diff options
author | Philip P. Moltmann <moltmann@google.com> | 2019-09-13 15:09:54 -0700 |
---|---|---|
committer | Harrison Lingren <hlingren@google.com> | 2019-10-24 16:03:43 +0000 |
commit | 1a633927dda31b2a14f2bf7b5d08842737d2e0ea (patch) | |
tree | a9783a313ffb2df509cf0e2fbc481384c3b31291 | |
parent | 22e3396d74f12ff7a56d0d03dc1a8adaec5a3e56 (diff) | |
download | android_packages_apps_PackageInstaller-1a633927dda31b2a14f2bf7b5d08842737d2e0ea.tar.gz android_packages_apps_PackageInstaller-1a633927dda31b2a14f2bf7b5d08842737d2e0ea.tar.bz2 android_packages_apps_PackageInstaller-1a633927dda31b2a14f2bf7b5d08842737d2e0ea.zip |
[DO NOT MERGE] Grant all access_media_location permission
Test: Manual testing:
All combinations of
- App targetSdk = 28 and 29 (and 22 for extra credit)
- App having the <uses-permission> tag for
ACCESS_MEDIA_LOCATION or not
- Upgrade from P->Q-QPR and from vanilla Q->Q-QPR
Further upgrade of targetSdk from 28->29 while on Q-QPR
==> All permission behavior should make sense. Sometimes there
are weird, but expected behaviors. Hence we need to
collect the results and then look at the unexpected ones.
See SplitPermissionTest for some tests I added for the
location-background permission which was split from
the fine/coarse-location permissions
Bug: 140961754
Change-Id: I11f0b77d86d0c07b9bcd41eee337f36bacf0dabd
(cherry picked from commit 0573d628b3ee3dc73f49920271a4d27f6c07e1d9)
-rw-r--r-- | src/com/android/packageinstaller/permission/service/RuntimePermissionsUpgradeController.java | 44 |
1 files changed, 42 insertions, 2 deletions
diff --git a/src/com/android/packageinstaller/permission/service/RuntimePermissionsUpgradeController.java b/src/com/android/packageinstaller/permission/service/RuntimePermissionsUpgradeController.java index cac2ef2c..8a688dbc 100644 --- a/src/com/android/packageinstaller/permission/service/RuntimePermissionsUpgradeController.java +++ b/src/com/android/packageinstaller/permission/service/RuntimePermissionsUpgradeController.java @@ -32,6 +32,7 @@ import androidx.annotation.NonNull; import com.android.packageinstaller.PermissionControllerStatsLog; import com.android.packageinstaller.permission.model.AppPermissionGroup; import com.android.packageinstaller.permission.model.Permission; +import com.android.packageinstaller.permission.utils.ArrayUtils; import com.android.packageinstaller.permission.utils.Utils; import java.util.ArrayList; @@ -44,7 +45,7 @@ class RuntimePermissionsUpgradeController { private static final String LOG_TAG = RuntimePermissionsUpgradeController.class.getSimpleName(); // The latest version of the runtime permissions database - private static final int LATEST_VERSION = 7; + private static final int LATEST_VERSION = 8; private RuntimePermissionsUpgradeController() { /* do nothing - hide constructor */ @@ -272,16 +273,55 @@ class RuntimePermissionsUpgradeController { currentVersion = 7; } + if (currentVersion == 7) { + Log.i(LOG_TAG, "Expanding read storage to access media location"); + + for (int i = 0; i < appCount; i++) { + final PackageInfo pkgInfo = apps.get(i); + + if (!ArrayUtils.contains(pkgInfo.requestedPermissions, + Manifest.permission.ACCESS_MEDIA_LOCATION)) { + continue; + } + + if (context.checkPermission(Manifest.permission.READ_EXTERNAL_STORAGE, 0, + pkgInfo.applicationInfo.uid) != PackageManager.PERMISSION_GRANTED) { + continue; + } + + final AppPermissionGroup group = AppPermissionGroup.create(context, pkgInfo, + Manifest.permission.ACCESS_MEDIA_LOCATION, false); + final Permission perm = group.getPermission( + Manifest.permission.ACCESS_MEDIA_LOCATION); + + if (!perm.isUserSet() && !perm.isSystemFixed() && !perm.isPolicyFixed() + && !perm.isGrantedIncludingAppOp()) { + group.grantRuntimePermissions(false, + new String[]{Manifest.permission.ACCESS_MEDIA_LOCATION}); + + logRuntimePermissionUpgradeResult(group, + pkgInfo.applicationInfo.uid, pkgInfo.packageName, + Manifest.permission.ACCESS_MEDIA_LOCATION); + } + } + + currentVersion = 8; + } + // XXX: Add new upgrade steps above this point. return currentVersion; } private static void logRuntimePermissionUpgradeResult(AppPermissionGroup permissionGroup, - int uid, String packageName) { + int uid, String packageName, String... filterPermissions) { ArrayList<Permission> permissions = permissionGroup.getPermissions(); int numPermissions = permissions.size(); for (int i = 0; i < numPermissions; i++) { + if (filterPermissions != null && !ArrayUtils.contains(filterPermissions, permissions)) { + continue; + } + Permission permission = permissions.get(i); PermissionControllerStatsLog.write(RUNTIME_PERMISSIONS_UPGRADE_RESULT, permission.getName(), uid, packageName); |