Snap for 6948038 from 75c00e5359450a9c029066f29f21a0c8c262391b to rvc-platform-releaseandroid-platform-11.0.0_r3

Change-Id: I91c6d1f1d1ee57956b4de5f9ccddcc420572888b
author: android-build-team Robot <android-build-team-robot@google.com> 2020-11-03 18:06:49 +0000
committer: android-build-team Robot <android-build-team-robot@google.com> 2020-11-03 18:06:49 +0000
commit: 5136933b5b8813cd97174b362dc77304f022651b (patch)
tree: c0f916b4f1d24e743b3bded3c48c2da853e9d7c0
parent: ab731df384ef73d93c43b7bf22b8a6c52b595124 (diff)
parent: 75c00e5359450a9c029066f29f21a0c8c262391b (diff)
download: ContactsProvider-5136933b5b8813cd97174b362dc77304f022651b.tar.gz
4 files changed, 52 insertions, 7 deletions
diff --git a/res/values-pt-rPT/strings.xml b/res/values-pt-rPT/strings.xml
index beaa2c73..8d94fbbb 100644
--- a/res/values-pt-rPT/strings.xml
+++ b/res/values-pt-rPT/strings.xml
@@ -16,7 +16,7 @@
 
 <resources xmlns:android="http://schemas.android.com/apk/res/android"
     xmlns:xliff="urn:oasis:names:tc:xliff:document:1.2">
-    <string name="sharedUserLabel" msgid="8024311725474286801">"Aplicações Principais do Android"</string>
+    <string name="sharedUserLabel" msgid="8024311725474286801">"Apps Principais do Android"</string>
     <string name="app_label" msgid="3389954322874982620">"Armazenamento de contactos"</string>
     <string name="provider_label" msgid="6012150850819899907">"Contactos"</string>
     <string name="upgrade_out_of_memory_notification_ticker" msgid="7638747231223520477">"A atualização de contactos necessita de mais memória."</string>
diff --git a/src/com/android/providers/contacts/CallLogProvider.java b/src/com/android/providers/contacts/CallLogProvider.java
index ec1d40e9..ebe111f1 100644
--- a/src/com/android/providers/contacts/CallLogProvider.java
+++ b/src/com/android/providers/contacts/CallLogProvider.java
@@ -138,6 +138,7 @@ public class CallLogProvider extends ContentProvider {
         sCallsProjectionMap.put(Calls.FEATURES, Calls.FEATURES);
         sCallsProjectionMap.put(Calls.PHONE_ACCOUNT_COMPONENT_NAME, Calls.PHONE_ACCOUNT_COMPONENT_NAME);
         sCallsProjectionMap.put(Calls.PHONE_ACCOUNT_ID, Calls.PHONE_ACCOUNT_ID);
+        sCallsProjectionMap.put(Calls.PHONE_ACCOUNT_HIDDEN, Calls.PHONE_ACCOUNT_HIDDEN);
         sCallsProjectionMap.put(Calls.PHONE_ACCOUNT_ADDRESS, Calls.PHONE_ACCOUNT_ADDRESS);
         sCallsProjectionMap.put(Calls.NEW, Calls.NEW);
         sCallsProjectionMap.put(Calls.VOICEMAIL_URI, Calls.VOICEMAIL_URI);
@@ -324,6 +325,13 @@ public class CallLogProvider extends ContentProvider {
         qb.setTables(Tables.CALLS);
         qb.setProjectionMap(sCallsProjectionMap);
         qb.setStrict(true);
+        // If the caller doesn't have READ_VOICEMAIL, make sure they can't
+        // do any SQL shenanigans to get access to the voicemails. If the caller does have the
+        // READ_VOICEMAIL permission, then they have sufficient permissions to access any data in
+        // the database, so the strict check is unnecessary.
+        if (!mVoicemailPermissions.callerHasReadAccess(getCallingPackage())) {
+            qb.setStrictGrammar(true);
+        }
 
         final SelectionBuilder selectionBuilder = new SelectionBuilder(selection);
         checkVoicemailPermissionAndAddRestriction(uri, selectionBuilder, true /*isQuery*/);
@@ -529,6 +537,18 @@ public class CallLogProvider extends ContentProvider {
         SelectionBuilder selectionBuilder = new SelectionBuilder(selection);
         checkVoicemailPermissionAndAddRestriction(uri, selectionBuilder, false /*isQuery*/);
 
+        final SQLiteQueryBuilder qb = new SQLiteQueryBuilder();
+        qb.setTables(Tables.CALLS);
+        qb.setProjectionMap(sCallsProjectionMap);
+        qb.setStrict(true);
+        // If the caller doesn't have READ_VOICEMAIL, make sure they can't
+        // do any SQL shenanigans to get access to the voicemails. If the caller does have the
+        // READ_VOICEMAIL permission, then they have sufficient permissions to access any data in
+        // the database, so the strict check is unnecessary.
+        if (!mVoicemailPermissions.callerHasReadAccess(getCallingPackage())) {
+            qb.setStrictGrammar(true);
+        }
+
         final SQLiteDatabase db = mDbHelper.getWritableDatabase();
         final int matchedUriId = sURIMatcher.match(uri);
         switch (matchedUriId) {
@@ -543,8 +563,7 @@ public class CallLogProvider extends ContentProvider {
                 throw new UnsupportedOperationException("Cannot update URL: " + uri);
         }
 
-        return createDatabaseModifier(db).update(uri, Tables.CALLS, values, selectionBuilder.build(),
-                selectionArgs);
+        return qb.update(db, values, selectionBuilder.build(), selectionArgs);
     }
 
     private int deleteInternal(Uri uri, String selection, String[] selectionArgs) {
@@ -559,14 +578,25 @@ public class CallLogProvider extends ContentProvider {
         SelectionBuilder selectionBuilder = new SelectionBuilder(selection);
         checkVoicemailPermissionAndAddRestriction(uri, selectionBuilder, false /*isQuery*/);
 
+        final SQLiteQueryBuilder qb = new SQLiteQueryBuilder();
+        qb.setTables(Tables.CALLS);
+        qb.setProjectionMap(sCallsProjectionMap);
+        qb.setStrict(true);
+        // If the caller doesn't have READ_VOICEMAIL, make sure they can't
+        // do any SQL shenanigans to get access to the voicemails. If the caller does have the
+        // READ_VOICEMAIL permission, then they have sufficient permissions to access any data in
+        // the database, so the strict check is unnecessary.
+        if (!mVoicemailPermissions.callerHasReadAccess(getCallingPackage())) {
+            qb.setStrictGrammar(true);
+        }
+
         final SQLiteDatabase db = mDbHelper.getWritableDatabase();
         final int matchedUriId = sURIMatcher.match(uri);
         switch (matchedUriId) {
             case CALLS:
                 // TODO: Special case - We may want to forward the delete request on user 0 to the
                 // shadow provider too.
-                return createDatabaseModifier(db).delete(Tables.CALLS,
-                        selectionBuilder.build(), selectionArgs);
+                return qb.delete(db, selectionBuilder.build(), selectionArgs);
             default:
                 throw new UnsupportedOperationException("Cannot delete that URL: " + uri);
         }
diff --git a/src/com/android/providers/contacts/ContactsProvider2.java b/src/com/android/providers/contacts/ContactsProvider2.java
index 5159fb94..3a0f7db8 100644
--- a/src/com/android/providers/contacts/ContactsProvider2.java
+++ b/src/com/android/providers/contacts/ContactsProvider2.java
@@ -5548,6 +5548,17 @@ public class ContactsProvider2 extends AbstractContactsProvider
             return null;
         }
 
+        if (cursor.getCount() > 0) {
+            final int callingUid = Binder.getCallingUid();
+            final String directoryAuthority = directoryInfo.authority;
+            if (VERBOSE_LOGGING) {
+                Log.v(TAG, "Making authority " + directoryAuthority
+                        + " visible to UID " + callingUid);
+            }
+            getContext().getPackageManager().grantImplicitAccess(
+                    callingUid, directoryAuthority);
+        }
+
         // Load the cursor contents into a memory cursor (backed by a cursor window) and close the
         // underlying cursor.
         try {
@@ -8628,7 +8639,7 @@ public class ContactsProvider2 extends AbstractContactsProvider
 
             case RAW_CONTACTS_ID_DISPLAY_PHOTO: {
                 long rawContactId = Long.parseLong(uri.getPathSegments().get(1));
-                boolean writeable = !mode.equals("r");
+                boolean writeable = mode.contains("w");
 
                 // Find the primary photo data record for this raw contact.
                 SQLiteQueryBuilder qb = new SQLiteQueryBuilder();
diff --git a/tests/src/com/android/providers/contacts/CallLogProviderTest.java b/tests/src/com/android/providers/contacts/CallLogProviderTest.java
index 9efdfaa4..9baf1e41 100644
--- a/tests/src/com/android/providers/contacts/CallLogProviderTest.java
+++ b/tests/src/com/android/providers/contacts/CallLogProviderTest.java
@@ -18,6 +18,7 @@ package com.android.providers.contacts;
 
 import android.telecom.CallerInfo;
 import com.android.providers.contacts.testutil.CommonDatabaseUtils;
+import com.android.providers.contacts.util.ContactsPermissions;
 
 import android.content.ComponentName;
 import android.content.ContentProvider;
@@ -59,7 +60,7 @@ public class CallLogProviderTest extends BaseContactsProvider2Test {
             Voicemails.DIRTY,
             Voicemails.DELETED};
     /** Total number of columns exposed by call_log provider. */
-    private static final int NUM_CALLLOG_FIELDS = 34;
+    private static final int NUM_CALLLOG_FIELDS = 35;
 
     private static final int MIN_MATCH = 7;
 
@@ -194,9 +195,12 @@ public class CallLogProviderTest extends BaseContactsProvider2Test {
         PhoneAccountHandle subscription = new PhoneAccountHandle(
                 sComponentName, "sub0");
 
+        // Allow self-calls in order to add the call
+        ContactsPermissions.ALLOW_SELF_CALL = true;
         Uri uri = Calls.addCall(ci, getMockContext(), "1-800-263-7643",
                 Calls.PRESENTATION_ALLOWED, Calls.OUTGOING_TYPE, 0, subscription, 2000,
                 40, null);
+        ContactsPermissions.ALLOW_SELF_CALL = false;
         assertNotNull(uri);
         assertEquals("0@" + CallLog.AUTHORITY, uri.getAuthority());
author	android-build-team Robot <android-build-team-robot@google.com>	2020-11-03 18:06:49 +0000
committer	android-build-team Robot <android-build-team-robot@google.com>	2020-11-03 18:06:49 +0000
commit	5136933b5b8813cd97174b362dc77304f022651b (patch)
tree	c0f916b4f1d24e743b3bded3c48c2da853e9d7c0
parent	ab731df384ef73d93c43b7bf22b8a6c52b595124 (diff)
parent	75c00e5359450a9c029066f29f21a0c8c262391b (diff)
download	ContactsProvider-5136933b5b8813cd97174b362dc77304f022651b.tar.gz