1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
|
/*
* Copyright (C) 2019 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.android.server.pm.permission;
import android.annotation.AppIdInt;
import android.annotation.NonNull;
import android.annotation.Nullable;
import android.annotation.UserIdInt;
import android.content.pm.PackageManager;
import android.content.pm.PermissionInfo;
import android.permission.PermissionManagerInternal;
import com.android.server.pm.parsing.pkg.AndroidPackage;
import java.util.ArrayList;
import java.util.List;
import java.util.function.Consumer;
/**
* Internal interfaces services.
*
* TODO: Should be merged into PermissionManagerInternal, but currently uses internal classes.
*/
public abstract class PermissionManagerServiceInternal extends PermissionManagerInternal {
/**
* Provider for package names.
*/
public interface PackagesProvider {
/**
* Gets the packages for a given user.
* @param userId The user id.
* @return The package names.
*/
String[] getPackages(int userId);
}
/**
* Provider for package names.
*/
public interface SyncAdapterPackagesProvider {
/**
* Gets the sync adapter packages for given authority and user.
* @param authority The authority.
* @param userId The user id.
* @return The package names.
*/
String[] getPackages(String authority, int userId);
}
/**
* Provider for default browser
*/
public interface DefaultBrowserProvider {
/**
* Get the package name of the default browser.
*
* @param userId the user id
*
* @return the package name of the default browser, or {@code null} if none
*/
@Nullable
String getDefaultBrowser(@UserIdInt int userId);
/**
* Set the package name of the default browser.
*
* @param packageName package name of the default browser, or {@code null} to remove
* @param userId the user id
*
* @return whether the default browser was successfully set.
*/
boolean setDefaultBrowser(@Nullable String packageName, @UserIdInt int userId);
/**
* Set the package name of the default browser asynchronously.
*
* @param packageName package name of the default browser, or {@code null} to remove
* @param userId the user id
*/
void setDefaultBrowserAsync(@Nullable String packageName, @UserIdInt int userId);
}
/**
* Provider for default dialer
*/
public interface DefaultDialerProvider {
/**
* Get the package name of the default dialer.
*
* @param userId the user id
*
* @return the package name of the default dialer, or {@code null} if none
*/
@Nullable
String getDefaultDialer(@UserIdInt int userId);
}
/**
* Provider for default home
*/
public interface DefaultHomeProvider {
/**
* Get the package name of the default home.
*
* @param userId the user id
*
* @return the package name of the default home, or {@code null} if none
*/
@Nullable
String getDefaultHome(@UserIdInt int userId);
/**
* Set the package name of the default home.
*
* @param packageName package name of the default home, or {@code null} to remove
* @param userId the user id
* @param callback the callback made after the default home as been updated
*/
void setDefaultHomeAsync(@Nullable String packageName, @UserIdInt int userId,
@NonNull Consumer<Boolean> callback);
}
/**
* Callbacks invoked when interesting actions have been taken on a permission.
* <p>
* NOTE: The current arguments are merely to support the existing use cases. This
* needs to be properly thought out with appropriate arguments for each of the
* callback methods.
*/
public static class PermissionCallback {
public void onGidsChanged(@AppIdInt int appId, @UserIdInt int userId) {
}
public void onPermissionChanged() {
}
public void onPermissionGranted(int uid, @UserIdInt int userId) {
}
public void onInstallPermissionGranted() {
}
public void onPermissionRevoked(int uid, @UserIdInt int userId, String reason) {
}
public void onInstallPermissionRevoked() {
}
public void onPermissionUpdated(@UserIdInt int[] updatedUserIds, boolean sync) {
}
public void onPermissionUpdatedNotifyListener(@UserIdInt int[] updatedUserIds, boolean sync,
int uid) {
onPermissionUpdated(updatedUserIds, sync);
}
public void onPermissionRemoved() {
}
public void onInstallPermissionUpdated() {
}
public void onInstallPermissionUpdatedNotifyListener(int uid) {
onInstallPermissionUpdated();
}
}
public abstract void systemReady();
public abstract boolean isPermissionsReviewRequired(@NonNull AndroidPackage pkg,
@UserIdInt int userId);
public abstract void grantRequestedRuntimePermissions(
@NonNull AndroidPackage pkg, @NonNull int[] userIds,
@NonNull String[] grantedPermissions, int callingUid);
public abstract void setWhitelistedRestrictedPermissions(
@NonNull AndroidPackage pkg, @NonNull int[] userIds,
@NonNull List<String> permissions, int callingUid,
@PackageManager.PermissionWhitelistFlags int whitelistFlags);
/** Sets the whitelisted, restricted permissions for the given package. */
public abstract void setWhitelistedRestrictedPermissions(
@NonNull String packageName, @NonNull List<String> permissions,
@PackageManager.PermissionWhitelistFlags int flags, int userId);
public abstract void setAutoRevokeWhitelisted(
@NonNull String packageName, boolean whitelisted, int userId);
/**
* Update permissions when a package changed.
*
* <p><ol>
* <li>Reconsider the ownership of permission</li>
* <li>Update the state (grant, flags) of the permissions</li>
* </ol>
*
* @param packageName The package that is updated
* @param pkg The package that is updated, or {@code null} if package is deleted
* @param allPackages All currently known packages
* @param callback Callback to call after permission changes
*/
public abstract void updatePermissions(@NonNull String packageName,
@Nullable AndroidPackage pkg);
/**
* Update all permissions for all apps.
*
* <p><ol>
* <li>Reconsider the ownership of permission</li>
* <li>Update the state (grant, flags) of the permissions</li>
* </ol>
*
* @param volumeUuid The volume of the packages to be updated, {@code null} for all volumes
* @param allPackages All currently known packages
* @param callback Callback to call after permission changes
*/
public abstract void updateAllPermissions(@Nullable String volumeUuid, boolean sdkUpdate);
/**
* Resets any user permission state changes (eg. permissions and flags) of all
* packages installed for the given user.
*
* @see #resetRuntimePermissions(AndroidPackage, int)
*/
public abstract void resetAllRuntimePermissions(@UserIdInt int userId);
/**
* Resets any user permission state changes (eg. permissions and flags) of the
* specified package for the given user.
*/
public abstract void resetRuntimePermissions(@NonNull AndroidPackage pkg,
@UserIdInt int userId);
/**
* We might auto-grant permissions if any permission of the group is already granted. Hence if
* the group of a granted permission changes we need to revoke it to avoid having permissions of
* the new group auto-granted.
*
* @param newPackage The new package that was installed
* @param oldPackage The old package that was updated
* @param allPackageNames All packages
*/
public abstract void revokeRuntimePermissionsIfGroupChanged(
@NonNull AndroidPackage newPackage,
@NonNull AndroidPackage oldPackage,
@NonNull ArrayList<String> allPackageNames);
/**
* Some permissions might have been owned by a non-system package, and the system then defined
* said permission. Some other permissions may one have been install permissions, but are now
* runtime or higher. These permissions should be revoked.
*
* @param permissionsToRevoke A list of permission names to revoke
* @param allPackageNames All packages
*/
public abstract void revokeRuntimePermissionsIfPermissionDefinitionChanged(
@NonNull List<String> permissionsToRevoke,
@NonNull ArrayList<String> allPackageNames);
/**
* If the app is updated, and has scoped storage permissions, then it is possible that the
* app updated in an attempt to get unscoped storage. If so, revoke all storage permissions.
* @param newPackage The new package that was installed
* @param oldPackage The old package that was updated
*/
public abstract void revokeStoragePermissionsIfScopeExpanded(
@NonNull AndroidPackage newPackage,
@NonNull AndroidPackage oldPackage
);
/**
* Add all permissions in the given package.
* <p>
* NOTE: argument {@code groupTEMP} is temporary until mPermissionGroups is moved to
* the permission settings.
*
* @return A list of BasePermissions that were updated, and need to be revoked from packages
*/
public abstract List<String> addAllPermissions(@NonNull AndroidPackage pkg, boolean chatty);
public abstract void addAllPermissionGroups(@NonNull AndroidPackage pkg, boolean chatty);
public abstract void removeAllPermissions(@NonNull AndroidPackage pkg, boolean chatty);
/** Retrieve the packages that have requested the given app op permission */
public abstract @Nullable String[] getAppOpPermissionPackages(
@NonNull String permName, int callingUid);
/**
* Enforces the request is from the system or an app that has INTERACT_ACROSS_USERS
* or INTERACT_ACROSS_USERS_FULL permissions, if the {@code userid} is not for the caller.
* @param checkShell whether to prevent shell from access if there's a debugging restriction
* @param message the message to log on security exception
*/
public abstract void enforceCrossUserPermission(int callingUid, int userId,
boolean requireFullPermission, boolean checkShell, @NonNull String message);
/**
* Similar to {@link #enforceCrossUserPermission(int, int, boolean, boolean, String)}
* but also allows INTERACT_ACROSS_PROFILES permission if calling user and {@code userId} are
* in the same profile group.
*/
public abstract void enforceCrossUserOrProfilePermission(int callingUid, int userId,
boolean requireFullPermission, boolean checkShell, @NonNull String message);
/**
* @see #enforceCrossUserPermission(int, int, boolean, boolean, String)
* @param requirePermissionWhenSameUser When {@code true}, still require the cross user
* permission to be held even if the callingUid and userId reference the same user.
*/
public abstract void enforceCrossUserPermission(int callingUid, int userId,
boolean requireFullPermission, boolean checkShell,
boolean requirePermissionWhenSameUser, @NonNull String message);
public abstract void enforceGrantRevokeRuntimePermissionPermissions(@NonNull String message);
public abstract @NonNull PermissionSettings getPermissionSettings();
/** Grants default browser permissions to the given package */
public abstract void grantDefaultPermissionsToDefaultBrowser(
@NonNull String packageName, @UserIdInt int userId);
/** HACK HACK methods to allow for partial migration of data to the PermissionManager class */
public abstract @Nullable BasePermission getPermissionTEMP(@NonNull String permName);
/** Get all permissions that have a certain protection */
public abstract @NonNull ArrayList<PermissionInfo> getAllPermissionsWithProtection(
@PermissionInfo.Protection int protection);
/** Get all permissions that have certain protection flags */
public abstract @NonNull ArrayList<PermissionInfo> getAllPermissionsWithProtectionFlags(
@PermissionInfo.ProtectionFlags int protectionFlags);
/**
* Returns the delegate used to influence permission checking.
*
* @return The delegate instance.
*/
public abstract @Nullable CheckPermissionDelegate getCheckPermissionDelegate();
/**
* Sets the delegate used to influence permission checking.
*
* @param delegate A delegate instance or {@code null} to clear.
*/
public abstract void setCheckPermissionDelegate(@Nullable CheckPermissionDelegate delegate);
/**
* Sets the dialer application packages provider.
* @param provider The provider.
*/
public abstract void setDialerAppPackagesProvider(PackagesProvider provider);
/**
* Set the location extra packages provider.
* @param provider The packages provider.
*/
public abstract void setLocationExtraPackagesProvider(PackagesProvider provider);
/**
* Sets the location provider packages provider.
* @param provider The packages provider.
*/
public abstract void setLocationPackagesProvider(PackagesProvider provider);
/**
* Sets the SIM call manager packages provider.
* @param provider The provider.
*/
public abstract void setSimCallManagerPackagesProvider(PackagesProvider provider);
/**
* Sets the SMS application packages provider.
* @param provider The provider.
*/
public abstract void setSmsAppPackagesProvider(PackagesProvider provider);
/**
* Sets the sync adapter packages provider.
* @param provider The provider.
*/
public abstract void setSyncAdapterPackagesProvider(SyncAdapterPackagesProvider provider);
/**
* Sets the Use Open Wifi packages provider.
* @param provider The packages provider.
*/
public abstract void setUseOpenWifiAppPackagesProvider(PackagesProvider provider);
/**
* Sets the voice interaction packages provider.
* @param provider The packages provider.
*/
public abstract void setVoiceInteractionPackagesProvider(PackagesProvider provider);
/**
* Sets the default browser provider.
*
* @param provider the provider
*/
public abstract void setDefaultBrowserProvider(@NonNull DefaultBrowserProvider provider);
/**
* Sets the package name of the default browser provider for the given user.
*
* @param packageName The package name of the default browser or {@code null}
* to clear the default browser
* @param async If {@code true}, set the default browser asynchronously,
* otherwise set it synchronously
* @param doGrant If {@code true} and if {@code packageName} is not {@code null},
* perform default permission grants on the browser, otherwise skip the
* default permission grants.
* @param userId The user to set the default browser for.
*/
public abstract void setDefaultBrowser(@Nullable String packageName, boolean async,
boolean doGrant, @UserIdInt int userId);
/**
* Sets the default dialer provider.
*
* @param provider the provider
*/
public abstract void setDefaultDialerProvider(@NonNull DefaultDialerProvider provider);
/**
* Sets the default home provider.
*
* @param provider the provider
*/
public abstract void setDefaultHomeProvider(@NonNull DefaultHomeProvider provider);
/**
* Asynchronously sets the package name of the default home provider for the given user.
*
* @param packageName The package name of the default home or {@code null}
* to clear the default browser
* @param userId The user to set the default browser for
* @param callback Invoked after the default home has been set
*/
public abstract void setDefaultHome(@Nullable String packageName, @UserIdInt int userId,
@NonNull Consumer<Boolean> callback);
/**
* Returns the default browser package name for the given user.
*/
@Nullable
public abstract String getDefaultBrowser(@UserIdInt int userId);
/**
* Returns the default dialer package name for the given user.
*/
@Nullable
public abstract String getDefaultDialer(@UserIdInt int userId);
/**
* Returns the default home package name for the given user.
*/
@Nullable
public abstract String getDefaultHome(@UserIdInt int userId);
/**
* Requests granting of the default permissions to the current default Use Open Wifi app.
* @param packageName The default use open wifi package name.
* @param userId The user for which to grant the permissions.
*/
public abstract void grantDefaultPermissionsToDefaultSimCallManager(
@NonNull String packageName, @UserIdInt int userId);
/**
* Requests granting of the default permissions to the current default Use Open Wifi app.
* @param packageName The default use open wifi package name.
* @param userId The user for which to grant the permissions.
*/
public abstract void grantDefaultPermissionsToDefaultUseOpenWifiApp(
@NonNull String packageName, @UserIdInt int userId);
/** Called when a new user has been created. */
public abstract void onNewUserCreated(@UserIdInt int userId);
/**
* Removes invalid permissions which are not {@link PermissionInfo#FLAG_HARD_RESTRICTED} or
* {@link PermissionInfo#FLAG_SOFT_RESTRICTED} from the input.
*/
public abstract void retainHardAndSoftRestrictedPermissions(@NonNull List<String> permissions);
}
|
