Believes all apps within the work profile are not installed

[cohesive-flight]

Please check before submitting an issue

• I know what my device, OS and App Manager versions are
• I know how to take logs
• I know how to reproduce the issue which may not be specific to my device

Describe the bug

App Manager claims that any app I've installed within my work profile isn't actually installed. This prevents me from viewing the details of any app that's within my work profile.

To Reproduce

1. Install an app within your work profile
2. Attempt to view the details of the app through App Manager
3. App Manager claims it's not installed through a pop-up

Expected behavior

It should let me view the details of the app as it does with the ones installed within my main profile.

Screenshots

Logs

I used Logcat to examine what App Manager outputs whenever I attempt to view the details of an app I've installed within the work profile. I clicked on Uber in this case, but the log is consistent with other apps within the work profile.

10-29 19:26:41.373  1450  1898 I ActivityTaskManager: START u0 {dat=file:///... cmp=io.github.muntashirakon.AppManager/.apk.installer.PackageInstallerActivity} from uid 10130
10-29 19:26:41.387  1450  1898 W ActivityTaskManager: Tried to set launchTime (0) < mLastActivityLaunchTime (6978839)
10-29 19:26:41.393  1450  1898 D CoreBackPreview: Window{16db7bd u0 Toast}: Setting back callback OnBackInvokedCallbackInfo{mCallback=android.window.IOnBackInvokedCallback$Stub$Proxy@9fe2503, mPriority=0}
10-29 19:26:41.411  1450  1898 D CoreBackPreview: Window{792175 u0 io.github.muntashirakon.AppManager/io.github.muntashirakon.AppManager.apk.installer.PackageInstallerActivity}: Setting back callback OnBackInvokedCallbackInfo{mCallback=android.window.IOnBackInvokedCallback$Stub$Proxy@b1cf944, mPriority=0}
10-29 19:26:41.415  1450  6151 D CoreBackPreview: Window{5b93b62 u0 io.github.muntashirakon.AppManager/io.github.muntashirakon.AppManager.apk.installer.PackageInstallerActivity}: Setting back callback OnBackInvokedCallbackInfo{mCallback=android.window.IOnBackInvokedCallback$Stub$Proxy@29265b0, mPriority=0}
10-29 19:26:41.442  1450  1506 I ActivityTaskManager: Displayed io.github.muntashirakon.AppManager/.apk.installer.PackageInstallerActivity: +68ms
10-29 19:26:41.464  4301 20736 W PackageParser: Unknown element under <manifest>: queries at /storage/emulated/0/Android/data/io.github.muntashirakon.AppManager/cache/Base.apk Binary XML file line #40
10-29 19:26:41.464  4301 20736 W PackageParser: Unknown element under <manifest>: meta-data at /storage/emulated/0/Android/data/io.github.muntashirakon.AppManager/cache/Base.apk Binary XML file line #216
10-29 19:26:41.464  4301 20736 W PackageParser: Ignoring duplicate uses-permissions/uses-permissions-sdk-m: android.permission.BLUETOOTH in package: com.ubercab at: Binary XML file line #248
10-29 19:26:41.676  1450  6906 D CoreBackPreview: Window{792175 u0 io.github.muntashirakon.AppManager/io.github.muntashirakon.AppManager.apk.installer.PackageInstallerActivity}: Setting back callback null
10-29 19:26:41.687  1450  6906 W InputManager-JNI: Input channel object '792175 io.github.muntashirakon.AppManager/io.github.muntashirakon.AppManager.apk.installer.PackageInstallerActivity (client)' was disposed without first being removed with the input manager!
10-29 19:26:41.693  1450  1509 V WindowManager: Unknown focus tokens, dropping reportFocusChanged
10-29 19:26:41.730  1450  6906 D CoreBackPreview: Window{446850c u0 io.github.muntashirakon.AppManager/io.github.muntashirakon.AppManager.apk.installer.PackageInstallerActivity}: Setting back callback OnBackInvokedCallbackInfo{mCallback=android.window.IOnBackInvokedCallback$Stub$Proxy@c3d9936, mPriority=0}

Then a few seconds afterwards:

10-29 19:26:43.988  1450  1898 W NotificationService: Toast already killed. pkg=io.github.muntashirakon.AppManager token=android.os.BinderProxy@a41796c

Device info

• Device: Pixel 7
• OS Version: Android 13 (GrapheneOS)
• App Manager Version: 3.0.3 (414)
• Mode: No Root

Additional context

No response

[cohesive-flight]

Apologies. In the documentation, it's mentioned ADB/root is required for this to work, and is only a WIP for no root mode.

But I'd like to ask, is any app just able to view what other apps you have installed in other profiles without explicit permission to do so? This seems too much of a fingerprint to not be able to disallow, especially when you only use FOSS apps for the most part.

[MuntashirAkon]

is any app just able to view what other apps you have installed in other profiles without explicit permission to do so?

It requires INTERACT_ACROSS_USERS and/or MANAGE_USERS permissions, I believe which are not granted to user apps without a specific whitelist present in the OS. If the work profile is managed by Insular/Island, it is possible to access the list of apps via the delegation API (#411).

[cohesive-flight]

I'm not certain if either of the two permissions you mentioned are required to do this. Recently, Signal was able to detect I had Google Play Store installed in my work profile despite having neither permission. I was attempting to verify my number, as I was transferring over to a new device, but a message kept appearing about Google Play Services (can't recall what it said exactly), which prevented me from verifying my number. 

I was initially confused, as I downloaded it directly from their site, which I thought was the version that didn't rely on GMS. And since I had it installed in a separate profile, I didn't think it'd even be aware I had GMS installed. Regardless, I tested to see if uninstalling the Play Store would fix this. This caused Signal to instead provide a warning about notifications, which I accepted, and then allowed me to verify my number. I believe it detected GMS was installed and tried to rely on its push notifications, but since it was located in a separate profile, it was experiencing issues. 

This proves that apps are able to detect other apps across different profiles without those two permissions. I have Shelter managing my work profile, so this couldn't have been through the use of a delegation API. From a glance, the closest permission Signal has to the two you mentioned is READ_PROFILE, but based on my little research of it online, it doesn't seem to be related to viewing information on other profiles/users.

Furthermore, as a test, I revoked App Manager's INTERACT_ACROSS_USERS permission, but it was still able to view what apps I had installed in my other profiles (despite thinking they're not installed).

[MuntashirAkon]

I see. App Manager is listing the other apps because it requests the system to retrieve the uninstalled apps via MATCH_UNINSTALLED_PACKAGES flag. This flag usually lists apps that were previously installed for the current user, but the behaviour differs from implementation to implementation (#643).

[cohesive-flight]

Interesting. Is there a way to view what flags an app uses? Because I'd like to know how Signal managed to detect the Play Store in a separate profile.

Based on the developer pages, the app would require the QUERY_ALL_PACKAGES permission to use that flag. Signal has it set to default, with the toggle being turned off, but so does App Manager. Is it possible that this flag sort of becomes a hacky way to view apps installed in other profiles when used without this permission? Since they're not actually uninstalled.

Edit: I was only looking at the App Ops tab. In the Uses permissions tab, only App Manager uses this permission. It seems that with Signal, it's a different case altogether, based on what Daniel Micay (founder and lead developer of GrapheneOS) said about work profiles. To summarize, it's simply a limitation with work profiles in general and the work profile manager apps used.

[MuntashirAkon]

Is it possible that this flag sort of becomes a hacky way to view apps installed in other profiles when used without this permission? Since they're not actually uninstalled.

I don't think that this is the right place to ask such questions. You might find a better answer if you ask them to Signal or Graphene OS developers. Ideally, user apps installed for another user should never be visible to the other users if they do not have it installed or have never installed it in the past, and issue #643 somewhat confirms that such cases do exist. So, I guess in AOSP, this is probably not implemented, and those ROMs have implemented it on their own. But I might be wrong as I haven't looked into the corresponding code to actually understand what is happening here.

[cohesive-flight]

Apparently MATCH_UNINSTALLED_PACKAGES had a special implementation in place since 2016 to keep compatibility between third-party launchers and work profiles. At the time, there wasn't a way to differentiate between profiles, so the flag simply returned packages installed in all profiles. But there's now an API in place called LauncherApps#getActivity that any app can use to retrieve information on packages installed specifically inside the work profile.

As a test, a developer of GrapheneOS tried out 20 popular launchers with this special implementation removed and a work profile installed. They experienced no issues, and apps installed within the owner profile were no longer able to view packages installed in a secondary user profile. Based on these results, GrapheneOS no longer has this special implantation in place.

I believe if you use this API instead of the flag, it'd fix this bug of App Manager not being able to view or manage packages installed within the work profile.

[MuntashirAkon]

Thanks. I'll look into it when I am free.

[MuntashirAkon]

Fixed in 7f05cd9

[MuntashirAkon]

Launching activities and setting pages is added in 5cad7e1