From f9d4f08225ac46349cd5877f240dc125fc5fb95a Mon Sep 17 00:00:00 2001 From: Zhi Dou Date: Wed, 19 Mar 2025 20:36:02 +0000 Subject: Replace flag check to sdk version check This change replace flag check to sdk version check to fix the problem that when the new module is installed on the new version of mainline the exported flags will have inconsistent flag value. Test: m Flag: EXEMPT remove flag call Relnote: M0 Bug: 401592182 Change-Id: Ib768880af8eddc96db44a35860042e1e0a0d99a7 --- .../permission/ui/auto/AutoAppPermissionFragment.java | 18 +++++++----------- .../permission/utils/LocationUtils.java | 3 +-- 2 files changed, 8 insertions(+), 13 deletions(-) (limited to 'PermissionController/src') diff --git a/PermissionController/src/com/android/permissioncontroller/permission/ui/auto/AutoAppPermissionFragment.java b/PermissionController/src/com/android/permissioncontroller/permission/ui/auto/AutoAppPermissionFragment.java index 026f108fa..39ca24a71 100644 --- a/PermissionController/src/com/android/permissioncontroller/permission/ui/auto/AutoAppPermissionFragment.java +++ b/PermissionController/src/com/android/permissioncontroller/permission/ui/auto/AutoAppPermissionFragment.java @@ -182,10 +182,8 @@ public class AutoAppPermissionFragment extends AutoSettingsFrameFragment if (SdkLevel.isAtLeastV()) { mSensorPrivacyManager = requireContext().getSystemService(SensorPrivacyManager.class); mCameraPrivacyAllowlist = mSensorPrivacyManager.getCameraPrivacyAllowlist(); - if (Flags.addBannersToPrivacySensitiveAppsForAaos()) { - mAutomotiveLocationBypassAllowlist = - LocationUtils.getAutomotiveLocationBypassAllowlist(requireContext()); - } + mAutomotiveLocationBypassAllowlist = + LocationUtils.getAutomotiveLocationBypassAllowlist(requireContext()); } } @@ -317,13 +315,11 @@ public class AutoAppPermissionFragment extends AutoSettingsFrameFragment if (Manifest.permission_group.CAMERA.equals(mPermGroupName)) { mViewModel.getSensorStatusLiveData().observe(this, this::setSensorStatus); } - if (Flags.addBannersToPrivacySensitiveAppsForAaos()) { - if (Manifest.permission_group.LOCATION.equals(mPermGroupName)) { - mViewModel.getSensorStatusLiveData().observe(this, this::setSensorStatus); - } - if (Manifest.permission_group.MICROPHONE.equals(mPermGroupName)) { - mViewModel.getSensorStatusLiveData().observe(this, this::setSensorStatus); - } + if (Manifest.permission_group.LOCATION.equals(mPermGroupName)) { + mViewModel.getSensorStatusLiveData().observe(this, this::setSensorStatus); + } + if (Manifest.permission_group.MICROPHONE.equals(mPermGroupName)) { + mViewModel.getSensorStatusLiveData().observe(this, this::setSensorStatus); } } diff --git a/PermissionController/src/com/android/permissioncontroller/permission/utils/LocationUtils.java b/PermissionController/src/com/android/permissioncontroller/permission/utils/LocationUtils.java index 3d1e44b6a..76ce9b273 100644 --- a/PermissionController/src/com/android/permissioncontroller/permission/utils/LocationUtils.java +++ b/PermissionController/src/com/android/permissioncontroller/permission/utils/LocationUtils.java @@ -40,7 +40,6 @@ import androidx.annotation.NonNull; import androidx.annotation.RequiresApi; import com.android.modules.utils.build.SdkLevel; -import com.android.permission.flags.Flags; import com.android.permissioncontroller.PermissionControllerApplication; import com.android.permissioncontroller.R; @@ -117,7 +116,7 @@ public class LocationUtils { /** Checks if the provided package is an automotive location bypass allowlisted package. */ public static boolean isAutomotiveLocationBypassAllowlistedPackage( Context context, String packageName) { - return SdkLevel.isAtLeastV() && Flags.addBannersToPrivacySensitiveAppsForAaos() + return SdkLevel.isAtLeastV() && getAutomotiveLocationBypassAllowlist(context).contains(packageName); } -- cgit v1.2.3-59-g8ed1b From 6b45ee23a29c4fe87573b6b7f38a869c6b480c4a Mon Sep 17 00:00:00 2001 From: Zhi Dou Date: Wed, 19 Mar 2025 20:49:15 +0000 Subject: Replace flag check to sdk version check This change replace flag check to sdk version check to fix the problem that when the new module is installed on the new version of mainline the exported flags will have inconsistent flag value. Test: m Flag: EXEMPT remove flag call Relnote: M0 Bug: 401592182 Change-Id: I986e9c9b965683a4bbc50319980cdf035fa30a1c --- .../permission/ui/handheld/AppPermissionGroupsFragment.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'PermissionController/src') diff --git a/PermissionController/src/com/android/permissioncontroller/permission/ui/handheld/AppPermissionGroupsFragment.java b/PermissionController/src/com/android/permissioncontroller/permission/ui/handheld/AppPermissionGroupsFragment.java index 969ac17eb..e995588b2 100644 --- a/PermissionController/src/com/android/permissioncontroller/permission/ui/handheld/AppPermissionGroupsFragment.java +++ b/PermissionController/src/com/android/permissioncontroller/permission/ui/handheld/AppPermissionGroupsFragment.java @@ -492,7 +492,7 @@ public final class AppPermissionGroupsFragment extends SettingsWithLargeHeader i } private boolean isArchivingEnabled() { - return SdkLevel.isAtLeastV() && Flags.archivingReadOnly(); + return SdkLevel.isAtLeastV(); } private void setAutoRevokeToggleState(HibernationSettingState state) { -- cgit v1.2.3-59-g8ed1b From 1378bb8df731e8be31bb2372741b4ab1ccacddef Mon Sep 17 00:00:00 2001 From: Justin Lannin Date: Wed, 19 Mar 2025 14:04:37 -0700 Subject: Wear: Hide health group if not requesting system permissions. This fixes a corner case where if a Wear app is only requesting non-system health permissions, the chip should not be shown. As a consequence this would hide apps only requesting something invalid on Wear like READ_STEPS. This would also hide apps only requesting READ_HEALTH_DATA_IN_BACKGROUND. Bug: 401089783 Test: Local test with app only requesting non-system permissions. See that the chip is hidden. Flag: android.permission.flags.replace_body_sensor_permission_enabled Change-Id: Id2533e06ee9e6df30c5bf2bbdeba04e427810027 Relnote: Fix health chip shown corner case on Wear. --- .../permissioncontroller/permission/utils/Utils.java | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) (limited to 'PermissionController/src') diff --git a/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java b/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java index 327142896..93e5abc70 100644 --- a/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java +++ b/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java @@ -1109,10 +1109,23 @@ public final class Utils { return false; } - // Always show Fitness&Wellness chip on Wear. + // Only show Fitness&Wellness chip on Wear if the app is requesting system permissions. if (Flags.replaceBodySensorPermissionEnabled() - && pm.hasSystemFeature(PackageManager.FEATURE_WATCH)) { - return true; + && pm.hasSystemFeature(PackageManager.FEATURE_WATCH)) { + Set requestedPermissions = new HashSet<>(packageInfo.getRequestedPermissions()); + for (PermissionInfo permission : permissions) { + if (!requestedPermissions.contains(permission.name)) { + continue; + } + String appOpStr = AppOpsManager.permissionToOp(permission.name); + if (appOpStr != null + && !appOpStr.equals(AppOpsManager.OPSTR_READ_WRITE_HEALTH_DATA)) { + // Found system health permission. Show the chip. + return true; + } + } + // No valid system permissions are requested. + return false; } // Check in permission is already granted as we should not hide it in the UX at that point. -- cgit v1.2.3-59-g8ed1b From 324bea02b44b8ba12e470e9f7c56bc8c087bb64a Mon Sep 17 00:00:00 2001 From: Zhi Dou Date: Wed, 19 Mar 2025 20:14:04 +0000 Subject: Replace flag check to sdk version check This change replace flag check to sdk version check to fix the problem that when the new module is installed on the new version of mainline the exported flags will have inconsistent flag value. Test: atest PermissionControllerMockingTests GtsPermissionUiTestCases Bug: 401592182 Flag: EXEMPT remove flag call Relnote: M05 Change-Id: Ieb5245856d0c306870edd4211d206af8f979445f --- .../appops/data/repository/v31/AppOpRepository.kt | 17 +++++++---------- .../v31/GetPermissionGroupUsageDetailsUseCase.kt | 3 +-- .../domain/usecase/v31/PermissionUsageUtils.kt | 4 +--- .../ui/model/v31/PermissionUsageDetailsViewModel.kt | 4 +--- .../permission/utils/PermissionMapping.kt | 12 ++++-------- .../GetPermissionGroupUsageDetailsUseCaseTest.kt | 12 ++++++++++-- 6 files changed, 24 insertions(+), 28 deletions(-) (limited to 'PermissionController/src') diff --git a/PermissionController/src/com/android/permissioncontroller/appops/data/repository/v31/AppOpRepository.kt b/PermissionController/src/com/android/permissioncontroller/appops/data/repository/v31/AppOpRepository.kt index 21ced3b28..7a59aa2bc 100644 --- a/PermissionController/src/com/android/permissioncontroller/appops/data/repository/v31/AppOpRepository.kt +++ b/PermissionController/src/com/android/permissioncontroller/appops/data/repository/v31/AppOpRepository.kt @@ -27,7 +27,6 @@ import android.app.AppOpsManager.OP_FLAG_TRUSTED_PROXIED import android.app.AppOpsManager.OP_FLAG_TRUSTED_PROXY import android.app.Application import android.os.UserHandle -import android.permission.flags.Flags import android.util.Log import com.android.modules.utils.build.SdkLevel import com.android.permissioncontroller.DeviceUtils @@ -74,7 +73,7 @@ interface AppOpRepository { */ fun getDiscreteOps( opNames: List, - coroutineScope: CoroutineScope + coroutineScope: CoroutineScope, ): Flow> companion object { @@ -82,7 +81,7 @@ interface AppOpRepository { fun getInstance( application: Application, - permissionRepository: PermissionRepository + permissionRepository: PermissionRepository, ): AppOpRepository = instance ?: synchronized(this) { @@ -104,7 +103,7 @@ class AppOpRepositoryImpl( override fun getDiscreteOps( opNames: List, - coroutineScope: CoroutineScope + coroutineScope: CoroutineScope, ): Flow> { return callbackFlow { var job: Job? = null @@ -112,9 +111,7 @@ class AppOpRepositoryImpl( fun sendUpdate() { if (job == null || job?.isActive == false) { - job = coroutineScope.launch(dispatcher) { - trySend(getDiscreteOps(opNames)) - } + job = coroutineScope.launch(dispatcher) { trySend(getDiscreteOps(opNames)) } } } @@ -229,10 +226,10 @@ class AppOpRepositoryImpl( packageOps.ops.map { opEntry -> AppOpUsageModel( opEntry.opStr, - opEntry.getLastAccessTime(OPS_LAST_ACCESS_FLAGS) + opEntry.getLastAccessTime(OPS_LAST_ACCESS_FLAGS), ) }, - UserHandle.getUserHandleForUid(packageOps.uid).identifier + UserHandle.getUserHandleForUid(packageOps.uid).identifier, ) } } @@ -254,7 +251,7 @@ class AppOpRepositoryImpl( if (SdkLevel.isAtLeastT()) { opNames.add(AppOpsManager.OPSTR_RECEIVE_AMBIENT_TRIGGER_AUDIO) } - if (SdkLevel.isAtLeastV() && Flags.locationBypassPrivacyDashboardEnabled()) { + if (SdkLevel.isAtLeastV()) { opNames.add(AppOpsManager.OPSTR_EMERGENCY_LOCATION) } return opNames diff --git a/PermissionController/src/com/android/permissioncontroller/permission/domain/usecase/v31/GetPermissionGroupUsageDetailsUseCase.kt b/PermissionController/src/com/android/permissioncontroller/permission/domain/usecase/v31/GetPermissionGroupUsageDetailsUseCase.kt index 5ba649fd3..cc49b4ef3 100644 --- a/PermissionController/src/com/android/permissioncontroller/permission/domain/usecase/v31/GetPermissionGroupUsageDetailsUseCase.kt +++ b/PermissionController/src/com/android/permissioncontroller/permission/domain/usecase/v31/GetPermissionGroupUsageDetailsUseCase.kt @@ -227,8 +227,7 @@ class GetPermissionGroupUsageDetailsUseCase( } } - private fun isLocationByPassEnabled(): Boolean = - SdkLevel.isAtLeastV() && Flags.locationBypassPrivacyDashboardEnabled() + private fun isLocationByPassEnabled(): Boolean = SdkLevel.isAtLeastV() /** * Determine if an op should be in its own cluster and hence display as an individual entry in diff --git a/PermissionController/src/com/android/permissioncontroller/permission/domain/usecase/v31/PermissionUsageUtils.kt b/PermissionController/src/com/android/permissioncontroller/permission/domain/usecase/v31/PermissionUsageUtils.kt index 7f5910ac1..9526d0bdd 100644 --- a/PermissionController/src/com/android/permissioncontroller/permission/domain/usecase/v31/PermissionUsageUtils.kt +++ b/PermissionController/src/com/android/permissioncontroller/permission/domain/usecase/v31/PermissionUsageUtils.kt @@ -21,7 +21,6 @@ import android.content.pm.ApplicationInfo import android.content.pm.PackageInfo import android.content.pm.PackageManager import android.os.UserHandle -import android.permission.flags.Flags import androidx.annotation.VisibleForTesting import com.android.modules.utils.build.SdkLevel import com.android.permissioncontroller.permission.data.repository.v31.PermissionRepository @@ -99,5 +98,4 @@ private fun isTelecomPackage(packageName: String, permissionGroup: String): Bool permissionGroup == Manifest.permission_group.MICROPHONE) } -fun isLocationByPassEnabled(): Boolean = - SdkLevel.isAtLeastV() && Flags.locationBypassPrivacyDashboardEnabled() +fun isLocationByPassEnabled(): Boolean = SdkLevel.isAtLeastV() diff --git a/PermissionController/src/com/android/permissioncontroller/permission/ui/model/v31/PermissionUsageDetailsViewModel.kt b/PermissionController/src/com/android/permissioncontroller/permission/ui/model/v31/PermissionUsageDetailsViewModel.kt index ad21ab220..d8eeb8fd9 100644 --- a/PermissionController/src/com/android/permissioncontroller/permission/ui/model/v31/PermissionUsageDetailsViewModel.kt +++ b/PermissionController/src/com/android/permissioncontroller/permission/ui/model/v31/PermissionUsageDetailsViewModel.kt @@ -30,7 +30,6 @@ import android.graphics.drawable.Drawable import android.location.LocationManager import android.os.Build import android.os.UserHandle -import android.permission.flags.Flags import androidx.annotation.RequiresApi import androidx.annotation.VisibleForTesting import androidx.lifecycle.AndroidViewModel @@ -406,8 +405,7 @@ class PermissionUsageDetailsViewModel( } } - private fun isLocationByPassEnabled(): Boolean = - SdkLevel.isAtLeastV() && Flags.locationBypassPrivacyDashboardEnabled() + private fun isLocationByPassEnabled(): Boolean = SdkLevel.isAtLeastV() fun create( app: Application, diff --git a/PermissionController/src/com/android/permissioncontroller/permission/utils/PermissionMapping.kt b/PermissionController/src/com/android/permissioncontroller/permission/utils/PermissionMapping.kt index 93a1a66df..1693b32d1 100644 --- a/PermissionController/src/com/android/permissioncontroller/permission/utils/PermissionMapping.kt +++ b/PermissionController/src/com/android/permissioncontroller/permission/utils/PermissionMapping.kt @@ -45,7 +45,7 @@ object PermissionMapping { listOf( Manifest.permission_group.LOCATION, Manifest.permission_group.CAMERA, - Manifest.permission_group.MICROPHONE + Manifest.permission_group.MICROPHONE, ) @JvmField @@ -55,7 +55,7 @@ object PermissionMapping { listOf( Manifest.permission_group.STORAGE, Manifest.permission_group.READ_MEDIA_AURAL, - Manifest.permission_group.READ_MEDIA_VISUAL + Manifest.permission_group.READ_MEDIA_VISUAL, ) val PARTIAL_MEDIA_PERMISSIONS: MutableSet = mutableSetOf() @@ -370,7 +370,7 @@ object PermissionMapping { val appSupportsPickerPrompt = group.permissions[Manifest.permission.READ_MEDIA_VISUAL_USER_SELECTED]?.isImplicit == - false + false return if (appSupportsPickerPrompt) { PARTIAL_MEDIA_PERMISSIONS @@ -402,11 +402,7 @@ object PermissionMapping { if (opName == AppOpsManager.OPSTR_PHONE_CALL_CAMERA) { return Manifest.permission_group.CAMERA } - if ( - SdkLevel.isAtLeastV() && - Flags.locationBypassPrivacyDashboardEnabled() && - opName == AppOpsManager.OPSTR_EMERGENCY_LOCATION - ) { + if (SdkLevel.isAtLeastV() && opName == AppOpsManager.OPSTR_EMERGENCY_LOCATION) { return Manifest.permission_group.LOCATION } diff --git a/PermissionController/tests/mocking/src/com/android/permissioncontroller/tests/mocking/permission/domain/usecase/GetPermissionGroupUsageDetailsUseCaseTest.kt b/PermissionController/tests/mocking/src/com/android/permissioncontroller/tests/mocking/permission/domain/usecase/GetPermissionGroupUsageDetailsUseCaseTest.kt index cb36de2b1..b73113ffc 100644 --- a/PermissionController/tests/mocking/src/com/android/permissioncontroller/tests/mocking/permission/domain/usecase/GetPermissionGroupUsageDetailsUseCaseTest.kt +++ b/PermissionController/tests/mocking/src/com/android/permissioncontroller/tests/mocking/permission/domain/usecase/GetPermissionGroupUsageDetailsUseCaseTest.kt @@ -21,10 +21,12 @@ import android.content.Context import android.content.pm.ApplicationInfo import android.content.pm.PackageInfo import android.content.pm.PackageManager +import android.os.Build import android.os.UserHandle import android.permission.flags.Flags import android.platform.test.annotations.RequiresFlagsEnabled import androidx.test.ext.junit.runners.AndroidJUnit4 +import androidx.test.filters.SdkSuppress import com.android.dx.mockito.inline.extended.ExtendedMockito import com.android.modules.utils.build.SdkLevel import com.android.permissioncontroller.PermissionControllerApplication @@ -846,7 +848,10 @@ class GetPermissionGroupUsageDetailsUseCaseTest { @Test @Ignore("b/365004787") - @RequiresFlagsEnabled(Flags.FLAG_LOCATION_BYPASS_PRIVACY_DASHBOARD_ENABLED) + @SdkSuppress( + minSdkVersion = Build.VERSION_CODES.VANILLA_ICE_CREAM, + codeName = "VanillaIceCream", + ) fun emergencyAccessesAreNotClusteredWithRegularAccesses() = runTest { Assume.assumeTrue(SdkLevel.isAtLeastV()) val appOpEvents = @@ -870,7 +875,10 @@ class GetPermissionGroupUsageDetailsUseCaseTest { } @Test - @RequiresFlagsEnabled(Flags.FLAG_LOCATION_BYPASS_PRIVACY_DASHBOARD_ENABLED) + @SdkSuppress( + minSdkVersion = Build.VERSION_CODES.VANILLA_ICE_CREAM, + codeName = "VanillaIceCream", + ) fun emergencyAccessesAreClustered() = runTest { Assume.assumeTrue(SdkLevel.isAtLeastV()) val appOpEvents = -- cgit v1.2.3-59-g8ed1b