diff options
| author | 2016-09-16 17:29:05 -0700 | |
|---|---|---|
| committer | 2016-09-16 17:29:09 -0700 | |
| commit | b9f84fb6f498644d91e2759a906b00af92cc2f55 (patch) | |
| tree | f482bef29d6aa89dc024b72f9b69af2e02472407 | |
| parent | 9f858dd3deff4e3d532ca6e7e0d5ce97408978c8 (diff) | |
Add access tracker to renamed accounts
We are adding access tracker to accounts cached by the
account manager to know when a process saw the account
to white list it for future access. The bug here was
that we didn't return the account from the cache but
the tracker is added when the account is cached. Now
the contract is that inserting an account in the cache
returns the instrumented account which is inteded to
be returned to clients.
bug:28163381
bug:31456742
Change-Id: I5acac1f77a9077b35c5e4892e40d2ab38f3bfc63
| -rw-r--r-- | services/core/java/com/android/server/accounts/AccountManagerService.java | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java index b69750794761..82605c62472d 100644 --- a/services/core/java/com/android/server/accounts/AccountManagerService.java +++ b/services/core/java/com/android/server/accounts/AccountManagerService.java @@ -1562,8 +1562,10 @@ public class AccountManagerService /* * Database transaction was successful. Clean up cached * data associated with the account in the user profile. + * The account is now being tracked for remote access. */ - insertAccountIntoCacheLocked(accounts, renamedAccount); + renamedAccount = insertAccountIntoCacheLocked(accounts, renamedAccount); + /* * Extract the data and token caches before removing the * old account to preserve the user data associated with @@ -5701,16 +5703,22 @@ public class AccountManagerService /** * This assumes that the caller has already checked that the account is not already present. + * IMPORTANT: The account being inserted will begin to be tracked for access in remote + * processes and if you will return this account to apps you should return the result. + * @return The inserted account which is a new instance that is being tracked. */ - private void insertAccountIntoCacheLocked(UserAccounts accounts, Account account) { + private Account insertAccountIntoCacheLocked(UserAccounts accounts, Account account) { Account[] accountsForType = accounts.accountCache.get(account.type); int oldLength = (accountsForType != null) ? accountsForType.length : 0; Account[] newAccountsForType = new Account[oldLength + 1]; if (accountsForType != null) { System.arraycopy(accountsForType, 0, newAccountsForType, 0, oldLength); } - newAccountsForType[oldLength] = new Account(account, new AccountAccessTracker()); + IAccountAccessTracker accessTracker = account.getAccessTracker() != null + ? account.getAccessTracker() : new AccountAccessTracker(); + newAccountsForType[oldLength] = new Account(account, accessTracker); accounts.accountCache.put(account.type, newAccountsForType); + return newAccountsForType[oldLength]; } private Account[] filterSharedAccounts(UserAccounts userAccounts, Account[] unfiltered, |