import android.os.UserHandle;
import android.preference.Preference;
import android.preference.Preference.OnPreferenceClickListener;
+import android.preference.PreferenceGroup;
import android.preference.PreferenceScreen;
import android.util.Log;
import android.view.LayoutInflater;
// If an account type is set, then show only accounts of that type
private String mAccountType;
- // Temporary hack, to deal with backward compatibility
+ // Temporary hack, to deal with backward compatibility
private Account mFirstAccount;
@Override
}
/**
- * Filters through the preference list provided by GoogleLoginService.
+ * Recursively filters through the preference list provided by GoogleLoginService.
*
* This method removes all the invalid intent from the list, adds account name as extra into the
* intent, and hack the location settings to start it as a fragment.
*/
- private void updatePreferenceIntents(PreferenceScreen prefs) {
+ private void updatePreferenceIntents(PreferenceGroup prefs) {
final PackageManager pm = getActivity().getPackageManager();
for (int i = 0; i < prefs.getPreferenceCount();) {
Preference pref = prefs.getPreference(i);
+ if (pref instanceof PreferenceGroup) {
+ updatePreferenceIntents((PreferenceGroup) pref);
+ }
Intent intent = pref.getIntent();
if (intent != null) {
// Hack. Launch "Location" as fragment instead of as activity.
} else {
Log.e(TAG,
"Refusing to launch authenticator intent because"
- + "it exploits Settings permissions: "
- + prefIntent);
+ + " it exploits Settings permissions: "
+ + prefIntent);
}
return true;
}
private boolean isSafeIntent(PackageManager pm, Intent intent) {
AuthenticatorDescription authDesc =
mAuthenticatorHelper.getAccountTypeDescription(mAccountType);
- ResolveInfo resolveInfo = pm.resolveActivity(intent, 0);
+ ResolveInfo resolveInfo =
+ pm.resolveActivityAsUser(intent, 0, mUserHandle.getIdentifier());
if (resolveInfo == null) {
return false;
}
ActivityInfo resolvedActivityInfo = resolveInfo.activityInfo;
ApplicationInfo resolvedAppInfo = resolvedActivityInfo.applicationInfo;
try {
+ if (resolvedActivityInfo.exported) {
+ if (resolvedActivityInfo.permission == null) {
+ return true; // exported activity without permission.
+ } else if (pm.checkPermission(resolvedActivityInfo.permission,
+ authDesc.packageName) == PackageManager.PERMISSION_GRANTED) {
+ return true;
+ }
+ }
ApplicationInfo authenticatorAppInf = pm.getApplicationInfo(authDesc.packageName, 0);
- return resolvedActivityInfo.exported
- || resolvedAppInfo.uid == authenticatorAppInf.uid;
+ return resolvedAppInfo.uid == authenticatorAppInf.uid;
} catch (NameNotFoundException e) {
- Log.e(TAG,
- "Intent considered unsafe due to exception.",
- e);
+ Log.e(TAG, "Intent considered unsafe due to exception.", e);
return false;
}
}