diff options
author | Dianne Hackborn <hackbod@google.com> | 2015-07-01 12:30:54 -0700 |
---|---|---|
committer | Dianne Hackborn <hackbod@google.com> | 2015-07-01 12:37:00 -0700 |
commit | de15edaa9bf486a4050bb067317d313fd807bb10 (patch) | |
tree | 489bb47ee9025eaccb14fa979f3b3e583f92fcbf /core | |
parent | 80abf887a1578669d3167ea83d52a497a64ea491 (diff) | |
download | frameworks_base-de15edaa9bf486a4050bb067317d313fd807bb10.zip frameworks_base-de15edaa9bf486a4050bb067317d313fd807bb10.tar.gz frameworks_base-de15edaa9bf486a4050bb067317d313fd807bb10.tar.bz2 |
Work on issue #21589105: Scope WRITE_SETTINGS and SYSTEM_ALERT_WINDOW...
...to an explicit toggle to enable in Settings
Add a new permission flag, saying the permission can be automatically
granted to pre-api-23 apps. Apply this to SYSTEM_ALERT_WINDOW.
Change-Id: I24a0ceabe7e9f5e458a864d30eda2696ad14a699
Diffstat (limited to 'core')
-rw-r--r-- | core/java/android/content/pm/PermissionInfo.java | 10 | ||||
-rw-r--r-- | core/java/android/widget/AppSecurityPermissions.java | 3 | ||||
-rw-r--r-- | core/res/AndroidManifest.xml | 2 | ||||
-rw-r--r-- | core/res/res/values/attrs_manifest.xml | 5 |
4 files changed, 18 insertions, 2 deletions
diff --git a/core/java/android/content/pm/PermissionInfo.java b/core/java/android/content/pm/PermissionInfo.java index 04dbff2..0a1f148 100644 --- a/core/java/android/content/pm/PermissionInfo.java +++ b/core/java/android/content/pm/PermissionInfo.java @@ -76,6 +76,13 @@ public class PermissionInfo extends PackageItemInfo implements Parcelable { public static final int PROTECTION_FLAG_APPOP = 0x40; /** + * Additional flag for {@link #protectionLevel}, corresponding + * to the <code>pre23</code> value of + * {@link android.R.attr#protectionLevel}. + */ + public static final int PROTECTION_FLAG_PRE23 = 0x80; + + /** * Mask for {@link #protectionLevel}: the basic protection type. */ public static final int PROTECTION_MASK_BASE = 0xf; @@ -171,6 +178,9 @@ public class PermissionInfo extends PackageItemInfo implements Parcelable { if ((level&PermissionInfo.PROTECTION_FLAG_APPOP) != 0) { protLevel += "|appop"; } + if ((level&PermissionInfo.PROTECTION_FLAG_PRE23) != 0) { + protLevel += "|pre23"; + } return protLevel; } diff --git a/core/java/android/widget/AppSecurityPermissions.java b/core/java/android/widget/AppSecurityPermissions.java index bb4a948..c54b28d 100644 --- a/core/java/android/widget/AppSecurityPermissions.java +++ b/core/java/android/widget/AppSecurityPermissions.java @@ -553,7 +553,8 @@ public class AppSecurityPermissions { int existingReqFlags) { final int base = pInfo.protectionLevel & PermissionInfo.PROTECTION_MASK_BASE; final boolean isNormal = (base == PermissionInfo.PROTECTION_NORMAL); - final boolean isDangerous = (base == PermissionInfo.PROTECTION_DANGEROUS); + final boolean isDangerous = (base == PermissionInfo.PROTECTION_DANGEROUS) + || ((pInfo.protectionLevel&PermissionInfo.PROTECTION_FLAG_PRE23) != 0); final boolean isRequired = ((newReqFlags&PackageInfo.REQUESTED_PERMISSION_REQUIRED) != 0); final boolean isDevelopment = diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml index bd9b014..c40ae60 100644 --- a/core/res/AndroidManifest.xml +++ b/core/res/AndroidManifest.xml @@ -1414,7 +1414,7 @@ <permission android:name="android.permission.SYSTEM_ALERT_WINDOW" android:label="@string/permlab_systemAlertWindow" android:description="@string/permdesc_systemAlertWindow" - android:protectionLevel="signature|system|appop" /> + android:protectionLevel="signature|system|appop|pre23" /> <!-- ================================== --> <!-- Permissions affecting the system wallpaper --> diff --git a/core/res/res/values/attrs_manifest.xml b/core/res/res/values/attrs_manifest.xml index 3cb4d7c..70f9db9 100644 --- a/core/res/res/values/attrs_manifest.xml +++ b/core/res/res/values/attrs_manifest.xml @@ -215,6 +215,11 @@ <!-- Additional flag from base permission type: this permission is closely associated with an app op for controlling access. --> <flag name="appop" value="0x40" /> + <!-- Additional flag from base permission type: this permission can be automatically + granted to apps that target API levels below + {@link android.os.Build.VERSION_CODES#MNC} (before runtime permissions + were introduced). --> + <flag name="pre23" value="0x80" /> </attr> <!-- Flags indicating more context for a permission group. --> |