1 /*
2  * Copyright (C) 2013 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #pragma once
18 
19 #include <binder/IAppOpsService.h>
20 
21 #include <utils/threads.h>
22 
23 #include <optional>
24 
25 #ifdef __ANDROID_VNDK__
26 #error "This header is not visible to vendors"
27 #endif
28 
29 // ---------------------------------------------------------------------------
30 namespace android {
31 
32 class AppOpsManager
33 {
34 public:
35     enum {
36         MODE_ALLOWED = IAppOpsService::MODE_ALLOWED,
37         MODE_IGNORED = IAppOpsService::MODE_IGNORED,
38         MODE_ERRORED = IAppOpsService::MODE_ERRORED
39     };
40 
41     enum {
42         OP_NONE = -1,
43         OP_COARSE_LOCATION = 0,
44         OP_FINE_LOCATION = 1,
45         OP_GPS = 2,
46         OP_VIBRATE = 3,
47         OP_READ_CONTACTS = 4,
48         OP_WRITE_CONTACTS = 5,
49         OP_READ_CALL_LOG = 6,
50         OP_WRITE_CALL_LOG = 7,
51         OP_READ_CALENDAR = 8,
52         OP_WRITE_CALENDAR = 9,
53         OP_WIFI_SCAN = 10,
54         OP_POST_NOTIFICATION = 11,
55         OP_NEIGHBORING_CELLS = 12,
56         OP_CALL_PHONE = 13,
57         OP_READ_SMS = 14,
58         OP_WRITE_SMS = 15,
59         OP_RECEIVE_SMS = 16,
60         OP_RECEIVE_EMERGECY_SMS = 17,
61         OP_RECEIVE_MMS = 18,
62         OP_RECEIVE_WAP_PUSH = 19,
63         OP_SEND_SMS = 20,
64         OP_READ_ICC_SMS = 21,
65         OP_WRITE_ICC_SMS = 22,
66         OP_WRITE_SETTINGS = 23,
67         OP_SYSTEM_ALERT_WINDOW = 24,
68         OP_ACCESS_NOTIFICATIONS = 25,
69         OP_CAMERA = 26,
70         OP_RECORD_AUDIO = 27,
71         OP_PLAY_AUDIO = 28,
72         OP_READ_CLIPBOARD = 29,
73         OP_WRITE_CLIPBOARD = 30,
74         OP_TAKE_MEDIA_BUTTONS = 31,
75         OP_TAKE_AUDIO_FOCUS = 32,
76         OP_AUDIO_MASTER_VOLUME = 33,
77         OP_AUDIO_VOICE_VOLUME = 34,
78         OP_AUDIO_RING_VOLUME = 35,
79         OP_AUDIO_MEDIA_VOLUME = 36,
80         OP_AUDIO_ALARM_VOLUME = 37,
81         OP_AUDIO_NOTIFICATION_VOLUME = 38,
82         OP_AUDIO_BLUETOOTH_VOLUME = 39,
83         OP_WAKE_LOCK = 40,
84         OP_MONITOR_LOCATION = 41,
85         OP_MONITOR_HIGH_POWER_LOCATION = 42,
86         OP_GET_USAGE_STATS = 43,
87         OP_MUTE_MICROPHONE = 44,
88         OP_TOAST_WINDOW = 45,
89         OP_PROJECT_MEDIA = 46,
90         OP_ACTIVATE_VPN = 47,
91         OP_WRITE_WALLPAPER = 48,
92         OP_ASSIST_STRUCTURE = 49,
93         OP_ASSIST_SCREENSHOT = 50,
94         OP_READ_PHONE_STATE = 51,
95         OP_ADD_VOICEMAIL = 52,
96         OP_USE_SIP = 53,
97         OP_PROCESS_OUTGOING_CALLS = 54,
98         OP_USE_FINGERPRINT = 55,
99         OP_BODY_SENSORS = 56,
100         OP_AUDIO_ACCESSIBILITY_VOLUME = 64,
101         OP_READ_PHONE_NUMBERS = 65,
102         OP_REQUEST_INSTALL_PACKAGES = 66,
103         OP_PICTURE_IN_PICTURE = 67,
104         OP_INSTANT_APP_START_FOREGROUND = 68,
105         OP_ANSWER_PHONE_CALLS = 69,
106         OP_RUN_ANY_IN_BACKGROUND = 70,
107         OP_CHANGE_WIFI_STATE = 71,
108         OP_REQUEST_DELETE_PACKAGES = 72,
109         OP_BIND_ACCESSIBILITY_SERVICE = 73,
110         OP_ACCEPT_HANDOVER = 74,
111         OP_MANAGE_IPSEC_TUNNELS = 75,
112         OP_START_FOREGROUND = 76,
113         OP_BLUETOOTH_SCAN = 77,
114         OP_USE_BIOMETRIC = 78,
115         OP_ACTIVITY_RECOGNITION = 79,
116         OP_SMS_FINANCIAL_TRANSACTIONS = 80,
117         OP_READ_MEDIA_AUDIO = 81,
118         OP_WRITE_MEDIA_AUDIO = 82,
119         OP_READ_MEDIA_VIDEO = 83,
120         OP_WRITE_MEDIA_VIDEO = 84,
121         OP_READ_MEDIA_IMAGES = 85,
122         OP_WRITE_MEDIA_IMAGES = 86,
123         OP_LEGACY_STORAGE = 87,
124         OP_ACCESS_ACCESSIBILITY = 88,
125         OP_READ_DEVICE_IDENTIFIERS = 89,
126         OP_ACCESS_MEDIA_LOCATION = 90,
127         OP_QUERY_ALL_PACKAGES = 91,
128         OP_MANAGE_EXTERNAL_STORAGE = 92,
129         OP_INTERACT_ACROSS_PROFILES = 93,
130         OP_ACTIVATE_PLATFORM_VPN = 94,
131         OP_LOADER_USAGE_STATS = 95,
132         OP_DEPRECATED_1 = 96,
133         OP_AUTO_REVOKE_PERMISSIONS_IF_UNUSED = 97,
134         OP_AUTO_REVOKE_MANAGED_BY_INSTALLER = 98,
135         OP_NO_ISOLATED_STORAGE = 99,
136         OP_PHONE_CALL_MICROPHONE = 100,
137         OP_PHONE_CALL_CAMERA = 101,
138         OP_RECORD_AUDIO_HOTWORD = 102,
139         // Ops 103-105 are currently unused in native, and intentionally omitted
140         OP_RECORD_AUDIO_OUTPUT = 106,
141         OP_SCHEDULE_EXACT_ALARM = 107,
142         OP_FINE_LOCATION_SOURCE = 108,
143         OP_COARSE_LOCATION_SOURCE = 109,
144         OP_MANAGE_MEDIA = 110,
145         OP_BLUETOOTH_CONNECT = 111,
146         OP_UWB_RANGING = 112,
147         OP_ACTIVITY_RECOGNITION_SOURCE = 113,
148         OP_BLUETOOTH_ADVERTISE = 114,
149         OP_RECORD_INCOMING_PHONE_AUDIO = 115,
150         OP_NEARBY_WIFI_DEVICES = 116,
151         _NUM_OP = 117
152     };
153 
154     enum {
155         WATCH_FOREGROUND_CHANGES = 1 << 0
156     };
157 
158     AppOpsManager();
159 
160     int32_t checkOp(int32_t op, int32_t uid, const String16& callingPackage);
161     int32_t checkAudioOpNoThrow(int32_t op, int32_t usage, int32_t uid,
162             const String16& callingPackage);
163     // @Deprecated, use noteOp(int32_t, int32_t uid, const String16&, const String16&,
164     //              const String16&) instead
165     int32_t noteOp(int32_t op, int32_t uid, const String16& callingPackage);
166     int32_t noteOp(int32_t op, int32_t uid, const String16& callingPackage,
167             const std::optional<String16>& attributionTag, const String16& message);
168     // @Deprecated, use startOpNoThrow(int32_t, int32_t, const String16&, bool, const String16&,
169     //              const String16&) instead
170     int32_t startOpNoThrow(int32_t op, int32_t uid, const String16& callingPackage,
171             bool startIfModeDefault);
172     int32_t startOpNoThrow(int32_t op, int32_t uid, const String16& callingPackage,
173             bool startIfModeDefault, const std::optional<String16>& attributionTag,
174             const String16& message);
175     // @Deprecated, use finishOp(int32_t, int32_t, const String16&, bool, const String16&) instead
176     void finishOp(int32_t op, int32_t uid, const String16& callingPackage);
177     void finishOp(int32_t op, int32_t uid, const String16& callingPackage,
178             const std::optional<String16>& attributionTag);
179     void startWatchingMode(int32_t op, const String16& packageName,
180             const sp<IAppOpsCallback>& callback);
181     void startWatchingMode(int32_t op, const String16& packageName, int32_t flags,
182             const sp<IAppOpsCallback>& callback);
183     void stopWatchingMode(const sp<IAppOpsCallback>& callback);
184     int32_t permissionToOpCode(const String16& permission);
185     void setCameraAudioRestriction(int32_t mode);
186 
187 private:
188     Mutex mLock;
189     sp<IAppOpsService> mService;
190 
191     sp<IAppOpsService> getService();
192     bool shouldCollectNotes(int32_t opCode);
193 };
194 
195 
196 } // namespace android
197 
198 // ---------------------------------------------------------------------------
199