use of android.os.UserManager in project android_frameworks_base by DirtyUnicorns.
the class Vpn method startLegacyVpnPrivileged.
/**
* Like {@link #startLegacyVpn(VpnProfile, KeyStore, LinkProperties)}, but does not check
* permissions under the assumption that the caller is the system.
*
* Callers are responsible for checking permissions if needed.
*/
public void startLegacyVpnPrivileged(VpnProfile profile, KeyStore keyStore, LinkProperties egress) {
UserManager mgr = UserManager.get(mContext);
UserInfo user = mgr.getUserInfo(mUserHandle);
if (user.isRestricted() || mgr.hasUserRestriction(UserManager.DISALLOW_CONFIG_VPN, new UserHandle(mUserHandle))) {
throw new SecurityException("Restricted users cannot establish VPNs");
}
final RouteInfo ipv4DefaultRoute = findIPv4DefaultRoute(egress);
final String gateway = ipv4DefaultRoute.getGateway().getHostAddress();
final String iface = ipv4DefaultRoute.getInterface();
// Load certificates.
String privateKey = "";
String userCert = "";
String caCert = "";
String serverCert = "";
if (!profile.ipsecUserCert.isEmpty()) {
privateKey = Credentials.USER_PRIVATE_KEY + profile.ipsecUserCert;
byte[] value = keyStore.get(Credentials.USER_CERTIFICATE + profile.ipsecUserCert);
userCert = (value == null) ? null : new String(value, StandardCharsets.UTF_8);
}
if (!profile.ipsecCaCert.isEmpty()) {
byte[] value = keyStore.get(Credentials.CA_CERTIFICATE + profile.ipsecCaCert);
caCert = (value == null) ? null : new String(value, StandardCharsets.UTF_8);
}
if (!profile.ipsecServerCert.isEmpty()) {
byte[] value = keyStore.get(Credentials.USER_CERTIFICATE + profile.ipsecServerCert);
serverCert = (value == null) ? null : new String(value, StandardCharsets.UTF_8);
}
if (privateKey == null || userCert == null || caCert == null || serverCert == null) {
throw new IllegalStateException("Cannot load credentials");
}
// Prepare arguments for racoon.
String[] racoon = null;
switch(profile.type) {
case VpnProfile.TYPE_L2TP_IPSEC_PSK:
racoon = new String[] { iface, profile.server, "udppsk", profile.ipsecIdentifier, profile.ipsecSecret, "1701" };
break;
case VpnProfile.TYPE_L2TP_IPSEC_RSA:
racoon = new String[] { iface, profile.server, "udprsa", privateKey, userCert, caCert, serverCert, "1701" };
break;
case VpnProfile.TYPE_IPSEC_XAUTH_PSK:
racoon = new String[] { iface, profile.server, "xauthpsk", profile.ipsecIdentifier, profile.ipsecSecret, profile.username, profile.password, "", gateway };
break;
case VpnProfile.TYPE_IPSEC_XAUTH_RSA:
racoon = new String[] { iface, profile.server, "xauthrsa", privateKey, userCert, caCert, serverCert, profile.username, profile.password, "", gateway };
break;
case VpnProfile.TYPE_IPSEC_HYBRID_RSA:
racoon = new String[] { iface, profile.server, "hybridrsa", caCert, serverCert, profile.username, profile.password, "", gateway };
break;
}
// Prepare arguments for mtpd.
String[] mtpd = null;
switch(profile.type) {
case VpnProfile.TYPE_PPTP:
mtpd = new String[] { iface, "pptp", profile.server, "1723", "name", profile.username, "password", profile.password, "linkname", "vpn", "refuse-eap", "nodefaultroute", "usepeerdns", "idle", "1800", "mtu", "1400", "mru", "1400", (profile.mppe ? "+mppe" : "nomppe") };
break;
case VpnProfile.TYPE_L2TP_IPSEC_PSK:
case VpnProfile.TYPE_L2TP_IPSEC_RSA:
mtpd = new String[] { iface, "l2tp", profile.server, "1701", profile.l2tpSecret, "name", profile.username, "password", profile.password, "linkname", "vpn", "refuse-eap", "nodefaultroute", "usepeerdns", "idle", "1800", "mtu", "1400", "mru", "1400" };
break;
}
VpnConfig config = new VpnConfig();
config.legacy = true;
config.user = profile.key;
config.interfaze = iface;
config.session = profile.name;
config.addLegacyRoutes(profile.routes);
if (!profile.dnsServers.isEmpty()) {
config.dnsServers = Arrays.asList(profile.dnsServers.split(" +"));
}
if (!profile.searchDomains.isEmpty()) {
config.searchDomains = Arrays.asList(profile.searchDomains.split(" +"));
}
startLegacyVpn(config, racoon, mtpd);
}
use of android.os.UserManager in project android_frameworks_base by DirtyUnicorns.
the class FingerprintService method getEffectiveUserId.
int getEffectiveUserId(int userId) {
UserManager um = UserManager.get(mContext);
if (um != null) {
final long callingIdentity = Binder.clearCallingIdentity();
userId = um.getCredentialOwnerProfile(userId);
Binder.restoreCallingIdentity(callingIdentity);
} else {
Slog.e(TAG, "Unable to acquire UserManager");
}
return userId;
}
use of android.os.UserManager in project android_frameworks_base by DirtyUnicorns.
the class MediaSessionService method updateUser.
private void updateUser() {
synchronized (mLock) {
UserManager manager = (UserManager) getContext().getSystemService(Context.USER_SERVICE);
int currentUser = ActivityManager.getCurrentUser();
// Include all profiles even though they aren't yet enabled to handle work profile case.
int[] userIds = manager.getProfileIdsWithDisabled(currentUser);
mCurrentUserIdList.clear();
if (userIds != null && userIds.length > 0) {
for (int userId : userIds) {
mCurrentUserIdList.add(userId);
}
} else {
// This shouldn't happen.
Log.w(TAG, "Failed to get enabled profiles.");
mCurrentUserIdList.add(currentUser);
}
for (int userId : mCurrentUserIdList) {
if (mUserRecords.get(userId) == null) {
mUserRecords.put(userId, new UserRecord(getContext(), userId));
}
}
}
}
use of android.os.UserManager in project android_frameworks_base by DirtyUnicorns.
the class ShutdownThread method rebootSafeMode.
/**
* Request a reboot into safe mode. Must be called from a Looper thread in which its UI
* is shown.
*
* @param context Context used to display the shutdown progress dialog.
* @param confirm true if user confirmation is needed before shutting down.
*/
public static void rebootSafeMode(final Context context, boolean confirm) {
UserManager um = (UserManager) context.getSystemService(Context.USER_SERVICE);
if (um.hasUserRestriction(UserManager.DISALLOW_SAFE_BOOT)) {
return;
}
mReboot = true;
mRebootSafeMode = true;
mRebootHasProgressBar = false;
mReason = null;
shutdownInner(context, confirm);
}
use of android.os.UserManager in project android_frameworks_base by DirtyUnicorns.
the class MtpDevice method open.
/**
* Opens the MTP device. Once the device is open it takes ownership of the
* {@link android.hardware.usb.UsbDeviceConnection}.
* The connection will be closed when you call {@link #close()}
* The connection will also be closed if this method fails.
*
* @param connection an open {@link android.hardware.usb.UsbDeviceConnection} for the device
* @return true if the device was successfully opened.
*/
public boolean open(UsbDeviceConnection connection) {
boolean result = false;
Context context = connection.getContext();
if (context != null) {
UserManager userManager = (UserManager) context.getSystemService(Context.USER_SERVICE);
if (!userManager.hasUserRestriction(UserManager.DISALLOW_USB_FILE_TRANSFER)) {
result = native_open(mDevice.getDeviceName(), connection.getFileDescriptor());
}
}
if (!result) {
connection.close();
}
return result;
}
Aggregations