diff options
| author | Carlos Valdivia <carlosvaldivia@google.com> | 2015-07-30 21:58:16 +0000 |
|---|---|---|
| committer | Android (Google) Code Review <android-gerrit@google.com> | 2015-07-30 21:58:16 +0000 |
| commit | 26ae600b5fb8c657b4f8dc2700374c701c9e50ec (patch) | |
| tree | 164719bcf981c5d61897d7ba1fa8cd704a4b95db /core/java/android/accounts | |
| parent | 7676e403bd65435eb3d2f34e7e0174fd37f6e818 (diff) | |
| parent | e7ed827a104ba005b93faa2edb3bc77f72b240ec (diff) | |
| download | frameworks_base-26ae600b5fb8c657b4f8dc2700374c701c9e50ec.zip frameworks_base-26ae600b5fb8c657b4f8dc2700374c701c9e50ec.tar.gz frameworks_base-26ae600b5fb8c657b4f8dc2700374c701c9e50ec.tar.bz2 | |
Merge "Permissions: GET_ACCOUNTS permission cleanup" into mnc-dev
Diffstat (limited to 'core/java/android/accounts')
| -rw-r--r-- | core/java/android/accounts/AbstractAccountAuthenticator.java | 23 | ||||
| -rw-r--r-- | core/java/android/accounts/AccountManager.java | 53 |
2 files changed, 48 insertions, 28 deletions
diff --git a/core/java/android/accounts/AbstractAccountAuthenticator.java b/core/java/android/accounts/AbstractAccountAuthenticator.java index 3e4a66d..9c401c7 100644 --- a/core/java/android/accounts/AbstractAccountAuthenticator.java +++ b/core/java/android/accounts/AbstractAccountAuthenticator.java @@ -138,7 +138,9 @@ public abstract class AbstractAccountAuthenticator { new AccountAuthenticatorResponse(response), accountType, authTokenType, features, options); if (Log.isLoggable(TAG, Log.VERBOSE)) { - result.keySet(); // force it to be unparcelled + if (result != null) { + result.keySet(); // force it to be unparcelled + } Log.v(TAG, "addAccount: result " + AccountManager.sanitizeResult(result)); } if (result != null) { @@ -160,7 +162,9 @@ public abstract class AbstractAccountAuthenticator { final Bundle result = AbstractAccountAuthenticator.this.confirmCredentials( new AccountAuthenticatorResponse(response), account, options); if (Log.isLoggable(TAG, Log.VERBOSE)) { - result.keySet(); // force it to be unparcelled + if (result != null) { + result.keySet(); // force it to be unparcelled + } Log.v(TAG, "confirmCredentials: result " + AccountManager.sanitizeResult(result)); } @@ -185,7 +189,9 @@ public abstract class AbstractAccountAuthenticator { result.putString(AccountManager.KEY_AUTH_TOKEN_LABEL, AbstractAccountAuthenticator.this.getAuthTokenLabel(authTokenType)); if (Log.isLoggable(TAG, Log.VERBOSE)) { - result.keySet(); // force it to be unparcelled + if (result != null) { + result.keySet(); // force it to be unparcelled + } Log.v(TAG, "getAuthTokenLabel: result " + AccountManager.sanitizeResult(result)); } @@ -209,7 +215,9 @@ public abstract class AbstractAccountAuthenticator { new AccountAuthenticatorResponse(response), account, authTokenType, loginOptions); if (Log.isLoggable(TAG, Log.VERBOSE)) { - result.keySet(); // force it to be unparcelled + if (result != null) { + result.keySet(); // force it to be unparcelled + } Log.v(TAG, "getAuthToken: result " + AccountManager.sanitizeResult(result)); } if (result != null) { @@ -234,7 +242,10 @@ public abstract class AbstractAccountAuthenticator { new AccountAuthenticatorResponse(response), account, authTokenType, loginOptions); if (Log.isLoggable(TAG, Log.VERBOSE)) { - result.keySet(); // force it to be unparcelled + // Result may be null. + if (result != null) { + result.keySet(); // force it to be unparcelled + } Log.v(TAG, "updateCredentials: result " + AccountManager.sanitizeResult(result)); } @@ -490,7 +501,7 @@ public abstract class AbstractAccountAuthenticator { * <ul> * <li> {@link AccountManager#KEY_INTENT}, or * <li> {@link AccountManager#KEY_ACCOUNT_NAME} and {@link AccountManager#KEY_ACCOUNT_TYPE} of - * the account that was added, or + * the account whose credentials were updated, or * <li> {@link AccountManager#KEY_ERROR_CODE} and {@link AccountManager#KEY_ERROR_MESSAGE} to * indicate an error * </ul> diff --git a/core/java/android/accounts/AccountManager.java b/core/java/android/accounts/AccountManager.java index 9394d2c..8c84b4d 100644 --- a/core/java/android/accounts/AccountManager.java +++ b/core/java/android/accounts/AccountManager.java @@ -333,7 +333,7 @@ public class AccountManager { try { return mService.getPassword(account); } catch (RemoteException e) { - // will never happen + // won't ever happen throw new RuntimeException(e); } } @@ -362,7 +362,7 @@ public class AccountManager { try { return mService.getUserData(account, key); } catch (RemoteException e) { - // will never happen + // won't ever happen throw new RuntimeException(e); } } @@ -415,8 +415,10 @@ public class AccountManager { * * <p>It is safe to call this method from the main thread. * - * <p>This method requires the caller to hold the permission - * {@link android.Manifest.permission#GET_ACCOUNTS}. + * <p>Clients of this method that have not been granted the + * {@link android.Manifest.permission#GET_ACCOUNTS} permission, + * will only see those accounts managed by AbstractAccountAuthenticators whose + * signature matches the client. * * @return An array of {@link Account}, one for each account. Empty * (never null) if no accounts have been added. @@ -438,8 +440,10 @@ public class AccountManager { * * <p>It is safe to call this method from the main thread. * - * <p>This method requires the caller to hold the permission - * {@link android.Manifest.permission#GET_ACCOUNTS}. + * <p>Clients of this method that have not been granted the + * {@link android.Manifest.permission#GET_ACCOUNTS} permission, + * will only see those accounts managed by AbstractAccountAuthenticators whose + * signature matches the client. * * @return An array of {@link Account}, one for each account. Empty * (never null) if no accounts have been added. @@ -466,7 +470,7 @@ public class AccountManager { try { return mService.getAccountsForPackage(packageName, uid); } catch (RemoteException re) { - // possible security exception + // won't ever happen throw new RuntimeException(re); } } @@ -483,7 +487,7 @@ public class AccountManager { try { return mService.getAccountsByTypeForPackage(type, packageName); } catch (RemoteException re) { - // possible security exception + // won't ever happen throw new RuntimeException(re); } } @@ -497,9 +501,10 @@ public class AccountManager { * * <p>It is safe to call this method from the main thread. * - * <p>This method requires the caller to hold the permission - * {@link android.Manifest.permission#GET_ACCOUNTS} or share a uid with the - * authenticator that owns the account type. + * <p>Clients of this method that have not been granted the + * {@link android.Manifest.permission#GET_ACCOUNTS} permission, + * will only see those accounts managed by AbstractAccountAuthenticators whose + * signature matches the client. * * <p><b>NOTE:</b> If targeting your app to work on API level 22 and before, * GET_ACCOUNTS permission is needed for those platforms, irrespective of uid @@ -585,7 +590,8 @@ public class AccountManager { * {@link AccountManagerFuture} must not be used on the main thread. * * <p>This method requires the caller to hold the permission - * {@link android.Manifest.permission#GET_ACCOUNTS}. + * {@link android.Manifest.permission#GET_ACCOUNTS} or be a signature + * match with the AbstractAccountAuthenticator that manages the account. * * @param account The {@link Account} to test * @param features An array of the account features to check @@ -628,9 +634,10 @@ public class AccountManager { * <p>This method may be called from any thread, but the returned * {@link AccountManagerFuture} must not be used on the main thread. * - * <p>This method requires the caller to hold the permission - * {@link android.Manifest.permission#GET_ACCOUNTS} or share a uid with the - * authenticator that owns the account type. + * <p>Clients of this method that have not been granted the + * {@link android.Manifest.permission#GET_ACCOUNTS} permission, + * will only see those accounts managed by AbstractAccountAuthenticators whose + * signature matches the client. * * @param type The type of accounts to return, must not be null * @param features An array of the account features to require, @@ -701,7 +708,7 @@ public class AccountManager { try { return mService.addAccountExplicitly(account, password, userdata); } catch (RemoteException e) { - // won't ever happen + // Can happen if there was a SecurityException was thrown. throw new RuntimeException(e); } } @@ -966,7 +973,7 @@ public class AccountManager { try { return mService.removeAccountExplicitly(account); } catch (RemoteException e) { - // won't ever happen + // May happen if the caller doesn't match the signature of the authenticator. throw new RuntimeException(e); } } @@ -1114,7 +1121,7 @@ public class AccountManager { try { mService.setUserData(account, key, value); } catch (RemoteException e) { - // won't ever happen + // Will happen if there is not signature match. throw new RuntimeException(e); } } @@ -1733,7 +1740,7 @@ public class AccountManager { * with these fields if an activity was supplied and the account * credentials were successfully updated: * <ul> - * <li> {@link #KEY_ACCOUNT_NAME} - the name of the account created + * <li> {@link #KEY_ACCOUNT_NAME} - the name of the account * <li> {@link #KEY_ACCOUNT_TYPE} - the type of the account * </ul> * @@ -2501,10 +2508,12 @@ public class AccountManager { * listeners are added in an Activity or Service's {@link Activity#onCreate} * and removed in {@link Activity#onDestroy}. * - * <p>It is safe to call this method from the main thread. + * <p>The listener will only be informed of accounts that would be returned + * to the caller via {@link #getAccounts()}. Typically this means that to + * get any accounts, the caller will need to be grated the GET_ACCOUNTS + * permission. * - * <p>This method requires the caller to hold the permission - * {@link android.Manifest.permission#GET_ACCOUNTS}. + * <p>It is safe to call this method from the main thread. * * @param listener The listener to send notifications to * @param handler {@link Handler} identifying the thread to use |