diff options
| author | Svet Ganov <svetoslavganov@google.com> | 2015-05-20 10:45:43 -0700 |
|---|---|---|
| committer | Svetoslav <svetoslavganov@google.com> | 2015-05-20 13:08:58 -0700 |
| commit | d8ecc5aee49874ac1f100f69be94906a3e99b951 (patch) | |
| tree | 65d7f90e7a5f449528b60487be9318763790b8a1 /services/devicepolicy | |
| parent | 7d383b9271863d0799889374329a08731fe47550 (diff) | |
| download | frameworks_base-d8ecc5aee49874ac1f100f69be94906a3e99b951.zip frameworks_base-d8ecc5aee49874ac1f100f69be94906a3e99b951.tar.gz frameworks_base-d8ecc5aee49874ac1f100f69be94906a3e99b951.tar.bz2 | |
Allow DO/PO to go back to normal permission state.
We have APIs for a DO/PO to fix a permission in a granted or
denied state in which the user cannot manage this permission
through the UI. However, there is no way to go back to the
default state in which the user gets to choose the permission
grant state.
Change-Id: I2562a1d8b1385cd740b44812844ef14c895c2902
Diffstat (limited to 'services/devicepolicy')
| -rw-r--r-- | services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java | 35 |
1 files changed, 22 insertions, 13 deletions
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index 9ad7e11..a9e76d8 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -6392,25 +6392,34 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } @Override - public boolean setPermissionGranted(ComponentName admin, String packageName, - String permission, boolean granted) throws RemoteException { + public boolean setPermissionGrantState(ComponentName admin, String packageName, + String permission, int grantState) throws RemoteException { UserHandle user = Binder.getCallingUserHandle(); synchronized (this) { getActiveAdminForCallerLocked(admin, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER); long ident = Binder.clearCallingIdentity(); try { PackageManager packageManager = mContext.getPackageManager(); - if (granted) { - packageManager.grantRuntimePermission(packageName, permission, user); - packageManager.updatePermissionFlags(permission, packageName, - PackageManager.FLAG_PERMISSION_POLICY_FIXED, - PackageManager.FLAG_PERMISSION_POLICY_FIXED, user); - } else { - packageManager.revokeRuntimePermission(packageName, - permission, user); - packageManager.updatePermissionFlags(permission, packageName, - PackageManager.FLAG_PERMISSION_POLICY_FIXED, - PackageManager.FLAG_PERMISSION_POLICY_FIXED, user); + switch (grantState) { + case DevicePolicyManager.PERMISSION_GRANT_STATE_GRANTED: { + packageManager.grantRuntimePermission(packageName, permission, user); + packageManager.updatePermissionFlags(permission, packageName, + PackageManager.FLAG_PERMISSION_POLICY_FIXED, + PackageManager.FLAG_PERMISSION_POLICY_FIXED, user); + } break; + + case DevicePolicyManager.PERMISSION_GRANT_STATE_DENIED: { + packageManager.revokeRuntimePermission(packageName, + permission, user); + packageManager.updatePermissionFlags(permission, packageName, + PackageManager.FLAG_PERMISSION_POLICY_FIXED, + PackageManager.FLAG_PERMISSION_POLICY_FIXED, user); + } break; + + case DevicePolicyManager.PERMISSION_GRANT_STATE_DEFAULT: { + packageManager.updatePermissionFlags(permission, packageName, + PackageManager.FLAG_PERMISSION_POLICY_FIXED, 0, user); + } break; } return true; } catch (SecurityException se) { |