Examples with PathPermission android.content.pm.PathPermission used on opensource projects

Search in sources :

Example 1 with PathPermission

use of android.content.pm.PathPermission in project robolectric by robolectric.

the class ContentProviderControllerTest method shouldInitializeFromManifestProviderInfo.

@Test
@Config(manifest = "src/test/resources/TestAndroidManifestWithContentProviders.xml")
public void shouldInitializeFromManifestProviderInfo() throws Exception {
    MyContentProvider myContentProvider = controller.create().get();
    assertThat(myContentProvider.getReadPermission()).isEqualTo("READ_PERMISSION");
    assertThat(myContentProvider.getWritePermission()).isEqualTo("WRITE_PERMISSION");
    assertThat(myContentProvider.getPathPermissions()).hasSize(1);
    PathPermission pathPermission = myContentProvider.getPathPermissions()[0];
    assertThat(pathPermission.getPath()).isEqualTo("/path/*");
    assertThat(pathPermission.getType()).isEqualTo(PathPermission.PATTERN_SIMPLE_GLOB);
    assertThat(pathPermission.getReadPermission()).isEqualTo("PATH_READ_PERMISSION");
    assertThat(pathPermission.getWritePermission()).isEqualTo("PATH_WRITE_PERMISSION");
}
Also used : PathPermission(android.content.pm.PathPermission) Test(org.junit.Test) Config(org.robolectric.annotation.Config)

Example 2 with PathPermission

use of android.content.pm.PathPermission in project robolectric by robolectric.

the class DefaultPackageManager method createPathPermissions.

private PathPermission[] createPathPermissions(List<PathPermissionData> pathPermissionDatas) {
    PathPermission[] pathPermissions = new PathPermission[pathPermissionDatas.size()];
    for (int i = 0; i < pathPermissions.length; i++) {
        PathPermissionData data = pathPermissionDatas.get(i);
        final String path;
        final int type;
        if (data.pathPrefix != null) {
            path = data.pathPrefix;
            type = PathPermission.PATTERN_PREFIX;
        } else if (data.pathPattern != null) {
            path = data.pathPattern;
            type = PathPermission.PATTERN_SIMPLE_GLOB;
        } else {
            path = data.path;
            type = PathPermission.PATTERN_LITERAL;
        }
        pathPermissions[i] = new PathPermission(path, type, data.readPermission, data.writePermission);
    }
    return pathPermissions;
}
Also used : PathPermission(android.content.pm.PathPermission) PathPermissionData(org.robolectric.manifest.PathPermissionData)

Example 3 with PathPermission

use of android.content.pm.PathPermission in project platform_frameworks_base by android.

the class ActivityManagerService method checkContentProviderPermissionLocked.

/**
     * Check if {@link ProcessRecord} has a possible chance at accessing the
     * given {@link ProviderInfo}. Final permission checking is always done
     * in {@link ContentProvider}.
     */
private final String checkContentProviderPermissionLocked(ProviderInfo cpi, ProcessRecord r, int userId, boolean checkUser) {
    final int callingPid = (r != null) ? r.pid : Binder.getCallingPid();
    final int callingUid = (r != null) ? r.uid : Binder.getCallingUid();
    boolean checkedGrants = false;
    if (checkUser) {
        // Looking for cross-user grants before enforcing the typical cross-users permissions
        int tmpTargetUserId = mUserController.unsafeConvertIncomingUserLocked(userId);
        if (tmpTargetUserId != UserHandle.getUserId(callingUid)) {
            if (checkAuthorityGrants(callingUid, cpi, tmpTargetUserId, checkUser)) {
                return null;
            }
            checkedGrants = true;
        }
        userId = mUserController.handleIncomingUser(callingPid, callingUid, userId, false, ALLOW_NON_FULL, "checkContentProviderPermissionLocked " + cpi.authority, null);
        if (userId != tmpTargetUserId) {
            // When we actually went to determine the final targer user ID, this ended
            // up different than our initial check for the authority.  This is because
            // they had asked for USER_CURRENT_OR_SELF and we ended up switching to
            // SELF.  So we need to re-check the grants again.
            checkedGrants = false;
        }
    }
    if (checkComponentPermission(cpi.readPermission, callingPid, callingUid, cpi.applicationInfo.uid, cpi.exported) == PackageManager.PERMISSION_GRANTED) {
        return null;
    }
    if (checkComponentPermission(cpi.writePermission, callingPid, callingUid, cpi.applicationInfo.uid, cpi.exported) == PackageManager.PERMISSION_GRANTED) {
        return null;
    }
    PathPermission[] pps = cpi.pathPermissions;
    if (pps != null) {
        int i = pps.length;
        while (i > 0) {
            i--;
            PathPermission pp = pps[i];
            String pprperm = pp.getReadPermission();
            if (pprperm != null && checkComponentPermission(pprperm, callingPid, callingUid, cpi.applicationInfo.uid, cpi.exported) == PackageManager.PERMISSION_GRANTED) {
                return null;
            }
            String ppwperm = pp.getWritePermission();
            if (ppwperm != null && checkComponentPermission(ppwperm, callingPid, callingUid, cpi.applicationInfo.uid, cpi.exported) == PackageManager.PERMISSION_GRANTED) {
                return null;
            }
        }
    }
    if (!checkedGrants && checkAuthorityGrants(callingUid, cpi, userId, checkUser)) {
        return null;
    }
    String msg;
    if (!cpi.exported) {
        msg = "Permission Denial: opening provider " + cpi.name + " from " + (r != null ? r : "(null)") + " (pid=" + callingPid + ", uid=" + callingUid + ") that is not exported from uid " + cpi.applicationInfo.uid;
    } else {
        msg = "Permission Denial: opening provider " + cpi.name + " from " + (r != null ? r : "(null)") + " (pid=" + callingPid + ", uid=" + callingUid + ") requires " + cpi.readPermission + " or " + cpi.writePermission;
    }
    Slog.w(TAG, msg);
    return msg;
}
Also used : PathPermission(android.content.pm.PathPermission) Point(android.graphics.Point)

Example 4 with PathPermission

use of android.content.pm.PathPermission in project platform_frameworks_base by android.

the class ContentProvider method enforceWritePermissionInner.

/** {@hide} */
protected int enforceWritePermissionInner(Uri uri, String callingPkg, IBinder callerToken) throws SecurityException {
    final Context context = getContext();
    final int pid = Binder.getCallingPid();
    final int uid = Binder.getCallingUid();
    String missingPerm = null;
    int strongestMode = MODE_ALLOWED;
    if (UserHandle.isSameApp(uid, mMyUid)) {
        return MODE_ALLOWED;
    }
    if (mExported && checkUser(pid, uid, context)) {
        final String componentPerm = getWritePermission();
        if (componentPerm != null) {
            final int mode = checkPermissionAndAppOp(componentPerm, callingPkg, callerToken);
            if (mode == MODE_ALLOWED) {
                return MODE_ALLOWED;
            } else {
                missingPerm = componentPerm;
                strongestMode = Math.max(strongestMode, mode);
            }
        }
        // track if unprotected write is allowed; any denied
        // <path-permission> below removes this ability
        boolean allowDefaultWrite = (componentPerm == null);
        final PathPermission[] pps = getPathPermissions();
        if (pps != null) {
            final String path = uri.getPath();
            for (PathPermission pp : pps) {
                final String pathPerm = pp.getWritePermission();
                if (pathPerm != null && pp.match(path)) {
                    final int mode = checkPermissionAndAppOp(pathPerm, callingPkg, callerToken);
                    if (mode == MODE_ALLOWED) {
                        return MODE_ALLOWED;
                    } else {
                        // any denied <path-permission> means we lose
                        // default <provider> access.
                        allowDefaultWrite = false;
                        missingPerm = pathPerm;
                        strongestMode = Math.max(strongestMode, mode);
                    }
                }
            }
        }
        // <provider> permission, then allow access.
        if (allowDefaultWrite)
            return MODE_ALLOWED;
    }
    // last chance, check against any uri grants
    if (context.checkUriPermission(uri, pid, uid, Intent.FLAG_GRANT_WRITE_URI_PERMISSION, callerToken) == PERMISSION_GRANTED) {
        return MODE_ALLOWED;
    }
    // ignored through; otherwise we assume it should be a real error below.
    if (strongestMode == MODE_IGNORED) {
        return MODE_IGNORED;
    }
    final String failReason = mExported ? " requires " + missingPerm + ", or grantUriPermission()" : " requires the provider be exported, or grantUriPermission()";
    throw new SecurityException("Permission Denial: writing " + ContentProvider.this.getClass().getName() + " uri " + uri + " from pid=" + pid + ", uid=" + uid + failReason);
}
Also used : PathPermission(android.content.pm.PathPermission)

Example 5 with PathPermission

use of android.content.pm.PathPermission in project android_frameworks_base by DirtyUnicorns.

the class ContentProvider method enforceWritePermissionInner.

/** {@hide} */
protected int enforceWritePermissionInner(Uri uri, String callingPkg, IBinder callerToken) throws SecurityException {
    final Context context = getContext();
    final int pid = Binder.getCallingPid();
    final int uid = Binder.getCallingUid();
    String missingPerm = null;
    int strongestMode = MODE_ALLOWED;
    if (UserHandle.isSameApp(uid, mMyUid)) {
        return MODE_ALLOWED;
    }
    if (mExported && checkUser(pid, uid, context)) {
        final String componentPerm = getWritePermission();
        if (componentPerm != null) {
            final int mode = checkPermissionAndAppOp(componentPerm, callingPkg, callerToken);
            if (mode == MODE_ALLOWED) {
                return MODE_ALLOWED;
            } else {
                missingPerm = componentPerm;
                strongestMode = Math.max(strongestMode, mode);
            }
        }
        // track if unprotected write is allowed; any denied
        // <path-permission> below removes this ability
        boolean allowDefaultWrite = (componentPerm == null);
        final PathPermission[] pps = getPathPermissions();
        if (pps != null) {
            final String path = uri.getPath();
            for (PathPermission pp : pps) {
                final String pathPerm = pp.getWritePermission();
                if (pathPerm != null && pp.match(path)) {
                    final int mode = checkPermissionAndAppOp(pathPerm, callingPkg, callerToken);
                    if (mode == MODE_ALLOWED) {
                        return MODE_ALLOWED;
                    } else {
                        // any denied <path-permission> means we lose
                        // default <provider> access.
                        allowDefaultWrite = false;
                        missingPerm = pathPerm;
                        strongestMode = Math.max(strongestMode, mode);
                    }
                }
            }
        }
        // <provider> permission, then allow access.
        if (allowDefaultWrite)
            return MODE_ALLOWED;
    }
    // last chance, check against any uri grants
    if (context.checkUriPermission(uri, pid, uid, Intent.FLAG_GRANT_WRITE_URI_PERMISSION, callerToken) == PERMISSION_GRANTED) {
        return MODE_ALLOWED;
    }
    // ignored through; otherwise we assume it should be a real error below.
    if (strongestMode == MODE_IGNORED) {
        return MODE_IGNORED;
    }
    final String failReason = mExported ? " requires " + missingPerm + ", or grantUriPermission()" : " requires the provider be exported, or grantUriPermission()";
    throw new SecurityException("Permission Denial: writing " + ContentProvider.this.getClass().getName() + " uri " + uri + " from pid=" + pid + ", uid=" + uid + failReason);
}
Also used : PathPermission(android.content.pm.PathPermission)

Aggregations

PathPermission (android.content.pm.PathPermission)20 Uri (android.net.Uri)7 Point (android.graphics.Point)4 RemoteException (android.os.RemoteException)4 ProcessMap (com.android.server.ProcessMap)2 HashMap (java.util.HashMap)2 Map (java.util.Map)2 Test (org.junit.Test)1 Config (org.robolectric.annotation.Config)1 PathPermissionData (org.robolectric.manifest.PathPermissionData)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial