use of android.app.AppOpsManager in project android_frameworks_base by crdroidandroid.
the class MountService method mkdirs.
@Override
public int mkdirs(String callingPkg, String appPath) {
final int userId = UserHandle.getUserId(Binder.getCallingUid());
final UserEnvironment userEnv = new UserEnvironment(userId);
// Validate that reported package name belongs to caller
final AppOpsManager appOps = (AppOpsManager) mContext.getSystemService(Context.APP_OPS_SERVICE);
appOps.checkPackage(Binder.getCallingUid(), callingPkg);
File appFile = null;
try {
appFile = new File(appPath).getCanonicalFile();
} catch (IOException e) {
Slog.e(TAG, "Failed to resolve " + appPath + ": " + e);
return -1;
}
// belong to the calling package.
if (FileUtils.contains(userEnv.buildExternalStorageAppDataDirs(callingPkg), appFile) || FileUtils.contains(userEnv.buildExternalStorageAppObbDirs(callingPkg), appFile) || FileUtils.contains(userEnv.buildExternalStorageAppMediaDirs(callingPkg), appFile)) {
appPath = appFile.getAbsolutePath();
if (!appPath.endsWith("/")) {
appPath = appPath + "/";
}
try {
mConnector.execute("volume", "mkdirs", appPath);
return 0;
} catch (NativeDaemonConnectorException e) {
return e.getCode();
}
}
throw new SecurityException("Invalid mkdirs path: " + appFile);
}
use of android.app.AppOpsManager in project android_frameworks_base by crdroidandroid.
the class RecentLocationApps method getAppList.
/**
* Fills a list of applications which queried location recently within specified time.
*/
public List<Request> getAppList() {
// Retrieve a location usage list from AppOps
AppOpsManager aoManager = (AppOpsManager) mContext.getSystemService(Context.APP_OPS_SERVICE);
List<AppOpsManager.PackageOps> appOps = aoManager.getPackagesForOps(LOCATION_OPS);
final int appOpsCount = appOps != null ? appOps.size() : 0;
// Process the AppOps list and generate a preference list.
ArrayList<Request> requests = new ArrayList<>(appOpsCount);
final long now = System.currentTimeMillis();
final UserManager um = (UserManager) mContext.getSystemService(Context.USER_SERVICE);
final List<UserHandle> profiles = um.getUserProfiles();
for (int i = 0; i < appOpsCount; ++i) {
AppOpsManager.PackageOps ops = appOps.get(i);
// Don't show the Android System in the list - it's not actionable for the user.
// Also don't show apps belonging to background users except managed users.
String packageName = ops.getPackageName();
int uid = ops.getUid();
int userId = UserHandle.getUserId(uid);
boolean isAndroidOs = (uid == Process.SYSTEM_UID) && ANDROID_SYSTEM_PACKAGE_NAME.equals(packageName);
if (isAndroidOs || !profiles.contains(new UserHandle(userId))) {
continue;
}
Request request = getRequestFromOps(now, ops);
if (request != null) {
requests.add(request);
}
}
return requests;
}
use of android.app.AppOpsManager in project android_frameworks_base by crdroidandroid.
the class Settings method isCallingPackageAllowedToPerformAppOpsProtectedOperation.
/**
* Helper method to perform a general and comprehensive check of whether an operation that is
* protected by appops can be performed by a caller or not. e.g. OP_SYSTEM_ALERT_WINDOW and
* OP_WRITE_SETTINGS
* @hide
*/
public static boolean isCallingPackageAllowedToPerformAppOpsProtectedOperation(Context context, int uid, String callingPackage, boolean throwException, int appOpsOpCode, String[] permissions, boolean makeNote) {
if (callingPackage == null) {
return false;
}
AppOpsManager appOpsMgr = (AppOpsManager) context.getSystemService(Context.APP_OPS_SERVICE);
int mode = AppOpsManager.MODE_DEFAULT;
if (makeNote) {
mode = appOpsMgr.noteOpNoThrow(appOpsOpCode, uid, callingPackage);
} else {
mode = appOpsMgr.checkOpNoThrow(appOpsOpCode, uid, callingPackage);
}
switch(mode) {
case AppOpsManager.MODE_ALLOWED:
return true;
case AppOpsManager.MODE_DEFAULT:
// if it is granted during install time.
for (String permission : permissions) {
if (context.checkCallingOrSelfPermission(permission) == PackageManager.PERMISSION_GRANTED) {
// if either of the permissions are granted, we will allow it
return true;
}
}
default:
// this is for all other cases trickled down here...
if (!throwException) {
return false;
}
}
// prepare string to throw SecurityException
StringBuilder exceptionMessage = new StringBuilder();
exceptionMessage.append(callingPackage);
exceptionMessage.append(" was not granted ");
if (permissions.length > 1) {
exceptionMessage.append(" either of these permissions: ");
} else {
exceptionMessage.append(" this permission: ");
}
for (int i = 0; i < permissions.length; i++) {
exceptionMessage.append(permissions[i]);
exceptionMessage.append((i == permissions.length - 1) ? "." : ", ");
}
throw new SecurityException(exceptionMessage.toString());
}
use of android.app.AppOpsManager in project android_frameworks_base by crdroidandroid.
the class TelephonyManager method setDataEnabled.
/** @hide */
@SystemApi
public void setDataEnabled(int subId, boolean enable) {
try {
Log.d(TAG, "setDataEnabled: enabled=" + enable);
AppOpsManager appOps = (AppOpsManager) mContext.getSystemService(Context.APP_OPS_SERVICE);
if (enable) {
if (appOps.noteOp(AppOpsManager.OP_DATA_CONNECT_CHANGE) != AppOpsManager.MODE_ALLOWED) {
Log.w(TAG, "Permission denied by user.");
return;
}
}
ITelephony telephony = getITelephony();
if (telephony != null)
telephony.setDataEnabled(subId, enable);
} catch (RemoteException e) {
Log.e(TAG, "Error calling setDataEnabled", e);
} catch (NullPointerException npe) {
Log.e(TAG, "Error calling setDataEnabled", npe);
}
}
use of android.app.AppOpsManager in project android_frameworks_base by crdroidandroid.
the class NetworkStatsAccess method hasAppOpsPermission.
private static boolean hasAppOpsPermission(Context context, int callingUid, String callingPackage) {
if (callingPackage != null) {
AppOpsManager appOps = (AppOpsManager) context.getSystemService(Context.APP_OPS_SERVICE);
final int mode = appOps.checkOp(AppOpsManager.OP_GET_USAGE_STATS, callingUid, callingPackage);
if (mode == AppOpsManager.MODE_DEFAULT) {
// The default behavior here is to check if PackageManager has given the app
// permission.
final int permissionCheck = context.checkCallingPermission(Manifest.permission.PACKAGE_USAGE_STATS);
return permissionCheck == PackageManager.PERMISSION_GRANTED;
}
return (mode == AppOpsManager.MODE_ALLOWED);
}
return false;
}
Aggregations