diff options
| author | Michael Groover <mpgroover@google.com> | 2019-04-09 17:09:57 -0700 |
|---|---|---|
| committer | Michael Groover <mpgroover@google.com> | 2019-04-10 00:39:46 +0000 |
| commit | 656ef911b4655c1b3e2c62b46ddd700534ccc9a2 (patch) | |
| tree | 28f1737b9bfe25ab8406e58440a0419f9d00c861 /core/java | |
| parent | d5701f0ecbd2f9461dbdf52862c489a27eaa8613 (diff) | |
Grant access to device identifiers with READ_DEVICE_IDENTIFIERS appop
The app holding the SMS role and other carrier apps installed through
Play that cannot be granted carrier privileges can have a legitimate
need to access device identifiers but do not meet the new
requirements for access. This appop will provide a way to grant role
holders and apps delivered through Play a way to access these
identifiers.
Bug: 124236412
Test: cts-tradefed run cts-dev -m CtsAppSecurityHostTestCases -t \
android.appsecurity.cts.DeviceIdentifierTest#testDeviceIdentifierAccessWithAppOpGranted
Change-Id: Ieb182b254472b79cb791419222ee6ff9dedc6880
Diffstat (limited to 'core/java')
| -rw-r--r-- | core/java/android/app/AppOpsManager.java | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/core/java/android/app/AppOpsManager.java b/core/java/android/app/AppOpsManager.java index 15982a796a7e..a5bd15280bf6 100644 --- a/core/java/android/app/AppOpsManager.java +++ b/core/java/android/app/AppOpsManager.java @@ -824,9 +824,11 @@ public class AppOpsManager { public static final int OP_LEGACY_STORAGE = 87; /** @hide Accessing accessibility features */ public static final int OP_ACCESS_ACCESSIBILITY = 88; + /** @hide Read the device identifiers (IMEI / MEID, IMSI, SIM / Build serial) */ + public static final int OP_READ_DEVICE_IDENTIFIERS = 89; /** @hide */ @UnsupportedAppUsage - public static final int _NUM_OP = 89; + public static final int _NUM_OP = 90; /** Access to coarse location information. */ public static final String OPSTR_COARSE_LOCATION = "android:coarse_location"; @@ -1100,6 +1102,8 @@ public class AppOpsManager { /** @hide Interact with accessibility. */ @SystemApi public static final String OPSTR_ACCESS_ACCESSIBILITY = "android:access_accessibility"; + /** @hide Read device identifiers */ + public static final String OPSTR_READ_DEVICE_IDENTIFIERS = "android:read_device_identifiers"; // Warning: If an permission is added here it also has to be added to // com.android.packageinstaller.permission.utils.EventLogger @@ -1260,6 +1264,7 @@ public class AppOpsManager { OP_WRITE_MEDIA_IMAGES, // WRITE_MEDIA_IMAGES OP_LEGACY_STORAGE, // LEGACY_STORAGE OP_ACCESS_ACCESSIBILITY, // ACCESS_ACCESSIBILITY + OP_READ_DEVICE_IDENTIFIERS, // READ_DEVICE_IDENTIFIERS }; /** @@ -1355,6 +1360,7 @@ public class AppOpsManager { OPSTR_WRITE_MEDIA_IMAGES, OPSTR_LEGACY_STORAGE, OPSTR_ACCESS_ACCESSIBILITY, + OPSTR_READ_DEVICE_IDENTIFIERS, }; /** @@ -1451,6 +1457,7 @@ public class AppOpsManager { "WRITE_MEDIA_IMAGES", "LEGACY_STORAGE", "ACCESS_ACCESSIBILITY", + "READ_DEVICE_IDENTIFIERS", }; /** @@ -1548,6 +1555,7 @@ public class AppOpsManager { null, // no permission for OP_WRITE_MEDIA_IMAGES null, // no permission for OP_LEGACY_STORAGE null, // no permission for OP_ACCESS_ACCESSIBILITY + null, // no direct permission for OP_READ_DEVICE_IDENTIFIERS }; /** @@ -1645,6 +1653,7 @@ public class AppOpsManager { null, // WRITE_MEDIA_IMAGES null, // LEGACY_STORAGE null, // ACCESS_ACCESSIBILITY + null, // READ_DEVICE_IDENTIFIERS }; /** @@ -1741,6 +1750,7 @@ public class AppOpsManager { false, // WRITE_MEDIA_IMAGES false, // LEGACY_STORAGE false, // ACCESS_ACCESSIBILITY + false, // READ_DEVICE_IDENTIFIERS }; /** @@ -1836,6 +1846,7 @@ public class AppOpsManager { AppOpsManager.MODE_ERRORED, // WRITE_MEDIA_IMAGES AppOpsManager.MODE_DEFAULT, // LEGACY_STORAGE AppOpsManager.MODE_ALLOWED, // ACCESS_ACCESSIBILITY + AppOpsManager.MODE_ERRORED, // READ_DEVICE_IDENTIFIERS }; /** @@ -1935,6 +1946,7 @@ public class AppOpsManager { false, // WRITE_MEDIA_IMAGES false, // LEGACY_STORAGE false, // ACCESS_ACCESSIBILITY + false, // READ_DEVICE_IDENTIFIERS }; /** |