diff options
author | Matthew Williams <mjwilliams@google.com> | 2016-01-19 23:04:04 +0000 |
---|---|---|
committer | The Android Automerger <android-build@google.com> | 2016-02-26 16:56:12 -0800 |
commit | 3cd1905d857913241198f65066e1aa78516192ea (patch) | |
tree | 9a4b133c8e228dae15d3f741cb59d0f58873d5a2 /services | |
parent | b22f3f2d93df118092449500177c9d07b08bbe91 (diff) | |
download | frameworks_base-3cd1905d857913241198f65066e1aa78516192ea.zip frameworks_base-3cd1905d857913241198f65066e1aa78516192ea.tar.gz frameworks_base-3cd1905d857913241198f65066e1aa78516192ea.tar.bz2 |
Redact Account info from getCurrentSyncs
BUG:26094635
If the caller to ContentResolver#getCurrentSyncs does not hold the
GET_ACCOUNTS permission, return a SyncInfo object that does not
contain any Account information.
Change-Id: I5628ebe1f56c8e3f784aaf1b3281e6b829d19314
(cherry picked from commit b63057e698a01dafcefc7ba09b397b0336bba43d)
Diffstat (limited to 'services')
-rw-r--r-- | services/core/java/com/android/server/content/ContentService.java | 6 | ||||
-rw-r--r-- | services/core/java/com/android/server/content/SyncStorageEngine.java | 16 |
2 files changed, 17 insertions, 5 deletions
diff --git a/services/core/java/com/android/server/content/ContentService.java b/services/core/java/com/android/server/content/ContentService.java index b766894..f581a7f 100644 --- a/services/core/java/com/android/server/content/ContentService.java +++ b/services/core/java/com/android/server/content/ContentService.java @@ -815,9 +815,13 @@ public final class ContentService extends IContentService.Stub { mContext.enforceCallingOrSelfPermission(Manifest.permission.READ_SYNC_STATS, "no permission to read the sync stats"); + final boolean canAccessAccounts = + mContext.checkCallingOrSelfPermission(Manifest.permission.GET_ACCOUNTS) + == PackageManager.PERMISSION_GRANTED; long identityToken = clearCallingIdentity(); try { - return getSyncManager().getSyncStorageEngine().getCurrentSyncsCopy(userId); + return getSyncManager().getSyncStorageEngine() + .getCurrentSyncsCopy(userId, canAccessAccounts); } finally { restoreCallingIdentity(identityToken); } diff --git a/services/core/java/com/android/server/content/SyncStorageEngine.java b/services/core/java/com/android/server/content/SyncStorageEngine.java index a2f0e4e..96a7bb4 100644 --- a/services/core/java/com/android/server/content/SyncStorageEngine.java +++ b/services/core/java/com/android/server/content/SyncStorageEngine.java @@ -1459,15 +1459,23 @@ public class SyncStorageEngine extends Handler { } /** - * @return a copy of the current syncs data structure. Will not return - * null. + * @param userId Id of user to return current sync info. + * @param canAccessAccounts Determines whether to redact Account information from the result. + * @return a copy of the current syncs data structure. Will not return null. */ - public List<SyncInfo> getCurrentSyncsCopy(int userId) { + public List<SyncInfo> getCurrentSyncsCopy(int userId, boolean canAccessAccounts) { synchronized (mAuthorities) { final List<SyncInfo> syncs = getCurrentSyncsLocked(userId); final List<SyncInfo> syncsCopy = new ArrayList<SyncInfo>(); for (SyncInfo sync : syncs) { - syncsCopy.add(new SyncInfo(sync)); + SyncInfo copy; + if (!canAccessAccounts) { + copy = SyncInfo.createAccountRedacted( + sync.authorityId, sync.authority, sync.startTime); + } else { + copy = new SyncInfo(sync); + } + syncsCopy.add(copy); } return syncsCopy; } |