Restrict sensitive notifications from untrusted listeners

    field public static final String RECEIVE_EMERGENCY_BROADCAST = "android.permission.RECEIVE_EMERGENCY_BROADCAST";

    field @FlaggedApi("android.permission.flags.voice_activation_permission_apis") public static final String RECEIVE_SANDBOXED_DETECTION_TRAINING_DATA = "android.permission.RECEIVE_SANDBOXED_DETECTION_TRAINING_DATA";

    field @FlaggedApi("android.permission.flags.voice_activation_permission_apis") public static final String RECEIVE_SANDBOX_TRIGGER_AUDIO = "android.permission.RECEIVE_SANDBOX_TRIGGER_AUDIO";

    field @FlaggedApi("com.android.server.notification.flags.redact_otp_notifications_from_untrusted_listeners") public static final String RECEIVE_SENSITIVE_NOTIFICATIONS = "android.permission.RECEIVE_SENSITIVE_NOTIFICATIONS";

    field public static final String RECEIVE_WIFI_CREDENTIAL_CHANGE = "android.permission.RECEIVE_WIFI_CREDENTIAL_CHANGE";

    field public static final String RECORD_BACKGROUND_AUDIO = "android.permission.RECORD_BACKGROUND_AUDIO";

    field public static final String RECOVERY = "android.permission.RECOVERY";

    /**

     * @param notification Some kind of clone of this.notification.

     * @return A shallow copy of self, with notification in place of this.notification.

     *

     * @hide

     */

    StatusBarNotification cloneShallow(Notification notification) {

    public StatusBarNotification cloneShallow(Notification notification) {

        StatusBarNotification result = new StatusBarNotification(this.pkg, this.opPkg,

                this.id, this.tag, this.uid, this.initialPid,

                notification, this.user, this.overrideGroupKey, this.postTime);

    bug: "299448097"

}

flag {

  name: "redact_sensitive_notifications_from_untrusted_listeners"

  namespace: "systemui"

  description: "This flag controls the redacting of sensitive notifications from untrusted NotificationListenerServices"

  bug: "306271190"

}

    <permission android:name="android.permission.OVERRIDE_SYSTEM_KEY_BEHAVIOR_IN_FOCUSED_WINDOW"

        android:protectionLevel="signature|privileged" />

    <!-- @hide @SystemApi

        @FlaggedApi("com.android.server.notification.flags.redact_otp_notifications_from_untrusted_listeners")

        Allows apps with a NotificationListenerService to receive notifications with sensitive

        information

        <p>Apps with a NotificationListenerService without this permission will not be able

        to view certain types of sensitive information contained in notifications

        <p>Protection level: signature|role

    -->

    <permission android:name="android.permission.RECEIVE_SENSITIVE_NOTIFICATIONS"

        android:protectionLevel="signature|role" />

    <!-- Attribution for Geofencing service. -->

    <attribution android:tag="GeofencingService" android:label="@string/geofencing_service"/>

    <!-- Attribution for Country Detector. -->

    <!-- Communal profile label on a screen. This can be used as a tab label for this profile in tabbed views and can be used to represent the profile in sharing surfaces, etc. [CHAR LIMIT=20] -->

    <string name="profile_label_communal">Communal</string>

    <!-- Notification message used when a notification's normal message contains sensitive information. -->

    <!-- TODO b/301960090: replace with redacted message string and action title, when/if UX provides one -->

    <!-- DO NOT TRANSLATE -->

    <string name="redacted_notification_message"></string>

    <!-- Notification action title used instead of a notification's normal title sensitive [CHAR_LIMIT=NOTIF_BODY] -->

    <string name="redacted_notification_action_title"></string>

</resources>