Grant only requested permissions not the whole group.

The policy for an app requesting permissions is that only the requested permissions are granted not the whole groups to which these permissions belong. There was a regression where we granted the whole group not only the requested permissions. If an app has a permission in a group already granted, now per policy a subsequent request from the same group is followed by an auto grant. bug:23370436 Change-Id: Icce6377d60187f6f153d10d646cd8c9878dd6fab
author: Svet Ganov <svetoslavganov@google.com> 2015-08-20 01:56:39 -0700
committer: Svet Ganov <svetoslavganov@google.com> 2015-08-20 02:10:17 -0700
commit: e899d8d48558a6d4a8f0498c38a623115aad2205 (patch)
tree: 3322ac32863fdf14f83cd5bab6c4a2b3263c2d59 /src/com/android/packageinstaller/permission/model/AppPermissionGroup.java
parent: a9ec5bcd3c2cbbaceece4a6380efc0f04199de48 (diff)
download: android_packages_apps_PackageInstaller-e899d8d48558a6d4a8f0498c38a623115aad2205.tar.gz
android_packages_apps_PackageInstaller-e899d8d48558a6d4a8f0498c38a623115aad2205.tar.bz2
android_packages_apps_PackageInstaller-e899d8d48558a6d4a8f0498c38a623115aad2205.zip
1 files changed, 22 insertions, 3 deletions
diff --git a/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java b/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java
index 633336c3..b3ac9721 100644
--- a/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java
+++ b/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java
@@ -28,6 +28,7 @@ import android.os.Build;
 import android.os.UserHandle;
 import android.util.ArrayMap;
 
+import com.android.internal.util.ArrayUtils;
 import com.android.packageinstaller.R;
 import com.android.packageinstaller.permission.utils.LocationUtils;
 
@@ -264,13 +265,19 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup>
         return mPermissions.get(permission) != null;
     }
 
-    public boolean areRuntimePermissionsGranted() {
+    public boolean areRuntimePermissionsGranted(String[] filterPermissions) {
         if (LocationUtils.isLocked(mName, mPackageInfo.packageName)) {
             return LocationUtils.isLocationEnabled(mContext);
         }
         final int permissionCount = mPermissions.size();
         for (int i = 0; i < permissionCount; i++) {
             Permission permission = mPermissions.valueAt(i);
+
+            if (filterPermissions != null && !ArrayUtils.contains(
+                    filterPermissions, permission.getName())) {
+                continue;
+            }
+
             if (mAppSupportsRuntimePermissions) {
                 if (permission.isGranted()) {
                     return true;
@@ -283,7 +290,7 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup>
         return false;
     }
 
-    public boolean grantRuntimePermissions(boolean fixedByTheUser) {
+    public boolean grantRuntimePermissions(boolean fixedByTheUser, String[] filterPermissions) {
         final boolean isSharedUser = mPackageInfo.sharedUserId != null;
         final int uid = mPackageInfo.applicationInfo.uid;
 
@@ -291,6 +298,12 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup>
         // permissions, otherwise we toggle the app op corresponding
         // to the permission if the permission is granted to the app.
         for (Permission permission : mPermissions.values()) {
+
+            if (filterPermissions != null && !ArrayUtils.contains(
+                    filterPermissions, permission.getName())) {
+                continue;
+            }
+
             if (mAppSupportsRuntimePermissions) {
                 // Do not touch permissions fixed by the system.
                 if (permission.isSystemFixed()) {
@@ -371,7 +384,7 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup>
         return true;
     }
 
-    public boolean revokeRuntimePermissions(boolean fixedByTheUser) {
+    public boolean revokeRuntimePermissions(boolean fixedByTheUser, String[] filterPermissions) {
         final boolean isSharedUser = mPackageInfo.sharedUserId != null;
         final int uid = mPackageInfo.applicationInfo.uid;
 
@@ -379,6 +392,12 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup>
         // permissions, otherwise we toggle the app op corresponding
         // to the permission if the permission is granted to the app.
         for (Permission permission : mPermissions.values()) {
+
+            if (filterPermissions != null && !ArrayUtils.contains(
+                    filterPermissions, permission.getName())) {
+                continue;
+            }
+
             if (mAppSupportsRuntimePermissions) {
                 // Do not touch permissions fixed by the system.
                 if (permission.isSystemFixed()) {
author	Svet Ganov <svetoslavganov@google.com>	2015-08-20 01:56:39 -0700
committer	Svet Ganov <svetoslavganov@google.com>	2015-08-20 02:10:17 -0700
commit	e899d8d48558a6d4a8f0498c38a623115aad2205 (patch)
tree	3322ac32863fdf14f83cd5bab6c4a2b3263c2d59 /src/com/android/packageinstaller/permission/model/AppPermissionGroup.java
parent	a9ec5bcd3c2cbbaceece4a6380efc0f04199de48 (diff)
download	android_packages_apps_PackageInstaller-e899d8d48558a6d4a8f0498c38a623115aad2205.tar.gz android_packages_apps_PackageInstaller-e899d8d48558a6d4a8f0498c38a623115aad2205.tar.bz2 android_packages_apps_PackageInstaller-e899d8d48558a6d4a8f0498c38a623115aad2205.zip