@EnforcePermission migrations - framework-minus-apex
Immediate calls to helper methods that themselves call
Context.enforceCallingOrSelfPermission.
Fixes applied by Android Lint (cl/18432857).
Bug: 232058525
Test: N/A
Change-Id: Ibc898538eb2005cd58161edd5a46309733d90dcc
diff --git a/core/java/android/accounts/AbstractAccountAuthenticator.java b/core/java/android/accounts/AbstractAccountAuthenticator.java
index 3807b50..70a6f549 100644
--- a/core/java/android/accounts/AbstractAccountAuthenticator.java
+++ b/core/java/android/accounts/AbstractAccountAuthenticator.java
@@ -290,10 +290,10 @@
}
}
+ @android.annotation.EnforcePermission(android.Manifest.permission.ACCOUNT_MANAGER)
@Override
public void editProperties(IAccountAuthenticatorResponse response,
String accountType) throws RemoteException {
- checkBinderPermission();
try {
final Bundle result = AbstractAccountAuthenticator.this.editProperties(
new AccountAuthenticatorResponse(response), accountType);
@@ -305,10 +305,10 @@
}
}
+ @android.annotation.EnforcePermission(android.Manifest.permission.ACCOUNT_MANAGER)
@Override
public void hasFeatures(IAccountAuthenticatorResponse response,
Account account, String[] features) throws RemoteException {
- checkBinderPermission();
try {
final Bundle result = AbstractAccountAuthenticator.this.hasFeatures(
new AccountAuthenticatorResponse(response), account, features);
@@ -320,10 +320,10 @@
}
}
+ @android.annotation.EnforcePermission(android.Manifest.permission.ACCOUNT_MANAGER)
@Override
public void getAccountRemovalAllowed(IAccountAuthenticatorResponse response,
Account account) throws RemoteException {
- checkBinderPermission();
try {
final Bundle result = AbstractAccountAuthenticator.this.getAccountRemovalAllowed(
new AccountAuthenticatorResponse(response), account);
@@ -335,10 +335,10 @@
}
}
+ @android.annotation.EnforcePermission(android.Manifest.permission.ACCOUNT_MANAGER)
@Override
public void getAccountCredentialsForCloning(IAccountAuthenticatorResponse response,
Account account) throws RemoteException {
- checkBinderPermission();
try {
final Bundle result =
AbstractAccountAuthenticator.this.getAccountCredentialsForCloning(
@@ -351,11 +351,11 @@
}
}
+ @android.annotation.EnforcePermission(android.Manifest.permission.ACCOUNT_MANAGER)
@Override
public void addAccountFromCredentials(IAccountAuthenticatorResponse response,
Account account,
Bundle accountCredentials) throws RemoteException {
- checkBinderPermission();
try {
final Bundle result =
AbstractAccountAuthenticator.this.addAccountFromCredentials(
@@ -465,12 +465,12 @@
}
}
+ @android.annotation.EnforcePermission(android.Manifest.permission.ACCOUNT_MANAGER)
@Override
public void isCredentialsUpdateSuggested(
IAccountAuthenticatorResponse response,
Account account,
String statusToken) throws RemoteException {
- checkBinderPermission();
try {
final Bundle result = AbstractAccountAuthenticator.this
.isCredentialsUpdateSuggested(
diff --git a/core/java/android/accounts/IAccountAuthenticator.aidl b/core/java/android/accounts/IAccountAuthenticator.aidl
index 701cecf..0575c07 100644
--- a/core/java/android/accounts/IAccountAuthenticator.aidl
+++ b/core/java/android/accounts/IAccountAuthenticator.aidl
@@ -62,6 +62,7 @@
/**
* launches an activity that lets the user edit and set the properties for an authenticator
*/
+ @EnforcePermission("ACCOUNT_MANAGER")
@UnsupportedAppUsage
void editProperties(in IAccountAuthenticatorResponse response, String accountType);
@@ -69,6 +70,7 @@
* returns a Bundle where the boolean value BOOLEAN_RESULT_KEY is set if the account has the
* specified features
*/
+ @EnforcePermission("ACCOUNT_MANAGER")
@UnsupportedAppUsage
void hasFeatures(in IAccountAuthenticatorResponse response, in Account account,
in String[] features);
@@ -76,12 +78,14 @@
/**
* Gets whether or not the account is allowed to be removed.
*/
+ @EnforcePermission("ACCOUNT_MANAGER")
@UnsupportedAppUsage
void getAccountRemovalAllowed(in IAccountAuthenticatorResponse response, in Account account);
/**
* Returns a Bundle containing the required credentials to copy the account across users.
*/
+ @EnforcePermission("ACCOUNT_MANAGER")
void getAccountCredentialsForCloning(in IAccountAuthenticatorResponse response,
in Account account);
@@ -89,6 +93,7 @@
* Uses the Bundle containing credentials from another instance of the authenticator to create
* a copy of the account on this user.
*/
+ @EnforcePermission("ACCOUNT_MANAGER")
void addAccountFromCredentials(in IAccountAuthenticatorResponse response, in Account account,
in Bundle accountCredentials);
@@ -116,6 +121,7 @@
/**
* Checks if the credentials of the provided account should be updated.
*/
+ @EnforcePermission("ACCOUNT_MANAGER")
void isCredentialsUpdateSuggested(in IAccountAuthenticatorResponse response, in Account account,
String statusToken);
}