Rename OP_USE_FACE to OP_USE_BIOMETRIC (b3c05aaa) · Commits · e / os / android_frameworks_base

core/java/android/app/AppOpsManager.java

+11 −11

Original line number	Diff line number	Diff line
		@@ -429,8 +429,8 @@ public class AppOpsManager {
		/** @hide */
		@UnsupportedAppUsage
		public static final int OP_BLUETOOTH_SCAN = 77;
		/** @hide Use the face authentication API. */
		public static final int OP_USE_FACE = 78;
		/** @hide Use the BiometricPrompt/BiometricManager APIs. */
		public static final int OP_USE_BIOMETRIC = 78;
		/** @hide */
		@UnsupportedAppUsage
		public static final int _NUM_OP = 79;
		@@ -678,8 +678,8 @@ public class AppOpsManager {
		/** @hide */
		public static final String OPSTR_BLUETOOTH_SCAN = "android:bluetooth_scan";

		/** @hide Use the face authentication API. */
		public static final String OPSTR_USE_FACE = "android:use_face";
		/** @hide Use the BiometricPrompt/BiometricManager APIs. */
		public static final String OPSTR_USE_BIOMETRIC = "android:use_biometric";

		// Warning: If an permission is added here it also has to be added to
		// com.android.packageinstaller.permission.utils.EventLogger
		@@ -818,7 +818,7 @@ public class AppOpsManager {
		OP_MANAGE_IPSEC_TUNNELS, // MANAGE_IPSEC_HANDOVERS
		OP_START_FOREGROUND, // START_FOREGROUND
		OP_COARSE_LOCATION, // BLUETOOTH_SCAN
		OP_USE_FACE, // FACE
		OP_USE_BIOMETRIC, // BIOMETRIC
		};

		/**
		@@ -903,7 +903,7 @@ public class AppOpsManager {
		OPSTR_MANAGE_IPSEC_TUNNELS,
		OPSTR_START_FOREGROUND,
		OPSTR_BLUETOOTH_SCAN,
		OPSTR_USE_FACE,
		OPSTR_USE_BIOMETRIC,
		};

		/**
		@@ -989,7 +989,7 @@ public class AppOpsManager {
		"MANAGE_IPSEC_TUNNELS",
		"START_FOREGROUND",
		"BLUETOOTH_SCAN",
		"USE_FACE",
		"USE_BIOMETRIC",
		};

		/**
		@@ -1163,7 +1163,7 @@ public class AppOpsManager {
		null, // MANAGE_IPSEC_TUNNELS
		null, // START_FOREGROUND
		null, // maybe should be UserManager.DISALLOW_SHARE_LOCATION, //BLUETOOTH_SCAN
		null, // USE_FACE
		null, // USE_BIOMETRIC
		};

		/**
		@@ -1249,7 +1249,7 @@ public class AppOpsManager {
		false, // MANAGE_IPSEC_HANDOVERS
		false, // START_FOREGROUND
		true, // BLUETOOTH_SCAN
		false, // USE_FACE
		false, // USE_BIOMETRIC
		};

		/**
		@@ -1334,7 +1334,7 @@ public class AppOpsManager {
		AppOpsManager.MODE_ERRORED, // MANAGE_IPSEC_TUNNELS
		AppOpsManager.MODE_ALLOWED, // OP_START_FOREGROUND
		AppOpsManager.MODE_ALLOWED, // OP_BLUETOOTH_SCAN
		AppOpsManager.MODE_ALLOWED, // USE_FACE
		AppOpsManager.MODE_ALLOWED, // USE_BIOMETRIC
		};

		/**
		@@ -1423,7 +1423,7 @@ public class AppOpsManager {
		false, // MANAGE_IPSEC_TUNNELS
		false, // START_FOREGROUND
		false, // BLUETOOTH_SCAN
		false, // USE_FACE
		false, // USE_BIOMETRIC
		};

		/**

services/core/java/com/android/server/biometrics/BiometricServiceBase.java

+5 −6

Original line number	Diff line number	Diff line
		@@ -84,7 +84,6 @@ public abstract class BiometricServiceBase extends SystemService

		private final Context mContext;
		private final String mKeyguardPackage;
		private final AppOpsManager mAppOps;
		private final SparseBooleanArray mTimedLockoutCleared;
		private final SparseIntArray mFailedAttempts;
		private final IActivityTaskManager mActivityTaskManager;
		@@ -102,6 +101,7 @@ public abstract class BiometricServiceBase extends SystemService
		Collections.synchronizedMap(new HashMap<>());
		protected final ResetFailedAttemptsForUserRunnable mResetFailedAttemptsForCurrentUserRunnable =
		new ResetFailedAttemptsForUserRunnable();
		protected final AppOpsManager mAppOps;
		protected final H mHandler = new H();

		private ClientMonitor mCurrentClient;
		@@ -206,11 +206,9 @@ public abstract class BiometricServiceBase extends SystemService
		protected abstract void checkUseBiometricPermission();

		/**
		* @return Returns one of the {@link AppOpsManager} constants which pertains to the specific
		* biometric service.
		* Checks if the caller passes the app ops check
		*/
		protected abstract int getAppOp();

		protected abstract boolean checkAppOps(int uid, String opPackageName);

		/**
		* Notifies clients of any change in the biometric state (active / idle). This is mainly for
		@@ -822,10 +820,11 @@ public abstract class BiometricServiceBase extends SystemService
		Slog.w(getTag(), "Rejecting " + opPackageName + "; not a current user or profile");
		return false;
		}
		if (mAppOps.noteOp(getAppOp(), uid, opPackageName) != AppOpsManager.MODE_ALLOWED) {
		if (!checkAppOps(uid, opPackageName)) {
		Slog.w(getTag(), "Rejecting " + opPackageName + "; permission denied");
		return false;
		}

		if (requireForeground && !(isForegroundActivity(uid, pid) \|\| isCurrentClient(
		opPackageName))) {
		Slog.w(getTag(), "Rejecting " + opPackageName + "; not in foreground");

services/core/java/com/android/server/biometrics/face/FaceService.java

+3 −2

Original line number	Diff line number	Diff line
		@@ -730,8 +730,9 @@ public class FaceService extends BiometricServiceBase {
		}

		@Override
		protected int getAppOp() {
		return AppOpsManager.OP_USE_FACE;
		protected boolean checkAppOps(int uid, String opPackageName) {
		return mAppOps.noteOp(AppOpsManager.OP_USE_BIOMETRIC, uid, opPackageName)
		== AppOpsManager.MODE_ALLOWED;
		}

		@Override

services/core/java/com/android/server/biometrics/fingerprint/FingerprintService.java

+10 −2

Original line number	Diff line number	Diff line
		@@ -902,8 +902,16 @@ public class FingerprintService extends BiometricServiceBase {
		}

		@Override
		protected int getAppOp() {
		return AppOpsManager.OP_USE_FINGERPRINT;
		protected boolean checkAppOps(int uid, String opPackageName) {
		boolean appOpsOk = false;
		if (mAppOps.noteOp(AppOpsManager.OP_USE_BIOMETRIC, uid, opPackageName)
		== AppOpsManager.MODE_ALLOWED) {
		appOpsOk = true;
		} else if (mAppOps.noteOp(AppOpsManager.OP_USE_FINGERPRINT, uid, opPackageName)
		== AppOpsManager.MODE_ALLOWED) {
		appOpsOk = true;
		}
		return appOpsOk;
		}

		@Override