From b47fc4718104382c9475037baa627cd3484c6df9 Mon Sep 17 00:00:00 2001
From: Varun Shah <varunshah@google.com>
Date: Thu, 12 Oct 2023 04:10:55 +0000
Subject: [PATCH] Update new permission logic to use flagging.

- Add a new flag for the permission.
- Add FlaggedApi annotation to new permission.
- Update APIs to check flag enablement.

Bug: 304478692
Bug: 296056771
Test: atest UsageStatsTest
Change-Id: I59b0634d4cbc956ecfb5eb63dd1100515427d62f
---
 core/api/system-current.txt                      |  2 +-
 core/java/android/app/usage/flags.aconfig        |  6 ++++++
 core/res/AndroidManifest.xml                     |  4 +++-
 .../android/server/usage/UsageStatsService.java  | 16 ++++++++++------
 4 files changed, 20 insertions(+), 8 deletions(-)

diff --git a/core/api/system-current.txt b/core/api/system-current.txt
index a99eeb0c36d8..68cb8c29a5c9 100644
--- a/core/api/system-current.txt
+++ b/core/api/system-current.txt
@@ -310,7 +310,7 @@ package android {
     field public static final String REMOVE_DRM_CERTIFICATES = "android.permission.REMOVE_DRM_CERTIFICATES";
     field public static final String REMOVE_TASKS = "android.permission.REMOVE_TASKS";
     field public static final String RENOUNCE_PERMISSIONS = "android.permission.RENOUNCE_PERMISSIONS";
-    field public static final String REPORT_USAGE_STATS = "android.permission.REPORT_USAGE_STATS";
+    field @FlaggedApi("backstage_power.report_usage_stats_permission") public static final String REPORT_USAGE_STATS = "android.permission.REPORT_USAGE_STATS";
     field @Deprecated public static final String REQUEST_NETWORK_SCORES = "android.permission.REQUEST_NETWORK_SCORES";
     field public static final String REQUEST_NOTIFICATION_ASSISTANT_SERVICE = "android.permission.REQUEST_NOTIFICATION_ASSISTANT_SERVICE";
     field public static final String RESET_PASSWORD = "android.permission.RESET_PASSWORD";
diff --git a/core/java/android/app/usage/flags.aconfig b/core/java/android/app/usage/flags.aconfig
index afe87de1dbf5..d1f90676a15f 100644
--- a/core/java/android/app/usage/flags.aconfig
+++ b/core/java/android/app/usage/flags.aconfig
@@ -7,3 +7,9 @@ flag {
     bug: "296061232"
 }
 
+flag {
+    name: "report_usage_stats_permission"
+    namespace: "backstage_power"
+    description: "Feature flag for the new REPORT_USAGE_STATS permission."
+    bug: "296056771"
+}
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 298eb2f14dc6..1faf05a0dc7b 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -6121,7 +6121,9 @@
         android:protectionLevel="signature|privileged|development|appop|retailDemo" />
     <uses-permission android:name="android.permission.PACKAGE_USAGE_STATS" />
 
-    <!-- @SystemApi @hide Allows trusted system components to report events to UsageStatsManager -->
+    <!-- @SystemApi @hide
+         @FlaggedApi("backstage_power.report_usage_stats_permission")
+         Allows trusted system components to report events to UsageStatsManager -->
     <permission android:name="android.permission.REPORT_USAGE_STATS"
                 android:protectionLevel="signature|module" />
 
diff --git a/services/usage/java/com/android/server/usage/UsageStatsService.java b/services/usage/java/com/android/server/usage/UsageStatsService.java
index f3bf026ddc6e..8b2de2fbb78a 100644
--- a/services/usage/java/com/android/server/usage/UsageStatsService.java
+++ b/services/usage/java/com/android/server/usage/UsageStatsService.java
@@ -53,6 +53,7 @@ import android.app.usage.AppStandbyInfo;
 import android.app.usage.BroadcastResponseStatsList;
 import android.app.usage.ConfigurationStats;
 import android.app.usage.EventStats;
+import android.app.usage.Flags;
 import android.app.usage.IUsageStatsManager;
 import android.app.usage.UsageEvents;
 import android.app.usage.UsageEvents.Event;
@@ -2124,12 +2125,15 @@ public class UsageStatsService extends SystemService implements
         }
 
         private boolean canReportUsageStats() {
-            if (isCallingUidSystem()) {
-                return true; // System UID can always report UsageStats
-            }
-
-            return getContext().checkCallingPermission(Manifest.permission.REPORT_USAGE_STATS)
-                    == PackageManager.PERMISSION_GRANTED;
+            final boolean isSystem = isCallingUidSystem();
+            if (!Flags.reportUsageStatsPermission()) {
+                // If the flag is disabled, do no check for the new permission and instead return
+                // true only if the calling uid is system since System UID can always report stats.
+                return isSystem;
+            }
+            return isSystem
+                    || getContext().checkCallingPermission(Manifest.permission.REPORT_USAGE_STATS)
+                        == PackageManager.PERMISSION_GRANTED;
         }
 
         private boolean hasObserverPermission() {
-- 
GitLab