Bug 1080304 - Reject RestrictedProfiles.isAllowed calls for unknown actions. r=mfinkle

This commit is contained in:
Richard Newman 2014-10-09 08:23:55 -07:00
parent dd752a45d8
commit 30ef01306b

View File

@ -5,22 +5,18 @@
package org.mozilla.gecko;
import java.util.Set;
import org.json.JSONException;
import org.json.JSONObject;
import java.lang.StringBuilder;
import java.util.ArrayList;
import java.util.List;
import java.util.HashSet;
import org.mozilla.gecko.mozglue.RobocopTarget;
import java.util.Set;
import org.json.JSONException;
import org.json.JSONObject;
import org.mozilla.gecko.AppConstants.Versions;
import org.mozilla.gecko.mozglue.RobocopTarget;
import org.mozilla.gecko.mozglue.generatorannotations.WrapElementForJNI;
import android.annotation.TargetApi;
import android.content.Context;
import android.net.Uri;
import android.os.Build;
import android.os.Bundle;
import android.os.UserManager;
import android.util.Log;
@ -87,14 +83,34 @@ public class RestrictedProfiles {
throw new IllegalArgumentException("Unknown action " + action);
}
@TargetApi(Build.VERSION_CODES.JELLY_BEAN_MR1)
@RobocopTarget
private static Bundle getRestrictions() {
final UserManager mgr = (UserManager) GeckoAppShell.getContext().getSystemService(Context.USER_SERVICE);
return mgr.getUserRestrictions();
}
/**
* This method does the system version check for you.
*
* Returns false if the system doesn't support restrictions,
* or the provided value is not present in the set of user
* restrictions.
*
* Returns true otherwise.
*/
private static boolean getRestriction(final String name) {
// Early versions don't support restrictions at all,
// so no action can be restricted.
if (Versions.preJBMR2) {
return false;
}
return getRestrictions().getBoolean(name, false);
}
private static boolean canLoadUrl(final String url) {
// Null urls are always allowed
// Null URLs are always permitted.
if (url == null) {
return true;
}
@ -102,7 +118,7 @@ public class RestrictedProfiles {
try {
// If we're not in guest mode, and the system restriction isn't in place, everything is allowed.
if (!getInGuest() &&
!getRestrictions().getBoolean(Restriction.DISALLOW_BROWSE_FILES.name, false)) {
!getRestriction(Restriction.DISALLOW_BROWSE_FILES.name)) {
return true;
}
} catch (IllegalArgumentException ex) {
@ -121,13 +137,13 @@ public class RestrictedProfiles {
}
}
// TODO: The UserManager should support blacklisting urls by the device owner.
// TODO: The UserManager should support blacklisting URLs by the device owner.
return true;
}
@WrapElementForJNI
public static boolean isUserRestricted() {
// Guest mode is supported in all Android versions
// Guest mode is supported in all Android versions.
if (getInGuest()) {
return true;
}
@ -145,34 +161,27 @@ public class RestrictedProfiles {
@WrapElementForJNI
public static boolean isAllowed(int action, String url) {
// Guest users can't do anything.
if (getInGuest()) {
return false;
}
final Restriction restriction;
try {
restriction = geckoActionToRestriction(action);
} catch (IllegalArgumentException ex) {
return true;
// Unknown actions represent a coding error, so we
// refuse the action and log.
Log.e(LOGTAG, "Unknown action " + action + "; check calling code.");
return false;
}
if (Restriction.DISALLOW_BROWSE_FILES == restriction) {
return canLoadUrl(url);
}
// ALl actions are blocked in Guest mode
if (getInGuest()) {
return false;
}
if (Versions.preJBMR2) {
return true;
}
try {
// NOTE: Restrictions hold the opposite intention, so we need to flip it
return !getRestrictions().getBoolean(restriction.name, false);
} catch(IllegalArgumentException ex) {
Log.i(LOGTAG, "Invalid action", ex);
}
return true;
// NOTE: Restrictions hold the opposite intention, so we need to flip it.
return !getRestriction(restriction.name);
}
@WrapElementForJNI