MMS auto persisting (4/4)
Changed permission control for new SMS APIs. Only phone and system UID
are allowed.
b/14095333
Change-Id: I140c0a895b07f72a7840927a1008ea8f7dce8d46
diff --git a/src/com/android/providers/telephony/MmsProvider.java b/src/com/android/providers/telephony/MmsProvider.java
index 424ea0e..bc382fd 100644
--- a/src/com/android/providers/telephony/MmsProvider.java
+++ b/src/com/android/providers/telephony/MmsProvider.java
@@ -65,7 +65,10 @@
@Override
public boolean onCreate() {
- setAppOps(AppOpsManager.OP_READ_SMS, AppOpsManager.OP_WRITE_SMS);
+ if (!Telephony.NEW_API) {
+ // TODO(ywen): Temporarily enable this so not to break existing apps
+ setAppOps(AppOpsManager.OP_READ_SMS, AppOpsManager.OP_WRITE_SMS);
+ }
mOpenHelper = MmsSmsDatabaseHelper.getInstance(getContext());
return true;
}
@@ -274,6 +277,7 @@
@Override
public Uri insert(Uri uri, ContentValues values) {
+ SmsWritePermission.enforce();
// Don't let anyone insert anything with the _data column
if (values != null && values.containsKey(Part._DATA)) {
return null;
@@ -539,6 +543,7 @@
@Override
public int delete(Uri uri, String selection,
String[] selectionArgs) {
+ SmsWritePermission.enforce();
int match = sURLMatcher.match(uri);
if (LOCAL_LOGV) {
Log.v(TAG, "Delete uri=" + uri + ", match=" + match);
@@ -692,6 +697,7 @@
@Override
public int update(Uri uri, ContentValues values,
String selection, String[] selectionArgs) {
+ SmsWritePermission.enforce();
// Don't let anyone update the _data column
if (values != null && values.containsKey(Part._DATA)) {
return 0;
diff --git a/src/com/android/providers/telephony/MmsSmsProvider.java b/src/com/android/providers/telephony/MmsSmsProvider.java
index c477d8e..e07fe54 100644
--- a/src/com/android/providers/telephony/MmsSmsProvider.java
+++ b/src/com/android/providers/telephony/MmsSmsProvider.java
@@ -33,6 +33,7 @@
import android.database.sqlite.SQLiteQueryBuilder;
import android.net.Uri;
import android.provider.BaseColumns;
+import android.provider.Telephony;
import android.provider.Telephony.CanonicalAddressesColumns;
import android.provider.Telephony.Mms;
import android.provider.Telephony.MmsSms;
@@ -284,7 +285,10 @@
@Override
public boolean onCreate() {
- setAppOps(AppOpsManager.OP_READ_SMS, AppOpsManager.OP_WRITE_SMS);
+ if (!Telephony.NEW_API) {
+ // TODO(ywen): Temporarily enable this so not to break existing apps
+ setAppOps(AppOpsManager.OP_READ_SMS, AppOpsManager.OP_WRITE_SMS);
+ }
mOpenHelper = MmsSmsDatabaseHelper.getInstance(getContext());
mUseStrictPhoneNumberComparation =
getContext().getResources().getBoolean(
@@ -1170,6 +1174,7 @@
@Override
public int delete(Uri uri, String selection,
String[] selectionArgs) {
+ SmsWritePermission.enforce();
SQLiteDatabase db = mOpenHelper.getWritableDatabase();
Context context = getContext();
int affectedRows = 0;
@@ -1225,6 +1230,7 @@
@Override
public Uri insert(Uri uri, ContentValues values) {
+ SmsWritePermission.enforce();
if (URI_MATCHER.match(uri) == URI_PENDING_MSG) {
SQLiteDatabase db = mOpenHelper.getWritableDatabase();
long rowId = db.insert(TABLE_PENDING_MSG, null, values);
@@ -1236,6 +1242,7 @@
@Override
public int update(Uri uri, ContentValues values,
String selection, String[] selectionArgs) {
+ SmsWritePermission.enforce();
SQLiteDatabase db = mOpenHelper.getWritableDatabase();
int affectedRows = 0;
switch(URI_MATCHER.match(uri)) {
diff --git a/src/com/android/providers/telephony/SmsProvider.java b/src/com/android/providers/telephony/SmsProvider.java
index c5390cf..33dd4ba 100644
--- a/src/com/android/providers/telephony/SmsProvider.java
+++ b/src/com/android/providers/telephony/SmsProvider.java
@@ -84,7 +84,10 @@
@Override
public boolean onCreate() {
- setAppOps(AppOpsManager.OP_READ_SMS, AppOpsManager.OP_WRITE_SMS);
+ if (!Telephony.NEW_API) {
+ // TODO(ywen): Temporarily enable this so not to break existing apps
+ setAppOps(AppOpsManager.OP_READ_SMS, AppOpsManager.OP_WRITE_SMS);
+ }
mOpenHelper = MmsSmsDatabaseHelper.getInstance(getContext());
return true;
}
@@ -347,6 +350,7 @@
@Override
public Uri insert(Uri url, ContentValues initialValues) {
+ SmsWritePermission.enforce();
long token = Binder.clearCallingIdentity();
try {
return insertInner(url, initialValues);
@@ -539,6 +543,7 @@
@Override
public int delete(Uri url, String where, String[] whereArgs) {
+ SmsWritePermission.enforce();
int count;
int match = sURLMatcher.match(url);
SQLiteDatabase db = mOpenHelper.getWritableDatabase();
@@ -624,6 +629,7 @@
@Override
public int update(Uri url, ContentValues values, String where, String[] whereArgs) {
+ SmsWritePermission.enforce();
int count = 0;
String table = TABLE_SMS;
String extraWhere = null;
diff --git a/src/com/android/providers/telephony/SmsWritePermission.java b/src/com/android/providers/telephony/SmsWritePermission.java
new file mode 100644
index 0000000..502bf14
--- /dev/null
+++ b/src/com/android/providers/telephony/SmsWritePermission.java
@@ -0,0 +1,41 @@
+/*
+ * Copyright (C) 2014 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.providers.telephony;
+
+import android.os.Binder;
+import android.os.Process;
+import android.provider.Telephony;
+import android.util.Log;
+
+/**
+ * Write permission enforcement for SmsProvider and MmsProvider
+ */
+public class SmsWritePermission {
+ public static final String TAG = "SmsWritePermission";
+
+ public static void enforce() {
+ if (!Telephony.NEW_API) {
+ // TODO(ywen): Temporarily disable this so not to break existing apps
+ return;
+ }
+ final long uid = Binder.getCallingUid();
+ Log.d(TAG, "Calling UID " + uid);
+ if (uid != Process.SYSTEM_UID && uid != Process.PHONE_UID) {
+ throw new SecurityException("Only system or phone can access");
+ }
+ }
+}