Add access tracker to renamed accounts

We are adding access tracker to accounts cached by the
account manager to know when a process saw the account
to white list it for future access. The bug here was
that we didn't return the account from the cache but
the tracker is added when the account is cached. Now
the contract is that inserting an account in the cache
returns the instrumented account which is inteded to
be returned to clients.

bug:28163381
bug:31456742

Change-Id: I5acac1f77a9077b35c5e4892e40d2ab38f3bfc63

diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java
index b697507..82605c6 100644 (file)
--- a/services/core/java/com/android/server/accounts/AccountManagerService.java
+++ b/services/core/java/com/android/server/accounts/AccountManagerService.java
@@ -1562,8 +1562,10 @@ public class AccountManagerService
             /*
              * Database transaction was successful. Clean up cached
              * data associated with the account in the user profile.
+             * The account is now being tracked for remote access.
              */
-            insertAccountIntoCacheLocked(accounts, renamedAccount);
+            renamedAccount = insertAccountIntoCacheLocked(accounts, renamedAccount);
+
             /*
              * Extract the data and token caches before removing the
              * old account to preserve the user data associated with
@@ -5701,16 +5703,22 @@ public class AccountManagerService
 
     /**
      * This assumes that the caller has already checked that the account is not already present.
+     * IMPORTANT: The account being inserted will begin to be tracked for access in remote
+     * processes and if you will return this account to apps you should return the result.
+     * @return The inserted account which is a new instance that is being tracked.
      */
-    private void insertAccountIntoCacheLocked(UserAccounts accounts, Account account) {
+    private Account insertAccountIntoCacheLocked(UserAccounts accounts, Account account) {
         Account[] accountsForType = accounts.accountCache.get(account.type);
         int oldLength = (accountsForType != null) ? accountsForType.length : 0;
         Account[] newAccountsForType = new Account[oldLength + 1];
         if (accountsForType != null) {
             System.arraycopy(accountsForType, 0, newAccountsForType, 0, oldLength);
         }
-        newAccountsForType[oldLength] = new Account(account, new AccountAccessTracker());
+        IAccountAccessTracker accessTracker = account.getAccessTracker() != null
+                ? account.getAccessTracker() : new AccountAccessTracker();
+        newAccountsForType[oldLength] = new Account(account, accessTracker);
         accounts.accountCache.put(account.type, newAccountsForType);
+        return newAccountsForType[oldLength];
     }
 
     private Account[] filterSharedAccounts(UserAccounts userAccounts, Account[] unfiltered,