summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--PermissionController/res/xml/roles.xml2
-rw-r--r--PermissionController/role-controller/java/com/android/role/controller/behavior/AssistantRoleBehavior.java34
-rw-r--r--tests/cts/permissionpolicy/res/raw/android_manifest.xml9
3 files changed, 4 insertions, 41 deletions
diff --git a/PermissionController/res/xml/roles.xml b/PermissionController/res/xml/roles.xml
index 2fd5d6ac5..3c61d1569 100644
--- a/PermissionController/res/xml/roles.xml
+++ b/PermissionController/res/xml/roles.xml
@@ -720,8 +720,6 @@
minSdkVersion="35" />
<permission name="android.permission.MANAGE_DEVICE_POLICY_AUDIT_LOGGING"
minSdkVersion="35" />
- <permission name="android.permission.EXECUTE_APP_FUNCTIONS"
- featureFlag="android.app.appfunctions.flags.Flags.enableAppFunctionManager" />
<permission name="android.permission.EXECUTE_APP_FUNCTIONS_TRUSTED"
featureFlag="android.app.appfunctions.flags.Flags.enableAppFunctionManager" />
</permissions>
diff --git a/PermissionController/role-controller/java/com/android/role/controller/behavior/AssistantRoleBehavior.java b/PermissionController/role-controller/java/com/android/role/controller/behavior/AssistantRoleBehavior.java
index 1dc0aea48..a99b1ade2 100644
--- a/PermissionController/role-controller/java/com/android/role/controller/behavior/AssistantRoleBehavior.java
+++ b/PermissionController/role-controller/java/com/android/role/controller/behavior/AssistantRoleBehavior.java
@@ -17,7 +17,6 @@
package com.android.role.controller.behavior;
import android.app.ActivityManager;
-import android.app.appfunctions.flags.Flags;
import android.app.role.RoleManager;
import android.content.Context;
import android.content.Intent;
@@ -37,18 +36,15 @@ import android.util.Xml;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
-import com.android.role.controller.model.Permissions;
import com.android.role.controller.model.Role;
import com.android.role.controller.model.RoleBehavior;
import com.android.role.controller.model.VisibilityMixin;
-import com.android.role.controller.util.PackageUtils;
import com.android.role.controller.util.UserUtils;
import org.xmlpull.v1.XmlPullParserException;
import java.io.IOException;
import java.util.ArrayList;
-import java.util.Arrays;
import java.util.List;
import java.util.Set;
@@ -59,14 +55,6 @@ public class AssistantRoleBehavior implements RoleBehavior {
private static final String LOG_TAG = AssistantRoleBehavior.class.getSimpleName();
- /**
- * Permissions to be granted if the application fulfilling the assistant role is also a system
- * or preinstalled app.
- */
- private static final List<String> SYSTEM_ASSISTANT_PERMISSIONS = Arrays.asList(
- android.Manifest.permission.EXECUTE_APP_FUNCTIONS
- );
-
@Override
public void onRoleAddedAsUser(@NonNull Role role, @NonNull UserHandle user,
@NonNull Context context) {
@@ -88,28 +76,6 @@ public class AssistantRoleBehavior implements RoleBehavior {
return !UserUtils.isProfile(user, context);
}
- @Override
- public void grantAsUser(@NonNull Role role, @NonNull String packageName,
- @NonNull UserHandle user, @NonNull Context context) {
- if (Flags.enableAppFunctionManager()) {
- if (PackageUtils.isSystemPackageAsUser(packageName, user, context)) {
- Permissions.grantAsUser(packageName, SYSTEM_ASSISTANT_PERMISSIONS, false, false,
- true, false, false, user, context);
- }
- }
- }
-
- @Override
- public void revokeAsUser(@NonNull Role role, @NonNull String packageName,
- @NonNull UserHandle user, @NonNull Context context) {
- if (Flags.enableAppFunctionManager()) {
- if (PackageUtils.isSystemPackageAsUser(packageName, user, context)) {
- Permissions.revokeAsUser(packageName, SYSTEM_ASSISTANT_PERMISSIONS, true, false,
- false, user, context);
- }
- }
- }
-
@Nullable
@Override
public List<String> getQualifyingPackagesAsUser(@NonNull Role role, @NonNull UserHandle user,
diff --git a/tests/cts/permissionpolicy/res/raw/android_manifest.xml b/tests/cts/permissionpolicy/res/raw/android_manifest.xml
index a2f85c6a1..9a78e7e48 100644
--- a/tests/cts/permissionpolicy/res/raw/android_manifest.xml
+++ b/tests/cts/permissionpolicy/res/raw/android_manifest.xml
@@ -8137,19 +8137,18 @@
android:featureFlag="android.app.appfunctions.flags.enable_app_function_manager"
android:protectionLevel="internal|role" />
- <!-- @SystemApi Allows an application to perform actions on behalf of users inside of
+ <!-- Allows an application to perform actions on behalf of users inside of
applications.
- <p>This permission is currently only granted to preinstalled / system apps having the
- {@link android.app.role.ASSISTANT} role.
+ <p>This permission is currently only granted to privileged system apps.
<p>Apps contributing app functions can opt to disallow callers with this permission,
limiting to only callers with {@link android.permission.EXECUTE_APP_FUNCTIONS_TRUSTED}
instead.
<p>Protection level: internal|role
@hide
- @FlaggedApi("android.app.appfunctions.flags.enable_app_function_manager") -->
+ @FlaggedApi(android.app.appfunctions.flags.Flags.FLAG_ENABLE_APP_FUNCTION_MANAGER) -->
<permission android:name="android.permission.EXECUTE_APP_FUNCTIONS"
android:featureFlag="android.app.appfunctions.flags.enable_app_function_manager"
- android:protectionLevel="internal|role" />
+ android:protectionLevel="internal|privileged" />
<!-- Allows an application to display its suggestions using the autofill framework.
<p>For now, this permission is only granted to the Browser application.
generated by cgit v1.2.3-59-g8ed1b (git 2.39.0) at 2025-10-20 10:36:50 +0000