Merge "Add plumbing for disallowing attachment download per policy"

emailcommon/src/com/android/emailcommon/provider/EmailContent.java

@@ -1986,6 +1986,9 @@ public abstract class EmailContent {
         // Allow "room" for some additional download-related flags here
         // Indicates that the attachment will be smart-forwarded
         public static final int FLAG_SMART_FORWARD = 1<<8;
+        // Indicates that the attachment cannot be forwarded due to a policy restriction
+        public static final int FLAG_POLICY_DISALLOWS_DOWNLOAD = 1<<9;
+
         /**
          * no public constructor since this is a utility class
          */

res/values/strings.xml

@@ -394,6 +394,10 @@ save attachment.</string>
     <string name="attachment_info_malware">
             Because this type of attachment may contain malicious software,
             you can\'t save or open it.</string>
+    <!-- Message body when the attachment can't be loaded due to security policy restrictions -->
+    <string name="attachment_info_policy">
+            This attachment can\'t be saved or opened due to the security policies
+            in force for this account.</string>
     <!-- Message body when the attachment can only be downloaded over Wi-Fi -->
     <string name="attachment_info_wifi_only">
             This attachment is too large to download over a mobile network.

src/com/android/email/AttachmentInfo.java

@@ -40,13 +40,14 @@ import java.util.List;
 public class AttachmentInfo {
     // Projection which can be used with the constructor taking a Cursor argument
     public static final String[] PROJECTION = new String[] {Attachment.RECORD_ID, Attachment.SIZE,
-        Attachment.FILENAME, Attachment.MIME_TYPE, Attachment.ACCOUNT_KEY};
+        Attachment.FILENAME, Attachment.MIME_TYPE, Attachment.ACCOUNT_KEY, Attachment.FLAGS};
     // Offsets into PROJECTION
     public static final int COLUMN_ID = 0;
     public static final int COLUMN_SIZE = 1;
     public static final int COLUMN_FILENAME = 2;
     public static final int COLUMN_MIME_TYPE = 3;
     public static final int COLUMN_ACCOUNT_KEY = 4;
+    public static final int COLUMN_FLAGS = 5;
 
     /** Attachment not denied */
     public static final int ALLOW           = 0x00;
@@ -61,12 +62,15 @@ public class AttachmentInfo {
     // TODO Remove DENY_APKINSTALL when we can install directly from the Email activity
     /** Unable to install any APK */
     public static final int DENY_APKINSTALL = 0x10;
+    /** Security policy prohibits install */
+    public static final int DENY_POLICY = 0x20;
 
     public final long mId;
     public final long mSize;
     public final String mName;
     public final String mContentType;
     public final long mAccountKey;
+    public final int mFlags;
 
     /** Whether or not this attachment can be viewed */
     public final boolean mAllowView;
@@ -79,25 +83,28 @@ public class AttachmentInfo {
 
     public AttachmentInfo(Context context, Attachment attachment) {
         this(context, attachment.mId, attachment.mSize, attachment.mFileName, attachment.mMimeType,
-                attachment.mAccountKey);
+                attachment.mAccountKey, attachment.mFlags);
     }
 
     public AttachmentInfo(Context context, Cursor c) {
         this(context, c.getLong(COLUMN_ID), c.getLong(COLUMN_SIZE), c.getString(COLUMN_FILENAME),
-                c.getString(COLUMN_MIME_TYPE), c.getLong(COLUMN_ACCOUNT_KEY));
+                c.getString(COLUMN_MIME_TYPE), c.getLong(COLUMN_ACCOUNT_KEY),
+                c.getInt(COLUMN_FLAGS));
     }
 
     public AttachmentInfo(Context context, AttachmentInfo info) {
-        this(context, info.mId, info.mSize, info.mName, info.mContentType, info.mAccountKey);
+        this(context, info.mId, info.mSize, info.mName, info.mContentType, info.mAccountKey,
+                info.mFlags);
     }
 
     public AttachmentInfo(Context context, long id, long size, String fileName, String mimeType,
-            long accountKey) {
+            long accountKey, int flags) {
         mSize = size;
         mContentType = AttachmentUtilities.inferMimeType(fileName, mimeType);
         mName = fileName;
         mId = id;
         mAccountKey = accountKey;
+        mFlags = flags;
         boolean canView = true;
         boolean canSave = true;
         boolean canInstall = false;
@@ -126,6 +133,13 @@ public class AttachmentInfo {
             denyFlags |= DENY_MALWARE;
         }
 
+        // Check for policy restrictions on download
+        if ((flags & Attachment.FLAG_POLICY_DISALLOWS_DOWNLOAD) != 0) {
+            canView = false;
+            canSave = false;
+            denyFlags |= DENY_POLICY;
+        }
+
         // Check for installable attachments by filename extension
         extension = AttachmentUtilities.getFilenameExtension(mName);
         if (!TextUtils.isEmpty(extension) &&

src/com/android/email/activity/AttachmentInfoDialog.java

@@ -55,6 +55,8 @@ public class AttachmentInfoDialog extends DialogFragment {
         // malware).
         if ((denyFlags & AttachmentInfo.DENY_MALWARE) != 0) {
             bodyText = res.getString(R.string.attachment_info_malware);
+        } else if ((denyFlags & AttachmentInfo.DENY_POLICY) != 0) {
+            bodyText = res.getString(R.string.attachment_info_policy);
         } else if ((denyFlags & AttachmentInfo.DENY_NOINTENT) != 0) {
             bodyText = res.getString(R.string.attachment_info_no_intent);
         } else if ((denyFlags & AttachmentInfo.DENY_NOSIDELOAD) != 0) {