1 /* <lambda>null2 * Copyright (C) 2021 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.server.permission.access.permission 18 19 import android.content.pm.PermissionInfo 20 import android.os.UserHandle 21 import com.android.server.permission.access.util.hasBits 22 import libcore.util.EmptyArray 23 24 data class Permission( 25 val permissionInfo: PermissionInfo, 26 val isReconciled: Boolean, 27 val type: Int, 28 val appId: Int, 29 @Suppress("ArrayInDataClass") val gids: IntArray = EmptyArray.INT, 30 val areGidsPerUser: Boolean = false 31 ) { 32 inline val name: String 33 get() = permissionInfo.name 34 35 inline val packageName: String 36 get() = permissionInfo.packageName 37 38 inline val groupName: String? 39 get() = permissionInfo.group 40 41 inline val isDynamic: Boolean 42 get() = type == TYPE_DYNAMIC 43 44 inline val protectionLevel: Int 45 @Suppress("DEPRECATION") get() = permissionInfo.protectionLevel 46 47 inline val protection: Int 48 get() = permissionInfo.protection 49 50 inline val isInternal: Boolean 51 get() = protection == PermissionInfo.PROTECTION_INTERNAL 52 53 inline val isNormal: Boolean 54 get() = protection == PermissionInfo.PROTECTION_NORMAL 55 56 inline val isRuntime: Boolean 57 get() = protection == PermissionInfo.PROTECTION_DANGEROUS 58 59 inline val isSignature: Boolean 60 get() = protection == PermissionInfo.PROTECTION_SIGNATURE 61 62 inline val protectionFlags: Int 63 get() = permissionInfo.protectionFlags 64 65 inline val isAppOp: Boolean 66 get() = protectionFlags.hasBits(PermissionInfo.PROTECTION_FLAG_APPOP) 67 68 inline val isAppPredictor: Boolean 69 get() = protectionFlags.hasBits(PermissionInfo.PROTECTION_FLAG_APP_PREDICTOR) 70 71 inline val isCompanion: Boolean 72 get() = protectionFlags.hasBits(PermissionInfo.PROTECTION_FLAG_COMPANION) 73 74 inline val isConfigurator: Boolean 75 get() = protectionFlags.hasBits(PermissionInfo.PROTECTION_FLAG_CONFIGURATOR) 76 77 inline val isDevelopment: Boolean 78 get() = protectionFlags.hasBits(PermissionInfo.PROTECTION_FLAG_DEVELOPMENT) 79 80 inline val isIncidentReportApprover: Boolean 81 get() = protectionFlags.hasBits(PermissionInfo.PROTECTION_FLAG_INCIDENT_REPORT_APPROVER) 82 83 inline val isInstaller: Boolean 84 get() = protectionFlags.hasBits(PermissionInfo.PROTECTION_FLAG_INSTALLER) 85 86 inline val isInstant: Boolean 87 get() = protectionFlags.hasBits(PermissionInfo.PROTECTION_FLAG_INSTANT) 88 89 inline val isKnownSigner: Boolean 90 get() = protectionFlags.hasBits(PermissionInfo.PROTECTION_FLAG_KNOWN_SIGNER) 91 92 inline val isModule: Boolean 93 get() = protectionFlags.hasBits(PermissionInfo.PROTECTION_FLAG_MODULE) 94 95 inline val isOem: Boolean 96 get() = protectionFlags.hasBits(PermissionInfo.PROTECTION_FLAG_OEM) 97 98 inline val isPre23: Boolean 99 get() = protectionFlags.hasBits(PermissionInfo.PROTECTION_FLAG_PRE23) 100 101 inline val isPreInstalled: Boolean 102 get() = protectionFlags.hasBits(PermissionInfo.PROTECTION_FLAG_PREINSTALLED) 103 104 inline val isPrivileged: Boolean 105 get() = protectionFlags.hasBits(PermissionInfo.PROTECTION_FLAG_PRIVILEGED) 106 107 inline val isRecents: Boolean 108 get() = protectionFlags.hasBits(PermissionInfo.PROTECTION_FLAG_RECENTS) 109 110 inline val isRetailDemo: Boolean 111 get() = protectionFlags.hasBits(PermissionInfo.PROTECTION_FLAG_RETAIL_DEMO) 112 113 inline val isRole: Boolean 114 get() = protectionFlags.hasBits(PermissionInfo.PROTECTION_FLAG_ROLE) 115 116 inline val isRuntimeOnly: Boolean 117 get() = protectionFlags.hasBits(PermissionInfo.PROTECTION_FLAG_RUNTIME_ONLY) 118 119 inline val isSetup: Boolean 120 get() = protectionFlags.hasBits(PermissionInfo.PROTECTION_FLAG_SETUP) 121 122 inline val isSystemTextClassifier: Boolean 123 get() = protectionFlags.hasBits(PermissionInfo.PROTECTION_FLAG_SYSTEM_TEXT_CLASSIFIER) 124 125 inline val isVendorPrivileged: Boolean 126 get() = protectionFlags.hasBits(PermissionInfo.PROTECTION_FLAG_VENDOR_PRIVILEGED) 127 128 inline val isVerifier: Boolean 129 get() = protectionFlags.hasBits(PermissionInfo.PROTECTION_FLAG_VERIFIER) 130 131 inline val isHardRestricted: Boolean 132 get() = permissionInfo.flags.hasBits(PermissionInfo.FLAG_HARD_RESTRICTED) 133 134 inline val isRemoved: Boolean 135 get() = permissionInfo.flags.hasBits(PermissionInfo.FLAG_REMOVED) 136 137 inline val isSoftRestricted: Boolean 138 get() = permissionInfo.flags.hasBits(PermissionInfo.FLAG_SOFT_RESTRICTED) 139 140 inline val isHardOrSoftRestricted: Boolean 141 get() = isHardRestricted || isSoftRestricted 142 143 inline val isImmutablyRestricted: Boolean 144 get() = permissionInfo.flags.hasBits(PermissionInfo.FLAG_IMMUTABLY_RESTRICTED) 145 146 inline val knownCerts: Set<String> 147 get() = permissionInfo.knownCerts 148 149 inline val hasGids: Boolean 150 get() = gids.isNotEmpty() 151 152 inline val footprint: Int 153 get() = name.length + permissionInfo.calculateFootprint() 154 155 fun getGidsForUser(userId: Int): IntArray = 156 if (areGidsPerUser) { 157 IntArray(gids.size) { i -> UserHandle.getUid(userId, gids[i]) } 158 } else { 159 gids.copyOf() 160 } 161 162 companion object { 163 // The permission is defined in an application manifest. 164 const val TYPE_MANIFEST = 0 165 // The permission is defined dynamically. 166 const val TYPE_DYNAMIC = 2 167 168 fun typeToString(type: Int): String = 169 when (type) { 170 TYPE_MANIFEST -> "TYPE_MANIFEST" 171 TYPE_DYNAMIC -> "TYPE_DYNAMIC" 172 else -> type.toString() 173 } 174 } 175 } 176