Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a449c28a authored by Adam Bookatz's avatar Adam Bookatz Committed by Automerger Merge Worker
Browse files

Merge "Relax permissions for isUserOfType, isUserNameSet" into tm-dev am: 56996833

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/17073401

Change-Id: I3c29c8768abc3bcfc71f9a0804735cd32836783e
parents d2f20499 56996833
Loading
Loading
Loading
Loading
+2 −2
Original line number Diff line number Diff line
@@ -9804,8 +9804,8 @@ package android.os {
    method public boolean isRestrictedProfile();
    method @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.CREATE_USERS}, conditional=true) public boolean isRestrictedProfile(@NonNull android.os.UserHandle);
    method @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.QUERY_USERS}) public boolean isSameProfileGroup(@NonNull android.os.UserHandle, @NonNull android.os.UserHandle);
    method @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.GET_ACCOUNTS_PRIVILEGED}) public boolean isUserNameSet();
    method @RequiresPermission(android.Manifest.permission.MANAGE_USERS) public boolean isUserOfType(@NonNull String);
    method @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.CREATE_USERS, android.Manifest.permission.QUERY_USERS, android.Manifest.permission.GET_ACCOUNTS_PRIVILEGED}) public boolean isUserNameSet();
    method @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.CREATE_USERS, android.Manifest.permission.QUERY_USERS}) public boolean isUserOfType(@NonNull String);
    method @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.INTERACT_ACROSS_USERS}, conditional=true) public boolean isUserUnlockingOrUnlocked(@NonNull android.os.UserHandle);
    method @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.CREATE_USERS}) public boolean removeUser(@NonNull android.os.UserHandle);
    method @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.CREATE_USERS}) public int removeUserWhenPossible(@NonNull android.os.UserHandle, boolean);
+15 −4
Original line number Diff line number Diff line
@@ -2186,9 +2186,17 @@ public class UserManager {
     * @hide
     */
    @SystemApi
    @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
            Manifest.permission.GET_ACCOUNTS_PRIVILEGED})
    @UserHandleAware(enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU)
    @RequiresPermission(anyOf = {
            android.Manifest.permission.MANAGE_USERS,
            android.Manifest.permission.CREATE_USERS,
            android.Manifest.permission.QUERY_USERS,
            android.Manifest.permission.GET_ACCOUNTS_PRIVILEGED})
    @UserHandleAware(
            enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU,
            requiresAnyOfPermissionsIfNotCaller = {
                    android.Manifest.permission.MANAGE_USERS,
                    android.Manifest.permission.CREATE_USERS,
                    android.Manifest.permission.QUERY_USERS})
    public boolean isUserNameSet() {
        try {
            return mService.isUserNameSet(getContextUserIfAppropriate());
@@ -2292,8 +2300,11 @@ public class UserManager {
     * @hide
     */
    @SystemApi
    @RequiresPermission(anyOf = {
            android.Manifest.permission.MANAGE_USERS,
            android.Manifest.permission.CREATE_USERS,
            android.Manifest.permission.QUERY_USERS})
    @UserHandleAware
    @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
    public boolean isUserOfType(@NonNull String userType) {
        try {
            return mService.isUserOfType(mUserId, userType);
+9 −5
Original line number Diff line number Diff line
@@ -1387,7 +1387,7 @@ public class UserManagerService extends IUserManager.Stub {
     */
    @Override
    public boolean isUserOfType(@UserIdInt int userId, String userType) {
        checkManageUsersPermission("check user type");
        checkQueryOrCreateUsersPermission("check user type");
        return userType != null && userType.equals(getUserTypeNoChecks(userId));
    }

@@ -1643,7 +1643,7 @@ public class UserManagerService extends IUserManager.Stub {
        if (!hasQueryOrCreateUsersPermission()
                && !hasPermissionGranted(
                        android.Manifest.permission.GET_ACCOUNTS_PRIVILEGED, callingUid)) {
            throw new SecurityException("You need MANAGE_USERS or CREATE_USERS or "
            throw new SecurityException("You need MANAGE_USERS, CREATE_USERS, QUERY_USERS, or "
                    + "GET_ACCOUNTS_PRIVILEGED permissions to: get user name");
        }
        final int userId = UserHandle.getUserId(callingUid);
@@ -5064,9 +5064,13 @@ public class UserManagerService extends IUserManager.Stub {

    @Override
    public boolean isUserNameSet(@UserIdInt int userId) {
        if (!hasManageUsersOrPermission(android.Manifest.permission.GET_ACCOUNTS_PRIVILEGED)) {
            throw new SecurityException("You need MANAGE_USERS or GET_ACCOUNTS_PRIVILEGED "
                    + "permissions to: get whether user name is set");
        final int callingUid = Binder.getCallingUid();
        final int callingUserId = UserHandle.getUserId(callingUid);
        if (!hasQueryOrCreateUsersPermission()
                && !(callingUserId == userId && hasPermissionGranted(
                android.Manifest.permission.GET_ACCOUNTS_PRIVILEGED, callingUid))) {
            throw new SecurityException("You need MANAGE_USERS, CREATE_USERS, QUERY_USERS, or "
                    + "GET_ACCOUNTS_PRIVILEGED permissions to: get whether user name is set");
        }
        synchronized (mUsersLock) {
            final UserInfo userInfo = getUserInfoLU(userId);