Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Allow ephemeral users on the split-system-user systems only.

Browse Source 
BUG: 27143201

Change-Id: I37f3ca7366648dbf07df39a7a972857e0ff78a9a
This commit is contained in:
Lenka Trochtova
2016-02-17 13:55:17 +01:00
parent 44da29407f
commit 024f979dfd
2 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
services/core/java/com/android/server/pm/UserManagerService.java
View File

@@ -1833,6 +1833,11 @@ public class UserManagerService extends IUserManager.Stub {
return null; return null;
} }
} }
if (!UserManager.isSplitSystemUser() && (flags & UserInfo.FLAG_EPHEMERAL) != 0) {
Log.e(LOG_TAG,
"Ephemeral users are supported on split-system-user systems only.");
return null;
}
// In split system user mode, we assign the first human user the primary flag. // In split system user mode, we assign the first human user the primary flag.
// And if there is no device owner, we also assign the admin flag to primary user. // And if there is no device owner, we also assign the admin flag to primary user.
if (UserManager.isSplitSystemUser() if (UserManager.isSplitSystemUser()

10
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
View File

@@ -4968,6 +4968,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
return; return;
} }
Preconditions.checkNotNull(who, "ComponentName is null"); Preconditions.checkNotNull(who, "ComponentName is null");
// Allow setting this policy to true only if there is a split system user.
if (forceEphemeralUsers && !mInjector.userManagerIsSplitSystemUser()) {
throw new IllegalArgumentException(
"Cannot force ephemeral users on systems without split system user.");
}
boolean removeAllUsers = false; boolean removeAllUsers = false;
synchronized (this) { synchronized (this) {
final ActiveAdmin deviceOwner = final ActiveAdmin deviceOwner =
@@ -6818,6 +6823,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
if (!mInjector.binderGetCallingUserHandle().isSystem()) { if (!mInjector.binderGetCallingUserHandle().isSystem()) {
throw new SecurityException("createAndManageUser was called from non-system user"); throw new SecurityException("createAndManageUser was called from non-system user");
} }
if (!mInjector.userManagerIsSplitSystemUser()
&& (flags & DevicePolicyManager.MAKE_USER_EPHEMERAL) != 0) {
throw new IllegalArgumentException(
"Ephemeral users are only supported on systems with a split system user.");
}
// Create user. // Create user.
UserHandle user = null; UserHandle user = null;
synchronized (this) { synchronized (this) {