Add permission flag related methods.
Implemented methods for checking/updating permission state and
checking/updating permission flags.
Different from the old implementation, the new code has been
re-written to cleanly check or not check caller's privileges. external
facing methods will enforce necessary permissions, and then will only
call internal methods that no longer enforces permissions.
The new code also tries to gets the package state, and gets or mutates
the permission state, for only once. This ensures we are at least
consistent within package or permission.
The methods have also be restructured to do:
1. Enforce cross-user permissions.
2. Enforce method-related permissions.
3. Skip if user is not found (may happen upon user deletion).
4. Gather package state, get or mutate permission state, or call into
internal methods that doesn't enforce caller permissions.
Log statements have also been prefixed with method names to make
debugging either - whereas exceptions already have its stacktrace.
PermissionFlags now also takes in the Permission object and correctly
handles restricted permissions, so that the restricted permission
allowlist implementation can now call it directly.
Bug: 252884423
Test: presubmit
Change-Id: Ide19bb2e286123e3c81f641f114461fcd2c04a04
4 files changed
