Revert "Revert "Permissions: GET_ACCOUNTS permission cleanup"" (da4371d6) · Commits · e / os / android_frameworks_base

core/java/android/accounts/AbstractAccountAuthenticator.java

+17 −6

Original line number	Original line	Diff line number	Diff line
	@@ -138,7 +138,9 @@ public abstract class AbstractAccountAuthenticator {
	new AccountAuthenticatorResponse(response),		new AccountAuthenticatorResponse(response),
	accountType, authTokenType, features, options);		accountType, authTokenType, features, options);
	if (Log.isLoggable(TAG, Log.VERBOSE)) {		if (Log.isLoggable(TAG, Log.VERBOSE)) {
			if (result != null) {
	result.keySet(); // force it to be unparcelled		result.keySet(); // force it to be unparcelled
			}
	Log.v(TAG, "addAccount: result " + AccountManager.sanitizeResult(result));		Log.v(TAG, "addAccount: result " + AccountManager.sanitizeResult(result));
	}		}
	if (result != null) {		if (result != null) {
	@@ -160,7 +162,9 @@ public abstract class AbstractAccountAuthenticator {
	final Bundle result = AbstractAccountAuthenticator.this.confirmCredentials(		final Bundle result = AbstractAccountAuthenticator.this.confirmCredentials(
	new AccountAuthenticatorResponse(response), account, options);		new AccountAuthenticatorResponse(response), account, options);
	if (Log.isLoggable(TAG, Log.VERBOSE)) {		if (Log.isLoggable(TAG, Log.VERBOSE)) {
			if (result != null) {
	result.keySet(); // force it to be unparcelled		result.keySet(); // force it to be unparcelled
			}
	Log.v(TAG, "confirmCredentials: result "		Log.v(TAG, "confirmCredentials: result "
	+ AccountManager.sanitizeResult(result));		+ AccountManager.sanitizeResult(result));
	}		}
	@@ -185,7 +189,9 @@ public abstract class AbstractAccountAuthenticator {
	result.putString(AccountManager.KEY_AUTH_TOKEN_LABEL,		result.putString(AccountManager.KEY_AUTH_TOKEN_LABEL,
	AbstractAccountAuthenticator.this.getAuthTokenLabel(authTokenType));		AbstractAccountAuthenticator.this.getAuthTokenLabel(authTokenType));
	if (Log.isLoggable(TAG, Log.VERBOSE)) {		if (Log.isLoggable(TAG, Log.VERBOSE)) {
			if (result != null) {
	result.keySet(); // force it to be unparcelled		result.keySet(); // force it to be unparcelled
			}
	Log.v(TAG, "getAuthTokenLabel: result "		Log.v(TAG, "getAuthTokenLabel: result "
	+ AccountManager.sanitizeResult(result));		+ AccountManager.sanitizeResult(result));
	}		}
	@@ -209,7 +215,9 @@ public abstract class AbstractAccountAuthenticator {
	new AccountAuthenticatorResponse(response), account,		new AccountAuthenticatorResponse(response), account,
	authTokenType, loginOptions);		authTokenType, loginOptions);
	if (Log.isLoggable(TAG, Log.VERBOSE)) {		if (Log.isLoggable(TAG, Log.VERBOSE)) {
			if (result != null) {
	result.keySet(); // force it to be unparcelled		result.keySet(); // force it to be unparcelled
			}
	Log.v(TAG, "getAuthToken: result " + AccountManager.sanitizeResult(result));		Log.v(TAG, "getAuthToken: result " + AccountManager.sanitizeResult(result));
	}		}
	if (result != null) {		if (result != null) {
	@@ -234,7 +242,10 @@ public abstract class AbstractAccountAuthenticator {
	new AccountAuthenticatorResponse(response), account,		new AccountAuthenticatorResponse(response), account,
	authTokenType, loginOptions);		authTokenType, loginOptions);
	if (Log.isLoggable(TAG, Log.VERBOSE)) {		if (Log.isLoggable(TAG, Log.VERBOSE)) {
			// Result may be null.
			if (result != null) {
	result.keySet(); // force it to be unparcelled		result.keySet(); // force it to be unparcelled
			}
	Log.v(TAG, "updateCredentials: result "		Log.v(TAG, "updateCredentials: result "
	+ AccountManager.sanitizeResult(result));		+ AccountManager.sanitizeResult(result));
	}		}
	@@ -490,7 +501,7 @@ public abstract class AbstractAccountAuthenticator {
	* <ul>		* <ul>
	* <li> {@link AccountManager#KEY_INTENT}, or		* <li> {@link AccountManager#KEY_INTENT}, or
	* <li> {@link AccountManager#KEY_ACCOUNT_NAME} and {@link AccountManager#KEY_ACCOUNT_TYPE} of		* <li> {@link AccountManager#KEY_ACCOUNT_NAME} and {@link AccountManager#KEY_ACCOUNT_TYPE} of
	* the account that was added, or		* the account whose credentials were updated, or
	* <li> {@link AccountManager#KEY_ERROR_CODE} and {@link AccountManager#KEY_ERROR_MESSAGE} to		* <li> {@link AccountManager#KEY_ERROR_CODE} and {@link AccountManager#KEY_ERROR_MESSAGE} to
	* indicate an error		* indicate an error
	* </ul>		* </ul>

core/java/android/accounts/AccountManager.java

+31 −22

Original line number	Original line	Diff line number	Diff line
	@@ -333,7 +333,7 @@ public class AccountManager {
	try {		try {
	return mService.getPassword(account);		return mService.getPassword(account);
	} catch (RemoteException e) {		} catch (RemoteException e) {
	// will never happen		// won't ever happen
	throw new RuntimeException(e);		throw new RuntimeException(e);
	}		}
	}		}
	@@ -362,7 +362,7 @@ public class AccountManager {
	try {		try {
	return mService.getUserData(account, key);		return mService.getUserData(account, key);
	} catch (RemoteException e) {		} catch (RemoteException e) {
	// will never happen		// won't ever happen
	throw new RuntimeException(e);		throw new RuntimeException(e);
	}		}
	}		}
	@@ -415,8 +415,10 @@ public class AccountManager {
	*		*
	* <p>It is safe to call this method from the main thread.		* <p>It is safe to call this method from the main thread.
	*		*
	* <p>This method requires the caller to hold the permission		* <p>Clients of this method that have not been granted the
	* {@link android.Manifest.permission#GET_ACCOUNTS}.		* {@link android.Manifest.permission#GET_ACCOUNTS} permission,
			* will only see those accounts managed by AbstractAccountAuthenticators whose
			* signature matches the client.
	*		*
	* @return An array of {@link Account}, one for each account. Empty		* @return An array of {@link Account}, one for each account. Empty
	* (never null) if no accounts have been added.		* (never null) if no accounts have been added.
	@@ -438,8 +440,10 @@ public class AccountManager {
	*		*
	* <p>It is safe to call this method from the main thread.		* <p>It is safe to call this method from the main thread.
	*		*
	* <p>This method requires the caller to hold the permission		* <p>Clients of this method that have not been granted the
	* {@link android.Manifest.permission#GET_ACCOUNTS}.		* {@link android.Manifest.permission#GET_ACCOUNTS} permission,
			* will only see those accounts managed by AbstractAccountAuthenticators whose
			* signature matches the client.
	*		*
	* @return An array of {@link Account}, one for each account. Empty		* @return An array of {@link Account}, one for each account. Empty
	* (never null) if no accounts have been added.		* (never null) if no accounts have been added.
	@@ -466,7 +470,7 @@ public class AccountManager {
	try {		try {
	return mService.getAccountsForPackage(packageName, uid);		return mService.getAccountsForPackage(packageName, uid);
	} catch (RemoteException re) {		} catch (RemoteException re) {
	// possible security exception		// won't ever happen
	throw new RuntimeException(re);		throw new RuntimeException(re);
	}		}
	}		}
	@@ -483,7 +487,7 @@ public class AccountManager {
	try {		try {
	return mService.getAccountsByTypeForPackage(type, packageName);		return mService.getAccountsByTypeForPackage(type, packageName);
	} catch (RemoteException re) {		} catch (RemoteException re) {
	// possible security exception		// won't ever happen
	throw new RuntimeException(re);		throw new RuntimeException(re);
	}		}
	}		}
	@@ -497,9 +501,10 @@ public class AccountManager {
	*		*
	* <p>It is safe to call this method from the main thread.		* <p>It is safe to call this method from the main thread.
	*		*
	* <p>This method requires the caller to hold the permission		* <p>Clients of this method that have not been granted the
	* {@link android.Manifest.permission#GET_ACCOUNTS} or share a uid with the		* {@link android.Manifest.permission#GET_ACCOUNTS} permission,
	* authenticator that owns the account type.		* will only see those accounts managed by AbstractAccountAuthenticators whose
			* signature matches the client.
	*		*
	* <p><b>NOTE:</b> If targeting your app to work on API level 22 and before,		* <p><b>NOTE:</b> If targeting your app to work on API level 22 and before,
	* GET_ACCOUNTS permission is needed for those platforms, irrespective of uid		* GET_ACCOUNTS permission is needed for those platforms, irrespective of uid
	@@ -585,7 +590,8 @@ public class AccountManager {
	* {@link AccountManagerFuture} must not be used on the main thread.		* {@link AccountManagerFuture} must not be used on the main thread.
	*		*
	* <p>This method requires the caller to hold the permission		* <p>This method requires the caller to hold the permission
	* {@link android.Manifest.permission#GET_ACCOUNTS}.		* {@link android.Manifest.permission#GET_ACCOUNTS} or be a signature
			* match with the AbstractAccountAuthenticator that manages the account.
	*		*
	* @param account The {@link Account} to test		* @param account The {@link Account} to test
	* @param features An array of the account features to check		* @param features An array of the account features to check
	@@ -628,9 +634,10 @@ public class AccountManager {
	* <p>This method may be called from any thread, but the returned		* <p>This method may be called from any thread, but the returned
	* {@link AccountManagerFuture} must not be used on the main thread.		* {@link AccountManagerFuture} must not be used on the main thread.
	*		*
	* <p>This method requires the caller to hold the permission		* <p>Clients of this method that have not been granted the
	* {@link android.Manifest.permission#GET_ACCOUNTS} or share a uid with the		* {@link android.Manifest.permission#GET_ACCOUNTS} permission,
	* authenticator that owns the account type.		* will only see those accounts managed by AbstractAccountAuthenticators whose
			* signature matches the client.
	*		*
	* @param type The type of accounts to return, must not be null		* @param type The type of accounts to return, must not be null
	* @param features An array of the account features to require,		* @param features An array of the account features to require,
	@@ -701,7 +708,7 @@ public class AccountManager {
	try {		try {
	return mService.addAccountExplicitly(account, password, userdata);		return mService.addAccountExplicitly(account, password, userdata);
	} catch (RemoteException e) {		} catch (RemoteException e) {
	// won't ever happen		// Can happen if there was a SecurityException was thrown.
	throw new RuntimeException(e);		throw new RuntimeException(e);
	}		}
	}		}
	@@ -966,7 +973,7 @@ public class AccountManager {
	try {		try {
	return mService.removeAccountExplicitly(account);		return mService.removeAccountExplicitly(account);
	} catch (RemoteException e) {		} catch (RemoteException e) {
	// won't ever happen		// May happen if the caller doesn't match the signature of the authenticator.
	throw new RuntimeException(e);		throw new RuntimeException(e);
	}		}
	}		}
	@@ -1114,7 +1121,7 @@ public class AccountManager {
	try {		try {
	mService.setUserData(account, key, value);		mService.setUserData(account, key, value);
	} catch (RemoteException e) {		} catch (RemoteException e) {
	// won't ever happen		// Will happen if there is not signature match.
	throw new RuntimeException(e);		throw new RuntimeException(e);
	}		}
	}		}
	@@ -1733,7 +1740,7 @@ public class AccountManager {
	* with these fields if an activity was supplied and the account		* with these fields if an activity was supplied and the account
	* credentials were successfully updated:		* credentials were successfully updated:
	* <ul>		* <ul>
	* <li> {@link #KEY_ACCOUNT_NAME} - the name of the account created		* <li> {@link #KEY_ACCOUNT_NAME} - the name of the account
	* <li> {@link #KEY_ACCOUNT_TYPE} - the type of the account		* <li> {@link #KEY_ACCOUNT_TYPE} - the type of the account
	* </ul>		* </ul>
	*		*
	@@ -2501,10 +2508,12 @@ public class AccountManager {
	* listeners are added in an Activity or Service's {@link Activity#onCreate}		* listeners are added in an Activity or Service's {@link Activity#onCreate}
	* and removed in {@link Activity#onDestroy}.		* and removed in {@link Activity#onDestroy}.
	*		*
	* <p>It is safe to call this method from the main thread.		* <p>The listener will only be informed of accounts that would be returned
			* to the caller via {@link #getAccounts()}. Typically this means that to
			* get any accounts, the caller will need to be grated the GET_ACCOUNTS
			* permission.
	*		*
	* <p>This method requires the caller to hold the permission		* <p>It is safe to call this method from the main thread.
	* {@link android.Manifest.permission#GET_ACCOUNTS}.
	*		*
	* @param listener The listener to send notifications to		* @param listener The listener to send notifications to
	* @param handler {@link Handler} identifying the thread to use		* @param handler {@link Handler} identifying the thread to use