diff options
| author | Philip P. Moltmann <moltmann@google.com> | 2019-05-31 15:42:38 +0000 |
|---|---|---|
| committer | Android (Google) Code Review <android-gerrit@google.com> | 2019-05-31 15:42:38 +0000 |
| commit | 7e6bc8ad1efae9d2f61418f33c0018340442eafd (patch) | |
| tree | a80b98387d5bed8357c286707dff780b454568ed /src | |
| parent | b53bbab74c51460ccac965d1250b4e94f340713b (diff) | |
| parent | 6a500c73e70fcb346cfba90aef0928429e0f226b (diff) | |
| download | android_packages_apps_PackageInstaller-7e6bc8ad1efae9d2f61418f33c0018340442eafd.tar.gz android_packages_apps_PackageInstaller-7e6bc8ad1efae9d2f61418f33c0018340442eafd.tar.bz2 android_packages_apps_PackageInstaller-7e6bc8ad1efae9d2f61418f33c0018340442eafd.zip | |
Merge changes from topic "GroupWithGrantedAndDeniedPerm" into qt-dev
* changes:
Only set perm that is changed to policy-fixed
Don't grant policy fixed permission on request
Diffstat (limited to 'src')
3 files changed, 60 insertions, 22 deletions
diff --git a/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java b/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java index fab23d01..41483c0f 100644 --- a/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java +++ b/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java @@ -1020,11 +1020,18 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> return wasAllRevoked; } - public void setPolicyFixed() { - final int permissionCount = mPermissions.size(); - for (int i = 0; i < permissionCount; i++) { - Permission permission = mPermissions.valueAt(i); - permission.setPolicyFixed(true); + /** + * Mark permissions in this group as policy fixed. + * + * @param filterPermissions The permissions to mark + */ + public void setPolicyFixed(@NonNull String[] filterPermissions) { + for (String permissionName : filterPermissions) { + Permission permission = mPermissions.get(permissionName); + + if (permission != null) { + permission.setPolicyFixed(true); + } } if (!mDelayChanges) { diff --git a/src/com/android/packageinstaller/permission/ui/GrantPermissionsActivity.java b/src/com/android/packageinstaller/permission/ui/GrantPermissionsActivity.java index e8d60f01..b5f9d08b 100644 --- a/src/com/android/packageinstaller/permission/ui/GrantPermissionsActivity.java +++ b/src/com/android/packageinstaller/permission/ui/GrantPermissionsActivity.java @@ -133,33 +133,36 @@ public class GrantPermissionsActivity extends Activity * affected permissions}. * * @param group The group the permission belongs to (might be a background permission group) - * @param permission The permission to add + * @param permName The name of the permission to add * @param isFirstInstance Is this the first time the groupStates get created */ - private void addRequestedPermissions(AppPermissionGroup group, String permission, + private void addRequestedPermissions(AppPermissionGroup group, String permName, boolean isFirstInstance) { if (!group.isGrantingAllowed()) { - reportRequestResult(permission, + reportRequestResult(permName, PERMISSION_GRANT_REQUEST_RESULT_REPORTED__RESULT__IGNORED); // Skip showing groups that we know cannot be granted. return; } + Permission permission = group.getPermission(permName); + // If the permission is restricted it does not show in the UI and // is not added to the group at all, so check that first. - if (group.getPermission(permission) == null && ArrayUtils.contains(mAppPermissions - .getPackageInfo().requestedPermissions, permission)) { - reportRequestResult(permission, + if (permission == null && ArrayUtils.contains( + mAppPermissions.getPackageInfo().requestedPermissions, permName)) { + reportRequestResult(permName, PERMISSION_GRANT_REQUEST_RESULT_REPORTED__RESULT__IGNORED_RESTRICTED_PERMISSION); return; // We allow the user to choose only non-fixed permissions. A permission // is fixed either by device policy or the user denying with prejudice. } else if (group.isUserFixed()) { - reportRequestResult(permission, + reportRequestResult(permName, PERMISSION_GRANT_REQUEST_RESULT_REPORTED__RESULT__IGNORED_USER_FIXED); return; - } else if (group.isPolicyFixed() && !group.areRuntimePermissionsGranted()) { - reportRequestResult(permission, + } else if (group.isPolicyFixed() && !group.areRuntimePermissionsGranted() + || permission.isPolicyFixed()) { + reportRequestResult(permName, PERMISSION_GRANT_REQUEST_RESULT_REPORTED__RESULT__IGNORED_POLICY_FIXED); return; } @@ -173,36 +176,38 @@ public class GrantPermissionsActivity extends Activity mRequestGrantPermissionGroups.put(groupKey, state); } state.affectedPermissions = ArrayUtils.appendString( - state.affectedPermissions, permission); + state.affectedPermissions, permName); boolean skipGroup = false; switch (getPermissionPolicy()) { case DevicePolicyManager.PERMISSION_POLICY_AUTO_GRANT: { - group.grantRuntimePermissions(false, new String[]{permission}); + final String[] filterPermissions = new String[]{permName}; + group.grantRuntimePermissions(false, filterPermissions); + group.setPolicyFixed(filterPermissions); state.mState = GroupState.STATE_ALLOWED; - group.setPolicyFixed(); skipGroup = true; - reportRequestResult(permission, + reportRequestResult(permName, PERMISSION_GRANT_REQUEST_RESULT_REPORTED__RESULT__AUTO_GRANTED); } break; case DevicePolicyManager.PERMISSION_POLICY_AUTO_DENY: { + final String[] filterPermissions = new String[]{permName}; + group.setPolicyFixed(filterPermissions); state.mState = GroupState.STATE_DENIED; - group.setPolicyFixed(); skipGroup = true; - reportRequestResult(permission, + reportRequestResult(permName, PERMISSION_GRANT_REQUEST_RESULT_REPORTED__RESULT__AUTO_DENIED); } break; default: { if (group.areRuntimePermissionsGranted()) { - group.grantRuntimePermissions(false, new String[]{permission}); + group.grantRuntimePermissions(false, new String[]{permName}); state.mState = GroupState.STATE_ALLOWED; skipGroup = true; - reportRequestResult(permission, + reportRequestResult(permName, PERMISSION_GRANT_REQUEST_RESULT_REPORTED__RESULT__AUTO_GRANTED); } } break; diff --git a/src/com/android/packageinstaller/permission/ui/TEST_MAPPING b/src/com/android/packageinstaller/permission/ui/TEST_MAPPING index 08c33b46..4ab861f0 100644 --- a/src/com/android/packageinstaller/permission/ui/TEST_MAPPING +++ b/src/com/android/packageinstaller/permission/ui/TEST_MAPPING @@ -7,6 +7,32 @@ "include-filter": "android.appsecurity.cts.PermissionsHostTest" } ] + }, + { + "name": "CtsDevicePolicyManagerTestCases", + "options": [ + { + "include-filter": "com.android.cts.devicepolicy.MixedManagedProfileOwnerTest#testPermissionGrantOfDisallowedPermissionWhileOtherPermIsGranted" + }, + { + "include-filter": "com.android.cts.devicepolicy.MixedManagedProfileOwnerTest#testPermissionGrant" + }, + { + "include-filter": "com.android.cts.devicepolicy.MixedManagedProfileOwnerTest#testPermissionPolicy" + }, + { + "include-filter": "com.android.cts.devicepolicy.MixedManagedProfileOwnerTest#testPermissionMixedPolicies" + }, + { + "include-filter": "com.android.cts.devicepolicy.MixedManagedProfileOwnerTest#testPermissionAppUpdate" + }, + { + "include-filter": "com.android.cts.devicepolicy.MixedManagedProfileOwnerTest#testPermissionGrantPreMApp" + }, + { + "include-filter": "com.android.cts.devicepolicy.MixedManagedProfileOwnerTestApi25#testPermissionGrantPreMApp" + } + ] } ] }
\ No newline at end of file |