Merge "Throw for unknown user restrictions."

services/core/java/com/android/server/pm/UserManagerService.java

@@ -930,6 +930,7 @@ public class UserManagerService extends IUserManager.Stub {
     /** @return a specific user restriction that's in effect currently. */
     @Override
     public boolean hasUserRestriction(String restrictionKey, int userId) {
+        UserRestrictionsUtils.checkRestriction(restrictionKey);
         Bundle restrictions = getEffectiveUserRestrictions(userId);
         return restrictions != null && restrictions.getBoolean(restrictionKey);
     }
@@ -946,6 +947,7 @@ public class UserManagerService extends IUserManager.Stub {
     @Override
     public boolean hasBaseUserRestriction(String restrictionKey, int userId) {
         checkManageUsersPermission("hasBaseUserRestriction");
+        UserRestrictionsUtils.checkRestriction(restrictionKey);
         synchronized (mRestrictionsLock) {
             Bundle bundle = mBaseUserRestrictions.get(userId);
             return (bundle != null && bundle.getBoolean(restrictionKey, false));
@@ -955,6 +957,7 @@ public class UserManagerService extends IUserManager.Stub {
     @Override
     public void setUserRestriction(String key, boolean value, int userId) {
         checkManageUsersPermission("setUserRestriction");
+        UserRestrictionsUtils.checkRestriction(key);
         synchronized (mRestrictionsLock) {
             // Note we can't modify Bundles stored in mBaseUserRestrictions directly, so create
             // a copy.

services/core/java/com/android/server/pm/UserRestrictionsUtils.java

@@ -56,7 +56,15 @@ public class UserRestrictionsUtils {
     private UserRestrictionsUtils() {
     }
 
-    public static final Set<String> USER_RESTRICTIONS = Sets.newArraySet(
+    private static Set<String> newSetWithUniqueCheck(String[] strings) {
+        final Set<String> ret = Sets.newArraySet(strings);
+
+        // Make sure there's no overlap.
+        Preconditions.checkState(ret.size() == strings.length);
+        return ret;
+    }
+
+    public static final Set<String> USER_RESTRICTIONS = newSetWithUniqueCheck(new String[] {
             UserManager.DISALLOW_CONFIG_WIFI,
             UserManager.DISALLOW_MODIFY_ACCOUNTS,
             UserManager.DISALLOW_INSTALL_APPS,
@@ -94,7 +102,7 @@ public class UserRestrictionsUtils {
             UserManager.DISALLOW_RUN_IN_BACKGROUND,
             UserManager.DISALLOW_DATA_ROAMING,
             UserManager.DISALLOW_SET_USER_ICON
-    );
+    });
 
     /**
      * Set of user restriction which we don't want to persist.
@@ -140,6 +148,15 @@ public class UserRestrictionsUtils {
             UserManager.DISALLOW_UNMUTE_MICROPHONE
     );
 
+    /**
+     * Throws {@link IllegalArgumentException} if the given restriction name is invalid.
+     */
+    public static void checkRestriction(@NonNull String restriction) {
+        if (!USER_RESTRICTIONS.contains(restriction)) {
+            throw new IllegalArgumentException("Unknown restriction: " + restriction);
+        }
+    }
+
     public static void writeRestrictions(@NonNull XmlSerializer serializer,
             @Nullable Bundle restrictions, @NonNull String tag) throws IOException {
         if (restrictions == null) {

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

@@ -6793,6 +6793,8 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
     @Override
     public void setUserRestriction(ComponentName who, String key, boolean enabledFromThisOwner) {
         Preconditions.checkNotNull(who, "ComponentName is null");
+        UserRestrictionsUtils.checkRestriction(key);
+
         final int userHandle = mInjector.userHandleGetCallingUserId();
         synchronized (this) {
             ActiveAdmin activeAdmin =