The PermissionController module enables updatable privacy policies and UI elements (for example, the policies and UI around granting and managing permissions).
Starting in Android 12, the framework and system server
classes for Role
are moved into the module to make Role
completely modular.
About PermissionController
The com.google.android.permissioncontroller
APK handles permission-related UI,
logic, and roles to allow access for apps for specific purpose. It controls the
following:
Runtime permission granting (including granting to system apps)
Runtime permission management (including grouping of permissions)
Runtime permission usage tracking
Roles
In Android 9, such permissions were part of
com.google.android.packageinstaller
. In Android 10, the Package Installer app
is split into sections to enable the permissions logic to be updated. As an
updatable Mainline module, PermissionController:
Interacts with the framework only through stable
@SystemApi
(no@hide
API usage).Handles permission-related intents with a priority above 0.
Exposes a mechanism for enabling OEMs to customize theming.
Provides services to which the system and apps can bind, including role management, permission revocation, and basic permission information (for Settings).
Supports auto-revoke for unused apps (new in Android 11).
Auto-revoke for unused apps
In Android 11, the PermissionsController module can automatically revoke runtime permissions for apps that haven't been used for an extended period of time. Apps targeting SDK 30 or higher have auto-revoke enabled by default, while apps targeting SDK 29 or lower have auto-revoke disabled by default. When enabled, auto-revoke affects all runtime permissions but exempts all pre-granted permissions, including policy- and system-fixed permissions and permissions granted by default or by role. For details, refer to Auto-reset permissions from unused apps.
Package format
The PermissionController module is delivered as an APK file.
Module boundary
In Android 12, the Permission
module code is moved from packages/apps/PermissionController
(the platform/packages/apps/PackageInstaller
project) and
frameworks/base/apex/permission
(this is a subdirectory of the
frameworks/base
project).
The new project structure for packages/modules/Permission
is as follows:
- Files from
frameworks/base/apex/permission
- PermissionController files from
packages/apps/PermissionController
OEMs can use the sample commands to help move their patches from the original project directories to the new project directory.
Move a patch from frameworks/base/apex/permission
root/frameworks/base/$ git format-patch -1 --relative=apex/permission commit --stdout > patch-file.txt
root/packages/modules/Permission$ git am -p2 patch-file.txt
Move a patch from packages/apps/PermissionController
root/packages/apps/PermissionController$ git format-patch -1 commit --stdout > patch-file.txt
root/packages/modules/Permission$ git am -p2 --directory=PermissionController patch-file.txt
Customization
OEMs can customize the permissions UI theme (colors, margins, fonts, and drawables) using runtime resource overlays (RROS).