diff options
| author | Jay Sullivan <jaysullivan@google.com> | 2023-11-01 02:05:46 +0000 |
|---|---|---|
| committer | Android (Google) Code Review <android-gerrit@google.com> | 2023-11-01 02:05:46 +0000 |
| commit | 161934a56f1d500e27d5d281491e4290cefe61b1 (patch) | |
| tree | 093e24fee271b7bf60dbd22c807da6158c7dfd45 | |
| parent | 4459d68092590d8f5c2914f0025d30c122264757 (diff) | |
| parent | 7454eaa359377a1d9fc599df194694d06684263f (diff) | |
| download | Permission-161934a56f1d500e27d5d281491e4290cefe61b1.tar.gz | |
Merge changes I8112f896,Ib566ee05,I65f2d488 into main
* changes:
[Role Logic Move] Lift user from RoleControllerServiceImpl
[Role Logic Move] Lift user from grant/revoke
[Role Logic Move] Call Role/PackageManager with UserContext
15 files changed, 188 insertions, 169 deletions
diff --git a/PermissionController/role-controller/java/com/android/role/controller/behavior/BrowserRoleBehavior.java b/PermissionController/role-controller/java/com/android/role/controller/behavior/BrowserRoleBehavior.java index 205b185a0..f64c3bcf0 100644 --- a/PermissionController/role-controller/java/com/android/role/controller/behavior/BrowserRoleBehavior.java +++ b/PermissionController/role-controller/java/com/android/role/controller/behavior/BrowserRoleBehavior.java @@ -21,7 +21,6 @@ import android.content.Intent; import android.content.pm.PackageManager; import android.content.pm.ResolveInfo; import android.net.Uri; -import android.os.Process; import android.os.UserHandle; import android.util.ArraySet; @@ -133,24 +132,25 @@ public class BrowserRoleBehavior implements RoleBehavior { } @Override - public void grant(@NonNull Role role, @NonNull String packageName, @NonNull Context context) { - UserHandle user = Process.myUserHandle(); + public void grantAsUser(@NonNull Role role, @NonNull String packageName, + @NonNull UserHandle user, @NonNull Context context) { // @see com.android.server.pm.permission.DefaultPermissionGrantPolicy // #grantDefaultPermissionsToDefaultBrowser(java.lang.String, int) if (SdkLevel.isAtLeastS()) { if (PackageUtils.isSystemPackageAsUser(packageName, user, context)) { - Permissions.grant(packageName, SYSTEM_BROWSER_PERMISSIONS, false, false, true, - false, false, context); + Permissions.grantAsUser(packageName, SYSTEM_BROWSER_PERMISSIONS, false, false, + true, false, false, user, context); } } } @Override - public void revoke(@NonNull Role role, @NonNull String packageName, @NonNull Context context) { + public void revokeAsUser(@NonNull Role role, @NonNull String packageName, + @NonNull UserHandle user, @NonNull Context context) { if (SdkLevel.isAtLeastT()) { - if (PackageUtils.isSystemPackageAsUser(packageName, Process.myUserHandle(), context)) { - Permissions.revoke(packageName, SYSTEM_BROWSER_PERMISSIONS, true, false, false, - context); + if (PackageUtils.isSystemPackageAsUser(packageName, user, context)) { + Permissions.revokeAsUser(packageName, SYSTEM_BROWSER_PERMISSIONS, true, false, + false, user, context); } } } diff --git a/PermissionController/role-controller/java/com/android/role/controller/behavior/CompanionDeviceAppStreamingRoleBehavior.java b/PermissionController/role-controller/java/com/android/role/controller/behavior/CompanionDeviceAppStreamingRoleBehavior.java index edd0b99f3..6ae920270 100644 --- a/PermissionController/role-controller/java/com/android/role/controller/behavior/CompanionDeviceAppStreamingRoleBehavior.java +++ b/PermissionController/role-controller/java/com/android/role/controller/behavior/CompanionDeviceAppStreamingRoleBehavior.java @@ -17,7 +17,6 @@ package com.android.role.controller.behavior; import android.content.Context; -import android.os.Process; import android.os.UserHandle; import androidx.annotation.NonNull; @@ -32,14 +31,14 @@ import com.android.role.controller.util.NotificationUtils; public class CompanionDeviceAppStreamingRoleBehavior implements RoleBehavior { @Override - public void grant(@NonNull Role role, @NonNull String packageName, @NonNull Context context) { - UserHandle user = Process.myUserHandle(); + public void grantAsUser(@NonNull Role role, @NonNull String packageName, + @NonNull UserHandle user, @NonNull Context context) { NotificationUtils.grantNotificationAccessForPackageAsUser(packageName, user, context); } @Override - public void revoke(@NonNull Role role, @NonNull String packageName, @NonNull Context context) { - UserHandle user = Process.myUserHandle(); + public void revokeAsUser(@NonNull Role role, @NonNull String packageName, + @NonNull UserHandle user, @NonNull Context context) { NotificationUtils.revokeNotificationAccessForPackageAsUser(packageName, user, context); } } diff --git a/PermissionController/role-controller/java/com/android/role/controller/behavior/CompanionDeviceComputerRoleBehavior.java b/PermissionController/role-controller/java/com/android/role/controller/behavior/CompanionDeviceComputerRoleBehavior.java index d61c30a88..ac6a432dc 100644 --- a/PermissionController/role-controller/java/com/android/role/controller/behavior/CompanionDeviceComputerRoleBehavior.java +++ b/PermissionController/role-controller/java/com/android/role/controller/behavior/CompanionDeviceComputerRoleBehavior.java @@ -17,7 +17,6 @@ package com.android.role.controller.behavior; import android.content.Context; -import android.os.Process; import android.os.UserHandle; import androidx.annotation.NonNull; @@ -32,14 +31,14 @@ import com.android.role.controller.util.NotificationUtils; public class CompanionDeviceComputerRoleBehavior implements RoleBehavior { @Override - public void grant(@NonNull Role role, @NonNull String packageName, @NonNull Context context) { - UserHandle user = Process.myUserHandle(); + public void grantAsUser(@NonNull Role role, @NonNull String packageName, + @NonNull UserHandle user, @NonNull Context context) { NotificationUtils.grantNotificationAccessForPackageAsUser(packageName, user, context); } @Override - public void revoke(@NonNull Role role, @NonNull String packageName, @NonNull Context context) { - UserHandle user = Process.myUserHandle(); + public void revokeAsUser(@NonNull Role role, @NonNull String packageName, + @NonNull UserHandle user, @NonNull Context context) { NotificationUtils.revokeNotificationAccessForPackageAsUser(packageName, user, context); } } diff --git a/PermissionController/role-controller/java/com/android/role/controller/behavior/CompanionDeviceGlassesRoleBehavior.java b/PermissionController/role-controller/java/com/android/role/controller/behavior/CompanionDeviceGlassesRoleBehavior.java index 136c64cd8..429c03de3 100644 --- a/PermissionController/role-controller/java/com/android/role/controller/behavior/CompanionDeviceGlassesRoleBehavior.java +++ b/PermissionController/role-controller/java/com/android/role/controller/behavior/CompanionDeviceGlassesRoleBehavior.java @@ -17,7 +17,6 @@ package com.android.role.controller.behavior; import android.content.Context; -import android.os.Process; import android.os.UserHandle; import androidx.annotation.NonNull; @@ -32,14 +31,14 @@ import com.android.role.controller.util.NotificationUtils; public class CompanionDeviceGlassesRoleBehavior implements RoleBehavior { @Override - public void grant(@NonNull Role role, @NonNull String packageName, @NonNull Context context) { - UserHandle user = Process.myUserHandle(); + public void grantAsUser(@NonNull Role role, @NonNull String packageName, + @NonNull UserHandle user, @NonNull Context context) { NotificationUtils.grantNotificationAccessForPackageAsUser(packageName, user, context); } @Override - public void revoke(@NonNull Role role, @NonNull String packageName, @NonNull Context context) { - UserHandle user = Process.myUserHandle(); + public void revokeAsUser(@NonNull Role role, @NonNull String packageName, + @NonNull UserHandle user, @NonNull Context context) { NotificationUtils.revokeNotificationAccessForPackageAsUser(packageName, user, context); } } diff --git a/PermissionController/role-controller/java/com/android/role/controller/behavior/CompanionDeviceWatchRoleBehavior.java b/PermissionController/role-controller/java/com/android/role/controller/behavior/CompanionDeviceWatchRoleBehavior.java index a666122b2..256020800 100644 --- a/PermissionController/role-controller/java/com/android/role/controller/behavior/CompanionDeviceWatchRoleBehavior.java +++ b/PermissionController/role-controller/java/com/android/role/controller/behavior/CompanionDeviceWatchRoleBehavior.java @@ -17,7 +17,6 @@ package com.android.role.controller.behavior; import android.content.Context; -import android.os.Process; import android.os.UserHandle; import androidx.annotation.NonNull; @@ -32,14 +31,14 @@ import com.android.role.controller.util.NotificationUtils; public class CompanionDeviceWatchRoleBehavior implements RoleBehavior { @Override - public void grant(@NonNull Role role, @NonNull String packageName, @NonNull Context context) { - UserHandle user = Process.myUserHandle(); + public void grantAsUser(@NonNull Role role, @NonNull String packageName, + @NonNull UserHandle user, @NonNull Context context) { NotificationUtils.grantNotificationAccessForPackageAsUser(packageName, user, context); } @Override - public void revoke(@NonNull Role role, @NonNull String packageName, @NonNull Context context) { - UserHandle user = Process.myUserHandle(); + public void revokeAsUser(@NonNull Role role, @NonNull String packageName, + @NonNull UserHandle user, @NonNull Context context) { NotificationUtils.revokeNotificationAccessForPackageAsUser(packageName, user, context); } } diff --git a/PermissionController/role-controller/java/com/android/role/controller/behavior/DialerRoleBehavior.java b/PermissionController/role-controller/java/com/android/role/controller/behavior/DialerRoleBehavior.java index 2c79c3c6b..d0ee2d5bf 100644 --- a/PermissionController/role-controller/java/com/android/role/controller/behavior/DialerRoleBehavior.java +++ b/PermissionController/role-controller/java/com/android/role/controller/behavior/DialerRoleBehavior.java @@ -17,7 +17,6 @@ package com.android.role.controller.behavior; import android.content.Context; -import android.os.Process; import android.os.UserHandle; import android.telephony.TelephonyManager; @@ -56,21 +55,22 @@ public class DialerRoleBehavior implements RoleBehavior { } @Override - public void grant(@NonNull Role role, @NonNull String packageName, @NonNull Context context) { - UserHandle user = Process.myUserHandle(); + public void grantAsUser(@NonNull Role role, @NonNull String packageName, + @NonNull UserHandle user, @NonNull Context context) { if (SdkLevel.isAtLeastS()) { if (PackageUtils.isSystemPackageAsUser(packageName, user, context)) { - Permissions.grant(packageName, SYSTEM_DIALER_PERMISSIONS, false, false, - true, false, false, context); + Permissions.grantAsUser(packageName, SYSTEM_DIALER_PERMISSIONS, false, false, + true, false, false, user, context); } } } @Override - public void revoke(@NonNull Role role, @NonNull String packageName, - @NonNull Context context) { + public void revokeAsUser(@NonNull Role role, @NonNull String packageName, + @NonNull UserHandle user, @NonNull Context context) { if (SdkLevel.isAtLeastS()) { - Permissions.revoke(packageName, SYSTEM_DIALER_PERMISSIONS, true, false, false, context); + Permissions.revokeAsUser(packageName, SYSTEM_DIALER_PERMISSIONS, true, false, false, + user, context); } } } diff --git a/PermissionController/role-controller/java/com/android/role/controller/behavior/HomeRoleBehavior.java b/PermissionController/role-controller/java/com/android/role/controller/behavior/HomeRoleBehavior.java index 0e28a510a..5bdd5f682 100644 --- a/PermissionController/role-controller/java/com/android/role/controller/behavior/HomeRoleBehavior.java +++ b/PermissionController/role-controller/java/com/android/role/controller/behavior/HomeRoleBehavior.java @@ -140,56 +140,61 @@ public class HomeRoleBehavior implements RoleBehavior { } @Override - public void grant(@NonNull Role role, @NonNull String packageName, @NonNull Context context) { + public void grantAsUser(@NonNull Role role, @NonNull String packageName, + @NonNull UserHandle user, @NonNull Context context) { if (context.getPackageManager().hasSystemFeature(PackageManager.FEATURE_AUTOMOTIVE)) { - Permissions.grant(packageName, AUTOMOTIVE_PERMISSIONS, - true, false, true, false, false, context); + Permissions.grantAsUser(packageName, AUTOMOTIVE_PERMISSIONS, + true, false, true, false, false, user, context); } // Before T, ALLOW_SLIPPERY_TOUCHES may either not exist, or may not be a role permission if (isRolePermission(android.Manifest.permission.ALLOW_SLIPPERY_TOUCHES, context)) { - Permissions.grant(packageName, + Permissions.grantAsUser(packageName, Arrays.asList(android.Manifest.permission.ALLOW_SLIPPERY_TOUCHES), - true, false, true, false, false, context); + true, false, true, false, false, user, context); } if (context.getPackageManager().hasSystemFeature(PackageManager.FEATURE_WATCH)) { if (SdkLevel.isAtLeastT()) { - Permissions.grant(packageName, WEAR_PERMISSIONS_T, - true, false, true, false, false, context); + Permissions.grantAsUser(packageName, WEAR_PERMISSIONS_T, + true, false, true, false, false, user, context); for (String permission : WEAR_APP_OP_PERMISSIONS) { - AppOpPermissions.grant(packageName, permission, true, context); + AppOpPermissions.grantAsUser(packageName, permission, true, user, context); } } if (SdkLevel.isAtLeastV()) { - Permissions.grant(packageName, WEAR_PERMISSIONS_V, - true, false, true, false, false, context); + Permissions.grantAsUser(packageName, WEAR_PERMISSIONS_V, + true, false, true, false, false, user, context); } } } @Override - public void revoke(@NonNull Role role, @NonNull String packageName, @NonNull Context context) { + public void revokeAsUser(@NonNull Role role, @NonNull String packageName, + @NonNull UserHandle user, @NonNull Context context) { if (context.getPackageManager().hasSystemFeature(PackageManager.FEATURE_AUTOMOTIVE)) { - Permissions.revoke(packageName, AUTOMOTIVE_PERMISSIONS, true, false, false, context); + Permissions.revokeAsUser(packageName, AUTOMOTIVE_PERMISSIONS, true, false, false, + user, context); } // Before T, ALLOW_SLIPPERY_TOUCHES may either not exist, or may not be a role permission if (isRolePermission(android.Manifest.permission.ALLOW_SLIPPERY_TOUCHES, context)) { - Permissions.revoke(packageName, + Permissions.revokeAsUser(packageName, Arrays.asList(android.Manifest.permission.ALLOW_SLIPPERY_TOUCHES), - true, false, false, context); + true, false, false, user, context); } if (context.getPackageManager().hasSystemFeature(PackageManager.FEATURE_WATCH)) { if (SdkLevel.isAtLeastT()) { - Permissions.revoke(packageName, WEAR_PERMISSIONS_T, true, false, false, context); + Permissions.revokeAsUser(packageName, WEAR_PERMISSIONS_T, true, false, false, + user, context); for (String permission : WEAR_APP_OP_PERMISSIONS) { - AppOpPermissions.revoke(packageName, permission, context); + AppOpPermissions.revokeAsUser(packageName, permission, user, context); } } if (SdkLevel.isAtLeastV()) { - Permissions.revoke(packageName, WEAR_PERMISSIONS_V, true, false, false, context); + Permissions.revokeAsUser(packageName, WEAR_PERMISSIONS_V, true, false, false, + user, context); } } } diff --git a/PermissionController/role-controller/java/com/android/role/controller/behavior/SmsRoleBehavior.java b/PermissionController/role-controller/java/com/android/role/controller/behavior/SmsRoleBehavior.java index c6b3841c2..6e5c5c920 100644 --- a/PermissionController/role-controller/java/com/android/role/controller/behavior/SmsRoleBehavior.java +++ b/PermissionController/role-controller/java/com/android/role/controller/behavior/SmsRoleBehavior.java @@ -19,7 +19,6 @@ package com.android.role.controller.behavior; import android.app.admin.DevicePolicyManager; import android.app.admin.ManagedSubscriptionsPolicy; import android.content.Context; -import android.os.Process; import android.os.UserHandle; import android.os.UserManager; import android.telephony.TelephonyManager; @@ -113,20 +112,21 @@ public class SmsRoleBehavior implements RoleBehavior { } @Override - public void grant(@NonNull Role role, @NonNull String packageName, @NonNull Context context) { - UserHandle user = Process.myUserHandle(); + public void grantAsUser(@NonNull Role role, @NonNull String packageName, + @NonNull UserHandle user, @NonNull Context context) { if (SdkLevel.isAtLeastS() && PackageUtils.isSystemPackageAsUser(packageName, user, context)) { - Permissions.grant(packageName, SYSTEM_SMS_PERMISSIONS, false, false, - true, false, false, context); + Permissions.grantAsUser(packageName, SYSTEM_SMS_PERMISSIONS, false, false, true, + false, false, user, context); } } @Override - public void revoke(@NonNull Role role, @NonNull String packageName, - @NonNull Context context) { + public void revokeAsUser(@NonNull Role role, @NonNull String packageName, + @NonNull UserHandle user, @NonNull Context context) { if (SdkLevel.isAtLeastS()) { - Permissions.revoke(packageName, SYSTEM_SMS_PERMISSIONS, true, false, false, context); + Permissions.revokeAsUser(packageName, SYSTEM_SMS_PERMISSIONS, true, false, false, + user, context); } } } diff --git a/PermissionController/role-controller/java/com/android/role/controller/model/AppOp.java b/PermissionController/role-controller/java/com/android/role/controller/model/AppOp.java index 926592db3..6647a4f94 100644 --- a/PermissionController/role-controller/java/com/android/role/controller/model/AppOp.java +++ b/PermissionController/role-controller/java/com/android/role/controller/model/AppOp.java @@ -18,7 +18,6 @@ package com.android.role.controller.model; import android.content.Context; import android.content.pm.ApplicationInfo; -import android.os.Process; import android.os.UserHandle; import androidx.annotation.NonNull; @@ -74,15 +73,16 @@ public class AppOp { * Grant this app op to an application. * * @param packageName the package name of the application + * @param user the user of the application * @param context the {@code Context} to retrieve system services * * @return whether any app mode has changed */ - public boolean grant(@NonNull String packageName, @NonNull Context context) { - if (!checkTargetSdkVersion(packageName, context)) { + public boolean grantAsUser(@NonNull String packageName, @NonNull UserHandle user, + @NonNull Context context) { + if (!checkTargetSdkVersionAsUser(packageName, user, context)) { return false; } - UserHandle user = Process.myUserHandle(); return Permissions.setAppOpUidModeAsUser(packageName, mName, mMode, user, context); } @@ -90,25 +90,27 @@ public class AppOp { * Revoke this app op from an application. * * @param packageName the package name of the application + * @param user the user of the application * @param context the {@code Context} to retrieve system services * * @return whether any app mode has changed */ - public boolean revoke(@NonNull String packageName, @NonNull Context context) { - if (!checkTargetSdkVersion(packageName, context)) { + public boolean revokeAsUser(@NonNull String packageName, @NonNull UserHandle user, + @NonNull Context context) { + if (!checkTargetSdkVersionAsUser(packageName, user, context)) { return false; } int defaultMode = Permissions.getDefaultAppOpMode(mName); - UserHandle user = Process.myUserHandle(); return Permissions.setAppOpUidModeAsUser(packageName, mName, defaultMode, user, context); } - private boolean checkTargetSdkVersion(@NonNull String packageName, @NonNull Context context) { + private boolean checkTargetSdkVersionAsUser(@NonNull String packageName, + @NonNull UserHandle user, @NonNull Context context) { if (mMaxTargetSdkVersion == null) { return true; } - ApplicationInfo applicationInfo = PackageUtils.getApplicationInfoAsUser(packageName, - Process.myUserHandle(), context); + ApplicationInfo applicationInfo = PackageUtils.getApplicationInfoAsUser(packageName, user, + context); if (applicationInfo == null) { return false; } diff --git a/PermissionController/role-controller/java/com/android/role/controller/model/AppOpPermissions.java b/PermissionController/role-controller/java/com/android/role/controller/model/AppOpPermissions.java index 2e8cbed7e..edd74e31e 100644 --- a/PermissionController/role-controller/java/com/android/role/controller/model/AppOpPermissions.java +++ b/PermissionController/role-controller/java/com/android/role/controller/model/AppOpPermissions.java @@ -21,7 +21,6 @@ import android.content.Context; import android.content.pm.PackageInfo; import android.content.pm.PackageManager; import android.os.Build; -import android.os.Process; import android.os.UserHandle; import androidx.annotation.NonNull; @@ -44,13 +43,13 @@ public class AppOpPermissions { * @param appOpPermission the name of the app op permission * @param overrideNonDefaultMode whether to override the app opp mode if it isn't in the default * mode + * @param user the user of the application * @param context the {@code Context} to retrieve system services * * @return whether any app op mode has changed */ - public static boolean grant(@NonNull String packageName, @NonNull String appOpPermission, - boolean overrideNonDefaultMode, @NonNull Context context) { - UserHandle user = Process.myUserHandle(); + public static boolean grantAsUser(@NonNull String packageName, @NonNull String appOpPermission, + boolean overrideNonDefaultMode, @NonNull UserHandle user, @NonNull Context context) { PackageInfo packageInfo = PackageUtils.getPackageInfoAsUser(packageName, PackageManager.GET_PERMISSIONS, user, context); if (packageInfo == null) { @@ -80,13 +79,13 @@ public class AppOpPermissions { * * @param packageName the package name of the application * @param appOpPermission the name of the app op permission + * @param user the user of the application * @param context the {@code Context} to retrieve system services * * @return whether any app op mode has changed */ - public static boolean revoke(@NonNull String packageName, @NonNull String appOpPermission, - @NonNull Context context) { - UserHandle user = Process.myUserHandle(); + public static boolean revokeAsUser(@NonNull String packageName, @NonNull String appOpPermission, + @NonNull UserHandle user, @NonNull Context context) { if (!Permissions.isPermissionGrantedByRoleAsUser(packageName, appOpPermission, user, context)) { return false; diff --git a/PermissionController/role-controller/java/com/android/role/controller/model/Permissions.java b/PermissionController/role-controller/java/com/android/role/controller/model/Permissions.java index 76de27651..8a15612b9 100644 --- a/PermissionController/role-controller/java/com/android/role/controller/model/Permissions.java +++ b/PermissionController/role-controller/java/com/android/role/controller/model/Permissions.java @@ -24,7 +24,6 @@ import android.content.pm.PackageManager; import android.content.pm.PermissionGroupInfo; import android.content.pm.PermissionInfo; import android.os.Build; -import android.os.Process; import android.os.UserHandle; import android.permission.PermissionManager; import android.util.ArrayMap; @@ -90,6 +89,7 @@ public class Permissions { * @param setGrantedByRole whether the permissions will be granted as granted-by-role * @param setGrantedByDefault whether the permissions will be granted as granted-by-default * @param setSystemFixed whether the permissions will be granted as system-fixed + * @param user the user of the application * @param context the {@code Context} to retrieve system services * * @return whether any permission or app op changed @@ -97,11 +97,10 @@ public class Permissions { * @see com.android.server.pm.permission.DefaultPermissionGrantPolicy#grantRuntimePermissions( * PackageInfo, java.util.Set, boolean, boolean, int) */ - public static boolean grant(@NonNull String packageName, @NonNull List<String> permissions, - boolean overrideDisabledSystemPackage, boolean overrideUserSetAndFixed, - boolean setGrantedByRole, boolean setGrantedByDefault, boolean setSystemFixed, - @NonNull Context context) { - UserHandle user = Process.myUserHandle(); + public static boolean grantAsUser(@NonNull String packageName, + @NonNull List<String> permissions, boolean overrideDisabledSystemPackage, + boolean overrideUserSetAndFixed, boolean setGrantedByRole, boolean setGrantedByDefault, + boolean setSystemFixed, @NonNull UserHandle user, @NonNull Context context) { if (setGrantedByRole == setGrantedByDefault) { throw new IllegalArgumentException("Permission must be either granted by role, or" + " granted by default, but not both"); @@ -144,8 +143,8 @@ public class Permissions { // apps, (default grants on first boot and user creation) we don't grant default // permissions if the version on the system image does not declare them. if (!overrideDisabledSystemPackage && isUpdatedSystemApp(packageInfo)) { - PackageInfo disabledSystemPackageInfo = getFactoryPackageInfoAsUser(packageName, - user, context); + PackageInfo disabledSystemPackageInfo = getFactoryPackageInfoAsUser(packageName, user, + context); if (disabledSystemPackageInfo != null) { if (ArrayUtils.isEmpty(disabledSystemPackageInfo.requestedPermissions)) { return false; @@ -179,9 +178,10 @@ public class Permissions { boolean permissionOrAppOpChanged = false; - PackageManager packageManager = context.getPackageManager(); + Context userContext = UserUtils.getUserContext(context, user); + PackageManager userPackageManager = userContext.getPackageManager(); Set<String> whitelistedRestrictedPermissions = new ArraySet<>( - packageManager.getWhitelistedRestrictedPermissions(packageName, + userPackageManager.getWhitelistedRestrictedPermissions(packageName, PackageManager.FLAG_PERMISSION_WHITELIST_SYSTEM)); int sortedPermissionsToGrantLength = sortedPermissionsToGrant.length; @@ -190,7 +190,7 @@ public class Permissions { if (isRestrictedPermission(permission, context) && whitelistedRestrictedPermissions.add(permission)) { - packageManager.addWhitelistedRestrictedPermission(packageName, permission, + userPackageManager.addWhitelistedRestrictedPermission(packageName, permission, PackageManager.FLAG_PERMISSION_WHITELIST_SYSTEM); } @@ -393,16 +393,17 @@ public class Permissions { * @param onlyIfGrantedByDefault revoke the permission only if it is granted by default * @param overrideSystemFixed whether system-fixed permissions can be revoked * @param context the {@code Context} to retrieve system services + * @param user the user of the application * * @return whether any permission or app op changed * * @see com.android.server.pm.permission.DefaultPermissionGrantPolicy#revokeRuntimePermissions( * String, java.util.Set, boolean, int) */ - public static boolean revoke(@NonNull String packageName, @NonNull List<String> permissions, - boolean onlyIfGrantedByRole, boolean onlyIfGrantedByDefault, - boolean overrideSystemFixed, @NonNull Context context) { - UserHandle user = Process.myUserHandle(); + public static boolean revokeAsUser(@NonNull String packageName, + @NonNull List<String> permissions, boolean onlyIfGrantedByRole, + boolean onlyIfGrantedByDefault, boolean overrideSystemFixed, @NonNull UserHandle user, + @NonNull Context context) { PackageInfo packageInfo = getPackageInfoAsUser(packageName, user, context); if (packageInfo == null) { return false; @@ -437,9 +438,10 @@ public class Permissions { } } - PackageManager packageManager = context.getPackageManager(); + Context userContext = UserUtils.getUserContext(context, user); + PackageManager userPackageManager = userContext.getPackageManager(); Set<String> whitelistedRestrictedPermissions = - packageManager.getWhitelistedRestrictedPermissions(packageName, + userPackageManager.getWhitelistedRestrictedPermissions(packageName, PackageManager.FLAG_PERMISSION_WHITELIST_SYSTEM | PackageManager.FLAG_PERMISSION_WHITELIST_UPGRADE | PackageManager.FLAG_PERMISSION_WHITELIST_INSTALLER); @@ -457,7 +459,7 @@ public class Permissions { // Remove from the system whitelist only if not granted by default. if (!isPermissionGrantedByDefaultAsUser(packageName, permission, user, context) && whitelistedRestrictedPermissions.remove(permission)) { - packageManager.removeWhitelistedRestrictedPermission(packageName, permission, + userPackageManager.removeWhitelistedRestrictedPermission(packageName, permission, PackageManager.FLAG_PERMISSION_WHITELIST_SYSTEM); } } diff --git a/PermissionController/role-controller/java/com/android/role/controller/model/PreferredActivity.java b/PermissionController/role-controller/java/com/android/role/controller/model/PreferredActivity.java index 438bdbdea..7ea7de046 100644 --- a/PermissionController/role-controller/java/com/android/role/controller/model/PreferredActivity.java +++ b/PermissionController/role-controller/java/com/android/role/controller/model/PreferredActivity.java @@ -22,10 +22,12 @@ import android.content.Intent; import android.content.IntentFilter; import android.content.pm.PackageManager; import android.content.pm.ResolveInfo; -import android.os.Process; +import android.os.UserHandle; import androidx.annotation.NonNull; +import com.android.role.controller.util.UserUtils; + import java.util.ArrayList; import java.util.List; import java.util.Objects; @@ -68,18 +70,21 @@ public class PreferredActivity { * Configure this preferred activity specification for an application. * * @param packageName the package name of the application + * @param user the user of the application * @param context the {@code Context} to retrieve system services */ - public void configure(@NonNull String packageName, @NonNull Context context) { + public void configureAsUser(@NonNull String packageName, @NonNull UserHandle user, + @NonNull Context context) { ComponentName packageActivity = mActivity.getQualifyingComponentForPackageAsUser( - packageName, Process.myUserHandle(), context); + packageName, user, context); if (packageActivity == null) { // We might be running into some race condition here, but we can't do anything about it. // This should be handled by a future reconciliation started by the package change. return; } - PackageManager packageManager = context.getPackageManager(); + Context userContext = UserUtils.getUserContext(context, user); + PackageManager userPackageManager = userContext.getPackageManager(); int intentFilterDatasSize = mIntentFilterDatas.size(); for (int i = 0; i < intentFilterDatasSize; i++) { IntentFilterData intentFilterData = mIntentFilterDatas.get(i); @@ -93,7 +98,7 @@ public class PreferredActivity { ? IntentFilter.MATCH_CATEGORY_SCHEME : IntentFilter.MATCH_CATEGORY_EMPTY; Intent intent = intentFilterData.createIntent(); - List<ResolveInfo> resolveInfos = packageManager.queryIntentActivities(intent, + List<ResolveInfo> resolveInfos = userPackageManager.queryIntentActivities(intent, PackageManager.MATCH_DIRECT_BOOT_AWARE | PackageManager.MATCH_DIRECT_BOOT_UNAWARE | PackageManager.MATCH_DEFAULT_ONLY); @@ -108,7 +113,7 @@ public class PreferredActivity { set.add(componentName); } - packageManager.replacePreferredActivity(intentFilter, match, set, packageActivity); + userPackageManager.replacePreferredActivity(intentFilter, match, set, packageActivity); } } diff --git a/PermissionController/role-controller/java/com/android/role/controller/model/Role.java b/PermissionController/role-controller/java/com/android/role/controller/model/Role.java index 456929965..536bcc912 100644 --- a/PermissionController/role-controller/java/com/android/role/controller/model/Role.java +++ b/PermissionController/role-controller/java/com/android/role/controller/model/Role.java @@ -26,7 +26,6 @@ import android.content.pm.SharedLibraryInfo; import android.content.pm.Signature; import android.content.res.Resources; import android.os.Build; -import android.os.Process; import android.os.UserHandle; import android.text.TextUtils; import android.util.ArrayMap; @@ -776,42 +775,42 @@ public class Role { * @param packageName the package name of the application to be granted this role to * @param dontKillApp whether this application should not be killed despite changes * @param overrideUser whether to override user when granting privileges + * @param user the user of the application * @param context the {@code Context} to retrieve system services */ - public void grant(@NonNull String packageName, boolean dontKillApp, - boolean overrideUser, @NonNull Context context) { - boolean permissionOrAppOpChanged = Permissions.grant(packageName, + public void grantAsUser(@NonNull String packageName, boolean dontKillApp, + boolean overrideUser, @NonNull UserHandle user, @NonNull Context context) { + boolean permissionOrAppOpChanged = Permissions.grantAsUser(packageName, Permissions.filterBySdkVersion(mPermissions), SdkLevel.isAtLeastS() ? !mSystemOnly : true, overrideUser, true, false, false, - context); + user, context); List<String> appOpPermissionsToGrant = Permissions.filterBySdkVersion(mAppOpPermissions); int appOpPermissionsSize = appOpPermissionsToGrant.size(); for (int i = 0; i < appOpPermissionsSize; i++) { String appOpPermission = appOpPermissionsToGrant.get(i); - AppOpPermissions.grant(packageName, appOpPermission, overrideUser, context); + AppOpPermissions.grantAsUser(packageName, appOpPermission, overrideUser, user, context); } int appOpsSize = mAppOps.size(); for (int i = 0; i < appOpsSize; i++) { AppOp appOp = mAppOps.get(i); - appOp.grant(packageName, context); + appOp.grantAsUser(packageName, user, context); } int preferredActivitiesSize = mPreferredActivities.size(); for (int i = 0; i < preferredActivitiesSize; i++) { PreferredActivity preferredActivity = mPreferredActivities.get(i); - preferredActivity.configure(packageName, context); + preferredActivity.configureAsUser(packageName, user, context); } if (mBehavior != null) { - mBehavior.grant(this, packageName, context); + mBehavior.grantAsUser(this, packageName, user, context); } if (!dontKillApp && permissionOrAppOpChanged - && !Permissions.isRuntimePermissionsSupportedAsUser(packageName, - Process.myUserHandle(), context)) { - killAppAsUser(packageName, Process.myUserHandle(), context); + && !Permissions.isRuntimePermissionsSupportedAsUser(packageName, user, context)) { + killAppAsUser(packageName, user, context); } } @@ -821,12 +820,15 @@ public class Role { * @param packageName the package name of the application to be granted this role to * @param dontKillApp whether this application should not be killed despite changes * @param overrideSystemFixedPermissions whether system-fixed permissions can be revoked + * @param user the user of the role * @param context the {@code Context} to retrieve system services */ - public void revoke(@NonNull String packageName, boolean dontKillApp, - boolean overrideSystemFixedPermissions, @NonNull Context context) { - RoleManager roleManager = context.getSystemService(RoleManager.class); - List<String> otherRoleNames = roleManager.getHeldRolesFromController(packageName); + public void revokeAsUser(@NonNull String packageName, boolean dontKillApp, + boolean overrideSystemFixedPermissions, @NonNull UserHandle user, + @NonNull Context context) { + Context userContext = UserUtils.getUserContext(context, user); + RoleManager userRoleManager = userContext.getSystemService(RoleManager.class); + List<String> otherRoleNames = userRoleManager.getHeldRolesFromController(packageName); otherRoleNames.remove(mName); List<String> permissionsToRevoke = Permissions.filterBySdkVersion(mPermissions); @@ -838,8 +840,8 @@ public class Role { permissionsToRevoke.removeAll(Permissions.filterBySdkVersion(role.mPermissions)); } - boolean permissionOrAppOpChanged = Permissions.revoke(packageName, permissionsToRevoke, - true, false, overrideSystemFixedPermissions, context); + boolean permissionOrAppOpChanged = Permissions.revokeAsUser(packageName, + permissionsToRevoke, true, false, overrideSystemFixedPermissions, user, context); List<String> appOpPermissionsToRevoke = Permissions.filterBySdkVersion(mAppOpPermissions); for (int i = 0; i < otherRoleNamesSize; i++) { @@ -851,7 +853,7 @@ public class Role { int appOpPermissionsSize = appOpPermissionsToRevoke.size(); for (int i = 0; i < appOpPermissionsSize; i++) { String appOpPermission = appOpPermissionsToRevoke.get(i); - AppOpPermissions.revoke(packageName, appOpPermission, context); + AppOpPermissions.revokeAsUser(packageName, appOpPermission, user, context); } List<AppOp> appOpsToRevoke = new ArrayList<>(mAppOps); @@ -863,7 +865,7 @@ public class Role { int appOpsSize = appOpsToRevoke.size(); for (int i = 0; i < appOpsSize; i++) { AppOp appOp = appOpsToRevoke.get(i); - appOp.revoke(packageName, context); + appOp.revokeAsUser(packageName, user, context); } // TODO: Revoke preferred activities? But this is unnecessary for most roles using it as @@ -872,11 +874,11 @@ public class Role { // wrong thing when we are removing a exclusive role holder for adding another. if (mBehavior != null) { - mBehavior.revoke(this, packageName, context); + mBehavior.revokeAsUser(this, packageName, user, context); } if (!dontKillApp && permissionOrAppOpChanged) { - killAppAsUser(packageName, Process.myUserHandle(), context); + killAppAsUser(packageName, user, context); } } diff --git a/PermissionController/role-controller/java/com/android/role/controller/model/RoleBehavior.java b/PermissionController/role-controller/java/com/android/role/controller/model/RoleBehavior.java index 6f86f6858..34d2282a7 100644 --- a/PermissionController/role-controller/java/com/android/role/controller/model/RoleBehavior.java +++ b/PermissionController/role-controller/java/com/android/role/controller/model/RoleBehavior.java @@ -90,15 +90,16 @@ public interface RoleBehavior { } /** - * @see Role#grant(String, boolean, boolean, boolean, Context) + * @see Role#grantAsUser(String, boolean, boolean, UserHandle, Context) */ - default void grant(@NonNull Role role, @NonNull String packageName, @NonNull Context context) {} + default void grantAsUser(@NonNull Role role, @NonNull String packageName, + @NonNull UserHandle user, @NonNull Context context) {} /** - * @see Role#revoke(String, boolean, boolean, Context) + * @see Role#revokeAsUser(String, boolean, boolean, UserHandle, Context) */ - default void revoke(@NonNull Role role, @NonNull String packageName, - @NonNull Context context) {} + default void revokeAsUser(@NonNull Role role, @NonNull String packageName, + @NonNull UserHandle user, @NonNull Context context) {} /** * @see Role#onHolderSelectedAsUser(String, UserHandle, Context) diff --git a/PermissionController/src/com/android/permissioncontroller/role/service/RoleControllerServiceImpl.java b/PermissionController/src/com/android/permissioncontroller/role/service/RoleControllerServiceImpl.java index 8b9e93112..45f1236bb 100644 --- a/PermissionController/src/com/android/permissioncontroller/role/service/RoleControllerServiceImpl.java +++ b/PermissionController/src/com/android/permissioncontroller/role/service/RoleControllerServiceImpl.java @@ -18,6 +18,7 @@ package com.android.permissioncontroller.role.service; import android.app.role.RoleControllerService; import android.app.role.RoleManager; +import android.content.Context; import android.content.pm.ApplicationInfo; import android.os.Process; import android.os.UserHandle; @@ -33,6 +34,7 @@ import com.android.permissioncontroller.role.utils.PackageUtils; import com.android.permissioncontroller.role.utils.RoleUiBehaviorUtils; import com.android.role.controller.model.Role; import com.android.role.controller.model.Roles; +import com.android.role.controller.util.UserUtils; import java.util.ArrayList; import java.util.List; @@ -47,20 +49,24 @@ public class RoleControllerServiceImpl extends RoleControllerService { private static final boolean DEBUG = false; - private RoleManager mRoleManager; + private UserHandle mUser; + + private RoleManager mUserRoleManager; @Override public void onCreate() { super.onCreate(); - mRoleManager = getSystemService(RoleManager.class); + mUser = Process.myUserHandle(); + Context userContext = UserUtils.getUserContext(this, mUser); + mUserRoleManager = userContext.getSystemService(RoleManager.class); } @Override @WorkerThread public boolean onGrantDefaultRoles() { if (DEBUG) { - Log.i(LOG_TAG, "Granting default roles, user: " + UserHandle.myUserId()); + Log.i(LOG_TAG, "Granting default roles, user: " + mUser.myUserId()); } // Gather the available roles for current user. @@ -72,13 +78,13 @@ public class RoleControllerServiceImpl extends RoleControllerService { for (int i = 0; i < roleMapSize; i++) { Role role = roleMap.valueAt(i); - if (!role.isAvailableAsUser(Process.myUserHandle(), this)) { + if (!role.isAvailableAsUser(mUser, this)) { continue; } roles.add(role); String roleName = role.getName(); roleNames.add(roleName); - if (!mRoleManager.isRoleAvailable(roleName)) { + if (!mUserRoleManager.isRoleAvailable(roleName)) { addedRoleNames.add(roleName); } } @@ -86,14 +92,14 @@ public class RoleControllerServiceImpl extends RoleControllerService { // TODO: Clean up holders of roles that will be removed. // Set the available role names in RoleManager. - mRoleManager.setRoleNamesFromController(roleNames); + mUserRoleManager.setRoleNamesFromController(roleNames); int addedRoleNamesSize = addedRoleNames.size(); for (int i = 0; i < addedRoleNamesSize; i++) { String roleName = addedRoleNames.valueAt(i); Role role = roleMap.get(roleName); - role.onRoleAddedAsUser(Process.myUserHandle(), this); + role.onRoleAddedAsUser(mUser, this); } // Go through the holders of all roles. @@ -105,14 +111,14 @@ public class RoleControllerServiceImpl extends RoleControllerService { // For each of the current holders, check if it is still qualified, redo grant if so, or // remove it otherwise. - List<String> currentPackageNames = mRoleManager.getRoleHolders(roleName); + List<String> currentPackageNames = mUserRoleManager.getRoleHolders(roleName); int currentPackageNamesSize = currentPackageNames.size(); for (int currentPackageNamesIndex = 0; currentPackageNamesIndex < currentPackageNamesSize; currentPackageNamesIndex++) { String packageName = currentPackageNames.get(currentPackageNamesIndex); - if (role.isPackageQualifiedAsUser(packageName, Process.myUserHandle(), this)) { + if (role.isPackageQualifiedAsUser(packageName, mUser, this)) { // We should not override user set or fixed permissions because we are only // redoing the grant here. Otherwise, user won't be able to revoke permissions // granted by role. @@ -126,17 +132,17 @@ public class RoleControllerServiceImpl extends RoleControllerService { // If there is no holder for a role now, or the role is static, we need to add default // or fallback holders, if any. - currentPackageNames = mRoleManager.getRoleHolders(roleName); + currentPackageNames = mUserRoleManager.getRoleHolders(roleName); currentPackageNamesSize = currentPackageNames.size(); boolean isStaticRole = role.isStatic(); if (currentPackageNamesSize == 0 || isStaticRole) { List<String> packageNamesToAdd = null; if (addedRoleNames.contains(roleName) || isStaticRole) { - packageNamesToAdd = role.getDefaultHoldersAsUser(Process.myUserHandle(), this); + packageNamesToAdd = role.getDefaultHoldersAsUser(mUser, this); } if (packageNamesToAdd == null || packageNamesToAdd.isEmpty()) { packageNamesToAdd = CollectionUtils.singletonOrEmpty( - role.getFallbackHolderAsUser(Process.myUserHandle(), this)); + role.getFallbackHolderAsUser(mUser, this)); } int packageNamesToAddSize = packageNamesToAdd.size(); @@ -149,8 +155,7 @@ public class RoleControllerServiceImpl extends RoleControllerService { // static roles. continue; } - if (!role.isPackageQualifiedAsUser(packageName, Process.myUserHandle(), - this)) { + if (!role.isPackageQualifiedAsUser(packageName, mUser, this)) { Log.e(LOG_TAG, "Default/fallback role holder package doesn't qualify for" + " the role, package: " + packageName + ", role: " + roleName); continue; @@ -166,7 +171,7 @@ public class RoleControllerServiceImpl extends RoleControllerService { } // Ensure that an exclusive role has at most one holder. - currentPackageNames = mRoleManager.getRoleHolders(roleName); + currentPackageNames = mUserRoleManager.getRoleHolders(roleName); currentPackageNamesSize = currentPackageNames.size(); if (role.isExclusive() && currentPackageNamesSize > 1) { Log.w(LOG_TAG, "Multiple packages holding an exclusive role, role: " @@ -200,12 +205,12 @@ public class RoleControllerServiceImpl extends RoleControllerService { Log.e(LOG_TAG, "Unknown role: " + roleName); return false; } - if (!role.isAvailableAsUser(Process.myUserHandle(), this)) { + if (!role.isAvailableAsUser(mUser, this)) { Log.e(LOG_TAG, "Role is unavailable: " + roleName); return false; } - if (!role.isPackageQualifiedAsUser(packageName, Process.myUserHandle(), this)) { + if (!role.isPackageQualifiedAsUser(packageName, mUser, this)) { Log.e(LOG_TAG, "Package does not qualify for the role, package: " + packageName + ", role: " + roleName); return false; @@ -213,7 +218,7 @@ public class RoleControllerServiceImpl extends RoleControllerService { boolean added = false; if (role.isExclusive()) { - List<String> currentPackageNames = mRoleManager.getRoleHolders(roleName); + List<String> currentPackageNames = mUserRoleManager.getRoleHolders(roleName); int currentPackageNamesSize = currentPackageNames.size(); for (int i = 0; i < currentPackageNamesSize; i++) { String currentPackageName = currentPackageNames.get(i); @@ -240,8 +245,8 @@ public class RoleControllerServiceImpl extends RoleControllerService { return false; } - role.onHolderAddedAsUser(packageName, Process.myUserHandle(), this); - role.onHolderChangedAsUser(Process.myUserHandle(), this); + role.onHolderAddedAsUser(packageName, mUser, this); + role.onHolderChangedAsUser(mUser, this); return true; } @@ -259,7 +264,7 @@ public class RoleControllerServiceImpl extends RoleControllerService { Log.e(LOG_TAG, "Unknown role: " + roleName); return false; } - if (!role.isAvailableAsUser(Process.myUserHandle(), this)) { + if (!role.isAvailableAsUser(mUser, this)) { Log.e(LOG_TAG, "Role is unavailable: " + roleName); return false; } @@ -276,7 +281,7 @@ public class RoleControllerServiceImpl extends RoleControllerService { return false; } - role.onHolderChangedAsUser(Process.myUserHandle(), this); + role.onHolderChangedAsUser(mUser, this); return true; } @@ -293,7 +298,7 @@ public class RoleControllerServiceImpl extends RoleControllerService { Log.e(LOG_TAG, "Unknown role: " + roleName); return false; } - if (!role.isAvailableAsUser(Process.myUserHandle(), this)) { + if (!role.isAvailableAsUser(mUser, this)) { Log.e(LOG_TAG, "Role is unavailable: " + roleName); return false; } @@ -310,7 +315,7 @@ public class RoleControllerServiceImpl extends RoleControllerService { return false; } - role.onHolderChangedAsUser(Process.myUserHandle(), this); + role.onHolderChangedAsUser(mUser, this); return true; } @@ -324,11 +329,11 @@ public class RoleControllerServiceImpl extends RoleControllerService { @WorkerThread private boolean addRoleHolderInternal(@NonNull Role role, @NonNull String packageName, boolean dontKillApp, boolean overrideUser, boolean added) { - role.grant(packageName, dontKillApp, overrideUser, this); + role.grantAsUser(packageName, dontKillApp, overrideUser, mUser, this); String roleName = role.getName(); if (!added) { - added = mRoleManager.addRoleHolderFromController(roleName, packageName); + added = mUserRoleManager.addRoleHolderFromController(roleName, packageName); } if (!added) { Log.e(LOG_TAG, "Failed to add role holder in RoleManager, package: " + packageName @@ -340,17 +345,18 @@ public class RoleControllerServiceImpl extends RoleControllerService { @WorkerThread private boolean removeRoleHolderInternal(@NonNull Role role, @NonNull String packageName, boolean dontKillApp) { - ApplicationInfo applicationInfo = PackageUtils.getApplicationInfo(packageName, this); + ApplicationInfo applicationInfo = PackageUtils.getApplicationInfoAsUser(packageName, + mUser, this); if (applicationInfo == null) { Log.w(LOG_TAG, "Cannot get ApplicationInfo for package: " + packageName); } if (applicationInfo != null) { - role.revoke(packageName, dontKillApp, false, this); + role.revokeAsUser(packageName, dontKillApp, false, mUser, this); } String roleName = role.getName(); - boolean removed = mRoleManager.removeRoleHolderFromController(roleName, packageName); + boolean removed = mUserRoleManager.removeRoleHolderFromController(roleName, packageName); if (!removed) { Log.e(LOG_TAG, "Failed to remove role holder in RoleManager," + " package: " + packageName + ", role: " + roleName); @@ -361,7 +367,7 @@ public class RoleControllerServiceImpl extends RoleControllerService { @WorkerThread private boolean clearRoleHoldersInternal(@NonNull Role role, boolean dontKillApp) { String roleName = role.getName(); - List<String> packageNames = mRoleManager.getRoleHolders(roleName); + List<String> packageNames = mUserRoleManager.getRoleHolders(roleName); boolean cleared = true; int packageNamesSize = packageNames.size(); @@ -382,17 +388,17 @@ public class RoleControllerServiceImpl extends RoleControllerService { @WorkerThread private boolean addFallbackRoleHolderMaybe(@NonNull Role role) { String roleName = role.getName(); - List<String> currentPackageNames = mRoleManager.getRoleHolders(roleName); + List<String> currentPackageNames = mUserRoleManager.getRoleHolders(roleName); if (!currentPackageNames.isEmpty()) { return true; } - String fallbackPackageName = role.getFallbackHolderAsUser(Process.myUserHandle(), this); + String fallbackPackageName = role.getFallbackHolderAsUser(mUser, this); if (fallbackPackageName == null) { return true; } - if (!role.isPackageQualifiedAsUser(fallbackPackageName, Process.myUserHandle(), this)) { + if (!role.isPackageQualifiedAsUser(fallbackPackageName, mUser, this)) { Log.e(LOG_TAG, "Fallback role holder package doesn't qualify for the role, package: " + fallbackPackageName + ", role: " + roleName); return false; @@ -423,15 +429,16 @@ public class RoleControllerServiceImpl extends RoleControllerService { if (role == null) { return false; } - if (!role.isAvailableAsUser(Process.myUserHandle(), this)) { + if (!role.isAvailableAsUser(mUser, this)) { return false; } - if (!role.isPackageQualifiedAsUser(packageName, Process.myUserHandle(), this)) { + if (!role.isPackageQualifiedAsUser(packageName, mUser, this)) { return false; } - ApplicationInfo applicationInfo = PackageUtils.getApplicationInfo(packageName, this); + ApplicationInfo applicationInfo = PackageUtils.getApplicationInfoAsUser(packageName, + mUser, this); if (applicationInfo == null || !RoleUiBehaviorUtils.isApplicationVisibleAsUser(role, - applicationInfo, Process.myUserHandle(), this)) { + applicationInfo, mUser, this)) { return false; } return true; @@ -443,11 +450,11 @@ public class RoleControllerServiceImpl extends RoleControllerService { if (role == null) { return false; } - if (!role.isAvailableAsUser(Process.myUserHandle(), this)) { + if (!role.isAvailableAsUser(mUser, this)) { return false; } - return RoleUiBehaviorUtils.isVisibleAsUser(role, Process.myUserHandle(), this); + return RoleUiBehaviorUtils.isVisibleAsUser(role, mUser, this); } private static boolean checkFlags(int flags, int allowedFlags) { |