Add content provider for browser geolocation permissions

This replaces the old Google-specific geolocation setting.

Fixes http://b/issue?id=2428694
Part of http://b/issue?id=2383870

Change-Id: I6308b476ad18b1d71d7438b936c592a45365c9f0

5 files changed, 66 insertions, 212 deletions

diff --git a/core/java/android/provider/Browser.java b/core/java/android/provider/Browser.java
index 36255d0..f7c3148 100644
--- a/core/java/android/provider/Browser.java
+++ b/core/java/android/provider/Browser.java
@@ -120,6 +120,15 @@ public class Browser {
     private static final int MAX_HISTORY_COUNT = 250;
 
     /**
+     * URI for writing geolocation permissions. This requires the
+     * {@link android.Manifest.permission#WRITE_GEOLOCATION_PERMISSIONS}.
+     */
+    public static final Uri GEOLOCATION_URI =
+            Uri.parse("content://browser/geolocation");
+
+    private static final String GEOLOCATION_WHERE_CLAUSE = GeolocationColumns.ORIGIN + " = ?";
+
+    /**
      *  Open the AddBookmark activity to save a bookmark.  Launch with
      *  and/or url, which can be edited by the user before saving.
      *  @param c        Context used to launch the AddBookmark activity.
@@ -553,6 +562,42 @@ public class Browser {
         }
     }
 
+    /**
+     * Allows geolocation for the specified origin.
+     * This requires the {@link android.Manifest.permission#WRITE_GEOLOCATION_PERMISSIONS}
+     * permission.
+     *
+     * @param origin The origin to allow geolocation for, e.g. "http://www.google.com". The string
+     *        should not include a trailing slash.
+     */
+    public static void allowGeolocation(ContentResolver cr, String origin) {
+        try {
+            ContentValues map = new ContentValues();
+            map.put(GeolocationColumns.ORIGIN, origin);
+            cr.insert(GEOLOCATION_URI, map);
+        } catch (IllegalStateException e) {
+            Log.e(LOGTAG, "allowGeolocation", e);
+            return;
+        }
+    }
+
+    /**
+     * Clears the geolocation permission state for the specified origin.
+     * This requires the {@link android.Manifest.permission#WRITE_GEOLOCATION_PERMISSIONS}
+     * permission.
+     *
+     * @param origin The origin to allow geolocation for, e.g. "http://www.google.com". The string
+     *        should not include a trailing slash.
+     */
+    public static void clearGeolocation(ContentResolver cr, String origin) {
+        try {
+            String[] whereArgs = { origin };
+            cr.delete(GEOLOCATION_URI, GEOLOCATION_WHERE_CLAUSE, whereArgs);
+        } catch (IllegalStateException e) {
+            Log.e(LOGTAG, "clearGeolocation", e);
+        }
+    }
+
     public static class BookmarkColumns implements BaseColumns {
         public static final String URL = "url";
         public static final String VISITS = "visits";
@@ -580,4 +625,8 @@ public class Browser {
         public static final String SEARCH = "search";
         public static final String DATE = "date";
     }
+
+    public static class GeolocationColumns {
+        public static final String ORIGIN = "origin";
+    }
 }
diff --git a/core/java/android/webkit/GoogleLocationSettingManager.java b/core/java/android/webkit/GoogleLocationSettingManager.java
deleted file mode 100644
index ecac70a..0000000
--- a/core/java/android/webkit/GoogleLocationSettingManager.java
+++ /dev/null
@@ -1,209 +0,0 @@
-/*
- * Copyright (C) 2009 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package android.webkit;
-
-import android.content.ContentResolver;
-import android.content.Context;
-import android.content.SharedPreferences;
-import android.content.SharedPreferences.Editor;
-import android.database.ContentObserver;
-import android.os.Handler;
-import android.preference.PreferenceManager;
-import android.provider.Settings;
-
-import java.util.HashSet;
-
-/**
- * A class to manage the interaction between the system setting 'Location &
- * Security - Share with Google' and the browser. When this setting is set
- * to true, we allow Geolocation for Google origins. When this setting is
- * set to false, we clear Geolocation permissions for Google origins.
- */
-class GoogleLocationSettingManager {
-    // The observer used to listen to the system setting.
-    private GoogleLocationSettingObserver mSettingObserver;
-
-    // The value of the system setting that indicates true.
-    private final static int sSystemSettingTrue = 1;
-    // The value of the system setting that indicates false.
-    private final static int sSystemSettingFalse = 0;
-    // The value of the USE_LOCATION_FOR_SERVICES system setting last read
-    // by the browser.
-    private final static String LAST_READ_USE_LOCATION_FOR_SERVICES =
-            "lastReadUseLocationForServices";
-    // The Browser package name.
-    private static final String BROWSER_PACKAGE_NAME = "com.android.browser";
-    // The Google origins we consider.
-    private static HashSet<String> sGoogleOrigins;
-    static {
-        sGoogleOrigins = new HashSet<String>();
-        // NOTE: DO NOT ADD A "/" AT THE END!
-        sGoogleOrigins.add("http://www.google.com");
-        sGoogleOrigins.add("http://www.google.co.uk");
-    }
-
-    private static GoogleLocationSettingManager sGoogleLocationSettingManager = null;
-    private static int sRefCount = 0;
-
-    static GoogleLocationSettingManager getInstance() {
-        if (sGoogleLocationSettingManager == null) {
-            sGoogleLocationSettingManager = new GoogleLocationSettingManager();
-        }
-        return sGoogleLocationSettingManager;
-    }
-
-    private GoogleLocationSettingManager() {}
-
-    /**
-     * Starts the manager. Checks whether the setting has changed and
-     * installs an observer to listen for future changes.
-     */
-    public void start(Context context) {
-        // Are we running in the browser?
-        if (context == null || !BROWSER_PACKAGE_NAME.equals(context.getPackageName())) {
-            return;
-        }
-        // Increase the refCount
-        sRefCount++;
-        // Are we already registered?
-        if (mSettingObserver != null) {
-            return;
-        }
-        // Read and apply the settings if needed.
-        maybeApplySetting(context);
-        // Register to receive notifications when the system settings change.
-        mSettingObserver = new GoogleLocationSettingObserver();
-        mSettingObserver.observe(context);
-    }
-
-    /**
-     * Stops the manager.
-     */
-    public void stop() {
-        // Are we already registered?
-        if (mSettingObserver == null) {
-            return;
-        }
-        if (--sRefCount == 0) {
-            mSettingObserver.doNotObserve();
-            mSettingObserver = null;
-        }
-    }
-    /**
-     * Checks to see if the system setting has changed and if so,
-     * updates the Geolocation permissions accordingly.
-     * @param the Application context
-     */
-    private void maybeApplySetting(Context context) {
-        int setting = getSystemSetting(context);
-        if (settingChanged(setting, context)) {
-            applySetting(setting);
-        }
-    }
-
-    /**
-     * Gets the current system setting for 'Use location for Google services'.
-     * @param the Application context
-     * @return The system setting.
-     */
-    private int getSystemSetting(Context context) {
-        return Settings.Secure.getInt(context.getContentResolver(),
-                                      Settings.Secure.USE_LOCATION_FOR_SERVICES,
-                                      sSystemSettingFalse);
-    }
-
-    /**
-     * Determines whether the supplied setting has changed from the last
-     * value read by the browser.
-     * @param setting The setting.
-     * @param the Application context
-     * @return Whether the setting has changed from the last value read
-     *     by the browser.
-     */
-    private boolean settingChanged(int setting, Context context) {
-        SharedPreferences preferences =
-                PreferenceManager.getDefaultSharedPreferences(context);
-        // Default to false. If the system setting is false the first time it is ever read by the
-        // browser, there's nothing to do.
-        int lastReadSetting = sSystemSettingFalse;
-        lastReadSetting = preferences.getInt(LAST_READ_USE_LOCATION_FOR_SERVICES,
-                                             lastReadSetting);
-
-        if (lastReadSetting == setting) {
-            return false;
-        }
-
-        Editor editor = preferences.edit();
-        editor.putInt(LAST_READ_USE_LOCATION_FOR_SERVICES, setting);
-        editor.commit();
-        return true;
-    }
-
-    /**
-     * Applies the supplied setting to the Geolocation permissions.
-     * @param setting The setting.
-     */
-    private void applySetting(int setting) {
-        for (String origin : sGoogleOrigins) {
-            if (setting == sSystemSettingTrue) {
-                GeolocationPermissions.getInstance().allow(origin);
-            } else {
-                GeolocationPermissions.getInstance().clear(origin);
-            }
-        }
-    }
-
-    /**
-     * This class implements an observer to listen for changes to the
-     * system setting.
-     */
-    private class GoogleLocationSettingObserver extends ContentObserver {
-        private Context mContext;
-
-        GoogleLocationSettingObserver() {
-            super(new Handler());
-        }
-
-        void observe(Context context) {
-            if (mContext != null) {
-                return;
-            }
-            ContentResolver resolver = context.getContentResolver();
-            resolver.registerContentObserver(Settings.Secure.getUriFor(
-                Settings.Secure.USE_LOCATION_FOR_SERVICES), false, this);
-            mContext = context;
-        }
-
-        void doNotObserve() {
-            if (mContext == null) {
-                return;
-            }
-            ContentResolver resolver = mContext.getContentResolver();
-            resolver.unregisterContentObserver(this);
-            mContext = null;
-        }
-
-        @Override
-        public void onChange(boolean selfChange) {
-            // This may come after the call to doNotObserve() above,
-            // so mContext may be null.
-            if (mContext != null) {
-                maybeApplySetting(mContext);
-            }
-        }
-    }
-}
diff --git a/core/java/android/webkit/WebSettings.java b/core/java/android/webkit/WebSettings.java
index 35f1ac6..c021af4 100644
--- a/core/java/android/webkit/WebSettings.java
+++ b/core/java/android/webkit/WebSettings.java
@@ -1355,8 +1355,6 @@ public class WebSettings {
             junit.framework.Assert.assertTrue(frame.mNativeFrame != 0);
         }
 
-        GoogleLocationSettingManager.getInstance().start(mContext);
-
         SharedPreferences sp = mContext.getSharedPreferences(PREF_FILE,
                 Context.MODE_PRIVATE);
         if (mDoubleTapToastCount > 0) {
@@ -1373,7 +1371,6 @@ public class WebSettings {
      */
     /*package*/
     synchronized void onDestroyed() {
-        GoogleLocationSettingManager.getInstance().stop();
     }
 
     private int pin(int size) {
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index a57c71b..6f57fa5 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -244,6 +244,14 @@
         android:description="@string/permdesc_writeHistoryBookmarks"
         android:protectionLevel="dangerous" />
 
+    <!-- Allows an application to write to (but not read) the user's
+         geolocation permissions.. -->
+    <permission android:name="com.android.browser.permission.WRITE_GEOLOCATION_PERMISSIONS"
+        android:permissionGroup="android.permission-group.LOCATION"
+        android:label="@string/permlab_writeGeolocationPermissions"
+        android:description="@string/permdesc_writeGeolocationPermissions"
+        android:protectionLevel="signatureOrSystem" />
+
     <!-- ======================================= -->
     <!-- Permissions for accessing location info -->
     <!-- ======================================= -->
diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml
index 89cbd08..0a5c584 100644
--- a/core/res/res/values/strings.xml
+++ b/core/res/res/values/strings.xml
@@ -1634,6 +1634,15 @@
         Browser\'s history or bookmarks stored on your phone. Malicious applications
         can use this to erase or modify your Browser\'s data.</string>
 
+    <!-- Title of an application permission, listed so the user can choose whether
+        they want to allow the application to do this. -->
+    <string name="permlab_writeGeolocationPermissions">Modify Browser geolocation permissions</string>
+    <!-- Description of an application permission, listed so the user can choose whether
+        they want to allow the application to do this. -->
+    <string name="permdesc_writeGeolocationPermissions">Allows an application to modify the
+        Browser\'s geolocation permissions. Malicious applications
+        can use this to allow sending location information to arbitrary web sites.</string>
+
     <!-- If the user enters a password in a form on a website, a dialog will come up asking if they want to save the password. Text in the save password dialog, asking if the browser should remember a password. -->
     <string name="save_password_message">Do you want the browser to remember this password?</string>
     <!-- If the user enters a password in a form on a website, a dialog will come up asking if they want to save the password. Button in the save password dialog, saying not to remember this password. -->