Add a config flag to disallow removal of last full admin user on HSUM (35366ec0) · Commits · e / os / android_frameworks_base

core/api/system-current.txt

+1 −0

Original line number	Diff line number	Diff line
		@@ -11992,6 +11992,7 @@ package android.os {
		field public static final String DISALLOW_RUN_IN_BACKGROUND = "no_run_in_background";
		field public static final int REMOVE_RESULT_ALREADY_BEING_REMOVED = 2; // 0x2
		field public static final int REMOVE_RESULT_DEFERRED = 1; // 0x1
		field @FlaggedApi("android.multiuser.disallow_removing_last_admin_user") public static final int REMOVE_RESULT_ERROR_LAST_ADMIN_USER = -6; // 0xfffffffa
		field public static final int REMOVE_RESULT_ERROR_MAIN_USER_PERMANENT_ADMIN = -5; // 0xfffffffb
		field public static final int REMOVE_RESULT_ERROR_SYSTEM_USER = -4; // 0xfffffffc
		field public static final int REMOVE_RESULT_ERROR_UNKNOWN = -1; // 0xffffffff

+9 −1

Original line number	Diff line number	Diff line
		@@ -523,6 +523,7 @@ flag {
		purpose: PURPOSE_BUGFIX
		}
		}

		flag {
		name: "move_set_screen_lock_dialog_to_settings_app"
		namespace: "profile_experiences"
		@@ -532,3 +533,10 @@ flag {
		purpose: PURPOSE_BUGFIX
		}
		}

		flag {
		name: "disallow_removing_last_admin_user"
		namespace: "multiuser"
		description: "Disallow the removal of a user, if it is the last admin user"
		bug: "394970894"
		}

+15 −0

Original line number	Diff line number	Diff line
		@@ -2392,6 +2392,20 @@ public class UserManager {
		@SystemApi
		public static final int REMOVE_RESULT_ERROR_MAIN_USER_PERMANENT_ADMIN = -5;

		/**
		* A response code from {@link #removeUserWhenPossible(UserHandle, boolean)} indicating that
		* user being removed cannot be removed because it is
		* the last {@link #isAdminUser() admin} user on the device.
		*
		* @hide
		*/
		// TODO(b/419105275): Currently, the headless system user is also an admin user. When we
		// disallow the removal of last admin user, we mean the last admin user that's not the HSU.
		// If/When b/419105275 removes the admin flag from HSU, this comment should be removed.
		@FlaggedApi(android.multiuser.Flags.FLAG_DISALLOW_REMOVING_LAST_ADMIN_USER)
		@SystemApi
		public static final int REMOVE_RESULT_ERROR_LAST_ADMIN_USER = -6;

		/**
		* Possible response codes from {@link #removeUserWhenPossible(UserHandle, boolean)}.
		*
		@@ -2406,6 +2420,7 @@ public class UserManager {
		REMOVE_RESULT_ERROR_USER_NOT_FOUND,
		REMOVE_RESULT_ERROR_SYSTEM_USER,
		REMOVE_RESULT_ERROR_MAIN_USER_PERMANENT_ADMIN,
		REMOVE_RESULT_ERROR_LAST_ADMIN_USER,
		REMOVE_RESULT_ERROR_UNKNOWN,
		})
		@Retention(RetentionPolicy.SOURCE)

+6 −0

Original line number	Diff line number	Diff line
		@@ -3254,6 +3254,12 @@
		Note that HSUM devices without this enabled will not automatically have a main user. -->
		<bool name="config_isMainUserPermanentAdmin">true</bool>

		<!-- Whether to disallow the removal of the last admin user on device. This generally has no
		effect on non-HSUM devices, where the system user is always an admin and cannot be removed.
		Note that if config_isMainUserPermanentAdmin is true, this config is generally irrelevant,
		since then the main user is a permanent admin. -->
		<bool name="config_disallowRemovingLastAdminUser">true</bool>

		<!-- Whether all secondary users (and the system user) are eligible to have profiles.
		If false, only the MainUser is eligible to have profiles. -->
		<bool name="config_supportProfilesOnNonMainUser">false</bool>

+1 −0

Original line number	Diff line number	Diff line
		@@ -363,6 +363,7 @@
		<java-symbol type="bool" name="config_speed_up_audio_on_mt_calls" />
		<java-symbol type="bool" name="config_useFixedVolume" />
		<java-symbol type="bool" name="config_isMainUserPermanentAdmin"/>
		<java-symbol type="bool" name="config_disallowRemovingLastAdminUser"/>
		<java-symbol type="bool" name="config_supportProfilesOnNonMainUser"/>
		<java-symbol type="bool" name="config_createInitialUser"/>
		<java-symbol type="bool" name="config_designateMainUser"/>