From f794c8dc1b62b3a54f3edcfc8031050d9486398a Mon Sep 17 00:00:00 2001 From: Dmitry Dementyev Date: Fri, 3 Feb 2017 18:17:59 -0800 Subject: GET_ACCOUNTS_PRIVILEGED permission check for Account Discovery API. GET_ACCOUNTS_PRIVELEGED still works in Android O, but authenticators can limit visibility for apps with the permission. Bug: 34841115 Test: cts, manual tests. Change-Id: Ibd87f6172969c550b6166f88176924e517393763 --- .../com/android/server/accounts/AccountManagerService.java | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java index fdd7cb139204..fbc444026539 100644 --- a/services/core/java/com/android/server/accounts/AccountManagerService.java +++ b/services/core/java/com/android/server/accounts/AccountManagerService.java @@ -636,11 +636,10 @@ public class AccountManagerService return visibility; } - if (isPermittedForPackage(packageName, accounts.userId, - Manifest.permission.GET_ACCOUNTS_PRIVILEGED)) { - return AccountManager.VISIBILITY_VISIBLE; - } - // Profile owner gets visibility by default. + boolean isPrivileged = isPermittedForPackage(packageName, accounts.userId, + Manifest.permission.GET_ACCOUNTS_PRIVILEGED); + + // Device/Profile owner gets visibility by default. if (isProfileOwner(uid)) { return AccountManager.VISIBILITY_VISIBLE; } @@ -650,7 +649,7 @@ public class AccountManagerService boolean preO = isPreOApplication(packageName); if ((signatureCheckResult != SIGNATURE_CHECK_MISMATCH) || (preO && checkGetAccountsPermission(packageName, accounts.userId)) - || canReadContacts) { + || canReadContacts || isPrivileged) { // Use legacy for preO apps with GET_ACCOUNTS permission or pre/postO with signature // match. visibility = getAccountVisibility(account, -- cgit v1.2.3-59-g8ed1b