Do not check AppOp if not required

Only check the AppOp if a sensor explicitly requires an AppOp.
Otherwise, only check if the client has permission to access the
sensor.

Bug: 131910349
Test: Verified a_sns_test can access sensors.
Test: Verified app targeting Q must have AR permission to access Step
      Detector and Step Counter.
Test: Verified app targeting P with AR permission defined in manifest
      cannot receive Step Counter or Step Detector events if user
      revokes AR permission.
Test: Verified app targeting P without any permissions defined in the
      manifest can access Step Counter and Step Detector.
Test: Verified app targeting J cannot receive Step Counter or Step
      Detector events if user revokes AR permission.
Change-Id: I3c2dd20889b99bce047025607cc6e921330de52e
diff --git a/services/sensorservice/SensorService.cpp b/services/sensorservice/SensorService.cpp
index 639ce78..fa1e232 100644
--- a/services/sensorservice/SensorService.cpp
+++ b/services/sensorservice/SensorService.cpp
@@ -1686,26 +1686,29 @@
     const int32_t opCode = sensor.getRequiredAppOp();
     const int32_t appOpMode = sAppOpsManager.checkOp(opCode,
             IPCThreadState::self()->getCallingUid(), opPackageName);
+    bool appOpAllowed = appOpMode == AppOpsManager::MODE_ALLOWED;
 
-    // Ensure that the AppOp is allowed
-    //
-    // This check is also required to ensure that the user hasn't revoked the necessary permissions
-    // to access the Step Detector and Step Counter when the application targets pre-Q. Without this
-    // check, if the user revokes the pre-Q install-time GMS Core AR permission, the app would
-    // still be able to receive Step Counter and Step Detector events.
     bool canAccess = false;
-    if (opCode >= 0 && appOpMode == AppOpsManager::MODE_ALLOWED) {
-        if (hasPermissionForSensor(sensor)) {
+    if (hasPermissionForSensor(sensor)) {
+        // Ensure that the AppOp is allowed, or that there is no necessary app op for the sensor
+        if (opCode < 0 || appOpAllowed) {
             canAccess = true;
-        } else if (sensor.getType() == SENSOR_TYPE_STEP_COUNTER ||
-                   sensor.getType() == SENSOR_TYPE_STEP_DETECTOR) {
-            int targetSdkVersion = getTargetSdkVersion(opPackageName);
-            // Allow access to the sensor if the application targets pre-Q, which is before the
-            // requirement to hold the AR permission to access Step Counter and Step Detector events
-            // was introduced.
-            if (targetSdkVersion > 0 && targetSdkVersion <= __ANDROID_API_P__) {
-                canAccess = true;
-            }
+        }
+    } else if (sensor.getType() == SENSOR_TYPE_STEP_COUNTER ||
+            sensor.getType() == SENSOR_TYPE_STEP_DETECTOR) {
+        int targetSdkVersion = getTargetSdkVersion(opPackageName);
+        // Allow access to the sensor if the application targets pre-Q, which is before the
+        // requirement to hold the AR permission to access Step Counter and Step Detector events
+        // was introduced, and the user hasn't revoked the app op.
+        //
+        // Verifying the app op is required to ensure that the user hasn't revoked the necessary
+        // permissions to access the Step Detector and Step Counter when the application targets
+        // pre-Q. Without this check, if the user revokes the pre-Q install-time GMS Core AR
+        // permission, the app would still be able to receive Step Counter and Step Detector events.
+        if (appOpAllowed &&
+                targetSdkVersion > 0 &&
+                targetSdkVersion <= __ANDROID_API_P__) {
+            canAccess = true;
         }
     }