Loading core/api/system-current.txt +1 −0 Original line number Diff line number Diff line Loading @@ -2950,6 +2950,7 @@ package android.app.supervision { @FlaggedApi("android.app.supervision.flags.supervision_manager_apis") public class SupervisionManager { method @FlaggedApi("android.app.supervision.flags.supervision_manager_apis") @Nullable @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.QUERY_USERS}) public android.content.Intent createConfirmSupervisionCredentialsIntent(); method @FlaggedApi("android.app.supervision.flags.supervision_manager_apis") @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.QUERY_USERS}) public boolean isSupervisionEnabled(); method @FlaggedApi("android.permission.flags.enable_system_supervision_role_behavior") @RequiresPermission(android.Manifest.permission.MANAGE_ROLE_HOLDERS) public boolean shouldAllowBypassingSupervisionRoleQualification(); } } core/java/android/app/supervision/ISupervisionManager.aidl +2 −0 Original line number Diff line number Diff line Loading @@ -27,4 +27,6 @@ interface ISupervisionManager { boolean isSupervisionEnabledForUser(int userId); void setSupervisionEnabledForUser(int userId, boolean enabled); String getActiveSupervisionAppPackage(int userId); @JavaPassthrough(annotation="@android.annotation.RequiresPermission(android.Manifest.permission.MANAGE_ROLE_HOLDERS)") boolean shouldAllowBypassingSupervisionRoleQualification(); } core/java/android/app/supervision/SupervisionManager.java +22 −0 Original line number Diff line number Diff line Loading @@ -19,6 +19,7 @@ package android.app.supervision; import static android.Manifest.permission.INTERACT_ACROSS_USERS; import static android.Manifest.permission.MANAGE_USERS; import static android.Manifest.permission.QUERY_USERS; import static android.permission.flags.Flags.FLAG_ENABLE_SYSTEM_SUPERVISION_ROLE_BEHAVIOR; import android.annotation.FlaggedApi; import android.annotation.Nullable; Loading Loading @@ -193,4 +194,25 @@ public class SupervisionManager { } return null; } /** * @return {@code true} if bypassing the qualification is allowed for the specified role based * on the current state of the device. * * @hide */ @SystemApi @FlaggedApi(FLAG_ENABLE_SYSTEM_SUPERVISION_ROLE_BEHAVIOR) @RequiresPermission(android.Manifest.permission.MANAGE_ROLE_HOLDERS) public boolean shouldAllowBypassingSupervisionRoleQualification() { if (mService != null) { try { return mService.shouldAllowBypassingSupervisionRoleQualification(); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } } return false; } } core/java/android/permission/flags.aconfig +9 −0 Original line number Diff line number Diff line Loading @@ -554,3 +554,12 @@ flag { description: "This flag is used to add role protection to READ_BLOCKED_NUMBERS for SYSTEM_UI_INTELLIGENCE" bug: "354758615" } flag { name: "enable_system_supervision_role_behavior" is_fixed_read_only: true is_exported: true namespace: "supervision" description: "This flag is used to enable the role behavior for the system supervision role" bug: "378102594" } services/supervision/java/com/android/server/supervision/SupervisionService.java +39 −0 Original line number Diff line number Diff line Loading @@ -17,6 +17,7 @@ package com.android.server.supervision; import static android.Manifest.permission.INTERACT_ACROSS_USERS; import static android.Manifest.permission.MANAGE_ROLE_HOLDERS; import static android.Manifest.permission.MANAGE_USERS; import static android.Manifest.permission.QUERY_USERS; import static android.content.pm.PackageManager.PERMISSION_GRANTED; Loading Loading @@ -170,6 +171,44 @@ public class SupervisionService extends ISupervisionManager.Stub { return intent; } @Override public boolean shouldAllowBypassingSupervisionRoleQualification() { enforcePermission(MANAGE_ROLE_HOLDERS); if (hasNonTestDefaultUsers()) { return false; } synchronized (getLockObject()) { for (int i = 0; i < mUserData.size(); i++) { if (mUserData.valueAt(i).supervisionEnabled) { return false; } } } return true; } /** * Returns true if there are any non-default non-test users. * * This excludes the system and main user(s) as those users are created by default. */ private boolean hasNonTestDefaultUsers() { List<UserInfo> users = mInjector.getUserManagerInternal().getUsers(true); for (var user : users) { if (!user.isForTesting() && !user.isMain() && !isSystemUser(user)) { return true; } } return false; } private static boolean isSystemUser(UserInfo userInfo) { return (userInfo.flags & UserInfo.FLAG_SYSTEM) == UserInfo.FLAG_SYSTEM; } @Override public void onShellCommand( @Nullable FileDescriptor in, Loading Loading
core/api/system-current.txt +1 −0 Original line number Diff line number Diff line Loading @@ -2950,6 +2950,7 @@ package android.app.supervision { @FlaggedApi("android.app.supervision.flags.supervision_manager_apis") public class SupervisionManager { method @FlaggedApi("android.app.supervision.flags.supervision_manager_apis") @Nullable @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.QUERY_USERS}) public android.content.Intent createConfirmSupervisionCredentialsIntent(); method @FlaggedApi("android.app.supervision.flags.supervision_manager_apis") @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.QUERY_USERS}) public boolean isSupervisionEnabled(); method @FlaggedApi("android.permission.flags.enable_system_supervision_role_behavior") @RequiresPermission(android.Manifest.permission.MANAGE_ROLE_HOLDERS) public boolean shouldAllowBypassingSupervisionRoleQualification(); } }
core/java/android/app/supervision/ISupervisionManager.aidl +2 −0 Original line number Diff line number Diff line Loading @@ -27,4 +27,6 @@ interface ISupervisionManager { boolean isSupervisionEnabledForUser(int userId); void setSupervisionEnabledForUser(int userId, boolean enabled); String getActiveSupervisionAppPackage(int userId); @JavaPassthrough(annotation="@android.annotation.RequiresPermission(android.Manifest.permission.MANAGE_ROLE_HOLDERS)") boolean shouldAllowBypassingSupervisionRoleQualification(); }
core/java/android/app/supervision/SupervisionManager.java +22 −0 Original line number Diff line number Diff line Loading @@ -19,6 +19,7 @@ package android.app.supervision; import static android.Manifest.permission.INTERACT_ACROSS_USERS; import static android.Manifest.permission.MANAGE_USERS; import static android.Manifest.permission.QUERY_USERS; import static android.permission.flags.Flags.FLAG_ENABLE_SYSTEM_SUPERVISION_ROLE_BEHAVIOR; import android.annotation.FlaggedApi; import android.annotation.Nullable; Loading Loading @@ -193,4 +194,25 @@ public class SupervisionManager { } return null; } /** * @return {@code true} if bypassing the qualification is allowed for the specified role based * on the current state of the device. * * @hide */ @SystemApi @FlaggedApi(FLAG_ENABLE_SYSTEM_SUPERVISION_ROLE_BEHAVIOR) @RequiresPermission(android.Manifest.permission.MANAGE_ROLE_HOLDERS) public boolean shouldAllowBypassingSupervisionRoleQualification() { if (mService != null) { try { return mService.shouldAllowBypassingSupervisionRoleQualification(); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } } return false; } }
core/java/android/permission/flags.aconfig +9 −0 Original line number Diff line number Diff line Loading @@ -554,3 +554,12 @@ flag { description: "This flag is used to add role protection to READ_BLOCKED_NUMBERS for SYSTEM_UI_INTELLIGENCE" bug: "354758615" } flag { name: "enable_system_supervision_role_behavior" is_fixed_read_only: true is_exported: true namespace: "supervision" description: "This flag is used to enable the role behavior for the system supervision role" bug: "378102594" }
services/supervision/java/com/android/server/supervision/SupervisionService.java +39 −0 Original line number Diff line number Diff line Loading @@ -17,6 +17,7 @@ package com.android.server.supervision; import static android.Manifest.permission.INTERACT_ACROSS_USERS; import static android.Manifest.permission.MANAGE_ROLE_HOLDERS; import static android.Manifest.permission.MANAGE_USERS; import static android.Manifest.permission.QUERY_USERS; import static android.content.pm.PackageManager.PERMISSION_GRANTED; Loading Loading @@ -170,6 +171,44 @@ public class SupervisionService extends ISupervisionManager.Stub { return intent; } @Override public boolean shouldAllowBypassingSupervisionRoleQualification() { enforcePermission(MANAGE_ROLE_HOLDERS); if (hasNonTestDefaultUsers()) { return false; } synchronized (getLockObject()) { for (int i = 0; i < mUserData.size(); i++) { if (mUserData.valueAt(i).supervisionEnabled) { return false; } } } return true; } /** * Returns true if there are any non-default non-test users. * * This excludes the system and main user(s) as those users are created by default. */ private boolean hasNonTestDefaultUsers() { List<UserInfo> users = mInjector.getUserManagerInternal().getUsers(true); for (var user : users) { if (!user.isForTesting() && !user.isMain() && !isSystemUser(user)) { return true; } } return false; } private static boolean isSystemUser(UserInfo userInfo) { return (userInfo.flags & UserInfo.FLAG_SYSTEM) == UserInfo.FLAG_SYSTEM; } @Override public void onShellCommand( @Nullable FileDescriptor in, Loading
