Saving of allowed keys

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainContract.java

@@ -321,12 +321,6 @@ public class KeychainContract {
         public static final String CONTENT_TYPE
                 = "vnd.android.cursor.dir/vnd.org.sufficientlysecure.keychain.provider.api_apps.allowed_keys";
 
-        /**
-         * Use if a single item is returned
-         */
-        public static final String CONTENT_ITEM_TYPE
-                = "vnd.android.cursor.item/vnd.org.sufficientlysecure.keychain.provider.api_apps.allowed_keys";
-
         public static Uri buildBaseUri(String packageName) {
             return CONTENT_URI.buildUpon().appendEncodedPath(packageName).appendPath(PATH_ALLOWED_KEYS)
                     .build();

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainDatabase.java

@@ -174,7 +174,8 @@ public class KeychainDatabase extends SQLiteOpenHelper {
                 + ApiAppsAllowedKeysColumns.KEY_ID + " INTEGER, "
                 + ApiAppsAllowedKeysColumns.PACKAGE_NAME + " TEXT NOT NULL, "
 
-                + "UNIQUE(" + ApiAppsAllowedKeysColumns.PACKAGE_NAME + "), "
+                + "UNIQUE(" + ApiAppsAllowedKeysColumns.KEY_ID + ", "
+                + ApiAppsAllowedKeysColumns.PACKAGE_NAME + "), "
                 + "FOREIGN KEY(" + ApiAppsAllowedKeysColumns.PACKAGE_NAME + ") REFERENCES "
                 + Tables.API_APPS + "(" + ApiAppsAllowedKeysColumns.PACKAGE_NAME + ") ON DELETE CASCADE"
                 + ")";
@@ -208,6 +209,7 @@ public class KeychainDatabase extends SQLiteOpenHelper {
         db.execSQL(CREATE_CERTS);
         db.execSQL(CREATE_API_APPS);
         db.execSQL(CREATE_API_APPS_ACCOUNTS);
+        db.execSQL(CREATE_API_APPS_ALLOWED_KEYS);
     }
 
     @Override

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainProvider.java

@@ -231,7 +231,7 @@ public class KeychainProvider extends ContentProvider {
                 return ApiAccounts.CONTENT_ITEM_TYPE;
 
             case API_ALLOWED_KEYS:
-                return ApiAllowedKeys.CONTENT_ITEM_TYPE;
+                return ApiAllowedKeys.CONTENT_TYPE;
 
             default:
                 throw new UnsupportedOperationException("Unknown uri: " + uri);
@@ -717,7 +717,7 @@ public class KeychainProvider extends ContentProvider {
                     db.insertOrThrow(Tables.API_APPS, null, values);
                     break;
 
-                case API_ACCOUNTS:
+                case API_ACCOUNTS: {
                     // set foreign key automatically based on given uri
                     // e.g., api_apps/com.example.app/accounts/
                     String packageName = uri.getPathSegments().get(1);
@@ -725,12 +725,21 @@ public class KeychainProvider extends ContentProvider {
 
                     db.insertOrThrow(Tables.API_ACCOUNTS, null, values);
                     break;
+                }
+                case API_ALLOWED_KEYS: {
+                    // set foreign key automatically based on given uri
+                    // e.g., api_apps/com.example.app/allowed_keys/
+                    String packageName = uri.getPathSegments().get(1);
+                    values.put(ApiAllowedKeys.PACKAGE_NAME, packageName);
 
+                    db.insertOrThrow(Tables.API_ALLOWED_KEYS, null, values);
+                    break;
+                }
                 default:
                     throw new UnsupportedOperationException("Unknown uri: " + uri);
             }
 
-            if(keyId != null) {
+            if (keyId != null) {
                 uri = KeyRings.buildGenericKeyRingUri(keyId);
                 rowUri = uri;
             }
@@ -793,6 +802,10 @@ public class KeychainProvider extends ContentProvider {
                 count = db.delete(Tables.API_ACCOUNTS, buildDefaultApiAccountsSelection(uri, additionalSelection),
                         selectionArgs);
                 break;
+            case API_ALLOWED_KEYS:
+                count = db.delete(Tables.API_ALLOWED_KEYS, buildDefaultApiAllowedKeysSelection(uri, additionalSelection),
+                        selectionArgs);
+                break;
             default:
                 throw new UnsupportedOperationException("Unknown uri: " + uri);
         }
@@ -885,4 +898,15 @@ public class KeychainProvider extends ContentProvider {
                 + andSelection;
     }
 
+    private String buildDefaultApiAllowedKeysSelection(Uri uri, String selection) {
+        String packageName = DatabaseUtils.sqlEscapeString(uri.getPathSegments().get(1));
+
+        String andSelection = "";
+        if (!TextUtils.isEmpty(selection)) {
+            andSelection = " AND (" + selection + ")";
+        }
+
+        return ApiAllowedKeys.PACKAGE_NAME + "=" + packageName + andSelection;
+    }
+
 }

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java

@@ -33,6 +33,7 @@ import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.operations.results.ImportKeyResult;
 import org.sufficientlysecure.keychain.pgp.WrappedUserAttribute;
 import org.sufficientlysecure.keychain.provider.KeychainContract.UserPackets;
+import org.sufficientlysecure.keychain.remote.ui.AppSettingsAllowedKeys;
 import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
 import org.sufficientlysecure.keychain.util.ParcelableFileCache.IteratorWithSize;
 import org.sufficientlysecure.keychain.util.Preferences;
@@ -50,6 +51,7 @@ import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
 import org.sufficientlysecure.keychain.pgp.UncachedPublicKey;
 import org.sufficientlysecure.keychain.pgp.WrappedSignature;
 import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
+import org.sufficientlysecure.keychain.provider.KeychainContract.ApiAllowedKeys;
 import org.sufficientlysecure.keychain.provider.KeychainContract.ApiApps;
 import org.sufficientlysecure.keychain.provider.KeychainContract.Certs;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRingData;
@@ -1504,6 +1506,44 @@ public class ProviderHelper {
         return keyIds;
     }
 
+    public Set<Long> getAllowedKeyIdsForApp(Uri uri) {
+        Set<Long> keyIds = new HashSet<>();
+
+        Cursor cursor = mContentResolver.query(uri, null, null, null, null);
+        try {
+            if (cursor != null) {
+                int keyIdColumn = cursor.getColumnIndex(KeychainContract.ApiAllowedKeys.KEY_ID);
+                while (cursor.moveToNext()) {
+                    keyIds.add(cursor.getLong(keyIdColumn));
+                }
+            }
+        } finally {
+            if (cursor != null) {
+                cursor.close();
+            }
+        }
+
+        return keyIds;
+    }
+
+    public void saveAllowedKeyIdsForApp(Uri uri, Set<Long> allowedKeyIds)
+            throws RemoteException, OperationApplicationException {
+        ArrayList<ContentProviderOperation> ops = new ArrayList<>();
+
+        // clear table
+        ops.add(ContentProviderOperation.newDelete(uri)
+                .build());
+
+        // re-insert allowed key ids
+        for (Long keyId : allowedKeyIds) {
+            ops.add(ContentProviderOperation.newInsert(uri)
+                    .withValue(ApiAllowedKeys.KEY_ID, keyId)
+                    .build());
+        }
+
+        getContentResolver().applyBatch(KeychainContract.CONTENT_AUTHORITY, ops);
+    }
+
     public Set<String> getAllFingerprints(Uri uri) {
          Set<String> fingerprints = new HashSet<>();
          String[] projection = new String[]{KeyRings.FINGERPRINT};