Add user restrictions for bluetooth, sideloading, usb file transfer
Created constants for these in UserManager and current.txt. Also created
an accessor for individual user restrictions that takes the restriction key
(removing individual methods for particular restrictions).
Change-Id: Ibb5517cbcdffadd3925f52cbe67d7d525813faa9
diff --git a/api/current.txt b/api/current.txt
index cfaa1bb..da2c30f 100644
--- a/api/current.txt
+++ b/api/current.txt
@@ -16803,6 +16803,9 @@
field public static final java.lang.String DISALLOW_MODIFY_ACCOUNTS = "no_modify_accounts";
field public static final java.lang.String DISALLOW_SHARE_LOCATION = "no_share_location";
field public static final java.lang.String DISALLOW_UNINSTALL_APPS = "no_uninstall_apps";
+ field public static final java.lang.String DISALLOW_INSTALL_UNKNOWN_SOURCES = "no_install_unknown_sources";
+ field public static final java.lang.String DISALLOW_CONFIG_BLUETOOTH = "no_config_bluetooth";
+ field public static final java.lang.String DISALLOW_USB_FILE_TRANSFER = "no_usb_file_transfer";
}
public abstract class Vibrator {
diff --git a/core/java/android/os/UserManager.java b/core/java/android/os/UserManager.java
index 622308f..1ba16bd 100644
--- a/core/java/android/os/UserManager.java
+++ b/core/java/android/os/UserManager.java
@@ -86,8 +86,42 @@
* @see #setUserRestrictions(Bundle)
* @see #getUserRestrictions()
*/
+
public static final String DISALLOW_SHARE_LOCATION = "no_share_location";
+ /**
+ * Key for user restrictions. Specifies if a user is disallowed from enabling the
+ * "Unknown Sources" setting, that allows installation of apps from unknown sources.
+ * The default value is <code>false</code>.
+ * <p/>
+ * Type: Boolean
+ * @see #setUserRestrictions(Bundle)
+ * @see #getUserRestrictions()
+ */
+ public static final String DISALLOW_INSTALL_UNKNOWN_SOURCES = "no_install_unknown_sources";
+
+ /**
+ * Key for user restrictions. Specifies if a user is disallowed from configuring bluetooth.
+ * The default value is <code>false</code>.
+ * <p/>
+ * Type: Boolean
+ * @see #setUserRestrictions(Bundle)
+ * @see #getUserRestrictions()
+ */
+ public static final String DISALLOW_CONFIG_BLUETOOTH = "no_config_bluetooth";
+
+
+ /**
+ * Key for user restrictions. Specifies if a user is disallowed from transferring files over
+ * USB. The default value is <code>false</code>.
+ * <p/>
+ * Type: Boolean
+ * @see #setUserRestrictions(Bundle)
+ * @see #getUserRestrictions()
+ */
+ public static final String DISALLOW_USB_FILE_TRANSFER = "no_usb_file_transfer";
+
+
/** @hide */
public UserManager(Context context, IUserManager service) {
mService = service;
@@ -130,7 +164,7 @@
/**
* Used to determine whether the user making this call is subject to
* teleportations.
- * @return whether the user making this call is a goat
+ * @return whether the user making this call is a goat
*/
public boolean isUserAGoat() {
return false;
@@ -272,6 +306,16 @@
}
/**
+ * @hide
+ * Returns whether the current user has been disallowed from performing certain actions
+ * or setting certain settings.
+ * @param restrictionKey the string key representing the restriction
+ */
+ public boolean hasUserRestriction(String restrictionKey) {
+ return getUserRestrictions().getBoolean(restrictionKey, false);
+ }
+
+ /**
* Return the serial number for a user. This is a device-unique
* number assigned to that user; if the user is deleted and then a new
* user created, the new users will not be given the same serial number.
@@ -465,7 +509,7 @@
* Returns the maximum number of users that can be created on this device. A return value
* of 1 means that it is a single user device.
* @hide
- * @return a value greater than or equal to 1
+ * @return a value greater than or equal to 1
*/
public static int getMaxSupportedUsers() {
// Don't allow multiple users on certain builds
@@ -508,13 +552,6 @@
return -1;
}
- /**
- * Returns whether the current user is allowed to toggle location sharing settings.
- * @hide
- */
- public boolean isLocationSharingToggleAllowed() {
- return !getUserRestrictions().getBoolean(DISALLOW_SHARE_LOCATION, false);
- }
/**
* @hide
diff --git a/packages/SettingsProvider/src/com/android/providers/settings/SettingsHelper.java b/packages/SettingsProvider/src/com/android/providers/settings/SettingsHelper.java
index 4a67997..a446e40 100644
--- a/packages/SettingsProvider/src/com/android/providers/settings/SettingsHelper.java
+++ b/packages/SettingsProvider/src/com/android/providers/settings/SettingsHelper.java
@@ -98,11 +98,11 @@
private void setGpsLocation(String value) {
UserManager um = (UserManager) mContext.getSystemService(Context.USER_SERVICE);
- if (! um.isLocationSharingToggleAllowed()) {
+ if (um.hasUserRestriction(UserManager.DISALLOW_SHARE_LOCATION)) {
return;
}
final String GPS = LocationManager.GPS_PROVIDER;
- boolean enabled =
+ boolean enabled =
GPS.equals(value) ||
value.startsWith(GPS + ",") ||
value.endsWith("," + GPS) ||
diff --git a/services/java/com/android/server/accounts/AccountManagerService.java b/services/java/com/android/server/accounts/AccountManagerService.java
index c4b98ad..18a1a39 100644
--- a/services/java/com/android/server/accounts/AccountManagerService.java
+++ b/services/java/com/android/server/accounts/AccountManagerService.java
@@ -906,6 +906,7 @@
}
}
+ @Override
public void invalidateAuthToken(String accountType, String authToken) {
if (Log.isLoggable(TAG, Log.VERBOSE)) {
Log.v(TAG, "invalidateAuthToken: accountType " + accountType
@@ -1351,7 +1352,7 @@
String subtitle = "";
if (index > 0) {
title = titleAndSubtitle.substring(0, index);
- subtitle = titleAndSubtitle.substring(index + 1);
+ subtitle = titleAndSubtitle.substring(index + 1);
}
UserHandle user = new UserHandle(userId);
n.setLatestEventInfo(mContext, title, subtitle,
@@ -1426,8 +1427,7 @@
checkManageAccountsPermission();
// Is user disallowed from modifying accounts?
- if (getUserManager().getUserRestrictions(Binder.getCallingUserHandle())
- .getBoolean(UserManager.DISALLOW_MODIFY_ACCOUNTS, false)) {
+ if (getUserManager().hasUserRestriction(UserManager.DISALLOW_MODIFY_ACCOUNTS)) {
try {
response.onError(AccountManager.ERROR_CODE_USER_RESTRICTED,
"User is not allowed to add an account!");
@@ -2570,9 +2570,7 @@
private boolean canUserModifyAccounts(int callingUid) {
if (callingUid != android.os.Process.myUid()) {
- Bundle restrictions = getUserManager().getUserRestrictions(
- new UserHandle(UserHandle.getUserId(callingUid)));
- if (restrictions.getBoolean(UserManager.DISALLOW_MODIFY_ACCOUNTS, false)) {
+ if (getUserManager().hasUserRestriction(UserManager.DISALLOW_MODIFY_ACCOUNTS)) {
return false;
}
}
diff --git a/services/java/com/android/server/pm/UserManagerService.java b/services/java/com/android/server/pm/UserManagerService.java
index fecc2df..01ea1a2 100644
--- a/services/java/com/android/server/pm/UserManagerService.java
+++ b/services/java/com/android/server/pm/UserManagerService.java
@@ -26,7 +26,6 @@
import android.content.Context;
import android.content.Intent;
import android.content.RestrictionEntry;
-import android.content.SharedPreferences;
import android.content.pm.PackageManager;
import android.content.pm.PackageManager.NameNotFoundException;
import android.content.pm.UserInfo;
@@ -619,6 +618,10 @@
writeBoolean(serializer, restrictions, UserManager.DISALLOW_INSTALL_APPS);
writeBoolean(serializer, restrictions, UserManager.DISALLOW_UNINSTALL_APPS);
writeBoolean(serializer, restrictions, UserManager.DISALLOW_SHARE_LOCATION);
+ writeBoolean(serializer, restrictions,
+ UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES);
+ writeBoolean(serializer, restrictions, UserManager.DISALLOW_CONFIG_BLUETOOTH);
+ writeBoolean(serializer, restrictions, UserManager.DISALLOW_USB_FILE_TRANSFER);
serializer.endTag(null, TAG_RESTRICTIONS);
}
serializer.endTag(null, TAG_USER);
@@ -735,6 +738,10 @@
readBoolean(parser, restrictions, UserManager.DISALLOW_INSTALL_APPS);
readBoolean(parser, restrictions, UserManager.DISALLOW_UNINSTALL_APPS);
readBoolean(parser, restrictions, UserManager.DISALLOW_SHARE_LOCATION);
+ readBoolean(parser, restrictions,
+ UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES);
+ readBoolean(parser, restrictions, UserManager.DISALLOW_CONFIG_BLUETOOTH);
+ readBoolean(parser, restrictions, UserManager.DISALLOW_USB_FILE_TRANSFER);
}
}
}