Add privileged API to control keyguard secure notifications (b3b9c265) · Commits · e / os / android_frameworks_base

api/system-current.txt

+3 −0

Original line number	Diff line number	Diff line
		@@ -58,6 +58,7 @@ package android {
		field public static final java.lang.String CONNECTIVITY_USE_RESTRICTED_NETWORKS = "android.permission.CONNECTIVITY_USE_RESTRICTED_NETWORKS";
		field public static final java.lang.String CONTROL_DISPLAY_SATURATION = "android.permission.CONTROL_DISPLAY_SATURATION";
		field public static final java.lang.String CONTROL_INCALL_EXPERIENCE = "android.permission.CONTROL_INCALL_EXPERIENCE";
		field public static final java.lang.String CONTROL_KEYGUARD_SECURE_NOTIFICATIONS = "android.permission.CONTROL_KEYGUARD_SECURE_NOTIFICATIONS";
		field public static final java.lang.String CONTROL_LOCATION_UPDATES = "android.permission.CONTROL_LOCATION_UPDATES";
		field public static final java.lang.String CONTROL_VPN = "android.permission.CONTROL_VPN";
		field public static final java.lang.String CRYPT_KEEPER = "android.permission.CRYPT_KEEPER";
		@@ -438,6 +439,8 @@ package android.app {
		}

		public class KeyguardManager {
		method public void setPrivateNotificationsAllowed(boolean);
		method public boolean getPrivateNotificationsAllowed();
		method public android.content.Intent createConfirmFactoryResetCredentialIntent(java.lang.CharSequence, java.lang.CharSequence, java.lang.CharSequence);
		method public void requestDismissKeyguard(android.app.Activity, java.lang.CharSequence, android.app.KeyguardManager.KeyguardDismissCallback);
		}

core/java/android/app/INotificationManager.aidl

+3 −0

Original line number	Diff line number	Diff line
		@@ -174,4 +174,7 @@ interface INotificationManager
		void revokeNotificationDelegate(String callingPkg);
		String getNotificationDelegate(String callingPkg);
		boolean canNotifyAsPackage(String callingPkg, String targetPkg);

		void setPrivateNotificationsAllowed(boolean allow);
		boolean getPrivateNotificationsAllowed();
		}

core/java/android/app/KeyguardManager.java

+42 −0

Original line number	Diff line number	Diff line
		@@ -62,6 +62,7 @@ public class KeyguardManager {
		private final IWindowManager mWM;
		private final IActivityManager mAm;
		private final ITrustManager mTrustManager;
		private final INotificationManager mNotificationManager;

		/**
		* Intent used to prompt user for device credentials.
		@@ -219,6 +220,45 @@ public class KeyguardManager {
		return intent;
		}

		/**
		* Controls whether notifications can be shown atop a securely locked screen in their full
		* private form (same as when the device is unlocked).
		*
		* <p>Other sources like the DevicePolicyManger and Settings app can modify this configuration.
		* The result is that private notifications are only shown if all sources allow it.
		*
		* @param allow secure notifications can be shown if {@code true},
		* secure notifications cannot be shown if {@code false}
		* @hide
		*/
		@RequiresPermission(Manifest.permission.CONTROL_KEYGUARD_SECURE_NOTIFICATIONS)
		@SystemApi
		public void setPrivateNotificationsAllowed(boolean allow) {
		try {
		mNotificationManager.setPrivateNotificationsAllowed(allow);
		} catch (RemoteException e) {
		throw e.rethrowFromSystemServer();
		}
		}

		/**
		* Returns whether notifications can be shown atop a securely locked screen in their full
		* private form (same as when the device is unlocked).
		*
		* @return {@code true} if secure notifications can be shown, {@code false} otherwise.
		* By default, private notifications are allowed.
		* @hide
		*/
		@RequiresPermission(Manifest.permission.CONTROL_KEYGUARD_SECURE_NOTIFICATIONS)
		@SystemApi
		public boolean getPrivateNotificationsAllowed() {
		try {
		return mNotificationManager.getPrivateNotificationsAllowed();
		} catch (RemoteException e) {
		throw e.rethrowFromSystemServer();
		}
		}

		private String getSettingsPackageForIntent(Intent intent) {
		List<ResolveInfo> resolveInfos = mContext.getPackageManager()
		.queryIntentActivities(intent, PackageManager.MATCH_SYSTEM_ONLY);
		@@ -335,6 +375,8 @@ public class KeyguardManager {
		mAm = ActivityManager.getService();
		mTrustManager = ITrustManager.Stub.asInterface(
		ServiceManager.getServiceOrThrow(Context.TRUST_SERVICE));
		mNotificationManager = INotificationManager.Stub.asInterface(
		ServiceManager.getServiceOrThrow(Context.NOTIFICATION_SERVICE));
		}

		/**

core/res/AndroidManifest.xml

+5 −0

Original line number	Diff line number	Diff line
		@@ -3851,6 +3851,11 @@
		<permission android:name="android.permission.CONTROL_KEYGUARD"
		android:protectionLevel="signature" />

		<!-- @SystemApi Allows an application to control keyguard features like secure notifications.
		@hide -->
		<permission android:name="android.permission.CONTROL_KEYGUARD_SECURE_NOTIFICATIONS"
		android:protectionLevel="signature\|privileged" />

		<!-- Allows an application to listen to trust changes. Only allowed for system processes.
		@hide -->
		<permission android:name="android.permission.TRUST_LISTENER"

data/etc/privapp-permissions-platform.xml

+1 −0

Original line number	Diff line number	Diff line
		@@ -374,6 +374,7 @@ applications that come with the platform
		<permission name="android.permission.CHANGE_DEVICE_IDLE_TEMP_WHITELIST"/>
		<permission name="android.permission.CHANGE_OVERLAY_PACKAGES"/>
		<permission name="android.permission.CONNECTIVITY_INTERNAL"/>
		<permission name="android.permission.CONTROL_KEYGUARD_SECURE_NOTIFICATIONS"/>
		<permission name="android.permission.CONTROL_REMOTE_APP_TRANSITION_ANIMATIONS"/>
		<permission name="android.permission.CONTROL_VPN"/>
		<permission name="android.permission.DUMP"/>