上面是我做的一个轮播图notification的录屏演示。它的本质就是一个自定义通知,但为了实现这个效果,还需要对FileProvider进行一点改造。接下来我就来讲解如何实现这个功能。
如何下载图片
我建议使用协程进行并发的图片下载,其中单个图片的下载可以使用 Picasso 来完成。
val bitmap = Picasso.get().load(url).get()自定义notification
由于 Android 原生没有提供这种样式的 notification,我们需要使用自定义 notification 来实现,所以我们发送通知的代码如下:
// 稍后会讲解 remoteViews 是如何创建的
val notification = NotificationCompat.Builder(requireContext(), CHANNEL_ID)
.setSmallIcon(R.drawable.baseline_photo_library_24)
.setContentTitle("ContentTitle")
.setContentText("Expand to view carousel notification")
.setCustomBigContentView(remoteViews)
.build()
NotificationManagerCompat.from(requireContext()).apply {
notify(generateId(), notification)
}RemoteViews XML 布局
自定义 notification 需要用到 RemoteViews。尽管 RemoteViews 也是使用 xml 来进行声明,但因为这个布局最终要被系统所加载,所以它内部所能使用的控件都是受限的,具体支持的控件可以参考下面的文档:
Android 提供的 ViewFlipper 可以让我们实现轮播效果。
接下来实现我们的 RemoteViews 的 xml 布局 layout_remote_custom_carousel.xml:
<?xml version="1.0" encoding="utf-8"?>
<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:tools="http://schemas.android.com/tools"
android:layout_width="match_parent"
android:layout_height="match_parent"
android:orientation="vertical">
<TextView
android:id="@+id/title"
style="@style/TextAppearance.Compat.Notification.Title"
android:layout_width="match_parent"
android:layout_height="wrap_content"
tools:text="Custom Title" />
<TextView
android:id="@+id/desc"
style="@style/TextAppearance.Compat.Notification.Line2"
android:layout_width="match_parent"
android:layout_height="wrap_content"
tools:text="Custom Desc Custom Desc Custom Desc Custom Desc" />
<ViewFlipper
android:id="@+id/view_flipper"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:layout_gravity="center_vertical"
android:autoStart="true"
android:flipInterval="3000"
android:inAnimation="@anim/slide_in_right"
android:outAnimation="@anim/slide_out_left" />
</LinearLayout>其中 slide_in_right 和 slide_out_left 是 ViewFlipper 切换视图时所使用的动画,这里我们做简单的 translate 动画即可:
slide_in_right.xml
<?xml version="1.0" encoding="utf-8"?>
<set xmlns:android="http://schemas.android.com/apk/res/android">
<translate android:fromXDelta="100%p" android:toXDelta="0"
android:duration="@android:integer/config_mediumAnimTime"/>
</set>slide_out_left.xml
<?xml version="1.0" encoding="utf-8"?>
<set xmlns:android="http://schemas.android.com/apk/res/android">
<translate android:fromXDelta="0" android:toXDelta="-100%p"
android:duration="@android:integer/config_mediumAnimTime"/>
</set>填充 RemoteViews
在刚才的代码里,并没有 remoteViews 的声明,这里我们来创建 remoteViews:
val remoteViews = RemoteViews(
requireContext().packageName,
R.layout.layout_remote_custom_carousel
)
remoteViews.setTextViewText(R.id.title, "Travel to Republic of Singapore")
remoteViews.setTextViewText(
R.id.desc,
"Singapore is open to all travellers without quarantine or testing requirements"
)现在我们只是将 layout_remote_custom_carousel.xml 加载并给其中的 TextView 设置了文案,但里面的 ViewFlipper 其实并没有内容,接下来我们要给 ViewFlipper 填充内容。
ViewFlipper 中的单个元素布局
我们要给 ViewFlipper 添加元素,可以通过这个接口 remoteViews.addView(R.id.view_flipper, childView) 来添加,其中 childView 也是一个 RemoteViews。
接下来定义单个元素的布局 layout_remote_custom_carousel_item.xml:
<?xml version="1.0" encoding="utf-8"?>
<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"
android:id="@+id/root"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:orientation="vertical">
<TextView
android:id="@+id/title"
style="@style/TextAppearance.Compat.Notification.Info"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:ellipsize="end"
android:maxLines="1" />
<FrameLayout
android:layout_width="match_parent"
android:layout_height="wrap_content">
<ImageView
android:id="@+id/image_view"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:adjustViewBounds="true"
android:scaleType="centerCrop" />
<TextView
android:id="@+id/desc"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:layout_gravity="bottom"
android:background="@drawable/shadow_bottom_up"
android:padding="6dp"
android:paddingTop="10dp"
android:textColor="#ffffff"
android:textSize="12dp" />
</FrameLayout>
</LinearLayout>给 ViewFlipper 增加轮播元素
假设我这里有一个 val bitmaps: List<Bitmap>? 其中存储的是轮播图片的 bitmap,dataTriples 为 Triple 数组,其中每个 Triple.second 存储的是单个轮播元素的的标题,Triple.third 存储的是单个轮播元素图片上的描述。依次遍历 bitmaps并构造 RemoteViews 然后执行 remoteViews.addView 即可。
val childViews = Array(bitmaps.size) {
val remoteView = RemoteViews(
requireContext().packageName,
R.layout.layout_remote_custom_carousel_item
)
remoteView.setImageViewBitmap(R.id.image_view, bitmapUris[it])
remoteView.setTextViewText(R.id.title, dataTriples[it].second)
remoteView.setTextViewText(R.id.desc, dataTriples[it].third)
val pendingIntent = ...
remoteView.setOnClickPendingIntent(R.id.root, pendingIntent)
remoteView
}
for (each in childViews) {
remoteViews.addView(R.id.view_flipper, each)
}尝试运行:无效
如果你真的按照我上面写的方式运行,取决于你的系统版本,你可能会发现 notification 的 ViewFlipper 中并没有内容,这是因为我们为了显示轮播图,传了多个 bitmap 给系统,且因为单个 bitmap 本身占用内存很大,当传递了多个 bitmap 时很容易被系统判定为传递数据过大,观察 logcat 可以看到类似下面的日志:
NotificationService system_server W Removed too large RemoteViews (10093824 bytes) on pkg: com.example.shawtest tag: null id: 2
因此我们不能使用 RemoteViews.setImageViewBitmap ,而应该用 RemoteViews.setImageViewUri,避免向系统直接传递 bitmap。
保存文件并传递 Uri
由于直接传递文件路径会被系统抛出 FileUriExposedException,因此我们在保存 bitmap 到文件后,还需要将文件转换为 Uri。
标准 FileProvider 可能无法工作
例如下面的代码保存 bitmap 到文件后,再通过标准 FileProvider 获取 Uri:
val bitmap = Picasso.get().load(url).get()
val file = File(dir, UUID.randomUUID().toString())
file.outputStream().use {
bitmap.compress(Bitmap.CompressFormat.WEBP, 90, it)
}
bitmap.recycle()
FileProvider.getUriForFile(requireContext(), authority, file)然后通过下面的代码设置路径
remoteView.setImageViewUri(R.id.image_view, bitmapUris[it])你可能会在 Android 12 以前以及部分 Android 13 系统上发现系统没有权限访问我们设置的 Uri:
android.widget.RemoteViews$ActionException: java.lang.SecurityException: Permission Denial: reading androidx.core.content.FileProvider uri content://com.example.shawtest.fileprovider/internal_cache/d2c5d24e-f9c1–48c4–9d5d-56f55f3efe42 from pid=2558, uid=1000 requires the provider be exported, or grantUriPermission()
如果你尝试将 FileProvider 的 exported 属性设为 true,则 app 一启动就会崩溃,因为 FileProvider 会在运行时检查 exported 是否设置为 false,如果不为 false,则直接抛异常:
@Override
public void attachInfo(@NonNull Context context, @NonNull ProviderInfo info) {
super.attachInfo(context, info);
// Check our security attributes
if (info.exported) {
throw new SecurityException("Provider must not be exported");
}
...
}修改 FileProvider 使其 exported 可以为 true
既然如此,我们可以复制一份 FileProvider,删除相关的检查代码,使其可以设置 exported 为 true,不妨叫它 ExportedFileProvider:
@Override
public void attachInfo(@NonNull Context context, @NonNull ProviderInfo info) {
super.attachInfo(context, info);
// Check our security attributes
// if (info.exported) {
// throw new SecurityException("Provider must not be exported");
// }
...
}在 Manifest 中声明,注意我使用了一个特别的 authorities:
<provider
android:name=".fileprovider.ExportedFileProvider"
android:authorities="${applicationId}.fileprovider.exported"
android:exported="true">
<meta-data
android:name="android.support.FILE_PROVIDER_PATHS"
android:resource="@xml/exported_filepaths" />
</provider>
</application>
</manifest>这里我选择将文件存储到内部的缓存目录。
由于 exported 为 true 的 FileProvider,允许第三方 app 访问任何暴露的路径,因此我们可以添加一个子目录 exported/ 避免将整个缓存目录暴露给其他 app。
exported_filepaths.xml:
<?xml version="1.0" encoding="utf-8"?>
<paths xmlns:android="http://schemas.android.com/apk/res/android">
<cache-path name="internal_cache" path="exported/" />
</paths>修改保存文件的代码,注意我们要保存到 ExportedFileProvider 可以暴露的路径下:
val dir = File(requireContext().cacheDir, "exported")
// 请确保路径 dir 存在
val bitmap = Picasso.get().load(url).get()
val file = File(dir, UUID.randomUUID().toString())
file.outputStream().use {
bitmap.compress(Bitmap.CompressFormat.WEBP, 90, it)
}
bitmap.recycle()
ExportedFileProvider.getUriForFile(requireContext(), authority, file)这样任意进程,包括系统进程就可以直接访问我们传递过去的 Uri 了。
注意其他任何文件都不应该保存到这个目录下,因为这个目录可以被任意第三方 app 访问
关于 ExportedFileProvider 的更多安全性修改
FileProvider 是禁止 exported 为 true 的,所以它有很多代码都是假设不会有第三方 app 直接访问它。由于 ExportedFileProvider exported 为 true,任何 app 都可以访问它,所以我们还需要在 ExportedFileProvider 中做一些修改,才能避免它被恶意 app 利用。
禁止删除,避免其他 app 试图删除我们暴露的目录下的文件:
@Override
public int delete(@NonNull Uri uri, @Nullable String selection,
@Nullable String[] selectionArgs) {
// ContentProvider has already checked granted permissions
// final File file = mStrategy.getFileForUri(uri);
// return file.delete() ? 1 : 0;
throw new UnsupportedOperationException("No external delete");
}禁止使用只读以外的模式打开文件,避免其他 app 试图修改或者写入文件到我们暴露的目录下:
/**
* Copied from ContentResolver.java
*/
private static int modeToMode(String mode) {
int modeBits;
if ("r".equals(mode)) {
modeBits = ParcelFileDescriptor.MODE_READ_ONLY;
// } else if ("w".equals(mode) || "wt".equals(mode)) {
// modeBits = ParcelFileDescriptor.MODE_WRITE_ONLY
// | ParcelFileDescriptor.MODE_CREATE
// | ParcelFileDescriptor.MODE_TRUNCATE;
// } else if ("wa".equals(mode)) {
// modeBits = ParcelFileDescriptor.MODE_WRITE_ONLY
// | ParcelFileDescriptor.MODE_CREATE
// | ParcelFileDescriptor.MODE_APPEND;
// } else if ("rw".equals(mode)) {
// modeBits = ParcelFileDescriptor.MODE_READ_WRITE
// | ParcelFileDescriptor.MODE_CREATE;
// } else if ("rwt".equals(mode)) {
// modeBits = ParcelFileDescriptor.MODE_READ_WRITE
// | ParcelFileDescriptor.MODE_CREATE
// | ParcelFileDescriptor.MODE_TRUNCATE;
} else {
throw new IllegalArgumentException("Invalid mode: " + mode);
}
return modeBits;
}ExportedFileProvider 是否有任意路径遍历漏洞
由于 FileProvider 本身代码中 SimplePathStrategy#getFileForUri 有做路径校验,我们在 exported_filepaths.xml 中限制了这个 ExportedFileProvider 只能暴露内部缓存目录下的 exported 目录中的文件。因此 ExportedFileProvider 并不会有任意路径遍历漏洞。只是需要注意,内部缓存目录下的 exported 目录是完全暴露给第三方 app 的,只能用于这类特殊的文件存储。
附录:完整ExportedFileProvider代码
public class ExportedFileProvider extends ContentProvider {
private static final String[] COLUMNS = {
OpenableColumns.DISPLAY_NAME, OpenableColumns.SIZE };
private static final String
META_DATA_FILE_PROVIDER_PATHS = "android.support.FILE_PROVIDER_PATHS";
private static final String TAG_ROOT_PATH = "root-path";
private static final String TAG_FILES_PATH = "files-path";
private static final String TAG_CACHE_PATH = "cache-path";
private static final String TAG_EXTERNAL = "external-path";
private static final String TAG_EXTERNAL_FILES = "external-files-path";
private static final String TAG_EXTERNAL_CACHE = "external-cache-path";
private static final String TAG_EXTERNAL_MEDIA = "external-media-path";
private static final String ATTR_NAME = "name";
private static final String ATTR_PATH = "path";
private static final String DISPLAYNAME_FIELD = "displayName";
private static final File DEVICE_ROOT = new File("/");
@GuardedBy("sCache")
private static final HashMap<String, PathStrategy> sCache = new HashMap<>();
private PathStrategy mStrategy;
private int mResourceId;
public ExportedFileProvider() {
mResourceId = ResourcesCompat.ID_NULL;
}
protected ExportedFileProvider(@XmlRes int resourceId) {
mResourceId = resourceId;
}
/**
* The default FileProvider implementation does not need to be initialized. If you want to
* override this method, you must provide your own subclass of FileProvider.
*/
@Override
public boolean onCreate() {
return true;
}
/**
* After the FileProvider is instantiated, this method is called to provide the system with
* information about the provider.
*
* @param context A {@link Context} for the current component.
* @param info A {@link ProviderInfo} for the new provider.
*/
@SuppressWarnings("StringSplitter")
@Override
public void attachInfo(@NonNull Context context, @NonNull ProviderInfo info) {
super.attachInfo(context, info);
// Check our security attributes
// if (info.exported) {
// throw new SecurityException("Provider must not be exported");
// }
if (!info.grantUriPermissions) {
throw new SecurityException("Provider must grant uri permissions");
}
String authority = info.authority.split(";")[0];
synchronized (sCache) {
sCache.remove(authority);
}
mStrategy = getPathStrategy(context, authority, mResourceId);
}
/**
* Return a content URI for a given {@link File}. Specific temporary
* permissions for the content URI can be set with
* {@link Context#grantUriPermission(String, Uri, int)}, or added
* to an {@link Intent} by calling {@link Intent#setData(Uri) setData()} and then
* {@link Intent#setFlags(int) setFlags()}; in both cases, the applicable flags are
* {@link Intent#FLAG_GRANT_READ_URI_PERMISSION} and
* {@link Intent#FLAG_GRANT_WRITE_URI_PERMISSION}. A FileProvider can only return a
* <code>content</code> {@link Uri} for file paths defined in their <code><paths></code>
* meta-data element. See the Class Overview for more information.
*
* @param context A {@link Context} for the current component.
* @param authority The authority of a {@link FileProvider} defined in a
* {@code <provider>} element in your app's manifest.
* @param file A {@link File} pointing to the filename for which you want a
* <code>content</code> {@link Uri}.
* @return A content URI for the file.
* @throws IllegalArgumentException When the given {@link File} is outside
* the paths supported by the provider.
*/
public static Uri getUriForFile(@NonNull Context context, @NonNull String authority,
@NonNull File file) {
final PathStrategy strategy = getPathStrategy(context, authority, ResourcesCompat.ID_NULL);
return strategy.getUriForFile(file);
}
/**
* Return a content URI for a given {@link File}. Specific temporary
* permissions for the content URI can be set with
* {@link Context#grantUriPermission(String, Uri, int)}, or added
* to an {@link Intent} by calling {@link Intent#setData(Uri) setData()} and then
* {@link Intent#setFlags(int) setFlags()}; in both cases, the applicable flags are
* {@link Intent#FLAG_GRANT_READ_URI_PERMISSION} and
* {@link Intent#FLAG_GRANT_WRITE_URI_PERMISSION}. A FileProvider can only return a
* <code>content</code> {@link Uri} for file paths defined in their <code><paths></code>
* meta-data element. See the Class Overview for more information.
*
* @param context A {@link Context} for the current component.
* @param authority The authority of a {@link FileProvider} defined in a
* {@code <provider>} element in your app's manifest.
* @param file A {@link File} pointing to the filename for which you want a
* <code>content</code> {@link Uri}.
* @param displayName The filename to be displayed. This can be used if the original filename
* is undesirable.
* @return A content URI for the file.
* @throws IllegalArgumentException When the given {@link File} is outside
* the paths supported by the provider.
*/
@SuppressLint("StreamFiles")
@NonNull
public static Uri getUriForFile(@NonNull Context context, @NonNull String authority,
@NonNull File file, @NonNull String displayName) {
Uri uri = getUriForFile(context, authority, file);
return uri.buildUpon().appendQueryParameter(DISPLAYNAME_FIELD, displayName).build();
}
/**
* Use a content URI returned by
* {@link #getUriForFile(Context, String, File) getUriForFile()} to get information about a file
* managed by the FileProvider.
* FileProvider reports the column names defined in {@link OpenableColumns}:
* <ul>
* <li>{@link OpenableColumns#DISPLAY_NAME}</li>
* <li>{@link OpenableColumns#SIZE}</li>
* </ul>
* For more information, see
* {@link ContentProvider#query(Uri, String[], String, String[], String)
* ContentProvider.query()}.
*
* @param uri A content URI returned by {@link #getUriForFile}.
* @param projection The list of columns to put into the {@link Cursor}. If null all columns are
* included.
* @param selection Selection criteria to apply. If null then all data that matches the content
* URI is returned.
* @param selectionArgs An array of {@link String}, containing arguments to bind to
* the <i>selection</i> parameter. The <i>query</i> method scans <i>selection</i> from left to
* right and iterates through <i>selectionArgs</i>, replacing the current "?" character in
* <i>selection</i> with the value at the current position in <i>selectionArgs</i>. The
* values are bound to <i>selection</i> as {@link String} values.
* @param sortOrder A {@link String} containing the column name(s) on which to sort
* the resulting {@link Cursor}.
* @return A {@link Cursor} containing the results of the query.
*
*/
@NonNull
@Override
public Cursor query(@NonNull Uri uri, @Nullable String[] projection, @Nullable String selection,
@Nullable String[] selectionArgs,
@Nullable String sortOrder) {
// ContentProvider has already checked granted permissions
final File file = mStrategy.getFileForUri(uri);
String displayName = uri.getQueryParameter(DISPLAYNAME_FIELD);
if (projection == null) {
projection = COLUMNS;
}
String[] cols = new String[projection.length];
Object[] values = new Object[projection.length];
int i = 0;
for (String col : projection) {
if (OpenableColumns.DISPLAY_NAME.equals(col)) {
cols[i] = OpenableColumns.DISPLAY_NAME;
values[i++] = (displayName == null) ? file.getName() : displayName;
} else if (OpenableColumns.SIZE.equals(col)) {
cols[i] = OpenableColumns.SIZE;
values[i++] = file.length();
}
}
cols = copyOf(cols, i);
values = copyOf(values, i);
final MatrixCursor cursor = new MatrixCursor(cols, 1);
cursor.addRow(values);
return cursor;
}
/**
* Returns the MIME type of a content URI returned by
* {@link #getUriForFile(Context, String, File) getUriForFile()}.
*
* @param uri A content URI returned by
* {@link #getUriForFile(Context, String, File) getUriForFile()}.
* @return If the associated file has an extension, the MIME type associated with that
* extension; otherwise <code>application/octet-stream</code>.
*/
@Nullable
@Override
public String getType(@NonNull Uri uri) {
// ContentProvider has already checked granted permissions
final File file = mStrategy.getFileForUri(uri);
final int lastDot = file.getName().lastIndexOf('.');
if (lastDot >= 0) {
final String extension = file.getName().substring(lastDot + 1);
final String mime = MimeTypeMap.getSingleton().getMimeTypeFromExtension(extension);
if (mime != null) {
return mime;
}
}
return "application/octet-stream";
}
/**
* By default, this method throws an {@link UnsupportedOperationException}. You must
* subclass FileProvider if you want to provide different functionality.
*/
@Override
public Uri insert(@NonNull Uri uri, @NonNull ContentValues values) {
throw new UnsupportedOperationException("No external inserts");
}
/**
* By default, this method throws an {@link UnsupportedOperationException}. You must
* subclass FileProvider if you want to provide different functionality.
*/
@Override
public int update(@NonNull Uri uri, @NonNull ContentValues values, @Nullable String selection,
@Nullable String[] selectionArgs) {
throw new UnsupportedOperationException("No external updates");
}
/**
* Deletes the file associated with the specified content URI, as
* returned by {@link #getUriForFile(Context, String, File) getUriForFile()}. Notice that this
* method does <b>not</b> throw an {@link IOException}; you must check its return value.
*
* @param uri A content URI for a file, as returned by
* {@link #getUriForFile(Context, String, File) getUriForFile()}.
* @param selection Ignored. Set to {@code null}.
* @param selectionArgs Ignored. Set to {@code null}.
* @return 1 if the delete succeeds; otherwise, 0.
*/
@Override
public int delete(@NonNull Uri uri, @Nullable String selection,
@Nullable String[] selectionArgs) {
// ContentProvider has already checked granted permissions
// final File file = mStrategy.getFileForUri(uri);
// return file.delete() ? 1 : 0;
throw new UnsupportedOperationException("No external delete");
}
/**
* By default, FileProvider automatically returns the
* {@link ParcelFileDescriptor} for a file associated with a <code>content://</code>
* {@link Uri}. To get the {@link ParcelFileDescriptor}, call
* {@link ContentResolver#openFileDescriptor(Uri, String)
* ContentResolver.openFileDescriptor}.
*
* To override this method, you must provide your own subclass of FileProvider.
*
* @param uri A content URI associated with a file, as returned by
* {@link #getUriForFile(Context, String, File) getUriForFile()}.
* @param mode Access mode for the file. May be "r" for read-only access, "rw" for read and
* write access, or "rwt" for read and write access that truncates any existing file.
* @return A new {@link ParcelFileDescriptor} with which you can access the file.
*/
@SuppressLint("UnknownNullness") // b/171012356
@Override
public ParcelFileDescriptor openFile(@NonNull Uri uri, @NonNull String mode)
throws FileNotFoundException {
// ContentProvider has already checked granted permissions
final File file = mStrategy.getFileForUri(uri);
final int fileMode = modeToMode(mode);
return ParcelFileDescriptor.open(file, fileMode);
}
/**
* Return {@link PathStrategy} for given authority, either by parsing or
* returning from cache.
*/
private static PathStrategy getPathStrategy(Context context, String authority, int resourceId) {
PathStrategy strat;
synchronized (sCache) {
strat = sCache.get(authority);
if (strat == null) {
try {
strat = parsePathStrategy(context, authority, resourceId);
} catch (IOException e) {
throw new IllegalArgumentException(
"Failed to parse " + META_DATA_FILE_PROVIDER_PATHS + " meta-data", e);
} catch (XmlPullParserException e) {
throw new IllegalArgumentException(
"Failed to parse " + META_DATA_FILE_PROVIDER_PATHS + " meta-data", e);
}
sCache.put(authority, strat);
}
}
return strat;
}
@VisibleForTesting
static XmlResourceParser getFileProviderPathsMetaData(Context context, String authority,
@Nullable ProviderInfo info,
int resourceId) {
if (info == null) {
throw new IllegalArgumentException(
"Couldn't find meta-data for provider with authority " + authority);
}
if (info.metaData == null && resourceId != ResourcesCompat.ID_NULL) {
info.metaData = new Bundle(1);
info.metaData.putInt(META_DATA_FILE_PROVIDER_PATHS, resourceId);
}
final XmlResourceParser in = info.loadXmlMetaData(
context.getPackageManager(), META_DATA_FILE_PROVIDER_PATHS);
if (in == null) {
throw new IllegalArgumentException(
"Missing " + META_DATA_FILE_PROVIDER_PATHS + " meta-data");
}
return in;
}
/**
* Parse and return {@link PathStrategy} for given authority as defined in
* {@link #META_DATA_FILE_PROVIDER_PATHS} {@code <meta-data>}.
*
* @see #getPathStrategy(Context, String, int)
*/
private static PathStrategy parsePathStrategy(Context context, String authority, int resourceId)
throws IOException, XmlPullParserException {
final SimplePathStrategy strat = new SimplePathStrategy(authority);
final ProviderInfo info = context.getPackageManager()
.resolveContentProvider(authority, PackageManager.GET_META_DATA);
final XmlResourceParser in = getFileProviderPathsMetaData(context, authority, info,
resourceId);
int type;
while ((type = in.next()) != END_DOCUMENT) {
if (type == START_TAG) {
final String tag = in.getName();
final String name = in.getAttributeValue(null, ATTR_NAME);
String path = in.getAttributeValue(null, ATTR_PATH);
File target = null;
if (TAG_ROOT_PATH.equals(tag)) {
target = DEVICE_ROOT;
} else if (TAG_FILES_PATH.equals(tag)) {
target = context.getFilesDir();
} else if (TAG_CACHE_PATH.equals(tag)) {
target = context.getCacheDir();
} else if (TAG_EXTERNAL.equals(tag)) {
target = Environment.getExternalStorageDirectory();
} else if (TAG_EXTERNAL_FILES.equals(tag)) {
File[] externalFilesDirs = ContextCompat.getExternalFilesDirs(context, null);
if (externalFilesDirs.length > 0) {
target = externalFilesDirs[0];
}
} else if (TAG_EXTERNAL_CACHE.equals(tag)) {
File[] externalCacheDirs = ContextCompat.getExternalCacheDirs(context);
if (externalCacheDirs.length > 0) {
target = externalCacheDirs[0];
}
} else if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP
&& TAG_EXTERNAL_MEDIA.equals(tag)) {
File[] externalMediaDirs = Api21Impl.getExternalMediaDirs(context);
if (externalMediaDirs.length > 0) {
target = externalMediaDirs[0];
}
}
if (target != null) {
strat.addRoot(name, buildPath(target, path));
}
}
}
return strat;
}
/**
* Strategy for mapping between {@link File} and {@link Uri}.
* <p>
* Strategies must be symmetric so that mapping a {@link File} to a
* {@link Uri} and then back to a {@link File} points at the original
* target.
* <p>
* Strategies must remain consistent across app launches, and not rely on
* dynamic state. This ensures that any generated {@link Uri} can still be
* resolved if your process is killed and later restarted.
*
* @see SimplePathStrategy
*/
interface PathStrategy {
/**
* Return a {@link Uri} that represents the given {@link File}.
*/
Uri getUriForFile(File file);
/**
* Return a {@link File} that represents the given {@link Uri}.
*/
File getFileForUri(Uri uri);
}
/**
* Strategy that provides access to files living under a narrow allowed list
* of filesystem roots. It will throw {@link SecurityException} if callers try
* accessing files outside the configured roots.
* <p>
* For example, if configured with
* {@code addRoot("myfiles", context.getFilesDir())}, then
* {@code context.getFileStreamPath("foo.txt")} would map to
* {@code content://myauthority/myfiles/foo.txt}.
*/
static class SimplePathStrategy implements PathStrategy {
private final String mAuthority;
private final HashMap<String, File> mRoots = new HashMap<>();
SimplePathStrategy(String authority) {
mAuthority = authority;
}
/**
* Add a mapping from a name to a filesystem root. The provider only offers
* access to files that live under configured roots.
*/
void addRoot(String name, File root) {
if (TextUtils.isEmpty(name)) {
throw new IllegalArgumentException("Name must not be empty");
}
try {
// Resolve to canonical path to keep path checking fast
root = root.getCanonicalFile();
} catch (IOException e) {
throw new IllegalArgumentException(
"Failed to resolve canonical path for " + root, e);
}
mRoots.put(name, root);
}
@Override
public Uri getUriForFile(File file) {
String path;
try {
path = file.getCanonicalPath();
} catch (IOException e) {
throw new IllegalArgumentException("Failed to resolve canonical path for " + file);
}
// Find the most-specific root path
Map.Entry<String, File> mostSpecific = null;
for (Map.Entry<String, File> root : mRoots.entrySet()) {
final String rootPath = root.getValue().getPath();
if (path.startsWith(rootPath) && (mostSpecific == null
|| rootPath.length() > mostSpecific.getValue().getPath().length())) {
mostSpecific = root;
}
}
if (mostSpecific == null) {
throw new IllegalArgumentException(
"Failed to find configured root that contains " + path);
}
// Start at first char of path under root
final String rootPath = mostSpecific.getValue().getPath();
if (rootPath.endsWith("/")) {
path = path.substring(rootPath.length());
} else {
path = path.substring(rootPath.length() + 1);
}
// Encode the tag and path separately
path = Uri.encode(mostSpecific.getKey()) + '/' + Uri.encode(path, "/");
return new Uri.Builder().scheme("content")
.authority(mAuthority).encodedPath(path).build();
}
@Override
public File getFileForUri(Uri uri) {
String path = uri.getEncodedPath();
final int splitIndex = path.indexOf('/', 1);
final String tag = Uri.decode(path.substring(1, splitIndex));
path = Uri.decode(path.substring(splitIndex + 1));
final File root = mRoots.get(tag);
if (root == null) {
throw new IllegalArgumentException("Unable to find configured root for " + uri);
}
File file = new File(root, path);
try {
file = file.getCanonicalFile();
} catch (IOException e) {
throw new IllegalArgumentException("Failed to resolve canonical path for " + file);
}
if (!file.getPath().startsWith(root.getPath())) {
throw new SecurityException("Resolved path jumped beyond configured root");
}
return file;
}
}
/**
* Copied from ContentResolver.java
*/
private static int modeToMode(String mode) {
int modeBits;
if ("r".equals(mode)) {
modeBits = ParcelFileDescriptor.MODE_READ_ONLY;
// } else if ("w".equals(mode) || "wt".equals(mode)) {
// modeBits = ParcelFileDescriptor.MODE_WRITE_ONLY
// | ParcelFileDescriptor.MODE_CREATE
// | ParcelFileDescriptor.MODE_TRUNCATE;
// } else if ("wa".equals(mode)) {
// modeBits = ParcelFileDescriptor.MODE_WRITE_ONLY
// | ParcelFileDescriptor.MODE_CREATE
// | ParcelFileDescriptor.MODE_APPEND;
// } else if ("rw".equals(mode)) {
// modeBits = ParcelFileDescriptor.MODE_READ_WRITE
// | ParcelFileDescriptor.MODE_CREATE;
// } else if ("rwt".equals(mode)) {
// modeBits = ParcelFileDescriptor.MODE_READ_WRITE
// | ParcelFileDescriptor.MODE_CREATE
// | ParcelFileDescriptor.MODE_TRUNCATE;
} else {
throw new IllegalArgumentException("Invalid mode: " + mode);
}
return modeBits;
}
private static File buildPath(File base, String... segments) {
File cur = base;
for (String segment : segments) {
if (segment != null) {
cur = new File(cur, segment);
}
}
return cur;
}
private static String[] copyOf(String[] original, int newLength) {
final String[] result = new String[newLength];
System.arraycopy(original, 0, result, 0, newLength);
return result;
}
private static Object[] copyOf(Object[] original, int newLength) {
final Object[] result = new Object[newLength];
System.arraycopy(original, 0, result, 0, newLength);
return result;
}
@RequiresApi(21)
static class Api21Impl {
private Api21Impl() {
// This class is not instantiable.
}
static File[] getExternalMediaDirs(Context context) {
// Deprecated, otherwise this would belong on ContextCompat as a public method.
return context.getExternalMediaDirs();
}
}
}