1 /* 2 * Copyright (C) 2022 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.server.pm.permission; 18 19 import android.annotation.NonNull; 20 import android.annotation.Nullable; 21 import android.util.ArrayMap; 22 23 /** 24 * Data class for OEM and privileged app permission allowlist state. 25 */ 26 public final class PermissionAllowlist { 27 @NonNull 28 private final ArrayMap<String, ArrayMap<String, Boolean>> mOemAppAllowlist = new ArrayMap<>(); 29 30 @NonNull 31 private final ArrayMap<String, ArrayMap<String, Boolean>> mPrivilegedAppAllowlist = 32 new ArrayMap<>(); 33 @NonNull 34 private final ArrayMap<String, ArrayMap<String, Boolean>> mVendorPrivilegedAppAllowlist = 35 new ArrayMap<>(); 36 @NonNull 37 private final ArrayMap<String, ArrayMap<String, Boolean>> mProductPrivilegedAppAllowlist = 38 new ArrayMap<>(); 39 @NonNull 40 private final ArrayMap<String, ArrayMap<String, Boolean>> mSystemExtPrivilegedAppAllowlist = 41 new ArrayMap<>(); 42 @NonNull 43 private final ArrayMap<String, ArrayMap<String, ArrayMap<String, Boolean>>> 44 mApexPrivilegedAppAllowlists = new ArrayMap<>(); 45 46 @NonNull 47 private final ArrayMap<String, ArrayMap<String, Boolean>> mSignatureAppAllowlist = 48 new ArrayMap<>(); 49 @NonNull 50 private final ArrayMap<String, ArrayMap<String, Boolean>> mVendorSignatureAppAllowlist = 51 new ArrayMap<>(); 52 @NonNull 53 private final ArrayMap<String, ArrayMap<String, Boolean>> mProductSignatureAppAllowlist = 54 new ArrayMap<>(); 55 @NonNull 56 private final ArrayMap<String, ArrayMap<String, Boolean>> mSystemExtSignatureAppAllowlist = 57 new ArrayMap<>(); 58 @NonNull 59 private final ArrayMap<String, ArrayMap<String, Boolean>> mApexSignatureAppAllowlist = 60 new ArrayMap<>(); 61 62 @NonNull getOemAppAllowlist()63 public ArrayMap<String, ArrayMap<String, Boolean>> getOemAppAllowlist() { 64 return mOemAppAllowlist; 65 } 66 67 @NonNull getPrivilegedAppAllowlist()68 public ArrayMap<String, ArrayMap<String, Boolean>> getPrivilegedAppAllowlist() { 69 return mPrivilegedAppAllowlist; 70 } 71 72 @NonNull getVendorPrivilegedAppAllowlist()73 public ArrayMap<String, ArrayMap<String, Boolean>> getVendorPrivilegedAppAllowlist() { 74 return mVendorPrivilegedAppAllowlist; 75 } 76 77 @NonNull getProductPrivilegedAppAllowlist()78 public ArrayMap<String, ArrayMap<String, Boolean>> getProductPrivilegedAppAllowlist() { 79 return mProductPrivilegedAppAllowlist; 80 } 81 82 @NonNull getSystemExtPrivilegedAppAllowlist()83 public ArrayMap<String, ArrayMap<String, Boolean>> getSystemExtPrivilegedAppAllowlist() { 84 return mSystemExtPrivilegedAppAllowlist; 85 } 86 87 @NonNull 88 public ArrayMap<String, ArrayMap<String, ArrayMap<String, Boolean>>> getApexPrivilegedAppAllowlists()89 getApexPrivilegedAppAllowlists() { 90 return mApexPrivilegedAppAllowlists; 91 } 92 93 @NonNull getSignatureAppAllowlist()94 public ArrayMap<String, ArrayMap<String, Boolean>> getSignatureAppAllowlist() { 95 return mSignatureAppAllowlist; 96 } 97 98 @NonNull getVendorSignatureAppAllowlist()99 public ArrayMap<String, ArrayMap<String, Boolean>> getVendorSignatureAppAllowlist() { 100 return mVendorSignatureAppAllowlist; 101 } 102 103 @NonNull getProductSignatureAppAllowlist()104 public ArrayMap<String, ArrayMap<String, Boolean>> getProductSignatureAppAllowlist() { 105 return mProductSignatureAppAllowlist; 106 } 107 108 @NonNull getSystemExtSignatureAppAllowlist()109 public ArrayMap<String, ArrayMap<String, Boolean>> getSystemExtSignatureAppAllowlist() { 110 return mSystemExtSignatureAppAllowlist; 111 } 112 113 @NonNull getApexSignatureAppAllowlist()114 public ArrayMap<String, ArrayMap<String, Boolean>> getApexSignatureAppAllowlist() { 115 return mApexSignatureAppAllowlist; 116 } 117 118 @Nullable getOemAppAllowlistState(@onNull String packageName, @NonNull String permissionName)119 public Boolean getOemAppAllowlistState(@NonNull String packageName, 120 @NonNull String permissionName) { 121 ArrayMap<String, Boolean> permissions = mOemAppAllowlist.get(packageName); 122 if (permissions == null) { 123 return null; 124 } 125 return permissions.get(permissionName); 126 } 127 128 @Nullable getPrivilegedAppAllowlistState(@onNull String packageName, @NonNull String permissionName)129 public Boolean getPrivilegedAppAllowlistState(@NonNull String packageName, 130 @NonNull String permissionName) { 131 ArrayMap<String, Boolean> permissions = mPrivilegedAppAllowlist.get(packageName); 132 if (permissions == null) { 133 return null; 134 } 135 return permissions.get(permissionName); 136 } 137 138 @Nullable getVendorPrivilegedAppAllowlistState(@onNull String packageName, @NonNull String permissionName)139 public Boolean getVendorPrivilegedAppAllowlistState(@NonNull String packageName, 140 @NonNull String permissionName) { 141 ArrayMap<String, Boolean> permissions = mVendorPrivilegedAppAllowlist.get(packageName); 142 if (permissions == null) { 143 return null; 144 } 145 return permissions.get(permissionName); 146 } 147 148 @Nullable getProductPrivilegedAppAllowlistState(@onNull String packageName, @NonNull String permissionName)149 public Boolean getProductPrivilegedAppAllowlistState(@NonNull String packageName, 150 @NonNull String permissionName) { 151 ArrayMap<String, Boolean> permissions = mProductPrivilegedAppAllowlist.get(packageName); 152 if (permissions == null) { 153 return null; 154 } 155 return permissions.get(permissionName); 156 } 157 158 @Nullable getSystemExtPrivilegedAppAllowlistState(@onNull String packageName, @NonNull String permissionName)159 public Boolean getSystemExtPrivilegedAppAllowlistState(@NonNull String packageName, 160 @NonNull String permissionName) { 161 ArrayMap<String, Boolean> permissions = mSystemExtPrivilegedAppAllowlist.get(packageName); 162 if (permissions == null) { 163 return null; 164 } 165 return permissions.get(permissionName); 166 } 167 168 @Nullable getApexPrivilegedAppAllowlistState(@onNull String moduleName, @NonNull String packageName, @NonNull String permissionName)169 public Boolean getApexPrivilegedAppAllowlistState(@NonNull String moduleName, 170 @NonNull String packageName, @NonNull String permissionName) { 171 ArrayMap<String, ArrayMap<String, Boolean>> allowlist = 172 mApexPrivilegedAppAllowlists.get(moduleName); 173 if (allowlist == null) { 174 return null; 175 } 176 ArrayMap<String, Boolean> permissions = allowlist.get(packageName); 177 if (permissions == null) { 178 return null; 179 } 180 return permissions.get(permissionName); 181 } 182 183 @Nullable getSignatureAppAllowlistState(@onNull String packageName, @NonNull String permissionName)184 public Boolean getSignatureAppAllowlistState(@NonNull String packageName, 185 @NonNull String permissionName) { 186 ArrayMap<String, Boolean> permissions = mSignatureAppAllowlist.get(packageName); 187 if (permissions == null) { 188 return null; 189 } 190 return permissions.get(permissionName); 191 } 192 193 @Nullable getVendorSignatureAppAllowlistState(@onNull String packageName, @NonNull String permissionName)194 public Boolean getVendorSignatureAppAllowlistState(@NonNull String packageName, 195 @NonNull String permissionName) { 196 ArrayMap<String, Boolean> permissions = mVendorSignatureAppAllowlist.get(packageName); 197 if (permissions == null) { 198 return null; 199 } 200 return permissions.get(permissionName); 201 } 202 203 @Nullable getProductSignatureAppAllowlistState(@onNull String packageName, @NonNull String permissionName)204 public Boolean getProductSignatureAppAllowlistState(@NonNull String packageName, 205 @NonNull String permissionName) { 206 ArrayMap<String, Boolean> permissions = mProductSignatureAppAllowlist.get(packageName); 207 if (permissions == null) { 208 return null; 209 } 210 return permissions.get(permissionName); 211 } 212 213 @Nullable getSystemExtSignatureAppAllowlistState(@onNull String packageName, @NonNull String permissionName)214 public Boolean getSystemExtSignatureAppAllowlistState(@NonNull String packageName, 215 @NonNull String permissionName) { 216 ArrayMap<String, Boolean> permissions = mSystemExtSignatureAppAllowlist.get(packageName); 217 if (permissions == null) { 218 return null; 219 } 220 return permissions.get(permissionName); 221 } 222 223 @Nullable getApexSignatureAppAllowlistState(@onNull String packageName, @NonNull String permissionName)224 public Boolean getApexSignatureAppAllowlistState(@NonNull String packageName, 225 @NonNull String permissionName) { 226 ArrayMap<String, Boolean> permissions = mApexSignatureAppAllowlist.get(packageName); 227 if (permissions == null) { 228 return null; 229 } 230 return permissions.get(permissionName); 231 } 232 } 233