summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorJiao Yuan <yuanjiao@codeaurora.org>2016-06-07 16:23:24 +0800
committerLinux Build Service Account <lnxbuild@localhost>2016-08-24 08:11:38 -0600
commitc48dd8c1686dc0631dad5b90295e79a3f1ef63c8 (patch)
treef7f4a76278192c8351006ce576873d24b8e463d1 /src
parent064d188792203b6d62337101be73c9c998f9e69d (diff)
downloadandroid_packages_apps_PackageInstaller-c48dd8c1686dc0631dad5b90295e79a3f1ef63c8.tar.gz
android_packages_apps_PackageInstaller-c48dd8c1686dc0631dad5b90295e79a3f1ef63c8.tar.bz2
android_packages_apps_PackageInstaller-c48dd8c1686dc0631dad5b90295e79a3f1ef63c8.zip
PackageInstaller: Enable permission control
Enable permission control for each permission. Change-Id: Id045e432536233f0924cc7497a5dd528066da701
Diffstat (limited to 'src')
-rwxr-xr-x[-rw-r--r--]src/com/android/packageinstaller/permission/model/AppPermissionGroup.java5
-rwxr-xr-x[-rw-r--r--]src/com/android/packageinstaller/permission/ui/GrantPermissionsActivity.java180
-rwxr-xr-x[-rw-r--r--]src/com/android/packageinstaller/permission/ui/handheld/AppPermissionsFragment.java92
-rwxr-xr-x[-rw-r--r--]src/com/android/packageinstaller/permission/ui/handheld/GrantPermissionsViewHandlerImpl.java10
4 files changed, 235 insertions, 52 deletions
diff --git a/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java b/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java
index a6601165..2bdae425 100644..100755
--- a/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java
+++ b/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java
@@ -26,6 +26,7 @@ import android.content.pm.PermissionGroupInfo;
import android.content.pm.PermissionInfo;
import android.os.Build;
import android.os.Process;
+import android.os.SystemProperties;
import android.os.UserHandle;
import android.util.ArrayMap;
@@ -578,6 +579,10 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup>
return false;
}
+ public static boolean isStrictOpEnable() {
+ return SystemProperties.getBoolean("persist.sys.strict_op_enable", false);
+ }
+
@Override
public int compareTo(AppPermissionGroup another) {
final int result = mLabel.toString().compareTo(another.mLabel.toString());
diff --git a/src/com/android/packageinstaller/permission/ui/GrantPermissionsActivity.java b/src/com/android/packageinstaller/permission/ui/GrantPermissionsActivity.java
index 4ee76a18..97de80ee 100644..100755
--- a/src/com/android/packageinstaller/permission/ui/GrantPermissionsActivity.java
+++ b/src/com/android/packageinstaller/permission/ui/GrantPermissionsActivity.java
@@ -61,6 +61,7 @@ public class GrantPermissionsActivity extends OverlayTouchActivity
private int[] mGrantResults;
private LinkedHashMap<String, GroupState> mRequestGrantPermissionGroups = new LinkedHashMap<>();
+ private LinkedHashMap<String, ItemState> mRequestGrantPermissionItems = new LinkedHashMap<>();
private GrantPermissionsViewHandler mViewHandler;
private AppPermissions mAppPermissions;
@@ -142,48 +143,70 @@ public class GrantPermissionsActivity extends OverlayTouchActivity
}
// We allow the user to choose only non-fixed permissions. A permission
// is fixed either by device policy or the user denying with prejudice.
- if (!group.isUserFixed() && !group.isPolicyFixed()) {
- switch (permissionPolicy) {
- case DevicePolicyManager.PERMISSION_POLICY_AUTO_GRANT: {
- if (!group.areRuntimePermissionsGranted()) {
- group.grantRuntimePermissions(false);
- }
- group.setPolicyFixed();
- } break;
-
- case DevicePolicyManager.PERMISSION_POLICY_AUTO_DENY: {
- if (group.areRuntimePermissionsGranted()) {
- group.revokeRuntimePermissions(false);
- }
- group.setPolicyFixed();
- } break;
-
- default: {
- if (!group.areRuntimePermissionsGranted()) {
- mRequestGrantPermissionGroups.put(group.getName(),
- new GroupState(group));
- } else {
- group.grantRuntimePermissions(false);
- updateGrantResults(group);
- }
- } break;
+ if (!AppPermissionGroup.isStrictOpEnable()) {
+ if (!group.isUserFixed() && !group.isPolicyFixed()) {
+ switch (permissionPolicy) {
+ case DevicePolicyManager.PERMISSION_POLICY_AUTO_GRANT: {
+ if (!group.areRuntimePermissionsGranted()) {
+ group.grantRuntimePermissions(false);
+ }
+ group.setPolicyFixed();
+ } break;
+
+ case DevicePolicyManager.PERMISSION_POLICY_AUTO_DENY: {
+ if (group.areRuntimePermissionsGranted()) {
+ group.revokeRuntimePermissions(false);
+ }
+ group.setPolicyFixed();
+ } break;
+
+ default: {
+ if (!group.areRuntimePermissionsGranted()) {
+ mRequestGrantPermissionGroups.put(group.getName(),
+ new GroupState(group));
+ } else {
+ group.grantRuntimePermissions(false);
+ updateGrantResults(group);
+ }
+ } break;
+ }
+ } else {
+ // if the permission is fixed, ensure that we return the right request result
+ updateGrantResults(group);
}
- } else {
- // if the permission is fixed, ensure that we return the right request result
- updateGrantResults(group);
}
}
+ if (AppPermissionGroup.isStrictOpEnable()) {
+ for (String permName : mRequestedPermissions) {
+ PermissionInfo permissionInfo;
+ AppPermissionGroup permAppGroup;
+ try {
+ permissionInfo = this.getPackageManager().getPermissionInfo(permName, 0);
+ permAppGroup = mAppPermissions.getPermissionGroup(permissionInfo.group);
+ } catch (PackageManager.NameNotFoundException e) {
+ continue;
+ }
+ mRequestGrantPermissionItems.put(
+ permName, new ItemState(permAppGroup, permissionInfo, permName));
+ }
+ }
setContentView(mViewHandler.createView());
Window window = getWindow();
WindowManager.LayoutParams layoutParams = window.getAttributes();
mViewHandler.updateWindowAttributes(layoutParams);
window.setAttributes(layoutParams);
-
- if (!showNextPermissionGroupGrantRequest()) {
- setResultAndFinish();
+ if (AppPermissionGroup.isStrictOpEnable()) {
+ if (!showNextPermissionItemGrantRequest()) {
+ setResultAndFinish();
+ }
+ } else {
+ if (!showNextPermissionGroupGrantRequest()) {
+ setResultAndFinish();
+ }
}
+
}
@Override
@@ -255,25 +278,80 @@ public class GrantPermissionsActivity extends OverlayTouchActivity
currentIndex++;
}
+ return false;
+ }
+ private boolean showNextPermissionItemGrantRequest() {
+ final int itemCount = mRequestGrantPermissionItems.size();
+ int currentIndex = 0;
+ for (ItemState permState : mRequestGrantPermissionItems.values()) {
+ if (permState.mState == ItemState.STATE_UNKNOWN) {
+ CharSequence appLabel = mAppPermissions.getAppLabel();
+ Spanned message = Html.fromHtml(getString(R.string.permission_warning_template,
+ appLabel, permState.mItem.loadLabel(this.getPackageManager())), 0);
+ // Set the permission message as the title so it can be announced.
+ setTitle(message);
+
+ // Set the new grant view
+ // TODO: Use a real message for the action. We need group action APIs
+ AppPermissionGroup permGroup = mAppPermissions.getPermissionGroup(
+ permState.mItem.group);
+ Resources resources;
+ try {
+ resources = getPackageManager().getResourcesForApplication(
+ permGroup.getIconPkg());
+ } catch (NameNotFoundException e) {
+ // Fallback to system.
+ Log.w(LOG_TAG, "Can't get resources", e);
+ resources = Resources.getSystem();
+ }
+ int icon = permGroup.getIconResId();
+ mViewHandler.updateUi(permState.mPermName, itemCount, currentIndex, ///updateUi
+ Icon.createWithResource(resources, icon), message,
+ true);
+ return true;
+ }
+
+ currentIndex++;
+ }
return false;
}
@Override
public void onPermissionGrantResult(String name, boolean granted, boolean doNotAskAgain) {
- GroupState groupState = mRequestGrantPermissionGroups.get(name);
- if (groupState.mGroup != null) {
- if (granted) {
- groupState.mGroup.grantRuntimePermissions(doNotAskAgain);
- groupState.mState = GroupState.STATE_ALLOWED;
- } else {
- groupState.mGroup.revokeRuntimePermissions(doNotAskAgain);
- groupState.mState = GroupState.STATE_DENIED;
+ if (AppPermissionGroup.isStrictOpEnable()) {
+ ItemState permItemState = mRequestGrantPermissionItems.get(name);
+ final String[] filterPermissions = new String[]{name};
+ if (permItemState.mGroup != null) {
+ Log.i(LOG_TAG, "onPermissionGrantResult permItemState.mGroup != null ");
+ if (granted) {
+ permItemState.mGroup.grantRuntimePermissions(doNotAskAgain, filterPermissions);
+ permItemState.mState = ItemState.STATE_ALLOWED;
+ } else {
+ permItemState.mGroup.revokeRuntimePermissions(doNotAskAgain, filterPermissions);
+ permItemState.mState = ItemState.STATE_DENIED;
+ }
+ updateGrantResults(permItemState.mGroup);
+ }
+
+ if (!showNextPermissionItemGrantRequest()) {
+ setResultAndFinish();
+ }
+ } else {
+ GroupState groupState = mRequestGrantPermissionGroups.get(name);
+ if (groupState.mGroup != null) {
+ if (granted) {
+ groupState.mGroup.grantRuntimePermissions(doNotAskAgain);
+ groupState.mState = GroupState.STATE_ALLOWED;
+ } else {
+ groupState.mGroup.revokeRuntimePermissions(doNotAskAgain);
+ groupState.mState = GroupState.STATE_DENIED;
+ }
+ updateGrantResults(groupState.mGroup);
+ }
+ if (!showNextPermissionGroupGrantRequest()) {
+ setResultAndFinish();
}
- updateGrantResults(groupState.mGroup);
- }
- if (!showNextPermissionGroupGrantRequest()) {
- setResultAndFinish();
}
}
@@ -407,4 +485,20 @@ public class GrantPermissionsActivity extends OverlayTouchActivity
mGroup = group;
}
}
+
+ private static final class ItemState {
+ static final int STATE_UNKNOWN = 0;
+ static final int STATE_ALLOWED = 1;
+ static final int STATE_DENIED = 2;
+
+ final PermissionInfo mItem;
+ int mState = STATE_UNKNOWN;
+ String mPermName;
+ final AppPermissionGroup mGroup;
+ ItemState(AppPermissionGroup group, PermissionInfo item, String itemId) {
+ mItem = item;
+ mPermName = itemId;
+ mGroup = group;
+ }
+ }
}
diff --git a/src/com/android/packageinstaller/permission/ui/handheld/AppPermissionsFragment.java b/src/com/android/packageinstaller/permission/ui/handheld/AppPermissionsFragment.java
index 422fb124..b8309fd9 100644..100755
--- a/src/com/android/packageinstaller/permission/ui/handheld/AppPermissionsFragment.java
+++ b/src/com/android/packageinstaller/permission/ui/handheld/AppPermissionsFragment.java
@@ -27,6 +27,8 @@ import android.content.Intent;
import android.content.pm.ApplicationInfo;
import android.content.pm.PackageInfo;
import android.content.pm.PackageManager;
+import android.content.pm.PackageManager.NameNotFoundException;
+import android.content.pm.PermissionInfo;
import android.graphics.drawable.Drawable;
import android.net.Uri;
import android.os.Bundle;
@@ -48,6 +50,7 @@ import android.widget.Toast;
import com.android.packageinstaller.R;
import com.android.packageinstaller.permission.model.AppPermissionGroup;
import com.android.packageinstaller.permission.model.AppPermissions;
+import com.android.packageinstaller.permission.model.Permission;
import com.android.packageinstaller.permission.utils.LocationUtils;
import com.android.packageinstaller.permission.utils.SafetyNetLogger;
import com.android.packageinstaller.permission.utils.Utils;
@@ -73,6 +76,7 @@ public final class AppPermissionsFragment extends SettingsWithHeader
private PreferenceScreen mExtraScreen;
private boolean mHasConfirmedRevoke;
+ String mPackageName;
public static AppPermissionsFragment newInstance(String packageName) {
return setPackageName(new AppPermissionsFragment(), packageName);
@@ -95,9 +99,9 @@ public final class AppPermissionsFragment extends SettingsWithHeader
ab.setDisplayHomeAsUpEnabled(true);
}
- String packageName = getArguments().getString(Intent.EXTRA_PACKAGE_NAME);
+ mPackageName = getArguments().getString(Intent.EXTRA_PACKAGE_NAME);
Activity activity = getActivity();
- PackageInfo packageInfo = getPackageInfo(activity, packageName);
+ PackageInfo packageInfo = getPackageInfo(activity, mPackageName);
if (packageInfo == null) {
Toast.makeText(activity, R.string.app_not_found_dlg_title, Toast.LENGTH_LONG).show();
activity.finish();
@@ -237,6 +241,32 @@ public final class AppPermissionsFragment extends SettingsWithHeader
}
mExtraScreen.addPreference(preference);
}
+ if (AppPermissionGroup.isStrictOpEnable()) {
+ try {
+ PackageManager pm = context.getPackageManager();
+ for (Permission permission : group.getPermissions()) {
+ PermissionInfo perm = pm.getPermissionInfo(permission.getName(), 0);
+ final String[] filterPermissions = new String[]{permission.getName()};
+
+ if (perm.protectionLevel == PermissionInfo.PROTECTION_DANGEROUS) {
+ SwitchPreference preference_permission = new SwitchPreference(context);
+ preference_permission.setOnPreferenceChangeListener(this);
+ preference_permission.setKey(permission.getName());
+ preference_permission.setTitle(perm.loadLabel(pm));
+ preference_permission.setPersistent(false);
+ preference_permission.setEnabled(true);
+ AppPermissionGroup permissionGroup = getPermisssionGroup(perm.group);
+ preference_permission.setChecked(
+ permissionGroup.areRuntimePermissionsGranted(filterPermissions));
+ screen.addPreference(preference_permission);
+ } else if (perm.protectionLevel == PermissionInfo.PROTECTION_NORMAL) {
+ continue;
+ }
+ }
+ } catch (NameNotFoundException e) {
+ Log.e(LOG_TAG, "Problem getting package info for " + mPackageName, e);
+ }
+ }
}
if (mExtraScreen != null) {
@@ -262,12 +292,62 @@ public final class AppPermissionsFragment extends SettingsWithHeader
setLoading(false /* loading */, true /* animate */);
}
+ private AppPermissionGroup getPermisssionGroup(String group) {
+ for (AppPermissionGroup mGroup : mAppPermissions.getPermissionGroups()) {
+ if (group.equals(mGroup.getName())) {
+ return mGroup;
+ }
+ }
+ return null;
+ }
+
+ private void updateEveryPermissionPreference(AppPermissionGroup group) {
+ PackageManager pm = getContext().getPackageManager();
+ PreferenceScreen screen = getPreferenceScreen();
+ for (Permission permission : group.getPermissions()) {
+ Preference permission_preference
+ = screen.findPreference((CharSequence) permission.getName());
+ try {
+ PermissionInfo permInfo = pm.getPermissionInfo(permission.getName(), 0);
+ AppPermissionGroup permissionGroup = getPermisssionGroup(permInfo.group);
+ final String[] filterPermissions = new String[]{permission.getName()};
+ ((SwitchPreference) permission_preference).setChecked(
+ permissionGroup.areRuntimePermissionsGranted(filterPermissions));
+ } catch (NameNotFoundException e) {
+ Log.e(LOG_TAG, "Failed to update permission_preference", e);
+ }
+ }
+ }
+
@Override
public boolean onPreferenceChange(final Preference preference, Object newValue) {
- String groupName = preference.getKey();
- final AppPermissionGroup group = mAppPermissions.getPermissionGroup(groupName);
+ String key = preference.getKey();
+ final String[] filterPermissions = new String[]{key};
+ final AppPermissionGroup group = mAppPermissions.getPermissionGroup(key);
+ PackageManager pm = getContext().getPackageManager();
if (group == null) {
+ if (AppPermissionGroup.isStrictOpEnable()) {
+ try {
+ PermissionInfo permInfo = pm.getPermissionInfo(key, 0);
+ final AppPermissionGroup title_group
+ = mAppPermissions.getPermissionGroup(permInfo.group);
+ if (newValue == Boolean.TRUE) {
+ title_group.grantRuntimePermissions(false, filterPermissions);
+ } else {
+ title_group.revokeRuntimePermissions(false, filterPermissions);
+ }
+ //group preferene update
+ PreferenceScreen screen = getPreferenceScreen();
+ Preference group_preference = screen.findPreference((CharSequence) permInfo.group);
+ AppPermissionGroup permissionGroup = getPermisssionGroup(permInfo.group);
+ ((SwitchPreference) group_preference).setChecked(
+ permissionGroup.areRuntimePermissionsGranted());
+ ((SwitchPreference)preference).setChecked(permissionGroup.areRuntimePermissionsGranted(filterPermissions));
+ } catch (NameNotFoundException e) {
+ Log.e(LOG_TAG, "Problem getting package info for ", e);
+ }
+ }
return false;
}
@@ -279,6 +359,7 @@ public final class AppPermissionsFragment extends SettingsWithHeader
}
if (newValue == Boolean.TRUE) {
group.grantRuntimePermissions(false);
+ updateEveryPermissionPreference(group);
} else {
final boolean grantedByDefault = group.hasGrantedByDefaultPermission();
if (grantedByDefault || (!group.hasRuntimePermission() && !mHasConfirmedRevoke)) {
@@ -292,6 +373,7 @@ public final class AppPermissionsFragment extends SettingsWithHeader
public void onClick(DialogInterface dialog, int which) {
((SwitchPreference) preference).setChecked(false);
group.revokeRuntimePermissions(false);
+ updateEveryPermissionPreference(group);
if (!grantedByDefault) {
mHasConfirmedRevoke = true;
}
@@ -301,9 +383,9 @@ public final class AppPermissionsFragment extends SettingsWithHeader
return false;
} else {
group.revokeRuntimePermissions(false);
+ updateEveryPermissionPreference(group);
}
}
-
return true;
}
diff --git a/src/com/android/packageinstaller/permission/ui/handheld/GrantPermissionsViewHandlerImpl.java b/src/com/android/packageinstaller/permission/ui/handheld/GrantPermissionsViewHandlerImpl.java
index f2b0912d..3d677d63 100644..100755
--- a/src/com/android/packageinstaller/permission/ui/handheld/GrantPermissionsViewHandlerImpl.java
+++ b/src/com/android/packageinstaller/permission/ui/handheld/GrantPermissionsViewHandlerImpl.java
@@ -35,6 +35,7 @@ import com.android.packageinstaller.R;
import com.android.packageinstaller.permission.ui.ButtonBarLayout;
import com.android.packageinstaller.permission.ui.GrantPermissionsViewHandler;
import com.android.packageinstaller.permission.ui.ManualLayoutFrame;
+import com.android.packageinstaller.permission.model.AppPermissionGroup;
public final class GrantPermissionsViewHandlerImpl
implements GrantPermissionsViewHandler, OnClickListener {
@@ -313,7 +314,7 @@ public final class GrantPermissionsViewHandlerImpl
}
private void updateDoNotAskCheckBox() {
- if (mShowDonNotAsk) {
+ if (!mShowDonNotAsk) {
mDoNotAskCheckbox.setVisibility(View.VISIBLE);
mDoNotAskCheckbox.setOnClickListener(this);
mDoNotAskCheckbox.setChecked(mDoNotAskChecked);
@@ -329,7 +330,8 @@ public final class GrantPermissionsViewHandlerImpl
case R.id.permission_allow_button:
if (mResultListener != null) {
view.clearAccessibilityFocus();
- mResultListener.onPermissionGrantResult(mGroupName, true, false);
+ mResultListener.onPermissionGrantResult(
+ mGroupName, true, AppPermissionGroup.isStrictOpEnable()? false: mDoNotAskCheckbox.isChecked());
}
break;
case R.id.permission_deny_button:
@@ -337,11 +339,11 @@ public final class GrantPermissionsViewHandlerImpl
if (mResultListener != null) {
view.clearAccessibilityFocus();
mResultListener.onPermissionGrantResult(mGroupName, false,
- mDoNotAskCheckbox.isChecked());
+ AppPermissionGroup.isStrictOpEnable()? false: mDoNotAskCheckbox.isChecked());
}
break;
case R.id.do_not_ask_checkbox:
- mAllowButton.setEnabled(!mDoNotAskCheckbox.isChecked());
+ //mAllowButton.setEnabled(!mDoNotAskCheckbox.isChecked());
break;
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-26 04:27:17 +0000