commit 961321fe4ed4431a6362d729d9e4ea26bdecde61
author Dianne Hackborn <hackbod@google.com> Tue Feb 05 17:22:41 2013 -0800
committer Dianne Hackborn <hackbod@google.com> Tue Feb 05 17:22:41 2013 -0800
tree 0ddcc0f94b7840ce752fd10a9e57b55c3f2c4d9b
parent f51f61269aacdfcf737b2c32b6b216c48ab61e65

App ops: add op for writing settings.

Also fix a build.

And fix a bug that I think was introduced in the multi-user work
that removed the permission check for writing to settings...!

Change-Id: I5945682faa789ffc78fd3546c0df7d03693f106d

core/java/android/content/ContentProvider.java

diff --git a/core/java/android/content/ContentProvider.java b/core/java/android/content/ContentProvider.java
index e66efd5..90ee0ac 100644
--- a/core/java/android/content/ContentProvider.java
+++ b/core/java/android/content/ContentProvider.java
@@ -174,8 +174,8 @@
      */
     class Transport extends ContentProviderNative {
         AppOpsManager mAppOpsManager = null;
-        int mReadOp = -1;
-        int mWriteOp = -1;
+        int mReadOp = AppOpsManager.OP_NONE;
+        int mWriteOp = AppOpsManager.OP_NONE;
 
         ContentProvider getContentProvider() {
             return ContentProvider.this;
@@ -274,7 +274,7 @@
 
         @Override
         public Bundle call(String callingPkg, String method, String arg, Bundle extras) {
-            return ContentProvider.this.call(method, arg, extras);
+            return ContentProvider.this.callFromPackage(callingPkg, method, arg, extras);
         }
 
         @Override
@@ -309,7 +309,7 @@
 
         private int enforceReadPermission(String callingPkg, Uri uri) throws SecurityException {
             enforceReadPermissionInner(uri);
-            if (mAppOpsManager != null) {
+            if (mReadOp != AppOpsManager.OP_NONE) {
                 return mAppOpsManager.noteOp(mReadOp, Binder.getCallingUid(), callingPkg);
             }
             return AppOpsManager.MODE_ALLOWED;
@@ -378,7 +378,7 @@
 
         private int enforceWritePermission(String callingPkg, Uri uri) throws SecurityException {
             enforceWritePermissionInner(uri);
-            if (mAppOpsManager != null) {
+            if (mWriteOp != AppOpsManager.OP_NONE) {
                 return mAppOpsManager.noteOp(mWriteOp, Binder.getCallingUid(), callingPkg);
             }
             return AppOpsManager.MODE_ALLOWED;
@@ -529,6 +529,11 @@
         mTransport.mWriteOp = writeOp;
     }
 
+    /** @hide */
+    public AppOpsManager getAppOpsManager() {
+        return mTransport.mAppOpsManager;
+    }
+
     /**
      * Implement this to initialize your content provider on startup.
      * This method is called for all registered content providers on the
@@ -1189,6 +1194,15 @@
     }
 
     /**
+     * @hide
+     * Front-end to {@link #call(String, String, android.os.Bundle)} that provides the name
+     * of the calling package.
+     */
+    public Bundle callFromPackage(String callingPackag, String method, String arg, Bundle extras) {
+        return call(method, arg, extras);
+    }
+
+    /**
      * Call a provider-defined method.  This can be used to implement
      * interfaces that are cheaper and/or unnatural for a table-like
      * model.