Allow bypassing qualification to work properly with static roles

Right now bypassing qualification for a static role allows assigning a
different holder initially but still randomly reverts it later on. We
should not try to revert to the static holder while we are bypassing
qualifications.

Bug: 390304109
Flag: EXEMPT bugfix
Test: presubmit
Relnote: N/A
Change-Id: I64881c83798cd32f7766eab5f9b609f4bdbb4dee

2 files changed, 16 insertions, 6 deletions

diff --git a/PermissionController/role-controller/java/com/android/role/controller/model/Role.java b/PermissionController/role-controller/java/com/android/role/controller/model/Role.java
index 32910c69d..6a7251563 100644
--- a/PermissionController/role-controller/java/com/android/role/controller/model/Role.java
+++ b/PermissionController/role-controller/java/com/android/role/controller/model/Role.java
@@ -504,8 +504,14 @@ public class Role {
                 && Build.VERSION.SDK_INT <= mMaxSdkVersion;
     }
 
-    public boolean isStatic() {
-        return mStatic;
+    /**
+     * Check whether this role is static, which may change due to bypassing qualification.
+     *
+     * @param context the {@code Context} to retrieve system services
+     * @return whether this role is static
+     */
+    public boolean isStatic(@NonNull Context context) {
+        return mStatic && !isBypassingQualification(context);
     }
 
     /**
@@ -620,6 +626,12 @@ public class Role {
         return mAllowBypassingQualification;
     }
 
+    private boolean isBypassingQualification(@NonNull Context context) {
+        RoleManager roleManager = context.getSystemService(RoleManager.class);
+        return shouldAllowBypassingQualification(context)
+                && RoleManagerCompat.isBypassingRoleQualification(roleManager);
+    }
+
     /**
      * Check whether a package is qualified for this role, i.e. whether it contains all the required
      * components (plus meeting some other general restrictions).
@@ -632,9 +644,7 @@ public class Role {
      */
     public boolean isPackageQualifiedAsUser(@NonNull String packageName, @NonNull UserHandle user,
             @NonNull Context context) {
-        RoleManager roleManager = context.getSystemService(RoleManager.class);
-        if (shouldAllowBypassingQualification(context)
-                && RoleManagerCompat.isBypassingRoleQualification(roleManager)) {
+        if (isBypassingQualification(context)) {
             return true;
         }
 
diff --git a/PermissionController/role-controller/java/com/android/role/controller/service/RoleControllerServiceImpl.java b/PermissionController/role-controller/java/com/android/role/controller/service/RoleControllerServiceImpl.java
index d00fd47af..1a0c83ab8 100644
--- a/PermissionController/role-controller/java/com/android/role/controller/service/RoleControllerServiceImpl.java
+++ b/PermissionController/role-controller/java/com/android/role/controller/service/RoleControllerServiceImpl.java
@@ -173,7 +173,7 @@ public class RoleControllerServiceImpl extends RoleControllerService {
             // or fallback holders, if any.
             currentPackageNames = mUserRoleManager.getRoleHolders(roleName);
             currentPackageNamesSize = currentPackageNames.size();
-            boolean isStaticRole = role.isStatic();
+            boolean isStaticRole = role.isStatic(mContext);
             if (currentPackageNamesSize == 0 || isStaticRole) {
                 List<String> packageNamesToAdd = null;
                 if (addedRoleNames.contains(roleName) || isStaticRole) {