Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2012 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | package android.app; |
| 18 | |
Svet Ganov | 16a1689 | 2015-04-16 10:32:04 -0700 | [diff] [blame] | 19 | import android.Manifest; |
Jeff Davidson | 0554260 | 2014-08-11 14:07:27 -0700 | [diff] [blame] | 20 | import android.annotation.SystemApi; |
| 21 | import android.app.usage.UsageStatsManager; |
| 22 | import android.content.Context; |
John Spurlock | 7b41467 | 2014-07-18 13:02:39 -0400 | [diff] [blame] | 23 | import android.media.AudioAttributes.AttributeUsage; |
Dianne Hackborn | e98f5db | 2013-07-17 17:23:25 -0700 | [diff] [blame] | 24 | import android.os.Binder; |
| 25 | import android.os.IBinder; |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 26 | import android.os.Parcel; |
| 27 | import android.os.Parcelable; |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 28 | import android.os.Process; |
| 29 | import android.os.RemoteException; |
Dianne Hackborn | 7b7c58b | 2014-12-02 18:32:20 -0800 | [diff] [blame] | 30 | import android.os.UserHandle; |
Jeff Davidson | 0554260 | 2014-08-11 14:07:27 -0700 | [diff] [blame] | 31 | import android.os.UserManager; |
| 32 | import android.util.ArrayMap; |
| 33 | |
| 34 | import com.android.internal.app.IAppOpsCallback; |
| 35 | import com.android.internal.app.IAppOpsService; |
| 36 | |
| 37 | import java.util.ArrayList; |
| 38 | import java.util.HashMap; |
| 39 | import java.util.List; |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 40 | |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 41 | /** |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 42 | * API for interacting with "application operation" tracking. |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 43 | * |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 44 | * <p>This API is not generally intended for third party application developers; most |
John Spurlock | 925b85e | 2014-03-10 16:52:11 -0400 | [diff] [blame] | 45 | * features are only available to system applications. Obtain an instance of it through |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 46 | * {@link Context#getSystemService(String) Context.getSystemService} with |
| 47 | * {@link Context#APP_OPS_SERVICE Context.APP_OPS_SERVICE}.</p> |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 48 | */ |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 49 | public class AppOpsManager { |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 50 | /** |
| 51 | * <p>App ops allows callers to:</p> |
| 52 | * |
| 53 | * <ul> |
| 54 | * <li> Note when operations are happening, and find out if they are allowed for the current |
| 55 | * caller.</li> |
| 56 | * <li> Disallow specific apps from doing specific operations.</li> |
| 57 | * <li> Collect all of the current information about operations that have been executed or |
| 58 | * are not being allowed.</li> |
| 59 | * <li> Monitor for changes in whether an operation is allowed.</li> |
| 60 | * </ul> |
| 61 | * |
| 62 | * <p>Each operation is identified by a single integer; these integers are a fixed set of |
| 63 | * operations, enumerated by the OP_* constants. |
| 64 | * |
| 65 | * <p></p>When checking operations, the result is a "mode" integer indicating the current |
| 66 | * setting for the operation under that caller: MODE_ALLOWED, MODE_IGNORED (don't execute |
| 67 | * the operation but fake its behavior enough so that the caller doesn't crash), |
| 68 | * MODE_ERRORED (throw a SecurityException back to the caller; the normal operation calls |
| 69 | * will do this for you). |
| 70 | */ |
| 71 | |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 72 | final Context mContext; |
| 73 | final IAppOpsService mService; |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 74 | final ArrayMap<OnOpChangedListener, IAppOpsCallback> mModeWatchers |
| 75 | = new ArrayMap<OnOpChangedListener, IAppOpsCallback>(); |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 76 | |
Dianne Hackborn | e98f5db | 2013-07-17 17:23:25 -0700 | [diff] [blame] | 77 | static IBinder sToken; |
| 78 | |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 79 | /** |
| 80 | * Result from {@link #checkOp}, {@link #noteOp}, {@link #startOp}: the given caller is |
| 81 | * allowed to perform the given operation. |
| 82 | */ |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 83 | public static final int MODE_ALLOWED = 0; |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 84 | |
| 85 | /** |
| 86 | * Result from {@link #checkOp}, {@link #noteOp}, {@link #startOp}: the given caller is |
| 87 | * not allowed to perform the given operation, and this attempt should |
| 88 | * <em>silently fail</em> (it should not cause the app to crash). |
| 89 | */ |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 90 | public static final int MODE_IGNORED = 1; |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 91 | |
| 92 | /** |
| 93 | * Result from {@link #checkOpNoThrow}, {@link #noteOpNoThrow}, {@link #startOpNoThrow}: the |
| 94 | * given caller is not allowed to perform the given operation, and this attempt should |
| 95 | * cause it to have a fatal error, typically a {@link SecurityException}. |
| 96 | */ |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 97 | public static final int MODE_ERRORED = 2; |
| 98 | |
Dianne Hackborn | 33f5ddd | 2014-07-21 15:35:45 -0700 | [diff] [blame] | 99 | /** |
| 100 | * Result from {@link #checkOp}, {@link #noteOp}, {@link #startOp}: the given caller should |
| 101 | * use its default security check. This mode is not normally used; it should only be used |
| 102 | * with appop permissions, and callers must explicitly check for it and deal with it. |
| 103 | */ |
| 104 | public static final int MODE_DEFAULT = 3; |
| 105 | |
Daniel Sandler | fde19b1 | 2013-01-17 00:21:05 -0500 | [diff] [blame] | 106 | // when adding one of these: |
| 107 | // - increment _NUM_OP |
Svetoslav Ganov | eaca4c5 | 2016-05-05 18:08:00 -0700 | [diff] [blame] | 108 | // - add rows to sOpToSwitch, sOpToString, sOpNames, sOpToPerms, sOpDefault |
Daniel Sandler | fde19b1 | 2013-01-17 00:21:05 -0500 | [diff] [blame] | 109 | // - add descriptive strings to Settings/res/values/arrays.xml |
David Christie | 0b83745 | 2013-07-29 16:02:13 -0700 | [diff] [blame] | 110 | // - add the op to the appropriate template in AppOpsState.OpsTemplate (settings app) |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 111 | |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 112 | /** @hide No operation specified. */ |
Dianne Hackborn | f51f612 | 2013-02-04 18:23:34 -0800 | [diff] [blame] | 113 | public static final int OP_NONE = -1; |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 114 | /** @hide Access to coarse location information. */ |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 115 | public static final int OP_COARSE_LOCATION = 0; |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 116 | /** @hide Access to fine location information. */ |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 117 | public static final int OP_FINE_LOCATION = 1; |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 118 | /** @hide Causing GPS to run. */ |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 119 | public static final int OP_GPS = 2; |
Dianne Hackborn | f265ea9 | 2013-01-31 15:00:51 -0800 | [diff] [blame] | 120 | /** @hide */ |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 121 | public static final int OP_VIBRATE = 3; |
| 122 | /** @hide */ |
| 123 | public static final int OP_READ_CONTACTS = 4; |
| 124 | /** @hide */ |
| 125 | public static final int OP_WRITE_CONTACTS = 5; |
| 126 | /** @hide */ |
| 127 | public static final int OP_READ_CALL_LOG = 6; |
| 128 | /** @hide */ |
| 129 | public static final int OP_WRITE_CALL_LOG = 7; |
| 130 | /** @hide */ |
| 131 | public static final int OP_READ_CALENDAR = 8; |
| 132 | /** @hide */ |
| 133 | public static final int OP_WRITE_CALENDAR = 9; |
| 134 | /** @hide */ |
| 135 | public static final int OP_WIFI_SCAN = 10; |
| 136 | /** @hide */ |
| 137 | public static final int OP_POST_NOTIFICATION = 11; |
| 138 | /** @hide */ |
| 139 | public static final int OP_NEIGHBORING_CELLS = 12; |
| 140 | /** @hide */ |
| 141 | public static final int OP_CALL_PHONE = 13; |
| 142 | /** @hide */ |
| 143 | public static final int OP_READ_SMS = 14; |
| 144 | /** @hide */ |
| 145 | public static final int OP_WRITE_SMS = 15; |
| 146 | /** @hide */ |
| 147 | public static final int OP_RECEIVE_SMS = 16; |
| 148 | /** @hide */ |
| 149 | public static final int OP_RECEIVE_EMERGECY_SMS = 17; |
| 150 | /** @hide */ |
| 151 | public static final int OP_RECEIVE_MMS = 18; |
| 152 | /** @hide */ |
| 153 | public static final int OP_RECEIVE_WAP_PUSH = 19; |
| 154 | /** @hide */ |
| 155 | public static final int OP_SEND_SMS = 20; |
| 156 | /** @hide */ |
| 157 | public static final int OP_READ_ICC_SMS = 21; |
| 158 | /** @hide */ |
| 159 | public static final int OP_WRITE_ICC_SMS = 22; |
| 160 | /** @hide */ |
| 161 | public static final int OP_WRITE_SETTINGS = 23; |
| 162 | /** @hide */ |
| 163 | public static final int OP_SYSTEM_ALERT_WINDOW = 24; |
| 164 | /** @hide */ |
| 165 | public static final int OP_ACCESS_NOTIFICATIONS = 25; |
| 166 | /** @hide */ |
| 167 | public static final int OP_CAMERA = 26; |
| 168 | /** @hide */ |
| 169 | public static final int OP_RECORD_AUDIO = 27; |
| 170 | /** @hide */ |
| 171 | public static final int OP_PLAY_AUDIO = 28; |
| 172 | /** @hide */ |
| 173 | public static final int OP_READ_CLIPBOARD = 29; |
| 174 | /** @hide */ |
| 175 | public static final int OP_WRITE_CLIPBOARD = 30; |
| 176 | /** @hide */ |
| 177 | public static final int OP_TAKE_MEDIA_BUTTONS = 31; |
| 178 | /** @hide */ |
| 179 | public static final int OP_TAKE_AUDIO_FOCUS = 32; |
| 180 | /** @hide */ |
| 181 | public static final int OP_AUDIO_MASTER_VOLUME = 33; |
| 182 | /** @hide */ |
| 183 | public static final int OP_AUDIO_VOICE_VOLUME = 34; |
| 184 | /** @hide */ |
| 185 | public static final int OP_AUDIO_RING_VOLUME = 35; |
| 186 | /** @hide */ |
| 187 | public static final int OP_AUDIO_MEDIA_VOLUME = 36; |
| 188 | /** @hide */ |
| 189 | public static final int OP_AUDIO_ALARM_VOLUME = 37; |
| 190 | /** @hide */ |
| 191 | public static final int OP_AUDIO_NOTIFICATION_VOLUME = 38; |
| 192 | /** @hide */ |
| 193 | public static final int OP_AUDIO_BLUETOOTH_VOLUME = 39; |
| 194 | /** @hide */ |
| 195 | public static final int OP_WAKE_LOCK = 40; |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 196 | /** @hide Continually monitoring location data. */ |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 197 | public static final int OP_MONITOR_LOCATION = 41; |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 198 | /** @hide Continually monitoring location data with a relatively high power request. */ |
David Christie | 0b83745 | 2013-07-29 16:02:13 -0700 | [diff] [blame] | 199 | public static final int OP_MONITOR_HIGH_POWER_LOCATION = 42; |
Dianne Hackborn | e22b3b1 | 2014-05-07 18:06:44 -0700 | [diff] [blame] | 200 | /** @hide Retrieve current usage stats via {@link UsageStatsManager}. */ |
| 201 | public static final int OP_GET_USAGE_STATS = 43; |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 202 | /** @hide */ |
Emily Bernier | 22c921a | 2014-05-28 11:01:32 -0400 | [diff] [blame] | 203 | public static final int OP_MUTE_MICROPHONE = 44; |
| 204 | /** @hide */ |
Jason Monk | 1c7c319 | 2014-06-26 12:52:18 -0400 | [diff] [blame] | 205 | public static final int OP_TOAST_WINDOW = 45; |
Michael Wright | c39d47a | 2014-07-08 18:07:36 -0700 | [diff] [blame] | 206 | /** @hide Capture the device's display contents and/or audio */ |
| 207 | public static final int OP_PROJECT_MEDIA = 46; |
Jeff Davidson | 0554260 | 2014-08-11 14:07:27 -0700 | [diff] [blame] | 208 | /** @hide Activate a VPN connection without user intervention. */ |
| 209 | public static final int OP_ACTIVATE_VPN = 47; |
Benjamin Franz | f3ece36 | 2015-02-11 10:51:10 +0000 | [diff] [blame] | 210 | /** @hide Access the WallpaperManagerAPI to write wallpapers. */ |
| 211 | public static final int OP_WRITE_WALLPAPER = 48; |
Dianne Hackborn | d59a5d5 | 2015-04-04 14:52:14 -0700 | [diff] [blame] | 212 | /** @hide Received the assist structure from an app. */ |
| 213 | public static final int OP_ASSIST_STRUCTURE = 49; |
| 214 | /** @hide Received a screenshot from assist. */ |
| 215 | public static final int OP_ASSIST_SCREENSHOT = 50; |
Svet Ganov | 16a1689 | 2015-04-16 10:32:04 -0700 | [diff] [blame] | 216 | /** @hide Read the phone state. */ |
| 217 | public static final int OP_READ_PHONE_STATE = 51; |
Svet Ganov | c330009 | 2015-04-17 09:07:22 -0700 | [diff] [blame] | 218 | /** @hide Add voicemail messages to the voicemail content provider. */ |
| 219 | public static final int OP_ADD_VOICEMAIL = 52; |
Svetoslav | 5335b67 | 2015-04-29 12:00:51 -0700 | [diff] [blame] | 220 | /** @hide Access APIs for SIP calling over VOIP or WiFi. */ |
| 221 | public static final int OP_USE_SIP = 53; |
Svetoslav | c656e6f | 2015-04-29 14:08:16 -0700 | [diff] [blame] | 222 | /** @hide Intercept outgoing calls. */ |
| 223 | public static final int OP_PROCESS_OUTGOING_CALLS = 54; |
Svetoslav | 4af76a5 | 2015-04-29 15:29:46 -0700 | [diff] [blame] | 224 | /** @hide User the fingerprint API. */ |
| 225 | public static final int OP_USE_FINGERPRINT = 55; |
Svet Ganov | b9d71a6 | 2015-04-30 10:38:13 -0700 | [diff] [blame] | 226 | /** @hide Access to body sensors such as heart rate, etc. */ |
| 227 | public static final int OP_BODY_SENSORS = 56; |
Svet Ganov | ede4316 | 2015-05-02 17:42:44 -0700 | [diff] [blame] | 228 | /** @hide Read previously received cell broadcast messages. */ |
| 229 | public static final int OP_READ_CELL_BROADCASTS = 57; |
Svet Ganov | f7e9cf4 | 2015-05-13 10:40:31 -0700 | [diff] [blame] | 230 | /** @hide Inject mock location into the system. */ |
| 231 | public static final int OP_MOCK_LOCATION = 58; |
Svet Ganov | 921c7df | 2015-06-29 21:51:41 -0700 | [diff] [blame] | 232 | /** @hide Read external storage. */ |
| 233 | public static final int OP_READ_EXTERNAL_STORAGE = 59; |
| 234 | /** @hide Write external storage. */ |
| 235 | public static final int OP_WRITE_EXTERNAL_STORAGE = 60; |
Dianne Hackborn | 280a64e | 2015-07-13 14:48:08 -0700 | [diff] [blame] | 236 | /** @hide Turned on the screen. */ |
| 237 | public static final int OP_TURN_SCREEN_ON = 61; |
Svetoslav | f3f02ac | 2015-09-08 14:36:35 -0700 | [diff] [blame] | 238 | /** @hide Get device accounts. */ |
| 239 | public static final int OP_GET_ACCOUNTS = 62; |
Dianne Hackborn | bef28fe | 2015-10-29 17:57:11 -0700 | [diff] [blame] | 240 | /** @hide Control whether an application is allowed to run in the background. */ |
| 241 | public static final int OP_RUN_IN_BACKGROUND = 63; |
Jason Monk | 1c7c319 | 2014-06-26 12:52:18 -0400 | [diff] [blame] | 242 | /** @hide */ |
Jean-Michel Trivi | 3f0945a | 2016-11-11 10:05:18 -0800 | [diff] [blame] | 243 | public static final int OP_AUDIO_ACCESSIBILITY_VOLUME = 64; |
| 244 | /** @hide */ |
| 245 | public static final int _NUM_OP = 65; |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 246 | |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 247 | /** Access to coarse location information. */ |
Svet Ganov | 6e8f67c | 2015-04-29 17:35:19 -0700 | [diff] [blame] | 248 | public static final String OPSTR_COARSE_LOCATION = "android:coarse_location"; |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 249 | /** Access to fine location information. */ |
| 250 | public static final String OPSTR_FINE_LOCATION = |
| 251 | "android:fine_location"; |
| 252 | /** Continually monitoring location data. */ |
| 253 | public static final String OPSTR_MONITOR_LOCATION |
| 254 | = "android:monitor_location"; |
| 255 | /** Continually monitoring location data with a relatively high power request. */ |
| 256 | public static final String OPSTR_MONITOR_HIGH_POWER_LOCATION |
| 257 | = "android:monitor_location_high_power"; |
Dianne Hackborn | 5064e7c | 2014-09-02 10:57:16 -0700 | [diff] [blame] | 258 | /** Access to {@link android.app.usage.UsageStatsManager}. */ |
| 259 | public static final String OPSTR_GET_USAGE_STATS |
| 260 | = "android:get_usage_stats"; |
Jeff Davidson | 0554260 | 2014-08-11 14:07:27 -0700 | [diff] [blame] | 261 | /** Activate a VPN connection without user intervention. @hide */ |
| 262 | @SystemApi |
Svet Ganov | 6e8f67c | 2015-04-29 17:35:19 -0700 | [diff] [blame] | 263 | public static final String OPSTR_ACTIVATE_VPN |
| 264 | = "android:activate_vpn"; |
Svet Ganov | 715cf2a | 2015-06-13 17:31:29 -0700 | [diff] [blame] | 265 | /** Allows an application to read the user's contacts data. */ |
Svet Ganov | 6e8f67c | 2015-04-29 17:35:19 -0700 | [diff] [blame] | 266 | public static final String OPSTR_READ_CONTACTS |
| 267 | = "android:read_contacts"; |
Svet Ganov | 715cf2a | 2015-06-13 17:31:29 -0700 | [diff] [blame] | 268 | /** Allows an application to write to the user's contacts data. */ |
Svet Ganov | 6e8f67c | 2015-04-29 17:35:19 -0700 | [diff] [blame] | 269 | public static final String OPSTR_WRITE_CONTACTS |
| 270 | = "android:write_contacts"; |
Svet Ganov | 715cf2a | 2015-06-13 17:31:29 -0700 | [diff] [blame] | 271 | /** Allows an application to read the user's call log. */ |
Svet Ganov | 6e8f67c | 2015-04-29 17:35:19 -0700 | [diff] [blame] | 272 | public static final String OPSTR_READ_CALL_LOG |
| 273 | = "android:read_call_log"; |
Svet Ganov | 715cf2a | 2015-06-13 17:31:29 -0700 | [diff] [blame] | 274 | /** Allows an application to write to the user's call log. */ |
Svet Ganov | 6e8f67c | 2015-04-29 17:35:19 -0700 | [diff] [blame] | 275 | public static final String OPSTR_WRITE_CALL_LOG |
| 276 | = "android:write_call_log"; |
Svet Ganov | 715cf2a | 2015-06-13 17:31:29 -0700 | [diff] [blame] | 277 | /** Allows an application to read the user's calendar data. */ |
Svet Ganov | 6e8f67c | 2015-04-29 17:35:19 -0700 | [diff] [blame] | 278 | public static final String OPSTR_READ_CALENDAR |
| 279 | = "android:read_calendar"; |
Svet Ganov | 715cf2a | 2015-06-13 17:31:29 -0700 | [diff] [blame] | 280 | /** Allows an application to write to the user's calendar data. */ |
Svet Ganov | 6e8f67c | 2015-04-29 17:35:19 -0700 | [diff] [blame] | 281 | public static final String OPSTR_WRITE_CALENDAR |
| 282 | = "android:write_calendar"; |
Svet Ganov | 715cf2a | 2015-06-13 17:31:29 -0700 | [diff] [blame] | 283 | /** Allows an application to initiate a phone call. */ |
Svet Ganov | 6e8f67c | 2015-04-29 17:35:19 -0700 | [diff] [blame] | 284 | public static final String OPSTR_CALL_PHONE |
| 285 | = "android:call_phone"; |
Svet Ganov | 715cf2a | 2015-06-13 17:31:29 -0700 | [diff] [blame] | 286 | /** Allows an application to read SMS messages. */ |
Svet Ganov | 6e8f67c | 2015-04-29 17:35:19 -0700 | [diff] [blame] | 287 | public static final String OPSTR_READ_SMS |
| 288 | = "android:read_sms"; |
Svet Ganov | 715cf2a | 2015-06-13 17:31:29 -0700 | [diff] [blame] | 289 | /** Allows an application to receive SMS messages. */ |
Svet Ganov | 6e8f67c | 2015-04-29 17:35:19 -0700 | [diff] [blame] | 290 | public static final String OPSTR_RECEIVE_SMS |
| 291 | = "android:receive_sms"; |
Svet Ganov | 715cf2a | 2015-06-13 17:31:29 -0700 | [diff] [blame] | 292 | /** Allows an application to receive MMS messages. */ |
Svet Ganov | 6e8f67c | 2015-04-29 17:35:19 -0700 | [diff] [blame] | 293 | public static final String OPSTR_RECEIVE_MMS |
| 294 | = "android:receive_mms"; |
Svet Ganov | 715cf2a | 2015-06-13 17:31:29 -0700 | [diff] [blame] | 295 | /** Allows an application to receive WAP push messages. */ |
Svet Ganov | 6e8f67c | 2015-04-29 17:35:19 -0700 | [diff] [blame] | 296 | public static final String OPSTR_RECEIVE_WAP_PUSH |
| 297 | = "android:receive_wap_push"; |
Svet Ganov | 715cf2a | 2015-06-13 17:31:29 -0700 | [diff] [blame] | 298 | /** Allows an application to send SMS messages. */ |
Svet Ganov | 6e8f67c | 2015-04-29 17:35:19 -0700 | [diff] [blame] | 299 | public static final String OPSTR_SEND_SMS |
| 300 | = "android:send_sms"; |
Svet Ganov | 715cf2a | 2015-06-13 17:31:29 -0700 | [diff] [blame] | 301 | /** Required to be able to access the camera device. */ |
Svet Ganov | 6e8f67c | 2015-04-29 17:35:19 -0700 | [diff] [blame] | 302 | public static final String OPSTR_CAMERA |
| 303 | = "android:camera"; |
Svet Ganov | 715cf2a | 2015-06-13 17:31:29 -0700 | [diff] [blame] | 304 | /** Required to be able to access the microphone device. */ |
Svet Ganov | 6e8f67c | 2015-04-29 17:35:19 -0700 | [diff] [blame] | 305 | public static final String OPSTR_RECORD_AUDIO |
| 306 | = "android:record_audio"; |
Svet Ganov | 715cf2a | 2015-06-13 17:31:29 -0700 | [diff] [blame] | 307 | /** Required to access phone state related information. */ |
Svet Ganov | 6e8f67c | 2015-04-29 17:35:19 -0700 | [diff] [blame] | 308 | public static final String OPSTR_READ_PHONE_STATE |
| 309 | = "android:read_phone_state"; |
Svet Ganov | 715cf2a | 2015-06-13 17:31:29 -0700 | [diff] [blame] | 310 | /** Required to access phone state related information. */ |
Svet Ganov | 6e8f67c | 2015-04-29 17:35:19 -0700 | [diff] [blame] | 311 | public static final String OPSTR_ADD_VOICEMAIL |
| 312 | = "android:add_voicemail"; |
Svet Ganov | 715cf2a | 2015-06-13 17:31:29 -0700 | [diff] [blame] | 313 | /** Access APIs for SIP calling over VOIP or WiFi */ |
Svet Ganov | b9d71a6 | 2015-04-30 10:38:13 -0700 | [diff] [blame] | 314 | public static final String OPSTR_USE_SIP |
| 315 | = "android:use_sip"; |
Svet Ganov | e8e8942 | 2016-09-22 19:56:50 -0700 | [diff] [blame] | 316 | /** Access APIs for diverting outgoing calls */ |
Svet Ganov | 824ad6e | 2016-09-22 19:36:53 -0700 | [diff] [blame] | 317 | public static final String OPSTR_PROCESS_OUTGOING_CALLS |
| 318 | = "android:process_outgoing_calls"; |
Svet Ganov | 715cf2a | 2015-06-13 17:31:29 -0700 | [diff] [blame] | 319 | /** Use the fingerprint API. */ |
Svet Ganov | b9d71a6 | 2015-04-30 10:38:13 -0700 | [diff] [blame] | 320 | public static final String OPSTR_USE_FINGERPRINT |
| 321 | = "android:use_fingerprint"; |
Svet Ganov | 715cf2a | 2015-06-13 17:31:29 -0700 | [diff] [blame] | 322 | /** Access to body sensors such as heart rate, etc. */ |
Svet Ganov | b9d71a6 | 2015-04-30 10:38:13 -0700 | [diff] [blame] | 323 | public static final String OPSTR_BODY_SENSORS |
| 324 | = "android:body_sensors"; |
Svet Ganov | 715cf2a | 2015-06-13 17:31:29 -0700 | [diff] [blame] | 325 | /** Read previously received cell broadcast messages. */ |
Svet Ganov | ede4316 | 2015-05-02 17:42:44 -0700 | [diff] [blame] | 326 | public static final String OPSTR_READ_CELL_BROADCASTS |
| 327 | = "android:read_cell_broadcasts"; |
Svet Ganov | f7e9cf4 | 2015-05-13 10:40:31 -0700 | [diff] [blame] | 328 | /** Inject mock location into the system. */ |
| 329 | public static final String OPSTR_MOCK_LOCATION |
| 330 | = "android:mock_location"; |
Svet Ganov | 921c7df | 2015-06-29 21:51:41 -0700 | [diff] [blame] | 331 | /** Read external storage. */ |
| 332 | public static final String OPSTR_READ_EXTERNAL_STORAGE |
| 333 | = "android:read_external_storage"; |
| 334 | /** Write external storage. */ |
| 335 | public static final String OPSTR_WRITE_EXTERNAL_STORAGE |
| 336 | = "android:write_external_storage"; |
Billy Lau | 24b9c83 | 2015-07-20 17:34:09 +0100 | [diff] [blame] | 337 | /** Required to draw on top of other apps. */ |
| 338 | public static final String OPSTR_SYSTEM_ALERT_WINDOW |
| 339 | = "android:system_alert_window"; |
| 340 | /** Required to write/modify/update system settingss. */ |
| 341 | public static final String OPSTR_WRITE_SETTINGS |
| 342 | = "android:write_settings"; |
Svetoslav | f3f02ac | 2015-09-08 14:36:35 -0700 | [diff] [blame] | 343 | /** @hide Get device accounts. */ |
| 344 | public static final String OPSTR_GET_ACCOUNTS |
| 345 | = "android:get_accounts"; |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 346 | |
Svetoslav Ganov | eaca4c5 | 2016-05-05 18:08:00 -0700 | [diff] [blame] | 347 | private static final int[] RUNTIME_PERMISSIONS_OPS = { |
| 348 | // Contacts |
| 349 | OP_READ_CONTACTS, |
| 350 | OP_WRITE_CONTACTS, |
| 351 | OP_GET_ACCOUNTS, |
| 352 | // Calendar |
| 353 | OP_READ_CALENDAR, |
| 354 | OP_WRITE_CALENDAR, |
| 355 | // SMS |
| 356 | OP_SEND_SMS, |
| 357 | OP_RECEIVE_SMS, |
| 358 | OP_READ_SMS, |
| 359 | OP_RECEIVE_WAP_PUSH, |
| 360 | OP_RECEIVE_MMS, |
| 361 | OP_READ_CELL_BROADCASTS, |
| 362 | // Storage |
| 363 | OP_READ_EXTERNAL_STORAGE, |
| 364 | OP_WRITE_EXTERNAL_STORAGE, |
| 365 | // Location |
| 366 | OP_COARSE_LOCATION, |
| 367 | OP_FINE_LOCATION, |
| 368 | // Phone |
| 369 | OP_READ_PHONE_STATE, |
| 370 | OP_CALL_PHONE, |
| 371 | OP_READ_CALL_LOG, |
| 372 | OP_WRITE_CALL_LOG, |
| 373 | OP_ADD_VOICEMAIL, |
| 374 | OP_USE_SIP, |
| 375 | OP_PROCESS_OUTGOING_CALLS, |
| 376 | // Microphone |
| 377 | OP_RECORD_AUDIO, |
| 378 | // Camera |
| 379 | OP_CAMERA, |
| 380 | // Body sensors |
| 381 | OP_BODY_SENSORS |
| 382 | }; |
| 383 | |
Dianne Hackborn | f265ea9 | 2013-01-31 15:00:51 -0800 | [diff] [blame] | 384 | /** |
| 385 | * This maps each operation to the operation that serves as the |
| 386 | * switch to determine whether it is allowed. Generally this is |
| 387 | * a 1:1 mapping, but for some things (like location) that have |
| 388 | * multiple low-level operations being tracked that should be |
David Christie | 0b83745 | 2013-07-29 16:02:13 -0700 | [diff] [blame] | 389 | * presented to the user as one switch then this can be used to |
Dianne Hackborn | f265ea9 | 2013-01-31 15:00:51 -0800 | [diff] [blame] | 390 | * make them all controlled by the same single operation. |
| 391 | */ |
| 392 | private static int[] sOpToSwitch = new int[] { |
| 393 | OP_COARSE_LOCATION, |
| 394 | OP_COARSE_LOCATION, |
| 395 | OP_COARSE_LOCATION, |
| 396 | OP_VIBRATE, |
| 397 | OP_READ_CONTACTS, |
| 398 | OP_WRITE_CONTACTS, |
| 399 | OP_READ_CALL_LOG, |
| 400 | OP_WRITE_CALL_LOG, |
| 401 | OP_READ_CALENDAR, |
| 402 | OP_WRITE_CALENDAR, |
| 403 | OP_COARSE_LOCATION, |
| 404 | OP_POST_NOTIFICATION, |
| 405 | OP_COARSE_LOCATION, |
| 406 | OP_CALL_PHONE, |
Dianne Hackborn | f51f612 | 2013-02-04 18:23:34 -0800 | [diff] [blame] | 407 | OP_READ_SMS, |
| 408 | OP_WRITE_SMS, |
David Braun | 18966a8 | 2013-09-10 13:14:46 -0700 | [diff] [blame] | 409 | OP_RECEIVE_SMS, |
| 410 | OP_RECEIVE_SMS, |
Svet Ganov | 99e4d51 | 2016-09-21 19:50:14 -0700 | [diff] [blame] | 411 | OP_RECEIVE_MMS, |
| 412 | OP_RECEIVE_WAP_PUSH, |
David Braun | 18966a8 | 2013-09-10 13:14:46 -0700 | [diff] [blame] | 413 | OP_SEND_SMS, |
Dianne Hackborn | f51f612 | 2013-02-04 18:23:34 -0800 | [diff] [blame] | 414 | OP_READ_SMS, |
| 415 | OP_WRITE_SMS, |
Dianne Hackborn | 961321f | 2013-02-05 17:22:41 -0800 | [diff] [blame] | 416 | OP_WRITE_SETTINGS, |
Dianne Hackborn | c229302 | 2013-02-06 23:14:49 -0800 | [diff] [blame] | 417 | OP_SYSTEM_ALERT_WINDOW, |
Daniel Sandler | fde19b1 | 2013-01-17 00:21:05 -0500 | [diff] [blame] | 418 | OP_ACCESS_NOTIFICATIONS, |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 419 | OP_CAMERA, |
| 420 | OP_RECORD_AUDIO, |
| 421 | OP_PLAY_AUDIO, |
Dianne Hackborn | efcc1a2 | 2013-02-25 18:02:35 -0800 | [diff] [blame] | 422 | OP_READ_CLIPBOARD, |
| 423 | OP_WRITE_CLIPBOARD, |
Dianne Hackborn | ba50b97c | 2013-04-30 15:04:46 -0700 | [diff] [blame] | 424 | OP_TAKE_MEDIA_BUTTONS, |
| 425 | OP_TAKE_AUDIO_FOCUS, |
| 426 | OP_AUDIO_MASTER_VOLUME, |
| 427 | OP_AUDIO_VOICE_VOLUME, |
| 428 | OP_AUDIO_RING_VOLUME, |
| 429 | OP_AUDIO_MEDIA_VOLUME, |
| 430 | OP_AUDIO_ALARM_VOLUME, |
| 431 | OP_AUDIO_NOTIFICATION_VOLUME, |
| 432 | OP_AUDIO_BLUETOOTH_VOLUME, |
Dianne Hackborn | 713df15 | 2013-05-17 11:27:57 -0700 | [diff] [blame] | 433 | OP_WAKE_LOCK, |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 434 | OP_COARSE_LOCATION, |
David Christie | 0b83745 | 2013-07-29 16:02:13 -0700 | [diff] [blame] | 435 | OP_COARSE_LOCATION, |
Dianne Hackborn | e22b3b1 | 2014-05-07 18:06:44 -0700 | [diff] [blame] | 436 | OP_GET_USAGE_STATS, |
Jason Monk | 1c7c319 | 2014-06-26 12:52:18 -0400 | [diff] [blame] | 437 | OP_MUTE_MICROPHONE, |
| 438 | OP_TOAST_WINDOW, |
Michael Wright | c39d47a | 2014-07-08 18:07:36 -0700 | [diff] [blame] | 439 | OP_PROJECT_MEDIA, |
Jeff Davidson | 0554260 | 2014-08-11 14:07:27 -0700 | [diff] [blame] | 440 | OP_ACTIVATE_VPN, |
Benjamin Franz | f3ece36 | 2015-02-11 10:51:10 +0000 | [diff] [blame] | 441 | OP_WRITE_WALLPAPER, |
Dianne Hackborn | d59a5d5 | 2015-04-04 14:52:14 -0700 | [diff] [blame] | 442 | OP_ASSIST_STRUCTURE, |
| 443 | OP_ASSIST_SCREENSHOT, |
Svet Ganov | c330009 | 2015-04-17 09:07:22 -0700 | [diff] [blame] | 444 | OP_READ_PHONE_STATE, |
Svetoslav | 5335b67 | 2015-04-29 12:00:51 -0700 | [diff] [blame] | 445 | OP_ADD_VOICEMAIL, |
Svetoslav | c656e6f | 2015-04-29 14:08:16 -0700 | [diff] [blame] | 446 | OP_USE_SIP, |
Svetoslav | 4af76a5 | 2015-04-29 15:29:46 -0700 | [diff] [blame] | 447 | OP_PROCESS_OUTGOING_CALLS, |
Svet Ganov | b9d71a6 | 2015-04-30 10:38:13 -0700 | [diff] [blame] | 448 | OP_USE_FINGERPRINT, |
Svet Ganov | ede4316 | 2015-05-02 17:42:44 -0700 | [diff] [blame] | 449 | OP_BODY_SENSORS, |
Svet Ganov | f7e9cf4 | 2015-05-13 10:40:31 -0700 | [diff] [blame] | 450 | OP_READ_CELL_BROADCASTS, |
Svet Ganov | 921c7df | 2015-06-29 21:51:41 -0700 | [diff] [blame] | 451 | OP_MOCK_LOCATION, |
| 452 | OP_READ_EXTERNAL_STORAGE, |
Dianne Hackborn | 280a64e | 2015-07-13 14:48:08 -0700 | [diff] [blame] | 453 | OP_WRITE_EXTERNAL_STORAGE, |
| 454 | OP_TURN_SCREEN_ON, |
Svetoslav | f3f02ac | 2015-09-08 14:36:35 -0700 | [diff] [blame] | 455 | OP_GET_ACCOUNTS, |
Dianne Hackborn | bef28fe | 2015-10-29 17:57:11 -0700 | [diff] [blame] | 456 | OP_RUN_IN_BACKGROUND, |
Jean-Michel Trivi | 3f0945a | 2016-11-11 10:05:18 -0800 | [diff] [blame] | 457 | OP_AUDIO_ACCESSIBILITY_VOLUME, |
Dianne Hackborn | f265ea9 | 2013-01-31 15:00:51 -0800 | [diff] [blame] | 458 | }; |
| 459 | |
| 460 | /** |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 461 | * This maps each operation to the public string constant for it. |
| 462 | * If it doesn't have a public string constant, it maps to null. |
| 463 | */ |
| 464 | private static String[] sOpToString = new String[] { |
| 465 | OPSTR_COARSE_LOCATION, |
| 466 | OPSTR_FINE_LOCATION, |
| 467 | null, |
| 468 | null, |
Svet Ganov | b9d71a6 | 2015-04-30 10:38:13 -0700 | [diff] [blame] | 469 | OPSTR_READ_CONTACTS, |
| 470 | OPSTR_WRITE_CONTACTS, |
| 471 | OPSTR_READ_CALL_LOG, |
| 472 | OPSTR_WRITE_CALL_LOG, |
| 473 | OPSTR_READ_CALENDAR, |
| 474 | OPSTR_WRITE_CALENDAR, |
| 475 | null, |
| 476 | null, |
| 477 | null, |
| 478 | OPSTR_CALL_PHONE, |
| 479 | OPSTR_READ_SMS, |
| 480 | null, |
| 481 | OPSTR_RECEIVE_SMS, |
| 482 | null, |
| 483 | OPSTR_RECEIVE_MMS, |
| 484 | OPSTR_RECEIVE_WAP_PUSH, |
| 485 | OPSTR_SEND_SMS, |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 486 | null, |
| 487 | null, |
Billy Lau | 24b9c83 | 2015-07-20 17:34:09 +0100 | [diff] [blame] | 488 | OPSTR_WRITE_SETTINGS, |
| 489 | OPSTR_SYSTEM_ALERT_WINDOW, |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 490 | null, |
Svet Ganov | b9d71a6 | 2015-04-30 10:38:13 -0700 | [diff] [blame] | 491 | OPSTR_CAMERA, |
| 492 | OPSTR_RECORD_AUDIO, |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 493 | null, |
| 494 | null, |
| 495 | null, |
| 496 | null, |
| 497 | null, |
| 498 | null, |
| 499 | null, |
| 500 | null, |
| 501 | null, |
| 502 | null, |
| 503 | null, |
| 504 | null, |
| 505 | null, |
| 506 | OPSTR_MONITOR_LOCATION, |
| 507 | OPSTR_MONITOR_HIGH_POWER_LOCATION, |
Dianne Hackborn | 5064e7c | 2014-09-02 10:57:16 -0700 | [diff] [blame] | 508 | OPSTR_GET_USAGE_STATS, |
Emily Bernier | 22c921a | 2014-05-28 11:01:32 -0400 | [diff] [blame] | 509 | null, |
Jason Monk | 1c7c319 | 2014-06-26 12:52:18 -0400 | [diff] [blame] | 510 | null, |
Michael Wright | c39d47a | 2014-07-08 18:07:36 -0700 | [diff] [blame] | 511 | null, |
Jeff Davidson | 0554260 | 2014-08-11 14:07:27 -0700 | [diff] [blame] | 512 | OPSTR_ACTIVATE_VPN, |
Benjamin Franz | f3ece36 | 2015-02-11 10:51:10 +0000 | [diff] [blame] | 513 | null, |
Dianne Hackborn | d59a5d5 | 2015-04-04 14:52:14 -0700 | [diff] [blame] | 514 | null, |
| 515 | null, |
Svet Ganov | b9d71a6 | 2015-04-30 10:38:13 -0700 | [diff] [blame] | 516 | OPSTR_READ_PHONE_STATE, |
| 517 | OPSTR_ADD_VOICEMAIL, |
| 518 | OPSTR_USE_SIP, |
Svet Ganov | 824ad6e | 2016-09-22 19:36:53 -0700 | [diff] [blame] | 519 | OPSTR_PROCESS_OUTGOING_CALLS, |
Svet Ganov | b9d71a6 | 2015-04-30 10:38:13 -0700 | [diff] [blame] | 520 | OPSTR_USE_FINGERPRINT, |
Svet Ganov | ede4316 | 2015-05-02 17:42:44 -0700 | [diff] [blame] | 521 | OPSTR_BODY_SENSORS, |
Svet Ganov | f7e9cf4 | 2015-05-13 10:40:31 -0700 | [diff] [blame] | 522 | OPSTR_READ_CELL_BROADCASTS, |
Svet Ganov | 921c7df | 2015-06-29 21:51:41 -0700 | [diff] [blame] | 523 | OPSTR_MOCK_LOCATION, |
| 524 | OPSTR_READ_EXTERNAL_STORAGE, |
Dianne Hackborn | 280a64e | 2015-07-13 14:48:08 -0700 | [diff] [blame] | 525 | OPSTR_WRITE_EXTERNAL_STORAGE, |
| 526 | null, |
Dianne Hackborn | bef28fe | 2015-10-29 17:57:11 -0700 | [diff] [blame] | 527 | OPSTR_GET_ACCOUNTS, |
| 528 | null, |
Jean-Michel Trivi | 3f0945a | 2016-11-11 10:05:18 -0800 | [diff] [blame] | 529 | null, // OP_AUDIO_ACCESSIBILITY_VOLUME |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 530 | }; |
| 531 | |
| 532 | /** |
Dianne Hackborn | f265ea9 | 2013-01-31 15:00:51 -0800 | [diff] [blame] | 533 | * This provides a simple name for each operation to be used |
| 534 | * in debug output. |
| 535 | */ |
Dianne Hackborn | 5e45ee6 | 2013-01-24 19:13:44 -0800 | [diff] [blame] | 536 | private static String[] sOpNames = new String[] { |
Dianne Hackborn | f265ea9 | 2013-01-31 15:00:51 -0800 | [diff] [blame] | 537 | "COARSE_LOCATION", |
| 538 | "FINE_LOCATION", |
| 539 | "GPS", |
| 540 | "VIBRATE", |
| 541 | "READ_CONTACTS", |
| 542 | "WRITE_CONTACTS", |
| 543 | "READ_CALL_LOG", |
| 544 | "WRITE_CALL_LOG", |
| 545 | "READ_CALENDAR", |
| 546 | "WRITE_CALENDAR", |
| 547 | "WIFI_SCAN", |
| 548 | "POST_NOTIFICATION", |
| 549 | "NEIGHBORING_CELLS", |
| 550 | "CALL_PHONE", |
Dianne Hackborn | f51f612 | 2013-02-04 18:23:34 -0800 | [diff] [blame] | 551 | "READ_SMS", |
| 552 | "WRITE_SMS", |
| 553 | "RECEIVE_SMS", |
| 554 | "RECEIVE_EMERGECY_SMS", |
| 555 | "RECEIVE_MMS", |
| 556 | "RECEIVE_WAP_PUSH", |
| 557 | "SEND_SMS", |
| 558 | "READ_ICC_SMS", |
| 559 | "WRITE_ICC_SMS", |
Dianne Hackborn | 961321f | 2013-02-05 17:22:41 -0800 | [diff] [blame] | 560 | "WRITE_SETTINGS", |
Dianne Hackborn | c229302 | 2013-02-06 23:14:49 -0800 | [diff] [blame] | 561 | "SYSTEM_ALERT_WINDOW", |
Daniel Sandler | fde19b1 | 2013-01-17 00:21:05 -0500 | [diff] [blame] | 562 | "ACCESS_NOTIFICATIONS", |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 563 | "CAMERA", |
| 564 | "RECORD_AUDIO", |
| 565 | "PLAY_AUDIO", |
Dianne Hackborn | efcc1a2 | 2013-02-25 18:02:35 -0800 | [diff] [blame] | 566 | "READ_CLIPBOARD", |
| 567 | "WRITE_CLIPBOARD", |
Dianne Hackborn | ba50b97c | 2013-04-30 15:04:46 -0700 | [diff] [blame] | 568 | "TAKE_MEDIA_BUTTONS", |
| 569 | "TAKE_AUDIO_FOCUS", |
| 570 | "AUDIO_MASTER_VOLUME", |
| 571 | "AUDIO_VOICE_VOLUME", |
| 572 | "AUDIO_RING_VOLUME", |
| 573 | "AUDIO_MEDIA_VOLUME", |
| 574 | "AUDIO_ALARM_VOLUME", |
| 575 | "AUDIO_NOTIFICATION_VOLUME", |
| 576 | "AUDIO_BLUETOOTH_VOLUME", |
Dianne Hackborn | 713df15 | 2013-05-17 11:27:57 -0700 | [diff] [blame] | 577 | "WAKE_LOCK", |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 578 | "MONITOR_LOCATION", |
David Christie | 0b83745 | 2013-07-29 16:02:13 -0700 | [diff] [blame] | 579 | "MONITOR_HIGH_POWER_LOCATION", |
Emily Bernier | 22c921a | 2014-05-28 11:01:32 -0400 | [diff] [blame] | 580 | "GET_USAGE_STATS", |
Michael Wright | c39d47a | 2014-07-08 18:07:36 -0700 | [diff] [blame] | 581 | "MUTE_MICROPHONE", |
Jason Monk | 1c7c319 | 2014-06-26 12:52:18 -0400 | [diff] [blame] | 582 | "TOAST_WINDOW", |
Michael Wright | c39d47a | 2014-07-08 18:07:36 -0700 | [diff] [blame] | 583 | "PROJECT_MEDIA", |
Jeff Davidson | 0554260 | 2014-08-11 14:07:27 -0700 | [diff] [blame] | 584 | "ACTIVATE_VPN", |
Benjamin Franz | f3ece36 | 2015-02-11 10:51:10 +0000 | [diff] [blame] | 585 | "WRITE_WALLPAPER", |
Dianne Hackborn | d59a5d5 | 2015-04-04 14:52:14 -0700 | [diff] [blame] | 586 | "ASSIST_STRUCTURE", |
Svet Ganov | 16a1689 | 2015-04-16 10:32:04 -0700 | [diff] [blame] | 587 | "ASSIST_SCREENSHOT", |
Svet Ganov | c330009 | 2015-04-17 09:07:22 -0700 | [diff] [blame] | 588 | "OP_READ_PHONE_STATE", |
Svetoslav | 5335b67 | 2015-04-29 12:00:51 -0700 | [diff] [blame] | 589 | "ADD_VOICEMAIL", |
Svetoslav | c656e6f | 2015-04-29 14:08:16 -0700 | [diff] [blame] | 590 | "USE_SIP", |
Svetoslav | 4af76a5 | 2015-04-29 15:29:46 -0700 | [diff] [blame] | 591 | "PROCESS_OUTGOING_CALLS", |
Svet Ganov | b9d71a6 | 2015-04-30 10:38:13 -0700 | [diff] [blame] | 592 | "USE_FINGERPRINT", |
Svet Ganov | ede4316 | 2015-05-02 17:42:44 -0700 | [diff] [blame] | 593 | "BODY_SENSORS", |
Svet Ganov | f7e9cf4 | 2015-05-13 10:40:31 -0700 | [diff] [blame] | 594 | "READ_CELL_BROADCASTS", |
Svet Ganov | 921c7df | 2015-06-29 21:51:41 -0700 | [diff] [blame] | 595 | "MOCK_LOCATION", |
Dianne Hackborn | 280a64e | 2015-07-13 14:48:08 -0700 | [diff] [blame] | 596 | "READ_EXTERNAL_STORAGE", |
| 597 | "WRITE_EXTERNAL_STORAGE", |
| 598 | "TURN_ON_SCREEN", |
Svetoslav | f3f02ac | 2015-09-08 14:36:35 -0700 | [diff] [blame] | 599 | "GET_ACCOUNTS", |
Dianne Hackborn | bef28fe | 2015-10-29 17:57:11 -0700 | [diff] [blame] | 600 | "RUN_IN_BACKGROUND", |
Jean-Michel Trivi | 3f0945a | 2016-11-11 10:05:18 -0800 | [diff] [blame] | 601 | "AUDIO_ACCESSIBILITY_VOLUME", |
Dianne Hackborn | 5e45ee6 | 2013-01-24 19:13:44 -0800 | [diff] [blame] | 602 | }; |
| 603 | |
Dianne Hackborn | f265ea9 | 2013-01-31 15:00:51 -0800 | [diff] [blame] | 604 | /** |
| 605 | * This optionally maps a permission to an operation. If there |
| 606 | * is no permission associated with an operation, it is null. |
| 607 | */ |
Dianne Hackborn | 5e45ee6 | 2013-01-24 19:13:44 -0800 | [diff] [blame] | 608 | private static String[] sOpPerms = new String[] { |
Dianne Hackborn | f265ea9 | 2013-01-31 15:00:51 -0800 | [diff] [blame] | 609 | android.Manifest.permission.ACCESS_COARSE_LOCATION, |
| 610 | android.Manifest.permission.ACCESS_FINE_LOCATION, |
| 611 | null, |
| 612 | android.Manifest.permission.VIBRATE, |
| 613 | android.Manifest.permission.READ_CONTACTS, |
| 614 | android.Manifest.permission.WRITE_CONTACTS, |
| 615 | android.Manifest.permission.READ_CALL_LOG, |
| 616 | android.Manifest.permission.WRITE_CALL_LOG, |
| 617 | android.Manifest.permission.READ_CALENDAR, |
| 618 | android.Manifest.permission.WRITE_CALENDAR, |
Dianne Hackborn | f265ea9 | 2013-01-31 15:00:51 -0800 | [diff] [blame] | 619 | android.Manifest.permission.ACCESS_WIFI_STATE, |
Robert Craig | f97616c | 2013-10-07 12:32:02 -0400 | [diff] [blame] | 620 | null, // no permission required for notifications |
Dianne Hackborn | f265ea9 | 2013-01-31 15:00:51 -0800 | [diff] [blame] | 621 | null, // neighboring cells shares the coarse location perm |
| 622 | android.Manifest.permission.CALL_PHONE, |
Dianne Hackborn | f51f612 | 2013-02-04 18:23:34 -0800 | [diff] [blame] | 623 | android.Manifest.permission.READ_SMS, |
Svetoslav | 6c58957 | 2015-04-16 16:19:24 -0700 | [diff] [blame] | 624 | null, // no permission required for writing sms |
Dianne Hackborn | f51f612 | 2013-02-04 18:23:34 -0800 | [diff] [blame] | 625 | android.Manifest.permission.RECEIVE_SMS, |
| 626 | android.Manifest.permission.RECEIVE_EMERGENCY_BROADCAST, |
| 627 | android.Manifest.permission.RECEIVE_MMS, |
| 628 | android.Manifest.permission.RECEIVE_WAP_PUSH, |
| 629 | android.Manifest.permission.SEND_SMS, |
| 630 | android.Manifest.permission.READ_SMS, |
Svetoslav | 6c58957 | 2015-04-16 16:19:24 -0700 | [diff] [blame] | 631 | null, // no permission required for writing icc sms |
Dianne Hackborn | 961321f | 2013-02-05 17:22:41 -0800 | [diff] [blame] | 632 | android.Manifest.permission.WRITE_SETTINGS, |
Dianne Hackborn | c229302 | 2013-02-06 23:14:49 -0800 | [diff] [blame] | 633 | android.Manifest.permission.SYSTEM_ALERT_WINDOW, |
Daniel Sandler | fde19b1 | 2013-01-17 00:21:05 -0500 | [diff] [blame] | 634 | android.Manifest.permission.ACCESS_NOTIFICATIONS, |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 635 | android.Manifest.permission.CAMERA, |
| 636 | android.Manifest.permission.RECORD_AUDIO, |
| 637 | null, // no permission for playing audio |
Dianne Hackborn | efcc1a2 | 2013-02-25 18:02:35 -0800 | [diff] [blame] | 638 | null, // no permission for reading clipboard |
| 639 | null, // no permission for writing clipboard |
Dianne Hackborn | ba50b97c | 2013-04-30 15:04:46 -0700 | [diff] [blame] | 640 | null, // no permission for taking media buttons |
| 641 | null, // no permission for taking audio focus |
| 642 | null, // no permission for changing master volume |
| 643 | null, // no permission for changing voice volume |
| 644 | null, // no permission for changing ring volume |
| 645 | null, // no permission for changing media volume |
| 646 | null, // no permission for changing alarm volume |
| 647 | null, // no permission for changing notification volume |
| 648 | null, // no permission for changing bluetooth volume |
Dianne Hackborn | 713df15 | 2013-05-17 11:27:57 -0700 | [diff] [blame] | 649 | android.Manifest.permission.WAKE_LOCK, |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 650 | null, // no permission for generic location monitoring |
David Christie | 0b83745 | 2013-07-29 16:02:13 -0700 | [diff] [blame] | 651 | null, // no permission for high power location monitoring |
Dianne Hackborn | e22b3b1 | 2014-05-07 18:06:44 -0700 | [diff] [blame] | 652 | android.Manifest.permission.PACKAGE_USAGE_STATS, |
Emily Bernier | 22c921a | 2014-05-28 11:01:32 -0400 | [diff] [blame] | 653 | null, // no permission for muting/unmuting microphone |
Jason Monk | 1c7c319 | 2014-06-26 12:52:18 -0400 | [diff] [blame] | 654 | null, // no permission for displaying toasts |
Michael Wright | c39d47a | 2014-07-08 18:07:36 -0700 | [diff] [blame] | 655 | null, // no permission for projecting media |
Jeff Davidson | 0554260 | 2014-08-11 14:07:27 -0700 | [diff] [blame] | 656 | null, // no permission for activating vpn |
Benjamin Franz | f3ece36 | 2015-02-11 10:51:10 +0000 | [diff] [blame] | 657 | null, // no permission for supporting wallpaper |
Dianne Hackborn | d59a5d5 | 2015-04-04 14:52:14 -0700 | [diff] [blame] | 658 | null, // no permission for receiving assist structure |
| 659 | null, // no permission for receiving assist screenshot |
Svet Ganov | c330009 | 2015-04-17 09:07:22 -0700 | [diff] [blame] | 660 | Manifest.permission.READ_PHONE_STATE, |
Svetoslav | 5335b67 | 2015-04-29 12:00:51 -0700 | [diff] [blame] | 661 | Manifest.permission.ADD_VOICEMAIL, |
Svetoslav | c656e6f | 2015-04-29 14:08:16 -0700 | [diff] [blame] | 662 | Manifest.permission.USE_SIP, |
Svetoslav | 4af76a5 | 2015-04-29 15:29:46 -0700 | [diff] [blame] | 663 | Manifest.permission.PROCESS_OUTGOING_CALLS, |
Svet Ganov | b9d71a6 | 2015-04-30 10:38:13 -0700 | [diff] [blame] | 664 | Manifest.permission.USE_FINGERPRINT, |
Svet Ganov | ede4316 | 2015-05-02 17:42:44 -0700 | [diff] [blame] | 665 | Manifest.permission.BODY_SENSORS, |
Svet Ganov | f7e9cf4 | 2015-05-13 10:40:31 -0700 | [diff] [blame] | 666 | Manifest.permission.READ_CELL_BROADCASTS, |
Svet Ganov | 921c7df | 2015-06-29 21:51:41 -0700 | [diff] [blame] | 667 | null, |
| 668 | Manifest.permission.READ_EXTERNAL_STORAGE, |
| 669 | Manifest.permission.WRITE_EXTERNAL_STORAGE, |
Dianne Hackborn | 280a64e | 2015-07-13 14:48:08 -0700 | [diff] [blame] | 670 | null, // no permission for turning the screen on |
Dianne Hackborn | bef28fe | 2015-10-29 17:57:11 -0700 | [diff] [blame] | 671 | Manifest.permission.GET_ACCOUNTS, |
| 672 | null, // no permission for running in background |
Jean-Michel Trivi | 3f0945a | 2016-11-11 10:05:18 -0800 | [diff] [blame] | 673 | null, // no permission for changing accessibility volume |
Dianne Hackborn | 5e45ee6 | 2013-01-24 19:13:44 -0800 | [diff] [blame] | 674 | }; |
| 675 | |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 676 | /** |
Jason Monk | 6206299 | 2014-05-06 09:55:28 -0400 | [diff] [blame] | 677 | * Specifies whether an Op should be restricted by a user restriction. |
| 678 | * Each Op should be filled with a restriction string from UserManager or |
| 679 | * null to specify it is not affected by any user restriction. |
| 680 | */ |
| 681 | private static String[] sOpRestrictions = new String[] { |
Julia Reynolds | 9854d57 | 2014-07-02 14:46:02 -0400 | [diff] [blame] | 682 | UserManager.DISALLOW_SHARE_LOCATION, //COARSE_LOCATION |
| 683 | UserManager.DISALLOW_SHARE_LOCATION, //FINE_LOCATION |
| 684 | UserManager.DISALLOW_SHARE_LOCATION, //GPS |
Jason Monk | 6206299 | 2014-05-06 09:55:28 -0400 | [diff] [blame] | 685 | null, //VIBRATE |
| 686 | null, //READ_CONTACTS |
| 687 | null, //WRITE_CONTACTS |
Yorke Lee | 15f83c6 | 2014-08-13 14:14:29 -0700 | [diff] [blame] | 688 | UserManager.DISALLOW_OUTGOING_CALLS, //READ_CALL_LOG |
| 689 | UserManager.DISALLOW_OUTGOING_CALLS, //WRITE_CALL_LOG |
Jason Monk | 6206299 | 2014-05-06 09:55:28 -0400 | [diff] [blame] | 690 | null, //READ_CALENDAR |
| 691 | null, //WRITE_CALENDAR |
Julia Reynolds | 9854d57 | 2014-07-02 14:46:02 -0400 | [diff] [blame] | 692 | UserManager.DISALLOW_SHARE_LOCATION, //WIFI_SCAN |
Jason Monk | 6206299 | 2014-05-06 09:55:28 -0400 | [diff] [blame] | 693 | null, //POST_NOTIFICATION |
| 694 | null, //NEIGHBORING_CELLS |
| 695 | null, //CALL_PHONE |
Amith Yamasani | 41c1ded | 2014-08-05 11:15:05 -0700 | [diff] [blame] | 696 | UserManager.DISALLOW_SMS, //READ_SMS |
| 697 | UserManager.DISALLOW_SMS, //WRITE_SMS |
| 698 | UserManager.DISALLOW_SMS, //RECEIVE_SMS |
| 699 | null, //RECEIVE_EMERGENCY_SMS |
| 700 | UserManager.DISALLOW_SMS, //RECEIVE_MMS |
Jason Monk | 6206299 | 2014-05-06 09:55:28 -0400 | [diff] [blame] | 701 | null, //RECEIVE_WAP_PUSH |
Amith Yamasani | 41c1ded | 2014-08-05 11:15:05 -0700 | [diff] [blame] | 702 | UserManager.DISALLOW_SMS, //SEND_SMS |
| 703 | UserManager.DISALLOW_SMS, //READ_ICC_SMS |
| 704 | UserManager.DISALLOW_SMS, //WRITE_ICC_SMS |
Jason Monk | 6206299 | 2014-05-06 09:55:28 -0400 | [diff] [blame] | 705 | null, //WRITE_SETTINGS |
Jason Monk | 1c7c319 | 2014-06-26 12:52:18 -0400 | [diff] [blame] | 706 | UserManager.DISALLOW_CREATE_WINDOWS, //SYSTEM_ALERT_WINDOW |
Jason Monk | 6206299 | 2014-05-06 09:55:28 -0400 | [diff] [blame] | 707 | null, //ACCESS_NOTIFICATIONS |
Makoto Onuki | 759a763 | 2015-10-28 16:43:10 -0700 | [diff] [blame] | 708 | UserManager.DISALLOW_CAMERA, //CAMERA |
Fyodor Kupolov | b501330 | 2015-04-17 17:59:14 -0700 | [diff] [blame] | 709 | UserManager.DISALLOW_RECORD_AUDIO, //RECORD_AUDIO |
Jason Monk | 6206299 | 2014-05-06 09:55:28 -0400 | [diff] [blame] | 710 | null, //PLAY_AUDIO |
| 711 | null, //READ_CLIPBOARD |
| 712 | null, //WRITE_CLIPBOARD |
| 713 | null, //TAKE_MEDIA_BUTTONS |
| 714 | null, //TAKE_AUDIO_FOCUS |
Emily Bernier | 45775c4 | 2014-05-16 15:12:04 -0400 | [diff] [blame] | 715 | UserManager.DISALLOW_ADJUST_VOLUME, //AUDIO_MASTER_VOLUME |
| 716 | UserManager.DISALLOW_ADJUST_VOLUME, //AUDIO_VOICE_VOLUME |
| 717 | UserManager.DISALLOW_ADJUST_VOLUME, //AUDIO_RING_VOLUME |
| 718 | UserManager.DISALLOW_ADJUST_VOLUME, //AUDIO_MEDIA_VOLUME |
| 719 | UserManager.DISALLOW_ADJUST_VOLUME, //AUDIO_ALARM_VOLUME |
| 720 | UserManager.DISALLOW_ADJUST_VOLUME, //AUDIO_NOTIFICATION_VOLUME |
| 721 | UserManager.DISALLOW_ADJUST_VOLUME, //AUDIO_BLUETOOTH_VOLUME |
Jason Monk | 6206299 | 2014-05-06 09:55:28 -0400 | [diff] [blame] | 722 | null, //WAKE_LOCK |
Julia Reynolds | 9854d57 | 2014-07-02 14:46:02 -0400 | [diff] [blame] | 723 | UserManager.DISALLOW_SHARE_LOCATION, //MONITOR_LOCATION |
| 724 | UserManager.DISALLOW_SHARE_LOCATION, //MONITOR_HIGH_POWER_LOCATION |
Jason Monk | 6206299 | 2014-05-06 09:55:28 -0400 | [diff] [blame] | 725 | null, //GET_USAGE_STATS |
Emily Bernier | 22c921a | 2014-05-28 11:01:32 -0400 | [diff] [blame] | 726 | UserManager.DISALLOW_UNMUTE_MICROPHONE, // MUTE_MICROPHONE |
Jason Monk | 1c7c319 | 2014-06-26 12:52:18 -0400 | [diff] [blame] | 727 | UserManager.DISALLOW_CREATE_WINDOWS, // TOAST_WINDOW |
Michael Wright | c39d47a | 2014-07-08 18:07:36 -0700 | [diff] [blame] | 728 | null, //PROJECT_MEDIA |
Tony Mak | 33d03a9 | 2016-06-02 15:01:16 +0100 | [diff] [blame] | 729 | null, // ACTIVATE_VPN |
Benjamin Franz | f3ece36 | 2015-02-11 10:51:10 +0000 | [diff] [blame] | 730 | UserManager.DISALLOW_WALLPAPER, // WRITE_WALLPAPER |
Dianne Hackborn | d59a5d5 | 2015-04-04 14:52:14 -0700 | [diff] [blame] | 731 | null, // ASSIST_STRUCTURE |
| 732 | null, // ASSIST_SCREENSHOT |
Svet Ganov | c330009 | 2015-04-17 09:07:22 -0700 | [diff] [blame] | 733 | null, // READ_PHONE_STATE |
Svetoslav | 5335b67 | 2015-04-29 12:00:51 -0700 | [diff] [blame] | 734 | null, // ADD_VOICEMAIL |
Svetoslav | c656e6f | 2015-04-29 14:08:16 -0700 | [diff] [blame] | 735 | null, // USE_SIP |
Svetoslav | 4af76a5 | 2015-04-29 15:29:46 -0700 | [diff] [blame] | 736 | null, // PROCESS_OUTGOING_CALLS |
Svet Ganov | b9d71a6 | 2015-04-30 10:38:13 -0700 | [diff] [blame] | 737 | null, // USE_FINGERPRINT |
Svet Ganov | ede4316 | 2015-05-02 17:42:44 -0700 | [diff] [blame] | 738 | null, // BODY_SENSORS |
Svet Ganov | f7e9cf4 | 2015-05-13 10:40:31 -0700 | [diff] [blame] | 739 | null, // READ_CELL_BROADCASTS |
Svet Ganov | 921c7df | 2015-06-29 21:51:41 -0700 | [diff] [blame] | 740 | null, // MOCK_LOCATION |
| 741 | null, // READ_EXTERNAL_STORAGE |
Dianne Hackborn | 280a64e | 2015-07-13 14:48:08 -0700 | [diff] [blame] | 742 | null, // WRITE_EXTERNAL_STORAGE |
| 743 | null, // TURN_ON_SCREEN |
Svetoslav | f3f02ac | 2015-09-08 14:36:35 -0700 | [diff] [blame] | 744 | null, // GET_ACCOUNTS |
Dianne Hackborn | bef28fe | 2015-10-29 17:57:11 -0700 | [diff] [blame] | 745 | null, // RUN_IN_BACKGROUND |
Jean-Michel Trivi | 3f0945a | 2016-11-11 10:05:18 -0800 | [diff] [blame] | 746 | UserManager.DISALLOW_ADJUST_VOLUME, //AUDIO_ACCESSIBILITY_VOLUME |
Jason Monk | 1c7c319 | 2014-06-26 12:52:18 -0400 | [diff] [blame] | 747 | }; |
| 748 | |
| 749 | /** |
| 750 | * This specifies whether each option should allow the system |
| 751 | * (and system ui) to bypass the user restriction when active. |
| 752 | */ |
| 753 | private static boolean[] sOpAllowSystemRestrictionBypass = new boolean[] { |
Fyodor Kupolov | 639e73d | 2016-02-25 11:58:21 -0800 | [diff] [blame] | 754 | true, //COARSE_LOCATION |
| 755 | true, //FINE_LOCATION |
Jason Monk | 1c7c319 | 2014-06-26 12:52:18 -0400 | [diff] [blame] | 756 | false, //GPS |
| 757 | false, //VIBRATE |
| 758 | false, //READ_CONTACTS |
| 759 | false, //WRITE_CONTACTS |
| 760 | false, //READ_CALL_LOG |
| 761 | false, //WRITE_CALL_LOG |
| 762 | false, //READ_CALENDAR |
| 763 | false, //WRITE_CALENDAR |
Julia Reynolds | 9854d57 | 2014-07-02 14:46:02 -0400 | [diff] [blame] | 764 | true, //WIFI_SCAN |
Jason Monk | 1c7c319 | 2014-06-26 12:52:18 -0400 | [diff] [blame] | 765 | false, //POST_NOTIFICATION |
| 766 | false, //NEIGHBORING_CELLS |
| 767 | false, //CALL_PHONE |
| 768 | false, //READ_SMS |
| 769 | false, //WRITE_SMS |
| 770 | false, //RECEIVE_SMS |
| 771 | false, //RECEIVE_EMERGECY_SMS |
| 772 | false, //RECEIVE_MMS |
| 773 | false, //RECEIVE_WAP_PUSH |
| 774 | false, //SEND_SMS |
| 775 | false, //READ_ICC_SMS |
| 776 | false, //WRITE_ICC_SMS |
| 777 | false, //WRITE_SETTINGS |
| 778 | true, //SYSTEM_ALERT_WINDOW |
| 779 | false, //ACCESS_NOTIFICATIONS |
| 780 | false, //CAMERA |
| 781 | false, //RECORD_AUDIO |
| 782 | false, //PLAY_AUDIO |
| 783 | false, //READ_CLIPBOARD |
| 784 | false, //WRITE_CLIPBOARD |
| 785 | false, //TAKE_MEDIA_BUTTONS |
| 786 | false, //TAKE_AUDIO_FOCUS |
| 787 | false, //AUDIO_MASTER_VOLUME |
| 788 | false, //AUDIO_VOICE_VOLUME |
| 789 | false, //AUDIO_RING_VOLUME |
| 790 | false, //AUDIO_MEDIA_VOLUME |
| 791 | false, //AUDIO_ALARM_VOLUME |
| 792 | false, //AUDIO_NOTIFICATION_VOLUME |
| 793 | false, //AUDIO_BLUETOOTH_VOLUME |
| 794 | false, //WAKE_LOCK |
| 795 | false, //MONITOR_LOCATION |
| 796 | false, //MONITOR_HIGH_POWER_LOCATION |
| 797 | false, //GET_USAGE_STATS |
Michael Wright | c39d47a | 2014-07-08 18:07:36 -0700 | [diff] [blame] | 798 | false, //MUTE_MICROPHONE |
| 799 | true, //TOAST_WINDOW |
| 800 | false, //PROJECT_MEDIA |
Jeff Davidson | 0554260 | 2014-08-11 14:07:27 -0700 | [diff] [blame] | 801 | false, //ACTIVATE_VPN |
Benjamin Franz | f3ece36 | 2015-02-11 10:51:10 +0000 | [diff] [blame] | 802 | false, //WALLPAPER |
Dianne Hackborn | d59a5d5 | 2015-04-04 14:52:14 -0700 | [diff] [blame] | 803 | false, //ASSIST_STRUCTURE |
| 804 | false, //ASSIST_SCREENSHOT |
Svet Ganov | 16a1689 | 2015-04-16 10:32:04 -0700 | [diff] [blame] | 805 | false, //READ_PHONE_STATE |
Svetoslav | 5335b67 | 2015-04-29 12:00:51 -0700 | [diff] [blame] | 806 | false, //ADD_VOICEMAIL |
Svetoslav | c656e6f | 2015-04-29 14:08:16 -0700 | [diff] [blame] | 807 | false, // USE_SIP |
Svetoslav | 4af76a5 | 2015-04-29 15:29:46 -0700 | [diff] [blame] | 808 | false, // PROCESS_OUTGOING_CALLS |
Svet Ganov | b9d71a6 | 2015-04-30 10:38:13 -0700 | [diff] [blame] | 809 | false, // USE_FINGERPRINT |
Svet Ganov | ede4316 | 2015-05-02 17:42:44 -0700 | [diff] [blame] | 810 | false, // BODY_SENSORS |
Svet Ganov | f7e9cf4 | 2015-05-13 10:40:31 -0700 | [diff] [blame] | 811 | false, // READ_CELL_BROADCASTS |
Svet Ganov | 921c7df | 2015-06-29 21:51:41 -0700 | [diff] [blame] | 812 | false, // MOCK_LOCATION |
| 813 | false, // READ_EXTERNAL_STORAGE |
Dianne Hackborn | 280a64e | 2015-07-13 14:48:08 -0700 | [diff] [blame] | 814 | false, // WRITE_EXTERNAL_STORAGE |
| 815 | false, // TURN_ON_SCREEN |
Svetoslav | f3f02ac | 2015-09-08 14:36:35 -0700 | [diff] [blame] | 816 | false, // GET_ACCOUNTS |
Dianne Hackborn | bef28fe | 2015-10-29 17:57:11 -0700 | [diff] [blame] | 817 | false, // RUN_IN_BACKGROUND |
Jean-Michel Trivi | 3f0945a | 2016-11-11 10:05:18 -0800 | [diff] [blame] | 818 | false, // AUDIO_ACCESSIBILITY_VOLUME |
Jason Monk | 6206299 | 2014-05-06 09:55:28 -0400 | [diff] [blame] | 819 | }; |
| 820 | |
| 821 | /** |
David Braun | f5d8319 | 2013-09-16 13:43:51 -0700 | [diff] [blame] | 822 | * This specifies the default mode for each operation. |
| 823 | */ |
| 824 | private static int[] sOpDefaultMode = new int[] { |
| 825 | AppOpsManager.MODE_ALLOWED, |
| 826 | AppOpsManager.MODE_ALLOWED, |
| 827 | AppOpsManager.MODE_ALLOWED, |
| 828 | AppOpsManager.MODE_ALLOWED, |
| 829 | AppOpsManager.MODE_ALLOWED, |
| 830 | AppOpsManager.MODE_ALLOWED, |
| 831 | AppOpsManager.MODE_ALLOWED, |
| 832 | AppOpsManager.MODE_ALLOWED, |
| 833 | AppOpsManager.MODE_ALLOWED, |
| 834 | AppOpsManager.MODE_ALLOWED, |
| 835 | AppOpsManager.MODE_ALLOWED, |
| 836 | AppOpsManager.MODE_ALLOWED, |
| 837 | AppOpsManager.MODE_ALLOWED, |
| 838 | AppOpsManager.MODE_ALLOWED, |
| 839 | AppOpsManager.MODE_ALLOWED, |
| 840 | AppOpsManager.MODE_IGNORED, // OP_WRITE_SMS |
| 841 | AppOpsManager.MODE_ALLOWED, |
| 842 | AppOpsManager.MODE_ALLOWED, |
| 843 | AppOpsManager.MODE_ALLOWED, |
| 844 | AppOpsManager.MODE_ALLOWED, |
| 845 | AppOpsManager.MODE_ALLOWED, |
| 846 | AppOpsManager.MODE_ALLOWED, |
| 847 | AppOpsManager.MODE_ALLOWED, |
Billy Lau | 6ad2d66 | 2015-07-18 00:26:58 +0100 | [diff] [blame] | 848 | AppOpsManager.MODE_DEFAULT, // OP_WRITE_SETTINGS |
Billy Lau | 060275f | 2015-07-15 22:29:19 +0100 | [diff] [blame] | 849 | AppOpsManager.MODE_DEFAULT, // OP_SYSTEM_ALERT_WINDOW |
David Braun | f5d8319 | 2013-09-16 13:43:51 -0700 | [diff] [blame] | 850 | AppOpsManager.MODE_ALLOWED, |
| 851 | AppOpsManager.MODE_ALLOWED, |
| 852 | AppOpsManager.MODE_ALLOWED, |
| 853 | AppOpsManager.MODE_ALLOWED, |
| 854 | AppOpsManager.MODE_ALLOWED, |
| 855 | AppOpsManager.MODE_ALLOWED, |
| 856 | AppOpsManager.MODE_ALLOWED, |
| 857 | AppOpsManager.MODE_ALLOWED, |
| 858 | AppOpsManager.MODE_ALLOWED, |
| 859 | AppOpsManager.MODE_ALLOWED, |
| 860 | AppOpsManager.MODE_ALLOWED, |
| 861 | AppOpsManager.MODE_ALLOWED, |
| 862 | AppOpsManager.MODE_ALLOWED, |
| 863 | AppOpsManager.MODE_ALLOWED, |
| 864 | AppOpsManager.MODE_ALLOWED, |
| 865 | AppOpsManager.MODE_ALLOWED, |
| 866 | AppOpsManager.MODE_ALLOWED, |
| 867 | AppOpsManager.MODE_ALLOWED, |
Dianne Hackborn | 33f5ddd | 2014-07-21 15:35:45 -0700 | [diff] [blame] | 868 | AppOpsManager.MODE_DEFAULT, // OP_GET_USAGE_STATS |
Emily Bernier | 22c921a | 2014-05-28 11:01:32 -0400 | [diff] [blame] | 869 | AppOpsManager.MODE_ALLOWED, |
Jason Monk | 1c7c319 | 2014-06-26 12:52:18 -0400 | [diff] [blame] | 870 | AppOpsManager.MODE_ALLOWED, |
Michael Wright | c39d47a | 2014-07-08 18:07:36 -0700 | [diff] [blame] | 871 | AppOpsManager.MODE_IGNORED, // OP_PROJECT_MEDIA |
Jeff Davidson | 0554260 | 2014-08-11 14:07:27 -0700 | [diff] [blame] | 872 | AppOpsManager.MODE_IGNORED, // OP_ACTIVATE_VPN |
Benjamin Franz | f3ece36 | 2015-02-11 10:51:10 +0000 | [diff] [blame] | 873 | AppOpsManager.MODE_ALLOWED, |
Dianne Hackborn | d59a5d5 | 2015-04-04 14:52:14 -0700 | [diff] [blame] | 874 | AppOpsManager.MODE_ALLOWED, |
| 875 | AppOpsManager.MODE_ALLOWED, |
Svet Ganov | c330009 | 2015-04-17 09:07:22 -0700 | [diff] [blame] | 876 | AppOpsManager.MODE_ALLOWED, |
Svetoslav | 5335b67 | 2015-04-29 12:00:51 -0700 | [diff] [blame] | 877 | AppOpsManager.MODE_ALLOWED, |
Svetoslav | c656e6f | 2015-04-29 14:08:16 -0700 | [diff] [blame] | 878 | AppOpsManager.MODE_ALLOWED, |
Svetoslav | 4af76a5 | 2015-04-29 15:29:46 -0700 | [diff] [blame] | 879 | AppOpsManager.MODE_ALLOWED, |
Svet Ganov | b9d71a6 | 2015-04-30 10:38:13 -0700 | [diff] [blame] | 880 | AppOpsManager.MODE_ALLOWED, |
Svet Ganov | ede4316 | 2015-05-02 17:42:44 -0700 | [diff] [blame] | 881 | AppOpsManager.MODE_ALLOWED, |
Svet Ganov | f7e9cf4 | 2015-05-13 10:40:31 -0700 | [diff] [blame] | 882 | AppOpsManager.MODE_ALLOWED, |
Svet Ganov | 921c7df | 2015-06-29 21:51:41 -0700 | [diff] [blame] | 883 | AppOpsManager.MODE_ERRORED, // OP_MOCK_LOCATION |
| 884 | AppOpsManager.MODE_ALLOWED, |
Dianne Hackborn | 280a64e | 2015-07-13 14:48:08 -0700 | [diff] [blame] | 885 | AppOpsManager.MODE_ALLOWED, |
| 886 | AppOpsManager.MODE_ALLOWED, // OP_TURN_ON_SCREEN |
Svetoslav | f3f02ac | 2015-09-08 14:36:35 -0700 | [diff] [blame] | 887 | AppOpsManager.MODE_ALLOWED, |
Dianne Hackborn | bef28fe | 2015-10-29 17:57:11 -0700 | [diff] [blame] | 888 | AppOpsManager.MODE_ALLOWED, // OP_RUN_IN_BACKGROUND |
Jean-Michel Trivi | 3f0945a | 2016-11-11 10:05:18 -0800 | [diff] [blame] | 889 | AppOpsManager.MODE_ALLOWED, // OP_AUDIO_ACCESSIBILITY_VOLUME |
David Braun | f5d8319 | 2013-09-16 13:43:51 -0700 | [diff] [blame] | 890 | }; |
| 891 | |
Dianne Hackborn | 8828d3a | 2013-09-25 16:47:10 -0700 | [diff] [blame] | 892 | /** |
| 893 | * This specifies whether each option is allowed to be reset |
| 894 | * when resetting all app preferences. Disable reset for |
| 895 | * app ops that are under strong control of some part of the |
| 896 | * system (such as OP_WRITE_SMS, which should be allowed only |
| 897 | * for whichever app is selected as the current SMS app). |
| 898 | */ |
| 899 | private static boolean[] sOpDisableReset = new boolean[] { |
| 900 | false, |
| 901 | false, |
| 902 | false, |
| 903 | false, |
| 904 | false, |
| 905 | false, |
| 906 | false, |
| 907 | false, |
| 908 | false, |
| 909 | false, |
| 910 | false, |
| 911 | false, |
| 912 | false, |
| 913 | false, |
| 914 | false, |
| 915 | true, // OP_WRITE_SMS |
| 916 | false, |
| 917 | false, |
| 918 | false, |
| 919 | false, |
| 920 | false, |
| 921 | false, |
| 922 | false, |
| 923 | false, |
| 924 | false, |
| 925 | false, |
| 926 | false, |
| 927 | false, |
| 928 | false, |
| 929 | false, |
| 930 | false, |
| 931 | false, |
| 932 | false, |
| 933 | false, |
| 934 | false, |
| 935 | false, |
| 936 | false, |
| 937 | false, |
| 938 | false, |
| 939 | false, |
| 940 | false, |
| 941 | false, |
| 942 | false, |
Dianne Hackborn | e22b3b1 | 2014-05-07 18:06:44 -0700 | [diff] [blame] | 943 | false, |
Emily Bernier | 22c921a | 2014-05-28 11:01:32 -0400 | [diff] [blame] | 944 | false, |
Jason Monk | 1c7c319 | 2014-06-26 12:52:18 -0400 | [diff] [blame] | 945 | false, |
Michael Wright | c39d47a | 2014-07-08 18:07:36 -0700 | [diff] [blame] | 946 | false, |
Jeff Davidson | 0554260 | 2014-08-11 14:07:27 -0700 | [diff] [blame] | 947 | false, |
Benjamin Franz | f3ece36 | 2015-02-11 10:51:10 +0000 | [diff] [blame] | 948 | false, |
Dianne Hackborn | d59a5d5 | 2015-04-04 14:52:14 -0700 | [diff] [blame] | 949 | false, |
| 950 | false, |
Svet Ganov | c330009 | 2015-04-17 09:07:22 -0700 | [diff] [blame] | 951 | false, |
Svetoslav | 5335b67 | 2015-04-29 12:00:51 -0700 | [diff] [blame] | 952 | false, |
Svetoslav | c656e6f | 2015-04-29 14:08:16 -0700 | [diff] [blame] | 953 | false, |
Svetoslav | 4af76a5 | 2015-04-29 15:29:46 -0700 | [diff] [blame] | 954 | false, |
Svet Ganov | b9d71a6 | 2015-04-30 10:38:13 -0700 | [diff] [blame] | 955 | false, |
Svet Ganov | ede4316 | 2015-05-02 17:42:44 -0700 | [diff] [blame] | 956 | false, |
Svet Ganov | f7e9cf4 | 2015-05-13 10:40:31 -0700 | [diff] [blame] | 957 | false, |
Svet Ganov | 921c7df | 2015-06-29 21:51:41 -0700 | [diff] [blame] | 958 | false, |
| 959 | false, |
Dianne Hackborn | 280a64e | 2015-07-13 14:48:08 -0700 | [diff] [blame] | 960 | false, |
| 961 | false, |
Dianne Hackborn | bef28fe | 2015-10-29 17:57:11 -0700 | [diff] [blame] | 962 | false, |
| 963 | false, |
Jean-Michel Trivi | 3f0945a | 2016-11-11 10:05:18 -0800 | [diff] [blame] | 964 | false, // OP_AUDIO_ACCESSIBILITY_VOLUME |
Dianne Hackborn | 8828d3a | 2013-09-25 16:47:10 -0700 | [diff] [blame] | 965 | }; |
| 966 | |
Svet Ganov | fbf01f7 | 2015-04-28 18:39:06 -0700 | [diff] [blame] | 967 | /** |
Svet Ganov | b9d71a6 | 2015-04-30 10:38:13 -0700 | [diff] [blame] | 968 | * Mapping from an app op name to the app op code. |
Svet Ganov | fbf01f7 | 2015-04-28 18:39:06 -0700 | [diff] [blame] | 969 | */ |
Svet Ganov | b9d71a6 | 2015-04-30 10:38:13 -0700 | [diff] [blame] | 970 | private static HashMap<String, Integer> sOpStrToOp = new HashMap<>(); |
Svet Ganov | fbf01f7 | 2015-04-28 18:39:06 -0700 | [diff] [blame] | 971 | |
Svet Ganov | b9d71a6 | 2015-04-30 10:38:13 -0700 | [diff] [blame] | 972 | /** |
| 973 | * Mapping from a permission to the corresponding app op. |
| 974 | */ |
Svetoslav Ganov | eaca4c5 | 2016-05-05 18:08:00 -0700 | [diff] [blame] | 975 | private static HashMap<String, Integer> sRuntimePermToOp = new HashMap<>(); |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 976 | |
| 977 | static { |
| 978 | if (sOpToSwitch.length != _NUM_OP) { |
Dianne Hackborn | 8828d3a | 2013-09-25 16:47:10 -0700 | [diff] [blame] | 979 | throw new IllegalStateException("sOpToSwitch length " + sOpToSwitch.length |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 980 | + " should be " + _NUM_OP); |
| 981 | } |
| 982 | if (sOpToString.length != _NUM_OP) { |
Dianne Hackborn | 8828d3a | 2013-09-25 16:47:10 -0700 | [diff] [blame] | 983 | throw new IllegalStateException("sOpToString length " + sOpToString.length |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 984 | + " should be " + _NUM_OP); |
| 985 | } |
| 986 | if (sOpNames.length != _NUM_OP) { |
Dianne Hackborn | 8828d3a | 2013-09-25 16:47:10 -0700 | [diff] [blame] | 987 | throw new IllegalStateException("sOpNames length " + sOpNames.length |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 988 | + " should be " + _NUM_OP); |
| 989 | } |
| 990 | if (sOpPerms.length != _NUM_OP) { |
Dianne Hackborn | 8828d3a | 2013-09-25 16:47:10 -0700 | [diff] [blame] | 991 | throw new IllegalStateException("sOpPerms length " + sOpPerms.length |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 992 | + " should be " + _NUM_OP); |
| 993 | } |
| 994 | if (sOpDefaultMode.length != _NUM_OP) { |
Dianne Hackborn | 8828d3a | 2013-09-25 16:47:10 -0700 | [diff] [blame] | 995 | throw new IllegalStateException("sOpDefaultMode length " + sOpDefaultMode.length |
| 996 | + " should be " + _NUM_OP); |
| 997 | } |
| 998 | if (sOpDisableReset.length != _NUM_OP) { |
| 999 | throw new IllegalStateException("sOpDisableReset length " + sOpDisableReset.length |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 1000 | + " should be " + _NUM_OP); |
| 1001 | } |
Jason Monk | 6206299 | 2014-05-06 09:55:28 -0400 | [diff] [blame] | 1002 | if (sOpRestrictions.length != _NUM_OP) { |
| 1003 | throw new IllegalStateException("sOpRestrictions length " + sOpRestrictions.length |
| 1004 | + " should be " + _NUM_OP); |
| 1005 | } |
Jason Monk | 1c7c319 | 2014-06-26 12:52:18 -0400 | [diff] [blame] | 1006 | if (sOpAllowSystemRestrictionBypass.length != _NUM_OP) { |
| 1007 | throw new IllegalStateException("sOpAllowSYstemRestrictionsBypass length " |
| 1008 | + sOpRestrictions.length + " should be " + _NUM_OP); |
| 1009 | } |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 1010 | for (int i=0; i<_NUM_OP; i++) { |
| 1011 | if (sOpToString[i] != null) { |
| 1012 | sOpStrToOp.put(sOpToString[i], i); |
| 1013 | } |
| 1014 | } |
Svetoslav Ganov | eaca4c5 | 2016-05-05 18:08:00 -0700 | [diff] [blame] | 1015 | for (int op : RUNTIME_PERMISSIONS_OPS) { |
| 1016 | if (sOpPerms[op] != null) { |
| 1017 | sRuntimePermToOp.put(sOpPerms[op], op); |
Svet Ganov | b9d71a6 | 2015-04-30 10:38:13 -0700 | [diff] [blame] | 1018 | } |
| 1019 | } |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 1020 | } |
| 1021 | |
David Braun | f5d8319 | 2013-09-16 13:43:51 -0700 | [diff] [blame] | 1022 | /** |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 1023 | * Retrieve the op switch that controls the given operation. |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1024 | * @hide |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 1025 | */ |
Dianne Hackborn | f265ea9 | 2013-01-31 15:00:51 -0800 | [diff] [blame] | 1026 | public static int opToSwitch(int op) { |
| 1027 | return sOpToSwitch[op]; |
| 1028 | } |
| 1029 | |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 1030 | /** |
| 1031 | * Retrieve a non-localized name for the operation, for debugging output. |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 1032 | * @hide |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 1033 | */ |
Dianne Hackborn | 5e45ee6 | 2013-01-24 19:13:44 -0800 | [diff] [blame] | 1034 | public static String opToName(int op) { |
Dianne Hackborn | c229302 | 2013-02-06 23:14:49 -0800 | [diff] [blame] | 1035 | if (op == OP_NONE) return "NONE"; |
Dianne Hackborn | 5e45ee6 | 2013-01-24 19:13:44 -0800 | [diff] [blame] | 1036 | return op < sOpNames.length ? sOpNames[op] : ("Unknown(" + op + ")"); |
| 1037 | } |
| 1038 | |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 1039 | /** |
Dianne Hackborn | 7b7c58b | 2014-12-02 18:32:20 -0800 | [diff] [blame] | 1040 | * @hide |
| 1041 | */ |
| 1042 | public static int strDebugOpToOp(String op) { |
| 1043 | for (int i=0; i<sOpNames.length; i++) { |
| 1044 | if (sOpNames[i].equals(op)) { |
| 1045 | return i; |
| 1046 | } |
| 1047 | } |
| 1048 | throw new IllegalArgumentException("Unknown operation string: " + op); |
| 1049 | } |
| 1050 | |
| 1051 | /** |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 1052 | * Retrieve the permission associated with an operation, or null if there is not one. |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1053 | * @hide |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 1054 | */ |
Dianne Hackborn | 5e45ee6 | 2013-01-24 19:13:44 -0800 | [diff] [blame] | 1055 | public static String opToPermission(int op) { |
| 1056 | return sOpPerms[op]; |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1057 | } |
| 1058 | |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 1059 | /** |
Jason Monk | 6206299 | 2014-05-06 09:55:28 -0400 | [diff] [blame] | 1060 | * Retrieve the user restriction associated with an operation, or null if there is not one. |
| 1061 | * @hide |
| 1062 | */ |
| 1063 | public static String opToRestriction(int op) { |
| 1064 | return sOpRestrictions[op]; |
| 1065 | } |
| 1066 | |
| 1067 | /** |
Svet Ganov | b9d71a6 | 2015-04-30 10:38:13 -0700 | [diff] [blame] | 1068 | * Retrieve the app op code for a permission, or null if there is not one. |
Svetoslav Ganov | eaca4c5 | 2016-05-05 18:08:00 -0700 | [diff] [blame] | 1069 | * This API is intended to be used for mapping runtime permissions to the |
| 1070 | * corresponding app op. |
Svet Ganov | b9d71a6 | 2015-04-30 10:38:13 -0700 | [diff] [blame] | 1071 | * @hide |
| 1072 | */ |
| 1073 | public static int permissionToOpCode(String permission) { |
Svetoslav Ganov | eaca4c5 | 2016-05-05 18:08:00 -0700 | [diff] [blame] | 1074 | Integer boxedOpCode = sRuntimePermToOp.get(permission); |
Svet Ganov | 019d230 | 2015-05-04 11:07:38 -0700 | [diff] [blame] | 1075 | return boxedOpCode != null ? boxedOpCode : OP_NONE; |
Svet Ganov | b9d71a6 | 2015-04-30 10:38:13 -0700 | [diff] [blame] | 1076 | } |
| 1077 | |
| 1078 | /** |
Jason Monk | 1c7c319 | 2014-06-26 12:52:18 -0400 | [diff] [blame] | 1079 | * Retrieve whether the op allows the system (and system ui) to |
| 1080 | * bypass the user restriction. |
| 1081 | * @hide |
| 1082 | */ |
| 1083 | public static boolean opAllowSystemBypassRestriction(int op) { |
| 1084 | return sOpAllowSystemRestrictionBypass[op]; |
| 1085 | } |
| 1086 | |
| 1087 | /** |
David Braun | f5d8319 | 2013-09-16 13:43:51 -0700 | [diff] [blame] | 1088 | * Retrieve the default mode for the operation. |
| 1089 | * @hide |
| 1090 | */ |
| 1091 | public static int opToDefaultMode(int op) { |
| 1092 | return sOpDefaultMode[op]; |
| 1093 | } |
| 1094 | |
| 1095 | /** |
Dianne Hackborn | 8828d3a | 2013-09-25 16:47:10 -0700 | [diff] [blame] | 1096 | * Retrieve whether the op allows itself to be reset. |
| 1097 | * @hide |
| 1098 | */ |
| 1099 | public static boolean opAllowsReset(int op) { |
| 1100 | return !sOpDisableReset[op]; |
| 1101 | } |
| 1102 | |
| 1103 | /** |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 1104 | * Class holding all of the operation information associated with an app. |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1105 | * @hide |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 1106 | */ |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1107 | public static class PackageOps implements Parcelable { |
| 1108 | private final String mPackageName; |
| 1109 | private final int mUid; |
| 1110 | private final List<OpEntry> mEntries; |
| 1111 | |
| 1112 | public PackageOps(String packageName, int uid, List<OpEntry> entries) { |
| 1113 | mPackageName = packageName; |
| 1114 | mUid = uid; |
| 1115 | mEntries = entries; |
| 1116 | } |
| 1117 | |
| 1118 | public String getPackageName() { |
| 1119 | return mPackageName; |
| 1120 | } |
| 1121 | |
| 1122 | public int getUid() { |
| 1123 | return mUid; |
| 1124 | } |
| 1125 | |
| 1126 | public List<OpEntry> getOps() { |
| 1127 | return mEntries; |
| 1128 | } |
| 1129 | |
| 1130 | @Override |
| 1131 | public int describeContents() { |
| 1132 | return 0; |
| 1133 | } |
| 1134 | |
| 1135 | @Override |
| 1136 | public void writeToParcel(Parcel dest, int flags) { |
| 1137 | dest.writeString(mPackageName); |
| 1138 | dest.writeInt(mUid); |
| 1139 | dest.writeInt(mEntries.size()); |
| 1140 | for (int i=0; i<mEntries.size(); i++) { |
| 1141 | mEntries.get(i).writeToParcel(dest, flags); |
| 1142 | } |
| 1143 | } |
| 1144 | |
| 1145 | PackageOps(Parcel source) { |
| 1146 | mPackageName = source.readString(); |
| 1147 | mUid = source.readInt(); |
| 1148 | mEntries = new ArrayList<OpEntry>(); |
| 1149 | final int N = source.readInt(); |
| 1150 | for (int i=0; i<N; i++) { |
| 1151 | mEntries.add(OpEntry.CREATOR.createFromParcel(source)); |
| 1152 | } |
| 1153 | } |
| 1154 | |
| 1155 | public static final Creator<PackageOps> CREATOR = new Creator<PackageOps>() { |
| 1156 | @Override public PackageOps createFromParcel(Parcel source) { |
| 1157 | return new PackageOps(source); |
| 1158 | } |
| 1159 | |
| 1160 | @Override public PackageOps[] newArray(int size) { |
| 1161 | return new PackageOps[size]; |
| 1162 | } |
| 1163 | }; |
| 1164 | } |
| 1165 | |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 1166 | /** |
| 1167 | * Class holding the information about one unique operation of an application. |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1168 | * @hide |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 1169 | */ |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1170 | public static class OpEntry implements Parcelable { |
| 1171 | private final int mOp; |
Dianne Hackborn | 5e45ee6 | 2013-01-24 19:13:44 -0800 | [diff] [blame] | 1172 | private final int mMode; |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1173 | private final long mTime; |
Dianne Hackborn | 5e45ee6 | 2013-01-24 19:13:44 -0800 | [diff] [blame] | 1174 | private final long mRejectTime; |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1175 | private final int mDuration; |
Svet Ganov | 99b6043 | 2015-06-27 13:15:22 -0700 | [diff] [blame] | 1176 | private final int mProxyUid; |
| 1177 | private final String mProxyPackageName; |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1178 | |
Svet Ganov | 99b6043 | 2015-06-27 13:15:22 -0700 | [diff] [blame] | 1179 | public OpEntry(int op, int mode, long time, long rejectTime, int duration, |
| 1180 | int proxyUid, String proxyPackage) { |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1181 | mOp = op; |
Dianne Hackborn | 5e45ee6 | 2013-01-24 19:13:44 -0800 | [diff] [blame] | 1182 | mMode = mode; |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1183 | mTime = time; |
Dianne Hackborn | 5e45ee6 | 2013-01-24 19:13:44 -0800 | [diff] [blame] | 1184 | mRejectTime = rejectTime; |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1185 | mDuration = duration; |
Svet Ganov | 99b6043 | 2015-06-27 13:15:22 -0700 | [diff] [blame] | 1186 | mProxyUid = proxyUid; |
| 1187 | mProxyPackageName = proxyPackage; |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1188 | } |
| 1189 | |
| 1190 | public int getOp() { |
| 1191 | return mOp; |
| 1192 | } |
| 1193 | |
Dianne Hackborn | 5e45ee6 | 2013-01-24 19:13:44 -0800 | [diff] [blame] | 1194 | public int getMode() { |
| 1195 | return mMode; |
| 1196 | } |
| 1197 | |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1198 | public long getTime() { |
| 1199 | return mTime; |
| 1200 | } |
| 1201 | |
Dianne Hackborn | 5e45ee6 | 2013-01-24 19:13:44 -0800 | [diff] [blame] | 1202 | public long getRejectTime() { |
| 1203 | return mRejectTime; |
| 1204 | } |
| 1205 | |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1206 | public boolean isRunning() { |
| 1207 | return mDuration == -1; |
| 1208 | } |
| 1209 | |
| 1210 | public int getDuration() { |
| 1211 | return mDuration == -1 ? (int)(System.currentTimeMillis()-mTime) : mDuration; |
| 1212 | } |
| 1213 | |
Svet Ganov | 99b6043 | 2015-06-27 13:15:22 -0700 | [diff] [blame] | 1214 | public int getProxyUid() { |
| 1215 | return mProxyUid; |
| 1216 | } |
| 1217 | |
| 1218 | public String getProxyPackageName() { |
| 1219 | return mProxyPackageName; |
| 1220 | } |
| 1221 | |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1222 | @Override |
| 1223 | public int describeContents() { |
| 1224 | return 0; |
| 1225 | } |
| 1226 | |
| 1227 | @Override |
| 1228 | public void writeToParcel(Parcel dest, int flags) { |
| 1229 | dest.writeInt(mOp); |
Dianne Hackborn | 5e45ee6 | 2013-01-24 19:13:44 -0800 | [diff] [blame] | 1230 | dest.writeInt(mMode); |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1231 | dest.writeLong(mTime); |
Dianne Hackborn | 5e45ee6 | 2013-01-24 19:13:44 -0800 | [diff] [blame] | 1232 | dest.writeLong(mRejectTime); |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1233 | dest.writeInt(mDuration); |
Svet Ganov | 99b6043 | 2015-06-27 13:15:22 -0700 | [diff] [blame] | 1234 | dest.writeInt(mProxyUid); |
| 1235 | dest.writeString(mProxyPackageName); |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1236 | } |
| 1237 | |
| 1238 | OpEntry(Parcel source) { |
| 1239 | mOp = source.readInt(); |
Dianne Hackborn | 5e45ee6 | 2013-01-24 19:13:44 -0800 | [diff] [blame] | 1240 | mMode = source.readInt(); |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1241 | mTime = source.readLong(); |
Dianne Hackborn | 5e45ee6 | 2013-01-24 19:13:44 -0800 | [diff] [blame] | 1242 | mRejectTime = source.readLong(); |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1243 | mDuration = source.readInt(); |
Svet Ganov | 99b6043 | 2015-06-27 13:15:22 -0700 | [diff] [blame] | 1244 | mProxyUid = source.readInt(); |
| 1245 | mProxyPackageName = source.readString(); |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1246 | } |
| 1247 | |
| 1248 | public static final Creator<OpEntry> CREATOR = new Creator<OpEntry>() { |
| 1249 | @Override public OpEntry createFromParcel(Parcel source) { |
| 1250 | return new OpEntry(source); |
| 1251 | } |
| 1252 | |
| 1253 | @Override public OpEntry[] newArray(int size) { |
| 1254 | return new OpEntry[size]; |
| 1255 | } |
| 1256 | }; |
| 1257 | } |
| 1258 | |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 1259 | /** |
| 1260 | * Callback for notification of changes to operation state. |
| 1261 | */ |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 1262 | public interface OnOpChangedListener { |
| 1263 | public void onOpChanged(String op, String packageName); |
| 1264 | } |
| 1265 | |
| 1266 | /** |
| 1267 | * Callback for notification of changes to operation state. |
| 1268 | * This allows you to see the raw op codes instead of strings. |
| 1269 | * @hide |
| 1270 | */ |
| 1271 | public static class OnOpChangedInternalListener implements OnOpChangedListener { |
| 1272 | public void onOpChanged(String op, String packageName) { } |
| 1273 | public void onOpChanged(int op, String packageName) { } |
Dianne Hackborn | c229302 | 2013-02-06 23:14:49 -0800 | [diff] [blame] | 1274 | } |
| 1275 | |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1276 | AppOpsManager(Context context, IAppOpsService service) { |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1277 | mContext = context; |
| 1278 | mService = service; |
| 1279 | } |
| 1280 | |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 1281 | /** |
| 1282 | * Retrieve current operation state for all applications. |
| 1283 | * |
| 1284 | * @param ops The set of operations you are interested in, or null if you want all of them. |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1285 | * @hide |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 1286 | */ |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1287 | public List<AppOpsManager.PackageOps> getPackagesForOps(int[] ops) { |
| 1288 | try { |
| 1289 | return mService.getPackagesForOps(ops); |
| 1290 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 1291 | throw e.rethrowFromSystemServer(); |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1292 | } |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1293 | } |
| 1294 | |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 1295 | /** |
| 1296 | * Retrieve current operation state for one application. |
| 1297 | * |
| 1298 | * @param uid The uid of the application of interest. |
| 1299 | * @param packageName The name of the application of interest. |
| 1300 | * @param ops The set of operations you are interested in, or null if you want all of them. |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1301 | * @hide |
Dianne Hackborn | d7d28e6 | 2013-02-12 14:59:53 -0800 | [diff] [blame] | 1302 | */ |
Dianne Hackborn | 72e3983 | 2013-01-18 18:36:09 -0800 | [diff] [blame] | 1303 | public List<AppOpsManager.PackageOps> getOpsForPackage(int uid, String packageName, int[] ops) { |
| 1304 | try { |
| 1305 | return mService.getOpsForPackage(uid, packageName, ops); |
| 1306 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 1307 | throw e.rethrowFromSystemServer(); |
Dianne Hackborn | 72e3983 | 2013-01-18 18:36:09 -0800 | [diff] [blame] | 1308 | } |
Dianne Hackborn | 72e3983 | 2013-01-18 18:36:09 -0800 | [diff] [blame] | 1309 | } |
| 1310 | |
Svet Ganov | ae0e03a | 2016-02-25 18:22:10 -0800 | [diff] [blame] | 1311 | /** |
| 1312 | * Sets given app op in the specified mode for app ops in the UID. |
| 1313 | * This applies to all apps currently in the UID or installed in |
| 1314 | * this UID in the future. |
| 1315 | * |
| 1316 | * @param code The app op. |
| 1317 | * @param uid The UID for which to set the app. |
| 1318 | * @param mode The app op mode to set. |
| 1319 | * @hide |
| 1320 | */ |
Svet Ganov | 2af5708 | 2015-07-30 08:44:20 -0700 | [diff] [blame] | 1321 | public void setUidMode(int code, int uid, int mode) { |
| 1322 | try { |
| 1323 | mService.setUidMode(code, uid, mode); |
| 1324 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 1325 | throw e.rethrowFromSystemServer(); |
Svet Ganov | 2af5708 | 2015-07-30 08:44:20 -0700 | [diff] [blame] | 1326 | } |
| 1327 | } |
| 1328 | |
Svet Ganov | ae0e03a | 2016-02-25 18:22:10 -0800 | [diff] [blame] | 1329 | /** |
| 1330 | * Sets given app op in the specified mode for app ops in the UID. |
| 1331 | * This applies to all apps currently in the UID or installed in |
| 1332 | * this UID in the future. |
| 1333 | * |
| 1334 | * @param appOp The app op. |
| 1335 | * @param uid The UID for which to set the app. |
| 1336 | * @param mode The app op mode to set. |
| 1337 | * @hide |
| 1338 | */ |
| 1339 | @SystemApi |
| 1340 | public void setUidMode(String appOp, int uid, int mode) { |
| 1341 | try { |
| 1342 | mService.setUidMode(AppOpsManager.strOpToOp(appOp), uid, mode); |
| 1343 | } catch (RemoteException e) { |
| 1344 | throw e.rethrowFromSystemServer(); |
| 1345 | } |
| 1346 | } |
| 1347 | |
Svet Ganov | 2af5708 | 2015-07-30 08:44:20 -0700 | [diff] [blame] | 1348 | /** @hide */ |
Svet Ganov | 9cea80cd | 2016-02-16 11:47:00 -0800 | [diff] [blame] | 1349 | public void setUserRestriction(int code, boolean restricted, IBinder token) { |
Ruben Brunk | 29931bc | 2016-03-11 00:24:26 -0800 | [diff] [blame] | 1350 | setUserRestriction(code, restricted, token, /*exceptionPackages*/null); |
| 1351 | } |
| 1352 | |
| 1353 | /** @hide */ |
| 1354 | public void setUserRestriction(int code, boolean restricted, IBinder token, |
| 1355 | String[] exceptionPackages) { |
Svetoslav Ganov | e33f613 | 2016-06-01 16:25:31 -0700 | [diff] [blame] | 1356 | setUserRestrictionForUser(code, restricted, token, exceptionPackages, mContext.getUserId()); |
| 1357 | } |
| 1358 | |
| 1359 | /** @hide */ |
| 1360 | public void setUserRestrictionForUser(int code, boolean restricted, IBinder token, |
| 1361 | String[] exceptionPackages, int userId) { |
Svet Ganov | 9cea80cd | 2016-02-16 11:47:00 -0800 | [diff] [blame] | 1362 | try { |
Svetoslav Ganov | e33f613 | 2016-06-01 16:25:31 -0700 | [diff] [blame] | 1363 | mService.setUserRestriction(code, restricted, token, userId, exceptionPackages); |
Svet Ganov | 9cea80cd | 2016-02-16 11:47:00 -0800 | [diff] [blame] | 1364 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 1365 | throw e.rethrowFromSystemServer(); |
Svet Ganov | 9cea80cd | 2016-02-16 11:47:00 -0800 | [diff] [blame] | 1366 | } |
| 1367 | } |
| 1368 | |
| 1369 | /** @hide */ |
Dianne Hackborn | 5e45ee6 | 2013-01-24 19:13:44 -0800 | [diff] [blame] | 1370 | public void setMode(int code, int uid, String packageName, int mode) { |
| 1371 | try { |
| 1372 | mService.setMode(code, uid, packageName, mode); |
| 1373 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 1374 | throw e.rethrowFromSystemServer(); |
Dianne Hackborn | 5e45ee6 | 2013-01-24 19:13:44 -0800 | [diff] [blame] | 1375 | } |
| 1376 | } |
| 1377 | |
John Spurlock | 1af30c7 | 2014-03-10 08:33:35 -0400 | [diff] [blame] | 1378 | /** |
| 1379 | * Set a non-persisted restriction on an audio operation at a stream-level. |
| 1380 | * Restrictions are temporary additional constraints imposed on top of the persisted rules |
| 1381 | * defined by {@link #setMode}. |
| 1382 | * |
| 1383 | * @param code The operation to restrict. |
John Spurlock | 7b41467 | 2014-07-18 13:02:39 -0400 | [diff] [blame] | 1384 | * @param usage The {@link android.media.AudioAttributes} usage value. |
John Spurlock | 1af30c7 | 2014-03-10 08:33:35 -0400 | [diff] [blame] | 1385 | * @param mode The restriction mode (MODE_IGNORED,MODE_ERRORED) or MODE_ALLOWED to unrestrict. |
| 1386 | * @param exceptionPackages Optional list of packages to exclude from the restriction. |
| 1387 | * @hide |
| 1388 | */ |
John Spurlock | 7b41467 | 2014-07-18 13:02:39 -0400 | [diff] [blame] | 1389 | public void setRestriction(int code, @AttributeUsage int usage, int mode, |
| 1390 | String[] exceptionPackages) { |
John Spurlock | 1af30c7 | 2014-03-10 08:33:35 -0400 | [diff] [blame] | 1391 | try { |
| 1392 | final int uid = Binder.getCallingUid(); |
John Spurlock | 7b41467 | 2014-07-18 13:02:39 -0400 | [diff] [blame] | 1393 | mService.setAudioRestriction(code, usage, uid, mode, exceptionPackages); |
John Spurlock | 1af30c7 | 2014-03-10 08:33:35 -0400 | [diff] [blame] | 1394 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 1395 | throw e.rethrowFromSystemServer(); |
John Spurlock | 1af30c7 | 2014-03-10 08:33:35 -0400 | [diff] [blame] | 1396 | } |
| 1397 | } |
| 1398 | |
Dianne Hackborn | 607b414 | 2013-08-02 18:10:10 -0700 | [diff] [blame] | 1399 | /** @hide */ |
| 1400 | public void resetAllModes() { |
| 1401 | try { |
Dianne Hackborn | 7b7c58b | 2014-12-02 18:32:20 -0800 | [diff] [blame] | 1402 | mService.resetAllModes(UserHandle.myUserId(), null); |
Dianne Hackborn | 607b414 | 2013-08-02 18:10:10 -0700 | [diff] [blame] | 1403 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 1404 | throw e.rethrowFromSystemServer(); |
Dianne Hackborn | 607b414 | 2013-08-02 18:10:10 -0700 | [diff] [blame] | 1405 | } |
| 1406 | } |
| 1407 | |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1408 | /** |
Svet Ganov | fbf01f7 | 2015-04-28 18:39:06 -0700 | [diff] [blame] | 1409 | * Gets the app op name associated with a given permission. |
| 1410 | * The app op name is one of the public constants defined |
| 1411 | * in this class such as {@link #OPSTR_COARSE_LOCATION}. |
Svetoslav Ganov | eaca4c5 | 2016-05-05 18:08:00 -0700 | [diff] [blame] | 1412 | * This API is intended to be used for mapping runtime |
| 1413 | * permissions to the corresponding app op. |
Svet Ganov | fbf01f7 | 2015-04-28 18:39:06 -0700 | [diff] [blame] | 1414 | * |
| 1415 | * @param permission The permission. |
| 1416 | * @return The app op associated with the permission or null. |
Svet Ganov | fbf01f7 | 2015-04-28 18:39:06 -0700 | [diff] [blame] | 1417 | */ |
Svet Ganov | fbf01f7 | 2015-04-28 18:39:06 -0700 | [diff] [blame] | 1418 | public static String permissionToOp(String permission) { |
Svetoslav Ganov | eaca4c5 | 2016-05-05 18:08:00 -0700 | [diff] [blame] | 1419 | final Integer opCode = sRuntimePermToOp.get(permission); |
Svet Ganov | b9d71a6 | 2015-04-30 10:38:13 -0700 | [diff] [blame] | 1420 | if (opCode == null) { |
| 1421 | return null; |
| 1422 | } |
| 1423 | return sOpToString[opCode]; |
Svet Ganov | fbf01f7 | 2015-04-28 18:39:06 -0700 | [diff] [blame] | 1424 | } |
| 1425 | |
| 1426 | /** |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1427 | * Monitor for changes to the operating mode for the given op in the given app package. |
Dianne Hackborn | e4cb66f | 2013-10-02 10:34:02 -0700 | [diff] [blame] | 1428 | * @param op The operation to monitor, one of OPSTR_*. |
| 1429 | * @param packageName The name of the application to monitor. |
| 1430 | * @param callback Where to report changes. |
| 1431 | */ |
| 1432 | public void startWatchingMode(String op, String packageName, |
| 1433 | final OnOpChangedListener callback) { |
| 1434 | startWatchingMode(strOpToOp(op), packageName, callback); |
| 1435 | } |
| 1436 | |
| 1437 | /** |
| 1438 | * Monitor for changes to the operating mode for the given op in the given app package. |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1439 | * @param op The operation to monitor, one of OP_*. |
| 1440 | * @param packageName The name of the application to monitor. |
| 1441 | * @param callback Where to report changes. |
Dianne Hackborn | e4cb66f | 2013-10-02 10:34:02 -0700 | [diff] [blame] | 1442 | * @hide |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1443 | */ |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 1444 | public void startWatchingMode(int op, String packageName, final OnOpChangedListener callback) { |
Dianne Hackborn | c229302 | 2013-02-06 23:14:49 -0800 | [diff] [blame] | 1445 | synchronized (mModeWatchers) { |
| 1446 | IAppOpsCallback cb = mModeWatchers.get(callback); |
| 1447 | if (cb == null) { |
| 1448 | cb = new IAppOpsCallback.Stub() { |
Dianne Hackborn | bef28fe | 2015-10-29 17:57:11 -0700 | [diff] [blame] | 1449 | public void opChanged(int op, int uid, String packageName) { |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 1450 | if (callback instanceof OnOpChangedInternalListener) { |
| 1451 | ((OnOpChangedInternalListener)callback).onOpChanged(op, packageName); |
| 1452 | } |
| 1453 | if (sOpToString[op] != null) { |
| 1454 | callback.onOpChanged(sOpToString[op], packageName); |
| 1455 | } |
Dianne Hackborn | c229302 | 2013-02-06 23:14:49 -0800 | [diff] [blame] | 1456 | } |
| 1457 | }; |
| 1458 | mModeWatchers.put(callback, cb); |
| 1459 | } |
| 1460 | try { |
| 1461 | mService.startWatchingMode(op, packageName, cb); |
| 1462 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 1463 | throw e.rethrowFromSystemServer(); |
Dianne Hackborn | c229302 | 2013-02-06 23:14:49 -0800 | [diff] [blame] | 1464 | } |
| 1465 | } |
| 1466 | } |
| 1467 | |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1468 | /** |
| 1469 | * Stop monitoring that was previously started with {@link #startWatchingMode}. All |
| 1470 | * monitoring associated with this callback will be removed. |
| 1471 | */ |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 1472 | public void stopWatchingMode(OnOpChangedListener callback) { |
Dianne Hackborn | c229302 | 2013-02-06 23:14:49 -0800 | [diff] [blame] | 1473 | synchronized (mModeWatchers) { |
| 1474 | IAppOpsCallback cb = mModeWatchers.get(callback); |
| 1475 | if (cb != null) { |
| 1476 | try { |
| 1477 | mService.stopWatchingMode(cb); |
| 1478 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 1479 | throw e.rethrowFromSystemServer(); |
Dianne Hackborn | c229302 | 2013-02-06 23:14:49 -0800 | [diff] [blame] | 1480 | } |
| 1481 | } |
| 1482 | } |
| 1483 | } |
| 1484 | |
Dianne Hackborn | 95d7853 | 2013-09-11 09:51:14 -0700 | [diff] [blame] | 1485 | private String buildSecurityExceptionMsg(int op, int uid, String packageName) { |
| 1486 | return packageName + " from uid " + uid + " not allowed to perform " + sOpNames[op]; |
| 1487 | } |
| 1488 | |
Adam Lesinski | b5cf61b | 2014-08-18 16:10:28 -0700 | [diff] [blame] | 1489 | /** |
| 1490 | * {@hide} |
| 1491 | */ |
| 1492 | public static int strOpToOp(String op) { |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 1493 | Integer val = sOpStrToOp.get(op); |
| 1494 | if (val == null) { |
| 1495 | throw new IllegalArgumentException("Unknown operation string: " + op); |
| 1496 | } |
| 1497 | return val; |
| 1498 | } |
| 1499 | |
| 1500 | /** |
| 1501 | * Do a quick check for whether an application might be able to perform an operation. |
| 1502 | * This is <em>not</em> a security check; you must use {@link #noteOp(String, int, String)} |
| 1503 | * or {@link #startOp(String, int, String)} for your actual security checks, which also |
| 1504 | * ensure that the given uid and package name are consistent. This function can just be |
| 1505 | * used for a quick check to see if an operation has been disabled for the application, |
| 1506 | * as an early reject of some work. This does not modify the time stamp or other data |
| 1507 | * about the operation. |
| 1508 | * @param op The operation to check. One of the OPSTR_* constants. |
| 1509 | * @param uid The user id of the application attempting to perform the operation. |
| 1510 | * @param packageName The name of the application attempting to perform the operation. |
| 1511 | * @return Returns {@link #MODE_ALLOWED} if the operation is allowed, or |
| 1512 | * {@link #MODE_IGNORED} if it is not allowed and should be silently ignored (without |
| 1513 | * causing the app to crash). |
| 1514 | * @throws SecurityException If the app has been configured to crash on this op. |
| 1515 | */ |
| 1516 | public int checkOp(String op, int uid, String packageName) { |
| 1517 | return checkOp(strOpToOp(op), uid, packageName); |
| 1518 | } |
| 1519 | |
| 1520 | /** |
John Spurlock | 925b85e | 2014-03-10 16:52:11 -0400 | [diff] [blame] | 1521 | * Like {@link #checkOp} but instead of throwing a {@link SecurityException} it |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 1522 | * returns {@link #MODE_ERRORED}. |
| 1523 | */ |
| 1524 | public int checkOpNoThrow(String op, int uid, String packageName) { |
| 1525 | return checkOpNoThrow(strOpToOp(op), uid, packageName); |
| 1526 | } |
| 1527 | |
| 1528 | /** |
| 1529 | * Make note of an application performing an operation. Note that you must pass |
| 1530 | * in both the uid and name of the application to be checked; this function will verify |
| 1531 | * that these two match, and if not, return {@link #MODE_IGNORED}. If this call |
| 1532 | * succeeds, the last execution time of the operation for this app will be updated to |
| 1533 | * the current time. |
| 1534 | * @param op The operation to note. One of the OPSTR_* constants. |
| 1535 | * @param uid The user id of the application attempting to perform the operation. |
| 1536 | * @param packageName The name of the application attempting to perform the operation. |
| 1537 | * @return Returns {@link #MODE_ALLOWED} if the operation is allowed, or |
| 1538 | * {@link #MODE_IGNORED} if it is not allowed and should be silently ignored (without |
| 1539 | * causing the app to crash). |
| 1540 | * @throws SecurityException If the app has been configured to crash on this op. |
| 1541 | */ |
| 1542 | public int noteOp(String op, int uid, String packageName) { |
| 1543 | return noteOp(strOpToOp(op), uid, packageName); |
| 1544 | } |
| 1545 | |
| 1546 | /** |
| 1547 | * Like {@link #noteOp} but instead of throwing a {@link SecurityException} it |
| 1548 | * returns {@link #MODE_ERRORED}. |
| 1549 | */ |
| 1550 | public int noteOpNoThrow(String op, int uid, String packageName) { |
| 1551 | return noteOpNoThrow(strOpToOp(op), uid, packageName); |
| 1552 | } |
| 1553 | |
| 1554 | /** |
Svet Ganov | 99b6043 | 2015-06-27 13:15:22 -0700 | [diff] [blame] | 1555 | * Make note of an application performing an operation on behalf of another |
| 1556 | * application when handling an IPC. Note that you must pass the package name |
| 1557 | * of the application that is being proxied while its UID will be inferred from |
| 1558 | * the IPC state; this function will verify that the calling uid and proxied |
| 1559 | * package name match, and if not, return {@link #MODE_IGNORED}. If this call |
| 1560 | * succeeds, the last execution time of the operation for the proxied app and |
| 1561 | * your app will be updated to the current time. |
| 1562 | * @param op The operation to note. One of the OPSTR_* constants. |
| 1563 | * @param proxiedPackageName The name of the application calling into the proxy application. |
| 1564 | * @return Returns {@link #MODE_ALLOWED} if the operation is allowed, or |
| 1565 | * {@link #MODE_IGNORED} if it is not allowed and should be silently ignored (without |
| 1566 | * causing the app to crash). |
| 1567 | * @throws SecurityException If the app has been configured to crash on this op. |
| 1568 | */ |
| 1569 | public int noteProxyOp(String op, String proxiedPackageName) { |
| 1570 | return noteProxyOp(strOpToOp(op), proxiedPackageName); |
| 1571 | } |
| 1572 | |
| 1573 | /** |
| 1574 | * Like {@link #noteProxyOp(String, String)} but instead |
| 1575 | * of throwing a {@link SecurityException} it returns {@link #MODE_ERRORED}. |
| 1576 | */ |
| 1577 | public int noteProxyOpNoThrow(String op, String proxiedPackageName) { |
| 1578 | return noteProxyOpNoThrow(strOpToOp(op), proxiedPackageName); |
| 1579 | } |
| 1580 | |
| 1581 | /** |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 1582 | * Report that an application has started executing a long-running operation. Note that you |
| 1583 | * must pass in both the uid and name of the application to be checked; this function will |
| 1584 | * verify that these two match, and if not, return {@link #MODE_IGNORED}. If this call |
| 1585 | * succeeds, the last execution time of the operation for this app will be updated to |
| 1586 | * the current time and the operation will be marked as "running". In this case you must |
| 1587 | * later call {@link #finishOp(String, int, String)} to report when the application is no |
| 1588 | * longer performing the operation. |
| 1589 | * @param op The operation to start. One of the OPSTR_* constants. |
| 1590 | * @param uid The user id of the application attempting to perform the operation. |
| 1591 | * @param packageName The name of the application attempting to perform the operation. |
| 1592 | * @return Returns {@link #MODE_ALLOWED} if the operation is allowed, or |
| 1593 | * {@link #MODE_IGNORED} if it is not allowed and should be silently ignored (without |
| 1594 | * causing the app to crash). |
| 1595 | * @throws SecurityException If the app has been configured to crash on this op. |
| 1596 | */ |
| 1597 | public int startOp(String op, int uid, String packageName) { |
| 1598 | return startOp(strOpToOp(op), uid, packageName); |
| 1599 | } |
| 1600 | |
| 1601 | /** |
| 1602 | * Like {@link #startOp} but instead of throwing a {@link SecurityException} it |
| 1603 | * returns {@link #MODE_ERRORED}. |
| 1604 | */ |
| 1605 | public int startOpNoThrow(String op, int uid, String packageName) { |
| 1606 | return startOpNoThrow(strOpToOp(op), uid, packageName); |
| 1607 | } |
| 1608 | |
| 1609 | /** |
| 1610 | * Report that an application is no longer performing an operation that had previously |
| 1611 | * been started with {@link #startOp(String, int, String)}. There is no validation of input |
| 1612 | * or result; the parameters supplied here must be the exact same ones previously passed |
| 1613 | * in when starting the operation. |
| 1614 | */ |
| 1615 | public void finishOp(String op, int uid, String packageName) { |
| 1616 | finishOp(strOpToOp(op), uid, packageName); |
| 1617 | } |
| 1618 | |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1619 | /** |
| 1620 | * Do a quick check for whether an application might be able to perform an operation. |
| 1621 | * This is <em>not</em> a security check; you must use {@link #noteOp(int, int, String)} |
| 1622 | * or {@link #startOp(int, int, String)} for your actual security checks, which also |
| 1623 | * ensure that the given uid and package name are consistent. This function can just be |
| 1624 | * used for a quick check to see if an operation has been disabled for the application, |
| 1625 | * as an early reject of some work. This does not modify the time stamp or other data |
| 1626 | * about the operation. |
| 1627 | * @param op The operation to check. One of the OP_* constants. |
| 1628 | * @param uid The user id of the application attempting to perform the operation. |
| 1629 | * @param packageName The name of the application attempting to perform the operation. |
| 1630 | * @return Returns {@link #MODE_ALLOWED} if the operation is allowed, or |
| 1631 | * {@link #MODE_IGNORED} if it is not allowed and should be silently ignored (without |
| 1632 | * causing the app to crash). |
| 1633 | * @throws SecurityException If the app has been configured to crash on this op. |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 1634 | * @hide |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1635 | */ |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1636 | public int checkOp(int op, int uid, String packageName) { |
| 1637 | try { |
| 1638 | int mode = mService.checkOperation(op, uid, packageName); |
| 1639 | if (mode == MODE_ERRORED) { |
Dianne Hackborn | 95d7853 | 2013-09-11 09:51:14 -0700 | [diff] [blame] | 1640 | throw new SecurityException(buildSecurityExceptionMsg(op, uid, packageName)); |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1641 | } |
| 1642 | return mode; |
| 1643 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 1644 | throw e.rethrowFromSystemServer(); |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1645 | } |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1646 | } |
| 1647 | |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1648 | /** |
| 1649 | * Like {@link #checkOp} but instead of throwing a {@link SecurityException} it |
| 1650 | * returns {@link #MODE_ERRORED}. |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 1651 | * @hide |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1652 | */ |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1653 | public int checkOpNoThrow(int op, int uid, String packageName) { |
| 1654 | try { |
| 1655 | return mService.checkOperation(op, uid, packageName); |
| 1656 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 1657 | throw e.rethrowFromSystemServer(); |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1658 | } |
Dianne Hackborn | 35654b6 | 2013-01-14 17:38:02 -0800 | [diff] [blame] | 1659 | } |
| 1660 | |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1661 | /** |
Jeff Sharkey | 911d7f4 | 2013-09-05 18:11:45 -0700 | [diff] [blame] | 1662 | * Do a quick check to validate if a package name belongs to a UID. |
| 1663 | * |
| 1664 | * @throws SecurityException if the package name doesn't belong to the given |
| 1665 | * UID, or if ownership cannot be verified. |
| 1666 | */ |
| 1667 | public void checkPackage(int uid, String packageName) { |
| 1668 | try { |
| 1669 | if (mService.checkPackage(uid, packageName) != MODE_ALLOWED) { |
| 1670 | throw new SecurityException( |
| 1671 | "Package " + packageName + " does not belong to " + uid); |
| 1672 | } |
| 1673 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 1674 | throw e.rethrowFromSystemServer(); |
Jeff Sharkey | 911d7f4 | 2013-09-05 18:11:45 -0700 | [diff] [blame] | 1675 | } |
| 1676 | } |
| 1677 | |
| 1678 | /** |
John Spurlock | 1af30c7 | 2014-03-10 08:33:35 -0400 | [diff] [blame] | 1679 | * Like {@link #checkOp} but at a stream-level for audio operations. |
| 1680 | * @hide |
| 1681 | */ |
| 1682 | public int checkAudioOp(int op, int stream, int uid, String packageName) { |
| 1683 | try { |
| 1684 | final int mode = mService.checkAudioOperation(op, stream, uid, packageName); |
| 1685 | if (mode == MODE_ERRORED) { |
| 1686 | throw new SecurityException(buildSecurityExceptionMsg(op, uid, packageName)); |
| 1687 | } |
| 1688 | return mode; |
| 1689 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 1690 | throw e.rethrowFromSystemServer(); |
John Spurlock | 1af30c7 | 2014-03-10 08:33:35 -0400 | [diff] [blame] | 1691 | } |
John Spurlock | 1af30c7 | 2014-03-10 08:33:35 -0400 | [diff] [blame] | 1692 | } |
| 1693 | |
| 1694 | /** |
| 1695 | * Like {@link #checkAudioOp} but instead of throwing a {@link SecurityException} it |
| 1696 | * returns {@link #MODE_ERRORED}. |
| 1697 | * @hide |
| 1698 | */ |
| 1699 | public int checkAudioOpNoThrow(int op, int stream, int uid, String packageName) { |
| 1700 | try { |
| 1701 | return mService.checkAudioOperation(op, stream, uid, packageName); |
| 1702 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 1703 | throw e.rethrowFromSystemServer(); |
John Spurlock | 1af30c7 | 2014-03-10 08:33:35 -0400 | [diff] [blame] | 1704 | } |
John Spurlock | 1af30c7 | 2014-03-10 08:33:35 -0400 | [diff] [blame] | 1705 | } |
| 1706 | |
| 1707 | /** |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1708 | * Make note of an application performing an operation. Note that you must pass |
| 1709 | * in both the uid and name of the application to be checked; this function will verify |
| 1710 | * that these two match, and if not, return {@link #MODE_IGNORED}. If this call |
| 1711 | * succeeds, the last execution time of the operation for this app will be updated to |
| 1712 | * the current time. |
| 1713 | * @param op The operation to note. One of the OP_* constants. |
| 1714 | * @param uid The user id of the application attempting to perform the operation. |
| 1715 | * @param packageName The name of the application attempting to perform the operation. |
| 1716 | * @return Returns {@link #MODE_ALLOWED} if the operation is allowed, or |
| 1717 | * {@link #MODE_IGNORED} if it is not allowed and should be silently ignored (without |
| 1718 | * causing the app to crash). |
| 1719 | * @throws SecurityException If the app has been configured to crash on this op. |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 1720 | * @hide |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1721 | */ |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1722 | public int noteOp(int op, int uid, String packageName) { |
| 1723 | try { |
| 1724 | int mode = mService.noteOperation(op, uid, packageName); |
| 1725 | if (mode == MODE_ERRORED) { |
Dianne Hackborn | 95d7853 | 2013-09-11 09:51:14 -0700 | [diff] [blame] | 1726 | throw new SecurityException(buildSecurityExceptionMsg(op, uid, packageName)); |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1727 | } |
| 1728 | return mode; |
| 1729 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 1730 | throw e.rethrowFromSystemServer(); |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1731 | } |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1732 | } |
| 1733 | |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1734 | /** |
Svet Ganov | 99b6043 | 2015-06-27 13:15:22 -0700 | [diff] [blame] | 1735 | * Make note of an application performing an operation on behalf of another |
| 1736 | * application when handling an IPC. Note that you must pass the package name |
| 1737 | * of the application that is being proxied while its UID will be inferred from |
| 1738 | * the IPC state; this function will verify that the calling uid and proxied |
| 1739 | * package name match, and if not, return {@link #MODE_IGNORED}. If this call |
| 1740 | * succeeds, the last execution time of the operation for the proxied app and |
| 1741 | * your app will be updated to the current time. |
| 1742 | * @param op The operation to note. One of the OPSTR_* constants. |
| 1743 | * @param proxiedPackageName The name of the application calling into the proxy application. |
| 1744 | * @return Returns {@link #MODE_ALLOWED} if the operation is allowed, or |
| 1745 | * {@link #MODE_IGNORED} if it is not allowed and should be silently ignored (without |
| 1746 | * causing the app to crash). |
| 1747 | * @throws SecurityException If the proxy or proxied app has been configured to |
| 1748 | * crash on this op. |
| 1749 | * |
| 1750 | * @hide |
| 1751 | */ |
| 1752 | public int noteProxyOp(int op, String proxiedPackageName) { |
| 1753 | int mode = noteProxyOpNoThrow(op, proxiedPackageName); |
| 1754 | if (mode == MODE_ERRORED) { |
| 1755 | throw new SecurityException("Proxy package " + mContext.getOpPackageName() |
| 1756 | + " from uid " + Process.myUid() + " or calling package " |
| 1757 | + proxiedPackageName + " from uid " + Binder.getCallingUid() |
| 1758 | + " not allowed to perform " + sOpNames[op]); |
| 1759 | } |
| 1760 | return mode; |
| 1761 | } |
| 1762 | |
| 1763 | /** |
| 1764 | * Like {@link #noteProxyOp(int, String)} but instead |
| 1765 | * of throwing a {@link SecurityException} it returns {@link #MODE_ERRORED}. |
| 1766 | * @hide |
| 1767 | */ |
| 1768 | public int noteProxyOpNoThrow(int op, String proxiedPackageName) { |
| 1769 | try { |
| 1770 | return mService.noteProxyOperation(op, mContext.getOpPackageName(), |
| 1771 | Binder.getCallingUid(), proxiedPackageName); |
| 1772 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 1773 | throw e.rethrowFromSystemServer(); |
Svet Ganov | 99b6043 | 2015-06-27 13:15:22 -0700 | [diff] [blame] | 1774 | } |
Svet Ganov | 99b6043 | 2015-06-27 13:15:22 -0700 | [diff] [blame] | 1775 | } |
| 1776 | |
| 1777 | /** |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1778 | * Like {@link #noteOp} but instead of throwing a {@link SecurityException} it |
| 1779 | * returns {@link #MODE_ERRORED}. |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 1780 | * @hide |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1781 | */ |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1782 | public int noteOpNoThrow(int op, int uid, String packageName) { |
| 1783 | try { |
| 1784 | return mService.noteOperation(op, uid, packageName); |
| 1785 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 1786 | throw e.rethrowFromSystemServer(); |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1787 | } |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1788 | } |
| 1789 | |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1790 | /** @hide */ |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1791 | public int noteOp(int op) { |
Dianne Hackborn | 95d7853 | 2013-09-11 09:51:14 -0700 | [diff] [blame] | 1792 | return noteOp(op, Process.myUid(), mContext.getOpPackageName()); |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1793 | } |
| 1794 | |
Dianne Hackborn | e98f5db | 2013-07-17 17:23:25 -0700 | [diff] [blame] | 1795 | /** @hide */ |
| 1796 | public static IBinder getToken(IAppOpsService service) { |
| 1797 | synchronized (AppOpsManager.class) { |
| 1798 | if (sToken != null) { |
| 1799 | return sToken; |
| 1800 | } |
| 1801 | try { |
| 1802 | sToken = service.getToken(new Binder()); |
| 1803 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 1804 | throw e.rethrowFromSystemServer(); |
Dianne Hackborn | e98f5db | 2013-07-17 17:23:25 -0700 | [diff] [blame] | 1805 | } |
| 1806 | return sToken; |
| 1807 | } |
| 1808 | } |
| 1809 | |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1810 | /** |
| 1811 | * Report that an application has started executing a long-running operation. Note that you |
| 1812 | * must pass in both the uid and name of the application to be checked; this function will |
| 1813 | * verify that these two match, and if not, return {@link #MODE_IGNORED}. If this call |
| 1814 | * succeeds, the last execution time of the operation for this app will be updated to |
| 1815 | * the current time and the operation will be marked as "running". In this case you must |
| 1816 | * later call {@link #finishOp(int, int, String)} to report when the application is no |
| 1817 | * longer performing the operation. |
| 1818 | * @param op The operation to start. One of the OP_* constants. |
| 1819 | * @param uid The user id of the application attempting to perform the operation. |
| 1820 | * @param packageName The name of the application attempting to perform the operation. |
| 1821 | * @return Returns {@link #MODE_ALLOWED} if the operation is allowed, or |
| 1822 | * {@link #MODE_IGNORED} if it is not allowed and should be silently ignored (without |
| 1823 | * causing the app to crash). |
| 1824 | * @throws SecurityException If the app has been configured to crash on this op. |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 1825 | * @hide |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1826 | */ |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1827 | public int startOp(int op, int uid, String packageName) { |
| 1828 | try { |
Dianne Hackborn | e98f5db | 2013-07-17 17:23:25 -0700 | [diff] [blame] | 1829 | int mode = mService.startOperation(getToken(mService), op, uid, packageName); |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1830 | if (mode == MODE_ERRORED) { |
Dianne Hackborn | 95d7853 | 2013-09-11 09:51:14 -0700 | [diff] [blame] | 1831 | throw new SecurityException(buildSecurityExceptionMsg(op, uid, packageName)); |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1832 | } |
| 1833 | return mode; |
| 1834 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 1835 | throw e.rethrowFromSystemServer(); |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1836 | } |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1837 | } |
| 1838 | |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1839 | /** |
| 1840 | * Like {@link #startOp} but instead of throwing a {@link SecurityException} it |
| 1841 | * returns {@link #MODE_ERRORED}. |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 1842 | * @hide |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1843 | */ |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1844 | public int startOpNoThrow(int op, int uid, String packageName) { |
| 1845 | try { |
Dianne Hackborn | e98f5db | 2013-07-17 17:23:25 -0700 | [diff] [blame] | 1846 | return mService.startOperation(getToken(mService), op, uid, packageName); |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1847 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 1848 | throw e.rethrowFromSystemServer(); |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1849 | } |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1850 | } |
| 1851 | |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1852 | /** @hide */ |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1853 | public int startOp(int op) { |
Dianne Hackborn | 95d7853 | 2013-09-11 09:51:14 -0700 | [diff] [blame] | 1854 | return startOp(op, Process.myUid(), mContext.getOpPackageName()); |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1855 | } |
| 1856 | |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1857 | /** |
| 1858 | * Report that an application is no longer performing an operation that had previously |
| 1859 | * been started with {@link #startOp(int, int, String)}. There is no validation of input |
| 1860 | * or result; the parameters supplied here must be the exact same ones previously passed |
| 1861 | * in when starting the operation. |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 1862 | * @hide |
Dianne Hackborn | 1304f4a | 2013-07-09 18:17:27 -0700 | [diff] [blame] | 1863 | */ |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1864 | public void finishOp(int op, int uid, String packageName) { |
| 1865 | try { |
Dianne Hackborn | e98f5db | 2013-07-17 17:23:25 -0700 | [diff] [blame] | 1866 | mService.finishOperation(getToken(mService), op, uid, packageName); |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1867 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 1868 | throw e.rethrowFromSystemServer(); |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1869 | } |
| 1870 | } |
| 1871 | |
Dianne Hackborn | 9bb0ee9 | 2013-09-22 12:31:38 -0700 | [diff] [blame] | 1872 | /** @hide */ |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1873 | public void finishOp(int op) { |
Dianne Hackborn | 95d7853 | 2013-09-11 09:51:14 -0700 | [diff] [blame] | 1874 | finishOp(op, Process.myUid(), mContext.getOpPackageName()); |
Dianne Hackborn | a06de0f | 2012-12-11 16:34:47 -0800 | [diff] [blame] | 1875 | } |
| 1876 | } |