1. This change converts the accessibility manager service to
maintain a state per user. When the user changes the services
for the user that is going away are disconnected, the local
accessibility managers in the processes for this user are
disabled, the state is swapped with the new user's one, and
the new user state is refreshed.
This change updates all calls into the system to use their
user specific versions when applicable. For example, regisetring
content observers, package monitors, calls into other system
services, etc.
There are some components that are shared across users such
as UI created by the system process and the SystemUI package.
Such components are managed as a global state shared across
all users and are updated accordingly on a user switch. Since
the SystemUI is running in a normal app process this change
adds hidden APIs on the local window manager to allow the
SystemUI to notify the accessibility layer that it will run
accross users.
Calls to AccessibiltyManager's isEnabled(), isTouchExplorationEnabled()
and sendAccessibilityEvent return false or a are a nop for a
background user sice he should not send accessibility events,
and should not perform touch exploration.
Update the internal accessibility tests due to changes in the
AccessibilityManager.
This change also fixes several issues that were encountered
such as calling out the accessibility manager service with a
lock held.
Removed some incorrect debugging code from the TouchExplorer
that was leading to a system crash.
bug:6967373
Change-Id: I2cf32ffdee1d827a8197ae4ce717dc0ff798b259
Keep track of user creation and last logged-in time.
adb shell dumpsys users
User switcher shouldn't show users about to be removed.
No need to check for singleton for activities.
Bug: 7194894
Change-Id: Ic9a59ea5bd544920479e191d1a1e8a77f8b6ddcf
New APIs let you indicate what user(s) to monitor, and tell you
what user is changing when receiving a callback.
Fix package manager to only deliver package brpadcasts to the
running users. (This isn't really a change in behavior, since
the activity manager would not deliver to stopped users anyway).
Make sure all broadcasts that package monitor receives also include
user information for it to use.
Update wallpaper service to (hopefully) now Really Correctly
monitor package changes per user.
Change-Id: Idd952dd274abcaeab452277d9160d1ae62919aa0
Content observers are registered under the calling user's identity,
not under the provider host's identity (unless the caller is using
the new permissioned entry points that allow observers to be
registered for a different user's view of the data). The most important
implication of this is that when the settings provider is directly
queried, the Cursor returned to the app is wired for change notifications
based on that calling app's user.
Note that it is not possible to use query() / insert() to read/write
data for different users. All such manipulations should use the
standard get* / put* methods in Settings.*.
Bug 7122169
Change-Id: If5d9ec44927e5e56e4e7635438f4ef48a5430986
... until we have a solid fix for the singleton ContentProvider
problem cases in place.
Bug 7190837
Change-Id: Ibbef2ddc594896ba7b9217e2856c3e393f525af6
This feature means that a device has at least one camera, facing in
some direction, so it matches devices that:
- Have just a back-facing camera
- Have just a front-facing camera
- Have both
In the future, it could also be used for devices that have a camera
that's neither front- or back-facing, such as a webcam or other
flexibly-pointed device.
Hidden for now.
Bug: 6847310
Change-Id: I51ea3b4db2020b0f056d77e10629a6b5f2daebe1
Add a USER_INFO_CHANGED intent for lockscreen and quicksettings to use
to monitor changes to the user name or icon.
Bug: 7164040
Change-Id: Id6fb8b6d38ce04ccd02bbadcf0c10699783d6c03
7173152 API REVIEW: android.content.pm.PackageUserState
7172969 API REVIEW: android.app.PendingIntent
7172730 API REVIEW: android.content.Context
7172726 API REVIEW: android.manifest.permission
Change-Id: Iad470256d3b5ca5596487f6a699ec1871457c3b5
Callers with INTERACT_ACROSS_USERS_FULL permission can now observe content
for a given user's view (and can notify content uri changes targeted to a
specific user). An observer watching for UserHandle.USER_ALL will see all
notifications for the given uri across all users; similarly, a notifier
who specifies USER_ALL will broadcast the change to all observers across
all users.
The API handles both USER_ALL or USER_CURRENT, and explicitly forbids
any other "pseudouser" designations.
This CL also revs the Settings provider to notify with USER_ALL for
changes to global settings, and with only the affected user's handle
for all other changes.
Bug 7122169
Change-Id: I94248b11aa91d1beb0a36432e82fe5725bb1264f
- New "cost money" flag can be put on a permission to
have this emphasized in the UI.
- Some further re-organization of permissions to better
match UX spec.
Change-Id: I450ac739eff6b90e7c7fc39589d68db82b61f897
- New public APIs to find out when a user goes to the foreground,
background, and is first initializing.
- New activity manager callback to be involved in the user switch
process, allowing other services to let it know when it is safe
to stop freezing the screen.
- Wallpaper service now implements this to handle its user switch,
telling the activity manager when it is done. (Currently this is
only handling the old wallpaper going away, we need a little more
work to correctly wait for the new wallpaper to get added.)
- Lock screen now implements the callback to do its user switch. It
also now locks itself when this happens, instead of relying on
some other entity making sure it is locked.
- Pre-boot broadcasts now go to all users.
- WallpaperManager now has an API to find out if a named wallpaper is
in use by any users.
Change-Id: I27877aef1d82126c0a1428c3d1861619ee5f8653
For multi-user devices, switch to storing policy per-user instead of
per-app. Also watch for user added/removed broadcasts to clean up
policies and apply global restrictions.
Bug: 7121279
Change-Id: Ia7326bd0ebe0586fa4ec6d3a62f6313dc8814007
Send package name, version code and the uid of the application requesting the
install to package verifiers.
Bug: 7164155
Change-Id: I2464dc5d4551f60b4f38f7982495a8920c83e1cd
When building external storage paths, always include user in path
to enable cross-user paths and aid debugging.
Each Zygote process continues to only have access to the appropriate
user-specific emulated storage through bind mounts. A second set of
mounts continue supporting legacy /sdcard-style paths. For example,
a process running as owner has these mount points:
/storage/emulated_legacy
/storage/emulated_legacy/Android/obb
/storage/emulated/0
/storage/emulated/obb
Since Environment is created before Zygote forks, we need to update
its internal paths after each process launches.
Bug: 7131382
Change-Id: I6f8c6971f2a8edfb415c14cb4ed05ff97e587a21
- New (hidden) isUserRunning() API.
- Maintain LRU list of visited users.
- New FLAG_IS_DATA_ONLY for ApplicationInfo.
- Clean up pending intent records when force-stopping a user (or package).
(Also fixes bug #6880627: PendingIntent.getService() returns stale
intent of force stopped app)
- Fix force-stopping when installing an app to do the force-stop across
all users for that app.
- When selecting which processes to kill during a force stop, do this
based on the actual packages loaded in the process, not just process
name matching.
- You can now use --user option in am when starting activities, services,
and instrumentation.
- The am --user option accepts "current" and "all" as arguments.
- The pm uninstall command now uninstalls for all users, so it matches
the semantics of the install command.
- PhoneWindowManager now explicitly says to start home in the current
user.
- Activity manager call to retrieve the MIME type from a content provider
now takes a user argument, so it will direct this to the proper user.
- The package manager uninstall paths are now implemented around
PackageSetting, not PackageParser.Package. This allows them to work
even if the application's apk has been removed (in which case it only
exists as a PackageSetting, not the PackageParser.Package parsed from
the apk).
Change-Id: I3522f6fcf32603090bd6e01cc90ce70b6c5aae40
Bug #7117785
Draawables created from the ConstantState cache found in Resources must be
mutated before they can be safely modified by apps. Failure to do so results
in all drawables sharing the same constant state to be affected by the
modification.
In the case of the bugreport above, the status bar code plays tricks with
a background drawable and modifies its color to implement a fade in/out
effect. This drawable comes from a cached resource (color 0x0) and the
modifications made by the status bar apply to other clients of this drawable,
most notably the recents panel.
This change fixes several things:
- Simplifies colors caching by removing the assetCookie from the key. This
should result in better reuse of cached drawables
- Makes View.setBackgroundColor() honor the mutate() contract
- Ensure StateListDrawable properly mutates its children before modifying
them
- Optimize Bitmap/ColorDrawable to mark them mutated when they are not
created from an existing ConstantSate. The same optimization should be
applied to other drawables in the future
Change-Id: I54adb5d5b914c7d8930bf9b46f7e3f9dcbf4bcab
- we cannot use "rtl" / "ltr" qualifiers as they can conflict with ISO-639 Alpha-3
codespace which uses 3 letters for identifying a language code (and could use either
"rtl" or "ltr" strings for defining a language in the future).
- we are using instead "ldrtl" for RTL and "ldltr" for LTR resources. Those qualifiers
are defined by more than 3 chars and outside of what is defined into ISO-639. They
are also more understandable as "ld" prefix is for "layoutdirection"
Change-Id: Id43e948103707e09bef63ebd54ac1779dde58e72
New API to register as an explicit user, which allows you to
also select ALL to see broadcasts for all users.
New BroadcastReceiver API to find out which user the broadcast
was sent to.
Use this in app widget service to handle per-user package broadcasts
and boot completed broadcasts correctly.
Change-Id: Ibbe28993bd4aa93900c79e412026c27863019eb8
This will make the default value of the automatic synchronization
in the SyncStorageEngine configurable with overlays for use by
vendors who want or have legal requirements to have the synchronization
off by default.
Change-Id: Iabdb355c4a1169fe8e254e91c43e162c5913d5e0
This patch introduces the ability to create a Context that
is bound to a Display. The context gets its configuration and
metrics from that display and is able to provide a WindowManager
that is bound to the display.
To make it easier to use, we also add a new kind of Dialog
called a Presentation. Presentation takes care of setting
up the context as needed and watches for significant changes
in the display configuration. If the display is removed,
then the presentation simply dismisses itself.
Change-Id: Idc54b4ec84b1ff91505cfb78910cf8cd09696d7d
Replaced all remaining places that used it with explicit user
specification.
While doing this, I ran into stuff that was creating PendingIntent
objects (that now need to specify the explicit user they are for),
which are also posting notifications... but have no way to specify
the user for the notification.
So the notification manager in the system process now also gets a
formal concept of a user associated with the notification, which
is passed in to all the necessary aidl calls. I also removed the
old deprecated aidl interface for posting/cancelling notifications,
since we now always need a user supplied.
There is more work that needs to be done here, though. For example
I think we need to be able to specify USER_ALL for a notification that
should be shown to all users (such as low storage or low battery).
Along with that, the PendingIntent creation needs to be tweaked to
be able to handle USER_CURRENT by evaluating the user at the point the
pending intent is sent.
That's for another change, however.
Change-Id: I468e14dce8def0e13e0870571e7c31ed32b6310c
Send the Intent.ACTION_PACKAGE_VERIFIED to all verifiers when
verification is complete (either one verifier verified the package or a
timeout occurred). Details of what occurred is in a new extra,
PackageManager.EXTRA_VERIFICATION_RESULT.
Bug: 7048930
Change-Id: I4f9855a29b0eb6d77f469891402c69e2e8922945
You can now use ALL and CURRENT when sending broadcasts, to specify
where the broadcast goes.
Sticky broadcasts are now correctly separated per user, and registered
receivers are filtered based on the requested target user.
New Context APIs for more kinds of sending broadcasts as users.
Updating a bunch of system code that sends broadcasts to explicitly
specify which user the broadcast goes to.
Made a single version of the code for interpreting the requested
target user ID that all entries to activity manager (start activity,
send broadcast, start service) use.
Change-Id: Ie29f02dd5242ef8c8fa56c54593a315cd2574e1c
The activity manager now keeps track of which users are running.
Initially, only user 0 is running.
When you switch to another user, that user is started so it is
running. It is only at this point that BOOT_COMPLETED is sent
for that user and it is allowed to execute anything.
You can stop any user except user 0, which brings it back to the
same state as when you first boot the device. This is also used
to be able to more cleaning delete a user, by first stopping it
before removing its data.
There is a new broadcast ACTION_USER_STOPPED sent when a user is
stopped; system services need to handle this like they currently
handle ACTION_PACKAGE_RESTARTED when individual packages are
restarted.
Change-Id: I89adbd7cbaf4a0bb72ea201385f93477f40a4119
Ensure that only applications with
android.Manifest.permission.PACKAGE_VERIFICATION_AGENT can call application
verification APIs, like PackageManager.verifyPendingInstall and
PackageManager.extendVerificationTimeout
Bug: 7049083
Change-Id: I5fc28b37e864d67cd319a1ed9d03a90dd15ad052
UserManagerService is now closely tied to PackageManagerService,
sharing the same locks. There is no longer direct access of
Installer by UserManagerService, instead the package manager is
back to solely owning it.
Creating a new user now correctly only installs system apps for
that user.
Fixed some misc bugs, where we were getting nulls when
querying content providers and instrumentation in uninstalled
users, incorrect locking, etc.
Change-Id: Ife69b6e373d0cf7c5cfc03fc588e36b43ad5d8b0
