am 3327f3d6: Merge "Add use fingerprint app op - framework" into mnc-dev
* commit '3327f3d6886a96ad70f4e96e4b7c26b9555429b6': Add use fingerprint app op - framework
This commit is contained in:
Svetoslav
@@ -221,8 +221,10 @@ public class AppOpsManager {
|
||||
public static final int OP_USE_SIP = 53;
|
||||
/** @hide Intercept outgoing calls. */
|
||||
public static final int OP_PROCESS_OUTGOING_CALLS = 54;
|
||||
/** @hide User the fingerprint API. */
|
||||
public static final int OP_USE_FINGERPRINT = 55;
|
||||
/** @hide */
|
||||
public static final int _NUM_OP = 55;
|
||||
public static final int _NUM_OP = 56;
|
||||
|
||||
/** Access to coarse location information. */
|
||||
public static final String OPSTR_COARSE_LOCATION = "android:coarse_location";
|
||||
@@ -357,7 +359,8 @@ public class AppOpsManager {
|
||||
OP_READ_PHONE_STATE,
|
||||
OP_ADD_VOICEMAIL,
|
||||
OP_USE_SIP,
|
||||
OP_PROCESS_OUTGOING_CALLS
|
||||
OP_PROCESS_OUTGOING_CALLS,
|
||||
OP_USE_FINGERPRINT
|
||||
};
|
||||
|
||||
/**
|
||||
@@ -419,6 +422,7 @@ public class AppOpsManager {
|
||||
null,
|
||||
null,
|
||||
null,
|
||||
null,
|
||||
null
|
||||
};
|
||||
|
||||
@@ -481,7 +485,8 @@ public class AppOpsManager {
|
||||
"OP_READ_PHONE_STATE",
|
||||
"ADD_VOICEMAIL",
|
||||
"USE_SIP",
|
||||
"PROCESS_OUTGOING_CALLS"
|
||||
"PROCESS_OUTGOING_CALLS",
|
||||
"USE_FINGERPRINT"
|
||||
};
|
||||
|
||||
/**
|
||||
@@ -543,7 +548,8 @@ public class AppOpsManager {
|
||||
Manifest.permission.READ_PHONE_STATE,
|
||||
Manifest.permission.ADD_VOICEMAIL,
|
||||
Manifest.permission.USE_SIP,
|
||||
Manifest.permission.PROCESS_OUTGOING_CALLS
|
||||
Manifest.permission.PROCESS_OUTGOING_CALLS,
|
||||
Manifest.permission.USE_FINGERPRINT
|
||||
};
|
||||
|
||||
/**
|
||||
@@ -606,7 +612,8 @@ public class AppOpsManager {
|
||||
null, // READ_PHONE_STATE
|
||||
null, // ADD_VOICEMAIL
|
||||
null, // USE_SIP
|
||||
null // PROCESS_OUTGOING_CALLS
|
||||
null, // PROCESS_OUTGOING_CALLS
|
||||
null // USE_FINGERPRINT
|
||||
};
|
||||
|
||||
/**
|
||||
@@ -668,7 +675,8 @@ public class AppOpsManager {
|
||||
false, //READ_PHONE_STATE
|
||||
false, //ADD_VOICEMAIL
|
||||
false, // USE_SIP
|
||||
false // PROCESS_OUTGOING_CALLS
|
||||
false, // PROCESS_OUTGOING_CALLS
|
||||
false // USE_FINGERPRINT
|
||||
};
|
||||
|
||||
/**
|
||||
@@ -729,6 +737,7 @@ public class AppOpsManager {
|
||||
AppOpsManager.MODE_ALLOWED,
|
||||
AppOpsManager.MODE_ALLOWED,
|
||||
AppOpsManager.MODE_ALLOWED,
|
||||
AppOpsManager.MODE_ALLOWED,
|
||||
AppOpsManager.MODE_ALLOWED
|
||||
};
|
||||
|
||||
@@ -794,6 +803,7 @@ public class AppOpsManager {
|
||||
false,
|
||||
false,
|
||||
false,
|
||||
false,
|
||||
false
|
||||
};
|
||||
|
||||
|
||||
@@ -434,7 +434,8 @@ public class FingerprintManager {
|
||||
mAuthenticationCallback = callback;
|
||||
mCryptoObject = crypto;
|
||||
long sessionId = crypto != null ? crypto.getOpId() : 0;
|
||||
mService.authenticate(mToken, sessionId, userId, mServiceReceiver, flags);
|
||||
mService.authenticate(mToken, sessionId, userId, mServiceReceiver, flags,
|
||||
mContext.getOpPackageName());
|
||||
} catch (RemoteException e) {
|
||||
Log.w(TAG, "Remote exception while authenticating: ", e);
|
||||
if (callback != null) {
|
||||
@@ -555,7 +556,7 @@ public class FingerprintManager {
|
||||
*/
|
||||
public List<Fingerprint> getEnrolledFingerprints(int userId) {
|
||||
if (mService != null) try {
|
||||
return mService.getEnrolledFingerprints(userId);
|
||||
return mService.getEnrolledFingerprints(userId, mContext.getOpPackageName());
|
||||
} catch (RemoteException e) {
|
||||
Log.v(TAG, "Remote exception in getEnrolledFingerprints: ", e);
|
||||
}
|
||||
@@ -579,7 +580,8 @@ public class FingerprintManager {
|
||||
*/
|
||||
public boolean hasEnrolledFingerprints() {
|
||||
if (mService != null) try {
|
||||
return mService.hasEnrolledFingerprints(UserHandle.myUserId());
|
||||
return mService.hasEnrolledFingerprints(UserHandle.myUserId(),
|
||||
mContext.getOpPackageName());
|
||||
} catch (RemoteException e) {
|
||||
Log.v(TAG, "Remote exception in getEnrolledFingerprints: ", e);
|
||||
}
|
||||
@@ -595,7 +597,7 @@ public class FingerprintManager {
|
||||
if (mService != null) {
|
||||
try {
|
||||
long deviceId = 0; /* TODO: plumb hardware id to FPMS */
|
||||
return mService.isHardwareDetected(deviceId);
|
||||
return mService.isHardwareDetected(deviceId, mContext.getOpPackageName());
|
||||
} catch (RemoteException e) {
|
||||
Log.v(TAG, "Remote exception in isFingerprintHardwareDetected(): ", e);
|
||||
}
|
||||
@@ -614,7 +616,7 @@ public class FingerprintManager {
|
||||
public long getAuthenticatorId() {
|
||||
if (mService != null) {
|
||||
try {
|
||||
return mService.getAuthenticatorId();
|
||||
return mService.getAuthenticatorId(mContext.getOpPackageName());
|
||||
} catch (RemoteException e) {
|
||||
Log.v(TAG, "Remote exception in getAuthenticatorId(): ", e);
|
||||
}
|
||||
@@ -736,7 +738,7 @@ public class FingerprintManager {
|
||||
|
||||
private void cancelAuthentication(CryptoObject cryptoObject) {
|
||||
if (mService != null) try {
|
||||
mService.cancelAuthentication(mToken);
|
||||
mService.cancelAuthentication(mToken, mContext.getOpPackageName());
|
||||
} catch (RemoteException e) {
|
||||
if (DEBUG) Log.w(TAG, "Remote exception while canceling enrollment");
|
||||
}
|
||||
|
||||
@@ -27,10 +27,10 @@ import java.util.List;
|
||||
interface IFingerprintService {
|
||||
// Authenticate the given sessionId with a fingerprint
|
||||
void authenticate(IBinder token, long sessionId, int groupId,
|
||||
IFingerprintServiceReceiver receiver, int flags);
|
||||
IFingerprintServiceReceiver receiver, int flags, String opPackageName);
|
||||
|
||||
// Cancel authentication for the given sessionId
|
||||
void cancelAuthentication(IBinder token);
|
||||
void cancelAuthentication(IBinder token, String opPackageName);
|
||||
|
||||
// Start fingerprint enrollment
|
||||
void enroll(IBinder token, in byte [] cryptoToken, int groupId, IFingerprintServiceReceiver receiver,
|
||||
@@ -46,16 +46,16 @@ interface IFingerprintService {
|
||||
void rename(int fingerId, int groupId, String name);
|
||||
|
||||
// Get a list of enrolled fingerprints in the given group.
|
||||
List<Fingerprint> getEnrolledFingerprints(int groupId);
|
||||
List<Fingerprint> getEnrolledFingerprints(int groupId, String opPackageName);
|
||||
|
||||
// Determine if HAL is loaded and ready
|
||||
boolean isHardwareDetected(long deviceId);
|
||||
boolean isHardwareDetected(long deviceId, String opPackageName);
|
||||
|
||||
// Get a pre-enrollment authentication token
|
||||
long preEnroll(IBinder token);
|
||||
|
||||
// Determine if a user has at least one enrolled fingerprint
|
||||
boolean hasEnrolledFingerprints(int groupId);
|
||||
boolean hasEnrolledFingerprints(int groupId, String opPackageName);
|
||||
|
||||
// Gets the number of hardware devices
|
||||
// int getHardwareDeviceCount();
|
||||
@@ -64,5 +64,5 @@ interface IFingerprintService {
|
||||
// long getHardwareDevice(int i);
|
||||
|
||||
// Gets the authenticator ID for fingerprint
|
||||
long getAuthenticatorId();
|
||||
long getAuthenticatorId(String opPackageName);
|
||||
}
|
||||
|
||||
@@ -16,14 +16,15 @@
|
||||
|
||||
package com.android.server.fingerprint;
|
||||
|
||||
import android.app.AppOpsManager;
|
||||
import android.content.ContentResolver;
|
||||
import android.content.Context;
|
||||
import android.os.Binder;
|
||||
import android.os.Handler;
|
||||
import android.os.IBinder;
|
||||
import android.os.Looper;
|
||||
import android.os.MessageQueue;
|
||||
import android.os.RemoteException;
|
||||
import android.util.ArrayMap;
|
||||
import android.util.Slog;
|
||||
|
||||
import com.android.server.SystemService;
|
||||
@@ -39,6 +40,7 @@ import static android.Manifest.permission.USE_FINGERPRINT;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
@@ -55,6 +57,8 @@ public class FingerprintService extends SystemService {
|
||||
private ClientMonitor mEnrollClient = null;
|
||||
private ClientMonitor mRemoveClient = null;
|
||||
|
||||
private final AppOpsManager mAppOps;
|
||||
|
||||
private static final int MSG_NOTIFY = 10;
|
||||
|
||||
private static final int ENROLLMENT_TIMEOUT_MS = 60 * 1000; // 1 minute
|
||||
@@ -96,6 +100,7 @@ public class FingerprintService extends SystemService {
|
||||
public FingerprintService(Context context) {
|
||||
super(context);
|
||||
mContext = context;
|
||||
mAppOps = context.getSystemService(AppOpsManager.class);
|
||||
nativeInit(Looper.getMainLooper().getQueue(), this);
|
||||
}
|
||||
|
||||
@@ -361,6 +366,13 @@ public class FingerprintService extends SystemService {
|
||||
"Must have " + permission + " permission.");
|
||||
}
|
||||
|
||||
private boolean canUserFingerPrint(String opPackageName) {
|
||||
checkPermission(USE_FINGERPRINT);
|
||||
|
||||
return mAppOps.noteOp(AppOpsManager.OP_USE_FINGERPRINT, Binder.getCallingUid(),
|
||||
opPackageName) == AppOpsManager.MODE_ALLOWED;
|
||||
}
|
||||
|
||||
private class ClientMonitor implements IBinder.DeathRecipient {
|
||||
IBinder token;
|
||||
IFingerprintServiceReceiver receiver;
|
||||
@@ -522,8 +534,11 @@ public class FingerprintService extends SystemService {
|
||||
@Override
|
||||
// Binder call
|
||||
public void authenticate(final IBinder token, final long opId, final int groupId,
|
||||
final IFingerprintServiceReceiver receiver, final int flags) {
|
||||
final IFingerprintServiceReceiver receiver, final int flags, String opPackageName) {
|
||||
checkPermission(USE_FINGERPRINT);
|
||||
if (!canUserFingerPrint(opPackageName)) {
|
||||
return;
|
||||
}
|
||||
mHandler.post(new Runnable() {
|
||||
@Override
|
||||
public void run() {
|
||||
@@ -535,8 +550,10 @@ public class FingerprintService extends SystemService {
|
||||
@Override
|
||||
|
||||
// Binder call
|
||||
public void cancelAuthentication(final IBinder token) {
|
||||
checkPermission(USE_FINGERPRINT);
|
||||
public void cancelAuthentication(final IBinder token, String opPackageName) {
|
||||
if (!canUserFingerPrint(opPackageName)) {
|
||||
return;
|
||||
}
|
||||
mHandler.post(new Runnable() {
|
||||
@Override
|
||||
public void run() {
|
||||
@@ -561,8 +578,10 @@ public class FingerprintService extends SystemService {
|
||||
|
||||
@Override
|
||||
// Binder call
|
||||
public boolean isHardwareDetected(long deviceId) {
|
||||
checkPermission(USE_FINGERPRINT);
|
||||
public boolean isHardwareDetected(long deviceId, String opPackageName) {
|
||||
if (!canUserFingerPrint(opPackageName)) {
|
||||
return false;
|
||||
}
|
||||
return mHalDeviceId != 0; // TODO
|
||||
}
|
||||
|
||||
@@ -580,21 +599,27 @@ public class FingerprintService extends SystemService {
|
||||
|
||||
@Override
|
||||
// Binder call
|
||||
public List<Fingerprint> getEnrolledFingerprints(int groupId) {
|
||||
checkPermission(USE_FINGERPRINT);
|
||||
public List<Fingerprint> getEnrolledFingerprints(int groupId, String opPackageName) {
|
||||
if (!canUserFingerPrint(opPackageName)) {
|
||||
return Collections.emptyList();
|
||||
}
|
||||
return FingerprintService.this.getEnrolledFingerprints(groupId);
|
||||
}
|
||||
|
||||
@Override
|
||||
// Binder call
|
||||
public boolean hasEnrolledFingerprints(int groupId) {
|
||||
checkPermission(USE_FINGERPRINT);
|
||||
public boolean hasEnrolledFingerprints(int groupId, String opPackageName) {
|
||||
if (!canUserFingerPrint(opPackageName)) {
|
||||
return false;
|
||||
}
|
||||
return FingerprintService.this.hasEnrolledFingerprints(groupId);
|
||||
}
|
||||
|
||||
@Override
|
||||
public long getAuthenticatorId() {
|
||||
checkPermission(USE_FINGERPRINT);
|
||||
public long getAuthenticatorId(String opPackageName) {
|
||||
if (!canUserFingerPrint(opPackageName)) {
|
||||
return 0;
|
||||
}
|
||||
return nativeGetAuthenticatorId();
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user