summaryrefslogtreecommitdiffstats
path: root/tests/public_api_access
diff options
context:
space:
mode:
authorSteve Howard <showard@google.com>2010-07-22 11:33:50 -0700
committerSteve Howard <showard@google.com>2010-07-22 18:38:51 -0700
commitb06b739b078ce4b00600487cfec31659647bf31f (patch)
tree9cfe924b01710eb1c7a6ad7b553fdabb05106843 /tests/public_api_access
parent0d8d89105c00edbad95a268aaae65f2ff94ed5a1 (diff)
downloadandroid_packages_providers_DownloadProvider-b06b739b078ce4b00600487cfec31659647bf31f.zip
android_packages_providers_DownloadProvider-b06b739b078ce4b00600487cfec31659647bf31f.tar.gz
android_packages_providers_DownloadProvider-b06b739b078ce4b00600487cfec31659647bf31f.tar.bz2
Make DownloadProvider accessible for public API usage.
This change removes the requirement that apps have the ACCESS_DOWNLOAD_MANAGER permission in order to access DownloadProvider. This enables the public API to work. Instead, DownloadProvider enforces the new permissions model for the public API: * insert() requires INTERNET permission * insert() checks that input fits within the restricted input allowed for the public API * insert() also strictly checks the file URI provided with DESTINATION_FILE_URI (and still requires WRITE_EXTERNAL_STORAGE permission if that is supplied) Note that if an app has the ACCESS_DOWNLOAD_MANAGER permission, legacy behavior is retained. I've added a test to cover this new access, and updated the existing permissions tests. I also fixed a bug in WHERE clause construction in update() and delete(), and refactored the code to eliminate duplication. Change-Id: I53a08df137b35c2788c36350276c9dff24858af1
Diffstat (limited to 'tests/public_api_access')
-rw-r--r--tests/public_api_access/Android.mk14
-rw-r--r--tests/public_api_access/AndroidManifest.xml37
-rw-r--r--tests/public_api_access/src/com/android/providers/downloads/public_api_access_tests/PublicApiAccessTest.java129
3 files changed, 180 insertions, 0 deletions
diff --git a/tests/public_api_access/Android.mk b/tests/public_api_access/Android.mk
new file mode 100644
index 0000000..6c6db1f
--- /dev/null
+++ b/tests/public_api_access/Android.mk
@@ -0,0 +1,14 @@
+LOCAL_PATH:= $(call my-dir)
+include $(CLEAR_VARS)
+
+# We only want this apk build for tests.
+LOCAL_MODULE_TAGS := tests
+
+# Include all test java files.
+LOCAL_SRC_FILES := $(call all-java-files-under, src)
+
+LOCAL_JAVA_LIBRARIES := android.test.runner
+LOCAL_PACKAGE_NAME := DownloadPublicApiAccessTests
+
+include $(BUILD_PACKAGE)
+
diff --git a/tests/public_api_access/AndroidManifest.xml b/tests/public_api_access/AndroidManifest.xml
new file mode 100644
index 0000000..0104846
--- /dev/null
+++ b/tests/public_api_access/AndroidManifest.xml
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+ * Copyright (C) 2009 Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ -->
+
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+ package="com.android.providers.downloads.public_api_access_tests">
+
+ <application>
+ <uses-library android:name="android.test.runner" />
+ </application>
+
+ <uses-permission android:name="android.permission.INTERNET"/>
+
+ <!--
+ The test declared in this instrumentation can be run via this command
+ "adb shell am instrument -w com.android.providers.downloads.permission.tests/android.test.InstrumentationTestRunner"
+ We intentionally target our own package to ensure this runs in a separate process under a
+ separate UID.
+ -->
+ <instrumentation android:name="android.test.InstrumentationTestRunner"
+ android:targetPackage="com.android.providers.downloads.public_api_access_tests"
+ android:label="Tests for public API access channels to DownloadProvider"/>
+
+</manifest>
diff --git a/tests/public_api_access/src/com/android/providers/downloads/public_api_access_tests/PublicApiAccessTest.java b/tests/public_api_access/src/com/android/providers/downloads/public_api_access_tests/PublicApiAccessTest.java
new file mode 100644
index 0000000..aca5791
--- /dev/null
+++ b/tests/public_api_access/src/com/android/providers/downloads/public_api_access_tests/PublicApiAccessTest.java
@@ -0,0 +1,129 @@
+/*
+ * Copyright (C) 2009 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.providers.downloads.public_api_access_tests;
+
+import android.content.ContentResolver;
+import android.content.ContentValues;
+import android.provider.Downloads;
+import android.test.AndroidTestCase;
+import android.test.suitebuilder.annotation.MediumTest;
+
+/**
+ * DownloadProvider allows apps without permission ACCESS_DOWNLOAD_MANAGER to access it -- this is
+ * how the public API works. But such access is subject to strict constraints on what can be
+ * inserted. This test suite checks those constraints.
+ */
+@MediumTest
+public class PublicApiAccessTest extends AndroidTestCase {
+ private static final String[] DISALLOWED_COLUMNS = new String[] {
+ Downloads.Impl.COLUMN_COOKIE_DATA,
+ Downloads.Impl.COLUMN_REFERER,
+ Downloads.Impl.COLUMN_USER_AGENT,
+ Downloads.Impl.COLUMN_NO_INTEGRITY,
+ Downloads.Impl.COLUMN_NOTIFICATION_CLASS,
+ Downloads.Impl.COLUMN_NOTIFICATION_EXTRAS,
+ Downloads.Impl.COLUMN_OTHER_UID,
+ Downloads.Impl.COLUMN_APP_DATA,
+ Downloads.Impl.COLUMN_CONTROL,
+ Downloads.Impl.COLUMN_STATUS,
+ };
+
+ private ContentResolver mContentResolver;
+
+ @Override
+ protected void setUp() throws Exception {
+ super.setUp();
+ mContentResolver = getContext().getContentResolver();
+ }
+
+ @Override
+ protected void tearDown() throws Exception {
+ if (mContentResolver != null) {
+ mContentResolver.delete(Downloads.CONTENT_URI, null, null);
+ }
+ super.tearDown();
+ }
+
+ public void testMinimalValidWrite() {
+ mContentResolver.insert(Downloads.Impl.CONTENT_URI, buildValidValues());
+ }
+
+ public void testMaximalValidWrite() {
+ ContentValues values = buildValidValues();
+ values.put(Downloads.Impl.COLUMN_TITLE, "foo");
+ values.put(Downloads.Impl.COLUMN_DESCRIPTION, "foo");
+ values.put(Downloads.Impl.COLUMN_MIME_TYPE, "foo");
+ values.put(Downloads.Impl.COLUMN_NOTIFICATION_PACKAGE, "foo");
+ values.put(Downloads.Impl.COLUMN_ALLOWED_NETWORK_TYPES, 0);
+ values.put(Downloads.Impl.COLUMN_ALLOW_ROAMING, true);
+ mContentResolver.insert(Downloads.Impl.CONTENT_URI, values);
+ }
+
+ private ContentValues buildValidValues() {
+ ContentValues values = new ContentValues();
+ values.put(Downloads.Impl.COLUMN_URI, "foo");
+ values.put(Downloads.Impl.COLUMN_DESTINATION,
+ Downloads.Impl.DESTINATION_CACHE_PARTITION_PURGEABLE);
+ values.put(Downloads.Impl.COLUMN_IS_PUBLIC_API, true);
+ return values;
+ }
+
+ public void testNoPublicApi() {
+ ContentValues values = buildValidValues();
+ values.remove(Downloads.Impl.COLUMN_IS_PUBLIC_API);
+ testInvalidValues(values);
+ }
+
+ public void testInvalidDestination() {
+ ContentValues values = buildValidValues();
+ values.put(Downloads.Impl.COLUMN_DESTINATION, Downloads.Impl.DESTINATION_EXTERNAL);
+ testInvalidValues(values);
+ values.put(Downloads.Impl.COLUMN_DESTINATION, Downloads.Impl.DESTINATION_CACHE_PARTITION);
+ testInvalidValues(values);
+ }
+
+ public void testInvalidVisibility() {
+ ContentValues values = buildValidValues();
+ values.put(Downloads.Impl.COLUMN_VISIBILITY,
+ Downloads.Impl.VISIBILITY_VISIBLE_NOTIFY_COMPLETED);
+ testInvalidValues(values);
+ }
+
+ public void testDisallowedColumns() {
+ for (String column : DISALLOWED_COLUMNS) {
+ ContentValues values = buildValidValues();
+ values.put(column, 1);
+ testInvalidValues(values);
+ }
+ }
+
+ public void testFileUriWithoutExternalPermission() {
+ ContentValues values = buildValidValues();
+ values.put(Downloads.Impl.COLUMN_DESTINATION, Downloads.Impl.DESTINATION_FILE_URI);
+ values.put(Downloads.Impl.COLUMN_FILE_NAME_HINT, "file:///sdcard/foo");
+ testInvalidValues(values);
+ }
+
+ private void testInvalidValues(ContentValues values) {
+ try {
+ mContentResolver.insert(Downloads.Impl.CONTENT_URI, values);
+ fail("Didn't get SecurityException as expected");
+ } catch (SecurityException exc) {
+ // expected
+ }
+ }
+}