docs: Added protection level to permissions
All permissions that are suitable for use by third-party apps and
aren't deprecated now contain a paragraph in their descriptions that
lists the protection level for a given permission, such as:
Protection level: signature|privileged
Test: make ds-docs
Bug: 137260540
Change-Id: I45eada81bf4aa83480ff2e701a9e0e9932b66b88
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index a3fccd9..e238e1d 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -859,7 +859,7 @@
meaning that the whitelist state can be specified only at install time and
cannot change until the app is installed. For more details see
{@link android.content.pm.PackageInstaller.SessionParams#setWhitelistedRestrictedPermissions(Set)}.
- -->
+ <p>Protection level: dangerous -->
<permission android:name="android.permission.READ_EXTERNAL_STORAGE"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_sdcardRead"
@@ -880,8 +880,9 @@
read/write files in your application-specific directories returned by
{@link android.content.Context#getExternalFilesDir} and
{@link android.content.Context#getExternalCacheDir}.
- <p>Is this permission is not whitelisted for an app that targets an API level before
+ <p>If this permission is not whitelisted for an app that targets an API level before
{@link android.os.Build.VERSION_CODES#Q} this permission cannot be granted to apps.</p>
+ <p>Protection level: dangerous</p>
-->
<permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"
android:permissionGroup="android.permission-group.UNDEFINED"
@@ -891,7 +892,8 @@
android:protectionLevel="dangerous" />
<!-- Allows an application to access any geographic locations persisted in the
- user's shared collection. -->
+ user's shared collection.
+ <p>Protection level: dangerous -->
<permission android:name="android.permission.ACCESS_MEDIA_LOCATION"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_mediaLocation"
@@ -1711,7 +1713,7 @@
<!-- Allows applications to pair bluetooth devices without user interaction, and to
allow or disallow phonebook access or message access.
- This is not available to third party applications. -->
+ <p>Not for use by third-party applications. -->
<permission android:name="android.permission.BLUETOOTH_PRIVILEGED"
android:protectionLevel="signature|privileged" />
@@ -2561,7 +2563,8 @@
android:protectionLevel="signature" />
<!-- Allows an application to modify the current configuration, such
- as locale. -->
+ as locale.
+ <p>Protection level: signature|privileged|development -->
<permission android:name="android.permission.CHANGE_CONFIGURATION"
android:protectionLevel="signature|privileged|development" />
@@ -2860,7 +2863,8 @@
<!-- ==================================== -->
<eat-comment />
- <!-- Allows access to the list of accounts in the Accounts Service. -->
+ <!-- Allows access to the list of accounts in the Accounts Service.
+ <p>Protection level: signature|privileged -->
<permission android:name="android.permission.GET_ACCOUNTS_PRIVILEGED"
android:protectionLevel="signature|privileged" />
@@ -3439,7 +3443,8 @@
android:protectionLevel="signature" />
<!-- Old permission for deleting an app's cache files, no longer used,
- but signals for us to quietly ignore calls instead of throwing an exception. -->
+ but signals for us to quietly ignore calls instead of throwing an exception.
+ <p>Protection level: signature|privileged -->
<permission android:name="android.permission.DELETE_CACHE_FILES"
android:protectionLevel="signature|privileged" />
@@ -3797,7 +3802,8 @@
<!-- Allows an application to collect component usage
statistics
<p>Declaring the permission implies intention to use the API and the user of the
- device can grant permission through the Settings application. -->
+ device can grant permission through the Settings application.
+ <p>Protection level: signature|privileged|development|appop -->
<permission android:name="android.permission.PACKAGE_USAGE_STATS"
android:protectionLevel="signature|privileged|development|appop" />
<uses-permission android:name="android.permission.PACKAGE_USAGE_STATS" />
@@ -3820,14 +3826,14 @@
<!-- Permission an application must hold in order to use
{@link android.provider.Settings#ACTION_REQUEST_IGNORE_BATTERY_OPTIMIZATIONS}.
- This is a normal permission: an app requesting it will always be granted the
- permission, without the user needing to approve or see it. -->
+ <p>Protection level: normal -->
<permission android:name="android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS"
android:label="@string/permlab_requestIgnoreBatteryOptimizations"
android:description="@string/permdesc_requestIgnoreBatteryOptimizations"
android:protectionLevel="normal" />
- <!-- Allows an application to collect battery statistics -->
+ <!-- Allows an application to collect battery statistics
+ <p>Protection level: signature|privileged|development -->
<permission android:name="android.permission.BATTERY_STATS"
android:protectionLevel="signature|privileged|development" />
@@ -3857,7 +3863,8 @@
android:protectionLevel="signature" />
<!-- Must be required by a {@link android.widget.RemoteViewsService},
- to ensure that only the system can bind to it. -->
+ to ensure that only the system can bind to it.
+ <p>Protection level: signature|privileged -->
<permission android:name="android.permission.BIND_REMOTEVIEWS"
android:protectionLevel="signature|privileged" />
@@ -3899,7 +3906,8 @@
to the path in the provider where global search queries are
performed. This permission can not be held by regular applications;
it is used by applications to protect themselves from everyone else
- besides global search. -->
+ besides global search.
+ <p>Protection level: signature|privileged -->
<permission android:name="android.permission.GLOBAL_SEARCH"
android:protectionLevel="signature|privileged" />
@@ -4438,7 +4446,8 @@
<permission android:name="android.permission.MODIFY_THEME_OVERLAY"
android:protectionLevel="signature" />
- <!-- Allows an instant app to create foreground services. -->
+ <!-- Allows an instant app to create foreground services.
+ <p>Protection level: signature|development|instant|appop -->
<permission android:name="android.permission.INSTANT_APP_FOREGROUND_SERVICE"
android:protectionLevel="signature|development|instant|appop" />
@@ -4508,7 +4517,8 @@
<permission android:name="android.permission.MONITOR_DEFAULT_SMS_PACKAGE"
android:protectionLevel="signature|privileged" />
- <!-- A subclass of {@link android.service.carrier.CarrierMessagingClientService} must be protected with this permission. -->
+ <!-- A subclass of {@link android.service.carrier.CarrierMessagingClientService} must be protected with this permission.
+ <p>Protection level: signature -->
<permission android:name="android.permission.BIND_CARRIER_MESSAGING_CLIENT_SERVICE"
android:protectionLevel="signature" />
@@ -4540,13 +4550,15 @@
<permission android:name="android.permission.GRANT_PROFILE_OWNER_DEVICE_IDS_ACCESS"
android:protectionLevel="signature" />
- <!-- Allows financial apps to read filtered sms messages. -->
+ <!-- Allows financial apps to read filtered sms messages.
+ Protection level: signature|appop -->
<permission android:name="android.permission.SMS_FINANCIAL_TRANSACTIONS"
android:protectionLevel="signature|appop" />
<!-- Required for apps targeting {@link android.os.Build.VERSION_CODES#Q} that want to use
{@link android.app.Notification.Builder#setFullScreenIntent notification full screen
- intents}. -->
+ intents}.
+ <p>Protection level: normal -->
<permission android:name="android.permission.USE_FULL_SCREEN_INTENT"
android:protectionLevel="normal" />