Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 9263f255 authored by Yi-an Chen's avatar Yi-an Chen
Browse files

Rename checkPrivilegedPermissionAllowlist() 

Rename method checkPrivilegedPermissionAllowlist() to avoid
confusions on understanding the code.

We could also split this method into shouldCheckAllowlist()
and checkAllowlist() to avoid the confusion. However, since
we will always call these two methods together, it's cleaner
to put these two together. Hence renamed this method to
checkPrivilegedPermissionAllowlistIfNeeded(). Also added doc
to explain the return values.

Bug: 364435115
Test: Build
Flag: DOCS_ONLY
Change-Id: I8071b6860da4853c7a74e1d2daf1748ccb6cbd6e
parent b7faccdc

services/permission/java/com/android/server/permission/access/permission/AppIdPermissionPolicy.kt

+11 −2
Original line number Diff line number Diff line
@@ -888,7 +888,7 @@ class AppIdPermissionPolicy : SchemePolicy() { 
                    val mayGrantByPrivileged =

                        !permission.isPrivileged ||

                            requestingPackageStates.anyIndexed { _, it ->

                                checkPrivilegedPermissionAllowlist(it, permission)

                                checkPrivilegedPermissionAllowlistIfNeeded(it, permission)

                            }

                    val shouldGrantBySignature =

                        permission.isSignature &&
@@ -1280,7 +1280,16 @@ class AppIdPermissionPolicy : SchemePolicy() { 
        }

    }



    private fun MutateStateScope.checkPrivilegedPermissionAllowlist(

    /**

     * We only check privileged permission allowlist for system privileged apps. Hence, for platform

     * or for normal apps, we return true to indicate that we don't need to check the allowlist and

     * will let follow-up checks to decide whether we should grant the permission.

     *

     * @return `true`, if the permission is allowlisted for system privileged apps, or if we

     *         don't need to check the allowlist (for platform or for normal apps).

     *         `false`, if the permission is not allowlisted for system privileged apps.

     */

    private fun MutateStateScope.checkPrivilegedPermissionAllowlistIfNeeded(

        packageState: PackageState,

        permission: Permission

    ): Boolean {