diff options
| author | 2019-06-17 20:05:50 -0700 | |
|---|---|---|
| committer | 2019-06-17 20:05:50 -0700 | |
| commit | 97ab0c930b195cba078ed06dc308db61efd08f40 (patch) | |
| tree | 97b4e368450e4465f6bfc11c98aac8fab9bea01a | |
| parent | 29a2b1109c69bba0f21d9b91e9f221d6e5e840ef (diff) | |
| parent | 674e1600c91ea53f3dba31696096f939371e5272 (diff) | |
Merge "Check flags for user in SoftRestrictedPermPolicy" into qt-dev
am: 674e1600c9
Change-Id: I8a9e70f6924ff2e4e966ea2d59112d1da2081dcf
3 files changed, 7 insertions, 4 deletions
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java index e4e0c554a060..e5f914d9bf75 100644 --- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java +++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java @@ -2129,7 +2129,7 @@ public class PermissionManagerService { } if (bp.isSoftRestricted() && !SoftRestrictedPermissionPolicy.forPermission(mContext, - pkg.applicationInfo, permName).canBeGranted()) { + pkg.applicationInfo, UserHandle.of(userId), permName).canBeGranted()) { Log.e(TAG, "Cannot grant soft restricted permission " + permName + " for package " + packageName); return; diff --git a/services/core/java/com/android/server/policy/PermissionPolicyService.java b/services/core/java/com/android/server/policy/PermissionPolicyService.java index 6882afb6285d..93b11beff239 100644 --- a/services/core/java/com/android/server/policy/PermissionPolicyService.java +++ b/services/core/java/com/android/server/policy/PermissionPolicyService.java @@ -414,7 +414,7 @@ public final class PermissionPolicyService extends SystemService { } else if (permissionInfo.isSoftRestricted()) { final SoftRestrictedPermissionPolicy policy = SoftRestrictedPermissionPolicy.forPermission(mContext, pkg.applicationInfo, - permission); + mContext.getUser(), permission); if (opCode != OP_NONE) { if (policy.canBeGranted()) { diff --git a/services/core/java/com/android/server/policy/SoftRestrictedPermissionPolicy.java b/services/core/java/com/android/server/policy/SoftRestrictedPermissionPolicy.java index d44761728c16..90e0dc4abd21 100644 --- a/services/core/java/com/android/server/policy/SoftRestrictedPermissionPolicy.java +++ b/services/core/java/com/android/server/policy/SoftRestrictedPermissionPolicy.java @@ -33,6 +33,7 @@ import android.app.AppOpsManager; import android.content.Context; import android.content.pm.ApplicationInfo; import android.os.Build; +import android.os.UserHandle; /** * The behavior of soft restricted permissions is different for each permission. This class collects @@ -75,12 +76,14 @@ public abstract class SoftRestrictedPermissionPolicy { * * @param context A context to use * @param appInfo The application the permission belongs to + * @param user The user the app belongs to * @param permission The name of the permission * * @return The policy for this permission */ public static @NonNull SoftRestrictedPermissionPolicy forPermission(@NonNull Context context, - @NonNull ApplicationInfo appInfo, @NonNull String permission) { + @NonNull ApplicationInfo appInfo, @NonNull UserHandle user, + @NonNull String permission) { switch (permission) { // Storage uses a special app op to decide the mount state and supports soft restriction // where the restricted state allows the permission but only for accessing the medial @@ -88,7 +91,7 @@ public abstract class SoftRestrictedPermissionPolicy { case READ_EXTERNAL_STORAGE: case WRITE_EXTERNAL_STORAGE: { int flags = context.getPackageManager().getPermissionFlags( - permission, appInfo.packageName, context.getUser()); + permission, appInfo.packageName, user); boolean applyRestriction = (flags & FLAG_PERMISSION_APPLY_RESTRICTION) != 0; boolean isWhiteListed = (flags & FLAGS_PERMISSION_RESTRICTION_ANY_EXEMPT) != 0; boolean hasRequestedLegacyExternalStorage = |