diff options
| author | Amith Yamasani <yamasani@google.com> | 2013-03-27 18:56:08 -0700 |
|---|---|---|
| committer | Amith Yamasani <yamasani@google.com> | 2013-03-27 18:56:08 -0700 |
| commit | 0ac1fc9d233b8671f371a71e2a6374b47ef069a9 (patch) | |
| tree | 96f7fe204023211543e90469e1bd18e91a728a26 /services/java/com/android/server/accounts | |
| parent | 2e73f5b8b7c941e68fec2d763d9455a8d6190e25 (diff) | |
| download | frameworks_base-0ac1fc9d233b8671f371a71e2a6374b47ef069a9.zip frameworks_base-0ac1fc9d233b8671f371a71e2a6374b47ef069a9.tar.gz frameworks_base-0ac1fc9d233b8671f371a71e2a6374b47ef069a9.tar.bz2 | |
Restricted account visibility
When accounts are shared to a restricted/limited user, apps can
opt-in to viewing accounts of a certain type. Other shared accounts
are not visible to the app.
App would specify the account type in the manifest <application> tag
with the attribute restrictedAccountType="foo.bar", where "foo.bar"
is the account type as defined by the authenticator.
Change-Id: I7586da04d6d6d32aae15adc6b1366f325bb07384
Diffstat (limited to 'services/java/com/android/server/accounts')
| -rw-r--r-- | services/java/com/android/server/accounts/AccountManagerService.java | 30 |
1 files changed, 22 insertions, 8 deletions
diff --git a/services/java/com/android/server/accounts/AccountManagerService.java b/services/java/com/android/server/accounts/AccountManagerService.java index c4b98ad..53ac0a0 100644 --- a/services/java/com/android/server/accounts/AccountManagerService.java +++ b/services/java/com/android/server/accounts/AccountManagerService.java @@ -2710,7 +2710,7 @@ public class AccountManagerService } if (mUserManager.getUserInfo(userAccounts.userId).isRestricted()) { String[] packages = mPackageManager.getPackagesForUid(callingUid); - // If any of the packages includes a white listed package, return the full set, + // If any of the packages is a white listed package, return the full set, // otherwise return non-shared accounts only. // This might be a temporary way to specify a whitelist String whiteList = mContext.getResources().getString( @@ -2723,16 +2723,30 @@ public class AccountManagerService ArrayList<Account> allowed = new ArrayList<Account>(); Account[] sharedAccounts = getSharedAccountsAsUser(userAccounts.userId); if (sharedAccounts == null || sharedAccounts.length == 0) return unfiltered; - for (Account account : unfiltered) { - boolean found = false; - for (Account shared : sharedAccounts) { - if (shared.equals(account)) { - found = true; - break; + String requiredAccountType = ""; + try { + for (String packageName : packages) { + PackageInfo pi = mPackageManager.getPackageInfo(packageName, 0); + if (pi != null && pi.restrictedAccountType != null) { + requiredAccountType = pi.restrictedAccountType; } } - if (!found) { + } catch (NameNotFoundException nnfe) { + } + for (Account account : unfiltered) { + if (account.type.equals(requiredAccountType)) { allowed.add(account); + } else { + boolean found = false; + for (Account shared : sharedAccounts) { + if (shared.equals(account)) { + found = true; + break; + } + } + if (!found) { + allowed.add(account); + } } } Account[] filtered = new Account[allowed.size()]; |