Loading core/res/AndroidManifest.xml +7 −0 Original line number Original line Diff line number Diff line Loading @@ -824,6 +824,11 @@ grants your app this permission. If you don't need this permission, be sure your <a grants your app this permission. If you don't need this permission, be sure your <a href="{@docRoot}guide/topics/manifest/uses-sdk-element.html#target">{@code href="{@docRoot}guide/topics/manifest/uses-sdk-element.html#target">{@code targetSdkVersion}</a> is 4 or higher. targetSdkVersion}</a> is 4 or higher. <p>Is this permission is not whitelisted for an app that targets an API level before {@link android.os.Build.VERSION_CODES#Q} this permission cannot be granted to apps.</p> <p>Is this permission is not whitelisted for an app that targets an API level {@link android.os.Build.VERSION_CODES#Q} or later the app will be forced into isolated storage. </p> --> --> <permission android:name="android.permission.READ_EXTERNAL_STORAGE" <permission android:name="android.permission.READ_EXTERNAL_STORAGE" android:permissionGroup="android.permission-group.UNDEFINED" android:permissionGroup="android.permission-group.UNDEFINED" Loading @@ -845,6 +850,8 @@ read/write files in your application-specific directories returned by read/write files in your application-specific directories returned by {@link android.content.Context#getExternalFilesDir} and {@link android.content.Context#getExternalFilesDir} and {@link android.content.Context#getExternalCacheDir}. {@link android.content.Context#getExternalCacheDir}. <p>Is this permission is not whitelisted for an app that targets an API level before {@link android.os.Build.VERSION_CODES#Q} this permission cannot be granted to apps.</p> --> --> <permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" <permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" android:permissionGroup="android.permission-group.UNDEFINED" android:permissionGroup="android.permission-group.UNDEFINED" Loading core/res/res/values/attrs_manifest.xml +2 −0 Original line number Original line Diff line number Diff line Loading @@ -326,6 +326,8 @@ grantable in its full form to apps that meet special criteria grantable in its full form to apps that meet special criteria per platform policy. Otherwise, a weaker form of the permission per platform policy. Otherwise, a weaker form of the permission would be granted. The weak grant depends on the permission. would be granted. The weak grant depends on the permission. <p>What weak grant means is described in the documentation of the permissions. --> --> <flag name="softRestricted" value="0x8" /> <flag name="softRestricted" value="0x8" /> <!-- This permission is restricted immutably which means that its <!-- This permission is restricted immutably which means that its Loading services/core/java/com/android/server/policy/SoftRestrictedPermissionPolicy.java +37 −2 Original line number Original line Diff line number Diff line Loading @@ -91,8 +91,7 @@ public abstract class SoftRestrictedPermissionPolicy { // Storage uses a special app op to decide the mount state and supports soft restriction // Storage uses a special app op to decide the mount state and supports soft restriction // where the restricted state allows the permission but only for accessing the medial // where the restricted state allows the permission but only for accessing the medial // collections. // collections. case READ_EXTERNAL_STORAGE: case READ_EXTERNAL_STORAGE: { case WRITE_EXTERNAL_STORAGE: { final int flags; final int flags; final boolean applyRestriction; final boolean applyRestriction; final boolean isWhiteListed; final boolean isWhiteListed; Loading Loading @@ -148,6 +147,42 @@ public abstract class SoftRestrictedPermissionPolicy { } } }; }; } } case WRITE_EXTERNAL_STORAGE: { final boolean isWhiteListed; final int targetSDK; if (appInfo != null) { final int flags = context.getPackageManager().getPermissionFlags(permission, appInfo.packageName, user); isWhiteListed = (flags & FLAGS_PERMISSION_RESTRICTION_ANY_EXEMPT) != 0; targetSDK = appInfo.targetSdkVersion; } else { isWhiteListed = false; targetSDK = 0; } return new SoftRestrictedPermissionPolicy() { @Override public int resolveAppOp() { return OP_NONE; } @Override public int getDesiredOpMode() { return MODE_DEFAULT; } @Override public boolean shouldSetAppOpIfNotDefault() { return false; } @Override public boolean canBeGranted() { return isWhiteListed || targetSDK >= Build.VERSION_CODES.Q; } }; } default: default: return DUMMY_POLICY; return DUMMY_POLICY; } } Loading Loading
core/res/AndroidManifest.xml +7 −0 Original line number Original line Diff line number Diff line Loading @@ -824,6 +824,11 @@ grants your app this permission. If you don't need this permission, be sure your <a grants your app this permission. If you don't need this permission, be sure your <a href="{@docRoot}guide/topics/manifest/uses-sdk-element.html#target">{@code href="{@docRoot}guide/topics/manifest/uses-sdk-element.html#target">{@code targetSdkVersion}</a> is 4 or higher. targetSdkVersion}</a> is 4 or higher. <p>Is this permission is not whitelisted for an app that targets an API level before {@link android.os.Build.VERSION_CODES#Q} this permission cannot be granted to apps.</p> <p>Is this permission is not whitelisted for an app that targets an API level {@link android.os.Build.VERSION_CODES#Q} or later the app will be forced into isolated storage. </p> --> --> <permission android:name="android.permission.READ_EXTERNAL_STORAGE" <permission android:name="android.permission.READ_EXTERNAL_STORAGE" android:permissionGroup="android.permission-group.UNDEFINED" android:permissionGroup="android.permission-group.UNDEFINED" Loading @@ -845,6 +850,8 @@ read/write files in your application-specific directories returned by read/write files in your application-specific directories returned by {@link android.content.Context#getExternalFilesDir} and {@link android.content.Context#getExternalFilesDir} and {@link android.content.Context#getExternalCacheDir}. {@link android.content.Context#getExternalCacheDir}. <p>Is this permission is not whitelisted for an app that targets an API level before {@link android.os.Build.VERSION_CODES#Q} this permission cannot be granted to apps.</p> --> --> <permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" <permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" android:permissionGroup="android.permission-group.UNDEFINED" android:permissionGroup="android.permission-group.UNDEFINED" Loading
core/res/res/values/attrs_manifest.xml +2 −0 Original line number Original line Diff line number Diff line Loading @@ -326,6 +326,8 @@ grantable in its full form to apps that meet special criteria grantable in its full form to apps that meet special criteria per platform policy. Otherwise, a weaker form of the permission per platform policy. Otherwise, a weaker form of the permission would be granted. The weak grant depends on the permission. would be granted. The weak grant depends on the permission. <p>What weak grant means is described in the documentation of the permissions. --> --> <flag name="softRestricted" value="0x8" /> <flag name="softRestricted" value="0x8" /> <!-- This permission is restricted immutably which means that its <!-- This permission is restricted immutably which means that its Loading
services/core/java/com/android/server/policy/SoftRestrictedPermissionPolicy.java +37 −2 Original line number Original line Diff line number Diff line Loading @@ -91,8 +91,7 @@ public abstract class SoftRestrictedPermissionPolicy { // Storage uses a special app op to decide the mount state and supports soft restriction // Storage uses a special app op to decide the mount state and supports soft restriction // where the restricted state allows the permission but only for accessing the medial // where the restricted state allows the permission but only for accessing the medial // collections. // collections. case READ_EXTERNAL_STORAGE: case READ_EXTERNAL_STORAGE: { case WRITE_EXTERNAL_STORAGE: { final int flags; final int flags; final boolean applyRestriction; final boolean applyRestriction; final boolean isWhiteListed; final boolean isWhiteListed; Loading Loading @@ -148,6 +147,42 @@ public abstract class SoftRestrictedPermissionPolicy { } } }; }; } } case WRITE_EXTERNAL_STORAGE: { final boolean isWhiteListed; final int targetSDK; if (appInfo != null) { final int flags = context.getPackageManager().getPermissionFlags(permission, appInfo.packageName, user); isWhiteListed = (flags & FLAGS_PERMISSION_RESTRICTION_ANY_EXEMPT) != 0; targetSDK = appInfo.targetSdkVersion; } else { isWhiteListed = false; targetSDK = 0; } return new SoftRestrictedPermissionPolicy() { @Override public int resolveAppOp() { return OP_NONE; } @Override public int getDesiredOpMode() { return MODE_DEFAULT; } @Override public boolean shouldSetAppOpIfNotDefault() { return false; } @Override public boolean canBeGranted() { return isWhiteListed || targetSDK >= Build.VERSION_CODES.Q; } }; } default: default: return DUMMY_POLICY; return DUMMY_POLICY; } } Loading
