Cross Reference: /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java

History log of /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
c02a10d8b626469ea64babebfd88fb96ea9ececf	12-Sep-2015	Svet Ganov <svetoslavganov@google.com>	Default grant SMS and Phone to the verifier bug:24012164 Change-Id: I756644c8044076b2550d7ca104f542f50da0226b /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
f2cb6f7e3ea143ba4acace0821c9d49e363da7eb	17-Aug-2015	Junda Liu <junda@google.com>	Merge "Grant SMS carrier provisioning app the permission to receive SMS." into mnc-dev
d878f5327793310d5fda083f800644bc96d6a6e8	13-Aug-2015	Junda Liu <junda@google.com>	Grant SMS carrier provisioning app the permission to receive SMS. Bug: b/22982966 Change-Id: I4af525532e2f97973ba255bf8dbb002e42997eea /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
52153f4c0540a991b5b7214f4f14b5a891479a3c	11-Aug-2015	Svet Ganov <svetoslavganov@google.com>	Add GTS test to ensure valid default permission grants - framework The platform grants runtime permissions by default to apps on the system image that provide core device use cases which a user expects to work out-of-the-box. We are now adding a test to ensure that OEMs cannot pregrant premissions on non approved components. bug:23043018 Change-Id: Id76717cce0ee59678956bd0be347d3c045fe4c51 /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
0e62952aad13270bf3577a3381446cfc2dfba9ed	06-Aug-2015	Svetoslav <svetoslavganov@google.com>	Pregrant unrevokable storage permission to the CertInstaller bug:22988119 Change-Id: I310aa7149f67a7918cecfda13c69ab91c7c6e1a8 /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
0855357c4fec1fddb4ebf20d9e7986090962f99d	03-Aug-2015	Svetoslav Ganov <svetoslavganov@google.com>	Merge "User correct category for finding headless sync adapters" into mnc-dev
05069b96d0464744e27f0eededcff7bf0ba17e9e	01-Aug-2015	Svet Ganov <svetoslavganov@google.com>	User correct category for finding headless sync adapters bug:22857409 Change-Id: Icc42f1af72c59fba3c60e1bcd558c621df70940a /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
8d1d8fdaa40cc2149604c9947a7ccf1a6a494e36	30-Jul-2015	Shishir Agrawal <shishir@google.com>	Merge "Add SMS permissions for Carrier app." into mnc-dev
ad63247690a5082a74891cd16278f6c2ba8760c6	30-Jul-2015	Shishir Agrawal <shishir@google.com>	Add SMS permissions for Carrier app. Carrier apps can act as a transport for SMS and MMS. They may proxy SMSes that user is sending and need to have access to be able to send these SMSes via the radio. Bug: 22830087 Change-Id: I98c0ff1b208be1a7227aef7a4a69222050b3ddb4 /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
393c7fb2c67e7fc9dfab710a52313f9b55aaa57c	29-Jul-2015	Svetoslav Ganov <svetoslavganov@google.com>	Merge "Default grants: handle update system packages" into mnc-dev
4aa97977863e01af3803afcee97292109bbec97c	29-Jul-2015	Svetoslav <svetoslavganov@google.com>	Default grants: handle update system packages If there is an app on the system image that gets default grants but it is updated with a version that does not use all permissions the version on the system image does, we would wrongly try to grant a permission to the updated app that it does not request and crash as a result. Now we default grant permission that are requested by the system version of the app regardless if it is updated but only if the system app is not updated or the update also uses these permissions. bug:22800767 Change-Id: Ic22b62ba4976367420a56bdadc8e3824b0b9104f /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
cf85562bc9a0f01db51b4088e72f05a8089fc7f1	29-Jul-2015	Sailesh Nepal <sail@google.com>	Default permissions for sim call manager This CL adds the following permissions by default to the SIM call manager: - microphone - phone BUG: 22790160 Change-Id: Icaf1db6c6943b3ddbd16a946a81d1bfb734d761f /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
c6ab8b9ecbf08fe3b2dda18caaa808ce6280530d	23-Jul-2015	Svetoslav <svetoslavganov@google.com>	Grant record audio to system reco service by default bug:22668415 Change-Id: I0fec7cc671bb1cc3a13b870748fc8e110a11250e /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
fbc6f2cb6c5313ac246b8554764a719dd06582fc	18-Jul-2015	Svetoslav Ganov <svetoslavganov@google.com>	Merge "Revert "Do not auto grant GET_ACCOUNTS as it is temporarily normal"" into mnc-dev
5ff4383b466fc26e6696a7bbeb6df5eb7a3c8cc5	17-Jul-2015	Svet Ganov <svetoslavganov@google.com>	Merge "Grant default permissions to default apps despite user choices." into mnc-dev
4bb5187e63456a500518e698d5646672188cb3c3	17-Jul-2015	Svet Ganov <svetoslavganov@google.com>	Grant default permissions to default apps despite user choices. This implements the policy of granting default permissions to default apps upon a selection despite past user permission choices. The act of picking the app as the default one means the user expects it to work in this capacity as SMS app, Phone app, Browser app. bug:22062549 Change-Id: I5e427f2b939e85bb8bbfd311cc271b96857a7ce6 /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
54a0cf1b95d5dfc40ef26035dfc4f45c0e7e3fe3	17-Jul-2015	Svetoslav Ganov <svetoslavganov@google.com>	Revert "Do not auto grant GET_ACCOUNTS as it is temporarily normal" This reverts commit 33852d8cd21434b4106b8f2c504752ef34abb2da. Change-Id: I29a212876c93ae0288967ffcff223abafad78827 /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
33852d8cd21434b4106b8f2c504752ef34abb2da	17-Jul-2015	Svet Ganov <svetoslavganov@google.com>	Do not auto grant GET_ACCOUNTS as it is temporarily normal bug:22550851 Change-Id: Iea5dd8fde07074220167a937b32208b1c9488d9d /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
bc92479a297904856f0815bc14bcb6763bbbf8bf	16-Jul-2015	Makoto Onuki <omakoto@google.com>	DefaultPermission: GET_ACCOUNTS is now in CONTACTS Bug 22532312 Change-Id: If7ad0faa3a196bb28da1ddc13788c0430df1d1ee /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
50a8bf4da0fe1685bfe6a0ecd9a9677e363e2ee1	15-Jul-2015	Svet Ganov <svetoslavganov@google.com>	Grant default permissions to the setup app robustly. There is a zoo of components that handle the home intent and have different priority. There is no reliable way to distinguish the setup app from the other apps that handle home as some of them have lower priority than the setup app and some higher. This change adds a dedicated category to recognize the default setup app. Uncommented the code that grants accounts permissions as the get_accounts permission is now a runtime permission and can be granted. bug:22471024 bug:22501463 Change-Id: I41726751fa2567cbcd7d09c7acfa7615b8aba577 /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
fc2bc7f170ba564bc439fd22dd5a779d96670ffd	14-Jul-2015	Svet Ganov <svetoslavganov@google.com>	Merge "Check signatures of privileged persistent apps for granting defailt permissions" into mnc-dev
8b24a1d30fa5d2b80b2b6a37454dcc1e67d0e79d	14-Jul-2015	Svetoslav <svetoslavganov@google.com>	Fix two grant default permissions edge cases. 1. When querying for components to which to grant default permissions we are now getting disabled components as well as we want such packages to get default pemrissions on upgrade as disabled components may get reenabled. 2. When resolving activities to whose packages to grant default permissions we skip the corss-profile and skip-profile filters as they are set by device policy which should not affect implicitly default permission grants. Policy has explicit APIs for permission management. bug:22405963 Change-Id: Idf56d35e567a6fd6e097cd45988d1561422ee6fc /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
96d00ab359d60197321f06b4feb3d01f3fa03a29	13-Jul-2015	Billy Lau <billylau@google.com>	Merge "Bug: 21589105 Rescope WRITE_SETTINGS and SYSTEM_ALERT_WINDOW permission" into mnc-dev
22b3f4cb15207239e203d5ec8b72ec6bc90fef35	08-Jul-2015	Billy Lau <billylau@google.com>	Bug: 21589105 Rescope WRITE_SETTINGS and SYSTEM_ALERT_WINDOW permission Raised the protection level of WRITE_SETTINGS permission to appop and also allowed backwards compatibility with pre23 flag. Also made sure that this permission is not added as RuntimePermission in DefaultPermissionGrantPolicy as that breaks a lot of gmscore stuff. Introduced new action to manage write system settings as a new API and renamed the string that describes the managing of overlay permission. Change-Id: Ifd25a6ddc06de68ee37015cb9fb23452e4ef10f4 /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
824d453246d65db43fd7bc24df6fa3d536d2b54a	11-Jul-2015	Svet Ganov <svetoslavganov@google.com>	Check signatures of privileged persistent apps for granting defailt permissions bug:22391058 Change-Id: I56d060f0435fadf87a8cf255ea887dd5b3903821 /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
6b7a07848b21001a41aea1b6426ec2f75ea652ec	09-Jul-2015	Jack Yu <jackyu@google.com>	Merge "Grant SMS permissions to Cell Broadcast receiver which emergency/non-emergency broadcast messages from the network." into mnc-dev
ed79bf5d74009f0589407c0289e3c7f41488a0f3	07-Jul-2015	Jack Yu <jackyu@google.com>	Grant SMS permissions to Cell Broadcast receiver which emergency/non-emergency broadcast messages from the network. bug: 22229152 Change-Id: Ide02f0c3faafd37b8205f92df8a33a0bc95dd3d7 /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
3e07ee078de8e364d6be0b18b2b514e40decdb3c	08-Jul-2015	Svetoslav <svetoslavganov@google.com>	Merge "Grant installer and verifier install permissions robustly" into mnc-dev
3e7d977ff7c743713f0ad6336a039d7760ba47d1	07-Jul-2015	Svetoslav <svetoslavganov@google.com>	Grant installer and verifier install permissions robustly bug:22248271 Change-Id: I3a47ae9a112ba7d88b421fcb5f9651d1168ba7a5 /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
7a4082edc4fb85fd0c9aa92d799cb2cb9d957a3e	07-Jul-2015	Makoto Onuki <omakoto@google.com>	Give fixed READ_PHONE_STATE permission to calllog provider Calllog provider lives in the same APK as contacts provider. Bug 22300894 Bug 22297735 Change-Id: I77f3ee18f093b5adb819308c113062c490a3b54b /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
a72eac60c7a34089c8e288f03ce031172e3b36b4	06-Jul-2015	Amith Yamasani <yamasani@google.com>	Fix a typo causing NPE in restricted profiles Bug: 22287398 Change-Id: Iec19d890c7b0b7ffed3381dc3f5a9b3e761362a7 /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
77ab6a888afaeb9010c7c3884adcd4819dbcee66	03-Jul-2015	Svet Ganov <svetoslavganov@google.com>	Show basic feature warning for default granted permissions bug:22174223 Change-Id: Ie8209e1f678ac459893151b5125e86eb5025aad8 /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
2799767886cc230d554ec7e7e9c7596b3e311e13	02-Jul-2015	Svet Ganov <svetoslavganov@google.com>	Merge "Grant the default gallery app storage permissions" into mnc-dev
200d494b93e8920c61f3795c6c8fc8aac99f99b9	02-Jul-2015	Svet Ganov <svetoslavganov@google.com>	Grant the default gallery app storage permissions bug:22127986 Change-Id: I1ecd49d57d410bf10734fea4e0c92e6e5028d648 /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
a5a0d94023b2d9b7c9019fc40e7479995b82066c	02-Jul-2015	Svetoslav <svetoslavganov@google.com>	Make granting default SMS and Phone permissions robust The default dialer and sms apps are provided by the telecomm stak which is brought up asynchronously as a service to which the system binds. Hence, by the time we grant default permissions this service is not bound and we do not know the default dialer (accidentally the default SMS app is available before the service is up). Now the default permission grant code is robust to handle both cases of the default sms and phone apps being available at grant time or asynchronously. bug:22208642 Change-Id: I6385a0432368731aa9caea046d57eccbfb5abac0 /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
0010b70beae6fafd3faf06e1b02291f59f9f85db	01-Jul-2015	Svetoslav <svetoslavganov@google.com>	Grant permissions to headless system calendar/contacts sync adapters. bug:21861781 Change-Id: I5f9905a23ba1b23e387adf2cea842172d34207b0 /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
fc2740ae571f68f1a83bf3197655970e7e597de4	01-Jul-2015	Jeff Sharkey <jsharkey@android.com>	Merge "Hand out storage to more system apps." into mnc-dev
7186dd3a3073320df053145acce8e5d23568f312	01-Jul-2015	Jeff Sharkey <jsharkey@android.com>	Hand out storage to more system apps. Grant storage access to the Storage Access Framework provider that offers to delegate access to storage devices. Also grant to the default music app. Bug: 22104872 Change-Id: I8cf7dceec8b4c1e31f8ddd40b094ccd4ecb1caf8 /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
4a23ac45895ec65e2357b2e52726229dbead9bb1	30-Jun-2015	Svet Ganov <svetoslavganov@google.com>	Merge "Installer is a part of the system with unrevocable permissions" into mnc-dev
6a166af8fd25445c1b9a4d7869d87557fcb79cf9	30-Jun-2015	Svet Ganov <svetoslavganov@google.com>	Installer is a part of the system with unrevocable permissions 1. Mark the installer permissions as not revocable. 2. Make the permission result dispatch more robust to handle installer death. bug:22012614 Change-Id: Idee30ca884b87ccf97ba1bb878d4c49912e474b8 /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
82143339d4bec1e67f8f3a8df6d276df0b2f9e03	30-Jun-2015	Dianne Hackborn <hackbod@google.com>	Fix issue #22185268: apps crash with missing permissions and NPE on AppOpsManager Turn off GET_ACCOUNTS permission assigning for now. Change-Id: I576117b26a43ca2da10db8bb2b1e4e176109ae39 /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
b6e0013768f11e47b30cd707fd249b4609cc6ca7	30-Jun-2015	Svet Ganov <svetoslavganov@google.com>	Fix build Change-Id: I64fc25c9ddd79c31e5bf34ec7bb4e21541be315b /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
03b5f128dbc375c1a28468773f39e85a5f70fc9a	30-Jun-2015	Svetoslav <svetoslavganov@google.com>	Merge "Grant default permissons to the default SMS, Phone, Browser app." into mnc-dev
cdfd230a392d0f0557a3a5bada221b7a05113392	26-Jun-2015	Svetoslav <svetoslavganov@google.com>	Grant default permissons to the default SMS, Phone, Browser app. The default SMS, Phone, Browser are selected in the UI and we grant default permissions to these. We do this regardless if they are on the system image as the user has made an explicit choice in the UI and the permission we grant are considered essential for such type of a core app to operate properly. bug:22104986 Change-Id: Ide8caeb524b43dde11a20460666cf34c4d35f84b /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
388cd2c2ccc10c7ff8b074c9cb22fa03925b8ad2	27-Jun-2015	Dianne Hackborn <hackbod@google.com>	Auto grant GET_ACCOUNTS where appropriate. And add in a few other things. Change-Id: If86a04a8ec63c252f895dcceb60a0248abb91083 /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
143e118fa90bbeb8cf558ec0d303639d15ee7db7	27-Jun-2015	Svet Ganov <svetoslavganov@google.com>	Merge "Make grant default permission more robust." into mnc-dev
ba3ba81eb8756641ae0079ae9da2779cc22aeb89	26-Jun-2015	Svet Ganov <svetoslavganov@google.com>	Make grant default permission more robust. Change-Id: If492ee3305774419671bbdb72b438c8e540005e9 /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
ca8e6da41c6e63e3ed17eb461171f1ef2e1d29c6	25-Jun-2015	Dianne Hackborn <hackbod@google.com>	Fix issue #22023824: Download folder is not created in internal storage The media provider and some other things need to be given storage access. Also, seems like we should give storage access to the camera app as well. And add a dump dump command that will dump data about a particular permission name. Change-Id: Idaaa9bba2ff4dc95290cf6d17e5df933df91e909 /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
8d9ad19341e19256651ef86274a4382f2c09b279	23-Jun-2015	Jeff Davidson <jpd@google.com>	Merge "Default permissions for carrier apps." into mnc-dev
2a880312086147577e1e814bda6985fa97fb343b	23-Jun-2015	Jeff Davidson <jpd@google.com>	Default permissions for carrier apps. Grant permissions in the PHONE and LOCATION buckets to default carrier apps as defined by the telephony stack. Provide a system API to grant default permissions for carrier apps, as the set of apps may change when a new SIM is inserted. Since the phone process is separate from the system process, we need to allow for binder calls to these APIs. Also fix a log tag that is too long (android.util.Log drops messages silently if the tag is > 23 characters). Bug: 21696731 Change-Id: I98ca0c49c69f621f835ba57c1fd0505f2cec0d0d /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
975fa474a7926d6041a4117bfbe5faa6e6e63057	23-Jun-2015	Svet Ganov <svetoslavganov@google.com>	Auto grant read external storage too - it is now dangerous. We grant external storage permissions to some default handlers by default. Read external storage was promoted to runtime permission but was not granted as a part of the external storage group, i.e. with write external storage. bug:21980225 Change-Id: I1edd7ae13222f12c9a488efb1919f5cf96e4b69d /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
adc1cf46045ae756d3a9ccbccf6b0f894e4c1edd	16-Jun-2015	Svet Ganov <svetoslavganov@google.com>	Only grant runtime permissions to special components. Now runtime permissions are granted only to components that are part of the system or perform special system operations. For exmple, the shell UID gets its runtime permissions granted by default and the default phone app gets the phone permissions granted by default. bug:21764803 Change-Id: If8b8cadbd1980ffe7a6fc15bbb5f54a425f6e8f9 /frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java