summaryrefslogtreecommitdiffstats
path: root/AndroidManifest.xml
diff options
context:
space:
mode:
authorSteve Howard <showard@google.com>2010-09-12 18:53:31 -0700
committerSteve Howard <showard@google.com>2010-09-14 19:00:40 -0700
commit3d55d829c03fe78ad8cdab119293efb6c6e49c64 (patch)
treefb8feb9c23b83108546048b0488033279de63635 /AndroidManifest.xml
parent33671e9c1e9ffa3776ed987bddeb70a04daa7cfe (diff)
downloadandroid_packages_providers_DownloadProvider-3d55d829c03fe78ad8cdab119293efb6c6e49c64.zip
android_packages_providers_DownloadProvider-3d55d829c03fe78ad8cdab119293efb6c6e49c64.tar.gz
android_packages_providers_DownloadProvider-3d55d829c03fe78ad8cdab119293efb6c6e49c64.tar.bz2
New URI structure with "my_downloads" and "all_downloads"
This change introduces a second view into the download manager database via a set of URIs starting with /all_downloads, renaming the original /download URIs to /my_downloads. In addition to making things more clear, this change allows the downloads UI to grant permissions on individual downloads to viewer apps. The old semantics were: * for ordinary callers, /download included only downloads initiated by the calling UID * for intraprocess calls or calls by root, /download included all downloads The new semantics are * /my_downloads always includes only downloads initiated by the calling UID, and requires only INTERNET permission. It could just as well require no permission, but that's not possible in the framework, since path-permissions can only broaden access, not tighten it. It doesn't matter, because these URIs are useless without INTERNET permission -- if a user can't initiate downloads, there's no reason to read this. * /all_downloads always includes all downloads on the system, and requires the new permission ACCESS_ALL_DOWNLOADS. This permission is currently protectionLevel=signature -- this could be relaxed later to support third-party download managers. All download manager code has been changed to use /all_downloads URIs, except when passing a URI to another app. In making this change across the download manager code, I've taken some liberties in cleaning things up. Other apps are unchanged and will use /my_downloads. Finally, this incorporates changes to DownloadManager to return a content URI for /cache downloads -- the download UI no longer assumes it's a file URI, and it grants permissions to the receiver of the VIEW intent. The public API test has also been updated. I've also fixed some null cursor checking in DownloadManager. Change-Id: I05a501eb4388249fe80c43724405657c950d7238
Diffstat (limited to 'AndroidManifest.xml')
-rw-r--r--AndroidManifest.xml20
1 files changed, 19 insertions, 1 deletions
diff --git a/AndroidManifest.xml b/AndroidManifest.xml
index 8431d1e..9da6fc8 100644
--- a/AndroidManifest.xml
+++ b/AndroidManifest.xml
@@ -33,6 +33,14 @@
android:description="@string/permdesc_downloadWithoutNotification"
android:protectionLevel="signatureOrSystem"/>
+ <!-- Allows an app to access all downloads in the system via the /all_downloads/ URIs. The
+ protection level could be relaxed in the future to support third-party download
+ managers. -->
+ <permission android:name="android.permission.ACCESS_ALL_DOWNLOADS"
+ android:label="@string/permlab_accessAllDownloads"
+ android:description="@string/permdesc_accessAllDownloads"
+ android:protectionLevel="signature"/>
+
<uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" />
<uses-permission android:name="android.permission.ACCESS_DOWNLOAD_MANAGER" />
<uses-permission android:name="android.permission.ACCESS_DRM" />
@@ -42,11 +50,21 @@
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.INSTALL_DRM" />
+ <uses-permission android:name="android.permission.ACCESS_ALL_DOWNLOADS" />
<application android:process="android.process.media"
android:label="@string/app_label">
<provider android:name=".DownloadProvider"
- android:authorities="downloads" />
+ android:authorities="downloads"
+ android:permission="android.permission.ACCESS_ALL_DOWNLOADS">
+ <!-- Anyone can access /my_downloads, the provider internally restricts access by UID for
+ these URIs -->
+ <path-permission android:pathPrefix="/my_downloads"
+ android:permission="android.permission.INTERNET"/>
+ <!-- Apps with access to /all_downloads/... can grant permissions, allowing them to share
+ downloaded files with other viewers -->
+ <grant-uri-permission android:pathPrefix="/all_downloads/"/>
+ </provider>
<service android:name=".DownloadService"
android:permission="android.permission.ACCESS_DOWNLOAD_MANAGER" />
<receiver android:name=".DownloadReceiver" android:exported="false">