UserManager: Add new hasUserRestrictionForUser @SystemApi
Wifi stack needs a multi-user version of hasUserRestriction.
Bug: 142888959
Test: Compiles
Change-Id: I915de45218b95c3a2856d35d6000c429942551ec
diff --git a/api/current.txt b/api/current.txt
index 6278179..2cf1f44 100644
--- a/api/current.txt
+++ b/api/current.txt
@@ -35506,7 +35506,7 @@
method public String getUserName();
method public java.util.List<android.os.UserHandle> getUserProfiles();
method public android.os.Bundle getUserRestrictions();
- method public android.os.Bundle getUserRestrictions(android.os.UserHandle);
+ method @RequiresPermission(anyOf={"android.permission.MANAGE_USERS", "android.permission.INTERACT_ACROSS_USERS"}, conditional=true) public android.os.Bundle getUserRestrictions(android.os.UserHandle);
method public boolean hasUserRestriction(String);
method public boolean isDemoUser();
method public boolean isQuietModeEnabled(android.os.UserHandle);
diff --git a/api/system-current.txt b/api/system-current.txt
index 1b431a2..02ef14e 100644
--- a/api/system-current.txt
+++ b/api/system-current.txt
@@ -5691,6 +5691,7 @@
method @RequiresPermission(android.Manifest.permission.MANAGE_USERS) public java.util.List<android.os.UserManager.EnforcingUser> getUserRestrictionSources(String, android.os.UserHandle);
method @RequiresPermission(allOf={android.Manifest.permission.READ_PHONE_STATE, android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.INTERACT_ACROSS_USERS}, conditional=true) public int getUserSwitchability();
method public boolean hasRestrictedProfiles();
+ method @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.INTERACT_ACROSS_USERS}, conditional=true) public boolean hasUserRestrictionForUser(@NonNull String, @NonNull android.os.UserHandle);
method @RequiresPermission(android.Manifest.permission.MANAGE_USERS) public boolean isAdminUser();
method @RequiresPermission(android.Manifest.permission.MANAGE_USERS) public boolean isGuestUser();
method @RequiresPermission(android.Manifest.permission.MANAGE_USERS) public boolean isManagedProfile();
diff --git a/core/java/android/os/UserManager.java b/core/java/android/os/UserManager.java
index b7a3c8f..3476b18 100644
--- a/core/java/android/os/UserManager.java
+++ b/core/java/android/os/UserManager.java
@@ -1909,7 +1909,14 @@
* Returns the user-wide restrictions imposed on the user specified by <code>userHandle</code>.
* @param userHandle the UserHandle of the user for whom to retrieve the restrictions.
* @return a Bundle containing all the restrictions.
+ *
+ * <p>Requires {@code android.permission.MANAGE_USERS} or
+ * {@code android.permission.INTERACT_ACROSS_USERS}, otherwise specified {@link UserHandle user}
+ * must be the calling user or a managed profile associated with it.
*/
+ @RequiresPermission(anyOf = {
+ android.Manifest.permission.MANAGE_USERS,
+ android.Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true)
public Bundle getUserRestrictions(UserHandle userHandle) {
try {
return mService.getUserRestrictions(userHandle.getIdentifier());
@@ -2000,7 +2007,7 @@
* @return {@code true} if the current user has the given restriction, {@code false} otherwise.
*/
public boolean hasUserRestriction(String restrictionKey) {
- return hasUserRestriction(restrictionKey, Process.myUserHandle());
+ return hasUserRestrictionForUser(restrictionKey, Process.myUserHandle());
}
/**
@@ -2012,9 +2019,29 @@
*/
@UnsupportedAppUsage
public boolean hasUserRestriction(String restrictionKey, UserHandle userHandle) {
+ return hasUserRestrictionForUser(restrictionKey, userHandle);
+ }
+
+ /**
+ * Returns whether the given user has been disallowed from performing certain actions
+ * or setting certain settings.
+ * @param restrictionKey the string key representing the restriction
+ * @param userHandle the UserHandle of the user for whom to retrieve the restrictions.
+ *
+ * <p>Requires {@code android.permission.MANAGE_USERS} or
+ * {@code android.permission.INTERACT_ACROSS_USERS}, otherwise specified {@link UserHandle user}
+ * must be the calling user or a managed profile associated with it.
+ *
+ * @hide
+ */
+ @SystemApi
+ @RequiresPermission(anyOf = {
+ android.Manifest.permission.MANAGE_USERS,
+ android.Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true)
+ public boolean hasUserRestrictionForUser(@NonNull String restrictionKey,
+ @NonNull UserHandle userHandle) {
try {
- return mService.hasUserRestriction(restrictionKey,
- userHandle.getIdentifier());
+ return mService.hasUserRestriction(restrictionKey, userHandle.getIdentifier());
} catch (RemoteException re) {
throw re.rethrowFromSystemServer();
}
diff --git a/services/core/java/com/android/server/pm/UserManagerService.java b/services/core/java/com/android/server/pm/UserManagerService.java
index fe37125..5c9b9c9 100644
--- a/services/core/java/com/android/server/pm/UserManagerService.java
+++ b/services/core/java/com/android/server/pm/UserManagerService.java
@@ -1593,6 +1593,7 @@
/** @return a specific user restriction that's in effect currently. */
@Override
public boolean hasUserRestriction(String restrictionKey, @UserIdInt int userId) {
+ checkManageOrInteractPermIfCallerInOtherProfileGroup(userId, "hasUserRestriction");
return mLocalService.hasUserRestriction(restrictionKey, userId);
}
@@ -1717,6 +1718,7 @@
*/
@Override
public Bundle getUserRestrictions(@UserIdInt int userId) {
+ checkManageOrInteractPermIfCallerInOtherProfileGroup(userId, "getUserRestrictions");
return UserRestrictionsUtils.clone(getEffectiveUserRestrictions(userId));
}