Merge "Fix permission check in DPM.getPermissionGrantState" into mnc-dev

author: Amith Yamasani <yamasani@google.com> 2015-06-05 18:36:06 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2015-06-05 18:36:08 +0000
commit: 8fa24e91c4dbe8a6533e99eeea4d8b200437d92a (patch)
tree: df496bf821d17880666fc5cd06c14e27f3947a7b
parent: 48cf298cb8ded48dbec8e977412815e61953b74f (diff)
parent: 369d65653399f01e83a6cbb6dfa4eb7b356af648 (diff)
1 files changed, 5 insertions, 6 deletions
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index ff748f23a48b..825ef1a70703 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -6395,18 +6395,18 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
                 PackageManager packageManager = mContext.getPackageManager();
                 switch (grantState) {
                     case DevicePolicyManager.PERMISSION_GRANT_STATE_GRANTED: {
-                        packageManager.grantRuntimePermission(packageName, permission, user);
                         packageManager.updatePermissionFlags(permission, packageName,
                                 PackageManager.FLAG_PERMISSION_POLICY_FIXED,
                                 PackageManager.FLAG_PERMISSION_POLICY_FIXED, user);
+                        packageManager.grantRuntimePermission(packageName, permission, user);
                     } break;
 
                     case DevicePolicyManager.PERMISSION_GRANT_STATE_DENIED: {
-                        packageManager.revokeRuntimePermission(packageName,
-                                permission, user);
                         packageManager.updatePermissionFlags(permission, packageName,
                                 PackageManager.FLAG_PERMISSION_POLICY_FIXED,
                                 PackageManager.FLAG_PERMISSION_POLICY_FIXED, user);
+                        packageManager.revokeRuntimePermission(packageName,
+                                permission, user);
                     } break;
 
                     case DevicePolicyManager.PERMISSION_GRANT_STATE_DEFAULT: {
@@ -6428,14 +6428,13 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
             String permission) throws RemoteException {
         PackageManager packageManager = mContext.getPackageManager();
 
-        // Do this before clearing the caller's identity
-        int granted = packageManager.checkPermission(permission, packageName);
-
         UserHandle user = Binder.getCallingUserHandle();
         synchronized (this) {
             getActiveAdminForCallerLocked(admin, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
             long ident = Binder.clearCallingIdentity();
             try {
+                int granted = AppGlobals.getPackageManager().checkPermission(permission,
+                        packageName, user.getIdentifier());
                 int permFlags = packageManager.getPermissionFlags(permission, packageName, user);
                 if ((permFlags & PackageManager.FLAG_PERMISSION_POLICY_FIXED)
                         != PackageManager.FLAG_PERMISSION_POLICY_FIXED) {
author	Amith Yamasani <yamasani@google.com>	2015-06-05 18:36:06 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2015-06-05 18:36:08 +0000
commit	8fa24e91c4dbe8a6533e99eeea4d8b200437d92a (patch)
tree	df496bf821d17880666fc5cd06c14e27f3947a7b
parent	48cf298cb8ded48dbec8e977412815e61953b74f (diff)
parent	369d65653399f01e83a6cbb6dfa4eb7b356af648 (diff)