Add READ_ALL_VOICEMAILS Permision to VoicemailPermissions, VoicemailContentProvider

and CallLogProvider Bug:15695227 Change-Id: I244541c847c07450535a52d0bf38199b55387202
author: fafaisland <fafaisland@google.com> 2014-06-17 11:37:42 -0700
committer: fafaisland <fafaisland@google.com> 2014-06-17 15:49:42 -0700
commit: 3ccaf5590a7ed2fca780f9b7fc46328d0f78a2ee (patch)
tree: 5036069617759298f5cd357b0381d905af341a69 /src
parent: 99339cd35745a3477d7caada51dc028d08507b47 (diff)
download: packages_providers_ContactsProvider-3ccaf5590a7ed2fca780f9b7fc46328d0f78a2ee.zip
packages_providers_ContactsProvider-3ccaf5590a7ed2fca780f9b7fc46328d0f78a2ee.tar.gz
packages_providers_ContactsProvider-3ccaf5590a7ed2fca780f9b7fc46328d0f78a2ee.tar.bz2
3 files changed, 46 insertions, 14 deletions
diff --git a/src/com/android/providers/contacts/CallLogProvider.java b/src/com/android/providers/contacts/CallLogProvider.java
index cb66164..2241658 100644
--- a/src/com/android/providers/contacts/CallLogProvider.java
+++ b/src/com/android/providers/contacts/CallLogProvider.java
@@ -134,7 +134,7 @@ public class CallLogProvider extends ContentProvider {
         qb.setStrict(true);
 
         final SelectionBuilder selectionBuilder = new SelectionBuilder(selection);
-        checkVoicemailPermissionAndAddRestriction(uri, selectionBuilder);
+        checkVoicemailPermissionAndAddRestriction(uri, selectionBuilder, true /*isQuery*/);
 
         final int match = sURIMatcher.match(uri);
         switch (match) {
@@ -257,7 +257,7 @@ public class CallLogProvider extends ContentProvider {
         }
 
         SelectionBuilder selectionBuilder = new SelectionBuilder(selection);
-        checkVoicemailPermissionAndAddRestriction(uri, selectionBuilder);
+        checkVoicemailPermissionAndAddRestriction(uri, selectionBuilder, false /*isQuery*/);
 
         final SQLiteDatabase db = mDbHelper.getWritableDatabase();
         final int matchedUriId = sURIMatcher.match(uri);
@@ -280,7 +280,7 @@ public class CallLogProvider extends ContentProvider {
     @Override
     public int delete(Uri uri, String selection, String[] selectionArgs) {
         SelectionBuilder selectionBuilder = new SelectionBuilder(selection);
-        checkVoicemailPermissionAndAddRestriction(uri, selectionBuilder);
+        checkVoicemailPermissionAndAddRestriction(uri, selectionBuilder, false /*isQuery*/);
 
         final SQLiteDatabase db = mDbHelper.getWritableDatabase();
         final int matchedUriId = sURIMatcher.match(uri);
@@ -327,9 +327,11 @@ public class CallLogProvider extends ContentProvider {
      * modify the selection to restrict to non-voicemail entries only.
      */
     private void checkVoicemailPermissionAndAddRestriction(Uri uri,
-            SelectionBuilder selectionBuilder) {
+            SelectionBuilder selectionBuilder, boolean isQuery) {
         if (isAllowVoicemailRequest(uri)) {
-            mVoicemailPermissions.checkCallerHasFullAccess();
+            if (!(isQuery && mVoicemailPermissions.callerHasFullReadAccess())) {
+                mVoicemailPermissions.checkCallerHasFullAccess();
+            }
         } else {
             selectionBuilder.addClause(EXCLUDE_VOICEMAIL_SELECTION);
         }
diff --git a/src/com/android/providers/contacts/VoicemailContentProvider.java b/src/com/android/providers/contacts/VoicemailContentProvider.java
index 279ebce..79e549b 100644
--- a/src/com/android/providers/contacts/VoicemailContentProvider.java
+++ b/src/com/android/providers/contacts/VoicemailContentProvider.java
@@ -108,7 +108,7 @@ public class VoicemailContentProvider extends ContentProvider
             String sortOrder) {
         UriData uriData = checkPermissionsAndCreateUriDataForReadOperation(uri);
         SelectionBuilder selectionBuilder = new SelectionBuilder(selection);
-        selectionBuilder.addClause(getPackageRestrictionClause());
+        selectionBuilder.addClause(getPackageRestrictionClause(true/*isQuery*/));
         return getTableDelegate(uriData).query(uriData, projection, selectionBuilder.build(),
                 selectionArgs, sortOrder);
     }
@@ -117,7 +117,7 @@ public class VoicemailContentProvider extends ContentProvider
     public int update(Uri uri, ContentValues values, String selection, String[] selectionArgs) {
         UriData uriData = checkPermissionsAndCreateUriData(uri, values);
         SelectionBuilder selectionBuilder = new SelectionBuilder(selection);
-        selectionBuilder.addClause(getPackageRestrictionClause());
+        selectionBuilder.addClause(getPackageRestrictionClause(false/*isQuery*/));
         return getTableDelegate(uriData).update(uriData, values, selectionBuilder.build(),
                 selectionArgs);
     }
@@ -126,7 +126,7 @@ public class VoicemailContentProvider extends ContentProvider
     public int delete(Uri uri, String selection, String[] selectionArgs) {
         UriData uriData = checkPermissionsAndCreateUriData(uri);
         SelectionBuilder selectionBuilder = new SelectionBuilder(selection);
-        selectionBuilder.addClause(getPackageRestrictionClause());
+        selectionBuilder.addClause(getPackageRestrictionClause(false/*isQuery*/));
         return getTableDelegate(uriData).delete(uriData, selectionBuilder.build(), selectionArgs);
     }
 
@@ -288,6 +288,11 @@ public class VoicemailContentProvider extends ContentProvider
                 == PackageManager.PERMISSION_GRANTED) {
             return UriData.createUriData(uri);
         }
+
+        if (mVoicemailPermissions.callerHasFullReadAccess()) {
+            return UriData.createUriData(uri);
+        }
+
         return checkPermissionsAndCreateUriData(uri);
     }
 
@@ -330,8 +335,8 @@ public class VoicemailContentProvider extends ContentProvider
     }
 
     /**
-     * Checks that either the caller has READ_WRITE_ALL_VOICEMAIL permission, or has the
-     * ADD_VOICEMAIL permission and is using a URI that matches
+     * Checks that either the caller has READ_WRITE_ALL_VOICEMAIL permission,
+     * or has the ADD_VOICEMAIL permission and is using a URI that matches
      * /voicemail/?source_package=[source-package] where [source-package] is the same as the calling
      * package.
      *
@@ -391,7 +396,10 @@ public class VoicemailContentProvider extends ContentProvider
      * Creates a clause to restrict the selection to the calling provider or null if the caller has
      * access to all data.
      */
-    private String getPackageRestrictionClause() {
+    private String getPackageRestrictionClause(boolean isQuery) {
+        if (isQuery && mVoicemailPermissions.callerHasFullReadAccess()) {
+            return null;
+        }
         if (mVoicemailPermissions.callerHasFullAccess()) {
             return null;
         }
diff --git a/src/com/android/providers/contacts/VoicemailPermissions.java b/src/com/android/providers/contacts/VoicemailPermissions.java
index 1571bad..570399c 100644
--- a/src/com/android/providers/contacts/VoicemailPermissions.java
+++ b/src/com/android/providers/contacts/VoicemailPermissions.java
@@ -36,9 +36,15 @@ public class VoicemailPermissions {
         return callerHasPermission(android.Manifest.permission.ADD_VOICEMAIL);
     }
 
+
+    /** Determine if the calling process has full read access to all voicemails. */
+    public boolean callerHasFullReadAccess() {
+        return callerHasPermission(android.Manifest.permission.READ_ALL_VOICEMAIL);
+    }
+
     /** Determines if the calling process has access to all voicemails. */
     public boolean callerHasFullAccess() {
-        return callerHasPermission(android.Manifest.permission.ADD_VOICEMAIL) &&
+        return callerHasOwnVoicemailAccess() &&
                 callerHasPermission(Manifest.permission.READ_WRITE_ALL_VOICEMAIL);
     }
 
@@ -55,6 +61,18 @@ public class VoicemailPermissions {
     }
 
     /**
+     * Checks that the caller has permissions to read ALL voicemails.
+     *
+     * @throws SecurityException if the caller does not have the voicemail source permission.
+     */
+    public void checkCallerHasFullReadAccess() {
+        if (!callerHasFullReadAccess()) {
+            throw new SecurityException(String.format("The caller must have %s permission: ",
+                    android.Manifest.permission.READ_ALL_VOICEMAIL));
+        }
+    }
+
+     /**
      * Checks that the caller has permissions to access ALL voicemails.
      *
      * @throws SecurityException if the caller does not have the voicemail source permission.
@@ -73,10 +91,14 @@ public class VoicemailPermissions {
                 android.Manifest.permission.ADD_VOICEMAIL);
     }
 
+    /** Determines if the given package has read full access. */
+    public boolean packageHasFullReadAccess(String packageName) {
+        return packageHasPermission(packageName, android.Manifest.permission.READ_ALL_VOICEMAIL);
+    }
+
     /** Determines if the given package has full access. */
     public boolean packageHasFullAccess(String packageName) {
-        return packageHasPermission(
-                packageName, android.Manifest.permission.ADD_VOICEMAIL) &&
+        return packageHasOwnVoicemailAccess(packageName) &&
                 packageHasPermission(packageName, Manifest.permission.READ_WRITE_ALL_VOICEMAIL);
     }
author	fafaisland <fafaisland@google.com>	2014-06-17 11:37:42 -0700
committer	fafaisland <fafaisland@google.com>	2014-06-17 15:49:42 -0700
commit	3ccaf5590a7ed2fca780f9b7fc46328d0f78a2ee (patch)
tree	5036069617759298f5cd357b0381d905af341a69 /src
parent	99339cd35745a3477d7caada51dc028d08507b47 (diff)
download	packages_providers_ContactsProvider-3ccaf5590a7ed2fca780f9b7fc46328d0f78a2ee.zip packages_providers_ContactsProvider-3ccaf5590a7ed2fca780f9b7fc46328d0f78a2ee.tar.gz packages_providers_ContactsProvider-3ccaf5590a7ed2fca780f9b7fc46328d0f78a2ee.tar.bz2