Factor some RestrictedLockUtils out of SettingLib
Also make the new lib only use system-apis.
This allows mainline module to use the new
RestrictedLockUtilsSettingLib.
Unfortunately the whole RestrictedLockUtils would have caused to much
new system-api. Hence it was split into RestrictedLockUtils and
RestrictedLockUtilsInternal. This caused a lot of trivial code changes.
Bug: 110953302
Test: Built
Change-Id: I693b3bf56f3be71f0790776e3aad5694717786ef
diff --git a/api/system-current.txt b/api/system-current.txt
index 4b8276d..1d5f586 100644
--- a/api/system-current.txt
+++ b/api/system-current.txt
@@ -515,9 +515,11 @@
method public android.content.ComponentName getDeviceOwnerComponentOnAnyUser();
method public java.lang.String getDeviceOwnerNameOnAnyUser();
method public java.lang.CharSequence getDeviceOwnerOrganizationName();
+ method public int getDeviceOwnerUserId();
method public java.util.List<java.lang.String> getPermittedAccessibilityServices(int);
method public java.util.List<java.lang.String> getPermittedInputMethodsForCurrentUser();
method public android.content.ComponentName getProfileOwner() throws java.lang.IllegalArgumentException;
+ method public android.content.ComponentName getProfileOwnerAsUser(int);
method public java.lang.String getProfileOwnerNameAsUser(int) throws java.lang.IllegalArgumentException;
method public int getUserProvisioningState();
method public boolean isDeviceManaged();
@@ -539,6 +541,7 @@
field public static final java.lang.String EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_LABEL = "android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_LABEL";
field public static final java.lang.String EXTRA_PROVISIONING_ORGANIZATION_NAME = "android.app.extra.PROVISIONING_ORGANIZATION_NAME";
field public static final java.lang.String EXTRA_PROVISIONING_SUPPORT_URL = "android.app.extra.PROVISIONING_SUPPORT_URL";
+ field public static final java.lang.String EXTRA_RESTRICTION = "android.app.extra.RESTRICTION";
field public static final int STATE_USER_PROFILE_COMPLETE = 4; // 0x4
field public static final int STATE_USER_SETUP_COMPLETE = 2; // 0x2
field public static final int STATE_USER_SETUP_FINALIZED = 3; // 0x3
@@ -933,6 +936,7 @@
method public abstract void sendBroadcast(android.content.Intent, java.lang.String, android.os.Bundle);
method public abstract void sendBroadcastAsUser(android.content.Intent, android.os.UserHandle, java.lang.String, android.os.Bundle);
method public abstract void sendOrderedBroadcast(android.content.Intent, java.lang.String, android.os.Bundle, android.content.BroadcastReceiver, android.os.Handler, int, java.lang.String, android.os.Bundle);
+ method public void startActivityAsUser(android.content.Intent, android.os.UserHandle);
field public static final java.lang.String BACKUP_SERVICE = "backup";
field public static final java.lang.String CONTEXTHUB_SERVICE = "contexthub";
field public static final java.lang.String EUICC_CARD_SERVICE = "euicc_card";
@@ -998,6 +1002,7 @@
field public static final java.lang.String EXTRA_REMOTE_CALLBACK = "android.intent.extra.REMOTE_CALLBACK";
field public static final java.lang.String EXTRA_RESULT_NEEDED = "android.intent.extra.RESULT_NEEDED";
field public static final java.lang.String EXTRA_UNKNOWN_INSTANT_APP = "android.intent.extra.UNKNOWN_INSTANT_APP";
+ field public static final java.lang.String EXTRA_USER_ID = "android.intent.extra.USER_ID";
field public static final java.lang.String EXTRA_VERIFICATION_BUNDLE = "android.intent.extra.VERIFICATION_BUNDLE";
}
@@ -4095,10 +4100,12 @@
method public boolean isSystem();
method public static int myUserId();
method public static android.os.UserHandle of(int);
+ field public static final int USER_NULL = -10000; // 0xffffd8f0
}
public class UserManager {
method public void clearSeedAccountData();
+ method public int[] getProfileIds(int, boolean);
method public java.lang.String getSeedAccountName();
method public android.os.PersistableBundle getSeedAccountOptions();
method public java.lang.String getSeedAccountType();
@@ -4372,6 +4379,7 @@
public final class Settings {
field public static final java.lang.String ACTION_ENTERPRISE_PRIVACY_SETTINGS = "android.settings.ENTERPRISE_PRIVACY_SETTINGS";
+ field public static final java.lang.String ACTION_SHOW_ADMIN_SUPPORT_DETAILS = "android.settings.SHOW_ADMIN_SUPPORT_DETAILS";
}
public static final class Settings.Global extends android.provider.Settings.NameValueTable {
diff --git a/config/hiddenapi-light-greylist.txt b/config/hiddenapi-light-greylist.txt
index 045814a..a4f13a0 100644
--- a/config/hiddenapi-light-greylist.txt
+++ b/config/hiddenapi-light-greylist.txt
@@ -1018,7 +1018,6 @@
Landroid/os/UserHandle;->USER_ALL:I
Landroid/os/UserHandle;->USER_CURRENT:I
Landroid/os/UserHandle;->USER_CURRENT_OR_SELF:I
-Landroid/os/UserHandle;->USER_NULL:I
Landroid/os/UserHandle;->USER_OWNER:I
Landroid/os/UserHandle;->USER_SERIAL_SYSTEM:I
Landroid/os/UserHandle;->USER_SYSTEM:I
diff --git a/core/java/android/app/Activity.java b/core/java/android/app/Activity.java
index 8d5b96b..2d9a7d2 100644
--- a/core/java/android/app/Activity.java
+++ b/core/java/android/app/Activity.java
@@ -4744,7 +4744,7 @@
/**
* @hide Implement to provide correct calling token.
*/
- @UnsupportedAppUsage
+ @Override
public void startActivityAsUser(Intent intent, UserHandle user) {
startActivityAsUser(intent, null, user);
}
diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java
index 7ef9b54..d1ecf1e 100644
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -1205,7 +1205,7 @@
* @see #createAdminSupportIntent(String)
* @hide
*/
- @TestApi
+ @TestApi @SystemApi
public static final String EXTRA_RESTRICTION = "android.app.extra.RESTRICTION";
/**
@@ -5142,10 +5142,10 @@
* @return ID of the user who runs device owner, or {@link UserHandle#USER_NULL} if there's
* no device owner.
*
- * <p>Requires the MANAGE_USERS permission.
- *
* @hide
*/
+ @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
+ @SystemApi
public int getDeviceOwnerUserId() {
if (mService != null) {
try {
@@ -5565,12 +5565,13 @@
* @see #getProfileOwner()
* @hide
*/
- @UnsupportedAppUsage
- public @Nullable ComponentName getProfileOwnerAsUser(final int userId)
- throws IllegalArgumentException {
+ @RequiresPermission(value = android.Manifest.permission.INTERACT_ACROSS_USERS,
+ conditional = true)
+ @SystemApi
+ public @Nullable ComponentName getProfileOwnerAsUser(final int userId) {
if (mService != null) {
try {
- return mService.getProfileOwner(userId);
+ return mService.getProfileOwnerAsUser(userId);
} catch (RemoteException re) {
throw re.rethrowFromSystemServer();
}
diff --git a/core/java/android/app/admin/IDevicePolicyManager.aidl b/core/java/android/app/admin/IDevicePolicyManager.aidl
index c95bc5b..6a5f3de 100644
--- a/core/java/android/app/admin/IDevicePolicyManager.aidl
+++ b/core/java/android/app/admin/IDevicePolicyManager.aidl
@@ -145,6 +145,7 @@
int getDeviceOwnerUserId();
boolean setProfileOwner(in ComponentName who, String ownerName, int userHandle);
+ ComponentName getProfileOwnerAsUser(int userHandle);
ComponentName getProfileOwner(int userHandle);
String getProfileOwnerName(int userHandle);
void setProfileEnabled(in ComponentName who);
diff --git a/core/java/android/content/Context.java b/core/java/android/content/Context.java
index a352e84..e3b0d21 100644
--- a/core/java/android/content/Context.java
+++ b/core/java/android/content/Context.java
@@ -1701,7 +1701,7 @@
* @hide
*/
@RequiresPermission(android.Manifest.permission.INTERACT_ACROSS_USERS_FULL)
- @UnsupportedAppUsage
+ @SystemApi
public void startActivityAsUser(@RequiresPermission Intent intent, UserHandle user) {
throw new RuntimeException("Not implemented. Must override in a subclass.");
}
diff --git a/core/java/android/content/ContextWrapper.java b/core/java/android/content/ContextWrapper.java
index 1cc398e..c5dce017 100644
--- a/core/java/android/content/ContextWrapper.java
+++ b/core/java/android/content/ContextWrapper.java
@@ -385,7 +385,6 @@
/** @hide */
@Override
- @UnsupportedAppUsage
public void startActivityAsUser(Intent intent, UserHandle user) {
mBase.startActivityAsUser(intent, user);
}
diff --git a/core/java/android/content/Intent.java b/core/java/android/content/Intent.java
index 8c2b76f..3c8d9d03 100644
--- a/core/java/android/content/Intent.java
+++ b/core/java/android/content/Intent.java
@@ -4440,6 +4440,7 @@
*
* @hide
*/
+ @SystemApi
public static final String EXTRA_USER_ID = "android.intent.extra.USER_ID";
/**
diff --git a/core/java/android/os/UserHandle.java b/core/java/android/os/UserHandle.java
index 66ebbdb..995156a 100644
--- a/core/java/android/os/UserHandle.java
+++ b/core/java/android/os/UserHandle.java
@@ -57,6 +57,7 @@
public static final UserHandle CURRENT_OR_SELF = new UserHandle(USER_CURRENT_OR_SELF);
/** @hide An undefined user id */
+ @SystemApi
public static final @UserIdInt int USER_NULL = -10000;
/**
diff --git a/core/java/android/os/UserManager.java b/core/java/android/os/UserManager.java
index 7a214b1..b0891050 100644
--- a/core/java/android/os/UserManager.java
+++ b/core/java/android/os/UserManager.java
@@ -2343,7 +2343,10 @@
*
* @hide
*/
- public int[] getProfileIds(@UserIdInt int userId, boolean enabledOnly) {
+ @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
+ Manifest.permission.CREATE_USERS}, conditional = true)
+ @SystemApi
+ public @NonNull int[] getProfileIds(@UserIdInt int userId, boolean enabledOnly) {
try {
return mService.getProfileIds(userId, enabledOnly);
} catch (RemoteException re) {
diff --git a/core/java/android/provider/Settings.java b/core/java/android/provider/Settings.java
index 7df42eb..a1cc67d 100644
--- a/core/java/android/provider/Settings.java
+++ b/core/java/android/provider/Settings.java
@@ -1469,6 +1469,7 @@
*
* @hide
*/
+ @SystemApi
@SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION)
public static final String ACTION_SHOW_ADMIN_SUPPORT_DETAILS
= "android.settings.SHOW_ADMIN_SUPPORT_DETAILS";
diff --git a/packages/SettingsLib/Android.bp b/packages/SettingsLib/Android.bp
index 57767e9..943dd84 100644
--- a/packages/SettingsLib/Android.bp
+++ b/packages/SettingsLib/Android.bp
@@ -13,6 +13,7 @@
static_libs: [
"SettingsLibHelpUtils",
+ "SettingsLibRestrictedLockUtils",
],
// ANDROIDMK TRANSLATION ERROR: unsupported assignment to LOCAL_SHARED_JAVA_LIBRARIES
diff --git a/packages/SettingsLib/RestrictedLockUtils/Android.bp b/packages/SettingsLib/RestrictedLockUtils/Android.bp
new file mode 100644
index 0000000..d4c9794
--- /dev/null
+++ b/packages/SettingsLib/RestrictedLockUtils/Android.bp
@@ -0,0 +1,12 @@
+android_library {
+ name: "SettingsLibRestrictedLockUtils",
+
+ srcs: ["src/**/*.java"],
+
+ libs: [
+ "androidx.annotation_annotation",
+ ],
+
+ sdk_version: "system_current",
+ min_sdk_version: "21",
+}
\ No newline at end of file
diff --git a/packages/SettingsLib/RestrictedLockUtils/AndroidManifest.xml b/packages/SettingsLib/RestrictedLockUtils/AndroidManifest.xml
new file mode 100644
index 0000000..d7b323a
--- /dev/null
+++ b/packages/SettingsLib/RestrictedLockUtils/AndroidManifest.xml
@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+ Copyright (C) 2018 The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+ package="com.android.settingslib.restrictedlockutils">
+
+ <uses-sdk android:minSdkVersion="21" />
+
+</manifest>
\ No newline at end of file
diff --git a/packages/SettingsLib/RestrictedLockUtils/src/com/android/settingslib/RestrictedLockUtils.java b/packages/SettingsLib/RestrictedLockUtils/src/com/android/settingslib/RestrictedLockUtils.java
new file mode 100644
index 0000000..738181d
--- /dev/null
+++ b/packages/SettingsLib/RestrictedLockUtils/src/com/android/settingslib/RestrictedLockUtils.java
@@ -0,0 +1,171 @@
+/*
+ * Copyright (C) 2018 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.settingslib;
+
+import android.app.admin.DevicePolicyManager;
+import android.content.ComponentName;
+import android.content.Context;
+import android.content.Intent;
+import android.os.UserHandle;
+import android.os.UserManager;
+import android.provider.Settings;
+
+import androidx.annotation.Nullable;
+
+import java.util.Objects;
+
+/**
+ * Utility class to host methods usable in adding a restricted padlock icon and showing admin
+ * support message dialog.
+ */
+public class RestrictedLockUtils {
+ public static EnforcedAdmin getProfileOrDeviceOwner(Context context, int userId) {
+ return getProfileOrDeviceOwner(context, null, userId);
+ }
+
+ public static EnforcedAdmin getProfileOrDeviceOwner(
+ Context context, String enforcedRestriction, int userId) {
+ if (userId == UserHandle.USER_NULL) {
+ return null;
+ }
+ final DevicePolicyManager dpm = (DevicePolicyManager) context.getSystemService(
+ Context.DEVICE_POLICY_SERVICE);
+ if (dpm == null) {
+ return null;
+ }
+ ComponentName adminComponent = dpm.getProfileOwnerAsUser(userId);
+ if (adminComponent != null) {
+ return new EnforcedAdmin(adminComponent, enforcedRestriction, userId);
+ }
+ if (dpm.getDeviceOwnerUserId() == userId) {
+ adminComponent = dpm.getDeviceOwnerComponentOnAnyUser();
+ if (adminComponent != null) {
+ return new EnforcedAdmin(adminComponent, enforcedRestriction, userId);
+ }
+ }
+ return null;
+ }
+
+ /**
+ * Send the intent to trigger the {@code android.settings.ShowAdminSupportDetailsDialog}.
+ */
+ public static void sendShowAdminSupportDetailsIntent(Context context, EnforcedAdmin admin) {
+ final Intent intent = getShowAdminSupportDetailsIntent(context, admin);
+ int targetUserId = UserHandle.myUserId();
+ if (admin != null && admin.userId != UserHandle.USER_NULL
+ && isCurrentUserOrProfile(context, admin.userId)) {
+ targetUserId = admin.userId;
+ }
+ intent.putExtra(DevicePolicyManager.EXTRA_RESTRICTION, admin.enforcedRestriction);
+ context.startActivityAsUser(intent, UserHandle.of(targetUserId));
+ }
+
+ public static Intent getShowAdminSupportDetailsIntent(Context context, EnforcedAdmin admin) {
+ final Intent intent = new Intent(Settings.ACTION_SHOW_ADMIN_SUPPORT_DETAILS);
+ if (admin != null) {
+ if (admin.component != null) {
+ intent.putExtra(DevicePolicyManager.EXTRA_DEVICE_ADMIN, admin.component);
+ }
+ int adminUserId = UserHandle.myUserId();
+ if (admin.userId != UserHandle.USER_NULL) {
+ adminUserId = admin.userId;
+ }
+ intent.putExtra(Intent.EXTRA_USER_ID, adminUserId);
+ }
+ return intent;
+ }
+
+ public static boolean isCurrentUserOrProfile(Context context, int userId) {
+ UserManager um = context.getSystemService(UserManager.class);
+ int[] userIds = um.getProfileIds(UserHandle.myUserId(), true);
+ for (int i = 0; i < userIds.length; i++) {
+ if (userIds[i] == userId) {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ public static class EnforcedAdmin {
+ @Nullable
+ public ComponentName component = null;
+ /**
+ * The restriction enforced by admin. It could be any user restriction or policy like
+ * {@link DevicePolicyManager#POLICY_DISABLE_CAMERA}.
+ */
+ @Nullable
+ public String enforcedRestriction = null;
+ public int userId = UserHandle.USER_NULL;
+
+ // We use this to represent the case where a policy is enforced by multiple admins.
+ public final static EnforcedAdmin MULTIPLE_ENFORCED_ADMIN = new EnforcedAdmin();
+
+ public static EnforcedAdmin createDefaultEnforcedAdminWithRestriction(
+ String enforcedRestriction) {
+ EnforcedAdmin enforcedAdmin = new EnforcedAdmin();
+ enforcedAdmin.enforcedRestriction = enforcedRestriction;
+ return enforcedAdmin;
+ }
+
+ public EnforcedAdmin(ComponentName component, int userId) {
+ this.component = component;
+ this.userId = userId;
+ }
+
+ public EnforcedAdmin(ComponentName component, String enforcedRestriction, int userId) {
+ this.component = component;
+ this.enforcedRestriction = enforcedRestriction;
+ this.userId = userId;
+ }
+
+ public EnforcedAdmin(EnforcedAdmin other) {
+ if (other == null) {
+ throw new IllegalArgumentException();
+ }
+ this.component = other.component;
+ this.enforcedRestriction = other.enforcedRestriction;
+ this.userId = other.userId;
+ }
+
+ public EnforcedAdmin() {
+ }
+
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) return true;
+ if (o == null || getClass() != o.getClass()) return false;
+ EnforcedAdmin that = (EnforcedAdmin) o;
+ return userId == that.userId &&
+ Objects.equals(component, that.component) &&
+ Objects.equals(enforcedRestriction, that.enforcedRestriction);
+ }
+
+ @Override
+ public int hashCode() {
+ return Objects.hash(component, enforcedRestriction, userId);
+ }
+
+ @Override
+ public String toString() {
+ return "EnforcedAdmin{" +
+ "component=" + component +
+ ", enforcedRestriction='" + enforcedRestriction +
+ ", userId=" + userId +
+ '}';
+ }
+ }
+}
diff --git a/packages/SettingsLib/src/com/android/settingslib/RestrictedLockImageSpan.java b/packages/SettingsLib/src/com/android/settingslib/RestrictedLockImageSpan.java
index 360a34c..787f27e 100644
--- a/packages/SettingsLib/src/com/android/settingslib/RestrictedLockImageSpan.java
+++ b/packages/SettingsLib/src/com/android/settingslib/RestrictedLockImageSpan.java
@@ -37,7 +37,7 @@
mContext = context;
mExtraPadding = mContext.getResources().getDimensionPixelSize(
R.dimen.restricted_icon_padding);
- mRestrictedPadlock = RestrictedLockUtils.getRestrictedPadlock(mContext);
+ mRestrictedPadlock = RestrictedLockUtilsInternal.getRestrictedPadlock(mContext);
}
@Override
diff --git a/packages/SettingsLib/src/com/android/settingslib/RestrictedLockUtils.java b/packages/SettingsLib/src/com/android/settingslib/RestrictedLockUtilsInternal.java
similarity index 84%
rename from packages/SettingsLib/src/com/android/settingslib/RestrictedLockUtils.java
rename to packages/SettingsLib/src/com/android/settingslib/RestrictedLockUtilsInternal.java
index bd54edd..0094c2c 100644
--- a/packages/SettingsLib/src/com/android/settingslib/RestrictedLockUtils.java
+++ b/packages/SettingsLib/src/com/android/settingslib/RestrictedLockUtilsInternal.java
@@ -26,7 +26,6 @@
import android.app.admin.DevicePolicyManager;
import android.content.ComponentName;
import android.content.Context;
-import android.content.Intent;
import android.content.pm.IPackageManager;
import android.content.pm.PackageManager;
import android.content.pm.UserInfo;
@@ -34,7 +33,6 @@
import android.os.RemoteException;
import android.os.UserHandle;
import android.os.UserManager;
-import android.provider.Settings;
import android.text.SpannableStringBuilder;
import android.text.Spanned;
import android.text.style.ForegroundColorSpan;
@@ -47,13 +45,12 @@
import com.android.internal.widget.LockPatternUtils;
import java.util.List;
-import java.util.Objects;
/**
* Utility class to host methods usable in adding a restricted padlock icon and showing admin
* support message dialog.
*/
-public class RestrictedLockUtils {
+public class RestrictedLockUtilsInternal extends RestrictedLockUtils {
/**
* @return drawables for displaying with settings that are locked by a device admin.
*/
@@ -518,33 +515,6 @@
return enforcedAdmin;
}
- public static EnforcedAdmin getProfileOrDeviceOwner(Context context, int userId) {
- return getProfileOrDeviceOwner(context, null, userId);
- }
-
- public static EnforcedAdmin getProfileOrDeviceOwner(
- Context context, String enforcedRestriction, int userId) {
- if (userId == UserHandle.USER_NULL) {
- return null;
- }
- final DevicePolicyManager dpm = (DevicePolicyManager) context.getSystemService(
- Context.DEVICE_POLICY_SERVICE);
- if (dpm == null) {
- return null;
- }
- ComponentName adminComponent = dpm.getProfileOwnerAsUser(userId);
- if (adminComponent != null) {
- return new EnforcedAdmin(adminComponent, enforcedRestriction, userId);
- }
- if (dpm.getDeviceOwnerUserId() == userId) {
- adminComponent = dpm.getDeviceOwnerComponentOnAnyUser();
- if (adminComponent != null) {
- return new EnforcedAdmin(adminComponent, enforcedRestriction, userId);
- }
- }
- return null;
- }
-
public static EnforcedAdmin getDeviceOwner(Context context) {
return getDeviceOwner(context, null);
}
@@ -632,45 +602,6 @@
}
}
- /**
- * Send the intent to trigger the {@link android.settings.ShowAdminSupportDetailsDialog}.
- */
- public static void sendShowAdminSupportDetailsIntent(Context context, EnforcedAdmin admin) {
- final Intent intent = getShowAdminSupportDetailsIntent(context, admin);
- int targetUserId = UserHandle.myUserId();
- if (admin != null && admin.userId != UserHandle.USER_NULL
- && isCurrentUserOrProfile(context, admin.userId)) {
- targetUserId = admin.userId;
- }
- intent.putExtra(DevicePolicyManager.EXTRA_RESTRICTION, admin.enforcedRestriction);
- context.startActivityAsUser(intent, new UserHandle(targetUserId));
- }
-
- public static Intent getShowAdminSupportDetailsIntent(Context context, EnforcedAdmin admin) {
- final Intent intent = new Intent(Settings.ACTION_SHOW_ADMIN_SUPPORT_DETAILS);
- if (admin != null) {
- if (admin.component != null) {
- intent.putExtra(DevicePolicyManager.EXTRA_DEVICE_ADMIN, admin.component);
- }
- int adminUserId = UserHandle.myUserId();
- if (admin.userId != UserHandle.USER_NULL) {
- adminUserId = admin.userId;
- }
- intent.putExtra(Intent.EXTRA_USER_ID, adminUserId);
- }
- return intent;
- }
-
- public static boolean isCurrentUserOrProfile(Context context, int userId) {
- UserManager um = UserManager.get(context);
- for (UserInfo userInfo : um.getProfiles(UserHandle.myUserId())) {
- if (userInfo.id == userId) {
- return true;
- }
- }
- return false;
- }
-
public static boolean isAdminInCurrentUserOrProfile(Context context, ComponentName admin) {
DevicePolicyManager dpm = (DevicePolicyManager) context.getSystemService(
Context.DEVICE_POLICY_SERVICE);
@@ -716,75 +647,6 @@
textView.setText(sb);
}
- public static class EnforcedAdmin {
- @Nullable
- public ComponentName component = null;
- /**
- * The restriction enforced by admin. It could be any user restriction or policy like
- * {@link DevicePolicyManager#POLICY_DISABLE_CAMERA}.
- */
- @Nullable
- public String enforcedRestriction = null;
- public int userId = UserHandle.USER_NULL;
-
- // We use this to represent the case where a policy is enforced by multiple admins.
- public final static EnforcedAdmin MULTIPLE_ENFORCED_ADMIN = new EnforcedAdmin();
-
- public static EnforcedAdmin createDefaultEnforcedAdminWithRestriction(
- String enforcedRestriction) {
- EnforcedAdmin enforcedAdmin = new EnforcedAdmin();
- enforcedAdmin.enforcedRestriction = enforcedRestriction;
- return enforcedAdmin;
- }
-
- public EnforcedAdmin(ComponentName component, int userId) {
- this.component = component;
- this.userId = userId;
- }
-
- public EnforcedAdmin(ComponentName component, String enforcedRestriction, int userId) {
- this.component = component;
- this.enforcedRestriction = enforcedRestriction;
- this.userId = userId;
- }
-
- public EnforcedAdmin(EnforcedAdmin other) {
- if (other == null) {
- throw new IllegalArgumentException();
- }
- this.component = other.component;
- this.enforcedRestriction = other.enforcedRestriction;
- this.userId = other.userId;
- }
-
- public EnforcedAdmin() {
- }
-
- @Override
- public boolean equals(Object o) {
- if (this == o) return true;
- if (o == null || getClass() != o.getClass()) return false;
- EnforcedAdmin that = (EnforcedAdmin) o;
- return userId == that.userId &&
- Objects.equals(component, that.component) &&
- Objects.equals(enforcedRestriction, that.enforcedRestriction);
- }
-
- @Override
- public int hashCode() {
- return Objects.hash(component, enforcedRestriction, userId);
- }
-
- @Override
- public String toString() {
- return "EnforcedAdmin{" +
- "component=" + component +
- ", enforcedRestriction='" + enforcedRestriction +
- ", userId=" + userId +
- '}';
- }
- }
-
/**
* Static {@link LockPatternUtils} and {@link DevicePolicyManager} wrapper for testing purposes.
* {@link LockPatternUtils} is an internal API not supported by robolectric.
diff --git a/packages/SettingsLib/src/com/android/settingslib/RestrictedPreferenceHelper.java b/packages/SettingsLib/src/com/android/settingslib/RestrictedPreferenceHelper.java
index 4b84920..1ba1f72 100644
--- a/packages/SettingsLib/src/com/android/settingslib/RestrictedPreferenceHelper.java
+++ b/packages/SettingsLib/src/com/android/settingslib/RestrictedPreferenceHelper.java
@@ -62,7 +62,7 @@
}
mAttrUserRestriction = data == null ? null : data.toString();
// If the system has set the user restriction, then we shouldn't add the padlock.
- if (RestrictedLockUtils.hasBaseUserRestriction(mContext, mAttrUserRestriction,
+ if (RestrictedLockUtilsInternal.hasBaseUserRestriction(mContext, mAttrUserRestriction,
UserHandle.myUserId())) {
mAttrUserRestriction = null;
return;
@@ -133,7 +133,7 @@
* @param userId user to check the restriction for.
*/
public void checkRestrictionAndSetDisabled(String userRestriction, int userId) {
- EnforcedAdmin admin = RestrictedLockUtils.checkIfRestrictionEnforced(mContext,
+ EnforcedAdmin admin = RestrictedLockUtilsInternal.checkIfRestrictionEnforced(mContext,
userRestriction, userId);
setDisabledByAdmin(admin);
}
diff --git a/packages/SettingsLib/src/com/android/settingslib/TetherUtil.java b/packages/SettingsLib/src/com/android/settingslib/TetherUtil.java
index a3ab4fd..c3993e9 100644
--- a/packages/SettingsLib/src/com/android/settingslib/TetherUtil.java
+++ b/packages/SettingsLib/src/com/android/settingslib/TetherUtil.java
@@ -57,9 +57,10 @@
public static boolean isTetherAvailable(Context context) {
final ConnectivityManager cm = context.getSystemService(ConnectivityManager.class);
- final boolean tetherConfigDisallowed = RestrictedLockUtils.checkIfRestrictionEnforced(
- context, DISALLOW_CONFIG_TETHERING, UserHandle.myUserId()) != null;
- final boolean hasBaseUserRestriction = RestrictedLockUtils.hasBaseUserRestriction(
+ final boolean tetherConfigDisallowed = RestrictedLockUtilsInternal
+ .checkIfRestrictionEnforced(context, DISALLOW_CONFIG_TETHERING,
+ UserHandle.myUserId()) != null;
+ final boolean hasBaseUserRestriction = RestrictedLockUtilsInternal.hasBaseUserRestriction(
context, DISALLOW_CONFIG_TETHERING, UserHandle.myUserId());
return (cm.isTetheringSupported() || tetherConfigDisallowed) && !hasBaseUserRestriction;
}
diff --git a/packages/SettingsLib/src/com/android/settingslib/inputmethod/InputMethodPreference.java b/packages/SettingsLib/src/com/android/settingslib/inputmethod/InputMethodPreference.java
index 221e0dd..5c126b1 100644
--- a/packages/SettingsLib/src/com/android/settingslib/inputmethod/InputMethodPreference.java
+++ b/packages/SettingsLib/src/com/android/settingslib/inputmethod/InputMethodPreference.java
@@ -37,7 +37,7 @@
import com.android.internal.annotations.VisibleForTesting;
import com.android.settingslib.R;
-import com.android.settingslib.RestrictedLockUtils;
+import com.android.settingslib.RestrictedLockUtilsInternal;
import com.android.settingslib.RestrictedSwitchPreference;
import java.text.Collator;
@@ -208,7 +208,7 @@
setEnabled(false);
} else if (!mIsAllowedByOrganization) {
EnforcedAdmin admin =
- RestrictedLockUtils.checkIfInputMethodDisallowed(getContext(),
+ RestrictedLockUtilsInternal.checkIfInputMethodDisallowed(getContext(),
mImi.getPackageName(), UserHandle.myUserId());
setDisabledByAdmin(admin);
} else {
diff --git a/packages/SettingsLib/tests/robotests/src/com/android/settingslib/RestrictedLockUtilsTest.java b/packages/SettingsLib/tests/robotests/src/com/android/settingslib/RestrictedLockUtilsTest.java
index bf49ef3..fc8d9db 100644
--- a/packages/SettingsLib/tests/robotests/src/com/android/settingslib/RestrictedLockUtilsTest.java
+++ b/packages/SettingsLib/tests/robotests/src/com/android/settingslib/RestrictedLockUtilsTest.java
@@ -60,7 +60,7 @@
@Mock
private PackageManager mPackageManager;
@Mock(answer = Answers.RETURNS_DEEP_STUBS)
- private RestrictedLockUtils.Proxy mProxy;
+ private RestrictedLockUtilsInternal.Proxy mProxy;
private final int mUserId = 194;
private final int mProfileId = 160;
@@ -78,7 +78,7 @@
when(mContext.getPackageManager())
.thenReturn(mPackageManager);
- RestrictedLockUtils.sProxy = mProxy;
+ RestrictedLockUtilsInternal.sProxy = mProxy;
}
@Test
@@ -91,8 +91,8 @@
thenReturn(Collections.singletonList(enforcingUser));
setUpDeviceOwner(mAdmin1);
- EnforcedAdmin enforcedAdmin = RestrictedLockUtils.checkIfRestrictionEnforced(mContext,
- userRestriction, mUserId);
+ EnforcedAdmin enforcedAdmin = RestrictedLockUtilsInternal
+ .checkIfRestrictionEnforced(mContext, userRestriction, mUserId);
assertThat(enforcedAdmin).isNotNull();
assertThat(enforcedAdmin.enforcedRestriction).isEqualTo(userRestriction);
@@ -109,8 +109,8 @@
thenReturn(Collections.singletonList(enforcingUser));
setUpProfileOwner(mAdmin1, mUserId);
- EnforcedAdmin enforcedAdmin = RestrictedLockUtils.checkIfRestrictionEnforced(mContext,
- userRestriction, mUserId);
+ EnforcedAdmin enforcedAdmin = RestrictedLockUtilsInternal
+ .checkIfRestrictionEnforced(mContext, userRestriction, mUserId);
assertThat(enforcedAdmin).isNotNull();
assertThat(enforcedAdmin.enforcedRestriction).isEqualTo(userRestriction);
@@ -120,8 +120,8 @@
@Test
public void checkIfDevicePolicyServiceDisabled_noEnforceAdminForManagedProfile() {
when(mContext.getSystemService(Context.DEVICE_POLICY_SERVICE)).thenReturn(null);
- final EnforcedAdmin enforcedAdmin = RestrictedLockUtils.checkIfAccountManagementDisabled(
- mContext, "account_type", mUserId);
+ final EnforcedAdmin enforcedAdmin = RestrictedLockUtilsInternal
+ .checkIfAccountManagementDisabled(mContext, "account_type", mUserId);
assertThat(enforcedAdmin).isEqualTo(null);
}
@@ -130,8 +130,8 @@
public void checkIfDeviceAdminFeatureDisabled_noEnforceAdminForManagedProfile() {
when(mPackageManager.hasSystemFeature(PackageManager.FEATURE_DEVICE_ADMIN))
.thenReturn(false);
- final EnforcedAdmin enforcedAdmin = RestrictedLockUtils.checkIfAccountManagementDisabled(
- mContext, "account_type", mUserId);
+ final EnforcedAdmin enforcedAdmin = RestrictedLockUtilsInternal
+ .checkIfAccountManagementDisabled(mContext, "account_type", mUserId);
assertThat(enforcedAdmin).isEqualTo(null);
}
@@ -140,8 +140,8 @@
public void checkIfKeyguardFeaturesDisabled_noEnforcedAdminForManagedProfile() {
setUpManagedProfile(mUserId, new ComponentName[] {mAdmin1, mAdmin2});
- final EnforcedAdmin enforcedAdmin = RestrictedLockUtils.checkIfKeyguardFeaturesDisabled(
- mContext, KEYGUARD_DISABLE_FINGERPRINT, mUserId);
+ final EnforcedAdmin enforcedAdmin = RestrictedLockUtilsInternal
+ .checkIfKeyguardFeaturesDisabled(mContext, KEYGUARD_DISABLE_FINGERPRINT, mUserId);
assertThat(enforcedAdmin).isEqualTo(null);
}
@@ -153,8 +153,8 @@
when(mDevicePolicyManager.getKeyguardDisabledFeatures(mAdmin1, mUserId))
.thenReturn(KEYGUARD_DISABLE_FINGERPRINT);
- final EnforcedAdmin enforcedAdmin = RestrictedLockUtils.checkIfKeyguardFeaturesDisabled(
- mContext, KEYGUARD_DISABLE_FINGERPRINT, mUserId);
+ final EnforcedAdmin enforcedAdmin = RestrictedLockUtilsInternal
+ .checkIfKeyguardFeaturesDisabled(mContext, KEYGUARD_DISABLE_FINGERPRINT, mUserId);
assertThat(enforcedAdmin).isEqualTo(new EnforcedAdmin(mAdmin1, mUserId));
}
@@ -168,8 +168,8 @@
when(mDevicePolicyManager.getKeyguardDisabledFeatures(mAdmin2, mUserId))
.thenReturn(KEYGUARD_DISABLE_REMOTE_INPUT);
- final EnforcedAdmin enforcedAdmin = RestrictedLockUtils.checkIfKeyguardFeaturesDisabled(
- mContext, KEYGUARD_DISABLE_REMOTE_INPUT, mUserId);
+ final EnforcedAdmin enforcedAdmin = RestrictedLockUtilsInternal
+ .checkIfKeyguardFeaturesDisabled(mContext, KEYGUARD_DISABLE_REMOTE_INPUT, mUserId);
assertThat(enforcedAdmin).isEqualTo(EnforcedAdmin.MULTIPLE_ENFORCED_ADMIN);
}
@@ -187,19 +187,19 @@
.thenReturn(KEYGUARD_DISABLE_FINGERPRINT);
// Querying the parent should return the policy, since it affects the parent.
- EnforcedAdmin parent = RestrictedLockUtils.checkIfKeyguardFeaturesDisabled(
+ EnforcedAdmin parent = RestrictedLockUtilsInternal.checkIfKeyguardFeaturesDisabled(
mContext, KEYGUARD_DISABLE_FINGERPRINT, mUserId);
assertThat(parent).isEqualTo(new EnforcedAdmin(mAdmin2, mProfileId));
// Querying the child should return that too.
- EnforcedAdmin profile = RestrictedLockUtils.checkIfKeyguardFeaturesDisabled(
+ EnforcedAdmin profile = RestrictedLockUtilsInternal.checkIfKeyguardFeaturesDisabled(
mContext, KEYGUARD_DISABLE_FINGERPRINT, mProfileId);
assertThat(profile).isEqualTo(new EnforcedAdmin(mAdmin2, mProfileId));
// Querying for some unrelated feature should return nothing. Nothing!
- assertThat(RestrictedLockUtils.checkIfKeyguardFeaturesDisabled(
+ assertThat(RestrictedLockUtilsInternal.checkIfKeyguardFeaturesDisabled(
mContext, KEYGUARD_DISABLE_REMOTE_INPUT, mUserId)).isNull();
- assertThat(RestrictedLockUtils.checkIfKeyguardFeaturesDisabled(
+ assertThat(RestrictedLockUtilsInternal.checkIfKeyguardFeaturesDisabled(
mContext, KEYGUARD_DISABLE_REMOTE_INPUT, mProfileId)).isNull();
}
@@ -217,12 +217,12 @@
// Querying the parent should not return the policy, because it's not a policy that should
// affect parents even when the lock screen is unified.
- EnforcedAdmin primary = RestrictedLockUtils.checkIfKeyguardFeaturesDisabled(
+ EnforcedAdmin primary = RestrictedLockUtilsInternal.checkIfKeyguardFeaturesDisabled(
mContext, KEYGUARD_DISABLE_UNREDACTED_NOTIFICATIONS, mUserId);
assertThat(primary).isNull();
// Querying the child should still return the policy.
- EnforcedAdmin profile = RestrictedLockUtils.checkIfKeyguardFeaturesDisabled(
+ EnforcedAdmin profile = RestrictedLockUtilsInternal.checkIfKeyguardFeaturesDisabled(
mContext, KEYGUARD_DISABLE_UNREDACTED_NOTIFICATIONS, mProfileId);
assertThat(profile).isEqualTo(new EnforcedAdmin(mAdmin2, mProfileId));
}
@@ -244,12 +244,12 @@
// Querying the parent should not return the policy, even though it's shared by default,
// because the parent doesn't share a lock screen with the profile any more.
- EnforcedAdmin parent = RestrictedLockUtils.checkIfKeyguardFeaturesDisabled(
+ EnforcedAdmin parent = RestrictedLockUtilsInternal.checkIfKeyguardFeaturesDisabled(
mContext, KEYGUARD_DISABLE_FINGERPRINT, mUserId);
assertThat(parent).isNull();
// Querying the child should still return the policy.
- EnforcedAdmin profile = RestrictedLockUtils.checkIfKeyguardFeaturesDisabled(
+ EnforcedAdmin profile = RestrictedLockUtilsInternal.checkIfKeyguardFeaturesDisabled(
mContext, KEYGUARD_DISABLE_FINGERPRINT, mProfileId);
assertThat(profile).isEqualTo(new EnforcedAdmin(mAdmin2, mProfileId));
}
@@ -276,12 +276,12 @@
.thenReturn(KEYGUARD_DISABLE_FINGERPRINT);
// Parent should get the policy.
- EnforcedAdmin parent = RestrictedLockUtils.checkIfKeyguardFeaturesDisabled(
+ EnforcedAdmin parent = RestrictedLockUtilsInternal.checkIfKeyguardFeaturesDisabled(
mContext, KEYGUARD_DISABLE_FINGERPRINT, mUserId);
assertThat(parent).isEqualTo(new EnforcedAdmin(mAdmin2, mProfileId));
// Profile should not get the policy.
- EnforcedAdmin profile = RestrictedLockUtils.checkIfKeyguardFeaturesDisabled(
+ EnforcedAdmin profile = RestrictedLockUtilsInternal.checkIfKeyguardFeaturesDisabled(
mContext, KEYGUARD_DISABLE_FINGERPRINT, mProfileId);
assertThat(profile).isNull();
}
diff --git a/packages/SystemUI/src/com/android/systemui/qs/tileimpl/QSTileImpl.java b/packages/SystemUI/src/com/android/systemui/qs/tileimpl/QSTileImpl.java
index b6a776f..451297b 100644
--- a/packages/SystemUI/src/com/android/systemui/qs/tileimpl/QSTileImpl.java
+++ b/packages/SystemUI/src/com/android/systemui/qs/tileimpl/QSTileImpl.java
@@ -40,6 +40,7 @@
import com.android.internal.annotations.VisibleForTesting;
import com.android.internal.logging.MetricsLogger;
import com.android.settingslib.RestrictedLockUtils;
+import com.android.settingslib.RestrictedLockUtilsInternal;
import com.android.settingslib.Utils;
import com.android.systemui.Dependency;
import com.android.systemui.Prefs;
@@ -360,9 +361,9 @@
}
protected void checkIfRestrictionEnforcedByAdminOnly(State state, String userRestriction) {
- EnforcedAdmin admin = RestrictedLockUtils.checkIfRestrictionEnforced(mContext,
+ EnforcedAdmin admin = RestrictedLockUtilsInternal.checkIfRestrictionEnforced(mContext,
userRestriction, ActivityManager.getCurrentUser());
- if (admin != null && !RestrictedLockUtils.hasBaseUserRestriction(mContext,
+ if (admin != null && !RestrictedLockUtilsInternal.hasBaseUserRestriction(mContext,
userRestriction, ActivityManager.getCurrentUser())) {
state.disabledByPolicy = true;
mEnforcedAdmin = admin;
diff --git a/packages/SystemUI/src/com/android/systemui/settings/BrightnessController.java b/packages/SystemUI/src/com/android/systemui/settings/BrightnessController.java
index be0aa11..1178725 100644
--- a/packages/SystemUI/src/com/android/systemui/settings/BrightnessController.java
+++ b/packages/SystemUI/src/com/android/systemui/settings/BrightnessController.java
@@ -44,6 +44,7 @@
import com.android.internal.logging.MetricsLogger;
import com.android.internal.logging.nano.MetricsProto.MetricsEvent;
import com.android.settingslib.RestrictedLockUtils;
+import com.android.settingslib.RestrictedLockUtilsInternal;
import com.android.systemui.Dependency;
import java.util.ArrayList;
@@ -399,7 +400,7 @@
@Override
public void run() {
((ToggleSliderView)mControl).setEnforcedAdmin(
- RestrictedLockUtils.checkIfRestrictionEnforced(mContext,
+ RestrictedLockUtilsInternal.checkIfRestrictionEnforced(mContext,
UserManager.DISALLOW_CONFIG_BRIGHTNESS,
mUserTracker.getCurrentUserId()));
}
diff --git a/packages/SystemUI/src/com/android/systemui/statusbar/policy/UserSwitcherController.java b/packages/SystemUI/src/com/android/systemui/statusbar/policy/UserSwitcherController.java
index 13fabfd..dbfbdd7 100644
--- a/packages/SystemUI/src/com/android/systemui/statusbar/policy/UserSwitcherController.java
+++ b/packages/SystemUI/src/com/android/systemui/statusbar/policy/UserSwitcherController.java
@@ -18,12 +18,8 @@
import static com.android.settingslib.RestrictedLockUtils.EnforcedAdmin;
-import android.R.attr;
import android.app.ActivityManager;
import android.app.Dialog;
-import android.app.Notification;
-import android.app.NotificationManager;
-import android.app.PendingIntent;
import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.DialogInterface;
@@ -49,24 +45,21 @@
import android.view.ViewGroup;
import android.widget.BaseAdapter;
-import com.android.internal.logging.nano.MetricsProto.MetricsEvent;
import com.android.internal.annotations.VisibleForTesting;
-import com.android.internal.messages.nano.SystemMessageProto.SystemMessage;
+import com.android.internal.logging.nano.MetricsProto.MetricsEvent;
import com.android.internal.util.UserIcons;
-import com.android.settingslib.RestrictedLockUtils;
+import com.android.settingslib.RestrictedLockUtilsInternal;
import com.android.settingslib.Utils;
import com.android.systemui.Dependency;
import com.android.systemui.GuestResumeSessionReceiver;
import com.android.systemui.Prefs;
import com.android.systemui.Prefs.Key;
import com.android.systemui.R;
-import com.android.systemui.SystemUI;
import com.android.systemui.SystemUISecondaryUserService;
+import com.android.systemui.plugins.ActivityStarter;
import com.android.systemui.plugins.qs.DetailAdapter;
import com.android.systemui.qs.tiles.UserDetailView;
-import com.android.systemui.plugins.ActivityStarter;
import com.android.systemui.statusbar.phone.SystemUIDialog;
-import com.android.systemui.util.NotificationChannels;
import java.io.FileDescriptor;
import java.io.PrintWriter;
@@ -690,9 +683,9 @@
}
private void checkIfAddUserDisallowedByAdminOnly(UserRecord record) {
- EnforcedAdmin admin = RestrictedLockUtils.checkIfRestrictionEnforced(mContext,
+ EnforcedAdmin admin = RestrictedLockUtilsInternal.checkIfRestrictionEnforced(mContext,
UserManager.DISALLOW_ADD_USER, ActivityManager.getCurrentUser());
- if (admin != null && !RestrictedLockUtils.hasBaseUserRestriction(mContext,
+ if (admin != null && !RestrictedLockUtilsInternal.hasBaseUserRestriction(mContext,
UserManager.DISALLOW_ADD_USER, ActivityManager.getCurrentUser())) {
record.isDisabledByAdmin = true;
record.enforcedAdmin = admin;
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 664a837..c131858 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -7758,6 +7758,13 @@
}
@Override
+ public ComponentName getProfileOwnerAsUser(int userHandle) {
+ enforceCrossUsersPermission(userHandle);
+
+ return getProfileOwner(userHandle);
+ }
+
+ @Override
public ComponentName getProfileOwner(int userHandle) {
if (!mHasFeature) {
return null;