The code only existed so that it could be used in a test. Subsequently,
a further test was written to test this code (used by the first test).
Since none of the code is actually used in the app, it has been removed.
Renamed AppTable to AppMetadataTable
See #511 for details. This is in prep ration for having an even more normalized `fdroid_package` table. That table will be the authoritative reference of what "packages" are known about in the client. The "app" table (now "metadata") will be specific to each repository which provides different metadata about that app.
This is a fairly straightforward "Rename Interface" refactoring from Android Studio" and is done so as to minimize the diff in a forthcoming MR.
See merge request !373
See #511 for details. This is in prepration for having an even more normalized
`fdroid_package` table. That table will be the authoritative reference of what
"packages" are known about in the client. The "app" table (now thought of as "app metadata") will
be specific to each repository which provides different metadata about that app.
Move user specified data to separate table
Right now, the "Ignore update for version X" and "Ignore all updates for this app" are stored in `fdroid_app`. This means that if a repo is disabled then re-enabled, these preferences are lost. This MR separates out the user specified metadata from the metadata provided by the repository, such that one can change without affecting the other.
For convenience sake, this drops the `fdroid_app` and `fdroid_apk` tables rather than migrating them, and then sets a flag in preferences that forces F-Droid to do an index update when started. This is done _after_ migrating already existing user preferences out of `fdroid_app` and into `fdroid_appPrefs`.
See merge request !372
The test was using a `findIgnored` method in `AppProvider`, which only
existed for the purpose of testing. The test has been changed to instead
check for apps which would end up in the "can update" list (which is really
where the "ignored" apps are useful).
In the process, realised that using appId as a foreign key is worse than
packageName, because appId can get removed and added again, but it will
be different when the same app is inserted a second time. In order to
maintain the association of which apps have preferences stored against
them, they need to be stored against something with a bit more semantic
meaning. Thus, join onto package name instead.
This is a more concise syntax to say the same thing, and avoids an
OR clause in the where - which is often the cause of slowness in
many queries. Not sure if it was problematic in these cases, however
this COALESCE syntax is still more consise.
With no indexes at all, a join between X and Y tables would require a full
table scan of Y for each row in X. With an index on the relevant field in
Y, it would require an index lookup on the join field in Y for each row in
X, which contains a pointer to the row of interest in Y. This row is then
looked up and the relevant value extracted. By using a covering index (one
which includes all fields required to satisfy the query, with the first field
being the one which is looked up in the join), then once the index has been
searched, there is no need to then go to table Y because all the relevant
data is already in the index.
This offers a marginal performance improvement.
Merge download broadcast receivers
Previously, for all 4 states broadcast receivers were registered separately. These have now been merged into one receiver. IMHO this makes the code more readable and structured.
See merge request !368
Use AOSP Installer if permission check fails
If the old repo index is used and the permission check fails in ApkVerifier, this allows a fallback to the AOSP DefaultInstaller to show all permissions.
This has been discussed in https://gitlab.com/fdroid/fdroidclient/issues/704
Unfortunately, this shows our permission screen before download and then afterwards when the ``ApkVerifier`` fails the permission screen of the AOSP DefaultInstaller, i.e., the user sees two permission screen which she needs to acknowledge. This should only happen if an old repo format is used, thus I think this is okay. I don't know of any other solution to this problem.
See merge request !369
Make App and Apk parcelable and fix related installer NPEs
Installations fails currently due to
```
885 ACRA E Caused by: java.lang.NullPointerException
885 ACRA E at org.fdroid.fdroid.installer.InstallManagerService.getAppName(InstallManagerService.java:327)
885 ACRA E at org.fdroid.fdroid.installer.InstallManagerService.createNotificationBuilder(InstallManagerService.java:318)
885 ACRA E at org.fdroid.fdroid.installer.InstallManagerService.onStartCommand(InstallManagerService.java:158)
885 ACRA E at android.app.ActivityThread.handleServiceArgs(ActivityThread.java:2039)
885 ACRA E ... 10 more
```
This bug has been introduced in https://gitlab.com/fdroid/fdroidclient/merge_requests/359 where the packageName has been removed from the toContentValues() method.
The usage of ContentValues to send App/Apk objects to services was an hack in my opinion.
Thus, this PRs introduces proper parceling of App and Apk classes.
@pserwylo @eighthave @mvdan
See merge request !362
The usage of ContentValues to send App/Apk objects
to services was an hack in my opinion.
This hack broke in https://gitlab.com/fdroid/fdroidclient/merge_requests/359
where the packageName has been removed from the
toContentValues() method, which leads to NPEs in
the services.
Remove now unused package name from apk table
The package name is only stored in the `fdroid_app` table now, so we need to remove it form the `fdroid_apk` table. Under normal circumstances, I'd normally just leave unused fields in the DDL (the SQL which defines the tables) and never use it from within the Java code. However in this case, the package name formed part of the primary key of this table. Seeing as we are not inserting into that column any more, it isn't okay to leave it there but instead it must be removed so that we can put a more appropriate primary key on the table. In this case, the new primary key is `appId` + `vercode` + `repoId`.
I think this is the final merge request before I submit a MR with repo priorities.
See merge request !359
Wherever the "package name" of an apk is required, it can be requested by
asking for `Schema.ApkTable.Cols.App.PACKAGE_NAME`. Note the `App` which
indicates that it is in fact pulling this data from the `fdroid_app` table rather
than the `fdroid_apk` table.
Correctly identify the repo for a given URL to fix HTTP Auth.
**NOTE: Based on !355 (If that one gets merged first, I can rebase this, or else we can merge this one for both commits)**
When downloading arbitrary URLs using F-Droid (e.g. icons, .apk files, indexes) then it may be the case that the repo requires authentication. As such, we try to infer the repository based purely on the URL.
The old code took the basename of the URL, which means remove the last fragment (e.g. "index.jar") and use the remaining portion of the URL to lookup the repo.
This is broken for many reasons, partly because of the presence of a query string, partly because there are other things which are not just in the root directory of the repo (e.g. "/icons/*.png").
This new method iteratively peels off the right most segment of the URLs path, then looks to see if a repo exists at that address.
Note that this breaks down if you have nested repositories on a server, where one of the repositories is nested inside a directory that F-Droid knows about, such as "icons". In such a case, the following repositories:
* https://f-droid.org/repo (requires auth)
* https://f-droid.org/repo/icons (doesn't require auth)
will break down. If requesting something from the repo requiring auth:
* https://f-droid.org/repo/icons/org.fdroid.fdroid.png
Then it will lookup the database and find the repo which lives in "/icons" and doesn't require auth (or requires a different auth username/password). Not sure there is a lot that can be done about this without major refactoring. Such refactoring would require making sure a `Repo` is always given to a downloader for any HTTP request, and is probably a bit out of scope of this bug.
Also added tests for this behaviour.
Fixes#711.
See merge request !357
Firstly, this causes #721, possibly due to a bug in "Barcode
Scanner" whereby it seems to ignore the scheme when in caps,
assuming it is "http".
The relevant RFC is:
> RFC3986 (Uniform Resource Identifier (URI): Generic Syntax
In section 3.1, it describes the scheme:
> Although schemes are case-insensitive, the canonical form is
> lowercase and documents that specify schemes must do so with
> lowercase letters. An implementation should accept uppercase
> letters as equivalent to lowercase in scheme names (e.g., allow
> "HTTP" as well as "http") for the sake of robustness but should
> only produce lowercase scheme names for consistency.
Secondly, it is not valid to uppercase URLs at will. Although it
seems that there is some sort of more-compact-QR-generating-logic
that doesn't justify this. Funnily enough, I can't find anything
in RFC3986 about the case-insensitivity of URI paths. However
consider the following:
* https://i.imgur.com/fn33EcW.jpg
That is a valid path to an image. If we upper case it:
* HTTPS://I.IMGUR.COM/FN33ECW.JPG
or lower case it:
* https://i.imgur.com/fn33ecw.jpg
Then the server is entitled to treat it differently and indeed
it does. Both the upper case and lower case are no both 404's.
When downloading arbitrary URLs using F-Droid (e.g. icons, .apk files, indexes)
then it may be the case that the repo requires authentication. As such, we try
to infer the repository based purely on the URL.
The old code took the basename of the URL, which means remove the last fragment
(e.g. "index.jar") and use the remaining portion of the URL to lookup the repo.
This is broken for many reasons, partly because of the presence of a query string,
partly because there are other things which are not just in the root directory
of the repo (e.g. "/icons/*.png").
This new method iteratively peels off the right most segment of the URLs path,
then looks to see if a repo exists at that address.
Note that this breaks down if you have nested repositories on a server, where
one of the repositories is nested inside a directory that F-Droid knows about,
such as "icons". In such a case, the following repositories:
* https://f-droid.org/repo (requires auth)
* https://f-droid.org/repo/icons (doesn't require auth)
will break down. If requesting something from the repo requiring auth:
* https://f-droid.org/repo/icons/org.fdroid.fdroid.png
Then it will lookup the database and find the repo which lives in "/icons"
and doesn't require auth (or requires a different auth username/password).
Not sure there is a lot that can be done about this without major refactoring.
Such refactoring would require making sure a `Repo` is always given to a downloader
for any HTTP request, and is probably a bit out of scope of this bug.
Also added tests for this behaviour.
Fixes#711.
Prevent crash for servers that don't send etags with repo indexes
While working on #711, I noticed this bug using my [Mock HTTP Auth server](https://f-droid.org/wiki/page/PHP_Mock_Repository).
This fix always captures timestamps during repo updates, even if it is the same as last time. This is because we are dependent on it later on in the repo update process. Specifically, when updating from a HTTP server that doesn't send out etags with its responses, it will trigger a full blown repo update every time, even if all the values in the index are the same (name, description, etc). This is as distinct from better behaving servers that send etags, in which case we will only do a partial update (i.e. persist the "last updated time"). In such a case, the remainder of the update process will proceed, and ask for this timestamp.
See merge request !356
