Merge "Grant optional permissions by default for system apps." into jb-mr2-dev
This commit is contained in:
committed by
Android (Google) Code Review
commit
0d17aaa543
@ -5135,9 +5135,16 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
final int level = bp.protectionLevel & PermissionInfo.PROTECTION_MASK_BASE;
|
final int level = bp.protectionLevel & PermissionInfo.PROTECTION_MASK_BASE;
|
||||||
if (level == PermissionInfo.PROTECTION_NORMAL
|
if (level == PermissionInfo.PROTECTION_NORMAL
|
||||||
|| level == PermissionInfo.PROTECTION_DANGEROUS) {
|
|| level == PermissionInfo.PROTECTION_DANGEROUS) {
|
||||||
// If the permission is required, or it's optional and was previously
|
// We grant a normal or dangerous permission if any of the following
|
||||||
// granted to the application, then allow it. Otherwise deny.
|
// are true:
|
||||||
allowed = (required || origPermissions.contains(perm));
|
// 1) The permission is required
|
||||||
|
// 2) The permission is optional, but was granted in the past
|
||||||
|
// 3) The permission is optional, but was requested by an
|
||||||
|
// app in /system (not /data)
|
||||||
|
//
|
||||||
|
// Otherwise, reject the permission.
|
||||||
|
allowed = (required || origPermissions.contains(perm)
|
||||||
|
|| (isSystemApp(ps) && !isUpdatedSystemApp(ps)));
|
||||||
} else if (bp.packageSetting == null) {
|
} else if (bp.packageSetting == null) {
|
||||||
// This permission is invalid; skip it.
|
// This permission is invalid; skip it.
|
||||||
allowed = false;
|
allowed = false;
|
||||||
@ -5155,8 +5162,7 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (allowed) {
|
if (allowed) {
|
||||||
if ((ps.pkgFlags&ApplicationInfo.FLAG_SYSTEM) == 0
|
if (!isSystemApp(ps) && ps.permissionsFixed) {
|
||||||
&& ps.permissionsFixed) {
|
|
||||||
// If this is an existing, non-system package, then
|
// If this is an existing, non-system package, then
|
||||||
// we can't add any new permissions to it.
|
// we can't add any new permissions to it.
|
||||||
if (!allowedSig && !gp.grantedPermissions.contains(perm)) {
|
if (!allowedSig && !gp.grantedPermissions.contains(perm)) {
|
||||||
@ -5199,8 +5205,7 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if ((changedPermission || replace) && !ps.permissionsFixed &&
|
if ((changedPermission || replace) && !ps.permissionsFixed &&
|
||||||
((ps.pkgFlags&ApplicationInfo.FLAG_SYSTEM) == 0) ||
|
!isSystemApp(ps) || isUpdatedSystemApp(ps)){
|
||||||
((ps.pkgFlags & ApplicationInfo.FLAG_UPDATED_SYSTEM_APP) != 0)){
|
|
||||||
// This is the first that we have heard about this package, so the
|
// This is the first that we have heard about this package, so the
|
||||||
// permissions we have now selected are fixed until explicitly
|
// permissions we have now selected are fixed until explicitly
|
||||||
// changed.
|
// changed.
|
||||||
@ -8381,6 +8386,10 @@ public class PackageManagerService extends IPackageManager.Stub {
|
|||||||
return (ps.pkgFlags & ApplicationInfo.FLAG_SYSTEM) != 0;
|
return (ps.pkgFlags & ApplicationInfo.FLAG_SYSTEM) != 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private static boolean isUpdatedSystemApp(PackageSetting ps) {
|
||||||
|
return (ps.pkgFlags & ApplicationInfo.FLAG_UPDATED_SYSTEM_APP) != 0;
|
||||||
|
}
|
||||||
|
|
||||||
private static boolean isUpdatedSystemApp(PackageParser.Package pkg) {
|
private static boolean isUpdatedSystemApp(PackageParser.Package pkg) {
|
||||||
return (pkg.applicationInfo.flags & ApplicationInfo.FLAG_UPDATED_SYSTEM_APP) != 0;
|
return (pkg.applicationInfo.flags & ApplicationInfo.FLAG_UPDATED_SYSTEM_APP) != 0;
|
||||||
}
|
}
|
||||||
|
Reference in New Issue
Block a user