diff options
author | Svet Ganov <svetoslavganov@google.com> | 2015-08-20 01:56:39 -0700 |
---|---|---|
committer | Svet Ganov <svetoslavganov@google.com> | 2015-08-20 02:10:17 -0700 |
commit | e899d8d48558a6d4a8f0498c38a623115aad2205 (patch) | |
tree | 3322ac32863fdf14f83cd5bab6c4a2b3263c2d59 /src/com/android/packageinstaller/permission/model/AppPermissionGroup.java | |
parent | a9ec5bcd3c2cbbaceece4a6380efc0f04199de48 (diff) | |
download | android_packages_apps_PackageInstaller-e899d8d48558a6d4a8f0498c38a623115aad2205.tar.gz android_packages_apps_PackageInstaller-e899d8d48558a6d4a8f0498c38a623115aad2205.tar.bz2 android_packages_apps_PackageInstaller-e899d8d48558a6d4a8f0498c38a623115aad2205.zip |
Grant only requested permissions not the whole group.
The policy for an app requesting permissions is that only the requested permissions
are granted not the whole groups to which these permissions belong. There was a
regression where we granted the whole group not only the requested permissions. If
an app has a permission in a group already granted, now per policy a subsequent
request from the same group is followed by an auto grant.
bug:23370436
Change-Id: Icce6377d60187f6f153d10d646cd8c9878dd6fab
Diffstat (limited to 'src/com/android/packageinstaller/permission/model/AppPermissionGroup.java')
-rw-r--r-- | src/com/android/packageinstaller/permission/model/AppPermissionGroup.java | 25 |
1 files changed, 22 insertions, 3 deletions
diff --git a/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java b/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java index 633336c3..b3ac9721 100644 --- a/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java +++ b/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java @@ -28,6 +28,7 @@ import android.os.Build; import android.os.UserHandle; import android.util.ArrayMap; +import com.android.internal.util.ArrayUtils; import com.android.packageinstaller.R; import com.android.packageinstaller.permission.utils.LocationUtils; @@ -264,13 +265,19 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> return mPermissions.get(permission) != null; } - public boolean areRuntimePermissionsGranted() { + public boolean areRuntimePermissionsGranted(String[] filterPermissions) { if (LocationUtils.isLocked(mName, mPackageInfo.packageName)) { return LocationUtils.isLocationEnabled(mContext); } final int permissionCount = mPermissions.size(); for (int i = 0; i < permissionCount; i++) { Permission permission = mPermissions.valueAt(i); + + if (filterPermissions != null && !ArrayUtils.contains( + filterPermissions, permission.getName())) { + continue; + } + if (mAppSupportsRuntimePermissions) { if (permission.isGranted()) { return true; @@ -283,7 +290,7 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> return false; } - public boolean grantRuntimePermissions(boolean fixedByTheUser) { + public boolean grantRuntimePermissions(boolean fixedByTheUser, String[] filterPermissions) { final boolean isSharedUser = mPackageInfo.sharedUserId != null; final int uid = mPackageInfo.applicationInfo.uid; @@ -291,6 +298,12 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> // permissions, otherwise we toggle the app op corresponding // to the permission if the permission is granted to the app. for (Permission permission : mPermissions.values()) { + + if (filterPermissions != null && !ArrayUtils.contains( + filterPermissions, permission.getName())) { + continue; + } + if (mAppSupportsRuntimePermissions) { // Do not touch permissions fixed by the system. if (permission.isSystemFixed()) { @@ -371,7 +384,7 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> return true; } - public boolean revokeRuntimePermissions(boolean fixedByTheUser) { + public boolean revokeRuntimePermissions(boolean fixedByTheUser, String[] filterPermissions) { final boolean isSharedUser = mPackageInfo.sharedUserId != null; final int uid = mPackageInfo.applicationInfo.uid; @@ -379,6 +392,12 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> // permissions, otherwise we toggle the app op corresponding // to the permission if the permission is granted to the app. for (Permission permission : mPermissions.values()) { + + if (filterPermissions != null && !ArrayUtils.contains( + filterPermissions, permission.getName())) { + continue; + } + if (mAppSupportsRuntimePermissions) { // Do not touch permissions fixed by the system. if (permission.isSystemFixed()) { |