Remove SessionParams USE_FULL_SCREEN_INTENT auto grant

import static android.content.pm.PackageInfo.INSTALL_LOCATION_INTERNAL_ONLY;

import static android.content.pm.PackageInfo.INSTALL_LOCATION_PREFER_EXTERNAL;

import static com.android.internal.util.XmlUtils.writeStringAttribute;

import android.Manifest;

import android.annotation.CallbackExecutor;

import android.annotation.CurrentTimeMillisLong;

import android.util.ArrayMap;

import android.util.ArraySet;

import android.util.ExceptionUtils;

import android.util.Log;

import com.android.internal.content.InstallLocationUtils;

import com.android.internal.util.ArrayUtils;

import com.android.internal.util.IndentingPrintWriter;

import com.android.internal.util.Preconditions;

import com.android.internal.util.function.pooled.PooledLambda;

import com.android.modules.utils.TypedXmlSerializer;

import java.io.Closeable;

import java.io.File;

        private final ArrayMap<String, Integer> mPermissionStates;

        /**

         * @see #getFinalPermissionStates()

         */

        private ArrayMap<String, Integer> mFinalPermissionStates;

        /**

         * Construct parameters for a new package install session.

         *

                        + (permissionName == null ? "null" : "empty"));

            }

            if (mFinalPermissionStates != null) {

                Log.wtf(TAG, "Requested permission " + permissionName + " but final permissions"

                        + " were already decided for this session: " + mFinalPermissionStates);

            }

            switch (state) {

                case PERMISSION_STATE_DEFAULT:

                    mPermissionStates.remove(permissionName);

            }

        }

        /**

         * This is only for use by system server. If you need the actual grant state, use

         * {@link #getFinalPermissionStates()}.

         * <p/>

         * This is implemented here to avoid exposing the raw permission sets to external callers,

         * so that enforcement done in the either of the final methods is the single source of truth

         * for default grant/deny policy.

         *

         * @hide

         */

        public void writePermissionStateXml(@NonNull TypedXmlSerializer out,

                @NonNull String grantTag, @NonNull String denyTag, @NonNull String attrName)

                throws IOException {

            for (int index = 0; index < mPermissionStates.size(); index++) {

                var permissionName = mPermissionStates.keyAt(index);

                var state = mPermissionStates.valueAt(index);

                String tag = state == PERMISSION_STATE_GRANTED ? grantTag : denyTag;

                out.startTag(null, tag);

                writeStringAttribute(out, attrName, permissionName);

                out.endTag(null, tag);

            }

        }

        /**

         * Snapshot of final permission states taken when this method is first called, to separate

         * what the caller wanted and the effective state that should be applied to the session.

         *

         * This prevents someone from adding more permissions after the fact.

         *

         * @hide

         */

        /** @hide */

        @NonNull

        public ArrayMap<String, Integer> getFinalPermissionStates() {

            if (mFinalPermissionStates == null) {

                mFinalPermissionStates = new ArrayMap<>(mPermissionStates);

                if (!mFinalPermissionStates.containsKey(

                        Manifest.permission.USE_FULL_SCREEN_INTENT)) {

                    mFinalPermissionStates.put(Manifest.permission.USE_FULL_SCREEN_INTENT,

                            PERMISSION_STATE_GRANTED);

                }

            }

            return mFinalPermissionStates;

        public ArrayMap<String, Integer> getPermissionStates() {

            return mPermissionStates;

        }

        /** @hide */

        mInstallSource = installSource;

        mVolumeUuid = sessionParams.volumeUuid;

        mPackageAbiOverride = sessionParams.abiOverride;

        mPermissionStates = sessionParams.getFinalPermissionStates();

        mPermissionStates = sessionParams.getPermissionStates();

        mAllowlistedRestrictedPermissions = sessionParams.whitelistedRestrictedPermissions;

        mAutoRevokePermissionsMode = sessionParams.autoRevokePermissionsMode;

        mSigningDetails = signingDetails;

                        + " PackageManager.INSTALL_GRANT_ALL_REQUESTED_PERMISSIONS flag");

            }

            var permissionStates = params.getFinalPermissionStates();

            var permissionStates = params.getPermissionStates();

            if (!permissionStates.isEmpty()) {

                if (!hasInstallGrantRuntimePermissions) {

                    for (int index = 0; index < permissionStates.size(); index++) {

    private static void writePermissionsLocked(@NonNull TypedXmlSerializer out,

            @NonNull SessionParams params) throws IOException {

        params.writePermissionStateXml(out, TAG_GRANT_PERMISSION, TAG_DENY_PERMISSION, ATTR_NAME);

        var permissionStates = params.getPermissionStates();

        for (int index = 0; index < permissionStates.size(); index++) {

            var permissionName = permissionStates.keyAt(index);

            var state = permissionStates.valueAt(index);

            String tag = state == SessionParams.PERMISSION_STATE_GRANTED ? TAG_GRANT_PERMISSION

                    : TAG_DENY_PERMISSION;

            out.startTag(null, tag);

            writeStringAttribute(out, ATTR_NAME, permissionName);

            out.endTag(null, tag);

        }

    }

    private static void writeWhitelistedRestrictedPermissionsLocked(@NonNull TypedXmlSerializer out,

 */

package com.android.server.pm

import android.Manifest

import android.content.Context

import android.content.pm.PackageInstaller

import android.content.pm.PackageInstaller.SessionParams

        writeRestoreAssert(sessions).single().params.run {

            assertThat(legacyGrantedRuntimePermissions).asList()

                .containsExactly("grantPermission", "denyToGrantPermission")

            assertThat(finalPermissionStates)

            assertThat(permissionStates)

                .containsExactlyEntriesIn(mapOf(

                    "grantPermission" to PERMISSION_STATE_GRANTED,

                    "denyToGrantPermission" to PERMISSION_STATE_GRANTED,

                    // Fullscreen Intent is auto-granted if the caller has no opinion

                    Manifest.permission.USE_FULL_SCREEN_INTENT to PERMISSION_STATE_GRANTED,

                    "denyPermission" to PERMISSION_STATE_DENIED,

                    "grantToDenyPermission" to PERMISSION_STATE_DENIED,

                ))

        assertThat(expected.referrerUri).isEqualTo(actual.referrerUri)

        assertThat(expected.abiOverride).isEqualTo(actual.abiOverride)

        assertThat(expected.volumeUuid).isEqualTo(actual.volumeUuid)

        assertThat(expected.finalPermissionStates).isEqualTo(actual.finalPermissionStates)

        assertThat(expected.permissionStates).isEqualTo(actual.permissionStates)

        assertThat(expected.installerPackageName).isEqualTo(actual.installerPackageName)

        assertThat(expected.isMultiPackage).isEqualTo(actual.isMultiPackage)

        assertThat(expected.isStaged).isEqualTo(actual.isStaged)