Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5d71cb23 authored by Treehugger Robot's avatar Treehugger Robot Committed by Android (Google) Code Review
Browse files

Merge "Revert "More judicious permission-change handling"" into main

parents 4d21b555 2b70fd8d

services/core/java/com/android/server/accounts/AccountManagerService.java

+62 −41
Original line number Original line Diff line number Diff line
@@ -185,12 +185,6 @@ public class AccountManagerService 




    final Context mContext;

    final Context mContext;





    private static final int[] INTERESTING_APP_OPS = new int[] {

        AppOpsManager.OP_GET_ACCOUNTS,

        AppOpsManager.OP_READ_CONTACTS,

        AppOpsManager.OP_WRITE_CONTACTS,

    };



    private final PackageManager mPackageManager;

    private final PackageManager mPackageManager;

    private final AppOpsManager mAppOpsManager;

    private final AppOpsManager mAppOpsManager;

    private UserManager mUserManager;

    private UserManager mUserManager;
@@ -394,48 +388,75 @@ public class AccountManagerService 
        }.register(mContext, mHandler.getLooper(), UserHandle.ALL, true);

        }.register(mContext, mHandler.getLooper(), UserHandle.ALL, true);





        // Cancel account request notification if an app op was preventing the account access

        // Cancel account request notification if an app op was preventing the account access

        for (int i = 0; i < INTERESTING_APP_OPS.length; ++i) {

        mAppOpsManager.startWatchingMode(AppOpsManager.OP_GET_ACCOUNTS, null,

            mAppOpsManager.startWatchingMode(INTERESTING_APP_OPS[i], null,

                new AppOpsManager.OnOpChangedInternalListener() {

                    new OnInterestingAppOpChangedListener());

        }



        // Clear the accounts cache on permission changes.

        // The specific permissions we care about are backed by AppOps, so just

        // let the change events on those handle clearing any notifications.

        mPackageManager.addOnPermissionsChangeListener((int uid) -> {

            AccountManager.invalidateLocalAccountsDataCaches();

        });

    }



    private class OnInterestingAppOpChangedListener implements AppOpsManager.OnOpChangedListener {

            @Override

            @Override

        public void onOpChanged(String op, String packageName) {

            public void onOpChanged(int op, String packageName) {

                try {

                    final int userId = ActivityManager.getCurrentUser();

                    final int userId = ActivityManager.getCurrentUser();

            final int packageUid;

                    final int uid = mPackageManager.getPackageUidAsUser(packageName, userId);

                    final int mode = mAppOpsManager.checkOpNoThrow(

                            AppOpsManager.OP_GET_ACCOUNTS, uid, packageName);

                    if (mode == AppOpsManager.MODE_ALLOWED) {

                        final long identity = Binder.clearCallingIdentity();

                        try {

                        try {

                packageUid = mPackageManager.getPackageUidAsUser(packageName, userId);

                            UserAccounts accounts = getUserAccounts(userId);

                            cancelAccountAccessRequestNotificationIfNeeded(

                                    packageName, uid, true, accounts);

                        } finally {

                            Binder.restoreCallingIdentity(identity);

                        }

                    }

                } catch (NameNotFoundException e) {

                } catch (NameNotFoundException e) {

                    /* ignore */

                    /* ignore */

                } catch (SQLiteCantOpenDatabaseException e) {

                    Log.w(TAG, "Can't read accounts database", e);

                    return;

                    return;

                }

                }



            final int mode = mAppOpsManager.checkOpNoThrow(op, packageUid, packageName);

            if (mode != AppOpsManager.MODE_ALLOWED) {

                return;

            }

            }

        });



        // Cancel account request notification if a permission was preventing the account access

        mPackageManager.addOnPermissionsChangeListener(

                (int uid) -> {

            // Permission changes cause requires updating accounts cache.

            AccountManager.invalidateLocalAccountsDataCaches();





            Account[] accounts = null;

            String[] packageNames = mPackageManager.getPackagesForUid(uid);

            if (packageNames != null) {

                final int userId = UserHandle.getUserId(uid);

                final long identity = Binder.clearCallingIdentity();

                final long identity = Binder.clearCallingIdentity();

                try {

                try {

                    for (String packageName : packageNames) {

                                // if app asked for permission we need to cancel notification even

                                // for O+ applications.

                                if (mPackageManager.checkPermission(

                                        Manifest.permission.GET_ACCOUNTS,

                                        packageName) != PackageManager.PERMISSION_GRANTED) {

                                    continue;

                                }



                        if (accounts == null) {

                            accounts = getAccountsOrEmptyArray(null, userId, "android");

                            if (ArrayUtils.isEmpty(accounts)) {

                                return;

                            }

                        }

                        UserAccounts userAccounts = getUserAccounts(UserHandle.getUserId(uid));

                        for (Account account : accounts) {

                            cancelAccountAccessRequestNotificationIfNeeded(

                            cancelAccountAccessRequestNotificationIfNeeded(

                        packageName, packageUid, true, getUserAccounts(userId));

                                    account, uid, packageName, true, userAccounts);

            } catch (SQLiteCantOpenDatabaseException e) {

                        }

                Log.w(TAG, "Can't read accounts database", e);

                    }

                } finally {

                } finally {

                    Binder.restoreCallingIdentity(identity);

                    Binder.restoreCallingIdentity(identity);

                }

                }

            }

            }

        });

    }

    }







    boolean getBindInstantServiceAllowed(int userId) {

    boolean getBindInstantServiceAllowed(int userId) {

        return  mAuthenticatorCache.getBindInstantServiceAllowed(userId);

        return  mAuthenticatorCache.getBindInstantServiceAllowed(userId);

    }

    }