Loading AndroidManifest.xml +1 −0 Original line number Diff line number Diff line Loading @@ -14,6 +14,7 @@ <uses-permission android:name="android.permission.MANAGE_USERS" /> <uses-permission android:name="android.permission.GRANT_RUNTIME_PERMISSIONS" /> <uses-permission android:name="android.permission.REVOKE_RUNTIME_PERMISSIONS" /> <uses-permission android:name="android.permission.ADJUST_RUNTIME_PERMISSIONS_POLICY" /> <uses-permission android:name="android.permission.INTERACT_ACROSS_USERS_FULL" /> <uses-permission android:name="android.permission.OBSERVE_GRANT_REVOKE_PERMISSIONS" /> <uses-permission android:name="android.permission.UPDATE_APP_OPS_STATS" /> Loading src/com/android/packageinstaller/permission/model/AppPermissionGroup.java +1 −1 Original line number Diff line number Diff line Loading @@ -1134,7 +1134,7 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> * app ops change. If this is set to {@code false} the * caller has to make sure to kill the app if needed. */ void persistChanges(boolean mayKillBecauseOfAppOpsChange) { public void persistChanges(boolean mayKillBecauseOfAppOpsChange) { int numPermissions = mPermissions.size(); boolean shouldKillApp = false; boolean shouldUpdateStorage = false; Loading src/com/android/packageinstaller/permission/service/PermissionControllerServiceImpl.java +54 −0 Original line number Diff line number Diff line Loading @@ -16,6 +16,9 @@ package com.android.packageinstaller.permission.service; import static android.app.admin.DevicePolicyManager.PERMISSION_GRANT_STATE_DEFAULT; import static android.app.admin.DevicePolicyManager.PERMISSION_GRANT_STATE_DENIED; import static android.app.admin.DevicePolicyManager.PERMISSION_GRANT_STATE_GRANTED; import static android.content.pm.PackageManager.GET_PERMISSIONS; import static android.permission.PermissionControllerManager.COUNT_ONLY_WHEN_GRANTED; import static android.permission.PermissionControllerManager.COUNT_WHEN_SYSTEM; Loading Loading @@ -503,4 +506,55 @@ public final class PermissionControllerServiceImpl extends PermissionControllerS return PermissionControllerServiceImplRoleMixin.onIsApplicationQualifiedForRole(roleName, packageName, this); } @Override public boolean onSetRuntimePermissionGrantStateByDeviceAdmin(@NonNull String callerPackageName, @NonNull String packageName, @NonNull String unexpandedPermission, int grantState) { PackageInfo callerPkgInfo = getPkgInfo(callerPackageName); if (callerPkgInfo == null) { Log.w(LOG_TAG, "Cannot fix " + unexpandedPermission + " as admin " + callerPackageName + " cannot be found"); return false; } PackageInfo pkgInfo = getPkgInfo(packageName); if (pkgInfo == null) { Log.w(LOG_TAG, "Cannot fix " + unexpandedPermission + " as " + packageName + " cannot be found"); return false; } ArrayList<String> expandedPermissions = addSplitPermissions( Collections.singletonList(unexpandedPermission), callerPkgInfo.applicationInfo.targetSdkVersion); int numPerms = expandedPermissions.size(); for (int i = 0; i < numPerms; i++) { String perm = expandedPermissions.get(i); AppPermissionGroup group = AppPermissionGroup.create(this, pkgInfo, perm, true); if (group == null || group.isSystemFixed()) { continue; } switch (grantState) { case PERMISSION_GRANT_STATE_GRANTED: group.getPermission(perm).setPolicyFixed(true); group.grantRuntimePermissions(false, new String[]{perm}); break; case PERMISSION_GRANT_STATE_DENIED: group.getPermission(perm).setPolicyFixed(true); group.revokeRuntimePermissions(false, new String[]{perm}); break; case PERMISSION_GRANT_STATE_DEFAULT: group.getPermission(perm).setPolicyFixed(false); break; default: return false; } group.persistChanges(true); } return true; } } src/com/android/packageinstaller/permission/service/TEST_MAPPING +24 −1 Original line number Diff line number Diff line Loading @@ -18,6 +18,29 @@ "include-filter": "android.backup.cts.PermissionTest" } ] }, { "name": "CtsDevicePolicyManagerTestCases", "options": [ { "include-filter": "com.android.cts.devicepolicy.MixedManagedProfileOwnerTest#testPermissionGrant" }, { "include-filter": "com.android.cts.devicepolicy.MixedManagedProfileOwnerTest#testPermissionPolicy" }, { "include-filter": "com.android.cts.devicepolicy.MixedManagedProfileOwnerTest#testPermissionMixedPolicies" }, { "include-filter": "com.android.cts.devicepolicy.MixedManagedProfileOwnerTest#testPermissionAppUpdate" }, { "include-filter": "com.android.cts.devicepolicy.MixedManagedProfileOwnerTest#testPermissionGrantPreMApp" }, { "include-filter": "com.android.cts.devicepolicy.MixedManagedProfileOwnerTestApi25#testPermissionGrantPreMApp" } ] } ] } No newline at end of file Loading
AndroidManifest.xml +1 −0 Original line number Diff line number Diff line Loading @@ -14,6 +14,7 @@ <uses-permission android:name="android.permission.MANAGE_USERS" /> <uses-permission android:name="android.permission.GRANT_RUNTIME_PERMISSIONS" /> <uses-permission android:name="android.permission.REVOKE_RUNTIME_PERMISSIONS" /> <uses-permission android:name="android.permission.ADJUST_RUNTIME_PERMISSIONS_POLICY" /> <uses-permission android:name="android.permission.INTERACT_ACROSS_USERS_FULL" /> <uses-permission android:name="android.permission.OBSERVE_GRANT_REVOKE_PERMISSIONS" /> <uses-permission android:name="android.permission.UPDATE_APP_OPS_STATS" /> Loading
src/com/android/packageinstaller/permission/model/AppPermissionGroup.java +1 −1 Original line number Diff line number Diff line Loading @@ -1134,7 +1134,7 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> * app ops change. If this is set to {@code false} the * caller has to make sure to kill the app if needed. */ void persistChanges(boolean mayKillBecauseOfAppOpsChange) { public void persistChanges(boolean mayKillBecauseOfAppOpsChange) { int numPermissions = mPermissions.size(); boolean shouldKillApp = false; boolean shouldUpdateStorage = false; Loading
src/com/android/packageinstaller/permission/service/PermissionControllerServiceImpl.java +54 −0 Original line number Diff line number Diff line Loading @@ -16,6 +16,9 @@ package com.android.packageinstaller.permission.service; import static android.app.admin.DevicePolicyManager.PERMISSION_GRANT_STATE_DEFAULT; import static android.app.admin.DevicePolicyManager.PERMISSION_GRANT_STATE_DENIED; import static android.app.admin.DevicePolicyManager.PERMISSION_GRANT_STATE_GRANTED; import static android.content.pm.PackageManager.GET_PERMISSIONS; import static android.permission.PermissionControllerManager.COUNT_ONLY_WHEN_GRANTED; import static android.permission.PermissionControllerManager.COUNT_WHEN_SYSTEM; Loading Loading @@ -503,4 +506,55 @@ public final class PermissionControllerServiceImpl extends PermissionControllerS return PermissionControllerServiceImplRoleMixin.onIsApplicationQualifiedForRole(roleName, packageName, this); } @Override public boolean onSetRuntimePermissionGrantStateByDeviceAdmin(@NonNull String callerPackageName, @NonNull String packageName, @NonNull String unexpandedPermission, int grantState) { PackageInfo callerPkgInfo = getPkgInfo(callerPackageName); if (callerPkgInfo == null) { Log.w(LOG_TAG, "Cannot fix " + unexpandedPermission + " as admin " + callerPackageName + " cannot be found"); return false; } PackageInfo pkgInfo = getPkgInfo(packageName); if (pkgInfo == null) { Log.w(LOG_TAG, "Cannot fix " + unexpandedPermission + " as " + packageName + " cannot be found"); return false; } ArrayList<String> expandedPermissions = addSplitPermissions( Collections.singletonList(unexpandedPermission), callerPkgInfo.applicationInfo.targetSdkVersion); int numPerms = expandedPermissions.size(); for (int i = 0; i < numPerms; i++) { String perm = expandedPermissions.get(i); AppPermissionGroup group = AppPermissionGroup.create(this, pkgInfo, perm, true); if (group == null || group.isSystemFixed()) { continue; } switch (grantState) { case PERMISSION_GRANT_STATE_GRANTED: group.getPermission(perm).setPolicyFixed(true); group.grantRuntimePermissions(false, new String[]{perm}); break; case PERMISSION_GRANT_STATE_DENIED: group.getPermission(perm).setPolicyFixed(true); group.revokeRuntimePermissions(false, new String[]{perm}); break; case PERMISSION_GRANT_STATE_DEFAULT: group.getPermission(perm).setPolicyFixed(false); break; default: return false; } group.persistChanges(true); } return true; } }
src/com/android/packageinstaller/permission/service/TEST_MAPPING +24 −1 Original line number Diff line number Diff line Loading @@ -18,6 +18,29 @@ "include-filter": "android.backup.cts.PermissionTest" } ] }, { "name": "CtsDevicePolicyManagerTestCases", "options": [ { "include-filter": "com.android.cts.devicepolicy.MixedManagedProfileOwnerTest#testPermissionGrant" }, { "include-filter": "com.android.cts.devicepolicy.MixedManagedProfileOwnerTest#testPermissionPolicy" }, { "include-filter": "com.android.cts.devicepolicy.MixedManagedProfileOwnerTest#testPermissionMixedPolicies" }, { "include-filter": "com.android.cts.devicepolicy.MixedManagedProfileOwnerTest#testPermissionAppUpdate" }, { "include-filter": "com.android.cts.devicepolicy.MixedManagedProfileOwnerTest#testPermissionGrantPreMApp" }, { "include-filter": "com.android.cts.devicepolicy.MixedManagedProfileOwnerTestApi25#testPermissionGrantPreMApp" } ] } ] } No newline at end of file
