diff options
author | Nate Myren <ntmyren@google.com> | 2023-09-22 18:20:31 +0000 |
---|---|---|
committer | Android (Google) Code Review <android-gerrit@google.com> | 2023-09-22 18:20:31 +0000 |
commit | d9c949baa49be81c8fd7720e4248bee3313251d4 (patch) | |
tree | 1df3d6b46534dad3b0c4c8363fc546d06d77e217 /PermissionController/src/com/android | |
parent | 803fd3451bc0614dd5d7149d529c41ef14d48864 (diff) | |
parent | eac22a8f58c4981e4f864c1a0650f901ad574887 (diff) | |
download | Permission-d9c949baa49be81c8fd7720e4248bee3313251d4.tar.gz |
Merge "Keep exempt permissions out of revokable groups list" into udc-mainline-prod
Diffstat (limited to 'PermissionController/src/com/android')
2 files changed, 7 insertions, 3 deletions
diff --git a/PermissionController/src/com/android/permissioncontroller/permission/data/HibernationSettingStateLiveData.kt b/PermissionController/src/com/android/permissioncontroller/permission/data/HibernationSettingStateLiveData.kt index 606562641..f764988c7 100644 --- a/PermissionController/src/com/android/permissioncontroller/permission/data/HibernationSettingStateLiveData.kt +++ b/PermissionController/src/com/android/permissioncontroller/permission/data/HibernationSettingStateLiveData.kt @@ -34,6 +34,7 @@ import com.android.permissioncontroller.hibernation.isPackageHibernationExemptBy import com.android.permissioncontroller.hibernation.isPackageHibernationExemptByUser import com.android.permissioncontroller.permission.data.PackagePermissionsLiveData.Companion.NON_RUNTIME_NORMAL_PERMS import com.android.permissioncontroller.permission.model.livedatatypes.HibernationSettingState +import com.android.permissioncontroller.permission.service.AUTO_REVOKE_EXEMPT_PERMISSIONS import kotlinx.coroutines.Job /** @@ -117,7 +118,10 @@ class HibernationSettingStateLiveData private constructor( permState.permFlags and (FLAG_PERMISSION_GRANTED_BY_DEFAULT or FLAG_PERMISSION_GRANTED_BY_ROLE) != 0 } ?: false - if (!default) { + val allExempt = liveData.value?.all { (permName, _) -> + permName in AUTO_REVOKE_EXEMPT_PERMISSIONS + } ?: false + if (!default && !allExempt) { revocableGroups.add(groupName) } } diff --git a/PermissionController/src/com/android/permissioncontroller/permission/service/AutoRevokePermissions.kt b/PermissionController/src/com/android/permissioncontroller/permission/service/AutoRevokePermissions.kt index 52e89e972..ec14951ae 100644 --- a/PermissionController/src/com/android/permissioncontroller/permission/service/AutoRevokePermissions.kt +++ b/PermissionController/src/com/android/permissioncontroller/permission/service/AutoRevokePermissions.kt @@ -49,7 +49,7 @@ import java.util.concurrent.atomic.AtomicBoolean private const val LOG_TAG = "AutoRevokePermissions" const val DEBUG_AUTO_REVOKE = true -private val EXEMPT_PERMISSIONS = listOf( +val AUTO_REVOKE_EXEMPT_PERMISSIONS = listOf( Manifest.permission.ACTIVITY_RECOGNITION, Manifest.permission.POST_NOTIFICATIONS) @@ -115,7 +115,7 @@ suspend fun revokeAppPermissions( .getInitializedValue() ?: continue val fixed = group.isBackgroundFixed || group.isForegroundFixed val granted = group.permissions.any { (_, perm) -> - perm.isGrantedIncludingAppOp && perm.name !in EXEMPT_PERMISSIONS + perm.isGrantedIncludingAppOp && perm.name !in AUTO_REVOKE_EXEMPT_PERMISSIONS } if (!fixed && granted && !group.isGrantedByDefault && |