diff options
63 files changed, 203 insertions, 86 deletions
diff --git a/Android.bp b/Android.bp index 389f330a6..7a2f39fc3 100644 --- a/Android.bp +++ b/Android.bp @@ -13,6 +13,7 @@ // limitations under the License. package { + default_team: "trendy_team_android_permissions", default_applicable_licenses: ["Android-Apache-2.0"], default_visibility: [":__subpackages__"], } @@ -22,7 +23,7 @@ apex { defaults: ["com.android.permission-defaults"], manifest: "apex_manifest.json", compat_configs: [ - "framework-permission-s-compat-config" + "framework-permission-s-compat-config", ], } @@ -69,8 +70,8 @@ sdk { bootclasspath_fragment { name: "com.android.permission-bootclasspath-fragment", contents: [ - "framework-permission", - "framework-permission-s", + "framework-permission", + "framework-permission-s", ], apex_available: ["com.android.permission"], diff --git a/PermissionController/Android.bp b/PermissionController/Android.bp index b16999d9c..34351a309 100644 --- a/PermissionController/Android.bp +++ b/PermissionController/Android.bp @@ -15,6 +15,7 @@ // package { + default_team: "trendy_team_android_permissions", default_applicable_licenses: [ "packages_modules_Permission_PermissionController_license", ], diff --git a/PermissionController/iconloaderlib/Android.bp b/PermissionController/iconloaderlib/Android.bp index 2bc3de435..2a886a276 100644 --- a/PermissionController/iconloaderlib/Android.bp +++ b/PermissionController/iconloaderlib/Android.bp @@ -13,6 +13,7 @@ // limitations under the License. package { + default_team: "trendy_team_android_permissions", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/PermissionController/res/values-hr/strings.xml b/PermissionController/res/values-hr/strings.xml index d86366901..89a379010 100644 --- a/PermissionController/res/values-hr/strings.xml +++ b/PermissionController/res/values-hr/strings.xml @@ -405,8 +405,8 @@ <string name="role_notes_search_keywords" msgid="7710756695666744631">"napomene"</string> <string name="role_wallet_label" msgid="3719419175656204207">"Zadana aplikacija za novčanik"</string> <string name="role_wallet_short_label" msgid="6521288403762457452">"Aplikacija za novčanik"</string> - <string name="role_wallet_description" msgid="3726535836165949838">"Aplikacije za novčanik mogu pohraniti vaše kreditne kartice i kartice vjernosti, automobilske ključeve itd. kako biste izvršavali različite oblike transakcija."</string> - <string name="role_wallet_request_title" msgid="4770217108262737093">"Želite li postaviti <xliff:g id="APP_NAME">%1$s</xliff:g> kao zadanu aplikaciju za novčanik?"</string> + <string name="role_wallet_description" msgid="3726535836165949838">"Aplikacije za novčanik mogu pohraniti vaše kreditne kartice i kartice vjernosti, automobilske ključeve i druge stvari kako bi vam razne vrste transakcija bile praktičnije."</string> + <string name="role_wallet_request_title" msgid="4770217108262737093">"Želite li aplikaciju <xliff:g id="APP_NAME">%1$s</xliff:g> postaviti kao zadanu aplikaciju za novčanik?"</string> <string name="role_wallet_request_description" msgid="6305487425777483053">"Dopuštenja nisu potrebna"</string> <string name="request_role_current_default" msgid="738722892438247184">"Trenutačna zadana"</string> <string name="request_role_dont_ask_again" msgid="3556017886029520306">"Više me ne pitaj"</string> diff --git a/PermissionController/res/values-ja/strings.xml b/PermissionController/res/values-ja/strings.xml index c551c7ebe..b599bd0cc 100644 --- a/PermissionController/res/values-ja/strings.xml +++ b/PermissionController/res/values-ja/strings.xml @@ -56,8 +56,8 @@ <string name="grant_dialog_button_keey_approximate_location" msgid="438025182769080011">"おおよその位置情報を保持"</string> <string name="grant_dialog_button_allow_one_time" msgid="2618088516449706391">"今回のみ"</string> <string name="grant_dialog_button_allow_background" msgid="8236044729434367833">"常に許可"</string> - <string name="grant_dialog_button_allow_all_files" msgid="4955436994954829894">"すべてのファイルの管理を許可"</string> - <string name="grant_dialog_button_allow_media_only" msgid="4832877658422573832">"メディア ファイルへのアクセスを許可"</string> + <string name="grant_dialog_button_allow_all_files" msgid="4955436994954829894">"すべての管理を許可"</string> + <string name="grant_dialog_button_allow_media_only" msgid="4832877658422573832">"アクセスのみ許可"</string> <string name="app_permissions_breadcrumb" msgid="5136969550489411650">"アプリ"</string> <string name="app_permissions" msgid="3369917736607944781">"アプリの権限"</string> <string name="unused_apps" msgid="2058057455175955094">"使用されていないアプリ"</string> @@ -86,7 +86,7 @@ <string name="app_permissions_group_summary" msgid="8788419008958284002">"<xliff:g id="COUNT_0">%1$d</xliff:g>/<xliff:g id="COUNT_1">%2$d</xliff:g> 個のアプリを許可"</string> <string name="app_permissions_group_summary2" msgid="4329922444840521150">"<xliff:g id="COUNT_0">%1$d</xliff:g>/<xliff:g id="COUNT_1">%2$d</xliff:g> 件のアプリを許可"</string> <string name="menu_show_system" msgid="4254021607027872504">"システムアプリを表示"</string> - <string name="menu_hide_system" msgid="3855390843744028465">"システムアプリを表示しない"</string> + <string name="menu_hide_system" msgid="3855390843744028465">"システムアプリを非表示"</string> <string name="menu_show_7_days_data" msgid="8979611198508523706">"過去 7 日間を表示"</string> <string name="menu_show_24_hours_data" msgid="8228054833323380780">"過去 24 時間を表示"</string> <string name="manage_permission" msgid="2895385393037061964">"権限の管理"</string> diff --git a/PermissionController/res/values-mn/strings.xml b/PermissionController/res/values-mn/strings.xml index c1b4b0653..dae627b70 100644 --- a/PermissionController/res/values-mn/strings.xml +++ b/PermissionController/res/values-mn/strings.xml @@ -403,10 +403,10 @@ <string name="role_notes_short_label" msgid="8796604147546125285">"Тэмдэглэлийн апп"</string> <string name="role_notes_description" msgid="8496852798616883551">"Таныг төхөөрөмж дээрээ тэмдэглэл хөтлөх боломж олгодог аппууд"</string> <string name="role_notes_search_keywords" msgid="7710756695666744631">"тэмдэглэл"</string> - <string name="role_wallet_label" msgid="3719419175656204207">"Wallet-н өгөгдмөл апп"</string> - <string name="role_wallet_short_label" msgid="6521288403762457452">"Wallet-н апп"</string> - <string name="role_wallet_description" msgid="3726535836165949838">"Төрөл бүрийн гүйлгээнд туслахын тулд Wallet-н аппууд таны кредит бa лояалти карт, машины түлхүүр болон бусад зүйлийг хадгалах боломжтой."</string> - <string name="role_wallet_request_title" msgid="4770217108262737093">"<xliff:g id="APP_NAME">%1$s</xliff:g>-г wallet-н өгөгдмөл аппаараа тохируулах уу?"</string> + <string name="role_wallet_label" msgid="3719419175656204207">"Өгөгдмөл түрийвчийн апп"</string> + <string name="role_wallet_short_label" msgid="6521288403762457452">"Түрийвчийн апп"</string> + <string name="role_wallet_description" msgid="3726535836165949838">"Төрөл бүрийн гүйлгээнд туслахын тулд түрийвчийн аппууд таны кредит ба лояалти карт, машины түлхүүр болон бусад зүйлийг хадгалах боломжтой."</string> + <string name="role_wallet_request_title" msgid="4770217108262737093">"<xliff:g id="APP_NAME">%1$s</xliff:g>-г таны өгөгдмөл түрийвчийн аппаар тохируулах уу?"</string> <string name="role_wallet_request_description" msgid="6305487425777483053">"Ямар ч зөвшөөрөл шаардлагагүй"</string> <string name="request_role_current_default" msgid="738722892438247184">"Одоогийн өгөгдмөл апп"</string> <string name="request_role_dont_ask_again" msgid="3556017886029520306">"Дахиж бүү асуу"</string> diff --git a/PermissionController/res/xml/roles.xml b/PermissionController/res/xml/roles.xml index f09056f73..6f2cf3a51 100644 --- a/PermissionController/res/xml/roles.xml +++ b/PermissionController/res/xml/roles.xml @@ -141,6 +141,8 @@ minSdkVersion="33" /> <permission name="android.permission.EXECUTE_APP_ACTION" minSdkVersion="34" /> + <permission name="android.permission.EMBED_ANY_APP_IN_UNTRUSTED_MODE" + minSdkVersion="35" /> </permissions> <app-op-permissions> <app-op-permission name="android.permission.SYSTEM_ALERT_WINDOW" /> @@ -444,6 +446,7 @@ </preferred-activity> </preferred-activities> <permissions> + <permission name="android.permission.RECEIVE_SENSITIVE_NOTIFICATIONS" minSdkVersion="35"/> <permission name="android.permission.READ_HOME_APP_SEARCH_DATA" minSdkVersion="33"/> </permissions> </role> @@ -676,6 +679,8 @@ <permission name="android.permission.SET_TIME_ZONE" minSdkVersion="34" /> <permission name="android.permission.SATELLITE_COMMUNICATION" minSdkVersion="34" /> <permission name="android.permission.ALWAYS_UPDATE_WALLPAPER" minSdkVersion="35" /> + <permission name="android.permission.EMBED_ANY_APP_IN_UNTRUSTED_MODE" + minSdkVersion="35" /> </permissions> </role> @@ -1349,6 +1354,7 @@ <permission name="android.permission.MANAGE_DEVICE_POLICY_USB_FILE_TRANSFER" minSdkVersion="34" /> <permission name="android.permission.MANAGE_DEVICE_POLICY_ACROSS_USERS_SECURITY_CRITICAL" minSdkVersion="34" /> <permission name="android.permission.MANAGE_DEVICE_POLICY_ACROSS_USERS" minSdkVersion="34" /> + <permission name="android.permission.MANAGE_DEVICE_POLICY_CONTENT_PROTECTION" minSdkVersion="35" /> </permissions> </role> @@ -1363,6 +1369,7 @@ <permissions> <permission-set name="notifications" /> <permission name="android.permission.GET_HISTORICAL_APP_OPS_STATS" /> + <permission name="android.permission.GET_BACKGROUND_INSTALLED_PACKAGES" minSdkVersion="35" /> </permissions> </role> diff --git a/PermissionController/role-controller/Android.bp b/PermissionController/role-controller/Android.bp index 6d4bf52c6..437d7ca5e 100644 --- a/PermissionController/role-controller/Android.bp +++ b/PermissionController/role-controller/Android.bp @@ -13,6 +13,7 @@ // limitations under the License. package { + default_team: "trendy_team_android_permissions", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/PermissionController/role-controller/java/com/android/role/controller/behavior/WalletRoleBehavior.java b/PermissionController/role-controller/java/com/android/role/controller/behavior/WalletRoleBehavior.java index 3e209aaee..a689db8df 100644 --- a/PermissionController/role-controller/java/com/android/role/controller/behavior/WalletRoleBehavior.java +++ b/PermissionController/role-controller/java/com/android/role/controller/behavior/WalletRoleBehavior.java @@ -108,7 +108,8 @@ public class WalletRoleBehavior implements RoleBehavior { Intent intent = new Intent(action).setPackage(packageName); PackageManager packageManager = context.getPackageManager(); List<ResolveInfo> resolveInfos = packageManager - .queryIntentServicesAsUser(intent, 0, user); + .queryIntentServicesAsUser(intent, PackageManager.MATCH_DIRECT_BOOT_AWARE + | PackageManager.MATCH_DIRECT_BOOT_UNAWARE, user); Set<String> packageNames = new ArraySet<>(); int resolveInfosSize = resolveInfos.size(); for (int i = 0; i < resolveInfosSize; i++) { diff --git a/PermissionController/src/com/android/permissioncontroller/permission/ui/model/v31/PermissionUsageDetailsViewModel.kt b/PermissionController/src/com/android/permissioncontroller/permission/ui/model/v31/PermissionUsageDetailsViewModel.kt index 826e57ece..40ee75636 100644 --- a/PermissionController/src/com/android/permissioncontroller/permission/ui/model/v31/PermissionUsageDetailsViewModel.kt +++ b/PermissionController/src/com/android/permissioncontroller/permission/ui/model/v31/PermissionUsageDetailsViewModel.kt @@ -32,6 +32,7 @@ import android.graphics.drawable.Drawable import android.os.Build import android.os.Bundle import android.os.UserHandle +import android.os.UserManager import androidx.annotation.RequiresApi import androidx.lifecycle.AbstractSavedStateViewModelFactory import androidx.lifecycle.SavedStateHandle @@ -85,6 +86,8 @@ class PermissionUsageDetailsViewModel( private val roleManager = Utils.getSystemServiceSafe(application.applicationContext, RoleManager::class.java) + private val userManager = + Utils.getSystemServiceSafe(application.applicationContext, UserManager::class.java) /** Updates whether system app permissions usage should be displayed in the UI. */ fun updateShowSystemAppsToggle(showSystem: Boolean) { @@ -191,6 +194,7 @@ class PermissionUsageDetailsViewModel( ): List<AppPermissionAccessUiInfo> { return allLightHistoricalPackageOpsLiveData .getLightHistoricalPackageOps() + ?.filter { Utils.shouldShowInSettings(it.userHandle, userManager) } ?.flatMap { it.clusterAccesses(startTime, showSystem) } ?.sortedBy { -1 * it.discreteAccesses.first().accessTimeMs } ?.map { it.buildAppPermissionAccessUiInfo() } @@ -488,7 +492,8 @@ class PermissionUsageDetailsViewModel( ?.let { getPackageLabel( it.proxy!!.packageName!!, - UserHandle.getUserHandleForUid(it.proxy.uid)) + UserHandle.getUserHandleForUid(it.proxy.uid) + ) } /** Returns the attribution label for the permission access, if any. */ diff --git a/PermissionController/src/com/android/permissioncontroller/permission/ui/model/v31/PermissionUsageViewModel.kt b/PermissionController/src/com/android/permissioncontroller/permission/ui/model/v31/PermissionUsageViewModel.kt index fa5b1b685..fc8deab79 100644 --- a/PermissionController/src/com/android/permissioncontroller/permission/ui/model/v31/PermissionUsageViewModel.kt +++ b/PermissionController/src/com/android/permissioncontroller/permission/ui/model/v31/PermissionUsageViewModel.kt @@ -22,6 +22,7 @@ import android.app.role.RoleManager import android.os.Build import android.os.Bundle import android.os.UserHandle +import android.os.UserManager import androidx.annotation.RequiresApi import androidx.lifecycle.AbstractSavedStateViewModelFactory import androidx.lifecycle.AndroidViewModel @@ -55,6 +56,8 @@ class PermissionUsageViewModel( private val state: SavedStateHandle, app: Application, ) : AndroidViewModel(app) { + private val userManager = + Utils.getSystemServiceSafe(app.applicationContext, UserManager::class.java) private val roleManager = Utils.getSystemServiceSafe(app.applicationContext, RoleManager::class.java) private val exemptedPackages: Set<String> = Utils.getExemptedPackages(roleManager) @@ -114,7 +117,10 @@ class PermissionUsageViewModel( } val eligibleLightPackageOpsList: List<LightPackageOps> = - getAllLightPackageOps()?.filterOutExemptedApps() ?: listOf() + getAllLightPackageOps()?.filterOutExemptedApps()?.filter { + Utils.shouldShowInSettings(it.userHandle, userManager) + } + ?: listOf() for (lightPackageOps: LightPackageOps in eligibleLightPackageOpsList) { val permGroupsToLastAccess: List<Map.Entry<String, Long>> = diff --git a/PermissionController/src/com/android/permissioncontroller/permission/ui/wear/GrantPermissionsWearViewHandler.java b/PermissionController/src/com/android/permissioncontroller/permission/ui/wear/GrantPermissionsWearViewHandler.java index cc32c5f02..c9e9a2eb1 100644 --- a/PermissionController/src/com/android/permissioncontroller/permission/ui/wear/GrantPermissionsWearViewHandler.java +++ b/PermissionController/src/com/android/permissioncontroller/permission/ui/wear/GrantPermissionsWearViewHandler.java @@ -168,7 +168,8 @@ public class GrantPermissionsWearViewHandler implements GrantPermissionsViewHand private void updateScreen() { mViewModel.getIconLiveData().setValue( mGroupIcon == null ? null : mGroupIcon.loadDrawable(mActivity)); - mViewModel.getGroupMessageLiveData().setValue(mGroupMessage.toString()); + mViewModel.getGroupMessageLiveData().setValue( + mGroupMessage == null ? "" : mGroupMessage.toString()); mViewModel.getDetailMessageLiveData().setValue(mDetailMessage); int numButtons = BUTTON_RES_ID_TO_NUM.size(); List<Boolean> buttonVisibilityList = Arrays.asList(new Boolean[NEXT_BUTTON]); diff --git a/PermissionController/src/com/android/permissioncontroller/permission/ui/wear/WearAppPermissionGroupsHelper.kt b/PermissionController/src/com/android/permissioncontroller/permission/ui/wear/WearAppPermissionGroupsHelper.kt index 94f0b0d07..9fb86eaaf 100644 --- a/PermissionController/src/com/android/permissioncontroller/permission/ui/wear/WearAppPermissionGroupsHelper.kt +++ b/PermissionController/src/com/android/permissioncontroller/permission/ui/wear/WearAppPermissionGroupsHelper.kt @@ -143,7 +143,7 @@ class WearAppPermissionGroupsHelper( val grantSummary = getGrantSummary(category, groupUiInfo)?.let { context.getString(it) } ?: "" val summary = StringBuilder(grantSummary) - if (Flags.wearPrivacyDashboardEnabled()) { + if (Flags.wearPrivacyDashboardEnabled() || Flags.wearPrivacyDashboardEnabledReadOnly()) { WearUtils.getPreferenceSummary(context, lastAccessTime).let { if (it.isNotEmpty()) { summary.append(System.lineSeparator()).append(it) diff --git a/PermissionController/src/com/android/permissioncontroller/permission/ui/wear/WearAppPermissionScreen.kt b/PermissionController/src/com/android/permissioncontroller/permission/ui/wear/WearAppPermissionScreen.kt index bec633fe7..ccbd51f7d 100644 --- a/PermissionController/src/com/android/permissioncontroller/permission/ui/wear/WearAppPermissionScreen.kt +++ b/PermissionController/src/com/android/permissioncontroller/permission/ui/wear/WearAppPermissionScreen.kt @@ -52,7 +52,7 @@ fun WearAppPermissionScreen( onAdvancedConfirmDialogOkButtonClick: (AdvancedConfirmDialogArgs) -> Unit, onAdvancedConfirmDialogCancelButtonClick: () -> Unit ) { - val buttonState = viewModel.buttonStateLiveData.observeAsState(emptyMap()) + val buttonState = viewModel.buttonStateLiveData.observeAsState(null) val detailResIds = viewModel.detailResIdLiveData.observeAsState(null) val admin = viewModel.showAdminSupportLiveData.observeAsState(null) var isLoading by remember { mutableStateOf(true) } @@ -84,7 +84,7 @@ fun WearAppPermissionScreen( onCancelButtonClick = onAdvancedConfirmDialogCancelButtonClick ) } - if (isLoading && buttonState.value.isNotEmpty()) { + if (isLoading && !buttonState.value.isNullOrEmpty()) { isLoading = false } } @@ -92,7 +92,7 @@ fun WearAppPermissionScreen( @Composable internal fun WearAppPermissionContent( title: String, - buttonState: Map<ButtonType, ButtonState>, + buttonState: Map<ButtonType, ButtonState>?, detailResIds: Pair<Int, Int?>?, admin: RestrictedLockUtils.EnforcedAdmin?, isLoading: Boolean, @@ -101,7 +101,7 @@ internal fun WearAppPermissionContent( onFooterClicked: (RestrictedLockUtils.EnforcedAdmin) -> Unit ) { ScrollableScreen(title = title, isLoading = isLoading) { - buttonState[ButtonType.LOCATION_ACCURACY]?.let { + buttonState?.get(ButtonType.LOCATION_ACCURACY)?.let { if (it.isShown) { item { ToggleChip( @@ -116,7 +116,7 @@ internal fun WearAppPermissionContent( } } for (buttonType in buttonTypeOrder) { - buttonState[buttonType]?.let { + buttonState?.get(buttonType)?.let { if (it.isShown) { item { ToggleChip( diff --git a/PermissionController/src/com/android/permissioncontroller/permission/ui/wear/WearPermissionAppsHelper.kt b/PermissionController/src/com/android/permissioncontroller/permission/ui/wear/WearPermissionAppsHelper.kt index 539adf4fb..7d92d69bc 100644 --- a/PermissionController/src/com/android/permissioncontroller/permission/ui/wear/WearPermissionAppsHelper.kt +++ b/PermissionController/src/com/android/permissioncontroller/permission/ui/wear/WearPermissionAppsHelper.kt @@ -160,7 +160,9 @@ class WearPermissionAppsHelper( ) } val summary = - if (Flags.wearPrivacyDashboardEnabled()) { + if ( + Flags.wearPrivacyDashboardEnabled() || Flags.wearPrivacyDashboardEnabledReadOnly() + ) { lastAccessTime?.let { WearUtils.getPreferenceSummary(application, lastAccessTime) } } else { null diff --git a/PermissionController/src/com/android/permissioncontroller/permission/ui/wear/WearUnusedAppsFragment.kt b/PermissionController/src/com/android/permissioncontroller/permission/ui/wear/WearUnusedAppsFragment.kt index 9b8047a0c..30c59760f 100644 --- a/PermissionController/src/com/android/permissioncontroller/permission/ui/wear/WearUnusedAppsFragment.kt +++ b/PermissionController/src/com/android/permissioncontroller/permission/ui/wear/WearUnusedAppsFragment.kt @@ -148,17 +148,18 @@ class WearUnusedAppsFragment : Fragment() { private fun updatePackages(categorizedPackages: Map<UnusedPeriod, List<UnusedPackageInfo>>) { // Remove stale unused app chips for (period in allPeriods) { - val it: MutableIterator<Map.Entry<String, UnusedAppChip>> = - unusedAppsMap[period]!!.entries.iterator() - while (it.hasNext()) { - val contains = - categorizedPackages[period]?.any { (pkgName, user, _) -> - val key = createKey(pkgName, user) - it.next().key == key - } - if (contains != true) { - it.remove() - } + val unUsedAppsInAPeriod = unusedAppsMap[period] ?: continue + val categorizedPackagesOfAPeriod = categorizedPackages[period] + if (categorizedPackagesOfAPeriod == null) { + unUsedAppsInAPeriod.clear() + continue + } + val categorizedPackageKeys = + categorizedPackagesOfAPeriod.map { createKey(it.packageName, it.user) } + // Do not remove apps that are still in the unused category + val keysToRemove = unUsedAppsInAPeriod.keys.filterNot { it in categorizedPackageKeys } + for (key in keysToRemove) { + unUsedAppsInAPeriod.remove(key) } } diff --git a/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java b/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java index 2c36c0adc..dffc49aa2 100644 --- a/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java +++ b/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java @@ -68,6 +68,7 @@ import android.content.pm.PackageManager.NameNotFoundException; import android.content.pm.PermissionGroupInfo; import android.content.pm.PermissionInfo; import android.content.pm.ResolveInfo; +import android.content.pm.UserProperties; import android.content.res.Resources; import android.content.res.Resources.Theme; import android.graphics.Bitmap; @@ -1591,4 +1592,30 @@ public final class Utils { @NonNull ApplicationInfo applicationInfo) { return context.getPackageManager().getApplicationLabel(applicationInfo).toString(); } + + /** + * Returns whether the given user should be shown in the Settings UI in SdkLevel V+. This method + * will always return true for SdkLevels below V. + * + * @param userHandle The user for which to check whether it should be shown or not. + * @return true if it should be shown, false otherwise. + */ + public static boolean shouldShowInSettings(UserHandle userHandle, UserManager userManager) { + return !SdkLevel.isAtLeastV() || shouldShowInSettingsInternal(userHandle, userManager); + } + + /** + * Returns whether the given user should be shown in the Settings UI. + * + * @param userHandle The user for which to check whether it should be shown or not. + * @return true if it should be shown, false otherwise. + */ + @RequiresApi(Build.VERSION_CODES.VANILLA_ICE_CREAM) + @ChecksSdkIntAtLeast(api = Build.VERSION_CODES.VANILLA_ICE_CREAM) + private static boolean shouldShowInSettingsInternal( + UserHandle userHandle, UserManager userManager) { + var userProperties = userManager.getUserProperties(userHandle); + return !userManager.isQuietModeEnabled(userHandle) + || userProperties.getShowInQuietMode() != UserProperties.SHOW_IN_QUIET_MODE_HIDDEN; + } } diff --git a/PermissionController/tests/inprocess/Android.bp b/PermissionController/tests/inprocess/Android.bp index 7d55ff9cc..7227e41ad 100644 --- a/PermissionController/tests/inprocess/Android.bp +++ b/PermissionController/tests/inprocess/Android.bp @@ -15,6 +15,7 @@ // package { + default_team: "trendy_team_android_permissions", // See: http://go/android-license-faq // A large-scale-change added 'default_applicable_licenses' to import // all of the 'license_kinds' from "packages_modules_Permission_PermissionController_license" diff --git a/PermissionController/tests/inprocess/AppThatUsesCameraPermission/Android.bp b/PermissionController/tests/inprocess/AppThatUsesCameraPermission/Android.bp index 14198cb6d..a6bd07a49 100644 --- a/PermissionController/tests/inprocess/AppThatUsesCameraPermission/Android.bp +++ b/PermissionController/tests/inprocess/AppThatUsesCameraPermission/Android.bp @@ -15,6 +15,7 @@ // package { + default_team: "trendy_team_android_permissions", // See: http://go/android-license-faq // A large-scale-change added 'default_applicable_licenses' to import // all of the 'license_kinds' from "packages_modules_Permission_PermissionController_license" diff --git a/PermissionController/tests/mocking/Android.bp b/PermissionController/tests/mocking/Android.bp index 430e58d69..cff4c5177 100644 --- a/PermissionController/tests/mocking/Android.bp +++ b/PermissionController/tests/mocking/Android.bp @@ -15,6 +15,7 @@ // package { + default_team: "trendy_team_android_permissions", // See: http://go/android-license-faq // A large-scale-change added 'default_applicable_licenses' to import // all of the 'license_kinds' from "packages_modules_Permission_PermissionController_license" diff --git a/PermissionController/tests/outofprocess/Android.bp b/PermissionController/tests/outofprocess/Android.bp index acb4ab5bd..83bb65d6b 100644 --- a/PermissionController/tests/outofprocess/Android.bp +++ b/PermissionController/tests/outofprocess/Android.bp @@ -15,6 +15,7 @@ // package { + default_team: "trendy_team_android_permissions", // See: http://go/android-license-faq // A large-scale-change added 'default_applicable_licenses' to import // all of the 'license_kinds' from "packages_modules_Permission_PermissionController_license" diff --git a/PermissionController/tests/permissionui/Android.bp b/PermissionController/tests/permissionui/Android.bp index 41b5f88ed..6aa0dc45c 100644 --- a/PermissionController/tests/permissionui/Android.bp +++ b/PermissionController/tests/permissionui/Android.bp @@ -15,6 +15,7 @@ // package { + default_team: "trendy_team_android_permissions", // See: http://go/android-license-faq // A large-scale-change added 'default_applicable_licenses' to import // all of the 'license_kinds' from "packages_modules_Permission_PermissionController_license" diff --git a/PermissionController/tests/permissionui/PermissionUiDefineAdditionalPermissionApp/Android.bp b/PermissionController/tests/permissionui/PermissionUiDefineAdditionalPermissionApp/Android.bp index 13205b354..e93bb995f 100644 --- a/PermissionController/tests/permissionui/PermissionUiDefineAdditionalPermissionApp/Android.bp +++ b/PermissionController/tests/permissionui/PermissionUiDefineAdditionalPermissionApp/Android.bp @@ -15,6 +15,7 @@ // package { + default_team: "trendy_team_android_permissions", // See: http://go/android-license-faq // A large-scale-change added 'default_applicable_licenses' to import // all of the 'license_kinds' from "packages_modules_Permission_PermissionController_license" diff --git a/PermissionController/tests/permissionui/PermissionUiUseAdditionalPermissionApp/Android.bp b/PermissionController/tests/permissionui/PermissionUiUseAdditionalPermissionApp/Android.bp index 7073b02cc..5fc26a3f0 100644 --- a/PermissionController/tests/permissionui/PermissionUiUseAdditionalPermissionApp/Android.bp +++ b/PermissionController/tests/permissionui/PermissionUiUseAdditionalPermissionApp/Android.bp @@ -15,6 +15,7 @@ // package { + default_team: "trendy_team_android_permissions", // See: http://go/android-license-faq // A large-scale-change added 'default_applicable_licenses' to import // all of the 'license_kinds' from "packages_modules_Permission_PermissionController_license" diff --git a/PermissionController/tests/permissionui/PermissionUiUseCameraPermissionApp/Android.bp b/PermissionController/tests/permissionui/PermissionUiUseCameraPermissionApp/Android.bp index 71616bd83..80252c891 100644 --- a/PermissionController/tests/permissionui/PermissionUiUseCameraPermissionApp/Android.bp +++ b/PermissionController/tests/permissionui/PermissionUiUseCameraPermissionApp/Android.bp @@ -15,6 +15,7 @@ // package { + default_team: "trendy_team_android_permissions", // See: http://go/android-license-faq // A large-scale-change added 'default_applicable_licenses' to import // all of the 'license_kinds' from "packages_modules_Permission_PermissionController_license" diff --git a/PermissionController/tests/permissionui/PermissionUiUseStoragePermissionApp/Android.bp b/PermissionController/tests/permissionui/PermissionUiUseStoragePermissionApp/Android.bp index 56022ca2d..fe7be2ee2 100644 --- a/PermissionController/tests/permissionui/PermissionUiUseStoragePermissionApp/Android.bp +++ b/PermissionController/tests/permissionui/PermissionUiUseStoragePermissionApp/Android.bp @@ -15,6 +15,7 @@ // package { + default_team: "trendy_team_android_permissions", // See: http://go/android-license-faq // A large-scale-change added 'default_applicable_licenses' to import // all of the 'license_kinds' from "packages_modules_Permission_PermissionController_license" diff --git a/PermissionController/tests/permissionui/PermissionUiUseTwoAdditionalPermissionsApp/Android.bp b/PermissionController/tests/permissionui/PermissionUiUseTwoAdditionalPermissionsApp/Android.bp index aeff19c2d..a681f51bb 100644 --- a/PermissionController/tests/permissionui/PermissionUiUseTwoAdditionalPermissionsApp/Android.bp +++ b/PermissionController/tests/permissionui/PermissionUiUseTwoAdditionalPermissionsApp/Android.bp @@ -15,6 +15,7 @@ // package { + default_team: "trendy_team_android_permissions", // See: http://go/android-license-faq // A large-scale-change added 'default_applicable_licenses' to import // all of the 'license_kinds' from "packages_modules_Permission_PermissionController_license" diff --git a/SafetyCenter/Annotations/Android.bp b/SafetyCenter/Annotations/Android.bp index c04f40333..12d2c0fb0 100644 --- a/SafetyCenter/Annotations/Android.bp +++ b/SafetyCenter/Annotations/Android.bp @@ -16,6 +16,7 @@ // Library for internal data used by Safety Center system service and UI. package { + default_team: "trendy_team_android_permissions", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/SafetyCenter/Config/Android.bp b/SafetyCenter/Config/Android.bp index 895b242b0..d6423288a 100644 --- a/SafetyCenter/Config/Android.bp +++ b/SafetyCenter/Config/Android.bp @@ -14,6 +14,7 @@ // limitations under the License. // package { + default_team: "trendy_team_android_permissions", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/SafetyCenter/Config/tests/Android.bp b/SafetyCenter/Config/tests/Android.bp index c58f2c922..3adedfc25 100644 --- a/SafetyCenter/Config/tests/Android.bp +++ b/SafetyCenter/Config/tests/Android.bp @@ -13,6 +13,7 @@ // limitations under the License. package { + default_team: "trendy_team_android_permissions", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/SafetyCenter/Config/tests/overlay/Android.bp b/SafetyCenter/Config/tests/overlay/Android.bp index 65eab02f1..a6f9fb2dd 100644 --- a/SafetyCenter/Config/tests/overlay/Android.bp +++ b/SafetyCenter/Config/tests/overlay/Android.bp @@ -15,6 +15,7 @@ // package { + default_team: "trendy_team_android_permissions", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/SafetyCenter/ConfigLintChecker/Android.bp b/SafetyCenter/ConfigLintChecker/Android.bp index ff1e28009..fad0165df 100644 --- a/SafetyCenter/ConfigLintChecker/Android.bp +++ b/SafetyCenter/ConfigLintChecker/Android.bp @@ -13,6 +13,7 @@ // limitations under the License. package { + default_team: "trendy_team_android_permissions", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/SafetyCenter/InternalData/Android.bp b/SafetyCenter/InternalData/Android.bp index aa8f96c8b..c89db4962 100644 --- a/SafetyCenter/InternalData/Android.bp +++ b/SafetyCenter/InternalData/Android.bp @@ -16,6 +16,7 @@ // Library for internal data used by Safety Center system service and UI. package { + default_team: "trendy_team_android_permissions", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/SafetyCenter/PendingIntents/Android.bp b/SafetyCenter/PendingIntents/Android.bp index 05bec7988..e9b810df8 100644 --- a/SafetyCenter/PendingIntents/Android.bp +++ b/SafetyCenter/PendingIntents/Android.bp @@ -14,6 +14,7 @@ // limitations under the License. // package { + default_team: "trendy_team_android_permissions", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/SafetyCenter/Persistence/Android.bp b/SafetyCenter/Persistence/Android.bp index 56ce4491b..d7e1a60dc 100644 --- a/SafetyCenter/Persistence/Android.bp +++ b/SafetyCenter/Persistence/Android.bp @@ -14,6 +14,7 @@ // limitations under the License. // package { + default_team: "trendy_team_safety_center", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/SafetyCenter/Persistence/tests/Android.bp b/SafetyCenter/Persistence/tests/Android.bp index d72dfdd29..c3342ab18 100644 --- a/SafetyCenter/Persistence/tests/Android.bp +++ b/SafetyCenter/Persistence/tests/Android.bp @@ -13,6 +13,7 @@ // limitations under the License. package { + default_team: "trendy_team_safety_center", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/SafetyCenter/Resources/Android.bp b/SafetyCenter/Resources/Android.bp index 06f7e5f25..6f635c885 100644 --- a/SafetyCenter/Resources/Android.bp +++ b/SafetyCenter/Resources/Android.bp @@ -16,6 +16,7 @@ // APK to hold all the Safety Center overlayable resources. package { + default_team: "trendy_team_android_permissions", default_applicable_licenses: ["Android-Apache-2.0"], } @@ -51,5 +52,5 @@ android_app { android_app_certificate { name: "com.android.safetycenter.resources.certificate", - certificate: "com.android.safetycenter.resources" + certificate: "com.android.safetycenter.resources", } diff --git a/SafetyCenter/ResourcesLib/Android.bp b/SafetyCenter/ResourcesLib/Android.bp index ebc7aa017..4829dbc40 100644 --- a/SafetyCenter/ResourcesLib/Android.bp +++ b/SafetyCenter/ResourcesLib/Android.bp @@ -16,6 +16,7 @@ // Library to manage all the Safety Center overlayable resources. package { + default_team: "trendy_team_safety_center", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/SafetyCenter/ResourcesLib/tests/Android.bp b/SafetyCenter/ResourcesLib/tests/Android.bp index 75fead776..18d98ccb6 100644 --- a/SafetyCenter/ResourcesLib/tests/Android.bp +++ b/SafetyCenter/ResourcesLib/tests/Android.bp @@ -13,6 +13,7 @@ // limitations under the License. package { + default_team: "trendy_team_safety_center", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/SafetyCenter/ResourcesLib/tests/SafetyCenterResourcesLibTestResources/Android.bp b/SafetyCenter/ResourcesLib/tests/SafetyCenterResourcesLibTestResources/Android.bp index 18628805d..7306ee247 100644 --- a/SafetyCenter/ResourcesLib/tests/SafetyCenterResourcesLibTestResources/Android.bp +++ b/SafetyCenter/ResourcesLib/tests/SafetyCenterResourcesLibTestResources/Android.bp @@ -15,6 +15,7 @@ // package { + default_team: "trendy_team_safety_center", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/SafetyLabel/Android.bp b/SafetyLabel/Android.bp index 119890d3f..70307242d 100644 --- a/SafetyLabel/Android.bp +++ b/SafetyLabel/Android.bp @@ -13,6 +13,7 @@ // limitations under the License. package { + default_team: "trendy_team_android_permissions", default_applicable_licenses: ["Android-Apache-2.0"], } @@ -46,4 +47,3 @@ java_library { "//packages/modules/Permission:__subpackages__", ], } - diff --git a/SafetyLabel/tests/Android.bp b/SafetyLabel/tests/Android.bp index 2026a6ac8..613eda2c6 100644 --- a/SafetyLabel/tests/Android.bp +++ b/SafetyLabel/tests/Android.bp @@ -13,6 +13,7 @@ // limitations under the License. package { + default_team: "trendy_team_android_permissions", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/flags/flags.aconfig b/flags/flags.aconfig index 5d9e01052..00f7c2ada 100644 --- a/flags/flags.aconfig +++ b/flags/flags.aconfig @@ -7,6 +7,7 @@ flag { bug: "292252664" } +# TODO: Remove when wear_privacy_dashboard_enabled_read_only reaches to the next stage. flag { name: "wear_privacy_dashboard_enabled" namespace: "wear_security" @@ -15,6 +16,14 @@ flag { } flag { + name: "wear_privacy_dashboard_enabled_read_only" + namespace: "wear_security" + description: "This flag is used to support Privacy dashboard for Wear" + bug: "309721061" + is_fixed_read_only: true +} + +flag { name: "archiving_read_only" namespace: "permissions" description: "Feature flag to enable the archiving feature." diff --git a/framework-s/Android.bp b/framework-s/Android.bp index a23d91197..3ff224fa8 100644 --- a/framework-s/Android.bp +++ b/framework-s/Android.bp @@ -13,6 +13,7 @@ // limitations under the License. package { + default_team: "trendy_team_android_permissions", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/framework-s/api/system-current.txt b/framework-s/api/system-current.txt index 02ab5b562..b4dfafba2 100644 --- a/framework-s/api/system-current.txt +++ b/framework-s/api/system-current.txt @@ -3,9 +3,10 @@ package android.app.ecm { @FlaggedApi("android.permission.flags.enhanced_confirmation_mode_apis_enabled") public final class EnhancedConfirmationManager { method @RequiresPermission(android.Manifest.permission.MANAGE_ENHANCED_CONFIRMATION_STATES) public void clearRestriction(@NonNull String) throws android.content.pm.PackageManager.NameNotFoundException; - method @NonNull public android.app.PendingIntent getRestrictedSettingDialogIntent(@NonNull String) throws android.content.pm.PackageManager.NameNotFoundException; + method @NonNull public android.app.PendingIntent getRestrictedSettingDialogIntent(@NonNull String, @NonNull String) throws android.content.pm.PackageManager.NameNotFoundException; method @RequiresPermission(android.Manifest.permission.MANAGE_ENHANCED_CONFIRMATION_STATES) public boolean isClearRestrictionAllowed(@NonNull String) throws android.content.pm.PackageManager.NameNotFoundException; method @RequiresPermission(android.Manifest.permission.MANAGE_ENHANCED_CONFIRMATION_STATES) public boolean isRestricted(@NonNull String, @NonNull String) throws android.content.pm.PackageManager.NameNotFoundException; + method @RequiresPermission(android.Manifest.permission.MANAGE_ENHANCED_CONFIRMATION_STATES) public void setClearRestrictionAllowed(@NonNull String) throws android.content.pm.PackageManager.NameNotFoundException; } } diff --git a/framework-s/java/android/app/ecm/EnhancedConfirmationManager.java b/framework-s/java/android/app/ecm/EnhancedConfirmationManager.java index 6feae2ee8..52e220bc0 100644 --- a/framework-s/java/android/app/ecm/EnhancedConfirmationManager.java +++ b/framework-s/java/android/app/ecm/EnhancedConfirmationManager.java @@ -307,7 +307,6 @@ public final class EnhancedConfirmationManager { * * @param packageName package name of the application which should be considered acknowledged * @throws NameNotFoundException if the provided package was not found - * @hide */ @RequiresPermission(android.Manifest.permission.MANAGE_ENHANCED_CONFIRMATION_STATES) public void setClearRestrictionAllowed(@NonNull String packageName) @@ -331,11 +330,12 @@ public final class EnhancedConfirmationManager { * @param packageName package name of the application to open the dialog for * @throws NameNotFoundException if the provided package was not found */ - public @NonNull PendingIntent getRestrictedSettingDialogIntent(@NonNull String packageName) - throws NameNotFoundException { + public @NonNull PendingIntent getRestrictedSettingDialogIntent(@NonNull String packageName, + @NonNull String settingIdentifier) throws NameNotFoundException { Intent intent = new Intent(Settings.ACTION_SHOW_RESTRICTED_SETTING_DIALOG); intent.putExtra(Intent.EXTRA_PACKAGE_NAME, packageName); intent.putExtra(Intent.EXTRA_UID, getPackageUid(packageName)); + // TODO(b/323225971): Pass settingIdentifier to dialog return PendingIntent.getActivity(mContext, 0, intent, PendingIntent.FLAG_IMMUTABLE); } diff --git a/framework/Android.bp b/framework/Android.bp index 33fda68c2..bd4c9dc81 100644 --- a/framework/Android.bp +++ b/framework/Android.bp @@ -13,6 +13,7 @@ // limitations under the License. package { + default_team: "trendy_team_android_permissions", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/permissions/Android.bp b/permissions/Android.bp index 6c1fdb8f8..fb84e0537 100644 --- a/permissions/Android.bp +++ b/permissions/Android.bp @@ -1,4 +1,3 @@ - // // Copyright (C) 2022 The Android Open Source Project // @@ -15,6 +14,7 @@ // limitations under the License. // package { + default_team: "trendy_team_android_permissions", default_applicable_licenses: ["Android-Apache-2.0"], default_visibility: ["//packages/modules/Permission:__subpackages__"], } diff --git a/service/Android.bp b/service/Android.bp index 0702c279b..97a1a89ee 100644 --- a/service/Android.bp +++ b/service/Android.bp @@ -13,6 +13,7 @@ // limitations under the License. package { + default_team: "trendy_team_android_permissions", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/service/java/com/android/ecm/EnhancedConfirmationService.java b/service/java/com/android/ecm/EnhancedConfirmationService.java index 6fd803793..1292ca4b1 100644 --- a/service/java/com/android/ecm/EnhancedConfirmationService.java +++ b/service/java/com/android/ecm/EnhancedConfirmationService.java @@ -22,6 +22,7 @@ import android.annotation.UserIdInt; import android.app.AppOpsManager; import android.app.ecm.EnhancedConfirmationManager; import android.app.ecm.IEnhancedConfirmationManager; +import android.app.role.RoleManager; import android.content.Context; import android.content.pm.ApplicationInfo; import android.content.pm.InstallSourceInfo; @@ -86,6 +87,15 @@ public class EnhancedConfirmationService extends SystemService { static { PROTECTED_SETTINGS.add(AppOpsManager.OPSTR_BIND_ACCESSIBILITY_SERVICE); + // Default application roles. + PROTECTED_SETTINGS.add(RoleManager.ROLE_ASSISTANT); + PROTECTED_SETTINGS.add(RoleManager.ROLE_BROWSER); + PROTECTED_SETTINGS.add(RoleManager.ROLE_CALL_REDIRECTION); + PROTECTED_SETTINGS.add(RoleManager.ROLE_CALL_SCREENING); + PROTECTED_SETTINGS.add(RoleManager.ROLE_DIALER); + PROTECTED_SETTINGS.add(RoleManager.ROLE_HOME); + PROTECTED_SETTINGS.add(RoleManager.ROLE_SMS); + PROTECTED_SETTINGS.add(RoleManager.ROLE_WALLET); // TODO(b/310654015): Add other explicitly protected settings } diff --git a/testing/Android.bp b/testing/Android.bp index 8abed1e0c..d74510754 100644 --- a/testing/Android.bp +++ b/testing/Android.bp @@ -13,6 +13,7 @@ // limitations under the License. package { + default_team: "trendy_team_android_permissions", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/tests/apex/Android.bp b/tests/apex/Android.bp index 126fcb4b2..83bf4e252 100644 --- a/tests/apex/Android.bp +++ b/tests/apex/Android.bp @@ -13,6 +13,7 @@ // limitations under the License. package { + default_team: "trendy_team_android_permissions", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/tests/cts/permission/src/android/permission/cts/RevokePermissionTest.kt b/tests/cts/permission/src/android/permission/cts/RevokePermissionTest.kt index 05235e141..579b03f9c 100644 --- a/tests/cts/permission/src/android/permission/cts/RevokePermissionTest.kt +++ b/tests/cts/permission/src/android/permission/cts/RevokePermissionTest.kt @@ -50,21 +50,6 @@ class RevokePermissionTest { @Test @AppModeFull(reason = "Instant apps can't revoke permissions.") - fun testRevokePermissionNotRequested() { - testRevoke( - packageName = APP_PKG_NAME, - permission = CAMERA, - throwableType = SecurityException::class.java, - throwableMessages = - listOf( - "has not requested permission", - "Permission $CAMERA isn't requested by package $APP_PKG_NAME" - ) - ) - } - - @Test - @AppModeFull(reason = "Instant apps can't revoke permissions.") fun testRevokeFakePermission() { val fakePermissionName = "FAKE_PERMISSION" testRevoke( @@ -100,22 +85,6 @@ class RevokePermissionTest { @Test @AppModeFull(reason = "Instant apps can't revoke permissions.") - fun testRevokePermissionNotRequestedWithReason() { - testRevoke( - packageName = APP_PKG_NAME, - permission = CAMERA, - reason = "test reason", - throwableType = SecurityException::class.java, - throwableMessages = - listOf( - "has not requested permission", - "Permission $CAMERA isn't requested by package $APP_PKG_NAME" - ) - ) - } - - @Test - @AppModeFull(reason = "Instant apps can't revoke permissions.") fun testRevokeFakePermissionWithReason() { val fakePermissionName = "FAKE_PERMISSION" testRevoke( diff --git a/tests/cts/permissionpolicy/res/raw/android_manifest.xml b/tests/cts/permissionpolicy/res/raw/android_manifest.xml index 18b70ae25..741bda917 100644 --- a/tests/cts/permissionpolicy/res/raw/android_manifest.xml +++ b/tests/cts/permissionpolicy/res/raw/android_manifest.xml @@ -843,6 +843,19 @@ android:description="@string/permdesc_writeContacts" android:protectionLevel="dangerous" /> + <!-- Allows an app to update the verification status of E2EE contact keys owned by other apps. + <p>This permission is only granted to system apps. + <p>Protection level: signature|privileged + @SystemApi + @hide + @FlaggedApi("android.provider.user_keys") + --> + <permission android:name="android.permission.WRITE_VERIFICATION_STATE_E2EE_CONTACT_KEYS" + android:permissionGroup="android.permission-group.UNDEFINED" + android:label="@string/permlab_writeVerificationStateE2eeContactKeys" + android:description="@string/permdesc_writeVerificationStateE2eeContactKeys" + android:protectionLevel="signature|privileged" /> + <!-- Allows an application to set default account for new contacts. <p> This permission is only granted to system applications fulfilling the Contacts app role. <p>Protection level: internal|role @@ -2543,6 +2556,13 @@ android:description="@string/permdesc_detectScreenCapture" android:protectionLevel="normal" /> + <!-- Allows an application to get notified when it is being recorded. + <p>Protection level: normal + @FlaggedApi("com.android.window.flags.screen_recording_callbacks") + --> + <permission android:name="android.permission.DETECT_SCREEN_RECORDING" + android:protectionLevel="normal" /> + <!-- ======================================== --> <!-- Permissions for factory reset protection --> <!-- ======================================== --> @@ -3080,6 +3100,14 @@ <permission android:name="android.permission.INTERACT_ACROSS_PROFILES" android:protectionLevel="signature|appop" /> + <!-- Allows applications to access profiles with PROFILE_API_VISIBILITY_HIDDEN user property + <p>Protection level: normal + @FlaggedApi("android.multiuser.enable_permission_to_access_hidden_profiles") --> + <permission android:name="android.permission.ACCESS_HIDDEN_PROFILES" + android:label="@string/permlab_accessHiddenProfile" + android:description="@string/permdesc_accessHiddenProfile" + android:protectionLevel="normal" /> + <!-- @SystemApi Allows configuring apps to have the INTERACT_ACROSS_PROFILES permission so that they can interact across profiles in the same profile group. @hide --> @@ -3643,6 +3671,13 @@ <permission android:name="android.permission.MANAGE_DEVICE_POLICY_DEVICE_IDENTIFIERS" android:protectionLevel="internal|role" /> + <!-- Allows an application to manage policy related to content protection. + <p>Protection level: internal|role + @FlaggedApi("android.view.contentprotection.flags.manage_device_policy_enabled") + --> + <permission android:name="android.permission.MANAGE_DEVICE_POLICY_CONTENT_PROTECTION" + android:protectionLevel="internal|role" /> + <!-- Allows an application to set device policies outside the current user that are critical for securing data within the current user. <p>Holding this permission allows the use of other held MANAGE_DEVICE_POLICY_* @@ -3725,6 +3760,18 @@ <permission android:name="android.permission.ACTIVITY_EMBEDDING" android:protectionLevel="signature|privileged" /> + <!-- Allows an application to embed any other apps in untrusted embedding mode without the need + for the embedded app to consent. + <p>For now, this permission is only granted to the Assistant application selected by + the user. + {@see https://developer.android.com/guide/topics/large-screens/activity-embedding#trust_model} + @SystemApi + @FlaggedApi("com.android.window.flags.untrusted_embedding_any_app_permission") + @hide + --> + <permission android:name="android.permission.EMBED_ANY_APP_IN_UNTRUSTED_MODE" + android:protectionLevel="internal|role" /> + <!-- Allows an application to start any activity, regardless of permission protection or exported state. @hide --> @@ -7585,7 +7632,7 @@ android:protectionLevel="normal"/> <!-- @FlaggedApi("android.app.job.backup_jobs_exemption") - Gives applications whose <b>primary use case</b> is to backup or sync content increased + Gives applications with a <b>major use case</b> of backing-up or syncing content increased job execution allowance in order to complete the related work. The jobs must have a valid content URI trigger and network constraint set. <p>This is a special access permission that can be revoked by the system or the user. diff --git a/tests/cts/permissionui/src/android/permissionui/cts/EnhancedConfirmationManagerTest.kt b/tests/cts/permissionui/src/android/permissionui/cts/EnhancedConfirmationManagerTest.kt index 7ef050fae..83f53b252 100644 --- a/tests/cts/permissionui/src/android/permissionui/cts/EnhancedConfirmationManagerTest.kt +++ b/tests/cts/permissionui/src/android/permissionui/cts/EnhancedConfirmationManagerTest.kt @@ -112,7 +112,7 @@ class EnhancedConfirmationManagerTest : BaseUsePermissionTest() { installPackageWithInstallSourceAndMetadataFromDownloadedFile(apkName) runWithShellPermissionIdentity { eventually { assertTrue(ecm.isRestricted(APP_PACKAGE_NAME, PROTECTED_SETTING)) } - setClearRestrictionAllowed(context, APP_PACKAGE_NAME) + ecm.setClearRestrictionAllowed(APP_PACKAGE_NAME) eventually { assertTrue(ecm.isClearRestrictionAllowed(APP_PACKAGE_NAME)) } ecm.clearRestriction(APP_PACKAGE_NAME) eventually { assertFalse(ecm.isRestricted(APP_PACKAGE_NAME, PROTECTED_SETTING)) } @@ -122,17 +122,8 @@ class EnhancedConfirmationManagerTest : BaseUsePermissionTest() { companion object { private const val NON_PROTECTED_SETTING = "example_setting_which_is_not_protected" private const val PROTECTED_SETTING = "android:bind_accessibility_service" - private const val MODE_IGNORED = 1 private const val MODE_ERRORED = 2 - // TODO(b/320517290): Since setClearRestrictionAllowed is not API, we're currently - // simulating its behavior. We should instead actually invoke this method on - // EnhancedConfirmationManager. - @Throws(PackageManager.NameNotFoundException::class) - private fun setClearRestrictionAllowed(context: Context, packageName: String) { - setAppEcmState(context, packageName, MODE_IGNORED) - } - @Throws(PackageManager.NameNotFoundException::class) private fun setAppEcmState(context: Context, packageName: String, mode: Int) { val appOpsManager = context.getSystemService(AppOpsManager::class.java)!! diff --git a/tests/cts/safetycenter/Android.bp b/tests/cts/safetycenter/Android.bp index e7fe2ffd3..e49587c39 100644 --- a/tests/cts/safetycenter/Android.bp +++ b/tests/cts/safetycenter/Android.bp @@ -15,6 +15,7 @@ // package { + default_team: "trendy_team_safety_center", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/tests/functional/safetycenter/multiusers/Android.bp b/tests/functional/safetycenter/multiusers/Android.bp index c1c7a95e7..b5caf48e6 100644 --- a/tests/functional/safetycenter/multiusers/Android.bp +++ b/tests/functional/safetycenter/multiusers/Android.bp @@ -15,6 +15,7 @@ // package { + default_team: "trendy_team_safety_center", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/tests/functional/safetycenter/safetycenteractivity/Android.bp b/tests/functional/safetycenter/safetycenteractivity/Android.bp index af0020e91..ea5f9f286 100644 --- a/tests/functional/safetycenter/safetycenteractivity/Android.bp +++ b/tests/functional/safetycenter/safetycenteractivity/Android.bp @@ -15,6 +15,7 @@ // package { + default_team: "trendy_team_safety_center", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/tests/functional/safetycenter/singleuser/Android.bp b/tests/functional/safetycenter/singleuser/Android.bp index 995f3ca40..fa7b6475b 100644 --- a/tests/functional/safetycenter/singleuser/Android.bp +++ b/tests/functional/safetycenter/singleuser/Android.bp @@ -15,6 +15,7 @@ // package { + default_team: "trendy_team_safety_center", default_applicable_licenses: ["Android-Apache-2.0"], } diff --git a/tests/hostside/safetycenter/Android.bp b/tests/hostside/safetycenter/Android.bp index c66cae23a..10258f95b 100644 --- a/tests/hostside/safetycenter/Android.bp +++ b/tests/hostside/safetycenter/Android.bp @@ -15,6 +15,7 @@ // package { + default_team: "trendy_team_safety_center", default_applicable_licenses: ["Android-Apache-2.0"], } @@ -37,4 +38,4 @@ java_test_host { "general-tests", "mts-permission", ], -}
\ No newline at end of file +} diff --git a/tests/hostside/safetycenter/helper-app/Android.bp b/tests/hostside/safetycenter/helper-app/Android.bp index a05f8d2f3..04e660134 100644 --- a/tests/hostside/safetycenter/helper-app/Android.bp +++ b/tests/hostside/safetycenter/helper-app/Android.bp @@ -15,6 +15,7 @@ // package { + default_team: "trendy_team_safety_center", default_applicable_licenses: ["Android-Apache-2.0"], } @@ -33,4 +34,4 @@ android_test_helper_app { "safety-center-pending-intents", "safety-center-test-util-lib", ], -}
\ No newline at end of file +} diff --git a/tests/hostside/safetycenter/helper-app/src/android/safetycenter/hostside/device/SafetyCenterInteractionLoggingHelperTests.kt b/tests/hostside/safetycenter/helper-app/src/android/safetycenter/hostside/device/SafetyCenterInteractionLoggingHelperTests.kt index 0f1356ca4..f37479180 100644 --- a/tests/hostside/safetycenter/helper-app/src/android/safetycenter/hostside/device/SafetyCenterInteractionLoggingHelperTests.kt +++ b/tests/hostside/safetycenter/helper-app/src/android/safetycenter/hostside/device/SafetyCenterInteractionLoggingHelperTests.kt @@ -74,7 +74,7 @@ class SafetyCenterInteractionLoggingHelperTests { safetyCenterTestHelper.setData(SINGLE_SOURCE_ID, safetySourceTestData.informationWithIssue) context.launchSafetyCenterQsActivity { - openPageAndExit("Settings") { waitAllTextDisplayed("OK") } + openPageAndExit("Settings") { waitAllTextDisplayed(safetySourceTestData.informationIssue.title) } } } diff --git a/tests/utils/safetycenter/Android.bp b/tests/utils/safetycenter/Android.bp index 1c76dc775..6accefae9 100644 --- a/tests/utils/safetycenter/Android.bp +++ b/tests/utils/safetycenter/Android.bp @@ -14,6 +14,7 @@ // limitations under the License. // package { + default_team: "trendy_team_android_permissions", default_applicable_licenses: ["Android-Apache-2.0"], } |