diff options
| author | Jae Seo <jaeseo@google.com> | 2015-07-07 14:00:10 -0700 |
|---|---|---|
| committer | Jae Seo <jaeseo@google.com> | 2015-07-09 15:44:43 -0700 |
| commit | 33d3cf365894bd871cddd59441a375ec98738316 (patch) | |
| tree | ba54260472c9bf34e8c8a3746d033889a4a00e03 | |
| parent | e34c8bc6654e925ec7aab79def82b692ae3d2645 (diff) | |
| download | TvProvider-33d3cf365894bd871cddd59441a375ec98738316.tar.gz | |
Revive the write permission
There is still concern about not enforcing permission for writing EPG
data because malicious apps can silently insert spammy channels into the
database without letting the user know. This change addresses such
concern by reviving the previously removed EPG write permission.
Now, instead of requiring individual TV input apps to request runtime
permission, the system TV viewer app grants permission for writing EPG
data to the TV input apps that have been approved by the user.
Bug: 20124415
Change-Id: I0f785515ca39161f8c4647a09dcbd8e7fc5a5747
| -rw-r--r-- | AndroidManifest.xml | 22 | ||||
| -rw-r--r-- | res/values/strings.xml | 24 |
2 files changed, 39 insertions, 7 deletions
diff --git a/AndroidManifest.xml b/AndroidManifest.xml index fccd6cf..fbcf9e7 100644 --- a/AndroidManifest.xml +++ b/AndroidManifest.xml @@ -17,13 +17,25 @@ <manifest xmlns:android="http://schemas.android.com/apk/res/android" package="com.android.providers.tv" > - <!-- Allows an application to read (but not write) the TV channel/program - data. --> + <!-- Allows an application to read (but not write) all the TV listings. --> <permission android:name="android.permission.READ_TV_LISTINGS" android:protectionLevel="dangerous" android:label="@string/permlab_readTvListings" android:description="@string/permdesc_readTvListings" /> + <!-- Allows an application to read (but not write) its own TV channel/program data. + @deprecated No longer enforced. --> + <permission android:name="com.android.providers.tv.permission.READ_EPG_DATA" + android:protectionLevel="normal" + android:label="@string/permlab_readEpgData" + android:description="@string/permdesc_readEpgData" /> + + <!-- Allows an application to write (but not read) its own TV channel/program data. --> + <permission android:name="com.android.providers.tv.permission.WRITE_EPG_DATA" + android:protectionLevel="normal" + android:label="@string/permlab_writeEpgData" + android:description="@string/permdesc_writeEpgData" /> + <!-- Allows an application to read and write all TV channel/program data. @hide --> <permission android:name="com.android.providers.tv.permission.ACCESS_ALL_EPG_DATA" @@ -46,7 +58,11 @@ android:name="TvProvider" android:authorities="android.media.tv" android:exported="true" - android:syncable="true" /> + android:syncable="true" + android:writePermission="com.android.providers.tv.permission.WRITE_EPG_DATA"> + <grant-uri-permission android:pathPattern="/channel" /> + <grant-uri-permission android:pathPattern="/program" /> + </provider> <service android:name="EpgDataCleanupService" /> </application> diff --git a/res/values/strings.xml b/res/values/strings.xml index 6e31bae..48792da 100644 --- a/res/values/strings.xml +++ b/res/values/strings.xml @@ -19,17 +19,33 @@ <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. --> - <string name="permlab_readTvListings">read TV listings</string> + <string name="permlab_readTvListings">read all TV listings</string> <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. --> - <string name="permdesc_readTvListings">Allows the app to read the TV listings stored on your device.</string> + <string name="permdesc_readTvListings">Allows the app to read all the TV listings stored on your device.</string> + + <!-- Title of an application permission, listed so the user can choose + whether they want to allow the application to do this. + @deprecated --> + <string name="permlab_readEpgData">read TV listings</string> + <!-- Description of an application permission, listed so the user can choose + whether they want to allow the application to do this. + @deprecated --> + <string name="permdesc_readEpgData">Allows the app to read its own TV listings stored on your device.</string> + + <!-- Title of an application permission, listed so the user can choose + whether they want to allow the application to do this. --> + <string name="permlab_writeEpgData">write TV listings</string> + <!-- Description of an application permission, listed so the user can choose + whether they want to allow the application to do this. --> + <string name="permdesc_writeEpgData">Allows the app to write its own TV listings on your device storage.</string> <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. --> - <string name="permlab_accessAllEpgData">access all TV programming</string> + <string name="permlab_accessAllEpgData">access all listings</string> <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. --> - <string name="permdesc_accessAllEpgData">Allows the app to read and write all the TV channel/program information stored on your device.</string> + <string name="permdesc_accessAllEpgData">Allows the app to read and write all the TV listings stored on your device.</string> <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. --> |