App ops: add op for writing settings.
Also fix a build.
And fix a bug that I think was introduced in the multi-user work
that removed the permission check for writing to settings...!
Change-Id: I5945682faa789ffc78fd3546c0df7d03693f106d
diff --git a/core/java/android/content/ContentProvider.java b/core/java/android/content/ContentProvider.java
index e66efd5..90ee0ac 100644
--- a/core/java/android/content/ContentProvider.java
+++ b/core/java/android/content/ContentProvider.java
@@ -174,8 +174,8 @@
*/
class Transport extends ContentProviderNative {
AppOpsManager mAppOpsManager = null;
- int mReadOp = -1;
- int mWriteOp = -1;
+ int mReadOp = AppOpsManager.OP_NONE;
+ int mWriteOp = AppOpsManager.OP_NONE;
ContentProvider getContentProvider() {
return ContentProvider.this;
@@ -274,7 +274,7 @@
@Override
public Bundle call(String callingPkg, String method, String arg, Bundle extras) {
- return ContentProvider.this.call(method, arg, extras);
+ return ContentProvider.this.callFromPackage(callingPkg, method, arg, extras);
}
@Override
@@ -309,7 +309,7 @@
private int enforceReadPermission(String callingPkg, Uri uri) throws SecurityException {
enforceReadPermissionInner(uri);
- if (mAppOpsManager != null) {
+ if (mReadOp != AppOpsManager.OP_NONE) {
return mAppOpsManager.noteOp(mReadOp, Binder.getCallingUid(), callingPkg);
}
return AppOpsManager.MODE_ALLOWED;
@@ -378,7 +378,7 @@
private int enforceWritePermission(String callingPkg, Uri uri) throws SecurityException {
enforceWritePermissionInner(uri);
- if (mAppOpsManager != null) {
+ if (mWriteOp != AppOpsManager.OP_NONE) {
return mAppOpsManager.noteOp(mWriteOp, Binder.getCallingUid(), callingPkg);
}
return AppOpsManager.MODE_ALLOWED;
@@ -529,6 +529,11 @@
mTransport.mWriteOp = writeOp;
}
+ /** @hide */
+ public AppOpsManager getAppOpsManager() {
+ return mTransport.mAppOpsManager;
+ }
+
/**
* Implement this to initialize your content provider on startup.
* This method is called for all registered content providers on the
@@ -1189,6 +1194,15 @@
}
/**
+ * @hide
+ * Front-end to {@link #call(String, String, android.os.Bundle)} that provides the name
+ * of the calling package.
+ */
+ public Bundle callFromPackage(String callingPackag, String method, String arg, Bundle extras) {
+ return call(method, arg, extras);
+ }
+
+ /**
* Call a provider-defined method. This can be used to implement
* interfaces that are cheaper and/or unnatural for a table-like
* model.