Fix enterprise path permission checking

Bug: 21489358 Change-Id: I5f655d5a41723f067533c2ae5c867dcbe3cc604d
author: Ricky Wai <rickywai@google.com> 2015-05-29 16:15:45 +0100
committer: Ricky Wai <rickywai@google.com> 2015-05-29 16:15:45 +0100
commit: 22f452cd02b95c601b8d58fcb6524d6cc66278aa (patch)
tree: fd365ae44565ec1b126cb95bffc40ba9c7dca201 /src
parent: cb1e18da0de89549c2a512ee9887f15f4976d8ff (diff)
download: packages_providers_ContactsProvider-22f452cd02b95c601b8d58fcb6524d6cc66278aa.zip
packages_providers_ContactsProvider-22f452cd02b95c601b8d58fcb6524d6cc66278aa.tar.gz
packages_providers_ContactsProvider-22f452cd02b95c601b8d58fcb6524d6cc66278aa.tar.bz2
1 files changed, 5 insertions, 6 deletions
diff --git a/src/com/android/providers/contacts/ContactsProvider2.java b/src/com/android/providers/contacts/ContactsProvider2.java
index b2cbc8b..480545c 100644
--- a/src/com/android/providers/contacts/ContactsProvider2.java
+++ b/src/com/android/providers/contacts/ContactsProvider2.java
@@ -205,6 +205,7 @@ public class ContactsProvider2 extends AbstractContactsProvider
 
     private static final String READ_PERMISSION = "android.permission.READ_CONTACTS";
     private static final String WRITE_PERMISSION = "android.permission.WRITE_CONTACTS";
+    private static final String INTERACT_ACROSS_USERS = "android.permission.INTERACT_ACROSS_USERS";
 
     /* package */ static final String UPDATE_TIMES_CONTACTED_CONTACTS_TABLE =
           "UPDATE " + Tables.CONTACTS + " SET " + Contacts.TIMES_CONTACTED + "=" +
@@ -5844,6 +5845,8 @@ public class ContactsProvider2 extends AbstractContactsProvider
                         new Object[] {getMaxDisplayPhotoDim(), getMaxThumbnailDim()});
             }
             case PHONES_ENTERPRISE: {
+                ContactsPermissions.enforceCallingOrSelfPermission(getContext(),
+                        INTERACT_ACROSS_USERS);
                 return queryMergedDataPhones(uri, projection, selection, selectionArgs, sortOrder);
             }
             case PHONES:
@@ -6569,9 +6572,8 @@ public class ContactsProvider2 extends AbstractContactsProvider
                 break;
             }
             case RAW_CONTACT_ENTITIES_CORP: {
-                // As it's protected by android.permission.INTERACT_ACROSS_USERS
-                // already and it is used by Bluetooth application, we do not
-                // check caller-id policy
+                ContactsPermissions.enforceCallingOrSelfPermission(getContext(),
+                        INTERACT_ACROSS_USERS);
                 final int corpUserId = UserUtils.getCorpUserId(getContext(), false);
                 if (corpUserId < 0) {
                     // No Corp user or policy not allowed, return empty cursor
@@ -6747,9 +6749,6 @@ public class ContactsProvider2 extends AbstractContactsProvider
         final Cursor primaryCursor = queryLocal(localUri, projection, selection, selectionArgs,
                 sortOrder, directoryId, null);
         try {
-            // As it's protected by android.permission.INTERACT_ACROSS_USERS
-            // already and it is used by Bluetooth application, we do not
-            // check caller-id policy
             final int corpUserId = UserUtils.getCorpUserId(getContext(), false);
             if (corpUserId < 0) {
                 // No Corp user or policy not allowed
author	Ricky Wai <rickywai@google.com>	2015-05-29 16:15:45 +0100
committer	Ricky Wai <rickywai@google.com>	2015-05-29 16:15:45 +0100
commit	22f452cd02b95c601b8d58fcb6524d6cc66278aa (patch)
tree	fd365ae44565ec1b126cb95bffc40ba9c7dca201 /src
parent	cb1e18da0de89549c2a512ee9887f15f4976d8ff (diff)
download	packages_providers_ContactsProvider-22f452cd02b95c601b8d58fcb6524d6cc66278aa.zip packages_providers_ContactsProvider-22f452cd02b95c601b8d58fcb6524d6cc66278aa.tar.gz packages_providers_ContactsProvider-22f452cd02b95c601b8d58fcb6524d6cc66278aa.tar.bz2