Commit a604f39c authored by Steve Kondik's avatar Steve Kondik Committed by Michael Bestas

appops: Privacy Guard for O

Squashed commit of all PG-related features including superuser

   Authors:
   - Sam Mortimer
   - Danesh Mondegarian
   - Jorge Ruesga
   - Diogo Ferreira
   - Roman Birg
   - Adnan Begovic
   - Chirayu Desai
   - Lars Greiss
   - Steve Kondik
   - CodeAurora

Pulled together from:

Author: Danesh M <daneshm90@gmail.com>
Date:   Thu Sep 5 19:23:15 2013 -0700

    Privacy Guard : Reimplement backed by AppOps

    Re-implements privacy guard to use appops.

    Change-Id: I2b52e8cf0d6e126fb156f83df885b5551503cd9d

Author: Shashank Mittal <mittals@codeaurora.org>
Date:   Fri Aug 16 01:09:28 2013 -0700

    AppOpsService: Add MODE_ASK support to AppOps.

    Add support for new mode(MODE_ASK) in AppOpsService to show a permission
    dialog box to user to confirm user permission before allowing or ignoring
    that operation.

    All strict operations (defined in AppOpsManager) are going to be in
    MODE_ASK by default.

    Operations will be moved to MODE_ALLOWED or MODE_IGNORED according to
    user's choice.

    Change-Id: I1314125a2b8be558e422e4a9eea0ff066c21bf94

Author: Shashank Mittal <mittals@codeaurora.org>
Date:   Tue Sep 3 19:23:10 2013 -0700

    wifi: Confirm user permission before toggling wifi.

    Check user permissions before enabling/disabling wifi.

    Change-Id: I1ddae6e47f42b6d3fc831c2c135ece75cf9e935d

Author: Shashank Mittal <mittals@codeaurora.org>
Date:   Thu Sep 5 17:24:44 2013 -0700

    AppOps: Add Bluetooth enable control into AppOps

    Check user permission before enabling bluetooth.

    Change-Id: Iefa4ea3319b33b2639beaf38d261d83649bbcf85

Author: Sam Mortimer <sam@mortimer.me.uk>
Date:   Wed Oct 2 22:06:42 2013 -0700

    [2/2] AppOps: Add per Op allowed and ignored counters

    Change-Id: Ifb3d25e17dbab082b816a0a655b4796a83af336b

Author: Sam Mortimer <sam@mortimer.me.uk>
Date:   Sun Oct 20 23:48:00 2013 -0700

    AppOps: track op persistence by name instead of id

    On XML write, include the op name.  On XML read, map
    the name back to op id (if it exists).

    Persistent AppOp state now follows the op name instead
    numeric id.  This allows upgrades between versions of
    android that have different code<>name mappings.

    Change-Id: Iffc02095b6838a34ff999f8db51c2c6739dd0db8

Author: Jorge Ruesga <jorge@ruesga.com>
Date:   Sat Jan 4 01:34:39 2014 +0100

    privacyguard: Share privacy package name between activity stacks

    AOSP 4.4 now has a stack supervisor with differents activity stacks for home and focus activities.
    Every ActivityStack instance has a ref to this supervisor. Just share the privacy guard package name
    throught the supervisor.

    JIRA: CYAN-2874
    Issue: https://jira.cyanogenmod.org/browse/CYAN-2874

Author: Steve Kondik <shade@chemlab.org>
Date:   Sun Feb 23 19:23:31 2014 +0100

    Use MODE_ASK as the default ops mode in Privacy Guard

    * Prompting the user is far more useful as a default behavior. The
      choice will be remembered after the first request.

Author: Steve Kondik <shade@chemlab.org>
Date:   Tue Feb 25 13:11:12 2014 +0100

    Relocate and cleanup new app ops features and PGify it

Author: Shashank Mittal <mittals@codeaurora.org>
Date:   Wed Dec 4 12:32:12 2013 -0800

    [2/2] Framework AppOps: Add BOOT_COMPLETED operation.

    Add BOOT_COMPLETED operation in AppOps.

    This operation is used to allow user to control auto start of
    applications and services at bootup.

    Change-Id: Ie8488ec1b4683c8617ca569cfc858709f0d35ba2

Author: Sam Mortimer <sam@mortimer.me.uk>
Date:   Mon Dec 8 13:51:02 2014 -0800

    Frameworks: Redirect appops strings to string references

    adapted to reflect new permission indices and codes

    Change-Id: Iba9a45838ee8eb7f5cb6ec6d29776574c86e84b6

Author: Kun Liang <kunliang@codeaurora.org>
Date:   Thu May 15 14:52:15 2014 +0800

    AppOps: Add nfc enable control into AppOps

    Check user permission before enabling nfc.

    Change-Id: Ia84e33c299e4fdecfd66ee933d9e7d37ed29c340

Author: Shashank Mittal <mittals@codeaurora.org>
Date:   Wed Jul 16 17:31:22 2014 -0700

    AppOps: Add support for AppOps policy file

    Add support to read AppOps policy file.
    AppOps policy file can be used to configure Ops default policy.

    Change-Id: Idb4e3501ff9f58e491b06e74152342aa9574afbf

Author: Kun Liang <kunliang@codeaurora.org>
Date:   Thu Dec 11 12:57:33 2014 +0800

    AppOps: fix deadlock issue when showing dialog

    WindowManagerService need call PowerManagerService to release
    wakelock. The Notifier in PowerManagerService need call AppOpsService
    to notify holding wakelock ops is finished.  Meanwhile, AppOpsService
    may need call WindowManagerService to show dialog. This scenario
    will lead to deadlock issue.
    To move showing dialog action out of lock section to fix this issue.
    Since only UI work is moved out of lock area, it is supposed to be
    safe.

    Change-Id: I3f2bf4b9c9d81914cfd3c0fc3fc76d0b4a06a1f6
    CRs-fixed: 786466

Author: Diogo Ferreira <defer@cyngn.com>
Date:   Mon Dec 15 12:07:42 2014 +0000

    appops: Add support for SU

    This patch adds support for superuser app-ops control. The end-goal
    is to better prepare superuser for the multi-user experience while
    also replacing the superuser app with existing components.

    Change-Id: I52acf98a39f18f12a23f4f902a39ae3f7c5b4895

Author: Diogo Ferreira <defer@cyngn.com>
Date:   Wed Dec 17 17:16:16 2014 +0000

    su: Add an indicator when a 'su' session is active

    This adds an indicator to the statusbar that is visible whenever a root
    session is active, akin to the fine location icon.

    Change-Id: I669fcc87e2b7a3201308170d7727ec5fb0e00e2b

Author: Diogo Ferreira <defer@cyngn.com>
Date:   Wed Jan 14 08:44:03 2015 +0000

    appops: Disassociate appops requests from notification broadcasts

    The AppOpsService is essentially a manager for a set of counters
    and permissions. Each operation request has the potential to change
    the state and, as such, access to such state is synchronized.

    We are whitnessing deadlocks caused by the broadcast and, in fact,
    while we want to notify superuser changes eventually, it does not
    have to be synchronous with the app ops request. This patch uses the
    request to schedule the notification on a handler, leaving the locking
    semantics of appops intact.

    Change-Id: I94f6dd2c66b9492f95d3c9ffb438b3e6417007d7

Author: Lars Greiss <kufikugel@googlemail.com>
Date:   Sat Apr 25 03:01:35 2015 +0300

    Launch app privacy settings when tapping on PG notification (1/2)

    Based on https://github.com/SlimRoms/frameworks_base/commit/97ccae06cd0ad1aa366c3a70e8e744277c409b06

    JIRA: CYAN-6077
    Change-Id: I8632e8c944c1d5d7ad2fb2a2276bae5fe2d4a0a0

Author: Roman Birg <roman@cyngn.com>
Date:   Tue Oct 27 11:52:53 2015 -0700

    AppOps: fix wifi scan op

    There's no direct permission tied to it and fix the op-to-switch entry.

    Change-Id: I661ef6707ba50adb371e3223a91880c4838df669
Signed-off-by: 's avatarRoman Birg <roman@cyngn.com>

Author: Roman Birg <roman@cyngn.com>
Date:   Tue Oct 27 13:44:57 2015 -0700

    AppOps: add a default constructor

    Change-Id: I4229a65c362fe4915e62684e5ebc209525c9f9d3
Signed-off-by: 's avatarRoman Birg <roman@cyngn.com>

Author: Roman Birg <roman@cyngn.com>
Date:   Thu Oct 29 12:59:14 2015 -0700

    add missing app ops to string array

    Also added op codes to prevent further mismatches.

    Change-Id: I6e20cc5bcabe6a3216cec47d984768bf12cf4311
Signed-off-by: 's avatarRoman Birg <roman@cyngn.com>

Author: Roman Birg <roman@cyngn.com>
Date:   Mon Nov 2 09:50:47 2015 -0800

    AppOps: relax some system appops for systemui

    Grant wifi, bt, boot_complete, nfc, and data changes for systemui.

    Also remove the bluetooth permission tied to the bluetooth_change op -
    it is not always directly tied to BLUETOOTH or BLUETOOTH_ADMIN, so we
    can't force one there.

    Change-Id: Ib042dc34b0763b2d84a57baa71dc9fa995724d64
Signed-off-by: 's avatarRoman Birg <roman@cyngn.com>

Author: Chirayu Desai <cdesai@cyanogenmod.org>
Date:   Mon Dec 7 14:10:44 2015 -0800

    Allow disabling the privacy guard notification - port from cm-12.1 (2/3)

    Change-Id: Iab0288f50685220c8be0c11ea5075f91ec1bbe32

Author: Michael Bestas <mikeioannina@gmail.com>
Date:   Sun Jan 3 04:36:26 2016 +0200

    Revert "AppOps: add a default constructor"

    * Not needed after http://review.cyanogenmod.org/126381

    This reverts commit 19e0ce07.

    Change-Id: I12bfe4f7d119627a3fe08d01e8ae5b065b0f709a

Author: Gabriele M <moto.falcon.git@gmail.com>
Date:   Wed Jan 6 18:27:32 2016 +0100

    Align checkbox and description in permission confirmation dialog

    Change-Id: I9a9ab3a3f59e3d56fc774174ba37d9e191698fe5

Author: Adnan Begovic <adnan@cyngn.com>
Date:   Mon May 23 16:06:10 2016 -0700

    appops: Implement concept of delayedcount.

     High frequency request ops will be delayed until their ignore count
     ceiling is met. This is to mitigate the overloading the main activity
     manager service handler and having watchdog kill our service.

     Google play services likes to share its uid with numerous packages to avoid
     having to grant permissions from the users perspective and thus is the worst
     example of overloading this queue -- so, to not encourage bad behavior,
     we move them to the back of the line. NOTE: these values are magic, and may need
     tuning. Ideally we'd want a ringbuffer or token bucket here to do proper rate
     limiting.

    Change-Id: I5c3e88807abc80f9700dd68dcecd87dac4626de7
    TICKET: CYNGNOS-2869

Author: Adnan Begovic <adnan@cyngn.com>
Date:   Tue May 24 18:17:03 2016 -0700

    appops: Respect screen interactivity before creating dialogs.

      If the device's screen is currently off, do not queue ask
      runnables who cannot be interacted with. Since these events
      are gating mechanisms for closing an IPC loop, they need to
      happen when the user is interacting with the device.

      Likewise, on screen off, clear the queue of every op as they
      become unnecessary.

    Change-Id: Ie930d200839c9408e882510c6bc3ede37ea889ef
    TICKET: CYNGNOS-2869

Author: Gabriele M <moto.falcon.git@gmail.com>
Date:   Sun Aug 6 13:08:33 2017 +0200

    Change visibility of the Privacy Guard ops set

    Change-Id: Iafcf058f5e2074982bf45f8c82ef8d027b9358f0

Author: Unpublished <unpublished@gmx.net>
Date:   Tue Oct 24 21:09:31 2017 +0200

    We don't want to feel deprecated...

    use official api instead of deprecated internal method that prints an
    error everytime we call it

    Change-Id: Ie00efe5f514ff8db2b82eeade3a588a17af8cfb4

Author: Jane Manchun Wong <jane@wongmjane.com>
Date:   Wed Mar 1 23:37:58 2017 -0500

    Remove Cid from PrivacyGuard's notification icon

    Change-Id: I5dfe6c2d10e9dd1a022e50e02f72151b1b8a520e

Author: Zhao Wei Liew <zhaoweiliew@gmail.com>
Date:   Tue Sep 6 21:33:57 2016 +0800

    core: Import some PG string improvements from CM 13.0

    This commit partially squashes the following commits:

    c682ba59
    core: String improvements from cm-12.1

    7450f849
    String update, change wording from "Mobile" to "Cellular"

    Change-Id: I0616eb06f48813814b4005e9b60358669f69b0c8

Change-Id: I5414dd0be6a81e143f5035e58709ac4258c93616
parent 31fbc981
This diff is collapsed.
/*
* Copyright (C) 2012 The Android Open Source Project
* Copyright (C) 2016 The CyanogenMod Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
......@@ -801,6 +802,18 @@ public class UserManager {
public static final String EXTRA_USER_ACCOUNT_OPTIONS
= "android.os.extra.USER_ACCOUNT_OPTIONS";
/**
* Specifies if the user is not allowed to use SU commands.
* The default value is <code>false</code>.
*
* <p/>Key for user restrictions.
* <p/>Type: Boolean
* @see #setUserRestrictions(Bundle)
* @see #getUserRestrictions()
* @hide
*/
public static final String DISALLOW_SU = "no_su";
/** @hide */
public static final int PIN_VERIFICATION_FAILED_INCORRECT = -3;
/** @hide */
......
......@@ -812,6 +812,19 @@ public final class Settings {
public static final String ACTION_IGNORE_BACKGROUND_DATA_RESTRICTIONS_SETTINGS =
"android.settings.IGNORE_BACKGROUND_DATA_RESTRICTIONS_SETTINGS";
/**
* @hide
* Activity Action: Show the "app ops" details screen.
* <p>
* Input: The Intent's data URI specifies the application package name
* to be shown, with the "package" scheme. That is "package:com.my.app".
* <p>
* Output: Nothing.
*/
@SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION)
public static final String ACTION_APP_OPS_DETAILS_SETTINGS =
"android.settings.APP_OPS_DETAILS_SETTINGS";
/**
* @hide
* Activity Action: Show the "app ops" settings screen.
......
......@@ -50,4 +50,13 @@ interface IAppOpsService {
void removeUser(int userHandle);
boolean isOperationActive(int code, int uid, String packageName);
boolean isControlAllowed(int code, String packageName);
// Privacy guard methods
boolean getPrivacyGuardSettingForPackage(int uid, String packageName);
void setPrivacyGuardSettingForPackage(int uid, String packageName, boolean state);
// AppOps accounting
void resetCounters();
}
......@@ -32,4 +32,6 @@
<protected-broadcast
android:name="com.android.server.policy.PhoneWindowManager.ACTION_TORCH_OFF" />
<!-- Used to notify when SU is used. -->
<protected-broadcast android:name="android.intent.action.SU_SESSION_CHANGED" />
</manifest>
<?xml version="1.0" encoding="utf-8"?>
<vector xmlns:android="http://schemas.android.com/apk/res/android"
android:width="26dp"
android:height="24dp"
android:viewportWidth="26"
android:viewportHeight="24">
<path
android:pathData="M21.539,8.978c-0.132,2.629-0.803,5.264-2.162,7.534 c-1.186,1.991-2.889,3.675-4.905,4.82c-0.459,0.259-0.932,0.494-1.427,0.676c-0.061,0.029-0.122-0.014-0.18-0.032 c-1.047-0.415-2.019-1.006-2.909-1.693c-1.807-1.397-3.239-3.263-4.151-5.356c-0.725-1.651-1.137-3.429-1.297-5.222 C4.33,7.77,4.442,5.816,4.73,3.896c0.601,0.053,1.207,0.031,1.807-0.017c1.309-0.115,2.596-0.41,3.849-0.799 c0.888-0.283,1.766-0.604,2.611-0.999c1.13,0.523,2.311,0.935,3.512,1.26c1.549,0.412,3.157,0.666,4.763,0.562 c0.116,0.846,0.216,1.695,0.261,2.548c0.002,0.241,0.042,0.481,0.037,0.723C21.574,7.776,21.594,8.379,21.539,8.978z"
android:fillColor="#FFFFFFFF" />
</vector>
<?xml version="1.0" encoding="utf-8"?>
<!--
/*
** Copyright (c) 2013, The Linux Foundation. All rights reserved.
** Not a Contribution.
**
** Copyright 2012 The Android Open Source Project
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
-->
<LinearLayout
xmlns:android="http://schemas.android.com/apk/res/android"
android:id="@+id/parentPanel"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:layout_marginLeft="8dip"
android:layout_marginRight="8dip"
android:orientation="vertical">
<TextView android:id="@+id/permission_text"
style="?android:attr/textAppearanceMedium"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:paddingLeft="20dip"
android:paddingRight="20dip"
android:paddingTop="16dip"
android:paddingBottom="16dip" />
<TableLayout android:id="@+id/permission_remember_layout"
android:shrinkColumns="1"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:gravity="center_vertical"
android:paddingLeft="16dip"
android:paddingRight="16dip">
<TableRow
android:layout_width="wrap_content"
android:layout_height="wrap_content" >
<RelativeLayout android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:paddingLeft="8dip" >
<CheckBox android:id="@+id/permission_remember_choice_checkbox"
android:layout_width="wrap_content"
android:layout_height="wrap_content" />
</RelativeLayout>
<TextView android:id="@+id/permission_remember_choice_text"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:text="@string/permission_remember_choice" />
</TableRow>
</TableLayout>
</LinearLayout>
......@@ -30,4 +30,90 @@
<!-- Notify user that they are in Lock-to-app (for devices without navbar) -->
<string name="lock_to_app_toast_no_navbar">To unpin this screen, touch and hold the Back button.</string>
<!-- Privacy Guard -->
<string name="permlab_changePrivacyGuardState">enable or disable Privacy Guard</string>
<string name="permdesc_changePrivacyGuardState">Allows the app to change whether another app runs with Privacy Guard. When an app is running with Privacy Guard, it will not have access to personal data such as contacts, call logs, or messages.</string>
<string name="privacy_guard_notification">Privacy Guard active</string>
<string name="privacy_guard_notification_detail"><xliff:g id="app">%1$s</xliff:g> will not be able to access personal data</string>
<string name="privacy_guard_dialog_title">Privacy Guard</string>
<string name="privacy_guard_dialog_summary"><xliff:g id="app">%1$s</xliff:g> would like to <xliff:g id="op">%2$s</xliff:g>.</string>
<!-- Text of the checkbox for the permission confirmation dialog to remember the user's choice. [CHAR LIMIT=40] -->
<string name="permission_remember_choice">Remember my choice</string>
<!-- App ops requests -->
<string name="app_ops_access_camera">access the camera</string>
<string name="app_ops_access_location">access your location</string>
<string name="app_ops_access_notifications">read your notifications</string>
<string name="app_ops_activate_vpn">activate a VPN</string>
<string name="app_ops_add_voicemail">add a voicemail</string>
<string name="app_ops_app_start_foreground">start instant app in foreground</string>
<string name="app_ops_assist_screenshot">take a screenshot</string>
<string name="app_ops_assist_structure">use assist structure</string>
<string name="app_ops_audio_accessibility_volume">audio accessibility volume</string>
<string name="app_ops_auto_start">start at power up</string>
<string name="app_ops_change_wallpaper">change the wallpaper</string>
<string name="app_ops_delete_call_log">delete your call log</string>
<string name="app_ops_delete_contacts">delete your contacts</string>
<string name="app_ops_delete_mms">delete your MMS messages</string>
<string name="app_ops_delete_sms">delete your SMS messages</string>
<string name="app_ops_draw_on_top">draw windows on top</string>
<string name="app_ops_get_accounts">get device accounts</string>
<string name="app_ops_get_usage_stats">get app usage stats</string>
<string name="app_ops_install_packages">install packages</string>
<string name="app_ops_keep_device_awake">keep your device awake</string>
<string name="app_ops_make_phone_call">make a phone call</string>
<string name="app_ops_mock_location">mock your location</string>
<string name="app_ops_modify_calendar">update your calendar</string>
<string name="app_ops_modify_call_log">update the call log</string>
<string name="app_ops_modify_clipboard">modify the clipboard</string>
<string name="app_ops_modify_contacts">update your contacts</string>
<string name="app_ops_modify_settings">update system settings</string>
<string name="app_ops_mute_unmute_microphone">mute/unmute the microphone</string>
<string name="app_ops_phone_calls">answer phone calls</string>
<string name="app_ops_picture_in_picture">use picture in picture</string>
<string name="app_ops_play_audio">play audio</string>
<string name="app_ops_post_notification">post a notification</string>
<string name="app_ops_project_media">project media</string>
<string name="app_ops_read_calendar">read your calendar</string>
<string name="app_ops_read_call_log">read the call log</string>
<string name="app_ops_read_cell_broadcasts">read cell broadcasts</string>
<string name="app_ops_read_clipboard">read the clipboard</string>
<string name="app_ops_read_contacts">read your contacts</string>
<string name="app_ops_read_external_storage">read external storage</string>
<string name="app_ops_read_mms">read your MMS messages</string>
<string name="app_ops_read_phone_numbers">read phone numbers</string>
<string name="app_ops_read_phone_state">access phone state</string>
<string name="app_ops_read_sms">read your SMS messages</string>
<string name="app_ops_receive_sms">receive an SMS message</string>
<string name="app_ops_record_audio">record audio</string>
<string name="app_ops_run_in_background">run in background</string>
<string name="app_ops_scan_wifi">scan Wi-Fi networks</string>
<string name="app_ops_send_mms">send an MMS message</string>
<string name="app_ops_send_sms">send an SMS message</string>
<string name="app_ops_start_at_bootup">start at power up</string>
<string name="app_ops_su">get root access</string>
<string name="app_ops_toast_window">display toast messages</string>
<string name="app_ops_toggle_bluetooth">toggle Bluetooth</string>
<string name="app_ops_toggle_mobile_data">toggle cellular data</string>
<string name="app_ops_toggle_nfc">toggle NFC</string>
<string name="app_ops_toggle_wifi">toggle Wi-Fi</string>
<string name="app_ops_turn_on_screen">turn the screen on</string>
<string name="app_ops_use_alarm_volume">control alarm volume</string>
<string name="app_ops_use_audio_focus">control the audio focus</string>
<string name="app_ops_use_bluetooth_volume">control the Bluetooth volume</string>
<string name="app_ops_use_body_sensors">use body sensors</string>
<string name="app_ops_use_fingerprint">use fingerprint</string>
<string name="app_ops_use_master_volume">control the master volume</string>
<string name="app_ops_use_media_buttons">use the media buttons</string>
<string name="app_ops_use_media_volume">control the media volume</string>
<string name="app_ops_use_notification_volume">control the notification volume</string>
<string name="app_ops_use_ring_volume">control the ringtone volume</string>
<string name="app_ops_use_vibrate">use haptic feedback</string>
<string name="app_ops_use_voice_volume">control the voice call volume</string>
<string name="app_ops_wifi_change">change Wi-Fi state</string>
<string name="app_ops_write_external_storage">write external storage</string>
<string name="app_ops_write_mms">write an MMS message</string>
<string name="app_ops_write_sms">write an SMS message</string>
</resources>
......@@ -57,6 +57,7 @@
<item><xliff:g id="id">@string/status_bar_alarm_clock</xliff:g></item>
<item><xliff:g id="id">@string/status_bar_secure</xliff:g></item>
<item><xliff:g id="id">@string/status_bar_clock</xliff:g></item>
<item><xliff:g id="id">@string/status_bar_su</xliff:g></item>
</string-array>
<string translatable="false" name="status_bar_rotate">rotate</string>
......@@ -89,6 +90,7 @@
<string translatable="false" name="status_bar_vpn">vpn</string>
<string translatable="false" name="status_bar_ethernet">ethernet</string>
<string translatable="false" name="status_bar_airplane">airplane</string>
<string translatable="false" name="status_bar_su">su</string>
<!-- Flag indicating whether the surface flinger has limited
alpha compositing functionality in hardware. If set, the window
......
<?xml version="1.0" encoding="utf-8"?>
<!--
Copyright (C) 2012-2015 The CyanogenMod Project
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<resources xmlns:xliff="urn:oasis:names:tc:xliff:document:1.2">
<!-- Do not translate. App ops request strings -->
<string-array name="app_ops_labels" translatable="false">
<!-- OP_COARSE_LOCATION -->
<item>@string/app_ops_access_location</item>
<!-- OP_FINE_LOCATION -->
<item>@string/app_ops_access_location</item>
<!-- OP_GPS -->
<item>@string/app_ops_access_location</item>
<!-- OP_VIBRATE -->
<item>@string/app_ops_use_vibrate</item>
<!-- OP_READ_CONTACTS -->
<item>@string/app_ops_read_contacts</item>
<!-- OP_WRITE_CONTACTS -->
<item>@string/app_ops_modify_contacts</item>
<!-- OP_READ_CALL_LOG -->
<item>@string/app_ops_read_call_log</item>
<!-- OP_WRITE_CALL_LOG -->
<item>@string/app_ops_modify_call_log</item>
<!-- OP_READ_CALENDAR -->
<item>@string/app_ops_read_calendar</item>
<!-- OP_WRITE_CALENDAR -->
<item>@string/app_ops_modify_calendar</item>
<!-- OP_WIFI_SCAN -->
<item>@string/app_ops_scan_wifi</item>
<!-- OP_POST_NOTIFICATION -->
<item>@string/app_ops_post_notification</item>
<!-- OP_NEIGHBORING_CELLS -->
<item>@string/app_ops_access_location</item>
<!-- OP_CALL_PHONE -->
<item>@string/app_ops_make_phone_call</item>
<!-- OP_READ_SMS -->
<item>@string/app_ops_read_sms</item>
<!-- OP_WRITE_SMS -->
<item>@string/app_ops_write_sms</item>
'<!-- OP_RECEIVE_SMS -->
<item>@string/app_ops_receive_sms</item>
<!-- OP_RECEIVE_EMERGENCY_SMS -->
<item>@string/app_ops_receive_sms</item>
<!-- OP_RECEIVE_MMS -->
<item>@string/app_ops_receive_sms</item>
<!-- OP_RECEIVE_WAP_PUSH -->
<item>@string/app_ops_receive_sms</item>
<!-- OP_SEND_SMS -->
<item>@string/app_ops_send_sms</item>
<!-- OP_READ_ICC_SMS -->
<item>@string/app_ops_read_sms</item>
<!-- OP_WRITE_ICC_SMS -->
<item>@string/app_ops_write_sms</item>
<!-- OP_WRITE_SETTINGS -->
<item>@string/app_ops_modify_settings</item>
<!-- OP_SYSTEM_ALERT_WINDOW -->
<item>@string/app_ops_draw_on_top</item>
<!-- OP_ACCESS_NOTIFICATIONS -->
<item>@string/app_ops_access_notifications</item>
<!-- OP_CAMERA -->
<item>@string/app_ops_access_camera</item>
<!-- OP_RECORD_AUDIO -->
<item>@string/app_ops_record_audio</item>
<!-- OP_PLAY_AUDIO -->
<item>@string/app_ops_play_audio</item>
<!-- OP_READ_CLIPBOARD -->
<item>@string/app_ops_read_clipboard</item>
<!-- OP_WRITE_CLIPBOARD -->
<item>@string/app_ops_modify_clipboard</item>
<!-- OP_TAKE_MEDIA_BUTTONS -->
<item>@string/app_ops_use_media_buttons</item>
<!-- OP_TAKE_AUDIO_FOCUS -->
<item>@string/app_ops_use_audio_focus</item>
<!-- OP_AUDIO_MASTER_VOLUME -->
<item>@string/app_ops_use_master_volume</item>
<!-- OP_AUDIO_VOICE_VOLUME -->
<item>@string/app_ops_use_voice_volume</item>
<!-- OP_AUDIO_RING_VOLUME -->
<item>@string/app_ops_use_ring_volume</item>
<!-- OP_AUDIO_MEDIA_VOLUME -->
<item>@string/app_ops_use_media_volume</item>
<!-- OP_AUDIO_ALARM_VOLUME -->
<item>@string/app_ops_use_alarm_volume</item>
<!-- OP_AUDIO_NOTIFICATION_VOLUME -->
<item>@string/app_ops_use_notification_volume</item>
<!-- OP_AUDIO_BLUETOOTH_VOLUME -->
<item>@string/app_ops_use_bluetooth_volume</item>
<!-- OP_WAKE_LOCK -->
<item>@string/app_ops_keep_device_awake</item>
<!-- OP_MONITOR_LOCATION -->
<item>@string/app_ops_access_location</item>
<!-- OP_MONITOR_HIGH_POWER_LOCATION -->
<item>@string/app_ops_access_location</item>
<!-- OP_GET_USAGE_STATS -->
<item>@string/app_ops_get_usage_stats</item>
<!-- OP_MUTE_MICROPHONE -->
<item>@string/app_ops_mute_unmute_microphone</item>
<!-- OP_TOAST_WINDOW -->
<item>@string/app_ops_toast_window</item>
<!-- OP_PROJECT_MEDIA -->
<item>@string/app_ops_project_media</item>
<!-- OP_ACTIVATE_VPN -->
<item>@string/app_ops_activate_vpn</item>
<!-- OP_WRITE_WALLPAPER -->
<item>@string/app_ops_change_wallpaper</item>
<!-- OP_ASSIST_STRUCTURE -->
<item>@string/app_ops_assist_structure</item>
<!-- OP_ASSIST_SCREENSHOT -->
<item>@string/app_ops_assist_screenshot</item>
<!-- OP_READ_PHONE_STATE -->
<item>@string/app_ops_read_phone_state</item>
<!-- OP_ADD_VOICEMAIL -->
<item>@string/app_ops_add_voicemail</item>
<!-- OP_USE_SIP -->
<item>@string/app_ops_make_phone_call</item>
<!-- OP_PROCESS_OUTGOING_CALLS -->
<item>@string/app_ops_make_phone_call</item>
<!-- OP_USE_FINGERPRINT -->
<item>@string/app_ops_use_fingerprint</item>
<!-- OP_BODY_SENSORS -->
<item>@string/app_ops_use_body_sensors</item>
<!-- OP_READ_CELL_BROADCASTS -->
<item>@string/app_ops_read_cell_broadcasts</item>
<!-- OP_MOCK_LOCATION -->
<item>@string/app_ops_mock_location</item>
<!-- OP_READ_EXTERNAL_STORAGE -->
<item>@string/app_ops_read_external_storage</item>
<!-- OP_WRITE_EXTERNAL_STORAGE -->
<item>@string/app_ops_write_external_storage</item>
<!-- OP_TURN_SCREEN_ON -->
<item>@string/app_ops_turn_on_screen</item>
<!-- OP_GET_ACCOUNTS -->
<item>@string/app_ops_get_accounts</item>
<!-- OP_RUN_IN_BACKGROUND -->
<item>@string/app_ops_run_in_background</item>
<!-- OP_AUDIO_ACCESSIBILITY_VOLUME -->
<item>@string/app_ops_audio_accessibility_volume</item>
<!-- OP_READ_PHONE_NUMBERS -->
<item>@string/app_ops_read_phone_numbers</item>
<!-- OP_REQUEST_INSTALL_PACKAGES -->
<item>@string/app_ops_install_packages</item>
<!-- OP_PICTURE_IN_PICTURE -->
<item>@string/app_ops_picture_in_picture</item>
<!-- OP_INSTANT_APP_START_FOREGROUND -->
<item>@string/app_ops_app_start_foreground</item>
<!-- OP_ANSWER_PHONE_CALLS -->
<item>@string/app_ops_phone_calls</item>
<!-- OP_CHANGE_WIFI_STATE -->
<item>@string/app_ops_wifi_change</item>
<!-- OP_BLUETOOTH_CHANGE -->
<item>@string/app_ops_toggle_bluetooth</item>
<!-- OP_BOOT_COMPLETED -->
<item>@string/app_ops_start_at_bootup</item>
<!-- OP_NFC_CHANGE -->
<item>@string/app_ops_toggle_nfc</item>
<!-- OP_DATA_CONNECT_CHANGE -->
<item>@string/app_ops_toggle_mobile_data</item>
<!-- OP_SU -->
<item>@string/app_ops_su</item>
</string-array>
</resources>
......@@ -41,4 +41,20 @@
<!-- Button backlight -->
<java-symbol type="integer" name="config_buttonBrightnessSettingDefault" />
<java-symbol type="bool" name="config_deviceHasVariableButtonBrightness" />
<!-- Privacy Guard -->
<java-symbol type="drawable" name="stat_notify_privacy_guard" />
<java-symbol type="string" name="privacy_guard_notification" />
<java-symbol type="string" name="privacy_guard_notification_detail" />
<java-symbol type="string" name="privacy_guard_dialog_title" />
<java-symbol type="string" name="privacy_guard_dialog_summary" />
<java-symbol type="id" name="permission_text" />
<java-symbol type="id" name="permission_remember_layout" />
<java-symbol type="id" name="permission_remember_choice_checkbox" />
<java-symbol type="id" name="permission_remember_choice_text" />
<java-symbol type="string" name="allow" />
<java-symbol type="string" name="deny" />
<java-symbol type="layout" name="permission_confirmation_dialog" />
<java-symbol type="array" name="app_ops_labels" />
<java-symbol type="string" name="status_bar_su" />
</resources>
<?xml version="1.0" encoding="utf-8"?>
<inset xmlns:android="http://schemas.android.com/apk/res/android"
android:insetLeft="2.5dp"
android:insetRight="2.5dp">
<vector
android:width="23dp"
android:height="18dp"
android:viewportWidth="24"
android:viewportHeight="24">
<path
android:fillColor="#FFFFFFFF"
android:pathData="M12.49,15.934h-2.373L9.24,21H6.966l0.89-5.066H5.051v-2.089h3.163l0.63-3.584H5.977V8.148h3.238 l0.902-5.141h2.261l-0.902,5.141h2.373l0.914-5.141h2.261l-0.902,5.141h2.719v2.113h-3.089l-0.63,3.584h2.78v2.089h-3.139L13.874,21 H11.6L12.49,15.934Z M10.488,13.845h2.36l0.63-3.584h-2.373L10.488,13.845z" />
</vector>
</inset>
......@@ -83,6 +83,8 @@ import com.android.systemui.statusbar.policy.RotationLockController;
import com.android.systemui.statusbar.policy.RotationLockControllerImpl;
import com.android.systemui.statusbar.policy.SecurityController;
import com.android.systemui.statusbar.policy.SecurityControllerImpl;
import com.android.systemui.statusbar.policy.SuController;
import com.android.systemui.statusbar.policy.SuControllerImpl;
import com.android.systemui.statusbar.policy.UserInfoController;
import com.android.systemui.statusbar.policy.UserInfoControllerImpl;
import com.android.systemui.statusbar.policy.UserSwitcherController;
......@@ -308,6 +310,8 @@ public class Dependency extends SystemUI {
mProviders.put(IWindowManager.class, () -> WindowManagerGlobal.getWindowManagerService());
mProviders.put(SuController.class,() -> new SuControllerImpl(mContext));
// Put all dependencies above here so the factory can override them if it wants.
SystemUIFactory.getInstance().injectDependencies(mProviders, mContext);
}
......
......@@ -80,6 +80,7 @@ import com.android.systemui.statusbar.policy.LocationController.LocationChangeCa
import com.android.systemui.statusbar.policy.NextAlarmController;
import com.android.systemui.statusbar.policy.RotationLockController;
import com.android.systemui.statusbar.policy.RotationLockController.RotationLockControllerCallback;
import com.android.systemui.statusbar.policy.SuController;
import com.android.systemui.statusbar.policy.UserInfoController;
import com.android.systemui.statusbar.policy.ZenModeController;
import com.android.systemui.util.NotificationChannels;
......@@ -112,6 +113,7 @@ public class PhoneStatusBarPolicy implements Callback, Callbacks,
private final String mSlotHeadset;
private final String mSlotDataSaver;
private final String mSlotLocation;
private final String mSlotSu;
private final Context mContext;
private final Handler mHandler = new Handler();
......@@ -130,6 +132,7 @@ public class PhoneStatusBarPolicy implements Callback, Callbacks,
private final LocationController mLocationController;
private final ArraySet<Pair<String, Integer>> mCurrentNotifs = new ArraySet<>();
private final UiOffloadThread mUiOffloadThread = Dependency.get(UiOffloadThread.class);
private final SuController mSuController;
// Assume it's all good unless we hear otherwise. We don't always seem
// to get broadcasts that it *is* there.
......@@ -161,6 +164,7 @@ public class PhoneStatusBarPolicy implements Callback, Callbacks,
mProvisionedController = Dependency.get(DeviceProvisionedController.class);
mKeyguardMonitor = Dependency.get(KeyguardMonitor.class);
mLocationController = Dependency.get(LocationController.class);
mSuController = Dependency.get(SuController.class);
mSlotCast = context.getString(com.android.internal.R.string.status_bar_cast);
mSlotHotspot = context.getString(com.android.internal.R.string.status_bar_hotspot);
......@@ -175,6 +179,7 @@ public class PhoneStatusBarPolicy implements Callback, Callbacks,
mSlotHeadset = context.getString(com.android.internal.R.string.status_bar_headset);
mSlotDataSaver = context.getString(com.android.internal.R.string.status_bar_data_saver);
mSlotLocation = context.getString(com.android.internal.R.string.status_bar_location);
mSlotSu = context.getString(com.android.internal.R.string.status_bar_su);
// listen for broadcasts
IntentFilter filter = new IntentFilter();
......@@ -223,6 +228,11 @@ public class PhoneStatusBarPolicy implements Callback, Callbacks,
mContext.getString(R.string.accessibility_status_bar_hotspot));
mIconController.setIconVisibility(mSlotHotspot, mHotspot.isHotspotEnabled());
// su
mIconController.setIcon(mSlotSu, R.drawable.stat_sys_su, null);
mIconController.setIconVisibility(mSlotSu, false);
mSuController.addCallback(mSuCallback);
// managed profile
mIconController.setIcon(mSlotManagedProfile, R.drawable.stat_sys_managed_profile_status,
mContext.getString(R.string.accessibility_managed_profile));
......@@ -677,6 +687,10 @@ public class PhoneStatusBarPolicy implements Callback, Callbacks,
}
};
private void updateSu() {
mIconController.setIconVisibility(mSlotSu, mSuController.hasActiveSessions());
}
private final CastController.Callback mCastCallback = new CastController.Callback() {
@Override
public void onCastDevicesChanged() {
......@@ -795,4 +809,11 @@ public class PhoneStatusBarPolicy implements Callback, Callbacks,
mIconController.setIconVisibility(mSlotCast, false);
}
};
private final SuController.Callback mSuCallback = new SuController.Callback() {
@Override
public void onSuSessionsChanged() {
updateSu();
}
};
}
/*
* Copyright (C) 2014 The CyanogenMod Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.android.systemui.statusbar.policy;
public interface SuController {
void addCallback(Callback callback);
void removeCallback(Callback callback);
boolean hasActiveSessions();
public interface Callback {
void onSuSessionsChanged();
}
}
/*
* Copyright (C) 2014 The CyanogenMod Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.android.systemui.statusbar.policy;
import android.app.ActivityManager;
import android.app.AppOpsManager;
import android.app.StatusBarManager;
import android.content.BroadcastReceiver;
import android.content.ContentResolver;
import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.os.Handler;
import android.os.UserHandle;
import android.os.UserManager;
import android.provider.Settings;
import android.util.Log;
import com.android.systemui.R;
import java.util.ArrayList;
import java.util.List;
/**
* A controller to manage changes to superuser-related states and update the views accordingly.
*/
public class SuControllerImpl implements SuController {
private static final String TAG = "SuControllerImpl";
private static final int[] mSuOpArray = new int[] {AppOpsManager.OP_SU};
private ArrayList<Callback> mCallbacks = new ArrayList<Callback>();
private Context mContext;
private AppOpsManager mAppOpsManager;
private boolean mHasActiveSuSessions;
public SuControllerImpl(Context context) {
mContext = context;
mAppOpsManager = (AppOpsManager) context.getSystemService(Context.APP_OPS_SERVICE);
IntentFilter intentFilter = new IntentFilter();
intentFilter.addAction(AppOpsManager.ACTION_SU_SESSION_CHANGED);
context.registerReceiverAsUser(new BroadcastReceiver() {
@Override
public void onReceive(Context context, Intent intent) {
Log.i(TAG, "Got change");
String action = intent.getAction();
if (AppOpsManager.ACTION_SU_SESSION_CHANGED.equals(action)) {
updateActiveSuSessions();
}
}
}, UserHandle.ALL, intentFilter, null, new Handler());
updateActiveSuSessions();
}
@Override
public void addCallback(Callback callback) {
mCallbacks.add(callback);
fireCallback(callback);
}
@Override
public void removeCallback(Callback callback) {
mCallbacks.remove(callback);
}
@Override
public boolean hasActiveSessions() {
return mHasActiveSuSessions;
}
private void fireCallback(Callback callback) {
callback.onSuSessionsChanged();
}