diff options
| author | Ian Pedowitz <ijpedowitz@google.com> | 2015-08-05 14:23:43 +0000 |
|---|---|---|
| committer | Ian Pedowitz <ijpedowitz@google.com> | 2015-08-05 14:25:15 +0000 |
| commit | 6cc066df7a79eb9f3cdf7b41dc9307f75c413c09 (patch) | |
| tree | 956797f4ca84594438d1501fac762623797b3ed0 /core/java/android/accounts/AccountManager.java | |
| parent | 845d14db9066c3262f270237b52e315aa71508b2 (diff) | |
| download | frameworks_base-6cc066df7a79eb9f3cdf7b41dc9307f75c413c09.zip frameworks_base-6cc066df7a79eb9f3cdf7b41dc9307f75c413c09.tar.gz frameworks_base-6cc066df7a79eb9f3cdf7b41dc9307f75c413c09.tar.bz2 | |
Revert "Revert "Permissions: GET_ACCOUNTS permission cleanup""
This reverts commit 845d14db9066c3262f270237b52e315aa71508b2.
Bug: 22942480
Bug: 22902898
Change-Id: If2d0e11594284414953c3dd45475fc7ba3366295
Diffstat (limited to 'core/java/android/accounts/AccountManager.java')
| -rw-r--r-- | core/java/android/accounts/AccountManager.java | 53 |
1 files changed, 31 insertions, 22 deletions
diff --git a/core/java/android/accounts/AccountManager.java b/core/java/android/accounts/AccountManager.java index 9394d2c..8c84b4d 100644 --- a/core/java/android/accounts/AccountManager.java +++ b/core/java/android/accounts/AccountManager.java @@ -333,7 +333,7 @@ public class AccountManager { try { return mService.getPassword(account); } catch (RemoteException e) { - // will never happen + // won't ever happen throw new RuntimeException(e); } } @@ -362,7 +362,7 @@ public class AccountManager { try { return mService.getUserData(account, key); } catch (RemoteException e) { - // will never happen + // won't ever happen throw new RuntimeException(e); } } @@ -415,8 +415,10 @@ public class AccountManager { * * <p>It is safe to call this method from the main thread. * - * <p>This method requires the caller to hold the permission - * {@link android.Manifest.permission#GET_ACCOUNTS}. + * <p>Clients of this method that have not been granted the + * {@link android.Manifest.permission#GET_ACCOUNTS} permission, + * will only see those accounts managed by AbstractAccountAuthenticators whose + * signature matches the client. * * @return An array of {@link Account}, one for each account. Empty * (never null) if no accounts have been added. @@ -438,8 +440,10 @@ public class AccountManager { * * <p>It is safe to call this method from the main thread. * - * <p>This method requires the caller to hold the permission - * {@link android.Manifest.permission#GET_ACCOUNTS}. + * <p>Clients of this method that have not been granted the + * {@link android.Manifest.permission#GET_ACCOUNTS} permission, + * will only see those accounts managed by AbstractAccountAuthenticators whose + * signature matches the client. * * @return An array of {@link Account}, one for each account. Empty * (never null) if no accounts have been added. @@ -466,7 +470,7 @@ public class AccountManager { try { return mService.getAccountsForPackage(packageName, uid); } catch (RemoteException re) { - // possible security exception + // won't ever happen throw new RuntimeException(re); } } @@ -483,7 +487,7 @@ public class AccountManager { try { return mService.getAccountsByTypeForPackage(type, packageName); } catch (RemoteException re) { - // possible security exception + // won't ever happen throw new RuntimeException(re); } } @@ -497,9 +501,10 @@ public class AccountManager { * * <p>It is safe to call this method from the main thread. * - * <p>This method requires the caller to hold the permission - * {@link android.Manifest.permission#GET_ACCOUNTS} or share a uid with the - * authenticator that owns the account type. + * <p>Clients of this method that have not been granted the + * {@link android.Manifest.permission#GET_ACCOUNTS} permission, + * will only see those accounts managed by AbstractAccountAuthenticators whose + * signature matches the client. * * <p><b>NOTE:</b> If targeting your app to work on API level 22 and before, * GET_ACCOUNTS permission is needed for those platforms, irrespective of uid @@ -585,7 +590,8 @@ public class AccountManager { * {@link AccountManagerFuture} must not be used on the main thread. * * <p>This method requires the caller to hold the permission - * {@link android.Manifest.permission#GET_ACCOUNTS}. + * {@link android.Manifest.permission#GET_ACCOUNTS} or be a signature + * match with the AbstractAccountAuthenticator that manages the account. * * @param account The {@link Account} to test * @param features An array of the account features to check @@ -628,9 +634,10 @@ public class AccountManager { * <p>This method may be called from any thread, but the returned * {@link AccountManagerFuture} must not be used on the main thread. * - * <p>This method requires the caller to hold the permission - * {@link android.Manifest.permission#GET_ACCOUNTS} or share a uid with the - * authenticator that owns the account type. + * <p>Clients of this method that have not been granted the + * {@link android.Manifest.permission#GET_ACCOUNTS} permission, + * will only see those accounts managed by AbstractAccountAuthenticators whose + * signature matches the client. * * @param type The type of accounts to return, must not be null * @param features An array of the account features to require, @@ -701,7 +708,7 @@ public class AccountManager { try { return mService.addAccountExplicitly(account, password, userdata); } catch (RemoteException e) { - // won't ever happen + // Can happen if there was a SecurityException was thrown. throw new RuntimeException(e); } } @@ -966,7 +973,7 @@ public class AccountManager { try { return mService.removeAccountExplicitly(account); } catch (RemoteException e) { - // won't ever happen + // May happen if the caller doesn't match the signature of the authenticator. throw new RuntimeException(e); } } @@ -1114,7 +1121,7 @@ public class AccountManager { try { mService.setUserData(account, key, value); } catch (RemoteException e) { - // won't ever happen + // Will happen if there is not signature match. throw new RuntimeException(e); } } @@ -1733,7 +1740,7 @@ public class AccountManager { * with these fields if an activity was supplied and the account * credentials were successfully updated: * <ul> - * <li> {@link #KEY_ACCOUNT_NAME} - the name of the account created + * <li> {@link #KEY_ACCOUNT_NAME} - the name of the account * <li> {@link #KEY_ACCOUNT_TYPE} - the type of the account * </ul> * @@ -2501,10 +2508,12 @@ public class AccountManager { * listeners are added in an Activity or Service's {@link Activity#onCreate} * and removed in {@link Activity#onDestroy}. * - * <p>It is safe to call this method from the main thread. + * <p>The listener will only be informed of accounts that would be returned + * to the caller via {@link #getAccounts()}. Typically this means that to + * get any accounts, the caller will need to be grated the GET_ACCOUNTS + * permission. * - * <p>This method requires the caller to hold the permission - * {@link android.Manifest.permission#GET_ACCOUNTS}. + * <p>It is safe to call this method from the main thread. * * @param listener The listener to send notifications to * @param handler {@link Handler} identifying the thread to use |