diff options
author | Shashank Mittal <mittals@codeaurora.org> | 2014-07-16 17:31:22 -0700 |
---|---|---|
committer | Roman Birg <roman@cyngn.com> | 2015-10-29 11:01:54 -0700 |
commit | 8b10cf24e17492410745398af8a544444b60bfa5 (patch) | |
tree | ba448847cbed95810be646c762f9b3b3be4a05c9 /services/core/java/com/android/server/AppOpsService.java | |
parent | 646827a4e92ba9d2f32624b9ed80867904f5e6ae (diff) | |
download | frameworks_base-8b10cf24e17492410745398af8a544444b60bfa5.zip frameworks_base-8b10cf24e17492410745398af8a544444b60bfa5.tar.gz frameworks_base-8b10cf24e17492410745398af8a544444b60bfa5.tar.bz2 |
AppOps: Add support for AppOps policy file
Add support to read AppOps policy file.
AppOps policy file can be used to configure Ops default policy.
Change-Id: Idb4e3501ff9f58e491b06e74152342aa9574afbf
Diffstat (limited to 'services/core/java/com/android/server/AppOpsService.java')
-rw-r--r-- | services/core/java/com/android/server/AppOpsService.java | 55 |
1 files changed, 48 insertions, 7 deletions
diff --git a/services/core/java/com/android/server/AppOpsService.java b/services/core/java/com/android/server/AppOpsService.java index dc533ad..7008bfc 100644 --- a/services/core/java/com/android/server/AppOpsService.java +++ b/services/core/java/com/android/server/AppOpsService.java @@ -87,11 +87,15 @@ public class AppOpsService extends IAppOpsService.Stub { // Write at most every 30 minutes. static final long WRITE_DELAY = DEBUG ? 1000 : 30*60*1000; + // Location of policy file. + static final String DEFAULT_POLICY_FILE = "/system/etc/appops_policy.xml"; + Context mContext; final AtomicFile mFile; final Handler mHandler; final Looper mLooper; final boolean mStrictEnable; + AppOpsPolicy mPolicy; boolean mWriteScheduled; boolean mFastWriteScheduled; @@ -254,6 +258,7 @@ public class AppOpsService extends IAppOpsService.Stub { public void publish(Context context) { mContext = context; + readPolicy(); ServiceManager.addService(Context.APP_OPS_SERVICE, asBinder()); } @@ -621,7 +626,7 @@ public class AppOpsService extends IAppOpsService.Stub { } repCbs.addAll(cbs); } - if (mode == this.getDefaultMode(code, uid, packageName)) { + if (mode == getDefaultMode(code, uid, packageName)) { // If going into the default mode, prune this op // if there is nothing else interesting in it. pruneOp(op, uid, packageName); @@ -1468,11 +1473,19 @@ public class AppOpsService extends IAppOpsService.Stub { || code >= AppOpsManager._NUM_OP) { continue; } - int defaultMode = getDefaultMode(code, uid, pkgName); - Op op = new Op(uid, pkgName, code, defaultMode); + Op op = new Op(uid, pkgName, code, AppOpsManager.MODE_ERRORED); String mode = parser.getAttributeValue(null, "m"); if (mode != null) { op.mode = Integer.parseInt(mode); + } else { + String sDefualtMode = parser.getAttributeValue(null, "dm"); + int defaultMode; + if (sDefualtMode != null) { + defaultMode = Integer.parseInt(sDefualtMode); + } else { + defaultMode = getDefaultMode(code, uid, pkgName); + } + op.mode = defaultMode; } String time = parser.getAttributeValue(null, "t"); if (time != null) { @@ -1582,9 +1595,12 @@ public class AppOpsService extends IAppOpsService.Stub { out.startTag(null, "op"); out.attribute(null, "n", Integer.toString(op.getOp())); out.attribute(null, "ns", AppOpsManager.opToName(op.getOp())); - if (op.getMode() != this.getDefaultMode(op.getOp(), - pkg.getUid(), pkg.getPackageName())) { + int defaultMode = getDefaultMode(op.getOp(), + pkg.getUid(), pkg.getPackageName()); + if (op.getMode() != defaultMode) { out.attribute(null, "m", Integer.toString(op.getMode())); + } else { + out.attribute(null, "dm", Integer.toString(defaultMode)); } long time = op.getTime(); if (time != 0) { @@ -1894,8 +1910,15 @@ public class AppOpsService extends IAppOpsService.Stub { } private int getDefaultMode(int code, int uid, String packageName) { - return AppOpsManager.opToDefaultMode(code, + int mode = AppOpsManager.opToDefaultMode(code, isStrict(code, uid, packageName)); + if (AppOpsManager.isStrictOp(code) && mPolicy != null) { + int policyMode = mPolicy.getDefualtMode(code, packageName); + if (policyMode != AppOpsManager.MODE_ERRORED) { + mode = policyMode; + } + } + return mode; } private boolean isStrict(int code, int uid, String packageName) { @@ -2013,7 +2036,7 @@ public class AppOpsService extends IAppOpsService.Stub { private static String[] getPackagesForUid(int uid) { String[] packageNames = null; try { - packageNames= AppGlobals.getPackageManager().getPackagesForUid(uid); + packageNames = AppGlobals.getPackageManager().getPackagesForUid(uid); } catch (RemoteException e) { /* ignore - local call */ } @@ -2022,4 +2045,22 @@ public class AppOpsService extends IAppOpsService.Stub { } return packageNames; } + + private void readPolicy() { + if (mStrictEnable) { + mPolicy = new AppOpsPolicy(new File(DEFAULT_POLICY_FILE), mContext); + mPolicy.readPolicy(); + mPolicy.debugPoilcy(); + } else { + mPolicy = null; + } + } + + public boolean isControlAllowed(int code, String packageName) { + boolean isShow = true; + if (mPolicy != null) { + isShow = mPolicy.isControlAllowed(code, packageName); + } + return isShow; + } } |