Update owner under multi-user scenarios (4020ef00) · Commits · e / os / android_frameworks_base

core/java/android/content/pm/PackageInstaller.java

+2 −3

Original line number	Diff line number	Diff line
		@@ -581,7 +581,7 @@ public class PackageInstaller {

		/**
		* Indicate the user intervention is required because the update ownership enforcement is
		* enabled, and remind the update owner will retain.
		* enabled, and remind the update owner is a different package.
		*
		* @see PackageInstaller.SessionParams#setRequestUpdateOwnership
		* @see InstallSourceInfo#getUpdateOwnerPackageName
		@@ -2978,8 +2978,7 @@ public class PackageInstaller {
		* permission. Default to {@code false}.
		*
		* The update ownership enforcement can only be enabled on initial installation. Set
		* this to {@code true} on package update indicates the installer package wants to be
		* the update owner if the update ownership enforcement has enabled.
		* this to {@code true} on package update is a no-op.
		*
		* Note: To enable the update ownership enforcement, the installer must have the
		* {@link android.Manifest.permission#ENFORCE_UPDATE_OWNERSHIP ENFORCE_UPDATE_OWNERSHIP}

core/java/android/content/pm/PackageManager.java

+7 −0

Original line number	Diff line number	Diff line
		@@ -1607,6 +1607,13 @@ public abstract class PackageManager {
		*/
		public static final int INSTALL_REQUEST_UPDATE_OWNERSHIP = 1 << 25;

		/**
		* Flag parameter for {@link PackageInstaller.SessionParams} to indicate that this
		* session is from a managed user or profile.
		* @hide
		*/
		public static final int INSTALL_FROM_MANAGED_USER_OR_PROFILE = 1 << 26;

		/** @hide */
		@IntDef(flag = true, value = {
		DONT_KILL_APP,

packages/PackageInstaller/res/values/strings.xml

+0 −3

Original line number	Diff line number	Diff line
		@@ -38,9 +38,6 @@
		<!-- Message for updating an existing app [CHAR LIMIT=NONE] -->
		<string name="install_confirm_question_update">Do you want to update this app?</string>
		<!-- TODO(b/244413073) Revise the description after getting UX input and UXR on this. -->
		<!-- Message for updating an existing app when updating owner changed [DO NOT TRANSLATE][CHAR LIMIT=NONE] -->
		<string name="install_confirm_question_update_owner_changed">Updates to this app are currently managed by <xliff:g id="existing_update_owner">%1$s</xliff:g>.\n\nBy updating, you\'ll get future updates from <xliff:g id="new_update_owner">%2$s</xliff:g> instead.</string>
		<!-- TODO(b/244413073) Revise the description after getting UX input and UXR on this. -->
		<!-- Message for updating an existing app with update owner reminder [DO NOT TRANSLATE][CHAR LIMIT=NONE] -->
		<string name="install_confirm_question_update_owner_reminder">Updates to this app are currently managed by <xliff:g id="existing_update_owner">%1$s</xliff:g>.\n\nDo you want to install this update from <xliff:g id="new_update_owner">%2$s</xliff:g>?</string>
		<!-- [CHAR LIMIT=100] -->

packages/PackageInstaller/src/com/android/packageinstaller/PackageInstallerActivity.java

+5 −12

Original line number	Diff line number	Diff line
		@@ -144,19 +144,12 @@ public class PackageInstallerActivity extends AlertActivity {

		final CharSequence existingUpdateOwnerLabel = getExistingUpdateOwnerLabel();
		final CharSequence requestedUpdateOwnerLabel = getApplicationLabel(mCallingPackage);
		if (!TextUtils.isEmpty(existingUpdateOwnerLabel)) {
		if (mPendingUserActionReason == PackageInstaller.REASON_OWNERSHIP_CHANGED) {
		viewToEnable.setText(
		getString(R.string.install_confirm_question_update_owner_changed,
		existingUpdateOwnerLabel, requestedUpdateOwnerLabel));
		} else if (mPendingUserActionReason == PackageInstaller.REASON_REMIND_OWNERSHIP
		\|\| mPendingUserActionReason
		== PackageInstaller.REASON_CONFIRM_PACKAGE_CHANGE) {
		if (!TextUtils.isEmpty(existingUpdateOwnerLabel)
		&& mPendingUserActionReason == PackageInstaller.REASON_REMIND_OWNERSHIP) {
		viewToEnable.setText(
		getString(R.string.install_confirm_question_update_owner_reminder,
		existingUpdateOwnerLabel, requestedUpdateOwnerLabel));
		}
		}

		mOk.setText(R.string.update);
		} else {

services/core/java/com/android/server/pm/ComputerEngine.java

+14 −1

Original line number	Diff line number	Diff line
		@@ -65,6 +65,7 @@ import android.annotation.NonNull;
		import android.annotation.Nullable;
		import android.annotation.UserIdInt;
		import android.app.ActivityManager;
		import android.app.admin.DevicePolicyManagerInternal;
		import android.content.ComponentName;
		import android.content.Context;
		import android.content.Intent;
		@@ -2190,6 +2191,11 @@ public class ComputerEngine implements Computer {
		&& UserHandle.getAppId(uid) == pkg.getUid();
		}

		private boolean isCallerFromManagedUserOrProfile(@UserIdInt int userId) {
		final var dpmi = mInjector.getLocalService(DevicePolicyManagerInternal.class);
		return dpmi != null && dpmi.isUserOrganizationManaged(userId);
		}

		public final boolean isComponentVisibleToInstantApp(@Nullable ComponentName component) {
		if (isComponentVisibleToInstantApp(component, TYPE_ACTIVITY)) {
		return true;
		@@ -5002,8 +5008,15 @@ public class ComputerEngine implements Computer {
		updateOwnerPackageName = installSource.mUpdateOwnerPackageName;
		if (updateOwnerPackageName != null) {
		final PackageStateInternal ps = mSettings.getPackage(updateOwnerPackageName);
		final boolean isCallerSystemOrUpdateOwner = callingUid == Process.SYSTEM_UID
		\|\| isCallerSameApp(updateOwnerPackageName, callingUid);
		// Except for package visibility filtering, we also hide update owner if the installer
		// is in the managed user or profile. As we don't enforce the update ownership for the
		// managed user and profile, knowing there's an update owner is meaningless in that
		// user unless the installer is the owner.
		if (ps == null
		\|\| shouldFilterApplicationIncludingUninstalled(ps, callingUid, userId)) {
		\|\| shouldFilterApplicationIncludingUninstalled(ps, callingUid, userId)
		\|\| (!isCallerSystemOrUpdateOwner && isCallerFromManagedUserOrProfile(userId))) {
		updateOwnerPackageName = null;
		}
		}