Introduce and populate PackageManager.FLAG_PERMISSION_USER_VISIBLE (37e87956) · Commits · e / os / android_packages_apps_PackageInstaller

src/com/android/packageinstaller/permission/model/Permission.java

+8 −0

Original line number	Diff line number	Diff line
		@@ -174,6 +174,14 @@ public final class Permission {
		return (mFlags & PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT) != 0;
		}

		public boolean isUserSensitiveWhenGranted() {
		return (mFlags & PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_GRANTED) != 0;
		}

		public boolean isUserSensitiveWhenDenied() {
		return (mFlags & PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED) != 0;
		}

		/**
		* If this permission is split into a foreground and background permission, this is the name
		* of the background permission.

src/com/android/packageinstaller/permission/utils/Utils.java

+9 −0

Original line number	Diff line number	Diff line
		@@ -405,6 +405,15 @@ public final class Utils {
		return new ArrayList<>(PLATFORM_PERMISSION_GROUPS.keySet());
		}

		/**
		* Get the names of the platform permissions.
		*
		* @return the names of the platform permissions.
		*/
		public static List<String> getPlatformPermissions() {
		return new ArrayList<>(PLATFORM_PERMISSIONS.keySet());
		}

		/**
		* Should UI show this permission.
		*

src/com/android/packageinstaller/role/service/RoleControllerServiceImpl.java

+56 −0

Original line number	Diff line number	Diff line
		@@ -27,6 +27,7 @@ import android.os.Build;
		import android.os.Handler;
		import android.os.HandlerThread;
		import android.os.Process;
		import android.os.SystemClock;
		import android.os.UserHandle;
		import android.rolecontrollerservice.RoleControllerService;
		import android.text.TextUtils;
		@@ -336,6 +337,61 @@ public class RoleControllerServiceImpl extends RoleControllerService {
		if (callback != null) {
		callback.onSuccess();
		}

		// Populate PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_GRANTED
		PackageManager pm = getPackageManager();
		UserHandle user = Process.myUserHandle();
		List<PackageInfo> pkgs = pm.getInstalledPackages(0);
		List<String> platformPerms = Utils.getPlatformPermissions();
		ArraySet<String> pkgsWithLauncherIcon = Utils.getLauncherPackages(this);
		List<Long> iterationTimesNs = new ArrayList<>();

		long startMs = SystemClock.uptimeMillis();
		for (int i = 0, size = pkgs.size(); i < size; i++) {
		PackageInfo pkg = pkgs.get(i);
		boolean pkgHasLauncherIcon = pkgsWithLauncherIcon.contains(pkg.packageName);
		boolean pkgIsSystemApp = (pkg.applicationInfo.flags & ApplicationInfo.FLAG_SYSTEM) != 0;

		for (int j = 0, permSize = platformPerms.size(); j < permSize; j++) {
		String perm = platformPerms.get(j);

		long iterationStart = DEBUG ? SystemClock.elapsedRealtimeNanos() : 0L;

		int flags;
		if (pkgIsSystemApp && !pkgHasLauncherIcon) {
		boolean permGranted = pm.checkPermission(perm, pkg.packageName)
		== PackageManager.PERMISSION_GRANTED;
		boolean permGrantedByDefault = permGranted
		&& (pm.getPermissionFlags(perm, pkg.packageName, user)
		& PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT) != 0;
		if (permGrantedByDefault) {
		flags = 0;
		} else {
		flags = PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_GRANTED;
		}
		} else {
		flags = PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_GRANTED
		\| PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED;
		}
		//TODO(b/124317989): flags \|= userOverrideInUi
		pm.updatePermissionFlags(perm, pkg.packageName,
		PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_GRANTED
		\| PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED, flags,
		user);

		if (DEBUG) {
		iterationTimesNs.add(SystemClock.elapsedRealtimeNanos() - iterationStart);
		}
		}
		}
		if (DEBUG) {
		long avgIter = iterationTimesNs.stream().reduce(0L, (a, b) -> a + b)
		/ iterationTimesNs.size();
		Log.i(LOG_TAG, "Populating FLAG_PERMISSION_USER_SENSITIVE_* for "
		+ pkgs.size() + "pkgs & "
		+ platformPerms.size() + "perms took " + (SystemClock.uptimeMillis() - startMs)
		+ "ms, avg iteration took " + avgIter + "ns");
		}
		}

		@WorkerThread