Merge "System installed launcher can see instant apps" into oc-dev

core/java/android/content/pm/PackageManagerInternal.java

@@ -343,5 +343,5 @@ public abstract class PackageManagerInternal {
     public abstract int getUidTargetSdkVersion(int uid);
 
     /** Whether the binder caller can access instant apps. */
-    public abstract boolean canAccessInstantApps(int callingUid);
+    public abstract boolean canAccessInstantApps(int callingUid, int userId);
 }

core/res/AndroidManifest.xml

@@ -3317,12 +3317,16 @@
          confirmation UI for full backup/restore -->
     <uses-permission android:name="android.permission.CONFIRM_FULL_BACKUP"/>
 
-
-    <!-- Allows the holder to access the instant applications on the device.
+    <!-- Allows the holder to access and manage instant applications on the device.
     @hide -->
     <permission android:name="android.permission.ACCESS_INSTANT_APPS"
             android:protectionLevel="signature|installer|verifier" />
 
+    <!-- Allows the holder to view the instant applications on the device.
+    @hide -->
+    <permission android:name="android.permission.VIEW_INSTANT_APPS"
+            android:protectionLevel="signature|preinstalled" />
+
     <!-- Allows receiving the usage of media resource e.g. video/audio codec and
          graphic memory.
          @hide -->

services/core/java/com/android/server/pm/PackageManagerService.java

@@ -3517,16 +3517,25 @@ public class PackageManagerService extends IPackageManager.Stub
      *     system partition.</li>
      * </ol>
      */
-    private boolean canAccessInstantApps(int callingUid) {
-        final boolean isSpecialProcess =
-                callingUid == Process.SYSTEM_UID
-                        || callingUid == Process.SHELL_UID
-                        || callingUid == Process.ROOT_UID;
-        final boolean allowMatchInstant =
-                isSpecialProcess
-                        || mContext.checkCallingOrSelfPermission(
-                        android.Manifest.permission.ACCESS_INSTANT_APPS) == PERMISSION_GRANTED;
-        return allowMatchInstant;
+    private boolean canViewInstantApps(int callingUid, int userId) {
+        if (callingUid == Process.SYSTEM_UID
+                || callingUid == Process.SHELL_UID
+                || callingUid == Process.ROOT_UID) {
+            return true;
+        }
+        if (mContext.checkCallingOrSelfPermission(
+                android.Manifest.permission.ACCESS_INSTANT_APPS) == PERMISSION_GRANTED) {
+            return true;
+        }
+        if (mContext.checkCallingOrSelfPermission(
+                android.Manifest.permission.VIEW_INSTANT_APPS) == PERMISSION_GRANTED) {
+            final ComponentName homeComponent = getDefaultHomeActivity(userId);
+            if (homeComponent != null
+                    && isCallerSameApp(homeComponent.getPackageName(), callingUid)) {
+                return true;
+            }
+        }
+        return false;
     }
 
     private PackageInfo generatePackageInfo(PackageSetting ps, int flags, int userId) {
@@ -3784,7 +3793,7 @@ public class PackageManagerService extends IPackageManager.Stub
         }
         if (ps.getInstantApp(userId)) {
             // caller can see all components of all instant applications, don't filter
-            if (canAccessInstantApps(callingUid)) {
+            if (canViewInstantApps(callingUid, userId)) {
                 return false;
             }
             // request for a specific instant application component, filter
@@ -4408,11 +4417,12 @@ public class PackageManagerService extends IPackageManager.Stub
             flags |= PackageManager.MATCH_VISIBLE_TO_INSTANT_APP_ONLY;
             flags |= PackageManager.MATCH_INSTANT;
         } else {
+            final boolean wantMatchInstant = (flags & PackageManager.MATCH_INSTANT) != 0;
             final boolean allowMatchInstant =
                     (wantInstantApps
                             && Intent.ACTION_VIEW.equals(intent.getAction())
                             && hasWebURI(intent))
-                    || canAccessInstantApps(callingUid);
+                    || (wantMatchInstant && canViewInstantApps(callingUid, userId));
             flags &= ~(PackageManager.MATCH_VISIBLE_TO_INSTANT_APP_ONLY
                     | PackageManager.MATCH_EXPLICITLY_VISIBLE_ONLY);
             if (!allowMatchInstant) {
@@ -5937,7 +5947,7 @@ public class PackageManagerService extends IPackageManager.Stub
         final int callingUid = Binder.getCallingUid();
         final int callingUserId = UserHandle.getUserId(callingUid);
         synchronized (mPackages) {
-            if (canAccessInstantApps(callingUid)) {
+            if (canViewInstantApps(callingUid, callingUserId)) {
                 return new ArrayList<String>(mPackages.keySet());
             }
             final String instantAppPkgName = getInstantAppPackageName(callingUid);
@@ -8146,9 +8156,7 @@ public class PackageManagerService extends IPackageManager.Stub
             final boolean returnAllowed =
                     ps != null
                     && (isCallerSameApp(packageName, callingUid)
-                            || mContext.checkCallingOrSelfPermission(
-                                    android.Manifest.permission.ACCESS_INSTANT_APPS)
-                                            == PERMISSION_GRANTED
+                            || canViewInstantApps(callingUid, userId)
                             || mInstantAppRegistry.isInstantAccessGranted(
                                     userId, UserHandle.getAppId(callingUid), ps.appId));
             if (returnAllowed) {
@@ -24381,8 +24389,8 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());
         }
 
         @Override
-        public boolean canAccessInstantApps(int callingUid) {
-            return PackageManagerService.this.canAccessInstantApps(callingUid);
+        public boolean canAccessInstantApps(int callingUid, int userId) {
+            return PackageManagerService.this.canViewInstantApps(callingUid, userId);
         }
     }
 

services/usage/java/com/android/server/usage/UsageStatsService.java

@@ -411,8 +411,8 @@ public class UsageStatsService extends SystemService implements
         }
     }
 
-    private boolean shouldObfuscateInstantAppsForCaller(int callingUid) {
-        return !mPackageManagerInternal.canAccessInstantApps(callingUid);
+    private boolean shouldObfuscateInstantAppsForCaller(int callingUid, int userId) {
+        return !mPackageManagerInternal.canAccessInstantApps(callingUid, userId);
     }
 
     void clearAppIdleForPackage(String packageName, int userId) {
@@ -1390,7 +1390,7 @@ public class UsageStatsService extends SystemService implements
             }
 
             final boolean obfuscateInstantApps = shouldObfuscateInstantAppsForCaller(
-                    Binder.getCallingUid());
+                    Binder.getCallingUid(), UserHandle.getCallingUserId());
 
             final int userId = UserHandle.getCallingUserId();
             final long token = Binder.clearCallingIdentity();
@@ -1435,7 +1435,7 @@ public class UsageStatsService extends SystemService implements
             }
 
             final boolean obfuscateInstantApps = shouldObfuscateInstantAppsForCaller(
-                    Binder.getCallingUid());
+                    Binder.getCallingUid(), UserHandle.getCallingUserId());
 
             final int userId = UserHandle.getCallingUserId();
             final long token = Binder.clearCallingIdentity();
@@ -1456,7 +1456,7 @@ public class UsageStatsService extends SystemService implements
                 throw re.rethrowFromSystemServer();
             }
             final boolean obfuscateInstantApps = shouldObfuscateInstantAppsForCaller(
-                    Binder.getCallingUid());
+                    Binder.getCallingUid(), userId);
             final long token = Binder.clearCallingIdentity();
             try {
                 return UsageStatsService.this.isAppIdleFilteredOrParoled(packageName, userId,