From 9d9b481a85df540f8f338d28919802828a387efe Mon Sep 17 00:00:00 2001 From: Marc Blank Date: Tue, 10 May 2011 18:10:02 -0700 Subject: [PATCH] Add plumbing for disallowing attachment download per policy Change-Id: I860dfb5c28933dcd4bf96c8e4bc890bff0f53c42 --- .../emailcommon/provider/EmailContent.java | 3 +++ res/values/strings.xml | 4 ++++ src/com/android/email/AttachmentInfo.java | 24 +++++++++++++++---- .../email/activity/AttachmentInfoDialog.java | 2 ++ 4 files changed, 28 insertions(+), 5 deletions(-) diff --git a/emailcommon/src/com/android/emailcommon/provider/EmailContent.java b/emailcommon/src/com/android/emailcommon/provider/EmailContent.java index 702ab8b47..82124fd80 100644 --- a/emailcommon/src/com/android/emailcommon/provider/EmailContent.java +++ b/emailcommon/src/com/android/emailcommon/provider/EmailContent.java @@ -2021,6 +2021,9 @@ public abstract class EmailContent { // Allow "room" for some additional download-related flags here // Indicates that the attachment will be smart-forwarded public static final int FLAG_SMART_FORWARD = 1<<8; + // Indicates that the attachment cannot be forwarded due to a policy restriction + public static final int FLAG_POLICY_DISALLOWS_DOWNLOAD = 1<<9; + /** * no public constructor since this is a utility class */ diff --git a/res/values/strings.xml b/res/values/strings.xml index f080dfc3e..6a5a5301a 100644 --- a/res/values/strings.xml +++ b/res/values/strings.xml @@ -394,6 +394,10 @@ save attachment. Because this type of attachment may contain malicious software, you can\'t save or open it. + + + This attachment can\'t be saved or opened due to the security policies + in force for this account. This attachment is too large to download over a mobile network. diff --git a/src/com/android/email/AttachmentInfo.java b/src/com/android/email/AttachmentInfo.java index d658d5396..cedb63ea9 100644 --- a/src/com/android/email/AttachmentInfo.java +++ b/src/com/android/email/AttachmentInfo.java @@ -40,13 +40,14 @@ import java.util.List; public class AttachmentInfo { // Projection which can be used with the constructor taking a Cursor argument public static final String[] PROJECTION = new String[] {Attachment.RECORD_ID, Attachment.SIZE, - Attachment.FILENAME, Attachment.MIME_TYPE, Attachment.ACCOUNT_KEY}; + Attachment.FILENAME, Attachment.MIME_TYPE, Attachment.ACCOUNT_KEY, Attachment.FLAGS}; // Offsets into PROJECTION public static final int COLUMN_ID = 0; public static final int COLUMN_SIZE = 1; public static final int COLUMN_FILENAME = 2; public static final int COLUMN_MIME_TYPE = 3; public static final int COLUMN_ACCOUNT_KEY = 4; + public static final int COLUMN_FLAGS = 5; /** Attachment not denied */ public static final int ALLOW = 0x00; @@ -61,12 +62,15 @@ public class AttachmentInfo { // TODO Remove DENY_APKINSTALL when we can install directly from the Email activity /** Unable to install any APK */ public static final int DENY_APKINSTALL = 0x10; + /** Security policy prohibits install */ + public static final int DENY_POLICY = 0x20; public final long mId; public final long mSize; public final String mName; public final String mContentType; public final long mAccountKey; + public final int mFlags; /** Whether or not this attachment can be viewed */ public final boolean mAllowView; @@ -79,25 +83,28 @@ public class AttachmentInfo { public AttachmentInfo(Context context, Attachment attachment) { this(context, attachment.mId, attachment.mSize, attachment.mFileName, attachment.mMimeType, - attachment.mAccountKey); + attachment.mAccountKey, attachment.mFlags); } public AttachmentInfo(Context context, Cursor c) { this(context, c.getLong(COLUMN_ID), c.getLong(COLUMN_SIZE), c.getString(COLUMN_FILENAME), - c.getString(COLUMN_MIME_TYPE), c.getLong(COLUMN_ACCOUNT_KEY)); + c.getString(COLUMN_MIME_TYPE), c.getLong(COLUMN_ACCOUNT_KEY), + c.getInt(COLUMN_FLAGS)); } public AttachmentInfo(Context context, AttachmentInfo info) { - this(context, info.mId, info.mSize, info.mName, info.mContentType, info.mAccountKey); + this(context, info.mId, info.mSize, info.mName, info.mContentType, info.mAccountKey, + info.mFlags); } public AttachmentInfo(Context context, long id, long size, String fileName, String mimeType, - long accountKey) { + long accountKey, int flags) { mSize = size; mContentType = AttachmentUtilities.inferMimeType(fileName, mimeType); mName = fileName; mId = id; mAccountKey = accountKey; + mFlags = flags; boolean canView = true; boolean canSave = true; boolean canInstall = false; @@ -126,6 +133,13 @@ public class AttachmentInfo { denyFlags |= DENY_MALWARE; } + // Check for policy restrictions on download + if ((flags & Attachment.FLAG_POLICY_DISALLOWS_DOWNLOAD) != 0) { + canView = false; + canSave = false; + denyFlags |= DENY_POLICY; + } + // Check for installable attachments by filename extension extension = AttachmentUtilities.getFilenameExtension(mName); if (!TextUtils.isEmpty(extension) && diff --git a/src/com/android/email/activity/AttachmentInfoDialog.java b/src/com/android/email/activity/AttachmentInfoDialog.java index 5a1fc457f..1f0c1991b 100644 --- a/src/com/android/email/activity/AttachmentInfoDialog.java +++ b/src/com/android/email/activity/AttachmentInfoDialog.java @@ -55,6 +55,8 @@ public class AttachmentInfoDialog extends DialogFragment { // malware). if ((denyFlags & AttachmentInfo.DENY_MALWARE) != 0) { bodyText = res.getString(R.string.attachment_info_malware); + } else if ((denyFlags & AttachmentInfo.DENY_POLICY) != 0) { + bodyText = res.getString(R.string.attachment_info_policy); } else if ((denyFlags & AttachmentInfo.DENY_NOINTENT) != 0) { bodyText = res.getString(R.string.attachment_info_no_intent); } else if ((denyFlags & AttachmentInfo.DENY_NOSIDELOAD) != 0) {