Loading src/com/android/packageinstaller/permission/model/AppPermissionGroup.java +20 −3 Original line number Diff line number Diff line Loading @@ -57,6 +57,8 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> private final int mIconResId; private final boolean mAppSupportsRuntimePermissions; private final boolean mIsEphemeralApp; private boolean mContainsEphemeralPermission; public static AppPermissionGroup create(Context context, PackageInfo packageInfo, String permissionName) { Loading @@ -67,7 +69,8 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> return null; } if (permissionInfo.protectionLevel != PermissionInfo.PROTECTION_DANGEROUS if ((permissionInfo.protectionLevel & PermissionInfo.PROTECTION_MASK_BASE) != PermissionInfo.PROTECTION_DANGEROUS || (permissionInfo.flags & PermissionInfo.FLAG_INSTALLED) == 0 || (permissionInfo.flags & PermissionInfo.FLAG_REMOVED) != 0) { return null; Loading Loading @@ -133,7 +136,8 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> } // Collect only runtime permissions. if (requestedPermissionInfo.protectionLevel != PermissionInfo.PROTECTION_DANGEROUS) { if ((requestedPermissionInfo.protectionLevel & PermissionInfo.PROTECTION_MASK_BASE) != PermissionInfo.PROTECTION_DANGEROUS) { continue; } Loading @@ -158,7 +162,7 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> requestedPermission, packageInfo.packageName, userHandle); Permission permission = new Permission(requestedPermission, granted, appOp, appOpAllowed, flags); appOp, appOpAllowed, flags, requestedPermissionInfo.protectionLevel); group.addPermission(permission); } Loading Loading @@ -191,6 +195,7 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> mPackageInfo = packageInfo; mAppSupportsRuntimePermissions = packageInfo.applicationInfo .targetSdkVersion > Build.VERSION_CODES.LOLLIPOP_MR1; mIsEphemeralApp = packageInfo.applicationInfo.isEphemeralApp(); mAppOps = context.getSystemService(AppOpsManager.class); mActivityManager = context.getSystemService(ActivityManager.class); mDeclaringPackage = declaringPackage; Loading @@ -210,6 +215,10 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> return mAppSupportsRuntimePermissions; } public boolean isGrantingAllowed() { return !mIsEphemeralApp || mContainsEphemeralPermission; } public boolean isReviewRequired() { if (mAppSupportsRuntimePermissions) { return false; Loading Loading @@ -328,6 +337,11 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> continue; } if (!permission.isGrantingAllowed(mIsEphemeralApp)) { // Skip unallowed permissions. continue; } if (mAppSupportsRuntimePermissions) { // Do not touch permissions fixed by the system. if (permission.isSystemFixed()) { Loading Loading @@ -636,5 +650,8 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> private void addPermission(Permission permission) { mPermissions.put(permission.getName(), permission); if (permission.isEphemeral()) { mContainsEphemeralPermission = true; } } } src/com/android/packageinstaller/permission/model/Permission.java +13 −2 Original line number Diff line number Diff line Loading @@ -17,6 +17,7 @@ package com.android.packageinstaller.permission.model; import android.content.pm.PackageManager; import android.content.pm.PermissionInfo; public final class Permission { private final String mName; Loading @@ -25,14 +26,16 @@ public final class Permission { private boolean mGranted; private boolean mAppOpAllowed; private int mFlags; private boolean mIsEphemeral; public Permission(String name, boolean granted, String appOp, boolean appOpAllowed, int flags) { String appOp, boolean appOpAllowed, int flags, int protectionLevel) { mName = name; mGranted = granted; mAppOp = appOp; mAppOpAllowed = appOpAllowed; mFlags = flags; mIsEphemeral = (protectionLevel & PermissionInfo.PROTECTION_FLAG_EPHEMERAL) != 0; } public String getName() { Loading Loading @@ -130,4 +133,12 @@ public final class Permission { public void setAppOpAllowed(boolean mAppOpAllowed) { this.mAppOpAllowed = mAppOpAllowed; } public boolean isEphemeral() { return mIsEphemeral; } public boolean isGrantingAllowed(boolean isEphemeralApp) { return !isEphemeralApp || isEphemeral(); } } src/com/android/packageinstaller/permission/model/PermissionApps.java +5 −3 Original line number Diff line number Diff line Loading @@ -177,7 +177,8 @@ public class PermissionApps { continue; } if (requestedPermissionInfo.protectionLevel if ((requestedPermissionInfo.protectionLevel & PermissionInfo.PROTECTION_MASK_BASE) != PermissionInfo.PROTECTION_DANGEROUS || (requestedPermissionInfo.flags & PermissionInfo.FLAG_INSTALLED) == 0 Loading Loading @@ -267,7 +268,8 @@ public class PermissionApps { } catch (PackageManager.NameNotFoundException e) { try { PermissionInfo permInfo = mPm.getPermissionInfo(mGroupName, 0); if (permInfo.protectionLevel != PermissionInfo.PROTECTION_DANGEROUS) { if ((permInfo.protectionLevel & PermissionInfo.PROTECTION_MASK_BASE) != PermissionInfo.PROTECTION_DANGEROUS) { Log.w(LOG_TAG, mGroupName + " is not a runtime permission"); return; } Loading src/com/android/packageinstaller/permission/model/PermissionGroups.java +4 −2 Original line number Diff line number Diff line Loading @@ -128,7 +128,8 @@ public final class PermissionGroups implements LoaderCallbacks<List<PermissionGr // Cache seen permissions and see if group has runtime permissions. for (PermissionInfo groupPermission : groupPermissions) { seenPermissions.add(groupPermission.name); if (groupPermission.protectionLevel == PermissionInfo.PROTECTION_DANGEROUS if ((groupPermission.protectionLevel & PermissionInfo.PROTECTION_MASK_BASE) == PermissionInfo.PROTECTION_DANGEROUS && (groupPermission.flags & PermissionInfo.FLAG_INSTALLED) != 0 && (groupPermission.flags & PermissionInfo.FLAG_REMOVED) == 0) { hasRuntimePermissions = true; Loading Loading @@ -178,7 +179,8 @@ public final class PermissionGroups implements LoaderCallbacks<List<PermissionGr } // We care only about installed runtime permissions. if (permissionInfo.protectionLevel != PermissionInfo.PROTECTION_DANGEROUS if ((permissionInfo.protectionLevel & PermissionInfo.PROTECTION_MASK_BASE) != PermissionInfo.PROTECTION_DANGEROUS || (permissionInfo.flags & PermissionInfo.FLAG_INSTALLED) == 0) { continue; } Loading src/com/android/packageinstaller/permission/ui/GrantPermissionsActivity.java +8 −0 Original line number Diff line number Diff line Loading @@ -150,6 +150,10 @@ public class GrantPermissionsActivity extends OverlayTouchActivity if (group == null) { continue; } if (!group.isGrantingAllowed()) { // Skip showing groups that we know cannot be granted. continue; } // We allow the user to choose only non-fixed permissions. A permission // is fixed either by device policy or the user denying with prejudice. if (!group.isUserFixed() && !group.isPolicyFixed()) { Loading Loading @@ -359,6 +363,10 @@ public class GrantPermissionsActivity extends OverlayTouchActivity != PermissionInfo.PROTECTION_DANGEROUS) { return PERMISSION_DENIED; } if ((pInfo.protectionLevel & PermissionInfo.PROTECTION_FLAG_EPHEMERAL) == 0 && callingPackageInfo.applicationInfo.isEphemeralApp()) { return PERMISSION_DENIED; } } catch (NameNotFoundException e) { return PERMISSION_DENIED; } Loading Loading
src/com/android/packageinstaller/permission/model/AppPermissionGroup.java +20 −3 Original line number Diff line number Diff line Loading @@ -57,6 +57,8 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> private final int mIconResId; private final boolean mAppSupportsRuntimePermissions; private final boolean mIsEphemeralApp; private boolean mContainsEphemeralPermission; public static AppPermissionGroup create(Context context, PackageInfo packageInfo, String permissionName) { Loading @@ -67,7 +69,8 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> return null; } if (permissionInfo.protectionLevel != PermissionInfo.PROTECTION_DANGEROUS if ((permissionInfo.protectionLevel & PermissionInfo.PROTECTION_MASK_BASE) != PermissionInfo.PROTECTION_DANGEROUS || (permissionInfo.flags & PermissionInfo.FLAG_INSTALLED) == 0 || (permissionInfo.flags & PermissionInfo.FLAG_REMOVED) != 0) { return null; Loading Loading @@ -133,7 +136,8 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> } // Collect only runtime permissions. if (requestedPermissionInfo.protectionLevel != PermissionInfo.PROTECTION_DANGEROUS) { if ((requestedPermissionInfo.protectionLevel & PermissionInfo.PROTECTION_MASK_BASE) != PermissionInfo.PROTECTION_DANGEROUS) { continue; } Loading @@ -158,7 +162,7 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> requestedPermission, packageInfo.packageName, userHandle); Permission permission = new Permission(requestedPermission, granted, appOp, appOpAllowed, flags); appOp, appOpAllowed, flags, requestedPermissionInfo.protectionLevel); group.addPermission(permission); } Loading Loading @@ -191,6 +195,7 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> mPackageInfo = packageInfo; mAppSupportsRuntimePermissions = packageInfo.applicationInfo .targetSdkVersion > Build.VERSION_CODES.LOLLIPOP_MR1; mIsEphemeralApp = packageInfo.applicationInfo.isEphemeralApp(); mAppOps = context.getSystemService(AppOpsManager.class); mActivityManager = context.getSystemService(ActivityManager.class); mDeclaringPackage = declaringPackage; Loading @@ -210,6 +215,10 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> return mAppSupportsRuntimePermissions; } public boolean isGrantingAllowed() { return !mIsEphemeralApp || mContainsEphemeralPermission; } public boolean isReviewRequired() { if (mAppSupportsRuntimePermissions) { return false; Loading Loading @@ -328,6 +337,11 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> continue; } if (!permission.isGrantingAllowed(mIsEphemeralApp)) { // Skip unallowed permissions. continue; } if (mAppSupportsRuntimePermissions) { // Do not touch permissions fixed by the system. if (permission.isSystemFixed()) { Loading Loading @@ -636,5 +650,8 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> private void addPermission(Permission permission) { mPermissions.put(permission.getName(), permission); if (permission.isEphemeral()) { mContainsEphemeralPermission = true; } } }
src/com/android/packageinstaller/permission/model/Permission.java +13 −2 Original line number Diff line number Diff line Loading @@ -17,6 +17,7 @@ package com.android.packageinstaller.permission.model; import android.content.pm.PackageManager; import android.content.pm.PermissionInfo; public final class Permission { private final String mName; Loading @@ -25,14 +26,16 @@ public final class Permission { private boolean mGranted; private boolean mAppOpAllowed; private int mFlags; private boolean mIsEphemeral; public Permission(String name, boolean granted, String appOp, boolean appOpAllowed, int flags) { String appOp, boolean appOpAllowed, int flags, int protectionLevel) { mName = name; mGranted = granted; mAppOp = appOp; mAppOpAllowed = appOpAllowed; mFlags = flags; mIsEphemeral = (protectionLevel & PermissionInfo.PROTECTION_FLAG_EPHEMERAL) != 0; } public String getName() { Loading Loading @@ -130,4 +133,12 @@ public final class Permission { public void setAppOpAllowed(boolean mAppOpAllowed) { this.mAppOpAllowed = mAppOpAllowed; } public boolean isEphemeral() { return mIsEphemeral; } public boolean isGrantingAllowed(boolean isEphemeralApp) { return !isEphemeralApp || isEphemeral(); } }
src/com/android/packageinstaller/permission/model/PermissionApps.java +5 −3 Original line number Diff line number Diff line Loading @@ -177,7 +177,8 @@ public class PermissionApps { continue; } if (requestedPermissionInfo.protectionLevel if ((requestedPermissionInfo.protectionLevel & PermissionInfo.PROTECTION_MASK_BASE) != PermissionInfo.PROTECTION_DANGEROUS || (requestedPermissionInfo.flags & PermissionInfo.FLAG_INSTALLED) == 0 Loading Loading @@ -267,7 +268,8 @@ public class PermissionApps { } catch (PackageManager.NameNotFoundException e) { try { PermissionInfo permInfo = mPm.getPermissionInfo(mGroupName, 0); if (permInfo.protectionLevel != PermissionInfo.PROTECTION_DANGEROUS) { if ((permInfo.protectionLevel & PermissionInfo.PROTECTION_MASK_BASE) != PermissionInfo.PROTECTION_DANGEROUS) { Log.w(LOG_TAG, mGroupName + " is not a runtime permission"); return; } Loading
src/com/android/packageinstaller/permission/model/PermissionGroups.java +4 −2 Original line number Diff line number Diff line Loading @@ -128,7 +128,8 @@ public final class PermissionGroups implements LoaderCallbacks<List<PermissionGr // Cache seen permissions and see if group has runtime permissions. for (PermissionInfo groupPermission : groupPermissions) { seenPermissions.add(groupPermission.name); if (groupPermission.protectionLevel == PermissionInfo.PROTECTION_DANGEROUS if ((groupPermission.protectionLevel & PermissionInfo.PROTECTION_MASK_BASE) == PermissionInfo.PROTECTION_DANGEROUS && (groupPermission.flags & PermissionInfo.FLAG_INSTALLED) != 0 && (groupPermission.flags & PermissionInfo.FLAG_REMOVED) == 0) { hasRuntimePermissions = true; Loading Loading @@ -178,7 +179,8 @@ public final class PermissionGroups implements LoaderCallbacks<List<PermissionGr } // We care only about installed runtime permissions. if (permissionInfo.protectionLevel != PermissionInfo.PROTECTION_DANGEROUS if ((permissionInfo.protectionLevel & PermissionInfo.PROTECTION_MASK_BASE) != PermissionInfo.PROTECTION_DANGEROUS || (permissionInfo.flags & PermissionInfo.FLAG_INSTALLED) == 0) { continue; } Loading
src/com/android/packageinstaller/permission/ui/GrantPermissionsActivity.java +8 −0 Original line number Diff line number Diff line Loading @@ -150,6 +150,10 @@ public class GrantPermissionsActivity extends OverlayTouchActivity if (group == null) { continue; } if (!group.isGrantingAllowed()) { // Skip showing groups that we know cannot be granted. continue; } // We allow the user to choose only non-fixed permissions. A permission // is fixed either by device policy or the user denying with prejudice. if (!group.isUserFixed() && !group.isPolicyFixed()) { Loading Loading @@ -359,6 +363,10 @@ public class GrantPermissionsActivity extends OverlayTouchActivity != PermissionInfo.PROTECTION_DANGEROUS) { return PERMISSION_DENIED; } if ((pInfo.protectionLevel & PermissionInfo.PROTECTION_FLAG_EPHEMERAL) == 0 && callingPackageInfo.applicationInfo.isEphemeralApp()) { return PERMISSION_DENIED; } } catch (NameNotFoundException e) { return PERMISSION_DENIED; } Loading
