summaryrefslogtreecommitdiffstats
path: root/core/java
diff options
context:
space:
mode:
authorAmith Yamasani <yamasani@google.com>2012-11-08 06:17:59 -0800
committerAndroid Git Automerger <android-git-automerger@android.com>2012-11-08 06:17:59 -0800
commitcb2f707f869933e4e5bb16add76dbf8747cf3b06 (patch)
tree0c629add8d7f26165e42ad5589e8e123b07e3ecc /core/java
parent426b050c433cbc3b6a97ee6568ee63540b0129c6 (diff)
parentcb5cb740b587744150df7414bdc2974144e9167a (diff)
downloadframeworks_base-cb2f707f869933e4e5bb16add76dbf8747cf3b06.zip
frameworks_base-cb2f707f869933e4e5bb16add76dbf8747cf3b06.tar.gz
frameworks_base-cb2f707f869933e4e5bb16add76dbf8747cf3b06.tar.bz2
am cb5cb740: am aecee8a9: am 717797db: am f763b717: Merge "Authenticate correct user\'s account when pattern fails multiple times." into jb-mr1-dev
* commit 'cb5cb740b587744150df7414bdc2974144e9167a': Authenticate correct user's account when pattern fails multiple times.
Diffstat (limited to 'core/java')
-rw-r--r--core/java/android/accounts/AccountManager.java28
-rw-r--r--core/java/android/accounts/AccountManagerService.java32
-rw-r--r--core/java/android/accounts/IAccountManager.aidl5
3 files changed, 55 insertions, 10 deletions
diff --git a/core/java/android/accounts/AccountManager.java b/core/java/android/accounts/AccountManager.java
index 0df2949..6d9bb1d 100644
--- a/core/java/android/accounts/AccountManager.java
+++ b/core/java/android/accounts/AccountManager.java
@@ -28,6 +28,8 @@ import android.os.Looper;
import android.os.RemoteException;
import android.os.Parcelable;
import android.os.Build;
+import android.os.Process;
+import android.os.UserHandle;
import android.util.Log;
import android.text.TextUtils;
@@ -42,7 +44,6 @@ import java.util.concurrent.TimeUnit;
import java.util.HashMap;
import java.util.Map;
-import com.google.android.collect.Lists;
import com.google.android.collect.Maps;
/**
@@ -396,8 +397,13 @@ public class AccountManager {
* (never null) if no accounts of the specified type have been added.
*/
public Account[] getAccountsByType(String type) {
+ return getAccountsByTypeAsUser(type, Process.myUserHandle());
+ }
+
+ /** @hide Same as {@link #getAccountsByType(String)} but for a specific user. */
+ public Account[] getAccountsByTypeAsUser(String type, UserHandle userHandle) {
try {
- return mService.getAccounts(type);
+ return mService.getAccountsAsUser(type, userHandle.getIdentifier());
} catch (RemoteException e) {
// won't ever happen
throw new RuntimeException(e);
@@ -1175,10 +1181,26 @@ public class AccountManager {
final Activity activity,
final AccountManagerCallback<Bundle> callback,
final Handler handler) {
+ return confirmCredentialsAsUser(account, options, activity, callback, handler,
+ Process.myUserHandle());
+ }
+
+ /**
+ * @hide
+ * Same as {@link #confirmCredentials(Account, Bundle, Activity, AccountManagerCallback, Handler)}
+ * but for the specified user.
+ */
+ public AccountManagerFuture<Bundle> confirmCredentialsAsUser(final Account account,
+ final Bundle options,
+ final Activity activity,
+ final AccountManagerCallback<Bundle> callback,
+ final Handler handler, UserHandle userHandle) {
if (account == null) throw new IllegalArgumentException("account is null");
+ final int userId = userHandle.getIdentifier();
return new AmsTask(activity, handler, callback) {
public void doWork() throws RemoteException {
- mService.confirmCredentials(mResponse, account, options, activity != null);
+ mService.confirmCredentialsAsUser(mResponse, account, options, activity != null,
+ userId);
}
}.start();
}
diff --git a/core/java/android/accounts/AccountManagerService.java b/core/java/android/accounts/AccountManagerService.java
index 03e0c0f..2b1a2b2 100644
--- a/core/java/android/accounts/AccountManagerService.java
+++ b/core/java/android/accounts/AccountManagerService.java
@@ -1297,8 +1297,17 @@ public class AccountManagerService
}
}
- public void confirmCredentials(IAccountManagerResponse response,
- final Account account, final Bundle options, final boolean expectActivityLaunch) {
+ @Override
+ public void confirmCredentialsAsUser(IAccountManagerResponse response,
+ final Account account, final Bundle options, final boolean expectActivityLaunch,
+ int userId) {
+ // Only allow the system process to read accounts of other users
+ if (userId != UserHandle.getCallingUserId()
+ && Binder.getCallingUid() != android.os.Process.myUid()) {
+ throw new SecurityException("User " + UserHandle.getCallingUserId()
+ + " trying to confirm account credentials for " + userId);
+ }
+
if (Log.isLoggable(TAG, Log.VERBOSE)) {
Log.v(TAG, "confirmCredentials: " + account
+ ", response " + response
@@ -1309,7 +1318,7 @@ public class AccountManagerService
if (response == null) throw new IllegalArgumentException("response is null");
if (account == null) throw new IllegalArgumentException("account is null");
checkManageAccountsPermission();
- UserAccounts accounts = getUserAccountsForCaller();
+ UserAccounts accounts = getUserAccounts(userId);
long identityToken = clearCallingIdentity();
try {
new Session(accounts, response, account.type, expectActivityLaunch,
@@ -1548,14 +1557,22 @@ public class AccountManagerService
return runningAccounts.toArray(accountsArray);
}
- public Account[] getAccounts(String type) {
+ @Override
+ public Account[] getAccountsAsUser(String type, int userId) {
+ // Only allow the system process to read accounts of other users
+ if (userId != UserHandle.getCallingUserId()
+ && Binder.getCallingUid() != android.os.Process.myUid()) {
+ throw new SecurityException("User " + UserHandle.getCallingUserId()
+ + " trying to get account for " + userId);
+ }
+
if (Log.isLoggable(TAG, Log.VERBOSE)) {
Log.v(TAG, "getAccounts: accountType " + type
+ ", caller's uid " + Binder.getCallingUid()
+ ", pid " + Binder.getCallingPid());
}
checkReadAccountsPermission();
- UserAccounts accounts = getUserAccountsForCaller();
+ UserAccounts accounts = getUserAccounts(userId);
long identityToken = clearCallingIdentity();
try {
synchronized (accounts.cacheLock) {
@@ -1566,6 +1583,11 @@ public class AccountManagerService
}
}
+ @Override
+ public Account[] getAccounts(String type) {
+ return getAccountsAsUser(type, UserHandle.getCallingUserId());
+ }
+
public void getAccountsByFeatures(IAccountManagerResponse response,
String type, String[] features) {
if (Log.isLoggable(TAG, Log.VERBOSE)) {
diff --git a/core/java/android/accounts/IAccountManager.aidl b/core/java/android/accounts/IAccountManager.aidl
index 6007321..dbb4924 100644
--- a/core/java/android/accounts/IAccountManager.aidl
+++ b/core/java/android/accounts/IAccountManager.aidl
@@ -31,6 +31,7 @@ interface IAccountManager {
String getUserData(in Account account, String key);
AuthenticatorDescription[] getAuthenticatorTypes();
Account[] getAccounts(String accountType);
+ Account[] getAccountsAsUser(String accountType, int userId);
void hasFeatures(in IAccountManagerResponse response, in Account account, in String[] features);
void getAccountsByFeatures(in IAccountManagerResponse response, String accountType, in String[] features);
boolean addAccount(in Account account, String password, in Bundle extras);
@@ -53,8 +54,8 @@ interface IAccountManager {
String authTokenType, boolean expectActivityLaunch, in Bundle options);
void editProperties(in IAccountManagerResponse response, String accountType,
boolean expectActivityLaunch);
- void confirmCredentials(in IAccountManagerResponse response, in Account account,
- in Bundle options, boolean expectActivityLaunch);
+ void confirmCredentialsAsUser(in IAccountManagerResponse response, in Account account,
+ in Bundle options, boolean expectActivityLaunch, int userId);
void getAuthTokenLabel(in IAccountManagerResponse response, String accountType,
String authTokenType);
}