summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
author Scarlett Song <scarlettsong@google.com> 2025-03-20 17:07:44 -0700
committer Android (Google) Code Review <android-gerrit@google.com> 2025-03-20 17:07:44 -0700
commit3047fe4a5be7609b10baae3023db7769e5be4b16 (patch)
treefb1f6e7925994fbf9163c1772335ffa57eb06ca8
parente4b37674f3c72f051bbeb6e6aede79b72dc11122 (diff)
parent46db55c94f2d851d78976f189d0dcd92a396ff51 (diff)
Merge "Support health split permission check for targetSdk<23 apps" into main
Diffstat
-rw-r--r--PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java46
-rw-r--r--PermissionController/tests/permissionui/Android.bp1
-rw-r--r--PermissionController/tests/permissionui/AndroidTest.xml2
-rw-r--r--PermissionController/tests/permissionui/PermissionUiUseLegacyBodySensorsPermissionTargetSdk22App/Android.bp34
-rw-r--r--PermissionController/tests/permissionui/PermissionUiUseLegacyBodySensorsPermissionTargetSdk22App/AndroidManifest.xml25
-rw-r--r--PermissionController/tests/permissionui/src/com/android/permissioncontroller/permissionui/ui/HealthConnectAppPermissionFragmentTest.kt14
-rw-r--r--PermissionController/tests/permissionui/src/com/android/permissioncontroller/permissionui/ui/TestAppUtils.kt4
7 files changed, 96 insertions, 30 deletions
diff --git a/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java b/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java
index 93e5abc70..425375d7a 100644
--- a/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java
+++ b/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java
@@ -39,6 +39,7 @@ import static android.content.Intent.EXTRA_REASON;
import static android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_INSTALLER_EXEMPT;
import static android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT;
import static android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT;
+import static android.content.pm.PackageManager.FLAG_PERMISSION_REVIEW_REQUIRED;
import static android.content.pm.PackageManager.FLAG_PERMISSION_REVOKE_WHEN_REQUESTED;
import static android.content.pm.PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED;
import static android.content.pm.PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_GRANTED;
@@ -82,6 +83,7 @@ import android.health.connect.HealthConnectManager;
import android.health.connect.HealthPermissions;
import android.os.Binder;
import android.os.Build;
+import android.os.Build.VERSION_CODES;
import android.os.Parcelable;
import android.os.UserHandle;
import android.os.UserManager;
@@ -1184,45 +1186,29 @@ public final class Utils {
}
}
- // Split permission only applies to READ_HEART_RATE.
- if (!requestedHealthPermissions.contains(HealthPermissions.READ_HEART_RATE)) {
+ if (!isValidSplitHealthPermissions(requestedHealthPermissions)) {
return false;
}
- // If there are other health permissions (other than READ_HEALTH_DATA_IN_BACKGROUND)
- // don't consider this a pure split-permission request.
- if (requestedHealthPermissions.size() > 2) {
- return false;
- }
-
- boolean isBackgroundPermissionRequested =
- requestedHealthPermissions.contains(
- HealthPermissions.READ_HEALTH_DATA_IN_BACKGROUND);
- // If there are two health permissions declared, make sure the other is
- // READ_HEALTH_DATA_IN_BACKGROUND.
- if (requestedHealthPermissions.size() == 2 && !isBackgroundPermissionRequested) {
- return false;
- }
-
- // If READ_HEALTH_DATA_IN_BACKGROUND is requested, check permission flag to see if is from
- // split permission.
- if (isBackgroundPermissionRequested) {
- int readHealthDataInBackgroundFlag =
- pm.getPermissionFlags(
- HealthPermissions.READ_HEALTH_DATA_IN_BACKGROUND, packageName, user);
- if (!isFromSplitPermission(readHealthDataInBackgroundFlag)) {
+ int targetSdk = packageInfo.getTargetSdkVersion();
+ for (String perm : requestedHealthPermissions) {
+ if (!isFromSplitPermission(pm.getPermissionFlags(perm, packageName, user), targetSdk)) {
return false;
}
}
+ return true;
+ }
- // Check READ_HEART_RATE permission flag to see if is from split permission.
- int readHeartRateFlag =
- pm.getPermissionFlags(HealthPermissions.READ_HEART_RATE, packageName, user);
- return isFromSplitPermission(readHeartRateFlag);
+ private static boolean isValidSplitHealthPermissions(List<String> permissions) {
+ return (permissions.size() == 1 && permissions.contains(HealthPermissions.READ_HEART_RATE))
+ || (permissions.size() == 2 && permissions.contains(HealthPermissions.READ_HEART_RATE)
+ && permissions.contains(HealthPermissions.READ_HEALTH_DATA_IN_BACKGROUND));
}
- private static boolean isFromSplitPermission(int permissionFlag) {
- return (permissionFlag & FLAG_PERMISSION_REVOKE_WHEN_REQUESTED) != 0;
+ private static boolean isFromSplitPermission(int permissionFlag, int targetSdk) {
+ return (targetSdk >= Build.VERSION_CODES.M)
+ ? (permissionFlag & PackageManager.FLAG_PERMISSION_REVOKE_WHEN_REQUESTED) != 0
+ : (permissionFlag & PackageManager.FLAG_PERMISSION_REVIEW_REQUIRED) != 0;
}
/**
diff --git a/PermissionController/tests/permissionui/Android.bp b/PermissionController/tests/permissionui/Android.bp
index 8cc91bd99..e289e2c58 100644
--- a/PermissionController/tests/permissionui/Android.bp
+++ b/PermissionController/tests/permissionui/Android.bp
@@ -74,6 +74,7 @@ android_test {
":PermissionUiReadCalendarPermissionApp",
":PermissionUiUseLegacyBodySensorsPermissionApp",
":PermissionUiUseReadHeartRatePermissionApp",
+ ":PermissionUiUseLegacyBodySensorsPermissionTargetSdk22App",
],
per_testcase_directory: true,
}
diff --git a/PermissionController/tests/permissionui/AndroidTest.xml b/PermissionController/tests/permissionui/AndroidTest.xml
index 2462dc4c7..85dc4925a 100644
--- a/PermissionController/tests/permissionui/AndroidTest.xml
+++ b/PermissionController/tests/permissionui/AndroidTest.xml
@@ -61,6 +61,8 @@
value="/data/local/tmp/pc-permissionui/PermissionUiUseLegacyBodySensorsPermissionApp.apk" />
<option name="push-file" key="PermissionUiUseReadHeartRatePermissionApp.apk"
value="/data/local/tmp/pc-permissionui/PermissionUiUseReadHeartRatePermissionApp.apk" />
+ <option name="push-file" key="PermissionUiUseLegacyBodySensorsPermissionTargetSdk22App.apk"
+ value="/data/local/tmp/pc-permissionui/PermissionUiUseLegacyBodySensorsPermissionTargetSdk22App.apk" />
</target_preparer>
<!-- Wake the screen, and dismiss keyguard -->
diff --git a/PermissionController/tests/permissionui/PermissionUiUseLegacyBodySensorsPermissionTargetSdk22App/Android.bp b/PermissionController/tests/permissionui/PermissionUiUseLegacyBodySensorsPermissionTargetSdk22App/Android.bp
new file mode 100644
index 000000000..539fb2686
--- /dev/null
+++ b/PermissionController/tests/permissionui/PermissionUiUseLegacyBodySensorsPermissionTargetSdk22App/Android.bp
@@ -0,0 +1,34 @@
+//
+// Copyright (C) 2025 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package {
+ // See: http://go/android-license-faq
+ // A large-scale-change added 'default_applicable_licenses' to import
+ // all of the 'license_kinds' from "packages_modules_Permission_PermissionController_license"
+ // to get the below license kinds:
+ // SPDX-license-identifier-Apache-2.0
+ default_applicable_licenses: [
+ "packages_modules_Permission_PermissionController_license",
+ ],
+}
+
+android_test_helper_app {
+ name: "PermissionUiUseLegacyBodySensorsPermissionTargetSdk22App",
+
+ srcs: ["src/**/*.kt"],
+
+ sdk_version: "22",
+}
diff --git a/PermissionController/tests/permissionui/PermissionUiUseLegacyBodySensorsPermissionTargetSdk22App/AndroidManifest.xml b/PermissionController/tests/permissionui/PermissionUiUseLegacyBodySensorsPermissionTargetSdk22App/AndroidManifest.xml
new file mode 100644
index 000000000..2a08d47ae
--- /dev/null
+++ b/PermissionController/tests/permissionui/PermissionUiUseLegacyBodySensorsPermissionTargetSdk22App/AndroidManifest.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+ ~ Copyright (C) 2025 The Android Open Source Project
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ -->
+
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+ package="com.android.permissioncontroller.tests.appthatrequestpermission">
+
+ <uses-permission android:name="android.permission.BODY_SENSORS" />
+ <uses-permission android:name="android.permission.BODY_SENSORS_BACKGROUND" />
+
+ <application />
+</manifest>
diff --git a/PermissionController/tests/permissionui/src/com/android/permissioncontroller/permissionui/ui/HealthConnectAppPermissionFragmentTest.kt b/PermissionController/tests/permissionui/src/com/android/permissioncontroller/permissionui/ui/HealthConnectAppPermissionFragmentTest.kt
index 8fc2fdc1b..48d14a967 100644
--- a/PermissionController/tests/permissionui/src/com/android/permissioncontroller/permissionui/ui/HealthConnectAppPermissionFragmentTest.kt
+++ b/PermissionController/tests/permissionui/src/com/android/permissioncontroller/permissionui/ui/HealthConnectAppPermissionFragmentTest.kt
@@ -146,6 +146,20 @@ class HealthConnectAppPermissionFragmentTest : BasePermissionUiTest() {
@SdkSuppress(minSdkVersion = Build.VERSION_CODES.BAKLAVA, codeName = "Baklava")
@RequiresFlagsEnabled(FLAG_REPLACE_BODY_SENSOR_PERMISSION_ENABLED)
@Test
+ @Ignore("b/405152547")
+ fun startManageAppPermissionsActivity_handHeldDevices_requestLegacyBodySensorsTargetSdk22Ungranted_healthConnectShowsUp() {
+ assumeFalse(context.packageManager.hasSystemFeature(PackageManager.FEATURE_WATCH))
+ installTestAppThatUsesLegacyBodySensorsPermissionsTargetSdk22()
+
+ startManageAppPermissionsActivity()
+
+ eventually { waitFindObject(By.text(HEALTH_FITNESS_LABEL)) }
+ }
+
+
+ @SdkSuppress(minSdkVersion = Build.VERSION_CODES.BAKLAVA, codeName = "Baklava")
+ @RequiresFlagsEnabled(FLAG_REPLACE_BODY_SENSOR_PERMISSION_ENABLED)
+ @Test
fun startManageAppPermissionsActivity_handHeldDevices_requestReadHeartRateUngranted_healthConnectNotShowsUp() {
assumeFalse(context.packageManager.hasSystemFeature(PackageManager.FEATURE_WATCH))
installTestAppThatUsesReadHeartRatePermissions()
diff --git a/PermissionController/tests/permissionui/src/com/android/permissioncontroller/permissionui/ui/TestAppUtils.kt b/PermissionController/tests/permissionui/src/com/android/permissioncontroller/permissionui/ui/TestAppUtils.kt
index 8eef11e73..c3799c4c1 100644
--- a/PermissionController/tests/permissionui/src/com/android/permissioncontroller/permissionui/ui/TestAppUtils.kt
+++ b/PermissionController/tests/permissionui/src/com/android/permissioncontroller/permissionui/ui/TestAppUtils.kt
@@ -40,6 +40,8 @@ private const val LEGACY_BODY_SENSORS_APK =
"$APK_DIRECTORY/PermissionUiUseLegacyBodySensorsPermissionApp.apk"
private const val READ_HEART_RATE_APK =
"$APK_DIRECTORY/PermissionUiUseReadHeartRatePermissionApp.apk"
+private const val LEGACY_BODY_SENSORS_TARGET_SDK_22_APK =
+ "$APK_DIRECTORY/PermissionUiUseLegacyBodySensorsPermissionTargetSdk22App.apk"
// All 4 of the AppThatUses_X_Permission(s) applications share the same package name.
private const val PERM_DEFINER_PACKAGE =
@@ -77,6 +79,8 @@ fun installTestAppThatUsesLegacyBodySensorsPermissions() = install(LEGACY_BODY_S
fun installTestAppThatUsesReadHeartRatePermissions() = install(READ_HEART_RATE_APK)
+fun installTestAppThatUsesLegacyBodySensorsPermissionsTargetSdk22() = install(LEGACY_BODY_SENSORS_TARGET_SDK_22_APK)
+
fun uninstallTestApps() {
uninstallApp(PERM_USER_PACKAGE)
uninstallApp(PERM_DEFINER_PACKAGE)
generated by cgit v1.2.3-59-g8ed1b (git 2.39.0) at 2025-10-18 23:33:00 +0000