Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5263c807 authored by Les Lee's avatar Les Lee Committed by Yi Shiou (Les) Lee
Browse files

wifi: Add new user restrictions 

The new multi-user Wi-Fi design provides private networks for guest users.
However, guest users cannot add shared networks.
Conversely, HSU users, who log in to the network, should be restricted
from creating private networks. These different use cases need new user
restrictions.

Note: Currently, there is no use case which DPC (device policy controller)
need to change it dynamically. Currently those restriction
will be used as pre-restriction on specific user role (for example:
guest user should not allow to add / change shared user config)

Flag: android.multiuser.user_restriction_config_wifi_shared_private
Bug: 390240471
Test: TH & ABT for wifi mainline testing.
Change-Id: I97fefc41fd4f3f42250db9a7f99941cd6ccf0e23
parent 62842069

AconfigFlags.bp

+13 −0
Original line number Diff line number Diff line
@@ -1048,6 +1048,7 @@ java_aconfig_library { 
// Multi user

aconfig_declarations {

    name: "android.multiuser.flags-aconfig",

    exportable: true,

    package: "android.multiuser",

    container: "system",

    srcs: ["core/java/android/content/pm/multiuser.aconfig"],
@@ -1060,6 +1061,18 @@ java_aconfig_library { 
    min_sdk_version: "30",

}



java_aconfig_library {

    name: "android.multiuser.flags-aconfig-java-export",

    aconfig_declarations: "android.multiuser.flags-aconfig",

    defaults: ["framework-minus-apex-aconfig-java-defaults"],

    mode: "exported",

    apex_available: [

        "//apex_available:platform",

        "com.android.wifi",

    ],

    min_sdk_version: "30",

}



// XR

aconfig_declarations {

    name: "android.xr.flags-aconfig",

core/api/module-lib-current.txt

+5 −0
Original line number Diff line number Diff line
@@ -503,6 +503,11 @@ package android.os { 
    method @FlaggedApi("android.os.update_engine_api") public void triggerPostinstall(@NonNull String);

  }



  public class UserManager {

    field @FlaggedApi("android.multiuser.user_restriction_config_wifi_shared_private") public static final String DISALLOW_CONFIG_WIFI_PRIVATE = "no_config_wifi_private";

    field @FlaggedApi("android.multiuser.user_restriction_config_wifi_shared_private") public static final String DISALLOW_CONFIG_WIFI_SHARED = "no_config_wifi_shared";

  }



}



package android.os.storage {

core/java/android/content/pm/multiuser.aconfig

+8 −0
Original line number Diff line number Diff line
@@ -522,3 +522,11 @@ flag { 
     description: "Disallow the removal of a user, if it is the last admin user"

     bug: "394970894"

}



flag {

     name: "user_restriction_config_wifi_shared_private"

     is_exported: true

     namespace: "multiuser"

     description: "For user restrictions about adding or editing shared or private Wi-Fi configurations"

     bug: "390240471"

}

core/java/android/os/UserManager.java

+44 −0
Original line number Diff line number Diff line
@@ -345,6 +345,50 @@ public class UserManager { 
     */

    public static final String DISALLOW_CONFIG_WIFI = "no_config_wifi";



    /**

     * Specifies if a user is disallowed from adding or editing private Wi-Fi configurations,

     * that is, Wi-Fi configurations that are not shared with other users.

     *

     * Use {@link #DISALLOW_CONFIG_WIFI} if all types of Wi-Fi configurations are disallowed to

     * be added or edited.

     *

     * Note: This restriction is used for system only, it can't be used via

     * the DevicePolicyManager APIs.

     *

     * <p>The default value is <code>false</code>.

     *

     * <p>Key for user restrictions.

     * <p>Type: Boolean

     * @see #getUserRestrictions()

     *

     * @hide

     */

    @SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)

    @FlaggedApi(android.multiuser.Flags.FLAG_USER_RESTRICTION_CONFIG_WIFI_SHARED_PRIVATE)

    public static final String DISALLOW_CONFIG_WIFI_PRIVATE = "no_config_wifi_private";



    /**

     * Specifies if a user is disallowed from adding or editing shared Wi-Fi configurations,

     * that is, Wi-Fi configurations that are shared with other users.

     *

     * Use {@link #DISALLOW_CONFIG_WIFI} if all types of Wi-Fi configurations are disallowed

     * to be added or edited.

     *

     * Note: This restriction is used for system only, it can't be used via

     * the DevicePolicyManager APIs.

     *

     * <p>The default value is <code>false</code>.

     *

     * <p>Key for user restrictions.

     * <p>Type: Boolean

     * @see #getUserRestrictions()

     *

     * @hide

     */

    @SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)

    @FlaggedApi(android.multiuser.Flags.FLAG_USER_RESTRICTION_CONFIG_WIFI_SHARED_PRIVATE)

    public static final String DISALLOW_CONFIG_WIFI_SHARED = "no_config_wifi_shared";



    /**

     * Specifies if a user is disallowed from enabling/disabling Wi-Fi.

     *

services/core/java/com/android/server/pm/UserRestrictionsUtils.java

+2 −0
Original line number Diff line number Diff line
@@ -80,6 +80,8 @@ public class UserRestrictionsUtils { 


    public static final Set<String> USER_RESTRICTIONS = newSetWithUniqueCheck(new String[] {

            UserManager.DISALLOW_CONFIG_WIFI,

            UserManager.DISALLOW_CONFIG_WIFI_PRIVATE,

            UserManager.DISALLOW_CONFIG_WIFI_SHARED,

            UserManager.DISALLOW_CONFIG_LOCALE,

            UserManager.DISALLOW_MODIFY_ACCOUNTS,

            UserManager.DISALLOW_INSTALL_APPS,