diff options
| author | Amith Yamasani <yamasani@google.com> | 2012-11-08 06:17:59 -0800 |
|---|---|---|
| committer | Android Git Automerger <android-git-automerger@android.com> | 2012-11-08 06:17:59 -0800 |
| commit | cb2f707f869933e4e5bb16add76dbf8747cf3b06 (patch) | |
| tree | 0c629add8d7f26165e42ad5589e8e123b07e3ecc /core/java/android/accounts/AccountManagerService.java | |
| parent | 426b050c433cbc3b6a97ee6568ee63540b0129c6 (diff) | |
| parent | cb5cb740b587744150df7414bdc2974144e9167a (diff) | |
| download | frameworks_base-cb2f707f869933e4e5bb16add76dbf8747cf3b06.zip frameworks_base-cb2f707f869933e4e5bb16add76dbf8747cf3b06.tar.gz frameworks_base-cb2f707f869933e4e5bb16add76dbf8747cf3b06.tar.bz2 | |
am cb5cb740: am aecee8a9: am 717797db: am f763b717: Merge "Authenticate correct user\'s account when pattern fails multiple times." into jb-mr1-dev
* commit 'cb5cb740b587744150df7414bdc2974144e9167a':
Authenticate correct user's account when pattern fails multiple times.
Diffstat (limited to 'core/java/android/accounts/AccountManagerService.java')
| -rw-r--r-- | core/java/android/accounts/AccountManagerService.java | 32 |
1 files changed, 27 insertions, 5 deletions
diff --git a/core/java/android/accounts/AccountManagerService.java b/core/java/android/accounts/AccountManagerService.java index 03e0c0f..2b1a2b2 100644 --- a/core/java/android/accounts/AccountManagerService.java +++ b/core/java/android/accounts/AccountManagerService.java @@ -1297,8 +1297,17 @@ public class AccountManagerService } } - public void confirmCredentials(IAccountManagerResponse response, - final Account account, final Bundle options, final boolean expectActivityLaunch) { + @Override + public void confirmCredentialsAsUser(IAccountManagerResponse response, + final Account account, final Bundle options, final boolean expectActivityLaunch, + int userId) { + // Only allow the system process to read accounts of other users + if (userId != UserHandle.getCallingUserId() + && Binder.getCallingUid() != android.os.Process.myUid()) { + throw new SecurityException("User " + UserHandle.getCallingUserId() + + " trying to confirm account credentials for " + userId); + } + if (Log.isLoggable(TAG, Log.VERBOSE)) { Log.v(TAG, "confirmCredentials: " + account + ", response " + response @@ -1309,7 +1318,7 @@ public class AccountManagerService if (response == null) throw new IllegalArgumentException("response is null"); if (account == null) throw new IllegalArgumentException("account is null"); checkManageAccountsPermission(); - UserAccounts accounts = getUserAccountsForCaller(); + UserAccounts accounts = getUserAccounts(userId); long identityToken = clearCallingIdentity(); try { new Session(accounts, response, account.type, expectActivityLaunch, @@ -1548,14 +1557,22 @@ public class AccountManagerService return runningAccounts.toArray(accountsArray); } - public Account[] getAccounts(String type) { + @Override + public Account[] getAccountsAsUser(String type, int userId) { + // Only allow the system process to read accounts of other users + if (userId != UserHandle.getCallingUserId() + && Binder.getCallingUid() != android.os.Process.myUid()) { + throw new SecurityException("User " + UserHandle.getCallingUserId() + + " trying to get account for " + userId); + } + if (Log.isLoggable(TAG, Log.VERBOSE)) { Log.v(TAG, "getAccounts: accountType " + type + ", caller's uid " + Binder.getCallingUid() + ", pid " + Binder.getCallingPid()); } checkReadAccountsPermission(); - UserAccounts accounts = getUserAccountsForCaller(); + UserAccounts accounts = getUserAccounts(userId); long identityToken = clearCallingIdentity(); try { synchronized (accounts.cacheLock) { @@ -1566,6 +1583,11 @@ public class AccountManagerService } } + @Override + public Account[] getAccounts(String type) { + return getAccountsAsUser(type, UserHandle.getCallingUserId()); + } + public void getAccountsByFeatures(IAccountManagerResponse response, String type, String[] features) { if (Log.isLoggable(TAG, Log.VERBOSE)) { |