Sync adapters that don't have account access cannot run until
the user explicitly approves in the UI. This is spammy given
the user may not use the app right away. This change doesn't
show the notificaiton until the app has run.
bug:31162498
Change-Id: I1f4f2d2e9426f78763590e8aa542b94d6e93e488
Sync adapters without an account access cannot run until the
user approves the account access (for the case the account
access is not allowed by other policy such as being singed
with the same cert as the authenticator). However, if the
sync adapter package already got the account from another
app which means it already saw the account we white-list
the sync adapter app to access the account as it already
saw it - the bird is out of the cage.
bug:31162498
Change-Id: I2b72f3b0d6307561ed68db2f2e9c900b15e8d098
Now Configuration.EMPTY has fontScale set to 0 instead of default 1.
To get config equal to empty unset() method should be used.
Because of incorrect usage of setToDefaults() there was a black flash
when exiting split-screen because override config was no completely
empty. Fixing that also allows us to simplify things a bit when checking
if override config changed.
Bug: 31533188
Test: manual - long-press overview to enter split-screen, repeat to exit.
Change-Id: I6bf7994ff88ebb42db2e2357b762857710432a58
Also,
- Fixed failing tests when they are ran as a package vs.
individual classes due to multiple window manager instance.
- Correct some isVisible logic to so a window container that
is invisible is not said to be visible, because one of its
children is visible.
Bug: 30060889
Change-Id: I1bb8730361be2a9f5ce88cd59b7d57d5a459bde6
Build serial is non-user resettable freely available deivice
identifier. It can be used by ad-netowrks to track the user
across apps which violates the user's privacy.
This change deprecates Build.SERIAL and adds a new Build.getSerial()
API which requires holding the read_phone_state permission.
The Build.SERIAL value is set to "undefined" for apps targeting
high enough SDK and for legacy app the value is still available.
bug:31402365
Change-Id: Iddd13430b2bd1d9ab4966e31038ecabdbdcec06d
Sync adapters that don't have account access cannot run until
the user explicitly approves in the UI. This is spammy given
the user may not use the app right away. This change doesn't
show the notificaiton until the app has run.
bug:31162498
Change-Id: I1f4f2d2e9426f78763590e8aa542b94d6e93e488
Sync adapters without an account access cannot run until the
user approves the account access (for the case the account
access is not allowed by other policy such as being singed
with the same cert as the authenticator). However, if the
sync adapter package already got the account from another
app which means it already saw the account we white-list
the sync adapter app to access the account as it already
saw it - the bird is out of the cage.
bug:31162498
Change-Id: I2b72f3b0d6307561ed68db2f2e9c900b15e8d098
Filter ordering allows automatic disambiguation between multiple filters
that matching a pattern. Ordering currently only works for EphemeralResolveInfo
objects.
Bug: 30837021
Change-Id: Ia217218c7c7d159dbd75d7733c45556e690d06d2
Add functionality to capture/intercept installd communication, and
use this to return the full communication for dexopt. These parameters
can be used to drive otapreopt_chroot directly.
Keep the old direct invocation alive until devices have transitioned
to a service that exposes this API.
In preparation for renaming of A/B OTA artifacts to include target
slot names.
Bug: 25612095
Bug: 28069686
Change-Id: I14728ee1266f3882cada8f08dd21891ed5f7a0cb
(cherry picked from commit cc241a580c)
To be able to report progress of an A/B OTA dexopt, expose a
progress function that the script can query.
Bug: 25612095
Bug: 29223204
Change-Id: Ie8162946d18f6fa78649a40ad5d3949d31a181cd
(cherry picked from commit bf06232f4d)
Added RegisteredServicesCache.updateServices method which allows callers
to request an update to services for which package has been updated.
Added a call to updateServices in getAuthenticatorTypesInternal
Test: Manually tested update flow on test authenticator with an artificial
delay in broadcast handling
Bug: 30979262
Change-Id: I499b2ee0be53fed01201c56068d929b6d621a78e
It was possible for a sync adapter without accounts access to
see the account which it is supposed to sync which can be used to
identify the user. This change ensures that only sync adapters
with account access can run (which results in seeing the account),
otherwise we involve the user to approve access only to this account.
A sync adapter can access an account if one of these is true:
- it is signed as the authenticator for this account
- has the GET_ACCOUNTS permission
- has an auth token for the account
- it is a preinstalled app (system or privileged)
The main thing we need to figure out is if the extra prompts
for giving access to a sync adapter to the account create too
much friction.
bug:28163381
Change-Id: Ie083bb681b5a2aed81ca5f6a062193a175fad77e
