diff --git a/AndroidManifest.xml b/AndroidManifest.xml index 177e750c892..de54b83a220 100644 --- a/AndroidManifest.xml +++ b/AndroidManifest.xml @@ -5515,12 +5515,12 @@ android:exported="true" android:permission="android.permission.BLUETOOTH_PRIVILEGED" /> - - + + android:featureFlag="com.android.settings.flags.catalyst_service" + android:permission="android.permission.READ_SYSTEM_PREFERENCES"> diff --git a/src/com/android/settings/SettingsService.kt b/src/com/android/settings/SettingsService.kt index b7c6220bd23..8eaa1e973e3 100644 --- a/src/com/android/settings/SettingsService.kt +++ b/src/com/android/settings/SettingsService.kt @@ -16,21 +16,19 @@ package com.android.settings -import android.content.Intent -import com.android.settings.flags.Flags +import android.Manifest.permission.WRITE_SYSTEM_PREFERENCES +import android.app.AppOpsManager.OP_WRITE_SYSTEM_PREFERENCES import com.android.settings.metrics.SettingsRemoteOpMetricsLogger import com.android.settingslib.ipc.ApiPermissionChecker +import com.android.settingslib.ipc.AppOpApiPermissionChecker import com.android.settingslib.service.PreferenceService /** Service to expose settings APIs. */ class SettingsService : PreferenceService( graphPermissionChecker = ApiPermissionChecker.alwaysAllow(), - setterPermissionChecker = ApiPermissionChecker.alwaysAllow(), + setterPermissionChecker = + AppOpApiPermissionChecker(OP_WRITE_SYSTEM_PREFERENCES, WRITE_SYSTEM_PREFERENCES), getterPermissionChecker = ApiPermissionChecker.alwaysAllow(), metricsLogger = SettingsRemoteOpMetricsLogger(), - ) { - - override fun onBind(intent: Intent) = - if (Flags.catalystService()) super.onBind(intent) else null -} + ) diff --git a/src/com/android/settings/service/PreferenceService.kt b/src/com/android/settings/service/PreferenceService.kt index 9843847304e..6710f927515 100644 --- a/src/com/android/settings/service/PreferenceService.kt +++ b/src/com/android/settings/service/PreferenceService.kt @@ -16,6 +16,8 @@ package com.android.settings.service +import android.Manifest.permission.WRITE_SYSTEM_PREFERENCES +import android.app.AppOpsManager.OP_WRITE_SYSTEM_PREFERENCES import android.os.Binder import android.os.OutcomeReceiver import android.service.settings.preferences.GetValueRequest @@ -32,6 +34,7 @@ import com.android.settingslib.graph.PreferenceGetterApiHandler import com.android.settingslib.graph.PreferenceGetterFlags import com.android.settingslib.graph.PreferenceSetterApiHandler import com.android.settingslib.ipc.ApiPermissionChecker +import com.android.settingslib.ipc.AppOpApiPermissionChecker import kotlinx.coroutines.CoroutineScope import kotlinx.coroutines.Dispatchers import kotlinx.coroutines.SupervisorJob @@ -47,10 +50,15 @@ class PreferenceService : SettingsPreferenceService() { init { val metricsLogger = SettingsRemoteOpMetricsLogger() + // PreferenceService specifies READ_SYSTEM_PREFERENCES permission in AndroidManifest.xml getApiHandler = PreferenceGetterApiHandler(1, ApiPermissionChecker.alwaysAllow(), metricsLogger) setApiHandler = - PreferenceSetterApiHandler(2, ApiPermissionChecker.alwaysAllow(), metricsLogger) + PreferenceSetterApiHandler( + 2, + AppOpApiPermissionChecker(OP_WRITE_SYSTEM_PREFERENCES, WRITE_SYSTEM_PREFERENCES), + metricsLogger, + ) graphApi = GetPreferenceGraphApiHandler(3, ApiPermissionChecker.alwaysAllow(), metricsLogger) }