Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e7ed827a authored by Carlos Valdivia's avatar Carlos Valdivia
Browse files

Permissions: GET_ACCOUNTS permission cleanup 

First, getAccounts*() will now return all available accounts depending
on both GET_ACCOUNTS grants and signature matching. This is different
from before where a caller of getAccounts() would need GET_ACCOUNTS to
get any accounts, but if that same caller called getAccountsByType, they
might have gotten back accounts if they shared a signature with the same
developer.

Second, cleaned up some NPEs and javadoc.

This change was motivated by progress on the cts tests.

Change-Id: I2f36226780e074fdf58214b46de3b79d8319ace1
parent a7b4d6dc

core/java/android/accounts/AbstractAccountAuthenticator.java

+17 −6
Original line number Diff line number Diff line
@@ -138,7 +138,9 @@ public abstract class AbstractAccountAuthenticator { 
                    new AccountAuthenticatorResponse(response),

                        accountType, authTokenType, features, options);

                if (Log.isLoggable(TAG, Log.VERBOSE)) {

                    if (result != null) {

                        result.keySet(); // force it to be unparcelled

                    }

                    Log.v(TAG, "addAccount: result " + AccountManager.sanitizeResult(result));

                }

                if (result != null) {
@@ -160,7 +162,9 @@ public abstract class AbstractAccountAuthenticator { 
                final Bundle result = AbstractAccountAuthenticator.this.confirmCredentials(

                    new AccountAuthenticatorResponse(response), account, options);

                if (Log.isLoggable(TAG, Log.VERBOSE)) {

                    if (result != null) {

                        result.keySet(); // force it to be unparcelled

                    }

                    Log.v(TAG, "confirmCredentials: result "

                            + AccountManager.sanitizeResult(result));

                }
@@ -185,7 +189,9 @@ public abstract class AbstractAccountAuthenticator { 
                result.putString(AccountManager.KEY_AUTH_TOKEN_LABEL,

                        AbstractAccountAuthenticator.this.getAuthTokenLabel(authTokenType));

                if (Log.isLoggable(TAG, Log.VERBOSE)) {

                    if (result != null) {

                        result.keySet(); // force it to be unparcelled

                    }

                    Log.v(TAG, "getAuthTokenLabel: result "

                            + AccountManager.sanitizeResult(result));

                }
@@ -209,7 +215,9 @@ public abstract class AbstractAccountAuthenticator { 
                        new AccountAuthenticatorResponse(response), account,

                        authTokenType, loginOptions);

                if (Log.isLoggable(TAG, Log.VERBOSE)) {

                    if (result != null) {

                        result.keySet(); // force it to be unparcelled

                    }

                    Log.v(TAG, "getAuthToken: result " + AccountManager.sanitizeResult(result));

                }

                if (result != null) {
@@ -234,7 +242,10 @@ public abstract class AbstractAccountAuthenticator { 
                    new AccountAuthenticatorResponse(response), account,

                        authTokenType, loginOptions);

                if (Log.isLoggable(TAG, Log.VERBOSE)) {

                    // Result may be null.

                    if (result != null) {

                        result.keySet(); // force it to be unparcelled

                    }

                    Log.v(TAG, "updateCredentials: result "

                            + AccountManager.sanitizeResult(result));

                }
@@ -490,7 +501,7 @@ public abstract class AbstractAccountAuthenticator { 
     * <ul>

     * <li> {@link AccountManager#KEY_INTENT}, or

     * <li> {@link AccountManager#KEY_ACCOUNT_NAME} and {@link AccountManager#KEY_ACCOUNT_TYPE} of

     * the account that was added, or

     * the account whose credentials were updated, or

     * <li> {@link AccountManager#KEY_ERROR_CODE} and {@link AccountManager#KEY_ERROR_MESSAGE} to

     * indicate an error

     * </ul>

core/java/android/accounts/AccountManager.java

+31 −22
Original line number Diff line number Diff line
@@ -329,7 +329,7 @@ public class AccountManager { 
        try {

            return mService.getPassword(account);

        } catch (RemoteException e) {

            // will never happen

            // won't ever happen

            throw new RuntimeException(e);

        }

    }
@@ -354,7 +354,7 @@ public class AccountManager { 
        try {

            return mService.getUserData(account, key);

        } catch (RemoteException e) {

            // will never happen

            // won't ever happen

            throw new RuntimeException(e);

        }

    }
@@ -407,8 +407,10 @@ public class AccountManager { 
     *

     * <p>It is safe to call this method from the main thread.

     *

     * <p>This method requires the caller to hold the permission

     * {@link android.Manifest.permission#GET_ACCOUNTS}.

     * <p>Clients of this method that have not been granted the

     * {@link android.Manifest.permission#GET_ACCOUNTS} permission,

     * will only see those accounts managed by AbstractAccountAuthenticators whose

     * signature matches the client.

     *

     * @return An array of {@link Account}, one for each account.  Empty

     *     (never null) if no accounts have been added.
@@ -430,8 +432,10 @@ public class AccountManager { 
     *

     * <p>It is safe to call this method from the main thread.

     *

     * <p>This method requires the caller to hold the permission

     * {@link android.Manifest.permission#GET_ACCOUNTS}.

     * <p>Clients of this method that have not been granted the

     * {@link android.Manifest.permission#GET_ACCOUNTS} permission,

     * will only see those accounts managed by AbstractAccountAuthenticators whose

     * signature matches the client.

     *

     * @return An array of {@link Account}, one for each account.  Empty

     *     (never null) if no accounts have been added.
@@ -458,7 +462,7 @@ public class AccountManager { 
        try {

            return mService.getAccountsForPackage(packageName, uid);

        } catch (RemoteException re) {

            // possible security exception

            // won't ever happen

            throw new RuntimeException(re);

        }

    }
@@ -475,7 +479,7 @@ public class AccountManager { 
        try {

            return mService.getAccountsByTypeForPackage(type, packageName);

        } catch (RemoteException re) {

            // possible security exception

            // won't ever happen

            throw new RuntimeException(re);

        }

    }
@@ -489,9 +493,10 @@ public class AccountManager { 
     *

     * <p>It is safe to call this method from the main thread.

     *

     * <p>This method requires the caller to hold the permission

     * {@link android.Manifest.permission#GET_ACCOUNTS} or share a uid with the

     * authenticator that owns the account type.

     * <p>Clients of this method that have not been granted the

     * {@link android.Manifest.permission#GET_ACCOUNTS} permission,

     * will only see those accounts managed by AbstractAccountAuthenticators whose

     * signature matches the client.

     *

     * @param type The type of accounts to return, null to retrieve all accounts

     * @return An array of {@link Account}, one per matching account.  Empty
@@ -573,7 +578,8 @@ public class AccountManager { 
     * {@link AccountManagerFuture} must not be used on the main thread.

     *

     * <p>This method requires the caller to hold the permission

     * {@link android.Manifest.permission#GET_ACCOUNTS}.

     * {@link android.Manifest.permission#GET_ACCOUNTS} or be a signature

     * match with the AbstractAccountAuthenticator that manages the account.

     *

     * @param account The {@link Account} to test

     * @param features An array of the account features to check
@@ -616,9 +622,10 @@ public class AccountManager { 
     * <p>This method may be called from any thread, but the returned

     * {@link AccountManagerFuture} must not be used on the main thread.

     *

     * <p>This method requires the caller to hold the permission

     * {@link android.Manifest.permission#GET_ACCOUNTS} or share a uid with the

     * authenticator that owns the account type.

     * <p>Clients of this method that have not been granted the

     * {@link android.Manifest.permission#GET_ACCOUNTS} permission,

     * will only see those accounts managed by AbstractAccountAuthenticators whose

     * signature matches the client.

     *

     * @param type The type of accounts to return, must not be null

     * @param features An array of the account features to require,
@@ -680,7 +687,7 @@ public class AccountManager { 
        try {

            return mService.addAccountExplicitly(account, password, userdata);

        } catch (RemoteException e) {

            // won't ever happen

            // Can happen if there was a SecurityException was thrown.

            throw new RuntimeException(e);

        }

    }
@@ -929,7 +936,7 @@ public class AccountManager { 
        try {

            return mService.removeAccountExplicitly(account);

        } catch (RemoteException e) {

            // won't ever happen

            // May happen if the caller doesn't match the signature of the authenticator.

            throw new RuntimeException(e);

        }

    }
@@ -1057,7 +1064,7 @@ public class AccountManager { 
        try {

            mService.setUserData(account, key, value);

        } catch (RemoteException e) {

            // won't ever happen

            // Will happen if there is not signature match.

            throw new RuntimeException(e);

        }

    }
@@ -1648,7 +1655,7 @@ public class AccountManager { 
     *     with these fields if an activity was supplied and the account

     *     credentials were successfully updated:

     * <ul>

     * <li> {@link #KEY_ACCOUNT_NAME} - the name of the account created

     * <li> {@link #KEY_ACCOUNT_NAME} - the name of the account

     * <li> {@link #KEY_ACCOUNT_TYPE} - the type of the account

     * </ul>

     *
@@ -2408,10 +2415,12 @@ public class AccountManager { 
     * listeners are added in an Activity or Service's {@link Activity#onCreate}

     * and removed in {@link Activity#onDestroy}.

     *

     * <p>It is safe to call this method from the main thread.

     * <p>The listener will only be informed of accounts that would be returned

     * to the caller via {@link #getAccounts()}. Typically this means that to

     * get any accounts, the caller will need to be grated the GET_ACCOUNTS

     * permission.

     *

     * <p>This method requires the caller to hold the permission

     * {@link android.Manifest.permission#GET_ACCOUNTS}.

     * <p>It is safe to call this method from the main thread.

     *

     * @param listener The listener to send notifications to

     * @param handler {@link Handler} identifying the thread to use

services/core/java/com/android/server/accounts/AccountManagerService.java

+151 −99

File changed.

Preview size limit exceeded, changes collapsed.