Fix file access permission

library/multipicker/src/main/java/im/vector/lib/multipicker/AudioPicker.kt

@@ -32,6 +32,8 @@ class AudioPicker : Picker<MultiPickerAudioType>() {
      */
     override fun getSelectedFiles(context: Context, data: Intent?): List<MultiPickerAudioType> {
         return getSelectedUriList(data).mapNotNull { selectedUri ->
+            // Tchap: Grant permission to access the selected file.
+            context.grantUriPermission(context.applicationContext.packageName, selectedUri, Intent.FLAG_GRANT_READ_URI_PERMISSION)
             selectedUri.toMultiPickerAudioType(context)
         }
     }

library/multipicker/src/main/java/im/vector/lib/multipicker/CameraPicker.kt

@@ -40,6 +40,7 @@ class CameraPicker {
         val photoUri = createPhotoUri(context)
         val intent = createIntent().apply {
             putExtra(MediaStore.EXTRA_OUTPUT, photoUri)
+            addFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION)
         }
         activityResultLauncher.launch(intent)
         return photoUri

library/multipicker/src/main/java/im/vector/lib/multipicker/ContactPicker.kt

@@ -40,6 +40,9 @@ class ContactPicker : Picker<MultiPickerContactType>() {
         val contactList = mutableListOf<MultiPickerContactType>()
 
         data?.data?.let { selectedUri ->
+            // Tchap: Grant permission to access the selected URI.
+            context.grantUriPermission(context.applicationContext.packageName, selectedUri, Intent.FLAG_GRANT_READ_URI_PERMISSION)
+
             val projection = arrayOf(
                     ContactsContract.Contacts.DISPLAY_NAME,
                     ContactsContract.Contacts.PHOTO_URI,

library/multipicker/src/main/java/im/vector/lib/multipicker/FilePicker.kt

@@ -42,6 +42,9 @@ class FilePicker : Picker<MultiPickerBaseType>() {
      */
     override fun getSelectedFiles(context: Context, data: Intent?): List<MultiPickerBaseType> {
         return getSelectedUriList(data).mapNotNull { selectedUri ->
+            // Tchap: Grant permission to access the selected file.
+            context.grantUriPermission(context.applicationContext.packageName, selectedUri, Intent.FLAG_GRANT_READ_URI_PERMISSION)
+
             val type = context.contentResolver.getType(selectedUri)
 
             when {

library/multipicker/src/main/java/im/vector/lib/multipicker/ImagePicker.kt

@@ -32,6 +32,8 @@ class ImagePicker : Picker<MultiPickerImageType>() {
      */
     override fun getSelectedFiles(context: Context, data: Intent?): List<MultiPickerImageType> {
         return getSelectedUriList(data).mapNotNull { selectedUri ->
+            // Tchap: Grant permission to access the selected file.
+            context.grantUriPermission(context.applicationContext.packageName, selectedUri, Intent.FLAG_GRANT_READ_URI_PERMISSION)
             selectedUri.toMultiPickerImageType(context)
         }
     }

library/multipicker/src/main/java/im/vector/lib/multipicker/MediaPicker.kt

@@ -34,6 +34,9 @@ class MediaPicker : Picker<MultiPickerBaseMediaType>() {
      */
     override fun getSelectedFiles(context: Context, data: Intent?): List<MultiPickerBaseMediaType> {
         return getSelectedUriList(data).mapNotNull { selectedUri ->
+            // Tchap: Grant permission to access the selected file.
+            context.grantUriPermission(context.applicationContext.packageName, selectedUri, Intent.FLAG_GRANT_READ_URI_PERMISSION)
+
             val mimeType = context.contentResolver.getType(selectedUri)
 
             if (mimeType.isMimeTypeVideo()) {

library/multipicker/src/main/java/im/vector/lib/multipicker/Picker.kt

@@ -16,6 +16,7 @@
 
 package im.vector.lib.multipicker
 
+import android.content.ComponentName
 import android.content.Context
 import android.content.Intent
 import android.content.pm.PackageManager
@@ -58,7 +59,15 @@ abstract class Picker<T> {
         uriList.forEach {
             for (resolveInfo in resInfoList) {
                 val packageName: String = resolveInfo.activityInfo.packageName
-                context.grantUriPermission(packageName, it, Intent.FLAG_GRANT_READ_URI_PERMISSION)
+                // Tchap: Replace implicit intent by an explicit to fix crash on some devices like Xiaomi.
+                try {
+                    context.grantUriPermission(packageName, it, Intent.FLAG_GRANT_READ_URI_PERMISSION)
+                } catch (e: Exception) {
+                    continue
+                }
+                data.action = null
+                data.component = ComponentName(packageName, resolveInfo.activityInfo.name)
+                break
             }
         }
         return getSelectedFiles(context, data)

library/multipicker/src/main/java/im/vector/lib/multipicker/VideoPicker.kt

@@ -32,6 +32,8 @@ class VideoPicker : Picker<MultiPickerVideoType>() {
      */
     override fun getSelectedFiles(context: Context, data: Intent?): List<MultiPickerVideoType> {
         return getSelectedUriList(data).mapNotNull { selectedUri ->
+            // Tchap: Grant permission to access the selected file.
+            context.grantUriPermission(context.applicationContext.packageName, selectedUri, Intent.FLAG_GRANT_READ_URI_PERMISSION)
             selectedUri.toMultiPickerVideoType(context)
         }
     }

matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/content/UploadContentWorker.kt

@@ -17,8 +17,10 @@
 package org.matrix.android.sdk.internal.session.content
 
 import android.content.Context
+import android.content.Intent
 import android.graphics.BitmapFactory
 import android.media.MediaMetadataRetriever
+import android.os.Build
 import androidx.core.net.toUri
 import androidx.work.WorkerParameters
 import com.squareup.moshi.JsonClass
@@ -115,7 +117,16 @@ internal class UploadContentWorker(val context: Context, params: WorkerParameter
         if (allCancelled) {
             // there is no point in uploading the image!
             return Result.success(inputData)
-                    .also { Timber.e("## Send: Work cancelled by user") }
+                    .also {
+                        Timber.e("## Send: Work cancelled by user")
+
+                        // Tchap: Revoke read permission to the local file.
+                        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
+                            context.revokeUriPermission(context.packageName, params.attachment.queryUri, Intent.FLAG_GRANT_READ_URI_PERMISSION)
+                        } else {
+                            context.revokeUriPermission(params.attachment.queryUri, Intent.FLAG_GRANT_READ_URI_PERMISSION)
+                        }
+                    }
         }
 
         val attachment = params.attachment
@@ -396,6 +407,13 @@ internal class UploadContentWorker(val context: Context, params: WorkerParameter
         )
         return Result.success(WorkerParamsFactory.toData(sendParams)).also {
             Timber.v("## handleSuccess $attachmentUrl, work is stopped $isStopped")
+
+            // Tchap: Revoke read permission to the local file.
+            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
+                context.revokeUriPermission(context.packageName, params.attachment.queryUri, Intent.FLAG_GRANT_READ_URI_PERMISSION)
+            } else {
+                context.revokeUriPermission(params.attachment.queryUri, Intent.FLAG_GRANT_READ_URI_PERMISSION)
+            }
         }
     }
 

vector/src/main/java/im/vector/app/features/home/room/detail/RoomDetailAction.kt

@@ -52,7 +52,7 @@ sealed class RoomDetailAction : VectorViewModelAction {
 
     data class ResendMessage(val eventId: String) : RoomDetailAction()
     data class RemoveFailedEcho(val eventId: String) : RoomDetailAction()
-    data class CancelSend(val eventId: String, val force: Boolean) : RoomDetailAction()
+    data class CancelSend(val event: TimelineEvent, val force: Boolean) : RoomDetailAction()
 
     data class VoteToPoll(val eventId: String, val optionKey: String) : RoomDetailAction()
 

vector/src/main/java/im/vector/app/features/home/room/detail/RoomDetailViewEvents.kt

@@ -66,6 +66,11 @@ sealed class RoomDetailViewEvents : VectorViewEvents {
             val mimeType: String?
     ) : RoomDetailViewEvents()
 
+    // Tchap: Revoke read permission to the local file.
+    data class RevokeFilePermission(
+            val uri: Uri
+    ) : RoomDetailViewEvents()
+
     data class DisplayAndAcceptCall(val call: WebRtcCall) : RoomDetailViewEvents()
 
     object DisplayPromptForIntegrationManager : RoomDetailViewEvents()

vector/src/main/java/im/vector/app/features/home/room/detail/TimelineFragment.kt

@@ -383,6 +383,7 @@ class TimelineFragment :
 
         timelineViewModel.observeViewEvents {
             when (it) {
+                is RoomDetailViewEvents.RevokeFilePermission -> revokeFilePermission(it)
                 is RoomDetailViewEvents.SendCallFeedback -> bugReporter.openBugReportScreen(requireActivity(), ReportType.VOIP)
                 is RoomDetailViewEvents.Failure -> displayErrorMessage(it)
                 is RoomDetailViewEvents.OnNewTimelineEvents -> scrollOnNewMessageCallback.addNewTimelineEventIds(it.eventIds)
@@ -547,6 +548,22 @@ class TimelineFragment :
         )
     }
 
+    // Tchap: Revoke read permission to the local file.
+    private fun revokeFilePermission(revokeFilePermission: RoomDetailViewEvents.RevokeFilePermission) {
+        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
+            requireContext().revokeUriPermission(
+                    requireContext().applicationContext.packageName,
+                    revokeFilePermission.uri,
+                    Intent.FLAG_GRANT_READ_URI_PERMISSION
+            )
+        } else {
+            requireContext().revokeUriPermission(
+                    revokeFilePermission.uri,
+                    Intent.FLAG_GRANT_READ_URI_PERMISSION
+            )
+        }
+    }
+
     private fun displayErrorMessage(error: RoomDetailViewEvents.Failure) {
         if (error.showInDialog) displayErrorDialog(error.throwable) else showErrorInSnackbar(error.throwable)
     }
@@ -1578,14 +1595,16 @@ class TimelineFragment :
 
     private fun handleCancelSend(action: EventSharedAction.Cancel) {
         if (action.force) {
-            timelineViewModel.handle(RoomDetailAction.CancelSend(action.eventId, true))
+            // Tchap: Revoke read permission to the local file.
+            timelineViewModel.handle(RoomDetailAction.CancelSend(action.event, true))
         } else {
             MaterialAlertDialogBuilder(requireContext())
                     .setTitle(R.string.dialog_title_confirmation)
                     .setMessage(getString(R.string.event_status_cancel_sending_dialog_message))
                     .setNegativeButton(R.string.no, null)
                     .setPositiveButton(R.string.yes) { _, _ ->
-                        timelineViewModel.handle(RoomDetailAction.CancelSend(action.eventId, false))
+                        // Tchap: Revoke read permission to the local file.
+                        timelineViewModel.handle(RoomDetailAction.CancelSend(action.event, false))
                     }
                     .show()
         }

vector/src/main/java/im/vector/app/features/home/room/detail/TimelineViewModel.kt

@@ -18,6 +18,7 @@ package im.vector.app.features.home.room.detail
 
 import android.net.Uri
 import androidx.annotation.IdRes
+import androidx.core.net.toUri
 import androidx.lifecycle.asFlow
 import com.airbnb.mvrx.Async
 import com.airbnb.mvrx.Fail
@@ -85,6 +86,7 @@ import kotlinx.coroutines.flow.onEach
 import kotlinx.coroutines.launch
 import kotlinx.coroutines.withContext
 import org.matrix.android.sdk.api.MatrixPatterns
+import org.matrix.android.sdk.api.MatrixUrls.isMxcUrl
 import org.matrix.android.sdk.api.extensions.orFalse
 import org.matrix.android.sdk.api.extensions.tryOrNull
 import org.matrix.android.sdk.api.query.QueryStringValue
@@ -112,6 +114,8 @@ import org.matrix.android.sdk.api.session.room.model.Membership
 import org.matrix.android.sdk.api.session.room.model.RoomMemberSummary
 import org.matrix.android.sdk.api.session.room.model.RoomSummary
 import org.matrix.android.sdk.api.session.room.model.localecho.RoomLocalEcho
+import org.matrix.android.sdk.api.session.room.model.message.MessageContent
+import org.matrix.android.sdk.api.session.room.model.message.MessageWithAttachmentContent
 import org.matrix.android.sdk.api.session.room.model.message.getFileUrl
 import org.matrix.android.sdk.api.session.room.model.relation.RelationDefaultContent
 import org.matrix.android.sdk.api.session.room.model.tombstone.RoomTombstoneContent
@@ -1097,18 +1101,18 @@ class TimelineViewModel @AssistedInject constructor(
 
     private fun handleCancel(action: RoomDetailAction.CancelSend) {
         if (room == null) return
-        if (action.force) {
-            room.sendService().cancelSend(action.eventId)
-            return
-        }
-        val targetEventId = action.eventId
-        room.getTimelineEvent(targetEventId)?.let {
-            // State must be in one of the sending states
-            if (!it.root.sendState.isSending()) {
-                Timber.e("Cannot cancel message, it is not sending")
-                return
+        // Tchap: Revoke read permission to the local file.
+        // State must be in one of the sending states
+        if (action.force || action.event.root.sendState.isSending()) {
+            room.sendService().cancelSend(action.event.eventId)
+
+            val clearContent = action.event.root.getClearContent()
+            val messageContent = clearContent?.toModel<MessageContent>() as? MessageWithAttachmentContent
+            messageContent?.getFileUrl()?.takeIf { !it.isMxcUrl() }?.let {
+                _viewEvents.post(RoomDetailViewEvents.RevokeFilePermission(it.toUri()))
             }
-            room.sendService().cancelSend(targetEventId)
+        } else {
+            Timber.e("Cannot cancel message, it is not sending")
         }
     }
 

vector/src/main/java/im/vector/app/features/home/room/detail/timeline/action/EventSharedAction.kt

@@ -23,6 +23,7 @@ import im.vector.app.core.platform.VectorSharedAction
 import im.vector.app.features.home.room.detail.timeline.item.MessageInformationData
 import org.matrix.android.sdk.api.session.room.model.message.MessageContent
 import org.matrix.android.sdk.api.session.room.model.message.MessageWithAttachmentContent
+import org.matrix.android.sdk.api.session.room.timeline.TimelineEvent
 
 sealed class EventSharedAction(
         @StringRes val titleRes: Int,
@@ -71,7 +72,7 @@ sealed class EventSharedAction(
     data class Redact(val eventId: String, val askForReason: Boolean, val dialogTitleRes: Int, val dialogDescriptionRes: Int) :
             EventSharedAction(R.string.message_action_item_redact, R.drawable.ic_delete, true)
 
-    data class Cancel(val eventId: String, val force: Boolean) :
+    data class Cancel(val event: TimelineEvent, val force: Boolean) :
             EventSharedAction(R.string.action_cancel, R.drawable.ic_close_round)
 
     data class ViewSource(val content: String) :

vector/src/main/java/im/vector/app/features/home/room/detail/timeline/action/MessageActionsViewModel.kt

@@ -313,15 +313,17 @@ class MessageActionsViewModel @AssistedInject constructor(
     private fun ArrayList<EventSharedAction>.addActionsForSendingState(timelineEvent: TimelineEvent) {
         // TODO is uploading attachment?
         if (canCancel(timelineEvent)) {
-            add(EventSharedAction.Cancel(timelineEvent.eventId, false))
+            // Tchap: Revoke read permission to the local file.
+            add(EventSharedAction.Cancel(timelineEvent, false))
         }
     }
 
     private fun ArrayList<EventSharedAction>.addActionsForSentNotSyncedState(timelineEvent: TimelineEvent) {
         // If sent but not synced (synapse stuck at bottom bug)
         // Still offer action to cancel (will only remove local echo)
         timelineEvent.root.eventId?.let {
-            add(EventSharedAction.Cancel(it, true))
+            // Tchap: Revoke read permission to the local file.
+            add(EventSharedAction.Cancel(timelineEvent, true))
         }
 
         // TODO Can be redacted