Revert "More judicious permission-change handling" (2b70fd8d) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/accounts/AccountManagerService.java

+62 −41

Original line number	Original line	Diff line number	Diff line
	@@ -185,12 +185,6 @@ public class AccountManagerService

	final Context mContext;		final Context mContext;

	private static final int[] INTERESTING_APP_OPS = new int[] {
	AppOpsManager.OP_GET_ACCOUNTS,
	AppOpsManager.OP_READ_CONTACTS,
	AppOpsManager.OP_WRITE_CONTACTS,
	};

	private final PackageManager mPackageManager;		private final PackageManager mPackageManager;
	private final AppOpsManager mAppOpsManager;		private final AppOpsManager mAppOpsManager;
	private UserManager mUserManager;		private UserManager mUserManager;
	@@ -394,48 +388,75 @@ public class AccountManagerService
	}.register(mContext, mHandler.getLooper(), UserHandle.ALL, true);		}.register(mContext, mHandler.getLooper(), UserHandle.ALL, true);

	// Cancel account request notification if an app op was preventing the account access		// Cancel account request notification if an app op was preventing the account access
	for (int i = 0; i < INTERESTING_APP_OPS.length; ++i) {		mAppOpsManager.startWatchingMode(AppOpsManager.OP_GET_ACCOUNTS, null,
	mAppOpsManager.startWatchingMode(INTERESTING_APP_OPS[i], null,		new AppOpsManager.OnOpChangedInternalListener() {
	new OnInterestingAppOpChangedListener());
	}

	// Clear the accounts cache on permission changes.
	// The specific permissions we care about are backed by AppOps, so just
	// let the change events on those handle clearing any notifications.
	mPackageManager.addOnPermissionsChangeListener((int uid) -> {
	AccountManager.invalidateLocalAccountsDataCaches();
	});
	}

	private class OnInterestingAppOpChangedListener implements AppOpsManager.OnOpChangedListener {
	@Override		@Override
	public void onOpChanged(String op, String packageName) {		public void onOpChanged(int op, String packageName) {
			try {
	final int userId = ActivityManager.getCurrentUser();		final int userId = ActivityManager.getCurrentUser();
	final int packageUid;		final int uid = mPackageManager.getPackageUidAsUser(packageName, userId);
			final int mode = mAppOpsManager.checkOpNoThrow(
			AppOpsManager.OP_GET_ACCOUNTS, uid, packageName);
			if (mode == AppOpsManager.MODE_ALLOWED) {
			final long identity = Binder.clearCallingIdentity();
	try {		try {
	packageUid = mPackageManager.getPackageUidAsUser(packageName, userId);		UserAccounts accounts = getUserAccounts(userId);
			cancelAccountAccessRequestNotificationIfNeeded(
			packageName, uid, true, accounts);
			} finally {
			Binder.restoreCallingIdentity(identity);
			}
			}
	} catch (NameNotFoundException e) {		} catch (NameNotFoundException e) {
	/* ignore */		/* ignore */
			} catch (SQLiteCantOpenDatabaseException e) {
			Log.w(TAG, "Can't read accounts database", e);
	return;		return;
	}		}

	final int mode = mAppOpsManager.checkOpNoThrow(op, packageUid, packageName);
	if (mode != AppOpsManager.MODE_ALLOWED) {
	return;
	}		}
			});

			// Cancel account request notification if a permission was preventing the account access
			mPackageManager.addOnPermissionsChangeListener(
			(int uid) -> {
			// Permission changes cause requires updating accounts cache.
			AccountManager.invalidateLocalAccountsDataCaches();

			Account[] accounts = null;
			String[] packageNames = mPackageManager.getPackagesForUid(uid);
			if (packageNames != null) {
			final int userId = UserHandle.getUserId(uid);
	final long identity = Binder.clearCallingIdentity();		final long identity = Binder.clearCallingIdentity();
	try {		try {
			for (String packageName : packageNames) {
			// if app asked for permission we need to cancel notification even
			// for O+ applications.
			if (mPackageManager.checkPermission(
			Manifest.permission.GET_ACCOUNTS,
			packageName) != PackageManager.PERMISSION_GRANTED) {
			continue;
			}

			if (accounts == null) {
			accounts = getAccountsOrEmptyArray(null, userId, "android");
			if (ArrayUtils.isEmpty(accounts)) {
			return;
			}
			}
			UserAccounts userAccounts = getUserAccounts(UserHandle.getUserId(uid));
			for (Account account : accounts) {
	cancelAccountAccessRequestNotificationIfNeeded(		cancelAccountAccessRequestNotificationIfNeeded(
	packageName, packageUid, true, getUserAccounts(userId));		account, uid, packageName, true, userAccounts);
	} catch (SQLiteCantOpenDatabaseException e) {		}
	Log.w(TAG, "Can't read accounts database", e);		}
	} finally {		} finally {
	Binder.restoreCallingIdentity(identity);		Binder.restoreCallingIdentity(identity);
	}		}
	}		}
			});
	}		}


	boolean getBindInstantServiceAllowed(int userId) {		boolean getBindInstantServiceAllowed(int userId) {
	return mAuthenticatorCache.getBindInstantServiceAllowed(userId);		return mAuthenticatorCache.getBindInstantServiceAllowed(userId);
	}		}