use of android.content.pm.UserInfo in project platform_frameworks_base by android.
the class Owners method load.
/**
* Load configuration from the disk.
*/
void load() {
synchronized (mLock) {
// First, try to read from the legacy file.
final File legacy = getLegacyConfigFileWithTestOverride();
final List<UserInfo> users = mUserManager.getUsers(true);
if (readLegacyOwnerFileLocked(legacy)) {
if (DEBUG) {
Log.d(TAG, "Legacy config file found.");
}
// Legacy file exists, write to new files and remove the legacy one.
writeDeviceOwner();
for (int userId : getProfileOwnerKeys()) {
writeProfileOwner(userId);
}
if (DEBUG) {
Log.d(TAG, "Deleting legacy config file");
}
if (!legacy.delete()) {
Slog.e(TAG, "Failed to remove the legacy setting file");
}
} else {
// No legacy file, read from the new format files.
new DeviceOwnerReadWriter().readFromFileLocked();
for (UserInfo ui : users) {
new ProfileOwnerReadWriter(ui.id).readFromFileLocked();
}
}
mUserManagerInternal.setDeviceManaged(hasDeviceOwner());
for (UserInfo ui : users) {
mUserManagerInternal.setUserManaged(ui.id, hasProfileOwner(ui.id));
}
if (hasDeviceOwner() && hasProfileOwner(getDeviceOwnerUserId())) {
Slog.w(TAG, String.format("User %d has both DO and PO, which is not supported", getDeviceOwnerUserId()));
}
pushToPackageManagerLocked();
}
}
use of android.content.pm.UserInfo in project platform_frameworks_base by android.
the class DevicePolicyManagerService method setPermittedAccessibilityServices.
@Override
public boolean setPermittedAccessibilityServices(ComponentName who, List packageList) {
if (!mHasFeature) {
return false;
}
Preconditions.checkNotNull(who, "ComponentName is null");
if (packageList != null) {
int userId = UserHandle.getCallingUserId();
List<AccessibilityServiceInfo> enabledServices = null;
long id = mInjector.binderClearCallingIdentity();
try {
UserInfo user = getUserInfo(userId);
if (user.isManagedProfile()) {
userId = user.profileGroupId;
}
AccessibilityManager accessibilityManager = getAccessibilityManagerForUser(userId);
enabledServices = accessibilityManager.getEnabledAccessibilityServiceList(AccessibilityServiceInfo.FEEDBACK_ALL_MASK);
} finally {
mInjector.binderRestoreCallingIdentity(id);
}
if (enabledServices != null) {
List<String> enabledPackages = new ArrayList<String>();
for (AccessibilityServiceInfo service : enabledServices) {
enabledPackages.add(service.getResolveInfo().serviceInfo.packageName);
}
if (!checkPackagesInPermittedListOrSystem(enabledPackages, packageList, userId)) {
Slog.e(LOG_TAG, "Cannot set permitted accessibility services, " + "because it contains already enabled accesibility services.");
return false;
}
}
}
synchronized (this) {
ActiveAdmin admin = getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
admin.permittedAccessiblityServices = packageList;
saveSettingsLocked(UserHandle.getCallingUserId());
}
return true;
}
use of android.content.pm.UserInfo in project platform_frameworks_base by android.
the class DevicePolicyManagerService method addCrossProfileIntentFilter.
@Override
public void addCrossProfileIntentFilter(ComponentName who, IntentFilter filter, int flags) {
Preconditions.checkNotNull(who, "ComponentName is null");
int callingUserId = UserHandle.getCallingUserId();
synchronized (this) {
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
long id = mInjector.binderClearCallingIdentity();
try {
UserInfo parent = mUserManager.getProfileParent(callingUserId);
if (parent == null) {
Slog.e(LOG_TAG, "Cannot call addCrossProfileIntentFilter if there is no " + "parent");
return;
}
if ((flags & DevicePolicyManager.FLAG_PARENT_CAN_ACCESS_MANAGED) != 0) {
mIPackageManager.addCrossProfileIntentFilter(filter, who.getPackageName(), callingUserId, parent.id, 0);
}
if ((flags & DevicePolicyManager.FLAG_MANAGED_CAN_ACCESS_PARENT) != 0) {
mIPackageManager.addCrossProfileIntentFilter(filter, who.getPackageName(), parent.id, callingUserId, 0);
}
} catch (RemoteException re) {
// Shouldn't happen
} finally {
mInjector.binderRestoreCallingIdentity(id);
}
}
}
use of android.content.pm.UserInfo in project platform_frameworks_base by android.
the class DevicePolicyManagerService method enforceCanSetProfileOwnerLocked.
/**
* The profile owner can only be set by adb or an app with the MANAGE_PROFILE_AND_DEVICE_OWNERS
* permission.
* The profile owner can only be set before the user setup phase has completed,
* except for:
* - SYSTEM_UID
* - adb if there are no accounts. (But see {@link #hasIncompatibleAccountsLocked})
*/
private void enforceCanSetProfileOwnerLocked(@Nullable ComponentName owner, int userHandle) {
UserInfo info = getUserInfo(userHandle);
if (info == null) {
// User doesn't exist.
throw new IllegalArgumentException("Attempted to set profile owner for invalid userId: " + userHandle);
}
if (info.isGuest()) {
throw new IllegalStateException("Cannot set a profile owner on a guest");
}
if (mOwners.hasProfileOwner(userHandle)) {
throw new IllegalStateException("Trying to set the profile owner, but profile owner " + "is already set.");
}
if (mOwners.hasDeviceOwner() && mOwners.getDeviceOwnerUserId() == userHandle) {
throw new IllegalStateException("Trying to set the profile owner, but the user " + "already has a device owner.");
}
int callingUid = mInjector.binderGetCallingUid();
if (callingUid == Process.SHELL_UID || callingUid == Process.ROOT_UID) {
if (hasUserSetupCompleted(userHandle) && hasIncompatibleAccountsLocked(userHandle, owner)) {
throw new IllegalStateException("Not allowed to set the profile owner because " + "there are already some accounts on the profile");
}
return;
}
enforceCanManageProfileAndDeviceOwners();
if (hasUserSetupCompleted(userHandle) && !isCallerWithSystemUid()) {
throw new IllegalStateException("Cannot set the profile owner on a user which is " + "already set-up");
}
}
use of android.content.pm.UserInfo in project platform_frameworks_base by android.
the class DevicePolicyManagerService method removeCaApprovalsIfNeeded.
private void removeCaApprovalsIfNeeded(int userId) {
for (UserInfo userInfo : mUserManager.getProfiles(userId)) {
boolean isSecure = mLockPatternUtils.isSecure(userInfo.id);
if (userInfo.isManagedProfile()) {
isSecure |= mLockPatternUtils.isSecure(getProfileParentId(userInfo.id));
}
if (!isSecure) {
synchronized (this) {
getUserData(userInfo.id).mAcceptedCaCertificates.clear();
saveSettingsLocked(userInfo.id);
}
new MonitoringCertNotificationTask().execute(userInfo.id);
}
}
}
Aggregations