Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit fb6e6e93 authored by Hai Zhang's avatar Hai Zhang
Browse files

Extract getAppIdTargetSdkVersion() in AppIdPermissionPolicy 

Flag: EXEMPT refactor
Test: presubmit
Change-Id: Ie483a1c435bb2e26f2f9ac17c041183ea3fb4cb6
parent 083bbcfe

services/permission/java/com/android/server/permission/access/permission/AppIdPermissionPolicy.kt

+20 −26
Original line number Original line Diff line number Diff line
@@ -230,18 +230,7 @@ class AppIdPermissionPolicy : SchemePolicy() { 
        }

        }

        val isSoftRestricted =

        val isSoftRestricted =

            if (permission.isSoftRestricted && !isExempt) {

            if (permission.isSoftRestricted && !isExempt) {

                val targetSdkVersion =

                val targetSdkVersion = getAppIdTargetSdkVersion(appId, permissionName)

                    reducePackageInAppId(appId, Build.VERSION_CODES.CUR_DEVELOPMENT) {

                        targetSdkVersion,

                        packageState ->

                        if (permissionName in packageState.androidPackage!!.requestedPermissions) {

                            targetSdkVersion.coerceAtMost(

                                packageState.androidPackage!!.targetSdkVersion

                            )

                        } else {

                            targetSdkVersion

                        }

                    }

                !anyPackageInAppId(appId) {

                !anyPackageInAppId(appId) {

                    permissionName in it.androidPackage!!.requestedPermissions &&

                    permissionName in it.androidPackage!!.requestedPermissions &&

                        isSoftRestrictedPermissionExemptForPackage(

                        isSoftRestrictedPermissionExemptForPackage(
@@ -718,18 +707,8 @@ class AppIdPermissionPolicy : SchemePolicy() { 




        // If the app is updated, and has scoped storage permissions, then it is possible that the

        // If the app is updated, and has scoped storage permissions, then it is possible that the

        // app updated in an attempt to get unscoped storage. If so, revoke all storage permissions.

        // app updated in an attempt to get unscoped storage. If so, revoke all storage permissions.

        val oldTargetSdkVersion =

        val oldTargetSdkVersion = getAppIdTargetSdkVersion(appId, null, oldState)

            reducePackageInAppId(appId, Build.VERSION_CODES.CUR_DEVELOPMENT, oldState) {

        val newTargetSdkVersion = getAppIdTargetSdkVersion(appId, null, newState)

                targetSdkVersion,

                packageState ->

                targetSdkVersion.coerceAtMost(packageState.androidPackage!!.targetSdkVersion)

            }

        val newTargetSdkVersion =

            reducePackageInAppId(appId, Build.VERSION_CODES.CUR_DEVELOPMENT, newState) {

                targetSdkVersion,

                packageState ->

                targetSdkVersion.coerceAtMost(packageState.androidPackage!!.targetSdkVersion)

            }

        @Suppress("ConvertTwoComparisonsToRangeCheck")

        @Suppress("ConvertTwoComparisonsToRangeCheck")

        val isTargetSdkVersionDowngraded =

        val isTargetSdkVersionDowngraded =

            oldTargetSdkVersion >= Build.VERSION_CODES.Q &&

            oldTargetSdkVersion >= Build.VERSION_CODES.Q &&
@@ -1115,10 +1094,9 @@ class AppIdPermissionPolicy : SchemePolicy() { 
    }

    }





    private fun MutateStateScope.inheritImplicitPermissionStates(appId: Int, userId: Int) {

    private fun MutateStateScope.inheritImplicitPermissionStates(appId: Int, userId: Int) {

        var targetSdkVersion = Build.VERSION_CODES.CUR_DEVELOPMENT

        val targetSdkVersion = getAppIdTargetSdkVersion(appId, null)

        val implicitPermissions = MutableIndexedSet<String>()

        val implicitPermissions = MutableIndexedSet<String>()

        forEachPackageInAppId(appId) {

        forEachPackageInAppId(appId) {

            targetSdkVersion = targetSdkVersion.coerceAtMost(it.androidPackage!!.targetSdkVersion)

            implicitPermissions += it.androidPackage!!.implicitPermissions

            implicitPermissions += it.androidPackage!!.implicitPermissions

        }

        }

        implicitPermissions.forEachIndexed implicitPermissions@{ _, implicitPermissionName ->

        implicitPermissions.forEachIndexed implicitPermissions@{ _, implicitPermissionName ->
@@ -1418,6 +1396,22 @@ class AppIdPermissionPolicy : SchemePolicy() { 
            else -> false

            else -> false

        }

        }





    private fun MutateStateScope.getAppIdTargetSdkVersion(

        appId: Int,

        permissionName: String?,

        state: AccessState = newState

    ): Int =

        reducePackageInAppId(appId, Build.VERSION_CODES.CUR_DEVELOPMENT, state) {

            targetSdkVersion,

            packageState ->

            val androidPackage = packageState.androidPackage!!

            if (permissionName == null || permissionName in androidPackage.requestedPermissions) {

                targetSdkVersion.coerceAtMost(androidPackage.targetSdkVersion)

            } else {

                targetSdkVersion

            }

        }



    private inline fun MutateStateScope.anyPackageInAppId(

    private inline fun MutateStateScope.anyPackageInAppId(

        appId: Int,

        appId: Int,

        state: AccessState = newState,

        state: AccessState = newState,