Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c04c7a23 authored by Himanshu Gupta's avatar Himanshu Gupta
Browse files

Downgrading API permissions for updateExternalStorage 

With ag/19901205 the permissions for this API were increased,
and calling users required 'MANAGE_EXTERNAL_STORAGE' permissions.

There is now a way to add the same functionality without
adding any additional permissions.

Bug: 235321217
Test: atest android.appsecurity.cts.StorageHostTest
Change-Id: I6b166ac191a80c600b527266f53107b8d9c78177
parent 66a54093

core/api/system-current.txt

+1 −1
Original line number Diff line number Diff line
@@ -10172,7 +10172,7 @@ package android.os.storage { 
    method @WorkerThread public long getAllocatableBytes(@NonNull java.util.UUID, @RequiresPermission int) throws java.io.IOException;

    method @RequiresPermission(android.Manifest.permission.WRITE_MEDIA_STORAGE) public int getExternalStorageMountMode(int, @NonNull String);

    method public static boolean hasIsolatedStorage();

    method @RequiresPermission(android.Manifest.permission.MANAGE_EXTERNAL_STORAGE) public void updateExternalStorageFileQuotaType(@NonNull java.io.File, int) throws java.io.IOException;

    method public void updateExternalStorageFileQuotaType(@NonNull java.io.File, int) throws java.io.IOException;

    field @RequiresPermission(android.Manifest.permission.ALLOCATE_AGGRESSIVE) public static final int FLAG_ALLOCATE_AGGRESSIVE = 1; // 0x1

    field public static final int MOUNT_MODE_EXTERNAL_ANDROID_WRITABLE = 4; // 0x4

    field public static final int MOUNT_MODE_EXTERNAL_DEFAULT = 1; // 0x1

core/java/android/os/storage/StorageManager.java

+10 −6
Original line number Diff line number Diff line
@@ -2540,9 +2540,11 @@ public class StorageManager { 
     * called on first creation of a new file on external storage, and whenever the

     * media type of the file is updated later.

     *

     * This API requires MANAGE_EXTERNAL_STORAGE permission and typical implementations

     * This API doesn't require any special permissions, though typical implementations

     * will require being called from an SELinux domain that allows setting file attributes

     * related to quota (eg the GID or project ID).

     * If the calling user has MANAGE_EXTERNAL_STORAGE permissions, quota for shared profile's

     * volumes is also updated.

     *

     * The default platform user of this API is the MediaProvider process, which is

     * responsible for managing all of external storage.
@@ -2559,15 +2561,17 @@ public class StorageManager { 
     * @hide

     */

    @SystemApi

    @RequiresPermission(android.Manifest.permission.MANAGE_EXTERNAL_STORAGE)

    public void updateExternalStorageFileQuotaType(@NonNull File path,

            @QuotaType int quotaType) throws IOException {

        long projectId;

        final String filePath = path.getCanonicalPath();

        // MANAGE_EXTERNAL_STORAGE permission is required as FLAG_INCLUDE_SHARED_PROFILE is being

        // set while querying getVolumeList.

        final StorageVolume[] availableVolumes = getVolumeList(mContext.getUserId(),

                FLAG_REAL_STATE | FLAG_INCLUDE_INVISIBLE | FLAG_INCLUDE_SHARED_PROFILE);

        int volFlags = FLAG_REAL_STATE | FLAG_INCLUDE_INVISIBLE;

        // If caller has MANAGE_EXTERNAL_STORAGE permission, results from User Profile(s) are also

        // returned by enabling FLAG_INCLUDE_SHARED_PROFILE.

        if (mContext.checkSelfPermission(MANAGE_EXTERNAL_STORAGE) == PERMISSION_GRANTED) {

            volFlags |= FLAG_INCLUDE_SHARED_PROFILE;

        }

        final StorageVolume[] availableVolumes = getVolumeList(mContext.getUserId(), volFlags);

        final StorageVolume volume = getStorageVolume(availableVolumes, path);

        if (volume == null) {

            Log.w(TAG, "Failed to update quota type for " + filePath);