1 files changed, 26 insertions, 6 deletions

diff --git a/core/java/android/os/storage/StorageManager.java b/core/java/android/os/storage/StorageManager.java
index e8806a03d00e..0abf8ae352af 100644
--- a/core/java/android/os/storage/StorageManager.java
+++ b/core/java/android/os/storage/StorageManager.java
@@ -16,9 +16,11 @@
 
 package android.os.storage;
 
+import static android.Manifest.permission.MANAGE_EXTERNAL_STORAGE;
 import static android.Manifest.permission.READ_EXTERNAL_STORAGE;
 import static android.Manifest.permission.WRITE_EXTERNAL_STORAGE;
 import static android.app.AppOpsManager.OP_LEGACY_STORAGE;
+import static android.app.AppOpsManager.OP_MANAGE_EXTERNAL_STORAGE;
 import static android.app.AppOpsManager.OP_READ_EXTERNAL_STORAGE;
 import static android.app.AppOpsManager.OP_READ_MEDIA_AUDIO;
 import static android.app.AppOpsManager.OP_READ_MEDIA_IMAGES;
@@ -1853,7 +1855,7 @@ public class StorageManager {
     /** {@hide} */
     public boolean checkPermissionReadAudio(boolean enforce,
             int pid, int uid, String packageName, @Nullable String featureId) {
-        if (!checkPermissionAndAppOp(enforce, pid, uid, packageName, featureId,
+        if (!checkExternalStoragePermissionAndAppOp(enforce, pid, uid, packageName, featureId,
                 READ_EXTERNAL_STORAGE, OP_READ_EXTERNAL_STORAGE)) {
             return false;
         }
@@ -1864,7 +1866,7 @@ public class StorageManager {
     /** {@hide} */
     public boolean checkPermissionWriteAudio(boolean enforce,
             int pid, int uid, String packageName, @Nullable String featureId) {
-        if (!checkPermissionAndAppOp(enforce, pid, uid, packageName, featureId,
+        if (!checkExternalStoragePermissionAndAppOp(enforce, pid, uid, packageName, featureId,
                 WRITE_EXTERNAL_STORAGE, OP_WRITE_EXTERNAL_STORAGE)) {
             return false;
         }
@@ -1875,7 +1877,7 @@ public class StorageManager {
     /** {@hide} */
     public boolean checkPermissionReadVideo(boolean enforce,
             int pid, int uid, String packageName, @Nullable String featureId) {
-        if (!checkPermissionAndAppOp(enforce, pid, uid, packageName, featureId,
+        if (!checkExternalStoragePermissionAndAppOp(enforce, pid, uid, packageName, featureId,
                 READ_EXTERNAL_STORAGE, OP_READ_EXTERNAL_STORAGE)) {
             return false;
         }
@@ -1886,7 +1888,7 @@ public class StorageManager {
     /** {@hide} */
     public boolean checkPermissionWriteVideo(boolean enforce,
             int pid, int uid, String packageName, @Nullable String featureId) {
-        if (!checkPermissionAndAppOp(enforce, pid, uid, packageName, featureId,
+        if (!checkExternalStoragePermissionAndAppOp(enforce, pid, uid, packageName, featureId,
                 WRITE_EXTERNAL_STORAGE, OP_WRITE_EXTERNAL_STORAGE)) {
             return false;
         }
@@ -1897,7 +1899,7 @@ public class StorageManager {
     /** {@hide} */
     public boolean checkPermissionReadImages(boolean enforce,
             int pid, int uid, String packageName, @Nullable String featureId) {
-        if (!checkPermissionAndAppOp(enforce, pid, uid, packageName, featureId,
+        if (!checkExternalStoragePermissionAndAppOp(enforce, pid, uid, packageName, featureId,
                 READ_EXTERNAL_STORAGE, OP_READ_EXTERNAL_STORAGE)) {
             return false;
         }
@@ -1908,7 +1910,7 @@ public class StorageManager {
     /** {@hide} */
     public boolean checkPermissionWriteImages(boolean enforce,
             int pid, int uid, String packageName, @Nullable String featureId) {
-        if (!checkPermissionAndAppOp(enforce, pid, uid, packageName, featureId,
+        if (!checkExternalStoragePermissionAndAppOp(enforce, pid, uid, packageName, featureId,
                 WRITE_EXTERNAL_STORAGE, OP_WRITE_EXTERNAL_STORAGE)) {
             return false;
         }
@@ -1916,6 +1918,24 @@ public class StorageManager {
                 OP_WRITE_MEDIA_IMAGES);
     }
 
+    private boolean checkExternalStoragePermissionAndAppOp(boolean enforce,
+            int pid, int uid, String packageName, @Nullable String featureId, String permission,
+            int op) {
+        // First check if app has MANAGE_EXTERNAL_STORAGE.
+        final int mode = mAppOps.noteOpNoThrow(OP_MANAGE_EXTERNAL_STORAGE, uid, packageName,
+                featureId, null);
+        if (mode == AppOpsManager.MODE_ALLOWED) {
+            return true;
+        }
+        if (mode == AppOpsManager.MODE_DEFAULT && mContext.checkPermission(
+                  MANAGE_EXTERNAL_STORAGE, pid, uid) == PERMISSION_GRANTED) {
+            return true;
+        }
+        // If app doesn't have MANAGE_EXTERNAL_STORAGE, then check if it has requested granular
+        // permission.
+        return checkPermissionAndAppOp(enforce, pid, uid, packageName, featureId, permission, op);
+    }
+
     /** {@hide} */
     @VisibleForTesting
     public @NonNull ParcelFileDescriptor openProxyFileDescriptor(