Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / aac71ff465399251fa8e830407f2917b986988d9^! / .
commitaac71ff465399251fa8e830407f2917b986988d9[log] [tgz]
authorChristopher Tate <ctate@google.com>Mon Aug 13 17:36:14 2012 -0700
committerChristopher Tate <ctate@google.com>Mon Aug 13 17:36:14 2012 -0700
tree12178251368dfef76d9d23ed8a493358e7ab514c
parent38cc2a5a3ad076fbbb0824a91f49730a4297549b [diff]
Don't back up / restore non-primary users' data

For now only the device owner "user" gets cloud backups.  Also, only the
device owner account has access to local backup/restore.

Bug 6956438

Change-Id: I87d7ba5969e606c23f4214469f9bf2fd47a6c61b

diff --git a/core/java/android/os/UserId.java b/core/java/android/os/UserId.java
index 7e611df..18a3062 100644
--- a/core/java/android/os/UserId.java
+++ b/core/java/android/os/UserId.java

@@ -33,6 +33,8 @@
     /** A user id to indicate the currently active user */
     public static final int USER_CURRENT = -2;
 
+    /** A user id constant to indicate the "owner" user of the device */
+    public static final int USER_OWNER = 0;
 
     /**
      * Enable multi-user related side effects. Set this to false if there are problems with single

diff --git a/services/java/com/android/server/BackupManagerService.java b/services/java/com/android/server/BackupManagerService.java
index 2167c49..4542840 100644
--- a/services/java/com/android/server/BackupManagerService.java
+++ b/services/java/com/android/server/BackupManagerService.java

@@ -65,6 +65,7 @@
 import android.os.RemoteException;
 import android.os.ServiceManager;
 import android.os.SystemClock;
+import android.os.UserId;
 import android.os.WorkSource;
 import android.os.storage.IMountService;
 import android.provider.Settings;
@@ -4845,6 +4846,18 @@
     // ----- IBackupManager binder interface -----
 
     public void dataChanged(final String packageName) {
+        final int callingUserHandle = UserId.getCallingUserId();
+        if (callingUserHandle != UserId.USER_OWNER) {
+            // App is running under a non-owner user profile.  For now, we do not back
+            // up data from secondary user profiles.
+            // TODO: backups for all user profiles.
+            if (MORE_DEBUG) {
+                Slog.v(TAG, "dataChanged(" + packageName + ") ignored because it's user "
+                        + callingUserHandle);
+            }
+            return;
+        }
+
         final HashSet<String> targets = dataChangedTargets(packageName);
         if (targets == null) {
             Slog.w(TAG, "dataChanged but no participant pkg='" + packageName + "'"
@@ -4937,6 +4950,11 @@
             boolean doAllApps, boolean includeSystem, String[] pkgList) {
         mContext.enforceCallingPermission(android.Manifest.permission.BACKUP, "fullBackup");
 
+        final int callingUserHandle = UserId.getCallingUserId();
+        if (callingUserHandle != UserId.USER_OWNER) {
+            throw new IllegalStateException("Backup supported only for the device owner");
+        }
+
         // Validate
         if (!doAllApps) {
             if (!includeShared) {
@@ -5001,6 +5019,11 @@
     public void fullRestore(ParcelFileDescriptor fd) {
         mContext.enforceCallingPermission(android.Manifest.permission.BACKUP, "fullRestore");
 
+        final int callingUserHandle = UserId.getCallingUserId();
+        if (callingUserHandle != UserId.USER_OWNER) {
+            throw new IllegalStateException("Restore supported only for the device owner");
+        }
+
         long oldId = Binder.clearCallingIdentity();
 
         try {