Device-wide unknown sources block option for DPC. (4638edd7) · Commits · e / os / android_frameworks_base

api/current.txt

+1 −0

Original line number	Original line	Diff line number	Diff line
	@@ -33504,6 +33504,7 @@ package android.os {
	field public static final java.lang.String DISALLOW_FUN = "no_fun";		field public static final java.lang.String DISALLOW_FUN = "no_fun";
	field public static final java.lang.String DISALLOW_INSTALL_APPS = "no_install_apps";		field public static final java.lang.String DISALLOW_INSTALL_APPS = "no_install_apps";
	field public static final java.lang.String DISALLOW_INSTALL_UNKNOWN_SOURCES = "no_install_unknown_sources";		field public static final java.lang.String DISALLOW_INSTALL_UNKNOWN_SOURCES = "no_install_unknown_sources";
			field public static final java.lang.String DISALLOW_INSTALL_UNKNOWN_SOURCES_GLOBALLY = "no_install_unknown_sources_globally";
	field public static final java.lang.String DISALLOW_MODIFY_ACCOUNTS = "no_modify_accounts";		field public static final java.lang.String DISALLOW_MODIFY_ACCOUNTS = "no_modify_accounts";
	field public static final java.lang.String DISALLOW_MOUNT_PHYSICAL_MEDIA = "no_physical_media";		field public static final java.lang.String DISALLOW_MOUNT_PHYSICAL_MEDIA = "no_physical_media";
	field public static final java.lang.String DISALLOW_NETWORK_RESET = "no_network_reset";		field public static final java.lang.String DISALLOW_NETWORK_RESET = "no_network_reset";

core/java/android/app/admin/DevicePolicyManager.java

+4 −0

Original line number	Original line	Diff line number	Diff line
	@@ -7414,6 +7414,10 @@ public class DevicePolicyManager {
	* If any app targeting {@link android.os.Build.VERSION_CODES#O} or higher calls this method		* If any app targeting {@link android.os.Build.VERSION_CODES#O} or higher calls this method
	* with {@link android.provider.Settings.Secure#INSTALL_NON_MARKET_APPS},		* with {@link android.provider.Settings.Secure#INSTALL_NON_MARKET_APPS},
	* an {@link UnsupportedOperationException} is thrown.		* an {@link UnsupportedOperationException} is thrown.
			*
			* Starting from Android Q, the device and profile owner can also call
			* {@link UserManager#DISALLOW_INSTALL_UNKNOWN_SOURCES_GLOBALLY} to restrict unknown sources for
			* all users.
	* </strong>		* </strong>
	*		*
	* @param admin Which {@link DeviceAdminReceiver} this request is associated with.		* @param admin Which {@link DeviceAdminReceiver} this request is associated with.

core/java/android/os/UserManager.java

+20 −2

Original line number	Original line	Diff line number	Diff line
	@@ -256,6 +256,7 @@ public class UserManager {
	/**		/**
	* Specifies if a user is disallowed from enabling the		* Specifies if a user is disallowed from enabling the
	* "Unknown Sources" setting, that allows installation of apps from unknown sources.		* "Unknown Sources" setting, that allows installation of apps from unknown sources.
			* Unknown sources exclude adb and special apps such as trusted app stores.
	* The default value is <code>false</code>.		* The default value is <code>false</code>.
	*		*
	* <p>Key for user restrictions.		* <p>Key for user restrictions.
	@@ -266,6 +267,22 @@ public class UserManager {
	*/		*/
	public static final String DISALLOW_INSTALL_UNKNOWN_SOURCES = "no_install_unknown_sources";		public static final String DISALLOW_INSTALL_UNKNOWN_SOURCES = "no_install_unknown_sources";

			/**
			* This restriction is a device-wide version of {@link DISALLOW_INSTALL_UNKNOWN_SOURCES}.
			*
			* Specifies if all users on the device are disallowed from enabling the
			* "Unknown Sources" setting, that allows installation of apps from unknown sources.
			* The default value is <code>false</code>.
			*
			* <p>Key for user restrictions.
			* <p>Type: Boolean
			* @see DevicePolicyManager#addUserRestriction(ComponentName, String)
			* @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
			* @see #getUserRestrictions()
			*/
			public static final String DISALLOW_INSTALL_UNKNOWN_SOURCES_GLOBALLY =
			"no_install_unknown_sources_globally";

	/**		/**
	* Specifies if a user is disallowed from configuring bluetooth.		* Specifies if a user is disallowed from configuring bluetooth.
	* This does <em>not</em> restrict the user from turning bluetooth on or off.		* This does <em>not</em> restrict the user from turning bluetooth on or off.
	@@ -1669,8 +1686,9 @@ public class UserManager {
	/**		/**
	* @hide		* @hide
	* Returns whether the given user has been disallowed from performing certain actions		* Returns whether the given user has been disallowed from performing certain actions
	* or setting certain settings through UserManager. This method disregards restrictions		* or setting certain settings through UserManager (e.g. this type of restriction would prevent
	* set by device policy.		* the guest user from doing certain things, such as making calls). This method disregards
			* restrictions set by device policy.
	* @param restrictionKey the string key representing the restriction		* @param restrictionKey the string key representing the restriction
	* @param userHandle the UserHandle of the user for whom to retrieve the restrictions.		* @param userHandle the UserHandle of the user for whom to retrieve the restrictions.
	*/		*/

packages/PackageInstaller/src/com/android/packageinstaller/PackageInstallerActivity.java

+7 −2

Original line number	Original line	Diff line number	Diff line
	@@ -430,9 +430,14 @@ public class PackageInstallerActivity extends AlertActivity {
	// Check for unknown sources restriction		// Check for unknown sources restriction
	final int unknownSourcesRestrictionSource = mUserManager.getUserRestrictionSource(		final int unknownSourcesRestrictionSource = mUserManager.getUserRestrictionSource(
	UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES, Process.myUserHandle());		UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES, Process.myUserHandle());
	if ((unknownSourcesRestrictionSource & UserManager.RESTRICTION_SOURCE_SYSTEM) != 0) {		final int unknownSourcesGlobalRestrictionSource = mUserManager.getUserRestrictionSource(
			UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES_GLOBALLY, Process.myUserHandle());
			final int systemRestriction = UserManager.RESTRICTION_SOURCE_SYSTEM
			& (unknownSourcesRestrictionSource \| unknownSourcesGlobalRestrictionSource);
			if (systemRestriction != 0) {
	showDialogInner(DLG_UNKNOWN_SOURCES_RESTRICTED_FOR_USER);		showDialogInner(DLG_UNKNOWN_SOURCES_RESTRICTED_FOR_USER);
	} else if (unknownSourcesRestrictionSource != UserManager.RESTRICTION_NOT_SET) {		} else if (unknownSourcesRestrictionSource != UserManager.RESTRICTION_NOT_SET
			\|\| unknownSourcesGlobalRestrictionSource != UserManager.RESTRICTION_NOT_SET) {
	startActivity(new Intent(Settings.ACTION_SHOW_ADMIN_SUPPORT_DETAILS));		startActivity(new Intent(Settings.ACTION_SHOW_ADMIN_SUPPORT_DETAILS));
	finish();		finish();
	} else {		} else {

packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java

+5 −1

Original line number	Original line	Diff line number	Diff line
	@@ -870,7 +870,11 @@ public class SettingsProvider extends ContentProvider {
	}		}
	}		}
	if (newRestrictions.getBoolean(UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES)		if (newRestrictions.getBoolean(UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES)
	!= prevRestrictions.getBoolean(UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES)) {		!= prevRestrictions.getBoolean(UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES) \|\|
			newRestrictions.getBoolean(
			UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES_GLOBALLY)
			!= prevRestrictions.getBoolean(
			UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES_GLOBALLY)) {
	final long identity = Binder.clearCallingIdentity();		final long identity = Binder.clearCallingIdentity();
	try {		try {
	synchronized (mLock) {		synchronized (mLock) {