Loading core/java/android/os/IUserManager.aidl +1 −0 Original line number Diff line number Diff line Loading @@ -49,6 +49,7 @@ interface IUserManager { UserInfo getUserInfo(int userHandle); long getUserCreationTime(int userHandle); boolean isRestricted(); boolean canHaveRestrictedProfile(int userId); int getUserSerialNumber(int userHandle); int getUserHandle(int userSerialNumber); Bundle getUserRestrictions(int userHandle); Loading core/java/android/os/UserManager.java +13 −0 Original line number Diff line number Diff line Loading @@ -631,6 +631,19 @@ public class UserManager { } } /** * Checks if specified user can have restricted profile. * @hide */ public boolean canHaveRestrictedProfile(int userId) { try { return mService.canHaveRestrictedProfile(userId); } catch (RemoteException re) { Log.w(TAG, "Could not check if user can have restricted profile", re); return false; } } /** * Checks if the calling app is running as a guest user. * @return whether the caller is a guest user. Loading packages/SystemUI/src/com/android/systemui/statusbar/policy/SecurityControllerImpl.java +3 −3 Original line number Diff line number Diff line Loading @@ -182,10 +182,10 @@ public class SecurityControllerImpl implements SecurityController { @Override public void onUserSwitched(int newUserId) { mCurrentUserId = newUserId; if (mUserManager.getUserInfo(newUserId).isRestricted()) { final UserInfo newUserInfo = mUserManager.getUserInfo(newUserId); if (newUserInfo.isRestricted()) { // VPN for a restricted profile is routed through its owner user // TODO: http://b/22950929 mVpnUserId = UserHandle.USER_SYSTEM; mVpnUserId = newUserInfo.restrictedProfileParentId; } else { mVpnUserId = mCurrentUserId; } Loading services/core/java/com/android/server/ConnectivityService.java +26 −0 Original line number Diff line number Diff line Loading @@ -754,6 +754,8 @@ public class ConnectivityService extends IConnectivityManager.Stub IntentFilter intentFilter = new IntentFilter(); intentFilter.addAction(Intent.ACTION_USER_STARTING); intentFilter.addAction(Intent.ACTION_USER_STOPPING); intentFilter.addAction(Intent.ACTION_USER_ADDED); intentFilter.addAction(Intent.ACTION_USER_REMOVED); mContext.registerReceiverAsUser( mUserIntentReceiver, UserHandle.ALL, intentFilter, null, null); Loading Loading @@ -3525,6 +3527,26 @@ public class ConnectivityService extends IConnectivityManager.Stub } } private void onUserAdded(int userId) { synchronized(mVpns) { final int vpnsSize = mVpns.size(); for (int i = 0; i < vpnsSize; i++) { Vpn vpn = mVpns.valueAt(i); vpn.onUserAdded(userId); } } } private void onUserRemoved(int userId) { synchronized(mVpns) { final int vpnsSize = mVpns.size(); for (int i = 0; i < vpnsSize; i++) { Vpn vpn = mVpns.valueAt(i); vpn.onUserRemoved(userId); } } } private BroadcastReceiver mUserIntentReceiver = new BroadcastReceiver() { @Override public void onReceive(Context context, Intent intent) { Loading @@ -3536,6 +3558,10 @@ public class ConnectivityService extends IConnectivityManager.Stub onUserStart(userId); } else if (Intent.ACTION_USER_STOPPING.equals(action)) { onUserStop(userId); } else if (Intent.ACTION_USER_ADDED.equals(action)) { onUserAdded(userId); } else if (Intent.ACTION_USER_REMOVED.equals(action)) { onUserRemoved(userId); } } }; Loading services/core/java/com/android/server/connectivity/Vpn.java +21 −45 Original line number Diff line number Diff line Loading @@ -20,9 +20,6 @@ import static android.Manifest.permission.BIND_VPN_SERVICE; import static android.net.ConnectivityManager.NETID_UNSET; import static android.net.RouteInfo.RTN_THROW; import static android.net.RouteInfo.RTN_UNREACHABLE; import static android.os.UserHandle.PER_USER_RANGE; import static android.system.OsConstants.AF_INET; import static android.system.OsConstants.AF_INET6; import android.Manifest; import android.app.AppGlobals; Loading @@ -34,13 +31,11 @@ import android.content.Context; import android.content.Intent; import android.content.IntentFilter; import android.content.ServiceConnection; import android.content.pm.ApplicationInfo; import android.content.pm.PackageManager; import android.content.pm.PackageManager.NameNotFoundException; import android.content.pm.ResolveInfo; import android.content.pm.UserInfo; import android.net.ConnectivityManager; import android.net.IConnectivityManager; import android.net.INetworkManagementEventObserver; import android.net.IpPrefix; import android.net.LinkAddress; Loading Loading @@ -126,7 +121,6 @@ public class Vpn { /* list of users using this VPN. */ @GuardedBy("this") private List<UidRange> mVpnUsers = null; private BroadcastReceiver mUserIntentReceiver = null; // Handle of user initiating VPN. private final int mUserHandle; Loading @@ -146,31 +140,6 @@ public class Vpn { } catch (RemoteException e) { Log.wtf(TAG, "Problem registering observer", e); } // TODO: http://b/22950929 if (userHandle == UserHandle.USER_SYSTEM) { // Owner's VPN also needs to handle restricted users mUserIntentReceiver = new BroadcastReceiver() { @Override public void onReceive(Context context, Intent intent) { final String action = intent.getAction(); final int userHandle = intent.getIntExtra(Intent.EXTRA_USER_HANDLE, UserHandle.USER_NULL); if (userHandle == UserHandle.USER_NULL) return; if (Intent.ACTION_USER_ADDED.equals(action)) { onUserAdded(userHandle); } else if (Intent.ACTION_USER_REMOVED.equals(action)) { onUserRemoved(userHandle); } } }; IntentFilter intentFilter = new IntentFilter(); intentFilter.addAction(Intent.ACTION_USER_ADDED); intentFilter.addAction(Intent.ACTION_USER_REMOVED); mContext.registerReceiverAsUser( mUserIntentReceiver, UserHandle.ALL, intentFilter, null, null); } mNetworkInfo = new NetworkInfo(ConnectivityManager.TYPE_VPN, 0, NETWORKTYPE, ""); // TODO: Copy metered attribute and bandwidths from physical transport, b/16207332 Loading Loading @@ -439,8 +408,8 @@ public class Vpn { } addVpnUserLocked(mUserHandle); // If we are owner assign all Restricted Users to this VPN if (mUserHandle == UserHandle.USER_OWNER) { // If the user can have restricted profiles, assign all its restricted profiles to this VPN if (canHaveRestrictedProfile(mUserHandle)) { token = Binder.clearCallingIdentity(); List<UserInfo> users; try { Loading @@ -449,7 +418,7 @@ public class Vpn { Binder.restoreCallingIdentity(token); } for (UserInfo user : users) { if (user.isRestricted()) { if (user.isRestricted() && (user.restrictedProfileParentId == mUserHandle)) { addVpnUserLocked(user.id); } } Loading @@ -457,6 +426,15 @@ public class Vpn { mNetworkAgent.addUidRanges(mVpnUsers.toArray(new UidRange[mVpnUsers.size()])); } private boolean canHaveRestrictedProfile(int userId) { long token = Binder.clearCallingIdentity(); try { return UserManager.get(mContext).canHaveRestrictedProfile(userId); } finally { Binder.restoreCallingIdentity(token); } } private void agentDisconnect(NetworkInfo networkInfo, NetworkAgent networkAgent) { networkInfo.setIsAvailable(false); networkInfo.setDetailedState(DetailedState.DISCONNECTED, null, null); Loading Loading @@ -681,12 +659,11 @@ public class Vpn { mStatusIntent = null; } private void onUserAdded(int userHandle) { // If the user is restricted tie them to the owner's VPN public void onUserAdded(int userHandle) { // If the user is restricted tie them to the parent user's VPN UserInfo user = UserManager.get(mContext).getUserInfo(userHandle); if (user.isRestricted() && user.restrictedProfileParentId == mUserHandle) { synchronized(Vpn.this) { UserManager mgr = UserManager.get(mContext); UserInfo user = mgr.getUserInfo(userHandle); if (user.isRestricted()) { try { addVpnUserLocked(userHandle); if (mNetworkAgent != null) { Loading @@ -700,12 +677,11 @@ public class Vpn { } } private void onUserRemoved(int userHandle) { public void onUserRemoved(int userHandle) { // clean up if restricted UserInfo user = UserManager.get(mContext).getUserInfo(userHandle); if (user.isRestricted() && user.restrictedProfileParentId == mUserHandle) { synchronized(Vpn.this) { UserManager mgr = UserManager.get(mContext); UserInfo user = mgr.getUserInfo(userHandle); if (user.isRestricted()) { try { removeVpnUserLocked(userHandle); } catch (Exception e) { Loading Loading
core/java/android/os/IUserManager.aidl +1 −0 Original line number Diff line number Diff line Loading @@ -49,6 +49,7 @@ interface IUserManager { UserInfo getUserInfo(int userHandle); long getUserCreationTime(int userHandle); boolean isRestricted(); boolean canHaveRestrictedProfile(int userId); int getUserSerialNumber(int userHandle); int getUserHandle(int userSerialNumber); Bundle getUserRestrictions(int userHandle); Loading
core/java/android/os/UserManager.java +13 −0 Original line number Diff line number Diff line Loading @@ -631,6 +631,19 @@ public class UserManager { } } /** * Checks if specified user can have restricted profile. * @hide */ public boolean canHaveRestrictedProfile(int userId) { try { return mService.canHaveRestrictedProfile(userId); } catch (RemoteException re) { Log.w(TAG, "Could not check if user can have restricted profile", re); return false; } } /** * Checks if the calling app is running as a guest user. * @return whether the caller is a guest user. Loading
packages/SystemUI/src/com/android/systemui/statusbar/policy/SecurityControllerImpl.java +3 −3 Original line number Diff line number Diff line Loading @@ -182,10 +182,10 @@ public class SecurityControllerImpl implements SecurityController { @Override public void onUserSwitched(int newUserId) { mCurrentUserId = newUserId; if (mUserManager.getUserInfo(newUserId).isRestricted()) { final UserInfo newUserInfo = mUserManager.getUserInfo(newUserId); if (newUserInfo.isRestricted()) { // VPN for a restricted profile is routed through its owner user // TODO: http://b/22950929 mVpnUserId = UserHandle.USER_SYSTEM; mVpnUserId = newUserInfo.restrictedProfileParentId; } else { mVpnUserId = mCurrentUserId; } Loading
services/core/java/com/android/server/ConnectivityService.java +26 −0 Original line number Diff line number Diff line Loading @@ -754,6 +754,8 @@ public class ConnectivityService extends IConnectivityManager.Stub IntentFilter intentFilter = new IntentFilter(); intentFilter.addAction(Intent.ACTION_USER_STARTING); intentFilter.addAction(Intent.ACTION_USER_STOPPING); intentFilter.addAction(Intent.ACTION_USER_ADDED); intentFilter.addAction(Intent.ACTION_USER_REMOVED); mContext.registerReceiverAsUser( mUserIntentReceiver, UserHandle.ALL, intentFilter, null, null); Loading Loading @@ -3525,6 +3527,26 @@ public class ConnectivityService extends IConnectivityManager.Stub } } private void onUserAdded(int userId) { synchronized(mVpns) { final int vpnsSize = mVpns.size(); for (int i = 0; i < vpnsSize; i++) { Vpn vpn = mVpns.valueAt(i); vpn.onUserAdded(userId); } } } private void onUserRemoved(int userId) { synchronized(mVpns) { final int vpnsSize = mVpns.size(); for (int i = 0; i < vpnsSize; i++) { Vpn vpn = mVpns.valueAt(i); vpn.onUserRemoved(userId); } } } private BroadcastReceiver mUserIntentReceiver = new BroadcastReceiver() { @Override public void onReceive(Context context, Intent intent) { Loading @@ -3536,6 +3558,10 @@ public class ConnectivityService extends IConnectivityManager.Stub onUserStart(userId); } else if (Intent.ACTION_USER_STOPPING.equals(action)) { onUserStop(userId); } else if (Intent.ACTION_USER_ADDED.equals(action)) { onUserAdded(userId); } else if (Intent.ACTION_USER_REMOVED.equals(action)) { onUserRemoved(userId); } } }; Loading
services/core/java/com/android/server/connectivity/Vpn.java +21 −45 Original line number Diff line number Diff line Loading @@ -20,9 +20,6 @@ import static android.Manifest.permission.BIND_VPN_SERVICE; import static android.net.ConnectivityManager.NETID_UNSET; import static android.net.RouteInfo.RTN_THROW; import static android.net.RouteInfo.RTN_UNREACHABLE; import static android.os.UserHandle.PER_USER_RANGE; import static android.system.OsConstants.AF_INET; import static android.system.OsConstants.AF_INET6; import android.Manifest; import android.app.AppGlobals; Loading @@ -34,13 +31,11 @@ import android.content.Context; import android.content.Intent; import android.content.IntentFilter; import android.content.ServiceConnection; import android.content.pm.ApplicationInfo; import android.content.pm.PackageManager; import android.content.pm.PackageManager.NameNotFoundException; import android.content.pm.ResolveInfo; import android.content.pm.UserInfo; import android.net.ConnectivityManager; import android.net.IConnectivityManager; import android.net.INetworkManagementEventObserver; import android.net.IpPrefix; import android.net.LinkAddress; Loading Loading @@ -126,7 +121,6 @@ public class Vpn { /* list of users using this VPN. */ @GuardedBy("this") private List<UidRange> mVpnUsers = null; private BroadcastReceiver mUserIntentReceiver = null; // Handle of user initiating VPN. private final int mUserHandle; Loading @@ -146,31 +140,6 @@ public class Vpn { } catch (RemoteException e) { Log.wtf(TAG, "Problem registering observer", e); } // TODO: http://b/22950929 if (userHandle == UserHandle.USER_SYSTEM) { // Owner's VPN also needs to handle restricted users mUserIntentReceiver = new BroadcastReceiver() { @Override public void onReceive(Context context, Intent intent) { final String action = intent.getAction(); final int userHandle = intent.getIntExtra(Intent.EXTRA_USER_HANDLE, UserHandle.USER_NULL); if (userHandle == UserHandle.USER_NULL) return; if (Intent.ACTION_USER_ADDED.equals(action)) { onUserAdded(userHandle); } else if (Intent.ACTION_USER_REMOVED.equals(action)) { onUserRemoved(userHandle); } } }; IntentFilter intentFilter = new IntentFilter(); intentFilter.addAction(Intent.ACTION_USER_ADDED); intentFilter.addAction(Intent.ACTION_USER_REMOVED); mContext.registerReceiverAsUser( mUserIntentReceiver, UserHandle.ALL, intentFilter, null, null); } mNetworkInfo = new NetworkInfo(ConnectivityManager.TYPE_VPN, 0, NETWORKTYPE, ""); // TODO: Copy metered attribute and bandwidths from physical transport, b/16207332 Loading Loading @@ -439,8 +408,8 @@ public class Vpn { } addVpnUserLocked(mUserHandle); // If we are owner assign all Restricted Users to this VPN if (mUserHandle == UserHandle.USER_OWNER) { // If the user can have restricted profiles, assign all its restricted profiles to this VPN if (canHaveRestrictedProfile(mUserHandle)) { token = Binder.clearCallingIdentity(); List<UserInfo> users; try { Loading @@ -449,7 +418,7 @@ public class Vpn { Binder.restoreCallingIdentity(token); } for (UserInfo user : users) { if (user.isRestricted()) { if (user.isRestricted() && (user.restrictedProfileParentId == mUserHandle)) { addVpnUserLocked(user.id); } } Loading @@ -457,6 +426,15 @@ public class Vpn { mNetworkAgent.addUidRanges(mVpnUsers.toArray(new UidRange[mVpnUsers.size()])); } private boolean canHaveRestrictedProfile(int userId) { long token = Binder.clearCallingIdentity(); try { return UserManager.get(mContext).canHaveRestrictedProfile(userId); } finally { Binder.restoreCallingIdentity(token); } } private void agentDisconnect(NetworkInfo networkInfo, NetworkAgent networkAgent) { networkInfo.setIsAvailable(false); networkInfo.setDetailedState(DetailedState.DISCONNECTED, null, null); Loading Loading @@ -681,12 +659,11 @@ public class Vpn { mStatusIntent = null; } private void onUserAdded(int userHandle) { // If the user is restricted tie them to the owner's VPN public void onUserAdded(int userHandle) { // If the user is restricted tie them to the parent user's VPN UserInfo user = UserManager.get(mContext).getUserInfo(userHandle); if (user.isRestricted() && user.restrictedProfileParentId == mUserHandle) { synchronized(Vpn.this) { UserManager mgr = UserManager.get(mContext); UserInfo user = mgr.getUserInfo(userHandle); if (user.isRestricted()) { try { addVpnUserLocked(userHandle); if (mNetworkAgent != null) { Loading @@ -700,12 +677,11 @@ public class Vpn { } } private void onUserRemoved(int userHandle) { public void onUserRemoved(int userHandle) { // clean up if restricted UserInfo user = UserManager.get(mContext).getUserInfo(userHandle); if (user.isRestricted() && user.restrictedProfileParentId == mUserHandle) { synchronized(Vpn.this) { UserManager mgr = UserManager.get(mContext); UserInfo user = mgr.getUserInfo(userHandle); if (user.isRestricted()) { try { removeVpnUserLocked(userHandle); } catch (Exception e) { Loading
