Gitiles
Code Review Sign In
gerrit.omnirom.org / android_frameworks_base / 9160d589942545c11e45e5512554f6d1beea446a^1..9160d589942545c11e45e5512554f6d1beea446a / .
commit9160d589942545c11e45e5512554f6d1beea446a[log] [tgz]
authorTreehugger Robot <android-test-infra-autosubmit@system.gserviceaccount.com>Thu Nov 14 02:19:51 2024 +0000
committerAndroid (Google) Code Review <android-gerrit@google.com>Thu Nov 14 02:19:51 2024 +0000
tree2c1dec00cbf4aafb82bf5ff27ace2717fcd531b1
parented0a3c2362728e65639b1de42b6b472fdf0ea753 [diff]
parentcb92da45e2bc0a55173f303c01ae4cd543deb581 [diff]
Merge "Add appop protection level to WRITE_SYSTEM_PREFERENCES" into main
diff --git a/core/api/current.txt b/core/api/current.txt
index a9618d0..2056056 100644
--- a/core/api/current.txt
+++ b/core/api/current.txt

@@ -336,7 +336,7 @@
     field public static final String WRITE_SECURE_SETTINGS = "android.permission.WRITE_SECURE_SETTINGS";
     field public static final String WRITE_SETTINGS = "android.permission.WRITE_SETTINGS";
     field public static final String WRITE_SYNC_SETTINGS = "android.permission.WRITE_SYNC_SETTINGS";
-    field @FlaggedApi("com.android.settingslib.flags.settings_catalyst") public static final String WRITE_SYSTEM_PREFERENCES = "android.permission.WRITE_SYSTEM_PREFERENCES";
+    field @FlaggedApi("com.android.settingslib.flags.write_system_preference_permission_enabled") public static final String WRITE_SYSTEM_PREFERENCES = "android.permission.WRITE_SYSTEM_PREFERENCES";
     field public static final String WRITE_VOICEMAIL = "com.android.voicemail.permission.WRITE_VOICEMAIL";
   }
 

diff --git a/core/java/android/app/AppOpsManager.java b/core/java/android/app/AppOpsManager.java
index 8b37dbd..6c03b32 100644
--- a/core/java/android/app/AppOpsManager.java
+++ b/core/java/android/app/AppOpsManager.java

@@ -1624,9 +1624,13 @@
     /** @hide Access to read oxygen saturation. */
     public static final int OP_READ_OXYGEN_SATURATION = AppOpEnums.APP_OP_READ_OXYGEN_SATURATION;
 
+    /** @hide Access to write system preferences. */
+    public static final int OP_WRITE_SYSTEM_PREFERENCES =
+            AppOpEnums.APP_OP_WRITE_SYSTEM_PREFERENCES;
+
     /** @hide */
     @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553)
-    public static final int _NUM_OP = 153;
+    public static final int _NUM_OP = 154;
 
     /**
      * All app ops represented as strings.
@@ -1783,6 +1787,7 @@
             OPSTR_READ_SKIN_TEMPERATURE,
             OPSTR_RANGING,
             OPSTR_READ_OXYGEN_SATURATION,
+            OPSTR_WRITE_SYSTEM_PREFERENCES,
     })
     public @interface AppOpString {}
 
@@ -2540,6 +2545,9 @@
     @FlaggedApi(Flags.FLAG_RANGING_PERMISSION_ENABLED)
     public static final String OPSTR_RANGING = "android:ranging";
 
+    /** @hide Access to system preferences write services */
+    public static final String OPSTR_WRITE_SYSTEM_PREFERENCES = "android:write_system_preferences";
+
     /** {@link #sAppOpsToNote} not initialized yet for this op */
     private static final byte SHOULD_COLLECT_NOTE_OP_NOT_INITIALIZED = 0;
     /** Should not collect noting of this app-op in {@link #sAppOpsToNote} */
@@ -2656,6 +2664,7 @@
             OP_RECEIVE_SANDBOX_TRIGGER_AUDIO,
             OP_MEDIA_ROUTING_CONTROL,
             OP_READ_SYSTEM_GRAMMATICAL_GENDER,
+            OP_WRITE_SYSTEM_PREFERENCES,
     };
 
     @SuppressWarnings("FlaggedApi")
@@ -3144,6 +3153,10 @@
                 Flags.replaceBodySensorPermissionEnabled()
                     ? HealthPermissions.READ_OXYGEN_SATURATION : null)
             .setDefaultMode(AppOpsManager.MODE_ALLOWED).build(),
+        new AppOpInfo.Builder(OP_WRITE_SYSTEM_PREFERENCES, OPSTR_WRITE_SYSTEM_PREFERENCES,
+            "WRITE_SYSTEM_PREFERENCES").setPermission(
+                     com.android.settingslib.flags.Flags.writeSystemPreferencePermissionEnabled()
+                     ? Manifest.permission.WRITE_SYSTEM_PREFERENCES : null).build(),
     };
 
     // The number of longs needed to form a full bitmask of app ops

diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 3e0c120..c3d151b 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml

@@ -4991,16 +4991,16 @@
         android:protectionLevel="signature|privileged|role"
         android:featureFlag="com.android.settingslib.flags.settings_catalyst" />
 
-    <!-- @FlaggedApi(com.android.settingslib.flags.Flags.FLAG_SETTINGS_CATALYST)
+    <!-- @FlaggedApi(com.android.settingslib.flags.Flags.FLAG_WRITE_SYSTEM_PREFERENCE_PERMISSION_ENABLED)
          Allows an application to access the Settings Preference services to write settings
          values exposed by the system Settings app and system apps that contribute settings surfaced
          in the Settings app.
          <p>This allows the calling application to write settings values
          through the host application, agnostic of underlying storage.
-         <p>Protection Level: signature|privileged|appop - appop to be added in followup -->
+         <p>Protection Level: signature|privileged|appop -->
     <permission android:name="android.permission.WRITE_SYSTEM_PREFERENCES"
-        android:protectionLevel="signature|privileged"
-        android:featureFlag="com.android.settingslib.flags.settings_catalyst" />
+        android:protectionLevel="signature|privileged|appop"
+        android:featureFlag="com.android.settingslib.flags.write_system_preference_permission_enabled" />
 
     <!-- ========================================= -->
     <!-- Permissions for special development tools -->