Add a per-user job to prune any usage stats data which belongs to a
recently removed package. This job will be scheduled when a package is
removed and it will be executed when the device is considered to be
idle. The jobs are persisted by job scheduler and they are also removed
when a user is removed since all usage stats data is deleted on user
removal.
When executed, the job reads all of the stats on disk and removes those
that belong to removed packages (packages which don't have a token
mapping). If no data is ommitted on read, a write is not performed. If
the user is in a locked state when the job is executed, the job will
keep getting rescheduled until a sucessful pruning of the data.
Additionally, add logic to prune any obsolete usage stats data on a
database upgrade, pruning all data belonging to packages which have
been uninstalled. This ensures that all data in UsageStats in R belongs
to packages that are currently installed or to packages whose
DONT_DELETE_DATA flag was set when uninstalling.
Also remove the clean-up mappings step on boot. That was added as a
safety measure to ensure the mappings file is always updated. However,
with the logic to prune on upgrade and on package uninstalls, that step
is now unnecessary.
This CL also refactors how the UserUsageStatsService is fetched and
initialized within UsageStatsService. This is to ensure there is no lock
contention when the user service is initialized and it also makes way
for other refactorings in the future related to the user service
initialization.
Bug: 143889121
Test: atest UsageStatsDatabaseTest
Test: atest android.app.usage.cts.UsageStatsTest
Change-Id: If475fc018a930d0956b85a64b4e34e2c75b2476f
Currently, uninstalling APEXs checks whether the userId is equal
to UserHandle.USER_ALL, but recent changes mean that this will
never be the case. Instead, pass the uninstall flags to
uninstallApex() and only uninstall if the DELETE_ALL_USERS flag
has been set.
Test: atest RollbackManagerHostTest
Bug: 145341792
Bug: 145313329
Change-Id: Iff02ae6d2aa6de2c824220f0248efb41d6190978
In the new COPE mode, some user restrictions should be applied globally
when called by the Work Profile PO. This CL introduces a new @IntDef int
parameter, called admin, which can be either DEVICE_OWNER, PROFILE_OWNER or
PROFILE_OWNER_ORG_OWNED_DEVICE.
If admin is PROFILE_OWNER_ORG_OWNER_DEVICE then specific user restrictions
will be added to the global bundle instead of the local bundle.
This CL also removes the parameter cameraRestrictionScope and isDeviceOwner.
Bug: 138709470
Test: UserRestrictionsUtilsTest
DevicePolicyManagerTest
UserRestrictionsTest
Change-Id: Iaa0abbac47708d2d54bcf6c3df582414dff5a6c3
This reverts commit 73266f2f64.
Reason for revert: Wifi services no longer plan to be a separate
APK/process for mainline. Will instead become a jar loaded from Apex.
Bug: 144722612
Test: Device boots up & connects to wifi networks.
Change-Id: I234510b96ddd39f64f74eb0573963365f9ff5556
Prior to this change, we were resolving the mime type of a given intent
while holding the package lock. With this change, we instead rely on the
preferred-activity declaration to define the mime type if it's
important, removing need for an activity manager service call and the
potential for deadlock.
Bug: 143105100
Test: Manual; sideload to /system/etc/preferred-apps/ and reset app preferences
Change-Id: Ie0b124216b49a1147bd5c2e82cf8c7cadb3f08ac
Add a job to prune any usage stats data that exists on disk belonging
to uninstalled packages. This job will be scheduled every time there
is a package removal, appending to the work of any previous pending
jobs. Jobs for each user will be executed when the device is idle.
Bug: 143889121
Test: atest UsageStatsDatabaseTest#testPackageDataIsRemoved
Change-Id: Iee00917a940930271ca40367ca24992cde018616
Introduces the notion of 'user types' to UserManager.
Previously, users only had properties, set by UserInfo flags. We now
solidify some of these as formal user types. Each user must be of
precisely one user type. The configuration of each type is defined
in a UserTypeDetails object.
Prior 'types' - namely Guest, Restricted, ManagedProfiles, Demo, and
'normal' - that were set via UserInfo flags are now controlled via
UserType. Previous UserInfo flag methods for categorizing these are
still supported as long as no user of of more than one type.
If a user was (e.g.) previously both Guest and Demo, it is now
invalid and will be prevented from upgrading. This should not be a
problem in AOSP, where these 'types' were assumed mutually exclusive.
UserTypeDetails is sufficiently general to support future non-managed
profiles. To this end, the logic for specifying badges and their
colors/labels is contained by UserTypeDetails, and therefore
UserManager is responsible for delivering the corresponding badge
information.
Bug: 142151520
Test: added new test class UserManagerServiceUserTypeTest
Test: added additional tests in UserManagerServiceUserInfoTest
Test: added additional tests in UserManagerTest
Test: added additional tests in UserManagerServiceCreateProfileTest
Test: created UserTests to run the various pm.User*Test's
Test: atest \
com.android.server.pm.UserTests \
UserLifecycleTests \
ManagedUserContentResolverTest \
CtsDevicePolicyManagerTestCases \
CtsMultiUserHostTestCases \
com.android.server.devicepolicy.DevicePolicyManagerTest \
com.android.server.am.UserControllerTest \
CreateManagedProfileTaskTest
Test: atest com.android.server.pm.UserManagerServiceCreateProfileTest
using adb shell getprop persist.sys.max_profiles # for 5 and -1
Change-Id: Id1183a76055e9a7610965cf40b256d1392afe6f8
UsageStatsManagerInternal is also no longer an API surface for
registration of app idle state change listeners. AppStandbyInternal has
become a proper LocalService and interested clients can just use that
directly.
Bug: 140833849
Test: boot & run normally
Test: verify system package backup
Change-Id: Ie63f438f129cd8f41169778a3045d131ca7322fb
Because SettingsProvider needs to call through the IUserManager
interface there is now a method to provide restricted-access information
via that route. It has the same protection as the implicit local
service call surface that was previously used: only system-uid callers
can invoke it.
Bug: 140833849
Test: system boots & runs normally
Change-Id: I05823ca57240ab10feb382c45590541212e406c1
Wifi mainline module needs some permissions which are currently only
granted to signature components. Since mainline modules are not going to
be signed with OEM's signature, we need a new protection level to grant
some of these permissions to the wifi mainline APK.
Bug: 142234604
Test: Verified that wifi can get INTERACT_ACROSS_USERS_FULL permission
Change-Id: I26b0edff62497b5e08c2f2f504b0cd5f950682ad
for oems which take telephony mainline module, all telephony related
apks will be signed with non-platform certificate. that said apks won't
be able to grant platform signature permission. Solution is to add a new
telephony protection level.
Bug: 141479803
Test: cts & manual
Change-Id: Ib3be016080d42fd76e7c131f4e44d815ce431e6e
The one messy internal caller is the settings provider, so a new @hide
API on PackageManager was introduced to decouple the provider from
LocalServices. That new entry point is only callable by uid 1000,
paralleling the previous system-caller-only availability.
Bug: 140833849
Test: system boots & runs normally
Change-Id: I93ae38b8f55db7864893a97795aea63014bf5e12
