Merge "Restricting creation of Clone Profile when the device owner is set" (928116e4) · Commits · e / os / android_frameworks_base

core/java/android/os/UserManager.java

+15 −0

Original line number	Diff line number	Diff line
		@@ -819,6 +819,20 @@ public class UserManager {
		@Deprecated
		public static final String DISALLOW_ADD_MANAGED_PROFILE = "no_add_managed_profile";

		/**
		* Specifies if a user is disallowed from creating clone profile.
		* <p>The default value for an unmanaged user is <code>false</code>.
		* For users with a device owner set, the default is <code>true</code>.
		*
		* <p>Key for user restrictions.
		* <p>Type: Boolean
		* @see DevicePolicyManager#addUserRestriction(ComponentName, String)
		* @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
		* @see #getUserRestrictions()
		* @hide
		*/
		public static final String DISALLOW_ADD_CLONE_PROFILE = "no_add_clone_profile";

		/**
		* Specifies if a user is disallowed from disabling application verification. The default
		* value is <code>false</code>.
		@@ -1497,6 +1511,7 @@ public class UserManager {
		DISALLOW_FACTORY_RESET,
		DISALLOW_ADD_USER,
		DISALLOW_ADD_MANAGED_PROFILE,
		DISALLOW_ADD_CLONE_PROFILE,
		ENSURE_VERIFY_APPS,
		DISALLOW_CONFIG_CELL_BROADCASTS,
		DISALLOW_CONFIG_MOBILE_NETWORKS,

services/core/java/com/android/server/pm/UserManagerService.java

+12 −3

Original line number	Diff line number	Diff line
		@@ -3675,9 +3675,18 @@ public class UserManagerService extends IUserManager.Stub {
		@UserInfoFlag int flags, @UserIdInt int parentId,
		@Nullable String[] disallowedPackages)
		throws UserManager.CheckedUserOperationException {
		String restriction = (UserManager.isUserTypeManagedProfile(userType))
		? UserManager.DISALLOW_ADD_MANAGED_PROFILE
		: UserManager.DISALLOW_ADD_USER;

		// Checking user restriction before creating new user,
		// default check is for DISALLOW_ADD_USER
		// If new user is of type CLONE, check if creation of clone profile is allowed
		// If new user is of type MANAGED, check if creation of managed profile is allowed
		String restriction = UserManager.DISALLOW_ADD_USER;
		if (UserManager.isUserTypeCloneProfile(userType)) {
		restriction = UserManager.DISALLOW_ADD_CLONE_PROFILE;
		} else if (UserManager.isUserTypeManagedProfile(userType)) {
		restriction = UserManager.DISALLOW_ADD_MANAGED_PROFILE;
		}

		enforceUserRestriction(restriction, UserHandle.getCallingUserId(),
		"Cannot add user");
		return createUserInternalUnchecked(name, userType, flags, parentId,

services/core/java/com/android/server/pm/UserRestrictionsUtils.java

+1 −0

Original line number	Diff line number	Diff line
		@@ -101,6 +101,7 @@ public class UserRestrictionsUtils {
		UserManager.DISALLOW_FACTORY_RESET,
		UserManager.DISALLOW_ADD_USER,
		UserManager.DISALLOW_ADD_MANAGED_PROFILE,
		UserManager.DISALLOW_ADD_CLONE_PROFILE,
		UserManager.ENSURE_VERIFY_APPS,
		UserManager.DISALLOW_CONFIG_CELL_BROADCASTS,
		UserManager.DISALLOW_CONFIG_MOBILE_NETWORKS,

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+26 −4

Original line number	Diff line number	Diff line
		@@ -2236,7 +2236,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		* a managed profile.
		*/
		@GuardedBy("getLockObject()")
		private void applyManagedProfileRestrictionIfDeviceOwnerLocked() {
		private void applyProfileRestrictionsIfDeviceOwnerLocked() {
		final int doUserId = mOwners.getDeviceOwnerUserId();
		if (doUserId == UserHandle.USER_NULL) {
		if (VERBOSE_LOG) Slogf.d(LOG_TAG, "No DO found, skipping application of restriction.");
		@@ -2244,7 +2244,17 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		}

		final UserHandle doUserHandle = UserHandle.of(doUserId);
		// Set the restriction if not set.

		// Based on CDD : https://source.android.com/compatibility/12/android-12-cdd#95_multi-user_support,
		// creation of clone profile is not allowed in case device owner is set.
		// Enforcing this restriction on setting up of device owner.
		if (!mUserManager.hasUserRestriction(
		UserManager.DISALLOW_ADD_CLONE_PROFILE, doUserHandle)) {
		mUserManager.setUserRestriction(UserManager.DISALLOW_ADD_CLONE_PROFILE, true,
		doUserHandle);
		}
		// Creation of managed profile is restricted in case device owner is set, enforcing this
		// restriction by setting user level restriction at time of device owner setup.
		if (!mUserManager.hasUserRestriction(
		UserManager.DISALLOW_ADD_MANAGED_PROFILE, doUserHandle)) {
		mUserManager.setUserRestriction(UserManager.DISALLOW_ADD_MANAGED_PROFILE, true,
		@@ -3153,7 +3163,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		case SystemService.PHASE_ACTIVITY_MANAGER_READY:
		synchronized (getLockObject()) {
		migrateToProfileOnOrganizationOwnedDeviceIfCompLocked();
		applyManagedProfileRestrictionIfDeviceOwnerLocked();
		applyProfileRestrictionsIfDeviceOwnerLocked();
		}
		maybeStartSecurityLogMonitorOnActivityManagerReady();
		break;
		@@ -3778,6 +3788,12 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		mUserManager.setUserRestriction(UserManager.DISALLOW_ADD_MANAGED_PROFILE, false,
		userHandle);
		}
		// When a device owner is set, the system automatically restricts adding a clone profile.
		// Remove this restriction when the device owner is cleared.
		if (mUserManager.hasUserRestriction(UserManager.DISALLOW_ADD_CLONE_PROFILE, userHandle)) {
		mUserManager.setUserRestriction(UserManager.DISALLOW_ADD_CLONE_PROFILE, false,
		userHandle);
		}
		}

		/**
		@@ -8470,6 +8486,12 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		// on the primary profile).
		mUserManager.setUserRestriction(UserManager.DISALLOW_ADD_MANAGED_PROFILE, true,
		UserHandle.of(userId));
		// Restrict adding a clone profile when a device owner is set on the device.
		// That is to prevent the co-existence of a clone profile and a device owner
		// on the same device.
		// CDD for reference : https://source.android.com/compatibility/12/android-12-cdd#95_multi-user_support
		mUserManager.setUserRestriction(UserManager.DISALLOW_ADD_CLONE_PROFILE, true,
		UserHandle.of(userId));
		// TODO Send to system too?
		sendOwnerChangedBroadcast(DevicePolicyManager.ACTION_DEVICE_OWNER_CHANGED, userId);
		});
		@@ -8942,7 +8964,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		mOwners.writeProfileOwner(userId);
		deleteTransferOwnershipBundleLocked(userId);
		toggleBackupServiceActive(userId, true);
		applyManagedProfileRestrictionIfDeviceOwnerLocked();
		applyProfileRestrictionsIfDeviceOwnerLocked();
		setNetworkLoggingActiveInternal(false);
		}

services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java

+8 −0

Original line number	Diff line number	Diff line
		@@ -1117,6 +1117,10 @@ public class DevicePolicyManagerTest extends DpmTestBase {
		eq(UserManager.DISALLOW_ADD_MANAGED_PROFILE),
		eq(true), eq(UserHandle.SYSTEM));

		verify(getServices().userManager, times(1)).setUserRestriction(
		eq(UserManager.DISALLOW_ADD_CLONE_PROFILE),
		eq(true), eq(UserHandle.SYSTEM));

		verify(mContext.spiedContext, times(1)).sendBroadcastAsUser(
		MockUtils.checkIntentAction(DevicePolicyManager.ACTION_DEVICE_OWNER_CHANGED),
		MockUtils.checkUserHandle(UserHandle.USER_SYSTEM));
		@@ -1398,6 +1402,10 @@ public class DevicePolicyManagerTest extends DpmTestBase {
		eq(false),
		MockUtils.checkUserHandle(UserHandle.USER_SYSTEM));

		verify(getServices().userManager)
		.setUserRestriction(eq(UserManager.DISALLOW_ADD_CLONE_PROFILE), eq(false),
		MockUtils.checkUserHandle(UserHandle.USER_SYSTEM));

		verify(getServices().userManagerInternal).setDevicePolicyUserRestrictions(
		eq(UserHandle.USER_SYSTEM), MockUtils.checkUserRestrictions(),
		MockUtils.checkUserRestrictions(UserHandle.USER_SYSTEM), eq(true));