2

As explained in the following StackOverflow post answer: [link1], I added a new location permission code with a new name "ACCESS_NEW_LOCATION" in (frameworks/base/core/res/AndroidManifest.xml) of AOSP. I build the AOSP source code after adding the code snippet as explained in StackOverflow post: [link2].

The code snippet added is:

    <permission android:name="android.permission.ACCESS_NEW_LOCATION"
    android:permissionGroup="android.permission-group.LOCATION"
    android:label="@string/permlab_accessNewLocation"
    android:description="@string/permdesc_accessNewLocation"
    android:protectionLevel="dangerous" />

But, in Android studio in which I use the following code to access the newly added AOSP permission as:

<uses-permission android:name="android.permission.ACCESS_NEW_LOCATION"/>

The Android Studio doesn't recognize the name of this new permission name. Also, I did a listing of permissions available to Android Phone as explained in this StackOverflow post: [link3]. In the output, both system and user permission were listed there but the name of newly added permission "ACCESS_NEW_LOCATION" did not appear.

Could you please help me on:

  1. What is the correct procedure to add a new permission to AOSP?
  2. How to make Android Studio aware of this newly added permission in AOSP.
  3. Since this newly added permission is in XML file in AOSP, I think it will only add a name; but where is the code snippet located in AOSP corresponding to this newly added permission where we can define the functionality of this newly added permission.
Pankaj Siwan
  • 21
  • 4
  • 2
    "Android Studio doesn't recognize the name of this new permission name" -- unless you are building using an SDK derived from your AOSP changes, this is expected behavior. Android Studio knows nothing about any custom permissions, whether they are part of a firmware build or are defined by other apps. That does not stop you from using those permissions. For custom permissions, you should not be using `android.permission` as a namespace, as that is for the Android project, not for device manufacturers or third-party developers. – CommonsWare May 30 '20 at 13:11
  • "I did a listing of permissions available to Android Phone as explained in this StackOverflow post" -- that has nothing to do with your changes, unless you also made modifications to the Phone app. You can try [this](https://stackoverflow.com/a/32063889/115145) in an app to list all permissions, or try [this](https://stackoverflow.com/a/16615901/115145) to list them at the command line. – CommonsWare May 30 '20 at 13:14
  • @CommonsWare, could you please tell me where to look for the java function definition corresponding to this permission? – Pankaj Siwan May 31 '20 at 15:37
  • While I do not have a ton of experience with the AOSP code, I will be *stunned* if there is a single Java method per permission. – CommonsWare May 31 '20 at 16:11

1 Answers1

1

As mentioned in the comments, this is expected behavior in compile-time. The SDK (specifically android.jar) that your project uses is the one one from the standard SDK, so it doesn't know about custom permissions. This is no trouble really in you case, as Android Studio will complain but it will work, as the true validation is done in runtime.

Regarding the place where to put the check, this entirely depends on what your permission is meant to control. The check needs to be added in all the APIs this permission is meant to protect.

Here's an example regarding BLUETOOTH_ADMIN permission, just to give you a clue: https://android.googlesource.com/platform/packages/apps/Bluetooth/+/9a0efb0/src/com/android/bluetooth/btservice/AdapterService.java#470 

    public boolean enable() {
        enforceCallingOrSelfPermission(BLUETOOTH_ADMIN_PERM,
                "Need BLUETOOTH ADMIN permission");
        Log.d(TAG,"enable() called...");
        Message m =
                mAdapterStateMachine.obtainMessage(AdapterState.USER_TURN_ON);
        m.arg1 = 1; //persist state
        mAdapterStateMachine.sendMessage(m);
        return true;
    }

In this example, when you try to enable the Bluetooth, the service checks that the calling app has the required permission before executing the code to enable.

Rick Sanchez
  • 4,528
  • 2
  • 27
  • 53