According to Android API council we shouldn't add a new semantic-action
flag to mark an action as contextual. Instead we should use a boolean
flag.
This CL adds that boolean flag.
Bug: 120842160
Test: build and run Notify app (in
vendor/google_experimental/users/cinek/), and ensure smart actions are
showing when the 'No Smart Actions' chooser is changed to
'Short Smart Actions'.
Change-Id: I5fc6dfa37ab28e3f29529cb6fda99c049783eb80
Introduce a new range of app-zygote isolated UIDs, [90000..98999].
For each app that uses an application Zygote, allocate a range of
100 isolated UIDs. The application Zygote for an app will get a
UID out of that range, and all other children that are forked
from that zygote will get a UID from the same range.
Bug: 111434506
Test: app Zygote and its children run in the new range of
isolated UIDs (with SELinux disabled). New set of
tests for UID allocators pass.
Change-Id: I7a6883a5ddb95683932c93ea77f4e52d8f37fa4f
When an application has requested isolated services to be spawned
from an app zygote, we need to spawn the app zygote itself, and then
ask it to fork an isolated service.
The application zygote currently only creates the class loader, and
doesn't do much else. We keep track of the isolated services that
use the app zygote, and when the last isolated service goes away,
we stop the app zygote itself (after a timeout).
The app zygote itself runs with the app's UID and under the app
seccomp filter. That last one is too restricted, so this currently
only works with SELinux disabled.
Future CLs will add an application callback for preloading.
Test: start multiple isolated services with useAppZygote="true",
verify app_zygote starts, services start as a child of
app_zygote. Stopping all services stops app_zygote as well.
Bug: 111434506
Change-Id: I10ee1d4bd148c9298974d434fbc5e5eccbec16cb
Entries from DownloadProvider are added to MediaStore Downloads
collection. COLUMN_MEDIASTORE_URI will be used to track corresponding
entries in MediaProvider. We can't re-use COLUMN_MEDIAPROVIDER_URI
for this purpose because it is updateable by apps.
Bug: 120876251
Test: atest DownloadProviderTests
Test: atest cts/tests/app/src/android/app/cts/DownloadManagerTest.java
Test: atest MediaProviderTests
Test: atest cts/tests/tests/provider/src/android/provider/cts/MediaStore*
Change-Id: Ifd252c54f4ee739a31be2866896efac6696a088e
The new isolated storage model we're building in Q introduces new
strongly-typed media permissions which replace the broad "Storage"
runtime permission.
That legacy "Storage" permission is marked as being "removed", and
it also splits into the new media permissions, but apps are confused
when they request the "Storage" permission, which no longer appears
as granted when the user accepts the new split media permissions.
After discussing with the permissions team, the best short-term
solution is to add special-case logic that grants the legacy
permissions when *any* of the new media permissions have also been
granted. Only when the user revokes *all* of the new media
permissions is the legacy permission then revoked. (MediaProvider
is already internally filtering the relevant content based on what
new media permissions the caller holds.)
Bug: 121227859
Test: manual
Change-Id: Ic87f7f93a816e91f7189509386255a260378c255
The "delete" operation is immediate and permanent, and users may wish
to instead mark content as being "trashed", so they can recover
accidentally trashed items before they're permanently deleted.
The default trash timeout is 48 hours, which should be enough time
to recover items the user cares about. Apps can also use a custom
timeout if desired.
This is implemented by recording an "expiration" time for trashed
items, and deleting expired items during the next idle maintenance
pass. Also use this expiration time to clean up pending items that
haven't been published; by default apps have a day to publish
pending items.
Bug: 121227045
Test: atest MediaProviderTests
Test: atest cts/tests/tests/provider/src/android/provider/cts/MediaStore*
Change-Id: I2e371b308dc135ad5363709a6f5385e4456bcb96
The manifest permission usage info declarations are limited in what they
allow the applications to specify. Applications can have an activity for
that handles this intent in order to provide free form application
specific details such as privacy policies, specific examples, etc.
Test: API definition, usage will follow
Bug: 111207567
Change-Id: I90b292e4c1cb8847a9a9d7b8071aaff2ee7d11fb
The existing buckets work well for first-level clustering of related
media, but it's common for multiple media items within a directory
to form a conceptual unit. To support this, we're creating a
second-level of bucketing which is formed using the first part of
the file name.
This supports common industry-standard patterns like:
IMG1024.JPG
IMG1024.CR2
While also opening the door to further flexibility in the future:
IMG1024.JPG
IMG1024.HDR.JPG
IMG1024.BURST001.JPG
IMG1024.BURST002.JPG
IMG1024.BURST003.JPG
IMG1024.DNG
IMG1024.DEBUG.BIN
We're currently advocating that the default representation of one of
these secondary clusters is the shortest .JPG filename contained
inside, with length ties broken alphabetically.
Clean up database management so that upgraded schema always matches
pristine schema, with tests to verify. Generate views using the
actual projection mappings used at runtime.
Bug: 115377970
Test: atest MediaProviderTests
Test: atest cts/tests/tests/provider/src/android/provider/cts/MediaStore*
Change-Id: Ic679055ab6c884d2048626f51670a5dd370281c0
This method is needed so that precompiled layouts can reuse the factory logic
from the LayoutInflater.
Bug: 111895153
Test: atest android.view.cts.LayoutInflaterTest
Change-Id: Ifd1028906b655af2bd14247d586dc16b35550c82
SurfaceView setVisibility handles removing the surface already. By
forwarding the visiblity call from AV to the SV, SV will destroy the
surface. It will callback into AV through SurfaceCallback.surfaceDestroyed.
In the callback, AV removes the surface for the display, causing the
virtual display to turn off. When the virtual display is turned off, the
activities on that display will get stopped.
Test: ActivityViewVisibilityActivity
Change-Id: Iea8b57d7871b8c87457f2ae19485a610d0d74c38
Tracking SurfaceFlinger changes. Now to construct a child surface
we need the SurfaceControl as opposed to just the surface, and so
we parcel the SurfaceControl across relayout.
Test: Manual
Bug: 62536731
Bug: 111373437
Bug: 111297488
Change-Id: I0a034767e92becec63071d7b1e3e71b95d505b77
Ensure that the client visibility state affects other subsystems,
like accessibility as well as input.
Test: WindowStateTest
Bug: 118118435
Change-Id: I8a50a0b82dc76e578861967197350eaa3867f837
Also update SettingsProvider to resolve calling packages based on uids
when receiving calls to put or reset values in the config table. This
was necessary because the command line tool calls the DeviceConfig API,
which calls through to SettingsProvider. That was resulting in a
shell uid with an android package prior to this change.
Test: atest SettingsProviderTest:DeviceConfigServiceTest
Bug: 122304633
Change-Id: Ic80c734eb75dcaac688507c241b0995b7488a84f
