User creation with an intent
New API for an app to request creating a new user with
a given user name and seed account information for the
SetupWizard to use when that user is switched into.
Also adds system APIs to read the seed account data from
UserManager.
Bug: 22776757
Change-Id: I0bc3f11ee19c15e0ee2a908c88d98b13296cc30d
diff --git a/core/java/android/accounts/AccountManager.java b/core/java/android/accounts/AccountManager.java
index 2449ee5..10f5d0d 100644
--- a/core/java/android/accounts/AccountManager.java
+++ b/core/java/android/accounts/AccountManager.java
@@ -1853,6 +1853,22 @@
}.start();
}
+ /**
+ * @hide
+ * Checks if the given account exists on any of the users on the device.
+ * Only the system process can call this method.
+ *
+ * @param account The account to check for existence.
+ * @return whether any user has this account
+ */
+ public boolean someUserHasAccount(@NonNull final Account account) {
+ try {
+ return mService.someUserHasAccount(account);
+ } catch (RemoteException re) {
+ throw new RuntimeException(re);
+ }
+ }
+
private void ensureNotOnMainThread() {
final Looper looper = Looper.myLooper();
if (looper != null && looper == mContext.getMainLooper()) {
diff --git a/core/java/android/accounts/IAccountManager.aidl b/core/java/android/accounts/IAccountManager.aidl
index 4af9f33..608501f 100644
--- a/core/java/android/accounts/IAccountManager.aidl
+++ b/core/java/android/accounts/IAccountManager.aidl
@@ -95,4 +95,7 @@
/* Finish session started by startAddAccountSession(...) or startUpdateCredentialsSession(...) */
void finishSession(in IAccountManagerResponse response, in Bundle sessionBundle,
boolean expectActivityLaunch, in Bundle appInfo);
+
+ /* Check if an account exists on any user on the device. */
+ boolean someUserHasAccount(in Account account);
}
diff --git a/core/java/android/content/pm/UserInfo.java b/core/java/android/content/pm/UserInfo.java
index e3050fe..9cf4675 100644
--- a/core/java/android/content/pm/UserInfo.java
+++ b/core/java/android/content/pm/UserInfo.java
@@ -145,6 +145,10 @@
return (flags & FLAG_EPHEMERAL) == FLAG_EPHEMERAL;
}
+ public boolean isInitialized() {
+ return (flags & FLAG_INITIALIZED) == FLAG_INITIALIZED;
+ }
+
/**
* Returns true if the user is a split system user.
* <p>If {@link UserManager#isSplitSystemUser split system user mode} is not enabled,
diff --git a/core/java/android/os/IUserManager.aidl b/core/java/android/os/IUserManager.aidl
index 9ee6228..bc2566b 100644
--- a/core/java/android/os/IUserManager.aidl
+++ b/core/java/android/os/IUserManager.aidl
@@ -18,6 +18,7 @@
package android.os;
import android.os.Bundle;
+import android.os.PersistableBundle;
import android.content.pm.UserInfo;
import android.content.RestrictionEntry;
import android.graphics.Bitmap;
@@ -35,7 +36,7 @@
UserInfo createUser(in String name, int flags);
UserInfo createProfileForUser(in String name, int flags, int userHandle);
- UserInfo createRestrictedProfile(String name, int parentUserId);
+ UserInfo createRestrictedProfile(String name, int parentUserHandle);
void setUserEnabled(int userHandle);
boolean removeUser(int userHandle);
void setUserName(int userHandle, String name);
@@ -44,21 +45,21 @@
UserInfo getPrimaryUser();
List<UserInfo> getUsers(boolean excludeDying);
List<UserInfo> getProfiles(int userHandle, boolean enabledOnly);
- boolean canAddMoreManagedProfiles(int userId, boolean allowedToRemoveOne);
+ boolean canAddMoreManagedProfiles(int userHandle, boolean allowedToRemoveOne);
UserInfo getProfileParent(int userHandle);
- boolean isSameProfileGroup(int userId, int otherUserId);
+ boolean isSameProfileGroup(int userHandle, int otherUserHandle);
UserInfo getUserInfo(int userHandle);
- String getUserAccount(int userId);
- void setUserAccount(int userId, String accountName);
+ String getUserAccount(int userHandle);
+ void setUserAccount(int userHandle, String accountName);
long getUserCreationTime(int userHandle);
boolean isRestricted();
- boolean canHaveRestrictedProfile(int userId);
+ boolean canHaveRestrictedProfile(int userHandle);
int getUserSerialNumber(int userHandle);
int getUserHandle(int userSerialNumber);
Bundle getUserRestrictions(int userHandle);
boolean hasBaseUserRestriction(String restrictionKey, int userHandle);
boolean hasUserRestriction(in String restrictionKey, int userHandle);
- void setUserRestriction(String key, boolean value, int userId);
+ void setUserRestriction(String key, boolean value, int userHandle);
void setApplicationRestrictions(in String packageName, in Bundle restrictions,
int userHandle);
Bundle getApplicationRestrictions(in String packageName);
@@ -68,4 +69,11 @@
boolean markGuestForDeletion(int userHandle);
void setQuietModeEnabled(int userHandle, boolean enableQuietMode);
boolean isQuietModeEnabled(int userHandle);
+ void setSeedAccountData(int userHandle, in String accountName,
+ in String accountType, in PersistableBundle accountOptions, boolean persist);
+ String getSeedAccountName();
+ String getSeedAccountType();
+ PersistableBundle getSeedAccountOptions();
+ void clearSeedAccountData();
+ boolean someUserHasSeedAccount(in String accountName, in String accountType);
}
diff --git a/core/java/android/os/UserManager.java b/core/java/android/os/UserManager.java
index a95602c..f01f597 100644
--- a/core/java/android/os/UserManager.java
+++ b/core/java/android/os/UserManager.java
@@ -26,6 +26,7 @@
import android.app.admin.DevicePolicyManager;
import android.content.ComponentName;
import android.content.Context;
+import android.content.Intent;
import android.content.pm.UserInfo;
import android.content.res.Resources;
import android.graphics.Bitmap;
@@ -567,6 +568,37 @@
*/
public static final String KEY_RESTRICTIONS_PENDING = "restrictions_pending";
+ private static final String ACTION_CREATE_USER = "android.os.action.CREATE_USER";
+
+ /**
+ * Extra containing a name for the user being created. Optional parameter passed to
+ * ACTION_CREATE_USER activity.
+ * @hide
+ */
+ public static final String EXTRA_USER_NAME = "android.os.extra.USER_NAME";
+
+ /**
+ * Extra containing account name for the user being created. Optional parameter passed to
+ * ACTION_CREATE_USER activity.
+ * @hide
+ */
+ public static final String EXTRA_USER_ACCOUNT_NAME = "android.os.extra.USER_ACCOUNT_NAME";
+
+ /**
+ * Extra containing account type for the user being created. Optional parameter passed to
+ * ACTION_CREATE_USER activity.
+ * @hide
+ */
+ public static final String EXTRA_USER_ACCOUNT_TYPE = "android.os.extra.USER_ACCOUNT_TYPE";
+
+ /**
+ * Extra containing account-specific data for the user being created. Optional parameter passed
+ * to ACTION_CREATE_USER activity.
+ * @hide
+ */
+ public static final String EXTRA_USER_ACCOUNT_OPTIONS
+ = "android.os.extra.USER_ACCOUNT_OPTIONS";
+
/** @hide */
public static final int PIN_VERIFICATION_FAILED_INCORRECT = -3;
/** @hide */
@@ -1142,6 +1174,137 @@
}
/**
+ * Returns an intent to create a user for the provided name and email address. The name
+ * and email address will be used when the setup process for the new user is started.
+ * If this device does not support multiple users, null is returned.
+ * <p/>
+ * The intent should be launched using startActivityForResult and the return result will
+ * indicate if the user consented to adding a new user and if the operation succeeded.
+ * <p/>
+ * The new user is created but not initialized. After switching into the user for the first
+ * time, the preferred user name and account information are used by the setup process for that
+ * user.
+ *
+ * @param userName Optional name to assign to the user.
+ * @param accountName Optional email address that will be used by the setup wizard to initialize
+ * the user.
+ * @param accountType Optional account type for the account to be created. This is required
+ * if the account name is specified.
+ * @param accountOptions Optional bundle of data to be passed in during account creation in the
+ * new user via {@link AccountManager#addAccount(String, String, String[],
+ * Bundle, android.app.Activity, android.accounts.AccountManagerCallback,
+ * Handler)}.
+ * @return An Intent that can be launched from an Activity or null if creating users is not
+ * supported on this device.
+ */
+ public static Intent createUserCreationIntent(@Nullable String userName,
+ @Nullable String accountName,
+ @Nullable String accountType, @Nullable PersistableBundle accountOptions) {
+ if (!supportsMultipleUsers() || getMaxSupportedUsers() < 2) {
+ return null;
+ }
+ Intent intent = new Intent(ACTION_CREATE_USER);
+ if (userName != null) {
+ intent.putExtra(EXTRA_USER_NAME, userName);
+ }
+ if (accountName != null && accountType == null) {
+ throw new IllegalArgumentException("accountType must be specified if accountName is "
+ + "specified");
+ }
+ if (accountName != null) {
+ intent.putExtra(EXTRA_USER_ACCOUNT_NAME, accountName);
+ }
+ if (accountType != null) {
+ intent.putExtra(EXTRA_USER_ACCOUNT_TYPE, accountType);
+ }
+ if (accountOptions != null) {
+ intent.putExtra(EXTRA_USER_ACCOUNT_OPTIONS, accountOptions);
+ }
+ return intent;
+ }
+
+ /**
+ * @hide
+ *
+ * Returns the preferred account name for user creation. Requires MANAGE_USERS permission.
+ */
+ @SystemApi
+ public String getSeedAccountName() {
+ try {
+ return mService.getSeedAccountName();
+ } catch (RemoteException re) {
+ Log.w(TAG, "Could not get the seed account name", re);
+ return null;
+ }
+ }
+
+ /**
+ * @hide
+ *
+ * Returns the preferred account type for user creation. Requires MANAGE_USERS permission.
+ */
+ @SystemApi
+ public String getSeedAccountType() {
+ try {
+ return mService.getSeedAccountType();
+ } catch (RemoteException re) {
+ Log.w(TAG, "Could not get the seed account type", re);
+ return null;
+ }
+ }
+
+ /**
+ * @hide
+ *
+ * Returns the preferred account's options bundle for user creation. Requires MANAGE_USERS
+ * permission.
+ * @return Any options set by the requestor that created the user.
+ */
+ @SystemApi
+ public PersistableBundle getSeedAccountOptions() {
+ try {
+ return mService.getSeedAccountOptions();
+ } catch (RemoteException re) {
+ Log.w(TAG, "Could not get the seed account options", re);
+ return null;
+ }
+ }
+
+ /**
+ * @hide
+ *
+ * Called by a system activity to set the seed account information of a user created
+ * through the user creation intent.
+ * @param userId
+ * @param accountName
+ * @param accountType
+ * @param accountOptions
+ * @see #createUserCreationIntent(String, String, String, PersistableBundle)
+ */
+ public void setSeedAccountData(int userId, String accountName, String accountType,
+ PersistableBundle accountOptions) {
+ try {
+ mService.setSeedAccountData(userId, accountName, accountType, accountOptions,
+ /* persist= */ true);
+ } catch (RemoteException re) {
+ Log.w(TAG, "Could not set the seed account data", re);
+ }
+ }
+
+ /**
+ * @hide
+ * Clears the seed information used to create this user. Requires MANAGE_USERS permission.
+ */
+ @SystemApi
+ public void clearSeedAccountData() {
+ try {
+ mService.clearSeedAccountData();
+ } catch (RemoteException re) {
+ Log.w(TAG, "Could not clear the seed account data", re);
+ }
+ }
+
+ /**
* @hide
* Marks the guest user for deletion to allow a new guest to be created before deleting
* the current user who is a guest.
@@ -1756,4 +1919,21 @@
return 0;
}
}
+
+ /**
+ * @hide
+ * Checks if any uninitialized user has the specific seed account name and type.
+ *
+ * @param mAccountName The account name to check for
+ * @param mAccountType The account type of the account to check for
+ * @return whether the seed account was found
+ */
+ public boolean someUserHasSeedAccount(String accountName, String accountType) {
+ try {
+ return mService.someUserHasSeedAccount(accountName, accountType);
+ } catch (RemoteException re) {
+ Log.w(TAG, "Could not check seed accounts", re);
+ return false;
+ }
+ }
}
diff --git a/core/java/com/android/internal/app/ConfirmUserCreationActivity.java b/core/java/com/android/internal/app/ConfirmUserCreationActivity.java
new file mode 100644
index 0000000..df9cf43
--- /dev/null
+++ b/core/java/com/android/internal/app/ConfirmUserCreationActivity.java
@@ -0,0 +1,134 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.internal.app;
+
+import android.accounts.Account;
+import android.accounts.AccountManager;
+import android.content.DialogInterface;
+import android.content.Intent;
+import android.content.pm.ApplicationInfo;
+import android.content.pm.PackageInfo;
+import android.content.pm.PackageManager.NameNotFoundException;
+import android.content.pm.UserInfo;
+import android.os.Bundle;
+import android.os.PersistableBundle;
+import android.os.UserManager;
+import android.util.Log;
+
+import com.android.internal.R;
+
+/**
+ * Activity to confirm with the user that it is ok to create a new user, as requested by
+ * an app. It has to do some checks to decide what kind of prompt the user should be shown.
+ * Particularly, it needs to check if the account requested already exists on another user.
+ */
+public class ConfirmUserCreationActivity extends AlertActivity
+ implements DialogInterface.OnClickListener {
+
+ private static final String TAG = "CreateUser";
+
+ private String mUserName;
+ private String mAccountName;
+ private String mAccountType;
+ private PersistableBundle mAccountOptions;
+ private boolean mCanProceed;
+ private UserManager mUserManager;
+
+ @Override
+ public void onCreate(Bundle icicle) {
+ super.onCreate(icicle);
+
+ Intent intent = getIntent();
+ mUserName = intent.getStringExtra(UserManager.EXTRA_USER_NAME);
+ mAccountName = intent.getStringExtra(UserManager.EXTRA_USER_ACCOUNT_NAME);
+ mAccountType = intent.getStringExtra(UserManager.EXTRA_USER_ACCOUNT_TYPE);
+ mAccountOptions = (PersistableBundle)
+ intent.getParcelableExtra(UserManager.EXTRA_USER_ACCOUNT_OPTIONS);
+
+ mUserManager = getSystemService(UserManager.class);
+
+ String message = checkUserCreationRequirements();
+
+ final AlertController.AlertParams ap = mAlertParams;
+ ap.mMessage = message;
+ ap.mPositiveButtonText = getString(android.R.string.ok);
+ ap.mPositiveButtonListener = this;
+
+ // Show the negative button if the user actually has a choice
+ if (mCanProceed) {
+ ap.mNegativeButtonText = getString(android.R.string.cancel);
+ ap.mNegativeButtonListener = this;
+ }
+ setupAlert();
+ }
+
+ private String checkUserCreationRequirements() {
+ final String callingPackage = getCallingPackage();
+ if (callingPackage == null) {
+ throw new SecurityException(
+ "User Creation intent must be launched with startActivityForResult");
+ }
+ final ApplicationInfo appInfo;
+ try {
+ appInfo = getPackageManager().getApplicationInfo(callingPackage, 0);
+ } catch (NameNotFoundException nnfe) {
+ throw new SecurityException(
+ "Cannot find the calling package");
+ }
+ final String message;
+ // Check the user restrictions
+ boolean cantCreateUser = mUserManager.hasUserRestriction(UserManager.DISALLOW_ADD_USER);
+ // Check the system state and user count
+ boolean cantCreateAnyMoreUsers = !mUserManager.canAddMoreUsers();
+ // Check the account existence
+ final Account account = new Account(mAccountName, mAccountType);
+ boolean accountExists = mAccountName != null && mAccountType != null
+ && (AccountManager.get(this).someUserHasAccount(account)
+ | mUserManager.someUserHasSeedAccount(mAccountName, mAccountType));
+ mCanProceed = true;
+ final String appName = appInfo.loadLabel(getPackageManager()).toString();
+ if (cantCreateUser) {
+ message = getString(R.string.user_creation_cannot_add, appName);
+ mCanProceed = false;
+ } else if (cantCreateAnyMoreUsers) {
+ message = getString(R.string.user_creation_cannot_add_any_more, appName);
+ mCanProceed = false;
+ } else if (accountExists) {
+ message = getString(R.string.user_creation_account_exists, appName, mAccountName);
+ } else {
+ message = getString(R.string.user_creation_adding, appName, mAccountName);
+ }
+ return message;
+ }
+
+ @Override
+ public void onClick(DialogInterface dialog, int which) {
+ setResult(RESULT_CANCELED);
+ if (which == BUTTON_POSITIVE && mCanProceed) {
+ Log.i(TAG, "Ok, creating user");
+ UserInfo user = mUserManager.createUser(mUserName, 0);
+ if (user == null) {
+ Log.e(TAG, "Couldn't create user");
+ finish();
+ return;
+ }
+ mUserManager.setSeedAccountData(user.id, mAccountName, mAccountType, mAccountOptions);
+ setResult(RESULT_OK);
+ }
+ finish();
+ }
+}
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 665c417..b3cc234 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -2986,6 +2986,18 @@
</intent-filter>
</activity>
+ <!-- Activity to prompt user if it's ok to create a new user sandbox for a
+ specified account. -->
+ <activity android:name="com.android.internal.app.ConfirmUserCreationActivity"
+ android:excludeFromRecents="true"
+ android:process=":ui"
+ android:theme="@style/Theme.Material.DayNight.Dialog.Alert">
+ <intent-filter android:priority="1000">
+ <action android:name="android.os.action.CREATE_USER" />
+ <category android:name="android.intent.category.DEFAULT" />
+ </intent-filter>
+ </activity>
+
<receiver android:name="com.android.server.BootReceiver"
android:systemUserOnly="true">
<intent-filter android:priority="1000">
diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml
index 997371e..4ef3f59 100644
--- a/core/res/res/values/strings.xml
+++ b/core/res/res/values/strings.xml
@@ -4129,4 +4129,13 @@
<string name="importance_from_topic">You set the importance of these notifications.</string>
<string name="importance_from_person">This is important because of the people involved.</string>
+
+ <!-- Message to user that app trying to create user is not allowed to due to restrictions. [CHAR LIMIT=none] -->
+ <string name="user_creation_cannot_add"><b><xliff:g id="app" example="Gmail">%1$s</xliff:g></b> is trying to add a new user, but is currently prohibited.</string>
+ <!-- Message to user that app trying to create user is not allowed to due to user limit being reached. [CHAR LIMIT=none] -->
+ <string name="user_creation_cannot_add_any_more"><b><xliff:g id="app" example="Gmail">%1$s</xliff:g></b> is trying to add a new user, but the user limit has been reached.</string>
+ <!-- Message to user that app trying to create user for an account that already exists. [CHAR LIMIT=none] -->
+ <string name="user_creation_account_exists"><b><xliff:g id="app" example="Gmail">%1$s</xliff:g></b> is trying to add a new user, but the account <b><xliff:g id="account" example="foobar">%2$s</xliff:g></b> already exists on this device. Proceed anyway?</string>
+ <!-- Message to user that app is trying to create user for a specified account. [CHAR LIMIT=none] -->
+ <string name="user_creation_adding"><b><xliff:g id="app" example="Gmail">%1$s</xliff:g></b> is trying to add a new user for the account <b><xliff:g id="account" example="foobar">%2$s</xliff:g></b>. Proceed?</string>
</resources>
diff --git a/core/res/res/values/symbols.xml b/core/res/res/values/symbols.xml
index bfcd3fd..3641061 100644
--- a/core/res/res/values/symbols.xml
+++ b/core/res/res/values/symbols.xml
@@ -937,6 +937,10 @@
<java-symbol type="string" name="time_picker_increment_minute_button" />
<java-symbol type="string" name="time_picker_increment_set_pm_button" />
<java-symbol type="string" name="upload_file" />
+ <java-symbol type="string" name="user_creation_cannot_add" />
+ <java-symbol type="string" name="user_creation_cannot_add_any_more" />
+ <java-symbol type="string" name="user_creation_account_exists" />
+ <java-symbol type="string" name="user_creation_adding" />
<java-symbol type="string" name="user_switched" />
<java-symbol type="string" name="user_switching_message" />
<java-symbol type="string" name="user_logging_out_message" />