From b06b739b078ce4b00600487cfec31659647bf31f Mon Sep 17 00:00:00 2001 From: Steve Howard Date: Thu, 22 Jul 2010 11:33:50 -0700 Subject: Make DownloadProvider accessible for public API usage. This change removes the requirement that apps have the ACCESS_DOWNLOAD_MANAGER permission in order to access DownloadProvider. This enables the public API to work. Instead, DownloadProvider enforces the new permissions model for the public API: * insert() requires INTERNET permission * insert() checks that input fits within the restricted input allowed for the public API * insert() also strictly checks the file URI provided with DESTINATION_FILE_URI (and still requires WRITE_EXTERNAL_STORAGE permission if that is supplied) Note that if an app has the ACCESS_DOWNLOAD_MANAGER permission, legacy behavior is retained. I've added a test to cover this new access, and updated the existing permissions tests. I also fixed a bug in WHERE clause construction in update() and delete(), and refactored the code to eliminate duplication. Change-Id: I53a08df137b35c2788c36350276c9dff24858af1 --- .../tests/DownloadProviderPermissionsTest.java | 23 +++++----------------- 1 file changed, 5 insertions(+), 18 deletions(-) (limited to 'tests/permission') diff --git a/tests/permission/src/com/android/providers/downloads/permission/tests/DownloadProviderPermissionsTest.java b/tests/permission/src/com/android/providers/downloads/permission/tests/DownloadProviderPermissionsTest.java index ecdce93c..4c6717c3 100644 --- a/tests/permission/src/com/android/providers/downloads/permission/tests/DownloadProviderPermissionsTest.java +++ b/tests/permission/src/com/android/providers/downloads/permission/tests/DownloadProviderPermissionsTest.java @@ -46,7 +46,7 @@ public class DownloadProviderPermissionsTest extends AndroidTestCase { /** * Test that an app cannot access the /cache filesystem *

Tests Permission: - * {@link com.android.providers.downloads.Manifest.permission#ACCESS_CACHE_FILESYSTEM} + * {@link android.Manifest.permission#ACCESS_CACHE_FILESYSTEM} */ @MediumTest public void testAccessCacheFilesystem() throws IOException { @@ -64,28 +64,15 @@ public class DownloadProviderPermissionsTest extends AndroidTestCase { } } - /** - * Test that an untrusted app cannot read from the download provider - *

Tests Permission: - * {@link com.android.providers.downloads.Manifest.permission#ACCESS_DOWNLOAD_MANAGER} - */ - @MediumTest - public void testReadDownloadProvider() throws IOException { - try { - mContentResolver.query(Downloads.Impl.CONTENT_URI, null, null, null, null); - fail("read from provider did not throw SecurityException as expected."); - } catch (SecurityException e) { - // expected - } - } - /** * Test that an untrusted app cannot write to the download provider *

Tests Permission: * {@link com.android.providers.downloads.Manifest.permission#ACCESS_DOWNLOAD_MANAGER} + * and + * {@link android.Manifest.permission#INTERNET} */ @MediumTest - public void testWriteDownloadProvider() throws IOException { + public void testWriteDownloadProvider() { try { ContentValues values = new ContentValues(); values.put(Downloads.Impl.COLUMN_URI, "foo"); @@ -102,7 +89,7 @@ public class DownloadProviderPermissionsTest extends AndroidTestCase { * {@link com.android.providers.downloads.Manifest.permission#ACCESS_DOWNLOAD_MANAGER} */ @MediumTest - public void testStartDownloadService() throws IOException { + public void testStartDownloadService() { try { Intent downloadServiceIntent = new Intent(); downloadServiceIntent.setClassName("com.android.providers.downloads", -- cgit v1.2.3