drgreen/android_frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Surface outgoing Uri permission grants.

Browse Source 
This enables apps to discover and clean up persisted Uri grants when
the underlying Uri becomes invalid, such as when an account is
removed.

Bug: 11142566
Change-Id: Ieeb36cb1155acf226327ebe91cdd30b822d69d1b
This commit is contained in:
Jeff Sharkey
2013-10-09 14:21:08 -07:00
parent e6d419de77
commit bcaac0adec
6 changed files with 69 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
api/current.txt
View File

@ -5759,6 +5759,7 @@ package android.content {
method public static java.util.List<android.content.SyncInfo> getCurrentSyncs();
method public static int getIsSyncable(android.accounts.Account, java.lang.String);
method public static boolean getMasterSyncAutomatically();
method public java.util.List<android.content.UriPermission> getOutgoingPersistedUriPermissions();
method public static java.util.List<android.content.PeriodicSync> getPeriodicSyncs(android.accounts.Account, java.lang.String);
method public java.util.List<android.content.UriPermission> getPersistedUriPermissions();
method public java.lang.String[] getStreamTypes(android.net.Uri, java.lang.String);

10
core/java/android/app/ActivityManagerNative.java
View File

@ -1160,7 +1160,10 @@ public abstract class ActivityManagerNative extends Binder implements IActivityM
case GET_PERSISTED_URI_PERMISSIONS_TRANSACTION: {
data.enforceInterface(IActivityManager.descriptor);
final ParceledListSlice<UriPermission> perms = getPersistedUriPermissions();
final String packageName = data.readString();
final boolean incoming = data.readInt() != 0;
final ParceledListSlice<UriPermission> perms = getPersistedUriPermissions(
packageName, incoming);
reply.writeNoException();
perms.writeToParcel(reply, Parcelable.PARCELABLE_WRITE_RETURN_VALUE);
return true;
@ -3500,10 +3503,13 @@ class ActivityManagerProxy implements IActivityManager
}
@Override
public ParceledListSlice<UriPermission> getPersistedUriPermissions() throws RemoteException {
public ParceledListSlice<UriPermission> getPersistedUriPermissions(
String packageName, boolean incoming) throws RemoteException {
Parcel data = Parcel.obtain();
Parcel reply = Parcel.obtain();
data.writeInterfaceToken(IActivityManager.descriptor);
data.writeString(packageName);
data.writeInt(incoming ? 1 : 0);
mRemote.transact(GET_PERSISTED_URI_PERMISSIONS_TRANSACTION, data, reply, 0);
reply.readException();
final ParceledListSlice<UriPermission> perms = ParceledListSlice.CREATOR.createFromParcel(

3
core/java/android/app/IActivityManager.java
View File

@ -215,7 +215,8 @@ public interface IActivityManager extends IInterface {
int mode) throws RemoteException;
public void takePersistableUriPermission(Uri uri, int modeFlags) throws RemoteException;
public void releasePersistableUriPermission(Uri uri, int modeFlags) throws RemoteException;
public ParceledListSlice<UriPermission> getPersistedUriPermissions() throws RemoteException;
public ParceledListSlice<UriPermission> getPersistedUriPermissions(
String packageName, boolean incoming) throws RemoteException;
public void showWaitingForDebugger(IApplicationThread who, boolean waiting)
throws RemoteException;

23
core/java/android/content/ContentResolver.java
View File

@ -1659,8 +1659,9 @@ public abstract class ContentResolver {
}
/**
* Return list of all Uri permission grants that have been persisted for the
* calling app. Only persistable grants taken with
* Return list of all Uri permission grants that have been persisted by the
* calling app. That is, the returned permissions have been granted
* <em>to</em> the calling app. Only persistable grants taken with
* {@link #takePersistableUriPermission(Uri, int)} are returned.
*
* @see #takePersistableUriPermission(Uri, int)
@ -1668,7 +1669,23 @@ public abstract class ContentResolver {
*/
public List<UriPermission> getPersistedUriPermissions() {
try {
return ActivityManagerNative.getDefault().getPersistedUriPermissions().getList();
return ActivityManagerNative.getDefault()
.getPersistedUriPermissions(mPackageName, true).getList();
} catch (RemoteException e) {
throw new RuntimeException("Activity manager has died", e);
}
}
/**
* Return list of all persisted Uri permission grants that are hosted by the
* calling app. That is, the returned permissions have been granted
* <em>from</em> the calling app. Only grants taken with
* {@link #takePersistableUriPermission(Uri, int)} are returned.
*/
public List<UriPermission> getOutgoingPersistedUriPermissions() {
try {
return ActivityManagerNative.getDefault()
.getPersistedUriPermissions(mPackageName, false).getList();
} catch (RemoteException e) {
throw new RuntimeException("Activity manager has died", e);
}

49
services/java/com/android/server/am/ActivityManagerService.java
View File

@ -6489,26 +6489,53 @@ public final class ActivityManagerService extends ActivityManagerNative
}
@Override
public ParceledListSlice<android.content.UriPermission> getPersistedUriPermissions() {
public ParceledListSlice<android.content.UriPermission> getPersistedUriPermissions(
String packageName, boolean incoming) {
enforceNotIsolatedCaller("getPersistedUriPermissions");
Preconditions.checkNotNull(packageName, "packageName");
final int callingUid = Binder.getCallingUid();
final IPackageManager pm = AppGlobals.getPackageManager();
try {
final int packageUid = pm.getPackageUid(packageName, UserHandle.getUserId(callingUid));
if (packageUid != callingUid) {
throw new SecurityException(
"Package " + packageName + " does not belong to calling UID " + callingUid);
}
} catch (RemoteException e) {
throw new SecurityException("Failed to verify package name ownership");
}
final ArrayList<android.content.UriPermission> result = Lists.newArrayList();
synchronized (this) {
final int callingUid = Binder.getCallingUid();
final ArrayList<android.content.UriPermission> result = Lists.newArrayList();
final ArrayMap<Uri, UriPermission> perms = mGrantedUriPermissions.get(callingUid);
if (perms == null) {
Slog.w(TAG, "No permission grants found for UID " + callingUid);
if (incoming) {
final ArrayMap<Uri, UriPermission> perms = mGrantedUriPermissions.get(callingUid);
if (perms == null) {
Slog.w(TAG, "No permission grants found for " + packageName);
} else {
final int size = perms.size();
for (int i = 0; i < size; i++) {
final UriPermission perm = perms.valueAt(i);
if (packageName.equals(perm.targetPkg) && perm.persistedModeFlags != 0) {
result.add(perm.buildPersistedPublicApiObject());
}
}
}
} else {
final int size = perms.size();
final int size = mGrantedUriPermissions.size();
for (int i = 0; i < size; i++) {
final UriPermission perm = perms.valueAt(i);
if (perm.persistedModeFlags != 0) {
result.add(perm.buildPersistedPublicApiObject());
final ArrayMap<Uri, UriPermission> perms = mGrantedUriPermissions.valueAt(i);
final int permsSize = perms.size();
for (int j = 0; j < permsSize; j++) {
final UriPermission perm = perms.valueAt(j);
if (packageName.equals(perm.sourcePkg) && perm.persistedModeFlags != 0) {
result.add(perm.buildPersistedPublicApiObject());
}
}
}
}
return new ParceledListSlice<android.content.UriPermission>(result);
}
return new ParceledListSlice<android.content.UriPermission>(result);
}
@Override

1
services/java/com/android/server/am/UriPermission.java
View File

@ -20,7 +20,6 @@ import android.content.Intent;
import android.net.Uri;
import android.os.UserHandle;
import android.util.Log;
import android.util.Slog;
import com.android.internal.util.Preconditions;
import com.google.android.collect.Sets;