRANTED, android.content.pm.PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED, android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT, android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT, android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_INSTALLER_EXEMPT, android.content.pm.PackageManager.FLAG_PERMISSION_APPLY_RESTRICTION, android.content.pm.PackageManager.FLAG_PERMISSION_GRANTED_BY_ROLE, android.content.pm.PackageManager.FLAG_PERMISSION_REVOKED_COMPAT}) @java.lang.annotation.Retention(java.lang.annotation.RetentionPolicy.SOURCE) public static @interface PackageManager.PermissionFlags {
		@IntDef(prefix={"FLAG_PERMISSION_"}, value={android.content.pm.PackageManager.FLAG_PERMISSION_USER_SET, android.content.pm.PackageManager.FLAG_PERMISSION_USER_FIXED, android.content.pm.PackageManager.FLAG_PERMISSION_POLICY_FIXED, android.content.pm.PackageManager.FLAG_PERMISSION_REVOKE_ON_UPGRADE, android.content.pm.PackageManager.FLAG_PERMISSION_SYSTEM_FIXED, android.content.pm.PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT, android.content.pm.PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_GRANTED, android.content.pm.PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED, android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT, android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT, android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_INSTALLER_EXEMPT, android.content.pm.PackageManager.FLAG_PERMISSION_APPLY_RESTRICTION, android.content.pm.PackageManager.FLAG_PERMISSION_GRANTED_BY_ROLE, android.content.pm.PackageManager.FLAG_PERMISSION_REVOKED_COMPAT, android.content.pm.PackageManager.FLAG_PERMISSION_ONE_TIME}) @java.lang.annotation.Retention(java.lang.annotation.RetentionPolicy.SOURCE) public static @interface PackageManager.PermissionFlags {
		}

		public class PermissionGroupInfo extends android.content.pm.PackageItemInfo implements android.os.Parcelable {
		@@ -7016,6 +7017,7 @@ package android.permission {
		method @BinderThread public abstract void onGetPermissionUsages(boolean, long, @NonNull java.util.function.Consumer<java.util.List<android.permission.RuntimePermissionUsageInfo>>);
		method @BinderThread public abstract void onGetRuntimePermissionsBackup(@NonNull android.os.UserHandle, @NonNull java.io.OutputStream, @NonNull Runnable);
		method @BinderThread public abstract void onGrantOrUpgradeDefaultRuntimePermissions(@NonNull Runnable);
		method @BinderThread public void onOneTimePermissionSessionTimeout(@NonNull String);
		method @Deprecated @BinderThread public void onRestoreDelayedRuntimePermissionsBackup(@NonNull String, @NonNull android.os.UserHandle, @NonNull java.util.function.Consumer<java.lang.Boolean>);
		method @Deprecated @BinderThread public void onRestoreRuntimePermissionsBackup(@NonNull android.os.UserHandle, @NonNull java.io.InputStream, @NonNull Runnable);
		method @BinderThread public abstract void onRevokeRuntimePermission(@NonNull String, @NonNull String, @NonNull Runnable);
		@@ -7032,6 +7034,8 @@ package android.permission {
		method @RequiresPermission(android.Manifest.permission.GRANT_RUNTIME_PERMISSIONS_TO_TELEPHONY_DEFAULTS) public void grantDefaultPermissionsToLuiApp(@NonNull String, @NonNull android.os.UserHandle, @NonNull java.util.concurrent.Executor, @NonNull java.util.function.Consumer<java.lang.Boolean>);
		method @RequiresPermission(android.Manifest.permission.GRANT_RUNTIME_PERMISSIONS_TO_TELEPHONY_DEFAULTS) public void revokeDefaultPermissionsFromLuiApps(@NonNull String[], @NonNull android.os.UserHandle, @NonNull java.util.concurrent.Executor, @NonNull java.util.function.Consumer<java.lang.Boolean>);
		method @RequiresPermission(android.Manifest.permission.ADJUST_RUNTIME_PERMISSIONS_POLICY) public void setRuntimePermissionsVersion(@IntRange(from=0) int);
		method @RequiresPermission(allOf={android.Manifest.permission.REVOKE_RUNTIME_PERMISSIONS, android.Manifest.permission.PACKAGE_USAGE_STATS}) public void startOneTimePermissionSession(@NonNull String, long, int, int);
		method @RequiresPermission(allOf={android.Manifest.permission.REVOKE_RUNTIME_PERMISSIONS, android.Manifest.permission.PACKAGE_USAGE_STATS}) public void stopOneTimePermissionSession(@NonNull String);
		}

		public static final class PermissionManager.SplitPermissionInfo {

core/java/android/content/pm/PackageManager.java

+14 −2

Original line number	Diff line number	Diff line
		@@ -3242,6 +3242,15 @@ public abstract class PackageManager {
		@TestApi
		public static final int FLAG_PERMISSION_REVOKED_COMPAT = FLAG_PERMISSION_REVOKE_ON_UPGRADE;

		/**
		* Permission flag: The permission is one-time and should be revoked automatically on app
		* inactivity
		*
		* @hide
		*/
		@SystemApi
		public static final int FLAG_PERMISSION_ONE_TIME = 1 << 16;

		/**
		* Permission flags: Bitwise or of all permission flags allowing an
		* exemption for a restricted permission.
		@@ -3283,7 +3292,8 @@ public abstract class PackageManager {
		\| FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT
		\| FLAG_PERMISSION_APPLY_RESTRICTION
		\| FLAG_PERMISSION_GRANTED_BY_ROLE
		\| FLAG_PERMISSION_REVOKED_COMPAT;
		\| FLAG_PERMISSION_REVOKED_COMPAT
		\| FLAG_PERMISSION_ONE_TIME;

		/**
		* Injected activity in app that forwards user to setting activity of that app.
		@@ -4063,7 +4073,8 @@ public abstract class PackageManager {
		FLAG_PERMISSION_RESTRICTION_INSTALLER_EXEMPT,
		FLAG_PERMISSION_APPLY_RESTRICTION,
		FLAG_PERMISSION_GRANTED_BY_ROLE,
		FLAG_PERMISSION_REVOKED_COMPAT
		FLAG_PERMISSION_REVOKED_COMPAT,
		FLAG_PERMISSION_ONE_TIME
		})
		@Retention(RetentionPolicy.SOURCE)
		public @interface PermissionFlags {}
		@@ -7164,6 +7175,7 @@ public abstract class PackageManager {
		case FLAG_PERMISSION_APPLY_RESTRICTION: return "APPLY_RESTRICTION";
		case FLAG_PERMISSION_GRANTED_BY_ROLE: return "GRANTED_BY_ROLE";
		case FLAG_PERMISSION_REVOKED_COMPAT: return "REVOKED_COMPAT";
		case FLAG_PERMISSION_ONE_TIME: return "ONE_TIME";
		default: return Integer.toString(flag);
		}
		}

core/java/android/permission/IPermissionController.aidl

+1 −0

Original line number	Diff line number	Diff line
		@@ -43,4 +43,5 @@ oneway interface IPermissionController {
		String permission, int grantState, in AndroidFuture callback);
		void grantOrUpgradeDefaultRuntimePermissions(in AndroidFuture callback);
		void updateUserSensitive(in AndroidFuture callback);
		void notifyOneTimePermissionSessionTimeout(String packageName);
		}

core/java/android/permission/IPermissionManager.aidl

+6 −0

Original line number	Diff line number	Diff line
		@@ -20,6 +20,7 @@ import android.content.pm.ParceledListSlice;
		import android.content.pm.PermissionGroupInfo;
		import android.content.pm.PermissionInfo;
		import android.content.pm.permission.SplitPermissionInfoParcelable;
		import android.os.UserHandle;
		import android.permission.IOnPermissionsChangeListener;

		/**
		@@ -100,4 +101,9 @@ interface IPermissionManager {
		boolean isPermissionRevokedByPolicy(String permName, String packageName, int userId);

		List<SplitPermissionInfoParcelable> getSplitPermissions();

		void startOneTimePermissionSession(String packageName, int userId, long timeout,
		int importanceToResetTimer, int importanceToKeepSessionAlive);

		void stopOneTimePermissionSession(String packageName, int userId);
		}

core/java/android/permission/PermissionControllerManager.java

+14 −0

Original line number	Diff line number	Diff line
		@@ -636,4 +636,18 @@ public final class PermissionControllerManager {
		return future;
		});
		}

		/**
		* Called when a package that has permissions registered as "one-time" is considered
		* inactive.
		*
		* @param packageName The package which became inactive
		*
		* @hide
		*/
		@RequiresPermission(Manifest.permission.REVOKE_RUNTIME_PERMISSIONS)
		public void notifyOneTimePermissionSessionTimeout(@NonNull String packageName) {
		mRemoteService.run(
		service -> service.notifyOneTimePermissionSessionTimeout(packageName));
		}
		}