Loading core/api/system-current.txt +4 −2 Original line number Diff line number Diff line Loading @@ -107,6 +107,7 @@ package android { field public static final String GET_APP_OPS_STATS = "android.permission.GET_APP_OPS_STATS"; field public static final String GET_PROCESS_STATE_AND_OOM_SCORE = "android.permission.GET_PROCESS_STATE_AND_OOM_SCORE"; field public static final String GET_RUNTIME_PERMISSIONS = "android.permission.GET_RUNTIME_PERMISSIONS"; field public static final String GET_RUNTIME_PERMISSION_GROUP_MAPPING = "android.permission.GET_RUNTIME_PERMISSION_GROUP_MAPPING"; field public static final String GET_TOP_ACTIVITY_INFO = "android.permission.GET_TOP_ACTIVITY_INFO"; field @Deprecated public static final String GRANT_PROFILE_OWNER_DEVICE_IDS_ACCESS = "android.permission.GRANT_PROFILE_OWNER_DEVICE_IDS_ACCESS"; field public static final String GRANT_RUNTIME_PERMISSIONS = "android.permission.GRANT_RUNTIME_PERMISSIONS"; Loading Loading @@ -2312,6 +2313,7 @@ package android.content { field public static final String NETD_SERVICE = "netd"; field public static final String NETWORK_SCORE_SERVICE = "network_score"; field public static final String OEM_LOCK_SERVICE = "oem_lock"; field public static final String PERMISSION_CONTROLLER_SERVICE = "permission_controller"; field public static final String PERMISSION_SERVICE = "permission"; field public static final String PERSISTENT_DATA_BLOCK_SERVICE = "persistent_data_block"; field public static final String REBOOT_READINESS_SERVICE = "reboot_readiness"; Loading Loading @@ -8837,8 +8839,8 @@ package android.permission { public final class PermissionControllerManager { method @RequiresPermission(anyOf={android.Manifest.permission.GRANT_RUNTIME_PERMISSIONS, android.Manifest.permission.RESTORE_RUNTIME_PERMISSIONS}) public void applyStagedRuntimePermissionBackup(@NonNull String, @NonNull android.os.UserHandle, @NonNull java.util.concurrent.Executor, @NonNull java.util.function.Consumer<java.lang.Boolean>); method @Nullable public String getGroupOfPlatformPermission(@NonNull String); method @NonNull public java.util.Set<java.lang.String> getPlatformPermissionsForGroup(@NonNull String); method @RequiresPermission(android.Manifest.permission.GET_RUNTIME_PERMISSION_GROUP_MAPPING) public void getGroupOfPlatformPermission(@NonNull String, @NonNull java.util.function.Consumer<java.lang.String>); method @RequiresPermission(android.Manifest.permission.GET_RUNTIME_PERMISSION_GROUP_MAPPING) public void getPlatformPermissionsForGroup(@NonNull String, @NonNull java.util.function.Consumer<java.util.List<java.lang.String>>); method @RequiresPermission(android.Manifest.permission.GET_RUNTIME_PERMISSIONS) public void getRuntimePermissionBackup(@NonNull android.os.UserHandle, @NonNull java.util.concurrent.Executor, @NonNull java.util.function.Consumer<byte[]>); method @RequiresPermission(android.Manifest.permission.REVOKE_RUNTIME_PERMISSIONS) public void revokeRuntimePermissions(@NonNull java.util.Map<java.lang.String,java.util.List<java.lang.String>>, boolean, int, @NonNull java.util.concurrent.Executor, @NonNull android.permission.PermissionControllerManager.OnRevokeRuntimePermissionsCallback); method @RequiresPermission(anyOf={android.Manifest.permission.GRANT_RUNTIME_PERMISSIONS, android.Manifest.permission.RESTORE_RUNTIME_PERMISSIONS}) public void stageAndApplyRuntimePermissionsBackup(@NonNull byte[], @NonNull android.os.UserHandle); core/java/android/content/Context.java +1 −0 Original line number Diff line number Diff line Loading @@ -4814,6 +4814,7 @@ public abstract class Context { * @see #getSystemService(String) * @hide */ @SystemApi public static final String PERMISSION_CONTROLLER_SERVICE = "permission_controller"; /** Loading core/java/android/permission/PermissionControllerManager.java +43 −32 Original line number Diff line number Diff line Loading @@ -45,7 +45,6 @@ import android.os.Handler; import android.os.Process; import android.os.UserHandle; import android.util.ArrayMap; import android.util.ArraySet; import android.util.Log; import android.util.Pair; Loading @@ -67,7 +66,6 @@ import java.util.Collections; import java.util.List; import java.util.Map; import java.util.Objects; import java.util.Set; import java.util.concurrent.Executor; import java.util.concurrent.TimeUnit; import java.util.function.Consumer; Loading Loading @@ -724,44 +722,57 @@ public final class PermissionControllerManager { } /** * Get the platform permissions which belong to a particular permission group * Get the platform permissions which belong to a particular permission group. * * @param permissionGroupName The permission group whose permissions are desired * @return A list of the platform permissions in the group, or empty if the group is not a valid * platform group. * @param callback A callback which will receive a list of the platform permissions in the * group, or empty if the group is not a valid platform group, or there * was an exception. */ public @NonNull Set<String> getPlatformPermissionsForGroup( @NonNull String permissionGroupName) { try { return new ArraySet<>(mRemoteService.postAsync(service -> { @RequiresPermission(Manifest.permission.GET_RUNTIME_PERMISSION_GROUP_MAPPING) public void getPlatformPermissionsForGroup(@NonNull String permissionGroupName, @NonNull Consumer<List<String>> callback) { enforceSomePermissionsGrantedToSelf( Manifest.permission.GET_RUNTIME_PERMISSION_GROUP_MAPPING); mRemoteService.postAsync(service -> { AndroidFuture<List<String>> future = new AndroidFuture<>(); service.getPlatformPermissionsForGroup(permissionGroupName, future); return future; }).get(REQUEST_TIMEOUT_MILLIS, TimeUnit.MILLISECONDS)); } catch (Exception e) { Log.e(TAG, "Failed to get permissions of " + permissionGroupName, e); return null; }).whenComplete((result, err) -> { if (err != null) { Log.e(TAG, "Failed to get permissions of " + permissionGroupName, err); callback.accept(new ArrayList<>()); } else { callback.accept(result); } }); } /** * Get the platform group of a particular permission, if the permission is a platform permission * Get the platform group of a particular permission, if the permission is a platform * permission. * * @param permissionName The permission name whose group is desired * @return The name of the permission group this permission belongs to, or null if it has no * group, or is not a platform permission * @param callback A callback which will receive the name of the permission group this * permission belongs to, or null if it has no group, is not a platform * permission, or there was an exception. */ public @Nullable String getGroupOfPlatformPermission( @NonNull String permissionName) { try { return mRemoteService.postAsync(service -> { @RequiresPermission(Manifest.permission.GET_RUNTIME_PERMISSION_GROUP_MAPPING) public void getGroupOfPlatformPermission(@NonNull String permissionName, @NonNull Consumer<String> callback) { enforceSomePermissionsGrantedToSelf( Manifest.permission.GET_RUNTIME_PERMISSION_GROUP_MAPPING); mRemoteService.postAsync(service -> { AndroidFuture<String> future = new AndroidFuture<>(); service.getGroupOfPlatformPermission(permissionName, future); return future; }).get(REQUEST_TIMEOUT_MILLIS, TimeUnit.MILLISECONDS); } catch (Exception e) { Log.e(TAG, "Failed to get group of " + permissionName, e); return null; }).whenComplete((result, err) -> { if (err != null) { Log.e(TAG, "Failed to get group of " + permissionName, err); callback.accept(null); } else { callback.accept(result); } }); } } core/res/AndroidManifest.xml +5 −0 Original line number Diff line number Diff line Loading @@ -4219,6 +4219,11 @@ <permission android:name="android.permission.GET_RUNTIME_PERMISSIONS" android:protectionLevel="signature" /> <!-- @SystemApi Allows the system to read the mapping between permission and permission group. @hide --> <permission android:name="android.permission.GET_RUNTIME_PERMISSION_GROUP_MAPPING" android:protectionLevel="signature|privileged" /> <!-- @SystemApi Allows the system to restore runtime permission state. This might grant permissions, hence this is a more scoped, less powerful variant of GRANT_RUNTIME_PERMISSIONS. Among other restrictions this cannot override user choices. Loading data/etc/privapp-permissions-platform.xml +1 −0 Original line number Diff line number Diff line Loading @@ -153,6 +153,7 @@ applications that come with the platform <permission name="android.permission.PACKAGE_USAGE_STATS" /> <permission name="android.permission.CHANGE_COMPONENT_ENABLED_STATE" /> <permission name="android.permission.MODIFY_AUDIO_ROUTING" /> <permission name="android.permission.GET_RUNTIME_PERMISSION_GROUP_MAPPING" /> <!-- For permission hub 2 debugging only --> <permission name="android.permission.GET_ACCOUNTS_PRIVILEGED"/> Loading Loading
core/api/system-current.txt +4 −2 Original line number Diff line number Diff line Loading @@ -107,6 +107,7 @@ package android { field public static final String GET_APP_OPS_STATS = "android.permission.GET_APP_OPS_STATS"; field public static final String GET_PROCESS_STATE_AND_OOM_SCORE = "android.permission.GET_PROCESS_STATE_AND_OOM_SCORE"; field public static final String GET_RUNTIME_PERMISSIONS = "android.permission.GET_RUNTIME_PERMISSIONS"; field public static final String GET_RUNTIME_PERMISSION_GROUP_MAPPING = "android.permission.GET_RUNTIME_PERMISSION_GROUP_MAPPING"; field public static final String GET_TOP_ACTIVITY_INFO = "android.permission.GET_TOP_ACTIVITY_INFO"; field @Deprecated public static final String GRANT_PROFILE_OWNER_DEVICE_IDS_ACCESS = "android.permission.GRANT_PROFILE_OWNER_DEVICE_IDS_ACCESS"; field public static final String GRANT_RUNTIME_PERMISSIONS = "android.permission.GRANT_RUNTIME_PERMISSIONS"; Loading Loading @@ -2312,6 +2313,7 @@ package android.content { field public static final String NETD_SERVICE = "netd"; field public static final String NETWORK_SCORE_SERVICE = "network_score"; field public static final String OEM_LOCK_SERVICE = "oem_lock"; field public static final String PERMISSION_CONTROLLER_SERVICE = "permission_controller"; field public static final String PERMISSION_SERVICE = "permission"; field public static final String PERSISTENT_DATA_BLOCK_SERVICE = "persistent_data_block"; field public static final String REBOOT_READINESS_SERVICE = "reboot_readiness"; Loading Loading @@ -8837,8 +8839,8 @@ package android.permission { public final class PermissionControllerManager { method @RequiresPermission(anyOf={android.Manifest.permission.GRANT_RUNTIME_PERMISSIONS, android.Manifest.permission.RESTORE_RUNTIME_PERMISSIONS}) public void applyStagedRuntimePermissionBackup(@NonNull String, @NonNull android.os.UserHandle, @NonNull java.util.concurrent.Executor, @NonNull java.util.function.Consumer<java.lang.Boolean>); method @Nullable public String getGroupOfPlatformPermission(@NonNull String); method @NonNull public java.util.Set<java.lang.String> getPlatformPermissionsForGroup(@NonNull String); method @RequiresPermission(android.Manifest.permission.GET_RUNTIME_PERMISSION_GROUP_MAPPING) public void getGroupOfPlatformPermission(@NonNull String, @NonNull java.util.function.Consumer<java.lang.String>); method @RequiresPermission(android.Manifest.permission.GET_RUNTIME_PERMISSION_GROUP_MAPPING) public void getPlatformPermissionsForGroup(@NonNull String, @NonNull java.util.function.Consumer<java.util.List<java.lang.String>>); method @RequiresPermission(android.Manifest.permission.GET_RUNTIME_PERMISSIONS) public void getRuntimePermissionBackup(@NonNull android.os.UserHandle, @NonNull java.util.concurrent.Executor, @NonNull java.util.function.Consumer<byte[]>); method @RequiresPermission(android.Manifest.permission.REVOKE_RUNTIME_PERMISSIONS) public void revokeRuntimePermissions(@NonNull java.util.Map<java.lang.String,java.util.List<java.lang.String>>, boolean, int, @NonNull java.util.concurrent.Executor, @NonNull android.permission.PermissionControllerManager.OnRevokeRuntimePermissionsCallback); method @RequiresPermission(anyOf={android.Manifest.permission.GRANT_RUNTIME_PERMISSIONS, android.Manifest.permission.RESTORE_RUNTIME_PERMISSIONS}) public void stageAndApplyRuntimePermissionsBackup(@NonNull byte[], @NonNull android.os.UserHandle);
core/java/android/content/Context.java +1 −0 Original line number Diff line number Diff line Loading @@ -4814,6 +4814,7 @@ public abstract class Context { * @see #getSystemService(String) * @hide */ @SystemApi public static final String PERMISSION_CONTROLLER_SERVICE = "permission_controller"; /** Loading
core/java/android/permission/PermissionControllerManager.java +43 −32 Original line number Diff line number Diff line Loading @@ -45,7 +45,6 @@ import android.os.Handler; import android.os.Process; import android.os.UserHandle; import android.util.ArrayMap; import android.util.ArraySet; import android.util.Log; import android.util.Pair; Loading @@ -67,7 +66,6 @@ import java.util.Collections; import java.util.List; import java.util.Map; import java.util.Objects; import java.util.Set; import java.util.concurrent.Executor; import java.util.concurrent.TimeUnit; import java.util.function.Consumer; Loading Loading @@ -724,44 +722,57 @@ public final class PermissionControllerManager { } /** * Get the platform permissions which belong to a particular permission group * Get the platform permissions which belong to a particular permission group. * * @param permissionGroupName The permission group whose permissions are desired * @return A list of the platform permissions in the group, or empty if the group is not a valid * platform group. * @param callback A callback which will receive a list of the platform permissions in the * group, or empty if the group is not a valid platform group, or there * was an exception. */ public @NonNull Set<String> getPlatformPermissionsForGroup( @NonNull String permissionGroupName) { try { return new ArraySet<>(mRemoteService.postAsync(service -> { @RequiresPermission(Manifest.permission.GET_RUNTIME_PERMISSION_GROUP_MAPPING) public void getPlatformPermissionsForGroup(@NonNull String permissionGroupName, @NonNull Consumer<List<String>> callback) { enforceSomePermissionsGrantedToSelf( Manifest.permission.GET_RUNTIME_PERMISSION_GROUP_MAPPING); mRemoteService.postAsync(service -> { AndroidFuture<List<String>> future = new AndroidFuture<>(); service.getPlatformPermissionsForGroup(permissionGroupName, future); return future; }).get(REQUEST_TIMEOUT_MILLIS, TimeUnit.MILLISECONDS)); } catch (Exception e) { Log.e(TAG, "Failed to get permissions of " + permissionGroupName, e); return null; }).whenComplete((result, err) -> { if (err != null) { Log.e(TAG, "Failed to get permissions of " + permissionGroupName, err); callback.accept(new ArrayList<>()); } else { callback.accept(result); } }); } /** * Get the platform group of a particular permission, if the permission is a platform permission * Get the platform group of a particular permission, if the permission is a platform * permission. * * @param permissionName The permission name whose group is desired * @return The name of the permission group this permission belongs to, or null if it has no * group, or is not a platform permission * @param callback A callback which will receive the name of the permission group this * permission belongs to, or null if it has no group, is not a platform * permission, or there was an exception. */ public @Nullable String getGroupOfPlatformPermission( @NonNull String permissionName) { try { return mRemoteService.postAsync(service -> { @RequiresPermission(Manifest.permission.GET_RUNTIME_PERMISSION_GROUP_MAPPING) public void getGroupOfPlatformPermission(@NonNull String permissionName, @NonNull Consumer<String> callback) { enforceSomePermissionsGrantedToSelf( Manifest.permission.GET_RUNTIME_PERMISSION_GROUP_MAPPING); mRemoteService.postAsync(service -> { AndroidFuture<String> future = new AndroidFuture<>(); service.getGroupOfPlatformPermission(permissionName, future); return future; }).get(REQUEST_TIMEOUT_MILLIS, TimeUnit.MILLISECONDS); } catch (Exception e) { Log.e(TAG, "Failed to get group of " + permissionName, e); return null; }).whenComplete((result, err) -> { if (err != null) { Log.e(TAG, "Failed to get group of " + permissionName, err); callback.accept(null); } else { callback.accept(result); } }); } }
core/res/AndroidManifest.xml +5 −0 Original line number Diff line number Diff line Loading @@ -4219,6 +4219,11 @@ <permission android:name="android.permission.GET_RUNTIME_PERMISSIONS" android:protectionLevel="signature" /> <!-- @SystemApi Allows the system to read the mapping between permission and permission group. @hide --> <permission android:name="android.permission.GET_RUNTIME_PERMISSION_GROUP_MAPPING" android:protectionLevel="signature|privileged" /> <!-- @SystemApi Allows the system to restore runtime permission state. This might grant permissions, hence this is a more scoped, less powerful variant of GRANT_RUNTIME_PERMISSIONS. Among other restrictions this cannot override user choices. Loading
data/etc/privapp-permissions-platform.xml +1 −0 Original line number Diff line number Diff line Loading @@ -153,6 +153,7 @@ applications that come with the platform <permission name="android.permission.PACKAGE_USAGE_STATS" /> <permission name="android.permission.CHANGE_COMPONENT_ENABLED_STATE" /> <permission name="android.permission.MODIFY_AUDIO_ROUTING" /> <permission name="android.permission.GET_RUNTIME_PERMISSION_GROUP_MAPPING" /> <!-- For permission hub 2 debugging only --> <permission name="android.permission.GET_ACCOUNTS_PRIVILEGED"/> Loading
