Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 1 | /* |
Hai Zhang | a4959e5 | 2019-03-06 12:21:07 -0800 | [diff] [blame] | 2 | * Copyright (C) 2019 The Android Open Source Project |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
Hai Zhang | a4959e5 | 2019-03-06 12:21:07 -0800 | [diff] [blame] | 17 | package android.app.role; |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 18 | |
Hai Zhang | 26f37d3 | 2019-03-06 15:58:39 -0800 | [diff] [blame] | 19 | import android.Manifest; |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 20 | import android.annotation.NonNull; |
| 21 | import android.annotation.Nullable; |
| 22 | import android.annotation.SystemApi; |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 23 | import android.annotation.WorkerThread; |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 24 | import android.app.Service; |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 25 | import android.content.Intent; |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 26 | import android.os.Binder; |
Hai Zhang | 26f37d3 | 2019-03-06 15:58:39 -0800 | [diff] [blame] | 27 | import android.os.Bundle; |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 28 | import android.os.Handler; |
| 29 | import android.os.HandlerThread; |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 30 | import android.os.IBinder; |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 31 | import android.os.Process; |
Hai Zhang | 26f37d3 | 2019-03-06 15:58:39 -0800 | [diff] [blame] | 32 | import android.os.RemoteCallback; |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 33 | import android.os.UserHandle; |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 34 | |
| 35 | import com.android.internal.util.Preconditions; |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 36 | import com.android.internal.util.function.pooled.PooledLambda; |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 37 | |
| 38 | import java.util.concurrent.Executor; |
| 39 | |
| 40 | /** |
| 41 | * Abstract base class for the role controller service. |
| 42 | * <p> |
| 43 | * Subclass should implement the business logic for role management, including enforcing role |
| 44 | * requirements and granting or revoking relevant privileges of roles. This class can only be |
| 45 | * implemented by the permission controller app which is registered in {@code PackageManager}. |
| 46 | * |
| 47 | * @hide |
| 48 | */ |
| 49 | @SystemApi |
| 50 | public abstract class RoleControllerService extends Service { |
| 51 | |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 52 | /** |
Hai Zhang | a4959e5 | 2019-03-06 12:21:07 -0800 | [diff] [blame] | 53 | * The {@link Intent} that must be declared as handled by the service. |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 54 | */ |
Hai Zhang | a4959e5 | 2019-03-06 12:21:07 -0800 | [diff] [blame] | 55 | public static final String SERVICE_INTERFACE = "android.app.role.RoleControllerService"; |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 56 | |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 57 | private HandlerThread mWorkerThread; |
| 58 | private Handler mWorkerHandler; |
| 59 | |
| 60 | @Override |
| 61 | public void onCreate() { |
| 62 | super.onCreate(); |
| 63 | |
| 64 | mWorkerThread = new HandlerThread(RoleControllerService.class.getSimpleName()); |
| 65 | mWorkerThread.start(); |
| 66 | mWorkerHandler = new Handler(mWorkerThread.getLooper()); |
| 67 | } |
| 68 | |
| 69 | @Override |
| 70 | public void onDestroy() { |
| 71 | super.onDestroy(); |
| 72 | |
| 73 | mWorkerThread.quitSafely(); |
| 74 | } |
| 75 | |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 76 | @Nullable |
| 77 | @Override |
| 78 | public final IBinder onBind(@Nullable Intent intent) { |
Hai Zhang | a4959e5 | 2019-03-06 12:21:07 -0800 | [diff] [blame] | 79 | return new IRoleController.Stub() { |
| 80 | |
| 81 | @Override |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 82 | public void grantDefaultRoles(RemoteCallback callback) { |
| 83 | enforceCallerSystemUid("grantDefaultRoles"); |
| 84 | |
Hai Zhang | a4959e5 | 2019-03-06 12:21:07 -0800 | [diff] [blame] | 85 | Preconditions.checkNotNull(callback, "callback cannot be null"); |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 86 | |
| 87 | mWorkerHandler.sendMessage(PooledLambda.obtainMessage( |
| 88 | RoleControllerService::grantDefaultRoles, RoleControllerService.this, |
Hai Zhang | a4959e5 | 2019-03-06 12:21:07 -0800 | [diff] [blame] | 89 | callback)); |
| 90 | } |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 91 | |
| 92 | @Override |
Hai Zhang | 71d7036 | 2019-02-04 16:17:38 -0800 | [diff] [blame] | 93 | public void onAddRoleHolder(String roleName, String packageName, int flags, |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 94 | RemoteCallback callback) { |
| 95 | enforceCallerSystemUid("onAddRoleHolder"); |
| 96 | |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 97 | Preconditions.checkStringNotEmpty(roleName, "roleName cannot be null or empty"); |
| 98 | Preconditions.checkStringNotEmpty(packageName, |
| 99 | "packageName cannot be null or empty"); |
| 100 | Preconditions.checkNotNull(callback, "callback cannot be null"); |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 101 | |
| 102 | mWorkerHandler.sendMessage(PooledLambda.obtainMessage( |
| 103 | RoleControllerService::onAddRoleHolder, RoleControllerService.this, |
| 104 | roleName, packageName, flags, callback)); |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 105 | } |
| 106 | |
| 107 | @Override |
Hai Zhang | 71d7036 | 2019-02-04 16:17:38 -0800 | [diff] [blame] | 108 | public void onRemoveRoleHolder(String roleName, String packageName, int flags, |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 109 | RemoteCallback callback) { |
| 110 | enforceCallerSystemUid("onRemoveRoleHolder"); |
| 111 | |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 112 | Preconditions.checkStringNotEmpty(roleName, "roleName cannot be null or empty"); |
| 113 | Preconditions.checkStringNotEmpty(packageName, |
| 114 | "packageName cannot be null or empty"); |
| 115 | Preconditions.checkNotNull(callback, "callback cannot be null"); |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 116 | |
| 117 | mWorkerHandler.sendMessage(PooledLambda.obtainMessage( |
| 118 | RoleControllerService::onRemoveRoleHolder, RoleControllerService.this, |
| 119 | roleName, packageName, flags, callback)); |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 120 | } |
| 121 | |
| 122 | @Override |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 123 | public void onClearRoleHolders(String roleName, int flags, RemoteCallback callback) { |
| 124 | enforceCallerSystemUid("onClearRoleHolders"); |
| 125 | |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 126 | Preconditions.checkStringNotEmpty(roleName, "roleName cannot be null or empty"); |
| 127 | Preconditions.checkNotNull(callback, "callback cannot be null"); |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 128 | |
| 129 | mWorkerHandler.sendMessage(PooledLambda.obtainMessage( |
| 130 | RoleControllerService::onClearRoleHolders, RoleControllerService.this, |
| 131 | roleName, flags, callback)); |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 132 | } |
Eugene Susla | a4200f82 | 2018-11-09 18:06:43 -0800 | [diff] [blame] | 133 | |
| 134 | @Override |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 135 | public void onSmsKillSwitchToggled(boolean enabled) { |
| 136 | enforceCallerSystemUid("onSmsKillSwitchToggled"); |
| 137 | |
| 138 | mWorkerHandler.sendMessage(PooledLambda.obtainMessage( |
| 139 | RoleControllerService::onSmsKillSwitchToggled, RoleControllerService.this, |
| 140 | enabled)); |
| 141 | } |
| 142 | |
| 143 | private void enforceCallerSystemUid(@NonNull String methodName) { |
| 144 | if (Binder.getCallingUid() != Process.SYSTEM_UID) { |
| 145 | throw new SecurityException("Only the system process can call " + methodName |
| 146 | + "()"); |
| 147 | } |
Eugene Susla | 3496906 | 2019-01-29 11:02:02 -0800 | [diff] [blame] | 148 | } |
Hai Zhang | 26f37d3 | 2019-03-06 15:58:39 -0800 | [diff] [blame] | 149 | |
| 150 | @Override |
| 151 | public void isApplicationQualifiedForRole(String roleName, String packageName, |
| 152 | RemoteCallback callback) { |
| 153 | enforceCallingPermission(Manifest.permission.MANAGE_ROLE_HOLDERS, null); |
| 154 | |
| 155 | Preconditions.checkStringNotEmpty(roleName, "roleName cannot be null or empty"); |
| 156 | Preconditions.checkStringNotEmpty(packageName, |
| 157 | "packageName cannot be null or empty"); |
| 158 | Preconditions.checkNotNull(callback, "callback cannot be null"); |
| 159 | |
| 160 | boolean qualified = onIsApplicationQualifiedForRole(roleName, packageName); |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 161 | callback.sendResult(qualified ? Bundle.EMPTY : null); |
Hai Zhang | 26f37d3 | 2019-03-06 15:58:39 -0800 | [diff] [blame] | 162 | } |
| 163 | |
| 164 | @Override |
| 165 | public void isRoleVisible(String roleName, RemoteCallback callback) { |
| 166 | enforceCallingPermission(Manifest.permission.MANAGE_ROLE_HOLDERS, null); |
| 167 | |
| 168 | Preconditions.checkStringNotEmpty(roleName, "roleName cannot be null or empty"); |
| 169 | Preconditions.checkNotNull(callback, "callback cannot be null"); |
| 170 | |
| 171 | boolean visible = onIsRoleVisible(roleName); |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 172 | callback.sendResult(visible ? Bundle.EMPTY : null); |
Hai Zhang | 26f37d3 | 2019-03-06 15:58:39 -0800 | [diff] [blame] | 173 | } |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 174 | }; |
| 175 | } |
| 176 | |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 177 | private void grantDefaultRoles(@NonNull RemoteCallback callback) { |
| 178 | boolean successful = onGrantDefaultRoles(); |
| 179 | callback.sendResult(successful ? Bundle.EMPTY : null); |
| 180 | } |
| 181 | |
| 182 | private void onAddRoleHolder(@NonNull String roleName, @NonNull String packageName, |
| 183 | @RoleManager.ManageHoldersFlags int flags, @NonNull RemoteCallback callback) { |
| 184 | boolean successful = onAddRoleHolder(roleName, packageName, flags); |
| 185 | callback.sendResult(successful ? Bundle.EMPTY : null); |
| 186 | } |
| 187 | |
| 188 | private void onRemoveRoleHolder(@NonNull String roleName, @NonNull String packageName, |
| 189 | @RoleManager.ManageHoldersFlags int flags, @NonNull RemoteCallback callback) { |
| 190 | boolean successful = onRemoveRoleHolder(roleName, packageName, flags); |
| 191 | callback.sendResult(successful ? Bundle.EMPTY : null); |
| 192 | } |
| 193 | |
| 194 | private void onClearRoleHolders(@NonNull String roleName, |
| 195 | @RoleManager.ManageHoldersFlags int flags, @NonNull RemoteCallback callback) { |
| 196 | boolean successful = onClearRoleHolders(roleName, flags); |
| 197 | callback.sendResult(successful ? Bundle.EMPTY : null); |
| 198 | } |
| 199 | |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 200 | /** |
Hai Zhang | a4959e5 | 2019-03-06 12:21:07 -0800 | [diff] [blame] | 201 | * Called by system to grant default permissions and roles. |
| 202 | * <p> |
| 203 | * This is typically when creating a new user or upgrading either system or |
| 204 | * permission controller package |
| 205 | * |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 206 | * @return whether this call was successful |
Hai Zhang | a4959e5 | 2019-03-06 12:21:07 -0800 | [diff] [blame] | 207 | */ |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 208 | @WorkerThread |
| 209 | public abstract boolean onGrantDefaultRoles(); |
Hai Zhang | a4959e5 | 2019-03-06 12:21:07 -0800 | [diff] [blame] | 210 | |
| 211 | /** |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 212 | * Add a specific application to the holders of a role. If the role is exclusive, the previous |
| 213 | * holder will be replaced. |
| 214 | * <p> |
| 215 | * Implementation should enforce the role requirements and grant or revoke the relevant |
| 216 | * privileges of roles. |
| 217 | * |
| 218 | * @param roleName the name of the role to add the role holder for |
| 219 | * @param packageName the package name of the application to add to the role holders |
Hai Zhang | 71d7036 | 2019-02-04 16:17:38 -0800 | [diff] [blame] | 220 | * @param flags optional behavior flags |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 221 | * |
| 222 | * @return whether this call was successful |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 223 | * |
Hai Zhang | 71d7036 | 2019-02-04 16:17:38 -0800 | [diff] [blame] | 224 | * @see RoleManager#addRoleHolderAsUser(String, String, int, UserHandle, Executor, |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 225 | * RemoteCallback) |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 226 | */ |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 227 | @WorkerThread |
| 228 | public abstract boolean onAddRoleHolder(@NonNull String roleName, @NonNull String packageName, |
| 229 | @RoleManager.ManageHoldersFlags int flags); |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 230 | |
| 231 | /** |
| 232 | * Remove a specific application from the holders of a role. |
| 233 | * |
| 234 | * @param roleName the name of the role to remove the role holder for |
| 235 | * @param packageName the package name of the application to remove from the role holders |
Hai Zhang | 71d7036 | 2019-02-04 16:17:38 -0800 | [diff] [blame] | 236 | * @param flags optional behavior flags |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 237 | * |
| 238 | * @return whether this call was successful |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 239 | * |
Hai Zhang | 71d7036 | 2019-02-04 16:17:38 -0800 | [diff] [blame] | 240 | * @see RoleManager#removeRoleHolderAsUser(String, String, int, UserHandle, Executor, |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 241 | * RemoteCallback) |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 242 | */ |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 243 | @WorkerThread |
| 244 | public abstract boolean onRemoveRoleHolder(@NonNull String roleName, |
| 245 | @NonNull String packageName, @RoleManager.ManageHoldersFlags int flags); |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 246 | |
| 247 | /** |
| 248 | * Remove all holders of a role. |
| 249 | * |
| 250 | * @param roleName the name of the role to remove role holders for |
Hai Zhang | 71d7036 | 2019-02-04 16:17:38 -0800 | [diff] [blame] | 251 | * @param flags optional behavior flags |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 252 | * |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 253 | * @return whether this call was successful |
| 254 | * |
| 255 | * @see RoleManager#clearRoleHoldersAsUser(String, int, UserHandle, Executor, RemoteCallback) |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 256 | */ |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 257 | @WorkerThread |
| 258 | public abstract boolean onClearRoleHolders(@NonNull String roleName, |
| 259 | @RoleManager.ManageHoldersFlags int flags); |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 260 | |
Eugene Susla | a4200f82 | 2018-11-09 18:06:43 -0800 | [diff] [blame] | 261 | /** |
Eugene Susla | 3496906 | 2019-01-29 11:02:02 -0800 | [diff] [blame] | 262 | * Cleanup appop/permissions state in response to sms kill switch toggle |
| 263 | * |
Hai Zhang | a4959e5 | 2019-03-06 12:21:07 -0800 | [diff] [blame] | 264 | * @param enabled whether kill switch was turned on |
Hai Zhang | c33c55b | 2019-03-06 17:03:38 -0800 | [diff] [blame] | 265 | * |
| 266 | * @hide |
Eugene Susla | 3496906 | 2019-01-29 11:02:02 -0800 | [diff] [blame] | 267 | */ |
| 268 | //STOPSHIP: remove this api before shipping a final version |
Hai Zhang | f5e8ccd | 2019-03-06 20:12:24 -0800 | [diff] [blame] | 269 | @WorkerThread |
Hai Zhang | a4959e5 | 2019-03-06 12:21:07 -0800 | [diff] [blame] | 270 | public abstract void onSmsKillSwitchToggled(boolean enabled); |
Eugene Susla | a4200f82 | 2018-11-09 18:06:43 -0800 | [diff] [blame] | 271 | |
Hai Zhang | 26f37d3 | 2019-03-06 15:58:39 -0800 | [diff] [blame] | 272 | /** |
| 273 | * Check whether an application is qualified for a role. |
| 274 | * |
| 275 | * @param roleName name of the role to check for |
| 276 | * @param packageName package name of the application to check for |
| 277 | * |
| 278 | * @return whether the application is qualified for the role |
| 279 | */ |
| 280 | public abstract boolean onIsApplicationQualifiedForRole(@NonNull String roleName, |
| 281 | @NonNull String packageName); |
| 282 | |
| 283 | /** |
| 284 | * Check whether a role should be visible to user. |
| 285 | * |
| 286 | * @param roleName name of the role to check for |
| 287 | * |
| 288 | * @return whether the role should be visible to user |
| 289 | */ |
| 290 | public abstract boolean onIsRoleVisible(@NonNull String roleName); |
Hai Zhang | b777668 | 2018-09-25 15:10:57 -0700 | [diff] [blame] | 291 | } |