Add fingerprint permission [1/2] (e3a1be71) · Commits · e / os / android_frameworks_base

core/res/AndroidManifest.xml

+7 −0

Original line number	Diff line number	Diff line
		@@ -3066,6 +3066,13 @@
		android:description="@string/permdesc_accessTorchService"
		android:protectionLevel="signature" />

		<!-- Allows an application to access Fingerprint Service
		@hide -->
		<permission android:name="android.permission.ACCESS_FINGERPRINT_SERVICE"
		android:label="@string/permlab_accessFingerprintService"
		android:description="@string/permdesc_accessFingerprintService"
		android:protectionLevel="system\|signature" />

		<!-- The system process is explicitly the only one allowed to launch the
		confirmation UI for full backup/restore -->
		<uses-permission android:name="android.permission.CONFIRM_FULL_BACKUP"/>

core/res/res/values/cm_strings.xml

+5 −0

Original line number	Diff line number	Diff line
		@@ -343,6 +343,11 @@
		<!-- Storage description for the SD card on the dock -->
		<string name="storage_sd_dock_card">Dock SD card</string>

		<!-- FINGERPRINT -->
		<!-- Default fingerprint name when a new fingerprint is added -->
		<string name="fingerprint_default_name">Fingerprint <xliff:g id="number">%d</xliff:g></string>
		<!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
		<string name="permlab_accessFingerprintService">access fingerprint service</string>
		<!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
		<string name="permdesc_accessFingerprintService">Allows an app to access the fingerprint service. The app can add, delete, rename and authenticate against fingerprints</string>
		</resources>

packages/Keyguard/AndroidManifest.xml

+1 −0

Original line number	Diff line number	Diff line
		@@ -40,6 +40,7 @@
		<uses-permission android:name="android.permission.MEDIA_CONTENT_CONTROL" />
		<uses-permission android:name="android.permission.ACCESS_KEYGUARD_SECURE_STORAGE" />
		<uses-permission android:name="android.permission.TRUST_LISTENER" />
		<uses-permission android:name="android.permission.ACCESS_FINGERPRINT_SERVICE" />

		<application android:label="@string/app_name"
		android:process="com.android.systemui"

services/core/java/com/android/server/fingerprint/FingerprintService.java

+12 −13

Original line number	Diff line number	Diff line
		@@ -16,6 +16,7 @@

		package com.android.server.fingerprint;

		import android.Manifest;
		import android.app.ActivityManager;
		import android.content.Context;
		import android.content.pm.PackageManager;
		@@ -80,9 +81,6 @@ public class FingerprintService extends SystemService {
		private static final int STATE_AUTHENTICATING = 1;
		private static final int STATE_ENROLLING = 2;
		private static final long MS_PER_SEC = 1000;
		public static final String USE_FINGERPRINT = "android.permission.USE_FINGERPRINT";
		public static final String ENROLL_FINGERPRINT = "android.permission.ENROLL_FINGERPRINT";

		private long mHal;

		private static final class ClientData {
		@@ -326,8 +324,9 @@ public class FingerprintService extends SystemService {
		mClients.remove(token);
		}

		void checkPermission(String permisison) {
		// TODO
		void checkPermission() {
		mContext.enforceCallingOrSelfPermission(
		Manifest.permission.ACCESS_FINGERPRINT_SERVICE, null);
		}

		public List<Fingerprint> getEnrolledFingerprints(IBinder token, int userId) {
		@@ -440,52 +439,52 @@ public class FingerprintService extends SystemService {

		@Override // Binder call
		public void authenticate(IBinder token, int userId) {
		checkPermission(USE_FINGERPRINT);
		checkPermission();
		startAuthentication(token, userId);
		}

		@Override // Binder call
		public void enroll(IBinder token, long timeout, int userId) {
		checkPermission(ENROLL_FINGERPRINT);
		checkPermission();
		startEnroll(token, timeout, userId);
		}

		@Override // Binder call
		public void cancel(IBinder token,int userId) {
		checkPermission(USE_FINGERPRINT);
		checkPermission();
		startCancel(token, userId);
		}

		@Override // Binder call
		public void remove(IBinder token, int fingerprintId, int userId) {
		checkPermission(ENROLL_FINGERPRINT); // TODO: Maybe have another permission
		checkPermission();
		startRemove(token, fingerprintId, userId);
		}

		@Override // Binder call
		public void startListening(IBinder token, IFingerprintServiceReceiver receiver, int userId)
		{
		checkPermission(USE_FINGERPRINT);
		checkPermission();
		addListener(token, receiver, userId);
		}

		@Override // Binder call
		public void stopListening(IBinder token, int userId) {
		checkPermission(USE_FINGERPRINT);
		checkPermission();
		removeListener(token, userId);
		}

		@Override // Binder call
		public List<Fingerprint> getEnrolledFingerprints(IBinder token, int userId)
		throws RemoteException {
		checkPermission(USE_FINGERPRINT);
		checkPermission();
		return FingerprintService.this.getEnrolledFingerprints(token, userId);
		}

		@Override
		public boolean setFingerprintName(IBinder token, int fingerprintId, String name, int userId)
		throws RemoteException {
		checkPermission(USE_FINGERPRINT);
		checkPermission();
		return FingerprintService.this.setFingerprintName(token, fingerprintId, name, userId);
		}