Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 6dc428f677f2b80b085466961e9495972e1c88c9^! / . / services / core / java / com / android / server / pm / UserManagerService.java
commit6dc428f677f2b80b085466961e9495972e1c88c9[log] [tgz]
authorTony Mak <tonymak@google.com>Mon Oct 10 15:48:27 2016 +0100
committerTony Mak <tonymak@google.com>Tue Oct 11 12:46:32 2016 +0000
treed454419317adddd86d21b1e4dd92a194b2d47d89
parent7e98d9e249caaefa3343e9c10d864bdfaa411d95 [diff] [blame]
Allow device owner to inflate managed profile

1. Modify DPM.isProvisioningAllowed to allow it to happen
2. Introduce hidden API createProfileForUserEvenWhenDisallowed for
   ManagedProvisioning app to create profile under DO.
   Apps with MANAGE_USERS permission can clear the
   DISALLOW_ADD_USER restriction anyway, so they do not gain extra power.

Test: runtest -x frameworks/base/services/tests/servicestests/src/com/android/server/pm/UserManagerTest.java
Test: cts-tradefed run cts --module DevicePolicyManager --test com.android.cts.devicepolicy.CustomDeviceOwnerTest#testIsProvisioningAllowed

Bug: 31895999

Change-Id: I10dc3043653130ae717a1d3d8256c9e73231bb21

diff --git a/services/core/java/com/android/server/pm/UserManagerService.java b/services/core/java/com/android/server/pm/UserManagerService.java
index 9146bec2..c0de214 100644
--- a/services/core/java/com/android/server/pm/UserManagerService.java
+++ b/services/core/java/com/android/server/pm/UserManagerService.java

@@ -97,6 +97,7 @@
 import com.android.server.SystemService;
 import com.android.server.am.UserState;
 import com.android.server.storage.DeviceStorageMonitorInternal;
+
 import libcore.io.IoUtils;
 import libcore.util.Objects;
 
@@ -2189,6 +2190,13 @@
     }
 
     @Override
+    public UserInfo createProfileForUserEvenWhenDisallowed(String name, int flags, int userId,
+            String[] disallowedPackages) {
+        checkManageOrCreateUsersPermission(flags);
+        return createUserInternalUnchecked(name, flags, userId, disallowedPackages);
+    }
+
+    @Override
     public UserInfo createUser(String name, int flags) {
         checkManageOrCreateUsersPermission(flags);
         return createUserInternal(name, flags, UserHandle.USER_NULL);
@@ -2204,17 +2212,17 @@
             Log.w(LOG_TAG, "Cannot add user. DISALLOW_ADD_USER is enabled.");
             return null;
         }
+        return createUserInternalUnchecked(name, flags, parentId, disallowedPackages);
+    }
+
+    private UserInfo createUserInternalUnchecked(String name, int flags, int parentId,
+            String[] disallowedPackages) {
         DeviceStorageMonitorInternal dsm = LocalServices
                 .getService(DeviceStorageMonitorInternal.class);
         if (dsm.isMemoryLow()) {
             Log.w(LOG_TAG, "Cannot add user. Not enough space on disk.");
             return null;
         }
-        return createUserInternalUnchecked(name, flags, parentId, disallowedPackages);
-    }
-
-    private UserInfo createUserInternalUnchecked(String name, int flags, int parentId,
-            String[] disallowedPackages) {
         if (ActivityManager.isLowRamDeviceStatic()) {
             return null;
         }