Added new API for URI permissions management.
The new methods are:
- getGrantedUriPermissions(String packageName)
- clearGrantedUriPermissions(String packageName)
These methods will be used by the Settings app to allow users to clear
the URI permissions granted to an application.
BUG: 26447975
Change-Id: I6867402e42b3d6fd03050ec57b73973ccd8a17af
diff --git a/core/java/android/app/ActivityManager.java b/core/java/android/app/ActivityManager.java
index 8637dde..9a44d73 100644
--- a/core/java/android/app/ActivityManager.java
+++ b/core/java/android/app/ActivityManager.java
@@ -36,10 +36,12 @@
import android.content.ComponentName;
import android.content.Context;
import android.content.Intent;
+import android.content.UriPermission;
import android.content.pm.ApplicationInfo;
import android.content.pm.ConfigurationInfo;
import android.content.pm.IPackageDataObserver;
import android.content.pm.PackageManager;
+import android.content.pm.ParceledListSlice;
import android.content.pm.UserInfo;
import android.content.res.Resources;
import android.graphics.Bitmap;
@@ -59,6 +61,7 @@
import android.util.DisplayMetrics;
import android.util.Size;
import android.util.Slog;
+
import org.xmlpull.v1.XmlSerializer;
import java.io.FileDescriptor;
@@ -2256,6 +2259,45 @@
return clearApplicationUserData(mContext.getPackageName(), null);
}
+
+ /**
+ * Permits an application to get the persistent URI permissions granted to another.
+ *
+ * <p>Typically called by Settings.
+ *
+ * @param packageName application to look for the granted permissions
+ * @return list of granted URI permissions
+ *
+ * @hide
+ */
+ public ParceledListSlice<UriPermission> getGrantedUriPermissions(String packageName) {
+ try {
+ return ActivityManagerNative.getDefault().getGrantedUriPermissions(packageName,
+ UserHandle.myUserId());
+ } catch (RemoteException e) {
+ Log.e(TAG, "Couldn't get granted URI permissions for :" + packageName, e);
+ return ParceledListSlice.emptyList();
+ }
+ }
+
+ /**
+ * Permits an application to clear the persistent URI permissions granted to another.
+ *
+ * <p>Typically called by Settings.
+ *
+ * @param packageName application to clear its granted permissions
+ *
+ * @hide
+ */
+ public void clearGrantedUriPermissions(String packageName) {
+ try {
+ ActivityManagerNative.getDefault().clearGrantedUriPermissions(packageName,
+ UserHandle.myUserId());
+ } catch (RemoteException e) {
+ Log.e(TAG, "Couldn't clear granted URI permissions for :" + packageName, e);
+ }
+ }
+
/**
* Information you can retrieve about any processes that are in an error condition.
*/
diff --git a/core/java/android/app/ActivityManagerNative.java b/core/java/android/app/ActivityManagerNative.java
index da21099..e85adc6 100644
--- a/core/java/android/app/ActivityManagerNative.java
+++ b/core/java/android/app/ActivityManagerNative.java
@@ -1408,6 +1408,26 @@
return true;
}
+ case GET_GRANTED_URI_PERMISSIONS_TRANSACTION: {
+ data.enforceInterface(IActivityManager.descriptor);
+ final String packageName = data.readString();
+ final int userId = data.readInt();
+ final ParceledListSlice<UriPermission> perms = getGrantedUriPermissions(packageName,
+ userId);
+ reply.writeNoException();
+ perms.writeToParcel(reply, Parcelable.PARCELABLE_WRITE_RETURN_VALUE);
+ return true;
+ }
+
+ case CLEAR_GRANTED_URI_PERMISSIONS_TRANSACTION: {
+ data.enforceInterface(IActivityManager.descriptor);
+ final String packageName = data.readString();
+ final int userId = data.readInt();
+ clearGrantedUriPermissions(packageName, userId);
+ reply.writeNoException();
+ return true;
+ }
+
case SHOW_WAITING_FOR_DEBUGGER_TRANSACTION: {
data.enforceInterface(IActivityManager.descriptor);
IBinder b = data.readStrongBinder();
@@ -4612,6 +4632,7 @@
data.writeInt(incoming ? 1 : 0);
mRemote.transact(GET_PERSISTED_URI_PERMISSIONS_TRANSACTION, data, reply, 0);
reply.readException();
+ @SuppressWarnings("unchecked")
final ParceledListSlice<UriPermission> perms = ParceledListSlice.CREATOR.createFromParcel(
reply);
data.recycle();
@@ -4619,6 +4640,37 @@
return perms;
}
+ @Override
+ public ParceledListSlice<UriPermission> getGrantedUriPermissions(String packageName, int userId)
+ throws RemoteException {
+ Parcel data = Parcel.obtain();
+ Parcel reply = Parcel.obtain();
+ data.writeInterfaceToken(IActivityManager.descriptor);
+ data.writeString(packageName);
+ data.writeInt(userId);
+ mRemote.transact(GET_GRANTED_URI_PERMISSIONS_TRANSACTION, data, reply, 0);
+ reply.readException();
+ @SuppressWarnings("unchecked")
+ final ParceledListSlice<UriPermission> perms = ParceledListSlice.CREATOR.createFromParcel(
+ reply);
+ data.recycle();
+ reply.recycle();
+ return perms;
+ }
+
+ @Override
+ public void clearGrantedUriPermissions(String packageName, int userId) throws RemoteException {
+ Parcel data = Parcel.obtain();
+ Parcel reply = Parcel.obtain();
+ data.writeInterfaceToken(IActivityManager.descriptor);
+ data.writeString(packageName);
+ data.writeInt(userId);
+ mRemote.transact(CLEAR_GRANTED_URI_PERMISSIONS_TRANSACTION, data, reply, 0);
+ reply.readException();
+ data.recycle();
+ reply.recycle();
+ }
+
public void showWaitingForDebugger(IApplicationThread who, boolean waiting)
throws RemoteException {
Parcel data = Parcel.obtain();
diff --git a/core/java/android/app/IActivityManager.java b/core/java/android/app/IActivityManager.java
index ceb14ad..16578c1 100644
--- a/core/java/android/app/IActivityManager.java
+++ b/core/java/android/app/IActivityManager.java
@@ -276,6 +276,15 @@
public ParceledListSlice<UriPermission> getPersistedUriPermissions(
String packageName, boolean incoming) throws RemoteException;
+ // Gets the URI permissions granted to an arbitrary package.
+ // NOTE: this is different from getPersistedUriPermissions(), which returns the URIs the package
+ // granted to another packages (instead of those granted to it).
+ public ParceledListSlice<UriPermission> getGrantedUriPermissions(String packageName, int userId)
+ throws RemoteException;
+
+ // Clears the URI permissions granted to an arbitrary package.
+ public void clearGrantedUriPermissions(String packageName, int userId) throws RemoteException;
+
public void showWaitingForDebugger(IApplicationThread who, boolean waiting)
throws RemoteException;
@@ -949,4 +958,6 @@
int GET_URI_PERMISSION_OWNER_FOR_ACTIVITY_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION + 357;
int RESIZE_DOCKED_STACK_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION + 358;
int SET_VR_MODE_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION + 359;
+ int GET_GRANTED_URI_PERMISSIONS_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION + 360;
+ int CLEAR_GRANTED_URI_PERMISSIONS_TRANSACTION = IBinder.FIRST_CALL_TRANSACTION + 361;
}
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 7d9fd93..e8054fc 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -391,6 +391,9 @@
<protected-broadcast android:name="android.app.action.NOTIFICATION_POLICY_ACCESS_GRANTED_CHANGED" />
<protected-broadcast android:name="android.os.action.ACTION_EFFECTS_SUPPRESSOR_CHANGED" />
+ <protected-broadcast android:name="android.permission.GET_APP_GRANTED_URI_PERMISSIONS" />
+ <protected-broadcast android:name="android.permission.CLEAR_APP_GRANTED_URI_PERMISSIONS" />
+
<!-- ====================================================================== -->
<!-- RUNTIME PERMISSIONS -->
<!-- ====================================================================== -->
@@ -2192,6 +2195,21 @@
<permission android:name="android.permission.CLEAR_APP_USER_DATA"
android:protectionLevel="signature|installer" />
+ <!-- @hide Allows an application to get the URI permissions
+ granted to another application.
+ <p>Not for use by third-party applications
+ -->
+ <permission android:name="android.permission.GET_APP_GRANTED_URI_PERMISSIONS"
+ android:protectionLevel="signature" />
+
+ <!-- @hide Allows an application to clear the URI permissions
+ granted to another application.
+ <p>Not for use by third-party applications
+ -->
+ <permission
+ android:name="android.permission.CLEAR_APP_GRANTED_URI_PERMISSIONS"
+ android:protectionLevel="signature" />
+
<!-- @SystemApi Allows an application to delete cache files.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.DELETE_CACHE_FILES"