allow permission USE_CREDENTIALS for AccountManager.invalidateAuthToken as well as the previous MANAGE_ACCOUNTS

2 files changed, 22 insertions, 11 deletions

diff --git a/core/java/android/accounts/AccountManager.java b/core/java/android/accounts/AccountManager.java
index 3161826..e2263fc 100644
--- a/core/java/android/accounts/AccountManager.java
+++ b/core/java/android/accounts/AccountManager.java
@@ -516,7 +516,8 @@ public class AccountManager {
      * <p>It is safe to call this method from the main thread.
      *
      * <p>This method requires the caller to hold the permission
-     * {@link android.Manifest.permission#MANAGE_ACCOUNTS}.
+     * {@link android.Manifest.permission#MANAGE_ACCOUNTS} or
+     * {@link android.Manifest.permission#USE_CREDENTIALS}
      *
      * @param accountType The account type of the auth token to invalidate
      * @param authToken The auth token to invalidate
diff --git a/core/java/android/accounts/AccountManagerService.java b/core/java/android/accounts/AccountManagerService.java
index d4f4d13..2aaf5b0 100644
--- a/core/java/android/accounts/AccountManagerService.java
+++ b/core/java/android/accounts/AccountManagerService.java
@@ -565,7 +565,7 @@ public class AccountManagerService
     }
 
     public void invalidateAuthToken(String accountType, String authToken) {
-        checkManageAccountsPermission();
+        checkManageAccountsOrUseCredentialsPermissions();
         long identityToken = clearCallingIdentity();
         try {
             SQLiteDatabase db = mOpenHelper.getWritableDatabase();
@@ -1747,17 +1747,22 @@ public class AccountManagerService
         }
     }
 
-    private void checkBinderPermission(String permission) {
+    /** Succeeds if any of the specified permissions are granted. */
+    private void checkBinderPermission(String... permissions) {
         final int uid = Binder.getCallingUid();
-        if (mContext.checkCallingOrSelfPermission(permission) !=
-                PackageManager.PERMISSION_GRANTED) {
-            String msg = "caller uid " + uid + " lacks " + permission;
-            Log.w(TAG, msg);
-            throw new SecurityException(msg);
-        }
-        if (Log.isLoggable(TAG, Log.VERBOSE)) {
-            Log.v(TAG, "caller uid " + uid + " has " + permission);
+
+        for (String perm : permissions) {
+            if (mContext.checkCallingOrSelfPermission(perm) == PackageManager.PERMISSION_GRANTED) {
+                if (Log.isLoggable(TAG, Log.VERBOSE)) {
+                    Log.v(TAG, "caller uid " + uid + " has " + perm);
+                }
+                return;
+            }
         }
+
+        String msg = "caller uid " + uid + " lacks any of " + TextUtils.join(",", permissions);
+        Log.w(TAG, msg);
+        throw new SecurityException(msg);
     }
 
     private boolean inSystemImage(int callerUid) {
@@ -1848,6 +1853,11 @@ public class AccountManagerService
         checkBinderPermission(Manifest.permission.MANAGE_ACCOUNTS);
     }
 
+    private void checkManageAccountsOrUseCredentialsPermissions() {
+        checkBinderPermission(Manifest.permission.MANAGE_ACCOUNTS,
+                Manifest.permission.USE_CREDENTIALS);
+    }
+
     /**
      * Allow callers with the given uid permission to get credentials for account/authTokenType.
      * <p>