diff options
-rw-r--r-- | AndroidManifest.xml | 7 | ||||
-rw-r--r-- | res/values/config.xml | 2 | ||||
-rw-r--r-- | res/values/strings.xml | 22 | ||||
-rw-r--r-- | src/com/android/providers/tv/TvProvider.java | 29 |
4 files changed, 31 insertions, 29 deletions
diff --git a/AndroidManifest.xml b/AndroidManifest.xml index f38fd74..d5fef15 100644 --- a/AndroidManifest.xml +++ b/AndroidManifest.xml @@ -46,6 +46,7 @@ android:description="@string/permdesc_accessWatchedPrograms" /> <uses-permission android:name="com.android.providers.tv.permission.ACCESS_ALL_EPG_DATA" /> + <uses-permission android:name="com.android.providers.tv.permission.ACCESS_WATCHED_PROGRAMS" /> <application android:label="@string/app_label"> <provider @@ -54,11 +55,7 @@ android:exported="true" android:syncable="true" android:readPermission="com.android.providers.tv.permission.READ_EPG_DATA" - android:writePermission="com.android.providers.tv.permission.WRITE_EPG_DATA"> - <path-permission - android:pathPrefix="/watched_program" - android:permission="com.android.providers.tv.permission.ACCESS_WATCHED_PROGRAMS" /> - </provider> + android:writePermission="com.android.providers.tv.permission.WRITE_EPG_DATA" /> <service android:name="EpgDataCleanupService" /> </application> diff --git a/res/values/config.xml b/res/values/config.xml index f5ed93a..c82f57d 100644 --- a/res/values/config.xml +++ b/res/values/config.xml @@ -18,7 +18,7 @@ <integer name="max_program_age_in_days">14</integer> <!-- Maximum age of watch history in days. 0 means forever. --> - <integer name="max_watched_program_age_in_days">0</integer> + <integer name="max_watched_program_age_in_days">90</integer> <!-- Maximum number of entries for watch history. 0 means infinite. --> <integer name="max_watched_program_entry_count">10000</integer> diff --git a/res/values/strings.xml b/res/values/strings.xml index 3cf404b..2ddba24 100644 --- a/res/values/strings.xml +++ b/res/values/strings.xml @@ -19,35 +19,29 @@ <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. --> - <string name="permlab_readEpgData">Read EPG Data</string> + <string name="permlab_readEpgData">read TV channel/program information</string> <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. --> - <string name="permdesc_readEpgData">Allows the app to read the TV - channel/program information stored on your device.</string> + <string name="permdesc_readEpgData">Allows the app to read the TV channel/program information stored on your device.</string> <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. --> - <string name="permlab_writeEpgData">Write EPG Data</string> + <string name="permlab_writeEpgData">write TV channel/program information</string> <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. --> - <string name="permdesc_writeEpgData">Allows the app to provide and modify - the TV channel/program information on your device.</string> + <string name="permdesc_writeEpgData">Allows the app to provide and modify the TV channel/program information on your device.</string> <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. --> - <string name="permlab_accessAllEpgData">Access All EPG Data</string> + <string name="permlab_accessAllEpgData">access all TV channel/program information</string> <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. --> - <string name="permdesc_accessAllEpgData">Allows the app to read and write - all TV channel/program data stored on your device.</string> + <string name="permdesc_accessAllEpgData">Allows the app to read and write all TV channel/program data stored on your device.</string> <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. --> - <string name="permlab_accessWatchedPrograms">Access Watched Programs - </string> + <string name="permlab_accessWatchedPrograms">access watched TV program information</string> <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. --> - <string name="permdesc_accessWatchedPrograms">Allows the app to read and - write the list of TV programs you watched. Malicious apps may collect - your private TV watch history.</string> + <string name="permdesc_accessWatchedPrograms">Allows the app to read and write the list of TV programs you watched. Malicious apps may collect your private TV watch history.</string> </resources> diff --git a/src/com/android/providers/tv/TvProvider.java b/src/com/android/providers/tv/TvProvider.java index 98f7e6f..4ce8929 100644 --- a/src/com/android/providers/tv/TvProvider.java +++ b/src/com/android/providers/tv/TvProvider.java @@ -74,8 +74,7 @@ import java.util.Set; * {@link android.media.tv.TvContract}. */ public class TvProvider extends ContentProvider { - // STOPSHIP: Turn debugging off. - private static final boolean DEBUG = true; + private static final boolean DEBUG = false; private static final String TAG = "TvProvider"; // Operation names for createSqlParams(). @@ -231,6 +230,9 @@ public class TvProvider extends ContentProvider { private static final String PERMISSION_ACCESS_ALL_EPG_DATA = "com.android.providers.tv.permission.ACCESS_ALL_EPG_DATA"; + private static final String PERMISSION_ACCESS_WATCHED_PROGRAMS = + "com.android.providers.tv.permission.ACCESS_WATCHED_PROGRAMS"; + private static class DatabaseHelper extends SQLiteOpenHelper { private final Context mContext; @@ -520,7 +522,6 @@ public class TvProvider extends ContentProvider { SQLiteQueryBuilder queryBuilder = new SQLiteQueryBuilder(); queryBuilder.setTables(params.getTables()); - boolean locked = false; final String[] projection = { Channels.COLUMN_LOCKED, Channels.COLUMN_BROWSABLE }; try (Cursor cursor = queryBuilder.query(db, projection, params.getSelection(), params.getSelectionArgs(), null, null, null)) { @@ -822,14 +823,19 @@ public class TvProvider extends ContentProvider { } } + // When an application tries to create/read/update/delete channel or program data, we need to + // ensure that such an access is limited to the data entries it owns, unless it has the full + // access permission. + // Note that the user's watch log is treated with more caution and we should block any access + // from an application that doesn't have the proper permission. private boolean needsToLimitPackage(Uri uri) { - // If an application is trying to access channel or program data, we need to ensure that the - // access is limited to only those data entries that the application provided in the first - // place. The only exception is when the application has the full data access. Note that the - // user's watch log is treated separately with a special permission. int match = sUriMatcher.match(uri); - return match != MATCH_WATCHED_PROGRAM && match != MATCH_WATCHED_PROGRAM_ID - && !callerHasAccessAllEpgDataPermission(); + if (match == MATCH_WATCHED_PROGRAM || match == MATCH_WATCHED_PROGRAM_ID) { + if (!callerHasAccessWatchedProgramsPermission()) { + throw new SecurityException("Access not allowed for " + uri); + } + } + return !callerHasAccessAllEpgDataPermission(); } private boolean callerHasAccessAllEpgDataPermission() { @@ -837,6 +843,11 @@ public class TvProvider extends ContentProvider { == PackageManager.PERMISSION_GRANTED; } + private boolean callerHasAccessWatchedProgramsPermission() { + return getContext().checkCallingOrSelfPermission(PERMISSION_ACCESS_WATCHED_PROGRAMS) + == PackageManager.PERMISSION_GRANTED; + } + private boolean callerHasModifyParentalControlsPermission() { return getContext().checkCallingOrSelfPermission( android.Manifest.permission.MODIFY_PARENTAL_CONTROLS) |