diff options
Diffstat (limited to 'src/com/android/providers')
3 files changed, 46 insertions, 14 deletions
diff --git a/src/com/android/providers/contacts/CallLogProvider.java b/src/com/android/providers/contacts/CallLogProvider.java index cb66164..2241658 100644 --- a/src/com/android/providers/contacts/CallLogProvider.java +++ b/src/com/android/providers/contacts/CallLogProvider.java @@ -134,7 +134,7 @@ public class CallLogProvider extends ContentProvider { qb.setStrict(true); final SelectionBuilder selectionBuilder = new SelectionBuilder(selection); - checkVoicemailPermissionAndAddRestriction(uri, selectionBuilder); + checkVoicemailPermissionAndAddRestriction(uri, selectionBuilder, true /*isQuery*/); final int match = sURIMatcher.match(uri); switch (match) { @@ -257,7 +257,7 @@ public class CallLogProvider extends ContentProvider { } SelectionBuilder selectionBuilder = new SelectionBuilder(selection); - checkVoicemailPermissionAndAddRestriction(uri, selectionBuilder); + checkVoicemailPermissionAndAddRestriction(uri, selectionBuilder, false /*isQuery*/); final SQLiteDatabase db = mDbHelper.getWritableDatabase(); final int matchedUriId = sURIMatcher.match(uri); @@ -280,7 +280,7 @@ public class CallLogProvider extends ContentProvider { @Override public int delete(Uri uri, String selection, String[] selectionArgs) { SelectionBuilder selectionBuilder = new SelectionBuilder(selection); - checkVoicemailPermissionAndAddRestriction(uri, selectionBuilder); + checkVoicemailPermissionAndAddRestriction(uri, selectionBuilder, false /*isQuery*/); final SQLiteDatabase db = mDbHelper.getWritableDatabase(); final int matchedUriId = sURIMatcher.match(uri); @@ -327,9 +327,11 @@ public class CallLogProvider extends ContentProvider { * modify the selection to restrict to non-voicemail entries only. */ private void checkVoicemailPermissionAndAddRestriction(Uri uri, - SelectionBuilder selectionBuilder) { + SelectionBuilder selectionBuilder, boolean isQuery) { if (isAllowVoicemailRequest(uri)) { - mVoicemailPermissions.checkCallerHasFullAccess(); + if (!(isQuery && mVoicemailPermissions.callerHasFullReadAccess())) { + mVoicemailPermissions.checkCallerHasFullAccess(); + } } else { selectionBuilder.addClause(EXCLUDE_VOICEMAIL_SELECTION); } diff --git a/src/com/android/providers/contacts/VoicemailContentProvider.java b/src/com/android/providers/contacts/VoicemailContentProvider.java index 279ebce..79e549b 100644 --- a/src/com/android/providers/contacts/VoicemailContentProvider.java +++ b/src/com/android/providers/contacts/VoicemailContentProvider.java @@ -108,7 +108,7 @@ public class VoicemailContentProvider extends ContentProvider String sortOrder) { UriData uriData = checkPermissionsAndCreateUriDataForReadOperation(uri); SelectionBuilder selectionBuilder = new SelectionBuilder(selection); - selectionBuilder.addClause(getPackageRestrictionClause()); + selectionBuilder.addClause(getPackageRestrictionClause(true/*isQuery*/)); return getTableDelegate(uriData).query(uriData, projection, selectionBuilder.build(), selectionArgs, sortOrder); } @@ -117,7 +117,7 @@ public class VoicemailContentProvider extends ContentProvider public int update(Uri uri, ContentValues values, String selection, String[] selectionArgs) { UriData uriData = checkPermissionsAndCreateUriData(uri, values); SelectionBuilder selectionBuilder = new SelectionBuilder(selection); - selectionBuilder.addClause(getPackageRestrictionClause()); + selectionBuilder.addClause(getPackageRestrictionClause(false/*isQuery*/)); return getTableDelegate(uriData).update(uriData, values, selectionBuilder.build(), selectionArgs); } @@ -126,7 +126,7 @@ public class VoicemailContentProvider extends ContentProvider public int delete(Uri uri, String selection, String[] selectionArgs) { UriData uriData = checkPermissionsAndCreateUriData(uri); SelectionBuilder selectionBuilder = new SelectionBuilder(selection); - selectionBuilder.addClause(getPackageRestrictionClause()); + selectionBuilder.addClause(getPackageRestrictionClause(false/*isQuery*/)); return getTableDelegate(uriData).delete(uriData, selectionBuilder.build(), selectionArgs); } @@ -288,6 +288,11 @@ public class VoicemailContentProvider extends ContentProvider == PackageManager.PERMISSION_GRANTED) { return UriData.createUriData(uri); } + + if (mVoicemailPermissions.callerHasFullReadAccess()) { + return UriData.createUriData(uri); + } + return checkPermissionsAndCreateUriData(uri); } @@ -330,8 +335,8 @@ public class VoicemailContentProvider extends ContentProvider } /** - * Checks that either the caller has READ_WRITE_ALL_VOICEMAIL permission, or has the - * ADD_VOICEMAIL permission and is using a URI that matches + * Checks that either the caller has READ_WRITE_ALL_VOICEMAIL permission, + * or has the ADD_VOICEMAIL permission and is using a URI that matches * /voicemail/?source_package=[source-package] where [source-package] is the same as the calling * package. * @@ -391,7 +396,10 @@ public class VoicemailContentProvider extends ContentProvider * Creates a clause to restrict the selection to the calling provider or null if the caller has * access to all data. */ - private String getPackageRestrictionClause() { + private String getPackageRestrictionClause(boolean isQuery) { + if (isQuery && mVoicemailPermissions.callerHasFullReadAccess()) { + return null; + } if (mVoicemailPermissions.callerHasFullAccess()) { return null; } diff --git a/src/com/android/providers/contacts/VoicemailPermissions.java b/src/com/android/providers/contacts/VoicemailPermissions.java index 1571bad..570399c 100644 --- a/src/com/android/providers/contacts/VoicemailPermissions.java +++ b/src/com/android/providers/contacts/VoicemailPermissions.java @@ -36,9 +36,15 @@ public class VoicemailPermissions { return callerHasPermission(android.Manifest.permission.ADD_VOICEMAIL); } + + /** Determine if the calling process has full read access to all voicemails. */ + public boolean callerHasFullReadAccess() { + return callerHasPermission(android.Manifest.permission.READ_ALL_VOICEMAIL); + } + /** Determines if the calling process has access to all voicemails. */ public boolean callerHasFullAccess() { - return callerHasPermission(android.Manifest.permission.ADD_VOICEMAIL) && + return callerHasOwnVoicemailAccess() && callerHasPermission(Manifest.permission.READ_WRITE_ALL_VOICEMAIL); } @@ -55,6 +61,18 @@ public class VoicemailPermissions { } /** + * Checks that the caller has permissions to read ALL voicemails. + * + * @throws SecurityException if the caller does not have the voicemail source permission. + */ + public void checkCallerHasFullReadAccess() { + if (!callerHasFullReadAccess()) { + throw new SecurityException(String.format("The caller must have %s permission: ", + android.Manifest.permission.READ_ALL_VOICEMAIL)); + } + } + + /** * Checks that the caller has permissions to access ALL voicemails. * * @throws SecurityException if the caller does not have the voicemail source permission. @@ -73,10 +91,14 @@ public class VoicemailPermissions { android.Manifest.permission.ADD_VOICEMAIL); } + /** Determines if the given package has read full access. */ + public boolean packageHasFullReadAccess(String packageName) { + return packageHasPermission(packageName, android.Manifest.permission.READ_ALL_VOICEMAIL); + } + /** Determines if the given package has full access. */ public boolean packageHasFullAccess(String packageName) { - return packageHasPermission( - packageName, android.Manifest.permission.ADD_VOICEMAIL) && + return packageHasOwnVoicemailAccess(packageName) && packageHasPermission(packageName, Manifest.permission.READ_WRITE_ALL_VOICEMAIL); } |