Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e0ae1275 authored by Nate Myren's avatar Nate Myren
Browse files

Add conditional permission check annotation to checkPermission methods 

Per API council feedback, reflect that the first app in an
AttributionSource chain must have UPDATE_APP_OPS_STATS to do a trusted
blame

Fixes: 222094627
Test: build
Change-Id: I63513ca70ddebe0fd5a05d4414f88985bc3fcad4
parent fe6bf418

core/api/system-current.txt

+3 −3
Original line number Diff line number Diff line
@@ -10084,10 +10084,10 @@ package android.permission { 














  public final class PermissionManager {















    method public int checkDeviceIdentifierAccess(@Nullable String, @Nullable String, @Nullable String, int, int);













    method public int checkPermissionForDataDelivery(@NonNull String, @NonNull android.content.AttributionSource, @Nullable String);













    method public int checkPermissionForDataDeliveryFromDataSource(@NonNull String, @NonNull android.content.AttributionSource, @Nullable String);













    method @RequiresPermission(value=android.Manifest.permission.UPDATE_APP_OPS_STATS, conditional=true) public int checkPermissionForDataDelivery(@NonNull String, @NonNull android.content.AttributionSource, @Nullable String);













    method @RequiresPermission(value=android.Manifest.permission.UPDATE_APP_OPS_STATS, conditional=true) public int checkPermissionForDataDeliveryFromDataSource(@NonNull String, @NonNull android.content.AttributionSource, @Nullable String);















    method public int checkPermissionForPreflight(@NonNull String, @NonNull android.content.AttributionSource);













    method public int checkPermissionForStartDataDelivery(@NonNull String, @NonNull android.content.AttributionSource, @Nullable String);













    method @RequiresPermission(value=android.Manifest.permission.UPDATE_APP_OPS_STATS, conditional=true) public int checkPermissionForStartDataDelivery(@NonNull String, @NonNull android.content.AttributionSource, @Nullable String);















    method public void finishDataDelivery(@NonNull String, @NonNull android.content.AttributionSource);















    method @NonNull @RequiresPermission(android.Manifest.permission.ADJUST_RUNTIME_PERMISSIONS_POLICY) public java.util.Set<java.lang.String> getAutoRevokeExemptionGrantedPackages();















    method @NonNull @RequiresPermission(android.Manifest.permission.ADJUST_RUNTIME_PERMISSIONS_POLICY) public java.util.Set<java.lang.String> getAutoRevokeExemptionRequestedPackages();

























core/java/android/permission/PermissionManager.java



+15
−0




























Original line number
Diff line number
Diff line








@@ -250,6 +250,10 @@ public final class PermissionManager {













     * will evaluate the permission access based on the current fg/bg state of the app and















     * leave a record that the data was accessed.















     *













     * <p>Requires the start of the AttributionSource chain to have the UPDATE_APP_OPS_STATS













     * permission for the app op accesses to be given the TRUSTED_PROXY/PROXIED flags, otherwise the













     * accesses will have the UNTRUSTED flags.













     *















     * @param permission The permission to check.















     * @param attributionSource the permission identity















     * @param message A message describing the reason the permission was checked









@@ -259,6 +263,7 @@ public final class PermissionManager {













     * @see #checkPermissionForPreflight(String, AttributionSource)















     */















    @PermissionCheckerManager.PermissionResult













    @RequiresPermission(value = Manifest.permission.UPDATE_APP_OPS_STATS, conditional = true)















    public int checkPermissionForDataDelivery(@NonNull String permission,















            @NonNull AttributionSource attributionSource, @Nullable String message) {















        return PermissionChecker.checkPermissionForDataDelivery(mContext, permission,









@@ -278,9 +283,14 @@ public final class PermissionManager {













     * @return The permission check result which is either {@link #PERMISSION_GRANTED}















     *     or {@link #PERMISSION_SOFT_DENIED} or {@link #PERMISSION_HARD_DENIED}.















     *













     * <p>Requires the start of the AttributionSource chain to have the UPDATE_APP_OPS_STATS













     * permission for the app op accesses to be given the TRUSTED_PROXY/PROXIED flags, otherwise the













     * accesses will have the UNTRUSTED flags.













     *















     * @see #checkPermissionForDataDelivery(String, AttributionSource, String)















     */















    @PermissionCheckerManager.PermissionResult













    @RequiresPermission(value = Manifest.permission.UPDATE_APP_OPS_STATS, conditional = true)















    public int checkPermissionForStartDataDelivery(@NonNull String permission,















            @NonNull AttributionSource attributionSource, @Nullable String message) {















        return PermissionChecker.checkPermissionForDataDelivery(mContext, permission,










@@ -320,6 +330,10 @@ public final class PermissionManager {













     * will evaluate the permission access based on the current fg/bg state of the app and















     * leave a record that the data was accessed.















     *













     * <p>Requires the start of the AttributionSource chain to have the UPDATE_APP_OPS_STATS













     * permission for the app op accesses to be given the TRUSTED_PROXY/PROXIED flags, otherwise the













     * accesses will have the UNTRUSTED flags.













     *















     * @param permission The permission to check.















     * @param attributionSource the permission identity















     * @param message A message describing the reason the permission was checked









@@ -329,6 +343,7 @@ public final class PermissionManager {













     * @see #checkPermissionForPreflight(String, AttributionSource)















     */















    @PermissionCheckerManager.PermissionResult













    @RequiresPermission(value = Manifest.permission.UPDATE_APP_OPS_STATS, conditional = true)















    public int checkPermissionForDataDeliveryFromDataSource(@NonNull String permission,















            @NonNull AttributionSource attributionSource, @Nullable String message) {















        return PermissionChecker.checkPermissionForDataDeliveryFromDataSource(mContext, permission,