1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
|
/*
* Copyright (C) 2019 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
@file:Suppress("DEPRECATION")
package com.android.permissioncontroller.permission.utils
import android.Manifest
import android.Manifest.permission.ACCESS_BACKGROUND_LOCATION
import android.Manifest.permission.ACCESS_FINE_LOCATION
import android.Manifest.permission.BACKUP
import android.Manifest.permission.POST_NOTIFICATIONS
import android.Manifest.permission.READ_MEDIA_IMAGES
import android.Manifest.permission.READ_MEDIA_VIDEO
import android.Manifest.permission_group.NOTIFICATIONS
import android.app.ActivityManager
import android.app.AppOpsManager
import android.app.AppOpsManager.MODE_ALLOWED
import android.app.AppOpsManager.MODE_FOREGROUND
import android.app.AppOpsManager.MODE_IGNORED
import android.app.AppOpsManager.OPSTR_AUTO_REVOKE_PERMISSIONS_IF_UNUSED
import android.app.AppOpsManager.permissionToOp
import android.app.Application
import android.content.Context
import android.content.Intent
import android.content.Intent.ACTION_MAIN
import android.content.Intent.CATEGORY_INFO
import android.content.Intent.CATEGORY_LAUNCHER
import android.content.pm.PackageManager
import android.content.pm.PackageManager.FLAG_PERMISSION_AUTO_REVOKED
import android.content.pm.PackageManager.FLAG_PERMISSION_ONE_TIME
import android.content.pm.PackageManager.FLAG_PERMISSION_REVIEW_REQUIRED
import android.content.pm.PackageManager.FLAG_PERMISSION_REVOKED_COMPAT
import android.content.pm.PackageManager.FLAG_PERMISSION_USER_FIXED
import android.content.pm.PackageManager.FLAG_PERMISSION_USER_SET
import android.content.pm.PackageManager.MATCH_DIRECT_BOOT_AWARE
import android.content.pm.PackageManager.MATCH_DIRECT_BOOT_UNAWARE
import android.content.pm.PermissionGroupInfo
import android.content.pm.PermissionInfo
import android.content.pm.ResolveInfo
import android.content.res.Resources
import android.graphics.Bitmap
import android.graphics.Canvas
import android.graphics.drawable.Drawable
import android.graphics.drawable.Icon
import android.health.connect.HealthConnectManager
import android.os.Build
import android.os.Bundle
import android.os.UserHandle
import android.permission.PermissionManager
import android.provider.DeviceConfig
import android.provider.Settings
import android.safetylabel.SafetyLabelConstants.PERMISSION_RATIONALE_ENABLED
import android.safetylabel.SafetyLabelConstants.SAFETY_LABEL_CHANGE_NOTIFICATIONS_ENABLED
import android.text.Html
import android.text.TextUtils
import android.util.Log
import androidx.annotation.ChecksSdkIntAtLeast
import androidx.lifecycle.LiveData
import androidx.lifecycle.Observer
import androidx.navigation.NavController
import androidx.preference.Preference
import androidx.preference.PreferenceGroup
import com.android.modules.utils.build.SdkLevel
import com.android.permissioncontroller.DeviceUtils
import com.android.permissioncontroller.PermissionControllerApplication
import com.android.permissioncontroller.R
import com.android.permissioncontroller.permission.data.LightAppPermGroupLiveData
import com.android.permissioncontroller.permission.data.LightPackageInfoLiveData
import com.android.permissioncontroller.permission.data.get
import com.android.permissioncontroller.permission.model.livedatatypes.LightAppPermGroup
import com.android.permissioncontroller.permission.model.livedatatypes.LightPackageInfo
import com.android.permissioncontroller.permission.model.livedatatypes.LightPermission
import com.android.permissioncontroller.permission.model.livedatatypes.PermState
import com.android.permissioncontroller.permission.service.LocationAccessCheck
import com.android.permissioncontroller.permission.ui.handheld.SettingsWithLargeHeader
import com.android.safetycenter.resources.SafetyCenterResourcesApk
import java.time.Duration
import java.util.concurrent.atomic.AtomicReference
import kotlin.coroutines.Continuation
import kotlin.coroutines.CoroutineContext
import kotlin.coroutines.resume
import kotlin.coroutines.suspendCoroutine
import kotlinx.coroutines.CoroutineScope
import kotlinx.coroutines.Dispatchers
import kotlinx.coroutines.GlobalScope
import kotlinx.coroutines.async
import kotlinx.coroutines.launch
/**
* A set of util functions designed to work with kotlin, though they can work with java, as well.
*/
object KotlinUtils {
private const val LOG_TAG = "PermissionController Utils"
private const val PERMISSION_CONTROLLER_CHANGED_FLAG_MASK =
FLAG_PERMISSION_USER_SET or
FLAG_PERMISSION_USER_FIXED or
FLAG_PERMISSION_ONE_TIME or
FLAG_PERMISSION_REVOKED_COMPAT or
FLAG_PERMISSION_ONE_TIME or
FLAG_PERMISSION_REVIEW_REQUIRED or
FLAG_PERMISSION_AUTO_REVOKED
private const val KILL_REASON_APP_OP_CHANGE = "Permission related app op changed"
private const val SAFETY_PROTECTION_RESOURCES_ENABLED = "safety_protection_enabled"
/**
* Importance level to define the threshold for whether a package is in a state which resets the
* timer on its one-time permission session
*/
private val ONE_TIME_PACKAGE_IMPORTANCE_LEVEL_TO_RESET_TIMER =
ActivityManager.RunningAppProcessInfo.IMPORTANCE_FOREGROUND
/**
* Importance level to define the threshold for whether a package is in a state which keeps its
* one-time permission session alive after the timer ends
*/
private val ONE_TIME_PACKAGE_IMPORTANCE_LEVEL_TO_KEEP_SESSION_ALIVE =
ActivityManager.RunningAppProcessInfo.IMPORTANCE_FOREGROUND_SERVICE
/** Whether to show the Permissions Hub. */
private const val PROPERTY_PERMISSIONS_HUB_2_ENABLED = "permissions_hub_2_enabled"
/** Whether to show the mic and camera icons. */
private const val PROPERTY_CAMERA_MIC_ICONS_ENABLED = "camera_mic_icons_enabled"
/** Whether to show the location indicators. */
private const val PROPERTY_LOCATION_INDICATORS_ENABLED = "location_indicators_enabled"
/** Whether location accuracy feature is enabled */
private const val PROPERTY_LOCATION_ACCURACY_ENABLED = "location_accuracy_enabled"
/** Whether to show 7-day toggle in privacy hub. */
private const val PRIVACY_DASHBOARD_7_DAY_TOGGLE = "privacy_dashboard_7_day_toggle"
/** Default location precision */
private const val PROPERTY_LOCATION_PRECISION = "location_precision"
/** Whether to show the photo picker option in permission prompts. */
private const val PROPERTY_PHOTO_PICKER_PROMPT_ENABLED = "photo_picker_prompt_enabled"
/**
* The minimum amount of time to wait, after scheduling the safety label changes job, before the
* job actually runs for the first time.
*/
private const val PROPERTY_SAFETY_LABEL_CHANGES_JOB_DELAY_MILLIS =
"safety_label_changes_job_delay_millis"
/** How often the safety label changes job service will run its job. */
private const val PROPERTY_SAFETY_LABEL_CHANGES_JOB_INTERVAL_MILLIS =
"safety_label_changes_job_interval_millis"
/** Whether the safety label changes job should only be run when the device is idle. */
private const val PROPERTY_SAFETY_LABEL_CHANGES_JOB_RUN_WHEN_IDLE =
"safety_label_changes_job_run_when_idle"
/** Whether the kill switch is set for [SafetyLabelChangesJobService]. */
private const val PROPERTY_SAFETY_LABEL_CHANGES_JOB_SERVICE_KILL_SWITCH =
"safety_label_changes_job_service_kill_switch"
/**
* Whether the Permissions Hub 2 flag is enabled
*
* @return whether the flag is enabled
*/
@ChecksSdkIntAtLeast(Build.VERSION_CODES.S)
fun isPermissionsHub2FlagEnabled(): Boolean {
return SdkLevel.isAtLeastS() &&
DeviceConfig.getBoolean(
DeviceConfig.NAMESPACE_PRIVACY,
PROPERTY_PERMISSIONS_HUB_2_ENABLED,
false
)
}
/**
* Whether to show the Permissions Dashboard
*
* @return whether to show the Permissions Dashboard.
*/
@ChecksSdkIntAtLeast(Build.VERSION_CODES.S)
fun shouldShowPermissionsDashboard(): Boolean {
return isPermissionsHub2FlagEnabled()
}
/**
* Whether the Camera and Mic Icons are enabled by flag.
*
* @return whether the Camera and Mic Icons are enabled.
*/
@ChecksSdkIntAtLeast(Build.VERSION_CODES.S)
fun isCameraMicIconsFlagEnabled(): Boolean {
return SdkLevel.isAtLeastS() &&
DeviceConfig.getBoolean(
DeviceConfig.NAMESPACE_PRIVACY,
PROPERTY_CAMERA_MIC_ICONS_ENABLED,
true
)
}
/**
* Whether to show Camera and Mic Icons. They should be shown if the permission hub, or the
* icons specifically, are enabled.
*
* @return whether to show the icons.
*/
@ChecksSdkIntAtLeast(Build.VERSION_CODES.S)
fun shouldShowCameraMicIndicators(): Boolean {
return isCameraMicIconsFlagEnabled() || isPermissionsHub2FlagEnabled()
}
/**
* Whether the location indicators are enabled by flag.
*
* @return whether the location indicators are enabled by flag.
*/
@ChecksSdkIntAtLeast(Build.VERSION_CODES.S)
fun isLocationIndicatorsFlagEnabled(): Boolean {
return SdkLevel.isAtLeastS() &&
DeviceConfig.getBoolean(
DeviceConfig.NAMESPACE_PRIVACY,
PROPERTY_LOCATION_INDICATORS_ENABLED,
false
)
}
/**
* Whether to show the location indicators. The location indicators are enable if the permission
* hub, or location indicator specifically are enabled.
*/
@ChecksSdkIntAtLeast(Build.VERSION_CODES.S)
fun shouldShowLocationIndicators(): Boolean {
return isLocationIndicatorsFlagEnabled() || isPermissionsHub2FlagEnabled()
}
/** Whether the location accuracy feature is enabled */
@ChecksSdkIntAtLeast(Build.VERSION_CODES.S)
fun isLocationAccuracyEnabled(): Boolean {
return SdkLevel.isAtLeastS() &&
DeviceConfig.getBoolean(
DeviceConfig.NAMESPACE_PRIVACY,
PROPERTY_LOCATION_ACCURACY_ENABLED,
true
)
}
/** Default state of location precision true: default is FINE. false: default is COARSE. */
fun getDefaultPrecision(): Boolean {
return !SdkLevel.isAtLeastS() ||
DeviceConfig.getBoolean(
DeviceConfig.NAMESPACE_PRIVACY,
PROPERTY_LOCATION_PRECISION,
true
)
}
/**
* Whether we should enable the 7-day toggle in privacy dashboard
*
* @return whether the flag is enabled
*/
@ChecksSdkIntAtLeast(Build.VERSION_CODES.S)
fun is7DayToggleEnabled(): Boolean {
return SdkLevel.isAtLeastS() &&
DeviceConfig.getBoolean(
DeviceConfig.NAMESPACE_PRIVACY,
PRIVACY_DASHBOARD_7_DAY_TOGGLE,
false
)
}
/**
* Whether the Photo Picker Prompt is enabled
*
* @return `true` iff the Location Access Check is enabled.
*/
@ChecksSdkIntAtLeast(api = Build.VERSION_CODES.UPSIDE_DOWN_CAKE, codename = "UpsideDownCake")
fun isPhotoPickerPromptEnabled(): Boolean {
return isPhotoPickerPromptSupported() &&
DeviceConfig.getBoolean(
DeviceConfig.NAMESPACE_PRIVACY,
PROPERTY_PHOTO_PICKER_PROMPT_ENABLED,
true
)
}
/**
* Whether the Photo Picker Prompt is supported by the device
*
*/
@ChecksSdkIntAtLeast(api = Build.VERSION_CODES.UPSIDE_DOWN_CAKE, codename = "UpsideDownCake")
fun isPhotoPickerPromptSupported(): Boolean {
val app = PermissionControllerApplication.get()
return SdkLevel.isAtLeastU() &&
!DeviceUtils.isAuto(app) &&
!DeviceUtils.isTelevision(app) &&
!DeviceUtils.isWear(app)
}
/*
* Whether we should enable the permission rationale in permission settings and grant dialog
*
* @return whether the flag is enabled
*/
@ChecksSdkIntAtLeast(api = Build.VERSION_CODES.UPSIDE_DOWN_CAKE, codename = "UpsideDownCake")
fun isPermissionRationaleEnabled(): Boolean {
return SdkLevel.isAtLeastU() &&
DeviceConfig.getBoolean(
DeviceConfig.NAMESPACE_PRIVACY,
PERMISSION_RATIONALE_ENABLED,
true
)
}
/**
* Whether we should enable the safety label change notifications and data sharing updates UI.
*/
@ChecksSdkIntAtLeast(api = Build.VERSION_CODES.UPSIDE_DOWN_CAKE, codename = "UpsideDownCake")
fun isSafetyLabelChangeNotificationsEnabled(context: Context): Boolean {
return SdkLevel.isAtLeastU() &&
DeviceConfig.getBoolean(
DeviceConfig.NAMESPACE_PRIVACY,
SAFETY_LABEL_CHANGE_NOTIFICATIONS_ENABLED,
true
) &&
!DeviceUtils.isAuto(context) &&
!DeviceUtils.isTelevision(context) &&
!DeviceUtils.isWear(context)
}
/**
* Whether the kill switch is set for [SafetyLabelChangesJobService]. If {@code true}, the
* service is effectively disabled and will not run or schedule any jobs.
*/
@ChecksSdkIntAtLeast(api = Build.VERSION_CODES.UPSIDE_DOWN_CAKE, codename = "UpsideDownCake")
fun safetyLabelChangesJobServiceKillSwitch(): Boolean {
return SdkLevel.isAtLeastU() &&
DeviceConfig.getBoolean(
DeviceConfig.NAMESPACE_PRIVACY,
PROPERTY_SAFETY_LABEL_CHANGES_JOB_SERVICE_KILL_SWITCH,
false
)
}
/** How often the safety label changes job will run. */
@ChecksSdkIntAtLeast(api = Build.VERSION_CODES.UPSIDE_DOWN_CAKE, codename = "UpsideDownCake")
fun getSafetyLabelChangesJobIntervalMillis(): Long {
return DeviceConfig.getLong(
DeviceConfig.NAMESPACE_PRIVACY,
PROPERTY_SAFETY_LABEL_CHANGES_JOB_INTERVAL_MILLIS,
Duration.ofDays(30).toMillis()
)
}
/** Whether the safety label changes job should only be run when the device is idle. */
@ChecksSdkIntAtLeast(api = Build.VERSION_CODES.UPSIDE_DOWN_CAKE, codename = "UpsideDownCake")
fun runSafetyLabelChangesJobOnlyWhenDeviceIdle(): Boolean {
return DeviceConfig.getBoolean(
DeviceConfig.NAMESPACE_PRIVACY,
PROPERTY_SAFETY_LABEL_CHANGES_JOB_RUN_WHEN_IDLE,
true
)
}
/**
* Given a Map, and a List, determines which elements are in the list, but not the map, and vice
* versa. Used primarily for determining which liveDatas are already being watched, and which
* need to be removed or added
*
* @param oldValues A map of key type K, with any value type
* @param newValues A list of type K
* @return A pair, where the first value is all items in the list, but not the map, and the
* second is all keys in the map, but not the list
*/
fun <K> getMapAndListDifferences(
newValues: Collection<K>,
oldValues: Map<K, *>
): Pair<Set<K>, Set<K>> {
val mapHas = oldValues.keys.toMutableSet()
val listHas = newValues.toMutableSet()
for (newVal in newValues) {
if (oldValues.containsKey(newVal)) {
mapHas.remove(newVal)
listHas.remove(newVal)
}
}
return listHas to mapHas
}
/**
* Sort a given PreferenceGroup by the given comparison function.
*
* @param compare The function comparing two preferences, which will be used to sort
* @param hasHeader Whether the group contains a LargeHeaderPreference, which will be kept at
* the top of the list
*/
fun sortPreferenceGroup(
group: PreferenceGroup,
compare: (lhs: Preference, rhs: Preference) -> Int,
hasHeader: Boolean
) {
val preferences = mutableListOf<Preference>()
for (i in 0 until group.preferenceCount) {
preferences.add(group.getPreference(i))
}
if (hasHeader) {
preferences.sortWith(
Comparator { lhs, rhs ->
if (lhs is SettingsWithLargeHeader.LargeHeaderPreference) {
-1
} else if (rhs is SettingsWithLargeHeader.LargeHeaderPreference) {
1
} else {
compare(lhs, rhs)
}
}
)
} else {
preferences.sortWith(Comparator(compare))
}
for (i in 0 until preferences.size) {
preferences[i].order = i
}
}
/**
* Gets a permission group's icon from the system.
*
* @param context The context from which to get the icon
* @param groupName The name of the permission group whose icon we want
* @return The permission group's icon, the ic_perm_device_info icon if the group has no icon,
* or the group does not exist
*/
@JvmOverloads
fun getPermGroupIcon(context: Context, groupName: String, tint: Int? = null): Drawable? {
val groupInfo = Utils.getGroupInfo(groupName, context)
var icon: Drawable? = null
if (groupInfo != null && groupInfo.icon != 0) {
icon = Utils.loadDrawable(context.packageManager, groupInfo.packageName, groupInfo.icon)
}
if (icon == null) {
icon = context.getDrawable(R.drawable.ic_perm_device_info)
}
if (tint == null) {
return Utils.applyTint(context, icon, android.R.attr.colorControlNormal)
}
icon?.setTint(tint)
return icon
}
/**
* Gets a permission group's label from the system.
*
* @param context The context from which to get the label
* @param groupName The name of the permission group whose label we want
* @return The permission group's label, or the group name, if the group is invalid
*/
fun getPermGroupLabel(context: Context, groupName: String): CharSequence {
val groupInfo = Utils.getGroupInfo(groupName, context) ?: return groupName
return groupInfo.loadSafeLabel(
context.packageManager,
0f,
TextUtils.SAFE_STRING_FLAG_FIRST_LINE or TextUtils.SAFE_STRING_FLAG_TRIM
)
}
/**
* Gets a permission group's description from the system.
*
* @param context The context from which to get the description
* @param groupName The name of the permission group whose description we want
* @return The permission group's description, or an empty string, if the group is invalid, or
* its description does not exist
*/
fun getPermGroupDescription(context: Context, groupName: String): CharSequence {
val groupInfo = Utils.getGroupInfo(groupName, context)
var description: CharSequence = ""
if (groupInfo is PermissionGroupInfo) {
description = groupInfo.loadDescription(context.packageManager) ?: groupName
} else if (groupInfo is PermissionInfo) {
description = groupInfo.loadDescription(context.packageManager) ?: groupName
}
return description
}
/**
* Gets a permission's label from the system.
*
* @param context The context from which to get the label
* @param permName The name of the permission whose label we want
* @return The permission's label, or the permission name, if the permission is invalid
*/
fun getPermInfoLabel(context: Context, permName: String): CharSequence {
return try {
context.packageManager
.getPermissionInfo(permName, 0)
.loadSafeLabel(
context.packageManager,
20000.toFloat(),
TextUtils.SAFE_STRING_FLAG_TRIM
)
} catch (e: PackageManager.NameNotFoundException) {
permName
}
}
/**
* Gets a permission's icon from the system.
*
* @param context The context from which to get the icon
* @param permName The name of the permission whose icon we want
* @return The permission's icon, or the permission's group icon if the icon isn't set, or the
* ic_perm_device_info icon if the permission is invalid.
*/
fun getPermInfoIcon(context: Context, permName: String): Drawable? {
return try {
val permInfo = context.packageManager.getPermissionInfo(permName, 0)
var icon: Drawable? = null
if (permInfo.icon != 0) {
icon =
Utils.applyTint(
context,
permInfo.loadUnbadgedIcon(context.packageManager),
android.R.attr.colorControlNormal
)
}
if (icon == null) {
val groupName = PermissionMapping.getGroupOfPermission(permInfo) ?: permInfo.name
icon = getPermGroupIcon(context, groupName)
}
icon
} catch (e: PackageManager.NameNotFoundException) {
Utils.applyTint(
context,
context.getDrawable(R.drawable.ic_perm_device_info),
android.R.attr.colorControlNormal
)
}
}
/**
* Gets a permission's description from the system.
*
* @param context The context from which to get the description
* @param permName The name of the permission whose description we want
* @return The permission's description, or an empty string, if the group is invalid, or its
* description does not exist
*/
fun getPermInfoDescription(context: Context, permName: String): CharSequence {
return try {
val permInfo = context.packageManager.getPermissionInfo(permName, 0)
permInfo.loadDescription(context.packageManager) ?: ""
} catch (e: PackageManager.NameNotFoundException) {
""
}
}
/**
* Gets a package's badged icon from the system.
*
* @param app The current application
* @param packageName The name of the package whose icon we want
* @param user The user for whom we want the package icon
* @return The package's icon, or null, if the package does not exist
*/
fun getBadgedPackageIcon(app: Application, packageName: String, user: UserHandle): Drawable? {
return try {
val userContext = Utils.getUserContext(app, user)
val appInfo = userContext.packageManager.getApplicationInfo(packageName, 0)
Utils.getBadgedIcon(app, appInfo)
} catch (e: PackageManager.NameNotFoundException) {
null
}
}
/**
* Gets a package's badged label from the system.
*
* @param app The current application
* @param packageName The name of the package whose label we want
* @param user The user for whom we want the package label
* @return The package's label
*/
fun getPackageLabel(app: Application, packageName: String, user: UserHandle): String {
return try {
val userContext = Utils.getUserContext(app, user)
val appInfo = userContext.packageManager.getApplicationInfo(packageName, 0)
Utils.getFullAppLabel(appInfo, app)
} catch (e: PackageManager.NameNotFoundException) {
packageName
}
}
fun convertToBitmap(pkgIcon: Drawable): Bitmap {
val pkgIconBmp =
Bitmap.createBitmap(
pkgIcon.intrinsicWidth,
pkgIcon.intrinsicHeight,
Bitmap.Config.ARGB_8888
)
// Draw the icon so it can be displayed.
val canvas = Canvas(pkgIconBmp)
pkgIcon.setBounds(0, 0, pkgIcon.intrinsicWidth, pkgIcon.intrinsicHeight)
pkgIcon.draw(canvas)
return pkgIconBmp
}
/**
* Gets a package's uid, using a cached liveData value, if the liveData is currently being
* observed (and thus has an up-to-date value).
*
* @param app The current application
* @param packageName The name of the package whose uid we want
* @param user The user we want the package uid for
* @return The package's UID, or null if the package or user is invalid
*/
fun getPackageUid(app: Application, packageName: String, user: UserHandle): Int? {
val liveData = LightPackageInfoLiveData[packageName, user]
val liveDataUid = liveData.value?.uid
return if (liveDataUid != null && liveData.hasActiveObservers()) liveDataUid
else {
val userContext = Utils.getUserContext(app, user)
try {
val appInfo = userContext.packageManager.getApplicationInfo(packageName, 0)
appInfo.uid
} catch (e: PackageManager.NameNotFoundException) {
null
}
}
}
/** Return a specific MIME type, if a set of permissions is associated with one */
fun getMimeTypeForPermissions(permissions: List<String>): String? {
if (permissions.contains(READ_MEDIA_IMAGES) && !permissions.contains(READ_MEDIA_VIDEO)) {
return "image/*"
}
if (permissions.contains(READ_MEDIA_VIDEO) && !permissions.contains(READ_MEDIA_IMAGES)) {
return "video/*"
}
return null
}
/**
* Determines if an app is R or above, or if it is Q-, and has auto revoke enabled
*
* @param app The currenct application
* @param packageName The package name to check
* @param user The user whose package we want to check
* @return true if the package is R+ (and not a work profile) or has auto revoke enabled
*/
fun isROrAutoRevokeEnabled(app: Application, packageName: String, user: UserHandle): Boolean {
val userContext = Utils.getUserContext(app, user)
val liveDataValue = LightPackageInfoLiveData[packageName, user].value
val (targetSdk, uid) =
if (liveDataValue != null) {
liveDataValue.targetSdkVersion to liveDataValue.uid
} else {
val appInfo = userContext.packageManager.getApplicationInfo(packageName, 0)
appInfo.targetSdkVersion to appInfo.uid
}
if (targetSdk <= Build.VERSION_CODES.Q) {
val opsManager = app.getSystemService(AppOpsManager::class.java)!!
return opsManager.unsafeCheckOpNoThrow(
OPSTR_AUTO_REVOKE_PERMISSIONS_IF_UNUSED,
uid,
packageName
) == MODE_ALLOWED
}
return true
}
/**
* Determine if the given permission should be treated as split from a non-runtime permission
* for an application targeting the given SDK level.
*/
private fun isPermissionSplitFromNonRuntime(
app: Application,
permName: String,
targetSdk: Int
): Boolean {
val permissionManager = app.getSystemService(PermissionManager::class.java) ?: return false
val splitPerms = permissionManager.splitPermissions
val size = splitPerms.size
for (i in 0 until size) {
val splitPerm = splitPerms[i]
if (targetSdk < splitPerm.targetSdk && splitPerm.newPermissions.contains(permName)) {
val perm = app.packageManager.getPermissionInfo(splitPerm.splitPermission, 0)
return perm != null && perm.protection != PermissionInfo.PROTECTION_DANGEROUS
}
}
return false
}
/**
* Set a list of flags for a set of permissions of a LightAppPermGroup
*
* @param app: The current application
* @param group: The LightAppPermGroup whose permission flags we wish to set
* @param flags: Pairs of <FlagInt, ShouldSetFlag>
* @param filterPermissions: A list of permissions to filter by. Only the filtered permissions
* will be set
* @return A new LightAppPermGroup with the flags set.
*/
fun setGroupFlags(
app: Application,
group: LightAppPermGroup,
vararg flags: Pair<Int, Boolean>,
filterPermissions: List<String> = group.permissions.keys.toList()
): LightAppPermGroup {
var flagMask = 0
var flagsToSet = 0
for ((flag, shouldSet) in flags) {
flagMask = flagMask or flag
if (shouldSet) {
flagsToSet = flagsToSet or flag
}
}
val newPerms = mutableMapOf<String, LightPermission>()
for ((permName, perm) in group.permissions) {
if (permName !in filterPermissions) {
continue
}
// Check if flags need to be updated
if (flagMask and (perm.flags xor flagsToSet) != 0) {
app.packageManager.updatePermissionFlags(
permName,
group.packageName,
group.userHandle,
*flags
)
}
newPerms[permName] =
LightPermission(
group.packageInfo,
perm.permInfo,
perm.isGrantedIncludingAppOp,
perm.flags or flagsToSet,
perm.foregroundPerms
)
}
return LightAppPermGroup(
group.packageInfo,
group.permGroupInfo,
newPerms,
group.hasInstallToRuntimeSplit,
group.specialLocationGrant
)
}
/**
* Grant all foreground runtime permissions of a LightAppPermGroup
*
* <p>This also automatically grants all app ops for permissions that have app ops.
*
* @param app The current application
* @param group The group whose permissions should be granted
* @param filterPermissions If not specified, all permissions of the group will be granted.
* Otherwise only permissions in {@code filterPermissions} will be granted.
* @return a new LightAppPermGroup, reflecting the new state
*/
@JvmOverloads
fun grantForegroundRuntimePermissions(
app: Application,
group: LightAppPermGroup,
filterPermissions: List<String> = group.permissions.keys.toList(),
isOneTime: Boolean = false,
userFixed: Boolean = false,
withoutAppOps: Boolean = false,
): LightAppPermGroup {
return grantRuntimePermissions(
app,
group,
false,
isOneTime,
userFixed,
withoutAppOps,
filterPermissions
)
}
/**
* Grant all background runtime permissions of a LightAppPermGroup
*
* <p>This also automatically grants all app ops for permissions that have app ops.
*
* @param app The current application
* @param group The group whose permissions should be granted
* @param filterPermissions If not specified, all permissions of the group will be granted.
* Otherwise only permissions in {@code filterPermissions} will be granted.
* @return a new LightAppPermGroup, reflecting the new state
*/
@JvmOverloads
fun grantBackgroundRuntimePermissions(
app: Application,
group: LightAppPermGroup,
filterPermissions: List<String> = group.permissions.keys.toList()
): LightAppPermGroup {
return grantRuntimePermissions(app, group, true, false, false, false, filterPermissions)
}
private fun grantRuntimePermissions(
app: Application,
group: LightAppPermGroup,
grantBackground: Boolean,
isOneTime: Boolean = false,
userFixed: Boolean = false,
withoutAppOps: Boolean = false,
filterPermissions: List<String> = group.permissions.keys.toList(),
): LightAppPermGroup {
val newPerms = group.permissions.toMutableMap()
var shouldKillForAnyPermission = false
for (permName in filterPermissions) {
val perm = group.permissions[permName] ?: continue
val isBackgroundPerm = permName in group.backgroundPermNames
if (isBackgroundPerm == grantBackground) {
val (newPerm, shouldKill) =
grantRuntimePermission(app, perm, group, isOneTime, userFixed, withoutAppOps)
newPerms[newPerm.name] = newPerm
shouldKillForAnyPermission = shouldKillForAnyPermission || shouldKill
}
}
if (!newPerms.isEmpty()) {
val user = UserHandle.getUserHandleForUid(group.packageInfo.uid)
for (groupPerm in group.allPermissions.values) {
var permFlags = groupPerm.flags
permFlags = permFlags.clearFlag(FLAG_PERMISSION_AUTO_REVOKED)
if (groupPerm.flags != permFlags) {
app.packageManager.updatePermissionFlags(
groupPerm.name,
group.packageInfo.packageName,
PERMISSION_CONTROLLER_CHANGED_FLAG_MASK,
permFlags,
user
)
}
}
}
if (shouldKillForAnyPermission) {
(app.getSystemService(ActivityManager::class.java) as ActivityManager).killUid(
group.packageInfo.uid,
KILL_REASON_APP_OP_CHANGE
)
}
val newGroup =
LightAppPermGroup(
group.packageInfo,
group.permGroupInfo,
newPerms,
group.hasInstallToRuntimeSplit,
group.specialLocationGrant
)
// If any permission in the group is one time granted, start one time permission session.
if (newGroup.permissions.any { it.value.isOneTime && it.value.isGrantedIncludingAppOp }) {
if (SdkLevel.isAtLeastT()) {
app.getSystemService(PermissionManager::class.java)!!.startOneTimePermissionSession(
group.packageName,
Utils.getOneTimePermissionsTimeout(),
Utils.getOneTimePermissionsKilledDelay(false),
ONE_TIME_PACKAGE_IMPORTANCE_LEVEL_TO_RESET_TIMER,
ONE_TIME_PACKAGE_IMPORTANCE_LEVEL_TO_KEEP_SESSION_ALIVE
)
} else {
app.getSystemService(PermissionManager::class.java)!!.startOneTimePermissionSession(
group.packageName,
Utils.getOneTimePermissionsTimeout(),
ONE_TIME_PACKAGE_IMPORTANCE_LEVEL_TO_RESET_TIMER,
ONE_TIME_PACKAGE_IMPORTANCE_LEVEL_TO_KEEP_SESSION_ALIVE
)
}
}
return newGroup
}
/**
* Grants a single runtime permission
*
* @param app The current application
* @param perm The permission which should be granted.
* @param group An app permission group in which to look for background or foreground
* @param isOneTime Whether this is a one-time permission grant permissions
* @param userFixed Whether to mark the permissions as user fixed when granted
* @param withoutAppOps If these permission have app ops associated, and this value is true,
* then do not grant the app op when the permission is granted, and add the REVOKED_COMPAT
* flag.
* @return a LightPermission and boolean pair <permission with updated state (or the original
* state, if it wasn't changed), should kill app>
*/
private fun grantRuntimePermission(
app: Application,
perm: LightPermission,
group: LightAppPermGroup,
isOneTime: Boolean,
userFixed: Boolean = false,
withoutAppOps: Boolean = false
): Pair<LightPermission, Boolean> {
val pkgInfo = group.packageInfo
val user = UserHandle.getUserHandleForUid(pkgInfo.uid)
val supportsRuntime = pkgInfo.targetSdkVersion >= Build.VERSION_CODES.M
val isGrantingAllowed =
(!pkgInfo.isInstantApp || perm.isInstantPerm) &&
(supportsRuntime || !perm.isRuntimeOnly)
// Do not touch permissions fixed by the system, or permissions that cannot be granted
if (!isGrantingAllowed || perm.isSystemFixed) {
return perm to false
}
var newFlags = perm.flags
var oldFlags = perm.flags
var isGranted = perm.isGrantedIncludingAppOp
var shouldKill = false
// Grant the permission if needed.
if (!perm.isGrantedIncludingAppOp) {
val affectsAppOp = permissionToOp(perm.name) != null || perm.isBackgroundPermission
// TODO 195016052: investigate adding split permission handling
if (supportsRuntime) {
// If granting without app ops, explicitly disallow app op first, while setting the
// flag, so that the PermissionPolicyService doesn't reset the app op state
if (affectsAppOp && withoutAppOps) {
oldFlags = oldFlags.setFlag(PackageManager.FLAG_PERMISSION_REVOKED_COMPAT)
app.packageManager.updatePermissionFlags(
perm.name,
group.packageName,
PERMISSION_CONTROLLER_CHANGED_FLAG_MASK,
oldFlags,
user
)
disallowAppOp(app, perm, group)
}
app.packageManager.grantRuntimePermission(group.packageName, perm.name, user)
isGranted = true
} else if (affectsAppOp) {
// Legacy apps do not know that they have to retry access to a
// resource due to changes in runtime permissions (app ops in this
// case). Therefore, we restart them on app op change, so they
// can pick up the change.
shouldKill = true
isGranted = true
}
newFlags =
if (affectsAppOp && withoutAppOps) {
newFlags.setFlag(PackageManager.FLAG_PERMISSION_REVOKED_COMPAT)
} else {
newFlags.clearFlag(PackageManager.FLAG_PERMISSION_REVOKED_COMPAT)
}
newFlags = newFlags.clearFlag(PackageManager.FLAG_PERMISSION_REVOKE_WHEN_REQUESTED)
// If this permission affects an app op, ensure the permission app op is enabled
// before the permission grant.
if (affectsAppOp && !withoutAppOps) {
allowAppOp(app, perm, group)
}
}
// Granting a permission explicitly means the user already
// reviewed it so clear the review flag on every grant.
newFlags = newFlags.clearFlag(FLAG_PERMISSION_REVIEW_REQUIRED)
// Update the permission flags
if (!withoutAppOps && !userFixed) {
// Now the apps can ask for the permission as the user
// no longer has it fixed in a denied state.
newFlags = newFlags.clearFlag(FLAG_PERMISSION_USER_FIXED)
newFlags = newFlags.setFlag(FLAG_PERMISSION_USER_SET)
} else if (userFixed) {
newFlags = newFlags.setFlag(FLAG_PERMISSION_USER_FIXED)
}
newFlags = newFlags.clearFlag(FLAG_PERMISSION_AUTO_REVOKED)
newFlags =
if (isOneTime) {
newFlags.setFlag(FLAG_PERMISSION_ONE_TIME)
} else {
newFlags.clearFlag(FLAG_PERMISSION_ONE_TIME)
}
// If we newly grant background access to the fine location, double-guess the user some
// time later if this was really the right choice.
if (!perm.isGrantedIncludingAppOp && isGranted) {
var triggerLocationAccessCheck = false
if (perm.name == ACCESS_FINE_LOCATION) {
val bgPerm = group.permissions[perm.backgroundPermission]
triggerLocationAccessCheck = bgPerm?.isGrantedIncludingAppOp == true
} else if (perm.name == ACCESS_BACKGROUND_LOCATION) {
val fgPerm = group.permissions[ACCESS_FINE_LOCATION]
triggerLocationAccessCheck = fgPerm?.isGrantedIncludingAppOp == true
}
if (triggerLocationAccessCheck) {
// trigger location access check
LocationAccessCheck(app, null).checkLocationAccessSoon()
}
}
if (oldFlags != newFlags) {
app.packageManager.updatePermissionFlags(
perm.name,
group.packageInfo.packageName,
PERMISSION_CONTROLLER_CHANGED_FLAG_MASK,
newFlags,
user
)
}
val newState = PermState(newFlags, isGranted)
return LightPermission(perm.pkgInfo, perm.permInfo, newState, perm.foregroundPerms) to
shouldKill
}
/**
* Revoke all foreground runtime permissions of a LightAppPermGroup
*
* <p>This also disallows all app ops for permissions that have app ops.
*
* @param app The current application
* @param group The group whose permissions should be revoked
* @param userFixed If the user requested that they do not want to be asked again
* @param oneTime If the permission should be mark as one-time
* @param filterPermissions If not specified, all permissions of the group will be revoked.
* Otherwise only permissions in {@code filterPermissions} will be revoked.
* @return a LightAppPermGroup representing the new state
*/
@JvmOverloads
fun revokeForegroundRuntimePermissions(
app: Application,
group: LightAppPermGroup,
userFixed: Boolean = false,
oneTime: Boolean = false,
forceRemoveRevokedCompat: Boolean = false,
filterPermissions: List<String> = group.permissions.keys.toList()
): LightAppPermGroup {
return revokeRuntimePermissions(
app,
group,
false,
userFixed,
oneTime,
forceRemoveRevokedCompat,
filterPermissions
)
}
/**
* Revoke all background runtime permissions of a LightAppPermGroup
*
* <p>This also disallows all app ops for permissions that have app ops.
*
* @param app The current application
* @param group The group whose permissions should be revoked
* @param userFixed If the user requested that they do not want to be asked again
* @param filterPermissions If not specified, all permissions of the group will be revoked.
* Otherwise only permissions in {@code filterPermissions} will be revoked.
* @return a LightAppPermGroup representing the new state
*/
@JvmOverloads
fun revokeBackgroundRuntimePermissions(
app: Application,
group: LightAppPermGroup,
userFixed: Boolean = false,
oneTime: Boolean = false,
forceRemoveRevokedCompat: Boolean = false,
filterPermissions: List<String> = group.permissions.keys.toList()
): LightAppPermGroup {
return revokeRuntimePermissions(
app,
group,
true,
userFixed,
oneTime,
forceRemoveRevokedCompat,
filterPermissions
)
}
private fun revokeRuntimePermissions(
app: Application,
group: LightAppPermGroup,
revokeBackground: Boolean,
userFixed: Boolean,
oneTime: Boolean,
forceRemoveRevokedCompat: Boolean = false,
filterPermissions: List<String>
): LightAppPermGroup {
val wasOneTime = group.isOneTime
val newPerms = group.permissions.toMutableMap()
var shouldKillForAnyPermission = false
for (permName in filterPermissions) {
val perm = group.permissions[permName] ?: continue
val isBackgroundPerm = permName in group.backgroundPermNames
if (isBackgroundPerm == revokeBackground) {
val (newPerm, shouldKill) =
revokeRuntimePermission(
app,
perm,
userFixed,
oneTime,
forceRemoveRevokedCompat,
group
)
newPerms[newPerm.name] = newPerm
shouldKillForAnyPermission = shouldKillForAnyPermission || shouldKill
}
}
if (shouldKillForAnyPermission && !shouldSkipKillForGroup(app, group)) {
(app.getSystemService(ActivityManager::class.java) as ActivityManager).killUid(
group.packageInfo.uid,
KILL_REASON_APP_OP_CHANGE
)
}
val newGroup =
LightAppPermGroup(
group.packageInfo,
group.permGroupInfo,
newPerms,
group.hasInstallToRuntimeSplit,
group.specialLocationGrant
)
if (wasOneTime && !anyPermsOfPackageOneTimeGranted(app, newGroup.packageInfo, newGroup)) {
app.getSystemService(PermissionManager::class.java)!!.stopOneTimePermissionSession(
group.packageName
)
}
return newGroup
}
/**
* Revoke background permissions
*
* @param context context
* @param packageName Name of the package
* @param permissionGroupName Name of the permission group
* @param user User handle
* @param postRevokeHandler Optional callback that lets us perform an action on revoke
*/
fun revokeBackgroundRuntimePermissions(
context: Context,
packageName: String,
permissionGroupName: String,
user: UserHandle,
postRevokeHandler: Runnable?
) {
GlobalScope.launch(Dispatchers.Main) {
val group =
LightAppPermGroupLiveData[packageName, permissionGroupName, user]
.getInitializedValue()
if (group != null) {
revokeBackgroundRuntimePermissions(context.application, group)
}
if (postRevokeHandler != null) {
postRevokeHandler.run()
}
}
}
/**
* Determines if any permissions of a package are granted for one-time only
*
* @param app The current application
* @param packageInfo The packageInfo we wish to examine
* @param group Optional, the current app permission group we are examining
* @return true if any permission in the package is granted for one time, false otherwise
*/
private fun anyPermsOfPackageOneTimeGranted(
app: Application,
packageInfo: LightPackageInfo,
group: LightAppPermGroup? = null
): Boolean {
val user = group?.userHandle ?: UserHandle.getUserHandleForUid(packageInfo.uid)
if (group?.isOneTime == true) {
return true
}
for ((idx, permName) in packageInfo.requestedPermissions.withIndex()) {
if (permName in group?.permissions ?: emptyMap()) {
continue
}
val flags =
app.packageManager.getPermissionFlags(permName, packageInfo.packageName, user) and
FLAG_PERMISSION_ONE_TIME
val granted =
packageInfo.requestedPermissionsFlags[idx] == PackageManager.PERMISSION_GRANTED &&
(flags and FLAG_PERMISSION_REVOKED_COMPAT) == 0
if (granted && (flags and FLAG_PERMISSION_ONE_TIME) != 0) {
return true
}
}
return false
}
/**
* Revokes a single runtime permission.
*
* @param app The current application
* @param perm The permission which should be revoked.
* @param userFixed If the user requested that they do not want to be asked again
* @param group An optional app permission group in which to look for background or foreground
* permissions
* @return a LightPermission and boolean pair <permission with updated state (or the original
* state, if it wasn't changed), should kill app>
*/
private fun revokeRuntimePermission(
app: Application,
perm: LightPermission,
userFixed: Boolean,
oneTime: Boolean,
forceRemoveRevokedCompat: Boolean,
group: LightAppPermGroup
): Pair<LightPermission, Boolean> {
// Do not touch permissions fixed by the system.
if (perm.isSystemFixed) {
return perm to false
}
val user = UserHandle.getUserHandleForUid(group.packageInfo.uid)
var newFlags = perm.flags
var isGranted = perm.isGrantedIncludingAppOp
val supportsRuntime = group.packageInfo.targetSdkVersion >= Build.VERSION_CODES.M
var shouldKill = false
val affectsAppOp = permissionToOp(perm.name) != null || perm.isBackgroundPermission
if (perm.isGrantedIncludingAppOp || (perm.isCompatRevoked && forceRemoveRevokedCompat)) {
if (
supportsRuntime &&
!isPermissionSplitFromNonRuntime(
app,
perm.name,
group.packageInfo.targetSdkVersion
)
) {
// Revoke the permission if needed.
app.packageManager.revokeRuntimePermission(
group.packageInfo.packageName,
perm.name,
user
)
isGranted = false
if (forceRemoveRevokedCompat) {
newFlags = newFlags.clearFlag(PackageManager.FLAG_PERMISSION_REVOKED_COMPAT)
}
} else if (affectsAppOp) {
// If the permission has no corresponding app op, then it is a
// third-party one and we do not offer toggling of such permissions.
// Disabling an app op may put the app in a situation in which it
// has a handle to state it shouldn't have, so we have to kill the
// app. This matches the revoke runtime permission behavior.
shouldKill = true
newFlags = newFlags.setFlag(PackageManager.FLAG_PERMISSION_REVOKED_COMPAT)
isGranted = false
}
newFlags = newFlags.clearFlag(PackageManager.FLAG_PERMISSION_REVOKE_WHEN_REQUESTED)
if (affectsAppOp) {
disallowAppOp(app, perm, group)
}
}
// Update the permission flags.
// Take a note that the user fixed the permission, if applicable.
newFlags =
if (userFixed) newFlags.setFlag(PackageManager.FLAG_PERMISSION_USER_FIXED)
else newFlags.clearFlag(PackageManager.FLAG_PERMISSION_USER_FIXED)
newFlags =
if (oneTime) newFlags.clearFlag(PackageManager.FLAG_PERMISSION_USER_SET)
else newFlags.setFlag(PackageManager.FLAG_PERMISSION_USER_SET)
newFlags =
if (oneTime) newFlags.setFlag(PackageManager.FLAG_PERMISSION_ONE_TIME)
else newFlags.clearFlag(PackageManager.FLAG_PERMISSION_ONE_TIME)
newFlags = newFlags.clearFlag(PackageManager.FLAG_PERMISSION_AUTO_REVOKED)
newFlags = newFlags.clearFlag(PackageManager.FLAG_PERMISSION_REVIEW_REQUIRED)
if (perm.flags != newFlags) {
app.packageManager.updatePermissionFlags(
perm.name,
group.packageInfo.packageName,
PERMISSION_CONTROLLER_CHANGED_FLAG_MASK,
newFlags,
user
)
}
// If we revoke background access to the fine location, we trigger a check to remove
// notification warning about background location access
if (perm.isGrantedIncludingAppOp && !isGranted) {
var cancelLocationAccessWarning = false
if (perm.name == ACCESS_FINE_LOCATION) {
val bgPerm = group.permissions[perm.backgroundPermission]
cancelLocationAccessWarning = bgPerm?.isGrantedIncludingAppOp == true
} else if (perm.name == ACCESS_BACKGROUND_LOCATION) {
val fgPerm = group.permissions[ACCESS_FINE_LOCATION]
cancelLocationAccessWarning = fgPerm?.isGrantedIncludingAppOp == true
}
if (cancelLocationAccessWarning) {
// cancel location access warning notification
LocationAccessCheck(app, null)
.cancelBackgroundAccessWarningNotification(
group.packageInfo.packageName,
user,
true
)
}
}
val newState = PermState(newFlags, isGranted)
return LightPermission(perm.pkgInfo, perm.permInfo, newState, perm.foregroundPerms) to
shouldKill
}
private fun Int.setFlag(flagToSet: Int): Int {
return this or flagToSet
}
private fun Int.clearFlag(flagToSet: Int): Int {
return this and flagToSet.inv()
}
/**
* Allow the app op for a permission/uid.
*
* <p>There are three cases: <dl> <dt>The permission is not split into
* foreground/background</dt> <dd>The app op matching the permission will be set to {@link
* AppOpsManager#MODE_ALLOWED}</dd> <dt>The permission is a foreground permission:</dt>
* <dd><dl><dt>The background permission permission is granted</dt> <dd>The app op matching the
* permission will be set to {@link AppOpsManager#MODE_ALLOWED}</dd> <dt>The background
* permission permission is <u>not</u> granted</dt> <dd>The app op matching the permission will
* be set to {@link AppOpsManager#MODE_FOREGROUND}</dd> </dl></dd> <dt>The permission is a
* background permission:</dt> <dd>All granted foreground permissions for this background
* permission will be set to {@link AppOpsManager#MODE_ALLOWED}</dd> </dl>
*
* @param app The current application
* @param perm The LightPermission whose app op should be allowed
* @param group The LightAppPermGroup which will be looked in for foreground or background
* LightPermission objects
* @return {@code true} iff app-op was changed
*/
private fun allowAppOp(
app: Application,
perm: LightPermission,
group: LightAppPermGroup
): Boolean {
val packageName = group.packageInfo.packageName
val uid = group.packageInfo.uid
val appOpsManager = app.getSystemService(AppOpsManager::class.java) as AppOpsManager
var wasChanged = false
if (perm.isBackgroundPermission && perm.foregroundPerms != null) {
for (foregroundPermName in perm.foregroundPerms) {
val fgPerm = group.permissions[foregroundPermName]
val appOpName = permissionToOp(foregroundPermName) ?: continue
if (fgPerm != null && fgPerm.isGrantedIncludingAppOp) {
wasChanged =
setOpMode(appOpName, uid, packageName, MODE_ALLOWED, appOpsManager) ||
wasChanged
}
}
} else {
val appOpName = permissionToOp(perm.name) ?: return false
if (perm.backgroundPermission != null) {
wasChanged =
if (group.permissions.containsKey(perm.backgroundPermission)) {
val bgPerm = group.permissions[perm.backgroundPermission]
val mode =
if (bgPerm != null && bgPerm.isGrantedIncludingAppOp) MODE_ALLOWED
else MODE_FOREGROUND
setOpMode(appOpName, uid, packageName, mode, appOpsManager)
} else {
// The app requested a permission that has a background permission but it
// did
// not request the background permission, hence it can never get background
// access
setOpMode(appOpName, uid, packageName, MODE_FOREGROUND, appOpsManager)
}
} else {
wasChanged = setOpMode(appOpName, uid, packageName, MODE_ALLOWED, appOpsManager)
}
}
return wasChanged
}
/**
* Disallow the app op for a permission/uid.
*
* <p>There are three cases: <dl> <dt>The permission is not split into
* foreground/background</dt> <dd>The app op matching the permission will be set to {@link
* AppOpsManager#MODE_IGNORED}</dd> <dt>The permission is a foreground permission:</dt> <dd>The
* app op matching the permission will be set to {@link AppOpsManager#MODE_IGNORED}</dd> <dt>The
* permission is a background permission:</dt> <dd>All granted foreground permissions for this
* background permission will be set to {@link AppOpsManager#MODE_FOREGROUND}</dd> </dl>
*
* @param app The current application
* @param perm The LightPermission whose app op should be allowed
* @param group The LightAppPermGroup which will be looked in for foreground or background
* LightPermission objects
* @return {@code true} iff app-op was changed
*/
private fun disallowAppOp(
app: Application,
perm: LightPermission,
group: LightAppPermGroup
): Boolean {
val packageName = group.packageInfo.packageName
val uid = group.packageInfo.uid
val appOpsManager = app.getSystemService(AppOpsManager::class.java) as AppOpsManager
var wasChanged = false
if (perm.isBackgroundPermission && perm.foregroundPerms != null) {
for (foregroundPermName in perm.foregroundPerms) {
val fgPerm = group.permissions[foregroundPermName]
if (fgPerm != null && fgPerm.isGrantedIncludingAppOp) {
val appOpName = permissionToOp(foregroundPermName) ?: return false
wasChanged =
wasChanged ||
setOpMode(appOpName, uid, packageName, MODE_FOREGROUND, appOpsManager)
}
}
} else {
val appOpName = permissionToOp(perm.name) ?: return false
wasChanged = setOpMode(appOpName, uid, packageName, MODE_IGNORED, appOpsManager)
}
return wasChanged
}
/**
* Set mode of an app-op if needed.
*
* @param op The op to set
* @param uid The uid the app-op belongs to
* @param packageName The package the app-op belongs to
* @param mode The new mode
* @param manager The app ops manager to use to change the app op
* @return {@code true} iff app-op was changed
*/
private fun setOpMode(
op: String,
uid: Int,
packageName: String,
mode: Int,
manager: AppOpsManager
): Boolean {
val currentMode = manager.unsafeCheckOpRaw(op, uid, packageName)
if (currentMode == mode) {
return false
}
manager.setUidMode(op, uid, mode)
return true
}
private fun shouldSkipKillForGroup(app: Application, group: LightAppPermGroup): Boolean {
if (group.permGroupName != NOTIFICATIONS) {
return false
}
return shouldSkipKillOnPermDeny(
app,
POST_NOTIFICATIONS,
group.packageName,
group.userHandle
)
}
/**
* Determine if the usual "kill app on permission denial" should be skipped. It should be
* skipped if the permission is POST_NOTIFICATIONS, the app holds the BACKUP permission, and a
* backup restore is currently in progress.
*
* @param app the current application
* @param permission the permission being denied
* @param packageName the package the permission was denied for
* @param user the user whose package the permission was denied for
* @return true if the permission denied was POST_NOTIFICATIONS, the app is a backup app, and a
* backup restore is in progress, false otherwise
*/
fun shouldSkipKillOnPermDeny(
app: Application,
permission: String,
packageName: String,
user: UserHandle
): Boolean {
val userContext: Context = Utils.getUserContext(app, user)
if (
permission != POST_NOTIFICATIONS ||
userContext.packageManager.checkPermission(BACKUP, packageName) !=
PackageManager.PERMISSION_GRANTED
) {
return false
}
return try {
val isInSetup =
Settings.Secure.getInt(
userContext.contentResolver,
Settings.Secure.USER_SETUP_COMPLETE,
user.identifier
) == 0
val isInDeferredSetup =
Settings.Secure.getInt(
userContext.contentResolver,
Settings.Secure.USER_SETUP_PERSONALIZATION_STATE,
user.identifier
) == Settings.Secure.USER_SETUP_PERSONALIZATION_STARTED
isInSetup || isInDeferredSetup
} catch (e: Settings.SettingNotFoundException) {
Log.w(LOG_TAG, "Failed to check if the user is in restore: $e")
false
}
}
/**
* Determine if a given package has a launch intent. Will function correctly even if called
* before user is unlocked.
*
* @param context: The context from which to retrieve the package
* @param packageName: The package name to check
* @return whether or not the given package has a launch intent
*/
fun packageHasLaunchIntent(context: Context, packageName: String): Boolean {
val intentToResolve = Intent(ACTION_MAIN)
intentToResolve.addCategory(CATEGORY_INFO)
intentToResolve.setPackage(packageName)
var resolveInfos =
context.packageManager.queryIntentActivities(
intentToResolve,
MATCH_DIRECT_BOOT_AWARE or MATCH_DIRECT_BOOT_UNAWARE
)
if (resolveInfos.size <= 0) {
intentToResolve.removeCategory(CATEGORY_INFO)
intentToResolve.addCategory(CATEGORY_LAUNCHER)
intentToResolve.setPackage(packageName)
resolveInfos =
context.packageManager.queryIntentActivities(
intentToResolve,
MATCH_DIRECT_BOOT_AWARE or MATCH_DIRECT_BOOT_UNAWARE
)
}
return resolveInfos.size > 0
}
/**
* Set selected location accuracy flags for COARSE and FINE location permissions.
*
* @param app: The current application
* @param group: The LightAppPermGroup whose permission flags we wish to set
* @param isFineSelected: Whether fine location is selected
*/
fun setFlagsWhenLocationAccuracyChanged(
app: Application,
group: LightAppPermGroup,
isFineSelected: Boolean
) {
if (isFineSelected) {
setGroupFlags(
app,
group,
PackageManager.FLAG_PERMISSION_SELECTED_LOCATION_ACCURACY to true,
filterPermissions = listOf(ACCESS_FINE_LOCATION)
)
setGroupFlags(
app,
group,
PackageManager.FLAG_PERMISSION_SELECTED_LOCATION_ACCURACY to false,
filterPermissions = listOf(Manifest.permission.ACCESS_COARSE_LOCATION)
)
} else {
setGroupFlags(
app,
group,
PackageManager.FLAG_PERMISSION_SELECTED_LOCATION_ACCURACY to false,
filterPermissions = listOf(ACCESS_FINE_LOCATION)
)
setGroupFlags(
app,
group,
PackageManager.FLAG_PERMISSION_SELECTED_LOCATION_ACCURACY to true,
filterPermissions = listOf(Manifest.permission.ACCESS_COARSE_LOCATION)
)
}
}
/**
* Determines whether we should show the safety protection resources. We show the resources only
* if (1) the build version is T or after and (2) the feature flag safety_protection_enabled is
* enabled and (3) the config value config_safetyProtectionEnabled is enabled/true and (4) the
* resources exist (currently the resources only exist on GMS devices)
*/
@ChecksSdkIntAtLeast(api = Build.VERSION_CODES.TIRAMISU)
fun shouldShowSafetyProtectionResources(context: Context): Boolean {
return try {
SdkLevel.isAtLeastT() &&
DeviceConfig.getBoolean(
DeviceConfig.NAMESPACE_PRIVACY,
SAFETY_PROTECTION_RESOURCES_ENABLED,
false
) &&
context
.getResources()
.getBoolean(
Resources.getSystem()
.getIdentifier("config_safetyProtectionEnabled", "bool", "android")
) &&
context.getDrawable(android.R.drawable.ic_safety_protection) != null &&
!context.getString(android.R.string.safety_protection_display_text).isNullOrEmpty()
} catch (e: Resources.NotFoundException) {
// We should expect the resources to not exist for non-pixel devices
// (except for the OEMs that opt-in)
false
}
}
fun addHealthPermissions(context: Context) {
val permissions = HealthConnectManager.getHealthPermissions(context)
PermissionMapping.addHealthPermissionsToPlatform(permissions)
}
/**
* Returns an [Intent] to the installer app store for a given package name, or {@code null} if
* none found
*/
fun getAppStoreIntent(
context: Context,
installerPackageName: String?,
packageName: String?
): Intent? {
val intent: Intent = Intent(Intent.ACTION_SHOW_APP_INFO).setPackage(installerPackageName)
val result: Intent? = resolveActivityForIntent(context, intent)
if (result != null) {
result.putExtra(Intent.EXTRA_PACKAGE_NAME, packageName)
return result
}
return null
}
/**
* Verify that a component that supports the intent with action and return a new intent with
* same action and resolved class name set. Returns null if no activity resolution.
*/
private fun resolveActivityForIntent(context: Context, intent: Intent): Intent? {
val result: ResolveInfo? = context.packageManager.resolveActivity(intent, 0)
return if (result != null) {
Intent(intent.action)
.setClassName(result.activityInfo.packageName, result.activityInfo.name)
} else {
null
}
}
data class NotificationResources(val appLabel: String, val smallIcon: Icon, val color: Int)
fun getSafetyCenterNotificationResources(context: Context): NotificationResources {
val appLabel: String
val smallIcon: Icon
val color: Int
// If U resources are available, and this is a U+ device, use those
if (SdkLevel.isAtLeastU()) {
val safetyCenterResourcesApk = SafetyCenterResourcesApk(context)
val uIcon =
safetyCenterResourcesApk.getIconByDrawableName("ic_notification_badge_general")
val uColor = safetyCenterResourcesApk.getColorByName("notification_tint_normal")
if (uIcon != null && uColor != null) {
appLabel = context.getString(R.string.safety_privacy_qs_tile_title)
return NotificationResources(appLabel, uIcon, uColor)
}
}
// Use PbA branding if available, otherwise default to more generic branding
if (shouldShowSafetyProtectionResources(context)) {
appLabel =
Html.fromHtml(context.getString(android.R.string.safety_protection_display_text), 0)
.toString()
smallIcon = Icon.createWithResource(context, android.R.drawable.ic_safety_protection)
color = context.getColor(R.color.safety_center_info)
} else {
appLabel = context.getString(R.string.safety_center_notification_app_label)
smallIcon = Icon.createWithResource(context, R.drawable.ic_settings_notification)
color = context.getColor(android.R.color.system_notification_accent_color)
}
return NotificationResources(appLabel, smallIcon, color)
}
}
/** Get the [value][LiveData.getValue], suspending until [isInitialized] if not yet so */
suspend fun <T, LD : LiveData<T>> LD.getInitializedValue(
observe: LD.(Observer<T>) -> Unit = { observeForever(it) },
isInitialized: LD.() -> Boolean = { value != null }
): T {
return if (isInitialized()) {
value!!
} else {
suspendCoroutine { continuation: Continuation<T> ->
val observer = AtomicReference<Observer<T>>()
observer.set(
Observer { newValue ->
if (isInitialized()) {
GlobalScope.launch(Dispatchers.Main) {
observer.getAndSet(null)?.let { observerSnapshot ->
removeObserver(observerSnapshot)
continuation.resume(newValue)
}
}
}
}
)
GlobalScope.launch(Dispatchers.Main) { observe(observer.get()) }
}
}
}
/**
* A parallel equivalent of [map]
*
* Starts the given suspending function for each item in the collection without waiting for previous
* ones to complete, then suspends until all the started operations finish.
*/
suspend inline fun <T, R> Iterable<T>.mapInParallel(
context: CoroutineContext,
scope: CoroutineScope = GlobalScope,
crossinline transform: suspend CoroutineScope.(T) -> R
): List<R> = map { scope.async(context) { transform(it) } }.map { it.await() }
/**
* A parallel equivalent of [forEach]
*
* See [mapInParallel]
*/
suspend inline fun <T> Iterable<T>.forEachInParallel(
context: CoroutineContext,
scope: CoroutineScope = GlobalScope,
crossinline action: suspend CoroutineScope.(T) -> Unit
) {
mapInParallel(context, scope) { action(it) }
}
/**
* Check that we haven't already started transitioning to a given destination. If we haven't, start
* navigating to that destination.
*
* @param destResId The ID of the desired destination
* @param args The optional bundle of args to be passed to the destination
*/
fun NavController.navigateSafe(destResId: Int, args: Bundle? = null) {
val navAction = currentDestination?.getAction(destResId) ?: graph.getAction(destResId)
navAction?.let { action ->
if (currentDestination?.id != action.destinationId) {
navigate(destResId, args)
}
}
}
|
