Merge "Create deviceowner gated APIs for creating and removing users in... (0e1dc0f5) · Commits · e / os / android_frameworks_base

api/current.txt

+2 −0

Original line number	Diff line number	Diff line
		@@ -5106,6 +5106,7 @@ package android.app.admin {
		method public void clearForwardingIntentFilters(android.content.ComponentName);
		method public void clearPackagePersistentPreferredActivities(android.content.ComponentName, java.lang.String);
		method public void clearUserRestriction(android.content.ComponentName, java.lang.String);
		method public android.os.UserHandle createUser(android.content.ComponentName, java.lang.String);
		method public void enableSystemApp(android.content.ComponentName, java.lang.String);
		method public int enableSystemApp(android.content.ComponentName, android.content.Intent);
		method public java.lang.String[] getAccountTypesWithManagementDisabled();
		@@ -5139,6 +5140,7 @@ package android.app.admin {
		method public boolean isProfileOwnerApp(java.lang.String);
		method public void lockNow();
		method public void removeActiveAdmin(android.content.ComponentName);
		method public boolean removeUser(android.content.ComponentName, android.os.UserHandle);
		method public boolean resetPassword(java.lang.String, int);
		method public void setAccountManagementDisabled(android.content.ComponentName, java.lang.String, boolean);
		method public boolean setApplicationBlocked(android.content.ComponentName, java.lang.String, boolean);

core/java/android/app/admin/DevicePolicyManager.java

+38 −0

Original line number	Diff line number	Diff line
		@@ -32,6 +32,7 @@ import android.os.RemoteCallback;
		import android.os.RemoteException;
		import android.os.ServiceManager;
		import android.os.UserHandle;
		import android.os.UserManager;
		import android.provider.Settings;
		import android.service.trust.TrustAgentService;
		import android.util.Log;
		@@ -1982,6 +1983,43 @@ public class DevicePolicyManager {
		}
		}

		/**
		* Called by a device owner to create a user with the specified name. The UserHandle returned
		* by this method should not be persisted as user handles are recycled as users are removed and
		* created. If you need to persist an identifier for this user, use
		* {@link UserManager#getSerialNumberForUser}.
		*
		* @param admin Which {@link DeviceAdminReceiver} this request is associated with.
		* @param name the user's name
		* @see UserHandle
		* @return the UserHandle object for the created user, or null if the user could not be created.
		*/
		public UserHandle createUser(ComponentName admin, String name) {
		try {
		return mService.createUser(admin, name);
		} catch (RemoteException re) {
		Log.w(TAG, "Could not create a user", re);
		}
		return null;
		}

		/**
		* Called by a device owner to remove a user and all associated data. The primary user can
		* not be removed.
		*
		* @param admin Which {@link DeviceAdminReceiver} this request is associated with.
		* @param userHandle the user to remove.
		* @return {@code true} if the user was removed, {@code false} otherwise.
		*/
		public boolean removeUser(ComponentName admin, UserHandle userHandle) {
		try {
		return mService.removeUser(admin, userHandle);
		} catch (RemoteException re) {
		Log.w(TAG, "Could not remove user ", re);
		return false;
		}
		}

		/**
		* Called by a profile or device owner to get the application restrictions for a given target
		* application running in the managed profile.

core/java/android/app/admin/IDevicePolicyManager.aidl

+4 −0

Original line number	Diff line number	Diff line
		@@ -22,6 +22,7 @@ import android.content.Intent;
		import android.content.IntentFilter;
		import android.os.Bundle;
		import android.os.RemoteCallback;
		import android.os.UserHandle;

		/**
		* Internal IPC interface to the device policy service.
		@@ -128,6 +129,9 @@ interface IDevicePolicyManager {
		int setApplicationsBlocked(in ComponentName admin, in Intent intent, boolean blocked);
		boolean isApplicationBlocked(in ComponentName admin, in String packageName);

		UserHandle createUser(in ComponentName who, in String name);
		boolean removeUser(in ComponentName who, in UserHandle userHandle);

		void enableSystemApp(in ComponentName admin, in String packageName);
		int enableSystemAppWithIntent(in ComponentName admin, in Intent intent);

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+38 −0

Original line number	Diff line number	Diff line
		@@ -3350,6 +3350,44 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		}
		}

		@Override
		public UserHandle createUser(ComponentName who, String name) {
		synchronized (this) {
		if (who == null) {
		throw new NullPointerException("ComponentName is null");
		}
		getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_DEVICE_OWNER);

		long id = Binder.clearCallingIdentity();
		try {
		UserInfo userInfo = mUserManager.createUser(name, 0 /* flags */);
		if (userInfo != null) {
		return userInfo.getUserHandle();
		}
		return null;
		} finally {
		restoreCallingIdentity(id);
		}
		}
		}

		@Override
		public boolean removeUser(ComponentName who, UserHandle userHandle) {
		synchronized (this) {
		if (who == null) {
		throw new NullPointerException("ComponentName is null");
		}
		getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_DEVICE_OWNER);

		long id = Binder.clearCallingIdentity();
		try {
		return mUserManager.removeUser(userHandle.getIdentifier());
		} finally {
		restoreCallingIdentity(id);
		}
		}
		}

		@Override
		public Bundle getApplicationRestrictions(ComponentName who, String packageName) {
		final UserHandle userHandle = new UserHandle(UserHandle.getCallingUserId());