commit a2d40611700c7866973cb407a1e293a47f9ab2d7
author Ahaan Ugale <augale@google.com> Thu Jun 10 17:53:58 2021 +0000
committer Android (Google) Code Review <android-gerrit@google.com> Thu Jun 10 17:53:58 2021 +0000
tree ef4b852a642df15a37cd7c3e08e074fcf81c9918
parent b1304aa3e5e48d2123c091e2020fccadb363b873
parent 45fc633f7b1efc249b712b840d025571527e67cf

Merge "Switch media fw hotword permission check to PermissionChecker (native)" into sc-dev

libs/permission/android/permission/PermissionChecker.cpp

diff --git a/libs/permission/android/permission/PermissionChecker.cpp b/libs/permission/android/permission/PermissionChecker.cpp
index 008afad..66526f9 100644
--- a/libs/permission/android/permission/PermissionChecker.cpp
+++ b/libs/permission/android/permission/PermissionChecker.cpp
@@ -82,6 +82,14 @@
             /*startDataDelivery*/ true, /*fromDatasource*/ true, attributedOpCode);
 }
 
+PermissionChecker::PermissionResult PermissionChecker::checkPermissionForPreflight(
+        const String16& permission, const AttributionSourceState& attributionSource,
+        const String16& message, int32_t attributedOpCode)
+{
+    return checkPermission(permission, attributionSource, message, /*forDataDelivery*/ false,
+            /*startDataDelivery*/ false, /*fromDatasource*/ false, attributedOpCode);
+}
+
 PermissionChecker::PermissionResult PermissionChecker::checkPermissionForPreflightFromDatasource(
         const String16& permission, const AttributionSourceState& attributionSource,
         const String16& message, int32_t attributedOpCode)

libs/permission/include/android/permission/PermissionChecker.h

diff --git a/libs/permission/include/android/permission/PermissionChecker.h b/libs/permission/include/android/permission/PermissionChecker.h
index 308d794..21515e3 100644
--- a/libs/permission/include/android/permission/PermissionChecker.h
+++ b/libs/permission/include/android/permission/PermissionChecker.h
@@ -101,6 +101,29 @@
      * has a given permission and whether the app op that corresponds to this permission
      * is allowed. The app ops are not noted/started.
      *
+     * NOTE: Use this method only for permission checks at the preflight point where you
+     * will not deliver the permission protected data to clients but schedule permission
+     * data delivery, apps register listeners, etc.
+     *
+     * @param permission The permission to check.
+     * @param attributionSource The attribution chain to check.
+     * @param message A message describing the reason the permission was checked.
+     * @param attributedOpCode The op code towards which to blame the access. If this
+     *     is a valid app op the op corresponding to the checked permission (if such)
+     *     would only be checked to ensure it is allowed and if that succeeds the
+     *     starting would be against the attributed op.
+     * @return The permission check result which is either PERMISSION_GRANTED,
+     *     or PERMISSION_SOFT_DENIED or PERMISSION_HARD_DENIED.
+     */
+    PermissionResult checkPermissionForPreflight(
+            const String16& permission, const AttributionSourceState& attributionSource,
+            const String16& message, int32_t attributedOpCode);
+
+   /**
+     * Checks whether a given data access chain described by the given attribution source
+     * has a given permission and whether the app op that corresponds to this permission
+     * is allowed. The app ops are not noted/started.
+     *
      * NOTE: The attribution source should be for yourself with its next attribution
      * source being the app that would receive the data from you.
      *