Search code examples
androidandroid-widgetandroid-contentprovider

Widget with content provider; impossible to use ReadPermission?

So I've just implemented a widget for my app. It gets its data from the database through my ContentProvider. I define my own read/write-permissions in my manifest, state that I use them (doesn't seem to make a difference), and require them in the content provider:

<!-- Define my permissions for the provider -->
<permission
    android:name="com.nononsenseapps.notepad.permissions.read"
    android:description="@string/permission_read_desc"
    android:label="@string/permission_read_label"
    android:permissionGroup="android.permission-group.PERSONAL_INFO"
    android:protectionLevel="normal" />
<permission
    android:name="com.nononsenseapps.notepad.permissions.write"
    android:description="@string/permission_write_desc"
    android:label="@string/permission_write_label"
    android:permissionGroup="android.permission-group.PERSONAL_INFO"
    android:protectionLevel="normal" />
......
<uses-permission android:name="com.nononsenseapps.notepad.permissions.read" />
<uses-permission android:name="com.nononsenseapps.notepad.permissions.write" />
<uses-permission android:name="android.permission.BIND_REMOTEVIEWS" />
......
<provider
        android:name=".NotePadProvider"
        android:authorities="com.nononsenseapps.NotePad"
        android:enabled="true"
        android:exported="true"
        android:label="@string/app_name"
        android:readPermission="com.nononsenseapps.notepad.permissions.read"
        android:syncable="true"
        android:writePermission="com.nononsenseapps.notepad.permissions.write" >
        <grant-uri-permission android:pathPattern=".*" />
    </provider>

I update my widget through a Service (as per the widget tutorial):

    <!-- List Widget -->
    <receiver android:name="com.nononsenseapps.notepad.widget.ListWidgetProvider" >
        <intent-filter>
            <action android:name="android.appwidget.action.APPWIDGET_UPDATE" />
        </intent-filter>

        <meta-data
            android:name="android.appwidget.provider"
            android:resource="@xml/listwidgetinfo" />
    </receiver>

    <service
        android:name="com.nononsenseapps.notepad.widget.ListWidgetService"
        android:exported="false"
        android:permission="android.permission.BIND_REMOTEVIEWS" />

And that Service in turn does this (with a bunch of code not included):

/**
 * This is the service that provides the factory to be bound to the collection
 * service.
 */
public class ListWidgetService extends RemoteViewsService {

@Override
public RemoteViewsFactory onGetViewFactory(Intent intent) {
    return new StackRemoteViewsFactory(this.getApplicationContext(), intent);
}
}

/**
 * This is the factory that will provide data to the collection widget.
 */
class StackRemoteViewsFactory implements RemoteViewsService.RemoteViewsFactory {

public StackRemoteViewsFactory(Context context, Intent intent) {
    mContext = context;
    observer = new ListChecker(null);
    mAppWidgetId = intent.getIntExtra(AppWidgetManager.EXTRA_APPWIDGET_ID,
            AppWidgetManager.INVALID_APPWIDGET_ID);
}
public void onDataSetChanged() {
    Log.d(TAG, "onDataSetChanged");
    // Refresh the cursor
    if (mCursor != null) {
        mCursor.close();
    }

    // Get widget settings
    SharedPreferences settings = mContext.getSharedPreferences(
            ListWidgetConfigure.getSharedPrefsFile(mAppWidgetId),
            mContext.MODE_PRIVATE);
    if (settings != null) {
        String listWhere = settings.getString(ListWidgetConfigure.LIST_WHERE, null);
        listId  = settings.getLong(ListWidgetConfigure.LIST_ID, -1);
        String sortOn = settings.getString(ListWidgetConfigure.SORT_ON, NotePad.Notes.ALPHABETIC_ASC_ORDER);

        mCursor = mContext.getContentResolver().query(
                NotePadProvider.CONTENT_VISIBLE_URI, PROJECTION, listWhere, null,
                sortOn);
    }
}
}

So here's the problem: when I add the widget to the homescreen, a SecurityException is immediately thrown inside the onDataSetChanged() method when I try to query the provider. This appears to be because the homescreen does not hold the permission to read my content provider. My intuition was that it would not be a problem since my own app has the permission, and the service is obviously a part of my app.

Everything works beautifully if I remove the ReadPermission requirement from the provider. But that seems like a security problem because then any app can access the provider without the user having to approve anything.

So is there a way to use a provider with a ReadPermission with a widget? Or are you forced to use an unsecured exported provider?

Solution

  • I was able to find the answer here, credit goes to Kostya Vasilyev.

    While the context is actually correct, it is bound to the wrong process.

    So the key is to do this:

    public void onDataSetChanged() {
     // Revert back to our process' identity so we can work with our
     // content provider
     final long identityToken = Binder.clearCallingIdentity();

     // Update your cursor or whatever here
     // ...

     // Restore the identity - not sure if it's needed since we're going
     // to return right here, but it just *seems* cleaner
     Binder.restoreCallingIdentity(identityToken);
}