DO NOT MERGE Stop managed profile owner granting READ_SMS

import android.content.pm.PackageManager;

import android.os.AsyncTask;

import android.os.UserHandle;

import android.os.UserManager;

import android.permission.PermissionControllerService;

import android.permission.PermissionManager;

import android.permission.RuntimePermissionPresentationInfo;

import com.android.packageinstaller.permission.model.AppPermissions;

import com.android.packageinstaller.permission.model.Permission;

import com.android.packageinstaller.permission.model.PermissionUsages;

import com.android.packageinstaller.permission.utils.AdminRestrictedPermissionsUtils;

import com.android.packageinstaller.permission.utils.Utils;

import org.xmlpull.v1.XmlPullParser;

        AppPermissions app = new AppPermissions(this, pkgInfo, false, true, null);

        final boolean isManagedProfile = getSystemService(UserManager.class).isManagedProfile();

        int numPerms = expandedPermissions.size();

        for (int i = 0; i < numPerms; i++) {

            String permName = expandedPermissions.get(i);

            switch (grantState) {

                case PERMISSION_GRANT_STATE_GRANTED:

                    if (AdminRestrictedPermissionsUtils.mayAdminGrantPermission(perm.getName(),

                            isManagedProfile)) {

                        perm.setPolicyFixed(true);

                        group.grantRuntimePermissions(false, new String[]{permName});

                    } else {

                        // similar to PERMISSION_GRANT_STATE_DEFAULT

                        perm.setPolicyFixed(false);

                    }

                    break;

                case PERMISSION_GRANT_STATE_DENIED:

                    perm.setPolicyFixed(true);

/*

 * Copyright (C) 2022 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package com.android.packageinstaller.permission.utils;

import android.Manifest;

import android.util.ArraySet;

/**

 * A class for dealing with permissions that the admin may not grant in certain configurations.

 */

public final class AdminRestrictedPermissionsUtils {

    /**

     * A set of permissions that the managed Profile Owner cannot grant.

     */

    private static final ArraySet<String> MANAGED_PROFILE_OWNER_RESTRICTED_PERMISSIONS =

            new ArraySet<>();

    static {

        MANAGED_PROFILE_OWNER_RESTRICTED_PERMISSIONS.add(Manifest.permission.READ_SMS);

    }

    /**

     * Returns true if the admin may grant this permission, false otherwise.

     */

    public static boolean mayAdminGrantPermission(String permission, boolean isManagedProfile) {

        return !isManagedProfile

                || !MANAGED_PROFILE_OWNER_RESTRICTED_PERMISSIONS.contains(permission);

    }

}