diff options
author | Jiao Yuan <yuanjiao@codeaurora.org> | 2016-06-07 16:23:24 +0800 |
---|---|---|
committer | Linux Build Service Account <lnxbuild@localhost> | 2016-08-24 08:11:38 -0600 |
commit | c48dd8c1686dc0631dad5b90295e79a3f1ef63c8 (patch) | |
tree | f7f4a76278192c8351006ce576873d24b8e463d1 /src | |
parent | 064d188792203b6d62337101be73c9c998f9e69d (diff) | |
download | android_packages_apps_PackageInstaller-c48dd8c1686dc0631dad5b90295e79a3f1ef63c8.tar.gz android_packages_apps_PackageInstaller-c48dd8c1686dc0631dad5b90295e79a3f1ef63c8.tar.bz2 android_packages_apps_PackageInstaller-c48dd8c1686dc0631dad5b90295e79a3f1ef63c8.zip |
PackageInstaller: Enable permission control
Enable permission control for each permission.
Change-Id: Id045e432536233f0924cc7497a5dd528066da701
Diffstat (limited to 'src')
-rwxr-xr-x[-rw-r--r--] | src/com/android/packageinstaller/permission/model/AppPermissionGroup.java | 5 | ||||
-rwxr-xr-x[-rw-r--r--] | src/com/android/packageinstaller/permission/ui/GrantPermissionsActivity.java | 180 | ||||
-rwxr-xr-x[-rw-r--r--] | src/com/android/packageinstaller/permission/ui/handheld/AppPermissionsFragment.java | 92 | ||||
-rwxr-xr-x[-rw-r--r--] | src/com/android/packageinstaller/permission/ui/handheld/GrantPermissionsViewHandlerImpl.java | 10 |
4 files changed, 235 insertions, 52 deletions
diff --git a/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java b/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java index a6601165..2bdae425 100644..100755 --- a/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java +++ b/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java @@ -26,6 +26,7 @@ import android.content.pm.PermissionGroupInfo; import android.content.pm.PermissionInfo; import android.os.Build; import android.os.Process; +import android.os.SystemProperties; import android.os.UserHandle; import android.util.ArrayMap; @@ -578,6 +579,10 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup> return false; } + public static boolean isStrictOpEnable() { + return SystemProperties.getBoolean("persist.sys.strict_op_enable", false); + } + @Override public int compareTo(AppPermissionGroup another) { final int result = mLabel.toString().compareTo(another.mLabel.toString()); diff --git a/src/com/android/packageinstaller/permission/ui/GrantPermissionsActivity.java b/src/com/android/packageinstaller/permission/ui/GrantPermissionsActivity.java index 4ee76a18..97de80ee 100644..100755 --- a/src/com/android/packageinstaller/permission/ui/GrantPermissionsActivity.java +++ b/src/com/android/packageinstaller/permission/ui/GrantPermissionsActivity.java @@ -61,6 +61,7 @@ public class GrantPermissionsActivity extends OverlayTouchActivity private int[] mGrantResults; private LinkedHashMap<String, GroupState> mRequestGrantPermissionGroups = new LinkedHashMap<>(); + private LinkedHashMap<String, ItemState> mRequestGrantPermissionItems = new LinkedHashMap<>(); private GrantPermissionsViewHandler mViewHandler; private AppPermissions mAppPermissions; @@ -142,48 +143,70 @@ public class GrantPermissionsActivity extends OverlayTouchActivity } // We allow the user to choose only non-fixed permissions. A permission // is fixed either by device policy or the user denying with prejudice. - if (!group.isUserFixed() && !group.isPolicyFixed()) { - switch (permissionPolicy) { - case DevicePolicyManager.PERMISSION_POLICY_AUTO_GRANT: { - if (!group.areRuntimePermissionsGranted()) { - group.grantRuntimePermissions(false); - } - group.setPolicyFixed(); - } break; - - case DevicePolicyManager.PERMISSION_POLICY_AUTO_DENY: { - if (group.areRuntimePermissionsGranted()) { - group.revokeRuntimePermissions(false); - } - group.setPolicyFixed(); - } break; - - default: { - if (!group.areRuntimePermissionsGranted()) { - mRequestGrantPermissionGroups.put(group.getName(), - new GroupState(group)); - } else { - group.grantRuntimePermissions(false); - updateGrantResults(group); - } - } break; + if (!AppPermissionGroup.isStrictOpEnable()) { + if (!group.isUserFixed() && !group.isPolicyFixed()) { + switch (permissionPolicy) { + case DevicePolicyManager.PERMISSION_POLICY_AUTO_GRANT: { + if (!group.areRuntimePermissionsGranted()) { + group.grantRuntimePermissions(false); + } + group.setPolicyFixed(); + } break; + + case DevicePolicyManager.PERMISSION_POLICY_AUTO_DENY: { + if (group.areRuntimePermissionsGranted()) { + group.revokeRuntimePermissions(false); + } + group.setPolicyFixed(); + } break; + + default: { + if (!group.areRuntimePermissionsGranted()) { + mRequestGrantPermissionGroups.put(group.getName(), + new GroupState(group)); + } else { + group.grantRuntimePermissions(false); + updateGrantResults(group); + } + } break; + } + } else { + // if the permission is fixed, ensure that we return the right request result + updateGrantResults(group); } - } else { - // if the permission is fixed, ensure that we return the right request result - updateGrantResults(group); } } + if (AppPermissionGroup.isStrictOpEnable()) { + for (String permName : mRequestedPermissions) { + PermissionInfo permissionInfo; + AppPermissionGroup permAppGroup; + try { + permissionInfo = this.getPackageManager().getPermissionInfo(permName, 0); + permAppGroup = mAppPermissions.getPermissionGroup(permissionInfo.group); + } catch (PackageManager.NameNotFoundException e) { + continue; + } + mRequestGrantPermissionItems.put( + permName, new ItemState(permAppGroup, permissionInfo, permName)); + } + } setContentView(mViewHandler.createView()); Window window = getWindow(); WindowManager.LayoutParams layoutParams = window.getAttributes(); mViewHandler.updateWindowAttributes(layoutParams); window.setAttributes(layoutParams); - - if (!showNextPermissionGroupGrantRequest()) { - setResultAndFinish(); + if (AppPermissionGroup.isStrictOpEnable()) { + if (!showNextPermissionItemGrantRequest()) { + setResultAndFinish(); + } + } else { + if (!showNextPermissionGroupGrantRequest()) { + setResultAndFinish(); + } } + } @Override @@ -255,25 +278,80 @@ public class GrantPermissionsActivity extends OverlayTouchActivity currentIndex++; } + return false; + } + private boolean showNextPermissionItemGrantRequest() { + final int itemCount = mRequestGrantPermissionItems.size(); + int currentIndex = 0; + for (ItemState permState : mRequestGrantPermissionItems.values()) { + if (permState.mState == ItemState.STATE_UNKNOWN) { + CharSequence appLabel = mAppPermissions.getAppLabel(); + Spanned message = Html.fromHtml(getString(R.string.permission_warning_template, + appLabel, permState.mItem.loadLabel(this.getPackageManager())), 0); + // Set the permission message as the title so it can be announced. + setTitle(message); + + // Set the new grant view + // TODO: Use a real message for the action. We need group action APIs + AppPermissionGroup permGroup = mAppPermissions.getPermissionGroup( + permState.mItem.group); + Resources resources; + try { + resources = getPackageManager().getResourcesForApplication( + permGroup.getIconPkg()); + } catch (NameNotFoundException e) { + // Fallback to system. + Log.w(LOG_TAG, "Can't get resources", e); + resources = Resources.getSystem(); + } + int icon = permGroup.getIconResId(); + mViewHandler.updateUi(permState.mPermName, itemCount, currentIndex, ///updateUi + Icon.createWithResource(resources, icon), message, + true); + return true; + } + + currentIndex++; + } return false; } @Override public void onPermissionGrantResult(String name, boolean granted, boolean doNotAskAgain) { - GroupState groupState = mRequestGrantPermissionGroups.get(name); - if (groupState.mGroup != null) { - if (granted) { - groupState.mGroup.grantRuntimePermissions(doNotAskAgain); - groupState.mState = GroupState.STATE_ALLOWED; - } else { - groupState.mGroup.revokeRuntimePermissions(doNotAskAgain); - groupState.mState = GroupState.STATE_DENIED; + if (AppPermissionGroup.isStrictOpEnable()) { + ItemState permItemState = mRequestGrantPermissionItems.get(name); + final String[] filterPermissions = new String[]{name}; + if (permItemState.mGroup != null) { + Log.i(LOG_TAG, "onPermissionGrantResult permItemState.mGroup != null "); + if (granted) { + permItemState.mGroup.grantRuntimePermissions(doNotAskAgain, filterPermissions); + permItemState.mState = ItemState.STATE_ALLOWED; + } else { + permItemState.mGroup.revokeRuntimePermissions(doNotAskAgain, filterPermissions); + permItemState.mState = ItemState.STATE_DENIED; + } + updateGrantResults(permItemState.mGroup); + } + + if (!showNextPermissionItemGrantRequest()) { + setResultAndFinish(); + } + } else { + GroupState groupState = mRequestGrantPermissionGroups.get(name); + if (groupState.mGroup != null) { + if (granted) { + groupState.mGroup.grantRuntimePermissions(doNotAskAgain); + groupState.mState = GroupState.STATE_ALLOWED; + } else { + groupState.mGroup.revokeRuntimePermissions(doNotAskAgain); + groupState.mState = GroupState.STATE_DENIED; + } + updateGrantResults(groupState.mGroup); + } + if (!showNextPermissionGroupGrantRequest()) { + setResultAndFinish(); } - updateGrantResults(groupState.mGroup); - } - if (!showNextPermissionGroupGrantRequest()) { - setResultAndFinish(); } } @@ -407,4 +485,20 @@ public class GrantPermissionsActivity extends OverlayTouchActivity mGroup = group; } } + + private static final class ItemState { + static final int STATE_UNKNOWN = 0; + static final int STATE_ALLOWED = 1; + static final int STATE_DENIED = 2; + + final PermissionInfo mItem; + int mState = STATE_UNKNOWN; + String mPermName; + final AppPermissionGroup mGroup; + ItemState(AppPermissionGroup group, PermissionInfo item, String itemId) { + mItem = item; + mPermName = itemId; + mGroup = group; + } + } } diff --git a/src/com/android/packageinstaller/permission/ui/handheld/AppPermissionsFragment.java b/src/com/android/packageinstaller/permission/ui/handheld/AppPermissionsFragment.java index 422fb124..b8309fd9 100644..100755 --- a/src/com/android/packageinstaller/permission/ui/handheld/AppPermissionsFragment.java +++ b/src/com/android/packageinstaller/permission/ui/handheld/AppPermissionsFragment.java @@ -27,6 +27,8 @@ import android.content.Intent; import android.content.pm.ApplicationInfo; import android.content.pm.PackageInfo; import android.content.pm.PackageManager; +import android.content.pm.PackageManager.NameNotFoundException; +import android.content.pm.PermissionInfo; import android.graphics.drawable.Drawable; import android.net.Uri; import android.os.Bundle; @@ -48,6 +50,7 @@ import android.widget.Toast; import com.android.packageinstaller.R; import com.android.packageinstaller.permission.model.AppPermissionGroup; import com.android.packageinstaller.permission.model.AppPermissions; +import com.android.packageinstaller.permission.model.Permission; import com.android.packageinstaller.permission.utils.LocationUtils; import com.android.packageinstaller.permission.utils.SafetyNetLogger; import com.android.packageinstaller.permission.utils.Utils; @@ -73,6 +76,7 @@ public final class AppPermissionsFragment extends SettingsWithHeader private PreferenceScreen mExtraScreen; private boolean mHasConfirmedRevoke; + String mPackageName; public static AppPermissionsFragment newInstance(String packageName) { return setPackageName(new AppPermissionsFragment(), packageName); @@ -95,9 +99,9 @@ public final class AppPermissionsFragment extends SettingsWithHeader ab.setDisplayHomeAsUpEnabled(true); } - String packageName = getArguments().getString(Intent.EXTRA_PACKAGE_NAME); + mPackageName = getArguments().getString(Intent.EXTRA_PACKAGE_NAME); Activity activity = getActivity(); - PackageInfo packageInfo = getPackageInfo(activity, packageName); + PackageInfo packageInfo = getPackageInfo(activity, mPackageName); if (packageInfo == null) { Toast.makeText(activity, R.string.app_not_found_dlg_title, Toast.LENGTH_LONG).show(); activity.finish(); @@ -237,6 +241,32 @@ public final class AppPermissionsFragment extends SettingsWithHeader } mExtraScreen.addPreference(preference); } + if (AppPermissionGroup.isStrictOpEnable()) { + try { + PackageManager pm = context.getPackageManager(); + for (Permission permission : group.getPermissions()) { + PermissionInfo perm = pm.getPermissionInfo(permission.getName(), 0); + final String[] filterPermissions = new String[]{permission.getName()}; + + if (perm.protectionLevel == PermissionInfo.PROTECTION_DANGEROUS) { + SwitchPreference preference_permission = new SwitchPreference(context); + preference_permission.setOnPreferenceChangeListener(this); + preference_permission.setKey(permission.getName()); + preference_permission.setTitle(perm.loadLabel(pm)); + preference_permission.setPersistent(false); + preference_permission.setEnabled(true); + AppPermissionGroup permissionGroup = getPermisssionGroup(perm.group); + preference_permission.setChecked( + permissionGroup.areRuntimePermissionsGranted(filterPermissions)); + screen.addPreference(preference_permission); + } else if (perm.protectionLevel == PermissionInfo.PROTECTION_NORMAL) { + continue; + } + } + } catch (NameNotFoundException e) { + Log.e(LOG_TAG, "Problem getting package info for " + mPackageName, e); + } + } } if (mExtraScreen != null) { @@ -262,12 +292,62 @@ public final class AppPermissionsFragment extends SettingsWithHeader setLoading(false /* loading */, true /* animate */); } + private AppPermissionGroup getPermisssionGroup(String group) { + for (AppPermissionGroup mGroup : mAppPermissions.getPermissionGroups()) { + if (group.equals(mGroup.getName())) { + return mGroup; + } + } + return null; + } + + private void updateEveryPermissionPreference(AppPermissionGroup group) { + PackageManager pm = getContext().getPackageManager(); + PreferenceScreen screen = getPreferenceScreen(); + for (Permission permission : group.getPermissions()) { + Preference permission_preference + = screen.findPreference((CharSequence) permission.getName()); + try { + PermissionInfo permInfo = pm.getPermissionInfo(permission.getName(), 0); + AppPermissionGroup permissionGroup = getPermisssionGroup(permInfo.group); + final String[] filterPermissions = new String[]{permission.getName()}; + ((SwitchPreference) permission_preference).setChecked( + permissionGroup.areRuntimePermissionsGranted(filterPermissions)); + } catch (NameNotFoundException e) { + Log.e(LOG_TAG, "Failed to update permission_preference", e); + } + } + } + @Override public boolean onPreferenceChange(final Preference preference, Object newValue) { - String groupName = preference.getKey(); - final AppPermissionGroup group = mAppPermissions.getPermissionGroup(groupName); + String key = preference.getKey(); + final String[] filterPermissions = new String[]{key}; + final AppPermissionGroup group = mAppPermissions.getPermissionGroup(key); + PackageManager pm = getContext().getPackageManager(); if (group == null) { + if (AppPermissionGroup.isStrictOpEnable()) { + try { + PermissionInfo permInfo = pm.getPermissionInfo(key, 0); + final AppPermissionGroup title_group + = mAppPermissions.getPermissionGroup(permInfo.group); + if (newValue == Boolean.TRUE) { + title_group.grantRuntimePermissions(false, filterPermissions); + } else { + title_group.revokeRuntimePermissions(false, filterPermissions); + } + //group preferene update + PreferenceScreen screen = getPreferenceScreen(); + Preference group_preference = screen.findPreference((CharSequence) permInfo.group); + AppPermissionGroup permissionGroup = getPermisssionGroup(permInfo.group); + ((SwitchPreference) group_preference).setChecked( + permissionGroup.areRuntimePermissionsGranted()); + ((SwitchPreference)preference).setChecked(permissionGroup.areRuntimePermissionsGranted(filterPermissions)); + } catch (NameNotFoundException e) { + Log.e(LOG_TAG, "Problem getting package info for ", e); + } + } return false; } @@ -279,6 +359,7 @@ public final class AppPermissionsFragment extends SettingsWithHeader } if (newValue == Boolean.TRUE) { group.grantRuntimePermissions(false); + updateEveryPermissionPreference(group); } else { final boolean grantedByDefault = group.hasGrantedByDefaultPermission(); if (grantedByDefault || (!group.hasRuntimePermission() && !mHasConfirmedRevoke)) { @@ -292,6 +373,7 @@ public final class AppPermissionsFragment extends SettingsWithHeader public void onClick(DialogInterface dialog, int which) { ((SwitchPreference) preference).setChecked(false); group.revokeRuntimePermissions(false); + updateEveryPermissionPreference(group); if (!grantedByDefault) { mHasConfirmedRevoke = true; } @@ -301,9 +383,9 @@ public final class AppPermissionsFragment extends SettingsWithHeader return false; } else { group.revokeRuntimePermissions(false); + updateEveryPermissionPreference(group); } } - return true; } diff --git a/src/com/android/packageinstaller/permission/ui/handheld/GrantPermissionsViewHandlerImpl.java b/src/com/android/packageinstaller/permission/ui/handheld/GrantPermissionsViewHandlerImpl.java index f2b0912d..3d677d63 100644..100755 --- a/src/com/android/packageinstaller/permission/ui/handheld/GrantPermissionsViewHandlerImpl.java +++ b/src/com/android/packageinstaller/permission/ui/handheld/GrantPermissionsViewHandlerImpl.java @@ -35,6 +35,7 @@ import com.android.packageinstaller.R; import com.android.packageinstaller.permission.ui.ButtonBarLayout; import com.android.packageinstaller.permission.ui.GrantPermissionsViewHandler; import com.android.packageinstaller.permission.ui.ManualLayoutFrame; +import com.android.packageinstaller.permission.model.AppPermissionGroup; public final class GrantPermissionsViewHandlerImpl implements GrantPermissionsViewHandler, OnClickListener { @@ -313,7 +314,7 @@ public final class GrantPermissionsViewHandlerImpl } private void updateDoNotAskCheckBox() { - if (mShowDonNotAsk) { + if (!mShowDonNotAsk) { mDoNotAskCheckbox.setVisibility(View.VISIBLE); mDoNotAskCheckbox.setOnClickListener(this); mDoNotAskCheckbox.setChecked(mDoNotAskChecked); @@ -329,7 +330,8 @@ public final class GrantPermissionsViewHandlerImpl case R.id.permission_allow_button: if (mResultListener != null) { view.clearAccessibilityFocus(); - mResultListener.onPermissionGrantResult(mGroupName, true, false); + mResultListener.onPermissionGrantResult( + mGroupName, true, AppPermissionGroup.isStrictOpEnable()? false: mDoNotAskCheckbox.isChecked()); } break; case R.id.permission_deny_button: @@ -337,11 +339,11 @@ public final class GrantPermissionsViewHandlerImpl if (mResultListener != null) { view.clearAccessibilityFocus(); mResultListener.onPermissionGrantResult(mGroupName, false, - mDoNotAskCheckbox.isChecked()); + AppPermissionGroup.isStrictOpEnable()? false: mDoNotAskCheckbox.isChecked()); } break; case R.id.do_not_ask_checkbox: - mAllowButton.setEnabled(!mDoNotAskCheckbox.isChecked()); + //mAllowButton.setEnabled(!mDoNotAskCheckbox.isChecked()); break; } } |