add fingerprint field to Add Repo dialog, and alert if repo already exists

Previously, anything added via the Add New Repository dialog would just overwrite any existing repo config that was there. This has become a bigger issue with the QR Code scanning since it could become an attack vector. This is the first step towards making this Add Repo dialog give more info to the user about the state of things, and what the user might replace by clicking OK.
2013-11-19 23:47:05 -05:00 · 2013-11-19 23:47:05 -05:00 · 14c525e7ff
commit 14c525e7ff
parent f5ce7d8588
4 changed files with 91 additions and 31 deletions
--- a/res/layout/addrepo.xml
+++ b/res/layout/addrepo.xml
@ -1,24 +1,51 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<LinearLayout
-	xmlns:android="http://schemas.android.com/apk/res/android"
-	android:layout_width="wrap_content"
-	android:layout_height="wrap_content"
-	android:orientation="vertical">
-	<TextView
-		android:layout_width="wrap_content"
-		android:ems="20"
-		android:layout_height="wrap_content" android:text="@string/repo_add_url"/>
-	
-	<EditText
-		android:id="@+id/edit_uri"
-		android:inputType="textUri"
-		android:maxLines="1"
-		android:layout_width="wrap_content"
-		android:ems="20"
-		android:layout_height="wrap_content"
-	android:text="https://"/>
-</LinearLayout>
-<!--
+<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"
+    android:layout_width="wrap_content"
+    android:layout_height="wrap_content"
+    android:orientation="vertical" >
+
+    <TextView
+        android:layout_width="match_parent"
+        android:layout_height="wrap_content"
+        android:ems="20"
+        android:text="@string/repo_add_url" />
+
+    <EditText
+        android:id="@+id/edit_uri"
+        android:layout_width="match_parent"
+        android:layout_height="wrap_content"
+        android:ems="20"
+        android:inputType="textUri"
+        android:maxLines="1"
+        android:text="https://" />
+
+    <TextView
+        android:layout_width="match_parent"
+        android:layout_height="wrap_content"
+        android:ems="20"
+        android:text="@string/repo_add_fingerprint" />
+
+    <EditText
+        android:id="@+id/edit_fingerprint"
+        android:layout_width="match_parent"
+        android:layout_height="wrap_content"
+        android:digits="0123456789ABCDEFabcedf: "
+        android:ems="20"
+        android:inputType="textNoSuggestions"
+        android:maxLines="1"
+        android:typeface="monospace" />
+
+    <TextView
+        android:id="@+id/repo_alert"
+        android:layout_width="match_parent"
+        android:layout_height="wrap_content"
+        android:drawableLeft="@android:drawable/ic_dialog_alert"
+        android:gravity="center"
+        android:textColor="@color/red"
+        android:textAppearance="@android:style/TextAppearance.Large"
+        android:visibility="gone" />
+
+</LinearLayout><!--
 * Copyright (C) 2009  Roberto Jacinto
 * roberto.jacinto@caixamagica.pt
 *
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@ -70,6 +70,8 @@
 	<string name="download_server">Getting application from</string>

 	<string name="repo_add_url">Repository address</string>
+	<string name="repo_add_fingerprint">fingerprint (optional)</string>
+	<string name="repo_exists">This repo already exists!</string>

 	<string name="repo_alrt">The list of used repositories has
 		changed.\nDo you
--- a/res/values/styles.xml
+++ b/res/values/styles.xml
@ -10,6 +10,7 @@

 	<color name="black">#FF000000</color>
 	<color name="white">#FFFFFFFF</color>
+	<color name="red">#FFFF0000</color>

 	<style name="AboutDialogLight" parent="@android:style/Theme.Dialog">
 		<item name="@android:windowBackground">@color/black</item>
--- a/src/org/fdroid/fdroid/ManageRepo.java
+++ b/src/org/fdroid/fdroid/ManageRepo.java
@ -48,6 +48,7 @@ import android.widget.ListView;
 import android.widget.SimpleAdapter;
 import android.widget.TextView;

+import org.fdroid.fdroid.DB.Repo;
 import android.support.v4.app.NavUtils;
 import android.support.v4.view.MenuItemCompat;

@ -121,7 +122,7 @@ public class ManageRepo extends ListActivity {
                    || scheme.equals("https") || scheme.equals("http")) {
                String uriString = uri.toString().replace("fdroidrepo", "http").
                        replace(fingerprint + "@", "");
-                showAddRepo(uriString);
+                showAddRepo(uriString, fingerprint);
                Log.i("ManageRepo", uriString + " fingerprint: " + fingerprint);
            }
        }
@ -220,6 +221,25 @@ public class ManageRepo extends ListActivity {
        }
    }

+    protected List<Repo> getRepos() {
+        List<Repo> repos = null;
+        try {
+            DB db = DB.getDB();
+            repos = db.getRepos();
+        } finally {
+            DB.releaseDB();
+        }
+        return repos;
+    }
+
+    protected Repo getRepo(String repoUri, List<Repo> repos) {
+        if (repoUri != null)
+            for (Repo repo : repos)
+                if (repoUri.equals(repo.address))
+                    return repo;
+        return null;
+    }
+
    @Override
    public boolean onOptionsItemSelected(MenuItem item) {
        switch (item.getItemId()) {
@ -230,16 +250,13 @@ public class ManageRepo extends ListActivity {
        return super.onOptionsItemSelected(item);
    }

-    private void showAddRepo(String uriString) {
+    private void showAddRepo(String uriString, String fingerprint) {
        LayoutInflater li = LayoutInflater.from(this);
        View view = li.inflate(R.layout.addrepo, null);
        Builder p = new AlertDialog.Builder(this).setView(view);
        final AlertDialog alrt = p.create();
-
-        if (uriString != null) {
-            EditText uriEditText = (EditText) view.findViewById(R.id.edit_uri);
-            uriEditText.setText(uriString);
-        }
+        final EditText uriEditText = (EditText) view.findViewById(R.id.edit_uri);
+        final EditText fingerprintEditText = (EditText) view.findViewById(R.id.edit_fingerprint);

        alrt.setIcon(android.R.drawable.ic_menu_add);
        alrt.setTitle(getString(R.string.repo_add_title));
@ -248,9 +265,7 @@ public class ManageRepo extends ListActivity {
                new DialogInterface.OnClickListener() {
                    @Override
                    public void onClick(DialogInterface dialog, int which) {
-                        EditText uri = (EditText) alrt
-                                .findViewById(R.id.edit_uri);
-                        addRepo(uri.getText().toString());
+                        addRepo(uriEditText.getText().toString());
                        changed = true;
                        redraw();
                    }
@ -265,6 +280,21 @@ public class ManageRepo extends ListActivity {
                    }
                });
        alrt.show();
+
+        List<Repo> repos = getRepos();
+        Repo repo = getRepo(uriString, repos);
+        if (repo != null) {
+            final TextView tv = (TextView) view.findViewById(R.id.repo_alert);
+            tv.setVisibility(0);
+            tv.setText(R.string.repo_exists);
+            // TODO if address and fingerprint match, then enable existing repo
+            // TODO if address matches but fingerprint doesn't, handle this with extra widgets
+        }
+
+        if (uriString != null)
+            uriEditText.setText(uriString);
+        if (fingerprint != null)
+            fingerprintEditText.setText(fingerprint);
    }

    @Override
@ -274,7 +304,7 @@ public class ManageRepo extends ListActivity {

        switch (item.getItemId()) {
        case ADD_REPO:
-            showAddRepo(null);
+            showAddRepo(null, null);
            return true;

        case REM_REPO: