diff options
author | Philip P. Moltmann <moltmann@google.com> | 2019-06-10 14:13:46 -0700 |
---|---|---|
committer | Philip P. Moltmann <moltmann@google.com> | 2019-06-11 15:41:10 -0700 |
commit | 4a83cfe94e8d31645d3c3f3e64334bb2ec31155e (patch) | |
tree | e17b0dc29098b691bb08a9f8bcc67ec8e7f6b42a | |
parent | be31f46d1341c613071fe1f7591b40c1e1aa1aaa (diff) | |
download | android_packages_apps_PackageInstaller-4a83cfe94e8d31645d3c3f3e64334bb2ec31155e.tar.gz android_packages_apps_PackageInstaller-4a83cfe94e8d31645d3c3f3e64334bb2ec31155e.tar.bz2 android_packages_apps_PackageInstaller-4a83cfe94e8d31645d3c3f3e64334bb2ec31155e.zip |
Unset even restricted permissions
We do not create AppPermissionGroup objects for restricted permissions
as the user cannot change those.
If a permission is restricted, but needs a review we still need to mark
it as reviewed as otherwise the app won't start. As the user cannot
change it, leaving the permission in the default state without review is
fine.
Test: Installed pre-23 app with restricted permissions and reviewed
permissions -> app started after review
Fixes: 134500512
Change-Id: If458e739ecf980d2521e87828b75b879aec289c5
-rw-r--r-- | src/com/android/packageinstaller/permission/ui/handheld/ReviewPermissionsFragment.java | 24 |
1 files changed, 17 insertions, 7 deletions
diff --git a/src/com/android/packageinstaller/permission/ui/handheld/ReviewPermissionsFragment.java b/src/com/android/packageinstaller/permission/ui/handheld/ReviewPermissionsFragment.java index 77705b87..f8134944 100644 --- a/src/com/android/packageinstaller/permission/ui/handheld/ReviewPermissionsFragment.java +++ b/src/com/android/packageinstaller/permission/ui/handheld/ReviewPermissionsFragment.java @@ -16,10 +16,13 @@ package com.android.packageinstaller.permission.ui.handheld; +import static android.content.pm.PackageManager.FLAG_PERMISSION_REVIEW_REQUIRED; + import android.app.Activity; import android.content.Intent; import android.content.IntentSender; import android.content.pm.PackageInfo; +import android.content.pm.PackageManager; import android.graphics.drawable.Drawable; import android.os.Bundle; import android.os.RemoteCallback; @@ -99,11 +102,6 @@ public final class ReviewPermissionsFragment extends PreferenceFragmentCompat mAppPermissions = new AppPermissions(activity, packageInfo, false, true, () -> getActivity().finish()); - if (mAppPermissions.getPermissionGroups().isEmpty()) { - activity.finish(); - return; - } - boolean reviewRequired = false; for (AppPermissionGroup group : mAppPermissions.getPermissionGroups()) { if (group.isReviewRequired() || (group.getBackgroundPermissions() != null @@ -114,6 +112,9 @@ public final class ReviewPermissionsFragment extends PreferenceFragmentCompat } if (!reviewRequired) { + // If the system called for a review but no groups are found, this means that all groups + // are restricted. Hence there is nothing to review and instantly continue. + confirmPermissionsReview(); activity.finish(); } } @@ -200,7 +201,6 @@ public final class ReviewPermissionsFragment extends PreferenceFragmentCompat if (group.isReviewRequired() && !permPreference.wasChanged()) { grantReviewedPermission(group); } - group.unsetReviewRequired(); AppPermissionGroup backgroundGroup = group.getBackgroundPermissions(); if (backgroundGroup != null) { @@ -208,13 +208,23 @@ public final class ReviewPermissionsFragment extends PreferenceFragmentCompat if (backgroundGroup.isReviewRequired() && !permPreference.wasChanged()) { grantReviewedPermission(backgroundGroup); } - backgroundGroup.unsetReviewRequired(); } } } } mAppPermissions.persistChanges(true); + + // Some permission might be restricted and hence there is no AppPermissionGroup for it. + // Manually unset all review-required flags, regardless of restriction. + PackageManager pm = getContext().getPackageManager(); + PackageInfo pkg = mAppPermissions.getPackageInfo(); + UserHandle user = UserHandle.getUserHandleForUid(pkg.applicationInfo.uid); + + for (String perm : pkg.requestedPermissions) { + pm.updatePermissionFlags(perm, pkg.packageName, FLAG_PERMISSION_REVIEW_REQUIRED, + 0, user); + } } private void bindUi() { |