1 /* 2 ** Copyright 2013, The Android Open Source Project 3 ** 4 ** Licensed under the Apache License, Version 2.0 (the "License"); 5 ** you may not use this file except in compliance with the License. 6 ** You may obtain a copy of the License at 7 ** 8 ** http://www.apache.org/licenses/LICENSE-2.0 9 ** 10 ** Unless required by applicable law or agreed to in writing, software 11 ** distributed under the License is distributed on an "AS IS" BASIS, 12 ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 ** See the License for the specific language governing permissions and 14 ** limitations under the License. 15 */ 16 17 package com.android.packageinstaller; 18 19 import android.app.Activity; 20 import android.content.Context; 21 import android.content.pm.PackageInfo; 22 import android.content.pm.PackageManager; 23 import android.content.pm.PackageManager.NameNotFoundException; 24 import android.content.pm.PermissionInfo; 25 import android.os.Bundle; 26 import android.support.v4.view.ViewPager; 27 import android.view.LayoutInflater; 28 import android.view.View; 29 import android.view.View.OnClickListener; 30 import android.view.ViewGroup; 31 import android.widget.AppSecurityPermissions; 32 import android.widget.Button; 33 import android.widget.TabHost; 34 import android.widget.TextView; 35 36 import java.util.ArrayList; 37 import java.util.List; 38 39 /* 40 * The activity which is responsible for asking the user to grant permissions 41 * to applications. 42 */ 43 public class GrantActivity extends Activity implements OnClickListener { 44 private Button mOk; 45 private Button mCancel; 46 private PackageManager mPm; 47 private String mRequestingPackage; 48 private String[] requested_permissions; 49 50 @Override 51 public void onCreate(Bundle icicle) { 52 super.onCreate(icicle); 53 mPm = getPackageManager(); 54 mRequestingPackage = this.getCallingPackage(); 55 56 requested_permissions = getRequestedPermissions(); 57 if (requested_permissions.length == 0) { 58 // The grant request was empty. Return success 59 setResult(RESULT_OK); 60 finish(); 61 return; 62 } 63 64 PackageInfo pkgInfo = getUpdatedPackageInfo(); 65 AppSecurityPermissions perms = new AppSecurityPermissions(this, pkgInfo); 66 if (perms.getPermissionCount(AppSecurityPermissions.WHICH_NEW) == 0) { 67 // The updated permissions dialog said there are no new permissions. 68 // This should never occur if requested_permissions.length > 0, 69 // but we check for it anyway, just in case. 70 setResult(RESULT_OK); 71 finish(); 72 return; 73 } 74 75 setContentView(R.layout.install_start); 76 ((TextView)findViewById(R.id.install_confirm_question)).setText(R.string.grant_confirm_question); 77 PackageUtil.AppSnippet as = new PackageUtil.AppSnippet(mPm.getApplicationLabel(pkgInfo.applicationInfo), 78 mPm.getApplicationIcon(pkgInfo.applicationInfo)); 79 PackageUtil.initSnippetForNewApp(this, as, R.id.app_snippet); 80 mOk = (Button)findViewById(R.id.ok_button); 81 mOk.setText(R.string.ok); 82 mCancel = (Button)findViewById(R.id.cancel_button); 83 mOk.setOnClickListener(this); 84 mCancel.setOnClickListener(this); 85 86 TabHost tabHost = (TabHost)findViewById(android.R.id.tabhost); 87 tabHost.setup(); 88 ViewPager viewPager = (ViewPager) findViewById(R.id.pager); 89 TabsAdapter adapter = new TabsAdapter(this, tabHost, viewPager); 90 91 View newTab = perms.getPermissionsView(AppSecurityPermissions.WHICH_NEW); 92 View allTab = getPermissionList(perms); 93 94 adapter.addTab(tabHost.newTabSpec("new").setIndicator( 95 getText(R.string.newPerms)), newTab); 96 adapter.addTab(tabHost.newTabSpec("all").setIndicator( 97 getText(R.string.allPerms)), allTab); 98 } 99 100 /** 101 * Returns a PackageInfo object representing the results of adding all the permissions 102 * in {@code requested_permissions} to {@code mRequestingPackage}. This is the package 103 * permissions the user will have if they accept the grant request. 104 */ 105 private PackageInfo getUpdatedPackageInfo() { 106 try { 107 PackageInfo pkgInfo = mPm.getPackageInfo(mRequestingPackage, PackageManager.GET_PERMISSIONS); 108 for (int i = 0; i < pkgInfo.requestedPermissions.length; i++) { 109 for (String requested_permission : requested_permissions) { 110 if (requested_permission.equals(pkgInfo.requestedPermissions[i])) { 111 pkgInfo.requestedPermissionsFlags[i] |= PackageInfo.REQUESTED_PERMISSION_GRANTED; 112 } 113 } 114 } 115 116 return pkgInfo; 117 } catch (NameNotFoundException e) { 118 throw new RuntimeException(e); // will never occur 119 } 120 } 121 122 private View getPermissionList(AppSecurityPermissions perms) { 123 LayoutInflater inflater = (LayoutInflater)getSystemService(Context.LAYOUT_INFLATER_SERVICE); 124 View root = inflater.inflate(R.layout.permissions_list, null); 125 View personalPermissions = perms.getPermissionsView(AppSecurityPermissions.WHICH_PERSONAL); 126 View devicePermissions = perms.getPermissionsView(AppSecurityPermissions.WHICH_DEVICE); 127 128 ((ViewGroup)root.findViewById(R.id.privacylist)).addView(personalPermissions); 129 ((ViewGroup)root.findViewById(R.id.devicelist)).addView(devicePermissions); 130 131 return root; 132 } 133 134 /** 135 * Return an array of permissions requested by the caller, filtered to exclude 136 * irrelevant or otherwise malicious permission requests from untrusted callers. 137 */ 138 private String[] getRequestedPermissions() { 139 String[] permissions = getIntent() 140 .getStringArrayExtra(PackageManager.EXTRA_REQUEST_PERMISSION_PERMISSION_LIST); 141 if (permissions == null) { 142 return new String[0]; 143 } 144 permissions = keepNormalDangerousPermissions(permissions); 145 permissions = keepRequestingPackagePermissions(permissions); 146 return permissions; 147 148 } 149 150 /** 151 * Remove any permissions in {@code permissions} which are not present 152 * in {@code mRequestingPackage} and return the result. We also filter out 153 * permissions which are required by {@code mRequestingPackage}, and permissions 154 * which have already been granted to {@code mRequestingPackage}, as those permissions 155 * are useless to change. 156 */ 157 private String[] keepRequestingPackagePermissions(String[] permissions) { 158 List<String> result = new ArrayList<String>(); 159 try { 160 PackageInfo pkgInfo = mPm.getPackageInfo(mRequestingPackage, PackageManager.GET_PERMISSIONS); 161 if (pkgInfo.requestedPermissions == null) { 162 return new String[0]; 163 } 164 for (int i = 0; i < pkgInfo.requestedPermissions.length; i++) { 165 for (String permission : permissions) { 166 final boolean isRequired = 167 ((pkgInfo.requestedPermissionsFlags[i] 168 & PackageInfo.REQUESTED_PERMISSION_REQUIRED) != 0); 169 final boolean isGranted = 170 ((pkgInfo.requestedPermissionsFlags[i] 171 & PackageInfo.REQUESTED_PERMISSION_GRANTED) != 0); 172 173 /* 174 * We ignore required permissions, and permissions which have already 175 * been granted, as it's useless to grant those permissions. 176 */ 177 if (permission.equals(pkgInfo.requestedPermissions[i]) 178 && !isRequired && !isGranted) { 179 result.add(permission); 180 break; 181 } 182 } 183 } 184 } catch (NameNotFoundException e) { 185 throw new RuntimeException(e); // should never happen 186 } 187 return result.toArray(new String[result.size()]); 188 } 189 190 /** 191 * Filter the permissions in {@code permissions}, keeping only the NORMAL or DANGEROUS 192 * permissions. 193 * 194 * @param permissions the permissions to filter 195 * @return A subset of {@code permissions} with only the 196 * NORMAL or DANGEROUS permissions kept 197 */ 198 private String[] keepNormalDangerousPermissions(String[] permissions) { 199 List<String> result = new ArrayList<String>(); 200 for (String permission : permissions) { 201 try { 202 PermissionInfo pInfo = mPm.getPermissionInfo(permission, 0); 203 final int base = pInfo.protectionLevel & PermissionInfo.PROTECTION_MASK_BASE; 204 if ((base != PermissionInfo.PROTECTION_NORMAL) 205 && (base != PermissionInfo.PROTECTION_DANGEROUS)) { 206 continue; 207 } 208 result.add(permission); 209 } catch (NameNotFoundException e) { 210 // ignore 211 } 212 } 213 return result.toArray(new String[result.size()]); 214 } 215 216 @Override 217 public void onClick(View v) { 218 if (v == mOk) { 219 for (String permission : requested_permissions) { 220 mPm.grantPermission(mRequestingPackage, permission); 221 } 222 setResult(RESULT_OK); 223 } 224 if (v == mCancel) { 225 setResult(RESULT_CANCELED); 226 } 227 finish(); 228 } 229 } 230
