Merge "Add user restrictions for bluetooth, sideloading, usb file transfer" into jb-mr2-dev
diff --git a/api/current.txt b/api/current.txt
index 53650e5..dd9cf38 100644
--- a/api/current.txt
+++ b/api/current.txt
@@ -16814,6 +16814,9 @@
field public static final java.lang.String DISALLOW_MODIFY_ACCOUNTS = "no_modify_accounts";
field public static final java.lang.String DISALLOW_SHARE_LOCATION = "no_share_location";
field public static final java.lang.String DISALLOW_UNINSTALL_APPS = "no_uninstall_apps";
+ field public static final java.lang.String DISALLOW_INSTALL_UNKNOWN_SOURCES = "no_install_unknown_sources";
+ field public static final java.lang.String DISALLOW_CONFIG_BLUETOOTH = "no_config_bluetooth";
+ field public static final java.lang.String DISALLOW_USB_FILE_TRANSFER = "no_usb_file_transfer";
}
public abstract class Vibrator {
diff --git a/core/java/android/os/UserManager.java b/core/java/android/os/UserManager.java
index 622308f..1ba16bd 100644
--- a/core/java/android/os/UserManager.java
+++ b/core/java/android/os/UserManager.java
@@ -86,8 +86,42 @@
* @see #setUserRestrictions(Bundle)
* @see #getUserRestrictions()
*/
+
public static final String DISALLOW_SHARE_LOCATION = "no_share_location";
+ /**
+ * Key for user restrictions. Specifies if a user is disallowed from enabling the
+ * "Unknown Sources" setting, that allows installation of apps from unknown sources.
+ * The default value is <code>false</code>.
+ * <p/>
+ * Type: Boolean
+ * @see #setUserRestrictions(Bundle)
+ * @see #getUserRestrictions()
+ */
+ public static final String DISALLOW_INSTALL_UNKNOWN_SOURCES = "no_install_unknown_sources";
+
+ /**
+ * Key for user restrictions. Specifies if a user is disallowed from configuring bluetooth.
+ * The default value is <code>false</code>.
+ * <p/>
+ * Type: Boolean
+ * @see #setUserRestrictions(Bundle)
+ * @see #getUserRestrictions()
+ */
+ public static final String DISALLOW_CONFIG_BLUETOOTH = "no_config_bluetooth";
+
+
+ /**
+ * Key for user restrictions. Specifies if a user is disallowed from transferring files over
+ * USB. The default value is <code>false</code>.
+ * <p/>
+ * Type: Boolean
+ * @see #setUserRestrictions(Bundle)
+ * @see #getUserRestrictions()
+ */
+ public static final String DISALLOW_USB_FILE_TRANSFER = "no_usb_file_transfer";
+
+
/** @hide */
public UserManager(Context context, IUserManager service) {
mService = service;
@@ -130,7 +164,7 @@
/**
* Used to determine whether the user making this call is subject to
* teleportations.
- * @return whether the user making this call is a goat
+ * @return whether the user making this call is a goat
*/
public boolean isUserAGoat() {
return false;
@@ -272,6 +306,16 @@
}
/**
+ * @hide
+ * Returns whether the current user has been disallowed from performing certain actions
+ * or setting certain settings.
+ * @param restrictionKey the string key representing the restriction
+ */
+ public boolean hasUserRestriction(String restrictionKey) {
+ return getUserRestrictions().getBoolean(restrictionKey, false);
+ }
+
+ /**
* Return the serial number for a user. This is a device-unique
* number assigned to that user; if the user is deleted and then a new
* user created, the new users will not be given the same serial number.
@@ -465,7 +509,7 @@
* Returns the maximum number of users that can be created on this device. A return value
* of 1 means that it is a single user device.
* @hide
- * @return a value greater than or equal to 1
+ * @return a value greater than or equal to 1
*/
public static int getMaxSupportedUsers() {
// Don't allow multiple users on certain builds
@@ -508,13 +552,6 @@
return -1;
}
- /**
- * Returns whether the current user is allowed to toggle location sharing settings.
- * @hide
- */
- public boolean isLocationSharingToggleAllowed() {
- return !getUserRestrictions().getBoolean(DISALLOW_SHARE_LOCATION, false);
- }
/**
* @hide
diff --git a/packages/SettingsProvider/src/com/android/providers/settings/SettingsHelper.java b/packages/SettingsProvider/src/com/android/providers/settings/SettingsHelper.java
index 4a67997..a446e40 100644
--- a/packages/SettingsProvider/src/com/android/providers/settings/SettingsHelper.java
+++ b/packages/SettingsProvider/src/com/android/providers/settings/SettingsHelper.java
@@ -98,11 +98,11 @@
private void setGpsLocation(String value) {
UserManager um = (UserManager) mContext.getSystemService(Context.USER_SERVICE);
- if (! um.isLocationSharingToggleAllowed()) {
+ if (um.hasUserRestriction(UserManager.DISALLOW_SHARE_LOCATION)) {
return;
}
final String GPS = LocationManager.GPS_PROVIDER;
- boolean enabled =
+ boolean enabled =
GPS.equals(value) ||
value.startsWith(GPS + ",") ||
value.endsWith("," + GPS) ||
diff --git a/services/java/com/android/server/accounts/AccountManagerService.java b/services/java/com/android/server/accounts/AccountManagerService.java
index c4b98ad..18a1a39 100644
--- a/services/java/com/android/server/accounts/AccountManagerService.java
+++ b/services/java/com/android/server/accounts/AccountManagerService.java
@@ -906,6 +906,7 @@
}
}
+ @Override
public void invalidateAuthToken(String accountType, String authToken) {
if (Log.isLoggable(TAG, Log.VERBOSE)) {
Log.v(TAG, "invalidateAuthToken: accountType " + accountType
@@ -1351,7 +1352,7 @@
String subtitle = "";
if (index > 0) {
title = titleAndSubtitle.substring(0, index);
- subtitle = titleAndSubtitle.substring(index + 1);
+ subtitle = titleAndSubtitle.substring(index + 1);
}
UserHandle user = new UserHandle(userId);
n.setLatestEventInfo(mContext, title, subtitle,
@@ -1426,8 +1427,7 @@
checkManageAccountsPermission();
// Is user disallowed from modifying accounts?
- if (getUserManager().getUserRestrictions(Binder.getCallingUserHandle())
- .getBoolean(UserManager.DISALLOW_MODIFY_ACCOUNTS, false)) {
+ if (getUserManager().hasUserRestriction(UserManager.DISALLOW_MODIFY_ACCOUNTS)) {
try {
response.onError(AccountManager.ERROR_CODE_USER_RESTRICTED,
"User is not allowed to add an account!");
@@ -2570,9 +2570,7 @@
private boolean canUserModifyAccounts(int callingUid) {
if (callingUid != android.os.Process.myUid()) {
- Bundle restrictions = getUserManager().getUserRestrictions(
- new UserHandle(UserHandle.getUserId(callingUid)));
- if (restrictions.getBoolean(UserManager.DISALLOW_MODIFY_ACCOUNTS, false)) {
+ if (getUserManager().hasUserRestriction(UserManager.DISALLOW_MODIFY_ACCOUNTS)) {
return false;
}
}
diff --git a/services/java/com/android/server/pm/UserManagerService.java b/services/java/com/android/server/pm/UserManagerService.java
index fecc2df..01ea1a2 100644
--- a/services/java/com/android/server/pm/UserManagerService.java
+++ b/services/java/com/android/server/pm/UserManagerService.java
@@ -26,7 +26,6 @@
import android.content.Context;
import android.content.Intent;
import android.content.RestrictionEntry;
-import android.content.SharedPreferences;
import android.content.pm.PackageManager;
import android.content.pm.PackageManager.NameNotFoundException;
import android.content.pm.UserInfo;
@@ -619,6 +618,10 @@
writeBoolean(serializer, restrictions, UserManager.DISALLOW_INSTALL_APPS);
writeBoolean(serializer, restrictions, UserManager.DISALLOW_UNINSTALL_APPS);
writeBoolean(serializer, restrictions, UserManager.DISALLOW_SHARE_LOCATION);
+ writeBoolean(serializer, restrictions,
+ UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES);
+ writeBoolean(serializer, restrictions, UserManager.DISALLOW_CONFIG_BLUETOOTH);
+ writeBoolean(serializer, restrictions, UserManager.DISALLOW_USB_FILE_TRANSFER);
serializer.endTag(null, TAG_RESTRICTIONS);
}
serializer.endTag(null, TAG_USER);
@@ -735,6 +738,10 @@
readBoolean(parser, restrictions, UserManager.DISALLOW_INSTALL_APPS);
readBoolean(parser, restrictions, UserManager.DISALLOW_UNINSTALL_APPS);
readBoolean(parser, restrictions, UserManager.DISALLOW_SHARE_LOCATION);
+ readBoolean(parser, restrictions,
+ UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES);
+ readBoolean(parser, restrictions, UserManager.DISALLOW_CONFIG_BLUETOOTH);
+ readBoolean(parser, restrictions, UserManager.DISALLOW_USB_FILE_TRANSFER);
}
}
}