Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e3a1be71 authored by Andy Mast's avatar Andy Mast
Browse files

Add fingerprint permission [1/2]

See frameworks/base and Settings

Change-Id: Id330dea94902e4ed5a4c386143426805ccab0ba4

Conflicts:
	services/core/java/com/android/server/fingerprint/FingerprintService.java
parent 3c342cbb
Loading
Loading
Loading
Loading
+7 −0
Original line number Diff line number Diff line
@@ -3066,6 +3066,13 @@
        android:description="@string/permdesc_accessTorchService"
        android:protectionLevel="signature" />

     <!-- Allows an application to access Fingerprint Service
          @hide -->
     <permission android:name="android.permission.ACCESS_FINGERPRINT_SERVICE"
         android:label="@string/permlab_accessFingerprintService"
         android:description="@string/permdesc_accessFingerprintService"
         android:protectionLevel="system|signature" />

    <!-- The system process is explicitly the only one allowed to launch the
         confirmation UI for full backup/restore -->
    <uses-permission android:name="android.permission.CONFIRM_FULL_BACKUP"/>
+5 −0
Original line number Diff line number Diff line
@@ -343,6 +343,11 @@
    <!-- Storage description for the SD card on the dock -->
    <string name="storage_sd_dock_card">Dock SD card</string>

    <!-- FINGERPRINT -->
    <!-- Default fingerprint name when a new fingerprint is added -->
    <string name="fingerprint_default_name">Fingerprint <xliff:g id="number">%d</xliff:g></string>
    <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
    <string name="permlab_accessFingerprintService">access fingerprint service</string>
    <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
    <string name="permdesc_accessFingerprintService">Allows an app to access the fingerprint service. The app can add, delete, rename and authenticate against fingerprints</string>
</resources>
+1 −0
Original line number Diff line number Diff line
@@ -40,6 +40,7 @@
    <uses-permission android:name="android.permission.MEDIA_CONTENT_CONTROL" />
    <uses-permission android:name="android.permission.ACCESS_KEYGUARD_SECURE_STORAGE" />
    <uses-permission android:name="android.permission.TRUST_LISTENER" />
    <uses-permission android:name="android.permission.ACCESS_FINGERPRINT_SERVICE" />

    <application android:label="@string/app_name"
        android:process="com.android.systemui"
+12 −13
Original line number Diff line number Diff line
@@ -16,6 +16,7 @@

package com.android.server.fingerprint;

import android.Manifest;
import android.app.ActivityManager;
import android.content.Context;
import android.content.pm.PackageManager;
@@ -80,9 +81,6 @@ public class FingerprintService extends SystemService {
    private static final int STATE_AUTHENTICATING = 1;
    private static final int STATE_ENROLLING = 2;
    private static final long MS_PER_SEC = 1000;
    public static final String USE_FINGERPRINT = "android.permission.USE_FINGERPRINT";
    public static final String ENROLL_FINGERPRINT = "android.permission.ENROLL_FINGERPRINT";

    private long mHal;

    private static final class ClientData {
@@ -326,8 +324,9 @@ public class FingerprintService extends SystemService {
        mClients.remove(token);
    }

    void checkPermission(String permisison) {
        // TODO
    void checkPermission() {
        mContext.enforceCallingOrSelfPermission(
                Manifest.permission.ACCESS_FINGERPRINT_SERVICE, null);
    }

    public List<Fingerprint> getEnrolledFingerprints(IBinder token, int userId) {
@@ -440,52 +439,52 @@ public class FingerprintService extends SystemService {

        @Override // Binder call
        public void authenticate(IBinder token, int userId) {
            checkPermission(USE_FINGERPRINT);
            checkPermission();
            startAuthentication(token, userId);
        }

        @Override // Binder call
        public void enroll(IBinder token, long timeout, int userId) {
            checkPermission(ENROLL_FINGERPRINT);
            checkPermission();
            startEnroll(token, timeout, userId);
        }

        @Override // Binder call
        public void cancel(IBinder token,int userId) {
            checkPermission(USE_FINGERPRINT);
            checkPermission();
            startCancel(token, userId);
        }

        @Override // Binder call
        public void remove(IBinder token, int fingerprintId, int userId) {
            checkPermission(ENROLL_FINGERPRINT); // TODO: Maybe have another permission
            checkPermission();
            startRemove(token, fingerprintId, userId);
        }

        @Override // Binder call
        public void startListening(IBinder token, IFingerprintServiceReceiver receiver, int userId)
        {
            checkPermission(USE_FINGERPRINT);
            checkPermission();
            addListener(token, receiver, userId);
        }

        @Override // Binder call
        public void stopListening(IBinder token, int userId) {
            checkPermission(USE_FINGERPRINT);
            checkPermission();
            removeListener(token, userId);
        }

        @Override // Binder call
        public List<Fingerprint> getEnrolledFingerprints(IBinder token, int userId)
                throws RemoteException {
            checkPermission(USE_FINGERPRINT);
            checkPermission();
            return FingerprintService.this.getEnrolledFingerprints(token, userId);
        }

        @Override
        public boolean setFingerprintName(IBinder token, int fingerprintId, String name, int userId)
                throws RemoteException {
            checkPermission(USE_FINGERPRINT);
            checkPermission();
            return FingerprintService.this.setFingerprintName(token, fingerprintId, name, userId);
        }