Merge "docs: Added protection level to permissions" into qt-dev am: b9206893

      meaning that the whitelist state can be specified only at install time and

      cannot change until the app is installed. For more details see

      {@link android.content.pm.PackageInstaller.SessionParams#setWhitelistedRestrictedPermissions(Set)}.

     -->

     <p>Protection level: dangerous -->

    <permission android:name="android.permission.READ_EXTERNAL_STORAGE"

        android:permissionGroup="android.permission-group.UNDEFINED"

        android:label="@string/permlab_sdcardRead"

         read/write files in your application-specific directories returned by

         {@link android.content.Context#getExternalFilesDir} and

         {@link android.content.Context#getExternalCacheDir}.

         <p>Is this permission is not whitelisted for an app that targets an API level before

         <p>If this permission is not whitelisted for an app that targets an API level before

         {@link android.os.Build.VERSION_CODES#Q} this permission cannot be granted to apps.</p>

         <p>Protection level: dangerous</p>

    -->

    <permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"

        android:permissionGroup="android.permission-group.UNDEFINED"

        android:protectionLevel="dangerous" />

    <!-- Allows an application to access any geographic locations persisted in the

         user's shared collection. -->

         user's shared collection.

         <p>Protection level: dangerous -->

    <permission android:name="android.permission.ACCESS_MEDIA_LOCATION"

        android:permissionGroup="android.permission-group.UNDEFINED"

        android:label="@string/permlab_mediaLocation"

    <!-- Allows applications to pair bluetooth devices without user interaction, and to

         allow or disallow phonebook access or message access.

         This is not available to third party applications. -->

         <p>Not for use by third-party applications. -->

    <permission android:name="android.permission.BLUETOOTH_PRIVILEGED"

        android:protectionLevel="signature|privileged" />

        android:protectionLevel="signature" />

    <!-- Allows an application to modify the current configuration, such

         as locale. -->

         as locale.

         <p>Protection level: signature|privileged|development -->

    <permission android:name="android.permission.CHANGE_CONFIGURATION"

        android:protectionLevel="signature|privileged|development" />

    <!-- ==================================== -->

    <eat-comment />

    <!-- Allows access to the list of accounts in the Accounts Service. -->

    <!-- Allows access to the list of accounts in the Accounts Service.

         <p>Protection level: signature|privileged -->

    <permission android:name="android.permission.GET_ACCOUNTS_PRIVILEGED"

        android:protectionLevel="signature|privileged" />

        android:protectionLevel="signature" />

    <!-- Old permission for deleting an app's cache files, no longer used,

         but signals for us to quietly ignore calls instead of throwing an exception. -->

         but signals for us to quietly ignore calls instead of throwing an exception.

         <p>Protection level: signature|privileged -->

    <permission android:name="android.permission.DELETE_CACHE_FILES"

        android:protectionLevel="signature|privileged" />

    <!-- Allows an application to collect component usage

         statistics

         <p>Declaring the permission implies intention to use the API and the user of the

         device can grant permission through the Settings application. -->

         device can grant permission through the Settings application.

         <p>Protection level: signature|privileged|development|appop -->

    <permission android:name="android.permission.PACKAGE_USAGE_STATS"

        android:protectionLevel="signature|privileged|development|appop" />

    <uses-permission android:name="android.permission.PACKAGE_USAGE_STATS" />

    <!-- Permission an application must hold in order to use

         {@link android.provider.Settings#ACTION_REQUEST_IGNORE_BATTERY_OPTIMIZATIONS}.

         This is a normal permission: an app requesting it will always be granted the

         permission, without the user needing to approve or see it. -->

         <p>Protection level: normal -->

    <permission android:name="android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS"

        android:label="@string/permlab_requestIgnoreBatteryOptimizations"

        android:description="@string/permdesc_requestIgnoreBatteryOptimizations"

        android:protectionLevel="normal" />

    <!-- Allows an application to collect battery statistics -->

    <!-- Allows an application to collect battery statistics

         <p>Protection level: signature|privileged|development -->

    <permission android:name="android.permission.BATTERY_STATS"

        android:protectionLevel="signature|privileged|development" />

        android:protectionLevel="signature" />

    <!-- Must be required by a {@link android.widget.RemoteViewsService},

         to ensure that only the system can bind to it. -->

         to ensure that only the system can bind to it.

         <p>Protection level: signature|privileged -->

    <permission android:name="android.permission.BIND_REMOTEVIEWS"

        android:protectionLevel="signature|privileged" />

         to the path in the provider where global search queries are

         performed.  This permission can not be held by regular applications;

         it is used by applications to protect themselves from everyone else

         besides global search. -->

         besides global search.

         <p>Protection level: signature|privileged -->

    <permission android:name="android.permission.GLOBAL_SEARCH"

        android:protectionLevel="signature|privileged" />

    <permission android:name="android.permission.MODIFY_THEME_OVERLAY"

                android:protectionLevel="signature" />

    <!-- Allows an instant app to create foreground services. -->

    <!-- Allows an instant app to create foreground services.

         <p>Protection level: signature|development|instant|appop -->

    <permission android:name="android.permission.INSTANT_APP_FOREGROUND_SERVICE"

        android:protectionLevel="signature|development|instant|appop" />

    <permission android:name="android.permission.MONITOR_DEFAULT_SMS_PACKAGE"

        android:protectionLevel="signature|privileged" />

    <!-- A subclass of {@link android.service.carrier.CarrierMessagingClientService} must be protected with this permission. -->

    <!-- A subclass of {@link android.service.carrier.CarrierMessagingClientService} must be protected with this permission.

           <p>Protection level: signature -->

    <permission android:name="android.permission.BIND_CARRIER_MESSAGING_CLIENT_SERVICE"

        android:protectionLevel="signature" />

    <permission android:name="android.permission.GRANT_PROFILE_OWNER_DEVICE_IDS_ACCESS"

        android:protectionLevel="signature" />

    <!-- Allows financial apps to read filtered sms messages. -->

    <!-- Allows financial apps to read filtered sms messages.

         Protection level: signature|appop  -->

    <permission android:name="android.permission.SMS_FINANCIAL_TRANSACTIONS"

        android:protectionLevel="signature|appop" />

    <!-- Required for apps targeting {@link android.os.Build.VERSION_CODES#Q} that want to use

         {@link android.app.Notification.Builder#setFullScreenIntent notification full screen

         intents}.  -->

         intents}.

         <p>Protection level: normal -->

    <permission android:name="android.permission.USE_FULL_SCREEN_INTENT"

                android:protectionLevel="normal" />