diff options
2 files changed, 25 insertions, 2 deletions
diff --git a/services/companion/java/com/android/server/companion/AssociationRequestsProcessor.java b/services/companion/java/com/android/server/companion/AssociationRequestsProcessor.java index 4b3772a7a54d..d0eb59d83f5a 100644 --- a/services/companion/java/com/android/server/companion/AssociationRequestsProcessor.java +++ b/services/companion/java/com/android/server/companion/AssociationRequestsProcessor.java @@ -22,6 +22,7 @@ import static android.app.PendingIntent.FLAG_ONE_SHOT; import static android.companion.CompanionDeviceManager.REASON_INTERNAL_ERROR; import static android.companion.CompanionDeviceManager.RESULT_INTERNAL_ERROR; import static android.content.ComponentName.createRelative; +import static android.content.pm.PackageManager.FEATURE_WATCH; import static com.android.server.companion.CompanionDeviceManagerService.DEBUG; import static com.android.server.companion.MetricUtils.logCreateAssociation; @@ -169,16 +170,29 @@ class AssociationRequestsProcessor { enforcePermissionsForAssociation(mContext, request, packageUid); enforceUsesCompanionDeviceFeature(mContext, userId, packageName); - // 2. Check if association can be created without launching UI (i.e. CDM needs NEITHER + // 2a. Check if association can be created without launching UI (i.e. CDM needs NEITHER // to perform discovery NOR to collect user consent). if (request.isSelfManaged() && !request.isForceConfirmation() && !willAddRoleHolder(request, packageName, userId)) { - // 2a. Create association right away. + // 2a.1. Create association right away. createAssociationAndNotifyApplication(request, packageName, userId, /* macAddress */ null, callback, /* resultReceiver */ null); return; } + // 2a.2. Report an error if a 3p app tries to create a non-self-managed association and + // launch UI on watch. + if (mContext.getPackageManager().hasSystemFeature(FEATURE_WATCH)) { + String errorMessage = "3p apps are not allowed to create associations on watch."; + Slog.e(TAG, errorMessage); + try { + callback.onFailure(errorMessage); + } catch (RemoteException e) { + // ignored + } + return; + } + // 2b. Build a PendingIntent for launching the confirmation UI, and send it back to the app: // 2b.1. Populate the request with required info. diff --git a/services/companion/java/com/android/server/companion/datatransfer/SystemDataTransferProcessor.java b/services/companion/java/com/android/server/companion/datatransfer/SystemDataTransferProcessor.java index 4e471f5b0bc9..260b21f109d0 100644 --- a/services/companion/java/com/android/server/companion/datatransfer/SystemDataTransferProcessor.java +++ b/services/companion/java/com/android/server/companion/datatransfer/SystemDataTransferProcessor.java @@ -21,6 +21,7 @@ import static android.app.PendingIntent.FLAG_IMMUTABLE; import static android.app.PendingIntent.FLAG_ONE_SHOT; import static android.companion.CompanionDeviceManager.MESSAGE_REQUEST_PERMISSION_RESTORE; import static android.content.ComponentName.createRelative; +import static android.content.pm.PackageManager.FEATURE_WATCH; import static com.android.server.companion.Utils.prepareForIpc; @@ -40,6 +41,7 @@ import android.content.Context; import android.content.Intent; import android.content.pm.PackageManagerInternal; import android.os.Binder; +import android.os.Build; import android.os.Bundle; import android.os.Handler; import android.os.IBinder; @@ -306,6 +308,13 @@ public class SystemDataTransferProcessor { } private void onReceivePermissionRestore(byte[] message) { + // TODO: Disable Permissions Sync for non-watch devices until we figure out a better UX + // model + if (!Build.isDebuggable() && !mContext.getPackageManager().hasSystemFeature( + FEATURE_WATCH)) { + Slog.e(LOG_TAG, "Permissions restore is only available on watch."); + return; + } Slog.i(LOG_TAG, "Applying permissions."); // Start applying permissions UserHandle user = mContext.getUser(); |