diff options
| author | 2022-12-20 22:28:16 +0000 | |
|---|---|---|
| committer | 2023-01-18 21:31:58 +0000 | |
| commit | a1be4550146701181f66da4bb7177845cda8ae9e (patch) | |
| tree | 83a7b01c2140dad6ab6e06e40b034c826d0c0539 | |
| parent | 0c0c43eaa7fd440cb031bff60c12f0cc0efabacf (diff) | |
Permission protect stageAllHealthConnectRemoteData
The new APIs added in this topic's other CL are protected by knownSigner
permission.
The CTS test app can not be granted this permission.
Granting these permissions to the Shell and the CTS test app can adopt
the Shell's identity to get the necessary permissions and call these
APIs.
The test api is protected by the platform signature permission.
Bug: 243145978
Test: atest CtsHealthConnectDeviceTestCases
Change-Id: Ica89151b28213fd6fee69f5390f3d4e7f92bdc73
| -rw-r--r-- | core/api/system-current.txt | 1 | ||||
| -rw-r--r-- | core/api/test-current.txt | 1 | ||||
| -rw-r--r-- | core/res/AndroidManifest.xml | 11 | ||||
| -rw-r--r-- | core/res/res/values/config.xml | 6 | ||||
| -rw-r--r-- | packages/Shell/AndroidManifest.xml | 4 |
5 files changed, 23 insertions, 0 deletions
diff --git a/core/api/system-current.txt b/core/api/system-current.txt index 4f50415dd659..f79dbb9a993a 100644 --- a/core/api/system-current.txt +++ b/core/api/system-current.txt @@ -325,6 +325,7 @@ package android { field public static final String SHUTDOWN = "android.permission.SHUTDOWN"; field public static final String SIGNAL_REBOOT_READINESS = "android.permission.SIGNAL_REBOOT_READINESS"; field public static final String SOUND_TRIGGER_RUN_IN_BATTERY_SAVER = "android.permission.SOUND_TRIGGER_RUN_IN_BATTERY_SAVER"; + field public static final String STAGE_HEALTH_CONNECT_REMOTE_DATA = "android.permission.STAGE_HEALTH_CONNECT_REMOTE_DATA"; field public static final String START_ACTIVITIES_FROM_BACKGROUND = "android.permission.START_ACTIVITIES_FROM_BACKGROUND"; field public static final String START_CROSS_PROFILE_ACTIVITIES = "android.permission.START_CROSS_PROFILE_ACTIVITIES"; field public static final String START_REVIEW_PERMISSION_DECISIONS = "android.permission.START_REVIEW_PERMISSION_DECISIONS"; diff --git a/core/api/test-current.txt b/core/api/test-current.txt index e3554a5aa043..04cca7d08518 100644 --- a/core/api/test-current.txt +++ b/core/api/test-current.txt @@ -16,6 +16,7 @@ package android { field public static final String CONFIGURE_DISPLAY_BRIGHTNESS = "android.permission.CONFIGURE_DISPLAY_BRIGHTNESS"; field public static final String CONTROL_DEVICE_LIGHTS = "android.permission.CONTROL_DEVICE_LIGHTS"; field public static final String CONTROL_DEVICE_STATE = "android.permission.CONTROL_DEVICE_STATE"; + field public static final String DELETE_STAGED_HEALTH_CONNECT_REMOTE_DATA = "android.permission.DELETE_STAGED_HEALTH_CONNECT_REMOTE_DATA"; field public static final String FORCE_DEVICE_POLICY_MANAGER_LOGS = "android.permission.FORCE_DEVICE_POLICY_MANAGER_LOGS"; field public static final String FORCE_STOP_PACKAGES = "android.permission.FORCE_STOP_PACKAGES"; field public static final String GRANT_RUNTIME_PERMISSIONS = "android.permission.GRANT_RUNTIME_PERMISSIONS"; diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml index 31ae0aa40252..dc70c31cec2c 100644 --- a/core/res/AndroidManifest.xml +++ b/core/res/AndroidManifest.xml @@ -6988,6 +6988,17 @@ <permission android:name="android.permission.GET_APP_METADATA" android:protectionLevel="signature" /> + <!-- @hide @SystemApi Allows an application to stage HealthConnect's remote data so that + HealthConnect can later integrate it. --> + <permission android:name="android.permission.STAGE_HEALTH_CONNECT_REMOTE_DATA" + android:protectionLevel="signature|knownSigner" + android:knownCerts="@array/config_healthConnectStagingDataKnownSigners"/> + + <!-- @hide @TestApi Allows an application to clear HealthConnect's staged remote data for + testing only. For security reasons, this is a platform-only permission. --> + <permission android:name="android.permission.DELETE_STAGED_HEALTH_CONNECT_REMOTE_DATA" + android:protectionLevel="signature" /> + <!-- @SystemApi Allows the holder to call health connect migration APIs. @hide --> <permission android:name="android.permission.MIGRATE_HEALTH_CONNECT_DATA" diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml index 72657a09e2e0..f9d5c1dbc6a2 100644 --- a/core/res/res/values/config.xml +++ b/core/res/res/values/config.xml @@ -6144,6 +6144,12 @@ <item>@string/config_mainDisplayShape</item> <item>@string/config_secondaryDisplayShape</item> </string-array> + + <!-- Certificate digests for trusted apps that will be allowed to obtain the knownSigner + permission for staging HealthConnect's remote data. The digest should be computed over the + DER encoding of the trusted certificate using the SHA-256 digest algorithm. --> + <string-array name="config_healthConnectStagingDataKnownSigners"> + </string-array> <!-- Certificate digests for trusted apps that will be allowed to obtain the knownSigner Health Connect Migration permissions. The digest should be computed over the DER encoding of the trusted certificate using the SHA-256 digest algorithm. --> diff --git a/packages/Shell/AndroidManifest.xml b/packages/Shell/AndroidManifest.xml index d56300e6781a..31402dc366d1 100644 --- a/packages/Shell/AndroidManifest.xml +++ b/packages/Shell/AndroidManifest.xml @@ -790,6 +790,10 @@ <!-- Permission required for CTS test - CtsPackageInstallTestCases--> <uses-permission android:name="android.permission.GET_APP_METADATA" /> + <!-- Permission required for CTS test - CtsHealthConnectDeviceTestCases --> + <uses-permission android:name="android.permission.DELETE_STAGED_HEALTH_CONNECT_REMOTE_DATA" /> + <uses-permission android:name="android.permission.STAGE_HEALTH_CONNECT_REMOTE_DATA" /> + <uses-permission android:name="android.permission.FOREGROUND_SERVICE"/> <uses-permission android:name="android.permission.FOREGROUND_SERVICE_SYSTEM_EXEMPTED"/> |