CMSettings: Validate name and value for System settings
Verify that the name and value being inserted/updated are correct. Change-Id: I0243556701b1d303ca52135178b055c2fd87671c
This commit is contained in:
parent
3ddf435fb4
commit
f7f6d14148
|
@ -20,7 +20,6 @@ import android.app.ActivityManager;
|
|||
import android.content.BroadcastReceiver;
|
||||
import android.content.ContentProvider;
|
||||
import android.content.ContentResolver;
|
||||
import android.content.ContentUris;
|
||||
import android.content.ContentValues;
|
||||
import android.content.Context;
|
||||
import android.content.Intent;
|
||||
|
@ -29,7 +28,6 @@ import android.content.SharedPreferences;
|
|||
import android.content.UriMatcher;
|
||||
import android.content.pm.PackageManager;
|
||||
import android.content.pm.UserInfo;
|
||||
import android.content.res.Configuration;
|
||||
import android.database.AbstractCursor;
|
||||
import android.database.Cursor;
|
||||
import android.database.sqlite.SQLiteDatabase;
|
||||
|
@ -505,12 +503,18 @@ public class CMSettingsProvider extends ContentProvider {
|
|||
|
||||
CMDatabaseHelper dbHelper = getOrEstablishDatabase(getUserIdForTable(tableName, userId));
|
||||
|
||||
// Validate value if inserting int System table
|
||||
final String name = values.getAsString(Settings.NameValueTable.NAME);
|
||||
if (CMDatabaseHelper.CMTableNames.TABLE_SYSTEM.equals(tableName)) {
|
||||
final String value = values.getAsString(Settings.NameValueTable.VALUE);
|
||||
validateSystemSettingNameValue(name, value);
|
||||
}
|
||||
|
||||
SQLiteDatabase db = dbHelper.getWritableDatabase();
|
||||
long rowId = db.insert(tableName, null, values);
|
||||
|
||||
Uri returnUri = null;
|
||||
if (rowId > -1) {
|
||||
String name = values.getAsString(Settings.NameValueTable.NAME);
|
||||
returnUri = Uri.withAppendedPath(uri, name);
|
||||
notifyChange(returnUri, tableName, userId);
|
||||
if (LOCAL_LOGV) Log.d(TAG, "Inserted row id: " + rowId + " into tableName: " +
|
||||
|
@ -568,6 +572,13 @@ public class CMSettingsProvider extends ContentProvider {
|
|||
String tableName = getTableNameFromUri(uri);
|
||||
checkWritePermissions(tableName);
|
||||
|
||||
// Validate value if updating System table
|
||||
final String name = values.getAsString(Settings.NameValueTable.NAME);
|
||||
if (CMDatabaseHelper.CMTableNames.TABLE_SYSTEM.equals(tableName)) {
|
||||
final String value = values.getAsString(Settings.NameValueTable.VALUE);
|
||||
validateSystemSettingNameValue(name, value);
|
||||
}
|
||||
|
||||
int callingUserId = UserHandle.getCallingUserId();
|
||||
CMDatabaseHelper dbHelper = getOrEstablishDatabase(getUserIdForTable(tableName,
|
||||
callingUserId));
|
||||
|
@ -763,5 +774,17 @@ public class CMSettingsProvider extends ContentProvider {
|
|||
if (LOCAL_LOGV) Log.v(TAG, "notifying for " + notifyTarget + ": " + uri);
|
||||
}
|
||||
|
||||
private void validateSystemSettingNameValue(String name, String value) {
|
||||
CMSettings.System.Validator validator = CMSettings.System.VALIDATORS.get(name);
|
||||
if (validator == null) {
|
||||
throw new IllegalArgumentException("Invalid setting: " + name);
|
||||
}
|
||||
|
||||
if (!validator.validate(value)) {
|
||||
throw new IllegalArgumentException("Invalid value: " + value
|
||||
+ " for setting: " + name);
|
||||
}
|
||||
}
|
||||
|
||||
// TODO Add caching
|
||||
}
|
||||
|
|
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue