Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ebb4cf4b authored by Android Build Merger (Role)'s avatar Android Build Merger (Role) Committed by Android (Google) Code Review
Browse files

Merge "Merge "DPC should not be allowed to grant development permission" into... 

Merge "Merge "DPC should not be allowed to grant development permission" into oc-dev am: 5e4b2b15 am: f1aea743 am: 0b80fb29" into oc-mr1-dev-plus-aosp
parents 957bb655 5750c357

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+15 −0
Original line number Diff line number Diff line
@@ -99,6 +99,7 @@ import android.content.pm.PackageManager; 
import android.content.pm.PackageManager.NameNotFoundException;

import android.content.pm.PackageManagerInternal;

import android.content.pm.ParceledListSlice;

import android.content.pm.PermissionInfo;

import android.content.pm.ResolveInfo;

import android.content.pm.ServiceInfo;

import android.content.pm.StringParceledListSlice;
@@ -152,6 +153,7 @@ import android.telephony.TelephonyManager; 
import android.text.TextUtils;

import android.util.ArrayMap;

import android.util.ArraySet;

import android.util.EventLog;

import android.util.Log;

import android.util.Pair;

import android.util.Slog;
@@ -9590,6 +9592,10 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { 
                        < android.os.Build.VERSION_CODES.M) {

                    return false;

                }

                if (!isRuntimePermission(permission)) {

                    EventLog.writeEvent(0x534e4554, "62623498", user.getIdentifier(), "");

                    return false;

                }

                final PackageManager packageManager = mInjector.getPackageManager();

                switch (grantState) {

                    case DevicePolicyManager.PERMISSION_GRANT_STATE_GRANTED: {
@@ -9616,6 +9622,8 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { 
                return true;

            } catch (SecurityException se) {

                return false;

            } catch (NameNotFoundException e) {

                return false;

            } finally {

                mInjector.binderRestoreCallingIdentity(ident);

            }
@@ -9665,6 +9673,13 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { 
        }

    }



    public boolean isRuntimePermission(String permissionName) throws NameNotFoundException {

        final PackageManager packageManager = mInjector.getPackageManager();

        PermissionInfo permissionInfo = packageManager.getPermissionInfo(permissionName, 0);

        return (permissionInfo.protectionLevel & PermissionInfo.PROTECTION_MASK_BASE)

                == PermissionInfo.PROTECTION_DANGEROUS;

    }



    @Override

    public boolean isProvisioningAllowed(String action, String packageName) {

        Preconditions.checkNotNull(packageName);