Added restriction if a user is allowed to change the icon.
BUG: 25305966
Change-Id: I3d527224f00087b2bd959879ebb143e2ecb9c914
diff --git a/services/core/java/com/android/server/pm/UserManagerService.java b/services/core/java/com/android/server/pm/UserManagerService.java
index 13d7c35..f747cf9 100644
--- a/services/core/java/com/android/server/pm/UserManagerService.java
+++ b/services/core/java/com/android/server/pm/UserManagerService.java
@@ -729,23 +729,15 @@
@Override
public void setUserIcon(int userId, Bitmap bitmap) {
checkManageUsersPermission("update users");
- long ident = Binder.clearCallingIdentity();
- try {
- synchronized (mPackagesLock) {
- UserData userData = getUserDataNoChecks(userId);
- if (userData == null || userData.info.partial) {
- Slog.w(LOG_TAG, "setUserIcon: unknown user #" + userId);
- return;
- }
- writeBitmapLP(userData.info, bitmap);
- writeUserLP(userData);
- }
- sendUserInfoChangedBroadcast(userId);
- } finally {
- Binder.restoreCallingIdentity(ident);
+ if (hasUserRestriction(UserManager.DISALLOW_SET_USER_ICON, userId)) {
+ Log.w(LOG_TAG, "Cannot set user icon. DISALLOW_SET_USER_ICON is enabled.");
+ return;
}
+ mLocalService.setUserIcon(userId, bitmap);
}
+
+
private void sendUserInfoChangedBroadcast(int userId) {
Intent changedIntent = new Intent(Intent.ACTION_USER_INFO_CHANGED);
changedIntent.putExtra(Intent.EXTRA_USER_HANDLE, userId);
@@ -2894,6 +2886,25 @@
mIsUserManaged.put(userId, isManaged);
}
}
+
+ @Override
+ public void setUserIcon(int userId, Bitmap bitmap) {
+ long ident = Binder.clearCallingIdentity();
+ try {
+ synchronized (mPackagesLock) {
+ UserData userData = getUserDataNoChecks(userId);
+ if (userData == null || userData.info.partial) {
+ Slog.w(LOG_TAG, "setUserIcon: unknown user #" + userId);
+ return;
+ }
+ writeBitmapLP(userData.info, bitmap);
+ writeUserLP(userData);
+ }
+ sendUserInfoChangedBroadcast(userId);
+ } finally {
+ Binder.restoreCallingIdentity(ident);
+ }
+ }
}
private class Shell extends ShellCommand {
diff --git a/services/core/java/com/android/server/pm/UserRestrictionsUtils.java b/services/core/java/com/android/server/pm/UserRestrictionsUtils.java
index f0ed790..87f505d 100644
--- a/services/core/java/com/android/server/pm/UserRestrictionsUtils.java
+++ b/services/core/java/com/android/server/pm/UserRestrictionsUtils.java
@@ -92,7 +92,8 @@
UserManager.DISALLOW_RECORD_AUDIO,
UserManager.DISALLOW_CAMERA,
UserManager.DISALLOW_RUN_IN_BACKGROUND,
- UserManager.DISALLOW_DATA_ROAMING
+ UserManager.DISALLOW_DATA_ROAMING,
+ UserManager.DISALLOW_SET_USER_ICON
);
/**
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 1ada0ac..d3f9aeb 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -7028,7 +7028,7 @@
int userId = UserHandle.getCallingUserId();
long id = mInjector.binderClearCallingIdentity();
try {
- mUserManager.setUserIcon(userId, icon);
+ mUserManagerInternal.setUserIcon(userId, icon);
} finally {
mInjector.binderRestoreCallingIdentity(id);
}