Cross Reference: /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java

History log of /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
8e2bfc11ce480aaa4791c42bdf1df7111c32db4a	30-May-2018	Hongming Jin <hongmingjin@google.com>	Add shell command handler for account manager to allow enabling service binding for instant app. Test: cts-tradefed run cts -m CtsAccountManagerTestCases cts-instant-tradefed run cts-instant -m CtsAccountManagerTestCases Bug: 79367659 Change-Id: I3ac968ebc20be68da08293d9b685a01920f11b76 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
303c4bbb40945c399647487a98ace75cdedccd3a	10-Apr-2018	Dan Cashman <dcashman@google.com>	Add AccountManager key rotation awareness. Replace checkSignatures() calls in AccountManager with a new, rotation-aware call to PackageManagerInternal. Also add a new AUTH cert capability to reflect the distinction between these permissions and others. Bug: 77651077 Test: Builds. CtsAccountManagerTestCases Change-Id: Idd412cd984acf7d37555deb5879f2d6a0a10c2b6 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
c513a1ca7cef13f1f3f85f6c2e1462e47d4ab99d	05-Jan-2018	Fyodor Kupolov <fkupolov@google.com>	Merge "Account: Fix the risk of sqliteconnection leak" am: 766f0a4981 am: 130d5e3915 am: 28c72b43d9 Change-Id: Ibcf49239bae44081d2c8e10fe05ad3f6a07b52a1
81a47cd688e5b3c140aac23e467a3ded83b36e9f	02-Jan-2018	Alex Chau <alexchau@google.com>	Clear calling identity when calling getPackageInfo in AMS.isSystemUid - Without this, calling removeAccount in secondary user will crash, as the calling app may not have the permission required by getPackageInfo Bug: 65280359 Test: Remove account from profile owner is successful Change-Id: I4e5931732fd6797bb8429e8fa772022018e878c2 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
f2d081c4530ae766fcf63695155a4a758804738c	27-Dec-2017	chengang <chengang@xiaomi.com>	Account: Fix the risk of sqliteconnection leak Fix the risk of sqliteconnection leak in accountmanagerservice Bug: 71334517 Change-Id: I92a7381bceb5885f57cc46e686cf2581b5355df9 Signed-off-by: yuanhao <yuanhao@xiaomi.com> /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
2bc895dfe9e196366c08a437e7ea6f832eac10d0	19-Dec-2017	Fyodor Kupolov <fkupolov@google.com>	Async handling of AMS.onUnlockUser syncSharedAccounts opens CE database and can block ActivityManager thread for 100+ ms. This operation can be offloaded to a worker thread. Test: Manual - No "AccountManagerService$Lifecycle took X ms" warnings Bug: 37579992 Change-Id: Ie517722efe37da7c6782144beccdad53b047770b /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
f788f9c2d9dc0f51605c312fb9e61f390f76c1b6	08-Dec-2017	Alex Chau <alexchau@google.com>	Allow profile owners to call removeAccount Bug: 65280359 Test: Profile owner can call AccountManager.removeAccount Change-Id: I2710586ad8b26e3f01f1f6d76cf0ba61ee1525f1 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
220871a697290529278ed16db508eda8e12f3fc7	14-Nov-2017	Xin Li <delphij@google.com>	Merge commit '98e12851336b7db16e583f9afac63ecc97465980' from oc-mr1-dev-plus-aosp-without-vendor into stage-aosp-master. Change-Id: Ia7b8da4a00d215160e4a4fa40f6044208d1297b7 Merged-In: I19846d2a3ee27aecbae2367a74ee49082eea154d
e03114f9f648d29e7419a051f84dd7d651bcb070	27-Oct-2017	Tetsutoki Shiozawa <tetsutoki.shiozawa@sony.com>	Merge "Fix: AccountManagerService crashed by accessing closed db" am: 6ac8f42d9e am: 741736cafa am: 200a65be7f Change-Id: I621615c79bce6fea56072dde03a41d4f7c2ce5c0
200a65be7fa920f4bb26a91c3a9a3117ee2cd0e3	27-Oct-2017	Tetsutoki Shiozawa <tetsutoki.shiozawa@sony.com>	Merge "Fix: AccountManagerService crashed by accessing closed db" am: 6ac8f42d9e am: 741736cafa Change-Id: Ic7ae1006f1650653d75685b5a6d5b22e74b8f950
6ac8f42d9ea1388f20400f7609b62d858ef6b7a9	27-Oct-2017	Treehugger Robot <treehugger-gerrit@google.com>	Merge "Fix: AccountManagerService crashed by accessing closed db"
be2d96a724a5ecbf0d5b9be9e47d89034971f4a6	24-Oct-2017	Tetsutoki Shiozawa <tetsutoki.shiozawa@sony.com>	Fix: AccountManagerService crashed by accessing closed db Symptom: When a current user was switched, AccountManagerService crashed with IllegalStateException. Root cause: accountsDb was closed when user was stopped. AccountManagerService tried to insert a log record to the closed db and it failed. Solution: It catches the exception if it's failed to insert a log record. Bug: 68233592 Change-Id: I97b63e4777bf7f8a1d38d96e494f6a21847d374b /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
ef1f1e8d9f4ea57be63004af1141f86e1ce1ff42	20-Oct-2017	tiansiming <tiansiming@xiaomi.com>	Merge "Remove "result2" in AccountManagerService" am: eaf4d18bdf am: 4b4b759272 am: 640a087f91 am: 88e6c96571 Change-Id: I0d38e1be07166288c521eae08cf075e25bdeb6fb
88e6c965715fe25568c050c1584a2811392d6e0d	20-Oct-2017	tiansiming <tiansiming@xiaomi.com>	Merge "Remove "result2" in AccountManagerService" am: eaf4d18bdf am: 4b4b759272 am: 640a087f91 Change-Id: I89f76114c37fe63556c0813cb860ba01366c98c9
640a087f916fc6104fbe875b717f26057441eec3	20-Oct-2017	tiansiming <tiansiming@xiaomi.com>	Merge "Remove "result2" in AccountManagerService" am: eaf4d18bdf am: 4b4b759272 Change-Id: I1558ff443ffc28a21e80f5752feb535e08152f07
4b4b7592725695bf74d075459ef14199f06dbbdd	20-Oct-2017	tiansiming <tiansiming@xiaomi.com>	Merge "Remove "result2" in AccountManagerService" am: eaf4d18bdf Change-Id: I80c362a0250430f5d8948e4815638eab31d8c2b1
5330b5a78c7380a1b7c7b717aed2d240cd97530e	13-Oct-2017	tiansiming <tiansiming@xiaomi.com>	Remove "result2" in AccountManagerService I think result2 here is to filter out other value returned from getAccountRemovalAllowed. As the annotation shown in getAccountRemovalAllowed in AbstractAccountAuthenticator, the result will only contain KEY_INTENT or KEY_BOOLEAN_RESULT or KEY_ERROR_CODE and KEY_ERROR_MESSAGE. KEY_INTENT has been judged at the beginning of onResult, KEY_ERROR_CODE and KEY_ERROR_MESSAGE seem extraneous when back to AccountManager, so i believe that it's ok to use result directly here other than get one more Bundle object. (tip: if result2 is nessesary, its name doesn't looks formal) Bug:N/A Test:N/A Change-Id: I4e352baa1e74ac680398c328db0c4bc873ba528b Signed-off-by: tiansiming <tiansiming@xiaomi.com> /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
3f671b31940743c407871d54cd503d3f8a7edc67	11-Oct-2017	Jeff Sharkey <jsharkey@android.com>	Merge "DO NOT MERGE. KEY_INTENT shouldn't grant permissions." into oc-dev am: 31c5adc279 Change-Id: Id9a5a0216f1f26e059df45cc866582fe04cdf47d
dba1bb07e04b51b1bd0a1251711781e731ce9524	13-Jun-2017	Jeff Sharkey <jsharkey@android.com>	DO NOT MERGE. KEY_INTENT shouldn't grant permissions. KEY_INTENT has no business granting any Uri permissions, so remove any grant flags that malicious apps may have tried sneaking in. Also fix ordering bug in general-purpose security check that was allowing FLAG_GRANT_PERSISTABLE to bypass it. Test: builds, boots Bug: 32990341, 32879915 Change-Id: I657455a770c81f045ccce6abbd2291407a1cfb42 (cherry picked from commit d722e780bac7685e8a012b5f479eba8c348c3c53) /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
7183f0a6f3abff304856d95718d685e08e812238	20-Sep-2017	tiansiming <tiansiming@xiaomi.com>	[DO NOT MERGE] Fix another AddAccountSettings memory leak The memory leak will always occur in AddAccoutSettings when Bundle with an invalid intent returned in the addAccount we implement. Bug:https://issuetracker.google.com/issues/66088681 Test:Install the app through the github offered in above link, then press the "Test" item in ChooseAccountActivity (adb shell am start -n 'com.android.settings/.accounts.ChooseAccountActivity') serveal times. Check the activity number by "adb shell dumpsys meminfo com.android.settings". Change-Id: Id15fc73521d0ddc6ca891b6029ad04cd4427dbfe Signed-off-by: tiansiming <tiansiming@xiaomi.com> /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
a8868bf5a7b563f31a98c6fb07ac016f6b1f3903	20-Sep-2017	tiansiming <tiansiming@xiaomi.com>	Fix another AddAccountSettings memory leak The memory leak will always occur in AddAccoutSettings when Bundle with an invalid intent returned in the addAccount we implement. Bug:https://issuetracker.google.com/issues/66088681 Test:Install the app through the github offered in above link, then press the "Test" item in ChooseAccountActivity (adb shell am start -n 'com.android.settings/.accounts.ChooseAccountActivity') serveal times. Check the activity number by "adb shell dumpsys meminfo com.android.settings". Test: CtsAccountManagerTestCases Change-Id: Id15fc73521d0ddc6ca891b6029ad04cd4427dbfe Signed-off-by: tiansiming <tiansiming@xiaomi.com> /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
5fdb88c70a32dbd8e24c498b7358a46c3cb8cbba	21-Sep-2017	Tony Mak <tonymak@google.com>	Merge "Use noteOpNoThrow instead in AMS" into oc-mr1-dev am: d3293ab4c5 am: 8bc2569538 Change-Id: I23fff8cb959ad183c0b15654c7c7f3f3dc2764ed
58f2815272bc569cae1ef25342115336908dbf36	20-Sep-2017	Tony Mak <tonymak@google.com>	Use noteOpNoThrow instead in AMS We just want a boolean result to tell whether a package has certain permissions, we do not expect the check to throw SecurityException, so let's use noteOpNoThrow instead. Fixes: 65912167 Test: Disable Gmail, install a test app and run setPassword. No crash. Change-Id: Ifc6e7fbbae1121bda329f0a291522af9698959db /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
9e4e96d3f7dc48d8f5608320a1c21f4145d7a800	25-Aug-2017	Brandon Weeks <bweeks@google.com>	Fix typo in removeAccountExplicitly log message Test: none Change-Id: I2f9c02c3cfd7c677b4c7578ecd20187a7d0c0d57 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
6e6af8af38d1e169f59fa371e87ecd52bd87f65f	15-Aug-2017	sunjian <sunjian@google.com>	Fix Android O: AccountManager API not working in managed profile. am: 9ae597b6f2 Change-Id: I4c346731e3b85cce5dd6b6c13b1312c420a60b34
9ae597b6f265c3bc6ef91ff7f4c171607ca87067	15-Aug-2017	sunjian <sunjian@google.com>	Fix Android O: AccountManager API not working in managed profile. Bug: 64577509 Test: NONE Change-Id: I25650b2002d392ef9b7f4f4732106b22bc0eaae2 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
6d14d776bb04b7f876f3b15f69b0e8af222e0fd6	13-Jul-2017	Tony Mak <tonymak@google.com>	dump visiblity table in dumpsys accounts Bug: 63170585 Test: adb shell dumpsys account Change-Id: I3128fbeca710eef0e9a6f685690b1139b7eaf07d /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
945c97edd683e0df129cd11ffd2435b3a333b647	22-Jun-2017	Fyodor Kupolov <fkupolov@google.com>	Purge user data on ACTION_USER_REMOVED Bug: 62850350 Change-Id: Id2e9db53778b8616a40e6752c3b7b390af05910d Test: manual /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
18f0ca97f86378e3507015bb1fdc07c28cd3b930	13-Jun-2017	Dmitry Dementyev <dementyev@google.com>	Don't lock database when token is read from customToken cache in AccountManagerService. Test: manual Bug: 62546889 Change-Id: I9350a5829887de7bc28bfbb0f5bb7392ee727fb0 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
bdabd40c63c397e801933d9e9e03faa1aaf3b4cb	07-Jun-2017	sunjian <sunjian@google.com>	Currently, when an account with USER_MANAGED_NOT_VISIBLE is chosen in ChooseAccountActivity, its visibility doesn't get updated. However, it is supposed to be updated to USER_MANAGED_VISIBLE. Bug: 62067445 Test: manual Change-Id: I2fb942a96d07dff06a53bc48a16ff337c50f3a26 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
d722e780bac7685e8a012b5f479eba8c348c3c53	13-Jun-2017	Jeff Sharkey <jsharkey@android.com>	KEY_INTENT shouldn't grant permissions. KEY_INTENT has no business granting any Uri permissions, so remove any grant flags that malicious apps may have tried sneaking in. Also fix ordering bug in general-purpose security check that was allowing FLAG_GRANT_PERSISTABLE to bypass it. Test: builds, boots Bug: 32990341, 32879915 Change-Id: I657455a770c81f045ccce6abbd2291407a1cfb42 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
da93f30457295faf8c92cfe5d5258318afb6bafe	07-Jun-2017	Jian Sun <sunjian@google.com>	Merge "Notify registered packages of visible accounts change when authenticators get uninstalled." into oc-dev am: 8d5b58a660 Change-Id: Id381a515c44253dc2c3cfa7a74e855fda981580f
066aa5ed71a0866974e0c7118fd7812f94df0ccb	05-Jun-2017	sunjian <sunjian@google.com>	Notify registered packages of visible accounts change when authenticators get uninstalled. Bug: 38332496 Test: manual Change-Id: I877d52d511deb177d07f9e602d84f33fd0fd2c82 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
b6fb6f2b600c227d0b8188bdd42cd4a526509e34	07-Jun-2017	sunjian <sunjian@google.com>	Update AccountManagerService side logic for .getAccountsByTypeForPackage with null type. am: d62dc39dc5 am: b22429d53f Change-Id: I40675817d0102c51a4ad4988bc4c1445842883b3
d62dc39dc5a31c2c150fc5083e5a520fcb394c63	01-Jun-2017	sunjian <sunjian@google.com>	Update AccountManagerService side logic for .getAccountsByTypeForPackage with null type. Bug: 37987384 Test: manual, APCT Change-Id: I4d5f735736f1b1d7bbf778aee2ec813071c34f19 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
2ca9937f7926c6d1c411ef465434d58309a964c6	06-Jun-2017	Jian Sun <sunjian@google.com>	Merge "Fix visibility issue in AccountManager.getAuthTokenByFeatures." into oc-dev am: f1946baae7 am: c3c3112806 Change-Id: I82589c5cf90d8dbb02bab757d58e8584bd05bdb8
f29d549c2d16f377fe11261b98d77d2c9db1070c	12-May-2017	sunjian <sunjian@google.com>	Fix visibility issue in AccountManager.getAuthTokenByFeatures. Bug: 34679769 Test: manual, APCT Change-Id: I7270a5a5dd681ad088fa28e48d849ba3541e45cd /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
932f0e60c02376a9e7df9d8a6091b581e398c1e2	24-May-2017	TreeHugger Robot <treehugger-gerrit@google.com>	Merge "Close logging statement when stopping user"
56e158f5043ecdbc9e0737c611d8c61b4d844bae	24-May-2017	Fyodor Kupolov <fkupolov@google.com>	Close logging statement when stopping user It was preventing db from closing. Test: create guest user, remove. run dumpsys meminfo system Bug: 36367545 Change-Id: I5508d237d67a0ed99e0316d74c8d84c9ffe26744 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
c7770d6ebf47ee839dfecac96534fdf8923f1ea3	22-May-2017	Andrew Scull <ascull@google.com>	accounts: resolve error-prone warnings - missing @Override annotations - inner classes should be static if possible Bug: 38496625 Test: build Change-Id: Ic6a647b894036266dfa8f9908cec6049952cd38d /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
1827f12b5017589fda70bdcac8be7e949f2257f5	15-May-2017	TreeHugger Robot <treehugger-gerrit@google.com>	Merge "Don't request account access for apps if it is explictly made not visible to them." into oc-dev
7b3ea13b177ca92f02a98fe0e1bea67b60abd084	10-May-2017	Dmitry Dementyev <dementyev@google.com>	Don't request account access for apps if it is explictly made not visible to them. Test: manual. Bug: 38190080 Change-Id: Ifc9023cb37f05f29a2d2076dcff75b710efb6276 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
ce25ed2994413c8985cf2a8b047b079d5208a53a	04-May-2017	Fyodor Kupolov <fkupolov@google.com>	Close databases in onStop user The key is evicted before onCleanup. To be safe we should close db in onStopUser while the key is still available Test: switch to u10, switch to u0, am stop-user 10, am switch-user 10 Bug: 37781320 Change-Id: Iab18c503a236a15833974b0dad2af6eed86a6c02 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
cbe1bd1d42b7e8dbc4e176d8a1bd018fed3864e3	26-Apr-2017	Dmitry Dementyev <dementyev@google.com>	Use invalid package names for special keys in AccountManager. Bug: 37672088 Test: cts, manual. Change-Id: I7fd40e0646a50f809b5c9b89dfe4242ceb00195d /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
b6a7dc033ceb11df2d4e95dc1bb272362332e557	18-Apr-2017	Dmitry Dementyev <dementyev@google.com>	Update PACKAGE_REMOVED broadcast. 1) Include KEY_ACCOUNT_NAME and KEY_ACCOUNT_TYPE. 2) Only send the broadcast to packages which were able to see the account. Test: manual, APCT. Bug:37280078 (cherry picked from commit cbbc99f76224cedb6d680c3cd7f0afc9cc912202) Change-Id: I3c323e545628199903313096f93654687fa8f22b /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
fea6f7b799225f6f0211d7114c779183adbf7b6b	19-Apr-2017	Julia Reynolds <juliacr@google.com>	Remove long standing debug code Because it stops real errors from bubbling up to the calling app. Test: make, post notifications Change-Id: I0e59c61b0a60302a5fd023b7ad909e84b97e5df5 Fixes: 37494547 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
a461e30053da64966d632a9655d0dca0daac983c	12-Apr-2017	Dmitry Dementyev <dementyev@google.com>	Add ACTION_ACCOUNT_REMOVED to Account Manager. AccountManagerService sends an intent with the action when account of any type is removed or renamed. Test: manual, APCT. Bug: 37280078 Change-Id: I53b1bb9d6cde1edba5c37ecf3e4e13d748b19005 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
d6f0672e883f506c965ce6a05c9acdfa375af9e6	05-Apr-2017	Dmitry Dementyev <dementyev@google.com>	Make visible only accounts for which authenticator supports contacts operations for callers with READ_CONTACTS permission. Test: manual Bug: 36983643 Change-Id: I1239a30a71cb13ce9ffff6f38b8506e9686abe4d (cherry picked from commit d7e7a74179c51a36845c35614ac3247c13474fca) /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
5c80debe867cff368546b0d8ba0b81d27e88c3d6	04-Apr-2017	Dmitry Dementyev <dementyev@google.com>	Clear calling identity before getUserAccounts in AccountManagerService Fix accountsDb tests. Bug: 36860606 Test: manual Change-Id: Iad86d1bf7edd0f847262562ace9c2d5c9fdff978 (cherry picked from commit 9fc6f574b43c938913fad7a2ed04b5a7c717bd68) /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
717a8815c2298dcecdcf674122f0afecfae01918	31-Mar-2017	Chris Wren <cwren@android.com>	standardize account manager notification IDs Bug: 36807942 Test: frameworks/base/services/tests/runtests/py Change-Id: Iad5383ebbf9cf1765da5ad7405da1f79a3761c63 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
fe9a53bc45fd0124a876dc0a49680aaf86641d3e	31-Mar-2017	Jeff Sharkey <jsharkey@android.com>	Consistent dump() permission checking. This change introduces new methods on DumpUtils that can check if the caller has DUMP and/or PACKAGE_USAGE_STATS access. It then moves all existing dump() methods to use these checks so that we emit consistent error messages. Test: cts-tradefed run commandAndExit cts-dev -m CtsSecurityTestCases -t android.security.cts.ServicePermissionsTest Bug: 32806790 Change-Id: Iaff6b9506818ee082b1e169c89ebe1001b3bfeca /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
441162562b75f8510586e1acdf2009820f25493d	31-Mar-2017	Chris Wren <cwren@android.com>	Merge "standardize system notification IDs" into oc-dev
282cfefea0fbbd299839e353e6d30affdcd4a55c	27-Mar-2017	Chris Wren <cwren@android.com>	standardize system notification IDs All the trivial cases, plus some fixes to try to mitigate collisions with the complex ones. Complex services to follow in another CL, Bug: 32584866 Test: make framework services Change-Id: Ie9663600171d8ede11676e9d66f009dbb06def03 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
cfd0e95db490198fda1c894aa50b3fc26bdfb0b2	31-Mar-2017	Fyodor Kupolov <fkupolov@google.com>	Merge "Optimized locking for get/setUserData" into oc-dev
16bedd439775fdbf39ba9aec6a2815791b41e006	30-Mar-2017	Fyodor Kupolov <fkupolov@google.com>	Do not hold locks when calling getAccounts Not only it may cause a deadlock, calling authenticator while holding the lock is also error-prone. Test: manual Bug: 36770176 Change-Id: I6871ea88643fc3c178214685c038b2238329e881 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
3d73499a093f2fe950fee8fe788cc991002a80fd	30-Mar-2017	Fyodor Kupolov <fkupolov@google.com>	Optimized locking for get/setUserData This change improves locking in the following methods: - setUserdata. cacheLock is only held when calling writeUserDataIntoCacheLocked - readUserData. dbLock is obtained only if not cached Test: AccountManagerServiceTest Bug: 36485175 Bug: 35262596 Change-Id: I65b939acedd69e3113c24b7e6788c7aefc6ba25a /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
9ac40f1cf1125c6144e92518a9d44b0eea2ef7b7	29-Mar-2017	Fyodor Kupolov <fkupolov@google.com>	Only use cacheLock when it's needed When reading from cache, we can avoid synchronization on dbLock if we only read from cache (no db access). When doing updates to db and cache, we should hold cacheLock only when updating the cache. This change improves locking in the following methods: - getAccountVisibilityFromCache - saveAuthTokenToDatabase - getAccountsFromCacheLocked no longer allows outside locking. The method was renamed to getAccountsFromCache and now self-manages locks - writeAuthTokenIntoCacheLocked - readAuthTokenInternal Test: AccountManagerServiceTest Bug: 36485175 Bug: 35262596 Change-Id: I9aca45c31716c4f0e0fd9f07859e88a7f5ba6922 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
8cd927d8ea08cba89ac02dfd50ed42b486bd7f53	28-Mar-2017	Fyodor Kupolov <fkupolov@google.com>	Introduced additional lock - dbLock Right now it is always used with cacheLock. In the future, we will be adding optimizations to reduce cacheLock contention by only holding it when updating the cache. This change is non-functional and doesn't change the current locking contract Test: Manual + AccountManagerServiceTest Bug: 36485175 Change-Id: Iebc437463958d33b32fc1273a84680c22ac60825 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
71fa5261d335a877453383eea911e9f51ad15589	23-Mar-2017	Dmitry Dementyev <dementyev@google.com>	Add cache for Account Visibility values. Test: cts Bug: 36485175 Change-Id: I075b81f8b287199d51ea09dc1108748310ab846c /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
db61e6ff4482929016f95472fca58fd58ce18467	23-Mar-2017	Dmitry Dementyev <dementyev@google.com>	Merge "Remove conversion from uid to package name getAccountsFromCacheLocked"
57064b0d46e4926ed503ac1d0c80c152bc4f853e	22-Mar-2017	TreeHugger Robot <treehugger-gerrit@google.com>	Merge "Do not check targetSdkVersion if only one package"
3560f847fbffa54f7841320cc0f722778df1222a	22-Mar-2017	Geoffrey Pitsch <gpitsch@google.com>	AccountManagerService send pkg uid when creating notification channel AccountManager needs to pass the app's uid explicitly in order for the channel lookup to not fail. Requires separate API that only system can call. Bug: 36511867 Test: Install Clankium and reboot device, observe Notification Change-Id: I6ddd87d755b4b2129565dd275e799b0349a80936 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
16e378917258236530632e44e30a96e4251c4a12	22-Mar-2017	Dmitry Dementyev <dementyev@google.com>	Remove conversion from uid to package name getAccountsFromCacheLocked Conversion should happen in filerAccounts method to preserve filterSharedAccounts logic. Bug: 36485175 Test: cts Change-Id: I4c7fd086de5883e68894c42476e2fe12f1adb97a /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
892fc8d06789bb624b757a2cad64babab8657eb4	22-Mar-2017	Fyodor Kupolov <fkupolov@google.com>	Do not check targetSdkVersion if only one package Bug: 36485175 Test: AccountManagerServiceTest Change-Id: Icef2a292dbf5119a5c2bb184aa2da7bcf8e7bd11 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
da596922895f6727c204ea600fa76201f327eefb	22-Mar-2017	TreeHugger Robot <treehugger-gerrit@google.com>	Merge "Move Accounts NotificationChannel earlier, before clearCallingIdentity"
8882d881f95f5719a4a9c3eb3f6555b4882e8c4d	15-Mar-2017	Dmitry Dementyev <dementyev@google.com>	Implement runtime account update notifications. Test: manual, cts. Change-Id: Iaf9fe4814c3d3c2ca2dca0a5bfa0f997e060bfeb /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
4d0f08578e9f87bb70e647fa3609a0444919defe	21-Mar-2017	Geoffrey Pitsch <gpitsch@google.com>	Move Accounts NotificationChannel earlier, before clearCallingIdentity Bug: 36122686 Test: Not sure how to repro, couldn't be worse than it already is Change-Id: I1e5aa9950b765dd3fbf1a01c5f10668761a2bc2e /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
ef1ab440246e30900ec3c48fd0b0d30e91550530	17-Mar-2017	Fyodor Kupolov <fkupolov@google.com>	Merge "Handle stopped users in onCleanupUser"
b9da4e4637a9992023c24d0c0f0115cdbff8acf7	16-Mar-2017	Fyodor Kupolov <fkupolov@google.com>	Handle stopped users in onCleanupUser This will also take care of the case when the user is removed. Previously CE database wasn't closed after user was stopped. Bug: 35988361 Test: Create u10 - switch - add account - switch to u0 - stop u10 Test: Create u10 - switch - add account - switch to u0 - remove u10 Change-Id: I6df61a8b1d00b28f2985d60861dd1b74e3e5942b /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
538d5a3d079aa60a6cf84befdda301469ab0b6a5	15-Mar-2017	Dmitry Dementyev <dementyev@google.com>	Merge "Allows AccountManager to start exported activities."
d5210bab63f29a8cf98f6bd7ca3ccce9d412ecf5	14-Mar-2017	Dmitry Dementyev <dementyev@google.com>	Allows AccountManager to start exported activities. Use correct check to let Authenticators run GrantCredentialsPermissionActivity and CantAddAccountActivity. Bug: 18864662, 35847616 Test: manual Change-Id: Id46f2f80e91b9be34e4de36f13a445b92425c1e9 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
7cceabcfe1a2ad2119e6af8abae3c1cb80fbb45f	14-Mar-2017	Dmitry Dementyev <dementyev@google.com>	Merge "Use opPackageName to filter accounts in getAccountsAsUserForPakage method."
5159f439c9dd1b924550c8fffee4a2aecee96663	09-Mar-2017	Dmitry Dementyev <dementyev@google.com>	Use opPackageName to filter accounts in getAccountsAsUserForPakage method. Allow authenticators use getAccountsByTypeForPackage with null account type. Test: manual. Change-Id: I47679f522a6c03c3d27f814b80b6f10530c31014 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
0b67642674520697d406d5d29b82d74186d58454	09-Mar-2017	Dmitry Dementyev <dementyev@google.com>	Use correct package name in AccountManagerService ACTION_PACKAGE_REMOVED Test: manual tests. Change-Id: Iefdfbca53206e285935e85a43e49bd2bdb3e0fb3 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
c34a48d03f8952a470bf433344e7eed240712483	02-Mar-2017	Dmitry Dementyev <dementyev@google.com>	Use LinedHashMap in AccountManagerService to return accounts in the order of database addition Test: cts Bug: 35930761 Change-Id: I7600d858a7fdda45689dc0b933b0246dbded8334 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
af759c52ce01fe6b5144957e38da956af01a217b	15-Feb-2017	Geoffrey Pitsch <gpitsch@google.com>	Channels for Frameworks notifications Adapts all notifications used by system services to use channels. Channels are initialized by SystemServer after the NotificationService has started. Test: runtest systemui-notification Change-Id: I25c45293b786adb57787aeab4c2613c9d7c89dab /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
bded68f78a17e7f3a1d0be9e7f5b776154633489	21-Feb-2017	Christopher Tate <ctate@google.com>	Send LOGIN_ACCOUNTS_CHANGED broadcast to manifest receivers Bug 35627018 Change-Id: I8255cbe0deff847a2feac4ea41d4a12902615caf /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
06f32e0abda7cefdd35fbfa2aaf5882650a16003	17-Feb-2017	Dmitry Dementyev <dementyev@google.com>	Update AccountManager getAccountVisibility method to better handle default cases. Test: cts, manual Change-Id: Ic0f8fef9f928fefa6cc32a91c471969f7d5a4e45 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
876f266271c4b3758cbd7ae21020b7c134624f83	17-Feb-2017	TreeHugger Robot <treehugger-gerrit@google.com>	Merge "Fix AccountManagerService caused by empty package names list."
5e46e57324eeb0d90746ac83a214e376a985ff8e	16-Feb-2017	Dmitry Dementyev <dementyev@google.com>	Fix AccountManagerService caused by empty package names list. Add check for empty package list in isPrivileged method. Test: cts-tradefed run cts -m CtsAccountManagerTestCases Bug: 35340908 Change-Id: I4870e27db2f2e82d17741c53f8bb3fbebf87d0de /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
f88ebeb2506d3daed3fe0a71f6e1f5cde34406cd	15-Feb-2017	Sudheer Shanka <sudheersai@google.com>	Use correct packageName for checking if it belongs to callingUid. In AccountManagerService.getAccountsAsUser, we check if opPackageName belongs to calling uid by calling AppOpsManager.checkPackage. But when AccountManagerService.getAccountsAsUser is called from AccountManagerService.addSharedAccountsFromParentUser, we're using the opPackageName from system context instead of calling context. Bug: 35258008 Test: cts-tradefed run singleCommand cts-dev --module CtsMultiUserHostTestCases \ -t android.host.multiuser.CreateUsersPermissionTest#testCanCreateRestrictedUser Change-Id: I5c425d9314beb86f7c64a5b5c64b7d879711879a /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
f794c8dc1b62b3a54f3edcfc8031050d9486398a	04-Feb-2017	Dmitry Dementyev <dementyev@google.com>	GET_ACCOUNTS_PRIVILEGED permission check for Account Discovery API. GET_ACCOUNTS_PRIVELEGED still works in Android O, but authenticators can limit visibility for apps with the permission. Bug: 34841115 Test: cts, manual tests. Change-Id: Ibd87f6172969c550b6166f88176924e517393763 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
e366f82cef233a3378964da93f7313aa9fdeb56a	31-Jan-2017	Dmitry Dementyev <dementyev@google.com>	Update Account Discovery API. Use package name instead of uid. Check calling package name in getAccounts methods. Bug: 34841115, 34841115 Test: cts tests, manual tests. Change-Id: I8a9e6aea5e2b6677be4bc414836b842239c5b6ac /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
01985ff6d249e434b900cd33718d830a948e3a86	20-Jan-2017	Dmitry Dementyev <dementyev@google.com>	Implement Account Discovery API. Inludes temporary flow for notifications filtered by accountType Bug: 33046496 Test: cts tests, manual tests. Change-Id: I2d767030e851579a0666efd7e243a1239af740c7 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
2ae64092c1e2fa28d7fa7717fe49036a3b2b1269	09-Jan-2017	Dmitry Dementyev <dementyev@google.com>	Update Account Manager to use latest version of account discovery API. Bug: 33046496 Test: cts tests, manual tests. Change-Id: I2791f4f7bab2665a928264da5ccf6a3ab975cea6 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
2e22cfbefb8848e52e29827c94225ed9409af4ad	09-Jan-2017	Dmitry Dementyev <dementyev@google.com>	Revert "Implement Account Discovery API." This reverts commit 58fa836210a2872e58e8890456c2cd14a4b0fd3d. Change-Id: Iffc9c5eb63db382b720b45ff5e8f1948db908a03 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
58fa836210a2872e58e8890456c2cd14a4b0fd3d	21-Dec-2016	Dmitry Dementyev <dementyev@google.com>	Implement Account Discovery API. Bug: https://b.corp.google.com/issues/33046496 Test: cts tests, manual tests. Change-Id: I03d1ae5dfa1577f191817aa7d508f6b4d0e625ed /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
527454795ff8109dd294e6fcc6f0f3c818ecefa2	02-Dec-2016	Dmitry Dementyev <dementyev@google.com>	Update account visibility API. Remove no longer used functions and in-memory visibility table. Add stubs for new methods. Actual implementation will be added in follow up CLs. Bug: https://b.corp.google.com/issues/33046496 Test: manual tests, cts tests. Change-Id: I990759b20c57df70bc944e27b84e59b9f77b9bd4 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
98e9e855438405cf5b760495a74cdf6e66e8b297	09-Dec-2016	Fyodor Kupolov <fkupolov@google.com>	Always delete from CE table in removeAccountInternal Test: AMSTest passes Bug: 32660831 Change-Id: Iad40bf151f885a86eb6b4e074e9ec83159277e47 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
cf50dcf50227413078fa1fab3d02ba30726b9130	17-Nov-2016	Dmitry Dementyev <dementyev@google.com>	Correctly update database during account rename. Bug: https://b.corp.google.com/issues/32907996 Test: Verified with CTS tests. Change-Id: I3ef8890b9a68d17208a5681a39a0895feaff5fa1 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
dc589ac82b5fe2063f4cfd94c8ae26d43d5420a0	11-Nov-2016	Sudheer Shanka <sudheersai@google.com>	Update usage of ActivityManagerNative. - Remove references to ActivityManagerProxy. - Add isSystemReady to ActivityManager. Bug: 30977067 Test: cts/hostsidetests/services/activityandwindowmanager/util/run-test android.server.cts adb shell am instrument -e class com.android.server.am.ActivityManagerTest,com.android.server.am.TaskStackChangedListenerTest \ -w com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner Change-Id: I07390b6124fb1515821f5c0b37baf6ae74adc8fa /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
00de49e20ddb0d8ab5ab2d65e47bf98a040bc97b	23-Sep-2016	Fyodor Kupolov <fkupolov@google.com>	Introduced AccountDb API replacing helpers Refactored AccountsDb to provide unified interface for interacting with CE/DE database. Benefits of the new API: - Better encapsulation - only relevant methods are exposed. Implementation details are hidden in private helper classes. - Clients can now treat CE tables as if they were in DE database, but only available when the user is unlocked. - Opening database is now implicit - no more getReadableDatabase /getWritableDatabase calls. Clients only need to define transaction boundaries, when necessary. Test: Refactoring Bug: 30639520 Change-Id: I08b1fc95b7a633b036e05e8ef7e8ebd239187aa1 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
da993806c2e40e88117dbe2ae5b0d8580318b1a1	21-Sep-2016	Fyodor Kupolov <fkupolov@google.com>	Added dependency injection for testing Also fixed an issue when tests occasionally were crashing on APCT. Now tearDown waits for async logging tasks to complete before removing db files. Test: AMS tests are passing Bug: 31630010 Change-Id: I98f7b0899e54f4927b493e36d16dd946b9ca13a9 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
33d2417e492acb761d669b8bcc3e85feba81fc92	24-Sep-2016	TreeHugger Robot <treehugger-gerrit@google.com>	Merge "Use tokens instead of account access trackers"
c1c0d1cc531a63a48fe7c26113ca165120092c25	24-Sep-2016	Svet Ganov <svetoslavganov@google.com>	Use tokens instead of account access trackers We keep track which process saw and account to whitelist the app for future access as an optimization to avoid prompting the user for account access approval. Some apps use SefeParcelable where the parcels are marshalled which does not allow the parcel to contain IBinders. To avoid this we are switching from account tracker remote objects to unforgeable tokens. bug:31162498 Change-Id: I19916b54afd0b47e57c517145aa6b1ff17154144 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
5c4a51231a58a5059112f4aab45386e047d2716c	24-Sep-2016	Svet Ganov <svetoslavganov@google.com>	Fix a bad merge Change-Id: I5d64cd8a3e7334e0f5247cf8983edf4193f119b2 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
1ce0161e30de2585f67e9c42ad98b33ab0333f46	26-Aug-2016	Fyodor Kupolov <fkupolov@google.com>	Extracted persistence layer into a separate class Introduced AccountsDb class and moved all DB-accessing methods there. The methods are organized by the database: - DeDatabaseHelper - provides access to accounts_de data - CeDatabaseHelper - access to accounts_ce - PreNDatabaseHelper - migration logic from a pre-N single database to two databases in N - DebugDbHelper - debug table + helper methods Notable improvements: - logRecord methods no longer opens SQLiteDatabase (it was actually unused down in the call chain) - Clean separation between business and persistence logic - no more sql statements concatenation in the AMS code. Test: Refactoring CL. Bug: 30639520 Change-Id: I41bd1abe47a23efbc735344413f32cbb68a5c8af /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
746aa69054d37a0263a648b9de36485b2fd1900d	21-Sep-2016	TreeHugger Robot <treehugger-gerrit@google.com>	Merge "Add access tracker to renamed accounts"
5d09c998a03eea53218c3b3c40e20db1b7693c9c	07-Sep-2016	Svet Ganov <svetoslavganov@google.com>	Backup account access grants Sync adapters without an account access cannot run until the user approves the account access (for the case the account access is not allowed by other policy such as being singed with the same cert as the authenticator). If the sync adapter does not have permission to access the account we ask the user to grant access and take a note. This CL adds backup for the explicit user grants. bug:31162498 Change-Id: I31e3f3d010475352c7c54255ac2d3a2fed4d0c72 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
57f62597b38b76eb6692d90ef338f1824d02586e	17-Sep-2016	Svetoslav Ganov <svetoslavganov@google.com>	Add access tracker to renamed accounts We are adding access tracker to accounts cached by the account manager to know when a process saw the account to white list it for future access. The bug here was that we didn't return the account from the cache but the tracker is added when the account is cached. Now the contract is that inserting an account in the cache returns the instrumented account which is inteded to be returned to clients. bug:28163381 bug:31456742 Change-Id: I5acac1f77a9077b35c5e4892e40d2ab38f3bfc63 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
f6d424f133563fb3fc75d8fd260e6e7ed4608ef6	21-Sep-2016	Svet Ganov <svetoslavganov@google.com>	While-list apps to access account if already saw it Sync adapters without an account access cannot run until the user approves the account access (for the case the account access is not allowed by other policy such as being singed with the same cert as the authenticator). However, if the sync adapter package already got the account from another app which means it already saw the account we white-list the sync adapter app to access the account as it already saw it - the bird is out of the cage. bug:31162498 Change-Id: I2b72f3b0d6307561ed68db2f2e9c900b15e8d098 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
f7d8df1992bb7a1d714f9bf39186b1576a9a4467	16-Sep-2016	Nicolas Prevot <nprevot@google.com>	Don't crash in AccountManagerService if a uid has no packages PackageManagerService.getPackagesForUid() may return null BUG:31544109 Change-Id: I8ce45b5462154ac53cf5930e1889cf5d2fa486f4 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
0f149f412b5491911ec975c051f8cf76d02c4e2c	26-Aug-2016	Fyodor Kupolov <fkupolov@google.com>	Update services info before returning authenticators am: 814464894c am: 7540b79fee am: 69192b00e6 am: 44811aba74 Change-Id: Ie65a1d569c78860b4f5212ddf257408328267398
ecbe89dab91a2cd8a47cccf5cf27ab243ffd397d	26-Aug-2016	Svetoslav Ganov <svetoslavganov@google.com>	Use correct UID checks and proper database lookup am: 7ee37f48dc am: dc33730c05 am: 758fd53828 Change-Id: If2318d2e79286b6219c0f39bb2d7726e808bad44
8873aa34f6601a0f902c687d48f193e132920f5a	26-Aug-2016	Fyodor Kupolov <fkupolov@google.com>	Do not start new threads in AccountManagerService Created a dedicated foreground ServiceThread for AccountManagerService. All async work that cannot be done on the main thread should be done there. Bug: 30469204 Bug: 24735732 Change-Id: I93caeb2b2414dc39398504bffec5f9ceb7105f72 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
7540b79fee975d9b6f46ab0aadcc05da88450071	25-Aug-2016	Fyodor Kupolov <fkupolov@google.com>	Update services info before returning authenticators am: 814464894c Change-Id: I3d7eb42ef73ad77cb44c251a493ae967bcc0f651
814464894c16cc53bae7ba80b784bd3179123847	24-Aug-2016	Fyodor Kupolov <fkupolov@google.com>	Update services info before returning authenticators Added RegisteredServicesCache.updateServices method which allows callers to request an update to services for which package has been updated. Added a call to updateServices in getAuthenticatorTypesInternal Test: Manually tested update flow on test authenticator with an artificial delay in broadcast handling Bug: 30979262 Change-Id: I499b2ee0be53fed01201c56068d929b6d621a78e /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
7ee37f48dcb1e4674dd6ebebbbf24a33f1b7084a	24-Aug-2016	Svetoslav Ganov <svetoslavganov@google.com>	Use correct UID checks and proper database lookup bug:31056110 bug:31050549 bug:28163381 Change-Id: I726645ae0d2456a5b4d38005fe78523332758842 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
9a79a4bea4332b2777f3c40c111bd7a357ca8102	24-Aug-2016	Svetoslav Ganov <svetoslavganov@google.com>	Merge "resolve merge conflicts of eeeebd3 to master"
14fc1978e70d3243ca08a352a56e2841bc88d931	24-Aug-2016	Nicolas Prevot <nprevot@google.com>	In AccountManagerService, don't crash if there's no dpm. BUG:31015735 Change-Id: I0857008576c11857f52cdc2233fd3e3566e62268 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
890a210e41d6a77a87370e6782c2ee373fa857d1	24-Aug-2016	Svet Ganov <svetoslavganov@google.com>	resolve merge conflicts of eeeebd3 to master Change-Id: I3aa0d1b9228be408837f7dd93a9b8268e564fc65
5cb2973495084f8ce3433b579e4b4962ed9d7efc	12-Jul-2016	Svetoslav Ganov <svetoslavganov@google.com>	Only sync adapters with access can see an account - framework It was possible for a sync adapter without accounts access to see the account which it is supposed to sync which can be used to identify the user. This change ensures that only sync adapters with account access can run (which results in seeing the account), otherwise we involve the user to approve access only to this account. A sync adapter can access an account if one of these is true: - it is signed as the authenticator for this account - has the GET_ACCOUNTS permission - has an auth token for the account - it is a preinstalled app (system or privileged) The main thing we need to figure out is if the extra prompts for giving access to a sync adapter to the account create too much friction. bug:28163381 Change-Id: Ie083bb681b5a2aed81ca5f6a062193a175fad77e /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
368aa1904023dfc6191087b53c78d795581be8a1	29-Jul-2016	Hongming Jin <hongmingjin@google.com>	Only return password for account session flow if the caller is signed with system key and have get_password permission. Bug: 30455516 Change-Id: I78484c59e4de1dff685ab91a0a8e7a756fffd9bf /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
1e8a94b1ed07c300cf7158909ee7232b54fa22dc	10-Aug-2016	Fyodor Kupolov <fkupolov@google.com>	Extracted persistence logic into AccountsDbUtils Bug: 30639520 Change-Id: I4aba994bfa64a7880f0854e984dddf13213bdf2d /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
69990d95171aef56896aa9b196d8a122b2231acb	03-Aug-2016	Tejas Khorana <khorana@google.com>	Fixed isAccountVisible and Visibility Constraints Ensured isAccountVisible yields true if the Account does not have visible list functionality so as to not interfere with any other applications on the system. Additionally, remove accounts from the list returned from the getAccounts series of methods. Bug: 30633470 Change-Id: I3d8cf6939bd38f6a3549fe8d5dccd6b1ebc0be44 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
5edff3b8b1085660dba4d7106a5b6498f41ccf22	29-Jun-2016	Tejas Khorana <khorana@google.com>	Account Manager Push API Account Push API: Designed to repurpose existing Account Discovery APIs. Bug#30562311 Bug: https://b.corp.google.com/issues/30562311 Change-Id: If1b22dc96c5cff21550e93bd26942faa5bcdabbf /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
9082c56ebda8a24367ae22e13b3d8a772d61cc63	19-Jul-2016	Dmitry Dementyev <dementyev@google.com>	Merge \\\"Include correct account id in action_called_account_remove log message.\\\" into nyc-dev am: 0544462bf1 am: 33c20d39e3 am: fa30cf747e Change-Id: I4b8c59b7ae6035917d106741ba98b9c0a18d3b6c
fa30cf747eea35edcbb0f349bec20751636484b5	19-Jul-2016	Dmitry Dementyev <dementyev@google.com>	Merge \\"Include correct account id in action_called_account_remove log message.\\" into nyc-dev am: 0544462bf1 am: 33c20d39e3 Change-Id: I8857fc1e39fbd9c2368e6f341a1c3cffaaaeaf16
d87be076446d0687f31ef7fd8f80b52818466153	19-Jul-2016	Dmitry Dementyev <dementyev@google.com>	Merge \"Include correct account id in action_called_account_remove log message.\" into nyc-dev am: 0544462bf1 Change-Id: Iaedf8dbf5fb7ee68eebe1026ab3867f544948db9
280a87d3a533ae0342a0c4da4081d745faa3a667	18-Jul-2016	Hongming Jin <hongmingjin@google.com>	Merge "AccountManager: Make account session APIs public api."
e59fc5fe55bc792f525c7ed2a4bc789639d88ed1	08-Jul-2016	Dmitry Dementyev <dementyev@google.com>	Include correct account id in action_called_account_remove log message. Bug: 30013930 Change-Id: I857866e224d8dbc986c3b7e83a5f4e899e09f3ab /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
0e961a131c7afa41d523cab9db551c09d95ef2b2	30-Jun-2016	Sandra Kwan <sandrakwan@google.com>	Allows AccountManager to start exported activities. We prevent authenticators from using Settings to launch arbitrary activities by checking if the activity has the same signature with the authenticators. However, some activities (GrantCredentialsPermissionActivity and CantAddAccountActivity) are returned by AccountManagerService and should be allowed to start. Bug: 18864662 Change-Id: I20c17f0864e6cee1cca901514da2638f551e5423 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
bb3a000459d71b6b723fc3de5491141fef9e87f1	14-Jul-2016	Carlos Valdivia <carlosvaldivia@google.com>	Merge \\"Only broadcast LOGIN_ACCOUNTS_CHANGED when changes occur.\\" into nyc-mr1-dev am: 327c7e4c06 am: bdaed68189 Change-Id: I01422e3ee0d726b7db279f5038d04474bb62571d
98b5f9dafeb75d7ab8afcd5ccf96a7a58fa65a4c	08-Jul-2016	Carlos Valdivia <carlosvaldivia@google.com>	Only broadcast LOGIN_ACCOUNTS_CHANGED when changes occur. Bug: 30014605 Change-Id: I451a795494a9dcbfa5e6afa76d8716911e5dc3a5 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
8b44275ddedd32dd6a9fc1d81815c46bcada2faa	26-Jun-2016	Hongming Jin <hongmingjin@google.com>	AccountManager: Make account session APIs public api. Change-Id: Ibdaa788fc63fd865c2731517aab9b719df4979da /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
56d8d05e8a75907cbdaba581a2a6afeb023b0796	27-Jun-2016	Nicolas Prévot <nprevot@google.com>	Merge "Show policy transparency screen if adding an account is not allowed."
709a63d9c0a71bdf2af66904ed6e7440915b45d2	09-Jun-2016	Nicolas Prevot <nprevot@google.com>	Show policy transparency screen if adding an account is not allowed. If DISALLOW_MODIFY_ACCOUNTS has been set by a profile/device owner, or account management is disabled: When an app tries to add an account, show the policy transparency screen. BUG:26762383 Change-Id: I721220c37c74493020f5a1be1f15731e9863a1de /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
20d45765fdbf6fd52a07547e4c480ae5cfcba6d3	24-Jun-2016	Tejas Khorana <khorana@google.com>	Merge "Put Write To Disk Ops in Separate Thread."
7b88f0e6c043d7a813d6560eb985ff6474c33ca4	13-Jun-2016	Tejas Khorana <@google.com>	Put Write To Disk Ops in Separate Thread. This prevents AccountManager.addAccount performing an unexpected write to disk in the main thread and thus violating requirements from strict mode. All write operations put in a separate thread. Bug: 24735732 Change-Id: Icad8f7eba777860309807e44eb742a458480ce85 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
3b2297d05f407839b36d3866987d708b80fc9763	20-Jun-2016	Sudheer Shanka <sudheersai@google.com>	Allow call addSharedAccountsFromParentUser with CREATE_USERS permission. Bug: 29189712 Bug: 29500492 Change-Id: I0fca4951d41c14aa1739e01ca15d674b86a15d7c /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
d04aaa323c3a788d26f18fc66e0a59b47e525b38	13-Jun-2016	Amith Yamasani <yamasani@google.com>	More thorough cleansing of expired users If any /data/system_[c\|d]e folders were not erased when the user was removed (maybe due to a reboot), make sure they're cleaned up on restart as well as when the userId is recycled later. Mark the users' system folders with the correct serial number for later verification. AccountManager shouldn't be querying accounts of partially created/destroyed users. Change-Id: I4313756b7464f34cd5ce4fb296d61daa50b41fcb Fixes: 29285673 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
627fc2021dd3cfc65fba046f29f467f4c7362ecc	03-Jun-2016	Fyodor Kupolov <fkupolov@google.com>	Delete account from DE and CE databases When authenticator no longer exists and the user is unlocked, we should remove accounts from both tables in a single transaction. Bug: 28910995 Change-Id: Ibabf5d3e5ba561ffb3dda03aef99e358e2f71c58 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
06329e5fb214ce6c2179b7fc7740c0fba41f084a	08-May-2016	Carlos Valdivia <carlosvaldivia@google.com>	[Security] Prevent malicious notifications from AMS. There was a hole in the getAuthToken logic that allowed notifications resulting from getAuthToken requests using notifyOnAuthFailure=true to launch arbitrary activites on the device. This is because the getAuthToken session overrode onResult (unlike addAccount, updateCreds, or confirmCreds). Bug: 13787929 Change-Id: Ife1d48835f48416c2f0690f1413a076b69215190 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
4ba55dc462b4e43086bef24b064d069df27e7670	30-Apr-2016	Carlos Valdivia <carlosvaldivia@google.com>	Merge "Insulate the account.db from updates." into nyc-dev
a46b112d04fdb0c73a529591b9e1a3a12244e7d9	27-Apr-2016	Carlos Valdivia <carlosvaldivia@google.com>	Insulate the account.db from updates. I think we were getting accounts uninstalled on android devices when SyncManagers called validateAccounts() while GmsCore was updating. I try to prevent this by not removing accounts unless the data directory has actually been removed (which shouldn't happen during updates). Bug: 25611016 Change-Id: Ib526b3000ad741815d48fd020af2cc19d6205166 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
ce18c8167766f92856f94a8e88e19de4698960e6	28-Apr-2016	Jeff Sharkey <jsharkey@android.com>	Introduce "unlocking" vs "unlocked" nuance. There is a narrow window of time during user unlock where we're reconciling user storage and dispatching the "unlock" status to various internal system services. While in this "unlocking" state, apps need to be told that the user still isn't actually "unlocked" so they don't try making calls to AccountManager, etc. The majority of internal services are interested in merging together both the "unlocking" and "unlocked" state, so update them. Clarify naming in AccountManagerService to make it clear that a local list is being used, which mirrors the naming in MountService. To match UX/PM requested behavior, move PRE_BOOT_COMPLETED dispatch after the user is unlocked, but block BOOT_COMPLETED dispatch until after all PRE_BOOT receivers are finished to avoid ANRs. Bug: 28040947, 28164677 Change-Id: I57af2351633d9159f4483f19657ce0b62118d1ce /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
6eb8c15b7e07e320243fbb34999f4a34fa729ed0	25-Apr-2016	Fyodor Kupolov <fkupolov@google.com>	Merge "Return null when user is locked" into nyc-dev
714bbd8539b73f9d8cf396b6e0edd03f968ebfbd	22-Apr-2016	Carlos Valdivia <carlosvaldivia@google.com>	Rename GET_PASSWORD_PRIVILEGED and make it signature. Now named GET_PASSWORD. Now it is just a signature, not privileged. Bug: 28295831 Change-Id: Ice93b527edced9546639b6c7096aad933c517548 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
27bd37ff3aa4a4b0f84341cb576df7b75596450a	21-Apr-2016	Fyodor Kupolov <fkupolov@google.com>	Remove pre-N db after successful migration Bug: 26279712 Change-Id: I53e4bd1b04b4ae6b94e8b5642d7f11a4edd6f1e4 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
c86c3fdd9a0307b8df6e4bed70f9e514f911858b	18-Apr-2016	Fyodor Kupolov <fkupolov@google.com>	Return null when user is locked In getUserData, peekAuthToken return null instead of crashing when a user is locked. As per JavaDoc authenticators are expected to handle null return values. Bug: 28217043 Change-Id: I06d5a2965fe685cad21215958d5d94f413f77677 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
1cab76af8537a275d1af38d25f5692a68e48eed6	13-Apr-2016	Jeff Sharkey <jsharkey@android.com>	Make wallpapers direct-boot aware. If the user's wallpaper isn't direct-boot aware, wait around for the user to be unlocked, instead of clearing the wallpaper. Also switch a few classes to using SystemService lifecycle, since events are dispatched faster than through broadcasts. Fix bug where ContentService.systemReady() was never called, and make sure EntropyMixer doesn't risk being GC'ed. Bug: 26280055 Change-Id: I9fff468a439b868baa68cf11bb6ee9f7d52b7b5a /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
eeca6584cff3858e6993dd4b88f1b55418f07ad2	08-Apr-2016	Fyodor Kupolov <fkupolov@google.com>	Make AccountManagerServiceTest work again It was broken for quite a while. Introduced the following changes: - Use mockito to mock AppOpsManager and UserManager - Use MockContext directly and override what is necessary. RenamingDelegatingContext doesn't work with absolute file names for database paths, which is the case for system server DBs. Bug: 26279712 Change-Id: I9f2a3892f9bd7a882d78f0bb7beb8669f7dc8c6f /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
f3d241486b17cbfef7ad9b57aef3454ac3e0e769	11-Apr-2016	Fyodor Kupolov <fkupolov@google.com>	Merge "Allow deleting accounts when user is locked" into nyc-dev
35f680893d8ea4bb8501382f3c8f19e523429b24	06-Apr-2016	Fyodor Kupolov <fkupolov@google.com>	Allow deleting accounts when user is locked removeAccountInternal now allows removing account regardless of lock state: - If user is unlocked, the account is remove from both CE and DE tables - If user is locked, it will only be removed from DE. syncDeCeAccounts will remove account data from CE once the user is unlocked. Bug: 26279712 Change-Id: I734aa474d3d98a85459c9795def83c5dbaaa2536 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
1767fcd5040085ffe7c40e9c8b3790a13d068bc1	07-Apr-2016	Sandra Kwan <sandrakwan@google.com>	AccountManager: fix updateCredentials API. Bug: 26157869 Change-Id: Icd2148db6923383263bcce5ad845bcb1411f5c4e /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
1bb269d8fe9adbf41312e2203e08da34634ae863	02-Apr-2016	Simranjit Kohli <simranjit@google.com>	Merge "Fix extra data in cache" into nyc-dev
858511cd2dbb3962da843fe40baba03305396159	10-Mar-2016	Simranjit Kohli <simranjit@google.com>	Fix extra data in cache Reverting the revert. The original CL(commit a666d74d4bc7e1298314c516d1309571fb87c212) had a bug in it. It was calling accountExistsCacheLocked(), while holding accounts.cacheLock. The function accountExistsCacheLocked, was in turn calling into getUserAccounts, which acquires mUsers. And this causes trouble. mUsers is a a lock on all accounts, and hence calling it after holding accounts.cachelock is calling for trouble. Since the locks are acquired in other order, it causes a potential deadlock issue, which we discovered later on. That bug was fixed by commit 0e592733ecbde2b7e7f2aa92001656dfbcae9641. We already have useraccount object and should reuse it. This reverts commit 27d0e1fd660a7e92644ab6a2893ac1149f0c0488. This commit was unneeded as the bug had been fixed by that time. Change-Id: I5328c31fd485fd2c1c652cd0e7c2c4bded38a5fd /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
51b651aea178fcfca8a3219141f0ecfda1504887	30-Mar-2016	Carlos Valdivia <carlosvaldivia@google.com>	introduce GET_PASSWORD_PRIVILEDGED permission. That will be used to filter in passwords for Session based AccountManager flows. Bug: 27590532 Change-Id: I4a6d0540bcff186e416351a6f719600ce35d86a0 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
ef73aaa3c33635ab8d5901e83e0471ecd6f03e9b	25-Mar-2016	Fyodor Kupolov <fkupolov@google.com>	[FBE] Split accounts.db into two DE/CE databases Previously the database lived in /data/system/user/X/accounts.db. It is now split into two databases: - DE database(/data/system_de/X/accounts_de.db) is opened when the user is running in the locked state. It contains the following tables: -- Grants, Shared_Accounts, Debug_Table, Meta. -- Accounts table only contains name/type/_id - CE database (/data/system_ce/X/accounts_ce.db) is opened when the user is unlocked. It contains remaining tables: -- Authtokens, Extras, Accounts CE database is attached to the DE database by using ATTACH DATABASE command. AccountManager code interacts through a single interface of DeDatabaseHelper, which includes DE, and CE when the user is unlocked. Bug: 26279712 Change-Id: I66555b46bdc16fa4a6093470d2500af09d1fbf25 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
a04c7a7c6442b8c6f87f5dd11fc5659cdb92decc	18-Mar-2016	Jeff Sharkey <jsharkey@android.com>	Mark more Bundles as being defusable. They're destined for the system, so they're okay to look inside. Bug: 27726127 Change-Id: Ic85c308a8efe6f9b8652952717c72b3c663d328a /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
a0a58a2fd5cbc1bb8056227bb04f276b364c6e96	17-Mar-2016	Jeff Sharkey <jsharkey@google.com>	Merge "Refactoring FBE APIs based on council feedback." into nyc-dev
8a372a0a280127743ce9a7ce4b6198c7a02d2a4f	16-Mar-2016	Jeff Sharkey <jsharkey@android.com>	Refactoring FBE APIs based on council feedback. Mostly consists of removing the word "encryption" from most APIs, since we can't actually make promises about the data being encrypted. Bug: 27531029 Change-Id: Iace9d7c4e64716abf86ed11847c40f3947e1d625 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
ec1a918f44d692271ea65cf5ec88bf79b9d1a96d	17-Mar-2016	Erik Wolsheimer <ewol@google.com>	Prevent NPE via use of uninitialized mUserManager BUG: 27718356 BUG: 27336841 Change-Id: Id603835b0463ca32f6a27ec255df7077f2427b06 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
358e51f3d186719a6a5b1f346f55c5426925055f	15-Mar-2016	Ian Pedowitz <ijpedowitz@google.com>	Revert "Permissions: Get rid of GET_ACCOUNTS" This reverts commit d39600585bcb720d739ef6f0091066e3d4f77765. Bug: 27665091 Change-Id: I7d017ba7062ac594225229436d2877c7d21fb065 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
d39600585bcb720d739ef6f0091066e3d4f77765	11-Feb-2016	Carlos Valdivia <carlosvaldivia@google.com>	Permissions: Get rid of GET_ACCOUNTS Second attempt. Still need to add strict mode violation checks and logging. Bug: 21901286 This reverts commit bf33bd4d31cfec895c96990525b0cb856407c8d6. Change-Id: I5d73343544c32ce4fc4c377ba44db8e677a1287d /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
6ede9c3d2260552f64c487ea4dc7b687f3b9aa58	11-Mar-2016	Carlos Valdivia <carlosvaldivia@google.com>	Logging to KEY_INTENT security failure To help debugging we would like to know the targetPackageName and uid of the KEY_INTENT that is being rejected. Bug: 27598664 Change-Id: Idcf1eea82a96913947975b6fe3aa1e9c6e5109a7 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
1c9026de576ba7eab05125328c3ae6379af3db91	23-Feb-2016	Sandra Kwan <sandrakwan@google.com>	AccountManager: fix residue data when authenticator is uninstalled. Bug: 20447341 Change-Id: Ie7bbc0300e1f902f18a826ef45b9cbae445651ec /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
27d0e1fd660a7e92644ab6a2893ac1149f0c0488	25-Feb-2016	Simranjit Kohli <simranjit@google.com>	Revert "[Fix extra data in cache]" This reverts commit a666d74d4bc7e1298314c516d1309571fb87c212. Bug: 27314050 Change-Id: I1562c51751f983a49a11e1d37d936974e17388ef /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
041232a7f9f1bcd602c0a0dd580c4f603d90a651	23-Feb-2016	Fyodor Kupolov <fkupolov@google.com>	Copy shared accounts after the user is unlocked Previously accounts were copied in onUserStarted. At that stage only encryption-aware authenticators could run. Bug: 27274434 Change-Id: I4f2dbdc09e81087d960067e7930ce3b9cff829ab /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
0e592733ecbde2b7e7f2aa92001656dfbcae9641	22-Feb-2016	Benjamin Franz <bfranz@google.com>	Use UserAccounts handed into accountExistsCacheLocked Use the object we get handed rather than obtaining the one for the calling user. We're previously clearing the caller, so the calling user might not be the same as the one we used to obtain accounts object. Bug: 27285299 Change-Id: Ie384bca83779593f6569bccea3c2851083ace31d /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
a666d74d4bc7e1298314c516d1309571fb87c212	07-Aug-2015	Simranjit Singh Kohli <simranjit@google.com>	[Fix extra data in cache] It seems that some account authenticators call getData before account is added, which initializes the cache for that account. 1. We now don't initialize the cache if the account is not on the device. 2. We now use locking. Bug: 23018710 Bug: 20071745 Change-Id: Ie59ca6b4e575f524a9d3bf286c3bd95abce4a596 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
8212ae0aee1700b9c287ebadf15af8dacdc8eae6	10-Feb-2016	Jeff Sharkey <jsharkey@android.com>	Consistent naming for internal storage APIs. Also completely remove a few confusingly named deprecated APIs. Change-Id: Ia7e4ea3190a97f0a7dfa9bebf2118da0866ec38f /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
bf33bd4d31cfec895c96990525b0cb856407c8d6	02-Feb-2016	Carlos Valdivia <carlosvaldivia@google.com>	Revert "Permissions: Get rid of GET_ACCOUNTS" This reverts commit 918c55a67c2bf0cec79f75dec6ca468e914a5fd1. Change-Id: I995f134336bf61ac1f21052355900ae89d0d6694 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
8a38a136e17a52e821e51c23e9e83f846045173a	27-Jan-2016	Carlos Valdivia <carlosvaldivia@google.com>	Need to call getApplicationInfo from System id Otherwise it trys to enforce INTERACT_ACROSS_USERs when a package is in a different INTERACT_ACROSS_USERs. Still figuring out why this is triggering for the regular getApplicationInfo call. Change-Id: I9b07646aeaf35e2db4a6849e217129077b50b624 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
3cdbc806ff52d02bf215a5aa696b670434d9f401	27-Jan-2016	Carlos Valdivia <carlosvaldivia@google.com>	Merge "Permissions: Get rid of GET_ACCOUNTS"
0b84b456a79d83527665a5ac399cba73f1a85821	21-Jan-2016	Sandra Kwan <sandrakwan@google.com>	AccountManager: add finishSessionAsUser api. Change-Id: I9a08d957a9b25be4c6cf12e4ed35cdc0bfbb8605 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
918c55a67c2bf0cec79f75dec6ca468e914a5fd1	14-Jan-2016	Carlos Valdivia <carlosvaldivia@google.com>	Permissions: Get rid of GET_ACCOUNTS Bug: 21901286 Change-Id: Id2c42f4d449a32c88078d80dcf952d15e67d536c /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
390c9d2d91117c767b27e33e906f7830b4c0a4dc	12-Jan-2016	Sandra Kwan <sandrakwan@google.com>	AccountManager: add isCredentialsUpdateSuggested API. Change-Id: I27e0db0345f3431b796a944740dab767b45f7871 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
12747879b0204b9dfee997eddc981d09289e8b77	07-Dec-2015	Amith Yamasani <yamasani@google.com>	User creation with an intent New API for an app to request creating a new user with a given user name and seed account information for the SetupWizard to use when that user is switched into. Also adds system APIs to read the seed account data from UserManager. Bug: 22776757 Change-Id: I0bc3f11ee19c15e0ee2a908c88d98b13296cc30d /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
f56a60fab2b51b769130961ddf19e5d79e176bfe	13-Jan-2016	Sandra Kwan <sandrakwan@google.com>	Merge "AccountManager: make account session APIs SystemApi."
a578d11470d2c782bc8b54bc2a9154e7f5b68354	17-Dec-2015	Sandra Kwan <sandrakwan@google.com>	AccountManager: make account session APIs SystemApi. Make startAddAccountSession, startUpdateCredentialsSession and finishSession Apis SystemApi. Change-Id: Iaedfe546e9b87a2ee8dd2d19e8c28b7f1d59c111 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
cd65448ccd13c4c2d0fe9e9623fec3a898ab9372	09-Jan-2016	Jeff Sharkey <jsharkey@android.com>	Even more PackageManager caller triage. Finish moving all UID/GID callers to single AIDL method that requires callers to provide flags. Triage AppWidgets and PrintServices, which currently can only live on internal storage; we should revisit that later. Fix two bugs where we'd drop pending install sessions and persisted Uri grants for apps installed on external storage. Bug: 26471205 Change-Id: I66fdfc737fda0042050d81ff8839de55c2b4effd /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
b6c0ce4ac915cd5ab9a308cb0a4861c4e2cd7dfb	05-Nov-2015	Benjamin Franz <bfranz@google.com>	Allow device and profile owner to modify accounts The user restriction DISALLOW_MODIFY_ACCOUNTS and the policy DPM.setAccountManagementDisabled can now be circumvented by a device or profile owner. This allows the device or profile owner to add accounts without briefly having to remove the policy. Bug: 22030831 Change-Id: I2b59c4b3ad354287d7a00f21b2afef072d12517d /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
9b041747d164719dad8c79463b68a97fba751f67	12-Dec-2015	Andreas Gampe <agampe@google.com>	Frameworks/base: Fix typo in AccountManagerService Fix an unintended tautology. Bug: 19797138 Change-Id: Iec19b5c9c80b9f49a61b0dc3c9a9d5c13c84a992 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
db9df39992ce6a1a09c2f26cde639baf126fa6f5	05-Dec-2015	Sandra Kwan <sandrakwan@google.com>	Merge "AccountManager: add finishSession(...) API."
920f6ef983024c15fbd47f7be7fa9204559f2514	10-Nov-2015	Sandra Kwan <sandrakwan@google.com>	AccountManager: add finishSession(...) API. Adding finishSession API to AccountManager and AbstractAccountAuthenticator. Change-Id: I153dd2bb6fe01d2e4b10b41e8b553f59da26bd29 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
9d8a1048bb666c68402dce031bebfa07c92a42db	04-Dec-2015	Jeff Sharkey <jsharkey@android.com>	Handle non-encryption-aware accounts and sync. The system can now boot in a "locked" state where only encryption aware (EA) components can be safely started. When in this state, PackageManager already filters away non-EA components, but system services like AccountManager and SyncManager need to carefully handle these temporarily "missing" components. As a guiding principle, all known Accounts are still present when the device is locked, but communication with underlying non-EA authenticators is blocked. To keep things simple for now, all SyncManager requests are kept dormant until the user enters the unlocked state. The core of this logic is that RegisteredServicesCache now works with all components regardless of EA status, which prevents us from accidentally thinking a service was removed when the user is locked. Bug: 25945136 Change-Id: I8714121f6236b00821769023c4df7de1c8a99944 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
e68c37eead0b7255d307af91ca284eaee419c944	13-Nov-2015	Sandra Kwan <sandrakwan@google.com>	AccountManager: add startUpdateCredentials API. Adding startUpdateCredentials API to AccountManager and AbstractAccountAuthenticator. Change-Id: Id9a1ff86764f2fde01fd8482594e4ae34e1f3bd1 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
7881228736fd5f3f4ecf25d4808dc004c03b54d1	04-Nov-2015	Sandra Kwan <sandrakwan@google.com>	AccountManager: add startAddAccount API. Adding startAddAccount API to AccountManager and AbstractAccountAuthenticator. Change-Id: I29e1defb2181ece1281534db0e36b28457085148 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
e17ac1569793c333bb4dce86607a342e7c982ae7	07-Nov-2015	Jeff Sharkey <jsharkey@android.com>	More APIs for encryption-aware apps. Apps can mark manifest components as being encryption-aware, which means they can safely be run before the credential encrypted storage is available. Start adding filtering logic so that we only return these components when a user is running "with amnesia." That is to say, only device encrypted storage is available, so the user is running but with only partial knowledge of its data. To avoid calling into ActivityManager with the PackageManager lock held, we quickly determine user state and splice the state into the flags for later per-component evaluation. Bug: 22358539 Change-Id: Idc56ec29f1ef04da8963e004314d7f5e47400997 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
ddae02634eda922c4ff9355b650032aec7e7d12f	30-Oct-2015	Carlos Valdivia <carlosvaldivia@google.com>	Get rid of getTypesVisibleToCaller log spam. am: 02bffab9dc am: 1fd46d1581 am: b45f1b8ad1 am: 30fce1c0ab * commit '30fce1c0ab4f0d3dc4f927699888165ac9d21706': Get rid of getTypesVisibleToCaller log spam.
02bffab9dc6cc50dd0efdb4bff4feaa9672de5ea	30-Oct-2015	Carlos Valdivia <carlosvaldivia@google.com>	Get rid of getTypesVisibleToCaller log spam. Bug: 25062620 Change-Id: Ia3080c501a288522a5b1de88d50f365357418ba8 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
02cb6e773b323a0d54b21f43460a23f668b7727c	19-Sep-2015	Fyodor Kupolov <fkupolov@google.com>	Added --restricted option for create-user command Also moved restricted profile create/setup logic from Settings to UMS.createRestrictedProfile. Bug: 24212155 Bug: 24303609 Change-Id: I0346a3368de53f4bb4b6e054349f19adac959d7f /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
9249a9097707bb57ae0a7d114eff54bc82ad462d	26-Sep-2015	Bart Sears <bsears@google.com>	Revert "Added --restricted option for create-user command" This reverts commit 737b216b5c28f7d7162f219136d4e8a9eb1a486b. Change-Id: I4c43967933bb2e46cdb8ad6e643d7037d722cab2 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
737b216b5c28f7d7162f219136d4e8a9eb1a486b	19-Sep-2015	Fyodor Kupolov <fkupolov@google.com>	Added --restricted option for create-user command Also moved restricted profile create/setup logic from Settings to UMS.createRestrictedProfile. Bug: 24212155 Bug: 24303609 Change-Id: I5f0d48bcbd3c0b51927926b874fd057c15ac5219 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
6d44e59c96fa491a60a67b585374b54e7a92e3ca	11-Sep-2015	Svetoslav <svetoslavganov@google.com>	am 37d0e13a: am 572a78cd: am 9d4cad8b: am b1cebd9e: am 5579e41c: Add op package to the UID special case handling in account manager. * commit '37d0e13ad3be7fddbce991bef263ac4375e28c22': Add op package to the UID special case handling in account manager.
5579e41c6f81bba1fc1e8cc53186957e287b5dad	11-Sep-2015	Svetoslav <svetoslavganov@google.com>	Add op package to the UID special case handling in account manager. The account manager has a hardcoded rule to change the calling UID if the caller is the system and another UID is passed in. We have to do the same acrobatics for the app op package as if the UID changes the opPackageName will not match the new UID. If we used the passed in UID we should also use the passed in op package name. bug:23968092 Change-Id: I0c0c2a720e9edbf82001952929d990702f8650ca /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
f3f02ac931d04e6ba4393e27558cd317cb1e6b44	08-Sep-2015	Svetoslav <svetoslavganov@google.com>	Add get_accounts app op For each runtime permission we have an app op to toggle the permission for legacy apps as they cannot handle permission revocations. We were lacking an app op for get_accounts which prevented the user from controlling access to accounts regardelss that they change the state of the permission toggle in the UI. Even worse the permission UI is written with the assumption that every runtime permission has an app op and as a result revoking the contacts group (if the app requests the get_accounts permission) is reset back to allowed in the UI. bug:23854618 Change-Id: I12b83dfd22974d130e5b8e7a195421120813e2db /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
ce852ddcecefc6b3e1265462f5c8670bd0e4ace1	08-Sep-2015	Svetoslav <svetoslavganov@google.com>	Add get_accounts app op For each runtime permission we have an app op to toggle the permission for legacy apps as they cannot handle permission revocations. We were lacking an app op for get_accounts which prevented the user from controlling access to accounts regardelss that they change the state of the permission toggle in the UI. Even worse the permission UI is written with the assumption that every runtime permission has an app op and as a result revoking the contacts group (if the app requests the get_accounts permission) is reset back to allowed in the UI. bug:23854618 Change-Id: I9e3f9bfeb320bed561d718db99ee285915d5701b /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
06a484adb93c6c969321147b07112684383305f6	22-Aug-2015	Fyodor Kupolov <fkupolov@google.com>	Non-system users can now have restricted profiles In the non split system user, only USER_OWNER is allowed to have restricted profiles. This is now changed in split user mode, where multiple secondary users can have restricted profiles. Added UserInfo.restrictedProfileGroupId field, which defines parent/child relationship between secondary users and linked restricted profiles. Adjusted shared accounts handling logic to not assume that USER_OWNER is the only owner. Bug: 23191995 Change-Id: I5f3fc2aa4f229103d6e75ec2c3dfce866b8007de /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
a3721e1cc855436c6048ca58134997bfce12ad1a	11-Aug-2015	Carlos Valdivia <carlosvaldivia@google.com>	Fix deadlock. AccountManagerService can't ever synchronize on mUsers within a block of code locked by UserAccounts.cacheLock. That will lead to deadlocks. This change fixes a case where we were doing that in getAccountsInternal(). Also I have purgeOldGrantsAll() run off the the main thread. Bug: 23036400 Change-Id: I8634691ca54c57a6e83633baba549226fdcd1064 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
b77d8b60857be5f5724b080ca42d2dfb2755e0fb	08-Aug-2015	Simranjit Singh Kohli <simranjit@google.com>	[Fix getAccounts MANAGE_USERS permission] Make code having potential to call userInfo inside clearIdentity. Bug: 22917218 Change-Id: If95fb7c0ec36a2f5c737f04bc7d8af95b44fea22 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
6cc066df7a79eb9f3cdf7b41dc9307f75c413c09	05-Aug-2015	Ian Pedowitz <ijpedowitz@google.com>	Revert "Revert "Permissions: GET_ACCOUNTS permission cleanup"" This reverts commit 845d14db9066c3262f270237b52e315aa71508b2. Bug: 22942480 Bug: 22902898 Change-Id: If2d0e11594284414953c3dd45475fc7ba3366295 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
845d14db9066c3262f270237b52e315aa71508b2	04-Aug-2015	Ian Pedowitz <ijpedowitz@google.com>	Revert "Permissions: GET_ACCOUNTS permission cleanup" Temporarily revert ag/735253 until b/22902898 can be resolved with a proper DMAgent prebuilt drop. This reverts commit e7ed827a104ba005b93faa2edb3bc77f72b240ec. Bug: 22902898 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
e7ed827a104ba005b93faa2edb3bc77f72b240ec	27-Jul-2015	Carlos Valdivia <carlosvaldivia@google.com>	Permissions: GET_ACCOUNTS permission cleanup First, getAccounts*() will now return all available accounts depending on both GET_ACCOUNTS grants and signature matching. This is different from before where a caller of getAccounts() would need GET_ACCOUNTS to get any accounts, but if that same caller called getAccountsByType, they might have gotten back accounts if they shared a signature with the same developer. Second, cleaned up some NPEs and javadoc. This change was motivated by progress on the cts tests. Change-Id: I2f36226780e074fdf58214b46de3b79d8319ace1 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
2062eeff0156bc4e119398f1736e699d90ad8345	22-Jul-2015	Svet Ganov <svetoslavganov@google.com>	Add a privileged permission to get user accounts bug:22602794 Change-Id: I6e5429f0eb5f2cb274d4740755070e588735e179 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
ba0b10af5ffd568ce7ad180a5c6a833e9419cabe	17-Jul-2015	Simranjit Singh Kohli <simranjit@google.com>	[Fix MANAGE_USER permission in AccountManagerService] It seems that curently there were situations where the init of Accounts in cache could trigger MANAGE_USER permission needed errors. The callers should make sure they are calling it after clearing identity. Bug: 22492964 Change-Id: I44e890ff03a3bf144c907f2692dc1c6be8816f11 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
c37ee22714ddec1104ba3a2189cf77924ac27812	18-Jun-2015	Carlos Valdivia <carlosvaldivia@google.com>	Tweak GET_ACCOUNTS behavior and improve memory. Related to recent permissions and system health changes. This change will make it so that calls to AccountManager#getAccountsByType will work for the owning account authenticator even if they don't have permissions. This is pretty fundamental to having a working authenticator and it doesn't make sense to have it be disabled (or have authenticators hack around the framework). Also changed how TokenCache works so that memory usage is still predictable (no more than 64kb) but token caching won't be at the mercy of garbage collection. This is important for writing stable cts tests. Change-Id: Ib31b550616b266ee5a04eb26b04ba0023ca0cb83 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
0b8a7c00bd9433862e7867f6780fe3cd5771ee7d	19-Jun-2015	Simranjit Singh Kohli <simranjit@google.com>	[Modify LastAuthenticatedTimestamp behaviour]: We should not modify lastAuthenticated timestamp in authenticator specific api's, as some of the calls maybe used by authenticators for internal maintainance/upgrade. Only modify the timestamp when calls effecting accounts is made to non-authenticator developer api's. Bug: 21959561 Change-Id: I7b2d0c875957b263c4d9b203fe1f33042a65a58f /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
17de4b2a73996366ff3d7759793a6809654caebe	12-Jun-2015	Chris Wren <cwren@android.com>	Merge "remove usage of deprecated method setLatestEventInfo" into mnc-dev
1ce4b6d3c6cb5b2eb9c9d00472be12245db92427	11-Jun-2015	Chris Wren <cwren@android.com>	remove usage of deprecated method setLatestEventInfo Bug: 18510449 Change-Id: I56a77991c729990e501f402e007dfa79ee57621e /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
6eb73a577850a4b6ddb06fd746f09a6c1d124f34	11-Jun-2015	Carlos Valdivia <carlosvaldivia@google.com>	Revert "Revert "Permissions: Fix account related permissions."" This reverts commit dcddc476651deb72a27798de56eef584e5be5d32. Change-Id: Ie2402167fc7cd3d5e57bf2fba704fdf00cfcb4fe /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
dcddc476651deb72a27798de56eef584e5be5d32	11-Jun-2015	Carlos Valdivia <carlosvaldivia@google.com>	Revert "Permissions: Fix account related permissions." This reverts commit ffb46022b30dffdf1cc4cbd08d4bcbe51e1f8814. Change-Id: I4c62b1b5a5bd4e2a5fac76244a16730526ed67fc /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
ffb46022b30dffdf1cc4cbd08d4bcbe51e1f8814	09-Jun-2015	Carlos Valdivia <carlosvaldivia@google.com>	Permissions: Fix account related permissions. Requires updating the docs in AccountManaager as well as the logic in AccountManagerService. MANAGE_ACCOUNTS, USE_CREDENTIALS, and AUTHENTCATE_ACCOUNTS are going away. Where AUTHENTCATE_ACCOUNTS was required we now do signature matching. GET_ACCOUNTS is kept but has been grouped under contacts. Bug: 20136477 Change-Id: Iabbb76dce8d1efc607c1f107911d7ddab598a481 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
e736001af9e011f121fdb85c92637796304dea9a	04-Jun-2015	Amith Yamasani <yamasani@google.com>	Allow packagemanager checks for secondary user packages Clear calling identity when calling into package manager for package info. Bug: 21613139 Change-Id: I0655122f69cc886a395b7195d108222697769b06 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
91979be8804232a04da2bf36cdd857ee7da04479	22-May-2015	Carlos Valdivia <carlosvaldivia@google.com>	System Health: Support expiring tokens In the past android:customTokens=true authenticators were required to handle their own token caching. This is detrimental for battery when high traffic authenticators are constantly spinning up processes to start services to do file io to check their own caches. This change allows authenticator implementers to optionally let the framework do some of the work for them by providing the framework with a expiration time. The AccountManagerService will make a best effort to re-use the cached token if possible. Bug: 21530782 Change-Id: I16a7edba36a220e3891e55cf61c725c2be863323 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
6a184878f801f8511f25515eda482e8905495f17	19-May-2015	Simranjit Singh Kohli <simranjit@google.com>	[Fix Potential for error]: Init for accounts maybe called when non-system app asks for accounts. That might lead to deletion of accounts and broadcast from the user, which requires permission. Hence, we should clear calling identity before requesting it. Bug: 21140169 Change-Id: I057ac6778ea53d3f96b3e5c42fe3a2fe60c3cf28 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
490d23bf55360219652d5177baefcba9377e2f4d	30-Apr-2015	Simranjit Singh Kohli <simranjit@google.com>	Merge "[Update API]: Rename accountAuthenticated to notifyAccountAuthenticated and other changes." into mnc-dev
1d0c1a6ffc8f172b10f2cdf25e27064db0d25c45	09-Apr-2015	Simranjit Singh Kohli <simranjit@google.com>	AccountsDb Logging]: Introducing logging in accountsDb. This CL introduces logging for various functions like add/remove accounts, clear/set tokens. It is made sure not to log any PII in the new table. Bug: 18168971 Change-Id: Iacc3e7e80a640fcb113886443172809e8f7bee21 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
1663b44cfd5fe589183dae5db769c843870cb5db	28-Apr-2015	Simranjit Singh Kohli <simranjit@google.com>	[Update API]: Rename accountAuthenticated to notifyAccountAuthenticated and other changes. Bug: 20642769 Change-Id: I7e69d6a9492691429af0d7c2f405e01e265fcedd /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
82d01782b3ca4fa7b0274d4aad300da505de7843	10-Apr-2015	Simranjit Singh Kohli <simranjit@google.com>	[Fix confirmCredntials flow] This CL contains 2 fixes: 1. On a successfult confirm credential, lastAuthenticatedTime was not getting updated. This gets fixed. 2. Historically, confirmCredential used to work for accounts NOT on the device. Setting lastAuthenticated time only for existing accounts and preventing crash if account is not on the device. Bug: 20141809 Change-Id: I301d49cbc4a594af6110366ef6f55350f74d250d /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
3580cd0b5223837597cdc714180158495a866aa4	31-Mar-2015	Simranjit Singh Kohli <simranjit@google.com>	Merge "[Auth:Last Credentials Timing] : Introducing API"
6c7c4ada8b0ce5f7027fd7b87dc8848b42fa5a0c	24-Feb-2015	Simranjit Singh Kohli <simranjit@google.com>	[Auth:Last Credentials Timing] : Introducing API Storing last successful sign-in/authentication timings, and providing that information as extra's in updateCredentials and confirmCredentials. Also, adding a new api: AccountManager#accountAuthenticated(Account). Change-Id: Icd0dac35b13d61bc28a2e045b96caefffeb353be /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
4a357cd2e55293402d7172766f7f9419815fc1e8	19-Mar-2015	Alan Viverette <alanv@google.com>	Replace usages of deprecated Resources.getColor() and getColorStateList() Change-Id: I8f64fe6c4c44a92ff6d07250223ba590a1d691b0 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
33d3c53da021f0d044028860ace0f4ad817273f5	11-Feb-2015	Alex Klyubin <klyubin@google.com>	resolved conflicts for merge of 517e0274 to lmp-mr1-dev-plus-aosp Change-Id: Ic20b6c8851458483dd73a144bd5ae6e8d141e62a
b9f8a5204a1b0b3919fa921e858d04124c582828	03-Feb-2015	Alex Klyubin <klyubin@google.com>	Move hidden ApplicationInfo flags into a separate field. The public API field android.content.pm.ApplicationInfo.flags can support only 32 flags. This limit has been reached. As a short term workaround to enable new public flags to be added, this CL moves flags which are not public API into a separate new field privateFlags and renames the affected flags constants accordingly (e.g., FLAG_PRIVILEGED is now PRIVATE_FLAG_PRIVILEGED). The new privateFlags field is not public API and should not be used for flags that are public API. The flags that are moved out of ApplicationInfo.flags are: * FLAG_HIDDEN, * FLAG_CANT_SAVE_STATE, * FLAG_FORWARD_LOCK, and * FLAG_PRIVILEGED. NOTE: This changes the format of packages.xml. Prior to this CL flags were stored in the "flags" attribute. With this CL, the public flags are stored in a new "publicFlags" attribute and private flags are stored in a new "privateFlags" attribute. The old "flags" attribute is interpreted by using the old values of hidden/private flags. Change-Id: Ie23eb8ddd5129de3c6e008c5261b639e22182ee5 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
48fcd4e175864a3f0de561d8116637179c0ce489	02-Dec-2014	Marvin Paul <marvinpaul@google.com>	Added explicit sort order when fetching accounts. In SQLite, if a sort order is not specified then the ordering is undefined. In pre-L, SQLite would order accounts by the primary key. But in L, the newer SQLite version appears to be ordering accounts by the name. Bug 18453759 Change-Id: I6bf2b0de59eca4c69472b4279b9e4194c3d3471e /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
22dc3b7ba111e27bce99a7cce966598e7873508c	31-Oct-2014	Esteban Talavera <etalavera@google.com>	New AccountManager method to copy accounts between users. Adding the copyAccountToUser method which copies an account along with its credentials to a different user. Also an extra in the public api to identify the account to migrate during provisioning. Bug: 17716971 Change-Id: I2f29f1765ba0d360a3894b13ef86253b7c7d3284 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
8778f993aeb7ec3df88aa0b244381253257bafe2	06-Nov-2014	Simranjit Singh Kohli <simranjit@google.com>	[RemoveAccount API]: Adding support for intent. Adding support for intent handling provided by authenticators. Bug: 18292092 Change-Id: I1e94422bc28e5fd54c454ee6542ff2d30f82849f /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
ae7034aaf092adb52e7d1b5b86b2986e91295b9f	22-Sep-2014	Amith Yamasani <yamasani@google.com>	Fix regression in launching CantAddAccountActivity for correct user This activity should be launched for the user calling addAccount() Bug: 17608124 Change-Id: I5d7e47bc625442494dc322ccafdc25f5f5c6aa7b /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
23f58260bd70dc9ca2787f54093ec0369dc3f02c	05-Sep-2014	Carlos Valdivia <carlosvaldivia@google.com>	We shouldn't delete accounts when a package is being updated. Bug: 17158237 Change-Id: Icbf9e672a6a698737b08ed39c78a64c161a7b802 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
07ad8dc2087aa02da48353acc19ba82e62d99f82	01-Sep-2014	Kenny Guy <kennyguy@google.com>	Use context for user when calling notifyAsUser Create a context for the user the notification is being posted for when using NotificationManager.notifyAsUser. Bug: 17002733 Change-Id: Ie41d27bbb781ca38cc9bc910bd4410b8862edee1 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
255dd04271088590fedc46c8e22b2fd4ab142d39	19-Aug-2014	Selim Cinek <cinek@google.com>	Added notification color to all system notifications Bug: 17128331 Change-Id: I81a94510ef51b99916f314c0dd65852426a1fbeb /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
4e68b6572306fb4a44e78b3cf2b48fb943e69cbe	25-Jul-2014	Adili Muguro <adili.muguro@sonymobile.com>	Fixed a NullPointerException in AccountManagerService. Change-Id: If65d7870c609ae6c7467e26978ffd0ce0d52f518 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
f193b9a61d0b14d13bb7f8aec42a21154672e5ec	18-Jul-2014	Carlos Valdivia <carlosvaldivia@google.com>	Allow authenticators to rename accounts. Bug: 16390602 Change-Id: I4f7250726a2c7677e0ccaa6e5f995153893d8360 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
999d394adee533c55fce38bd632ffd4f1af91362	03-Jul-2014	Alexandra Gherghina <alexgherghina@google.com>	Ads per-user APIs to manage accounts through the AccountManager Bug: 16056552 Bug: 14642886 Change-Id: I17ff6c2515285e63c84cecf2f861d10666c393c5 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
c1cf161af036e0f337b58ef0739a8ff2e42f01e7	05-Jun-2014	Alexandra Gherghina <alexgherghina@google.com>	Modifies APIs for retrieving managed profile accounts. This is needed for Account Settings UI. Bug: 13656853 Change-Id: I33129e4b7b33b428a7bf670259accacb60f62d9b /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
da1350f28011ef7ed6b02d514c3a86a8cc8007de	08-May-2014	Sander Alewijnse <salewijnse@google.com>	AccountManager cannot modify accounts according to device policy. Change-Id: Ied03b16c31312f7a4a934616c3c25b2481de818e /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
5934dbc9f12936b7faf592660a28b4bbcff0cdd0	21-Feb-2014	Amith Yamasani <yamasani@google.com>	Abort removing account if prohibited by policy Bug: 13077993 If an EDU device was marked as prohibited from adding/removing accounts, it was throwing an error but still continuing to remove the account. This fixes the problem by aborting the removeAccount steps. Change-Id: Ie7f157c5397a7391aab6f37c8a4331479f1b451b /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java
9158825f9c41869689d6b1786d7c7aa8bdd524ce	22-Nov-2013	Amith Yamasani <yamasani@google.com>	Move some system services to separate directories Refactored the directory structure so that services can be optionally excluded. This is step 1. Will be followed by another change that makes it possible to remove services from the build. Change-Id: Ideacedfd34b5e213217ad3ff4ebb21c4a8e73f85 /frameworks/base/services/core/java/com/android/server/accounts/AccountManagerService.java