PermissionManagerInternal.java revision 460f28c2f017dcef9c34a93c7bd5b18e97c6e15f
1/* 2 * Copyright (C) 2017 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17package com.android.server.pm.permission; 18 19import android.annotation.NonNull; 20import android.annotation.Nullable; 21import android.content.pm.PackageParser; 22import android.content.pm.PermissionGroupInfo; 23import android.content.pm.PermissionInfo; 24import android.content.pm.PackageManager.NameNotFoundException; 25import android.content.pm.PackageManager.PermissionInfoFlags; 26import android.content.pm.PackageParser.Permission; 27 28import com.android.server.pm.SharedUserSetting; 29import com.android.server.pm.permission.PermissionManagerInternal.PermissionCallback; 30 31import java.util.Collection; 32import java.util.Iterator; 33import java.util.List; 34import java.util.Map; 35import java.util.Set; 36 37/** 38 * Internal interfaces to be used by other components within the system server. 39 */ 40public abstract class PermissionManagerInternal { 41 /** 42 * Callbacks invoked when interesting actions have been taken on a permission. 43 * <p> 44 * NOTE: The current arguments are merely to support the existing use cases. This 45 * needs to be properly thought out with appropriate arguments for each of the 46 * callback methods. 47 */ 48 public static class PermissionCallback { 49 public void onGidsChanged(int appId, int userId) { 50 } 51 public void onPermissionChanged() { 52 } 53 public void onPermissionGranted(int uid, int userId) { 54 } 55 public void onInstallPermissionGranted() { 56 } 57 public void onPermissionRevoked(int uid, int userId) { 58 } 59 public void onInstallPermissionRevoked() { 60 } 61 public void onPermissionUpdated(int userId) { 62 } 63 public void onPermissionRemoved() { 64 } 65 public void onInstallPermissionUpdated() { 66 } 67 } 68 69 public abstract void grantRuntimePermission( 70 @NonNull String permName, @NonNull String packageName, boolean overridePolicy, 71 int callingUid, int userId, @Nullable PermissionCallback callback); 72 public abstract void grantRuntimePermissionsGrantedToDisabledPackage( 73 @NonNull PackageParser.Package pkg, int callingUid, 74 @Nullable PermissionCallback callback); 75 public abstract void grantRequestedRuntimePermissions( 76 @NonNull PackageParser.Package pkg, @NonNull int[] userIds, 77 @NonNull String[] grantedPermissions, int callingUid, 78 @Nullable PermissionCallback callback); 79 public abstract void revokeRuntimePermission(@NonNull String permName, 80 @NonNull String packageName, boolean overridePolicy, int callingUid, int userId, 81 @Nullable PermissionCallback callback); 82 public abstract int[] revokeUnusedSharedUserPermissions(@NonNull SharedUserSetting suSetting, 83 @NonNull int[] allUserIds); 84 85 86 /** 87 * Add all permissions in the given package. 88 * <p> 89 * NOTE: argument {@code groupTEMP} is temporary until mPermissionGroups is moved to 90 * the permission settings. 91 */ 92 public abstract void addAllPermissions(@NonNull PackageParser.Package pkg, boolean chatty); 93 public abstract void addAllPermissionGroups(@NonNull PackageParser.Package pkg, boolean chatty); 94 public abstract void removeAllPermissions(@NonNull PackageParser.Package pkg, boolean chatty); 95 public abstract boolean addDynamicPermission(@NonNull PermissionInfo info, boolean async, 96 int callingUid, @Nullable PermissionCallback callback); 97 public abstract void removeDynamicPermission(@NonNull String permName, int callingUid, 98 @Nullable PermissionCallback callback); 99 100 public abstract int updatePermissions(@Nullable String changingPkg, 101 @Nullable PackageParser.Package pkgInfo, int flags); 102 public abstract int updatePermissionTrees(@Nullable String changingPkg, 103 @Nullable PackageParser.Package pkgInfo, int flags); 104 105 public abstract @Nullable String[] getAppOpPermissionPackages(@NonNull String permName); 106 107 public abstract int getPermissionFlags(@NonNull String permName, 108 @NonNull String packageName, int callingUid, int userId); 109 /** 110 * Retrieve all of the information we know about a particular group of permissions. 111 */ 112 public abstract @Nullable PermissionGroupInfo getPermissionGroupInfo( 113 @NonNull String groupName, int flags, int callingUid); 114 /** 115 * Retrieve all of the known permission groups in the system. 116 */ 117 public abstract @Nullable List<PermissionGroupInfo> getAllPermissionGroups(int flags, 118 int callingUid); 119 /** 120 * Retrieve all of the information we know about a particular permission. 121 */ 122 public abstract @Nullable PermissionInfo getPermissionInfo(@NonNull String permName, 123 @NonNull String packageName, @PermissionInfoFlags int flags, int callingUid); 124 /** 125 * Retrieve all of the permissions associated with a particular group. 126 */ 127 public abstract @Nullable List<PermissionInfo> getPermissionInfoByGroup(@NonNull String group, 128 @PermissionInfoFlags int flags, int callingUid); 129 130 /** 131 * Updates the flags associated with a permission by replacing the flags in 132 * the specified mask with the provided flag values. 133 */ 134 public abstract void updatePermissionFlags(@NonNull String permName, 135 @NonNull String packageName, int flagMask, int flagValues, int callingUid, int userId, 136 @Nullable PermissionCallback callback); 137 /** 138 * Updates the flags for all applications by replacing the flags in the specified mask 139 * with the provided flag values. 140 */ 141 public abstract boolean updatePermissionFlagsForAllApps(int flagMask, int flagValues, 142 int callingUid, int userId, @NonNull Collection<PackageParser.Package> packages, 143 @Nullable PermissionCallback callback); 144 145 public abstract int checkPermission(@NonNull String permName, @NonNull String packageName, 146 int callingUid, int userId); 147 148 /** 149 * Enforces the request is from the system or an app that has INTERACT_ACROSS_USERS 150 * or INTERACT_ACROSS_USERS_FULL permissions, if the {@code userid} is not for the caller. 151 * @param checkShell whether to prevent shell from access if there's a debugging restriction 152 * @param message the message to log on security exception 153 */ 154 public abstract void enforceCrossUserPermission(int callingUid, int userId, 155 boolean requireFullPermission, boolean checkShell, @NonNull String message); 156 public abstract void enforceGrantRevokeRuntimePermissionPermissions(@NonNull String message); 157 158 public abstract @NonNull PermissionSettings getPermissionSettings(); 159 public abstract @NonNull DefaultPermissionGrantPolicy getDefaultPermissionGrantPolicy(); 160 161 /** HACK HACK methods to allow for partial migration of data to the PermissionManager class */ 162 public abstract Iterator<BasePermission> getPermissionIteratorTEMP(); 163 public abstract @Nullable BasePermission getPermissionTEMP(@NonNull String permName); 164 public abstract void putPermissionTEMP(@NonNull String permName, 165 @NonNull BasePermission permission); 166}