diff options
author | Nate Myren <ntmyren@google.com> | 2023-09-01 11:18:15 -0700 |
---|---|---|
committer | Nate Myren <ntmyren@google.com> | 2023-09-01 18:21:26 +0000 |
commit | eac22a8f58c4981e4f864c1a0650f901ad574887 (patch) | |
tree | 82aa37939eff681e28b094310e5b1b775c6e0ab6 /PermissionController/src/com | |
parent | 1fcd92de12cf42026c66b12a1d8e35e50faf1660 (diff) | |
download | Permission-eac22a8f58c4981e4f864c1a0650f901ad574887.tar.gz |
Keep exempt permissions out of revokable groups list
If all permissions in a permission group are not revokable, we should
not add the permission group to the list of revokable groups
Bug: 297987468
Test: manual
Change-Id: I27649f08da7461563cb526e2d33dcb7df36c579c
Diffstat (limited to 'PermissionController/src/com')
2 files changed, 7 insertions, 3 deletions
diff --git a/PermissionController/src/com/android/permissioncontroller/permission/data/HibernationSettingStateLiveData.kt b/PermissionController/src/com/android/permissioncontroller/permission/data/HibernationSettingStateLiveData.kt index 606562641..f764988c7 100644 --- a/PermissionController/src/com/android/permissioncontroller/permission/data/HibernationSettingStateLiveData.kt +++ b/PermissionController/src/com/android/permissioncontroller/permission/data/HibernationSettingStateLiveData.kt @@ -34,6 +34,7 @@ import com.android.permissioncontroller.hibernation.isPackageHibernationExemptBy import com.android.permissioncontroller.hibernation.isPackageHibernationExemptByUser import com.android.permissioncontroller.permission.data.PackagePermissionsLiveData.Companion.NON_RUNTIME_NORMAL_PERMS import com.android.permissioncontroller.permission.model.livedatatypes.HibernationSettingState +import com.android.permissioncontroller.permission.service.AUTO_REVOKE_EXEMPT_PERMISSIONS import kotlinx.coroutines.Job /** @@ -117,7 +118,10 @@ class HibernationSettingStateLiveData private constructor( permState.permFlags and (FLAG_PERMISSION_GRANTED_BY_DEFAULT or FLAG_PERMISSION_GRANTED_BY_ROLE) != 0 } ?: false - if (!default) { + val allExempt = liveData.value?.all { (permName, _) -> + permName in AUTO_REVOKE_EXEMPT_PERMISSIONS + } ?: false + if (!default && !allExempt) { revocableGroups.add(groupName) } } diff --git a/PermissionController/src/com/android/permissioncontroller/permission/service/AutoRevokePermissions.kt b/PermissionController/src/com/android/permissioncontroller/permission/service/AutoRevokePermissions.kt index 52e89e972..ec14951ae 100644 --- a/PermissionController/src/com/android/permissioncontroller/permission/service/AutoRevokePermissions.kt +++ b/PermissionController/src/com/android/permissioncontroller/permission/service/AutoRevokePermissions.kt @@ -49,7 +49,7 @@ import java.util.concurrent.atomic.AtomicBoolean private const val LOG_TAG = "AutoRevokePermissions" const val DEBUG_AUTO_REVOKE = true -private val EXEMPT_PERMISSIONS = listOf( +val AUTO_REVOKE_EXEMPT_PERMISSIONS = listOf( Manifest.permission.ACTIVITY_RECOGNITION, Manifest.permission.POST_NOTIFICATIONS) @@ -115,7 +115,7 @@ suspend fun revokeAppPermissions( .getInitializedValue() ?: continue val fixed = group.isBackgroundFixed || group.isForegroundFixed val granted = group.permissions.any { (_, perm) -> - perm.isGrantedIncludingAppOp && perm.name !in EXEMPT_PERMISSIONS + perm.isGrantedIncludingAppOp && perm.name !in AUTO_REVOKE_EXEMPT_PERMISSIONS } if (!fixed && granted && !group.isGrantedByDefault && |