blob: a415dc57e160fc0cb4b4e3fc6d010f7de8e7357e [file] [log] [blame]
Amith Yamasani258848d2012-08-10 17:06:33 -07001/*
2 * Copyright (C) 2012 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
Jeff Sharkey8a372a02016-03-16 16:25:45 -060016
Amith Yamasani258848d2012-08-10 17:06:33 -070017package android.os;
18
Xiaohui Chenb3b92582015-12-07 11:22:13 -080019import android.Manifest;
Fyodor Kupolov02cb6e72015-09-18 18:20:55 -070020import android.accounts.AccountManager;
Bookatz029832a2019-10-04 16:50:22 -070021import android.annotation.ColorInt;
22import android.annotation.DrawableRes;
Zoltan Szatmary-Bane7834602016-04-08 18:41:11 +010023import android.annotation.IntDef;
Adam Lesinskiada8deb2017-05-12 13:50:42 -070024import android.annotation.NonNull;
Xiaohui Chen7cb69df2015-07-13 16:01:01 -070025import android.annotation.Nullable;
Xiaohui Chenb3b92582015-12-07 11:22:13 -080026import android.annotation.RequiresPermission;
Roshan Pius3eac0b92019-12-05 09:35:36 -080027import android.annotation.StringDef;
Amith Yamasani0e8d7d62014-09-03 13:17:28 -070028import android.annotation.SystemApi;
Jeff Sharkeyd86b8fe2017-06-02 17:36:26 -060029import android.annotation.SystemService;
Makoto Onukie72f81b2017-03-16 14:08:19 -070030import android.annotation.TestApi;
Valentin Iftime89df4c82019-08-23 13:02:50 +020031import android.annotation.UserHandleAware;
Jeff Sharkey8588bc12016-01-06 16:47:42 -070032import android.annotation.UserIdInt;
Fyodor Kupolov4e9af062016-07-18 16:59:11 -070033import android.annotation.WorkerThread;
Amith Yamasani37ed8d12016-01-27 14:40:16 -080034import android.app.Activity;
Dianne Hackborn409297d2014-07-10 17:39:20 -070035import android.app.ActivityManager;
Lee Shombertebe2a0b2020-01-23 10:02:15 -080036import android.app.PropertyInvalidatedCache;
Pavel Grafov4513e242020-01-31 11:41:51 +000037import android.app.admin.DevicePolicyManager;
Artur Satayevafdb23a2019-12-10 17:47:53 +000038import android.compat.annotation.UnsupportedAppUsage;
Makoto Onuki068c54a2015-10-13 14:34:03 -070039import android.content.ComponentName;
Amith Yamasani258848d2012-08-10 17:06:33 -070040import android.content.Context;
Amith Yamasani12747872015-12-07 14:19:49 -080041import android.content.Intent;
Esteban Talavera8bd7c522017-02-13 12:35:04 +000042import android.content.IntentFilter;
Benjamin Franzf02420c2016-04-04 18:52:21 +010043import android.content.IntentSender;
Amith Yamasani258848d2012-08-10 17:06:33 -070044import android.content.pm.UserInfo;
Felipe Lemec1ca4412019-09-11 09:23:26 -070045import android.content.pm.UserInfo.UserInfoFlag;
Robin Lee83c79312018-02-09 19:27:18 +010046import android.content.res.Configuration;
Jeff Sharkey27bd34d2012-09-16 12:49:00 -070047import android.content.res.Resources;
Maggie Benthall67944582013-02-22 14:58:27 -050048import android.graphics.Bitmap;
Adrian Roos1bdff912015-02-17 15:51:35 +010049import android.graphics.BitmapFactory;
Amith Yamasani4f582632014-02-19 14:31:52 -080050import android.graphics.Rect;
Amith Yamasani4f582632014-02-19 14:31:52 -080051import android.graphics.drawable.Drawable;
Soonil Nagarkardc08e3a2019-12-02 12:31:45 -080052import android.location.LocationManager;
Amith Yamasani1e9c2182014-06-11 17:25:51 -070053import android.provider.Settings;
Fyodor Kupolov523c4042016-02-24 15:03:13 -080054import android.telephony.TelephonyManager;
Valentin Iftime89df4c82019-08-23 13:02:50 +020055import android.util.AndroidException;
Jason Monk1c7c3192014-06-26 12:52:18 -040056import android.view.WindowManager.LayoutParams;
Amith Yamasani258848d2012-08-10 17:06:33 -070057
Maggie Benthall67944582013-02-22 14:58:27 -050058import com.android.internal.R;
John Reckaa67f682016-09-20 14:24:21 -070059import com.android.internal.os.RoSystemProperties;
Varun Shahacb56342019-12-18 11:45:38 -080060import com.android.internal.util.FrameworkStatsLog;
Maggie Benthall67944582013-02-22 14:58:27 -050061
Adrian Roos1bdff912015-02-17 15:51:35 +010062import java.io.IOException;
Zoltan Szatmary-Bane7834602016-04-08 18:41:11 +010063import java.lang.annotation.Retention;
64import java.lang.annotation.RetentionPolicy;
Amith Yamasani4f582632014-02-19 14:31:52 -080065import java.util.ArrayList;
Amith Yamasani258848d2012-08-10 17:06:33 -070066import java.util.List;
Valentin Iftime4bf82c822020-02-19 17:51:17 +010067import java.util.Set;
Amith Yamasani258848d2012-08-10 17:06:33 -070068
69/**
Amith Yamasani06964342016-04-15 13:55:01 -070070 * Manages users and user details on a multi-user system. There are two major categories of
71 * users: fully customizable users with their own login, and managed profiles that share a workspace
72 * with a related user.
73 * <p>
74 * Users are different from accounts, which are managed by
75 * {@link AccountManager}. Each user can have their own set of accounts.
76 * <p>
77 * See {@link DevicePolicyManager#ACTION_PROVISION_MANAGED_PROFILE} for more on managed profiles.
Amith Yamasani258848d2012-08-10 17:06:33 -070078 */
Jeff Sharkeyd86b8fe2017-06-02 17:36:26 -060079@SystemService(Context.USER_SERVICE)
Amith Yamasani258848d2012-08-10 17:06:33 -070080public class UserManager {
81
Pavel Grafov4f4f6f82017-03-28 13:44:04 +010082 private static final String TAG = "UserManager";
Andrei Onea24ec3212019-03-15 17:35:05 +000083 @UnsupportedAppUsage
Amith Yamasani258848d2012-08-10 17:06:33 -070084 private final IUserManager mService;
Valentin Iftime89df4c82019-08-23 13:02:50 +020085 /** Holding the Application context (not constructor param context). */
Amith Yamasani258848d2012-08-10 17:06:33 -070086 private final Context mContext;
87
Valentin Iftime89df4c82019-08-23 13:02:50 +020088 /** The userId of the constructor param context. To be used instead of mContext.getUserId(). */
89 private final @UserIdInt int mUserId;
90
Makoto Onukid49f3fa2017-01-25 14:09:48 -080091 private Boolean mIsManagedProfileCached;
Bookatz029832a2019-10-04 16:50:22 -070092 private Boolean mIsProfileCached;
93
94 /**
95 * User type representing a {@link UserHandle#USER_SYSTEM system} user that is a human user.
96 * This type of user cannot be created; it can only pre-exist on first boot.
97 * @hide
98 */
Valentin Iftime89df4c82019-08-23 13:02:50 +020099 @SystemApi
Bookatz029832a2019-10-04 16:50:22 -0700100 public static final String USER_TYPE_FULL_SYSTEM = "android.os.usertype.full.SYSTEM";
101
102 /**
103 * User type representing a regular non-profile non-{@link UserHandle#USER_SYSTEM system} human
104 * user.
105 * This is sometimes called an ordinary 'secondary user'.
106 * @hide
107 */
Valentin Iftime89df4c82019-08-23 13:02:50 +0200108 @SystemApi
Bookatz029832a2019-10-04 16:50:22 -0700109 public static final String USER_TYPE_FULL_SECONDARY = "android.os.usertype.full.SECONDARY";
110
111 /**
112 * User type representing a guest user that may be transient.
113 * @hide
114 */
115 public static final String USER_TYPE_FULL_GUEST = "android.os.usertype.full.GUEST";
116
117 /**
118 * User type representing a user for demo purposes only, which can be removed at any time.
119 * @hide
120 */
121 public static final String USER_TYPE_FULL_DEMO = "android.os.usertype.full.DEMO";
122
123 /**
124 * User type representing a "restricted profile" user, which is a full user that is subject to
125 * certain restrictions from a parent user. Note, however, that it is NOT technically a profile.
126 * @hide
127 */
128 public static final String USER_TYPE_FULL_RESTRICTED = "android.os.usertype.full.RESTRICTED";
129
130 /**
131 * User type representing a managed profile, which is a profile that is to be managed by a
132 * device policy controller (DPC).
133 * The intended purpose is for work profiles, which are managed by a corporate entity.
134 * @hide
135 */
Valentin Iftime89df4c82019-08-23 13:02:50 +0200136 @SystemApi
Bookatz029832a2019-10-04 16:50:22 -0700137 public static final String USER_TYPE_PROFILE_MANAGED = "android.os.usertype.profile.MANAGED";
138
139 /**
140 * User type representing a {@link UserHandle#USER_SYSTEM system} user that is <b>not</b> a
141 * human user.
142 * This type of user cannot be created; it can only pre-exist on first boot.
143 * @hide
144 */
Valentin Iftime89df4c82019-08-23 13:02:50 +0200145 @SystemApi
Bookatz029832a2019-10-04 16:50:22 -0700146 public static final String USER_TYPE_SYSTEM_HEADLESS = "android.os.usertype.system.HEADLESS";
Makoto Onukid49f3fa2017-01-25 14:09:48 -0800147
Amith Yamasanie4cf7342012-12-17 11:12:09 -0800148 /**
Pierre Barbier de Reuille17eaf742020-01-10 17:49:45 +0000149 * Flag passed to {@link #requestQuietModeEnabled} to request disabling quiet mode only if
150 * there is no need to confirm the user credentials. If credentials are required to disable
151 * quiet mode, {@link #requestQuietModeEnabled} will do nothing and return {@code false}.
152 */
153 public static final int QUIET_MODE_DISABLE_ONLY_IF_CREDENTIAL_NOT_REQUIRED = 0x1;
154
155 /**
Pavel Grafov4513e242020-01-31 11:41:51 +0000156 * Flag passed to {@link #requestQuietModeEnabled} to request disabling quiet mode without
157 * asking for credentials. This is used when managed profile password is forgotten. It starts
158 * the user in locked state so that a direct boot aware DPC could reset the password.
159 * Should not be used together with
160 * {@link #QUIET_MODE_DISABLE_ONLY_IF_CREDENTIAL_NOT_REQUIRED} or an exception will be thrown.
161 * @hide
162 */
163 public static final int QUIET_MODE_DISABLE_DONT_ASK_CREDENTIAL = 0x2;
164
165 /**
Pierre Barbier de Reuille17eaf742020-01-10 17:49:45 +0000166 * List of flags available for the {@link #requestQuietModeEnabled} method.
167 * @hide
168 */
169 @Retention(RetentionPolicy.SOURCE)
170 @IntDef(flag = true, prefix = { "QUIET_MODE_" }, value = {
Pavel Grafov4513e242020-01-31 11:41:51 +0000171 QUIET_MODE_DISABLE_ONLY_IF_CREDENTIAL_NOT_REQUIRED,
172 QUIET_MODE_DISABLE_DONT_ASK_CREDENTIAL})
Pierre Barbier de Reuille17eaf742020-01-10 17:49:45 +0000173 public @interface QuietModeFlag {}
174
175 /**
Zoltan Szatmary-Bane7834602016-04-08 18:41:11 +0100176 * @hide
177 * No user restriction.
178 */
179 @SystemApi
180 public static final int RESTRICTION_NOT_SET = 0x0;
181
182 /**
183 * @hide
184 * User restriction set by system/user.
185 */
186 @SystemApi
187 public static final int RESTRICTION_SOURCE_SYSTEM = 0x1;
188
189 /**
190 * @hide
191 * User restriction set by a device owner.
192 */
193 @SystemApi
194 public static final int RESTRICTION_SOURCE_DEVICE_OWNER = 0x2;
195
196 /**
197 * @hide
198 * User restriction set by a profile owner.
199 */
200 @SystemApi
201 public static final int RESTRICTION_SOURCE_PROFILE_OWNER = 0x4;
202
203 /** @hide */
204 @Retention(RetentionPolicy.SOURCE)
Jeff Sharkeyce8db992017-12-13 20:05:05 -0700205 @IntDef(flag = true, prefix = { "RESTRICTION_" }, value = {
206 RESTRICTION_NOT_SET,
207 RESTRICTION_SOURCE_SYSTEM,
208 RESTRICTION_SOURCE_DEVICE_OWNER,
209 RESTRICTION_SOURCE_PROFILE_OWNER
210 })
Zoltan Szatmary-Bane7834602016-04-08 18:41:11 +0100211 @SystemApi
212 public @interface UserRestrictionSource {}
213
214 /**
Fyodor Kupolov53019282015-07-21 11:48:18 -0700215 * Specifies if a user is disallowed from adding and removing accounts, unless they are
216 * {@link android.accounts.AccountManager#addAccountExplicitly programmatically} added by
217 * Authenticator.
Amith Yamasani71e6c692013-03-24 17:39:28 -0700218 * The default value is <code>false</code>.
Amith Yamasani26af8292014-09-09 09:57:27 -0700219 *
Benjamin Franzb6c0ce42015-11-05 10:06:51 +0000220 * <p>From {@link android.os.Build.VERSION_CODES#N} a profile or device owner app can still
221 * use {@link android.accounts.AccountManager} APIs to add or remove accounts when account
222 * management is disallowed.
223 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800224 * <p>Key for user restrictions.
225 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700226 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
227 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Amith Yamasanie4cf7342012-12-17 11:12:09 -0800228 * @see #getUserRestrictions()
229 */
Amith Yamasani71e6c692013-03-24 17:39:28 -0700230 public static final String DISALLOW_MODIFY_ACCOUNTS = "no_modify_accounts";
Amith Yamasanie4cf7342012-12-17 11:12:09 -0800231
232 /**
Alex Johnston97b68a52020-05-04 13:32:07 +0100233 * Specifies if a user is disallowed from changing Wi-Fi access points via Settings.
234 *
235 * <p>A device owner and a profile owner can set this restriction, although the restriction has
236 * no effect in a managed profile. When it is set by a device owner, a profile owner on the
237 * primary user or by a profile owner of an organization-owned managed profile on the parent
238 * profile, it disallows the primary user from changing Wi-Fi access points.
239 *
240 * <p>The default value is <code>false</code>.
Amith Yamasani26af8292014-09-09 09:57:27 -0700241 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800242 * <p>Key for user restrictions.
243 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700244 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
245 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Amith Yamasanie4cf7342012-12-17 11:12:09 -0800246 * @see #getUserRestrictions()
247 */
Amith Yamasani71e6c692013-03-24 17:39:28 -0700248 public static final String DISALLOW_CONFIG_WIFI = "no_config_wifi";
Amith Yamasanie4cf7342012-12-17 11:12:09 -0800249
250 /**
Christine Franks1bade5d2017-10-10 15:41:50 -0700251 * Specifies if a user is disallowed from changing the device
252 * language. The default value is <code>false</code>.
253 *
254 * <p>Key for user restrictions.
255 * <p>Type: Boolean
256 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
257 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
258 * @see #getUserRestrictions()
259 */
260 public static final String DISALLOW_CONFIG_LOCALE = "no_config_locale";
261
262 /**
Benjamin Millerf1c3ed12018-05-03 10:56:28 +0000263 * Specifies if a user is disallowed from installing applications. This user restriction also
264 * prevents device owners and profile owners installing apps. The default value is
265 * {@code false}.
Amith Yamasani26af8292014-09-09 09:57:27 -0700266 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800267 * <p>Key for user restrictions.
268 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700269 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
270 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Amith Yamasanie4cf7342012-12-17 11:12:09 -0800271 * @see #getUserRestrictions()
272 */
Amith Yamasani71e6c692013-03-24 17:39:28 -0700273 public static final String DISALLOW_INSTALL_APPS = "no_install_apps";
Amith Yamasanie4cf7342012-12-17 11:12:09 -0800274
275 /**
Amith Yamasani26af8292014-09-09 09:57:27 -0700276 * Specifies if a user is disallowed from uninstalling applications.
Amith Yamasani71e6c692013-03-24 17:39:28 -0700277 * The default value is <code>false</code>.
Amith Yamasani26af8292014-09-09 09:57:27 -0700278 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800279 * <p>Key for user restrictions.
280 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700281 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
282 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Amith Yamasanie4cf7342012-12-17 11:12:09 -0800283 * @see #getUserRestrictions()
284 */
Amith Yamasani71e6c692013-03-24 17:39:28 -0700285 public static final String DISALLOW_UNINSTALL_APPS = "no_uninstall_apps";
Amith Yamasanie4cf7342012-12-17 11:12:09 -0800286
Amith Yamasani71e6c692013-03-24 17:39:28 -0700287 /**
Amith Yamasani150514b2015-01-07 16:05:05 -0800288 * Specifies if a user is disallowed from turning on location sharing.
Alex Johnston97b68a52020-05-04 13:32:07 +0100289 *
290 * <p>In a managed profile, location sharing by default reflects the primary user's setting, but
Amith Yamasani150514b2015-01-07 16:05:05 -0800291 * can be overridden and forced off by setting this restriction to true in the managed profile.
Alex Johnston97b68a52020-05-04 13:32:07 +0100292 *
293 * <p>A device owner and a profile owner can set this restriction. When it is set by a device
294 * owner, a profile owner on the primary user or by a profile owner of an organization-owned
295 * managed profile on the parent profile, it prevents the primary user from turning on
296 * location sharing.
297 *
298 * <p>The default value is <code>false</code>.
Amith Yamasani26af8292014-09-09 09:57:27 -0700299 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800300 * <p>Key for user restrictions.
301 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700302 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
303 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Maggie Benthall67944582013-02-22 14:58:27 -0500304 * @see #getUserRestrictions()
305 */
Amith Yamasani71e6c692013-03-24 17:39:28 -0700306 public static final String DISALLOW_SHARE_LOCATION = "no_share_location";
Maggie Benthall67944582013-02-22 14:58:27 -0500307
Maggie Benthalla12fccf2013-03-14 18:02:12 -0400308 /**
yuemingw5fe75dc2017-11-29 15:52:56 +0000309 * Specifies if airplane mode is disallowed on the device.
Alex Johnston97b68a52020-05-04 13:32:07 +0100310 *
311 * <p>This restriction can only be set by a device owner, a profile owner on the primary
312 * user or a profile owner of an organization-owned managed profile on the parent profile.
313 * When it is set by any of these owners, it applies globally - i.e., it disables airplane mode
314 * on the entire device.
315 *
316 * <p>The default value is <code>false</code>.
yuemingw5fe75dc2017-11-29 15:52:56 +0000317 *
318 * <p>Key for user restrictions.
319 * <p>Type: Boolean
320 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
321 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
322 * @see #getUserRestrictions()
323 */
324 public static final String DISALLOW_AIRPLANE_MODE = "no_airplane_mode";
325
326 /**
yuemingwc6ac29d2018-01-10 16:54:08 +0000327 * Specifies if a user is disallowed from configuring brightness. When device owner sets it,
328 * it'll only be applied on the target(system) user.
329 *
330 * <p>The default value is <code>false</code>.
331 *
332 * <p>This user restriction has no effect on managed profiles.
333 * <p>Key for user restrictions.
334 * <p>Type: Boolean
335 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
336 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
337 * @see #getUserRestrictions()
338 */
339 public static final String DISALLOW_CONFIG_BRIGHTNESS = "no_config_brightness";
340
341 /**
yuemingwa1781442018-01-10 18:59:43 +0000342 * Specifies if ambient display is disallowed for the user.
343 *
344 * <p>The default value is <code>false</code>.
345 *
346 * <p>This user restriction has no effect on managed profiles.
347 * <p>Key for user restrictions.
348 * <p>Type: Boolean
349 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
350 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
351 * @see #getUserRestrictions()
352 */
353 public static final String DISALLOW_AMBIENT_DISPLAY = "no_ambient_display";
354
355 /**
yuemingw5cda3ae2018-01-15 10:26:19 +0000356 * Specifies if a user is disallowed from changing screen off timeout.
357 *
358 * <p>The default value is <code>false</code>.
359 *
360 * <p>This user restriction has no effect on managed profiles.
361 * <p>Key for user restrictions.
362 * <p>Type: Boolean
363 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
364 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
365 * @see #getUserRestrictions()
366 */
367 public static final String DISALLOW_CONFIG_SCREEN_TIMEOUT = "no_config_screen_timeout";
368
369 /**
Amith Yamasani26af8292014-09-09 09:57:27 -0700370 * Specifies if a user is disallowed from enabling the
Maggie Benthalla12fccf2013-03-14 18:02:12 -0400371 * "Unknown Sources" setting, that allows installation of apps from unknown sources.
Irina Dumitrescu4638edd2018-09-05 14:08:33 +0100372 * Unknown sources exclude adb and special apps such as trusted app stores.
Maggie Benthalla12fccf2013-03-14 18:02:12 -0400373 * The default value is <code>false</code>.
Amith Yamasani26af8292014-09-09 09:57:27 -0700374 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800375 * <p>Key for user restrictions.
376 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700377 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
378 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Maggie Benthalla12fccf2013-03-14 18:02:12 -0400379 * @see #getUserRestrictions()
380 */
381 public static final String DISALLOW_INSTALL_UNKNOWN_SOURCES = "no_install_unknown_sources";
382
383 /**
Tor Norbye33ca9122018-10-03 09:28:21 +0200384 * This restriction is a device-wide version of {@link #DISALLOW_INSTALL_UNKNOWN_SOURCES}.
Irina Dumitrescu4638edd2018-09-05 14:08:33 +0100385 *
386 * Specifies if all users on the device are disallowed from enabling the
387 * "Unknown Sources" setting, that allows installation of apps from unknown sources.
Irina Dumitrescu0501eee2018-10-19 23:50:18 +0100388 *
389 * This restriction can be enabled by the profile owner, in which case all accounts and
390 * profiles will be affected.
391 *
Irina Dumitrescu4638edd2018-09-05 14:08:33 +0100392 * The default value is <code>false</code>.
393 *
394 * <p>Key for user restrictions.
395 * <p>Type: Boolean
396 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
397 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
398 * @see #getUserRestrictions()
399 */
400 public static final String DISALLOW_INSTALL_UNKNOWN_SOURCES_GLOBALLY =
401 "no_install_unknown_sources_globally";
402
403 /**
Alex Johnston97b68a52020-05-04 13:32:07 +0100404 * Specifies if a user is disallowed from configuring bluetooth via Settings. This does
405 * <em>not</em> restrict the user from turning bluetooth on or off.
406 *
407 * <p>This restriction doesn't prevent the user from using bluetooth. For disallowing usage of
Lenka Trochtova63d5e4a72016-12-02 12:19:39 +0100408 * bluetooth completely on the device, use {@link #DISALLOW_BLUETOOTH}.
Alex Johnston97b68a52020-05-04 13:32:07 +0100409 *
410 * <p>A device owner and a profile owner can set this restriction, although the restriction has
411 * no effect in a managed profile. When it is set by a device owner, a profile owner on the
412 * primary user or by a profile owner of an organization-owned managed profile on the parent
413 * profile, it disallows the primary user from configuring bluetooth.
414 *
415 * <p>The default value is <code>false</code>.
Amith Yamasani26af8292014-09-09 09:57:27 -0700416 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800417 * <p>Key for user restrictions.
418 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700419 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
420 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Maggie Benthalla12fccf2013-03-14 18:02:12 -0400421 * @see #getUserRestrictions()
422 */
423 public static final String DISALLOW_CONFIG_BLUETOOTH = "no_config_bluetooth";
424
Maggie Benthalla12fccf2013-03-14 18:02:12 -0400425 /**
Alex Johnston97b68a52020-05-04 13:32:07 +0100426 * Specifies if bluetooth is disallowed on the device. If bluetooth is disallowed on the device,
427 * bluetooth cannot be turned on or configured via Settings.
Lenka Trochtova63d5e4a72016-12-02 12:19:39 +0100428 *
Alex Johnston97b68a52020-05-04 13:32:07 +0100429 * <p>This restriction can only be set by a device owner, a profile owner on the primary
430 * user or a profile owner of an organization-owned managed profile on the parent profile.
431 * When it is set by a device owner, it applies globally - i.e., it disables bluetooth on
432 * the entire device and all users will be affected. When it is set by a profile owner on the
433 * primary user or by a profile owner of an organization-owned managed profile on the parent
434 * profile, it disables the primary user from using bluetooth and configuring bluetooth
435 * in Settings.
436 *
Lenka Trochtova63d5e4a72016-12-02 12:19:39 +0100437 * <p>The default value is <code>false</code>.
Alex Johnston97b68a52020-05-04 13:32:07 +0100438 *
Lenka Trochtova63d5e4a72016-12-02 12:19:39 +0100439 * <p>Key for user restrictions.
440 * <p>Type: Boolean
441 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
442 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
443 * @see #getUserRestrictions()
444 */
445 public static final String DISALLOW_BLUETOOTH = "no_bluetooth";
446
447 /**
Alex Johnston97b68a52020-05-04 13:32:07 +0100448 * Specifies if outgoing bluetooth sharing is disallowed.
Pavel Grafov4f4f6f82017-03-28 13:44:04 +0100449 *
Alex Johnston97b68a52020-05-04 13:32:07 +0100450 * <p>A device owner and a profile owner can set this restriction. When it is set by a device
451 * owner, it applies globally. When it is set by a profile owner on the primary user or by a
452 * profile owner of an organization-owned managed profile on the parent profile, it disables
453 * the primary user from any outgoing bluetooth sharing.
454 *
455 * <p>Default is <code>true</code> for managed profiles and false otherwise.
456 *
457 * <p>When a device upgrades to {@link android.os.Build.VERSION_CODES#O}, the system sets it
458 * for all existing managed profiles.
Pavel Grafov4f4f6f82017-03-28 13:44:04 +0100459 *
460 * <p>Key for user restrictions.
461 * <p>Type: Boolean
462 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
463 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
464 * @see #getUserRestrictions()
465 */
466 public static final String DISALLOW_BLUETOOTH_SHARING = "no_bluetooth_sharing";
467
468 /**
Alex Johnston97b68a52020-05-04 13:32:07 +0100469 * Specifies if a user is disallowed from transferring files over USB.
470 *
471 * <p>This restriction can only be set by a device owner, a profile owner on the primary
472 * user or a profile owner of an organization-owned managed profile on the parent profile.
473 * When it is set by a device owner, it applies globally. When it is set by a profile owner
474 * on the primary user or by a profile owner of an organization-owned managed profile on
475 * the parent profile, it disables the primary user from transferring files over USB. No other
476 * user on the device is able to use file transfer over USB because the UI for file transfer
477 * is always associated with the primary user.
478 *
479 * <p>The default value is <code>false</code>.
Amith Yamasani26af8292014-09-09 09:57:27 -0700480 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800481 * <p>Key for user restrictions.
482 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700483 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
484 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Maggie Benthalla12fccf2013-03-14 18:02:12 -0400485 * @see #getUserRestrictions()
486 */
487 public static final String DISALLOW_USB_FILE_TRANSFER = "no_usb_file_transfer";
488
Emily Bernierb223f732013-04-11 15:46:36 -0400489 /**
Amith Yamasani26af8292014-09-09 09:57:27 -0700490 * Specifies if a user is disallowed from configuring user
Emily Bernierb223f732013-04-11 15:46:36 -0400491 * credentials. The default value is <code>false</code>.
Amith Yamasani26af8292014-09-09 09:57:27 -0700492 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800493 * <p>Key for user restrictions.
494 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700495 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
496 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Emily Bernierb223f732013-04-11 15:46:36 -0400497 * @see #getUserRestrictions()
498 */
499 public static final String DISALLOW_CONFIG_CREDENTIALS = "no_config_credentials";
500
501 /**
Adam Bookatzd5211852020-05-11 13:01:49 -0700502 * When set on the admin user this specifies if the user can remove users.
503 * When set on a non-admin secondary user, this specifies if the user can remove itself.
Amith Yamasani150514b2015-01-07 16:05:05 -0800504 * This restriction has no effect on managed profiles.
505 * The default value is <code>false</code>.
Amith Yamasani26af8292014-09-09 09:57:27 -0700506 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800507 * <p>Key for user restrictions.
508 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700509 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
510 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Emily Bernierb223f732013-04-11 15:46:36 -0400511 * @see #getUserRestrictions()
512 */
513 public static final String DISALLOW_REMOVE_USER = "no_remove_user";
514
Julia Reynoldsd46d0f92014-04-23 15:23:24 -0400515 /**
Esteban Talavera6c9116a2016-11-24 16:12:44 +0000516 * Specifies if managed profiles of this user can be removed, other than by its profile owner.
517 * The default value is <code>false</code>.
518 * <p>
Nicolas Prevot2ea46fe2017-01-05 10:29:34 +0000519 * This restriction has no effect on managed profiles.
Esteban Talavera6c9116a2016-11-24 16:12:44 +0000520 *
521 * <p>Key for user restrictions.
522 * <p>Type: Boolean
523 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
524 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
525 * @see #getUserRestrictions()
Eran Messerice273df2019-12-17 13:14:45 +0000526 * @deprecated As the ability to have a managed profile on a fully-managed device has been
527 * removed from the platform, this restriction will be silently ignored when applied by the
528 * device owner.
529 * When the device is provisioned with a managed profile on an organization-owned device,
530 * the managed profile could not be removed anyway.
Esteban Talavera6c9116a2016-11-24 16:12:44 +0000531 */
Eran Messerice273df2019-12-17 13:14:45 +0000532 @Deprecated
Esteban Talavera6c9116a2016-11-24 16:12:44 +0000533 public static final String DISALLOW_REMOVE_MANAGED_PROFILE = "no_remove_managed_profile";
534
535 /**
Alex Johnston97b68a52020-05-04 13:32:07 +0100536 * Specifies if a user is disallowed from enabling or accessing debugging features.
537 *
538 * <p>A device owner and a profile owner can set this restriction. When it is set by a device
539 * owner, a profile owner on the primary user or by a profile owner of an organization-owned
540 * managed profile on the parent profile, it disables debugging features altogether, including
541 * USB debugging. When set on a managed profile or a secondary user, it blocks debugging for
542 * that user only, including starting activities, making service calls, accessing content
543 * providers, sending broadcasts, installing/uninstalling packages, clearing user data, etc.
544 *
545 * <p>The default value is <code>false</code>.
Amith Yamasani26af8292014-09-09 09:57:27 -0700546 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800547 * <p>Key for user restrictions.
548 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700549 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
550 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Julia Reynoldsd46d0f92014-04-23 15:23:24 -0400551 * @see #getUserRestrictions()
552 */
553 public static final String DISALLOW_DEBUGGING_FEATURES = "no_debugging_features";
554
555 /**
Benjamin Miller05fef7e2017-07-24 10:11:39 +0200556 * Specifies if a user is disallowed from configuring a VPN. The default value is
557 * <code>false</code>. This restriction has an effect when set by device owners and, in Android
558 * 6.0 ({@linkplain android.os.Build.VERSION_CODES#M API level 23}) or higher, profile owners.
559 * <p>This restriction also prevents VPNs from starting. However, in Android 7.0
560 * ({@linkplain android.os.Build.VERSION_CODES#N API level 24}) or higher, the system does
561 * start always-on VPNs created by the device or profile owner.
Amith Yamasani26af8292014-09-09 09:57:27 -0700562 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800563 * <p>Key for user restrictions.
564 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700565 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
566 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Julia Reynoldsd46d0f92014-04-23 15:23:24 -0400567 * @see #getUserRestrictions()
568 */
569 public static final String DISALLOW_CONFIG_VPN = "no_config_vpn";
570
571 /**
yuemingw7810b8b2018-02-01 17:32:25 +0000572 * Specifies if a user is disallowed from enabling or disabling location providers. As a
Alex Johnston97b68a52020-05-04 13:32:07 +0100573 * result, user is disallowed from turning on or off location via Settings.
yuemingw7cc2c4c2017-11-28 17:20:01 +0000574 *
Alex Johnston97b68a52020-05-04 13:32:07 +0100575 * <p>A device owner and a profile owner can set this restriction. When it is set by a device
576 * owner, a profile owner on the primary user or by a profile owner of an organization-owned
577 * managed profile on the parent profile, it disallows the primary user from turning location
578 * on or off.
579 *
580 * <p>The default value is <code>false</code>.
581 *
582 * <p>This user restriction is different from {@link #DISALLOW_SHARE_LOCATION},
583 * as a device owner or a profile owner can still enable or disable location mode via
Soonil Nagarkardc08e3a2019-12-02 12:31:45 -0800584 * {@link DevicePolicyManager#setLocationEnabled} when this restriction is on.
yuemingw7cc2c4c2017-11-28 17:20:01 +0000585 *
586 * <p>Key for user restrictions.
587 * <p>Type: Boolean
Soonil Nagarkardc08e3a2019-12-02 12:31:45 -0800588 * @see LocationManager#isLocationEnabled()
yuemingw7cc2c4c2017-11-28 17:20:01 +0000589 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
590 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
591 * @see #getUserRestrictions()
592 */
yuemingw7810b8b2018-02-01 17:32:25 +0000593 public static final String DISALLOW_CONFIG_LOCATION = "no_config_location";
yuemingw7cc2c4c2017-11-28 17:20:01 +0000594
595 /**
Alex Johnston97b68a52020-05-04 13:32:07 +0100596 * Specifies configuring date, time and timezone is disallowed via Settings.
yuemingwa9772f362017-10-23 18:34:35 +0100597 *
Alex Johnston97b68a52020-05-04 13:32:07 +0100598 * <p>A device owner and a profile owner can set this restriction, although the restriction has
599 * no effect in a managed profile. When it is set by a device owner or by a profile owner of an
600 * organization-owned managed profile on the parent profile, it applies globally - i.e.,
601 * it disables date, time and timezone setting on the entire device and all users are affected.
602 * When it is set by a profile owner on the primary user, it disables the primary user
603 * from configuring date, time and timezone and disables all configuring of date, time and
604 * timezone in Settings.
605 *
yuemingwa9772f362017-10-23 18:34:35 +0100606 * <p>The default value is <code>false</code>.
607 *
yuemingwa9772f362017-10-23 18:34:35 +0100608 * <p>Key for user restrictions.
609 * <p>Type: Boolean
610 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
611 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
612 * @see #getUserRestrictions()
613 */
614 public static final String DISALLOW_CONFIG_DATE_TIME = "no_config_date_time";
615
616 /**
Alex Johnston97b68a52020-05-04 13:32:07 +0100617 * Specifies if a user is disallowed from configuring Tethering and portable hotspots
618 * via Settings.
619 *
620 * <p>This restriction can only be set by a device owner, a profile owner on the primary
621 * user or a profile owner of an organization-owned managed profile on the parent profile.
622 * When it is set by a device owner, it applies globally. When it is set by a profile owner
623 * on the primary user or by a profile owner of an organization-owned managed profile on
624 * the parent profile, it disables the primary user from using Tethering and hotspots and
625 * disables all configuring of Tethering and hotspots in Settings.
626 *
627 * <p>The default value is <code>false</code>.
628 *
Rubin Xu1faf1442017-08-23 15:48:12 +0100629 * <p>In Android 9.0 or higher, if tethering is enabled when this restriction is set,
630 * tethering will be automatically turned off.
Amith Yamasani26af8292014-09-09 09:57:27 -0700631 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800632 * <p>Key for user restrictions.
633 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700634 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
635 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Julia Reynoldsd46d0f92014-04-23 15:23:24 -0400636 * @see #getUserRestrictions()
637 */
638 public static final String DISALLOW_CONFIG_TETHERING = "no_config_tethering";
639
640 /**
Stuart Scotte3e314d2015-04-20 14:07:45 -0700641 * Specifies if a user is disallowed from resetting network settings
642 * from Settings. This can only be set by device owners and profile owners on the primary user.
643 * The default value is <code>false</code>.
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800644 * <p>This restriction has no effect on secondary users and managed profiles since only the
Stuart Scotte3e314d2015-04-20 14:07:45 -0700645 * primary user can reset the network settings of the device.
646 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800647 * <p>Key for user restrictions.
648 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700649 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
650 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Stuart Scotte3e314d2015-04-20 14:07:45 -0700651 * @see #getUserRestrictions()
652 */
653 public static final String DISALLOW_NETWORK_RESET = "no_network_reset";
654
655 /**
Adam Bookatzd5211852020-05-11 13:01:49 -0700656 * Specifies if a user is disallowed from factory resetting from Settings.
657 * This can only be set by device owners and profile owners on an admin user.
Amith Yamasanic34dc7c2014-09-18 09:42:42 -0700658 * The default value is <code>false</code>.
Adam Bookatzd5211852020-05-11 13:01:49 -0700659 * <p>This restriction has no effect on non-admin users since they cannot factory reset the
660 * device.
Amith Yamasani26af8292014-09-09 09:57:27 -0700661 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800662 * <p>Key for user restrictions.
663 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700664 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
665 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Julia Reynoldsd46d0f92014-04-23 15:23:24 -0400666 * @see #getUserRestrictions()
667 */
668 public static final String DISALLOW_FACTORY_RESET = "no_factory_reset";
669
670 /**
Esteban Talavera6c9116a2016-11-24 16:12:44 +0000671 * Specifies if a user is disallowed from adding new users. This can only be set by device
Alex Johnston9ace1112020-04-30 15:06:19 +0100672 * owners or profile owners on the primary user. The default value is <code>false</code>.
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800673 * <p>This restriction has no effect on secondary users and managed profiles since only the
Amith Yamasani150514b2015-01-07 16:05:05 -0800674 * primary user can add other users.
Alex Johnston9ace1112020-04-30 15:06:19 +0100675 * <p> When the device is an organization-owned device provisioned with a managed profile,
676 * this restriction will be set as a base restriction which cannot be removed by any admin.
Amith Yamasani26af8292014-09-09 09:57:27 -0700677 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800678 * <p>Key for user restrictions.
679 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700680 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
681 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Julia Reynoldsd46d0f92014-04-23 15:23:24 -0400682 * @see #getUserRestrictions()
683 */
684 public static final String DISALLOW_ADD_USER = "no_add_user";
685
686 /**
Esteban Talavera6c9116a2016-11-24 16:12:44 +0000687 * Specifies if a user is disallowed from adding managed profiles.
688 * <p>The default value for an unmanaged user is <code>false</code>.
Nicolas Prevot2ea46fe2017-01-05 10:29:34 +0000689 * For users with a device owner set, the default is <code>true</code>.
690 * <p>This restriction has no effect on managed profiles.
Esteban Talavera6c9116a2016-11-24 16:12:44 +0000691 *
692 * <p>Key for user restrictions.
693 * <p>Type: Boolean
694 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
695 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
696 * @see #getUserRestrictions()
Eran Messerice273df2019-12-17 13:14:45 +0000697 * @deprecated As the ability to have a managed profile on a fully-managed device has been
698 * removed from the platform, this restriction will be silently ignored when applied by the
699 * device owner.
Esteban Talavera6c9116a2016-11-24 16:12:44 +0000700 */
Eran Messerice273df2019-12-17 13:14:45 +0000701 @Deprecated
Esteban Talavera6c9116a2016-11-24 16:12:44 +0000702 public static final String DISALLOW_ADD_MANAGED_PROFILE = "no_add_managed_profile";
703
704 /**
Benjamin Millerd41a9fc2017-07-17 17:24:44 +0200705 * Specifies if a user is disallowed from disabling application verification. The default
706 * value is <code>false</code>.
707 *
708 * <p>In Android 8.0 ({@linkplain android.os.Build.VERSION_CODES#O API level 26}) and higher,
709 * this is a global user restriction. If a device owner or profile owner sets this restriction,
710 * the system enforces app verification across all users on the device. Running in earlier
711 * Android versions, this restriction affects only the profile that sets it.
Amith Yamasani26af8292014-09-09 09:57:27 -0700712 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800713 * <p>Key for user restrictions.
714 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700715 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
716 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Julia Reynoldsd46d0f92014-04-23 15:23:24 -0400717 * @see #getUserRestrictions()
718 */
719 public static final String ENSURE_VERIFY_APPS = "ensure_verify_apps";
720
721 /**
Alex Johnston97b68a52020-05-04 13:32:07 +0100722 * Specifies if a user is disallowed from configuring cell broadcasts.
723 *
724 * <p>This restriction can only be set by a device owner, a profile owner on the primary
725 * user or a profile owner of an organization-owned managed profile on the parent profile.
726 * When it is set by a device owner, it applies globally. When it is set by a profile owner
727 * on the primary user or by a profile owner of an organization-owned managed profile on
728 * the parent profile, it disables the primary user from configuring cell broadcasts.
729 *
730 * <p>The default value is <code>false</code>.
731 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800732 * <p>This restriction has no effect on secondary users and managed profiles since only the
Amith Yamasani150514b2015-01-07 16:05:05 -0800733 * primary user can configure cell broadcasts.
Amith Yamasani26af8292014-09-09 09:57:27 -0700734 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800735 * <p>Key for user restrictions.
736 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700737 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
738 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Julia Reynoldsd46d0f92014-04-23 15:23:24 -0400739 * @see #getUserRestrictions()
740 */
741 public static final String DISALLOW_CONFIG_CELL_BROADCASTS = "no_config_cell_broadcasts";
742
743 /**
Alex Johnston97b68a52020-05-04 13:32:07 +0100744 * Specifies if a user is disallowed from configuring mobile networks.
745 *
746 * <p>This restriction can only be set by a device owner, a profile owner on the primary
747 * user or a profile owner of an organization-owned managed profile on the parent profile.
748 * When it is set by a device owner, it applies globally. When it is set by a profile owner
749 * on the primary user or by a profile owner of an organization-owned managed profile on
750 * the parent profile, it disables the primary user from configuring mobile networks.
751 *
752 * <p>The default value is <code>false</code>.
753 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800754 * <p>This restriction has no effect on secondary users and managed profiles since only the
Amith Yamasani150514b2015-01-07 16:05:05 -0800755 * primary user can configure mobile networks.
Amith Yamasani26af8292014-09-09 09:57:27 -0700756 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800757 * <p>Key for user restrictions.
758 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700759 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
760 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Julia Reynoldsd46d0f92014-04-23 15:23:24 -0400761 * @see #getUserRestrictions()
762 */
763 public static final String DISALLOW_CONFIG_MOBILE_NETWORKS = "no_config_mobile_networks";
764
765 /**
Amith Yamasani26af8292014-09-09 09:57:27 -0700766 * Specifies if a user is disallowed from modifying
Julia Reynoldsc617f812014-07-25 16:32:27 -0400767 * applications in Settings or launchers. The following actions will not be allowed when this
768 * restriction is enabled:
769 * <li>uninstalling apps</li>
770 * <li>disabling apps</li>
771 * <li>clearing app caches</li>
772 * <li>clearing app data</li>
773 * <li>force stopping apps</li>
774 * <li>clearing app defaults</li>
775 * <p>
776 * The default value is <code>false</code>.
Amith Yamasani26af8292014-09-09 09:57:27 -0700777 *
Esteban Talavera8bd7c522017-02-13 12:35:04 +0000778 * <p><strong>Note:</strong> The user will still be able to perform those actions via other
779 * means (such as adb). Third party apps will also be able to uninstall apps via the
780 * {@link android.content.pm.PackageInstaller}. {@link #DISALLOW_UNINSTALL_APPS} or
781 * {@link DevicePolicyManager#setUninstallBlocked(ComponentName, String, boolean)} should be
782 * used to prevent the user from uninstalling apps completely, and
783 * {@link DevicePolicyManager#addPersistentPreferredActivity(ComponentName, IntentFilter, ComponentName)}
784 * to add a default intent handler for a given intent filter.
785 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800786 * <p>Key for user restrictions.
787 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700788 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
789 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Julia Reynoldsd46d0f92014-04-23 15:23:24 -0400790 * @see #getUserRestrictions()
791 */
Julia Reynolds36fbc8d2014-06-18 09:26:30 -0400792 public static final String DISALLOW_APPS_CONTROL = "no_control_apps";
Julia Reynoldsd46d0f92014-04-23 15:23:24 -0400793
Emily Bernier394a6cd2014-05-07 12:49:20 -0400794 /**
Alex Johnston9722abe2020-01-28 16:15:55 +0000795 * Specifies if a user is disallowed from mounting physical external media.
Alex Johnston97b68a52020-05-04 13:32:07 +0100796 *
797 * <p>This restriction can only be set by a device owner, a profile owner on the primary
798 * user or a profile owner of an organization-owned managed profile on the parent profile.
799 * When it is set by a device owner, it applies globally. When it is set by a profile owner
800 * on the primary user or by a profile owner of an organization-owned managed profile on
801 * the parent profile, it disables the primary user from mounting physical external media.
802 *
803 * <p>The default value is <code>false</code>.
Amith Yamasani26af8292014-09-09 09:57:27 -0700804 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800805 * <p>Key for user restrictions.
806 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700807 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
808 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Emily Bernier394a6cd2014-05-07 12:49:20 -0400809 * @see #getUserRestrictions()
810 */
811 public static final String DISALLOW_MOUNT_PHYSICAL_MEDIA = "no_physical_media";
812
813 /**
Pavel Grafovce3e1a32017-04-21 14:48:21 +0100814 * Specifies if a user is disallowed from adjusting microphone volume. If set, the microphone
Alex Johnston9722abe2020-01-28 16:15:55 +0000815 * will be muted.
Alex Johnston97b68a52020-05-04 13:32:07 +0100816 *
817 * <p>A device owner and a profile owner can set this restriction, although the restriction has
818 * no effect in a managed profile. When it is set by a device owner, it applies globally. When
819 * it is set by a profile owner on the primary user or by a profile owner of an
820 * organization-owned managed profile on the parent profile, it will disallow the primary user
821 * from adjusting the microphone volume.
822 *
823 * <p>The default value is <code>false</code>.
Amith Yamasani26af8292014-09-09 09:57:27 -0700824 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800825 * <p>Key for user restrictions.
826 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700827 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
828 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Emily Bernier394a6cd2014-05-07 12:49:20 -0400829 * @see #getUserRestrictions()
830 */
831 public static final String DISALLOW_UNMUTE_MICROPHONE = "no_unmute_microphone";
832
833 /**
Pavel Grafovce3e1a32017-04-21 14:48:21 +0100834 * Specifies if a user is disallowed from adjusting the master volume. If set, the master volume
Wen ZHANG61ed0dc2017-08-23 14:27:02 +0100835 * will be muted. This can be set by device owners from API 21 and profile owners from API 24.
836 * The default value is <code>false</code>.
837 *
838 * <p>When the restriction is set by profile owners, then it only applies to relevant
839 * profiles.
Amith Yamasani26af8292014-09-09 09:57:27 -0700840 *
Pavel Grafovce3e1a32017-04-21 14:48:21 +0100841 * <p>This restriction has no effect on managed profiles.
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800842 * <p>Key for user restrictions.
843 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700844 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
845 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Emily Bernier394a6cd2014-05-07 12:49:20 -0400846 * @see #getUserRestrictions()
847 */
848 public static final String DISALLOW_ADJUST_VOLUME = "no_adjust_volume";
849
Amith Yamasani9f6c25f2014-05-16 14:49:15 -0700850 /**
Alex Johnston9722abe2020-01-28 16:15:55 +0000851 * Specifies that the user is not allowed to make outgoing phone calls. Emergency calls are
852 * still permitted.
Alex Johnston97b68a52020-05-04 13:32:07 +0100853 *
854 * <p>A device owner and a profile owner can set this restriction, although the restriction has
855 * no effect in a managed profile. When it is set by a device owner, a profile owner on the
856 * primary user or by a profile owner of an organization-owned managed profile on the parent
857 * profile, it disallows the primary user from making outgoing phone calls.
858 *
859 * <p>The default value is <code>false</code>.
Amith Yamasani26af8292014-09-09 09:57:27 -0700860 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800861 * <p>Key for user restrictions.
862 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700863 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
864 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Amith Yamasani9f6c25f2014-05-16 14:49:15 -0700865 * @see #getUserRestrictions()
866 */
Amith Yamasani390989d2014-07-17 10:52:03 -0700867 public static final String DISALLOW_OUTGOING_CALLS = "no_outgoing_calls";
868
869 /**
Alex Johnston97b68a52020-05-04 13:32:07 +0100870 * Specifies that the user is not allowed to send or receive SMS messages.
871 *
872 * <p>This restriction can only be set by a device owner, a profile owner on the primary
873 * user or a profile owner of an organization-owned managed profile on the parent profile.
874 * When it is set by a device owner, it applies globally. When it is set by a profile owner
875 * on the primary user or by a profile owner of an organization-owned managed profile on
876 * the parent profile, it disables the primary user from sending or receiving SMS messages.
877 *
878 * <p>The default value is <code>false</code>.
Amith Yamasani26af8292014-09-09 09:57:27 -0700879 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800880 * <p>Key for user restrictions.
881 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700882 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
883 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Amith Yamasani390989d2014-07-17 10:52:03 -0700884 * @see #getUserRestrictions()
885 */
886 public static final String DISALLOW_SMS = "no_sms";
Amith Yamasani9f6c25f2014-05-16 14:49:15 -0700887
Jason Monk1c7c3192014-06-26 12:52:18 -0400888 /**
Jeff Sharkey2cc03e52015-03-20 11:24:04 -0700889 * Specifies if the user is not allowed to have fun. In some cases, the
890 * device owner may wish to prevent the user from experiencing amusement or
891 * joy while using the device. The default value is <code>false</code>.
892 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800893 * <p>Key for user restrictions.
894 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700895 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
896 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Jeff Sharkey2cc03e52015-03-20 11:24:04 -0700897 * @see #getUserRestrictions()
898 */
899 public static final String DISALLOW_FUN = "no_fun";
900
901 /**
Amith Yamasani26af8292014-09-09 09:57:27 -0700902 * Specifies that windows besides app windows should not be
Jason Monk1c7c3192014-06-26 12:52:18 -0400903 * created. This will block the creation of the following types of windows.
904 * <li>{@link LayoutParams#TYPE_TOAST}</li>
905 * <li>{@link LayoutParams#TYPE_PHONE}</li>
906 * <li>{@link LayoutParams#TYPE_PRIORITY_PHONE}</li>
907 * <li>{@link LayoutParams#TYPE_SYSTEM_ALERT}</li>
908 * <li>{@link LayoutParams#TYPE_SYSTEM_ERROR}</li>
909 * <li>{@link LayoutParams#TYPE_SYSTEM_OVERLAY}</li>
Wale Ogunwale5cd907d2017-01-26 14:14:08 -0800910 * <li>{@link LayoutParams#TYPE_APPLICATION_OVERLAY}</li>
Jason Monk1c7c3192014-06-26 12:52:18 -0400911 *
Amith Yamasanic34dc7c2014-09-18 09:42:42 -0700912 * <p>This can only be set by device owners and profile owners on the primary user.
913 * The default value is <code>false</code>.
Amith Yamasani26af8292014-09-09 09:57:27 -0700914 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800915 * <p>Key for user restrictions.
916 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700917 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
918 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Jason Monk1c7c3192014-06-26 12:52:18 -0400919 * @see #getUserRestrictions()
920 */
921 public static final String DISALLOW_CREATE_WINDOWS = "no_create_windows";
922
Nicolas Prevotf1939902014-06-25 09:29:02 +0100923 /**
Charles He22ff6f9d2017-10-05 21:28:55 +0100924 * Specifies that system error dialogs for crashed or unresponsive apps should not be shown.
925 * In this case, the system will force-stop the app as if the user chooses the "close app"
Benjamin Franz0c86fe12018-02-28 09:49:17 +0000926 * option on the UI. A feedback report isn't collected as there is no way for the user to
927 * provide explicit consent. The default value is <code>false</code>.
Charles He22ff6f9d2017-10-05 21:28:55 +0100928 *
Benjamin Franz0c86fe12018-02-28 09:49:17 +0000929 * <p>When this user restriction is set by device owners, it's applied to all users. When set by
930 * the profile owner of the primary user or a secondary user, the restriction affects only the
931 * calling user. This user restriction has no effect on managed profiles.
Charles He22ff6f9d2017-10-05 21:28:55 +0100932 *
Charles He22ff6f9d2017-10-05 21:28:55 +0100933 * <p>Key for user restrictions.
934 * <p>Type: Boolean
935 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
936 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
937 * @see #getUserRestrictions()
938 */
939 public static final String DISALLOW_SYSTEM_ERROR_DIALOGS = "no_system_error_dialogs";
940
941 /**
Benjamin Miller8cc730d2019-01-18 19:03:40 +0000942 * Specifies if the clipboard contents can be exported by pasting the data into other users or
943 * profiles. This restriction doesn't prevent import, such as someone pasting clipboard data
944 * from other profiles or users. The default value is {@code false}.
945 *
946 * <p><strong>Note</strong>: Because it's possible to extract data from screenshots using
947 * optical character recognition (OCR), we strongly recommend combining this user restriction
948 * with {@link DevicePolicyManager#setScreenCaptureDisabled(ComponentName, boolean)}.
Amith Yamasani26af8292014-09-09 09:57:27 -0700949 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800950 * <p>Key for user restrictions.
951 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700952 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
953 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Nicolas Prevotf1939902014-06-25 09:29:02 +0100954 * @see #getUserRestrictions()
955 */
956 public static final String DISALLOW_CROSS_PROFILE_COPY_PASTE = "no_cross_profile_copy_paste";
957
Amith Yamasani26af8292014-09-09 09:57:27 -0700958 /**
959 * Specifies if the user is not allowed to use NFC to beam out data from apps.
960 * The default value is <code>false</code>.
961 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -0800962 * <p>Key for user restrictions.
963 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -0700964 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
965 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Amith Yamasani26af8292014-09-09 09:57:27 -0700966 * @see #getUserRestrictions()
967 */
968 public static final String DISALLOW_OUTGOING_BEAM = "no_outgoing_beam";
969
Sander Alewijnse53d63dc2014-11-07 21:43:00 +0000970 /**
Oleksandr Peletskyif2519812016-01-26 20:16:06 +0100971 * Hidden user restriction to disallow access to wallpaper manager APIs. This restriction
972 * generally means that wallpapers are not supported for the particular user. This user
973 * restriction is always set for managed profiles, because such profiles don't have wallpapers.
Benjamin Franzf3ece362015-02-11 10:51:10 +0000974 * @hide
Oleksandr Peletskyif2519812016-01-26 20:16:06 +0100975 * @see #DISALLOW_SET_WALLPAPER
Makoto Onuki068c54a2015-10-13 14:34:03 -0700976 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
977 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Benjamin Franzf3ece362015-02-11 10:51:10 +0000978 * @see #getUserRestrictions()
979 */
980 public static final String DISALLOW_WALLPAPER = "no_wallpaper";
981
982 /**
Oleksandr Peletskyif2519812016-01-26 20:16:06 +0100983 * User restriction to disallow setting a wallpaper. Profile owner and device owner
984 * are able to set wallpaper regardless of this restriction.
985 * The default value is <code>false</code>.
986 *
987 * <p>Key for user restrictions.
988 * <p>Type: Boolean
989 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
990 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
991 * @see #getUserRestrictions()
992 */
993 public static final String DISALLOW_SET_WALLPAPER = "no_set_wallpaper";
994
995 /**
Benjamin Franzbff46ba2015-03-05 18:33:51 +0000996 * Specifies if the user is not allowed to reboot the device into safe boot mode.
Alex Johnston97b68a52020-05-04 13:32:07 +0100997 *
998 * <p>This restriction can only be set by a device owner, a profile owner on the primary
999 * user or a profile owner of an organization-owned managed profile on the parent profile.
1000 * When it is set by a device owner, it applies globally. When it is set by a profile owner
1001 * on the primary user or by a profile owner of an organization-owned managed profile on
1002 * the parent profile, it disables the primary user from rebooting the device into safe
1003 * boot mode.
1004 *
1005 * <p>The default value is <code>false</code>.
Benjamin Franzbff46ba2015-03-05 18:33:51 +00001006 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -08001007 * <p>Key for user restrictions.
1008 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -07001009 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
1010 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Benjamin Franzbff46ba2015-03-05 18:33:51 +00001011 * @see #getUserRestrictions()
1012 */
1013 public static final String DISALLOW_SAFE_BOOT = "no_safe_boot";
1014
1015 /**
Fyodor Kupolovb5013302015-04-17 17:59:14 -07001016 * Specifies if a user is not allowed to record audio. This restriction is always enabled for
1017 * background users. The default value is <code>false</code>.
1018 *
Makoto Onuki068c54a2015-10-13 14:34:03 -07001019 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
1020 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Fyodor Kupolovb5013302015-04-17 17:59:14 -07001021 * @see #getUserRestrictions()
1022 * @hide
1023 */
Andrei Onea24ec3212019-03-15 17:35:05 +00001024 @UnsupportedAppUsage
Fyodor Kupolovb5013302015-04-17 17:59:14 -07001025 public static final String DISALLOW_RECORD_AUDIO = "no_record_audio";
1026
1027 /**
Fyodor Kupolov9cbfc9e2015-10-07 15:52:33 -07001028 * Specifies if a user is not allowed to run in the background and should be stopped during
1029 * user switch. The default value is <code>false</code>.
1030 *
1031 * <p>This restriction can be set by device owners and profile owners.
1032 *
1033 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
1034 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
1035 * @see #getUserRestrictions()
1036 * @hide
1037 */
Robin Lee6cfb7a92017-12-18 15:14:46 +01001038 @SystemApi
Fyodor Kupolov9cbfc9e2015-10-07 15:52:33 -07001039 public static final String DISALLOW_RUN_IN_BACKGROUND = "no_run_in_background";
1040
1041 /**
Makoto Onuki759a7632015-10-28 16:43:10 -07001042 * Specifies if a user is not allowed to use the camera.
Alex Johnston97b68a52020-05-04 13:32:07 +01001043 *
1044 * <p>A device owner and a profile owner can set this restriction. When it is set by a
1045 * device owner, it applies globally - i.e., it disables the use of camera on the entire device
1046 * and all users are affected. When it is set by a profile owner on the primary user or by a
1047 * profile owner of an organization-owned managed profile on the parent profile, it disables
1048 * the primary user from using camera.
1049 *
1050 * <p>The default value is <code>false</code>.
Makoto Onuki759a7632015-10-28 16:43:10 -07001051 *
1052 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
1053 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
1054 * @see #getUserRestrictions()
1055 * @hide
1056 */
1057 public static final String DISALLOW_CAMERA = "no_camera";
1058
1059 /**
Tony Makc1205112016-07-22 16:02:59 +01001060 * Specifies if a user is not allowed to unmute the device's master volume.
1061 *
1062 * @see DevicePolicyManager#setMasterVolumeMuted(ComponentName, boolean)
1063 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
1064 * @see #getUserRestrictions()
1065 * @hide
1066 */
Esteban Talavera492b4722017-02-13 14:59:45 +00001067 public static final String DISALLOW_UNMUTE_DEVICE = "disallow_unmute_device";
Tony Makc1205112016-07-22 16:02:59 +01001068
1069 /**
Alex Johnston97b68a52020-05-04 13:32:07 +01001070 * Specifies if a user is not allowed to use cellular data when roaming.
1071 *
1072 * <p>This restriction can only be set by a device owner, a profile owner on the primary
1073 * user or a profile owner of an organization-owned managed profile on the parent profile.
1074 * When it is set by a device owner, it applies globally. When it is set by a profile owner
1075 * on the primary user or by a profile owner of an organization-owned managed profile on
1076 * the parent profile, it disables the primary user from using cellular data when roaming.
1077 *
1078 * <p>The default value is <code>false</code>.
Mahaver Chopradea471e2015-12-17 11:02:37 +00001079 *
1080 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
1081 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
1082 * @see #getUserRestrictions()
1083 */
1084 public static final String DISALLOW_DATA_ROAMING = "no_data_roaming";
1085
1086 /**
Oleksandr Peletskyi7f1f1df2016-01-18 15:40:21 +01001087 * Specifies if a user is not allowed to change their icon. Device owner and profile owner
1088 * can set this restriction. When it is set by device owner, only the target user will be
1089 * affected. The default value is <code>false</code>.
1090 *
1091 * <p>Key for user restrictions.
Oleksandr Peletskyi7f1f1df2016-01-18 15:40:21 +01001092 * <p>Type: Boolean
Oleksandr Peletskyi7f1f1df2016-01-18 15:40:21 +01001093 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
1094 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
1095 * @see #getUserRestrictions()
1096 */
1097 public static final String DISALLOW_SET_USER_ICON = "no_set_user_icon";
1098
1099 /**
Mahaver Chopra3d9805d2016-07-07 16:25:05 +01001100 * Specifies if a user is not allowed to enable the oem unlock setting. The default value is
Esteban Talaverac48b20f2016-08-11 11:23:40 +01001101 * <code>false</code>. Setting this restriction has no effect if the bootloader is already
1102 * unlocked.
Mahaver Chopra3d9805d2016-07-07 16:25:05 +01001103 *
Lenka Trochtova12b04962016-11-29 21:00:12 +01001104 * <p>Not for use by third-party applications.
1105 *
Mahaver Chopra3d9805d2016-07-07 16:25:05 +01001106 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
1107 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
1108 * @see #getUserRestrictions()
Andrew Scull3b8b46f2017-02-13 18:12:15 +00001109 * @deprecated use {@link OemLockManager#setOemUnlockAllowedByCarrier(boolean, byte[])} instead.
Mahaver Chopra3d9805d2016-07-07 16:25:05 +01001110 * @hide
1111 */
Andrew Scull3b8b46f2017-02-13 18:12:15 +00001112 @Deprecated
Lenka Trochtova12b04962016-11-29 21:00:12 +01001113 @SystemApi
Mahaver Chopra3d9805d2016-07-07 16:25:05 +01001114 public static final String DISALLOW_OEM_UNLOCK = "no_oem_unlock";
1115
1116 /**
Pavel Grafovc4f87e92017-10-26 16:34:25 +01001117 * Specifies that the managed profile is not allowed to have unified lock screen challenge with
1118 * the primary user.
1119 *
1120 * <p><strong>Note:</strong> Setting this restriction alone doesn't automatically set a
1121 * separate challenge. Profile owner can ask the user to set a new password using
1122 * {@link DevicePolicyManager#ACTION_SET_NEW_PASSWORD} and verify it using
1123 * {@link DevicePolicyManager#isUsingUnifiedPassword(ComponentName)}.
1124 *
1125 * <p>Can be set by profile owners. It only has effect on managed profiles when set by managed
1126 * profile owner. Has no effect on non-managed profiles or users.
1127 * <p>Key for user restrictions.
1128 * <p>Type: Boolean
1129 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
1130 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
1131 * @see #getUserRestrictions()
1132 */
1133 public static final String DISALLOW_UNIFIED_PASSWORD = "no_unified_password";
1134
1135 /**
Nicolas Prevotf0029c12015-06-25 14:25:41 -07001136 * Allows apps in the parent profile to handle web links from the managed profile.
1137 *
Nicolas Prevot9edbda12015-06-17 11:09:48 -07001138 * This user restriction has an effect only in a managed profile.
1139 * If set:
1140 * Intent filters of activities in the parent profile with action
1141 * {@link android.content.Intent#ACTION_VIEW},
1142 * category {@link android.content.Intent#CATEGORY_BROWSABLE}, scheme http or https, and which
1143 * define a host can handle intents from the managed profile.
1144 * The default value is <code>false</code>.
1145 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -08001146 * <p>Key for user restrictions.
1147 * <p>Type: Boolean
Makoto Onuki068c54a2015-10-13 14:34:03 -07001148 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
1149 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
Nicolas Prevot9edbda12015-06-17 11:09:48 -07001150 * @see #getUserRestrictions()
1151 */
Nicolas Prevotf0029c12015-06-25 14:25:41 -07001152 public static final String ALLOW_PARENT_PROFILE_APP_LINKING
1153 = "allow_parent_profile_app_linking";
Nicolas Prevot9edbda12015-06-17 11:09:48 -07001154
1155 /**
Felipe Leme24d58932017-03-21 14:13:58 -07001156 * Specifies if a user is not allowed to use Autofill Services.
1157 *
1158 * <p>Device owner and profile owner can set this restriction. When it is set by device owner,
1159 * only the target user will be affected.
1160 *
1161 * <p>The default value is <code>false</code>.
1162 *
1163 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
1164 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
1165 * @see #getUserRestrictions()
1166 */
1167 public static final String DISALLOW_AUTOFILL = "no_autofill";
1168
1169 /**
Felipe Leme1dfa9a02018-10-17 17:24:37 -07001170 * Specifies if the contents of a user's screen is not allowed to be captured for artificial
1171 * intelligence purposes.
1172 *
Alex Johnston97b68a52020-05-04 13:32:07 +01001173 * <p>A device owner and a profile owner can set this restriction. When it is set by a device
1174 * owner, a profile owner on the primary user or by a profile owner of an organization-owned
1175 * managed profile on the parent profile, it disables the primary user's screen from being
1176 * captured for artificial intelligence purposes.
Felipe Leme1dfa9a02018-10-17 17:24:37 -07001177 *
1178 * <p>The default value is <code>false</code>.
1179 *
1180 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
1181 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
1182 * @see #getUserRestrictions()
1183 */
Felipe Leme749b8892018-12-03 16:30:30 -08001184 public static final String DISALLOW_CONTENT_CAPTURE = "no_content_capture";
Felipe Leme1dfa9a02018-10-17 17:24:37 -07001185
1186 /**
Zak Cohen3e12ac72019-03-05 16:50:39 -08001187 * Specifies if the current user is able to receive content suggestions for selections based on
1188 * the contents of their screen.
1189 *
Alex Johnston97b68a52020-05-04 13:32:07 +01001190 * <p>A device owner and a profile owner can set this restriction. When it is set by a device
1191 * owner, a profile owner on the primary user or by a profile owner of an organization-owned
1192 * managed profile on the parent profile, it disables the primary user from receiving content
1193 * suggestions for selections based on the contents of their screen.
Zak Cohen3e12ac72019-03-05 16:50:39 -08001194 *
1195 * <p>The default value is <code>false</code>.
1196 *
1197 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
1198 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
1199 * @see #getUserRestrictions()
1200 */
1201 public static final String DISALLOW_CONTENT_SUGGESTIONS = "no_content_suggestions";
1202
1203 /**
Benjamin Franzff66fa92017-08-10 10:39:44 +01001204 * Specifies if user switching is blocked on the current user.
1205 *
1206 * <p> This restriction can only be set by the device owner, it will be applied to all users.
Alex Chau71ada442018-02-22 12:56:59 +08001207 * Device owner can still switch user via
1208 * {@link DevicePolicyManager#switchUser(ComponentName, UserHandle)} when this restriction is
1209 * set.
Benjamin Franzff66fa92017-08-10 10:39:44 +01001210 *
1211 * <p>The default value is <code>false</code>.
1212 *
1213 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
1214 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
1215 * @see #getUserRestrictions()
1216 */
1217 public static final String DISALLOW_USER_SWITCH = "no_user_switch";
1218
1219 /**
Rubin Xucc391c22018-01-02 20:37:35 +00001220 * Specifies whether the user can share file / picture / data from the primary user into the
1221 * managed profile, either by sending them from the primary side, or by picking up data within
1222 * an app in the managed profile.
1223 * <p>
1224 * When a managed profile is created, the system allows the user to send data from the primary
1225 * side to the profile by setting up certain default cross profile intent filters. If
1226 * this is undesired, this restriction can be set to disallow it. Note that this restriction
1227 * will not block any sharing allowed by explicit
1228 * {@link DevicePolicyManager#addCrossProfileIntentFilter} calls by the profile owner.
1229 * <p>
1230 * This restriction is only meaningful when set by profile owner. When it is set by device
1231 * owner, it does not have any effect.
1232 * <p>
1233 * The default value is <code>false</code>.
1234 *
1235 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
1236 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
1237 * @see #getUserRestrictions()
1238 */
1239 public static final String DISALLOW_SHARE_INTO_MANAGED_PROFILE = "no_sharing_into_profile";
Vladislav Kuzkokov622b9f92018-01-25 16:33:05 +01001240
1241 /**
1242 * Specifies whether the user is allowed to print.
1243 *
1244 * This restriction can be set by device or profile owner.
1245 *
1246 * The default value is {@code false}.
1247 *
1248 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
1249 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
1250 * @see #getUserRestrictions()
1251 */
1252 public static final String DISALLOW_PRINTING = "no_printing";
1253
Rubin Xucc391c22018-01-02 20:37:35 +00001254 /**
Eran Messeri09b122da2018-10-05 15:33:53 +01001255 * Specifies whether the user is allowed to modify private DNS settings.
1256 *
Alex Johnston97b68a52020-05-04 13:32:07 +01001257 * <p>This restriction can only be set by a device owner or a profile owner of an
1258 * organization-owned managed profile on the parent profile. When it is set by either of these
1259 * owners, it applies globally.
Eran Messeri09b122da2018-10-05 15:33:53 +01001260 *
Alex Johnston97b68a52020-05-04 13:32:07 +01001261 * <p>The default value is <code>false</code>.
Alex Johnston7c3d7e22020-01-08 12:57:14 +00001262 *
Eran Messeri09b122da2018-10-05 15:33:53 +01001263 * <p>Key for user restrictions.
1264 * <p>Type: Boolean
1265 * @see DevicePolicyManager#addUserRestriction(ComponentName, String)
1266 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String)
1267 * @see #getUserRestrictions()
1268 */
1269 public static final String DISALLOW_CONFIG_PRIVATE_DNS =
1270 "disallow_config_private_dns";
1271
1272 /**
Sander Alewijnse53d63dc2014-11-07 21:43:00 +00001273 * Application restriction key that is used to indicate the pending arrival
1274 * of real restrictions for the app.
1275 *
1276 * <p>
1277 * Applications that support restrictions should check for the presence of this key.
1278 * A <code>true</code> value indicates that restrictions may be applied in the near
1279 * future but are not available yet. It is the responsibility of any
1280 * management application that sets this flag to update it when the final
1281 * restrictions are enforced.
1282 *
Fyodor Kupolov0ffbfea2016-01-19 10:07:54 -08001283 * <p>Key for application restrictions.
1284 * <p>Type: Boolean
Nicolas Prevotb14ed952015-01-13 14:23:53 +00001285 * @see android.app.admin.DevicePolicyManager#setApplicationRestrictions(
1286 * android.content.ComponentName, String, Bundle)
1287 * @see android.app.admin.DevicePolicyManager#getApplicationRestrictions(
1288 * android.content.ComponentName, String)
Sander Alewijnse53d63dc2014-11-07 21:43:00 +00001289 */
1290 public static final String KEY_RESTRICTIONS_PENDING = "restrictions_pending";
1291
Roshan Pius3eac0b92019-12-05 09:35:36 -08001292 /**
1293 * List of key values that can be passed into the various user restriction related methods
1294 * in {@link UserManager} & {@link DevicePolicyManager}.
1295 * Note: This is slightly different from the real set of user restrictions listed in {@link
1296 * com.android.server.pm.UserRestrictionsUtils#USER_RESTRICTIONS}. For example
1297 * {@link #KEY_RESTRICTIONS_PENDING} is not a real user restriction, but is a a legitimate
1298 * value that can be passed into {@link #hasUserRestriction(String)}.
1299 * @hide
1300 */
1301 @StringDef(value = {
1302 DISALLOW_MODIFY_ACCOUNTS,
1303 DISALLOW_CONFIG_WIFI,
1304 DISALLOW_CONFIG_LOCALE,
1305 DISALLOW_INSTALL_APPS,
1306 DISALLOW_UNINSTALL_APPS,
1307 DISALLOW_SHARE_LOCATION,
1308 DISALLOW_AIRPLANE_MODE,
1309 DISALLOW_CONFIG_BRIGHTNESS,
1310 DISALLOW_AMBIENT_DISPLAY,
1311 DISALLOW_CONFIG_SCREEN_TIMEOUT,
1312 DISALLOW_INSTALL_UNKNOWN_SOURCES,
1313 DISALLOW_INSTALL_UNKNOWN_SOURCES_GLOBALLY,
1314 DISALLOW_CONFIG_BLUETOOTH,
1315 DISALLOW_BLUETOOTH,
1316 DISALLOW_BLUETOOTH_SHARING,
1317 DISALLOW_USB_FILE_TRANSFER,
1318 DISALLOW_CONFIG_CREDENTIALS,
1319 DISALLOW_REMOVE_USER,
1320 DISALLOW_REMOVE_MANAGED_PROFILE,
1321 DISALLOW_DEBUGGING_FEATURES,
1322 DISALLOW_CONFIG_VPN,
1323 DISALLOW_CONFIG_LOCATION,
1324 DISALLOW_CONFIG_DATE_TIME,
1325 DISALLOW_CONFIG_TETHERING,
1326 DISALLOW_NETWORK_RESET,
1327 DISALLOW_FACTORY_RESET,
1328 DISALLOW_ADD_USER,
1329 DISALLOW_ADD_MANAGED_PROFILE,
1330 ENSURE_VERIFY_APPS,
1331 DISALLOW_CONFIG_CELL_BROADCASTS,
1332 DISALLOW_CONFIG_MOBILE_NETWORKS,
1333 DISALLOW_APPS_CONTROL,
1334 DISALLOW_MOUNT_PHYSICAL_MEDIA,
1335 DISALLOW_UNMUTE_MICROPHONE,
1336 DISALLOW_ADJUST_VOLUME,
1337 DISALLOW_OUTGOING_CALLS,
1338 DISALLOW_SMS,
1339 DISALLOW_FUN,
1340 DISALLOW_CREATE_WINDOWS,
1341 DISALLOW_SYSTEM_ERROR_DIALOGS,
1342 DISALLOW_CROSS_PROFILE_COPY_PASTE,
1343 DISALLOW_OUTGOING_BEAM,
1344 DISALLOW_WALLPAPER,
1345 DISALLOW_SET_WALLPAPER,
1346 DISALLOW_SAFE_BOOT,
1347 DISALLOW_RECORD_AUDIO,
1348 DISALLOW_RUN_IN_BACKGROUND,
1349 DISALLOW_CAMERA,
1350 DISALLOW_UNMUTE_DEVICE,
1351 DISALLOW_DATA_ROAMING,
1352 DISALLOW_SET_USER_ICON,
1353 DISALLOW_OEM_UNLOCK,
1354 DISALLOW_UNIFIED_PASSWORD,
1355 ALLOW_PARENT_PROFILE_APP_LINKING,
1356 DISALLOW_AUTOFILL,
1357 DISALLOW_CONTENT_CAPTURE,
1358 DISALLOW_CONTENT_SUGGESTIONS,
1359 DISALLOW_USER_SWITCH,
1360 DISALLOW_SHARE_INTO_MANAGED_PROFILE,
1361 DISALLOW_PRINTING,
1362 DISALLOW_CONFIG_PRIVATE_DNS,
1363 KEY_RESTRICTIONS_PENDING,
1364 })
1365 @Retention(RetentionPolicy.SOURCE)
1366 public @interface UserRestrictionKey {}
1367
Amith Yamasani12747872015-12-07 14:19:49 -08001368 private static final String ACTION_CREATE_USER = "android.os.action.CREATE_USER";
1369
1370 /**
1371 * Extra containing a name for the user being created. Optional parameter passed to
1372 * ACTION_CREATE_USER activity.
1373 * @hide
1374 */
1375 public static final String EXTRA_USER_NAME = "android.os.extra.USER_NAME";
1376
1377 /**
1378 * Extra containing account name for the user being created. Optional parameter passed to
1379 * ACTION_CREATE_USER activity.
1380 * @hide
1381 */
1382 public static final String EXTRA_USER_ACCOUNT_NAME = "android.os.extra.USER_ACCOUNT_NAME";
1383
1384 /**
1385 * Extra containing account type for the user being created. Optional parameter passed to
1386 * ACTION_CREATE_USER activity.
1387 * @hide
1388 */
1389 public static final String EXTRA_USER_ACCOUNT_TYPE = "android.os.extra.USER_ACCOUNT_TYPE";
1390
1391 /**
1392 * Extra containing account-specific data for the user being created. Optional parameter passed
1393 * to ACTION_CREATE_USER activity.
1394 * @hide
1395 */
1396 public static final String EXTRA_USER_ACCOUNT_OPTIONS
1397 = "android.os.extra.USER_ACCOUNT_OPTIONS";
1398
Amith Yamasani655d0e22013-06-12 14:19:10 -07001399 /** @hide */
1400 public static final int PIN_VERIFICATION_FAILED_INCORRECT = -3;
1401 /** @hide */
1402 public static final int PIN_VERIFICATION_FAILED_NOT_SET = -2;
1403 /** @hide */
1404 public static final int PIN_VERIFICATION_SUCCESS = -1;
1405
Amith Yamasani37ed8d12016-01-27 14:40:16 -08001406 /**
Makoto Onukie72f81b2017-03-16 14:08:19 -07001407 * Sent when user restrictions have changed.
1408 *
1409 * @hide
1410 */
1411 @SystemApi
1412 @TestApi // To allow seeing it from CTS.
1413 public static final String ACTION_USER_RESTRICTIONS_CHANGED =
1414 "android.os.action.USER_RESTRICTIONS_CHANGED";
1415
1416 /**
Amith Yamasani37ed8d12016-01-27 14:40:16 -08001417 * Error result indicating that this user is not allowed to add other users on this device.
1418 * This is a result code returned from the activity created by the intent
1419 * {@link #createUserCreationIntent(String, String, String, PersistableBundle)}.
1420 */
1421 public static final int USER_CREATION_FAILED_NOT_PERMITTED = Activity.RESULT_FIRST_USER;
1422
1423 /**
1424 * Error result indicating that no more users can be created on this device.
1425 * This is a result code returned from the activity created by the intent
1426 * {@link #createUserCreationIntent(String, String, String, PersistableBundle)}.
1427 */
1428 public static final int USER_CREATION_FAILED_NO_MORE_USERS = Activity.RESULT_FIRST_USER + 1;
1429
Alex Chau89386ba2018-02-13 11:09:17 +08001430 /**
Varun Shah50ef2002019-03-04 16:41:12 -08001431 * Indicates that users are switchable.
1432 * @hide
1433 */
1434 @SystemApi
1435 public static final int SWITCHABILITY_STATUS_OK = 0;
1436
1437 /**
1438 * Indicated that the user is in a phone call.
1439 * @hide
1440 */
1441 @SystemApi
1442 public static final int SWITCHABILITY_STATUS_USER_IN_CALL = 1 << 0;
1443
1444 /**
1445 * Indicates that user switching is disallowed ({@link #DISALLOW_USER_SWITCH} is set).
1446 * @hide
1447 */
1448 @SystemApi
1449 public static final int SWITCHABILITY_STATUS_USER_SWITCH_DISALLOWED = 1 << 1;
1450
1451 /**
1452 * Indicates that the system user is locked and user switching is not allowed.
1453 * @hide
1454 */
1455 @SystemApi
1456 public static final int SWITCHABILITY_STATUS_SYSTEM_USER_LOCKED = 1 << 2;
1457
1458 /**
1459 * Result returned in {@link #getUserSwitchability()} indicating user swichability.
1460 * @hide
1461 */
1462 @Retention(RetentionPolicy.SOURCE)
1463 @IntDef(flag = true, prefix = { "SWITCHABILITY_STATUS_" }, value = {
1464 SWITCHABILITY_STATUS_OK,
1465 SWITCHABILITY_STATUS_USER_IN_CALL,
1466 SWITCHABILITY_STATUS_USER_SWITCH_DISALLOWED,
1467 SWITCHABILITY_STATUS_SYSTEM_USER_LOCKED
1468 })
1469 public @interface UserSwitchabilityResult {}
1470
1471 /**
Alex Chau89386ba2018-02-13 11:09:17 +08001472 * Indicates user operation is successful.
1473 */
1474 public static final int USER_OPERATION_SUCCESS = 0;
1475
1476 /**
1477 * Indicates user operation failed for unknown reason.
1478 */
1479 public static final int USER_OPERATION_ERROR_UNKNOWN = 1;
1480
1481 /**
1482 * Indicates user operation failed because target user is a managed profile.
1483 */
1484 public static final int USER_OPERATION_ERROR_MANAGED_PROFILE = 2;
1485
1486 /**
1487 * Indicates user operation failed because maximum running user limit has been reached.
1488 */
1489 public static final int USER_OPERATION_ERROR_MAX_RUNNING_USERS = 3;
1490
1491 /**
1492 * Indicates user operation failed because the target user is in the foreground.
1493 */
1494 public static final int USER_OPERATION_ERROR_CURRENT_USER = 4;
1495
1496 /**
1497 * Indicates user operation failed because device has low data storage.
1498 */
1499 public static final int USER_OPERATION_ERROR_LOW_STORAGE = 5;
1500
1501 /**
1502 * Indicates user operation failed because maximum user limit has been reached.
1503 */
1504 public static final int USER_OPERATION_ERROR_MAX_USERS = 6;
1505
1506 /**
1507 * Result returned from various user operations.
1508 *
1509 * @hide
1510 */
1511 @Retention(RetentionPolicy.SOURCE)
1512 @IntDef(prefix = { "USER_OPERATION_" }, value = {
1513 USER_OPERATION_SUCCESS,
1514 USER_OPERATION_ERROR_UNKNOWN,
1515 USER_OPERATION_ERROR_MANAGED_PROFILE,
1516 USER_OPERATION_ERROR_MAX_RUNNING_USERS,
1517 USER_OPERATION_ERROR_CURRENT_USER,
1518 USER_OPERATION_ERROR_LOW_STORAGE,
1519 USER_OPERATION_ERROR_MAX_USERS
1520 })
1521 public @interface UserOperationResult {}
1522
1523 /**
1524 * Thrown to indicate user operation failed.
1525 */
1526 public static class UserOperationException extends RuntimeException {
1527 private final @UserOperationResult int mUserOperationResult;
1528
1529 /**
1530 * Constructs a UserOperationException with specific result code.
1531 *
1532 * @param message the detail message
1533 * @param userOperationResult the result code
1534 * @hide
1535 */
1536 public UserOperationException(String message,
1537 @UserOperationResult int userOperationResult) {
1538 super(message);
1539 mUserOperationResult = userOperationResult;
1540 }
1541
1542 /**
1543 * Returns the operation result code.
1544 */
1545 public @UserOperationResult int getUserOperationResult() {
1546 return mUserOperationResult;
1547 }
Valentin Iftime89df4c82019-08-23 13:02:50 +02001548
1549 /**
1550 * Returns a UserOperationException containing the same message and error code.
1551 * @hide
1552 */
1553 public static UserOperationException from(ServiceSpecificException exception) {
1554 return new UserOperationException(exception.getMessage(), exception.errorCode);
1555 }
1556 }
1557
1558 /**
1559 * Converts the ServiceSpecificException into a UserOperationException or throws null;
1560 *
1561 * @param exception exception to convert.
1562 * @param throwInsteadOfNull if an exception should be thrown or null returned.
1563 * @return null if chosen not to throw exception.
1564 * @throws UserOperationException
1565 */
1566 private <T> T returnNullOrThrowUserOperationException(ServiceSpecificException exception,
1567 boolean throwInsteadOfNull) throws UserOperationException {
1568 if (throwInsteadOfNull) {
1569 throw UserOperationException.from(exception);
1570 } else {
1571 return null;
1572 }
1573 }
1574
1575 /**
1576 * Thrown to indicate user operation failed. (Checked exception)
1577 * @hide
1578 */
1579 public static class CheckedUserOperationException extends AndroidException {
1580 private final @UserOperationResult int mUserOperationResult;
1581
1582 /**
1583 * Constructs a CheckedUserOperationException with specific result code.
1584 *
1585 * @param message the detail message
1586 * @param userOperationResult the result code
1587 * @hide
1588 */
1589 public CheckedUserOperationException(String message,
1590 @UserOperationResult int userOperationResult) {
1591 super(message);
1592 mUserOperationResult = userOperationResult;
1593 }
1594
1595 /** Returns the operation result code. */
1596 public @UserOperationResult int getUserOperationResult() {
1597 return mUserOperationResult;
1598 }
1599
1600 /** Return a ServiceSpecificException containing the same message and error code. */
1601 public ServiceSpecificException toServiceSpecificException() {
1602 return new ServiceSpecificException(mUserOperationResult, getMessage());
1603 }
Alex Chau89386ba2018-02-13 11:09:17 +08001604 }
1605
Amith Yamasani7e99bc02013-04-16 18:24:51 -07001606 /** @hide */
Andrei Onea24ec3212019-03-15 17:35:05 +00001607 @UnsupportedAppUsage
Amith Yamasanic0688302015-10-30 10:40:03 -07001608 public static UserManager get(Context context) {
1609 return (UserManager) context.getSystemService(Context.USER_SERVICE);
Amith Yamasani27db4682013-03-30 17:07:47 -07001610 }
Maggie Benthalla12fccf2013-03-14 18:02:12 -04001611
Amith Yamasani258848d2012-08-10 17:06:33 -07001612 /** @hide */
1613 public UserManager(Context context, IUserManager service) {
1614 mService = service;
Fyodor Kupolov5200e1c2016-10-17 18:46:16 -07001615 mContext = context.getApplicationContext();
Valentin Iftime89df4c82019-08-23 13:02:50 +02001616 mUserId = context.getUserId();
Amith Yamasani258848d2012-08-10 17:06:33 -07001617 }
1618
1619 /**
Amith Yamasani06964342016-04-15 13:55:01 -07001620 * Returns whether this device supports multiple users with their own login and customizable
1621 * space.
1622 * @return whether the device supports multiple users.
Amith Yamasani258848d2012-08-10 17:06:33 -07001623 */
Jeff Sharkey4673e7e2012-09-19 13:14:30 -07001624 public static boolean supportsMultipleUsers() {
Kenny Guy1a447532014-02-20 21:55:32 +00001625 return getMaxSupportedUsers() > 1
1626 && SystemProperties.getBoolean("fw.show_multiuserui",
1627 Resources.getSystem().getBoolean(R.bool.config_enableMultiUserUI));
Amith Yamasani258848d2012-08-10 17:06:33 -07001628 }
1629
Maggie Benthall67944582013-02-22 14:58:27 -05001630 /**
Xiaohui Chen7cb69df2015-07-13 16:01:01 -07001631 * @hide
1632 * @return Whether the device is running with split system user. It means the system user and
1633 * primary user are two separate users. Previously system user and primary user are combined as
1634 * a single owner user. see @link {android.os.UserHandle#USER_OWNER}
1635 */
Philip P. Moltmannf80809f2018-04-04 11:20:44 -07001636 @TestApi
Xiaohui Chen7cb69df2015-07-13 16:01:01 -07001637 public static boolean isSplitSystemUser() {
John Reckaa67f682016-09-20 14:24:21 -07001638 return RoSystemProperties.FW_SYSTEM_USER_SPLIT;
Xiaohui Chen7cb69df2015-07-13 16:01:01 -07001639 }
1640
1641 /**
Evan Rosky13a58a92016-07-27 15:51:09 -07001642 * @return Whether guest user is always ephemeral
1643 * @hide
1644 */
1645 public static boolean isGuestUserEphemeral() {
1646 return Resources.getSystem()
1647 .getBoolean(com.android.internal.R.bool.config_guestUserEphemeral);
1648 }
1649
1650 /**
Eric Jeonge7ead1b2019-07-18 09:37:08 -07001651 * @hide
1652 * @return Whether the device is running in a headless system user mode. It means the headless
1653 * user (system user) runs system services and system UI, but is not associated with any real
1654 * person. Secondary users can be created to be associated with real person.
1655 */
1656 public static boolean isHeadlessSystemUserMode() {
1657 return RoSystemProperties.MULTIUSER_HEADLESS_SYSTEM_USER;
1658 }
1659
1660 /**
Varun Shah50ef2002019-03-04 16:41:12 -08001661 * @deprecated use {@link #getUserSwitchability()} instead.
1662 *
1663 * @removed
Fyodor Kupolov523c4042016-02-24 15:03:13 -08001664 * @hide
1665 */
Varun Shah50ef2002019-03-04 16:41:12 -08001666 @Deprecated
1667 @UnsupportedAppUsage
Fyodor Kupolov523c4042016-02-24 15:03:13 -08001668 public boolean canSwitchUsers() {
1669 boolean allowUserSwitchingWhenSystemUserLocked = Settings.Global.getInt(
1670 mContext.getContentResolver(),
1671 Settings.Global.ALLOW_USER_SWITCHING_WHEN_SYSTEM_USER_LOCKED, 0) != 0;
1672 boolean isSystemUserUnlocked = isUserUnlocked(UserHandle.SYSTEM);
Jayachandran C16dce222019-11-15 15:42:01 -08001673 boolean inCall = false;
1674 TelephonyManager telephonyManager = mContext.getSystemService(TelephonyManager.class);
1675 if (telephonyManager != null) {
1676 inCall = telephonyManager.getCallState() != TelephonyManager.CALL_STATE_IDLE;
1677 }
Benjamin Franzff66fa92017-08-10 10:39:44 +01001678 boolean isUserSwitchDisallowed = hasUserRestriction(DISALLOW_USER_SWITCH);
1679 return (allowUserSwitchingWhenSystemUserLocked || isSystemUserUnlocked) && !inCall
1680 && !isUserSwitchDisallowed;
Fyodor Kupolov523c4042016-02-24 15:03:13 -08001681 }
1682
1683 /**
Anthony Hugh6acda5e2019-10-24 14:49:52 -07001684 * Returns whether switching users is currently allowed for the user this process is running
1685 * under.
Varun Shah50ef2002019-03-04 16:41:12 -08001686 * <p>
1687 * Switching users is not allowed in the following cases:
1688 * <li>the user is in a phone call</li>
1689 * <li>{@link #DISALLOW_USER_SWITCH} is set</li>
1690 * <li>system user hasn't been unlocked yet</li>
1691 *
1692 * @return A {@link UserSwitchabilityResult} flag indicating if the user is switchable.
1693 * @hide
1694 */
1695 @SystemApi
1696 @RequiresPermission(allOf = {Manifest.permission.READ_PHONE_STATE,
1697 android.Manifest.permission.MANAGE_USERS,
1698 android.Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true)
1699 public @UserSwitchabilityResult int getUserSwitchability() {
Anthony Hugh6acda5e2019-10-24 14:49:52 -07001700 return getUserSwitchability(Process.myUserHandle());
1701 }
1702
1703 /**
1704 * Returns whether switching users is currently allowed for the provided user.
1705 * <p>
1706 * Switching users is not allowed in the following cases:
1707 * <li>the user is in a phone call</li>
1708 * <li>{@link #DISALLOW_USER_SWITCH} is set</li>
1709 * <li>system user hasn't been unlocked yet</li>
1710 *
1711 * @return A {@link UserSwitchabilityResult} flag indicating if the user is switchable.
1712 * @hide
1713 */
1714 @RequiresPermission(allOf = {Manifest.permission.READ_PHONE_STATE,
1715 android.Manifest.permission.MANAGE_USERS,
1716 android.Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true)
1717 public @UserSwitchabilityResult int getUserSwitchability(UserHandle userHandle) {
Varun Shah50ef2002019-03-04 16:41:12 -08001718 final TelephonyManager tm =
1719 (TelephonyManager) mContext.getSystemService(Context.TELEPHONY_SERVICE);
1720
1721 int flags = SWITCHABILITY_STATUS_OK;
1722 if (tm.getCallState() != TelephonyManager.CALL_STATE_IDLE) {
1723 flags |= SWITCHABILITY_STATUS_USER_IN_CALL;
1724 }
Anthony Hugh6acda5e2019-10-24 14:49:52 -07001725 if (hasUserRestriction(DISALLOW_USER_SWITCH, userHandle)) {
Varun Shah50ef2002019-03-04 16:41:12 -08001726 flags |= SWITCHABILITY_STATUS_USER_SWITCH_DISALLOWED;
1727 }
Anthony Hugh6acda5e2019-10-24 14:49:52 -07001728
1729 // System User is always unlocked in Headless System User Mode, so ignore this flag
1730 if (!isHeadlessSystemUserMode()) {
1731 final boolean allowUserSwitchingWhenSystemUserLocked = Settings.Global.getInt(
1732 mContext.getContentResolver(),
1733 Settings.Global.ALLOW_USER_SWITCHING_WHEN_SYSTEM_USER_LOCKED, 0) != 0;
1734 final boolean systemUserUnlocked = isUserUnlocked(UserHandle.SYSTEM);
1735
1736 if (!allowUserSwitchingWhenSystemUserLocked && !systemUserUnlocked) {
1737 flags |= SWITCHABILITY_STATUS_SYSTEM_USER_LOCKED;
1738 }
Varun Shah50ef2002019-03-04 16:41:12 -08001739 }
Anthony Hugh6acda5e2019-10-24 14:49:52 -07001740
Varun Shah50ef2002019-03-04 16:41:12 -08001741 return flags;
1742 }
1743
1744 /**
Amith Yamasani5760e172015-04-17 18:42:41 -07001745 * Returns the user handle for the user that this process is running under.
Jessica Hummelbe81c802014-04-22 15:49:22 +01001746 *
Amith Yamasani5760e172015-04-17 18:42:41 -07001747 * @return the user handle of this process.
Amith Yamasani258848d2012-08-10 17:06:33 -07001748 * @hide
Maggie Benthall67944582013-02-22 14:58:27 -05001749 */
Andrei Onea24ec3212019-03-15 17:35:05 +00001750 @UnsupportedAppUsage
Jeff Sharkey8588bc12016-01-06 16:47:42 -07001751 public @UserIdInt int getUserHandle() {
Dianne Hackborn79af1dd2012-08-16 16:42:52 -07001752 return UserHandle.myUserId();
Amith Yamasani258848d2012-08-10 17:06:33 -07001753 }
1754
1755 /**
Valentin Iftime89df4c82019-08-23 13:02:50 +02001756 * Returns the user name of the context user. This call is only available to applications on
1757 * the system image; it requires the {@code android.permission.MANAGE_USERS} or {@code
1758 * android.permission.GET_ACCOUNTS_PRIVILEGED} permissions.
1759 *
Amith Yamasani258848d2012-08-10 17:06:33 -07001760 * @return the user name
1761 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02001762 @RequiresPermission(anyOf = {android.Manifest.permission.MANAGE_USERS,
1763 android.Manifest.permission.GET_ACCOUNTS_PRIVILEGED}, conditional = true)
1764 @UserHandleAware
1765 public @NonNull String getUserName() {
1766 if (UserHandle.myUserId() == mUserId) {
1767 try {
1768 return mService.getUserName();
1769 } catch (RemoteException re) {
1770 throw re.rethrowFromSystemServer();
1771 }
1772 } else {
1773 UserInfo userInfo = getUserInfo(mUserId);
1774 return userInfo == null ? "" : userInfo.name;
Bookatzcde3d922019-03-08 14:30:00 -08001775 }
Amith Yamasani258848d2012-08-10 17:06:33 -07001776 }
1777
Dianne Hackborn67a101a2014-10-02 12:42:18 -07001778 /**
Fyodor Kupolov605b12a2017-05-10 15:58:09 -07001779 * Returns whether user name has been set.
1780 * <p>This method can be used to check that the value returned by {@link #getUserName()} was
1781 * set by the user and is not a placeholder string provided by the system.
1782 * @hide
1783 */
Bookatzfe4eb2b2019-08-22 18:26:49 -07001784 @SystemApi
1785 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
1786 Manifest.permission.GET_ACCOUNTS_PRIVILEGED})
Fyodor Kupolov605b12a2017-05-10 15:58:09 -07001787 public boolean isUserNameSet() {
1788 try {
1789 return mService.isUserNameSet(getUserHandle());
1790 } catch (RemoteException re) {
1791 throw re.rethrowFromSystemServer();
1792 }
1793 }
1794
1795 /**
Dan Morrille4ab16a2012-09-20 20:25:55 -07001796 * Used to determine whether the user making this call is subject to
1797 * teleportations.
Dianne Hackborn67a101a2014-10-02 12:42:18 -07001798 *
Dianne Hackborn955d8d62014-10-07 20:17:19 -07001799 * <p>As of {@link android.os.Build.VERSION_CODES#LOLLIPOP}, this method can
Dianne Hackborn67a101a2014-10-02 12:42:18 -07001800 * now automatically identify goats using advanced goat recognition technology.</p>
1801 *
Amith Yamasani1f6e0b82020-05-15 12:27:08 -07001802 * <p>As of {@link android.os.Build.VERSION_CODES#R}, this method always returns
1803 * {@code false} in order to protect goat privacy.</p>
1804 *
1805 * @return Returns whether the user making this call is a goat.
Dan Morrille4ab16a2012-09-20 20:25:55 -07001806 */
1807 public boolean isUserAGoat() {
Amith Yamasani1f6e0b82020-05-15 12:27:08 -07001808 if (mContext.getApplicationInfo().targetSdkVersion >= Build.VERSION_CODES.R) {
1809 return false;
1810 }
Adam Powell988ae302014-09-17 17:58:33 -07001811 return mContext.getPackageManager()
1812 .isPackageAvailable("com.coffeestainstudios.goatsimulator");
Dan Morrille4ab16a2012-09-20 20:25:55 -07001813 }
Amith Yamasanidf2e92a2013-03-01 17:04:38 -08001814
1815 /**
Xiaohui Chen70f6c382015-04-28 14:21:43 -07001816 * Used to check if this process is running under the primary user. The primary user
Ying Zheng215116f2019-09-11 12:50:09 -07001817 * is the first human user on a device. This is not supported in headless system user mode.
Xiaohui Chen70f6c382015-04-28 14:21:43 -07001818 *
1819 * @return whether this process is running under the primary user.
1820 * @hide
1821 */
Varun Shahe142e332018-10-22 15:52:56 -07001822 @SystemApi
Valentin Iftime89df4c82019-08-23 13:02:50 +02001823 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
1824 Manifest.permission.CREATE_USERS})
Xiaohui Chen70f6c382015-04-28 14:21:43 -07001825 public boolean isPrimaryUser() {
1826 UserInfo user = getUserInfo(UserHandle.myUserId());
Amith Yamasanid35a89c2016-05-26 16:58:43 -07001827 return user != null && user.isPrimary();
Xiaohui Chen70f6c382015-04-28 14:21:43 -07001828 }
1829
1830 /**
Amith Yamasani5760e172015-04-17 18:42:41 -07001831 * Used to check if this process is running under the system user. The system user
1832 * is the initial user that is implicitly created on first boot and hosts most of the
1833 * system services.
1834 *
1835 * @return whether this process is running under the system user.
1836 */
1837 public boolean isSystemUser() {
Xiaohui Chen70f6c382015-04-28 14:21:43 -07001838 return UserHandle.myUserId() == UserHandle.USER_SYSTEM;
Amith Yamasani5760e172015-04-17 18:42:41 -07001839 }
Xiaohui Chen2b45f8a2015-08-04 15:12:23 -07001840
Amith Yamasani5760e172015-04-17 18:42:41 -07001841 /**
Varun Shahe142e332018-10-22 15:52:56 -07001842 * Used to check if this process is running as an admin user. An admin user is allowed to
1843 * modify or configure certain settings that aren't available to non-admin users,
1844 * create and delete additional users, etc. There can be more than one admin users.
1845 *
1846 * @return whether this process is running under an admin user.
Amith Yamasani462ac3a2015-06-30 14:21:01 -07001847 * @hide
Amith Yamasani462ac3a2015-06-30 14:21:01 -07001848 */
Varun Shahe142e332018-10-22 15:52:56 -07001849 @SystemApi
1850 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Amith Yamasani462ac3a2015-06-30 14:21:01 -07001851 public boolean isAdminUser() {
Xiaohui Chen2b45f8a2015-08-04 15:12:23 -07001852 return isUserAdmin(UserHandle.myUserId());
1853 }
1854
1855 /**
1856 * @hide
1857 * Returns whether the provided user is an admin user. There can be more than one admin
1858 * user.
1859 */
Andrei Onea24ec3212019-03-15 17:35:05 +00001860 @UnsupportedAppUsage
Valentin Iftime89df4c82019-08-23 13:02:50 +02001861 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
1862 Manifest.permission.CREATE_USERS})
Jeff Sharkey8588bc12016-01-06 16:47:42 -07001863 public boolean isUserAdmin(@UserIdInt int userId) {
Xiaohui Chen2b45f8a2015-08-04 15:12:23 -07001864 UserInfo user = getUserInfo(userId);
1865 return user != null && user.isAdmin();
Amith Yamasani462ac3a2015-06-30 14:21:01 -07001866 }
1867
1868 /**
Adam Bookatz61899e52020-01-30 10:57:16 -08001869 * Returns whether the context user is of the given user type.
Bookatz029832a2019-10-04 16:50:22 -07001870 *
Adam Bookatz61899e52020-01-30 10:57:16 -08001871 * @param userType the name of the user's user type, e.g.
1872 * {@link UserManager#USER_TYPE_PROFILE_MANAGED}.
Adam Bookatz351a8fb2019-12-23 10:09:14 -08001873 * @return true if the user is of the given user type.
Bookatz029832a2019-10-04 16:50:22 -07001874 * @hide
1875 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02001876 @SystemApi
1877 @UserHandleAware
Adam Bookatz351a8fb2019-12-23 10:09:14 -08001878 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
1879 public boolean isUserOfType(@NonNull String userType) {
Bookatz029832a2019-10-04 16:50:22 -07001880 try {
Valentin Iftime89df4c82019-08-23 13:02:50 +02001881 return mService.isUserOfType(mUserId, userType);
Bookatz029832a2019-10-04 16:50:22 -07001882 } catch (RemoteException re) {
1883 throw re.rethrowFromSystemServer();
1884 }
1885 }
1886
1887 /**
Bookatz029832a2019-10-04 16:50:22 -07001888 * Returns whether the user type is a
1889 * {@link UserManager#USER_TYPE_PROFILE_MANAGED managed profile}.
1890 * @hide
1891 */
1892 public static boolean isUserTypeManagedProfile(String userType) {
1893 return USER_TYPE_PROFILE_MANAGED.equals(userType);
1894 }
1895
1896 /**
1897 * Returns whether the user type is a {@link UserManager#USER_TYPE_FULL_GUEST guest user}.
1898 * @hide
1899 */
1900 public static boolean isUserTypeGuest(String userType) {
1901 return USER_TYPE_FULL_GUEST.equals(userType);
1902 }
1903
1904 /**
1905 * Returns whether the user type is a
1906 * {@link UserManager#USER_TYPE_FULL_RESTRICTED restricted user}.
1907 * @hide
1908 */
1909 public static boolean isUserTypeRestricted(String userType) {
1910 return USER_TYPE_FULL_RESTRICTED.equals(userType);
1911 }
1912
1913 /**
1914 * Returns whether the user type is a {@link UserManager#USER_TYPE_FULL_DEMO demo user}.
1915 * @hide
1916 */
1917 public static boolean isUserTypeDemo(String userType) {
1918 return USER_TYPE_FULL_DEMO.equals(userType);
1919 }
1920
1921 /**
Varun Shahacb56342019-12-18 11:45:38 -08001922 * Returns the enum defined in the statsd UserLifecycleJourneyReported atom corresponding to the
1923 * user type.
1924 * @hide
1925 */
1926 public static int getUserTypeForStatsd(@NonNull String userType) {
1927 switch (userType) {
1928 case USER_TYPE_FULL_SYSTEM:
1929 return FrameworkStatsLog.USER_LIFECYCLE_JOURNEY_REPORTED__USER_TYPE__FULL_SYSTEM;
1930 case USER_TYPE_FULL_SECONDARY:
1931 return FrameworkStatsLog.USER_LIFECYCLE_JOURNEY_REPORTED__USER_TYPE__FULL_SECONDARY;
1932 case USER_TYPE_FULL_GUEST:
1933 return FrameworkStatsLog.USER_LIFECYCLE_JOURNEY_REPORTED__USER_TYPE__FULL_GUEST;
1934 case USER_TYPE_FULL_DEMO:
1935 return FrameworkStatsLog.USER_LIFECYCLE_JOURNEY_REPORTED__USER_TYPE__FULL_DEMO;
1936 case USER_TYPE_FULL_RESTRICTED:
1937 return FrameworkStatsLog
1938 .USER_LIFECYCLE_JOURNEY_REPORTED__USER_TYPE__FULL_RESTRICTED;
1939 case USER_TYPE_PROFILE_MANAGED:
1940 return FrameworkStatsLog
1941 .USER_LIFECYCLE_JOURNEY_REPORTED__USER_TYPE__PROFILE_MANAGED;
1942 case USER_TYPE_SYSTEM_HEADLESS:
1943 return FrameworkStatsLog
1944 .USER_LIFECYCLE_JOURNEY_REPORTED__USER_TYPE__SYSTEM_HEADLESS;
1945 default:
1946 return FrameworkStatsLog.USER_LIFECYCLE_JOURNEY_REPORTED__USER_TYPE__TYPE_UNKNOWN;
1947 }
1948 }
1949
1950 /**
Fyodor Kupolovca177562017-11-09 17:43:01 -08001951 * @hide
1952 * @deprecated Use {@link #isRestrictedProfile()}
1953 */
Andrei Onea24ec3212019-03-15 17:35:05 +00001954 @UnsupportedAppUsage
Fyodor Kupolovca177562017-11-09 17:43:01 -08001955 @Deprecated
1956 public boolean isLinkedUser() {
1957 return isRestrictedProfile();
1958 }
1959
1960 /**
Varun Shahe142e332018-10-22 15:52:56 -07001961 * Used to check if this process is running under a restricted profile. Restricted profiles
1962 * may have a reduced number of available apps, app restrictions, and account restrictions.
1963 *
1964 * @return whether this process is running under a restricted profile.
Amith Yamasani2555daf2013-04-25 13:39:27 -07001965 * @hide
Amith Yamasanidf2e92a2013-03-01 17:04:38 -08001966 */
Fyodor Kupolovca177562017-11-09 17:43:01 -08001967 @SystemApi
Varun Shahe142e332018-10-22 15:52:56 -07001968 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Fyodor Kupolovca177562017-11-09 17:43:01 -08001969 public boolean isRestrictedProfile() {
Amith Yamasanidf2e92a2013-03-01 17:04:38 -08001970 try {
Amith Yamasani71e6c692013-03-24 17:39:28 -07001971 return mService.isRestricted();
Amith Yamasanidf2e92a2013-03-01 17:04:38 -08001972 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07001973 throw re.rethrowFromSystemServer();
Amith Yamasanidf2e92a2013-03-01 17:04:38 -08001974 }
1975 }
1976
Amith Yamasani258848d2012-08-10 17:06:33 -07001977 /**
Hai Zhang7c064ca2019-03-18 18:21:38 -07001978 * Check if a user is a restricted profile. Restricted profiles may have a reduced number of
1979 * available apps, app restrictions, and account restrictions.
1980 *
1981 * @param user the user to check
1982 * @return whether the user is a restricted profile.
1983 * @hide
1984 */
1985 @SystemApi
Valentin Iftime89df4c82019-08-23 13:02:50 +02001986 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
1987 Manifest.permission.CREATE_USERS})
Hai Zhang7c064ca2019-03-18 18:21:38 -07001988 public boolean isRestrictedProfile(@NonNull UserHandle user) {
1989 try {
1990 return mService.getUserInfo(user.getIdentifier()).isRestricted();
1991 } catch (RemoteException re) {
1992 throw re.rethrowFromSystemServer();
1993 }
1994 }
1995
1996 /**
Fyodor Kupolov1c363152015-09-02 13:27:21 -07001997 * Checks if specified user can have restricted profile.
1998 * @hide
1999 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02002000 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Jeff Sharkey8588bc12016-01-06 16:47:42 -07002001 public boolean canHaveRestrictedProfile(@UserIdInt int userId) {
Fyodor Kupolov1c363152015-09-02 13:27:21 -07002002 try {
2003 return mService.canHaveRestrictedProfile(userId);
2004 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07002005 throw re.rethrowFromSystemServer();
Fyodor Kupolov1c363152015-09-02 13:27:21 -07002006 }
2007 }
2008
2009 /**
Fyodor Kupolovca177562017-11-09 17:43:01 -08002010 * Returns whether the calling user has at least one restricted profile associated with it.
2011 * @return
2012 * @hide
2013 */
2014 @SystemApi
Valentin Iftime89df4c82019-08-23 13:02:50 +02002015 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Fyodor Kupolovca177562017-11-09 17:43:01 -08002016 public boolean hasRestrictedProfiles() {
2017 try {
2018 return mService.hasRestrictedProfiles();
2019 } catch (RemoteException re) {
2020 throw re.rethrowFromSystemServer();
2021 }
2022 }
2023
2024 /**
Evan Rosky13a58a92016-07-27 15:51:09 -07002025 * Checks if a user is a guest user.
2026 * @return whether user is a guest user.
2027 * @hide
2028 */
Andrei Onea24ec3212019-03-15 17:35:05 +00002029 @UnsupportedAppUsage
Valentin Iftime89df4c82019-08-23 13:02:50 +02002030 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
2031 Manifest.permission.CREATE_USERS})
Bookatz07758e32019-11-19 17:16:08 -08002032 public boolean isGuestUser(@UserIdInt int userId) {
2033 UserInfo user = getUserInfo(userId);
Evan Rosky13a58a92016-07-27 15:51:09 -07002034 return user != null && user.isGuest();
2035 }
2036
2037 /**
Varun Shahe142e332018-10-22 15:52:56 -07002038 * Used to check if this process is running under a guest user. A guest user may be transient.
2039 *
2040 * @return whether this process is running under a guest user.
Amith Yamasani1e9c2182014-06-11 17:25:51 -07002041 * @hide
2042 */
Varun Shahe142e332018-10-22 15:52:56 -07002043 @SystemApi
Valentin Iftime89df4c82019-08-23 13:02:50 +02002044 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
2045 Manifest.permission.CREATE_USERS})
Amith Yamasani1e9c2182014-06-11 17:25:51 -07002046 public boolean isGuestUser() {
2047 UserInfo user = getUserInfo(UserHandle.myUserId());
Amith Yamasanid35a89c2016-05-26 16:58:43 -07002048 return user != null && user.isGuest();
2049 }
2050
Fyodor Kupolovca177562017-11-09 17:43:01 -08002051
Amith Yamasanid35a89c2016-05-26 16:58:43 -07002052 /**
Amith Yamasani1c41dc82016-06-28 16:13:15 -07002053 * Checks if the calling app is running in a demo user. When running in a demo user,
2054 * apps can be more helpful to the user, or explain their features in more detail.
2055 *
Amith Yamasanid35a89c2016-05-26 16:58:43 -07002056 * @return whether the caller is a demo user.
Amith Yamasanid35a89c2016-05-26 16:58:43 -07002057 */
2058 public boolean isDemoUser() {
Amith Yamasani1c41dc82016-06-28 16:13:15 -07002059 try {
2060 return mService.isDemoUser(UserHandle.myUserId());
2061 } catch (RemoteException re) {
2062 throw re.rethrowFromSystemServer();
2063 }
Amith Yamasani1e9c2182014-06-11 17:25:51 -07002064 }
2065
2066 /**
Valentin Iftime89df4c82019-08-23 13:02:50 +02002067 * Checks if the calling context user is running in a profile.
2068 *
2069 * Requires {@link android.Manifest.permission#MANAGE_USERS} or
2070 * {@link android.Manifest.permission#INTERACT_ACROSS_USERS} permission, otherwise the
2071 * caller must be in the same profile group of specified user.
Bookatz029832a2019-10-04 16:50:22 -07002072 *
2073 * @return whether the caller is in a profile.
2074 * @hide
2075 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02002076 @SystemApi
2077 @RequiresPermission(anyOf = {android.Manifest.permission.MANAGE_USERS,
2078 android.Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true)
2079 @UserHandleAware
Bookatz029832a2019-10-04 16:50:22 -07002080 public boolean isProfile() {
Valentin Iftime89df4c82019-08-23 13:02:50 +02002081 return isProfile(mUserId);
2082 }
2083
2084 private boolean isProfile(@UserIdInt int userId) {
2085 if (userId == UserHandle.myUserId()) {
2086 // No need for synchronization. Once it becomes non-null, it'll be non-null forever.
2087 // Worst case we might end up calling the AIDL method multiple times but that's fine.
2088 if (mIsProfileCached != null) {
2089 return mIsProfileCached;
2090 }
2091 try {
2092 mIsProfileCached = mService.isProfile(userId);
2093 return mIsProfileCached;
2094 } catch (RemoteException re) {
2095 throw re.rethrowFromSystemServer();
2096 }
2097 } else {
2098 try {
2099 return mService.isProfile(userId);
2100 } catch (RemoteException re) {
2101 throw re.rethrowFromSystemServer();
2102 }
Bookatz029832a2019-10-04 16:50:22 -07002103 }
2104 }
2105
2106 /**
Amith Yamasani0e8d7d62014-09-03 13:17:28 -07002107 * Checks if the calling app is running in a managed profile.
Amith Yamasani0e8d7d62014-09-03 13:17:28 -07002108 *
2109 * @return whether the caller is in a managed profile.
Amith Yamasani0e8d7d62014-09-03 13:17:28 -07002110 */
Amith Yamasani0e8d7d62014-09-03 13:17:28 -07002111 public boolean isManagedProfile() {
Makoto Onukid49f3fa2017-01-25 14:09:48 -08002112 // No need for synchronization. Once it becomes non-null, it'll be non-null forever.
2113 // Worst case we might end up calling the AIDL method multiple times but that's fine.
2114 if (mIsManagedProfileCached != null) {
2115 return mIsManagedProfileCached;
2116 }
Tony Mak8673b282016-03-21 21:10:59 +00002117 try {
Makoto Onukid49f3fa2017-01-25 14:09:48 -08002118 mIsManagedProfileCached = mService.isManagedProfile(UserHandle.myUserId());
2119 return mIsManagedProfileCached;
Tony Mak8673b282016-03-21 21:10:59 +00002120 } catch (RemoteException re) {
2121 throw re.rethrowFromSystemServer();
2122 }
2123 }
2124
2125 /**
2126 * Checks if the specified user is a managed profile.
Bookatz029832a2019-10-04 16:50:22 -07002127 * Requires {@link android.Manifest.permission#MANAGE_USERS} or
2128 * {@link android.Manifest.permission#INTERACT_ACROSS_USERS} permission, otherwise the caller
Tony Mak8673b282016-03-21 21:10:59 +00002129 * must be in the same profile group of specified user.
2130 *
2131 * @return whether the specified user is a managed profile.
2132 * @hide
2133 */
2134 @SystemApi
Valentin Iftime89df4c82019-08-23 13:02:50 +02002135 @RequiresPermission(anyOf = {android.Manifest.permission.MANAGE_USERS,
2136 Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true)
Tony Mak8673b282016-03-21 21:10:59 +00002137 public boolean isManagedProfile(@UserIdInt int userId) {
Makoto Onukid49f3fa2017-01-25 14:09:48 -08002138 if (userId == UserHandle.myUserId()) {
2139 return isManagedProfile();
2140 }
Tony Mak8673b282016-03-21 21:10:59 +00002141 try {
2142 return mService.isManagedProfile(userId);
2143 } catch (RemoteException re) {
2144 throw re.rethrowFromSystemServer();
2145 }
Amith Yamasani0e8d7d62014-09-03 13:17:28 -07002146 }
2147
2148 /**
Lenka Trochtovac4dd0212015-11-18 12:22:06 +01002149 * Checks if the calling app is running as an ephemeral user.
2150 *
2151 * @return whether the caller is an ephemeral user.
2152 * @hide
2153 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02002154 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
2155 Manifest.permission.CREATE_USERS})
Lenka Trochtovac4dd0212015-11-18 12:22:06 +01002156 public boolean isEphemeralUser() {
2157 return isUserEphemeral(UserHandle.myUserId());
2158 }
2159
2160 /**
2161 * Returns whether the specified user is ephemeral.
2162 * @hide
2163 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02002164 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
2165 Manifest.permission.CREATE_USERS})
Jeff Sharkey8588bc12016-01-06 16:47:42 -07002166 public boolean isUserEphemeral(@UserIdInt int userId) {
Lenka Trochtovac4dd0212015-11-18 12:22:06 +01002167 final UserInfo user = getUserInfo(userId);
2168 return user != null && user.isEphemeral();
2169 }
2170
2171 /**
Dianne Hackborna8a9bd62012-10-09 15:36:59 -07002172 * Return whether the given user is actively running. This means that
2173 * the user is in the "started" state, not "stopped" -- it is currently
2174 * allowed to run code through scheduled alarms, receiving broadcasts,
2175 * etc. A started user may be either the current foreground user or a
2176 * background user; the result here does not distinguish between the two.
Makoto Onuki5eef50d2017-03-02 16:38:45 -08002177 *
2178 * <p>Note prior to Android Nougat MR1 (SDK version <= 24;
Andrew Solovay8a788f42018-12-12 14:25:47 -08002179 * {@link android.os.Build.VERSION_CODES#N}, this API required a system permission
Makoto Onuki5eef50d2017-03-02 16:38:45 -08002180 * in order to check other profile's status.
2181 * Since Android Nougat MR1 (SDK version >= 25;
Andrew Solovay8a788f42018-12-12 14:25:47 -08002182 * {@link android.os.Build.VERSION_CODES#N_MR1}), the restriction has been relaxed, and now
2183 * it'll accept any {@link android.os.UserHandle} within the same profile group as the caller.
Fyodor Kupolovcdb3c2f2017-02-10 11:48:32 -08002184 *
Dianne Hackborna8a9bd62012-10-09 15:36:59 -07002185 * @param user The user to retrieve the running state for.
2186 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02002187 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
2188 Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true)
Dianne Hackborna8a9bd62012-10-09 15:36:59 -07002189 public boolean isUserRunning(UserHandle user) {
Jeff Sharkey0e62384c2016-01-13 18:52:55 -07002190 return isUserRunning(user.getIdentifier());
2191 }
2192
2193 /** {@hide} */
Valentin Iftime89df4c82019-08-23 13:02:50 +02002194 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
2195 Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true)
Fyodor Kupolov2e7e0962016-12-01 18:09:17 -08002196 public boolean isUserRunning(@UserIdInt int userId) {
Dianne Hackborna8a9bd62012-10-09 15:36:59 -07002197 try {
Fyodor Kupolov2e7e0962016-12-01 18:09:17 -08002198 return mService.isUserRunning(userId);
Jeff Sharkey27b2e692016-02-25 17:40:12 -07002199 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07002200 throw re.rethrowFromSystemServer();
Dianne Hackborna8a9bd62012-10-09 15:36:59 -07002201 }
2202 }
2203
2204 /**
2205 * Return whether the given user is actively running <em>or</em> stopping.
2206 * This is like {@link #isUserRunning(UserHandle)}, but will also return
2207 * true if the user had been running but is in the process of being stopped
2208 * (but is not yet fully stopped, and still running some code).
Makoto Onuki5eef50d2017-03-02 16:38:45 -08002209 *
2210 * <p>Note prior to Android Nougat MR1 (SDK version <= 24;
Andrew Solovay8a788f42018-12-12 14:25:47 -08002211 * {@link android.os.Build.VERSION_CODES#N}, this API required a system permission
Makoto Onuki5eef50d2017-03-02 16:38:45 -08002212 * in order to check other profile's status.
2213 * Since Android Nougat MR1 (SDK version >= 25;
Andrew Solovay8a788f42018-12-12 14:25:47 -08002214 * {@link android.os.Build.VERSION_CODES#N_MR1}), the restriction has been relaxed, and now
2215 * it'll accept any {@link android.os.UserHandle} within the same profile group as the caller.
Fyodor Kupolovcdb3c2f2017-02-10 11:48:32 -08002216 *
Dianne Hackborna8a9bd62012-10-09 15:36:59 -07002217 * @param user The user to retrieve the running state for.
2218 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02002219 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
2220 Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true)
Dianne Hackborna8a9bd62012-10-09 15:36:59 -07002221 public boolean isUserRunningOrStopping(UserHandle user) {
2222 try {
Jeff Sharkeye17ac152015-11-06 22:40:29 -08002223 // TODO: reconcile stopped vs stopping?
Sudheer Shankadc589ac2016-11-10 15:30:17 -08002224 return ActivityManager.getService().isUserRunning(
Jeff Sharkeye17ac152015-11-06 22:40:29 -08002225 user.getIdentifier(), ActivityManager.FLAG_OR_STOPPED);
Jeff Sharkey27b2e692016-02-25 17:40:12 -07002226 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07002227 throw re.rethrowFromSystemServer();
Dianne Hackborna8a9bd62012-10-09 15:36:59 -07002228 }
2229 }
2230
Jeff Sharkey0825ab22015-12-02 13:04:49 -07002231 /**
Jeff Sharkeycf3f0a12016-03-17 19:57:58 -06002232 * Return whether the calling user is running in an "unlocked" state.
2233 * <p>
2234 * On devices with direct boot, a user is unlocked only after they've
2235 * entered their credentials (such as a lock pattern or PIN). On devices
2236 * without direct boot, a user is unlocked as soon as it starts.
2237 * <p>
2238 * When a user is locked, only device-protected data storage is available.
2239 * When a user is unlocked, both device-protected and credential-protected
2240 * private app data storage is available.
Jeff Sharkey8a372a02016-03-16 16:25:45 -06002241 *
2242 * @see Intent#ACTION_USER_UNLOCKED
2243 * @see Context#createDeviceProtectedStorageContext()
Jeff Sharkeyb6423872015-12-11 11:11:58 -07002244 */
2245 public boolean isUserUnlocked() {
2246 return isUserUnlocked(Process.myUserHandle());
2247 }
2248
2249 /**
Jeff Sharkeycf3f0a12016-03-17 19:57:58 -06002250 * Return whether the given user is running in an "unlocked" state.
2251 * <p>
2252 * On devices with direct boot, a user is unlocked only after they've
2253 * entered their credentials (such as a lock pattern or PIN). On devices
2254 * without direct boot, a user is unlocked as soon as it starts.
2255 * <p>
2256 * When a user is locked, only device-protected data storage is available.
2257 * When a user is unlocked, both device-protected and credential-protected
2258 * private app data storage is available.
Fyodor Kupolovcdb3c2f2017-02-10 11:48:32 -08002259 * <p>Requires {@code android.permission.MANAGE_USERS} or
2260 * {@code android.permission.INTERACT_ACROSS_USERS}, otherwise specified {@link UserHandle user}
2261 * must be the calling user or a managed profile associated with it.
Jeff Sharkeyb6423872015-12-11 11:11:58 -07002262 *
2263 * @param user to retrieve the unlocked state for.
Jeff Sharkey8a372a02016-03-16 16:25:45 -06002264 * @see Intent#ACTION_USER_UNLOCKED
2265 * @see Context#createDeviceProtectedStorageContext()
Jeff Sharkeyb6423872015-12-11 11:11:58 -07002266 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02002267 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
2268 Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true)
Jeff Sharkeyb6423872015-12-11 11:11:58 -07002269 public boolean isUserUnlocked(UserHandle user) {
Jeff Sharkey0999c0d2015-12-17 15:12:22 -07002270 return isUserUnlocked(user.getIdentifier());
2271 }
2272
Lee Shombertebe2a0b2020-01-23 10:02:15 -08002273 private static final String CACHE_KEY_IS_USER_UNLOCKED_PROPERTY =
2274 "cache_key.is_user_unlocked";
2275
2276 private final PropertyInvalidatedCache<Integer, Boolean> mIsUserUnlockedCache =
2277 new PropertyInvalidatedCache<Integer, Boolean>(
2278 32, CACHE_KEY_IS_USER_UNLOCKED_PROPERTY) {
2279 @Override
2280 protected Boolean recompute(Integer query) {
2281 try {
2282 return mService.isUserUnlocked(query);
2283 } catch (RemoteException re) {
2284 throw re.rethrowFromSystemServer();
2285 }
2286 }
2287 };
2288
Collin Fijalkovich3e7d47a2020-05-15 17:01:45 -07002289 // Uses IS_USER_UNLOCKED_PROPERTY for invalidation as the APIs have the same dependencies.
2290 private final PropertyInvalidatedCache<Integer, Boolean> mIsUserUnlockingOrUnlockedCache =
2291 new PropertyInvalidatedCache<Integer, Boolean>(
2292 32, CACHE_KEY_IS_USER_UNLOCKED_PROPERTY) {
2293 @Override
2294 protected Boolean recompute(Integer query) {
2295 try {
2296 return mService.isUserUnlockingOrUnlocked(query);
2297 } catch (RemoteException re) {
2298 throw re.rethrowFromSystemServer();
2299 }
2300 }
2301 };
2302
Jeff Sharkey0999c0d2015-12-17 15:12:22 -07002303 /** {@hide} */
Andrei Onea24ec3212019-03-15 17:35:05 +00002304 @UnsupportedAppUsage
Valentin Iftime89df4c82019-08-23 13:02:50 +02002305 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
2306 Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true)
Jeff Sharkey8588bc12016-01-06 16:47:42 -07002307 public boolean isUserUnlocked(@UserIdInt int userId) {
Lee Shombertebe2a0b2020-01-23 10:02:15 -08002308 return mIsUserUnlockedCache.query(userId);
2309 }
2310
2311 /** {@hide} */
2312 public void disableIsUserUnlockedCache() {
2313 mIsUserUnlockedCache.disableLocal();
Collin Fijalkovich3e7d47a2020-05-15 17:01:45 -07002314 mIsUserUnlockingOrUnlockedCache.disableLocal();
Lee Shombertebe2a0b2020-01-23 10:02:15 -08002315 }
2316
2317 /** {@hide} */
2318 public static final void invalidateIsUserUnlockedCache() {
2319 PropertyInvalidatedCache.invalidateCache(CACHE_KEY_IS_USER_UNLOCKED_PROPERTY);
Jeff Sharkeyce18c812016-04-27 16:00:41 -06002320 }
2321
Roshan Piusf6c8cd32019-10-17 13:03:18 -07002322 /**
2323 * Return whether the provided user is already running in an
2324 * "unlocked" state or in the process of unlocking.
2325 * <p>
2326 * On devices with direct boot, a user is unlocked only after they've
2327 * entered their credentials (such as a lock pattern or PIN). On devices
2328 * without direct boot, a user is unlocked as soon as it starts.
2329 * <p>
2330 * When a user is locked, only device-protected data storage is available.
2331 * When a user is unlocked, both device-protected and credential-protected
2332 * private app data storage is available.
2333 *
2334 * <p>Requires {@code android.permission.MANAGE_USERS} or
2335 * {@code android.permission.INTERACT_ACROSS_USERS}, otherwise specified {@link UserHandle user}
2336 * must be the calling user or a profile associated with it.
2337 *
2338 * @hide
2339 */
2340 @SystemApi
Valentin Iftime89df4c82019-08-23 13:02:50 +02002341 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
2342 Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true)
Roshan Piusf6c8cd32019-10-17 13:03:18 -07002343 public boolean isUserUnlockingOrUnlocked(@NonNull UserHandle user) {
Jeff Sharkeyce18c812016-04-27 16:00:41 -06002344 return isUserUnlockingOrUnlocked(user.getIdentifier());
2345 }
2346
2347 /** {@hide} */
Valentin Iftime89df4c82019-08-23 13:02:50 +02002348 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
2349 Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true)
Jeff Sharkeyce18c812016-04-27 16:00:41 -06002350 public boolean isUserUnlockingOrUnlocked(@UserIdInt int userId) {
Collin Fijalkovich3e7d47a2020-05-15 17:01:45 -07002351 return mIsUserUnlockingOrUnlockedCache.query(userId);
Jeff Sharkeyb6423872015-12-11 11:11:58 -07002352 }
2353
2354 /**
Makoto Onuki73dded22017-12-20 13:14:48 +09002355 * Return the time when the calling user started in elapsed milliseconds since boot,
2356 * or 0 if not started.
2357 *
2358 * @hide
2359 */
Andrei Onea24ec3212019-03-15 17:35:05 +00002360 @UnsupportedAppUsage
Makoto Onuki73dded22017-12-20 13:14:48 +09002361 public long getUserStartRealtime() {
2362 try {
2363 return mService.getUserStartRealtime();
2364 } catch (RemoteException re) {
2365 throw re.rethrowFromSystemServer();
2366 }
2367 }
2368
2369 /**
2370 * Return the time when the calling user was unlocked elapsed milliseconds since boot,
2371 * or 0 if not unlocked.
2372 *
2373 * @hide
2374 */
Andrei Onea24ec3212019-03-15 17:35:05 +00002375 @UnsupportedAppUsage
Makoto Onuki73dded22017-12-20 13:14:48 +09002376 public long getUserUnlockRealtime() {
2377 try {
2378 return mService.getUserUnlockRealtime();
2379 } catch (RemoteException re) {
2380 throw re.rethrowFromSystemServer();
2381 }
2382 }
2383
2384 /**
Amith Yamasani258848d2012-08-10 17:06:33 -07002385 * Returns the UserInfo object describing a specific user.
Bookatzf56f2582019-09-04 16:06:41 -07002386 * @param userId the user handle of the user whose information is being requested.
Amith Yamasani258848d2012-08-10 17:06:33 -07002387 * @return the UserInfo object for a specific user.
2388 * @hide
Dianne Hackbornb26306a2012-10-24 15:22:21 -07002389 */
Andrei Onea24ec3212019-03-15 17:35:05 +00002390 @UnsupportedAppUsage
Valentin Iftime89df4c82019-08-23 13:02:50 +02002391 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
2392 Manifest.permission.CREATE_USERS})
Bookatzf56f2582019-09-04 16:06:41 -07002393 public UserInfo getUserInfo(@UserIdInt int userId) {
Amith Yamasani258848d2012-08-10 17:06:33 -07002394 try {
Bookatzf56f2582019-09-04 16:06:41 -07002395 return mService.getUserInfo(userId);
Amith Yamasani258848d2012-08-10 17:06:33 -07002396 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07002397 throw re.rethrowFromSystemServer();
Amith Yamasani258848d2012-08-10 17:06:33 -07002398 }
2399 }
2400
Amith Yamasani71e6c692013-03-24 17:39:28 -07002401 /**
Zoltan Szatmary-Bane7834602016-04-08 18:41:11 +01002402 * @hide
2403 *
2404 * Returns who set a user restriction on a user.
Zoltan Szatmary-Bane7834602016-04-08 18:41:11 +01002405 * @param restrictionKey the string key representing the restriction
2406 * @param userHandle the UserHandle of the user for whom to retrieve the restrictions.
2407 * @return The source of user restriction. Any combination of {@link #RESTRICTION_NOT_SET},
2408 * {@link #RESTRICTION_SOURCE_SYSTEM}, {@link #RESTRICTION_SOURCE_DEVICE_OWNER}
2409 * and {@link #RESTRICTION_SOURCE_PROFILE_OWNER}
Pavel Grafov6a40f092016-10-25 15:46:51 +01002410 * @deprecated use {@link #getUserRestrictionSources(String, int)} instead.
Zoltan Szatmary-Bane7834602016-04-08 18:41:11 +01002411 */
Pavel Grafov6a40f092016-10-25 15:46:51 +01002412 @Deprecated
Zoltan Szatmary-Bane7834602016-04-08 18:41:11 +01002413 @SystemApi
2414 @UserRestrictionSource
Jeff Sharkeyd86b8fe2017-06-02 17:36:26 -06002415 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Roshan Pius3eac0b92019-12-05 09:35:36 -08002416 public int getUserRestrictionSource(@UserRestrictionKey String restrictionKey,
2417 UserHandle userHandle) {
Zoltan Szatmary-Bane7834602016-04-08 18:41:11 +01002418 try {
2419 return mService.getUserRestrictionSource(restrictionKey, userHandle.getIdentifier());
2420 } catch (RemoteException re) {
2421 throw re.rethrowFromSystemServer();
2422 }
2423 }
2424
2425 /**
Pavel Grafov6a40f092016-10-25 15:46:51 +01002426 * @hide
2427 *
2428 * Returns a list of users who set a user restriction on a given user.
Pavel Grafov6a40f092016-10-25 15:46:51 +01002429 * @param restrictionKey the string key representing the restriction
2430 * @param userHandle the UserHandle of the user for whom to retrieve the restrictions.
2431 * @return a list of user ids enforcing this restriction.
2432 */
2433 @SystemApi
Jeff Sharkeyd86b8fe2017-06-02 17:36:26 -06002434 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Pavel Grafov6a40f092016-10-25 15:46:51 +01002435 public List<EnforcingUser> getUserRestrictionSources(
Roshan Pius3eac0b92019-12-05 09:35:36 -08002436 @UserRestrictionKey String restrictionKey, UserHandle userHandle) {
Pavel Grafov6a40f092016-10-25 15:46:51 +01002437 try {
2438 return mService.getUserRestrictionSources(restrictionKey, userHandle.getIdentifier());
2439 } catch (RemoteException re) {
2440 throw re.rethrowFromSystemServer();
2441 }
2442 }
2443
2444 /**
Amith Yamasani71e6c692013-03-24 17:39:28 -07002445 * Returns the user-wide restrictions imposed on this user.
2446 * @return a Bundle containing all the restrictions.
2447 */
Amith Yamasanie4cf7342012-12-17 11:12:09 -08002448 public Bundle getUserRestrictions() {
2449 return getUserRestrictions(Process.myUserHandle());
2450 }
2451
Amith Yamasani71e6c692013-03-24 17:39:28 -07002452 /**
2453 * Returns the user-wide restrictions imposed on the user specified by <code>userHandle</code>.
2454 * @param userHandle the UserHandle of the user for whom to retrieve the restrictions.
2455 * @return a Bundle containing all the restrictions.
Roshan Pius7969c802019-10-21 19:58:57 -07002456 *
2457 * <p>Requires {@code android.permission.MANAGE_USERS} or
2458 * {@code android.permission.INTERACT_ACROSS_USERS}, otherwise specified {@link UserHandle user}
2459 * must be the calling user or a managed profile associated with it.
Amith Yamasani71e6c692013-03-24 17:39:28 -07002460 */
Roshan Pius7969c802019-10-21 19:58:57 -07002461 @RequiresPermission(anyOf = {
2462 android.Manifest.permission.MANAGE_USERS,
2463 android.Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true)
Amith Yamasanie4cf7342012-12-17 11:12:09 -08002464 public Bundle getUserRestrictions(UserHandle userHandle) {
2465 try {
2466 return mService.getUserRestrictions(userHandle.getIdentifier());
2467 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07002468 throw re.rethrowFromSystemServer();
Amith Yamasanie4cf7342012-12-17 11:12:09 -08002469 }
2470 }
2471
Zoltan Szatmary-Ban3bbcedd2015-11-26 13:45:51 +00002472 /**
2473 * @hide
2474 * Returns whether the given user has been disallowed from performing certain actions
Irina Dumitrescu4638edd2018-09-05 14:08:33 +01002475 * or setting certain settings through UserManager (e.g. this type of restriction would prevent
2476 * the guest user from doing certain things, such as making calls). This method disregards
2477 * restrictions set by device policy.
Zoltan Szatmary-Ban3bbcedd2015-11-26 13:45:51 +00002478 * @param restrictionKey the string key representing the restriction
2479 * @param userHandle the UserHandle of the user for whom to retrieve the restrictions.
2480 */
Adam Bookatz8e089772020-02-03 14:07:14 -08002481 @TestApi
Andrei Onea24ec3212019-03-15 17:35:05 +00002482 @UnsupportedAppUsage
Adam Bookatz8e089772020-02-03 14:07:14 -08002483 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
2484 Manifest.permission.CREATE_USERS})
2485 public boolean hasBaseUserRestriction(@UserRestrictionKey @NonNull String restrictionKey,
2486 @NonNull UserHandle userHandle) {
Zoltan Szatmary-Ban3bbcedd2015-11-26 13:45:51 +00002487 try {
2488 return mService.hasBaseUserRestriction(restrictionKey, userHandle.getIdentifier());
2489 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07002490 throw re.rethrowFromSystemServer();
Zoltan Szatmary-Ban3bbcedd2015-11-26 13:45:51 +00002491 }
2492 }
2493
Amith Yamasani71e6c692013-03-24 17:39:28 -07002494 /**
Makoto Onukia3c12502015-10-28 10:18:32 -07002495 * This will no longer work. Device owners and profile owners should use
2496 * {@link DevicePolicyManager#addUserRestriction(ComponentName, String)} instead.
Amith Yamasani71e6c692013-03-24 17:39:28 -07002497 */
Makoto Onukia3c12502015-10-28 10:18:32 -07002498 // System apps should use UserManager.setUserRestriction() instead.
Julia Reynolds3d9eb782014-08-11 16:40:08 -04002499 @Deprecated
Amith Yamasanie4cf7342012-12-17 11:12:09 -08002500 public void setUserRestrictions(Bundle restrictions) {
Makoto Onuki068c54a2015-10-13 14:34:03 -07002501 throw new UnsupportedOperationException("This method is no longer supported");
Amith Yamasanie4cf7342012-12-17 11:12:09 -08002502 }
2503
Amith Yamasani71e6c692013-03-24 17:39:28 -07002504 /**
Makoto Onukia3c12502015-10-28 10:18:32 -07002505 * This will no longer work. Device owners and profile owners should use
2506 * {@link DevicePolicyManager#addUserRestriction(ComponentName, String)} instead.
Amith Yamasani71e6c692013-03-24 17:39:28 -07002507 */
Makoto Onukia3c12502015-10-28 10:18:32 -07002508 // System apps should use UserManager.setUserRestriction() instead.
Julia Reynolds3d9eb782014-08-11 16:40:08 -04002509 @Deprecated
Amith Yamasanie4cf7342012-12-17 11:12:09 -08002510 public void setUserRestrictions(Bundle restrictions, UserHandle userHandle) {
Makoto Onuki068c54a2015-10-13 14:34:03 -07002511 throw new UnsupportedOperationException("This method is no longer supported");
Amith Yamasanie4cf7342012-12-17 11:12:09 -08002512 }
2513
Amith Yamasani71e6c692013-03-24 17:39:28 -07002514 /**
2515 * Sets the value of a specific restriction.
Amith Yamasanibe465322014-04-24 13:45:17 -07002516 * Requires the MANAGE_USERS permission.
Amith Yamasani71e6c692013-03-24 17:39:28 -07002517 * @param key the key of the restriction
2518 * @param value the value for the restriction
Julia Reynolds3d9eb782014-08-11 16:40:08 -04002519 * @deprecated use {@link android.app.admin.DevicePolicyManager#addUserRestriction(
2520 * android.content.ComponentName, String)} or
2521 * {@link android.app.admin.DevicePolicyManager#clearUserRestriction(
2522 * android.content.ComponentName, String)} instead.
Amith Yamasani71e6c692013-03-24 17:39:28 -07002523 */
Julia Reynolds3d9eb782014-08-11 16:40:08 -04002524 @Deprecated
Valentin Iftime89df4c82019-08-23 13:02:50 +02002525 @RequiresPermission(Manifest.permission.MANAGE_USERS)
Amith Yamasani71e6c692013-03-24 17:39:28 -07002526 public void setUserRestriction(String key, boolean value) {
Makoto Onuki068c54a2015-10-13 14:34:03 -07002527 setUserRestriction(key, value, Process.myUserHandle());
Amith Yamasani71e6c692013-03-24 17:39:28 -07002528 }
2529
2530 /**
2531 * @hide
2532 * Sets the value of a specific restriction on a specific user.
Amith Yamasani71e6c692013-03-24 17:39:28 -07002533 * @param key the key of the restriction
2534 * @param value the value for the restriction
2535 * @param userHandle the user whose restriction is to be changed.
Julia Reynolds3d9eb782014-08-11 16:40:08 -04002536 * @deprecated use {@link android.app.admin.DevicePolicyManager#addUserRestriction(
2537 * android.content.ComponentName, String)} or
2538 * {@link android.app.admin.DevicePolicyManager#clearUserRestriction(
2539 * android.content.ComponentName, String)} instead.
Amith Yamasani71e6c692013-03-24 17:39:28 -07002540 */
Julia Reynolds3d9eb782014-08-11 16:40:08 -04002541 @Deprecated
Valentin Iftime89df4c82019-08-23 13:02:50 +02002542 @RequiresPermission(Manifest.permission.MANAGE_USERS)
Maggie Benthall67944582013-02-22 14:58:27 -05002543 public void setUserRestriction(String key, boolean value, UserHandle userHandle) {
Fyodor Kupolovb5013302015-04-17 17:59:14 -07002544 try {
2545 mService.setUserRestriction(key, value, userHandle.getIdentifier());
2546 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07002547 throw re.rethrowFromSystemServer();
Fyodor Kupolovb5013302015-04-17 17:59:14 -07002548 }
Maggie Benthall67944582013-02-22 14:58:27 -05002549 }
2550
Amith Yamasani258848d2012-08-10 17:06:33 -07002551 /**
Maggie Benthalla12fccf2013-03-14 18:02:12 -04002552 * Returns whether the current user has been disallowed from performing certain actions
2553 * or setting certain settings.
Julia Reynolds2b2cf722014-06-06 11:41:04 -04002554 *
2555 * @param restrictionKey The string key representing the restriction.
2556 * @return {@code true} if the current user has the given restriction, {@code false} otherwise.
Maggie Benthalla12fccf2013-03-14 18:02:12 -04002557 */
Roshan Pius3eac0b92019-12-05 09:35:36 -08002558 public boolean hasUserRestriction(@UserRestrictionKey String restrictionKey) {
Roshan Pius7969c802019-10-21 19:58:57 -07002559 return hasUserRestrictionForUser(restrictionKey, Process.myUserHandle());
David Christieb12ba932013-09-03 17:15:28 -07002560 }
2561
2562 /**
2563 * @hide
2564 * Returns whether the given user has been disallowed from performing certain actions
2565 * or setting certain settings.
2566 * @param restrictionKey the string key representing the restriction
2567 * @param userHandle the UserHandle of the user for whom to retrieve the restrictions.
2568 */
Andrei Onea24ec3212019-03-15 17:35:05 +00002569 @UnsupportedAppUsage
Roshan Pius3eac0b92019-12-05 09:35:36 -08002570 public boolean hasUserRestriction(@UserRestrictionKey String restrictionKey,
2571 UserHandle userHandle) {
Roshan Pius7969c802019-10-21 19:58:57 -07002572 return hasUserRestrictionForUser(restrictionKey, userHandle);
2573 }
2574
2575 /**
2576 * Returns whether the given user has been disallowed from performing certain actions
2577 * or setting certain settings.
2578 * @param restrictionKey the string key representing the restriction
2579 * @param userHandle the UserHandle of the user for whom to retrieve the restrictions.
2580 *
2581 * <p>Requires {@code android.permission.MANAGE_USERS} or
2582 * {@code android.permission.INTERACT_ACROSS_USERS}, otherwise specified {@link UserHandle user}
2583 * must be the calling user or a managed profile associated with it.
2584 *
2585 * @hide
2586 */
2587 @SystemApi
2588 @RequiresPermission(anyOf = {
2589 android.Manifest.permission.MANAGE_USERS,
2590 android.Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true)
Roshan Pius3eac0b92019-12-05 09:35:36 -08002591 public boolean hasUserRestrictionForUser(@NonNull @UserRestrictionKey String restrictionKey,
Roshan Pius7969c802019-10-21 19:58:57 -07002592 @NonNull UserHandle userHandle) {
Amith Yamasani8cd28b52014-06-08 17:54:27 -07002593 try {
Roshan Pius7969c802019-10-21 19:58:57 -07002594 return mService.hasUserRestriction(restrictionKey, userHandle.getIdentifier());
Amith Yamasani8cd28b52014-06-08 17:54:27 -07002595 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07002596 throw re.rethrowFromSystemServer();
Amith Yamasani8cd28b52014-06-08 17:54:27 -07002597 }
Maggie Benthalla12fccf2013-03-14 18:02:12 -04002598 }
2599
2600 /**
Makoto Onukiacc50462018-02-14 14:13:49 -08002601 * @hide
2602 * Returns whether any user on the device has the given user restriction set.
2603 */
Roshan Pius3eac0b92019-12-05 09:35:36 -08002604 public boolean hasUserRestrictionOnAnyUser(@UserRestrictionKey String restrictionKey) {
Makoto Onukiacc50462018-02-14 14:13:49 -08002605 try {
2606 return mService.hasUserRestrictionOnAnyUser(restrictionKey);
2607 } catch (RemoteException re) {
2608 throw re.rethrowFromSystemServer();
2609 }
2610 }
2611
2612 /**
Christopher Tate65fb2e42019-10-11 17:00:23 -07002613 * @hide
2614 *
2615 * Checks whether changing the given setting to the given value is prohibited
2616 * by the corresponding user restriction in the given user.
2617 *
2618 * May only be called by the OS itself.
2619 *
2620 * @return {@code true} if the change is prohibited, {@code false} if the change is allowed.
2621 */
2622 public boolean isSettingRestrictedForUser(String setting, @UserIdInt int userId,
2623 String value, int callingUid) {
2624 try {
2625 return mService.isSettingRestrictedForUser(setting, userId, value, callingUid);
2626 } catch (RemoteException re) {
2627 throw re.rethrowFromSystemServer();
2628 }
2629 }
2630
2631 /**
2632 * @hide
2633 * Register a binder callback for user restrictions changes.
2634 * May only be called by the OS itself.
2635 */
2636 public void addUserRestrictionsListener(final IUserRestrictionsListener listener) {
2637 try {
2638 mService.addUserRestrictionsListener(listener);
2639 } catch (RemoteException re) {
2640 throw re.rethrowFromSystemServer();
2641 }
2642 }
2643
2644 /**
Dianne Hackborn33f9cb82012-10-04 17:15:10 -07002645 * Return the serial number for a user. This is a device-unique
Dianne Hackbornb26306a2012-10-24 15:22:21 -07002646 * number assigned to that user; if the user is deleted and then a new
2647 * user created, the new users will not be given the same serial number.
Dianne Hackborn33f9cb82012-10-04 17:15:10 -07002648 * @param user The user whose serial number is to be retrieved.
Dianne Hackbornb26306a2012-10-24 15:22:21 -07002649 * @return The serial number of the given user; returns -1 if the
2650 * given UserHandle does not exist.
Dianne Hackborn33f9cb82012-10-04 17:15:10 -07002651 * @see #getUserForSerialNumber(long)
2652 */
2653 public long getSerialNumberForUser(UserHandle user) {
2654 return getUserSerialNumber(user.getIdentifier());
2655 }
2656
2657 /**
2658 * Return the user associated with a serial number previously
2659 * returned by {@link #getSerialNumberForUser(UserHandle)}.
2660 * @param serialNumber The serial number of the user that is being
2661 * retrieved.
2662 * @return Return the user associated with the serial number, or null
2663 * if there is not one.
2664 * @see #getSerialNumberForUser(UserHandle)
2665 */
2666 public UserHandle getUserForSerialNumber(long serialNumber) {
Fyodor Kupolovef249092015-05-06 13:18:46 -07002667 int ident = getUserHandle((int) serialNumber);
Dianne Hackborn33f9cb82012-10-04 17:15:10 -07002668 return ident >= 0 ? new UserHandle(ident) : null;
2669 }
2670
2671 /**
Adam Bookatza88d4c02020-05-11 15:13:36 -07002672 * Creates a user with the specified name and options.
2673 * Default user restrictions will be applied.
Bookatz029832a2019-10-04 16:50:22 -07002674 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission.
2675 *
2676 * @param name the user's name
2677 * @param flags UserInfo flags that identify the type of user and other properties.
2678 * @see UserInfo
2679 *
2680 * @return the UserInfo object for the created user, or null if the user could not be created.
2681 * @throws IllegalArgumentException if flags do not correspond to a valid user type.
2682 * @deprecated Use {@link #createUser(String, String, int)} instead.
2683 * @hide
2684 */
2685 @UnsupportedAppUsage
2686 @Deprecated
2687 public @Nullable UserInfo createUser(@Nullable String name, @UserInfoFlag int flags) {
2688 return createUser(name, UserInfo.getDefaultUserType(flags), flags);
2689 }
2690
2691 /**
Adam Bookatza88d4c02020-05-11 15:13:36 -07002692 * Creates a user with the specified name and options.
2693 * Default user restrictions will be applied.
Felipe Lemec1ca4412019-09-11 09:23:26 -07002694 *
Valentin Iftime89df4c82019-08-23 13:02:50 +02002695 * <p>Requires {@link android.Manifest.permission#MANAGE_USERS}.
2696 * {@link android.Manifest.permission#CREATE_USERS} suffices if flags are in
2697 * com.android.server.pm.UserManagerService#ALLOWED_FLAGS_FOR_CREATE_USERS_PERMISSION}.
Amith Yamasani258848d2012-08-10 17:06:33 -07002698 *
Valentin Iftime89df4c82019-08-23 13:02:50 +02002699 * @param name the user's name
Bookatz029832a2019-10-04 16:50:22 -07002700 * @param userType the type of user, such as {@link UserManager#USER_TYPE_FULL_GUEST}.
Valentin Iftime89df4c82019-08-23 13:02:50 +02002701 * @param flags UserInfo flags that specify user properties.
2702 * @return the {@link UserInfo} object for the created user,
2703 * or throws {@link UserOperationException} if the user could not be created
2704 * and calling app is targeting {@link android.os.Build.VERSION_CODES#R} or above
2705 * (otherwise returns {@code null}).
Amith Yamasani258848d2012-08-10 17:06:33 -07002706 *
Valentin Iftime89df4c82019-08-23 13:02:50 +02002707 * @throws UserOperationException if the user could not be created and the calling app is
2708 * targeting {@link android.os.Build.VERSION_CODES#R} or above.
Amith Yamasani258848d2012-08-10 17:06:33 -07002709 * @hide
Valentin Iftime89df4c82019-08-23 13:02:50 +02002710 * @see UserInfo
Amith Yamasani258848d2012-08-10 17:06:33 -07002711 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02002712 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
2713 Manifest.permission.CREATE_USERS})
Bookatz029832a2019-10-04 16:50:22 -07002714 public @Nullable UserInfo createUser(@Nullable String name, @NonNull String userType,
2715 @UserInfoFlag int flags) {
Amith Yamasani258848d2012-08-10 17:06:33 -07002716 try {
Valentin Iftime89df4c82019-08-23 13:02:50 +02002717 return mService.createUserWithThrow(name, userType, flags);
2718 } catch (ServiceSpecificException e) {
2719 return returnNullOrThrowUserOperationException(e,
2720 mContext.getApplicationInfo().targetSdkVersion >= Build.VERSION_CODES.R);
Amith Yamasani258848d2012-08-10 17:06:33 -07002721 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07002722 throw re.rethrowFromSystemServer();
Amith Yamasani258848d2012-08-10 17:06:33 -07002723 }
2724 }
2725
2726 /**
Adam Bookatza88d4c02020-05-11 15:13:36 -07002727 * Pre-creates a user of the specified type. Default user restrictions will be applied.
Felipe Lemec1ca4412019-09-11 09:23:26 -07002728 *
2729 * <p>This method can be used by OEMs to "warm" up the user creation by pre-creating some users
2730 * at the first boot, so they when the "real" user is created (for example,
Bookatz029832a2019-10-04 16:50:22 -07002731 * by {@link #createUser(String, String, int)} or {@link #createGuest(Context, String)}), it
2732 * takes less time.
Felipe Lemec1ca4412019-09-11 09:23:26 -07002733 *
jovanak8508f2f2019-10-28 09:56:29 -07002734 * <p>This method completes the majority of work necessary for user creation: it
2735 * creates user data, CE and DE encryption keys, app data directories, initializes the user and
2736 * grants default permissions. When pre-created users become "real" users, only then are
2737 * components notified of new user creation by firing user creation broadcasts.
2738 *
2739 * <p>All pre-created users are removed during system upgrade.
2740 *
Valentin Iftime89df4c82019-08-23 13:02:50 +02002741 * <p>Requires {@link android.Manifest.permission#MANAGE_USERS}.
2742 * {@link android.Manifest.permission#CREATE_USERS} suffices if flags are in
2743 * com.android.server.pm.UserManagerService#ALLOWED_FLAGS_FOR_CREATE_USERS_PERMISSION}.
Felipe Lemec1ca4412019-09-11 09:23:26 -07002744 *
Bookatz029832a2019-10-04 16:50:22 -07002745 * @param userType the type of user, such as {@link UserManager#USER_TYPE_FULL_GUEST}.
Valentin Iftime89df4c82019-08-23 13:02:50 +02002746 * @return the {@link UserInfo} object for the created user,
2747 * or throws {@link UserOperationException} if the user could not be created
2748 * and calling app is targeting {@link android.os.Build.VERSION_CODES#R} or above
2749 * (otherwise returns {@code null}).
Felipe Lemec1ca4412019-09-11 09:23:26 -07002750 *
Valentin Iftime89df4c82019-08-23 13:02:50 +02002751 * @throws UserOperationException if the user could not be created and the calling app is
2752 * targeting {@link android.os.Build.VERSION_CODES#R} or above.
Felipe Lemec1ca4412019-09-11 09:23:26 -07002753 *
2754 * @hide
2755 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02002756 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
2757 Manifest.permission.CREATE_USERS})
2758 public @Nullable UserInfo preCreateUser(@NonNull String userType)
2759 throws UserOperationException {
Felipe Lemec1ca4412019-09-11 09:23:26 -07002760 try {
Valentin Iftime89df4c82019-08-23 13:02:50 +02002761 return mService.preCreateUserWithThrow(userType);
2762 } catch (ServiceSpecificException e) {
2763 return returnNullOrThrowUserOperationException(e,
2764 mContext.getApplicationInfo().targetSdkVersion >= Build.VERSION_CODES.R);
Felipe Lemec1ca4412019-09-11 09:23:26 -07002765 } catch (RemoteException re) {
2766 throw re.rethrowFromSystemServer();
2767 }
2768 }
2769
2770 /**
Amith Yamasani1e9c2182014-06-11 17:25:51 -07002771 * Creates a guest user and configures it.
2772 * @param context an application context
2773 * @param name the name to set for the user
Valentin Iftime89df4c82019-08-23 13:02:50 +02002774 * @return the {@link UserInfo} object for the created user,
2775 * or throws {@link UserOperationException} if the user could not be created
2776 * and calling app is targeting {@link android.os.Build.VERSION_CODES#R} or above
2777 * (otherwise returns {@code null}).
2778 *
2779 * @throws UserOperationException if the user could not be created and the calling app is
2780 * targeting {@link android.os.Build.VERSION_CODES#R} or above.
Amith Yamasani1e9c2182014-06-11 17:25:51 -07002781 * @hide
2782 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02002783 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
2784 Manifest.permission.CREATE_USERS})
2785 public UserInfo createGuest(Context context, String name) throws UserOperationException {
Makoto Onuki068c54a2015-10-13 14:34:03 -07002786 UserInfo guest = null;
2787 try {
Valentin Iftime89df4c82019-08-23 13:02:50 +02002788 guest = mService.createUserWithThrow(name, USER_TYPE_FULL_GUEST, 0);
Makoto Onuki068c54a2015-10-13 14:34:03 -07002789 if (guest != null) {
2790 Settings.Secure.putStringForUser(context.getContentResolver(),
2791 Settings.Secure.SKIP_FIRST_USE_HINTS, "1", guest.id);
Amith Yamasanibf3a9462014-07-28 14:26:42 -07002792 }
Valentin Iftime89df4c82019-08-23 13:02:50 +02002793 } catch (ServiceSpecificException e) {
2794 return returnNullOrThrowUserOperationException(e,
2795 context.getApplicationInfo().targetSdkVersion >= Build.VERSION_CODES.R);
Makoto Onuki068c54a2015-10-13 14:34:03 -07002796 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07002797 throw re.rethrowFromSystemServer();
Amith Yamasani1e9c2182014-06-11 17:25:51 -07002798 }
2799 return guest;
2800 }
2801
Amith Yamasaniaa6634e2014-10-06 14:20:28 -07002802 /**
Anthony Hugh5d7f9052019-11-13 16:48:28 -08002803 * Gets the existing guest user if it exists. This does not include guest users that are dying.
2804 * @return The existing guest user if it exists. Null otherwise.
2805 * @hide
2806 */
2807 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
2808 public UserInfo findCurrentGuestUser() {
2809 try {
2810 return mService.findCurrentGuestUser();
2811 } catch (RemoteException re) {
2812 throw re.rethrowFromSystemServer();
2813 }
2814 }
2815
2816 /**
Valentin Iftime89df4c82019-08-23 13:02:50 +02002817 * Creates a user with the specified name and options as a profile of the context's user.
2818 *
2819 * @param name the user's name.
2820 * @param userType the type of user, such as {@link UserManager#USER_TYPE_PROFILE_MANAGED}.
2821 * @param disallowedPackages packages to not install for this profile.
2822 *
2823 * @return the {@link android.os.UserHandle} object for the created user,
2824 * or throws {@link UserOperationException} if the user could not be created
2825 * and calling app is targeting {@link android.os.Build.VERSION_CODES#R} or above
2826 * (otherwise returns {@code null}).
2827 *
2828 * @throws UserOperationException if the user could not be created and the calling app is
2829 * targeting {@link android.os.Build.VERSION_CODES#R} or above.
2830 *
2831 * @hide
2832 */
2833 @SystemApi
2834 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
2835 Manifest.permission.CREATE_USERS})
2836 @UserHandleAware
2837 public @Nullable UserHandle createProfile(@NonNull String name, @NonNull String userType,
Valentin Iftime4bf82c822020-02-19 17:51:17 +01002838 @NonNull Set<String> disallowedPackages) throws UserOperationException {
Valentin Iftime89df4c82019-08-23 13:02:50 +02002839 try {
2840 return mService.createProfileForUserWithThrow(name, userType, 0,
Valentin Iftime4bf82c822020-02-19 17:51:17 +01002841 mUserId, disallowedPackages.toArray(
2842 new String[disallowedPackages.size()])).getUserHandle();
Valentin Iftime89df4c82019-08-23 13:02:50 +02002843 } catch (ServiceSpecificException e) {
2844 return returnNullOrThrowUserOperationException(e,
2845 mContext.getApplicationInfo().targetSdkVersion >= Build.VERSION_CODES.R);
2846 } catch (RemoteException re) {
2847 throw re.rethrowFromSystemServer();
2848 }
2849 }
2850
2851 /**
Kenny Guy2a764942014-04-02 13:29:20 +01002852 * Creates a user with the specified name and options as a profile of another user.
Valentin Iftime89df4c82019-08-23 13:02:50 +02002853 * <p>Requires MANAGE_USERS. CREATE_USERS suffices for ALLOWED_FLAGS_FOR_CREATE_USERS_PERMISSION
Kenny Guya52dc3e2014-02-11 15:33:14 +00002854 *
2855 * @param name the user's name
2856 * @param flags flags that identify the type of user and other properties.
Bookatzf56f2582019-09-04 16:06:41 -07002857 * @param userId new user will be a profile of this user.
Kenny Guya52dc3e2014-02-11 15:33:14 +00002858 *
Sudheer Shanka7cb54a32016-09-16 12:59:05 -07002859 * @return the {@link UserInfo} object for the created user, or null if the user
2860 * could not be created.
Bookatz029832a2019-10-04 16:50:22 -07002861 * @throws IllegalArgumentException if flags do not correspond to a valid user type.
2862 * @deprecated Use {@link #createProfileForUser(String, String, int, int)} instead.
Kenny Guya52dc3e2014-02-11 15:33:14 +00002863 * @hide
2864 */
Andrei Onea24ec3212019-03-15 17:35:05 +00002865 @UnsupportedAppUsage
Valentin Iftime89df4c82019-08-23 13:02:50 +02002866 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
2867 Manifest.permission.CREATE_USERS})
Bookatz029832a2019-10-04 16:50:22 -07002868 @Deprecated
2869 public UserInfo createProfileForUser(String name, @UserInfoFlag int flags,
2870 @UserIdInt int userId) {
2871 return createProfileForUser(name, UserInfo.getDefaultUserType(flags), flags,
2872 userId, null);
Sudheer Shanka7cb54a32016-09-16 12:59:05 -07002873 }
2874
2875 /**
Bookatz029832a2019-10-04 16:50:22 -07002876 * Creates a user with the specified name and options as a profile of another user.
Bookatz029832a2019-10-04 16:50:22 -07002877 *
2878 * @param name the user's name
2879 * @param userType the type of user, such as {@link UserManager#USER_TYPE_PROFILE_MANAGED}.
2880 * @param flags UserInfo flags that specify user properties.
2881 * @param userId new user will be a profile of this user.
2882 *
2883 * @return the {@link UserInfo} object for the created user, or null if the user
2884 * could not be created.
2885 * @hide
2886 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02002887 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
2888 Manifest.permission.CREATE_USERS})
Bookatz029832a2019-10-04 16:50:22 -07002889 public UserInfo createProfileForUser(String name, @NonNull String userType,
2890 @UserInfoFlag int flags, @UserIdInt int userId) {
2891 return createProfileForUser(name, userType, flags, userId, null);
2892 }
2893
2894 /**
2895 * Version of {@link #createProfileForUser(String, String, int, int)} that allows you to specify
Sudheer Shanka7cb54a32016-09-16 12:59:05 -07002896 * any packages that should not be installed in the new profile by default, these packages can
2897 * still be installed later by the user if needed.
2898 *
2899 * @param name the user's name
Bookatz029832a2019-10-04 16:50:22 -07002900 * @param userType the type of user, such as {@link UserManager#USER_TYPE_PROFILE_MANAGED}.
2901 * @param flags UserInfo flags that specify user properties.
Bookatzf56f2582019-09-04 16:06:41 -07002902 * @param userId new user will be a profile of this user.
Sudheer Shanka7cb54a32016-09-16 12:59:05 -07002903 * @param disallowedPackages packages that will not be installed in the profile being created.
2904 *
Valentin Iftime89df4c82019-08-23 13:02:50 +02002905 * @return the {@link UserInfo} object for the created user,
2906 * or throws {@link UserOperationException} if the user could not be created
2907 * and calling app is targeting {@link android.os.Build.VERSION_CODES#R} or above
2908 * (otherwise returns {@code null}).
2909 *
2910 * @throws UserOperationException if the user could not be created and the calling app is
2911 * targeting {@link android.os.Build.VERSION_CODES#R} or above.
Sudheer Shanka7cb54a32016-09-16 12:59:05 -07002912 * @hide
2913 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02002914 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
2915 Manifest.permission.CREATE_USERS})
Bookatz029832a2019-10-04 16:50:22 -07002916 public UserInfo createProfileForUser(String name, @NonNull String userType,
Valentin Iftime89df4c82019-08-23 13:02:50 +02002917 @UserInfoFlag int flags, @UserIdInt int userId, String[] disallowedPackages)
2918 throws UserOperationException {
Kenny Guya52dc3e2014-02-11 15:33:14 +00002919 try {
Valentin Iftime89df4c82019-08-23 13:02:50 +02002920 return mService.createProfileForUserWithThrow(name, userType, flags, userId,
2921 disallowedPackages);
2922 } catch (ServiceSpecificException e) {
2923 return returnNullOrThrowUserOperationException(e,
2924 mContext.getApplicationInfo().targetSdkVersion >= Build.VERSION_CODES.R);
Kenny Guya52dc3e2014-02-11 15:33:14 +00002925 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07002926 throw re.rethrowFromSystemServer();
Kenny Guya52dc3e2014-02-11 15:33:14 +00002927 }
2928 }
2929
2930 /**
Bookatz029832a2019-10-04 16:50:22 -07002931 * Similar to {@link #createProfileForUser(String, String, int, int, String[])}
Esteban Talavera6c9116a2016-11-24 16:12:44 +00002932 * except bypassing the checking of {@link UserManager#DISALLOW_ADD_MANAGED_PROFILE}.
Tony Mak6dc428f2016-10-10 15:48:27 +01002933 *
Bookatz029832a2019-10-04 16:50:22 -07002934 * @see #createProfileForUser(String, String, int, int, String[])
Tony Mak6dc428f2016-10-10 15:48:27 +01002935 * @hide
2936 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02002937 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
2938 Manifest.permission.CREATE_USERS})
Bookatz029832a2019-10-04 16:50:22 -07002939 public UserInfo createProfileForUserEvenWhenDisallowed(String name,
2940 @NonNull String userType, @UserInfoFlag int flags, @UserIdInt int userId,
Valentin Iftime89df4c82019-08-23 13:02:50 +02002941 String[] disallowedPackages) throws UserOperationException {
Tony Mak6dc428f2016-10-10 15:48:27 +01002942 try {
Valentin Iftime89df4c82019-08-23 13:02:50 +02002943 return mService.createProfileForUserEvenWhenDisallowedWithThrow(name, userType, flags,
Bookatz029832a2019-10-04 16:50:22 -07002944 userId, disallowedPackages);
Valentin Iftime89df4c82019-08-23 13:02:50 +02002945 } catch (ServiceSpecificException e) {
2946 return returnNullOrThrowUserOperationException(e,
2947 mContext.getApplicationInfo().targetSdkVersion >= Build.VERSION_CODES.R);
Tony Mak6dc428f2016-10-10 15:48:27 +01002948 } catch (RemoteException re) {
2949 throw re.rethrowFromSystemServer();
2950 }
2951 }
2952
2953 /**
Fyodor Kupolov02cb6e72015-09-18 18:20:55 -07002954 * Creates a restricted profile with the specified name. This method also sets necessary
2955 * restrictions and adds shared accounts.
Fyodor Kupolov06a484a2015-08-21 16:33:20 -07002956 *
2957 * @param name profile's name
Valentin Iftime89df4c82019-08-23 13:02:50 +02002958 * @return the {@link UserInfo} object for the created user,
2959 * or throws {@link UserOperationException} if the user could not be created
2960 * and calling app is targeting {@link android.os.Build.VERSION_CODES#R} or above
2961 * (otherwise returns {@code null}).
2962 *
2963 * @throws UserOperationException if the user could not be created and the calling app is
2964 * targeting {@link android.os.Build.VERSION_CODES#R} or above.
Fyodor Kupolov06a484a2015-08-21 16:33:20 -07002965 * @hide
2966 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02002967 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
2968 Manifest.permission.CREATE_USERS})
2969 public UserInfo createRestrictedProfile(String name) throws UserOperationException {
Fyodor Kupolov06a484a2015-08-21 16:33:20 -07002970 try {
Fyodor Kupolov02cb6e72015-09-18 18:20:55 -07002971 UserHandle parentUserHandle = Process.myUserHandle();
Valentin Iftime89df4c82019-08-23 13:02:50 +02002972 UserInfo user = mService.createRestrictedProfileWithThrow(name,
Fyodor Kupolov02cb6e72015-09-18 18:20:55 -07002973 parentUserHandle.getIdentifier());
2974 if (user != null) {
2975 AccountManager.get(mContext).addSharedAccountsFromParentUser(parentUserHandle,
2976 UserHandle.of(user.id));
Fyodor Kupolov06a484a2015-08-21 16:33:20 -07002977 }
Fyodor Kupolov02cb6e72015-09-18 18:20:55 -07002978 return user;
Valentin Iftime89df4c82019-08-23 13:02:50 +02002979 } catch (ServiceSpecificException e) {
2980 return returnNullOrThrowUserOperationException(e,
2981 mContext.getApplicationInfo().targetSdkVersion >= Build.VERSION_CODES.R);
Jeff Sharkey27b2e692016-02-25 17:40:12 -07002982 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07002983 throw re.rethrowFromSystemServer();
Fyodor Kupolov06a484a2015-08-21 16:33:20 -07002984 }
Fyodor Kupolov06a484a2015-08-21 16:33:20 -07002985 }
2986
2987 /**
Amith Yamasani06964342016-04-15 13:55:01 -07002988 * Returns an intent to create a user for the provided name and account name. The name
2989 * and account name will be used when the setup process for the new user is started.
2990 * <p>
Amith Yamasani12747872015-12-07 14:19:49 -08002991 * The intent should be launched using startActivityForResult and the return result will
Amith Yamasani37ed8d12016-01-27 14:40:16 -08002992 * indicate if the user consented to adding a new user and if the operation succeeded. Any
2993 * errors in creating the user will be returned in the result code. If the user cancels the
2994 * request, the return result will be {@link Activity#RESULT_CANCELED}. On success, the
2995 * result code will be {@link Activity#RESULT_OK}.
Amith Yamasani06964342016-04-15 13:55:01 -07002996 * <p>
2997 * Use {@link #supportsMultipleUsers()} to first check if the device supports this operation
2998 * at all.
2999 * <p>
Amith Yamasani12747872015-12-07 14:19:49 -08003000 * The new user is created but not initialized. After switching into the user for the first
3001 * time, the preferred user name and account information are used by the setup process for that
3002 * user.
3003 *
3004 * @param userName Optional name to assign to the user.
Amith Yamasani06964342016-04-15 13:55:01 -07003005 * @param accountName Optional account name that will be used by the setup wizard to initialize
Amith Yamasani12747872015-12-07 14:19:49 -08003006 * the user.
3007 * @param accountType Optional account type for the account to be created. This is required
3008 * if the account name is specified.
3009 * @param accountOptions Optional bundle of data to be passed in during account creation in the
3010 * new user via {@link AccountManager#addAccount(String, String, String[],
3011 * Bundle, android.app.Activity, android.accounts.AccountManagerCallback,
3012 * Handler)}.
Amith Yamasani06964342016-04-15 13:55:01 -07003013 * @return An Intent that can be launched from an Activity.
Amith Yamasani37ed8d12016-01-27 14:40:16 -08003014 * @see #USER_CREATION_FAILED_NOT_PERMITTED
3015 * @see #USER_CREATION_FAILED_NO_MORE_USERS
Amith Yamasani06964342016-04-15 13:55:01 -07003016 * @see #supportsMultipleUsers
Amith Yamasani12747872015-12-07 14:19:49 -08003017 */
3018 public static Intent createUserCreationIntent(@Nullable String userName,
3019 @Nullable String accountName,
3020 @Nullable String accountType, @Nullable PersistableBundle accountOptions) {
Amith Yamasani12747872015-12-07 14:19:49 -08003021 Intent intent = new Intent(ACTION_CREATE_USER);
3022 if (userName != null) {
3023 intent.putExtra(EXTRA_USER_NAME, userName);
3024 }
3025 if (accountName != null && accountType == null) {
3026 throw new IllegalArgumentException("accountType must be specified if accountName is "
3027 + "specified");
3028 }
3029 if (accountName != null) {
3030 intent.putExtra(EXTRA_USER_ACCOUNT_NAME, accountName);
3031 }
3032 if (accountType != null) {
3033 intent.putExtra(EXTRA_USER_ACCOUNT_TYPE, accountType);
3034 }
3035 if (accountOptions != null) {
3036 intent.putExtra(EXTRA_USER_ACCOUNT_OPTIONS, accountOptions);
3037 }
3038 return intent;
3039 }
3040
3041 /**
3042 * @hide
3043 *
Jeff Sharkeyd86b8fe2017-06-02 17:36:26 -06003044 * Returns the preferred account name for user creation.
Amith Yamasani12747872015-12-07 14:19:49 -08003045 */
3046 @SystemApi
Jeff Sharkeyd86b8fe2017-06-02 17:36:26 -06003047 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Amith Yamasani12747872015-12-07 14:19:49 -08003048 public String getSeedAccountName() {
3049 try {
3050 return mService.getSeedAccountName();
3051 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07003052 throw re.rethrowFromSystemServer();
Amith Yamasani12747872015-12-07 14:19:49 -08003053 }
3054 }
3055
3056 /**
3057 * @hide
3058 *
Jeff Sharkeyd86b8fe2017-06-02 17:36:26 -06003059 * Returns the preferred account type for user creation.
Amith Yamasani12747872015-12-07 14:19:49 -08003060 */
3061 @SystemApi
Jeff Sharkeyd86b8fe2017-06-02 17:36:26 -06003062 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Amith Yamasani12747872015-12-07 14:19:49 -08003063 public String getSeedAccountType() {
3064 try {
3065 return mService.getSeedAccountType();
3066 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07003067 throw re.rethrowFromSystemServer();
Amith Yamasani12747872015-12-07 14:19:49 -08003068 }
3069 }
3070
3071 /**
3072 * @hide
3073 *
Jeff Sharkeyd86b8fe2017-06-02 17:36:26 -06003074 * Returns the preferred account's options bundle for user creation.
Amith Yamasani12747872015-12-07 14:19:49 -08003075 * @return Any options set by the requestor that created the user.
3076 */
3077 @SystemApi
Jeff Sharkeyd86b8fe2017-06-02 17:36:26 -06003078 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Amith Yamasani12747872015-12-07 14:19:49 -08003079 public PersistableBundle getSeedAccountOptions() {
3080 try {
3081 return mService.getSeedAccountOptions();
3082 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07003083 throw re.rethrowFromSystemServer();
Amith Yamasani12747872015-12-07 14:19:49 -08003084 }
3085 }
3086
3087 /**
3088 * @hide
3089 *
3090 * Called by a system activity to set the seed account information of a user created
3091 * through the user creation intent.
3092 * @param userId
3093 * @param accountName
3094 * @param accountType
3095 * @param accountOptions
3096 * @see #createUserCreationIntent(String, String, String, PersistableBundle)
3097 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02003098 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Amith Yamasani12747872015-12-07 14:19:49 -08003099 public void setSeedAccountData(int userId, String accountName, String accountType,
3100 PersistableBundle accountOptions) {
3101 try {
3102 mService.setSeedAccountData(userId, accountName, accountType, accountOptions,
3103 /* persist= */ true);
3104 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07003105 throw re.rethrowFromSystemServer();
Amith Yamasani12747872015-12-07 14:19:49 -08003106 }
3107 }
3108
3109 /**
3110 * @hide
Jeff Sharkeyd86b8fe2017-06-02 17:36:26 -06003111 * Clears the seed information used to create this user.
Amith Yamasani12747872015-12-07 14:19:49 -08003112 */
3113 @SystemApi
Jeff Sharkeyd86b8fe2017-06-02 17:36:26 -06003114 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Amith Yamasani12747872015-12-07 14:19:49 -08003115 public void clearSeedAccountData() {
3116 try {
3117 mService.clearSeedAccountData();
3118 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07003119 throw re.rethrowFromSystemServer();
Amith Yamasani12747872015-12-07 14:19:49 -08003120 }
3121 }
3122
3123 /**
Amith Yamasani1df14732014-08-29 21:37:27 -07003124 * @hide
3125 * Marks the guest user for deletion to allow a new guest to be created before deleting
3126 * the current user who is a guest.
Bookatzf56f2582019-09-04 16:06:41 -07003127 * @param userId
Amith Yamasani1df14732014-08-29 21:37:27 -07003128 * @return
3129 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02003130 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Bookatzf56f2582019-09-04 16:06:41 -07003131 public boolean markGuestForDeletion(@UserIdInt int userId) {
Amith Yamasani1df14732014-08-29 21:37:27 -07003132 try {
Bookatzf56f2582019-09-04 16:06:41 -07003133 return mService.markGuestForDeletion(userId);
Amith Yamasani1df14732014-08-29 21:37:27 -07003134 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07003135 throw re.rethrowFromSystemServer();
Amith Yamasani1df14732014-08-29 21:37:27 -07003136 }
3137 }
3138
3139 /**
Alexandra Gherghinadf35d572014-04-09 13:54:39 +01003140 * Sets the user as enabled, if such an user exists.
Lenka Trochtova1ddda472016-02-12 10:42:12 +01003141 *
Lenka Trochtova1ddda472016-02-12 10:42:12 +01003142 * <p>Note that the default is true, it's only that managed profiles might not be enabled.
3143 * Also ephemeral users can be disabled to indicate that their removal is in progress and they
3144 * shouldn't be re-entered. Therefore ephemeral users should not be re-enabled once disabled.
Alexandra Gherghinadf35d572014-04-09 13:54:39 +01003145 *
jovanakf24ad492018-05-18 12:15:59 -07003146 * @param userId the id of the profile to enable
Alexandra Gherghinadf35d572014-04-09 13:54:39 +01003147 * @hide
3148 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02003149 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
jovanakf24ad492018-05-18 12:15:59 -07003150 public void setUserEnabled(@UserIdInt int userId) {
Alexandra Gherghinadf35d572014-04-09 13:54:39 +01003151 try {
jovanakf24ad492018-05-18 12:15:59 -07003152 mService.setUserEnabled(userId);
3153 } catch (RemoteException re) {
3154 throw re.rethrowFromSystemServer();
3155 }
3156 }
3157
3158 /**
3159 * Assigns admin privileges to the user, if such a user exists.
3160 *
Bookatzd15b2f72019-11-26 16:58:57 -08003161 * <p>Note that this does not alter the user's pre-existing user restrictions.
jovanakf24ad492018-05-18 12:15:59 -07003162 *
Bookatzf56f2582019-09-04 16:06:41 -07003163 * @param userId the id of the user to become admin
jovanakf24ad492018-05-18 12:15:59 -07003164 * @hide
3165 */
3166 @RequiresPermission(allOf = {
3167 Manifest.permission.INTERACT_ACROSS_USERS_FULL,
3168 Manifest.permission.MANAGE_USERS
3169 })
Bookatzf56f2582019-09-04 16:06:41 -07003170 public void setUserAdmin(@UserIdInt int userId) {
jovanakf24ad492018-05-18 12:15:59 -07003171 try {
Bookatzf56f2582019-09-04 16:06:41 -07003172 mService.setUserAdmin(userId);
Jeff Sharkey27b2e692016-02-25 17:40:12 -07003173 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07003174 throw re.rethrowFromSystemServer();
Alexandra Gherghinadf35d572014-04-09 13:54:39 +01003175 }
3176 }
3177
3178 /**
Andrew Scull85a63bc2016-10-24 13:47:47 +01003179 * Evicts the user's credential encryption key from memory by stopping and restarting the user.
3180 *
3181 * @hide
3182 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02003183 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Bookatzf56f2582019-09-04 16:06:41 -07003184 public void evictCredentialEncryptionKey(@UserIdInt int userId) {
Andrew Scull85a63bc2016-10-24 13:47:47 +01003185 try {
Bookatzf56f2582019-09-04 16:06:41 -07003186 mService.evictCredentialEncryptionKey(userId);
Andrew Scull85a63bc2016-10-24 13:47:47 +01003187 } catch (RemoteException re) {
3188 throw re.rethrowFromSystemServer();
3189 }
3190 }
3191
3192 /**
Dianne Hackbornb26306a2012-10-24 15:22:21 -07003193 * Return the number of users currently created on the device.
Kevin Hufnagle5813a8c2019-09-30 16:25:02 +00003194 * <p>This API is not for use by third-party apps. It requires the {@code MANAGE_USERS}
3195 * permission.</p>
Dianne Hackbornb26306a2012-10-24 15:22:21 -07003196 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02003197 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Dianne Hackbornb26306a2012-10-24 15:22:21 -07003198 public int getUserCount() {
3199 List<UserInfo> users = getUsers();
3200 return users != null ? users.size() : 1;
3201 }
3202
3203 /**
Amith Yamasanid04aaa32016-06-13 12:09:36 -07003204 * Returns information for all users on this device, including ones marked for deletion.
3205 * To retrieve only users that are alive, use {@link #getUsers(boolean)}.
Felipe Leme09a7f2d2019-10-02 16:27:46 -07003206 *
Fyodor Kupolov940e8572016-01-26 12:03:51 -08003207 * @return the list of users that exist on the device.
Amith Yamasani258848d2012-08-10 17:06:33 -07003208 * @hide
3209 */
Andrei Onea24ec3212019-03-15 17:35:05 +00003210 @UnsupportedAppUsage
Felipe Leme09a7f2d2019-10-02 16:27:46 -07003211 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Amith Yamasani258848d2012-08-10 17:06:33 -07003212 public List<UserInfo> getUsers() {
Felipe Leme09a7f2d2019-10-02 16:27:46 -07003213 return getUsers(/* excludeDying= */ false);
3214 }
3215
3216 /**
Jeffrey Huang91027f82019-11-26 10:34:28 -08003217 * Returns information for all users on this device. Requires
3218 * {@link android.Manifest.permission#MANAGE_USERS} permission.
3219 *
3220 * @param excludeDying specify if the list should exclude users being
3221 * removed.
3222 * @return the list of users that were created.
3223 * @hide
3224 */
3225 @UnsupportedAppUsage
3226 public @NonNull List<UserInfo> getUsers(boolean excludeDying) {
3227 return getUsers(/*excludePartial= */ true, excludeDying,
3228 /* excludePreCreated= */ true);
3229 }
3230
3231 /**
Felipe Leme09a7f2d2019-10-02 16:27:46 -07003232 * Returns information for all users on this device, based on the filtering parameters.
3233 *
3234 * @hide
3235 */
3236 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
3237 public List<UserInfo> getUsers(boolean excludePartial, boolean excludeDying,
3238 boolean excludePreCreated) {
Amith Yamasani258848d2012-08-10 17:06:33 -07003239 try {
Felipe Leme09a7f2d2019-10-02 16:27:46 -07003240 return mService.getUsers(excludePartial, excludeDying, excludePreCreated);
Amith Yamasani920ace02012-09-20 22:15:37 -07003241 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07003242 throw re.rethrowFromSystemServer();
Amith Yamasani920ace02012-09-20 22:15:37 -07003243 }
3244 }
3245
3246 /**
Jeffrey Huang91027f82019-11-26 10:34:28 -08003247 * Returns the user handles for all users on this device, based on the filtering parameters.
3248 *
3249 * @param excludeDying specify if the list should exclude users being removed.
3250 * @return the list of user handles.
3251 * @hide
3252 */
3253 @SystemApi
3254 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
3255 public @NonNull List<UserHandle> getUserHandles(boolean excludeDying) {
3256 List<UserInfo> users = getUsers(excludeDying);
3257 List<UserHandle> result = new ArrayList<>(users.size());
3258 for (UserInfo user : users) {
3259 result.add(user.getUserHandle());
3260 }
3261 return result;
3262 }
3263
3264 /**
Fyodor Kupolov940e8572016-01-26 12:03:51 -08003265 * Returns serial numbers of all users on this device.
Fyodor Kupolov940e8572016-01-26 12:03:51 -08003266 *
3267 * @param excludeDying specify if the list should exclude users being removed.
3268 * @return the list of serial numbers of users that exist on the device.
3269 * @hide
3270 */
3271 @SystemApi
Jeff Sharkeyd86b8fe2017-06-02 17:36:26 -06003272 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Fyodor Kupolov940e8572016-01-26 12:03:51 -08003273 public long[] getSerialNumbersOfUsers(boolean excludeDying) {
Felipe Leme09a7f2d2019-10-02 16:27:46 -07003274 List<UserInfo> users = getUsers(excludeDying);
3275 long[] result = new long[users.size()];
3276 for (int i = 0; i < result.length; i++) {
3277 result[i] = users.get(i).serialNumber;
Fyodor Kupolov940e8572016-01-26 12:03:51 -08003278 }
Felipe Leme09a7f2d2019-10-02 16:27:46 -07003279 return result;
Fyodor Kupolov940e8572016-01-26 12:03:51 -08003280 }
3281
3282 /**
Xiaohui Chenb3b92582015-12-07 11:22:13 -08003283 * @return the user's account name, null if not found.
3284 * @hide
3285 */
3286 @RequiresPermission( allOf = {
3287 Manifest.permission.INTERACT_ACROSS_USERS_FULL,
3288 Manifest.permission.MANAGE_USERS
3289 })
Bookatzf56f2582019-09-04 16:06:41 -07003290 public @Nullable String getUserAccount(@UserIdInt int userId) {
Xiaohui Chenb3b92582015-12-07 11:22:13 -08003291 try {
Bookatzf56f2582019-09-04 16:06:41 -07003292 return mService.getUserAccount(userId);
Xiaohui Chenb3b92582015-12-07 11:22:13 -08003293 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07003294 throw re.rethrowFromSystemServer();
Xiaohui Chenb3b92582015-12-07 11:22:13 -08003295 }
3296 }
3297
3298 /**
3299 * Set account name for the given user.
3300 * @hide
3301 */
3302 @RequiresPermission( allOf = {
3303 Manifest.permission.INTERACT_ACROSS_USERS_FULL,
3304 Manifest.permission.MANAGE_USERS
3305 })
Bookatzf56f2582019-09-04 16:06:41 -07003306 public void setUserAccount(@UserIdInt int userId, @Nullable String accountName) {
Xiaohui Chenb3b92582015-12-07 11:22:13 -08003307 try {
Bookatzf56f2582019-09-04 16:06:41 -07003308 mService.setUserAccount(userId, accountName);
Xiaohui Chenb3b92582015-12-07 11:22:13 -08003309 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07003310 throw re.rethrowFromSystemServer();
Xiaohui Chenb3b92582015-12-07 11:22:13 -08003311 }
3312 }
3313
3314 /**
Xiaohui Chen70f6c382015-04-28 14:21:43 -07003315 * Returns information for Primary user.
Xiaohui Chen70f6c382015-04-28 14:21:43 -07003316 *
3317 * @return the Primary user, null if not found.
3318 * @hide
3319 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02003320 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Xiaohui Chen7cb69df2015-07-13 16:01:01 -07003321 public @Nullable UserInfo getPrimaryUser() {
Xiaohui Chen70f6c382015-04-28 14:21:43 -07003322 try {
3323 return mService.getPrimaryUser();
3324 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07003325 throw re.rethrowFromSystemServer();
Xiaohui Chen70f6c382015-04-28 14:21:43 -07003326 }
3327 }
3328
3329 /**
Amith Yamasani95ab7842014-08-11 17:09:26 -07003330 * Checks whether it's possible to add more users. Caller must hold the MANAGE_USERS
3331 * permission.
3332 *
3333 * @return true if more users can be added, false if limit has been reached.
3334 * @hide
3335 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02003336 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Amith Yamasani95ab7842014-08-11 17:09:26 -07003337 public boolean canAddMoreUsers() {
Bookatz029832a2019-10-04 16:50:22 -07003338 // TODO(b/142482943): UMS has different logic, excluding Demo and Profile from counting. Why
3339 // not here? The logic is inconsistent. See UMS.canAddMoreManagedProfiles
Amith Yamasani95ab7842014-08-11 17:09:26 -07003340 final List<UserInfo> users = getUsers(true);
3341 final int totalUserCount = users.size();
3342 int aliveUserCount = 0;
3343 for (int i = 0; i < totalUserCount; i++) {
3344 UserInfo user = users.get(i);
3345 if (!user.isGuest()) {
3346 aliveUserCount++;
3347 }
3348 }
3349 return aliveUserCount < getMaxSupportedUsers();
3350 }
3351
3352 /**
Nicolas Prevot72434b72015-05-13 12:15:03 -07003353 * Checks whether it's possible to add more managed profiles. Caller must hold the MANAGE_USERS
3354 * permission.
Nicolas Prevot07387fe2015-10-30 17:53:30 +00003355 * if allowedToRemoveOne is true and if the user already has a managed profile, then return if
3356 * we could add a new managed profile to this user after removing the existing one.
Nicolas Prevot72434b72015-05-13 12:15:03 -07003357 *
3358 * @return true if more managed profiles can be added, false if limit has been reached.
3359 * @hide
3360 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02003361 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Jeff Sharkey8588bc12016-01-06 16:47:42 -07003362 public boolean canAddMoreManagedProfiles(@UserIdInt int userId, boolean allowedToRemoveOne) {
Nicolas Prevot72434b72015-05-13 12:15:03 -07003363 try {
Nicolas Prevot07387fe2015-10-30 17:53:30 +00003364 return mService.canAddMoreManagedProfiles(userId, allowedToRemoveOne);
Nicolas Prevot72434b72015-05-13 12:15:03 -07003365 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07003366 throw re.rethrowFromSystemServer();
Nicolas Prevot72434b72015-05-13 12:15:03 -07003367 }
3368 }
3369
3370 /**
Bookatz029832a2019-10-04 16:50:22 -07003371 * Checks whether it's possible to add more profiles of the given type to the given user.
3372 *
3373 * @param userType the type of user, such as {@link UserManager#USER_TYPE_PROFILE_MANAGED}.
3374 * @return true if more profiles can be added, false if limit has been reached.
3375 * @hide
3376 */
3377 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
3378 public boolean canAddMoreProfilesToUser(@NonNull String userType, @UserIdInt int userId) {
3379 try {
3380 return mService.canAddMoreProfilesToUser(userType, userId, false);
3381 } catch (RemoteException re) {
3382 throw re.rethrowFromSystemServer();
3383 }
3384 }
3385
3386 /**
Bookatzf56f2582019-09-04 16:06:41 -07003387 * Returns list of the profiles of userId including userId itself.
Amith Yamasani4f7e2e32014-08-14 18:49:48 -07003388 * Note that this returns both enabled and not enabled profiles. See
Ruben Brunk7f75da22015-04-30 17:46:30 -07003389 * {@link #getEnabledProfiles(int)} if you need only the enabled ones.
Amith Yamasani4f582632014-02-19 14:31:52 -08003390 *
Valentin Iftime89df4c82019-08-23 13:02:50 +02003391 * <p>Requires {@link android.Manifest.permission#MANAGE_USERS}.
3392 * {@link android.Manifest.permission#CREATE_USERS} suffices if userId is the calling user.
Bookatzf56f2582019-09-04 16:06:41 -07003393 * @param userId profiles of this user will be returned.
Kenny Guy2a764942014-04-02 13:29:20 +01003394 * @return the list of profiles.
3395 * @hide
3396 */
Andrei Onea24ec3212019-03-15 17:35:05 +00003397 @UnsupportedAppUsage
Valentin Iftime89df4c82019-08-23 13:02:50 +02003398 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
3399 Manifest.permission.CREATE_USERS}, conditional = true)
Bookatzf56f2582019-09-04 16:06:41 -07003400 public List<UserInfo> getProfiles(@UserIdInt int userId) {
Kenny Guya52dc3e2014-02-11 15:33:14 +00003401 try {
Bookatzf56f2582019-09-04 16:06:41 -07003402 return mService.getProfiles(userId, false /* enabledOnly */);
Kenny Guya52dc3e2014-02-11 15:33:14 +00003403 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07003404 throw re.rethrowFromSystemServer();
Kenny Guya52dc3e2014-02-11 15:33:14 +00003405 }
3406 }
3407
3408 /**
Roshan Piusf6c8cd32019-10-17 13:03:18 -07003409 * Checks if the 2 provided user handles belong to the same profile group.
3410 *
3411 * @param user one of the two user handles to check.
3412 * @param otherUser one of the two user handles to check.
3413 * @return true if the two users are in the same profile group.
3414 *
Roshan Piusf6c8cd32019-10-17 13:03:18 -07003415 * @hide
3416 */
3417 @SystemApi
3418 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
3419 public boolean isSameProfileGroup(@NonNull UserHandle user, @NonNull UserHandle otherUser) {
3420 return isSameProfileGroup(user.getIdentifier(), otherUser.getIdentifier());
3421 }
3422
3423 /**
Valentin Iftime89df4c82019-08-23 13:02:50 +02003424 * Checks if the 2 provided user ids belong to the same profile group.
Xiaohui Chenfd5b7742015-10-14 15:47:04 -07003425 * @param userId one of the two user ids to check.
3426 * @param otherUserId one of the two user ids to check.
3427 * @return true if the two user ids are in the same profile group.
3428 * @hide
3429 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02003430 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Jeff Sharkey8588bc12016-01-06 16:47:42 -07003431 public boolean isSameProfileGroup(@UserIdInt int userId, int otherUserId) {
Xiaohui Chenfd5b7742015-10-14 15:47:04 -07003432 try {
3433 return mService.isSameProfileGroup(userId, otherUserId);
3434 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07003435 throw re.rethrowFromSystemServer();
Xiaohui Chenfd5b7742015-10-14 15:47:04 -07003436 }
3437 }
3438
3439 /**
Bookatzf56f2582019-09-04 16:06:41 -07003440 * Returns list of the profiles of userId including userId itself.
Ruben Brunk7f75da22015-04-30 17:46:30 -07003441 * Note that this returns only enabled.
3442 *
Valentin Iftime89df4c82019-08-23 13:02:50 +02003443 * <p>Requires {@link android.Manifest.permission#MANAGE_USERS}.
3444 * {@link android.Manifest.permission#CREATE_USERS} suffices if userId is the calling user.
Bookatzf56f2582019-09-04 16:06:41 -07003445 * @param userId profiles of this user will be returned.
Ruben Brunk7f75da22015-04-30 17:46:30 -07003446 * @return the list of profiles.
3447 * @hide
3448 */
Andrei Onea24ec3212019-03-15 17:35:05 +00003449 @UnsupportedAppUsage
Valentin Iftime89df4c82019-08-23 13:02:50 +02003450 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
3451 Manifest.permission.CREATE_USERS}, conditional = true)
Bookatzf56f2582019-09-04 16:06:41 -07003452 public List<UserInfo> getEnabledProfiles(@UserIdInt int userId) {
Ruben Brunk7f75da22015-04-30 17:46:30 -07003453 try {
Bookatzf56f2582019-09-04 16:06:41 -07003454 return mService.getProfiles(userId, true /* enabledOnly */);
Ruben Brunk7f75da22015-04-30 17:46:30 -07003455 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07003456 throw re.rethrowFromSystemServer();
Ruben Brunk7f75da22015-04-30 17:46:30 -07003457 }
3458 }
3459
3460 /**
Jessica Hummelbe81c802014-04-22 15:49:22 +01003461 * Returns a list of UserHandles for profiles associated with the user that the calling process
3462 * is running on, including the user itself.
Amith Yamasani4f582632014-02-19 14:31:52 -08003463 *
3464 * @return A non-empty list of UserHandles associated with the calling user.
3465 */
3466 public List<UserHandle> getUserProfiles() {
Fyodor Kupolov7f98aa42016-04-07 14:56:25 -07003467 int[] userIds = getProfileIds(UserHandle.myUserId(), true /* enabledOnly */);
3468 List<UserHandle> result = new ArrayList<>(userIds.length);
3469 for (int userId : userIds) {
3470 result.add(UserHandle.of(userId));
3471 }
3472 return result;
3473 }
3474
3475 /**
Valentin Iftime4bf82c822020-02-19 17:51:17 +01003476 * Returns a list of ids for enabled profiles associated with the context user including the
3477 * user itself.
Valentin Iftime89df4c82019-08-23 13:02:50 +02003478 *
Valentin Iftime89df4c82019-08-23 13:02:50 +02003479 * @return A non-empty list of UserHandles associated with the calling user.
Valentin Iftime89df4c82019-08-23 13:02:50 +02003480 * @hide
3481 */
3482 @SystemApi
3483 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
3484 Manifest.permission.CREATE_USERS}, conditional = true)
3485 @UserHandleAware
Valentin Iftime4bf82c822020-02-19 17:51:17 +01003486 public @NonNull List<UserHandle> getEnabledProfiles() {
3487 return getProfiles(true);
3488 }
3489
3490 /**
3491 * Returns a list of ids for all profiles associated with the context user including the user
3492 * itself.
3493 *
3494 * @return A non-empty list of UserHandles associated with the calling user.
3495 * @hide
3496 */
3497 @SystemApi
3498 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
3499 Manifest.permission.CREATE_USERS}, conditional = true)
3500 @UserHandleAware
3501 public @NonNull List<UserHandle> getAllProfiles() {
3502 return getProfiles(false);
3503 }
3504
3505 /**
3506 * Returns a list of ids for profiles associated with the context user including the user
3507 * itself.
3508 *
3509 * @param enabledOnly whether to return only {@link UserInfo#isEnabled() enabled} profiles
3510 * @return A non-empty list of UserHandles associated with the calling user.
3511 */
3512 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
3513 Manifest.permission.CREATE_USERS}, conditional = true)
3514 @UserHandleAware
3515 private @NonNull List<UserHandle> getProfiles(boolean enabledOnly) {
Valentin Iftime89df4c82019-08-23 13:02:50 +02003516 final int[] userIds = getProfileIds(mUserId, enabledOnly);
3517 final List<UserHandle> result = new ArrayList<>(userIds.length);
3518 for (int userId : userIds) {
3519 result.add(UserHandle.of(userId));
3520 }
3521 return result;
3522 }
3523
3524 /**
Fyodor Kupolov7f98aa42016-04-07 14:56:25 -07003525 * Returns a list of ids for profiles associated with the specified user including the user
3526 * itself.
3527 *
3528 * @param userId id of the user to return profiles for
3529 * @param enabledOnly whether return only {@link UserInfo#isEnabled() enabled} profiles
3530 * @return A non-empty list of ids of profiles associated with the specified user.
3531 *
3532 * @hide
3533 */
Philip P. Moltmann4e615e62018-08-28 14:57:49 -07003534 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
3535 Manifest.permission.CREATE_USERS}, conditional = true)
Philip P. Moltmann4e615e62018-08-28 14:57:49 -07003536 public @NonNull int[] getProfileIds(@UserIdInt int userId, boolean enabledOnly) {
Alexandra Gherghina385124d2014-04-03 13:37:39 +01003537 try {
Fyodor Kupolov7f98aa42016-04-07 14:56:25 -07003538 return mService.getProfileIds(userId, enabledOnly);
Alexandra Gherghina385124d2014-04-03 13:37:39 +01003539 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07003540 throw re.rethrowFromSystemServer();
Alexandra Gherghina385124d2014-04-03 13:37:39 +01003541 }
Fyodor Kupolov7f98aa42016-04-07 14:56:25 -07003542 }
3543
3544 /**
3545 * @see #getProfileIds(int, boolean)
3546 * @hide
3547 */
Andrei Onea24ec3212019-03-15 17:35:05 +00003548 @UnsupportedAppUsage
Valentin Iftime89df4c82019-08-23 13:02:50 +02003549 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
3550 Manifest.permission.CREATE_USERS}, conditional = true)
Fyodor Kupolov7f98aa42016-04-07 14:56:25 -07003551 public int[] getProfileIdsWithDisabled(@UserIdInt int userId) {
3552 return getProfileIds(userId, false /* enabledOnly */);
3553 }
3554
3555 /**
3556 * @see #getProfileIds(int, boolean)
3557 * @hide
3558 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02003559 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
3560 Manifest.permission.CREATE_USERS}, conditional = true)
Fyodor Kupolov7f98aa42016-04-07 14:56:25 -07003561 public int[] getEnabledProfileIds(@UserIdInt int userId) {
3562 return getProfileIds(userId, true /* enabledOnly */);
Amith Yamasani4f582632014-02-19 14:31:52 -08003563 }
3564
Amith Yamasani7dda2652014-04-11 14:57:12 -07003565 /**
Andres Moralesc5548c02015-08-05 10:23:12 -07003566 * Returns the device credential owner id of the profile from
Bookatzf56f2582019-09-04 16:06:41 -07003567 * which this method is called, or userId if called from a user that
Andres Moralesc5548c02015-08-05 10:23:12 -07003568 * is not a profile.
3569 *
3570 * @hide
3571 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02003572 @RequiresPermission(Manifest.permission.MANAGE_USERS)
Bookatzf56f2582019-09-04 16:06:41 -07003573 public int getCredentialOwnerProfile(@UserIdInt int userId) {
Andres Moralesc5548c02015-08-05 10:23:12 -07003574 try {
Bookatzf56f2582019-09-04 16:06:41 -07003575 return mService.getCredentialOwnerProfile(userId);
Andres Moralesc5548c02015-08-05 10:23:12 -07003576 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07003577 throw re.rethrowFromSystemServer();
Andres Moralesc5548c02015-08-05 10:23:12 -07003578 }
3579 }
3580
3581 /**
Jessica Hummelbe81c802014-04-22 15:49:22 +01003582 * Returns the parent of the profile which this method is called from
3583 * or null if called from a user that is not a profile.
3584 *
3585 * @hide
3586 */
Andrei Onea24ec3212019-03-15 17:35:05 +00003587 @UnsupportedAppUsage
Valentin Iftime89df4c82019-08-23 13:02:50 +02003588 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Bookatzf56f2582019-09-04 16:06:41 -07003589 public UserInfo getProfileParent(@UserIdInt int userId) {
Jessica Hummelbe81c802014-04-22 15:49:22 +01003590 try {
Bookatzf56f2582019-09-04 16:06:41 -07003591 return mService.getProfileParent(userId);
Jessica Hummelbe81c802014-04-22 15:49:22 +01003592 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07003593 throw re.rethrowFromSystemServer();
Jessica Hummelbe81c802014-04-22 15:49:22 +01003594 }
3595 }
3596
3597 /**
Philip P. Moltmanna3e358c2018-11-21 12:45:50 -08003598 * Get the parent of a user profile.
3599 *
3600 * @param user the handle of the user profile
3601 *
3602 * @return the parent of the user or {@code null} if the user is not profile
3603 *
3604 * @hide
3605 */
3606 @SystemApi
3607 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
3608 public @Nullable UserHandle getProfileParent(@NonNull UserHandle user) {
3609 UserInfo info = getProfileParent(user.getIdentifier());
3610
3611 if (info == null) {
3612 return null;
3613 }
3614
3615 return UserHandle.of(info.id);
3616 }
3617
3618 /**
Tony Make3d1f652017-12-12 11:00:37 +00003619 * Enables or disables quiet mode for a managed profile. If quiet mode is enabled, apps in a
3620 * managed profile don't run, generate notifications, or consume data or battery.
3621 * <p>
3622 * If a user's credential is needed to turn off quiet mode, a confirm credential screen will be
3623 * shown to the user.
3624 * <p>
3625 * The change may not happen instantly, however apps can listen for
3626 * {@link Intent#ACTION_MANAGED_PROFILE_AVAILABLE} and
3627 * {@link Intent#ACTION_MANAGED_PROFILE_UNAVAILABLE} broadcasts in order to be notified of
3628 * the change of the quiet mode. Apps can also check the current state of quiet mode by
3629 * calling {@link #isQuietModeEnabled(UserHandle)}.
3630 * <p>
3631 * The caller must either be the foreground default launcher or have one of these permissions:
3632 * {@code MANAGE_USERS} or {@code MODIFY_QUIET_MODE}.
Rubin Xu0a29ecd2015-11-04 15:11:48 +00003633 *
Tony Make3d1f652017-12-12 11:00:37 +00003634 * @param enableQuietMode whether quiet mode should be enabled or disabled
3635 * @param userHandle user handle of the profile
3636 * @return {@code false} if user's credential is needed in order to turn off quiet mode,
3637 * {@code true} otherwise
3638 * @throws SecurityException if the caller is invalid
3639 * @throws IllegalArgumentException if {@code userHandle} is not a managed profile
3640 *
3641 * @see #isQuietModeEnabled(UserHandle)
Rubin Xu0a29ecd2015-11-04 15:11:48 +00003642 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02003643 @RequiresPermission(anyOf = {android.Manifest.permission.MANAGE_USERS,
3644 Manifest.permission.MODIFY_QUIET_MODE}, conditional = true)
Tony Makbece85d2018-01-12 12:10:17 +00003645 public boolean requestQuietModeEnabled(boolean enableQuietMode, @NonNull UserHandle userHandle) {
3646 return requestQuietModeEnabled(enableQuietMode, userHandle, null);
Tony Makb7e6fd42017-12-05 19:40:28 +00003647 }
3648
3649 /**
Pierre Barbier de Reuille17eaf742020-01-10 17:49:45 +00003650 * Perform the same operation as {@link #requestQuietModeEnabled(boolean, UserHandle)}, but
3651 * with a flag to tweak the behavior of the request.
3652 *
3653 * @param enableQuietMode whether quiet mode should be enabled or disabled
3654 * @param userHandle user handle of the profile
3655 * @param flags Can be 0 or {@link #QUIET_MODE_DISABLE_ONLY_IF_CREDENTIAL_NOT_REQUIRED}.
3656 * @return {@code false} if user's credential is needed in order to turn off quiet mode,
3657 * {@code true} otherwise
3658 * @throws SecurityException if the caller is invalid
3659 * @throws IllegalArgumentException if {@code userHandle} is not a managed profile
3660 *
3661 * @see #isQuietModeEnabled(UserHandle)
3662 */
3663 public boolean requestQuietModeEnabled(boolean enableQuietMode, @NonNull UserHandle userHandle,
3664 @QuietModeFlag int flags) {
3665 return requestQuietModeEnabled(enableQuietMode, userHandle, null, flags);
3666 }
3667
3668 /**
Tony Makbece85d2018-01-12 12:10:17 +00003669 * Similar to {@link #requestQuietModeEnabled(boolean, UserHandle)}, except you can specify
Tony Makd390ae92017-12-28 13:23:10 +00003670 * a target to start when user is unlocked. If {@code target} is specified, caller must have
3671 * the {@link android.Manifest.permission#MANAGE_USERS} permission.
Tony Makb7e6fd42017-12-05 19:40:28 +00003672 *
Tony Makbece85d2018-01-12 12:10:17 +00003673 * @see {@link #requestQuietModeEnabled(boolean, UserHandle)}
Rubin Xu0a29ecd2015-11-04 15:11:48 +00003674 * @hide
3675 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02003676 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Tony Makbece85d2018-01-12 12:10:17 +00003677 public boolean requestQuietModeEnabled(
Tony Makb7e6fd42017-12-05 19:40:28 +00003678 boolean enableQuietMode, @NonNull UserHandle userHandle, IntentSender target) {
Pierre Barbier de Reuille17eaf742020-01-10 17:49:45 +00003679 return requestQuietModeEnabled(enableQuietMode, userHandle, target, 0);
3680 }
Pavel Grafov4513e242020-01-31 11:41:51 +00003681
Pierre Barbier de Reuille17eaf742020-01-10 17:49:45 +00003682 /**
3683 * Similar to {@link #requestQuietModeEnabled(boolean, UserHandle)}, except you can specify
3684 * a target to start when user is unlocked. If {@code target} is specified, caller must have
3685 * the {@link android.Manifest.permission#MANAGE_USERS} permission.
3686 *
Pavel Grafov4513e242020-01-31 11:41:51 +00003687 * @see #requestQuietModeEnabled(boolean, UserHandle)
Pierre Barbier de Reuille17eaf742020-01-10 17:49:45 +00003688 * @hide
3689 */
3690 public boolean requestQuietModeEnabled(
3691 boolean enableQuietMode, @NonNull UserHandle userHandle, IntentSender target,
3692 int flags) {
Rubin Xu0a29ecd2015-11-04 15:11:48 +00003693 try {
Tony Makbece85d2018-01-12 12:10:17 +00003694 return mService.requestQuietModeEnabled(
Pierre Barbier de Reuille17eaf742020-01-10 17:49:45 +00003695 mContext.getPackageName(), enableQuietMode, userHandle.getIdentifier(), target,
3696 flags);
Jeff Sharkey27b2e692016-02-25 17:40:12 -07003697 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07003698 throw re.rethrowFromSystemServer();
Rubin Xu0a29ecd2015-11-04 15:11:48 +00003699 }
3700 }
3701
3702 /**
3703 * Returns whether the given profile is in quiet mode or not.
Ricky Wai7881cf82016-04-15 17:20:12 +01003704 * Notes: Quiet mode is only supported for managed profiles.
Rubin Xu0a29ecd2015-11-04 15:11:48 +00003705 *
3706 * @param userHandle The user handle of the profile to be queried.
3707 * @return true if the profile is in quiet mode, false otherwise.
3708 */
3709 public boolean isQuietModeEnabled(UserHandle userHandle) {
3710 try {
3711 return mService.isQuietModeEnabled(userHandle.getIdentifier());
Jeff Sharkey27b2e692016-02-25 17:40:12 -07003712 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07003713 throw re.rethrowFromSystemServer();
Rubin Xu0a29ecd2015-11-04 15:11:48 +00003714 }
Rubin Xu0a29ecd2015-11-04 15:11:48 +00003715 }
3716
3717 /**
Bookatz029832a2019-10-04 16:50:22 -07003718 * Returns whether the given user has a badge (generally to put on profiles' icons).
3719 *
3720 * @param userId userId of the user in question
3721 * @return true if the user's icons should display a badge; false otherwise.
3722 *
3723 * @see #getBadgedIconForUser more information about badging in general
3724 * @hide
3725 */
3726 public boolean hasBadge(@UserIdInt int userId) {
3727 if (!isProfile(userId)) {
3728 // Since currently only profiles actually have badges, we can do this optimization.
3729 return false;
3730 }
3731 try {
3732 return mService.hasBadge(userId);
3733 } catch (RemoteException re) {
3734 throw re.rethrowFromSystemServer();
3735 }
3736 }
3737
3738 /**
Valentin Iftime89df4c82019-08-23 13:02:50 +02003739 * Returns whether the user associated with the context has a badge (generally to put on
3740 * profiles' icons).
Bookatz029832a2019-10-04 16:50:22 -07003741 *
3742 * @return true if the user's icons should display a badge; false otherwise.
Bookatz029832a2019-10-04 16:50:22 -07003743 * @see #getBadgedIconForUser more information about badging in general
3744 * @hide
3745 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02003746 @UserHandleAware
Bookatz029832a2019-10-04 16:50:22 -07003747 public boolean hasBadge() {
Valentin Iftime89df4c82019-08-23 13:02:50 +02003748 return hasBadge(mUserId);
Bookatz029832a2019-10-04 16:50:22 -07003749 }
3750
3751 /**
Beverly2b4306a2020-04-27 16:15:15 -04003752 * Returns the light theme badge color for the given user (generally to color a profile's
3753 * icon's badge).
Bookatz029832a2019-10-04 16:50:22 -07003754 *
3755 * <p>To check whether a badge color is expected for the user, first call {@link #hasBadge}.
3756 *
3757 * @return the color (not the resource ID) to be used for the user's badge
3758 * @throws Resources.NotFoundException if no valid badge color exists for this user
3759 *
3760 * @see #getBadgedIconForUser more information about badging in general
3761 * @hide
3762 */
3763 public @ColorInt int getUserBadgeColor(@UserIdInt int userId) {
3764 try {
3765 final int resourceId = mService.getUserBadgeColorResId(userId);
3766 return Resources.getSystem().getColor(resourceId, null);
3767 } catch (RemoteException re) {
3768 throw re.rethrowFromSystemServer();
3769 }
3770 }
3771
3772 /**
Beverly2b4306a2020-04-27 16:15:15 -04003773 * Returns the dark theme badge color for the given user (generally to color a profile's icon's
3774 * badge).
3775 *
3776 * <p>To check whether a badge color is expected for the user, first call {@link #hasBadge}.
3777 *
3778 * @return the color (not the resource ID) to be used for the user's badge
3779 * @throws Resources.NotFoundException if no valid badge color exists for this user
3780 *
3781 * @see #getBadgedIconForUser more information about badging in general
3782 * @hide
3783 */
3784 public @ColorInt int getUserBadgeDarkColor(@UserIdInt int userId) {
3785 try {
3786 final int resourceId = mService.getUserBadgeDarkColorResId(userId);
3787 return Resources.getSystem().getColor(resourceId, null);
3788 } catch (RemoteException re) {
3789 throw re.rethrowFromSystemServer();
3790 }
3791 }
3792
3793 /**
Bookatz029832a2019-10-04 16:50:22 -07003794 * Returns the Resource ID of the user's icon badge.
3795 *
3796 * @return the Resource ID of the user's icon badge if it has one; otherwise
3797 * {@link Resources#ID_NULL}.
3798 *
3799 * @see #getBadgedIconForUser more information about badging in general
3800 * @hide
3801 */
3802 public @DrawableRes int getUserIconBadgeResId(@UserIdInt int userId) {
3803 try {
3804 return mService.getUserIconBadgeResId(userId);
3805 } catch (RemoteException re) {
3806 throw re.rethrowFromSystemServer();
3807 }
3808 }
3809
3810 /**
3811 * Returns the Resource ID of the user's badge.
3812 *
3813 * @return the Resource ID of the user's badge if it has one; otherwise
3814 * {@link Resources#ID_NULL}.
3815 *
3816 * @see #getBadgedIconForUser more information about badging in general
3817 * @hide
3818 */
3819 public @DrawableRes int getUserBadgeResId(@UserIdInt int userId) {
3820 try {
3821 return mService.getUserBadgeResId(userId);
3822 } catch (RemoteException re) {
3823 throw re.rethrowFromSystemServer();
3824 }
3825 }
3826
3827 /**
3828 * Returns the Resource ID of the user's badge without a background.
3829 *
3830 * @return the Resource ID of the user's no-background badge if it has one; otherwise
3831 * {@link Resources#ID_NULL}.
3832 *
3833 * @see #getBadgedIconForUser more information about badging in general
3834 * @hide
3835 */
3836 public @DrawableRes int getUserBadgeNoBackgroundResId(@UserIdInt int userId) {
3837 try {
3838 return mService.getUserBadgeNoBackgroundResId(userId);
3839 } catch (RemoteException re) {
3840 throw re.rethrowFromSystemServer();
3841 }
3842 }
3843
3844 /**
3845 * If the target user is a profile of the calling user or the caller
3846 * is itself a profile, then this returns a badged copy of the given
Svetoslavc71c42f2014-08-05 18:57:05 -07003847 * icon to be able to distinguish it from the original icon. For badging an
3848 * arbitrary drawable use {@link #getBadgedDrawableForUser(
3849 * android.graphics.drawable.Drawable, UserHandle, android.graphics.Rect, int)}.
3850 * <p>
3851 * If the original drawable is a BitmapDrawable and the backing bitmap is
Vadim Tryshev66ae66a2016-02-18 15:41:21 -08003852 * mutable as per {@link android.graphics.Bitmap#isMutable()}, the badging
Svetoslavc71c42f2014-08-05 18:57:05 -07003853 * is performed in place and the original drawable is returned.
3854 * </p>
Amith Yamasani7dda2652014-04-11 14:57:12 -07003855 *
3856 * @param icon The icon to badge.
3857 * @param user The target user.
3858 * @return A drawable that combines the original icon and a badge as
3859 * determined by the system.
Svetoslavc7d62f02014-09-04 15:39:54 -07003860 * @removed
Amith Yamasani7dda2652014-04-11 14:57:12 -07003861 */
Svetoslavc71c42f2014-08-05 18:57:05 -07003862 public Drawable getBadgedIconForUser(Drawable icon, UserHandle user) {
Svetoslavc7d62f02014-09-04 15:39:54 -07003863 return mContext.getPackageManager().getUserBadgedIcon(icon, user);
Amith Yamasani4f582632014-02-19 14:31:52 -08003864 }
3865
Kenny Guy701ea7c2014-05-08 23:34:12 +01003866 /**
Bookatz029832a2019-10-04 16:50:22 -07003867 * If the target user is a profile of the calling user or the caller
3868 * is itself a profile, then this returns a badged copy of the given
Svetoslavc71c42f2014-08-05 18:57:05 -07003869 * drawable allowing the user to distinguish it from the original drawable.
3870 * The caller can specify the location in the bounds of the drawable to be
3871 * badged where the badge should be applied as well as the density of the
3872 * badge to be used.
3873 * <p>
3874 * If the original drawable is a BitmapDrawable and the backing bitmap is
Vadim Tryshev66ae66a2016-02-18 15:41:21 -08003875 * mutable as per {@link android.graphics.Bitmap#isMutable()}, the badging
Svetoslavc71c42f2014-08-05 18:57:05 -07003876 * is performed in place and the original drawable is returned.
3877 * </p>
3878 *
3879 * @param badgedDrawable The drawable to badge.
3880 * @param user The target user.
3881 * @param badgeLocation Where in the bounds of the badged drawable to place
Vadim Tryshev66ae66a2016-02-18 15:41:21 -08003882 * the badge. If it's {@code null}, the badge is applied on top of the entire
Svetoslavc71c42f2014-08-05 18:57:05 -07003883 * drawable being badged.
3884 * @param badgeDensity The optional desired density for the badge as per
Vadim Tryshev66ae66a2016-02-18 15:41:21 -08003885 * {@link android.util.DisplayMetrics#densityDpi}. If it's not positive,
Svetoslavc71c42f2014-08-05 18:57:05 -07003886 * the density of the display is used.
3887 * @return A drawable that combines the original drawable and a badge as
3888 * determined by the system.
Svetoslavc7d62f02014-09-04 15:39:54 -07003889 * @removed
Svetoslavc71c42f2014-08-05 18:57:05 -07003890 */
3891 public Drawable getBadgedDrawableForUser(Drawable badgedDrawable, UserHandle user,
3892 Rect badgeLocation, int badgeDensity) {
Svetoslavc7d62f02014-09-04 15:39:54 -07003893 return mContext.getPackageManager().getUserBadgedDrawableForDensity(badgedDrawable, user,
3894 badgeLocation, badgeDensity);
Svetoslavc71c42f2014-08-05 18:57:05 -07003895 }
3896
3897 /**
Bookatz029832a2019-10-04 16:50:22 -07003898 * If the target user is a profile of the calling user or the caller
3899 * is itself a profile, then this returns a copy of the label with
Kenny Guyf7ecf7c2014-06-18 11:32:05 +01003900 * badging for accessibility services like talkback. E.g. passing in "Email"
3901 * and it might return "Work Email" for Email in the work profile.
3902 *
Bookatz029832a2019-10-04 16:50:22 -07003903 * <p>Requires {@link android.Manifest.permission#MANAGE_USERS} or
3904 * {@link android.Manifest.permission#INTERACT_ACROSS_USERS} permission, otherwise the caller
3905 * must be in the same profile group of specified user.
3906 *
Kenny Guyf7ecf7c2014-06-18 11:32:05 +01003907 * @param label The label to change.
3908 * @param user The target user.
3909 * @return A label that combines the original label and a badge as
3910 * determined by the system.
Svetoslavc7d62f02014-09-04 15:39:54 -07003911 * @removed
Kenny Guyf7ecf7c2014-06-18 11:32:05 +01003912 */
Kenny Guy237aecd2014-07-21 14:06:09 +01003913 public CharSequence getBadgedLabelForUser(CharSequence label, UserHandle user) {
Bookatz029832a2019-10-04 16:50:22 -07003914 final int userId = user.getIdentifier();
3915 if (!hasBadge(userId)) {
3916 return label;
3917 }
3918 try {
3919 final int resourceId = mService.getUserBadgeLabelResId(userId);
3920 return Resources.getSystem().getString(resourceId, label);
3921 } catch (RemoteException re) {
3922 throw re.rethrowFromSystemServer();
3923 }
Amith Yamasani4f582632014-02-19 14:31:52 -08003924 }
3925
3926 /**
Amith Yamasani258848d2012-08-10 17:06:33 -07003927 * Removes a user and all associated data.
Bookatzf56f2582019-09-04 16:06:41 -07003928 * @param userId the integer handle of the user.
Amith Yamasani258848d2012-08-10 17:06:33 -07003929 * @hide
3930 */
Andrei Onea24ec3212019-03-15 17:35:05 +00003931 @UnsupportedAppUsage
Valentin Iftime89df4c82019-08-23 13:02:50 +02003932 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
3933 Manifest.permission.CREATE_USERS})
Bookatzf56f2582019-09-04 16:06:41 -07003934 public boolean removeUser(@UserIdInt int userId) {
Amith Yamasani258848d2012-08-10 17:06:33 -07003935 try {
Bookatzf56f2582019-09-04 16:06:41 -07003936 return mService.removeUser(userId);
Amith Yamasani258848d2012-08-10 17:06:33 -07003937 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07003938 throw re.rethrowFromSystemServer();
Amith Yamasani258848d2012-08-10 17:06:33 -07003939 }
3940 }
3941
3942 /**
Varun Shahe38c6782018-12-04 16:57:49 -08003943 * Removes a user and all associated data.
3944 *
3945 * @param user the user that needs to be removed.
Varun Shah9533e622019-02-27 15:26:56 -08003946 * @return {@code true} if the user was successfully removed, {@code false} otherwise.
3947 * @throws IllegalArgumentException if {@code user} is {@code null}
Varun Shahe38c6782018-12-04 16:57:49 -08003948 * @hide
3949 */
3950 @SystemApi
Valentin Iftime89df4c82019-08-23 13:02:50 +02003951 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
3952 Manifest.permission.CREATE_USERS})
Varun Shah9533e622019-02-27 15:26:56 -08003953 public boolean removeUser(@NonNull UserHandle user) {
3954 if (user == null) {
3955 throw new IllegalArgumentException("user cannot be null");
3956 }
Varun Shahe38c6782018-12-04 16:57:49 -08003957 return removeUser(user.getIdentifier());
3958 }
3959
3960
3961 /**
Nicolas Prevotd37c4a92017-01-23 11:56:00 +00003962 * Similar to {@link #removeUser(int)} except bypassing the checking of
3963 * {@link UserManager#DISALLOW_REMOVE_USER}
3964 * or {@link UserManager#DISALLOW_REMOVE_MANAGED_PROFILE}.
3965 *
3966 * @see {@link #removeUser(int)}
3967 * @hide
3968 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02003969 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS,
3970 Manifest.permission.CREATE_USERS})
Bookatzf56f2582019-09-04 16:06:41 -07003971 public boolean removeUserEvenWhenDisallowed(@UserIdInt int userId) {
Nicolas Prevotd37c4a92017-01-23 11:56:00 +00003972 try {
Bookatzf56f2582019-09-04 16:06:41 -07003973 return mService.removeUserEvenWhenDisallowed(userId);
Nicolas Prevotd37c4a92017-01-23 11:56:00 +00003974 } catch (RemoteException re) {
3975 throw re.rethrowFromSystemServer();
3976 }
3977 }
3978
3979 /**
Amith Yamasani258848d2012-08-10 17:06:33 -07003980 * Updates the user's name.
3981 *
Bookatzf56f2582019-09-04 16:06:41 -07003982 * @param userId the user's integer id
Amith Yamasani258848d2012-08-10 17:06:33 -07003983 * @param name the new name for the user
3984 * @hide
3985 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02003986 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Bookatzf56f2582019-09-04 16:06:41 -07003987 public void setUserName(@UserIdInt int userId, String name) {
Amith Yamasani258848d2012-08-10 17:06:33 -07003988 try {
Bookatzf56f2582019-09-04 16:06:41 -07003989 mService.setUserName(userId, name);
Amith Yamasani258848d2012-08-10 17:06:33 -07003990 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07003991 throw re.rethrowFromSystemServer();
Amith Yamasani258848d2012-08-10 17:06:33 -07003992 }
3993 }
3994
3995 /**
Valentin Iftime89df4c82019-08-23 13:02:50 +02003996 * Updates the context user's name.
Leo Hsuab28fff2019-01-30 15:40:56 +08003997 *
3998 * @param name the new name for the user
3999 * @hide
4000 */
4001 @SystemApi
4002 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Valentin Iftime89df4c82019-08-23 13:02:50 +02004003 @UserHandleAware
Leo Hsu51839332019-03-05 16:59:04 +08004004 public void setUserName(@Nullable String name) {
Valentin Iftime89df4c82019-08-23 13:02:50 +02004005 setUserName(mUserId, name);
Leo Hsuab28fff2019-01-30 15:40:56 +08004006 }
4007
4008 /**
Amith Yamasanie928d7d2012-09-17 21:46:51 -07004009 * Sets the user's photo.
Bookatzf56f2582019-09-04 16:06:41 -07004010 * @param userId the user for whom to change the photo.
Amith Yamasanie928d7d2012-09-17 21:46:51 -07004011 * @param icon the bitmap to set as the photo.
Amith Yamasani258848d2012-08-10 17:06:33 -07004012 * @hide
4013 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02004014 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
4015 public void setUserIcon(@UserIdInt int userId, @NonNull Bitmap icon)
4016 throws UserOperationException {
Amith Yamasani258848d2012-08-10 17:06:33 -07004017 try {
Bookatzf56f2582019-09-04 16:06:41 -07004018 mService.setUserIcon(userId, icon);
Valentin Iftime89df4c82019-08-23 13:02:50 +02004019 } catch (ServiceSpecificException e) {
4020 throw UserOperationException.from(e);
Amith Yamasani258848d2012-08-10 17:06:33 -07004021 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07004022 throw re.rethrowFromSystemServer();
Amith Yamasani258848d2012-08-10 17:06:33 -07004023 }
4024 }
4025
4026 /**
Valentin Iftime89df4c82019-08-23 13:02:50 +02004027 * Sets the context user's photo.
Leo Hsuab28fff2019-01-30 15:40:56 +08004028 *
4029 * @param icon the bitmap to set as the photo.
4030 * @hide
4031 */
4032 @SystemApi
4033 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Valentin Iftime89df4c82019-08-23 13:02:50 +02004034 @UserHandleAware
4035 public void setUserIcon(@NonNull Bitmap icon) throws UserOperationException {
4036 setUserIcon(mUserId, icon);
Leo Hsuab28fff2019-01-30 15:40:56 +08004037 }
4038
4039 /**
Valentin Iftime89df4c82019-08-23 13:02:50 +02004040 * Returns a bitmap of the user's photo
Bookatzf56f2582019-09-04 16:06:41 -07004041 * @param userId the user whose photo we want to read.
Amith Yamasanie928d7d2012-09-17 21:46:51 -07004042 * @return a {@link Bitmap} of the user's photo, or null if there's no photo.
Alexandra Gherghina64d4dca2014-08-28 18:26:56 +01004043 * @see com.android.internal.util.UserIcons#getDefaultUserIcon for a default.
Amith Yamasani3b49f072012-09-17 10:21:43 -07004044 * @hide
4045 */
Andrei Onea24ec3212019-03-15 17:35:05 +00004046 @UnsupportedAppUsage
Valentin Iftime89df4c82019-08-23 13:02:50 +02004047 @RequiresPermission(anyOf = {android.Manifest.permission.MANAGE_USERS,
4048 android.Manifest.permission.GET_ACCOUNTS_PRIVILEGED})
Bookatzf56f2582019-09-04 16:06:41 -07004049 public Bitmap getUserIcon(@UserIdInt int userId) {
Amith Yamasani3b49f072012-09-17 10:21:43 -07004050 try {
Bookatzf56f2582019-09-04 16:06:41 -07004051 ParcelFileDescriptor fd = mService.getUserIcon(userId);
Adrian Roos1bdff912015-02-17 15:51:35 +01004052 if (fd != null) {
4053 try {
4054 return BitmapFactory.decodeFileDescriptor(fd.getFileDescriptor());
4055 } finally {
4056 try {
4057 fd.close();
4058 } catch (IOException e) {
4059 }
4060 }
4061 }
Amith Yamasani3b49f072012-09-17 10:21:43 -07004062 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07004063 throw re.rethrowFromSystemServer();
Amith Yamasani3b49f072012-09-17 10:21:43 -07004064 }
Adrian Roos1bdff912015-02-17 15:51:35 +01004065 return null;
Amith Yamasani3b49f072012-09-17 10:21:43 -07004066 }
4067
4068 /**
Valentin Iftime89df4c82019-08-23 13:02:50 +02004069 * Returns a Bitmap for the context user's photo.
Leo Hsuab28fff2019-01-30 15:40:56 +08004070 *
4071 * @return a {@link Bitmap} of the user's photo, or null if there's no photo.
4072 * @see com.android.internal.util.UserIcons#getDefaultUserIcon for a default.
4073 * @hide
4074 */
4075 @SystemApi
Bookatzcde3d922019-03-08 14:30:00 -08004076 @RequiresPermission(anyOf = {android.Manifest.permission.MANAGE_USERS,
4077 android.Manifest.permission.GET_ACCOUNTS_PRIVILEGED})
Valentin Iftime89df4c82019-08-23 13:02:50 +02004078 @UserHandleAware
Leo Hsu51839332019-03-05 16:59:04 +08004079 public @Nullable Bitmap getUserIcon() {
Valentin Iftime89df4c82019-08-23 13:02:50 +02004080 return getUserIcon(mUserId);
Leo Hsuab28fff2019-01-30 15:40:56 +08004081 }
4082
4083 /**
Amith Yamasani258848d2012-08-10 17:06:33 -07004084 * Returns the maximum number of users that can be created on this device. A return value
4085 * of 1 means that it is a single user device.
4086 * @hide
Maggie Benthalla12fccf2013-03-14 18:02:12 -04004087 * @return a value greater than or equal to 1
Amith Yamasani258848d2012-08-10 17:06:33 -07004088 */
Andrei Onea24ec3212019-03-15 17:35:05 +00004089 @UnsupportedAppUsage
Jeff Sharkey27bd34d2012-09-16 12:49:00 -07004090 public static int getMaxSupportedUsers() {
Amith Yamasaniff549202012-10-12 12:44:49 -07004091 // Don't allow multiple users on certain builds
4092 if (android.os.Build.ID.startsWith("JVP")) return 1;
Jeff Sharkey27bd34d2012-09-16 12:49:00 -07004093 return SystemProperties.getInt("fw.max_users",
4094 Resources.getSystem().getInteger(R.integer.config_multiuserMaximumUsers));
Amith Yamasani258848d2012-08-10 17:06:33 -07004095 }
Amith Yamasani2a003292012-08-14 18:25:45 -07004096
4097 /**
Adam Bookatz600210d2020-06-10 17:17:04 -07004098 * Returns true if the user switcher is enabled (regardless of whether there is anything
4099 * interesting for it to show).
Adam Bookatzd626fd32020-05-19 14:30:33 -07004100 *
Adam Bookatz600210d2020-06-10 17:17:04 -07004101 * @return true if user switcher is enabled
Adam Bookatzd626fd32020-05-19 14:30:33 -07004102 * @hide
Kenny Guy1a447532014-02-20 21:55:32 +00004103 */
4104 public boolean isUserSwitcherEnabled() {
Adam Bookatz600210d2020-06-10 17:17:04 -07004105 return isUserSwitcherEnabled(true);
Adam Bookatzd626fd32020-05-19 14:30:33 -07004106 }
4107
4108 /**
4109 * Returns true if the user switcher should be shown.
4110 *
4111 * @param showEvenIfNotActionable value to return if the feature is enabled but there is nothing
4112 * actionable for the user to do anyway
4113 * @return true if user switcher should be shown.
4114 * @hide
4115 */
4116 public boolean isUserSwitcherEnabled(boolean showEvenIfNotActionable) {
Fyodor Kupolovcd86ebf2015-09-29 17:06:50 -07004117 if (!supportsMultipleUsers()) {
4118 return false;
4119 }
Benjamin Franzff66fa92017-08-10 10:39:44 +01004120 if (hasUserRestriction(DISALLOW_USER_SWITCH)) {
4121 return false;
4122 }
Amith Yamasanieb437d42016-04-29 09:31:25 -07004123 // If Demo Mode is on, don't show user switcher
4124 if (isDeviceInDemoMode(mContext)) {
4125 return false;
4126 }
Adam Bookatzd626fd32020-05-19 14:30:33 -07004127 // Check the Settings.Global.USER_SWITCHER_ENABLED that the user can toggle on/off.
4128 final boolean userSwitcherSettingOn = Settings.Global.getInt(mContext.getContentResolver(),
4129 Settings.Global.USER_SWITCHER_ENABLED,
4130 Resources.getSystem().getBoolean(R.bool.config_showUserSwitcherByDefault) ? 1 : 0)
4131 != 0;
4132 if (!userSwitcherSettingOn) {
Fan Zhangc69c8b62018-06-05 13:30:11 -07004133 return false;
4134 }
Adam Bookatzd626fd32020-05-19 14:30:33 -07004135
4136 // The feature is enabled. But is it worth showing?
4137 return showEvenIfNotActionable
4138 || areThereUsersToWhichToSwitch() // There are switchable users.
4139 || !hasUserRestriction(UserManager.DISALLOW_ADD_USER); // New users can be added.
4140 }
4141
4142 /** Returns whether there are any users (other than the current user) to which to switch. */
4143 private boolean areThereUsersToWhichToSwitch() {
4144 final List<UserInfo> users = getUsers(true);
Kenny Guy1a447532014-02-20 21:55:32 +00004145 if (users == null) {
Adam Bookatzd626fd32020-05-19 14:30:33 -07004146 return false;
Kenny Guy1a447532014-02-20 21:55:32 +00004147 }
4148 int switchableUserCount = 0;
4149 for (UserInfo user : users) {
Xiaohui Chen7cb69df2015-07-13 16:01:01 -07004150 if (user.supportsSwitchToByUser()) {
Kenny Guy1a447532014-02-20 21:55:32 +00004151 ++switchableUserCount;
4152 }
4153 }
Adam Bookatzd626fd32020-05-19 14:30:33 -07004154 return switchableUserCount > 1;
Kenny Guy1a447532014-02-20 21:55:32 +00004155 }
4156
4157 /**
Amith Yamasanieb437d42016-04-29 09:31:25 -07004158 * @hide
4159 */
Andrei Onea24ec3212019-03-15 17:35:05 +00004160 @UnsupportedAppUsage
Amith Yamasanieb437d42016-04-29 09:31:25 -07004161 public static boolean isDeviceInDemoMode(Context context) {
4162 return Settings.Global.getInt(context.getContentResolver(),
4163 Settings.Global.DEVICE_DEMO_MODE, 0) > 0;
4164 }
4165
4166 /**
Bookatzf56f2582019-09-04 16:06:41 -07004167 * Returns a serial number on this device for a given userId. User handles can be recycled
Amith Yamasani2a003292012-08-14 18:25:45 -07004168 * when deleting and creating users, but serial numbers are not reused until the device is wiped.
Bookatzf56f2582019-09-04 16:06:41 -07004169 * @param userId
4170 * @return a serial number associated with that user, or -1 if the userId is not valid.
Amith Yamasani2a003292012-08-14 18:25:45 -07004171 * @hide
4172 */
Andrei Onea24ec3212019-03-15 17:35:05 +00004173 @UnsupportedAppUsage
Bookatzf56f2582019-09-04 16:06:41 -07004174 public int getUserSerialNumber(@UserIdInt int userId) {
Amith Yamasani2a003292012-08-14 18:25:45 -07004175 try {
Bookatzf56f2582019-09-04 16:06:41 -07004176 return mService.getUserSerialNumber(userId);
Amith Yamasani2a003292012-08-14 18:25:45 -07004177 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07004178 throw re.rethrowFromSystemServer();
Amith Yamasani2a003292012-08-14 18:25:45 -07004179 }
Amith Yamasani2a003292012-08-14 18:25:45 -07004180 }
4181
4182 /**
Bookatzf56f2582019-09-04 16:06:41 -07004183 * Returns a userId on this device for a given user serial number. User handles can be
Amith Yamasani2a003292012-08-14 18:25:45 -07004184 * recycled when deleting and creating users, but serial numbers are not reused until the device
4185 * is wiped.
4186 * @param userSerialNumber
Bookatzf56f2582019-09-04 16:06:41 -07004187 * @return the userId associated with that user serial number, or -1 if the serial number
Amith Yamasani2a003292012-08-14 18:25:45 -07004188 * is not valid.
4189 * @hide
4190 */
Andrei Onea24ec3212019-03-15 17:35:05 +00004191 @UnsupportedAppUsage
Jeff Sharkey8588bc12016-01-06 16:47:42 -07004192 public @UserIdInt int getUserHandle(int userSerialNumber) {
Amith Yamasani2a003292012-08-14 18:25:45 -07004193 try {
4194 return mService.getUserHandle(userSerialNumber);
4195 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07004196 throw re.rethrowFromSystemServer();
Amith Yamasani2a003292012-08-14 18:25:45 -07004197 }
Amith Yamasani2a003292012-08-14 18:25:45 -07004198 }
Maggie Benthall67944582013-02-22 14:58:27 -05004199
Amith Yamasani7e99bc02013-04-16 18:24:51 -07004200 /**
Esteban Talavera953fe482016-06-07 15:25:20 +01004201 * Returns a {@link Bundle} containing any saved application restrictions for this user, for the
Amith Yamasani7e99bc02013-04-16 18:24:51 -07004202 * given package name. Only an application with this package name can call this method.
Esteban Talavera5b9f1672015-12-11 15:22:34 +00004203 *
4204 * <p>The returned {@link Bundle} consists of key-value pairs, as defined by the application,
4205 * where the types of values may be:
4206 * <ul>
4207 * <li>{@code boolean}
4208 * <li>{@code int}
4209 * <li>{@code String} or {@code String[]}
4210 * <li>From {@link android.os.Build.VERSION_CODES#M}, {@code Bundle} or {@code Bundle[]}
4211 * </ul>
4212 *
Fyodor Kupolov4e9af062016-07-18 16:59:11 -07004213 * <p>NOTE: The method performs disk I/O and shouldn't be called on the main thread
4214 *
Amith Yamasani7e99bc02013-04-16 18:24:51 -07004215 * @param packageName the package name of the calling application
Esteban Talavera953fe482016-06-07 15:25:20 +01004216 * @return a {@link Bundle} with the restrictions for that package, or an empty {@link Bundle}
4217 * if there are no saved restrictions.
Esteban Talavera5b9f1672015-12-11 15:22:34 +00004218 *
4219 * @see #KEY_RESTRICTIONS_PENDING
Amith Yamasani7e99bc02013-04-16 18:24:51 -07004220 */
Fyodor Kupolov4e9af062016-07-18 16:59:11 -07004221 @WorkerThread
Amith Yamasani7e99bc02013-04-16 18:24:51 -07004222 public Bundle getApplicationRestrictions(String packageName) {
4223 try {
4224 return mService.getApplicationRestrictions(packageName);
4225 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07004226 throw re.rethrowFromSystemServer();
Amith Yamasani7e99bc02013-04-16 18:24:51 -07004227 }
Amith Yamasani7e99bc02013-04-16 18:24:51 -07004228 }
Amith Yamasanidf2e92a2013-03-01 17:04:38 -08004229
4230 /**
4231 * @hide
4232 */
Fyodor Kupolov4e9af062016-07-18 16:59:11 -07004233 @WorkerThread
Amith Yamasani7e99bc02013-04-16 18:24:51 -07004234 public Bundle getApplicationRestrictions(String packageName, UserHandle user) {
Amith Yamasanidf2e92a2013-03-01 17:04:38 -08004235 try {
Amith Yamasani7e99bc02013-04-16 18:24:51 -07004236 return mService.getApplicationRestrictionsForUser(packageName, user.getIdentifier());
Amith Yamasanidf2e92a2013-03-01 17:04:38 -08004237 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07004238 throw re.rethrowFromSystemServer();
Amith Yamasanidf2e92a2013-03-01 17:04:38 -08004239 }
Amith Yamasanidf2e92a2013-03-01 17:04:38 -08004240 }
4241
4242 /**
4243 * @hide
4244 */
Fyodor Kupolov4e9af062016-07-18 16:59:11 -07004245 @WorkerThread
Amith Yamasani7e99bc02013-04-16 18:24:51 -07004246 public void setApplicationRestrictions(String packageName, Bundle restrictions,
Amith Yamasanidf2e92a2013-03-01 17:04:38 -08004247 UserHandle user) {
4248 try {
Amith Yamasani7e99bc02013-04-16 18:24:51 -07004249 mService.setApplicationRestrictions(packageName, restrictions, user.getIdentifier());
Amith Yamasanidf2e92a2013-03-01 17:04:38 -08004250 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07004251 throw re.rethrowFromSystemServer();
Amith Yamasanidf2e92a2013-03-01 17:04:38 -08004252 }
4253 }
Amith Yamasani655d0e22013-06-12 14:19:10 -07004254
4255 /**
Amith Yamasanid304af62013-09-05 09:30:23 -07004256 * Sets a new challenge PIN for restrictions. This is only for use by pre-installed
4257 * apps and requires the MANAGE_USERS permission.
4258 * @param newPin the PIN to use for challenge dialogs.
4259 * @return Returns true if the challenge PIN was set successfully.
Fyodor Kupolovef249092015-05-06 13:18:46 -07004260 * @deprecated The restrictions PIN functionality is no longer provided by the system.
4261 * This method is preserved for backwards compatibility reasons and always returns false.
Amith Yamasani655d0e22013-06-12 14:19:10 -07004262 */
Aurimas Liutikas514c5ef2016-05-24 15:22:55 -07004263 @Deprecated
Amith Yamasanid304af62013-09-05 09:30:23 -07004264 public boolean setRestrictionsChallenge(String newPin) {
Amith Yamasani655d0e22013-06-12 14:19:10 -07004265 return false;
4266 }
Amith Yamasani1a7472e2013-07-02 11:17:30 -07004267
Amith Yamasanie4afaa32014-06-30 14:55:07 +05304268 /**
4269 * @hide
4270 * Set restrictions that should apply to any future guest user that's created.
4271 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02004272 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Amith Yamasanie4afaa32014-06-30 14:55:07 +05304273 public void setDefaultGuestRestrictions(Bundle restrictions) {
4274 try {
4275 mService.setDefaultGuestRestrictions(restrictions);
4276 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07004277 throw re.rethrowFromSystemServer();
Amith Yamasanie4afaa32014-06-30 14:55:07 +05304278 }
4279 }
4280
4281 /**
4282 * @hide
4283 * Gets the default guest restrictions.
4284 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02004285 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Amith Yamasanie4afaa32014-06-30 14:55:07 +05304286 public Bundle getDefaultGuestRestrictions() {
4287 try {
4288 return mService.getDefaultGuestRestrictions();
4289 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07004290 throw re.rethrowFromSystemServer();
Amith Yamasanie4afaa32014-06-30 14:55:07 +05304291 }
Amith Yamasanie4afaa32014-06-30 14:55:07 +05304292 }
Fyodor Kupolovff7233e2015-04-08 11:28:52 -07004293
4294 /**
4295 * Returns creation time of the user or of a managed profile associated with the calling user.
4296 * @param userHandle user handle of the user or a managed profile associated with the
4297 * calling user.
4298 * @return creation time in milliseconds since Epoch time.
4299 */
Fyodor Kupolov385de622015-04-10 18:00:19 -07004300 public long getUserCreationTime(UserHandle userHandle) {
Fyodor Kupolovff7233e2015-04-08 11:28:52 -07004301 try {
Fyodor Kupolov385de622015-04-10 18:00:19 -07004302 return mService.getUserCreationTime(userHandle.getIdentifier());
Fyodor Kupolovff7233e2015-04-08 11:28:52 -07004303 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07004304 throw re.rethrowFromSystemServer();
Fyodor Kupolovff7233e2015-04-08 11:28:52 -07004305 }
4306 }
Amith Yamasani12747872015-12-07 14:19:49 -08004307
4308 /**
4309 * @hide
4310 * Checks if any uninitialized user has the specific seed account name and type.
4311 *
Pavel Grafov6a40f092016-10-25 15:46:51 +01004312 * @param accountName The account name to check for
4313 * @param accountType The account type of the account to check for
Amith Yamasani12747872015-12-07 14:19:49 -08004314 * @return whether the seed account was found
4315 */
Valentin Iftime89df4c82019-08-23 13:02:50 +02004316 @RequiresPermission(android.Manifest.permission.MANAGE_USERS)
Amith Yamasani12747872015-12-07 14:19:49 -08004317 public boolean someUserHasSeedAccount(String accountName, String accountType) {
4318 try {
4319 return mService.someUserHasSeedAccount(accountName, accountType);
4320 } catch (RemoteException re) {
Jeff Sharkeyf8880562016-02-26 13:03:01 -07004321 throw re.rethrowFromSystemServer();
Amith Yamasani12747872015-12-07 14:19:49 -08004322 }
4323 }
Pavel Grafov6a40f092016-10-25 15:46:51 +01004324
4325 /**
4326 * @hide
4327 * User that enforces a restriction.
4328 *
4329 * @see #getUserRestrictionSources(String, UserHandle)
4330 */
4331 @SystemApi
4332 public static final class EnforcingUser implements Parcelable {
4333 private final @UserIdInt int userId;
4334 private final @UserRestrictionSource int userRestrictionSource;
4335
4336 /**
4337 * @hide
4338 */
4339 public EnforcingUser(
4340 @UserIdInt int userId, @UserRestrictionSource int userRestrictionSource) {
4341 this.userId = userId;
4342 this.userRestrictionSource = userRestrictionSource;
4343 }
4344
4345 private EnforcingUser(Parcel in) {
4346 userId = in.readInt();
4347 userRestrictionSource = in.readInt();
4348 }
4349
Jeff Sharkey9e8f83d2019-02-28 12:06:45 -07004350 public static final @android.annotation.NonNull Creator<EnforcingUser> CREATOR = new Creator<EnforcingUser>() {
Pavel Grafov6a40f092016-10-25 15:46:51 +01004351 @Override
4352 public EnforcingUser createFromParcel(Parcel in) {
4353 return new EnforcingUser(in);
4354 }
4355
4356 @Override
4357 public EnforcingUser[] newArray(int size) {
4358 return new EnforcingUser[size];
4359 }
4360 };
4361
4362 @Override
4363 public int describeContents() {
4364 return 0;
4365 }
4366
4367 @Override
4368 public void writeToParcel(Parcel dest, int flags) {
4369 dest.writeInt(userId);
4370 dest.writeInt(userRestrictionSource);
4371 }
4372
4373 /**
4374 * Returns an id of the enforcing user.
4375 *
4376 * <p> Will be UserHandle.USER_NULL when restriction is set by the system.
4377 */
4378 public UserHandle getUserHandle() {
4379 return UserHandle.of(userId);
4380 }
4381
4382 /**
4383 * Returns the status of the enforcing user.
4384 *
4385 * <p> One of {@link #RESTRICTION_SOURCE_SYSTEM},
4386 * {@link #RESTRICTION_SOURCE_DEVICE_OWNER} and
4387 * {@link #RESTRICTION_SOURCE_PROFILE_OWNER}
4388 */
4389 public @UserRestrictionSource int getUserRestrictionSource() {
4390 return userRestrictionSource;
4391 }
4392 }
Amith Yamasani258848d2012-08-10 17:06:33 -07004393}