Cross Reference: /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java

History log of /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
09e7e0ef8bcd8b7b78b79fb570de2032871f0c97	07-Nov-2013	Jatin Lodhia <jlodhia@google.com>	Delegate existence of account check to Authenticator. Current AccountManager code for getAuthToken checks if the account in the request exists. If the account does not exist then it throws an exception which leads to a runtime exception being thrown by AccountManager in the client. In perticular, Checkin client code hits this issue when accounts are deleted by user. As the exception is thrown from the getAuthToken method call and is a RuntimeException it is not caught by the client. Futhermore, Checkin runs in one of the important processes and this exception makes the process crash. This cl, does the following: 1) Delegates the account exists check to Authentictor which in turn would cause an AuthenticatorException which is a checked exception. 2) Replaces some of the runtime exceptions thrown by AccountManagerService with calling AccountManagerResponse.onError() which causes more graceful failure on the client. 3) Correctly passes on the error returned by Authenticator to AccountManager. Earlier if Authenticator returned an error code to the AccountManager, it ignored the error and returned null token to the client which was incorrect. Bug: 10856295 Change-Id: Ie250fec601d46f6dfecd74677b478bfd4e9dcfad /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
416747aea11351c4327ac74c3a8d7bf338cde946	15-Oct-2013	Carlos Valdivia <carlosvaldivia@google.com>	Package checks for resloving recovery tokens should be user sensitive. Bug: 11219355 Change-Id: Iec031739dc0d751ee9841ca2c495a346d689ad2a /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
0c19bf524493f2feedf442d390c878fd1ca66d7b	03-Oct-2013	Amith Yamasani <yamasani@google.com>	Avoid deadlock between mUsers and cacheLock Should fix the occasional deadlock that ends up killing the system process via Watchdog. Bug: 11033281 Change-Id: Ie9cec0b6e2bd44bb03848b04aec5f9bd04ee74d6 /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
164371fb759bad6854570af0fca60d9a01e17235	02-Oct-2013	Dianne Hackborn <hackbod@google.com>	Fix issue #11005453: [SUW] G+ profile creation for new user broken The main problem here was a mistake when turning a single process structure to a multi-package-process structure with a common process. When we cloned the original process state, if there were any services already created for the process for that package, they would be left with their process pointer still referencing the original now common process instead of the package-specific process, allowing the active counts to get bad. Now we switch any of those processes over to the new package-specific process. There was also another smaller issue with how ServiceRecord is associated with a ServiceState -- we could be waiting for an old ServiceRecord to be destroyed while at the same time creating a new ServiceRecord for that same service class. These would share the same ServiceState, so when the old record finally finished destroying itself it would trample over whatever the new service is doing. This is fixed by changing the model to instead of using an "active" reference count, we have an object identifying the current owner of the ServiceState. Then when the old ServiceRecord is cleaning up, we know if it is still the owner at that point. Also some other small things along the way -- new Log.wtfStack() method that is convenient, new suite of Slog.wtf methods, fixed some services to use Slog.wtf when catching exceptions being returned to the caller so that we actually know about them. Change-Id: I75674ce38050b6423fd3c6f43d1be172b470741f /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
5bab9daf3cf66f4de19f8757e386030e8bef23ce	29-Sep-2013	Carlos Valdivia <carlosvaldivia@google.com>	Prevent authenticators from using Settings to launch arbitrary activities. Various authenticator results such as getAuthToken and addAccount might result in an Intent returned to the AccountManager caller. A malicious authenticator could exploit the fact that the Settings are a system app, lead the user to launch add account for their account type and thus get Settings to use the intent to start some arbitrary third parties Activity. The fix is to make sure that the UID of the app associated with Activity to be launched by the supplied intent and the Authenticators UID share the same signature. This means that an authenticator implementer can only exploit apps they control. Bug: 7699048 Change-Id: I34330454c341e6a8422ca1ed3b390466a0feedce /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
ccbf84f44c9e6a5ed3c08673614826bb237afc54	09-May-2013	Christopher Tate <ctate@google.com>	Some system apps are more system than others "signatureOrSystem" permissions are no longer available to all apps residing en the /system partition. Instead, there is a new /system/priv-app directory, and only apps whose APKs are in that directory are allowed to use signatureOrSystem permissions without sharing the platform cert. This will reduce the surface area for possible exploits of system- bundled applications to try to gain access to permission-guarded operations. The ApplicationInfo.FLAG_SYSTEM flag continues to mean what it is says in the documentation: it indicates that the application apk was bundled on the /system partition. A new hidden flag FLAG_PRIVILEGED has been introduced that reflects the actual right to access these permissions. At some point the "system" permission category will be renamed to "privileged". Bug 8765951 Change-Id: I6f0fd9cdb9170e076dfc66d83ecea76f8dd7335d /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
9a6d5fc5a116551962f9829db18e611dbcb3e718	23-May-2013	Amith Yamasani <yamasani@google.com>	am 77049e13: am 60b4afed: Merge "Fix account filtering for specific package name" into jb-mr2-dev * commit '77049e1303bba3056c4a1353d3c03421d0ba27f7': Fix account filtering for specific package name
e3423097044e504c51c68ff88cb91baa1ca68ca9	23-May-2013	Amith Yamasani <yamasani@google.com>	Fix account filtering for specific package name Hacks to enable gms to see accounts were interfering with checking for explicit package name. Bug: 9095427 Change-Id: Iae65ea2a678d7403d023fa1a61c01347b77c3b5a /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
7e028153da1c400b6ec150d1ed62e09f47e32936	09-May-2013	Amith Yamasani <yamasani@google.com>	am fb37bb67: am 73094fbc: Merge "Don\'t allow non-authorized apps to access auth tokens" into jb-mr2-dev * commit 'fb37bb67ec8ec2180e7afb51e748a7f56cabae23': Don't allow non-authorized apps to access auth tokens
d20ea2f158000fd83528ef95e4e5fc6ff8c78b81	08-May-2013	Amith Yamasani <yamasani@google.com>	Don't allow non-authorized apps to access auth tokens For restricted profiles, if an app tries to guess an account name and requests an auth token, even though the framework is going to prompt for permission, it could be authorized by someone who can't read. If the app is not opting in to see accounts, don't let it get auth tokens by verifying first that it's in the list of known accounts. Bug: 8736380 Change-Id: I6caf88cfe14aa1023d55bcb28ad80ccd89eeb79b /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
8d044e8bc287c1a567d82aedbe30085b011544c3	01-May-2013	Dianne Hackborn <hackbod@google.com>	Start combining threads in system process. This introduces four generic thread that services can use in the system process: - Background: part of the framework for all processes, for work that is purely background (no timing constraint). - UI: for time-critical display of UI. - Foreground: normal foreground work. - IO: performing IO operations. I went through and moved services into these threads in the places I felt relatively comfortable about understanding what they are doing. There are still a bunch more we need to look at -- lots of networking stuff left, 3 or so different native daemon connectors which I didn't know how much would block, audio stuff, etc. Also updated Watchdog to be aware of and check these new threads, with a new API for other threads to also participate in this checking. Change-Id: Ie2f11061cebde5f018d7383b3a910fbbd11d5e11 /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
8dc25e068071759fc57629f3ea112083e6ac6f2c	19-Apr-2013	Amith Yamasani <yamasani@google.com>	am ba567014: am e37c8f78: Merge "Improve API and documentation" into jb-mr2-dev * commit 'ba56701493ede3f5f338a03173da0327a215b223': Improve API and documentation
3b458ad9ee5f2d6b7cf28a13bc29123cdf540763	19-Apr-2013	Amith Yamasani <yamasani@google.com>	Improve API and documentation API for querying accounts visible to a specific package. Improve API and docs for device owner. Bug: 8657158 Change-Id: I01b8701534f64b383391508a49ae93ed21f22ae0 /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
18a21459729ba6fd40545ee7ed2128dcb83eb23f	11-Apr-2013	Amith Yamasani <yamasani@google.com>	am 399a2977: am b3a98725: Merge "Show an error dialog when account type is requested on a limited user" into jb-mr2-dev * commit '399a2977a5067e4ea562ad4d74aaa0f1bffe4c53': Show an error dialog when account type is requested on a limited user
23c8b96a7e5c3f4c169bf65ae3886357943bb7b0	10-Apr-2013	Amith Yamasani <yamasani@google.com>	Show an error dialog when account type is requested on a limited user This covers the scenario where an app doesn't find an account of the required type and requests the account manager to add one of that type. Bug: 8537648 Change-Id: I4d9c8842c2d90aa668f16034d3db007dc61714b8 /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
af210f6d277a3f347da279b9b4ba86e8f927b723	02-Apr-2013	Mita Yun <mitayun@google.com>	am 4b808adc: am ed181586: Merge "Fixed a NPE in AccountManagerService" into jb-mr2-dev * commit '4b808adc44b8d5f1538eff40e5b685c14154b948': Fixed a NPE in AccountManagerService
f4c240e68a3da9f1ebf42267c88af40c19ff49da	02-Apr-2013	Mita Yun <mitayun@google.com>	Fixed a NPE in AccountManagerService Bug: 8518620 Change-Id: Idf9b5864896ec57c63e3987fc01c73a5c983b5e2 /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
18c8558a4b239e80f0348b6fc751a65c0903ccf4	01-Apr-2013	Amith Yamasani <yamasani@google.com>	am 30cfaf7c: am 63fba8c1: Merge "Add new primary accounts to secondary limited users" into jb-mr2-dev * commit '30cfaf7c863cf33dbfa6c7f9681997735fe62d40': Add new primary accounts to secondary limited users
5be347bc527ca3eebb448f85245957c810e6b142	01-Apr-2013	Amith Yamasani <yamasani@google.com>	Add new primary accounts to secondary limited users When a new account is added to the primary, those will be marked as shared accounts for secondary limited users. If the secondary user is currently running, clone the account right away. Bug: 8510431 Change-Id: Ie8ad87a7205e7b1a5a1752e75fbbfc416b2a58a7 /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
bb49e8573e22cb6325dc31bf007a500fb7c136eb	31-Mar-2013	Amith Yamasani <yamasani@google.com>	resolved conflicts for merge of 15935aad to master Change-Id: I9664186a62cf7b11844c6a14967f5b8c2b67c289
27db46850b708070452c0ce49daf5f79503fbde6	31-Mar-2013	Amith Yamasani <yamasani@google.com>	Block access to accounts for limited users. Make sure that apps that have access to restricted accounts can see them. If they don't have access, they shouldn't be able to add a new account either. Show an error message in the account picker if the user/app is not authorized. Change-Id: I117c0b14d7d06c5ac4e66506df156b174567f5f3 /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
278700fdb987a5dd870fb75c4176af2a216577cb	29-Mar-2013	Jatin Lodhia <jlodhia@google.com>	am 98c762bf: am ce66fd74: Merge "AccountManager changes for profile seeding." into jb-mr2-dev * commit '98c762bf7cd291e4ae3d9923a8feb3389855ecff': AccountManager changes for profile seeding.
ce66fd747928fd1af119bcdc120bfcfb5add05b1	29-Mar-2013	Jatin Lodhia <jlodhia@google.com>	Merge "AccountManager changes for profile seeding." into jb-mr2-dev
3df7d697ca86ee2081bcfba31bcbd3ae4f4bcdf8	27-Mar-2013	Jatin Lodhia <jlodhia@google.com>	AccountManager changes for profile seeding. Add a new error code to AccountManager and remove the check for limited user during add account to allow Authenticators to seed account during limited profile startup. Change-Id: I5a73def9fc3baeb8e6de1b42e923829c335e1668 /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
b54a93adafd37b615ed0e11c5d4c2c87466a26d3	28-Mar-2013	Amith Yamasani <yamasani@google.com>	am 1438d67e: am e494a81f: Merge "Restricted account visibility" into jb-mr2-dev * commit '1438d67e7ddaba1133f181bc70cd706acf57a520': Restricted account visibility
e494a81f9b2727edd1c537f34bf0ea83b2fb0097	28-Mar-2013	Amith Yamasani <yamasani@google.com>	Merge "Restricted account visibility" into jb-mr2-dev
c78453f12bfdc34cd30da24c0aefab5f7ad71cbb	28-Mar-2013	Maggie Benthall <mbenthall@google.com>	am b3c060a1: am c92342bb: Merge "Add user restrictions for bluetooth, sideloading, usb file transfer" into jb-mr2-dev * commit 'b3c060a166e9d5a141a6500e4c443a20d4e002b6': Add user restrictions for bluetooth, sideloading, usb file transfer
0ac1fc9d233b8671f371a71e2a6374b47ef069a9	28-Mar-2013	Amith Yamasani <yamasani@google.com>	Restricted account visibility When accounts are shared to a restricted/limited user, apps can opt-in to viewing accounts of a certain type. Other shared accounts are not visible to the app. App would specify the account type in the manifest <application> tag with the attribute restrictedAccountType="foo.bar", where "foo.bar" is the account type as defined by the authenticator. Change-Id: I7586da04d6d6d32aae15adc6b1366f325bb07384 /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
a12fccf57d5ec289793699d9b22ff45daccd3933	14-Mar-2013	Maggie Benthall <mbenthall@google.com>	Add user restrictions for bluetooth, sideloading, usb file transfer Created constants for these in UserManager and current.txt. Also created an accessor for individual user restrictions that takes the restriction key (removing individual methods for particular restrictions). Change-Id: Ibb5517cbcdffadd3925f52cbe67d7d525813faa9 /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
a1535223fe949742f995aa296a6bf49e514e1cdf	26-Mar-2013	Amith Yamasani <yamasani@google.com>	am f3dc9f0a: am df5e9fe1: Merge "Device Owner, a special kind of device admin" into jb-mr2-dev * commit 'f3dc9f0aa91d2785b715f251b144487ec1b57ecc': Device Owner, a special kind of device admin
71e6c697e54a43d357cc25d87a446d140f17396a	25-Mar-2013	Amith Yamasani <yamasani@google.com>	Device Owner, a special kind of device admin A Device Owner cannot be uninstalled and is available to all users. It must be registered before the device_provisioned flag is set. Device admins can be disabled until used, but visible to device policy manager, so that users wont be bothered with update requests. Opened up a few related APIs for use by a system-installed Device Owner. Change-Id: I847b5fe68c0f724863f778a67602b5bddc79d8e5 /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
e32011e8c06b994d840e6d568b5ffa8915320909	21-Mar-2013	Amith Yamasani <yamasani@google.com>	resolved conflicts for merge of 99755cd3 to master Change-Id: I752c387c013c3deaad836df9b0c2294e7149a32a
df2e92a535e19c00edd37318d974dab992ccc2c1	02-Mar-2013	Amith Yamasani <yamasani@google.com>	Application restrictions API Adds the ability for apps to export some restrictions. The restrictions are presented in Settings based on the restriction type. The user's selections are stored by UserManagerService and provided to the target user's application as a list of RestrictionEntry objects which contain the key, value(s). Also introduce a manifest entry for system apps to request that the app be automatically installed in all users, so that they cannot be deselected by the owner user. Shared account filtering for non-whitelisted apps. Change-Id: I15b741e3c0f3448883cb364c130783f1f6ea7ce6 /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
adb8e146a5eec041d6c8543e17182efe5bec276c	06-Mar-2013	Amith Yamasani <yamasani@google.com>	am 3eb3774f: am 67df64b3: Shared accounts and sharing of apps * commit '3eb3774f8e54a6f43dcf4f27e1b7a62676791ff6': Shared accounts and sharing of apps
67df64b3a48a8157d08a98fa90135d0ac0ee621c	14-Dec-2012	Amith Yamasani <yamasani@google.com>	Shared accounts and sharing of apps API and preliminary implementation for sharing primary user accounts with a secondary user. AbstractAccountAuthenticator has new methods to retrieve and apply a bundle of credentials to clone an account from the primary to a restricted secondary user. The AccountManagerService initiates the account clone when it starts up the user and detects that the user has a shared account registered that hasn't been converted to a real account. AccountManager also has new hidden APIs to add/remove/get shared accounts. There might be further improvements to this API to make shared accounts hidden/visible to select apps. AccountManagerService has a new table to store the shared account information. Added ability in PackageManager to install and uninstall packages for a secondary user. This is required when the primary user selects a few apps to share with a restricted user. Remove shared accounts from secondary users when primary user removes the account. Change-Id: I9378ed0d8c1cc66baf150a4bec0ede56f6f8b06b /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
464f530978b0b2517295fe3ade1dfa562a07487b	28-Feb-2013	Jim Miller <jaggies@google.com>	Add permission check to AccountManagerService to allow keyguard access. When keyguard gets moved to its own process, it will need to access specific user accounts in order to enable features such as the "forgot pattern" button. This adds an additional check to allow apps with the INTERACT_ACROSS_USERS_FULL permission to work. Change-Id: Id3107bc212ae3005870db781c32ae4405c068ad9 /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
e4cf73437a18c1444055f88a1fcc0d146ec23ac5	17-Dec-2012	Amith Yamasani <yamasani@google.com>	Starting point for User Restrictions API Restrictions saved as key/value pairs, mostly booleans right now but might be expanded to other types later. Save and restore restrictions in the user manager service. Enforce some of the restrictions at the framework level. Some are enforced (also) at the app level, such as in Settings. Change-Id: Id11ffe129cb6a177e094edf79635727388c26f40 /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
27b89e6658a0d233a53f5d7ca20dc57fec82d955	16-Jan-2013	Amith Yamasani <yamasani@google.com>	Rename bindService to bindServiceAsUser to follow convention. This is for the multi-user version of bindService, not the original. Change-Id: Ib2de35941196accf387b1a276a77e6f9af805ec0 /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java
7a96c39c510923ef73bbb06ab20109f0168b8eb1	15-Nov-2012	Jeff Sharkey <jsharkey@android.com>	Move lingering services to services.jar. This helps reduce the pressure on framework.jar, and makes it clear that it should only be used by the system_server. Bug: 7333397 Change-Id: I0858904239535380fbf30562b793e277d8c3f054 /frameworks/base/services/java/com/android/server/accounts/AccountManagerService.java