From 4aa3c034f547b33c65896090d92012f159abbd32 Mon Sep 17 00:00:00 2001 From: Joe Malin Date: Wed, 8 Aug 2012 15:51:57 -0700 Subject: Fix contentprovider docs android:exported default Change-Id: I30682905e99fa3d05b6315c011e290fe509588f4 --- .../html/guide/topics/manifest/provider-element.jd | 162 +++++++++++++-------- 1 file changed, 98 insertions(+), 64 deletions(-) (limited to 'docs/html') diff --git a/docs/html/guide/topics/manifest/provider-element.jd b/docs/html/guide/topics/manifest/provider-element.jd index 7b4ca8fc21c0..6cf6843354fc 100644 --- a/docs/html/guide/topics/manifest/provider-element.jd +++ b/docs/html/guide/topics/manifest/provider-element.jd @@ -5,7 +5,9 @@ parent.link=manifest-intro.html
syntax:
-
<provider android:authorities="list"
+

+
+<provider android:authorities="list"
           android:enabled=["true" | "false"]
           android:exported=["true" | "false"]
           android:grantUriPermissions=["true" | "false"]
@@ -20,10 +22,13 @@ parent.link=manifest-intro.html
           android:syncable=["true" | "false"]
           android:writePermission="string" >
     . . .
-</provider>

+</provider>
+
contained in:
-
<application>
+
+ <application> +
can contain:
<meta-data> @@ -31,58 +36,67 @@ parent.link=manifest-intro.html
<path-permission>
description:
-
Declares a content provider — a subclass of -{@link android.content.ContentProvider} — that supplies structured -access to data managed by the application. All content providers that -are part of the application must be represented by {@code <provider>} -elements in the manifest file. The system cannot see, and therefore will -not run, any that are not declared. (You need to declare only -those content providers that you develop as part of your application, -not those developed by others that your application uses.) - -

-The Android system identifies content providers by the authority part - of a {@code content:} URI. For example, suppose that the following URI -is passed to {@link android.content.ContentResolver#query -ContentResolver.query()}: - -

{@code content://com.example.project.healthcareprovider/nurses/rn}

- -

-The {@code content:} scheme identifies the data as belonging to a content -provider and the authority ({@code com.example.project.healthcareprovider}) -identifies the particular provider. The authority therefore must be unique. -Typically, as in this example, it's the fully qualified name of a -ContentProvider subclass. The path part of a URI may be used by a content -provider to identify particular data subsets, but those paths are not -declared in the manifest. -

- -

-For information on using and developing content providers, see a separate document, -Content Providers. -

+
+ Declares a content provider component. A content provider is a subclass of + {@link android.content.ContentProvider} that supplies structured access to data managed by the + application. All content providers in your application must be defined in a + {@code <provider>} element in the manifest file; otherwise, the system is unaware of them + and doesn't run them. +

+ You only declare content providers that are part of your application. Content providers in + other applications that you use in your application should not be declared. +

+

+ The Android system stores references to content providers according to an authority + string, part of the provider's content URI. For example, suppose you want to + access a content provider that stores information about health care professionals. To do + this, you call the method + {@link android.content.ContentResolver#query ContentResolver.query()}, which among other + arguments takes a URI that identifies the provider: +

+
+content://com.example.project.healthcareprovider/nurses/rn
+
+

+ The content: scheme identifies the URI as a content URI pointing to + an Android content provider. The authority + com.example.project.healthcareprovider identifies the provider itself; the + Android system looks up the authority in its list of known providers and their authorities. + The substring nurses/rn is a path, which the content provider can use + to identify subsets of the provider data. +

+

+ Notice that when you define your provider in the <provider> element, you + don't include the scheme or the path in the android:name argument, only the + authority. +

+

+ For information on using and developing content providers, see the API Guide, + Content Providers. +

+
attributes:
-
-
{@code android:authorities}
-
A list of one or more URI authorities that identify data under the purview -of the content provider. -Multiple authorities are listed by separating their names with a semicolon. -To avoid conflicts, authority names should use a Java-style naming convention -(such as {@code com.example.provider.cartoonprovider}). Typically, it's the name -of the ContentProvider subclass. - -

-There is no default. At least one authority must be specified. -

- -
{@code android:enabled}
-
Whether or not the content provider can be instantiated by the system — -"{@code true}" if it can be, and "{@code false}" if not. The default value -is "{@code true}". - -

+

+
+
{@code android:authorities}
+
+ A list of one or more URI authorities that identify data offered by the content provider. + Multiple authorities are listed by separating their names with a semicolon. + To avoid conflicts, authority names should use a Java-style naming convention + (such as {@code com.example.provider.cartoonprovider}). Typically, it's the name + of the {@link android.content.ContentProvider} subclass that implements the provider +

+ There is no default. At least one authority must be specified. +

+
+ +
{@code android:enabled}
+
Whether or not the content provider can be instantiated by the system — + "{@code true}" if it can be, and "{@code false}" if not. The default value + is "{@code true}". + +

The <application> element has its own enabled attribute that applies to all application components, including content providers. The @@ -93,17 +107,37 @@ are by default) for the content provider to be enabled. If either is

{@code android:exported}
-
Whether or not the content provider can be used by components of other -applications — "{@code true}" if it can be, and "{@code false}" if not. -If "{@code false}", the provider is available only to components of the -same application or applications with the same user ID. The default value -is "{@code true}" for applications which target API level 16 (Jelly Bean) -and below, and "{@code false}" otherwise. - -

-You can export a content provider but still limit access to it with the -permission attribute. -

+
+ Whether the content provider is available for other applications to use: +
    +
  • + true: The provider is available to other applications. Any application can + use the provider's content URI to access it, subject to the permissions specified for + the provider. +
    • +
  • + false: The provider is not available to other applications. Set + android:exported="false" to limit access to the provider to your + applications. Only applications that have the same user ID (UID) as the provider will + have access to it. +
    • +
+

+ The default value is "true" for applications that set either +android:minSdkVersion + or +android:targetSdkVersion to + "16" or lower. For applications that + set either of these attributes to "17" or higher, the default is + "false". +

+

+ You can set android:exported="false" and still limit access to your + provider by setting permissions with the + permission + attribute. +

+
{@code android:grantUriPermissions}
Whether or not those who ordinarily would not have permission to -- cgit v1.2.3-59-g8ed1b