Extract BaseSearchIndexablesProvider.

     */

    public static final String IS_NONE_ROLE_HOLDER_SELECTED_KEY = "is_none_role_holder_selected:";

    /**

     * Key in the generic shared preferences that stores if the user manually selected the "none"

     * role holder for a role.

     */

    public static final String SEARCH_INDEXABLE_PROVIDER_PASSWORD_KEY =

            "search_indexable_provider_password";

    /**

     * Name of file containing the permissions that should be restored, but have not been restored

     * yet.

/*

 * Copyright (C) 2019 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package com.android.packageinstaller.permission.service;

import android.content.Context;

import android.content.Intent;

import android.content.SharedPreferences;

import android.database.Cursor;

import android.database.MatrixCursor;

import android.provider.SearchIndexablesContract;

import android.provider.SearchIndexablesProvider;

import android.util.Log;

import androidx.annotation.CheckResult;

import androidx.annotation.NonNull;

import androidx.annotation.Nullable;

import com.android.packageinstaller.Constants;

import com.android.packageinstaller.permission.utils.Utils;

import java.util.Objects;

import java.util.UUID;

/**

 * Base class for {@link SearchIndexablesProvider} inside permission controller, which allows using

 * a password in raw data key and verifying incoming intents afterwards.

 */

public abstract class BaseSearchIndexablesProvider extends SearchIndexablesProvider {

    private static final String LOG_TAG = BaseSearchIndexablesProvider.class.getSimpleName();

    private static final String EXTRA_SETTINGS_SEARCH_KEY = ":settings:fragment_args_key";

    private static final int PASSWORD_LENGTH = 36;

    @NonNull

    private static final Object sPasswordLock = new Object();

    @Override

    public boolean onCreate() {

        return true;

    }

    @Nullable

    @Override

    public Cursor queryXmlResources(@Nullable String[] projection) {

        return new MatrixCursor(SearchIndexablesContract.INDEXABLES_XML_RES_COLUMNS);

    }

    @Nullable

    @Override

    public Cursor queryNonIndexableKeys(@Nullable String[] projection) {

        return new MatrixCursor(SearchIndexablesContract.NON_INDEXABLES_KEYS_COLUMNS);

    }

    @NonNull

    private static String getPassword(@NonNull Context context) {

        synchronized (sPasswordLock) {

            SharedPreferences sharedPreferences = Utils.getDeviceProtectedSharedPreferences(

                    context);

            String password = sharedPreferences.getString(

                    Constants.SEARCH_INDEXABLE_PROVIDER_PASSWORD_KEY, null);

            if (password == null) {

                password = UUID.randomUUID().toString();

                sharedPreferences.edit()

                        .putString(Constants.SEARCH_INDEXABLE_PROVIDER_PASSWORD_KEY, password)

                        .apply();

            }

            return password;

        }

    }

    /**

     * Create a unique raw data key with password.

     *

     * @param key the original key, can be retrieved later with {@link #getOriginalKey(Intent)}

     * @param context the context to use

     * @return the created raw data key

     */

    @NonNull

    protected static String createRawDataKey(@NonNull String key, @NonNull Context context) {

        return getPassword(context) + context.getPackageName() + ',' + key;

    }

    /**

     * Check if the intent contains the properties expected from an intent launched from settings

     * search.

     *

     * @param intent the intent to check

     * @param context the context to get password

     *

     * @return whether the intent is valid

     */

    @CheckResult

    public static boolean isIntentValid(@NonNull Intent intent, @NonNull Context context) {

        String key = intent.getStringExtra(EXTRA_SETTINGS_SEARCH_KEY);

        String passwordFromIntent = key.substring(0, PASSWORD_LENGTH);

        String password = getPassword(context);

        boolean verified = Objects.equals(passwordFromIntent, password);

        if (!verified) {

            Log.w(LOG_TAG, "Invalid password: " + passwordFromIntent);

        }

        return verified;

    }

    /**

     * Get the original key passed to {@link #createRawDataKey(String, Context)}. Should only be

     * called after {@link #isIntentValid(Intent, Context)}.

     *

     * @param intent the intent to get the original key

     *

     * @return the original key from the intent, or {@code null} if none

     */

    @Nullable

    public static String getOriginalKey(@NonNull Intent intent) {

        String key = intent.getStringExtra(EXTRA_SETTINGS_SEARCH_KEY);

        if (key == null) {

            return null;

        }

        int keyStart = key.indexOf(',') + 1;

        return keyStart <= key.length() ? key.substring(keyStart) : null;

    }

}

package com.android.packageinstaller.permission.service;

import static android.content.Context.MODE_PRIVATE;

import static android.provider.SearchIndexablesContract.INDEXABLES_RAW_COLUMNS;

import static android.provider.SearchIndexablesContract.INDEXABLES_XML_RES_COLUMNS;

import static android.provider.SearchIndexablesContract.NON_INDEXABLES_KEYS_COLUMNS;

import static android.provider.SearchIndexablesContract.RawData.COLUMN_INTENT_ACTION;

import static android.provider.SearchIndexablesContract.RawData.COLUMN_KEY;

import static android.provider.SearchIndexablesContract.RawData.COLUMN_KEYWORDS;

import static android.provider.SearchIndexablesContract.RawData.COLUMN_TITLE;

import android.content.Context;

import android.content.Intent;

import android.content.pm.PackageManager;

import android.database.Cursor;

import android.database.MatrixCursor;

import android.provider.SearchIndexablesProvider;

import android.util.Log;

import androidx.annotation.NonNull;

import androidx.annotation.Nullable;

import com.android.packageinstaller.permission.utils.Utils;

import com.android.permissioncontroller.R;

import java.io.FileInputStream;

import java.io.FileNotFoundException;

import java.io.FileOutputStream;

import java.io.IOException;

import java.util.List;

import java.util.UUID;

public class PermissionSearchIndexablesProvider extends SearchIndexablesProvider {

/**

 * {@link android.provider.SearchIndexablesProvider} for permissions.

 */

public class PermissionSearchIndexablesProvider extends BaseSearchIndexablesProvider {

    private static final String LOG_TAG = PermissionSearchIndexablesProvider.class.getSimpleName();

    private static final String EXTRA_SETTINGS_SEARCH_KEY = ":settings:fragment_args_key";

    public static final String ACTION_MANAGE_PERMISSION_APPS =

            "com.android.permissioncontroller.settingssearch.action.MANAGE_PERMISSION_APPS";

    public static final String ACTION_REVIEW_PERMISSION_USAGE =

            "com.android.permissioncontroller.settingssearch.action.REVIEW_PERMISSION_USAGE";

    private static final String PASSWORD_FILE_NAME = "settings-search-password";

    private static final int PASSWORD_LENGTH = 36;

    @Override

    public boolean onCreate() {

        return true;

    }

    @Override

    public Cursor queryXmlResources(String[] projection) {

        return new MatrixCursor(INDEXABLES_XML_RES_COLUMNS);

    }

    @Override

    public Cursor queryRawData(String[] projection) {

        String password = getPassword(getContext());

        PackageManager pm = getContext().getPackageManager();

        Context context = getContext();

        PackageManager pm = context.getPackageManager();

        List<String> permissionGroupNames = Utils.getPlatformPermissionGroups();

        MatrixCursor cursor = new MatrixCursor(INDEXABLES_RAW_COLUMNS);

            cursor.newRow().add(COLUMN_RANK, 0)

                    .add(COLUMN_TITLE, label)

                    .add(COLUMN_KEYWORDS, label + ", "

                            + getContext().getString(R.string.permission_search_keyword))

                    .add(COLUMN_KEY, password + getContext().getPackageName()

                            + "," + groupName)

                    .add(COLUMN_KEYWORDS, label + ", " + context.getString(

                            R.string.permission_search_keyword))

                    .add(COLUMN_KEY, createRawDataKey(groupName, context))

                    .add(COLUMN_INTENT_ACTION, ACTION_MANAGE_PERMISSION_APPS);

        }

        cursor.newRow().add(COLUMN_RANK, 0)

                .add(COLUMN_TITLE, getContext().getString(R.string.permission_usage_title))

                .add(COLUMN_KEYWORDS, getContext().getString(R.string.permission_search_keyword))

                .add(COLUMN_KEY, password + getContext().getPackageName()

                        + "," + "permissions usage")

                .add(COLUMN_TITLE, context.getString(R.string.permission_usage_title))

                .add(COLUMN_KEYWORDS, context.getString(R.string.permission_search_keyword))

                .add(COLUMN_KEY, createRawDataKey("permissions usage", context))

                .add(COLUMN_INTENT_ACTION, ACTION_REVIEW_PERMISSION_USAGE);

        return cursor;

        }

        return null;

    }

    @Override

    public Cursor queryNonIndexableKeys(String[] projection) {

        return new MatrixCursor(NON_INDEXABLES_KEYS_COLUMNS);

    }

    /**

     * Verify that the intent contains the properties expected from an intent launched from settings

     * search.

     *

     * @param context A context of this app

     * @param intent The intent to verify

     *

     * @return The payload of the intent or {@code null} if there no payload for the action

     */

    public static @Nullable String verifyIntent(@NonNull Context context, @NonNull Intent intent) {

        String key = intent.getStringExtra(EXTRA_SETTINGS_SEARCH_KEY);

        String passwordFromIntent = key.substring(0, PASSWORD_LENGTH);

        String password = getPassword(context);

        if (!passwordFromIntent.equals(password)) {

            throw new SecurityException("password " + passwordFromIntent + " is not valid");

        }

        switch (intent.getAction()) {

            case ACTION_MANAGE_PERMISSION_APPS:

                return key.substring(key.indexOf(",") + 1);

            case ACTION_REVIEW_PERMISSION_USAGE:

                return null;

            default:

                throw new IllegalArgumentException("Not a valid action");

        }

    }

    private static @NonNull String getPassword(@NonNull Context context) {

        try {

            try {

                try (FileInputStream passwordFile = context.openFileInput(PASSWORD_FILE_NAME)) {

                    byte[] password = new byte[PASSWORD_LENGTH];

                    passwordFile.read(password);

                    return new String(password);

                }

            } catch (FileNotFoundException e) {

                String password = UUID.randomUUID().toString();

                try (FileOutputStream passwordFile = context.openFileOutput(PASSWORD_FILE_NAME,

                        MODE_PRIVATE)) {

                    passwordFile.write(password.getBytes());

                }

                return password;

            }

        } catch (IOException e) {

            throw new IllegalStateException("Could not create new password");

        }

    }

}

import static android.view.WindowManager.LayoutParams.SYSTEM_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS;

import static com.android.packageinstaller.permission.service.PermissionSearchIndexablesProvider.verifyIntent;

import static com.android.packageinstaller.permission.service.PermissionSearchIndexablesProvider.getOriginalKey;

import static com.android.packageinstaller.permission.service.PermissionSearchIndexablesProvider.isIntentValid;

import android.content.Intent;

import android.os.Bundle;

                break;

            case PermissionSearchIndexablesProvider.ACTION_REVIEW_PERMISSION_USAGE:

                verifyIntent(this, getIntent());

                if (!isIntentValid(getIntent(), this)) {

                    finish();

                    return;

                }

                // fall through

            case Intent.ACTION_REVIEW_PERMISSION_USAGE: {

                if (!Utils.isPermissionsHubEnabled()) {

                    finish();

                    return;

                }

            } break;

            case PermissionSearchIndexablesProvider.ACTION_MANAGE_PERMISSION_APPS:

                permissionName = verifyIntent(this, getIntent());

                if (!isIntentValid(getIntent(), this)) {

                    finish();

                    return;

                }

                permissionName = getOriginalKey(getIntent());

                // fall through

            case Intent.ACTION_MANAGE_PERMISSION_APPS: {

                if (permissionName == null) {

import static android.Manifest.permission_group.STORAGE;

import android.Manifest;

import android.app.AppOpsManager;

import android.content.ActivityNotFoundException;

import android.content.Context;

import android.content.Intent;

import android.content.SharedPreferences;

import android.content.pm.ApplicationInfo;

import android.content.pm.PackageItemInfo;

import android.content.pm.PackageManager;

import androidx.core.util.Preconditions;

import com.android.launcher3.icons.IconFactory;

import com.android.packageinstaller.Constants;

import com.android.packageinstaller.permission.model.AppPermissionGroup;

import com.android.packageinstaller.permission.model.AppPermissionUsage;

import com.android.permissioncontroller.R;

        return Boolean.parseBoolean(DeviceConfig.getProperty(DeviceConfig.Privacy.NAMESPACE,

                DeviceConfig.Privacy.PROPERTY_PERMISSIONS_HUB_ENABLED));

    }

    /**

     * Get a device protected storage based shared preferences. Avoid storing sensitive data in it.

     *

     * @param context the context to get the shared preferences

     * @return a device protected storage based shared preferences

     */

    @NonNull

    public static SharedPreferences getDeviceProtectedSharedPreferences(@NonNull Context context) {

        if (!context.isDeviceProtectedStorage()) {

            context = context.createDeviceProtectedStorageContext();

        }

        return context.getSharedPreferences(Constants.PREFERENCES_FILE, Context.MODE_PRIVATE);

    }

}