Remove UserManager.setSystemControlledUserRestriction() (ac65e1e1) · Commits · e / os / android_frameworks_base

core/java/android/os/IUserManager.aidl

+0 −1

Original line number	Diff line number	Diff line
		@@ -56,7 +56,6 @@ interface IUserManager {
		Bundle getUserRestrictions(int userHandle);
		boolean hasUserRestriction(in String restrictionKey, int userHandle);
		void setUserRestriction(String key, boolean value, int userId);
		void setSystemControlledUserRestriction(String key, boolean value, int userId);
		void setApplicationRestrictions(in String packageName, in Bundle restrictions,
		int userHandle);
		Bundle getApplicationRestrictions(in String packageName);

services/core/java/com/android/server/audio/AudioService.java

+2 −2

Original line number	Diff line number	Diff line
		@@ -5151,12 +5151,12 @@ public class AudioService extends IAudioService.Stub {
		UserInfo userInfo = UserManagerService.getInstance().getUserInfo(userId);
		killBackgroundUserProcessesWithRecordAudioPermission(userInfo);
		}
		UserManagerService.getInstance().setSystemControlledUserRestriction(
		UserManagerService.getInstance().setUserRestriction(
		UserManager.DISALLOW_RECORD_AUDIO, true, userId);
		} else if (action.equals(Intent.ACTION_USER_FOREGROUND)) {
		// Enable audio recording for foreground user/profile
		int userId = intent.getIntExtra(Intent.EXTRA_USER_HANDLE, -1);
		UserManagerService.getInstance().setSystemControlledUserRestriction(
		UserManagerService.getInstance().setUserRestriction(
		UserManager.DISALLOW_RECORD_AUDIO, false, userId);
		}
		}

services/core/java/com/android/server/pm/UserManagerService.java

+0 −12

Original line number	Diff line number	Diff line
		@@ -781,18 +781,6 @@ public class UserManagerService extends IUserManager.Stub {
		@Override
		public void setUserRestriction(String key, boolean value, int userId) {
		checkManageUsersPermission("setUserRestriction");
		if (!UserRestrictionsUtils.isSystemControlled(key)) {
		setUserRestrictionNoCheck(key, value, userId);
		}
		}

		@Override
		public void setSystemControlledUserRestriction(String key, boolean value, int userId) {
		checkSystemOrRoot("setSystemControlledUserRestriction");
		setUserRestrictionNoCheck(key, value, userId);
		}

		private void setUserRestrictionNoCheck(String key, boolean value, int userId) {
		synchronized (mRestrictionsLock) {
		// Note we can't modify Bundles stored in mBaseUserRestrictions directly, so create
		// a copy.

services/core/java/com/android/server/pm/UserRestrictionsUtils.java

+12 −21

Original line number	Diff line number	Diff line
		@@ -50,7 +50,7 @@ public class UserRestrictionsUtils {
		private UserRestrictionsUtils() {
		}

		public static final String[] USER_RESTRICTIONS = {
		public static final Set<String> USER_RESTRICTIONS = Sets.newArraySet(
		UserManager.DISALLOW_CONFIG_WIFI,
		UserManager.DISALLOW_MODIFY_ACCOUNTS,
		UserManager.DISALLOW_INSTALL_APPS,
		@@ -84,14 +84,7 @@ public class UserRestrictionsUtils {
		UserManager.DISALLOW_SAFE_BOOT,
		UserManager.ALLOW_PARENT_PROFILE_APP_LINKING,
		UserManager.DISALLOW_RECORD_AUDIO,
		UserManager.DISALLOW_CAMERA,
		};

		/**
		* Set of user restrictions, which can only be enforced by the system.
		*/
		public static final Set<String> SYSTEM_CONTROLLED_USER_RESTRICTIONS = Sets.newArraySet(
		UserManager.DISALLOW_RECORD_AUDIO
		UserManager.DISALLOW_CAMERA
		);

		/**
		@@ -143,11 +136,17 @@ public class UserRestrictionsUtils {
		}

		serializer.startTag(null, tag);
		for (String key : USER_RESTRICTIONS) {
		if (restrictions.getBoolean(key)
		&& !NON_PERSIST_USER_RESTRICTIONS.contains(key)) {
		for (String key : restrictions.keySet()) {
		if (NON_PERSIST_USER_RESTRICTIONS.contains(key)) {
		continue; // Don't persist.
		}
		if (USER_RESTRICTIONS.contains(key)) {
		if (restrictions.getBoolean(key)) {
		serializer.attribute(null, key, "true");
		}
		continue;
		}
		Log.w(TAG, "Unknown user restriction detected: " + key);
		}
		serializer.endTag(null, tag);
		}
		@@ -197,14 +196,6 @@ public class UserRestrictionsUtils {
		}
		}

		/**
		* @return true if a restriction is "system controlled"; i.e. can not be overwritten via
		* {@link UserManager#setUserRestriction}.
		*/
		public static boolean isSystemControlled(String restriction) {
		return SYSTEM_CONTROLLED_USER_RESTRICTIONS.contains(restriction);
		}

		/**
		* @return true if a restriction is settable by device owner.
		*/

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+7 −8

Original line number	Diff line number	Diff line
		@@ -1386,11 +1386,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		}
		migrated = true;

		// Migrate user 0 restrictions to DO, except for "system" restrictions.
		// Migrate user 0 restrictions to DO.
		final ActiveAdmin deviceOwnerAdmin = getDeviceOwnerAdminLocked();

		migrateUserRestrictionsForUser(UserHandle.SYSTEM, deviceOwnerAdmin,
		/* exceptionList =*/ UserRestrictionsUtils.SYSTEM_CONTROLLED_USER_RESTRICTIONS);
		/* exceptionList =*/ null);

		// Push DO user restrictions to user manager.
		pushUserRestrictions(UserHandle.USER_SYSTEM);
		@@ -1402,7 +1402,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		final Set<String> normalExceptionList = Sets.newArraySet(
		UserManager.DISALLOW_OUTGOING_CALLS,
		UserManager.DISALLOW_SMS);
		normalExceptionList.addAll(UserRestrictionsUtils.SYSTEM_CONTROLLED_USER_RESTRICTIONS);

		final Set<String> managedExceptionList = new ArraySet<>(normalExceptionList.size() + 1);
		managedExceptionList.addAll(normalExceptionList);
		@@ -1446,15 +1445,15 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		final Bundle origRestrictions = mUserManagerInternal.getBaseUserRestrictions(
		user.getIdentifier());

		final Bundle newSystemRestrictions = new Bundle();
		final Bundle newBaseRestrictions = new Bundle();
		final Bundle newOwnerRestrictions = new Bundle();

		for (String key : origRestrictions.keySet()) {
		if (!origRestrictions.getBoolean(key)) {
		continue;
		}
		if (exceptionList.contains(key)) {
		newSystemRestrictions.putBoolean(key, true);
		if (exceptionList!= null && exceptionList.contains(key)) {
		newBaseRestrictions.putBoolean(key, true);
		} else {
		newOwnerRestrictions.putBoolean(key, true);
		}
		@@ -1462,11 +1461,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {

		if (VERBOSE_LOG) {
		Log.v(LOG_TAG, "origRestrictions=" + origRestrictions);
		Log.v(LOG_TAG, "newSystemRestrictions=" + newSystemRestrictions);
		Log.v(LOG_TAG, "newBaseRestrictions=" + newBaseRestrictions);
		Log.v(LOG_TAG, "newOwnerRestrictions=" + newOwnerRestrictions);
		}
		mUserManagerInternal.setBaseUserRestrictionsByDpmsForMigration(user.getIdentifier(),
		newSystemRestrictions);
		newBaseRestrictions);

		if (admin != null) {
		admin.ensureUserRestrictions().clear();