diff options
author | nyquist <nyquist@chromium.org> | 2015-07-13 18:08:53 -0700 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2015-07-14 01:09:22 +0000 |
commit | 568bb0b43f0f10f86b26cf168f37173e6a474110 (patch) | |
tree | 6982ef9e8b05c2cd579cda220bc3f8e73915cbdf /sync/android/java | |
parent | d641804f66d77763f701cf8de76ec6b258e2e4e4 (diff) | |
download | chromium_src-568bb0b43f0f10f86b26cf168f37173e6a474110.zip chromium_src-568bb0b43f0f10f86b26cf168f37173e6a474110.tar.gz chromium_src-568bb0b43f0f10f86b26cf168f37173e6a474110.tar.bz2 |
Added permission check for GET_ACCOUNTS.
This ensures that when the GET_ACCOUNTS permission is not available,
Chrome does not crash, but instead returns no accounts.
- Ensures that the IntentHelper goes through the AccountManagerHelper
- The ChildAccountService now observes the AccountChangedReceiver
(which forwards the braodcast) instead of listening directly to the
AccountManager.
- When the GET_ACCOUNTS permission is not available, the
ChildAccountService always assumes the accounts is not a child
account.
BUG=509826
Review URL: https://codereview.chromium.org/1232573004
Cr-Commit-Position: refs/heads/master@{#338609}
Diffstat (limited to 'sync/android/java')
-rw-r--r-- | sync/android/java/src/org/chromium/sync/signin/AccountManagerHelper.java | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/sync/android/java/src/org/chromium/sync/signin/AccountManagerHelper.java b/sync/android/java/src/org/chromium/sync/signin/AccountManagerHelper.java index 941e974..30ce9ee 100644 --- a/sync/android/java/src/org/chromium/sync/signin/AccountManagerHelper.java +++ b/sync/android/java/src/org/chromium/sync/signin/AccountManagerHelper.java @@ -5,6 +5,7 @@ package org.chromium.sync.signin; +import android.Manifest; import android.accounts.Account; import android.accounts.AccountManager; import android.accounts.AccountManagerCallback; @@ -133,7 +134,22 @@ public class AccountManagerHelper { return accountNames; } + /** + * Returns all accounts on the device, including non-Google accounts. Unless it is really + * necessary to get absolutely all accounts on the device, use {@link #getGoogleAccounts}. + * @return an array of accounts. + */ + public Account[] getAccounts() { + if (!hasGetAccountsPermission()) return new Account[]{}; + return mAccountManager.getAccounts(); + } + + /** + * Returns all Google accounts on the device. + * @return an array of accounts. + */ public Account[] getGoogleAccounts() { + if (!hasGetAccountsPermission()) return new Account[]{}; return mAccountManager.getAccountsByType(GOOGLE_ACCOUNT_TYPE); } @@ -261,7 +277,12 @@ public class AccountManagerHelper { private boolean hasUseCredentialsPermission() { return BuildInfo.isMncOrLater() || mApplicationContext.checkPermission("android.permission.USE_CREDENTIALS", - Process.myPid(), Process.myUid()) == PackageManager.PERMISSION_GRANTED; + Process.myPid(), Process.myUid()) == PackageManager.PERMISSION_GRANTED; + } + + public boolean hasGetAccountsPermission() { + return mApplicationContext.checkPermission(Manifest.permission.GET_ACCOUNTS, + Process.myPid(), Process.myUid()) == PackageManager.PERMISSION_GRANTED; } // Gets the auth token synchronously |