GitLab

JobScheduler is in a much better position to coordinate tasks across
the platform to optimize battery and RAM usage.  This change removes
a bunch of manual scheduling logic by representing each download as
a separate job with relevant scheduling constraints.  Requested
network types, retry backoff timing, and newly added charging and
idle constraints are plumbed through as job parameters.

When a job times out, we halt the download and schedule it to resume
later.  The majority of downloads should have ETag values to enable
resuming like this.

Remove local wakelocks, since the platform now acquires and blames
our jobs on the requesting app.

When an active download is pushing updates to the database, check for
both paused and cancelled state to quickly halt an ongoing download.

Shift DownloadNotifier to update directly based on a Cursor, since we
no longer have the overhead of fully-parsed DownloadInfo objects.

Unify a handful of worker threads into a single shared thread.

Remove legacy "large download" activity that was thrown in the face
of the user; the UX best-practice is to go through notification, and
update that dialog to let the user override and continue if under
the hard limit.

Bug: 28098882, 26571724
Change-Id: I33ebe59b3c2ea9c89ec526f70b1950c734abc4a7

Bug: 23410732
Change-Id: Iae4628bb56c17140da32d40e9c425d9f85a9a920

Normally apps must hold the WRITE_EXTERNAL_STORAGE permission in
order to use DownloadManager.  However, now that the platform has
relaxed permissions on package-specific directories, we relax the
DownloadManager check in a similar way.  This also opens up using
DownloadManager to save files on secondary external storage devices.

Fix bug so that we now check the relevant volume state when thinking
about resuming a download.

Bug: 22135060
Change-Id: If439340ea48789ea167f49709b5b69a4f0883150

DownloadProvider offers downloading over HTTP and HTTPS.

Bug: 19215516
Change-Id: I4f0583fd0b00842892a5229f1a87c7af53c5abe4

...preparatory to finally removing the scratchpad "idle maintenance"
infrastructure from the product.

Bug 14993295

Change-Id: I1e84247de19e616910db1781b2c399a8b15a805c

This reverts commit aea634a2.

We've switched to a whitelist approach.

Change-Id: Ifd760d8f800fd2de3a99079d1e04576163ebad80

Change-Id: I575f1a1589e805341e5772eceb5db2f06f9ec4c2

Periodically reconcile database against disk contents.  This handles
the case where a user/app deletes files directly from disk without
updating the database, and the rare case where a database delete
didn't make it to deleting the underlying file.

Also cleans up any downloads belonging to a UID when removed.

Bug: 12924143
Change-Id: I4899d09df7ef71f2625491ac01ceeafa8a2013ce

Change all data transfer to occur through FileDescriptors instead of
relying on local files.  This paves the way for downloading directly
to content:// Uris in the future.

Rewrite storage management logic to preflight download when size is
known.  If enough space is found, immediately reserve the space with
fallocate(), advising the kernel block allocator to try giving us a
contiguous block regions to reduce fragmentation.  When preflighting
on internal storage or emulated external storage, ask PackageManager
to clear private app caches to free up space.

Since we fallocate() the entire file, use the database as the source
of truth for resume locations, which requires that we fsync() before
each database update.

Store in-progress downloads in separate directories to keep the OS
from deleting out from under us.  Clean up filename generation logic
to break ties in this new dual-directory case.

Clearer enforcement of successful download preconditions around
content lengths and ETags.  Move all database field mutations to
clearer DownloadInfoDelta object, and write back through single
code path.

Catch and log uncaught exceptions from DownloadThread.  Tests to
verify new storage behaviors.  Fixed existing test to reflect correct
RFC behavior.

Bug: 5287571, 3213677, 12663412
Change-Id: I6bb905eca7c7d1a6bc88df3db28b65d70f660221

The DownloadService needs the WAKE_LOCK permission, which
it normally gets as a side-affect of the MediaProvider
being in the same shared UID. Since clockwork doesn't
include the MediaProvider the uses-permission needs to
be added to DownloadProvider.

Change-Id: Ib3f58695e21e1cf7d841bc55093c26b631092b30

Change-Id: I5a07244d4bb7e11af4f5eb1a624fc20165248aab

Follows API change in framework.

Bug: 11109484
Change-Id: Icc3d4205b5f33f3821810c4a0692a030228363b7

Bug: 10672973, 10577809
Change-Id: I92314c35b37ac590830e881489e6a88afd860de4

Handle incoming manage requests by launching finished downloads,
or showing various retry dialogs.  Pipe through summary, show
percentage when in progress, and always show total size and MIME type.

Bug: 10531347, 10599641
Change-Id: I3be2bc67ea3c0ef795146177200f5be77ad5114e

Provides same functionality, but follows updated DocumentsProvider
contract in framework.

Bug: 10497206
Change-Id: Ie1f6180047ff7bad289679a14f3368238d47b1d6

PackageInstaller requires raw file:// Uris, and refuses to accept
content:// Uris, so create a trampoline that uses the raw file and
also splices in referrer extras.

Bug: 10391254
Change-Id: I12a06862069479de5dee140d0065479ce79eb494

Uses new MatrixCursor.RowBuilder.offer() to support custom
projections.  Also query MIME types directly so they're always
consistent.

Bug: 10329983
Change-Id: I724b26e008f6ffb85940e009a916b969ead42fcd

Offers a view of Downloads through the lens of DocumentsContract
for surfacing in new storage UI.

Change-Id: I4373c2498b4b82bfee2300a00f8d0bb734bf574c

Bug: 8596021
Change-Id: I56149da0519915764f5c38a8141e1a7dcfff5b25

PackageInstaller attempts to grant Uri permissions on my_downloads
paths passed internally.  This change lets the system successfully
grant permissions to these paths.

Bug: 7426851
Change-Id: I9a4eea4397c02175aff4e3881a9a79cea1e6e0e3

In a future version of Android, the default value for
<provider android:exported> will change from true to false.
Explicitly set android:exported="true"

Bug: 3306452
Change-Id: Id23f16a8527ba97be1d8617ccfc4346734f695d0

Change-Id: I2ddf1d43b8793f03d20d6c4de2f6e3b01a302ba2

new Forward Lock support in Download Provider.

Change-Id: I71faf19527104455b666cba73a052cd0d4b7d70e

Now network access is determined by using getActiveNetworkInfoForUid()
which uses BLOCKED to indicate that network should be rejected for
the requesting UID.  While download in progress, watch for any policy
changes that should trigger pause.

Also check NetworkInfo.isConnected() for correctness.

Change-Id: I1efa79823f15ecc3fa088a6719da1b770c64b255

Tag active downloads, and account data usage towards UID that made
the original request.  Also release WakeLock only after we've cleaned
up the download.

Change-Id: I72d58c6a51beaeb357e59aae4d7c0f5ac9abaa8d

and retry downloads that failed due to the error "sdcard media not mounted"

Change-Id: Id181b8167d331214f72679c85f18cc8b9b969e40

fixes this bug bug:3169457 also

Change-Id: I0f60333361c5c399c64faa2d497038530064bef0

1. if an application designates a downloaded file to be mediascanner
scannable or not, store that fact in database.
2. use the above to determine whether a file shoudl be mediascanned or not
in DownloadService
3. implement code to return mimetype for the new Uri "/public_downloads"
introduced in CL: I1f5dd734e394db0056579a3a0c26862fee27981e

Change-Id: I5c062ad6d1b58306044cee49ff3827e908d27fd9

* tweaks to UI strings based on feedback
* new "retry" button for single selection of failed download
* make SizeLimitActivity translucent+titleless, so it looks like a
  dialog over the current app

Change-Id: I6a990275880d23ab6b4368d39b70f0ad042825ec

Change-Id: I43d3b9ca4ea7d4786a47363b4f5f7e6f003013bb

This change extends the original work to add a size limit over which
wifi is required to download a file.

First, this change adds a second size limit, over which wifi is
recommended but not required.  The user has the option to bypass this
limit.

Second, this change implements dialogs shown to the user when either
limit is exceeded.  These dialogs are shown by the background download
manager service when a download is started and found to be over the
limit (and wifi is not connected).

I'm including one small fix to the unit tests needed from the previous
change.

Change-Id: Ia0f0acaa7b0d00e98355925c3446c0472048df10

Market has its own copies of the download manager URIs.  This change
bring back support for those so Market will keep working until they
can properly update their code.

Change-Id: I283ea65931085c0f083a182842d362c113427537

Market has its own copies of the download manager URIs.  This change
bring back support for those so Market will keep working until they
can properly update their code.

Change-Id: I283ea65931085c0f083a182842d362c113427537

This change introduces a second view into the download manager
database via a set of URIs starting with /all_downloads, renaming the
original /download URIs to /my_downloads.  In addition to making
things more clear, this change allows the downloads UI to grant
permissions on individual downloads to viewer apps.

The old semantics were:

* for ordinary callers, /download included only downloads initiated by
  the calling UID
* for intraprocess calls or calls by root, /download included all
  downloads

The new semantics are

* /my_downloads always includes only downloads initiated by the
  calling UID, and requires only INTERNET permission.  It could just
  as well require no permission, but that's not possible in the
  framework, since path-permissions can only broaden access, not
  tighten it.  It doesn't matter, because these URIs are useless
  without INTERNET permission -- if a user can't initiate downloads,
  there's no reason to read this.
* /all_downloads always includes all downloads on the system, and
  requires the new permission ACCESS_ALL_DOWNLOADS.  This permission
  is currently protectionLevel=signature -- this could be relaxed
  later to support third-party download managers.

All download manager code has been changed to use /all_downloads URIs,
except when passing a URI to another app.  In making this change
across the download manager code, I've taken some liberties in
cleaning things up.  Other apps are unchanged and will use
/my_downloads.

Finally, this incorporates changes to DownloadManager to return a
content URI for /cache downloads -- the download UI no longer assumes
it's a file URI, and it grants permissions to the receiver of the VIEW
intent.  The public API test has also been updated.

I've also fixed some null cursor checking in DownloadManager.

Change-Id: I05a501eb4388249fe80c43724405657c950d7238

This change makes all downloads through the public API visible by
default.  It removes the API that had allowed applications to control
notifications while the download runs.  This has been replaced with a
hidden API, since such behavior is needed by SystemUpdater and Market
(for self-updates).  Additionally, the behavior is now protected by a
new permission.

I'm making this permission signatureOrSystem, and changing the
non-purgeable permission to the same (it should've been that, I just
didn't know).  I'm also adding string descriptions to appease the
translation folks.

Change-Id: I192e8b19ff9b0e425257cef0db081c3d75996ea5

This change adds a permission,
android.permission.DOWNLOAD_CACHE_NON_PURGEABLE.  When an app has this
permission, any downloads it requests through the public API to the
download cache will automatically become non-purgeable, i.e. they'll
never be automatically deleted by the download manager to free up
space.  This is intended for use only by the system updater.

Change-Id: I35cdd44f7e5d46bc70443d1a9743f61a51395ddb

This change removes the requirement that apps have the
ACCESS_DOWNLOAD_MANAGER permission in order to access
DownloadProvider.  This enables the public API to work.  Instead,
DownloadProvider enforces the new permissions model for the public
API:
* insert() requires INTERNET permission
* insert() checks that input fits within the restricted input allowed
  for the public API
* insert() also strictly checks the file URI provided with
  DESTINATION_FILE_URI (and still requires WRITE_EXTERNAL_STORAGE
  permission if that is supplied)

Note that if an app has the ACCESS_DOWNLOAD_MANAGER permission, legacy
behavior is retained.

I've added a test to cover this new access, and updated the existing
permissions tests.

I also fixed a bug in WHERE clause construction in update() and
delete(), and refactored the code to eliminate duplication.

Change-Id: I53a08df137b35c2788c36350276c9dff24858af1

I need to make COLUMN_URI readable by apps, since the public API
exposes that field.  In order to avoid any possible security issues, I
got rid of the feature that potentially allowed apps to view downloads
from other UIDs.  No one was using that feature and the public API
exposes no such feature (yet).

While at it, I cleaned up some related code in update() and delete().

Change-Id: I5384115d2a865255d009fbe37449488fd2269389

applications to the SD card.

Necessary for http://b/issue?id=2384554

Also create names for files by default, so they do not display as
<Untitled>.  Remove calls to createTitleFromFilename, which are
no longer necessary.

Requires a change to frameworks/base.

Its definition is moving to frameworks/base.

Change-Id: Ieb0409c458939c14e2cc8b5bdbcef14564a59c55