/*
|
* Copyright (C) 2016 The Android Open Source Project
|
*
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
* you may not use this file except in compliance with the License.
|
* You may obtain a copy of the License at
|
*
|
* http://www.apache.org/licenses/LICENSE-2.0
|
*
|
* Unless required by applicable law or agreed to in writing, software
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
* See the License for the specific language governing permissions and
|
* limitations under the License
|
*/
|
|
package com.android.server.accounts;
|
|
import android.accounts.Account;
|
import android.annotation.Nullable;
|
import android.content.ContentValues;
|
import android.content.Context;
|
import android.database.Cursor;
|
import android.database.DatabaseUtils;
|
import android.database.sqlite.SQLiteDatabase;
|
import android.database.sqlite.SQLiteException;
|
import android.database.sqlite.SQLiteOpenHelper;
|
import android.database.sqlite.SQLiteStatement;
|
import android.os.FileUtils;
|
import android.text.TextUtils;
|
import android.util.Log;
|
import android.util.Pair;
|
import android.util.Slog;
|
|
import java.io.File;
|
import java.io.IOException;
|
import java.io.PrintWriter;
|
import java.util.ArrayList;
|
import java.util.Collections;
|
import java.util.HashMap;
|
import java.util.LinkedHashMap;
|
import java.util.List;
|
import java.util.Map;
|
|
/**
|
* Persistence layer abstraction for accessing accounts_ce/accounts_de databases.
|
*
|
* <p>At first, CE database needs to be {@link #attachCeDatabase(File) attached to DE},
|
* in order for the tables to be available. All operations with CE database are done through the
|
* connection to the DE database, to which it is attached. This approach allows atomic
|
* transactions across two databases</p>
|
*/
|
class AccountsDb implements AutoCloseable {
|
private static final String TAG = "AccountsDb";
|
|
private static final String DATABASE_NAME = "accounts.db";
|
private static final int PRE_N_DATABASE_VERSION = 9;
|
private static final int CE_DATABASE_VERSION = 10;
|
private static final int DE_DATABASE_VERSION = 3; // Added visibility support in O
|
|
static final String TABLE_ACCOUNTS = "accounts";
|
private static final String ACCOUNTS_ID = "_id";
|
private static final String ACCOUNTS_NAME = "name";
|
private static final String ACCOUNTS_TYPE = "type";
|
private static final String ACCOUNTS_TYPE_COUNT = "count(type)";
|
private static final String ACCOUNTS_PASSWORD = "password";
|
private static final String ACCOUNTS_PREVIOUS_NAME = "previous_name";
|
private static final String ACCOUNTS_LAST_AUTHENTICATE_TIME_EPOCH_MILLIS =
|
"last_password_entry_time_millis_epoch";
|
|
private static final String TABLE_AUTHTOKENS = "authtokens";
|
private static final String AUTHTOKENS_ID = "_id";
|
private static final String AUTHTOKENS_ACCOUNTS_ID = "accounts_id";
|
private static final String AUTHTOKENS_TYPE = "type";
|
private static final String AUTHTOKENS_AUTHTOKEN = "authtoken";
|
|
private static final String TABLE_VISIBILITY = "visibility";
|
private static final String VISIBILITY_ACCOUNTS_ID = "accounts_id";
|
private static final String VISIBILITY_PACKAGE = "_package";
|
private static final String VISIBILITY_VALUE = "value";
|
|
private static final String TABLE_GRANTS = "grants";
|
private static final String GRANTS_ACCOUNTS_ID = "accounts_id";
|
private static final String GRANTS_AUTH_TOKEN_TYPE = "auth_token_type";
|
private static final String GRANTS_GRANTEE_UID = "uid";
|
|
private static final String TABLE_EXTRAS = "extras";
|
private static final String EXTRAS_ID = "_id";
|
private static final String EXTRAS_ACCOUNTS_ID = "accounts_id";
|
private static final String EXTRAS_KEY = "key";
|
private static final String EXTRAS_VALUE = "value";
|
|
private static final String TABLE_META = "meta";
|
private static final String META_KEY = "key";
|
private static final String META_VALUE = "value";
|
|
static final String TABLE_SHARED_ACCOUNTS = "shared_accounts";
|
private static final String SHARED_ACCOUNTS_ID = "_id";
|
|
private static String TABLE_DEBUG = "debug_table";
|
|
// Columns for debug_table table
|
private static String DEBUG_TABLE_ACTION_TYPE = "action_type";
|
private static String DEBUG_TABLE_TIMESTAMP = "time";
|
private static String DEBUG_TABLE_CALLER_UID = "caller_uid";
|
private static String DEBUG_TABLE_TABLE_NAME = "table_name";
|
private static String DEBUG_TABLE_KEY = "primary_key";
|
|
// These actions correspond to the occurrence of real actions. Since
|
// these are called by the authenticators, the uid associated will be
|
// of the authenticator.
|
static String DEBUG_ACTION_SET_PASSWORD = "action_set_password";
|
static String DEBUG_ACTION_CLEAR_PASSWORD = "action_clear_password";
|
static String DEBUG_ACTION_ACCOUNT_ADD = "action_account_add";
|
static String DEBUG_ACTION_ACCOUNT_REMOVE = "action_account_remove";
|
static String DEBUG_ACTION_ACCOUNT_REMOVE_DE = "action_account_remove_de";
|
static String DEBUG_ACTION_AUTHENTICATOR_REMOVE = "action_authenticator_remove";
|
static String DEBUG_ACTION_ACCOUNT_RENAME = "action_account_rename";
|
|
// These actions don't necessarily correspond to any action on
|
// accountDb taking place. As an example, there might be a request for
|
// addingAccount, which might not lead to addition of account on grounds
|
// of bad authentication. We will still be logging it to keep track of
|
// who called.
|
static String DEBUG_ACTION_CALLED_ACCOUNT_ADD = "action_called_account_add";
|
static String DEBUG_ACTION_CALLED_ACCOUNT_REMOVE = "action_called_account_remove";
|
static String DEBUG_ACTION_SYNC_DE_CE_ACCOUNTS = "action_sync_de_ce_accounts";
|
|
//This action doesn't add account to accountdb. Account is only
|
// added in finishSession which may be in a different user profile.
|
static String DEBUG_ACTION_CALLED_START_ACCOUNT_ADD = "action_called_start_account_add";
|
static String DEBUG_ACTION_CALLED_ACCOUNT_SESSION_FINISH =
|
"action_called_account_session_finish";
|
|
static final String CE_DATABASE_NAME = "accounts_ce.db";
|
static final String DE_DATABASE_NAME = "accounts_de.db";
|
private static final String CE_DB_PREFIX = "ceDb.";
|
private static final String CE_TABLE_ACCOUNTS = CE_DB_PREFIX + TABLE_ACCOUNTS;
|
private static final String CE_TABLE_AUTHTOKENS = CE_DB_PREFIX + TABLE_AUTHTOKENS;
|
private static final String CE_TABLE_EXTRAS = CE_DB_PREFIX + TABLE_EXTRAS;
|
|
static final int MAX_DEBUG_DB_SIZE = 64;
|
|
private static final String[] ACCOUNT_TYPE_COUNT_PROJECTION =
|
new String[] { ACCOUNTS_TYPE, ACCOUNTS_TYPE_COUNT};
|
|
private static final String COUNT_OF_MATCHING_GRANTS = ""
|
+ "SELECT COUNT(*) FROM " + TABLE_GRANTS + ", " + TABLE_ACCOUNTS
|
+ " WHERE " + GRANTS_ACCOUNTS_ID + "=" + ACCOUNTS_ID
|
+ " AND " + GRANTS_GRANTEE_UID + "=?"
|
+ " AND " + GRANTS_AUTH_TOKEN_TYPE + "=?"
|
+ " AND " + ACCOUNTS_NAME + "=?"
|
+ " AND " + ACCOUNTS_TYPE + "=?";
|
|
private static final String COUNT_OF_MATCHING_GRANTS_ANY_TOKEN = ""
|
+ "SELECT COUNT(*) FROM " + TABLE_GRANTS + ", " + TABLE_ACCOUNTS
|
+ " WHERE " + GRANTS_ACCOUNTS_ID + "=" + ACCOUNTS_ID
|
+ " AND " + GRANTS_GRANTEE_UID + "=?"
|
+ " AND " + ACCOUNTS_NAME + "=?"
|
+ " AND " + ACCOUNTS_TYPE + "=?";
|
|
private static final String SELECTION_ACCOUNTS_ID_BY_ACCOUNT =
|
"accounts_id=(select _id FROM accounts WHERE name=? AND type=?)";
|
|
private static final String[] COLUMNS_AUTHTOKENS_TYPE_AND_AUTHTOKEN =
|
{AUTHTOKENS_TYPE, AUTHTOKENS_AUTHTOKEN};
|
|
private static final String[] COLUMNS_EXTRAS_KEY_AND_VALUE = {EXTRAS_KEY, EXTRAS_VALUE};
|
|
private static final String ACCOUNT_ACCESS_GRANTS = ""
|
+ "SELECT " + AccountsDb.ACCOUNTS_NAME + ", "
|
+ AccountsDb.GRANTS_GRANTEE_UID
|
+ " FROM " + AccountsDb.TABLE_ACCOUNTS
|
+ ", " + AccountsDb.TABLE_GRANTS
|
+ " WHERE " + AccountsDb.GRANTS_ACCOUNTS_ID
|
+ "=" + AccountsDb.ACCOUNTS_ID;
|
|
private static final String META_KEY_FOR_AUTHENTICATOR_UID_FOR_TYPE_PREFIX =
|
"auth_uid_for_type:";
|
private static final String META_KEY_DELIMITER = ":";
|
private static final String SELECTION_META_BY_AUTHENTICATOR_TYPE = META_KEY + " LIKE ?";
|
|
private final DeDatabaseHelper mDeDatabase;
|
private final Context mContext;
|
private final File mPreNDatabaseFile;
|
|
final Object mDebugStatementLock = new Object();
|
private volatile long mDebugDbInsertionPoint = -1;
|
private volatile SQLiteStatement mDebugStatementForLogging; // not thread safe.
|
|
AccountsDb(DeDatabaseHelper deDatabase, Context context, File preNDatabaseFile) {
|
mDeDatabase = deDatabase;
|
mContext = context;
|
mPreNDatabaseFile = preNDatabaseFile;
|
}
|
|
private static class CeDatabaseHelper extends SQLiteOpenHelper {
|
|
CeDatabaseHelper(Context context, String ceDatabaseName) {
|
super(context, ceDatabaseName, null, CE_DATABASE_VERSION);
|
}
|
|
/**
|
* This call needs to be made while the mCacheLock is held.
|
* @param db The database.
|
*/
|
@Override
|
public void onCreate(SQLiteDatabase db) {
|
Log.i(TAG, "Creating CE database " + getDatabaseName());
|
db.execSQL("CREATE TABLE " + TABLE_ACCOUNTS + " ( "
|
+ ACCOUNTS_ID + " INTEGER PRIMARY KEY AUTOINCREMENT, "
|
+ ACCOUNTS_NAME + " TEXT NOT NULL, "
|
+ ACCOUNTS_TYPE + " TEXT NOT NULL, "
|
+ ACCOUNTS_PASSWORD + " TEXT, "
|
+ "UNIQUE(" + ACCOUNTS_NAME + "," + ACCOUNTS_TYPE + "))");
|
|
db.execSQL("CREATE TABLE " + TABLE_AUTHTOKENS + " ( "
|
+ AUTHTOKENS_ID + " INTEGER PRIMARY KEY AUTOINCREMENT, "
|
+ AUTHTOKENS_ACCOUNTS_ID + " INTEGER NOT NULL, "
|
+ AUTHTOKENS_TYPE + " TEXT NOT NULL, "
|
+ AUTHTOKENS_AUTHTOKEN + " TEXT, "
|
+ "UNIQUE (" + AUTHTOKENS_ACCOUNTS_ID + "," + AUTHTOKENS_TYPE + "))");
|
|
db.execSQL("CREATE TABLE " + TABLE_EXTRAS + " ( "
|
+ EXTRAS_ID + " INTEGER PRIMARY KEY AUTOINCREMENT, "
|
+ EXTRAS_ACCOUNTS_ID + " INTEGER, "
|
+ EXTRAS_KEY + " TEXT NOT NULL, "
|
+ EXTRAS_VALUE + " TEXT, "
|
+ "UNIQUE(" + EXTRAS_ACCOUNTS_ID + "," + EXTRAS_KEY + "))");
|
|
createAccountsDeletionTrigger(db);
|
}
|
|
private void createAccountsDeletionTrigger(SQLiteDatabase db) {
|
db.execSQL(""
|
+ " CREATE TRIGGER " + TABLE_ACCOUNTS + "Delete DELETE ON " + TABLE_ACCOUNTS
|
+ " BEGIN"
|
+ " DELETE FROM " + TABLE_AUTHTOKENS
|
+ " WHERE " + AUTHTOKENS_ACCOUNTS_ID + "=OLD." + ACCOUNTS_ID + " ;"
|
+ " DELETE FROM " + TABLE_EXTRAS
|
+ " WHERE " + EXTRAS_ACCOUNTS_ID + "=OLD." + ACCOUNTS_ID + " ;"
|
+ " END");
|
}
|
|
@Override
|
public void onUpgrade(SQLiteDatabase db, int oldVersion, int newVersion) {
|
Log.i(TAG, "Upgrade CE from version " + oldVersion + " to version " + newVersion);
|
|
if (oldVersion == 9) {
|
if (Log.isLoggable(TAG, Log.VERBOSE)) {
|
Log.v(TAG, "onUpgrade upgrading to v10");
|
}
|
db.execSQL("DROP TABLE IF EXISTS " + TABLE_META);
|
db.execSQL("DROP TABLE IF EXISTS " + TABLE_SHARED_ACCOUNTS);
|
// Recreate the trigger, since the old one references the table to be removed
|
db.execSQL("DROP TRIGGER IF EXISTS " + TABLE_ACCOUNTS + "Delete");
|
createAccountsDeletionTrigger(db);
|
db.execSQL("DROP TABLE IF EXISTS " + TABLE_GRANTS);
|
db.execSQL("DROP TABLE IF EXISTS " + TABLE_DEBUG);
|
oldVersion++;
|
}
|
|
if (oldVersion != newVersion) {
|
Log.e(TAG, "failed to upgrade version " + oldVersion + " to version " + newVersion);
|
}
|
}
|
|
@Override
|
public void onDowngrade(SQLiteDatabase db, int oldVersion, int newVersion) {
|
Log.e(TAG, "onDowngrade: recreate accounts CE table");
|
resetDatabase(db);
|
onCreate(db);
|
}
|
|
@Override
|
public void onOpen(SQLiteDatabase db) {
|
if (Log.isLoggable(TAG, Log.VERBOSE)) Log.v(TAG, "opened database " + CE_DATABASE_NAME);
|
}
|
|
|
/**
|
* Creates a new {@code CeDatabaseHelper}. If pre-N db file is present at the old location,
|
* it also performs migration to the new CE database.
|
*/
|
static CeDatabaseHelper create(
|
Context context,
|
File preNDatabaseFile,
|
File ceDatabaseFile) {
|
boolean newDbExists = ceDatabaseFile.exists();
|
if (Log.isLoggable(TAG, Log.VERBOSE)) {
|
Log.v(TAG, "CeDatabaseHelper.create ceDatabaseFile=" + ceDatabaseFile
|
+ " oldDbExists=" + preNDatabaseFile.exists()
|
+ " newDbExists=" + newDbExists);
|
}
|
boolean removeOldDb = false;
|
if (!newDbExists && preNDatabaseFile.exists()) {
|
removeOldDb = migratePreNDbToCe(preNDatabaseFile, ceDatabaseFile);
|
}
|
// Try to open and upgrade if necessary
|
CeDatabaseHelper ceHelper = new CeDatabaseHelper(context, ceDatabaseFile.getPath());
|
ceHelper.getWritableDatabase();
|
ceHelper.close();
|
if (removeOldDb) {
|
Slog.i(TAG, "Migration complete - removing pre-N db " + preNDatabaseFile);
|
if (!SQLiteDatabase.deleteDatabase(preNDatabaseFile)) {
|
Slog.e(TAG, "Cannot remove pre-N db " + preNDatabaseFile);
|
}
|
}
|
return ceHelper;
|
}
|
|
private static boolean migratePreNDbToCe(File oldDbFile, File ceDbFile) {
|
Slog.i(TAG, "Moving pre-N DB " + oldDbFile + " to CE " + ceDbFile);
|
try {
|
FileUtils.copyFileOrThrow(oldDbFile, ceDbFile);
|
} catch (IOException e) {
|
Slog.e(TAG, "Cannot copy file to " + ceDbFile + " from " + oldDbFile, e);
|
// Try to remove potentially damaged file if I/O error occurred
|
deleteDbFileWarnIfFailed(ceDbFile);
|
return false;
|
}
|
return true;
|
}
|
}
|
|
/**
|
* Returns information about auth tokens and their account for the specified query
|
* parameters.
|
* Output is in the format:
|
* <pre><code> | AUTHTOKEN_ID | ACCOUNT_NAME | AUTH_TOKEN_TYPE |</code></pre>
|
*/
|
Cursor findAuthtokenForAllAccounts(String accountType, String authToken) {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabaseUserIsUnlocked();
|
return db.rawQuery(
|
"SELECT " + CE_TABLE_AUTHTOKENS + "." + AUTHTOKENS_ID
|
+ ", " + CE_TABLE_ACCOUNTS + "." + ACCOUNTS_NAME
|
+ ", " + CE_TABLE_AUTHTOKENS + "." + AUTHTOKENS_TYPE
|
+ " FROM " + CE_TABLE_ACCOUNTS
|
+ " JOIN " + CE_TABLE_AUTHTOKENS
|
+ " ON " + CE_TABLE_ACCOUNTS + "." + ACCOUNTS_ID
|
+ " = " + CE_TABLE_AUTHTOKENS + "." + AUTHTOKENS_ACCOUNTS_ID
|
+ " WHERE " + CE_TABLE_AUTHTOKENS + "." + AUTHTOKENS_AUTHTOKEN
|
+ " = ? AND " + CE_TABLE_ACCOUNTS + "." + ACCOUNTS_TYPE + " = ?",
|
new String[]{authToken, accountType});
|
}
|
|
Map<String, String> findAuthTokensByAccount(Account account) {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabaseUserIsUnlocked();
|
HashMap<String, String> authTokensForAccount = new HashMap<>();
|
Cursor cursor = db.query(CE_TABLE_AUTHTOKENS,
|
COLUMNS_AUTHTOKENS_TYPE_AND_AUTHTOKEN,
|
SELECTION_ACCOUNTS_ID_BY_ACCOUNT,
|
new String[] {account.name, account.type},
|
null, null, null);
|
try {
|
while (cursor.moveToNext()) {
|
final String type = cursor.getString(0);
|
final String authToken = cursor.getString(1);
|
authTokensForAccount.put(type, authToken);
|
}
|
} finally {
|
cursor.close();
|
}
|
return authTokensForAccount;
|
}
|
|
boolean deleteAuthtokensByAccountIdAndType(long accountId, String authtokenType) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabaseUserIsUnlocked();
|
return db.delete(CE_TABLE_AUTHTOKENS,
|
AUTHTOKENS_ACCOUNTS_ID + "=?" + " AND " + AUTHTOKENS_TYPE + "=?",
|
new String[]{String.valueOf(accountId), authtokenType}) > 0;
|
}
|
|
boolean deleteAuthToken(String authTokenId) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabaseUserIsUnlocked();
|
return db.delete(
|
CE_TABLE_AUTHTOKENS, AUTHTOKENS_ID + "= ?",
|
new String[]{authTokenId}) > 0;
|
}
|
|
long insertAuthToken(long accountId, String authTokenType, String authToken) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabaseUserIsUnlocked();
|
ContentValues values = new ContentValues();
|
values.put(AUTHTOKENS_ACCOUNTS_ID, accountId);
|
values.put(AUTHTOKENS_TYPE, authTokenType);
|
values.put(AUTHTOKENS_AUTHTOKEN, authToken);
|
return db.insert(
|
CE_TABLE_AUTHTOKENS, AUTHTOKENS_AUTHTOKEN, values);
|
}
|
|
int updateCeAccountPassword(long accountId, String password) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabaseUserIsUnlocked();
|
final ContentValues values = new ContentValues();
|
values.put(ACCOUNTS_PASSWORD, password);
|
return db.update(
|
CE_TABLE_ACCOUNTS, values, ACCOUNTS_ID + "=?",
|
new String[] {String.valueOf(accountId)});
|
}
|
|
boolean renameCeAccount(long accountId, String newName) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabaseUserIsUnlocked();
|
final ContentValues values = new ContentValues();
|
values.put(ACCOUNTS_NAME, newName);
|
final String[] argsAccountId = {String.valueOf(accountId)};
|
return db.update(
|
CE_TABLE_ACCOUNTS, values, ACCOUNTS_ID + "=?", argsAccountId) > 0;
|
}
|
|
boolean deleteAuthTokensByAccountId(long accountId) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabaseUserIsUnlocked();
|
return db.delete(CE_TABLE_AUTHTOKENS, AUTHTOKENS_ACCOUNTS_ID + "=?",
|
new String[] {String.valueOf(accountId)}) > 0;
|
}
|
|
long findExtrasIdByAccountId(long accountId, String key) {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabaseUserIsUnlocked();
|
Cursor cursor = db.query(
|
CE_TABLE_EXTRAS, new String[]{EXTRAS_ID},
|
EXTRAS_ACCOUNTS_ID + "=" + accountId + " AND " + EXTRAS_KEY + "=?",
|
new String[]{key}, null, null, null);
|
try {
|
if (cursor.moveToNext()) {
|
return cursor.getLong(0);
|
}
|
return -1;
|
} finally {
|
cursor.close();
|
}
|
}
|
|
boolean updateExtra(long extrasId, String value) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabaseUserIsUnlocked();
|
ContentValues values = new ContentValues();
|
values.put(EXTRAS_VALUE, value);
|
int rows = db.update(
|
TABLE_EXTRAS, values, EXTRAS_ID + "=?",
|
new String[]{String.valueOf(extrasId)});
|
return rows == 1;
|
}
|
|
long insertExtra(long accountId, String key, String value) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabaseUserIsUnlocked();
|
ContentValues values = new ContentValues();
|
values.put(EXTRAS_KEY, key);
|
values.put(EXTRAS_ACCOUNTS_ID, accountId);
|
values.put(EXTRAS_VALUE, value);
|
return db.insert(CE_TABLE_EXTRAS, EXTRAS_KEY, values);
|
}
|
|
Map<String, String> findUserExtrasForAccount(Account account) {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabaseUserIsUnlocked();
|
Map<String, String> userExtrasForAccount = new HashMap<>();
|
String[] selectionArgs = {account.name, account.type};
|
try (Cursor cursor = db.query(CE_TABLE_EXTRAS,
|
COLUMNS_EXTRAS_KEY_AND_VALUE,
|
SELECTION_ACCOUNTS_ID_BY_ACCOUNT,
|
selectionArgs,
|
null, null, null)) {
|
while (cursor.moveToNext()) {
|
final String tmpkey = cursor.getString(0);
|
final String value = cursor.getString(1);
|
userExtrasForAccount.put(tmpkey, value);
|
}
|
}
|
return userExtrasForAccount;
|
}
|
|
long findCeAccountId(Account account) {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabaseUserIsUnlocked();
|
String[] columns = { ACCOUNTS_ID };
|
String selection = "name=? AND type=?";
|
String[] selectionArgs = {account.name, account.type};
|
try (Cursor cursor = db.query(CE_TABLE_ACCOUNTS, columns, selection, selectionArgs,
|
null, null, null)) {
|
if (cursor.moveToNext()) {
|
return cursor.getLong(0);
|
}
|
return -1;
|
}
|
}
|
|
String findAccountPasswordByNameAndType(String name, String type) {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabaseUserIsUnlocked();
|
String selection = ACCOUNTS_NAME + "=? AND " + ACCOUNTS_TYPE + "=?";
|
String[] selectionArgs = {name, type};
|
String[] columns = {ACCOUNTS_PASSWORD};
|
try (Cursor cursor = db.query(CE_TABLE_ACCOUNTS, columns, selection, selectionArgs,
|
null, null, null)) {
|
if (cursor.moveToNext()) {
|
return cursor.getString(0);
|
}
|
return null;
|
}
|
}
|
|
long insertCeAccount(Account account, String password) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabaseUserIsUnlocked();
|
ContentValues values = new ContentValues();
|
values.put(ACCOUNTS_NAME, account.name);
|
values.put(ACCOUNTS_TYPE, account.type);
|
values.put(ACCOUNTS_PASSWORD, password);
|
return db.insert(
|
CE_TABLE_ACCOUNTS, ACCOUNTS_NAME, values);
|
}
|
|
|
static class DeDatabaseHelper extends SQLiteOpenHelper {
|
|
private final int mUserId;
|
private volatile boolean mCeAttached;
|
|
private DeDatabaseHelper(Context context, int userId, String deDatabaseName) {
|
super(context, deDatabaseName, null, DE_DATABASE_VERSION);
|
mUserId = userId;
|
}
|
|
/**
|
* This call needs to be made while the mCacheLock is held. The way to
|
* ensure this is to get the lock any time a method is called ont the DatabaseHelper
|
* @param db The database.
|
*/
|
@Override
|
public void onCreate(SQLiteDatabase db) {
|
Log.i(TAG, "Creating DE database for user " + mUserId);
|
db.execSQL("CREATE TABLE " + TABLE_ACCOUNTS + " ( "
|
+ ACCOUNTS_ID + " INTEGER PRIMARY KEY, "
|
+ ACCOUNTS_NAME + " TEXT NOT NULL, "
|
+ ACCOUNTS_TYPE + " TEXT NOT NULL, "
|
+ ACCOUNTS_PREVIOUS_NAME + " TEXT, "
|
+ ACCOUNTS_LAST_AUTHENTICATE_TIME_EPOCH_MILLIS + " INTEGER DEFAULT 0, "
|
+ "UNIQUE(" + ACCOUNTS_NAME + "," + ACCOUNTS_TYPE + "))");
|
|
db.execSQL("CREATE TABLE " + TABLE_META + " ( "
|
+ META_KEY + " TEXT PRIMARY KEY NOT NULL, "
|
+ META_VALUE + " TEXT)");
|
|
createGrantsTable(db);
|
createSharedAccountsTable(db);
|
createAccountsDeletionTrigger(db);
|
createDebugTable(db);
|
createAccountsVisibilityTable(db);
|
createAccountsDeletionVisibilityCleanupTrigger(db);
|
}
|
|
private void createSharedAccountsTable(SQLiteDatabase db) {
|
db.execSQL("CREATE TABLE " + TABLE_SHARED_ACCOUNTS + " ( "
|
+ ACCOUNTS_ID + " INTEGER PRIMARY KEY AUTOINCREMENT, "
|
+ ACCOUNTS_NAME + " TEXT NOT NULL, "
|
+ ACCOUNTS_TYPE + " TEXT NOT NULL, "
|
+ "UNIQUE(" + ACCOUNTS_NAME + "," + ACCOUNTS_TYPE + "))");
|
}
|
|
private void createAccountsDeletionTrigger(SQLiteDatabase db) {
|
db.execSQL(""
|
+ " CREATE TRIGGER " + TABLE_ACCOUNTS + "Delete DELETE ON " + TABLE_ACCOUNTS
|
+ " BEGIN"
|
+ " DELETE FROM " + TABLE_GRANTS
|
+ " WHERE " + GRANTS_ACCOUNTS_ID + "=OLD." + ACCOUNTS_ID + " ;"
|
+ " END");
|
}
|
|
private void createGrantsTable(SQLiteDatabase db) {
|
db.execSQL("CREATE TABLE " + TABLE_GRANTS + " ( "
|
+ GRANTS_ACCOUNTS_ID + " INTEGER NOT NULL, "
|
+ GRANTS_AUTH_TOKEN_TYPE + " STRING NOT NULL, "
|
+ GRANTS_GRANTEE_UID + " INTEGER NOT NULL, "
|
+ "UNIQUE (" + GRANTS_ACCOUNTS_ID + "," + GRANTS_AUTH_TOKEN_TYPE
|
+ "," + GRANTS_GRANTEE_UID + "))");
|
}
|
|
private void createAccountsVisibilityTable(SQLiteDatabase db) {
|
db.execSQL("CREATE TABLE " + TABLE_VISIBILITY + " ( "
|
+ VISIBILITY_ACCOUNTS_ID + " INTEGER NOT NULL, "
|
+ VISIBILITY_PACKAGE + " TEXT NOT NULL, "
|
+ VISIBILITY_VALUE + " INTEGER, "
|
+ "PRIMARY KEY(" + VISIBILITY_ACCOUNTS_ID + "," + VISIBILITY_PACKAGE + "))");
|
}
|
|
static void createDebugTable(SQLiteDatabase db) {
|
db.execSQL("CREATE TABLE " + TABLE_DEBUG + " ( "
|
+ ACCOUNTS_ID + " INTEGER,"
|
+ DEBUG_TABLE_ACTION_TYPE + " TEXT NOT NULL, "
|
+ DEBUG_TABLE_TIMESTAMP + " DATETIME,"
|
+ DEBUG_TABLE_CALLER_UID + " INTEGER NOT NULL,"
|
+ DEBUG_TABLE_TABLE_NAME + " TEXT NOT NULL,"
|
+ DEBUG_TABLE_KEY + " INTEGER PRIMARY KEY)");
|
db.execSQL("CREATE INDEX timestamp_index ON " + TABLE_DEBUG + " ("
|
+ DEBUG_TABLE_TIMESTAMP + ")");
|
}
|
|
private void createAccountsDeletionVisibilityCleanupTrigger(SQLiteDatabase db) {
|
db.execSQL(""
|
+ " CREATE TRIGGER "
|
+ TABLE_ACCOUNTS + "DeleteVisibility DELETE ON " + TABLE_ACCOUNTS
|
+ " BEGIN"
|
+ " DELETE FROM " + TABLE_VISIBILITY
|
+ " WHERE " + VISIBILITY_ACCOUNTS_ID + "=OLD." + ACCOUNTS_ID + " ;"
|
+ " END");
|
}
|
|
@Override
|
public void onUpgrade(SQLiteDatabase db, int oldVersion, int newVersion) {
|
Log.i(TAG, "upgrade from version " + oldVersion + " to version " + newVersion);
|
|
if (oldVersion == 1) {
|
createAccountsVisibilityTable(db);
|
createAccountsDeletionVisibilityCleanupTrigger(db);
|
oldVersion = 3; // skip version 2 which had uid based table
|
}
|
|
if (oldVersion == 2) {
|
// Remove uid based table and replace it with packageName based
|
db.execSQL("DROP TRIGGER IF EXISTS " + TABLE_ACCOUNTS + "DeleteVisibility");
|
db.execSQL("DROP TABLE IF EXISTS " + TABLE_VISIBILITY);
|
createAccountsVisibilityTable(db);
|
createAccountsDeletionVisibilityCleanupTrigger(db);
|
oldVersion++;
|
}
|
|
if (oldVersion != newVersion) {
|
Log.e(TAG, "failed to upgrade version " + oldVersion + " to version " + newVersion);
|
}
|
}
|
|
@Override
|
public void onDowngrade(SQLiteDatabase db, int oldVersion, int newVersion) {
|
Log.e(TAG, "onDowngrade: recreate accounts DE table");
|
resetDatabase(db);
|
onCreate(db);
|
}
|
|
public SQLiteDatabase getReadableDatabaseUserIsUnlocked() {
|
if(!mCeAttached) {
|
Log.wtf(TAG, "getReadableDatabaseUserIsUnlocked called while user " + mUserId
|
+ " is still locked. CE database is not yet available.", new Throwable());
|
}
|
return super.getReadableDatabase();
|
}
|
|
public SQLiteDatabase getWritableDatabaseUserIsUnlocked() {
|
if(!mCeAttached) {
|
Log.wtf(TAG, "getWritableDatabaseUserIsUnlocked called while user " + mUserId
|
+ " is still locked. CE database is not yet available.", new Throwable());
|
}
|
return super.getWritableDatabase();
|
}
|
|
@Override
|
public void onOpen(SQLiteDatabase db) {
|
if (Log.isLoggable(TAG, Log.VERBOSE)) Log.v(TAG, "opened database " + DE_DATABASE_NAME);
|
}
|
|
private void migratePreNDbToDe(File preNDbFile) {
|
Log.i(TAG, "Migrate pre-N database to DE preNDbFile=" + preNDbFile);
|
SQLiteDatabase db = getWritableDatabase();
|
db.execSQL("ATTACH DATABASE '" + preNDbFile.getPath() + "' AS preNDb");
|
db.beginTransaction();
|
// Copy accounts fields
|
db.execSQL("INSERT INTO " + TABLE_ACCOUNTS
|
+ "(" + ACCOUNTS_ID + "," + ACCOUNTS_NAME + "," + ACCOUNTS_TYPE + ", "
|
+ ACCOUNTS_PREVIOUS_NAME + ", " + ACCOUNTS_LAST_AUTHENTICATE_TIME_EPOCH_MILLIS
|
+ ") "
|
+ "SELECT " + ACCOUNTS_ID + "," + ACCOUNTS_NAME + "," + ACCOUNTS_TYPE + ", "
|
+ ACCOUNTS_PREVIOUS_NAME + ", " + ACCOUNTS_LAST_AUTHENTICATE_TIME_EPOCH_MILLIS
|
+ " FROM preNDb." + TABLE_ACCOUNTS);
|
// Copy SHARED_ACCOUNTS
|
db.execSQL("INSERT INTO " + TABLE_SHARED_ACCOUNTS
|
+ "(" + SHARED_ACCOUNTS_ID + "," + ACCOUNTS_NAME + "," + ACCOUNTS_TYPE + ") " +
|
"SELECT " + SHARED_ACCOUNTS_ID + "," + ACCOUNTS_NAME + "," + ACCOUNTS_TYPE
|
+ " FROM preNDb." + TABLE_SHARED_ACCOUNTS);
|
// Copy DEBUG_TABLE
|
db.execSQL("INSERT INTO " + TABLE_DEBUG
|
+ "(" + ACCOUNTS_ID + "," + DEBUG_TABLE_ACTION_TYPE + ","
|
+ DEBUG_TABLE_TIMESTAMP + "," + DEBUG_TABLE_CALLER_UID + ","
|
+ DEBUG_TABLE_TABLE_NAME + "," + DEBUG_TABLE_KEY + ") " +
|
"SELECT " + ACCOUNTS_ID + "," + DEBUG_TABLE_ACTION_TYPE + ","
|
+ DEBUG_TABLE_TIMESTAMP + "," + DEBUG_TABLE_CALLER_UID + ","
|
+ DEBUG_TABLE_TABLE_NAME + "," + DEBUG_TABLE_KEY
|
+ " FROM preNDb." + TABLE_DEBUG);
|
// Copy GRANTS
|
db.execSQL("INSERT INTO " + TABLE_GRANTS
|
+ "(" + GRANTS_ACCOUNTS_ID + "," + GRANTS_AUTH_TOKEN_TYPE + ","
|
+ GRANTS_GRANTEE_UID + ") " +
|
"SELECT " + GRANTS_ACCOUNTS_ID + "," + GRANTS_AUTH_TOKEN_TYPE + ","
|
+ GRANTS_GRANTEE_UID + " FROM preNDb." + TABLE_GRANTS);
|
// Copy META
|
db.execSQL("INSERT INTO " + TABLE_META
|
+ "(" + META_KEY + "," + META_VALUE + ") "
|
+ "SELECT " + META_KEY + "," + META_VALUE + " FROM preNDb." + TABLE_META);
|
db.setTransactionSuccessful();
|
db.endTransaction();
|
|
db.execSQL("DETACH DATABASE preNDb");
|
}
|
}
|
|
boolean deleteDeAccount(long accountId) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabase();
|
return db.delete(TABLE_ACCOUNTS, ACCOUNTS_ID + "=" + accountId, null) > 0;
|
}
|
|
long insertSharedAccount(Account account) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabase();
|
ContentValues values = new ContentValues();
|
values.put(ACCOUNTS_NAME, account.name);
|
values.put(ACCOUNTS_TYPE, account.type);
|
return db.insert(
|
TABLE_SHARED_ACCOUNTS, ACCOUNTS_NAME, values);
|
}
|
|
boolean deleteSharedAccount(Account account) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabase();
|
return db.delete(TABLE_SHARED_ACCOUNTS, ACCOUNTS_NAME + "=? AND " + ACCOUNTS_TYPE + "=?",
|
new String[]{account.name, account.type}) > 0;
|
}
|
|
int renameSharedAccount(Account account, String newName) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabase();
|
final ContentValues values = new ContentValues();
|
values.put(ACCOUNTS_NAME, newName);
|
return db.update(TABLE_SHARED_ACCOUNTS,
|
values,
|
ACCOUNTS_NAME + "=? AND " + ACCOUNTS_TYPE + "=?",
|
new String[] {account.name, account.type});
|
}
|
|
List<Account> getSharedAccounts() {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabase();
|
ArrayList<Account> accountList = new ArrayList<>();
|
Cursor cursor = null;
|
try {
|
cursor = db.query(TABLE_SHARED_ACCOUNTS, new String[] {ACCOUNTS_NAME, ACCOUNTS_TYPE},
|
null, null, null, null, null);
|
if (cursor != null && cursor.moveToFirst()) {
|
int nameIndex = cursor.getColumnIndex(ACCOUNTS_NAME);
|
int typeIndex = cursor.getColumnIndex(ACCOUNTS_TYPE);
|
do {
|
accountList.add(new Account(cursor.getString(nameIndex),
|
cursor.getString(typeIndex)));
|
} while (cursor.moveToNext());
|
}
|
} finally {
|
if (cursor != null) {
|
cursor.close();
|
}
|
}
|
return accountList;
|
}
|
|
long findSharedAccountId(Account account) {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabase();
|
Cursor cursor = db.query(TABLE_SHARED_ACCOUNTS, new String[]{
|
ACCOUNTS_ID},
|
"name=? AND type=?", new String[]{account.name, account.type}, null, null,
|
null);
|
try {
|
if (cursor.moveToNext()) {
|
return cursor.getLong(0);
|
}
|
return -1;
|
} finally {
|
cursor.close();
|
}
|
}
|
|
long findAccountLastAuthenticatedTime(Account account) {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabase();
|
return DatabaseUtils.longForQuery(db,
|
"SELECT " + AccountsDb.ACCOUNTS_LAST_AUTHENTICATE_TIME_EPOCH_MILLIS
|
+ " FROM " + TABLE_ACCOUNTS + " WHERE " + ACCOUNTS_NAME + "=? AND "
|
+ ACCOUNTS_TYPE + "=?",
|
new String[] {account.name, account.type});
|
}
|
|
boolean updateAccountLastAuthenticatedTime(Account account) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabase();
|
final ContentValues values = new ContentValues();
|
values.put(ACCOUNTS_LAST_AUTHENTICATE_TIME_EPOCH_MILLIS, System.currentTimeMillis());
|
int rowCount = db.update(TABLE_ACCOUNTS,
|
values,
|
ACCOUNTS_NAME + "=? AND " + ACCOUNTS_TYPE + "=?",
|
new String[] { account.name, account.type });
|
return rowCount > 0;
|
}
|
|
void dumpDeAccountsTable(PrintWriter pw) {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabase();
|
Cursor cursor = db.query(
|
TABLE_ACCOUNTS, ACCOUNT_TYPE_COUNT_PROJECTION,
|
null, null, ACCOUNTS_TYPE, null, null);
|
try {
|
while (cursor.moveToNext()) {
|
// print type,count
|
pw.println(cursor.getString(0) + "," + cursor.getString(1));
|
}
|
} finally {
|
if (cursor != null) {
|
cursor.close();
|
}
|
}
|
}
|
|
long findDeAccountId(Account account) {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabase();
|
String[] columns = {ACCOUNTS_ID};
|
String selection = "name=? AND type=?";
|
String[] selectionArgs = {account.name, account.type};
|
try (Cursor cursor = db.query(TABLE_ACCOUNTS, columns, selection, selectionArgs,
|
null, null, null)) {
|
if (cursor.moveToNext()) {
|
return cursor.getLong(0);
|
}
|
return -1;
|
}
|
}
|
|
Map<Long, Account> findAllDeAccounts() {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabase();
|
LinkedHashMap<Long, Account> map = new LinkedHashMap<>();
|
String[] columns = {ACCOUNTS_ID, ACCOUNTS_TYPE, ACCOUNTS_NAME};
|
try (Cursor cursor = db.query(TABLE_ACCOUNTS, columns,
|
null, null, null, null, ACCOUNTS_ID)) {
|
while (cursor.moveToNext()) {
|
final long accountId = cursor.getLong(0);
|
final String accountType = cursor.getString(1);
|
final String accountName = cursor.getString(2);
|
|
final Account account = new Account(accountName, accountType);
|
map.put(accountId, account);
|
}
|
}
|
return map;
|
}
|
|
String findDeAccountPreviousName(Account account) {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabase();
|
String[] columns = {ACCOUNTS_PREVIOUS_NAME};
|
String selection = ACCOUNTS_NAME + "=? AND " + ACCOUNTS_TYPE + "=?";
|
String[] selectionArgs = {account.name, account.type};
|
try (Cursor cursor = db.query(TABLE_ACCOUNTS, columns, selection, selectionArgs,
|
null, null, null)) {
|
if (cursor.moveToNext()) {
|
return cursor.getString(0);
|
}
|
}
|
return null;
|
}
|
|
long insertDeAccount(Account account, long accountId) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabase();
|
ContentValues values = new ContentValues();
|
values.put(ACCOUNTS_ID, accountId);
|
values.put(ACCOUNTS_NAME, account.name);
|
values.put(ACCOUNTS_TYPE, account.type);
|
values.put(ACCOUNTS_LAST_AUTHENTICATE_TIME_EPOCH_MILLIS, System.currentTimeMillis());
|
return db.insert(TABLE_ACCOUNTS, ACCOUNTS_NAME, values);
|
}
|
|
boolean renameDeAccount(long accountId, String newName, String previousName) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabase();
|
final ContentValues values = new ContentValues();
|
values.put(ACCOUNTS_NAME, newName);
|
values.put(ACCOUNTS_PREVIOUS_NAME, previousName);
|
final String[] argsAccountId = {String.valueOf(accountId)};
|
return db.update(TABLE_ACCOUNTS, values, ACCOUNTS_ID + "=?", argsAccountId) > 0;
|
}
|
|
boolean deleteGrantsByAccountIdAuthTokenTypeAndUid(long accountId,
|
String authTokenType, long uid) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabase();
|
return db.delete(TABLE_GRANTS,
|
GRANTS_ACCOUNTS_ID + "=? AND " + GRANTS_AUTH_TOKEN_TYPE + "=? AND "
|
+ GRANTS_GRANTEE_UID + "=?",
|
new String[] {String.valueOf(accountId), authTokenType, String.valueOf(uid)}) > 0;
|
}
|
|
List<Integer> findAllUidGrants() {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabase();
|
List<Integer> result = new ArrayList<>();
|
final Cursor cursor = db.query(TABLE_GRANTS,
|
new String[]{GRANTS_GRANTEE_UID},
|
null, null, GRANTS_GRANTEE_UID, null, null);
|
try {
|
while (cursor.moveToNext()) {
|
final int uid = cursor.getInt(0);
|
result.add(uid);
|
}
|
} finally {
|
cursor.close();
|
}
|
return result;
|
}
|
|
long findMatchingGrantsCount(int uid, String authTokenType, Account account) {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabase();
|
String[] args = {String.valueOf(uid), authTokenType, account.name, account.type};
|
return DatabaseUtils.longForQuery(db, COUNT_OF_MATCHING_GRANTS, args);
|
}
|
|
long findMatchingGrantsCountAnyToken(int uid, Account account) {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabase();
|
String[] args = {String.valueOf(uid), account.name, account.type};
|
return DatabaseUtils.longForQuery(db, COUNT_OF_MATCHING_GRANTS_ANY_TOKEN, args);
|
}
|
|
long insertGrant(long accountId, String authTokenType, int uid) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabase();
|
ContentValues values = new ContentValues();
|
values.put(GRANTS_ACCOUNTS_ID, accountId);
|
values.put(GRANTS_AUTH_TOKEN_TYPE, authTokenType);
|
values.put(GRANTS_GRANTEE_UID, uid);
|
return db.insert(TABLE_GRANTS, GRANTS_ACCOUNTS_ID, values);
|
}
|
|
boolean deleteGrantsByUid(int uid) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabase();
|
return db.delete(TABLE_GRANTS, GRANTS_GRANTEE_UID + "=?",
|
new String[] {Integer.toString(uid)}) > 0;
|
}
|
|
boolean setAccountVisibility(long accountId, String packageName, int visibility) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabase();
|
ContentValues values = new ContentValues();
|
values.put(VISIBILITY_ACCOUNTS_ID, String.valueOf(accountId));
|
values.put(VISIBILITY_PACKAGE, packageName);
|
values.put(VISIBILITY_VALUE, String.valueOf(visibility));
|
return (db.replace(TABLE_VISIBILITY, VISIBILITY_VALUE, values) != -1);
|
}
|
|
Integer findAccountVisibility(Account account, String packageName) {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabase();
|
final Cursor cursor = db.query(TABLE_VISIBILITY, new String[] {VISIBILITY_VALUE},
|
SELECTION_ACCOUNTS_ID_BY_ACCOUNT + " AND " + VISIBILITY_PACKAGE + "=? ",
|
new String[] {account.name, account.type, packageName}, null, null, null);
|
try {
|
while (cursor.moveToNext()) {
|
return cursor.getInt(0);
|
}
|
} finally {
|
cursor.close();
|
}
|
return null;
|
}
|
|
Integer findAccountVisibility(long accountId, String packageName) {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabase();
|
final Cursor cursor = db.query(TABLE_VISIBILITY, new String[] {VISIBILITY_VALUE},
|
VISIBILITY_ACCOUNTS_ID + "=? AND " + VISIBILITY_PACKAGE + "=? ",
|
new String[] {String.valueOf(accountId), packageName}, null, null, null);
|
try {
|
while (cursor.moveToNext()) {
|
return cursor.getInt(0);
|
}
|
} finally {
|
cursor.close();
|
}
|
return null;
|
}
|
|
Account findDeAccountByAccountId(long accountId) {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabase();
|
final Cursor cursor = db.query(TABLE_ACCOUNTS, new String[] {ACCOUNTS_NAME, ACCOUNTS_TYPE},
|
ACCOUNTS_ID + "=? ", new String[] {String.valueOf(accountId)}, null, null, null);
|
try {
|
while (cursor.moveToNext()) {
|
return new Account(cursor.getString(0), cursor.getString(1));
|
}
|
} finally {
|
cursor.close();
|
}
|
return null;
|
}
|
|
/**
|
* Returns a map from packageNames to visibility.
|
*/
|
Map<String, Integer> findAllVisibilityValuesForAccount(Account account) {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabase();
|
Map<String, Integer> result = new HashMap<>();
|
final Cursor cursor =
|
db.query(TABLE_VISIBILITY, new String[] {VISIBILITY_PACKAGE, VISIBILITY_VALUE},
|
SELECTION_ACCOUNTS_ID_BY_ACCOUNT, new String[] {account.name, account.type},
|
null, null, null);
|
try {
|
while (cursor.moveToNext()) {
|
result.put(cursor.getString(0), cursor.getInt(1));
|
}
|
} finally {
|
cursor.close();
|
}
|
return result;
|
}
|
|
/**
|
* Returns a map account -> (package -> visibility)
|
*/
|
Map <Account, Map<String, Integer>> findAllVisibilityValues() {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabase();
|
Map<Account, Map<String, Integer>> result = new HashMap<>();
|
Cursor cursor = db.rawQuery(
|
"SELECT " + TABLE_VISIBILITY + "." + VISIBILITY_PACKAGE
|
+ ", " + TABLE_VISIBILITY + "." + VISIBILITY_VALUE
|
+ ", " + TABLE_ACCOUNTS + "." + ACCOUNTS_NAME
|
+ ", " + TABLE_ACCOUNTS + "." + ACCOUNTS_TYPE
|
+ " FROM " + TABLE_VISIBILITY
|
+ " JOIN " + TABLE_ACCOUNTS
|
+ " ON " + TABLE_ACCOUNTS + "." + ACCOUNTS_ID
|
+ " = " + TABLE_VISIBILITY + "." + VISIBILITY_ACCOUNTS_ID, null);
|
try {
|
while (cursor.moveToNext()) {
|
String packageName = cursor.getString(0);
|
Integer visibility = cursor.getInt(1);
|
String accountName = cursor.getString(2);
|
String accountType = cursor.getString(3);
|
Account account = new Account(accountName, accountType);
|
Map <String, Integer> accountVisibility = result.get(account);
|
if (accountVisibility == null) {
|
accountVisibility = new HashMap<>();
|
result.put(account, accountVisibility);
|
}
|
accountVisibility.put(packageName, visibility);
|
}
|
} finally {
|
cursor.close();
|
}
|
return result;
|
}
|
|
boolean deleteAccountVisibilityForPackage(String packageName) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabase();
|
return db.delete(TABLE_VISIBILITY, VISIBILITY_PACKAGE + "=? ",
|
new String[] {packageName}) > 0;
|
}
|
|
long insertOrReplaceMetaAuthTypeAndUid(String authenticatorType, int uid) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabase();
|
ContentValues values = new ContentValues();
|
values.put(META_KEY,
|
META_KEY_FOR_AUTHENTICATOR_UID_FOR_TYPE_PREFIX + authenticatorType);
|
values.put(META_VALUE, uid);
|
return db.insertWithOnConflict(TABLE_META, null, values,
|
SQLiteDatabase.CONFLICT_REPLACE);
|
}
|
|
Map<String, Integer> findMetaAuthUid() {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabase();
|
Cursor metaCursor = db.query(
|
TABLE_META,
|
new String[]{META_KEY, META_VALUE},
|
SELECTION_META_BY_AUTHENTICATOR_TYPE,
|
new String[]{META_KEY_FOR_AUTHENTICATOR_UID_FOR_TYPE_PREFIX + "%"},
|
null /* groupBy */,
|
null /* having */,
|
META_KEY);
|
Map<String, Integer> map = new LinkedHashMap<>();
|
try {
|
while (metaCursor.moveToNext()) {
|
String type = TextUtils
|
.split(metaCursor.getString(0), META_KEY_DELIMITER)[1];
|
String uidStr = metaCursor.getString(1);
|
if (TextUtils.isEmpty(type) || TextUtils.isEmpty(uidStr)) {
|
// Should never happen.
|
Slog.e(TAG, "Auth type empty: " + TextUtils.isEmpty(type)
|
+ ", uid empty: " + TextUtils.isEmpty(uidStr));
|
continue;
|
}
|
int uid = Integer.parseInt(metaCursor.getString(1));
|
map.put(type, uid);
|
}
|
} finally {
|
metaCursor.close();
|
}
|
return map;
|
}
|
|
boolean deleteMetaByAuthTypeAndUid(String type, int uid) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabase();
|
return db.delete(
|
TABLE_META,
|
META_KEY + "=? AND " + META_VALUE + "=?",
|
new String[]{
|
META_KEY_FOR_AUTHENTICATOR_UID_FOR_TYPE_PREFIX + type,
|
String.valueOf(uid)}
|
) > 0;
|
}
|
|
/**
|
* Returns list of all grants as {@link Pair pairs} of account name and UID.
|
*/
|
List<Pair<String, Integer>> findAllAccountGrants() {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabase();
|
try (Cursor cursor = db.rawQuery(ACCOUNT_ACCESS_GRANTS, null)) {
|
if (cursor == null || !cursor.moveToFirst()) {
|
return Collections.emptyList();
|
}
|
List<Pair<String, Integer>> results = new ArrayList<>();
|
do {
|
final String accountName = cursor.getString(0);
|
final int uid = cursor.getInt(1);
|
results.add(Pair.create(accountName, uid));
|
} while (cursor.moveToNext());
|
return results;
|
}
|
}
|
|
private static class PreNDatabaseHelper extends SQLiteOpenHelper {
|
private final Context mContext;
|
private final int mUserId;
|
|
PreNDatabaseHelper(Context context, int userId, String preNDatabaseName) {
|
super(context, preNDatabaseName, null, PRE_N_DATABASE_VERSION);
|
mContext = context;
|
mUserId = userId;
|
}
|
|
@Override
|
public void onCreate(SQLiteDatabase db) {
|
// We use PreNDatabaseHelper only if pre-N db exists
|
throw new IllegalStateException("Legacy database cannot be created - only upgraded!");
|
}
|
|
private void createSharedAccountsTable(SQLiteDatabase db) {
|
db.execSQL("CREATE TABLE " + TABLE_SHARED_ACCOUNTS + " ( "
|
+ ACCOUNTS_ID + " INTEGER PRIMARY KEY AUTOINCREMENT, "
|
+ ACCOUNTS_NAME + " TEXT NOT NULL, "
|
+ ACCOUNTS_TYPE + " TEXT NOT NULL, "
|
+ "UNIQUE(" + ACCOUNTS_NAME + "," + ACCOUNTS_TYPE + "))");
|
}
|
|
private void addLastSuccessfullAuthenticatedTimeColumn(SQLiteDatabase db) {
|
db.execSQL("ALTER TABLE " + TABLE_ACCOUNTS + " ADD COLUMN "
|
+ ACCOUNTS_LAST_AUTHENTICATE_TIME_EPOCH_MILLIS + " DEFAULT 0");
|
}
|
|
private void addOldAccountNameColumn(SQLiteDatabase db) {
|
db.execSQL("ALTER TABLE " + TABLE_ACCOUNTS + " ADD COLUMN " + ACCOUNTS_PREVIOUS_NAME);
|
}
|
|
private void addDebugTable(SQLiteDatabase db) {
|
DeDatabaseHelper.createDebugTable(db);
|
}
|
|
private void createAccountsDeletionTrigger(SQLiteDatabase db) {
|
db.execSQL(""
|
+ " CREATE TRIGGER " + TABLE_ACCOUNTS + "Delete DELETE ON " + TABLE_ACCOUNTS
|
+ " BEGIN"
|
+ " DELETE FROM " + TABLE_AUTHTOKENS
|
+ " WHERE " + AUTHTOKENS_ACCOUNTS_ID + "=OLD." + ACCOUNTS_ID + " ;"
|
+ " DELETE FROM " + TABLE_EXTRAS
|
+ " WHERE " + EXTRAS_ACCOUNTS_ID + "=OLD." + ACCOUNTS_ID + " ;"
|
+ " DELETE FROM " + TABLE_GRANTS
|
+ " WHERE " + GRANTS_ACCOUNTS_ID + "=OLD." + ACCOUNTS_ID + " ;"
|
+ " END");
|
}
|
|
private void createGrantsTable(SQLiteDatabase db) {
|
db.execSQL("CREATE TABLE " + TABLE_GRANTS + " ( "
|
+ GRANTS_ACCOUNTS_ID + " INTEGER NOT NULL, "
|
+ GRANTS_AUTH_TOKEN_TYPE + " STRING NOT NULL, "
|
+ GRANTS_GRANTEE_UID + " INTEGER NOT NULL, "
|
+ "UNIQUE (" + GRANTS_ACCOUNTS_ID + "," + GRANTS_AUTH_TOKEN_TYPE
|
+ "," + GRANTS_GRANTEE_UID + "))");
|
}
|
|
static long insertMetaAuthTypeAndUid(SQLiteDatabase db, String authenticatorType, int uid) {
|
ContentValues values = new ContentValues();
|
values.put(META_KEY,
|
META_KEY_FOR_AUTHENTICATOR_UID_FOR_TYPE_PREFIX + authenticatorType);
|
values.put(META_VALUE, uid);
|
return db.insert(TABLE_META, null, values);
|
}
|
|
private void populateMetaTableWithAuthTypeAndUID(SQLiteDatabase db,
|
Map<String, Integer> authTypeAndUIDMap) {
|
for (Map.Entry<String, Integer> entry : authTypeAndUIDMap.entrySet()) {
|
insertMetaAuthTypeAndUid(db, entry.getKey(), entry.getValue());
|
}
|
}
|
|
/**
|
* Pre-N database may need an upgrade before splitting
|
*/
|
@Override
|
public void onUpgrade(SQLiteDatabase db, int oldVersion, int newVersion) {
|
Log.e(TAG, "upgrade from version " + oldVersion + " to version " + newVersion);
|
|
if (oldVersion == 1) {
|
// no longer need to do anything since the work is done
|
// when upgrading from version 2
|
oldVersion++;
|
}
|
|
if (oldVersion == 2) {
|
createGrantsTable(db);
|
db.execSQL("DROP TRIGGER " + TABLE_ACCOUNTS + "Delete");
|
createAccountsDeletionTrigger(db);
|
oldVersion++;
|
}
|
|
if (oldVersion == 3) {
|
db.execSQL("UPDATE " + TABLE_ACCOUNTS + " SET " + ACCOUNTS_TYPE +
|
" = 'com.google' WHERE " + ACCOUNTS_TYPE + " == 'com.google.GAIA'");
|
oldVersion++;
|
}
|
|
if (oldVersion == 4) {
|
createSharedAccountsTable(db);
|
oldVersion++;
|
}
|
|
if (oldVersion == 5) {
|
addOldAccountNameColumn(db);
|
oldVersion++;
|
}
|
|
if (oldVersion == 6) {
|
addLastSuccessfullAuthenticatedTimeColumn(db);
|
oldVersion++;
|
}
|
|
if (oldVersion == 7) {
|
addDebugTable(db);
|
oldVersion++;
|
}
|
|
if (oldVersion == 8) {
|
populateMetaTableWithAuthTypeAndUID(
|
db,
|
AccountManagerService.getAuthenticatorTypeAndUIDForUser(mContext, mUserId));
|
oldVersion++;
|
}
|
|
if (oldVersion != newVersion) {
|
Log.e(TAG, "failed to upgrade version " + oldVersion + " to version " + newVersion);
|
}
|
}
|
|
@Override
|
public void onOpen(SQLiteDatabase db) {
|
if (Log.isLoggable(TAG, Log.VERBOSE)) Log.v(TAG, "opened database " + DATABASE_NAME);
|
}
|
}
|
|
List<Account> findCeAccountsNotInDe() {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabaseUserIsUnlocked();
|
// Select accounts from CE that do not exist in DE
|
Cursor cursor = db.rawQuery(
|
"SELECT " + ACCOUNTS_NAME + "," + ACCOUNTS_TYPE
|
+ " FROM " + CE_TABLE_ACCOUNTS
|
+ " WHERE NOT EXISTS "
|
+ " (SELECT " + ACCOUNTS_ID + " FROM " + TABLE_ACCOUNTS
|
+ " WHERE " + ACCOUNTS_ID + "=" + CE_TABLE_ACCOUNTS + "." + ACCOUNTS_ID
|
+ " )", null);
|
try {
|
List<Account> accounts = new ArrayList<>(cursor.getCount());
|
while (cursor.moveToNext()) {
|
String accountName = cursor.getString(0);
|
String accountType = cursor.getString(1);
|
accounts.add(new Account(accountName, accountType));
|
}
|
return accounts;
|
} finally {
|
cursor.close();
|
}
|
}
|
|
boolean deleteCeAccount(long accountId) {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabaseUserIsUnlocked();
|
return db.delete(
|
CE_TABLE_ACCOUNTS, ACCOUNTS_ID + "=" + accountId, null) > 0;
|
}
|
|
boolean isCeDatabaseAttached() {
|
return mDeDatabase.mCeAttached;
|
}
|
|
void beginTransaction() {
|
mDeDatabase.getWritableDatabase().beginTransaction();
|
}
|
|
void setTransactionSuccessful() {
|
mDeDatabase.getWritableDatabase().setTransactionSuccessful();
|
}
|
|
void endTransaction() {
|
mDeDatabase.getWritableDatabase().endTransaction();
|
}
|
|
void attachCeDatabase(File ceDbFile) {
|
CeDatabaseHelper.create(mContext, mPreNDatabaseFile, ceDbFile);
|
SQLiteDatabase db = mDeDatabase.getWritableDatabase();
|
db.execSQL("ATTACH DATABASE '" + ceDbFile.getPath()+ "' AS ceDb");
|
mDeDatabase.mCeAttached = true;
|
}
|
|
/*
|
* Finds the row key where the next insertion should take place. Returns number of rows
|
* if it is less {@link #MAX_DEBUG_DB_SIZE}, otherwise finds the lowest number available.
|
*/
|
long calculateDebugTableInsertionPoint() {
|
try {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabase();
|
String queryCountDebugDbRows = "SELECT COUNT(*) FROM " + TABLE_DEBUG;
|
int size = (int) DatabaseUtils.longForQuery(db, queryCountDebugDbRows, null);
|
if (size < MAX_DEBUG_DB_SIZE) {
|
return size;
|
}
|
|
// This query finds the smallest timestamp value (and if 2 records have
|
// same timestamp, the choose the lower id).
|
queryCountDebugDbRows =
|
"SELECT " + DEBUG_TABLE_KEY
|
+ " FROM " + TABLE_DEBUG
|
+ " ORDER BY " + DEBUG_TABLE_TIMESTAMP + ","
|
+ DEBUG_TABLE_KEY
|
+ " LIMIT 1";
|
return DatabaseUtils.longForQuery(db, queryCountDebugDbRows, null);
|
} catch (SQLiteException e) {
|
Log.e(TAG, "Failed to open debug table" + e);
|
return -1;
|
}
|
}
|
|
SQLiteStatement compileSqlStatementForLogging() {
|
SQLiteDatabase db = mDeDatabase.getWritableDatabase();
|
String sql = "INSERT OR REPLACE INTO " + AccountsDb.TABLE_DEBUG
|
+ " VALUES (?,?,?,?,?,?)";
|
return db.compileStatement(sql);
|
}
|
|
/**
|
* Returns statement for logging or {@code null} on database open failure.
|
* Returned value must be guarded by {link #debugStatementLock}
|
*/
|
@Nullable SQLiteStatement getStatementForLogging() {
|
if (mDebugStatementForLogging != null) {
|
return mDebugStatementForLogging;
|
}
|
try {
|
mDebugStatementForLogging = compileSqlStatementForLogging();
|
return mDebugStatementForLogging;
|
} catch (SQLiteException e) {
|
Log.e(TAG, "Failed to open debug table" + e);
|
return null;
|
}
|
}
|
|
void closeDebugStatement() {
|
synchronized (mDebugStatementLock) {
|
if (mDebugStatementForLogging != null) {
|
mDebugStatementForLogging.close();
|
mDebugStatementForLogging = null;
|
}
|
}
|
}
|
|
long reserveDebugDbInsertionPoint() {
|
if (mDebugDbInsertionPoint == -1) {
|
mDebugDbInsertionPoint = calculateDebugTableInsertionPoint();
|
return mDebugDbInsertionPoint;
|
}
|
mDebugDbInsertionPoint = (mDebugDbInsertionPoint + 1) % MAX_DEBUG_DB_SIZE;
|
return mDebugDbInsertionPoint;
|
}
|
|
void dumpDebugTable(PrintWriter pw) {
|
SQLiteDatabase db = mDeDatabase.getReadableDatabase();
|
Cursor cursor = db.query(TABLE_DEBUG, null,
|
null, null, null, null, DEBUG_TABLE_TIMESTAMP);
|
pw.println("AccountId, Action_Type, timestamp, UID, TableName, Key");
|
pw.println("Accounts History");
|
try {
|
while (cursor.moveToNext()) {
|
// print type,count
|
pw.println(cursor.getString(0) + "," + cursor.getString(1) + "," +
|
cursor.getString(2) + "," + cursor.getString(3) + ","
|
+ cursor.getString(4) + "," + cursor.getString(5));
|
}
|
} finally {
|
cursor.close();
|
}
|
}
|
|
@Override
|
public void close() {
|
mDeDatabase.close();
|
}
|
|
static void deleteDbFileWarnIfFailed(File dbFile) {
|
if (!SQLiteDatabase.deleteDatabase(dbFile)) {
|
Log.w(TAG, "Database at " + dbFile + " was not deleted successfully");
|
}
|
}
|
|
public static AccountsDb create(Context context, int userId, File preNDatabaseFile,
|
File deDatabaseFile) {
|
boolean newDbExists = deDatabaseFile.exists();
|
DeDatabaseHelper deDatabaseHelper = new DeDatabaseHelper(context, userId,
|
deDatabaseFile.getPath());
|
// If the db just created, and there is a legacy db, migrate it
|
if (!newDbExists && preNDatabaseFile.exists()) {
|
// Migrate legacy db to the latest version - PRE_N_DATABASE_VERSION
|
PreNDatabaseHelper
|
preNDatabaseHelper = new PreNDatabaseHelper(context, userId,
|
preNDatabaseFile.getPath());
|
// Open the database to force upgrade if required
|
preNDatabaseHelper.getWritableDatabase();
|
preNDatabaseHelper.close();
|
// Move data without SPII to DE
|
deDatabaseHelper.migratePreNDbToDe(preNDatabaseFile);
|
}
|
return new AccountsDb(deDatabaseHelper, context, preNDatabaseFile);
|
}
|
|
/**
|
* Removes all tables and triggers created by AccountManager.
|
*/
|
private static void resetDatabase(SQLiteDatabase db) {
|
try (Cursor c = db.rawQuery("SELECT name FROM sqlite_master WHERE type ='table'", null)) {
|
while (c.moveToNext()) {
|
String name = c.getString(0);
|
// Skip tables managed by SQLiteDatabase
|
if ("android_metadata".equals(name) || "sqlite_sequence".equals(name)) {
|
continue;
|
}
|
db.execSQL("DROP TABLE IF EXISTS " + name);
|
}
|
}
|
|
try (Cursor c = db.rawQuery("SELECT name FROM sqlite_master WHERE type ='trigger'", null)) {
|
while (c.moveToNext()) {
|
String name = c.getString(0);
|
db.execSQL("DROP TRIGGER IF EXISTS " + name);
|
}
|
}
|
}
|
}
|
