700feef8a60e06784d28d1db9502e650df854cad |
|
15-Feb-2018 |
Makoto Onuki <omakoto@google.com> |
Shortcut permissions for default text classifier - Add two shortcut related permissions as SystemAPI for the default text classifier. - The default text classifier package name still comes from the system resource. Bug: 73083596 Bug: 71555985 Test: atest CtsPermission2TestCases Test: Manual test with a test package, with the following in config.xml <string name="config_defaultTextClassifierPackage" translatable="false">com.example.android.pm.shortcutlauncherdemo</string> Change-Id: I19081d9d6ba0b33eb25d19aa55b4fe2f26a75897
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
2f24f039c38e3f83fe9f7d8a68ae096e6df6ccaa |
|
07-Dec-2017 |
Jiyong Park <jiyong@google.com> |
PROTECTION_FLAG_VENDOR_PRIVILEGED as @TestApi The flag is used in CTS. Bug: 70332172 Test: cts-tradefed run commandAndExit cts-dev -m CtsPermission2TestCases -t android.permission2.cts.PermissionPolicyTest#testPlatformPermissionPolicyUnaltered Change-Id: Iba4ce1475991249980cc6a403037f4dd7bf722e5
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
002fdbdb950ebbf40331a27de33b80db33e40d30 |
|
13-Feb-2017 |
Jiyong Park <jiyong@google.com> |
Support privileged vendor apps Privileged apps can now be located in the vendor partition. This is mainly to move SoC-dependent apks to the vendor partition so that the system partition becomes more generic. Like existing privileged apps in the system partition, the list of privileged apps in the vendor partition and the permissions they are using must be white-listed. The whitelist can be specified via <privapp-permissions> tags in one of /vendor/etc/permissions/*.xml files. Note: vendors can only white-list the apps in vendor partition, but not the apps in system partition. This change also introduces a new flag 'vendor-privileged' to the permission protection level. It is used to expose platform-defined permissions to the privileged vendor apps. If a platform permission does not have this flag, it is not granted to vendor apps even when the app is privileged and white-listed. Bug: 35301609 Test: `mm` under frameworks/base/tests/privapp-permissions adb sync && adb reboot adb shell cmd package \ com.android.framework.permission.privapp.tests.vendor shows that the app is installed. android.permission.BIND_IMS_SERVICE is in the installed permissions list android.permission.MANAGE_USE is not in the installed permissions list, but is in the requested permissions list. Change-Id: I196375aaaa9ea3a2ba15686ef08cf3f70ade7046
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
51fbad5a7664812554491a89b604c10c00f84367 |
|
15-Nov-2017 |
Peter Visontay <pvisontay@google.com> |
Fix outdated docs of permission protection levels. 1) Added deprecation notice to the 'system' and 'signatureOrSystem' protection levels. These were deprecated in API Level 23: https://developer.android.com/reference/android/content/pm/PermissionInfo.html#PROTECTION_SIGNATURE_OR_SYSTEM https://developer.android.com/reference/android/content/pm/PermissionInfo.html#PROTECTION_FLAG_SYSTEM 2) Removed an outdated list of protection levels from PermissionInfo.protectionLevel's JavaDoc. Its Javadoc has a link to an up-to-date list. Test: Ran "make docs". Change-Id: Ia6dc88ba3a66f248f60f010323d5ba40200c1cda
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
c842393bc55509b094d3a71f164fcdbadf5c7997 |
|
05-Oct-2017 |
Todd Kennedy <toddke@google.com> |
Move mPermissionTrees to permission settings Move more state / logic into the permission sub-package. We're close to being able to wholesale move large amounts of code from package manager into the permission manager. Bug: 63539144 Test: Manual. Builds and runs Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.PermissionsHostTest Test: cts-tradefed run commandAndExit cts-dev -m CtsPermissionTestCases Test: cts-tradefed run commandAndExit cts-dev -m CtsPermission2TestCases Test: bit FrameworksServicesTests:com.android.server.pm.PackageManagerSettingsTests Change-Id: Id292441ff22b14665fd77f700ad934bf2c5a3357
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
91a39d126d1f6efa47948ca1039ca347c1bd19e6 |
|
27-Sep-2017 |
Todd Kennedy <toddke@google.com> |
Move BasePermission to own package This is the first of many changes. Moving permissions to their own package. Change-Id: I60e94e2da3c96788fc165e97e813ab5b9ee51586 Bug: 63539144 Test: Manual. Builds and runs Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.PermissionsHostTest Test: cts-tradefed run commandAndExit cts-dev -m CtsPermissionTestCases Test: cts-tradefed run commandAndExit cts-dev -m CtsPermission2TestCases
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
087dce20e3a7137e94607c060fd825d1f8952572 |
|
08-Sep-2017 |
Svet Ganov <svetoslavganov@google.com> |
Add new OEM permission flavor The new OEM permission flavor of signature protected perissions can be granted only to apps on the OEM partition if they are: 1. Signed as the one declaring the permission 2. The requesting app is on OEM partition of the system image and declares the permission used and the OEM explicitly granted this permission by adding an entry in /oem/permission/*.xml with the following format: <permissions> <oem-permissions package="foo.bar.baz"> <permission name="android.permission.ACCESS_FOO" granted="true"/> </oem-permissions> </permissions> All OEM permissions requested by any app on the OEM partition must be declared granted or not to force the OEM making a well though out explicit choice. If that condidtion is not met the system server restarts - this prevents shipping a device with OEM permissions for which no opition was explicitly expressed. Normal apps requesting an OEM permission has no effect, i.e the permission is only granted on a signature match. Change-Id: I345bb0b56368ee03e4bd768faab540ee4e0571ae Bug: 65497745 Test: Manual
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
9467febacf168d5b9cf63d18ce14978dd0f42dc5 |
|
15-Aug-2017 |
Todd Kennedy <toddke@google.com> |
Merge "Change protection level from ephemeral to instant" into oc-mr1-dev am: ef2e7d27ae am: a1f2f3eb7b Change-Id: If8801cd35c71e35cbb11881dca18a58bab1b4aff
|
c247fa136639dd07278b1954e5fba78ade60614c |
|
02-Jun-2017 |
Todd Kennedy <toddke@google.com> |
Change protection level from ephemeral to instant Change-Id: If4b01e5f0728f1d1d7e6903b362dcbedc67a9b3f Fixes: 62264194 Test: Manual. install an instant app and see that it still works
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
27ffeb33fb60d4ee6a4c2dfd9391c8a6127dfc7c |
|
06-Jul-2017 |
Philip P. Moltmann <moltmann@google.com> |
Better translatable msgs for permission requests Only for system permissions & groups for now and fall back to old system for everything else. Bug: 32070095 Test: Opened camera and saw new string Change-Id: If25308b6cd7cddccaf63ea5ed6c10c037e3c1778
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
a5d70a17ebd1b3ffe026879c5d9d96f04d10d4f2 |
|
23-Mar-2017 |
Chad Brubaker <cbrubaker@google.com> |
Allow permissions to be runtime-only. This adds the new runtime protection level flag that if set means the permission can only be granted to apps that target runtime permissions (>= M). ANSWER_PHONE_CALLS has also been made runtime-only. Bug: 30932767 Test: cts-tradefed run commandAndExit cts-dev -m CtsPermission2TestCases Change-Id: I42b30414c808730f2d5961ca31b6e3db740b8cf7
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
096d304ae3d85c1bfcda1a1d9cd4eb13d0815500 |
|
31-Jan-2017 |
Svetoslav Ganov <svetoslavganov@google.com> |
Add instant cookie APIs This change adds APIs for instant apps to store cookie data that is presisted across instant installs and across the upgrade from an instant to a standard app. Standard apps can use the cookie APIs but when they are uninstalled the cookie is also deleted. The cookies are kept longer than the instant apps as they are much smaller - 16KB by default. We can change the cookie size via a system setting i.e. after we ship we can increase size if needed. We also add internal APIs to surface information about installed and uninstalled instant apps which should be used for showing them in the UI. For this puporse we store the icon, permissions, and label of uninstalled apps. If the app is re-installed we drop this meta-data but keep the cookie around. If we have cookie data stored and the signing cert of the app changes when it gets re-intalled we wipe the cookie. Test: CTS tests pass; hiddent APIs tested manually Change-Id: If145c0440cc61a5303e2cbb70228d235d36037a5
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
c19706a937abc5d025a59b354b3a0d89e7d62805 |
|
14-Oct-2016 |
Chad Brubaker <cbrubaker@google.com> |
Add ephemeral protection level Ephemeral applications will only be able to be granted permissions that have the ephemeral proteciton level, this allows us to tighly define what behavior is OK for ephemeral applications. This includes an initial small whitelist of permissions for ephemeral apps, it may be expanded later. Test: adb install --ephemeral, verified against both runtime and install time permissions Test: cts-tradefed run cts -m CtsPermission2TestCases Change-Id: I854c44cf7a293d484b674cdd4fb5141e362a2f1a
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
b23346639b66783c1662fd8ffa5345ef5cef336c |
|
23-Mar-2016 |
Russell Brenner <russellbrenner@google.com> |
Add new protection level for setup wizard Adds PROTECTION_LEVEL_SETUP, a privileged permission for use only by the setup wizard. Bug: 20016740 Change-Id: Ib95e349c54d5d12465bf43162975dfb628ef2434
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
2a1376d9dfb362a18ba110d8e172f96021f1d879 |
|
23-Feb-2016 |
Svet Ganov <svetoslavganov@google.com> |
Expose removed permissions flag as system API There are some permissions that were removed from the platform and guard nothing but legacy apps may be checking them before calling APIs. Hence, these apps should get the permissions as expected despite them being a no-op. To address this the platform declares removed permissions as normal permissions that are hidden such that legacy apps can always get them. These permissions are not shown in the UI. Play needs a way to filter out these permissions like the platform as they have permissions UI too. bug:23361760 Change-Id: I10f442dfc09a299ddc5480d8bf2db0bd786aec62
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
3e0be7440bf40f5d81581077bc4f5f47e57b88b7 |
|
08-Aug-2015 |
Svet Ganov <svetoslavganov@google.com> |
Do not show removed permissions in the UI - framework bug:23043018 Change-Id: Ia5cf49f299eda627d9fde2b34498812afcb3a6d5
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
cfbfafe1b9ca2fd135a4fb6b528b3829830803bf |
|
22-Jul-2015 |
Dianne Hackborn <hackbod@google.com> |
Work on issue #22303510: Additional permissions aren't properly... ...disabled after toggling them off Keep track of whether a permission that has been declared by an app was able to actually be installed in the system, along with an API to find this information so that system UI can tell whether that permission is of interest. Also clean up some of the permission debug output. Change-Id: If4541bedb857789b255bb18f03cad155dcda0b95
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
a90c8def2c6762bc6e5396b78c43e65e4b05079d |
|
08-Jul-2015 |
Dianne Hackborn <hackbod@google.com> |
Add new "preinstalled" permission flag. This allows you to specify that a permission can be granted to any pre-installed system app (not just privileged ones). And as long as I am doing this, clean up the old "system" permission flag, renaming it to "privileged" which is what it really is today, deprecating the old names. And switch the platform's permission declarations to use the new name. Change-Id: Iabf484746af232144786851ec7fe90e3de9dddb2
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
3e7d977ff7c743713f0ad6336a039d7760ba47d1 |
|
07-Jul-2015 |
Svetoslav <svetoslavganov@google.com> |
Grant installer and verifier install permissions robustly bug:22248271 Change-Id: I3a47ae9a112ba7d88b421fcb5f9651d1168ba7a5
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
de15edaa9bf486a4050bb067317d313fd807bb10 |
|
01-Jul-2015 |
Dianne Hackborn <hackbod@google.com> |
Work on issue #21589105: Scope WRITE_SETTINGS and SYSTEM_ALERT_WINDOW... ...to an explicit toggle to enable in Settings Add a new permission flag, saying the permission can be automatically granted to pre-api-23 apps. Apply this to SYSTEM_ALERT_WINDOW. Change-Id: I24a0ceabe7e9f5e458a864d30eda2696ad14a699
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
6d2c0e5ee2f717d4a5c00df08aca21c76eea8278 |
|
23-Jun-2015 |
Svetoslav Ganov <svetoslavganov@google.com> |
Remove not needed contacts related permissions. This reverts commit ed5ff51b2ca7c051e2719dfc8a8a083e6208848e. Change-Id: If2407e4e474a438d95e1b7ad1aa6f441bb3ace08
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
e9b78fdbbef558f5e84f88397daf990dcc2e29cb |
|
13-Aug-2014 |
Jeff Sharkey <jsharkey@android.com> |
Fix javadoc on PROTECTION_FLAG_APPOP. Change-Id: I36e339ac2c6e6842441fd2572b0b8cda24bd34ca
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
33f5ddd1bea21296938f2cba196f95d223aa247c |
|
22-Jul-2014 |
Dianne Hackborn <hackbod@google.com> |
Add permissions associated with app ops. Change-Id: I575ad7a3ceea59486ca601f69760b14f6269511d
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
2ca2c8787130506d350d997c18bbc274faf88e37 |
|
17-Sep-2012 |
Dianne Hackborn <hackbod@google.com> |
More adjustments to permissions. - New "cost money" flag can be put on a permission to have this emphasized in the UI. - Some further re-organization of permissions to better match UX spec. Change-Id: I450ac739eff6b90e7c7fc39589d68db82b61f897
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
e639da7baa23121e35aa06d6e182558e0e755696 |
|
22-Feb-2012 |
Dianne Hackborn <hackbod@google.com> |
New development permissions. These are permissions that an application can request, but won't normally be granted. To have the permission granted, the user must explicitly do so through a new "adb shell pm grant" command. I put these permissions in the "development tools" permission group. Looking at the stuff there, I think all of the permissions we already had in that group should be turned to development permissions; I don't think any of them are protecting public APIs, and they are really not things normal applications should use. The support this, the protectionLevel of a permission has been modified to consist of a base protection type with additional flags. The signatureOrSystem permission has thus been converted to a signature base type with a new "system" flag; you can use "system" and/or "dangerous" flags with signature permissions as desired. The permissions UI has been updated to understand these new types of permissions and know when to display them. Along with doing that, it also now shows you which permissions are new when updating an existing application. This also starts laying the ground-work for "optional" permissions (which development permissions are a certain specialized form of). Completing that work requires some more features in the package manager to understand generic optional permissions (having a facility to not apply them when installing), along with the appropriate UI for the app and user to manage those permissions. Change-Id: I6571785c6bb5f6b291862b7a9be584885f88f3a5
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
9066cfe9886ac131c34d59ed0e2d287b0e3c0087 |
|
04-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //depot/cupcake/@135843
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
d83a98f4ce9cfa908f5c54bbd70f03eec07e7553 |
|
04-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //depot/cupcake/@135843
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|
54b6cfa9a9e5b861a9930af873580d6dc20f773c |
|
21-Oct-2008 |
The Android Open Source Project <initial-contribution@android.com> |
Initial Contribution
/frameworks/base/core/java/android/content/pm/PermissionInfo.java
|