Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Make ENSURE_VERIFY_APPS global even when set by PO."

Browse Source
This commit is contained in:
Pavel Grafov
2017-01-18 11:15:20 +00:00
committed by Android (Google) Code Review
parent 311c5d4854 6a40f09083
commit eaed75d923
10 changed files with 620 additions and 221 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
core/java/android/os/IUserManager.aidl
View File

@@ -19,6 +19,7 @@ package android.os;
import android.os.Bundle;
import android.os.PersistableBundle;
import android.os.UserManager;
import android.content.pm.UserInfo;
import android.content.IntentSender;
import android.content.RestrictionEntry;
@@ -61,6 +62,7 @@ interface IUserManager {
int getUserSerialNumber(int userHandle);
int getUserHandle(int userSerialNumber);
int getUserRestrictionSource(String restrictionKey, int userHandle);
List<UserManager.EnforcingUser> getUserRestrictionSources(String restrictionKey, int userHandle);
Bundle getUserRestrictions(int userHandle);
boolean hasBaseUserRestriction(String restrictionKey, int userHandle);
boolean hasUserRestriction(in String restrictionKey, int userHandle);

20
core/java/android/os/UserManager.aidl Normal file
View File

@@ -0,0 +1,20 @@
/*
**
** Copyright 2016, The Android Open Source Project
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
package android.os;
parcelable UserManager.EnforcingUser;

94
core/java/android/os/UserManager.java
View File

@@ -1187,7 +1187,9 @@ public class UserManager {
* @return The source of user restriction. Any combination of {@link #RESTRICTION_NOT_SET},
* {@link #RESTRICTION_SOURCE_SYSTEM}, {@link #RESTRICTION_SOURCE_DEVICE_OWNER}
* and {@link #RESTRICTION_SOURCE_PROFILE_OWNER}
* @deprecated use {@link #getUserRestrictionSources(String, int)} instead.
*/
@Deprecated
@SystemApi
@UserRestrictionSource
public int getUserRestrictionSource(String restrictionKey, UserHandle userHandle) {
@@ -1198,6 +1200,25 @@ public class UserManager {
}
}
/**
* @hide
*
* Returns a list of users who set a user restriction on a given user.
* Requires {@link android.Manifest.permission#MANAGE_USERS} permission.
* @param restrictionKey the string key representing the restriction
* @param userHandle the UserHandle of the user for whom to retrieve the restrictions.
* @return a list of user ids enforcing this restriction.
*/
@SystemApi
public List<EnforcingUser> getUserRestrictionSources(
String restrictionKey, UserHandle userHandle) {
try {
return mService.getUserRestrictionSources(restrictionKey, userHandle.getIdentifier());
} catch (RemoteException re) {
throw re.rethrowFromSystemServer();
}
}
/**
* Returns the user-wide restrictions imposed on this user.
* @return a Bundle containing all the restrictions.
@@ -2310,8 +2331,8 @@ public class UserManager {
* @hide
* Checks if any uninitialized user has the specific seed account name and type.
*
* @param mAccountName The account name to check for
* @param mAccountType The account type of the account to check for
* @param accountName The account name to check for
* @param accountType The account type of the account to check for
* @return whether the seed account was found
*/
public boolean someUserHasSeedAccount(String accountName, String accountType) {
@@ -2321,4 +2342,73 @@ public class UserManager {
throw re.rethrowFromSystemServer();
}
}
/**
* @hide
* User that enforces a restriction.
*
* @see #getUserRestrictionSources(String, UserHandle)
*/
@SystemApi
public static final class EnforcingUser implements Parcelable {
private final @UserIdInt int userId;
private final @UserRestrictionSource int userRestrictionSource;
/**
* @hide
*/
public EnforcingUser(
@UserIdInt int userId, @UserRestrictionSource int userRestrictionSource) {
this.userId = userId;
this.userRestrictionSource = userRestrictionSource;
}
private EnforcingUser(Parcel in) {
userId = in.readInt();
userRestrictionSource = in.readInt();
}
public static final Creator<EnforcingUser> CREATOR = new Creator<EnforcingUser>() {
@Override
public EnforcingUser createFromParcel(Parcel in) {
return new EnforcingUser(in);
}
@Override
public EnforcingUser[] newArray(int size) {
return new EnforcingUser[size];
}
};
@Override
public int describeContents() {
return 0;
}
@Override
public void writeToParcel(Parcel dest, int flags) {
dest.writeInt(userId);
dest.writeInt(userRestrictionSource);
}
/**
* Returns an id of the enforcing user.
*
* <p> Will be UserHandle.USER_NULL when restriction is set by the system.
*/
public UserHandle getUserHandle() {
return UserHandle.of(userId);
}
/**
* Returns the status of the enforcing user.
*
* <p> One of {@link #RESTRICTION_SOURCE_SYSTEM},
* {@link #RESTRICTION_SOURCE_DEVICE_OWNER} and
* {@link #RESTRICTION_SOURCE_PROFILE_OWNER}
*/
public @UserRestrictionSource int getUserRestrictionSource() {
return userRestrictionSource;
}
}
}

24
core/java/android/os/UserManagerInternal.java
View File

@@ -15,7 +15,6 @@
*/
package android.os;
import android.annotation.NonNull;
import android.annotation.Nullable;
import android.content.pm.UserInfo;
import android.graphics.Bitmap;
@@ -24,6 +23,10 @@ import android.graphics.Bitmap;
* @hide Only for use within the system server.
*/
public abstract class UserManagerInternal {
public static final int CAMERA_NOT_DISABLED = 0;
public static final int CAMERA_DISABLED_LOCALLY = 1;
public static final int CAMERA_DISABLED_GLOBALLY = 2;
public interface UserRestrictionsListener {
/**
* Called when a user restriction changes.
@@ -36,18 +39,19 @@ public abstract class UserManagerInternal {
}
/**
* Called by {@link com.android.server.devicepolicy.DevicePolicyManagerService}
* to set per-user as well as global user restrictions.
* Called by {@link com.android.server.devicepolicy.DevicePolicyManagerService} to set
* restrictions enforced by the user.
*
* @param userId target user id for the local restrictions.
* @param localRestrictions per-user restrictions.
* Caller must not change it once passed to this method.
* @param globalRestrictions global restrictions set by DO. Must be null when PO changed user
* restrictions, in which case global restrictions won't change.
* Caller must not change it once passed to this method.
* @param restrictions a bundle of user restrictions.
* @param isDeviceOwner whether {@code userId} corresponds to device owner user id.
* @param cameraRestrictionScope is camera disabled and if so what is the scope of restriction.
* Should be one of {@link #CAMERA_NOT_DISABLED}, {@link #CAMERA_DISABLED_LOCALLY} or
* {@link #CAMERA_DISABLED_GLOBALLY}
*/
public abstract void setDevicePolicyUserRestrictions(int userId,
@NonNull Bundle localRestrictions, @Nullable Bundle globalRestrictions);
public abstract void setDevicePolicyUserRestrictions(int userId, @Nullable Bundle restrictions,
boolean isDeviceOwner, int cameraRestrictionScope);
/**
* Returns the "base" user restrictions.
*