1 /* 2 * Copyright (C) 2018 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.app; 18 19 import android.annotation.NonNull; 20 import android.annotation.Nullable; 21 import android.app.AppOpsManager.AttributionFlags; 22 import android.content.AttributionSource; 23 import android.os.IBinder; 24 import android.os.UserHandle; 25 import android.util.SparseArray; 26 import android.util.SparseIntArray; 27 28 import com.android.internal.app.IAppOpsCallback; 29 import com.android.internal.util.function.DodecFunction; 30 import com.android.internal.util.function.HexConsumer; 31 import com.android.internal.util.function.HexFunction; 32 import com.android.internal.util.function.OctFunction; 33 import com.android.internal.util.function.QuadFunction; 34 import com.android.internal.util.function.UndecFunction; 35 36 /** 37 * App ops service local interface. 38 * 39 * @hide Only for use within the system server. 40 */ 41 public abstract class AppOpsManagerInternal { 42 /** Interface to override app ops checks via composition */ 43 public interface CheckOpsDelegate { 44 /** 45 * Allows overriding check operation behavior. 46 * 47 * @param code The op code to check. 48 * @param uid The UID for which to check. 49 * @param packageName The package for which to check. 50 * @param attributionTag The attribution tag for which to check. 51 * @param virtualDeviceId the device for which to check the op 52 * @param raw Whether to check the raw op i.e. not interpret the mode based on UID state. 53 * @param superImpl The super implementation. 54 * @return The app op check result. 55 */ checkOperation(int code, int uid, @Nullable String packageName, @Nullable String attributionTag, int virtualDeviceId, boolean raw, @NonNull HexFunction<Integer, Integer, String, String, Integer, Boolean, Integer> superImpl)56 int checkOperation(int code, int uid, @Nullable String packageName, 57 @Nullable String attributionTag, int virtualDeviceId, boolean raw, 58 @NonNull HexFunction<Integer, Integer, String, String, Integer, Boolean, Integer> 59 superImpl); 60 61 /** 62 * Allows overriding check audio operation behavior. 63 * 64 * @param code The op code to check. 65 * @param usage The audio op usage. 66 * @param uid The UID for which to check. 67 * @param packageName The package for which to check. 68 * @param superImpl The super implementation. 69 * @return The app op check result. 70 */ checkAudioOperation(int code, int usage, int uid, @Nullable String packageName, @NonNull QuadFunction<Integer, Integer, Integer, String, Integer> superImpl)71 int checkAudioOperation(int code, int usage, int uid, @Nullable String packageName, 72 @NonNull QuadFunction<Integer, Integer, Integer, String, Integer> superImpl); 73 74 /** 75 * Allows overriding note operation behavior. 76 * 77 * @param code The op code to note. 78 * @param uid The UID for which to note. 79 * @param packageName The package for which to note. {@code null} for system package. 80 * @param featureId Id of the feature in the package 81 * @param virtualDeviceId the device for which to note the op 82 * @param shouldCollectAsyncNotedOp If an {@link AsyncNotedAppOp} should be collected 83 * @param message The message in the async noted op 84 * @param superImpl The super implementation. 85 * @return The app op note result. 86 */ noteOperation(int code, int uid, @Nullable String packageName, @Nullable String featureId, int virtualDeviceId, boolean shouldCollectAsyncNotedOp, @Nullable String message, boolean shouldCollectMessage, @NonNull OctFunction<Integer, Integer, String, String, Integer, Boolean, String, Boolean, SyncNotedAppOp> superImpl)87 SyncNotedAppOp noteOperation(int code, int uid, @Nullable String packageName, 88 @Nullable String featureId, int virtualDeviceId, boolean shouldCollectAsyncNotedOp, 89 @Nullable String message, boolean shouldCollectMessage, 90 @NonNull OctFunction<Integer, Integer, String, String, Integer, Boolean, String, 91 Boolean, SyncNotedAppOp> superImpl); 92 93 /** 94 * Allows overriding note proxy operation behavior. 95 * 96 * @param code The op code to note. 97 * @param attributionSource The permission identity of the caller. 98 * @param shouldCollectAsyncNotedOp If an {@link AsyncNotedAppOp} should be collected 99 * @param message The message in the async noted op 100 * @param shouldCollectMessage whether to collect messages 101 * @param skipProxyOperation Whether to skip the proxy portion of the operation 102 * @param superImpl The super implementation. 103 * @return The app op note result. 104 */ noteProxyOperation(int code, @NonNull AttributionSource attributionSource, boolean shouldCollectAsyncNotedOp, @Nullable String message, boolean shouldCollectMessage, boolean skipProxyOperation, @NonNull HexFunction<Integer, AttributionSource, Boolean, String, Boolean, Boolean, SyncNotedAppOp> superImpl)105 SyncNotedAppOp noteProxyOperation(int code, @NonNull AttributionSource attributionSource, 106 boolean shouldCollectAsyncNotedOp, @Nullable String message, 107 boolean shouldCollectMessage, boolean skipProxyOperation, 108 @NonNull HexFunction<Integer, AttributionSource, Boolean, String, Boolean, 109 Boolean, SyncNotedAppOp> superImpl); 110 111 /** 112 * Allows overriding start operation behavior. 113 * 114 * @param token The client state. 115 * @param code The op code to start. 116 * @param uid The UID for which to note. 117 * @param packageName The package for which to note. {@code null} for system package. 118 * @param attributionTag the attribution tag. 119 * @param virtualDeviceId the device for which to start the op 120 * @param startIfModeDefault Whether to start the op of the mode is default. 121 * @param shouldCollectAsyncNotedOp If an {@link AsyncNotedAppOp} should be collected 122 * @param message The message in the async noted op 123 * @param shouldCollectMessage whether to collect messages 124 * @param attributionFlags the attribution flags for this operation. 125 * @param attributionChainId the unique id of the attribution chain this op is a part of. 126 * @param superImpl The super implementation. 127 * @return The app op note result. 128 */ startOperation(@onNull IBinder token, int code, int uid, @Nullable String packageName, @Nullable String attributionTag, int virtualDeviceId, boolean startIfModeDefault, boolean shouldCollectAsyncNotedOp, @Nullable String message, boolean shouldCollectMessage, @AttributionFlags int attributionFlags, int attributionChainId, @NonNull DodecFunction<IBinder, Integer, Integer, String, String, Integer, Boolean, Boolean, String, Boolean, Integer, Integer, SyncNotedAppOp> superImpl)129 SyncNotedAppOp startOperation(@NonNull IBinder token, int code, int uid, 130 @Nullable String packageName, @Nullable String attributionTag, int virtualDeviceId, 131 boolean startIfModeDefault, boolean shouldCollectAsyncNotedOp, 132 @Nullable String message, boolean shouldCollectMessage, 133 @AttributionFlags int attributionFlags, int attributionChainId, 134 @NonNull DodecFunction<IBinder, Integer, Integer, String, String, Integer, Boolean, 135 Boolean, String, Boolean, Integer, Integer, SyncNotedAppOp> superImpl); 136 137 /** 138 * Allows overriding start proxy operation behavior. 139 * 140 * @param clientId The client calling start, represented by an IBinder 141 * @param code The op code to start. 142 * @param attributionSource The permission identity of the caller. 143 * @param startIfModeDefault Whether to start the op of the mode is default. 144 * @param shouldCollectAsyncNotedOp If an {@link AsyncNotedAppOp} should be collected 145 * @param message The message in the async noted op 146 * @param shouldCollectMessage whether to collect messages 147 * @param skipProxyOperation Whether to skip the proxy portion of the operation 148 * @param proxyAttributionFlags The attribution flags for the proxy. 149 * @param proxiedAttributionFlags The attribution flags for the proxied. 150 * @oaram attributionChainId The id of the attribution chain this operation is a part of. 151 * @param superImpl The super implementation. 152 * @return The app op note result. 153 */ startProxyOperation(@onNull IBinder clientId, int code, @NonNull AttributionSource attributionSource, boolean startIfModeDefault, boolean shouldCollectAsyncNotedOp, @Nullable String message, boolean shouldCollectMessage, boolean skipProxyOperation, @AttributionFlags int proxyAttributionFlags, @AttributionFlags int proxiedAttributionFlags, int attributionChainId, @NonNull UndecFunction<IBinder, Integer, AttributionSource, Boolean, Boolean, String, Boolean, Boolean, Integer, Integer, Integer, SyncNotedAppOp> superImpl)154 SyncNotedAppOp startProxyOperation(@NonNull IBinder clientId, int code, 155 @NonNull AttributionSource attributionSource, boolean startIfModeDefault, 156 boolean shouldCollectAsyncNotedOp, @Nullable String message, 157 boolean shouldCollectMessage, boolean skipProxyOperation, 158 @AttributionFlags int proxyAttributionFlags, 159 @AttributionFlags int proxiedAttributionFlags, int attributionChainId, 160 @NonNull UndecFunction<IBinder, Integer, AttributionSource, Boolean, 161 Boolean, String, Boolean, Boolean, Integer, Integer, Integer, 162 SyncNotedAppOp> superImpl); 163 164 /** 165 * Allows overriding finish op. 166 * 167 * @param clientId The client state. 168 * @param code The op code to finish. 169 * @param uid The UID for which the op was noted. 170 * @param packageName The package for which it was noted. {@code null} for system package. 171 * @param attributionTag the attribution tag. 172 * @param virtualDeviceId the device for which to finish the op 173 * @param superImpl 174 */ finishOperation(IBinder clientId, int code, int uid, String packageName, String attributionTag, int virtualDeviceId, @NonNull HexConsumer<IBinder, Integer, Integer, String, String, Integer> superImpl)175 void finishOperation(IBinder clientId, int code, int uid, String packageName, 176 String attributionTag, int virtualDeviceId, @NonNull HexConsumer<IBinder, Integer, 177 Integer, String, String, Integer> superImpl); 178 179 /** 180 * Allows overriding finish proxy op. 181 * 182 * @param code The op code to finish. 183 * @param attributionSource The permission identity of the caller. 184 * @param skipProxyOperation Whether to skip the proxy in the proxy/proxied operation 185 * @param clientId The client calling finishProxyOperation 186 * @param superImpl The "standard" implementation to potentially call 187 */ finishProxyOperation(@onNull IBinder clientId, int code, @NonNull AttributionSource attributionSource, boolean skipProxyOperation, @NonNull QuadFunction<IBinder, Integer, AttributionSource, Boolean, Void> superImpl)188 void finishProxyOperation(@NonNull IBinder clientId, int code, 189 @NonNull AttributionSource attributionSource, 190 boolean skipProxyOperation, 191 @NonNull QuadFunction<IBinder, Integer, AttributionSource, Boolean, 192 Void> superImpl); 193 } 194 195 /** 196 * Set the currently configured device and profile owners. Specifies the package uid (value) 197 * that has been configured for each user (key) that has one. These will be allowed privileged 198 * access to app ops for their user. 199 */ setDeviceAndProfileOwners(SparseIntArray owners)200 public abstract void setDeviceAndProfileOwners(SparseIntArray owners); 201 202 /** 203 * Update if the list of AppWidget becomes visible/invisible. 204 * @param uidPackageNames uid to packageName map. 205 * @param visible true for visible, false for invisible. 206 */ updateAppWidgetVisibility(SparseArray<String> uidPackageNames, boolean visible)207 public abstract void updateAppWidgetVisibility(SparseArray<String> uidPackageNames, 208 boolean visible); 209 210 /** 211 * Like {@link AppOpsManager#setUidMode}, but allows ignoring our own callback and not updating 212 * the REVOKED_COMPAT flag. 213 */ setUidModeFromPermissionPolicy(int code, int uid, int mode, @Nullable IAppOpsCallback callback)214 public abstract void setUidModeFromPermissionPolicy(int code, int uid, int mode, 215 @Nullable IAppOpsCallback callback); 216 217 /** 218 * Like {@link AppOpsManager#setMode}, but allows ignoring our own callback and not updating the 219 * REVOKED_COMPAT flag. 220 */ setModeFromPermissionPolicy(int code, int uid, @NonNull String packageName, int mode, @Nullable IAppOpsCallback callback)221 public abstract void setModeFromPermissionPolicy(int code, int uid, @NonNull String packageName, 222 int mode, @Nullable IAppOpsCallback callback); 223 224 225 /** 226 * Sets a global restriction on an op code. 227 */ setGlobalRestriction(int code, boolean restricted, IBinder token)228 public abstract void setGlobalRestriction(int code, boolean restricted, IBinder token); 229 230 /** 231 * Gets the number of tokens restricting the given appop for a user, package, and 232 * attributionTag. 233 */ getOpRestrictionCount(int code, UserHandle user, String pkg, String attributionTag)234 public abstract int getOpRestrictionCount(int code, UserHandle user, String pkg, 235 String attributionTag); 236 } 237