Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 87e2e514 authored by Tarandeep Singh's avatar Tarandeep Singh
Browse files

Respect DISALLOW_DEBUGGING_FEATURES in IME shell commands 

DISALLOW_DEBUGGING_FEATURES should restrict user's ability to call:
adb shell ime reset / set / enable / disable.

Fixes: 122922209
Test: Manually tested as follows:
     1. create a new user:
        adb shell pm create-user test
        output: Success: created user id 11
     2. Enable restriction:
        adb shell pm set-user-restriction --user 11 no_debugging_features 1
     3. Check default user has access with:
        adb shell ime reset
     4. Switch user to 11.
        adb shell am switch-user 11
     5. Try IME adb command for user 11
        adb shell ime reset
        output: User #11 is restricted with DISALLOW_DEBUGGING_FEATURES.
     6. Repeat for set, enable, disable.

Change-Id: I7714294a1bf7d0322c34e1d3bfba7f2e7fc8766e
parent 866d7ef0

services/core/java/com/android/server/inputmethod/InputMethodManagerService.java

+25 −1
Original line number Diff line number Diff line
@@ -4656,9 +4656,11 @@ public class InputMethodManagerService extends IInputMethodManager.Stub 
    private int handleShellCommandEnableDisableInputMethod(

            @NonNull ShellCommand shellCommand, boolean enabled) {

        final String id = shellCommand.getNextArgRequired();



        final boolean previouslyEnabled;

        synchronized (mMethodMap) {

            if (!userHasDebugPriv(mSettings.getCurrentUserId(), shellCommand)) {

                return ShellCommandResult.SUCCESS;

            }

            previouslyEnabled = setInputMethodEnabledLocked(id, enabled);

        }

        final PrintWriter pr = shellCommand.getOutPrintWriter();
@@ -4680,6 +4682,9 @@ public class InputMethodManagerService extends IInputMethodManager.Stub 
    private int handleShellCommandSetInputMethod(@NonNull ShellCommand shellCommand) {

        final String id = shellCommand.getNextArgRequired();

        synchronized (mMethodMap) {

            if (!userHasDebugPriv(mSettings.getCurrentUserId(), shellCommand)) {

                return ShellCommandResult.SUCCESS;

            }

            setInputMethodLocked(id, NOT_A_SUBTYPE_ID);

        }

        final PrintWriter pr = shellCommand.getOutPrintWriter();
@@ -4698,6 +4703,9 @@ public class InputMethodManagerService extends IInputMethodManager.Stub 
    @ShellCommandResult

    private int handleShellCommandResetInputMethod(@NonNull ShellCommand shellCommand) {

        synchronized (mMethodMap) {

            if (!userHasDebugPriv(mSettings.getCurrentUserId(), shellCommand)) {

                return ShellCommandResult.SUCCESS;

            }

            final String nextIme;

            final List<InputMethodInfo> nextEnabledImes;

            hideCurrentInputLocked(0, null);
@@ -4735,6 +4743,22 @@ public class InputMethodManagerService extends IInputMethodManager.Stub 
        }

    }



    /**

     * @param userId the actual user handle obtained by {@link UserHandle#getIdentifier()}

     * and *not* pseudo ids like {@link UserHandle#USER_ALL etc}.

     * @return {@code true} if userId has debugging privileges.

     * i.e. {@link UserManager#DISALLOW_DEBUGGING_FEATURES} is {@code false}.

     */

    private boolean userHasDebugPriv(int userId, final ShellCommand shellCommand) {

        if (mUserManager.hasUserRestriction(

                UserManager.DISALLOW_DEBUGGING_FEATURES, UserHandle.of(userId))) {

            shellCommand.getErrPrintWriter().println("User #" + userId

                    + " is restricted with DISALLOW_DEBUGGING_FEATURES.");

            return false;

        }

        return true;

    }



    private static final class InputMethodPrivilegedOperationsImpl

            extends IInputMethodPrivilegedOperations.Stub {

        private final InputMethodManagerService mImms;