23c8292acc0d45a0f19f3ea8107d48cc52d87dc5 |
|
04-Apr-2016 |
Martijn Coenen <maco@google.com> |
Merge "Grant NFC tag app default permissions." into nyc-dev
|
b23346639b66783c1662fd8ffa5345ef5cef336c |
|
23-Mar-2016 |
Russell Brenner <russellbrenner@google.com> |
Add new protection level for setup wizard Adds PROTECTION_LEVEL_SETUP, a privileged permission for use only by the setup wizard. Bug: 20016740 Change-Id: Ib95e349c54d5d12465bf43162975dfb628ef2434
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
284b165d7d14bb2cde8a4c87a24792c04398fb10 |
|
30-Mar-2016 |
Martijn Coenen <maco@google.com> |
Grant NFC tag app default permissions. Bug: 25535025 Change-Id: I7fbe261c9c48844b7a6833c85df2268afc5215e0
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
8a372a0a280127743ce9a7ce4b6198c7a02d2a4f |
|
16-Mar-2016 |
Jeff Sharkey <jsharkey@android.com> |
Refactoring FBE APIs based on council feedback. Mostly consists of removing the word "encryption" from most APIs, since we can't actually make promises about the data being encrypted. Bug: 27531029 Change-Id: Iace9d7c4e64716abf86ed11847c40f3947e1d625
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
66c96591e2ddb464c67e60dbf4193ef4ec8a620b |
|
24-Feb-2016 |
Philip P. Moltmann <moltmann@google.com> |
Add "app printer activity" and always keep the print service state updated. Also fiddle with the UI to use more standard values. To be sure the print service state alwasy updated I changed PrintManager.getPrintServices to return a loader which just wraps a registerListener/getList/removeListener combo. I also added a new function to enabled/disable a print service to be keep all updating logic inside the PrintManagerService->UserState. Then I changed all code to use this new interface. Detailed comments: PrintServiceInfo: - I had to add the enabled state to the PrintServiceInfo as some users of PrintManager.getPrintServices want all services but then display different data depending on the enabled state. Of course I could have created two PrintManager.getPrintServices-loaders to load the two separate list of services. I think it is much easier to add this property though. It is updated every time new data is returned to the PrintManager.getPrintServices-loader. AddPrinterActivity: - This is shown as a dialog-style overlay to indicate that the user will return to the select-printers activity. It contains of three list that are updated via separate loaders. - The recommended services will be added later to keep this path set small. PrintActivity: - There are two small places where we have to update the data when we get a new list of print services. - In very, very rare conditions it can happen that the print service of the current printer gains or looses the "advancedOptions" activity - If we have no enabled print services we want to show "Add printer" instead of "All printers...". - Also the print registry is not the only loader anymore, hence we have to assign loader ids to it to not conflict with the other loaders in this activity. - Small bug in onPrintersChanged: If a printer is selected and the print service of this printer gets disabled the holder goes into "removed" state which disables the printer. When the print service is then enabled again, we forgot to re-enable the holder. PrinterRegistry: - The registry assumed that the FusedPrinterProvider was the only loader in the activity. This is not true anymore, hence it has to assign the appropriate loader ids. - The FusedPrinterProvider has an internal loader, hence we have to forward a loader Id into it. - The PrintRegistry is only called backed for a single loader, hence no need to check the loader-id. SelectPrinterActivity: - The AddPrinterDialog was removed as we now have the AddPrinterActivity. - Added a loader for the enabled services to update the empty state. - Added dedicated loader Id for the PrinterRegistry again. - If we have no enabled services, the SelectPrinterActivity chainloads the AddPrinterActivity as this is the only thing the user can do anyway. "Save a click". This should only happen when the activity is create the first time. - Moved the "add printer" from the menu item to the list of printers as suggested by UX and Zach. PrintManagerService, UserState and IPrintManagerParamtersTest: - As the only place where the print service state is updated is now the userstate, we have no more sychronization problems. Whohoo. - The users can now register for changes to the print services similar as they can register for changes to the print jobs. - UserState.getPrintServices is the only function can exposes any knowledge of the print services to the outside world. Change-Id: I9be2c7300431e06aaff9bdf7eb36120d869b56ac
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
d5896630f6a2f21da107031cab216dc93bdcd851 |
|
05-Mar-2016 |
Jeff Sharkey <jsharkey@android.com> |
Move more PM calls to ParceledListSlice. Since the data returned by these calls can grow unbounded based on various GET flags, we need to switch 'em over. Bug: 27391893 Change-Id: Ie849ca30dbaaa91158da4c83675657715629a0ee
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
80d78dc92bed0873d03e357e025f994af1217577 |
|
01-Mar-2016 |
Svetoslav Ganov <svetoslavganov@google.com> |
Proper grant default permissions to default SMS and Phone We grant default permissions to the default SMS and Phone apps when they are selected as such to ensure they can do their job. We don't grant default permissions to apps if the version on the system image does not declare them. This is correct for default grants on first boot or a new user creation. This is a problem for default Phone and SMS as we want to grant them the permission as a result of a deliberate user action and therefore should not care if the version on the system image declares the permission. As a result if an SMS app that ships as a stub to reduce image size is later updated to the full version and made the default SMS it would not get the default grants while an installed third-party app that did not ship on the system image would get the grants. This change ensures the default SMS and Phone get their default grants regardless whether the verion on the system image declares the permissions. bug:25288760 Change-Id: I2fecf5cbce4ebabb145a3f29abb555bcb65d54d6
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
2d2908020f9b773e5ae0654fff4f6461d5742e19 |
|
24-Feb-2016 |
mariagpuyol <mariagpuyol@google.com> |
Grant permissions for EmergencyInfo app Bug:27142320 Change-Id: Ib2d824db40d052630e2d4a4a128e832e0546b91b
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
726c45970e35e3fff3eeb4d86c3b772db73adcc7 |
|
18-Feb-2016 |
Yohei Yukawa <yukawa@google.com> |
Stop granting default Contacts permission to IMEs. This partially reverts the previous commit [1], which allowed special components to be granted some pre-configured default permissions. With this CL, we no longer grant Contacts permissions to pre-installed IMEs. Rationals are: 1. Even without this CL, not the all pre-installed IMEs are granted Contacts permission by default, because it was done during the boot time where InputMethodManagerService is not yet completely initialized. The current behavior is confusing not only for users but also for developers. 2. In almost all the cases, IMEs are supposed to be able to work without Contacts permission. Hence it is not too late to ask users to grant the permission to the IME after the initial setup is completed. 3. It is difficult to add new features such as File-Based Encryption (FBE) with keeping the current implementation, because currently we dynamically call mSettings.setCurrentUserId(userId) just to enumerate what IMEs will be enabled for a given user. Adding another condition (whether the user has already unlocked the device or not) would make things more complicated. Note that LatinIME has already support the case where Contacts permission is not granted by default. It does not ask users for anything until Setup-Wizard is completed, and requests Contacts permission only when the user taps a message in the suggestion strip that suggests users to use contacts name for typing suggestions. [1] If8b8cadbd1980ffe7a6fc15bbb5f54a425f6e8f9 adc1cf46045ae756d3a9ccbccf6b0f894e4c1edd Bug: 24756974 Bug: 26743676 Change-Id: Ief2a40b5971b3eb97d765f934d20ce7f2ef25665
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
115d2c189a46f535778d9dd0923f703ff2f888fe |
|
16-Feb-2016 |
Jeff Sharkey <jsharkey@android.com> |
Add feature versions for devices and apps. We're starting to see more instances of device features that will increment separately from the SDK API level, such as camera HAL, GPU capabilities, Bluetooth, and other hardware standards. This change adds the ability for device features to specify a version, which is defined to be backwards compatible. That is, apps requesting an older version of a feature must continue working on devices with a newer version of that same feature. When a version is undefined, we assume the default version "0". Bug: 27162500 Change-Id: If890bf3f3dbb715e8feb80e7059a0d65618482ea
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
76bcfb2e6688f1726f12c1ed3043665fc4409144 |
|
03-Feb-2016 |
Steven Ng <stevenckng@google.com> |
Whitelist camera permission for SetupWizard + Camera permission is required for QR provisioning in SetupWizard. Bug: 26932941 Change-Id: I1573cdd3b8ac708f457a9c7efbbf02c3c8ce6d8d (cherry picked from commit 950b2dee6648a90bd2e9fedecde137f41f7c4513)
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
c5603cc78292fad17eaf7bd773e8a45dad6fba95 |
|
06-Jan-2016 |
Svetoslav Ganov <svetoslavganov@google.com> |
Grant location to SetupWizard by default - framework bug:24914976 Change-Id: I1eaf14fa1e146f0cf1821352eebd2f318d839d5a
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
98963260dc30f1dc3e89dbd0efdfcdc6398d753c |
|
17-Dec-2015 |
Philip P. Moltmann <moltmann@google.com> |
Prefer printers that have been used physically close to the current location of the user. Commonly the users prints on a printer that this near the user current location. Hence if possible we want to show the user printers that he used before and that are close to him. Hence store the location of the previous uses of a printer and prefer printer that are close to the user. Unfortunately getLastLocation might not report a usable location and it will take at least 5 seconds until the first usable location arrives. At this time the user might have already opened the destionation spinner. It would be unexpected for the printers to suddenly change under the users finger. Hence it might be that we did first show the printer without any location information and then once the location is known we cannot update thedestination spinner anymore. The select printer activity does not have this issue, hence in the worst case the user has to enter this activity to select a printer and by then the location is usually determined. This is not ideal but better than before. Bug: 24133609 Change-Id: Ie7d20cf3d9dd163e57903f8f6ecc0b3fd4f4374e
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
2a9e3f8e6813716ab88ca54fd04ae047dc9aaaeb |
|
18-Dec-2015 |
Jeff Sharkey <jsharkey@android.com> |
Better named encryption flags, start triaging. Create distinct flags for encryption aware, unaware, and both, and name them like the other MATCH_ flags. Start adding logic to help triage all system internal callers to verify that they've done their homework and thought about how to handle apps while locked. Call sites in the system should either ask for explicit matching behavior, or explicitly use the DEFAULT match flag to indicate that they've been triaged to use the default state-based matching. Bug: 26250295 Change-Id: I86214e5c4f71a6dc72f06930800388713aecd107
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
ba51235ef5c598d845b77fcf14491329493da34f |
|
13-Nov-2015 |
Jeff Sharkey <jsharkey@android.com> |
More file-based encryption work. Add new "am unlock-user" command so we can trigger changes from the command line. Move FBE check to static method so it can safely be called early during boot before the mount service is ready. Move FBE emulation to persisted system property, and start reading/writing that value. Change default permission grants to ignore current encryption-aware flags, since many of the target apps aren't crypto aware. Always prepare package data directories, which is how we create the new "user_de" paths during boot. Bug: 22358539 Change-Id: I6f58ea2d34b3a466d3775d614f8a13de92272621
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
60cb22008c602c5345504eacb4eb68ea0ac69cf0 |
|
17-Nov-2015 |
Svetoslav Ganov <svetoslavganov@google.com> |
Merge "Handle renamed packages during default grants" am: 140b101fcd * commit '140b101fcdbdf413b914b5625b19577784ad9d88': Handle renamed packages during default grants
|
f443384d9e30111aaa61dac75af1f40d19465e96 |
|
17-Nov-2015 |
Svet Ganov <svetoslavganov@google.com> |
Handle renamed packages during default grants If an L device has a privileged app on the system image which was updated and an M OTA renames the app package (supported only for privileged apps) we end up with a disabled system package setting with no package information. Since we are not doing a null check of the package we get from the disabled package settings during default grants we crash leaving the system in a bad state. bug:25687380 Change-Id: I4f2ebcaf471e4bd1696298eab4716b50c52ca5c4
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
57fb4bd4f704c93ff73e055e6602ee18f7dbf669 |
|
06-Nov-2015 |
Svetoslav Ganov <svetoslavganov@google.com> |
Merge "Take into account default app for default grants" am: 7abb36599d * commit '7abb36599d9537296d9a51f766152025c6ed0491': Take into account default app for default grants
|
5d05bbea5faad9f9b53f8fe9cb0635429969959a |
|
06-Nov-2015 |
Svetoslav <svetoslavganov@google.com> |
Take into account default app for default grants Change-Id: Ib78c7dbda65d405bbf74544cad18e5e10bfcdeec
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
0c4ce4474ff0020b2b041f26fb00efbdc0783285 |
|
06-Nov-2015 |
Svetoslav Ganov <svetoslavganov@google.com> |
Merge "Revert "Take into account default app for default grants"" am: 9ae3aeec53 * commit '9ae3aeec532ce5a7908d395049efb61399875360': Revert "Take into account default app for default grants"
|
9ae3aeec532ce5a7908d395049efb61399875360 |
|
06-Nov-2015 |
Svetoslav Ganov <svetoslavganov@google.com> |
Merge "Revert "Take into account default app for default grants""
|
d2bbf1bf0af14231e89f1ecf443e4f4c847bc301 |
|
06-Nov-2015 |
Svetoslav Ganov <svetoslavganov@google.com> |
Revert "Take into account default app for default grants" Apparently OEMs can set the chooser so this patch is not enough since it assumes the chooser is a platform component. This reverts commit fce33d58d87fd494686aae4e21332b58ec260b73. Change-Id: I3b8e499d2f0a731a227d193f6c5d6ed528be2272
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
0c7e9262a1cc89b748e281f330dd1ffecec6df3f |
|
05-Nov-2015 |
Svetoslav Ganov <svetoslavganov@google.com> |
Merge "Take into account default app for default grants" am: 82eeb2f20c * commit '82eeb2f20c934ddc97380032b3c8ecacc21d9a04': Take into account default app for default grants
|
a9b62e13305d9cb43f53831f0b92d72bd490c1ae |
|
05-Nov-2015 |
Svetoslav Ganov <svetoslavganov@google.com> |
Merge "Enforce weaker grant if app is default handler for miltiple action" am: 035374d7a2 * commit '035374d7a29b4e0b0bc71bdfb3555b2e547ce1da': Enforce weaker grant if app is default handler for miltiple action
|
82eeb2f20c934ddc97380032b3c8ecacc21d9a04 |
|
05-Nov-2015 |
Svetoslav Ganov <svetoslavganov@google.com> |
Merge "Take into account default app for default grants"
|
5db602fd196cde39feed21e173b553aae136d040 |
|
03-Nov-2015 |
Svetoslav <svetoslavganov@google.com> |
Enforce weaker grant if app is default handler for miltiple action Change-Id: Ibc46e458e277412ebb276eb5ba6f2765b6b6c5e9
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
fce33d58d87fd494686aae4e21332b58ec260b73 |
|
03-Nov-2015 |
Svetoslav <svetoslavganov@google.com> |
Take into account default app for default grants Use the correct API to query activities when granting default permissions to ensure the preferred apps are taken into account. This allows OEMs to customize which app should get default permission grants if there is more than one resolving to the query intent. Change-Id: I047f22dfff773a2ba9de1a0144442e372607777c
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
90814f0006a8d4102870891b001183ef84b314e5 |
|
21-Oct-2015 |
Anthony Hugh <ahugh@google.com> |
Give watch Home app location permissions by default BUG: 24973857 Change-Id: Ia2758a1822791fb89e6e1f6f20daba9e93cf1794
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
d4539926a343f61084e67de35ef8287e2a706b04 |
|
19-Oct-2015 |
Anthony Hugh <ahugh@google.com> |
Watch dialer should have phone permission fixed Watch dialer should have phone permission as fixed. BUG: 24976862 Change-Id: I8bbc63ab0d7dfb2e38eec641681ac9aacae330a0
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
979b81ac33c2ba678414c5350c19fc78dbac724a |
|
30-Sep-2015 |
Anthony Hugh <ahugh@google.com> |
Give Android Wear system apps default permission This change grants Android Wear system components default permission. I have also added a new Intent category to help identify the main Home handler on Wear. BUG: 23419042 Change-Id: Ie669a9908bd3b03498f75c5ca22c0fddf52a5203
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
cd946024e94a8fe2f4009dbd2e5463817a17b3a9 |
|
12-Sep-2015 |
Svet Ganov <svetoslavganov@google.com> |
Default grant SMS and Phone to the verifier bug:24012164 Change-Id: I756644c8044076b2550d7ca104f542f50da0226b
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
f2cb6f7e3ea143ba4acace0821c9d49e363da7eb |
|
17-Aug-2015 |
Junda Liu <junda@google.com> |
Merge "Grant SMS carrier provisioning app the permission to receive SMS." into mnc-dev
|
d878f5327793310d5fda083f800644bc96d6a6e8 |
|
13-Aug-2015 |
Junda Liu <junda@google.com> |
Grant SMS carrier provisioning app the permission to receive SMS. Bug: b/22982966 Change-Id: I4af525532e2f97973ba255bf8dbb002e42997eea
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
52153f4c0540a991b5b7214f4f14b5a891479a3c |
|
11-Aug-2015 |
Svet Ganov <svetoslavganov@google.com> |
Add GTS test to ensure valid default permission grants - framework The platform grants runtime permissions by default to apps on the system image that provide core device use cases which a user expects to work out-of-the-box. We are now adding a test to ensure that OEMs cannot pregrant premissions on non approved components. bug:23043018 Change-Id: Id76717cce0ee59678956bd0be347d3c045fe4c51
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
0e62952aad13270bf3577a3381446cfc2dfba9ed |
|
06-Aug-2015 |
Svetoslav <svetoslavganov@google.com> |
Pregrant unrevokable storage permission to the CertInstaller bug:22988119 Change-Id: I310aa7149f67a7918cecfda13c69ab91c7c6e1a8
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
0855357c4fec1fddb4ebf20d9e7986090962f99d |
|
03-Aug-2015 |
Svetoslav Ganov <svetoslavganov@google.com> |
Merge "User correct category for finding headless sync adapters" into mnc-dev
|
05069b96d0464744e27f0eededcff7bf0ba17e9e |
|
01-Aug-2015 |
Svet Ganov <svetoslavganov@google.com> |
User correct category for finding headless sync adapters bug:22857409 Change-Id: Icc42f1af72c59fba3c60e1bcd558c621df70940a
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
8d1d8fdaa40cc2149604c9947a7ccf1a6a494e36 |
|
30-Jul-2015 |
Shishir Agrawal <shishir@google.com> |
Merge "Add SMS permissions for Carrier app." into mnc-dev
|
ad63247690a5082a74891cd16278f6c2ba8760c6 |
|
30-Jul-2015 |
Shishir Agrawal <shishir@google.com> |
Add SMS permissions for Carrier app. Carrier apps can act as a transport for SMS and MMS. They may proxy SMSes that user is sending and need to have access to be able to send these SMSes via the radio. Bug: 22830087 Change-Id: I98c0ff1b208be1a7227aef7a4a69222050b3ddb4
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
393c7fb2c67e7fc9dfab710a52313f9b55aaa57c |
|
29-Jul-2015 |
Svetoslav Ganov <svetoslavganov@google.com> |
Merge "Default grants: handle update system packages" into mnc-dev
|
4aa97977863e01af3803afcee97292109bbec97c |
|
29-Jul-2015 |
Svetoslav <svetoslavganov@google.com> |
Default grants: handle update system packages If there is an app on the system image that gets default grants but it is updated with a version that does not use all permissions the version on the system image does, we would wrongly try to grant a permission to the updated app that it does not request and crash as a result. Now we default grant permission that are requested by the system version of the app regardless if it is updated but only if the system app is not updated or the update also uses these permissions. bug:22800767 Change-Id: Ic22b62ba4976367420a56bdadc8e3824b0b9104f
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
cf85562bc9a0f01db51b4088e72f05a8089fc7f1 |
|
29-Jul-2015 |
Sailesh Nepal <sail@google.com> |
Default permissions for sim call manager This CL adds the following permissions by default to the SIM call manager: - microphone - phone BUG: 22790160 Change-Id: Icaf1db6c6943b3ddbd16a946a81d1bfb734d761f
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
c6ab8b9ecbf08fe3b2dda18caaa808ce6280530d |
|
23-Jul-2015 |
Svetoslav <svetoslavganov@google.com> |
Grant record audio to system reco service by default bug:22668415 Change-Id: I0fec7cc671bb1cc3a13b870748fc8e110a11250e
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
fbc6f2cb6c5313ac246b8554764a719dd06582fc |
|
18-Jul-2015 |
Svetoslav Ganov <svetoslavganov@google.com> |
Merge "Revert "Do not auto grant GET_ACCOUNTS as it is temporarily normal"" into mnc-dev
|
5ff4383b466fc26e6696a7bbeb6df5eb7a3c8cc5 |
|
17-Jul-2015 |
Svet Ganov <svetoslavganov@google.com> |
Merge "Grant default permissions to default apps despite user choices." into mnc-dev
|
4bb5187e63456a500518e698d5646672188cb3c3 |
|
17-Jul-2015 |
Svet Ganov <svetoslavganov@google.com> |
Grant default permissions to default apps despite user choices. This implements the policy of granting default permissions to default apps upon a selection despite past user permission choices. The act of picking the app as the default one means the user expects it to work in this capacity as SMS app, Phone app, Browser app. bug:22062549 Change-Id: I5e427f2b939e85bb8bbfd311cc271b96857a7ce6
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
54a0cf1b95d5dfc40ef26035dfc4f45c0e7e3fe3 |
|
17-Jul-2015 |
Svetoslav Ganov <svetoslavganov@google.com> |
Revert "Do not auto grant GET_ACCOUNTS as it is temporarily normal" This reverts commit 33852d8cd21434b4106b8f2c504752ef34abb2da. Change-Id: I29a212876c93ae0288967ffcff223abafad78827
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
33852d8cd21434b4106b8f2c504752ef34abb2da |
|
17-Jul-2015 |
Svet Ganov <svetoslavganov@google.com> |
Do not auto grant GET_ACCOUNTS as it is temporarily normal bug:22550851 Change-Id: Iea5dd8fde07074220167a937b32208b1c9488d9d
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
bc92479a297904856f0815bc14bcb6763bbbf8bf |
|
16-Jul-2015 |
Makoto Onuki <omakoto@google.com> |
DefaultPermission: GET_ACCOUNTS is now in CONTACTS Bug 22532312 Change-Id: If7ad0faa3a196bb28da1ddc13788c0430df1d1ee
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
50a8bf4da0fe1685bfe6a0ecd9a9677e363e2ee1 |
|
15-Jul-2015 |
Svet Ganov <svetoslavganov@google.com> |
Grant default permissions to the setup app robustly. There is a zoo of components that handle the home intent and have different priority. There is no reliable way to distinguish the setup app from the other apps that handle home as some of them have lower priority than the setup app and some higher. This change adds a dedicated category to recognize the default setup app. Uncommented the code that grants accounts permissions as the get_accounts permission is now a runtime permission and can be granted. bug:22471024 bug:22501463 Change-Id: I41726751fa2567cbcd7d09c7acfa7615b8aba577
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
fc2bc7f170ba564bc439fd22dd5a779d96670ffd |
|
14-Jul-2015 |
Svet Ganov <svetoslavganov@google.com> |
Merge "Check signatures of privileged persistent apps for granting defailt permissions" into mnc-dev
|
8b24a1d30fa5d2b80b2b6a37454dcc1e67d0e79d |
|
14-Jul-2015 |
Svetoslav <svetoslavganov@google.com> |
Fix two grant default permissions edge cases. 1. When querying for components to which to grant default permissions we are now getting disabled components as well as we want such packages to get default pemrissions on upgrade as disabled components may get reenabled. 2. When resolving activities to whose packages to grant default permissions we skip the corss-profile and skip-profile filters as they are set by device policy which should not affect implicitly default permission grants. Policy has explicit APIs for permission management. bug:22405963 Change-Id: Idf56d35e567a6fd6e097cd45988d1561422ee6fc
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
96d00ab359d60197321f06b4feb3d01f3fa03a29 |
|
13-Jul-2015 |
Billy Lau <billylau@google.com> |
Merge "Bug: 21589105 Rescope WRITE_SETTINGS and SYSTEM_ALERT_WINDOW permission" into mnc-dev
|
22b3f4cb15207239e203d5ec8b72ec6bc90fef35 |
|
08-Jul-2015 |
Billy Lau <billylau@google.com> |
Bug: 21589105 Rescope WRITE_SETTINGS and SYSTEM_ALERT_WINDOW permission Raised the protection level of WRITE_SETTINGS permission to appop and also allowed backwards compatibility with pre23 flag. Also made sure that this permission is not added as RuntimePermission in DefaultPermissionGrantPolicy as that breaks a lot of gmscore stuff. Introduced new action to manage write system settings as a new API and renamed the string that describes the managing of overlay permission. Change-Id: Ifd25a6ddc06de68ee37015cb9fb23452e4ef10f4
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
824d453246d65db43fd7bc24df6fa3d536d2b54a |
|
11-Jul-2015 |
Svet Ganov <svetoslavganov@google.com> |
Check signatures of privileged persistent apps for granting defailt permissions bug:22391058 Change-Id: I56d060f0435fadf87a8cf255ea887dd5b3903821
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
6b7a07848b21001a41aea1b6426ec2f75ea652ec |
|
09-Jul-2015 |
Jack Yu <jackyu@google.com> |
Merge "Grant SMS permissions to Cell Broadcast receiver which emergency/non-emergency broadcast messages from the network." into mnc-dev
|
ed79bf5d74009f0589407c0289e3c7f41488a0f3 |
|
07-Jul-2015 |
Jack Yu <jackyu@google.com> |
Grant SMS permissions to Cell Broadcast receiver which emergency/non-emergency broadcast messages from the network. bug: 22229152 Change-Id: Ide02f0c3faafd37b8205f92df8a33a0bc95dd3d7
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
3e07ee078de8e364d6be0b18b2b514e40decdb3c |
|
08-Jul-2015 |
Svetoslav <svetoslavganov@google.com> |
Merge "Grant installer and verifier install permissions robustly" into mnc-dev
|
3e7d977ff7c743713f0ad6336a039d7760ba47d1 |
|
07-Jul-2015 |
Svetoslav <svetoslavganov@google.com> |
Grant installer and verifier install permissions robustly bug:22248271 Change-Id: I3a47ae9a112ba7d88b421fcb5f9651d1168ba7a5
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
7a4082edc4fb85fd0c9aa92d799cb2cb9d957a3e |
|
07-Jul-2015 |
Makoto Onuki <omakoto@google.com> |
Give fixed READ_PHONE_STATE permission to calllog provider Calllog provider lives in the same APK as contacts provider. Bug 22300894 Bug 22297735 Change-Id: I77f3ee18f093b5adb819308c113062c490a3b54b
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
a72eac60c7a34089c8e288f03ce031172e3b36b4 |
|
06-Jul-2015 |
Amith Yamasani <yamasani@google.com> |
Fix a typo causing NPE in restricted profiles Bug: 22287398 Change-Id: Iec19d890c7b0b7ffed3381dc3f5a9b3e761362a7
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
77ab6a888afaeb9010c7c3884adcd4819dbcee66 |
|
03-Jul-2015 |
Svet Ganov <svetoslavganov@google.com> |
Show basic feature warning for default granted permissions bug:22174223 Change-Id: Ie8209e1f678ac459893151b5125e86eb5025aad8
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
2799767886cc230d554ec7e7e9c7596b3e311e13 |
|
02-Jul-2015 |
Svet Ganov <svetoslavganov@google.com> |
Merge "Grant the default gallery app storage permissions" into mnc-dev
|
200d494b93e8920c61f3795c6c8fc8aac99f99b9 |
|
02-Jul-2015 |
Svet Ganov <svetoslavganov@google.com> |
Grant the default gallery app storage permissions bug:22127986 Change-Id: I1ecd49d57d410bf10734fea4e0c92e6e5028d648
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
a5a0d94023b2d9b7c9019fc40e7479995b82066c |
|
02-Jul-2015 |
Svetoslav <svetoslavganov@google.com> |
Make granting default SMS and Phone permissions robust The default dialer and sms apps are provided by the telecomm stak which is brought up asynchronously as a service to which the system binds. Hence, by the time we grant default permissions this service is not bound and we do not know the default dialer (accidentally the default SMS app is available before the service is up). Now the default permission grant code is robust to handle both cases of the default sms and phone apps being available at grant time or asynchronously. bug:22208642 Change-Id: I6385a0432368731aa9caea046d57eccbfb5abac0
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
0010b70beae6fafd3faf06e1b02291f59f9f85db |
|
01-Jul-2015 |
Svetoslav <svetoslavganov@google.com> |
Grant permissions to headless system calendar/contacts sync adapters. bug:21861781 Change-Id: I5f9905a23ba1b23e387adf2cea842172d34207b0
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
fc2740ae571f68f1a83bf3197655970e7e597de4 |
|
01-Jul-2015 |
Jeff Sharkey <jsharkey@android.com> |
Merge "Hand out storage to more system apps." into mnc-dev
|
7186dd3a3073320df053145acce8e5d23568f312 |
|
01-Jul-2015 |
Jeff Sharkey <jsharkey@android.com> |
Hand out storage to more system apps. Grant storage access to the Storage Access Framework provider that offers to delegate access to storage devices. Also grant to the default music app. Bug: 22104872 Change-Id: I8cf7dceec8b4c1e31f8ddd40b094ccd4ecb1caf8
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
4a23ac45895ec65e2357b2e52726229dbead9bb1 |
|
30-Jun-2015 |
Svet Ganov <svetoslavganov@google.com> |
Merge "Installer is a part of the system with unrevocable permissions" into mnc-dev
|
6a166af8fd25445c1b9a4d7869d87557fcb79cf9 |
|
30-Jun-2015 |
Svet Ganov <svetoslavganov@google.com> |
Installer is a part of the system with unrevocable permissions 1. Mark the installer permissions as not revocable. 2. Make the permission result dispatch more robust to handle installer death. bug:22012614 Change-Id: Idee30ca884b87ccf97ba1bb878d4c49912e474b8
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
82143339d4bec1e67f8f3a8df6d276df0b2f9e03 |
|
30-Jun-2015 |
Dianne Hackborn <hackbod@google.com> |
Fix issue #22185268: apps crash with missing permissions and NPE on AppOpsManager Turn off GET_ACCOUNTS permission assigning for now. Change-Id: I576117b26a43ca2da10db8bb2b1e4e176109ae39
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
b6e0013768f11e47b30cd707fd249b4609cc6ca7 |
|
30-Jun-2015 |
Svet Ganov <svetoslavganov@google.com> |
Fix build Change-Id: I64fc25c9ddd79c31e5bf34ec7bb4e21541be315b
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
03b5f128dbc375c1a28468773f39e85a5f70fc9a |
|
30-Jun-2015 |
Svetoslav <svetoslavganov@google.com> |
Merge "Grant default permissons to the default SMS, Phone, Browser app." into mnc-dev
|
cdfd230a392d0f0557a3a5bada221b7a05113392 |
|
26-Jun-2015 |
Svetoslav <svetoslavganov@google.com> |
Grant default permissons to the default SMS, Phone, Browser app. The default SMS, Phone, Browser are selected in the UI and we grant default permissions to these. We do this regardless if they are on the system image as the user has made an explicit choice in the UI and the permission we grant are considered essential for such type of a core app to operate properly. bug:22104986 Change-Id: Ide8caeb524b43dde11a20460666cf34c4d35f84b
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
388cd2c2ccc10c7ff8b074c9cb22fa03925b8ad2 |
|
27-Jun-2015 |
Dianne Hackborn <hackbod@google.com> |
Auto grant GET_ACCOUNTS where appropriate. And add in a few other things. Change-Id: If86a04a8ec63c252f895dcceb60a0248abb91083
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
143e118fa90bbeb8cf558ec0d303639d15ee7db7 |
|
27-Jun-2015 |
Svet Ganov <svetoslavganov@google.com> |
Merge "Make grant default permission more robust." into mnc-dev
|
ba3ba81eb8756641ae0079ae9da2779cc22aeb89 |
|
26-Jun-2015 |
Svet Ganov <svetoslavganov@google.com> |
Make grant default permission more robust. Change-Id: If492ee3305774419671bbdb72b438c8e540005e9
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
ca8e6da41c6e63e3ed17eb461171f1ef2e1d29c6 |
|
25-Jun-2015 |
Dianne Hackborn <hackbod@google.com> |
Fix issue #22023824: Download folder is not created in internal storage The media provider and some other things need to be given storage access. Also, seems like we should give storage access to the camera app as well. And add a dump dump command that will dump data about a particular permission name. Change-Id: Idaaa9bba2ff4dc95290cf6d17e5df933df91e909
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
8d9ad19341e19256651ef86274a4382f2c09b279 |
|
23-Jun-2015 |
Jeff Davidson <jpd@google.com> |
Merge "Default permissions for carrier apps." into mnc-dev
|
2a880312086147577e1e814bda6985fa97fb343b |
|
23-Jun-2015 |
Jeff Davidson <jpd@google.com> |
Default permissions for carrier apps. Grant permissions in the PHONE and LOCATION buckets to default carrier apps as defined by the telephony stack. Provide a system API to grant default permissions for carrier apps, as the set of apps may change when a new SIM is inserted. Since the phone process is separate from the system process, we need to allow for binder calls to these APIs. Also fix a log tag that is too long (android.util.Log drops messages silently if the tag is > 23 characters). Bug: 21696731 Change-Id: I98ca0c49c69f621f835ba57c1fd0505f2cec0d0d
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
975fa474a7926d6041a4117bfbe5faa6e6e63057 |
|
23-Jun-2015 |
Svet Ganov <svetoslavganov@google.com> |
Auto grant read external storage too - it is now dangerous. We grant external storage permissions to some default handlers by default. Read external storage was promoted to runtime permission but was not granted as a part of the external storage group, i.e. with write external storage. bug:21980225 Change-Id: I1edd7ae13222f12c9a488efb1919f5cf96e4b69d
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|
adc1cf46045ae756d3a9ccbccf6b0f894e4c1edd |
|
16-Jun-2015 |
Svet Ganov <svetoslavganov@google.com> |
Only grant runtime permissions to special components. Now runtime permissions are granted only to components that are part of the system or perform special system operations. For exmple, the shell UID gets its runtime permissions granted by default and the default phone app gets the phone permissions granted by default. bug:21764803 Change-Id: If8b8cadbd1980ffe7a6fc15bbb5f54a425f6e8f9
/frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
|