Without the permission "adb shell cmd uimode night <mode>" doesn't work.
Adding the permission to the AndroidManifest file so the shell command
will work.
Bug: 155584597
Test: run `adb shell cmd uimode night <no|yes|auto>`
Change-Id: Ibfb145d762c73bba9de639d4050b9b26e4778cc9
The package installer v2 APIs were marked as @SystemApi merely as
a convenience for development. These APIs may change in the next
version of Android and their usage must be strictly controlled.
Bug: 151716357
Test: Manual. Use old Shell and see that incremental installation fails with a SecurityException
Test: Manual. Request INSTALLER_V2 permission for shell and see that incremental installation succeeds
Change-Id: I9612dc145eadda20083bcc43e7a35ef3cd90aa40
So we can test system APIs in cts.
Bug: 150952758
Test: atest android.media.tv.tuner.cts.TunerTest
Change-Id: Ife5a5f712cdf3d3c2e5dd747fa1d3bc8c165b85b
This permission is needed for wifi CTS tests.
Is the minimally scoped permission that needs to be added?
- Yes, this only allows the app to influnce wifi vs lte network
selection algorithm.
What options did you explore that did not need this permission?
- Without this permission, it would be impossible to test these API's:
WifiManager.setWifiConnectedNetworkScorer()
WifiManager.clearWifiConnectedNetworkScorer()
WifiManager.clearWifiConnectedNetworkScorer()
WifiManager.addOnWifiUsabilityStatsListener()
Bug: 150236894
Test: Device boots up.
Change-Id: Ic173e44ab818cdfecebde80715ddaec347019db6
Merged-In: Ic173e44ab818cdfecebde80715ddaec347019db6
This permission is needed for wifi CTS tests.
Is the minimally scoped permission that needs to be added?
- Yes, this only allows the app to influnce wifi vs lte network
selection algorithm.
What options did you explore that did not need this permission?
- Without this permission, it would be impossible to test these API's:
WifiManager.setWifiConnectedNetworkScorer()
WifiManager.clearWifiConnectedNetworkScorer()
WifiManager.clearWifiConnectedNetworkScorer()
WifiManager.addOnWifiUsabilityStatsListener()
Bug: 150236894
Test: Device boots up.
Change-Id: Ic173e44ab818cdfecebde80715ddaec347019db6
Add MODIFY_DEFAULT_AUDIO_EFFECTS permission to shell which
is needed to run GTS tests on @systemApis for
audio effects control.
Bug: 148703417
Test: run gts -m GtsAudioTestCases -t com.google.android.audio.gts.DeviceEffectTest#testCreateDeviceEffect
Change-Id: Iba579001aeffd85743850727135a6f536579ea17
Merged-In: Iba579001aeffd85743850727135a6f536579ea17
Add MODIFY_DEFAULT_AUDIO_EFFECTS permission to shell which
is needed to run GTS tests on @systemApis for
audio effects control.
Bug: 148703417
Test: run gts -m GtsAudioTestCases -t com.google.android.audio.gts.DeviceEffectTest#testCreateDeviceEffect
Change-Id: Iba579001aeffd85743850727135a6f536579ea17
This reverts commit 7df351b66f.
Reason for revert: It is not appropriate from a security perspective for the shell to have this permission.
Test: None
Bug: 150236894
Change-Id: I1f2b69320540731f6d3044f31e2bc999281f8342
Merged-In: I5b933fe6850ebd5b5f230c16722357ead4ec4286
(This change was merged internally first.)
Bug: 151096665
Test: presubmit
This is needed for CTS tests to be able to call
Settings.System.putString(..., overrideableByRestore=true)
Change-Id: I7eb64df187bd59509067130c31c2e804f75d9830
This reverts commit 8d14f5162a.
Bug: 150236894
Reason for revert: It is not appropriate from a security perspective for the shell to have this permission.
Change-Id: I5b933fe6850ebd5b5f230c16722357ead4ec4286
Make REGISTER_STATS_PULL_ATOM permission available to Shell to allow
testing it in gts.
Is the minimally scoped permission that needs to be added?
Yes, it is the only permission to register pulled atoms.
What options did you explore that did not need this permission?
I explored expanding the permission to be development in addition to
privileged, and giving the permission to gmscore. However, this solution
was recommended to me by the GTS team. If there are better ways to enable
testing the API in GTS, I am open to feedback.
Test: atest GtsStatsdHostTestCases
Bug: 150329323
Change-Id: I103d937842beaa2d918181b1a952d27179411dcc
Grant NETWORK_STACK permission to the shell so
that CTS can use the shell identity to call
APIs protected with this permission.
Bug: 150236894
Test: atest android.net.wifi.cts.WifiManagerTest#testGetCountryCode
Change-Id: I4f93e76bcda83c528f1f2c7bcf800965886ea8da
Merged-In: I4f93e76bcda83c528f1f2c7bcf800965886ea8da
(clean cherry pick from AOSP)
Change-Id: I1502b2d53d3d43cce36ba6563533cd3560ff8747
This permission is needed for some wifi CTS tests.
Is the minimally scoped permission that needs to be added?
- Yes, this only allows the retireval of the saved wifi network
credentials on the device.
What options did you explore that did not need this permission?
- Possibly creating a UI to ask for manual entry of network credentials.
But, that would not let us do automated CTS tests (will need to become
CTS verifier tests then).
Bug: 150236894
Test: atest android.net.wifi.cts.WifiNetworkSpecifierTest
Change-Id: I6881003510191f667950be1ab27a5399fe3914b4
Merged-In: I6881003510191f667950be1ab27a5399fe3914b4
This permission is needed for some wifi CTS tests.
Is the minimally scoped permission that needs to be added?
- Yes, this only allows the retireval of the saved wifi network
credentials on the device.
What options did you explore that did not need this permission?
- Possibly creating a UI to ask for manual entry of network credentials.
But, that would not let us do automated CTS tests (will need to become
CTS verifier tests then).
Bug: 150236894
Test: atest android.net.wifi.cts.WifiNetworkSpecifierTest
Change-Id: I6881003510191f667950be1ab27a5399fe3914b4
Grant NETWORK_STACK permission to the shell so
that CTS can use the shell identity to call
APIs protected with this permission.
Bug: 150236894
Test: atest android.net.wifi.cts.WifiManagerTest#testGetCountryCode
Change-Id: I4f93e76bcda83c528f1f2c7bcf800965886ea8da
1. This is a minimally scoped permission (which allows the new WiFi API's
to silently connect to a wifi network).
2. I explored writing a GTS test instead of a CTS test, with the idea being that it would run inside the Android Auto user. Unfortunately the API under test requires two permissions, MANAGE_COMPANION_DEVICES and COMPANION_APPROVE_WIFI_CONNECTIONS. Android Auto will only have COMPANION_APPROVE_WIFI_CONNECTIONS, and if I elevate to Shell privileges the test will have MANAGE_COMPANION_DEVICES, but not COMPANION_APPROVE_WIFI_CONNECTIONS. Beyond this, I've been told that it's better for us to test this API in CTS than what it is under GTS.
The addition of the permission to androis.os.shell could theoretically allow it to connect to a WiFi network using the new WiFi APIs without the user being prompted. Android R will still allow the legacy WiFi API's which also allow wifi connections without users being prompted without this permission. Android Auto requires the new API's as they better handle cases of connecting to WiFi networks with no internet access. The old API's will not always result in fallback to LTE, whereas the new ones do that.
Test: Unit test in separate change.
Change-Id: Ifd8ae6b7e53307ea8973406fdefa468dfa679bda
Bug: b/147748710
UsageStats will return obfuscated NOTIFICATION_SEEN or
NOTIFICATION_INTERRUPTION events to callers of #queryEvents
and #queryEventsForUser if they don't hold the MANAGE_NOTIFICATIONS
permission.
Additionaly, refactor the query API in UsageStats to take in flags as
defined in UsageEvents to make future obfuscation/visibility parameters
cleaner.
Also, add the MANAGE_NOTIFICATIONS permission to shell for CTS test.
Bug: 144724524
Test: atest android.app.usage.cts.UsageStatsTest
Test: atest com.android.server.people.data.UsageStatsQueryHelperTest
Test: atest android.content.pm.cts.shortcutmanager.ShortcutManagerUsageTest
Change-Id: I118de7e589ac8dd5924d3740c70903fa484b79b5
UsageStats will not return LOCUS_ID_SET events to callers
of #queryEvents and #queryEventsForUser if they don't have visibility.
Bug: 148821246
Test: manual, atest tests/tests/app.usage/src/android/app/usage/cts/UsageStatsTest
Change-Id: Ic904a97e66775ef63bc8b84e67e8f430b2a4121b
This reverts commit 349b2c11e9.
Reason for revert: This change was already made in aosp/1205113 and now Shell requests the permission twice.
Change-Id: Ice5522d7095f9b0dbc96c2ff31a976bfdd942c5a
In configurations where AOSP Settings.apk is not included, there might
not be any home activity. E.g. CSI doesn't have Settings.apk.
This CL adds a null home activity to Shell.apk, which is in CSI,
so the framework can be in a sane state. Without such null home
activity in CSI, package manager fails to install any APKs.
Bug: 148044842
Test: $ lunch csi_arm64-userdebug; m -j
# Flash CSI to a Pixel (with AVB disabled) and reboot
$ m DeviceHealthChecks
$ adb install $OUT/testcases/DeviceHealthTests/arm64/DeviceHealthTests.apk
Performing Streamed Install
Success
Change-Id: I87999e30298bbe42af64f28e88fc6dc5975f1ca3
- READ_COMPAT_CHANGE_CONFIG is required to read the current state of the
config
- LOG_COMPAT_CHANGE is required to log the status of a compat change for
a package and/or uid to statsd
- OVERRIDE_COMPAT_CHANGE_CONFIG is required to add overrides
The permissions must be signature|privileged, as there are already
examples of code which this would not be sufficient (e.g.
MediaProvider).
This is a re-landing of https://r.android.com/1209240, which was
reverted due to http://b/142942524. The actual fix was done in
http://ag/10234812.
Bug: 142650523
Test: atest PlatformCompatTest
Test: atest PlatformCompatPermissionsTest
Change-Id: Ie9429477c9a1725b5cb67756787bf742038e5d2b
Shell already can reboot a device (via `adb reboot` command). This
change allows shell to also trigger a reboot logic inside the
system_server.
Additionally, it allows to CTS test PowerManager.reboot API.
Test: adb shell svc reboot
Change-Id: I4545c4f3587fee2840a00648c569f75bb57501fc
Merged-In: I4545c4f3587fee2840a00648c569f75bb57501fc
