frameworks_base.git - frameworks

	Commit message (Collapse)	Author	Age	Files	Lines
*	Remove @TestApi from @SystemApi symbols	Anton Hansson	2020-10-20	1	-2/+0
\| \| \| \| \| \| \| \| \| \| \| \| \|	I ran these commands: cd frameworks/base grep -rl '@TestApi' --include '.java' \| xargs perl -i -p0e \ 's/\@SystemApi[\s\n]+(\@\w+[\s\n]+)?\@TestApi/\@SystemApi\1/gs' grep -rl '@TestApi' --include '.java' \| xargs perl -i -p0e \ 's/\@TestApi[\s\n]+(\@\w+[\s\n]+)?\@SystemApi/\1\@SystemApi/gs' Bug: 171179806 Test: m checkapi Change-Id: I772790b783b0a8730b8bf680c9e569a886b8d789
*	Use new UnsupportedAppUsage annotation.	Artur Satayev	2019-12-18	1	-2/+1
\| \| \| \| \| \| \| \|	Existing annotations in libcore/ and frameworks/ will deleted after the migration. This also means that any java library that compiles @UnsupportedAppUsage requires a direct dependency on "unsupportedappusage" java_library. Bug: 145132366 Test: m && diff unsupportedappusage_index.csv Change-Id: I534e3fd1305e2f4af076986770033478448a665c
*	Add @UnsupportedAppUsage annotations for max-p.	Artur Satayev	2019-08-01	1	-0/+3
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	See go/UnsupportedAppUsage for more details. These have already been greylisted, however due to bugs/omissions in the tooling have been kept in go/greylist-txt instead of being annotated in the code. Exempted-From-Owner-Approval: Mechanical changes to the codebase which have been approved by Android API council and announced on android-eng@ Bug: 137350495 Test: m Change-Id: I5aa29a49b193db47aaee4d3a756c17f48cc9f0b1
*	Restricted permission mechanism - framework	Svet Ganov	2019-04-07	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This change adds a mechanism for restricting permissions (only runtime for now), so that an app cannot hold the permission if it is not white listed. The whitelisting can happen at install or at any later point. There are three whitelists: system: OS managed with default grants and role holders being on it; upgrade: only OS puts on this list apps when upgrading from a pre to post restriction permission database version and OS and installer on record can remove; installer: only the installer on record can add and remove (and the system of course). Added a permission policy service that sits on top of permissions and app ops and is responsible to sync between permissions and app ops when there is an interdependecy in any direction. Added versioning to the runtime permissions database to allow operations that need to be done once on upgrade such as adding all permissions held by apps pre upgrade to the upgrade whitelist if the new permisison version inctroduces a new restricted permission. The upgrade logic is in the permission controller and we will eventually put the default grants there. NOTE: This change is reacting to a VP feedback for how we would handle SMS/CallLog restriction as we pivoted from role based approach to roles for things the user would understand plus whitelist for everything else. This would also help us roll out softly the storage permisison as there is too much churm coming from developer feedback. Exempt-From-Owner-Approval: trivial change due to APi adjustment Test: atest CtsAppSecurityHostTestCases:android.appsecurity.cts.PermissionsHostTest Test: atest CtsPermissionTestCases Test: atest CtsPermission2TestCases Test: atest RoleManagerTestCases bug:124769181 Change-Id: Ic48e3c728387ecf02f89d517ba1fe785ab9c75fd
*	All Parcelable CREATOR fields are @NonNull.	Jeff Sharkey	2019-02-28	1	-1/+1
\| \| \| \| \| \| \| \| \|	If they were null, then the Parcelable would fail to work. Bug: 126726802 Test: manual Change-Id: I7929ffa2f20e5de1c8e68e8263cca99496e9d014 Exempt-From-Owner-Approval: Trivial API annotations
*	Make RemoteCallback test API	Svet Ganov	2018-05-21	1	-0/+2
\| \| \| \| \| \| \| \|	Test: manual bug:79782915 Change-Id: I61343573428333c0d4a9ee2523c444753280186c
*	Cleanup of the PackageInstaller API - Frameworks	Svet Ganov	2016-04-22	1	-0/+2
\| \| \| \| \| \| \| \| \|	The PackageInstaller app manages side-loading apps as well as permission management. It should be updatable, hence should rely on system APIs to talk to the platform. This is the first step of defining an API boundary. Change-Id: I9814eafd0b22ae03b4b847a7007cdbf14c9e5466
*	Add optional permission review for legacy apps - framework	Svet Ganov	2015-12-02	1	-62/+58
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	For some markets we have to allow the user to review permissions for legacy apps at runtime despite them not supporting the new permission model. This is achieved by showing a review UI before launching any app component. If an update is installed the user should see a permission review UI for the newly requested permissions. To allow distinguishing which permissions need a review we set a special flag in the permission flags that a review is required. This flag is set if a runtime permission is granted to a legacy app and the system does not launch any app components until this flag is cleared. Since install permissions are shared across all users the dangerous permissions for legacy apps in review mode are represented as always granted runtime permissions since the reivew requirement is on a per user basis. Whether the build supports permission review for legacy apps is determined by a build constant allowing us to compile away the unnecessary code for markets that do not require a permissions review. If an app launches an activity in another app that has some permissions needing review, we launch the permissions review UI and pass it a pending intent to launch the activity after the review is completed. If an app sends a broadcast to another app that has some permissions needing review, we do not deliver the broadcast and if the sending app is in the foreground plus the broadcast is explicit (has a component) we launch the review UI giving it a pending intent to send the broadcast after the review is completed. If an app starts a service in another app that has some permissions needing review, we do not start the service and if the calling app is in the foreground we launch the review UI and pass it a pending intent to start the service after the review is completed. If an app binds to a service in another app that has some permissions needing review, we schedule the binding but do not spin the target service's process and we launch the review UI and pass it a callback to invoke after the review is completed which spins the service process and completes the binding. If an app requests a content provider in another app that has some permissions needing review we do not return the provider and if the calling app is in the foreground we show the review UI. Change-Id: I550f5ff6cadc46a98a1d1a7b8415eca551203acf
*	More work on device admins:	Dianne Hackborn	2010-01-27	1	-0/+107
	- You can now show a dynamic message to the user when asking to have your DeviceAdmin added. - A DeviceAdmin can now provide a warning message that is displayed before a user disables it. - Better ordering (and text) of the policy warnings. - New API to set the maximum failed password attempts before the device wipes itself. - We now store the number of failed unlock attempts in persistent storage. - New managed dialog APIs that will be used by the settings app. Also a little bit of cleanup as I was working on this - removed the long unused MailboxNotAvailableException, fixed a java doc in Messenger.