Redact Account info from getCurrentSyncs

BUG:26094635 If the caller to ContentResolver#getCurrentSyncs does not hold the GET_ACCOUNTS permission, return a SyncInfo object that does not contain any Account information. Change-Id: I5628ebe1f56c8e3f784aaf1b3281e6b829d19314 (cherry picked from commit b63057e698a01dafcefc7ba09b397b0336bba43d)
author: Matthew Williams <mjwilliams@google.com> 2016-01-19 23:04:04 +0000
committer: The Android Automerger <android-build@google.com> 2016-03-01 15:26:34 -0800
commit: 9dcf4bc30f65ae714858ab1532cb1e1dae28f3eb (patch)
tree: c47776f46e82862d6be2da9ea1a5bbb156165cef
parent: e342181a4a8d8177b3b87ffe141777565fe98f15 (diff)
download: frameworks_base-9dcf4bc30f65ae714858ab1532cb1e1dae28f3eb.zip
frameworks_base-9dcf4bc30f65ae714858ab1532cb1e1dae28f3eb.tar.gz
frameworks_base-9dcf4bc30f65ae714858ab1532cb1e1dae28f3eb.tar.bz2
3 files changed, 35 insertions, 5 deletions
diff --git a/core/java/android/content/SyncInfo.java b/core/java/android/content/SyncInfo.java
index a586d6f..ab3c30b 100644
--- a/core/java/android/content/SyncInfo.java
+++ b/core/java/android/content/SyncInfo.java
@@ -24,6 +24,13 @@ import android.os.Parcelable;
  * Information about the sync operation that is currently underway.
  */
 public class SyncInfo implements Parcelable {
+    /**
+     * Used when the caller receiving this object doesn't have permission to access the accounts
+     * on device.
+     * @See Manifest.permission.GET_ACCOUNTS
+     */
+    private static final Account REDACTED_ACCOUNT = new Account("*****", "*****");
+
     /** @hide */
     public final int authorityId;
 
@@ -44,6 +51,17 @@ public class SyncInfo implements Parcelable {
      */
     public final long startTime;
 
+    /**
+     * Creates a SyncInfo object with an unusable Account. Used when the caller receiving this
+     * object doesn't have access to the accounts on the device.
+     * @See Manifest.permission.GET_ACCOUNTS
+     * @hide
+     */
+    public static SyncInfo createAccountRedacted(
+        int authorityId, String authority, long startTime) {
+            return new SyncInfo(authorityId, REDACTED_ACCOUNT, authority, startTime);
+    }
+
     /** @hide */
     public SyncInfo(int authorityId, Account account, String authority, long startTime) {
         this.authorityId = authorityId;
diff --git a/services/core/java/com/android/server/content/ContentService.java b/services/core/java/com/android/server/content/ContentService.java
index b766894..f581a7f 100644
--- a/services/core/java/com/android/server/content/ContentService.java
+++ b/services/core/java/com/android/server/content/ContentService.java
@@ -815,9 +815,13 @@ public final class ContentService extends IContentService.Stub {
         mContext.enforceCallingOrSelfPermission(Manifest.permission.READ_SYNC_STATS,
                 "no permission to read the sync stats");
 
+        final boolean canAccessAccounts =
+            mContext.checkCallingOrSelfPermission(Manifest.permission.GET_ACCOUNTS)
+                == PackageManager.PERMISSION_GRANTED;
         long identityToken = clearCallingIdentity();
         try {
-            return getSyncManager().getSyncStorageEngine().getCurrentSyncsCopy(userId);
+            return getSyncManager().getSyncStorageEngine()
+                .getCurrentSyncsCopy(userId, canAccessAccounts);
         } finally {
             restoreCallingIdentity(identityToken);
         }
diff --git a/services/core/java/com/android/server/content/SyncStorageEngine.java b/services/core/java/com/android/server/content/SyncStorageEngine.java
index cca0c16..0b0e3d4 100644
--- a/services/core/java/com/android/server/content/SyncStorageEngine.java
+++ b/services/core/java/com/android/server/content/SyncStorageEngine.java
@@ -1458,15 +1458,23 @@ public class SyncStorageEngine extends Handler {
     }
 
     /**
-     * @return a copy of the current syncs data structure. Will not return
-     * null.
+     * @param userId Id of user to return current sync info.
+     * @param canAccessAccounts Determines whether to redact Account information from the result.
+     * @return a copy of the current syncs data structure. Will not return null.
      */
-    public List<SyncInfo> getCurrentSyncsCopy(int userId) {
+    public List<SyncInfo> getCurrentSyncsCopy(int userId, boolean canAccessAccounts) {
         synchronized (mAuthorities) {
             final List<SyncInfo> syncs = getCurrentSyncsLocked(userId);
             final List<SyncInfo> syncsCopy = new ArrayList<SyncInfo>();
             for (SyncInfo sync : syncs) {
-                syncsCopy.add(new SyncInfo(sync));
+                SyncInfo copy;
+                if (!canAccessAccounts) {
+                    copy = SyncInfo.createAccountRedacted(
+                        sync.authorityId, sync.authority, sync.startTime);
+                } else {
+                    copy = new SyncInfo(sync);
+                }
+                syncsCopy.add(copy);
             }
             return syncsCopy;
         }
author	Matthew Williams <mjwilliams@google.com>	2016-01-19 23:04:04 +0000
committer	The Android Automerger <android-build@google.com>	2016-03-01 15:26:34 -0800
commit	9dcf4bc30f65ae714858ab1532cb1e1dae28f3eb (patch)
tree	c47776f46e82862d6be2da9ea1a5bbb156165cef
parent	e342181a4a8d8177b3b87ffe141777565fe98f15 (diff)
download	frameworks_base-9dcf4bc30f65ae714858ab1532cb1e1dae28f3eb.zip frameworks_base-9dcf4bc30f65ae714858ab1532cb1e1dae28f3eb.tar.gz frameworks_base-9dcf4bc30f65ae714858ab1532cb1e1dae28f3eb.tar.bz2