Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 9160d589 authored by Treehugger Robot's avatar Treehugger Robot Committed by Android (Google) Code Review
Browse files

Merge "Add appop protection level to WRITE_SYSTEM_PREFERENCES" into main

parents ed0a3c23 cb92da45

core/api/current.txt

+1 −1
Original line number Diff line number Diff line
@@ -336,7 +336,7 @@ package android { 
    field public static final String WRITE_SECURE_SETTINGS = "android.permission.WRITE_SECURE_SETTINGS";

    field public static final String WRITE_SETTINGS = "android.permission.WRITE_SETTINGS";

    field public static final String WRITE_SYNC_SETTINGS = "android.permission.WRITE_SYNC_SETTINGS";

    field @FlaggedApi("com.android.settingslib.flags.settings_catalyst") public static final String WRITE_SYSTEM_PREFERENCES = "android.permission.WRITE_SYSTEM_PREFERENCES";

    field @FlaggedApi("com.android.settingslib.flags.write_system_preference_permission_enabled") public static final String WRITE_SYSTEM_PREFERENCES = "android.permission.WRITE_SYSTEM_PREFERENCES";

    field public static final String WRITE_VOICEMAIL = "com.android.voicemail.permission.WRITE_VOICEMAIL";

  }

























core/java/android/app/AppOpsManager.java



+14
−1




























Original line number
Diff line number
Diff line








@@ -1624,9 +1624,13 @@ public class AppOpsManager {













    /** @hide Access to read oxygen saturation. */















    public static final int OP_READ_OXYGEN_SATURATION = AppOpEnums.APP_OP_READ_OXYGEN_SATURATION;





























    /** @hide Access to write system preferences. */













    public static final int OP_WRITE_SYSTEM_PREFERENCES =













            AppOpEnums.APP_OP_WRITE_SYSTEM_PREFERENCES;





























    /** @hide */















    @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553)













    public static final int _NUM_OP = 153;













    public static final int _NUM_OP = 154;































    /**















     * All app ops represented as strings.










@@ -1783,6 +1787,7 @@ public class AppOpsManager {













            OPSTR_READ_SKIN_TEMPERATURE,















            OPSTR_RANGING,















            OPSTR_READ_OXYGEN_SATURATION,













            OPSTR_WRITE_SYSTEM_PREFERENCES,















    })















    public @interface AppOpString {}


























@@ -2540,6 +2545,9 @@ public class AppOpsManager {













    @FlaggedApi(Flags.FLAG_RANGING_PERMISSION_ENABLED)















    public static final String OPSTR_RANGING = "android:ranging";





























    /** @hide Access to system preferences write services */













    public static final String OPSTR_WRITE_SYSTEM_PREFERENCES = "android:write_system_preferences";





























    /** {@link #sAppOpsToNote} not initialized yet for this op */















    private static final byte SHOULD_COLLECT_NOTE_OP_NOT_INITIALIZED = 0;















    /** Should not collect noting of this app-op in {@link #sAppOpsToNote} */










@@ -2656,6 +2664,7 @@ public class AppOpsManager {













            OP_RECEIVE_SANDBOX_TRIGGER_AUDIO,















            OP_MEDIA_ROUTING_CONTROL,















            OP_READ_SYSTEM_GRAMMATICAL_GENDER,













            OP_WRITE_SYSTEM_PREFERENCES,















    };































    @SuppressWarnings("FlaggedApi")










@@ -3144,6 +3153,10 @@ public class AppOpsManager {













                Flags.replaceBodySensorPermissionEnabled()















                    ? HealthPermissions.READ_OXYGEN_SATURATION : null)















            .setDefaultMode(AppOpsManager.MODE_ALLOWED).build(),













        new AppOpInfo.Builder(OP_WRITE_SYSTEM_PREFERENCES, OPSTR_WRITE_SYSTEM_PREFERENCES,













            "WRITE_SYSTEM_PREFERENCES").setPermission(













                     com.android.settingslib.flags.Flags.writeSystemPreferencePermissionEnabled()













                     ? Manifest.permission.WRITE_SYSTEM_PREFERENCES : null).build(),















    };































    // The number of longs needed to form a full bitmask of app ops

































core/res/AndroidManifest.xml



+4
−4




























Original line number
Diff line number
Diff line








@@ -4991,16 +4991,16 @@













        android:protectionLevel="signature|privileged|role"















        android:featureFlag="com.android.settingslib.flags.settings_catalyst" />





























    <!-- @FlaggedApi(com.android.settingslib.flags.Flags.FLAG_SETTINGS_CATALYST)













    <!-- @FlaggedApi(com.android.settingslib.flags.Flags.FLAG_WRITE_SYSTEM_PREFERENCE_PERMISSION_ENABLED)















         Allows an application to access the Settings Preference services to write settings















         values exposed by the system Settings app and system apps that contribute settings surfaced















         in the Settings app.















         <p>This allows the calling application to write settings values















         through the host application, agnostic of underlying storage.













         <p>Protection Level: signature|privileged|appop - appop to be added in followup -->













         <p>Protection Level: signature|privileged|appop -->















    <permission android:name="android.permission.WRITE_SYSTEM_PREFERENCES"













        android:protectionLevel="signature|privileged"













        android:featureFlag="com.android.settingslib.flags.settings_catalyst" />













        android:protectionLevel="signature|privileged|appop"













        android:featureFlag="com.android.settingslib.flags.write_system_preference_permission_enabled" />































    <!-- ========================================= -->















    <!-- Permissions for special development tools -->