Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 91293794bfe2ed9ac7bbb7b652d3fb78665d3b0f / . / services / core / java / com / android / server / pm / UserManagerService.java
blob: 102a67c8ee0758cdf2a5311f08d576335e04361e [file] [log] [blame]
Tony Mak8673b282016-03-21 21:10:59 +0000[diff] [blame]1
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]2/*
3 * Copyright (C) 2011 The Android Open Source Project
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 */
17
18package com.android.server.pm;
19
Xiaohui Chenb3b92582015-12-07 11:22:13 -0800[diff] [blame]20import android.Manifest;
Xiaohui Chen594f2082015-08-18 11:04:20 -0700[diff] [blame]21import android.annotation.NonNull;
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]22import android.annotation.Nullable;
Amith Yamasanidb6a14c2012-10-17 21:16:52 -0700[diff] [blame]23import android.app.Activity;
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]24import android.app.ActivityManager;
Amith Yamasani515d4062015-09-28 11:30:06 -0700[diff] [blame]25import android.app.ActivityManagerInternal;
Dianne Hackborn80a4af22012-08-27 19:18:31 -0700[diff] [blame]26import android.app.ActivityManagerNative;
Todd Kennedy60459ab2015-10-30 11:32:16 -0700[diff] [blame]27import android.app.IActivityManager;
Dianne Hackborn80a4af22012-08-27 19:18:31 -0700[diff] [blame]28import android.app.IStopUserCallback;
Amith Yamasanidb6a14c2012-10-17 21:16:52 -0700[diff] [blame]29import android.content.BroadcastReceiver;
Amith Yamasani258848d2012-08-10 17:06:33 -0700[diff] [blame]30import android.content.Context;
31import android.content.Intent;
Lenka Trochtovaf348e8e2016-01-07 17:20:34 +0100[diff] [blame]32import android.content.IntentFilter;
Amith Yamasani1a7472e2013-07-02 11:17:30 -0700[diff] [blame]33import android.content.pm.ApplicationInfo;
Amith Yamasani0b285492011-04-14 17:35:23 -0700[diff] [blame]34import android.content.pm.PackageManager;
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]35import android.content.pm.PackageManager.NameNotFoundException;
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]36import android.content.pm.UserInfo;
Lenka Trochtova02fee152015-12-22 14:26:18 +0100[diff] [blame]37import android.content.res.Resources;
Amith Yamasanie928d7d2012-09-17 21:46:51 -0700[diff] [blame]38import android.graphics.Bitmap;
Amith Yamasani258848d2012-08-10 17:06:33 -0700[diff] [blame]39import android.os.Binder;
Amith Yamasanie4cf7342012-12-17 11:12:09 -0800[diff] [blame]40import android.os.Bundle;
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]41import android.os.Debug;
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]42import android.os.Environment;
43import android.os.FileUtils;
Jeff Sharkeyffe0cb42012-11-05 17:24:43 -0800[diff] [blame]44import android.os.Handler;
Svet Ganov9cea80cd2016-02-16 11:47:00 -0800[diff] [blame]45import android.os.IBinder;
Amith Yamasani258848d2012-08-10 17:06:33 -0700[diff] [blame]46import android.os.IUserManager;
Fyodor Kupolov75d0ea82014-12-15 16:21:07 -0800[diff] [blame]47import android.os.Message;
Adrian Roos1bdff912015-02-17 15:51:35 +0100[diff] [blame]48import android.os.ParcelFileDescriptor;
Fyodor Kupolov262f9952015-03-23 18:55:11 -0700[diff] [blame]49import android.os.Parcelable;
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]50import android.os.PersistableBundle;
Amith Yamasani258848d2012-08-10 17:06:33 -0700[diff] [blame]51import android.os.Process;
Dianne Hackborn80a4af22012-08-27 19:18:31 -0700[diff] [blame]52import android.os.RemoteException;
Todd Kennedy60459ab2015-10-30 11:32:16 -0700[diff] [blame]53import android.os.ResultReceiver;
Oleksandr Peletskyicd6fa302016-02-25 16:28:39 +0100[diff] [blame]54import android.os.SELinux;
Jason Monk62062992014-05-06 09:55:28 -0400[diff] [blame]55import android.os.ServiceManager;
Todd Kennedy60459ab2015-10-30 11:32:16 -0700[diff] [blame]56import android.os.ShellCommand;
Dianne Hackbornf02b60a2012-08-16 10:48:27 -0700[diff] [blame]57import android.os.UserHandle;
Jeff Sharkey27bd34d2012-09-16 12:49:00 -0700[diff] [blame]58import android.os.UserManager;
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]59import android.os.UserManagerInternal;
Makoto Onukid45a4a22015-11-02 17:17:38 -0800[diff] [blame]60import android.os.UserManagerInternal.UserRestrictionsListener;
Paul Crowley85e4e812015-05-19 12:42:00 +0100[diff] [blame]61import android.os.storage.StorageManager;
Jeff Sharkey6dce4962015-07-03 18:08:41 -0700[diff] [blame]62import android.os.storage.VolumeInfo;
63import android.system.ErrnoException;
64import android.system.Os;
65import android.system.OsConstants;
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]66import android.util.AtomicFile;
Amith Yamasani655d0e22013-06-12 14:19:10 -0700[diff] [blame]67import android.util.Log;
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]68import android.util.Slog;
69import android.util.SparseArray;
Jeff Sharkeyffe0cb42012-11-05 17:24:43 -0800[diff] [blame]70import android.util.SparseBooleanArray;
Amith Yamasani920ace02012-09-20 22:15:37 -0700[diff] [blame]71import android.util.TimeUtils;
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]72import android.util.Xml;
73
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]74import com.android.internal.annotations.GuardedBy;
Fyodor Kupolov262f9952015-03-23 18:55:11 -0700[diff] [blame]75import com.android.internal.annotations.VisibleForTesting;
Jason Monk62062992014-05-06 09:55:28 -0400[diff] [blame]76import com.android.internal.app.IAppOpsService;
Fyodor Kupolov8385e4b2015-12-29 18:15:32 -0800[diff] [blame]77import com.android.internal.logging.MetricsLogger;
Jeff Sharkeyffe0cb42012-11-05 17:24:43 -0800[diff] [blame]78import com.android.internal.util.FastXmlSerializer;
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]79import com.android.internal.util.Preconditions;
Fyodor Kupolov262f9952015-03-23 18:55:11 -0700[diff] [blame]80import com.android.internal.util.XmlUtils;
Clara Bayarri10ad84a2015-12-01 17:38:05 +0000[diff] [blame]81import com.android.internal.widget.LockPatternUtils;
Amith Yamasani515d4062015-09-28 11:30:06 -0700[diff] [blame]82import com.android.server.LocalServices;
Jeff Sharkey47f71082016-02-01 17:03:54 -0700[diff] [blame]83
84import libcore.io.IoUtils;
85import libcore.util.Objects;
Jeff Sharkeyffe0cb42012-11-05 17:24:43 -0800[diff] [blame]86
87import org.xmlpull.v1.XmlPullParser;
88import org.xmlpull.v1.XmlPullParserException;
89import org.xmlpull.v1.XmlSerializer;
90
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]91import java.io.BufferedOutputStream;
92import java.io.File;
Amith Yamasani920ace02012-09-20 22:15:37 -0700[diff] [blame]93import java.io.FileDescriptor;
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]94import java.io.FileInputStream;
Amith Yamasanib8151ec2012-04-18 18:02:48 -0700[diff] [blame]95import java.io.FileNotFoundException;
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]96import java.io.FileOutputStream;
97import java.io.IOException;
Amith Yamasani920ace02012-09-20 22:15:37 -0700[diff] [blame]98import java.io.PrintWriter;
Wojciech Staszkiewicz9e9e2e72015-05-08 14:58:46 +0100[diff] [blame]99import java.nio.charset.StandardCharsets;
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]100import java.util.ArrayList;
101import java.util.List;
102
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]103/**
104 * Service for {@link UserManager}.
105 *
106 * Method naming convention:
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]107 * <ul>
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]108 * <li> Methods suffixed with "LP" should be called within the {@link #mPackagesLock} lock.
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]109 * <li> Methods suffixed with "LR" should be called within the {@link #mRestrictionsLock} lock.
110 * <li> Methods suffixed with "LU" should be called within the {@link #mUsersLock} lock.
111 * </ul>
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]112 */
Amith Yamasani258848d2012-08-10 17:06:33 -0700[diff] [blame]113public class UserManagerService extends IUserManager.Stub {
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]114 private static final String LOG_TAG = "UserManagerService";
Makoto Onuki81c61ea2016-01-22 11:22:26 -0800[diff] [blame]115 static final boolean DBG = false; // DO NOT SUBMIT WITH TRUE
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]116 private static final boolean DBG_WITH_STACKTRACE = false; // DO NOT SUBMIT WITH TRUE
Amith Yamasani16389312012-10-17 21:20:14 -0700[diff] [blame]117
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]118 private static final String TAG_NAME = "name";
Xiaohui Chenb3b92582015-12-07 11:22:13 -0800[diff] [blame]119 private static final String TAG_ACCOUNT = "account";
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]120 private static final String ATTR_FLAGS = "flags";
Amith Yamasanib8151ec2012-04-18 18:02:48 -0700[diff] [blame]121 private static final String ATTR_ICON_PATH = "icon";
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]122 private static final String ATTR_ID = "id";
Amith Yamasani920ace02012-09-20 22:15:37 -0700[diff] [blame]123 private static final String ATTR_CREATION_TIME = "created";
124 private static final String ATTR_LAST_LOGGED_IN_TIME = "lastLoggedIn";
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]125 private static final String ATTR_SERIAL_NO = "serialNumber";
126 private static final String ATTR_NEXT_SERIAL_NO = "nextSerialNumber";
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]127 private static final String ATTR_PARTIAL = "partial";
Adam Lesinskieddeb492014-09-08 17:50:03 -0700[diff] [blame]128 private static final String ATTR_GUEST_TO_REMOVE = "guestToRemove";
Amith Yamasani6f34b412012-10-22 18:19:27 -0700[diff] [blame]129 private static final String ATTR_USER_VERSION = "version";
Kenny Guy2a764942014-04-02 13:29:20 +0100[diff] [blame]130 private static final String ATTR_PROFILE_GROUP_ID = "profileGroupId";
Fyodor Kupolov06a484a2015-08-21 16:33:20 -0700[diff] [blame]131 private static final String ATTR_RESTRICTED_PROFILE_PARENT_ID = "restrictedProfileParentId";
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]132 private static final String ATTR_SEED_ACCOUNT_NAME = "seedAccountName";
133 private static final String ATTR_SEED_ACCOUNT_TYPE = "seedAccountType";
Amith Yamasanie4afaa32014-06-30 14:55:07 +0530[diff] [blame]134 private static final String TAG_GUEST_RESTRICTIONS = "guestRestrictions";
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]135 private static final String TAG_USERS = "users";
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]136 private static final String TAG_USER = "user";
Amith Yamasanie4cf7342012-12-17 11:12:09 -0800[diff] [blame]137 private static final String TAG_RESTRICTIONS = "restrictions";
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]138 private static final String TAG_DEVICE_POLICY_RESTRICTIONS = "device_policy_restrictions";
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]139 private static final String TAG_ENTRY = "entry";
140 private static final String TAG_VALUE = "value";
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]141 private static final String TAG_SEED_ACCOUNT_OPTIONS = "seedAccountOptions";
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]142 private static final String ATTR_KEY = "key";
Amith Yamasani7e99bc02013-04-16 18:24:51 -0700[diff] [blame]143 private static final String ATTR_VALUE_TYPE = "type";
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]144 private static final String ATTR_MULTIPLE = "m";
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]145
Amith Yamasani7e99bc02013-04-16 18:24:51 -0700[diff] [blame]146 private static final String ATTR_TYPE_STRING_ARRAY = "sa";
147 private static final String ATTR_TYPE_STRING = "s";
148 private static final String ATTR_TYPE_BOOLEAN = "b";
Amith Yamasani5b5aa402014-06-01 20:10:14 -0700[diff] [blame]149 private static final String ATTR_TYPE_INTEGER = "i";
Fyodor Kupolov262f9952015-03-23 18:55:11 -0700[diff] [blame]150 private static final String ATTR_TYPE_BUNDLE = "B";
151 private static final String ATTR_TYPE_BUNDLE_ARRAY = "BA";
Amith Yamasani7e99bc02013-04-16 18:24:51 -0700[diff] [blame]152
Amith Yamasani0b285492011-04-14 17:35:23 -0700[diff] [blame]153 private static final String USER_INFO_DIR = "system" + File.separator + "users";
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]154 private static final String USER_LIST_FILENAME = "userlist.xml";
Amith Yamasanib8151ec2012-04-18 18:02:48 -0700[diff] [blame]155 private static final String USER_PHOTO_FILENAME = "photo.png";
Adrian Roos1bdff912015-02-17 15:51:35 +0100[diff] [blame]156 private static final String USER_PHOTO_FILENAME_TMP = USER_PHOTO_FILENAME + ".tmp";
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]157
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]158 private static final String RESTRICTIONS_FILE_PREFIX = "res_";
Amith Yamasanifc95e702013-09-26 13:20:17 -0700[diff] [blame]159 private static final String XML_SUFFIX = ".xml";
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]160
Amith Yamasani634cf312012-10-04 17:34:21 -0700[diff] [blame]161 private static final int MIN_USER_ID = 10;
Xiaohui Chen621b3fc2015-10-02 14:41:42 -0700[diff] [blame]162 // We need to keep process uid within Integer.MAX_VALUE.
163 private static final int MAX_USER_ID = Integer.MAX_VALUE / UserHandle.PER_USER_RANGE;
Amith Yamasani634cf312012-10-04 17:34:21 -0700[diff] [blame]164
Fyodor Kupolov1c363152015-09-02 13:27:21 -0700[diff] [blame]165 private static final int USER_VERSION = 6;
Amith Yamasani6f34b412012-10-22 18:19:27 -0700[diff] [blame]166
Amith Yamasani920ace02012-09-20 22:15:37 -0700[diff] [blame]167 private static final long EPOCH_PLUS_30_YEARS = 30L * 365 * 24 * 60 * 60 * 1000L; // ms
168
Nicolas Prevotb8186812015-08-06 15:00:03 +0100[diff] [blame]169 // Maximum number of managed profiles permitted per user is 1. This cannot be increased
Amith Yamasani95ab7842014-08-11 17:09:26 -0700[diff] [blame]170 // without first making sure that the rest of the framework is prepared for it.
171 private static final int MAX_MANAGED_PROFILES = 1;
172
Fyodor Kupolov75d0ea82014-12-15 16:21:07 -0800[diff] [blame]173 static final int WRITE_USER_MSG = 1;
174 static final int WRITE_USER_DELAY = 2*1000; // 2 seconds
Amith Yamasanie4afaa32014-06-30 14:55:07 +0530[diff] [blame]175
Jeff Sharkey6dce4962015-07-03 18:08:41 -0700[diff] [blame]176 private static final String XATTR_SERIAL = "user.serial";
177
Fyodor Kupolov8385e4b2015-12-29 18:15:32 -0800[diff] [blame]178 // Tron counters
179 private static final String TRON_GUEST_CREATED = "users_guest_created";
180 private static final String TRON_USER_CREATED = "users_user_created";
181
Dianne Hackborn4428e172012-08-24 17:43:05 -0700[diff] [blame]182 private final Context mContext;
183 private final PackageManagerService mPm;
Dianne Hackborn4428e172012-08-24 17:43:05 -0700[diff] [blame]184 private final Object mPackagesLock;
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]185 // Short-term lock for internal state, when interaction/sync with PM is not required
186 private final Object mUsersLock = new Object();
187 private final Object mRestrictionsLock = new Object();
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]188
Jeff Sharkeyffe0cb42012-11-05 17:24:43 -0800[diff] [blame]189 private final Handler mHandler;
190
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]191 private final File mUsersDir;
192 private final File mUserListFile;
Dianne Hackborn4428e172012-08-24 17:43:05 -0700[diff] [blame]193
Svet Ganov9cea80cd2016-02-16 11:47:00 -0800[diff] [blame]194 private static final IBinder mUserRestriconToken = new Binder();
195
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]196 /**
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]197 * User-related information that is used for persisting to flash. Only UserInfo is
198 * directly exposed to other system apps.
Xiaohui Chenb3b92582015-12-07 11:22:13 -0800[diff] [blame]199 */
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]200 private static class UserData {
201 // Basic user information and properties
202 UserInfo info;
203 // Account name used when there is a strong association between a user and an account
204 String account;
205 // Account information for seeding into a newly created user. This could also be
206 // used for login validation for an existing user, for updating their credentials.
207 // In the latter case, data may not need to be persisted as it is only valid for the
208 // current login session.
209 String seedAccountName;
210 String seedAccountType;
211 PersistableBundle seedAccountOptions;
212 // Whether to perist the seed account information to be available after a boot
213 boolean persistSeedData;
214
215 void clearSeedAccountData() {
216 seedAccountName = null;
217 seedAccountType = null;
218 seedAccountOptions = null;
219 persistSeedData = false;
220 }
221 }
222
Xiaohui Chenb3b92582015-12-07 11:22:13 -0800[diff] [blame]223 @GuardedBy("mUsersLock")
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]224 private final SparseArray<UserData> mUsers = new SparseArray<>();
Xiaohui Chenb3b92582015-12-07 11:22:13 -0800[diff] [blame]225
226 /**
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]227 * User restrictions set via UserManager. This doesn't include restrictions set by
228 * device owner / profile owners.
229 *
230 * DO NOT Change existing {@link Bundle} in it. When changing a restriction for a user,
231 * a new {@link Bundle} should always be created and set. This is because a {@link Bundle}
232 * maybe shared between {@link #mBaseUserRestrictions} and
233 * {@link #mCachedEffectiveUserRestrictions}, but they should always updated separately.
234 * (Otherwise we won't be able to detect what restrictions have changed in
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]235 * {@link #updateUserRestrictionsInternalLR}.
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]236 */
237 @GuardedBy("mRestrictionsLock")
238 private final SparseArray<Bundle> mBaseUserRestrictions = new SparseArray<>();
239
240 /**
241 * Cached user restrictions that are in effect -- i.e. {@link #mBaseUserRestrictions} combined
242 * with device / profile owner restrictions. We'll initialize it lazily; use
243 * {@link #getEffectiveUserRestrictions} to access it.
244 *
245 * DO NOT Change existing {@link Bundle} in it. When changing a restriction for a user,
246 * a new {@link Bundle} should always be created and set. This is because a {@link Bundle}
247 * maybe shared between {@link #mBaseUserRestrictions} and
248 * {@link #mCachedEffectiveUserRestrictions}, but they should always updated separately.
249 * (Otherwise we won't be able to detect what restrictions have changed in
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]250 * {@link #updateUserRestrictionsInternalLR}.
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]251 */
252 @GuardedBy("mRestrictionsLock")
253 private final SparseArray<Bundle> mCachedEffectiveUserRestrictions = new SparseArray<>();
254
Makoto Onuki4f160732015-10-27 17:15:38 -0700[diff] [blame]255 /**
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]256 * User restrictions that have already been applied in
257 * {@link #updateUserRestrictionsInternalLR(Bundle, int)}. We use it to detect restrictions
258 * that have changed since the last
259 * {@link #updateUserRestrictionsInternalLR(Bundle, int)} call.
Makoto Onuki4f160732015-10-27 17:15:38 -0700[diff] [blame]260 */
261 @GuardedBy("mRestrictionsLock")
262 private final SparseArray<Bundle> mAppliedUserRestrictions = new SparseArray<>();
263
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]264 /**
Makoto Onukie7927da2015-11-25 10:05:17 -0800[diff] [blame]265 * User restrictions set by {@link com.android.server.devicepolicy.DevicePolicyManagerService}
266 * that should be applied to all users, including guests.
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]267 */
268 @GuardedBy("mRestrictionsLock")
269 private Bundle mDevicePolicyGlobalUserRestrictions;
270
271 /**
Makoto Onukie7927da2015-11-25 10:05:17 -0800[diff] [blame]272 * User restrictions set by {@link com.android.server.devicepolicy.DevicePolicyManagerService}
273 * for each user.
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]274 */
275 @GuardedBy("mRestrictionsLock")
276 private final SparseArray<Bundle> mDevicePolicyLocalUserRestrictions = new SparseArray<>();
277
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]278 @GuardedBy("mGuestRestrictions")
Amith Yamasanie4afaa32014-06-30 14:55:07 +0530[diff] [blame]279 private final Bundle mGuestRestrictions = new Bundle();
Jeff Sharkeyffe0cb42012-11-05 17:24:43 -0800[diff] [blame]280
281 /**
282 * Set of user IDs being actively removed. Removed IDs linger in this set
283 * for several seconds to work around a VFS caching issue.
284 */
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]285 @GuardedBy("mUsersLock")
Jeff Sharkeyffe0cb42012-11-05 17:24:43 -0800[diff] [blame]286 private final SparseBooleanArray mRemovingUserIds = new SparseBooleanArray();
Dianne Hackborn4428e172012-08-24 17:43:05 -0700[diff] [blame]287
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]288 @GuardedBy("mUsersLock")
Amith Yamasani0b285492011-04-14 17:35:23 -0700[diff] [blame]289 private int[] mUserIds;
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]290 @GuardedBy("mPackagesLock")
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]291 private int mNextSerialNumber;
Amith Yamasani6f34b412012-10-22 18:19:27 -0700[diff] [blame]292 private int mUserVersion = 0;
Amith Yamasani0b285492011-04-14 17:35:23 -0700[diff] [blame]293
Jason Monk62062992014-05-06 09:55:28 -0400[diff] [blame]294 private IAppOpsService mAppOpsService;
295
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]296 private final LocalService mLocalService;
297
Makoto Onukie7927da2015-11-25 10:05:17 -0800[diff] [blame]298 @GuardedBy("mUsersLock")
299 private boolean mIsDeviceManaged;
300
301 @GuardedBy("mUsersLock")
302 private final SparseBooleanArray mIsUserManaged = new SparseBooleanArray();
303
Makoto Onukid45a4a22015-11-02 17:17:38 -0800[diff] [blame]304 @GuardedBy("mUserRestrictionsListeners")
305 private final ArrayList<UserRestrictionsListener> mUserRestrictionsListeners =
306 new ArrayList<>();
307
Clara Bayarria1771112015-12-18 16:29:18 +0000[diff] [blame]308 private final LockPatternUtils mLockPatternUtils;
309
Lenka Trochtovaf348e8e2016-01-07 17:20:34 +0100[diff] [blame]310 /**
311 * Whether all users should be created ephemeral.
312 */
313 @GuardedBy("mUsersLock")
314 private boolean mForceEphemeralUsers;
315
Amith Yamasani258848d2012-08-10 17:06:33 -0700[diff] [blame]316 private static UserManagerService sInstance;
Amith Yamasani258848d2012-08-10 17:06:33 -0700[diff] [blame]317
Dianne Hackborn4428e172012-08-24 17:43:05 -0700[diff] [blame]318 public static UserManagerService getInstance() {
319 synchronized (UserManagerService.class) {
320 return sInstance;
Amith Yamasani258848d2012-08-10 17:06:33 -0700[diff] [blame]321 }
Amith Yamasani258848d2012-08-10 17:06:33 -0700[diff] [blame]322 }
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]323
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]324 @VisibleForTesting
325 UserManagerService(File dataDir) {
326 this(null, null, new Object(), dataDir);
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]327 }
328
Dianne Hackborn4428e172012-08-24 17:43:05 -0700[diff] [blame]329 /**
330 * Called by package manager to create the service. This is closely
331 * associated with the package manager, and the given lock is the
332 * package manager's own lock.
333 */
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]334 UserManagerService(Context context, PackageManagerService pm, Object packagesLock) {
335 this(context, pm, packagesLock, Environment.getDataDirectory());
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]336 }
337
Dianne Hackborn4428e172012-08-24 17:43:05 -0700[diff] [blame]338 private UserManagerService(Context context, PackageManagerService pm,
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]339 Object packagesLock, File dataDir) {
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]340 mContext = context;
341 mPm = pm;
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]342 mPackagesLock = packagesLock;
Fyodor Kupolov75d0ea82014-12-15 16:21:07 -0800[diff] [blame]343 mHandler = new MainHandler();
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]344 synchronized (mPackagesLock) {
345 mUsersDir = new File(dataDir, USER_INFO_DIR);
346 mUsersDir.mkdirs();
347 // Make zeroth user directory, for services to migrate their files to that location
348 File userZeroDir = new File(mUsersDir, String.valueOf(UserHandle.USER_SYSTEM));
349 userZeroDir.mkdirs();
350 FileUtils.setPermissions(mUsersDir.toString(),
351 FileUtils.S_IRWXU | FileUtils.S_IRWXG | FileUtils.S_IROTH | FileUtils.S_IXOTH,
352 -1, -1);
353 mUserListFile = new File(mUsersDir, USER_LIST_FILENAME);
354 initDefaultGuestRestrictions();
355 readUserListLP();
356 sInstance = this;
Xiaohui Chen4be96e42015-05-06 09:55:43 -0700[diff] [blame]357 }
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]358 mLocalService = new LocalService();
359 LocalServices.addService(UserManagerInternal.class, mLocalService);
Clara Bayarria1771112015-12-18 16:29:18 +0000[diff] [blame]360 mLockPatternUtils = new LockPatternUtils(mContext);
Xiaohui Chen4be96e42015-05-06 09:55:43 -0700[diff] [blame]361 }
362
363 void systemReady() {
Lenka Trochtovac4dd0212015-11-18 12:22:06 +0100[diff] [blame]364 // Prune out any partially created, partially removed and ephemeral users.
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]365 ArrayList<UserInfo> partials = new ArrayList<>();
366 synchronized (mUsersLock) {
367 final int userSize = mUsers.size();
368 for (int i = 0; i < userSize; i++) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]369 UserInfo ui = mUsers.valueAt(i).info;
Lenka Trochtovac4dd0212015-11-18 12:22:06 +0100[diff] [blame]370 if ((ui.partial || ui.guestToRemove || ui.isEphemeral()) && i != 0) {
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]371 partials.add(ui);
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]372 }
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]373 }
Dianne Hackborn4428e172012-08-24 17:43:05 -0700[diff] [blame]374 }
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]375 final int partialsSize = partials.size();
376 for (int i = 0; i < partialsSize; i++) {
377 UserInfo ui = partials.get(i);
378 Slog.w(LOG_TAG, "Removing partially created user " + ui.id
379 + " (name=" + ui.name + ")");
380 removeUserState(ui.id);
381 }
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]382
Xiaohui Chen70f6c382015-04-28 14:21:43 -0700[diff] [blame]383 onUserForeground(UserHandle.USER_SYSTEM);
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]384
Jason Monk62062992014-05-06 09:55:28 -0400[diff] [blame]385 mAppOpsService = IAppOpsService.Stub.asInterface(
386 ServiceManager.getService(Context.APP_OPS_SERVICE));
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]387
388 synchronized (mRestrictionsLock) {
389 applyUserRestrictionsLR(UserHandle.USER_SYSTEM);
Jason Monk62062992014-05-06 09:55:28 -0400[diff] [blame]390 }
Samuel Tand9453b82016-03-14 15:57:02 -0700[diff] [blame]391
392 UserInfo currentGuestUser = findCurrentGuestUser();
393 if (currentGuestUser != null && !hasUserRestriction(
394 UserManager.DISALLOW_CONFIG_WIFI, currentGuestUser.id)) {
395 // If a guest user currently exists, apply the DISALLOW_CONFIG_WIFI option
396 // to it, in case this guest was created in a previous version where this
397 // user restriction was not a default guest restriction.
398 setUserRestriction(UserManager.DISALLOW_CONFIG_WIFI, true, currentGuestUser.id);
399 }
Amith Yamasani258848d2012-08-10 17:06:33 -0700[diff] [blame]400 }
401
402 @Override
Xiaohui Chenb3b92582015-12-07 11:22:13 -0800[diff] [blame]403 public String getUserAccount(int userId) {
404 checkManageUserAndAcrossUsersFullPermission("get user account");
405 synchronized (mUsersLock) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]406 return mUsers.get(userId).account;
Xiaohui Chenb3b92582015-12-07 11:22:13 -0800[diff] [blame]407 }
408 }
409
410 @Override
411 public void setUserAccount(int userId, String accountName) {
412 checkManageUserAndAcrossUsersFullPermission("set user account");
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]413 UserData userToUpdate = null;
Xiaohui Chenb3b92582015-12-07 11:22:13 -0800[diff] [blame]414 synchronized (mPackagesLock) {
415 synchronized (mUsersLock) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]416 final UserData userData = mUsers.get(userId);
417 if (userData == null) {
418 Slog.e(LOG_TAG, "User not found for setting user account: u" + userId);
419 return;
420 }
421 String currentAccount = userData.account;
Xiaohui Chenb3b92582015-12-07 11:22:13 -0800[diff] [blame]422 if (!Objects.equal(currentAccount, accountName)) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]423 userData.account = accountName;
424 userToUpdate = userData;
Xiaohui Chenb3b92582015-12-07 11:22:13 -0800[diff] [blame]425 }
426 }
427
428 if (userToUpdate != null) {
429 writeUserLP(userToUpdate);
430 }
431 }
432 }
433
434 @Override
Xiaohui Chen70f6c382015-04-28 14:21:43 -0700[diff] [blame]435 public UserInfo getPrimaryUser() {
436 checkManageUsersPermission("query users");
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]437 synchronized (mUsersLock) {
Amith Yamasani515d4062015-09-28 11:30:06 -0700[diff] [blame]438 final int userSize = mUsers.size();
439 for (int i = 0; i < userSize; i++) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]440 UserInfo ui = mUsers.valueAt(i).info;
Xiaohui Chend3e9e182015-11-18 13:37:32 -0800[diff] [blame]441 if (ui.isPrimary() && !mRemovingUserIds.get(ui.id)) {
Xiaohui Chen70f6c382015-04-28 14:21:43 -0700[diff] [blame]442 return ui;
443 }
444 }
445 }
446 return null;
447 }
448
449 @Override
Xiaohui Chen594f2082015-08-18 11:04:20 -0700[diff] [blame]450 public @NonNull List<UserInfo> getUsers(boolean excludeDying) {
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]451 checkManageUsersPermission("query users");
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]452 synchronized (mUsersLock) {
Amith Yamasani13593602012-03-22 16:16:17 -0700[diff] [blame]453 ArrayList<UserInfo> users = new ArrayList<UserInfo>(mUsers.size());
Amith Yamasani515d4062015-09-28 11:30:06 -0700[diff] [blame]454 final int userSize = mUsers.size();
455 for (int i = 0; i < userSize; i++) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]456 UserInfo ui = mUsers.valueAt(i).info;
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]457 if (ui.partial) {
458 continue;
459 }
Jeff Sharkeyffe0cb42012-11-05 17:24:43 -0800[diff] [blame]460 if (!excludeDying || !mRemovingUserIds.get(ui.id)) {
Amith Yamasani6f48d6e2016-03-23 14:28:25 -0700[diff] [blame]461 users.add(userWithName(ui));
Amith Yamasani920ace02012-09-20 22:15:37 -0700[diff] [blame]462 }
Amith Yamasani13593602012-03-22 16:16:17 -0700[diff] [blame]463 }
464 return users;
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]465 }
Amith Yamasani13593602012-03-22 16:16:17 -0700[diff] [blame]466 }
467
Amith Yamasani258848d2012-08-10 17:06:33 -0700[diff] [blame]468 @Override
Alexandra Gherghina385124d2014-04-03 13:37:39 +0100[diff] [blame]469 public List<UserInfo> getProfiles(int userId, boolean enabledOnly) {
Amith Yamasani4f582632014-02-19 14:31:52 -0800[diff] [blame]470 if (userId != UserHandle.getCallingUserId()) {
471 checkManageUsersPermission("getting profiles related to user " + userId);
472 }
Amith Yamasanibe465322014-04-24 13:45:17 -0700[diff] [blame]473 final long ident = Binder.clearCallingIdentity();
474 try {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]475 synchronized (mUsersLock) {
476 return getProfilesLU(userId, enabledOnly);
Alexandra Gherghina385124d2014-04-03 13:37:39 +0100[diff] [blame]477 }
Amith Yamasanibe465322014-04-24 13:45:17 -0700[diff] [blame]478 } finally {
479 Binder.restoreCallingIdentity(ident);
Kenny Guya52dc3e2014-02-11 15:33:14 +0000[diff] [blame]480 }
481 }
482
Amith Yamasanibe465322014-04-24 13:45:17 -0700[diff] [blame]483 /** Assume permissions already checked and caller's identity cleared */
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]484 private List<UserInfo> getProfilesLU(int userId, boolean enabledOnly) {
485 UserInfo user = getUserInfoLU(userId);
Amith Yamasanibe465322014-04-24 13:45:17 -0700[diff] [blame]486 ArrayList<UserInfo> users = new ArrayList<UserInfo>(mUsers.size());
Amith Yamasanidda003f2014-08-28 18:06:51 -0700[diff] [blame]487 if (user == null) {
488 // Probably a dying user
489 return users;
490 }
Amith Yamasani515d4062015-09-28 11:30:06 -0700[diff] [blame]491 final int userSize = mUsers.size();
492 for (int i = 0; i < userSize; i++) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]493 UserInfo profile = mUsers.valueAt(i).info;
Amith Yamasanibe465322014-04-24 13:45:17 -0700[diff] [blame]494 if (!isProfileOf(user, profile)) {
495 continue;
496 }
Alexandra Gherghinadf35d572014-04-09 13:54:39 +0100[diff] [blame]497 if (enabledOnly && !profile.isEnabled()) {
498 continue;
Amith Yamasanibe465322014-04-24 13:45:17 -0700[diff] [blame]499 }
Amith Yamasani70fcf0c2014-07-11 08:40:19 -0700[diff] [blame]500 if (mRemovingUserIds.get(profile.id)) {
501 continue;
502 }
Amith Yamasani6f48d6e2016-03-23 14:28:25 -0700[diff] [blame]503 users.add(userWithName(profile));
Amith Yamasanibe465322014-04-24 13:45:17 -0700[diff] [blame]504 }
505 return users;
506 }
507
Jessica Hummelbe81c802014-04-22 15:49:22 +0100[diff] [blame]508 @Override
Andres Moralesc5548c02015-08-05 10:23:12 -0700[diff] [blame]509 public int getCredentialOwnerProfile(int userHandle) {
510 checkManageUsersPermission("get the credential owner");
Clara Bayarria1771112015-12-18 16:29:18 +0000[diff] [blame]511 if (!mLockPatternUtils.isSeparateProfileChallengeEnabled(userHandle)) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]512 synchronized (mUsersLock) {
513 UserInfo profileParent = getProfileParentLU(userHandle);
Andres Moralesc5548c02015-08-05 10:23:12 -0700[diff] [blame]514 if (profileParent != null) {
515 return profileParent.id;
516 }
517 }
518 }
519
520 return userHandle;
521 }
522
523 @Override
Xiaohui Chenfd5b7742015-10-14 15:47:04 -0700[diff] [blame]524 public boolean isSameProfileGroup(int userId, int otherUserId) {
525 if (userId == otherUserId) return true;
526 checkManageUsersPermission("check if in the same profile group");
527 synchronized (mPackagesLock) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]528 return isSameProfileGroupLP(userId, otherUserId);
Xiaohui Chenfd5b7742015-10-14 15:47:04 -0700[diff] [blame]529 }
530 }
531
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]532 private boolean isSameProfileGroupLP(int userId, int otherUserId) {
533 synchronized (mUsersLock) {
534 UserInfo userInfo = getUserInfoLU(userId);
535 if (userInfo == null || userInfo.profileGroupId == UserInfo.NO_PROFILE_GROUP_ID) {
536 return false;
537 }
538 UserInfo otherUserInfo = getUserInfoLU(otherUserId);
539 if (otherUserInfo == null
540 || otherUserInfo.profileGroupId == UserInfo.NO_PROFILE_GROUP_ID) {
541 return false;
542 }
543 return userInfo.profileGroupId == otherUserInfo.profileGroupId;
Xiaohui Chenfd5b7742015-10-14 15:47:04 -0700[diff] [blame]544 }
Xiaohui Chenfd5b7742015-10-14 15:47:04 -0700[diff] [blame]545 }
546
547 @Override
Jessica Hummelbe81c802014-04-22 15:49:22 +0100[diff] [blame]548 public UserInfo getProfileParent(int userHandle) {
549 checkManageUsersPermission("get the profile parent");
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]550 synchronized (mUsersLock) {
551 return getProfileParentLU(userHandle);
Fyodor Kupolovff7233e2015-04-08 11:28:52 -0700[diff] [blame]552 }
553 }
554
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]555 private UserInfo getProfileParentLU(int userHandle) {
556 UserInfo profile = getUserInfoLU(userHandle);
Fyodor Kupolovff7233e2015-04-08 11:28:52 -0700[diff] [blame]557 if (profile == null) {
558 return null;
559 }
560 int parentUserId = profile.profileGroupId;
561 if (parentUserId == UserInfo.NO_PROFILE_GROUP_ID) {
562 return null;
563 } else {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]564 return getUserInfoLU(parentUserId);
Jessica Hummelbe81c802014-04-22 15:49:22 +0100[diff] [blame]565 }
566 }
567
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]568 private static boolean isProfileOf(UserInfo user, UserInfo profile) {
Kenny Guy2a764942014-04-02 13:29:20 +0100[diff] [blame]569 return user.id == profile.id ||
570 (user.profileGroupId != UserInfo.NO_PROFILE_GROUP_ID
571 && user.profileGroupId == profile.profileGroupId);
Kenny Guya52dc3e2014-02-11 15:33:14 +0000[diff] [blame]572 }
573
Rubin Xu0a29ecd2015-11-04 15:11:48 +0000[diff] [blame]574 private void broadcastProfileAvailabilityChanges(UserHandle profileHandle,
Rubin Xuf13c9802016-01-21 18:06:00 +0000[diff] [blame]575 UserHandle parentHandle, boolean inQuietMode) {
576 Intent intent = new Intent(Intent.ACTION_MANAGED_PROFILE_AVAILABILITY_CHANGED);
577 intent.putExtra(Intent.EXTRA_QUIET_MODE, inQuietMode);
578 intent.putExtra(Intent.EXTRA_USER, profileHandle);
579 intent.putExtra(Intent.EXTRA_USER_HANDLE, profileHandle.getIdentifier());
Rubin Xu0a29ecd2015-11-04 15:11:48 +0000[diff] [blame]580 intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY);
Rubin Xuf13c9802016-01-21 18:06:00 +0000[diff] [blame]581 mContext.sendBroadcastAsUser(intent, parentHandle);
Rubin Xu0a29ecd2015-11-04 15:11:48 +0000[diff] [blame]582 }
583
584 @Override
585 public void setQuietModeEnabled(int userHandle, boolean enableQuietMode) {
586 checkManageUsersPermission("silence profile");
587 boolean changed = false;
588 UserInfo profile, parent;
589 synchronized (mPackagesLock) {
590 synchronized (mUsersLock) {
591 profile = getUserInfoLU(userHandle);
592 parent = getProfileParentLU(userHandle);
593
594 }
595 if (profile == null || !profile.isManagedProfile()) {
596 throw new IllegalArgumentException("User " + userHandle + " is not a profile");
597 }
598 if (profile.isQuietModeEnabled() != enableQuietMode) {
599 profile.flags ^= UserInfo.FLAG_QUIET_MODE;
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]600 writeUserLP(getUserDataLU(profile.id));
Rubin Xu0a29ecd2015-11-04 15:11:48 +0000[diff] [blame]601 changed = true;
602 }
603 }
604 if (changed) {
Rubin Xuf13c9802016-01-21 18:06:00 +0000[diff] [blame]605 long identity = Binder.clearCallingIdentity();
606 try {
607 if (enableQuietMode) {
608 ActivityManagerNative.getDefault().stopUser(userHandle, /* force */true, null);
609 } else {
610 ActivityManagerNative.getDefault().startUserInBackground(userHandle);
611 }
612 } catch (RemoteException e) {
613 Slog.e(LOG_TAG, "fail to start/stop user for quiet mode", e);
614 } finally {
615 Binder.restoreCallingIdentity(identity);
616 }
617
618 broadcastProfileAvailabilityChanges(profile.getUserHandle(), parent.getUserHandle(),
619 enableQuietMode);
Rubin Xu0a29ecd2015-11-04 15:11:48 +0000[diff] [blame]620 }
621 }
622
623 @Override
624 public boolean isQuietModeEnabled(int userHandle) {
625 synchronized (mPackagesLock) {
626 UserInfo info;
627 synchronized (mUsersLock) {
628 info = getUserInfoLU(userHandle);
629 }
630 if (info == null || !info.isManagedProfile()) {
Rubin Xuf13c9802016-01-21 18:06:00 +0000[diff] [blame]631 return false;
Rubin Xu0a29ecd2015-11-04 15:11:48 +0000[diff] [blame]632 }
633 return info.isQuietModeEnabled();
634 }
635 }
636
Kenny Guya52dc3e2014-02-11 15:33:14 +0000[diff] [blame]637 @Override
Alexandra Gherghinadf35d572014-04-09 13:54:39 +0100[diff] [blame]638 public void setUserEnabled(int userId) {
639 checkManageUsersPermission("enable user");
640 synchronized (mPackagesLock) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]641 UserInfo info;
642 synchronized (mUsersLock) {
643 info = getUserInfoLU(userId);
644 }
Alexandra Gherghinadf35d572014-04-09 13:54:39 +0100[diff] [blame]645 if (info != null && !info.isEnabled()) {
646 info.flags ^= UserInfo.FLAG_DISABLED;
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]647 writeUserLP(getUserDataLU(info.id));
Alexandra Gherghinadf35d572014-04-09 13:54:39 +0100[diff] [blame]648 }
649 }
650 }
651
652 @Override
Amith Yamasani258848d2012-08-10 17:06:33 -0700[diff] [blame]653 public UserInfo getUserInfo(int userId) {
Tony Mak8673b282016-03-21 21:10:59 +0000[diff] [blame]654 checkManageUsersPermission("query user");
655 synchronized (mUsersLock) {
Amith Yamasani6f48d6e2016-03-23 14:28:25 -0700[diff] [blame]656 return userWithName(getUserInfoLU(userId));
657 }
658 }
659
660 /**
661 * Returns a UserInfo object with the name filled in, for Owner, or the original
662 * if the name is already set.
663 */
664 private UserInfo userWithName(UserInfo orig) {
665 if (orig != null && orig.name == null && orig.id == UserHandle.USER_SYSTEM) {
666 UserInfo withName = new UserInfo(orig);
667 withName.name = getOwnerName();
668 return withName;
669 } else {
670 return orig;
Tony Mak8673b282016-03-21 21:10:59 +0000[diff] [blame]671 }
672 }
673
674 @Override
675 public boolean isManagedProfile(int userId) {
Tony Makb531d082016-03-16 14:49:52 +0000[diff] [blame]676 int callingUserId = UserHandle.getCallingUserId();
677 if (callingUserId != userId && !hasManageUsersPermission()) {
678 synchronized (mPackagesLock) {
679 if (!isSameProfileGroupLP(callingUserId, userId)) {
680 throw new SecurityException(
Tony Mak8673b282016-03-21 21:10:59 +0000[diff] [blame]681 "You need MANAGE_USERS permission to: check if specified user a " +
682 "managed profile outside your profile group");
Tony Makb531d082016-03-16 14:49:52 +0000[diff] [blame]683 }
684 }
Tony Mak4dc008c2016-03-16 10:46:49 +0000[diff] [blame]685 }
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]686 synchronized (mUsersLock) {
Tony Mak8673b282016-03-21 21:10:59 +0000[diff] [blame]687 UserInfo userInfo = getUserInfoLU(userId);
688 return userInfo != null && userInfo.isManagedProfile();
Amith Yamasani13593602012-03-22 16:16:17 -0700[diff] [blame]689 }
690 }
691
Amith Yamasani71e6c692013-03-24 17:39:28 -0700[diff] [blame]692 @Override
693 public boolean isRestricted() {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]694 synchronized (mUsersLock) {
695 return getUserInfoLU(UserHandle.getCallingUserId()).isRestricted();
Amith Yamasani71e6c692013-03-24 17:39:28 -0700[diff] [blame]696 }
697 }
698
Fyodor Kupolov1c363152015-09-02 13:27:21 -0700[diff] [blame]699 @Override
700 public boolean canHaveRestrictedProfile(int userId) {
701 checkManageUsersPermission("canHaveRestrictedProfile");
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]702 synchronized (mUsersLock) {
703 final UserInfo userInfo = getUserInfoLU(userId);
Fyodor Kupolov1c363152015-09-02 13:27:21 -0700[diff] [blame]704 if (userInfo == null || !userInfo.canHaveProfile()) {
705 return false;
706 }
707 if (!userInfo.isAdmin()) {
708 return false;
709 }
Makoto Onukie7927da2015-11-25 10:05:17 -0800[diff] [blame]710 // restricted profile can be created if there is no DO set and the admin user has no PO;
711 return !mIsDeviceManaged && !mIsUserManaged.get(userId);
Fyodor Kupolov1c363152015-09-02 13:27:21 -0700[diff] [blame]712 }
Fyodor Kupolov1c363152015-09-02 13:27:21 -0700[diff] [blame]713 }
714
Amith Yamasani195263742012-08-21 15:40:12 -0700[diff] [blame]715 /*
716 * Should be locked on mUsers before calling this.
717 */
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]718 private UserInfo getUserInfoLU(int userId) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]719 final UserData userData = mUsers.get(userId);
Amith Yamasani16389312012-10-17 21:20:14 -0700[diff] [blame]720 // If it is partial and not in the process of being removed, return as unknown user.
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]721 if (userData != null && userData.info.partial && !mRemovingUserIds.get(userId)) {
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]722 Slog.w(LOG_TAG, "getUserInfo: unknown user #" + userId);
723 return null;
724 }
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]725 return userData != null ? userData.info : null;
726 }
727
728 private UserData getUserDataLU(int userId) {
729 final UserData userData = mUsers.get(userId);
730 // If it is partial and not in the process of being removed, return as unknown user.
731 if (userData != null && userData.info.partial && !mRemovingUserIds.get(userId)) {
732 return null;
733 }
734 return userData;
Amith Yamasani195263742012-08-21 15:40:12 -0700[diff] [blame]735 }
736
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]737 /**
738 * Obtains {@link #mUsersLock} and return UserInfo from mUsers.
739 * <p>No permissions checking or any addition checks are made</p>
740 */
741 private UserInfo getUserInfoNoChecks(int userId) {
742 synchronized (mUsersLock) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]743 final UserData userData = mUsers.get(userId);
744 return userData != null ? userData.info : null;
745 }
746 }
747
748 /**
749 * Obtains {@link #mUsersLock} and return UserData from mUsers.
750 * <p>No permissions checking or any addition checks are made</p>
751 */
752 private UserData getUserDataNoChecks(int userId) {
753 synchronized (mUsersLock) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]754 return mUsers.get(userId);
755 }
756 }
757
Amith Yamasani236b2b52015-08-18 14:32:14 -0700[diff] [blame]758 /** Called by PackageManagerService */
Amith Yamasani13593602012-03-22 16:16:17 -0700[diff] [blame]759 public boolean exists(int userId) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]760 return getUserInfoNoChecks(userId) != null;
Amith Yamasani13593602012-03-22 16:16:17 -0700[diff] [blame]761 }
762
Amith Yamasani258848d2012-08-10 17:06:33 -0700[diff] [blame]763 @Override
Amith Yamasanib8151ec2012-04-18 18:02:48 -0700[diff] [blame]764 public void setUserName(int userId, String name) {
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]765 checkManageUsersPermission("rename users");
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]766 boolean changed = false;
Dianne Hackborn4428e172012-08-24 17:43:05 -0700[diff] [blame]767 synchronized (mPackagesLock) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]768 UserData userData = getUserDataNoChecks(userId);
769 if (userData == null || userData.info.partial) {
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]770 Slog.w(LOG_TAG, "setUserName: unknown user #" + userId);
771 return;
772 }
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]773 if (name != null && !name.equals(userData.info.name)) {
774 userData.info.name = name;
775 writeUserLP(userData);
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]776 changed = true;
Amith Yamasani13593602012-03-22 16:16:17 -0700[diff] [blame]777 }
778 }
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]779 if (changed) {
780 sendUserInfoChangedBroadcast(userId);
781 }
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]782 }
783
Amith Yamasani258848d2012-08-10 17:06:33 -0700[diff] [blame]784 @Override
Amith Yamasanie928d7d2012-09-17 21:46:51 -0700[diff] [blame]785 public void setUserIcon(int userId, Bitmap bitmap) {
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]786 checkManageUsersPermission("update users");
Oleksandr Peletskyi7f1f1df2016-01-18 15:40:21 +0100[diff] [blame]787 if (hasUserRestriction(UserManager.DISALLOW_SET_USER_ICON, userId)) {
788 Log.w(LOG_TAG, "Cannot set user icon. DISALLOW_SET_USER_ICON is enabled.");
789 return;
Amith Yamasanib8151ec2012-04-18 18:02:48 -0700[diff] [blame]790 }
Oleksandr Peletskyi7f1f1df2016-01-18 15:40:21 +0100[diff] [blame]791 mLocalService.setUserIcon(userId, bitmap);
Amith Yamasanie928d7d2012-09-17 21:46:51 -0700[diff] [blame]792 }
793
Oleksandr Peletskyi7f1f1df2016-01-18 15:40:21 +0100[diff] [blame]794
795
Amith Yamasanie928d7d2012-09-17 21:46:51 -0700[diff] [blame]796 private void sendUserInfoChangedBroadcast(int userId) {
797 Intent changedIntent = new Intent(Intent.ACTION_USER_INFO_CHANGED);
798 changedIntent.putExtra(Intent.EXTRA_USER_HANDLE, userId);
799 changedIntent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY);
Amith Yamasani6fc1d4e2013-05-08 16:43:58 -0700[diff] [blame]800 mContext.sendBroadcastAsUser(changedIntent, UserHandle.ALL);
Amith Yamasanib8151ec2012-04-18 18:02:48 -0700[diff] [blame]801 }
802
Amith Yamasani258848d2012-08-10 17:06:33 -0700[diff] [blame]803 @Override
Oleksandr Peletskyicd6fa302016-02-25 16:28:39 +0100[diff] [blame]804 public ParcelFileDescriptor getUserIcon(int targetUserId) {
Adrian Roos1bdff912015-02-17 15:51:35 +0100[diff] [blame]805 String iconPath;
Amith Yamasani3b49f072012-09-17 10:21:43 -0700[diff] [blame]806 synchronized (mPackagesLock) {
Oleksandr Peletskyicd6fa302016-02-25 16:28:39 +0100[diff] [blame]807 UserInfo targetUserInfo = getUserInfoNoChecks(targetUserId);
808 if (targetUserInfo == null || targetUserInfo.partial) {
809 Slog.w(LOG_TAG, "getUserIcon: unknown user #" + targetUserId);
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]810 return null;
811 }
Oleksandr Peletskyicd6fa302016-02-25 16:28:39 +0100[diff] [blame]812
813 final int callingUserId = UserHandle.getCallingUserId();
814 final int callingGroupId = getUserInfoNoChecks(callingUserId).profileGroupId;
815 final int targetGroupId = targetUserInfo.profileGroupId;
816 final boolean sameGroup = (callingGroupId != UserInfo.NO_PROFILE_GROUP_ID
817 && callingGroupId == targetGroupId);
818 if ((callingUserId != targetUserId) && !sameGroup) {
Nicolas Prevot88cc3462014-05-14 14:51:48 +0100[diff] [blame]819 checkManageUsersPermission("get the icon of a user who is not related");
820 }
Oleksandr Peletskyicd6fa302016-02-25 16:28:39 +0100[diff] [blame]821
822 if (targetUserInfo.iconPath == null) {
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]823 return null;
824 }
Oleksandr Peletskyicd6fa302016-02-25 16:28:39 +0100[diff] [blame]825 iconPath = targetUserInfo.iconPath;
Amith Yamasani3b49f072012-09-17 10:21:43 -0700[diff] [blame]826 }
Adrian Roos1bdff912015-02-17 15:51:35 +0100[diff] [blame]827
828 try {
829 return ParcelFileDescriptor.open(
830 new File(iconPath), ParcelFileDescriptor.MODE_READ_ONLY);
831 } catch (FileNotFoundException e) {
832 Log.e(LOG_TAG, "Couldn't find icon file", e);
833 }
834 return null;
Amith Yamasani3b49f072012-09-17 10:21:43 -0700[diff] [blame]835 }
836
Dianne Hackborn5dc5a002012-09-15 19:33:48 -0700[diff] [blame]837 public void makeInitialized(int userId) {
838 checkManageUsersPermission("makeInitialized");
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]839 boolean scheduleWriteUser = false;
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]840 UserData userData;
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]841 synchronized (mUsersLock) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]842 userData = mUsers.get(userId);
843 if (userData == null || userData.info.partial) {
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]844 Slog.w(LOG_TAG, "makeInitialized: unknown user #" + userId);
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]845 return;
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]846 }
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]847 if ((userData.info.flags & UserInfo.FLAG_INITIALIZED) == 0) {
848 userData.info.flags |= UserInfo.FLAG_INITIALIZED;
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]849 scheduleWriteUser = true;
Dianne Hackborn5dc5a002012-09-15 19:33:48 -0700[diff] [blame]850 }
851 }
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]852 if (scheduleWriteUser) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]853 scheduleWriteUser(userData);
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]854 }
Dianne Hackborn5dc5a002012-09-15 19:33:48 -0700[diff] [blame]855 }
856
Amith Yamasaniaa6634e2014-10-06 14:20:28 -0700[diff] [blame]857 /**
858 * If default guest restrictions haven't been initialized yet, add the basic
859 * restrictions.
860 */
861 private void initDefaultGuestRestrictions() {
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]862 synchronized (mGuestRestrictions) {
863 if (mGuestRestrictions.isEmpty()) {
Samuel Tand9453b82016-03-14 15:57:02 -0700[diff] [blame]864 mGuestRestrictions.putBoolean(UserManager.DISALLOW_CONFIG_WIFI, true);
Fyodor Kupolove04462c2015-11-30 15:02:53 -0800[diff] [blame]865 mGuestRestrictions.putBoolean(UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES, true);
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]866 mGuestRestrictions.putBoolean(UserManager.DISALLOW_OUTGOING_CALLS, true);
867 mGuestRestrictions.putBoolean(UserManager.DISALLOW_SMS, true);
868 }
Amith Yamasaniaa6634e2014-10-06 14:20:28 -0700[diff] [blame]869 }
870 }
871
Amith Yamasanie4cf7342012-12-17 11:12:09 -0800[diff] [blame]872 @Override
Amith Yamasanie4afaa32014-06-30 14:55:07 +0530[diff] [blame]873 public Bundle getDefaultGuestRestrictions() {
874 checkManageUsersPermission("getDefaultGuestRestrictions");
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]875 synchronized (mGuestRestrictions) {
Amith Yamasanie4afaa32014-06-30 14:55:07 +0530[diff] [blame]876 return new Bundle(mGuestRestrictions);
877 }
878 }
879
880 @Override
881 public void setDefaultGuestRestrictions(Bundle restrictions) {
882 checkManageUsersPermission("setDefaultGuestRestrictions");
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]883 synchronized (mGuestRestrictions) {
884 mGuestRestrictions.clear();
885 mGuestRestrictions.putAll(restrictions);
886 }
887 synchronized (mPackagesLock) {
888 writeUserListLP();
Amith Yamasanie4afaa32014-06-30 14:55:07 +0530[diff] [blame]889 }
890 }
891
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]892 /**
893 * See {@link UserManagerInternal#setDevicePolicyUserRestrictions(int, Bundle, Bundle)}
894 */
Makoto Onuki2a3c3da2016-02-18 14:25:30 -0800[diff] [blame]895 void setDevicePolicyUserRestrictionsInner(int userId, @NonNull Bundle local,
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]896 @Nullable Bundle global) {
897 Preconditions.checkNotNull(local);
898 boolean globalChanged = false;
899 boolean localChanged;
900 synchronized (mRestrictionsLock) {
901 if (global != null) {
902 // Update global.
903 globalChanged = !UserRestrictionsUtils.areEqual(
904 mDevicePolicyGlobalUserRestrictions, global);
905 if (globalChanged) {
906 mDevicePolicyGlobalUserRestrictions = global;
907 }
908 }
909 {
910 // Update local.
911 final Bundle prev = mDevicePolicyLocalUserRestrictions.get(userId);
912 localChanged = !UserRestrictionsUtils.areEqual(prev, local);
913 if (localChanged) {
914 mDevicePolicyLocalUserRestrictions.put(userId, local);
915 }
916 }
917 }
918 if (DBG) {
919 Log.d(LOG_TAG, "setDevicePolicyUserRestrictions: userId=" + userId
920 + " global=" + global + (globalChanged ? " (changed)" : "")
921 + " local=" + local + (localChanged ? " (changed)" : "")
922 );
923 }
924 // Don't call them within the mRestrictionsLock.
925 synchronized (mPackagesLock) {
926 if (globalChanged) {
927 writeUserListLP();
928 }
929 if (localChanged) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]930 writeUserLP(getUserDataNoChecks(userId));
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]931 }
932 }
933
934 synchronized (mRestrictionsLock) {
935 if (globalChanged) {
936 applyUserRestrictionsForAllUsersLR();
937 } else if (localChanged) {
938 applyUserRestrictionsLR(userId);
939 }
940 }
941 }
942
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]943 @GuardedBy("mRestrictionsLock")
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]944 private Bundle computeEffectiveUserRestrictionsLR(int userId) {
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]945 final Bundle baseRestrictions =
946 UserRestrictionsUtils.nonNull(mBaseUserRestrictions.get(userId));
947 final Bundle global = mDevicePolicyGlobalUserRestrictions;
948 final Bundle local = mDevicePolicyLocalUserRestrictions.get(userId);
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]949
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]950 if (UserRestrictionsUtils.isEmpty(global) && UserRestrictionsUtils.isEmpty(local)) {
951 // Common case first.
952 return baseRestrictions;
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]953 }
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]954 final Bundle effective = UserRestrictionsUtils.clone(baseRestrictions);
955 UserRestrictionsUtils.merge(effective, global);
956 UserRestrictionsUtils.merge(effective, local);
957
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]958 return effective;
959 }
960
961 @GuardedBy("mRestrictionsLock")
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]962 private void invalidateEffectiveUserRestrictionsLR(int userId) {
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]963 if (DBG) {
964 Log.d(LOG_TAG, "invalidateEffectiveUserRestrictions userId=" + userId);
965 }
966 mCachedEffectiveUserRestrictions.remove(userId);
967 }
968
969 private Bundle getEffectiveUserRestrictions(int userId) {
970 synchronized (mRestrictionsLock) {
971 Bundle restrictions = mCachedEffectiveUserRestrictions.get(userId);
972 if (restrictions == null) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]973 restrictions = computeEffectiveUserRestrictionsLR(userId);
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]974 mCachedEffectiveUserRestrictions.put(userId, restrictions);
975 }
976 return restrictions;
Amith Yamasani8cd28b52014-06-08 17:54:27 -0700[diff] [blame]977 }
978 }
979
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]980 /** @return a specific user restriction that's in effect currently. */
981 @Override
982 public boolean hasUserRestriction(String restrictionKey, int userId) {
Makoto Onuki1f1ceef2016-01-28 11:32:32 -0800[diff] [blame]983 if (!UserRestrictionsUtils.isValidRestriction(restrictionKey)) {
984 return false;
985 }
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]986 Bundle restrictions = getEffectiveUserRestrictions(userId);
987 return restrictions != null && restrictions.getBoolean(restrictionKey);
988 }
989
990 /**
991 * @return UserRestrictions that are in effect currently. This always returns a new
992 * {@link Bundle}.
993 */
Amith Yamasani8cd28b52014-06-08 17:54:27 -0700[diff] [blame]994 @Override
Amith Yamasanie4cf7342012-12-17 11:12:09 -0800[diff] [blame]995 public Bundle getUserRestrictions(int userId) {
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]996 return UserRestrictionsUtils.clone(getEffectiveUserRestrictions(userId));
Amith Yamasanie4cf7342012-12-17 11:12:09 -0800[diff] [blame]997 }
998
999 @Override
Zoltan Szatmary-Ban3bbcedd2015-11-26 13:45:51 +0000[diff] [blame]1000 public boolean hasBaseUserRestriction(String restrictionKey, int userId) {
1001 checkManageUsersPermission("hasBaseUserRestriction");
Makoto Onuki1f1ceef2016-01-28 11:32:32 -0800[diff] [blame]1002 if (!UserRestrictionsUtils.isValidRestriction(restrictionKey)) {
1003 return false;
1004 }
Zoltan Szatmary-Ban3bbcedd2015-11-26 13:45:51 +0000[diff] [blame]1005 synchronized (mRestrictionsLock) {
1006 Bundle bundle = mBaseUserRestrictions.get(userId);
1007 return (bundle != null && bundle.getBoolean(restrictionKey, false));
1008 }
1009 }
1010
1011 @Override
Fyodor Kupolovb5013302015-04-17 17:59:14 -0700[diff] [blame]1012 public void setUserRestriction(String key, boolean value, int userId) {
Fyodor Kupolovd4b26042015-07-27 14:30:59 -0700[diff] [blame]1013 checkManageUsersPermission("setUserRestriction");
Makoto Onuki1f1ceef2016-01-28 11:32:32 -0800[diff] [blame]1014 if (!UserRestrictionsUtils.isValidRestriction(key)) {
1015 return;
1016 }
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]1017 synchronized (mRestrictionsLock) {
1018 // Note we can't modify Bundles stored in mBaseUserRestrictions directly, so create
1019 // a copy.
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1020 final Bundle newRestrictions = UserRestrictionsUtils.clone(
1021 mBaseUserRestrictions.get(userId));
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]1022 newRestrictions.putBoolean(key, value);
1023
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]1024 updateUserRestrictionsInternalLR(newRestrictions, userId);
Fyodor Kupolovb5013302015-04-17 17:59:14 -0700[diff] [blame]1025 }
1026 }
1027
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]1028 /**
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1029 * Optionally updating user restrictions, calculate the effective user restrictions and also
1030 * propagate to other services and system settings.
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]1031 *
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1032 * @param newRestrictions User restrictions to set.
1033 * If null, will not update user restrictions and only does the propagation.
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]1034 * @param userId target user ID.
1035 */
1036 @GuardedBy("mRestrictionsLock")
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]1037 private void updateUserRestrictionsInternalLR(
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]1038 @Nullable Bundle newRestrictions, int userId) {
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1039
1040 final Bundle prevAppliedRestrictions = UserRestrictionsUtils.nonNull(
1041 mAppliedUserRestrictions.get(userId));
1042
1043 // Update base restrictions.
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]1044 if (newRestrictions != null) {
1045 // If newRestrictions == the current one, it's probably a bug.
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1046 final Bundle prevBaseRestrictions = mBaseUserRestrictions.get(userId);
1047
1048 Preconditions.checkState(prevBaseRestrictions != newRestrictions);
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]1049 Preconditions.checkState(mCachedEffectiveUserRestrictions.get(userId)
1050 != newRestrictions);
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1051
1052 if (!UserRestrictionsUtils.areEqual(prevBaseRestrictions, newRestrictions)) {
1053 mBaseUserRestrictions.put(userId, newRestrictions);
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1054 scheduleWriteUser(getUserDataNoChecks(userId));
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1055 }
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]1056 }
1057
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]1058 final Bundle effective = computeEffectiveUserRestrictionsLR(userId);
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]1059
Makoto Onuki759a7632015-10-28 16:43:10 -0700[diff] [blame]1060 mCachedEffectiveUserRestrictions.put(userId, effective);
1061
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1062 // Apply the new restrictions.
Makoto Onuki4f160732015-10-27 17:15:38 -0700[diff] [blame]1063 if (DBG) {
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1064 debug("Applying user restrictions: userId=" + userId
1065 + " new=" + effective + " prev=" + prevAppliedRestrictions);
Makoto Onuki4f160732015-10-27 17:15:38 -0700[diff] [blame]1066 }
1067
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1068 if (mAppOpsService != null) { // We skip it until system-ready.
1069 final long token = Binder.clearCallingIdentity();
1070 try {
Svet Ganov9cea80cd2016-02-16 11:47:00 -0800[diff] [blame]1071 mAppOpsService.setUserRestrictions(effective, mUserRestriconToken, userId);
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1072 } catch (RemoteException e) {
1073 Log.w(LOG_TAG, "Unable to notify AppOpsService of UserRestrictions");
1074 } finally {
1075 Binder.restoreCallingIdentity(token);
1076 }
Fyodor Kupolovb5013302015-04-17 17:59:14 -0700[diff] [blame]1077 }
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]1078
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1079 propagateUserRestrictionsLR(userId, effective, prevAppliedRestrictions);
Makoto Onuki4f160732015-10-27 17:15:38 -0700[diff] [blame]1080
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1081 mAppliedUserRestrictions.put(userId, new Bundle(effective));
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]1082 }
1083
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1084 private void propagateUserRestrictionsLR(final int userId,
Makoto Onukid45a4a22015-11-02 17:17:38 -0800[diff] [blame]1085 Bundle newRestrictions, Bundle prevRestrictions) {
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1086 // Note this method doesn't touch any state, meaning it doesn't require mRestrictionsLock
1087 // actually, but we still need some kind of synchronization otherwise we might end up
1088 // calling listeners out-of-order, thus "LR".
1089
1090 if (UserRestrictionsUtils.areEqual(newRestrictions, prevRestrictions)) {
1091 return;
1092 }
Makoto Onukid45a4a22015-11-02 17:17:38 -0800[diff] [blame]1093
1094 final Bundle newRestrictionsFinal = new Bundle(newRestrictions);
1095 final Bundle prevRestrictionsFinal = new Bundle(prevRestrictions);
1096
1097 mHandler.post(new Runnable() {
1098 @Override
1099 public void run() {
Fyodor Kupolov9cbfc9e2015-10-07 15:52:33 -0700[diff] [blame]1100 UserRestrictionsUtils.applyUserRestrictions(
1101 mContext, userId, newRestrictionsFinal, prevRestrictionsFinal);
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1102
Makoto Onukid45a4a22015-11-02 17:17:38 -0800[diff] [blame]1103 final UserRestrictionsListener[] listeners;
1104 synchronized (mUserRestrictionsListeners) {
1105 listeners = new UserRestrictionsListener[mUserRestrictionsListeners.size()];
1106 mUserRestrictionsListeners.toArray(listeners);
1107 }
1108 for (int i = 0; i < listeners.length; i++) {
1109 listeners[i].onUserRestrictionsChanged(userId,
1110 newRestrictionsFinal, prevRestrictionsFinal);
1111 }
1112 }
1113 });
1114 }
1115
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1116 // Package private for the inner class.
1117 void applyUserRestrictionsLR(int userId) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]1118 updateUserRestrictionsInternalLR(null, userId);
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]1119 }
1120
1121 @GuardedBy("mRestrictionsLock")
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1122 // Package private for the inner class.
1123 void applyUserRestrictionsForAllUsersLR() {
1124 if (DBG) {
1125 debug("applyUserRestrictionsForAllUsersLR");
1126 }
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]1127 // First, invalidate all cached values.
Makoto Onuki4f160732015-10-27 17:15:38 -0700[diff] [blame]1128 mCachedEffectiveUserRestrictions.clear();
1129
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]1130 // We don't want to call into ActivityManagerNative while taking a lock, so we'll call
1131 // it on a handler.
1132 final Runnable r = new Runnable() {
1133 @Override
1134 public void run() {
1135 // Then get the list of running users.
1136 final int[] runningUsers;
1137 try {
1138 runningUsers = ActivityManagerNative.getDefault().getRunningUserIds();
1139 } catch (RemoteException e) {
1140 Log.w(LOG_TAG, "Unable to access ActivityManagerNative");
1141 return;
1142 }
1143 // Then re-calculate the effective restrictions and apply, only for running users.
1144 // It's okay if a new user has started after the getRunningUserIds() call,
1145 // because we'll do the same thing (re-calculate the restrictions and apply)
1146 // when we start a user.
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]1147 synchronized (mRestrictionsLock) {
1148 for (int i = 0; i < runningUsers.length; i++) {
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1149 applyUserRestrictionsLR(runningUsers[i]);
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]1150 }
1151 }
1152 }
1153 };
1154 mHandler.post(r);
Fyodor Kupolovb5013302015-04-17 17:59:14 -0700[diff] [blame]1155 }
1156
Amith Yamasani258848d2012-08-10 17:06:33 -0700[diff] [blame]1157 /**
Amith Yamasanifaea76f2012-09-11 10:59:48 -0700[diff] [blame]1158 * Check if we've hit the limit of how many users can be created.
1159 */
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]1160 private boolean isUserLimitReached() {
1161 int count;
1162 synchronized (mUsersLock) {
1163 count = getAliveUsersExcludingGuestsCountLU();
1164 }
1165 return count >= UserManager.getMaxSupportedUsers();
Nicolas Prevot12678a92015-05-13 12:15:03 -0700[diff] [blame]1166 }
1167
1168 @Override
Nicolas Prevot07387fe2015-10-30 17:53:30 +0000[diff] [blame]1169 public boolean canAddMoreManagedProfiles(int userId, boolean allowedToRemoveOne) {
Nicolas Prevot12678a92015-05-13 12:15:03 -0700[diff] [blame]1170 checkManageUsersPermission("check if more managed profiles can be added.");
1171 if (ActivityManager.isLowRamDeviceStatic()) {
1172 return false;
1173 }
Fyodor Kupolovb6157992015-06-05 15:32:28 -0700[diff] [blame]1174 if (!mContext.getPackageManager().hasSystemFeature(
1175 PackageManager.FEATURE_MANAGED_USERS)) {
1176 return false;
1177 }
Nicolas Prevotb8186812015-08-06 15:00:03 +0100[diff] [blame]1178 // Limit number of managed profiles that can be created
Nicolas Prevot07387fe2015-10-30 17:53:30 +0000[diff] [blame]1179 final int managedProfilesCount = getProfiles(userId, true).size() - 1;
1180 final int profilesRemovedCount = managedProfilesCount > 0 && allowedToRemoveOne ? 1 : 0;
1181 if (managedProfilesCount - profilesRemovedCount >= MAX_MANAGED_PROFILES) {
Nicolas Prevotb8186812015-08-06 15:00:03 +0100[diff] [blame]1182 return false;
1183 }
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]1184 synchronized(mUsersLock) {
1185 UserInfo userInfo = getUserInfoLU(userId);
Nicolas Prevotb8186812015-08-06 15:00:03 +0100[diff] [blame]1186 if (!userInfo.canHaveProfile()) {
Nicolas Prevot12678a92015-05-13 12:15:03 -0700[diff] [blame]1187 return false;
1188 }
Nicolas Prevot07387fe2015-10-30 17:53:30 +0000[diff] [blame]1189 int usersCountAfterRemoving = getAliveUsersExcludingGuestsCountLU()
1190 - profilesRemovedCount;
Nicolas Prevot12678a92015-05-13 12:15:03 -0700[diff] [blame]1191 // We allow creating a managed profile in the special case where there is only one user.
Nicolas Prevot07387fe2015-10-30 17:53:30 +0000[diff] [blame]1192 return usersCountAfterRemoving == 1
1193 || usersCountAfterRemoving < UserManager.getMaxSupportedUsers();
Nicolas Prevot12678a92015-05-13 12:15:03 -0700[diff] [blame]1194 }
1195 }
1196
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]1197 private int getAliveUsersExcludingGuestsCountLU() {
Amith Yamasanif584f012014-05-19 17:57:25 -0700[diff] [blame]1198 int aliveUserCount = 0;
1199 final int totalUserCount = mUsers.size();
1200 // Skip over users being removed
1201 for (int i = 0; i < totalUserCount; i++) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1202 UserInfo user = mUsers.valueAt(i).info;
Amith Yamasani95ab7842014-08-11 17:09:26 -0700[diff] [blame]1203 if (!mRemovingUserIds.get(user.id)
Amith Yamasani1df14732014-08-29 21:37:27 -0700[diff] [blame]1204 && !user.isGuest() && !user.partial) {
Amith Yamasanif584f012014-05-19 17:57:25 -0700[diff] [blame]1205 aliveUserCount++;
1206 }
1207 }
Nicolas Prevot12678a92015-05-13 12:15:03 -0700[diff] [blame]1208 return aliveUserCount;
Amith Yamasanifaea76f2012-09-11 10:59:48 -0700[diff] [blame]1209 }
1210
1211 /**
Amith Yamasani195263742012-08-21 15:40:12 -0700[diff] [blame]1212 * Enforces that only the system UID or root's UID or apps that have the
Xiaohui Chenb3b92582015-12-07 11:22:13 -0800[diff] [blame]1213 * {@link android.Manifest.permission#MANAGE_USERS MANAGE_USERS} and
1214 * {@link android.Manifest.permission#INTERACT_ACROSS_USERS_FULL INTERACT_ACROSS_USERS_FULL}
1215 * permissions can make certain calls to the UserManager.
1216 *
1217 * @param message used as message if SecurityException is thrown
1218 * @throws SecurityException if the caller does not have enough privilege.
1219 */
1220 private static final void checkManageUserAndAcrossUsersFullPermission(String message) {
1221 final int uid = Binder.getCallingUid();
1222 if (uid != Process.SYSTEM_UID && uid != 0
1223 && ActivityManager.checkComponentPermission(
1224 Manifest.permission.MANAGE_USERS,
1225 uid, -1, true) != PackageManager.PERMISSION_GRANTED
1226 && ActivityManager.checkComponentPermission(
1227 Manifest.permission.INTERACT_ACROSS_USERS_FULL,
1228 uid, -1, true) != PackageManager.PERMISSION_GRANTED) {
1229 throw new SecurityException(
1230 "You need MANAGE_USERS and INTERACT_ACROSS_USERS_FULL permission to: "
1231 + message);
1232 }
1233 }
1234
1235 /**
1236 * Enforces that only the system UID or root's UID or apps that have the
Dianne Hackborn10ad9822014-03-17 11:28:36 -0700[diff] [blame]1237 * {@link android.Manifest.permission#MANAGE_USERS MANAGE_USERS}
Amith Yamasani195263742012-08-21 15:40:12 -0700[diff] [blame]1238 * permission can make certain calls to the UserManager.
Amith Yamasani258848d2012-08-10 17:06:33 -0700[diff] [blame]1239 *
1240 * @param message used as message if SecurityException is thrown
1241 * @throws SecurityException if the caller is not system or root
Tony Mak4dc008c2016-03-16 10:46:49 +0000[diff] [blame]1242 * @see #hasManageUsersPermission()
Amith Yamasani258848d2012-08-10 17:06:33 -0700[diff] [blame]1243 */
Amith Yamasanibe465322014-04-24 13:45:17 -0700[diff] [blame]1244 private static final void checkManageUsersPermission(String message) {
Tony Mak4dc008c2016-03-16 10:46:49 +0000[diff] [blame]1245 if (!hasManageUsersPermission()) {
Amith Yamasanibe465322014-04-24 13:45:17 -0700[diff] [blame]1246 throw new SecurityException("You need MANAGE_USERS permission to: " + message);
1247 }
Emily Bernier7a2b4d12014-04-23 12:51:35 -0400[diff] [blame]1248 }
1249
Esteban Talavera5b9f1672015-12-11 15:22:34 +0000[diff] [blame]1250 /**
Tony Mak4dc008c2016-03-16 10:46:49 +0000[diff] [blame]1251 * @return whether the calling UID is system UID or root's UID or the calling app has the
1252 * {@link android.Manifest.permission#MANAGE_USERS MANAGE_USERS}.
1253 */
1254 private static final boolean hasManageUsersPermission() {
1255 final int callingUid = Binder.getCallingUid();
1256 return UserHandle.isSameApp(callingUid, Process.SYSTEM_UID)
1257 || callingUid == Process.ROOT_UID
1258 || ActivityManager.checkComponentPermission(
1259 android.Manifest.permission.MANAGE_USERS,
1260 callingUid, -1, true) == PackageManager.PERMISSION_GRANTED;
1261 }
1262
1263 /**
Esteban Talavera5b9f1672015-12-11 15:22:34 +0000[diff] [blame]1264 * Enforces that only the system UID or root's UID (on any user) can make certain calls to the
1265 * UserManager.
1266 *
1267 * @param message used as message if SecurityException is thrown
1268 * @throws SecurityException if the caller is not system or root
1269 */
1270 private static void checkSystemOrRoot(String message) {
1271 final int uid = Binder.getCallingUid();
1272 if (!UserHandle.isSameApp(uid, Process.SYSTEM_UID) && uid != Process.ROOT_UID) {
1273 throw new SecurityException("Only system may: " + message);
1274 }
1275 }
1276
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]1277 private void writeBitmapLP(UserInfo info, Bitmap bitmap) {
Amith Yamasanib8151ec2012-04-18 18:02:48 -0700[diff] [blame]1278 try {
1279 File dir = new File(mUsersDir, Integer.toString(info.id));
1280 File file = new File(dir, USER_PHOTO_FILENAME);
Adrian Roos1bdff912015-02-17 15:51:35 +0100[diff] [blame]1281 File tmp = new File(dir, USER_PHOTO_FILENAME_TMP);
Amith Yamasanib8151ec2012-04-18 18:02:48 -0700[diff] [blame]1282 if (!dir.exists()) {
1283 dir.mkdir();
1284 FileUtils.setPermissions(
1285 dir.getPath(),
1286 FileUtils.S_IRWXU|FileUtils.S_IRWXG|FileUtils.S_IXOTH,
1287 -1, -1);
1288 }
Amith Yamasanie928d7d2012-09-17 21:46:51 -0700[diff] [blame]1289 FileOutputStream os;
Adrian Roos1bdff912015-02-17 15:51:35 +0100[diff] [blame]1290 if (bitmap.compress(Bitmap.CompressFormat.PNG, 100, os = new FileOutputStream(tmp))
Oleksandr Peletskyicd6fa302016-02-25 16:28:39 +0100[diff] [blame]1291 && tmp.renameTo(file) && SELinux.restorecon(file)) {
Amith Yamasani3b49f072012-09-17 10:21:43 -0700[diff] [blame]1292 info.iconPath = file.getAbsolutePath();
1293 }
Amith Yamasanie928d7d2012-09-17 21:46:51 -0700[diff] [blame]1294 try {
1295 os.close();
1296 } catch (IOException ioe) {
1297 // What the ... !
1298 }
Adrian Roos1bdff912015-02-17 15:51:35 +0100[diff] [blame]1299 tmp.delete();
Amith Yamasanib8151ec2012-04-18 18:02:48 -0700[diff] [blame]1300 } catch (FileNotFoundException e) {
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]1301 Slog.w(LOG_TAG, "Error setting photo for user ", e);
Amith Yamasanib8151ec2012-04-18 18:02:48 -0700[diff] [blame]1302 }
Amith Yamasanib8151ec2012-04-18 18:02:48 -0700[diff] [blame]1303 }
1304
Amith Yamasani0b285492011-04-14 17:35:23 -0700[diff] [blame]1305 /**
1306 * Returns an array of user ids. This array is cached here for quick access, so do not modify or
1307 * cache it elsewhere.
1308 * @return the array of user ids.
1309 */
Dianne Hackborn1676c852012-09-10 14:52:30 -0700[diff] [blame]1310 public int[] getUserIds() {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]1311 synchronized (mUsersLock) {
Dianne Hackborn7767eac2012-08-23 18:25:40 -0700[diff] [blame]1312 return mUserIds;
1313 }
Amith Yamasani0b285492011-04-14 17:35:23 -0700[diff] [blame]1314 }
1315
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1316 private void readUserListLP() {
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1317 if (!mUserListFile.exists()) {
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1318 fallbackToSingleUserLP();
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1319 return;
1320 }
1321 FileInputStream fis = null;
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]1322 AtomicFile userListFile = new AtomicFile(mUserListFile);
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1323 try {
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]1324 fis = userListFile.openRead();
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1325 XmlPullParser parser = Xml.newPullParser();
Wojciech Staszkiewicz9e9e2e72015-05-08 14:58:46 +0100[diff] [blame]1326 parser.setInput(fis, StandardCharsets.UTF_8.name());
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1327 int type;
1328 while ((type = parser.next()) != XmlPullParser.START_TAG
1329 && type != XmlPullParser.END_DOCUMENT) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1330 // Skip
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1331 }
1332
1333 if (type != XmlPullParser.START_TAG) {
Amith Yamasani0b285492011-04-14 17:35:23 -0700[diff] [blame]1334 Slog.e(LOG_TAG, "Unable to read user list");
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1335 fallbackToSingleUserLP();
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1336 return;
1337 }
1338
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]1339 mNextSerialNumber = -1;
1340 if (parser.getName().equals(TAG_USERS)) {
1341 String lastSerialNumber = parser.getAttributeValue(null, ATTR_NEXT_SERIAL_NO);
1342 if (lastSerialNumber != null) {
1343 mNextSerialNumber = Integer.parseInt(lastSerialNumber);
1344 }
Amith Yamasani6f34b412012-10-22 18:19:27 -0700[diff] [blame]1345 String versionNumber = parser.getAttributeValue(null, ATTR_USER_VERSION);
1346 if (versionNumber != null) {
1347 mUserVersion = Integer.parseInt(versionNumber);
1348 }
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]1349 }
1350
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1351 final Bundle newDevicePolicyGlobalUserRestrictions = new Bundle();
1352
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1353 while ((type = parser.next()) != XmlPullParser.END_DOCUMENT) {
Amith Yamasanie4afaa32014-06-30 14:55:07 +0530[diff] [blame]1354 if (type == XmlPullParser.START_TAG) {
1355 final String name = parser.getName();
1356 if (name.equals(TAG_USER)) {
1357 String id = parser.getAttributeValue(null, ATTR_ID);
Amith Yamasani6f34b412012-10-22 18:19:27 -0700[diff] [blame]1358
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1359 UserData userData = readUserLP(Integer.parseInt(id));
1360
1361 if (userData != null) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]1362 synchronized (mUsersLock) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1363 mUsers.put(userData.info.id, userData);
1364 if (mNextSerialNumber < 0
1365 || mNextSerialNumber <= userData.info.id) {
1366 mNextSerialNumber = userData.info.id + 1;
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]1367 }
Amith Yamasanie4afaa32014-06-30 14:55:07 +0530[diff] [blame]1368 }
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]1369 }
Amith Yamasanie4afaa32014-06-30 14:55:07 +0530[diff] [blame]1370 } else if (name.equals(TAG_GUEST_RESTRICTIONS)) {
Amith Yamasanida0b1682014-11-21 12:58:17 -0800[diff] [blame]1371 while ((type = parser.next()) != XmlPullParser.END_DOCUMENT
1372 && type != XmlPullParser.END_TAG) {
1373 if (type == XmlPullParser.START_TAG) {
1374 if (parser.getName().equals(TAG_RESTRICTIONS)) {
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1375 synchronized (mGuestRestrictions) {
1376 UserRestrictionsUtils
1377 .readRestrictions(parser, mGuestRestrictions);
1378 }
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1379 } else if (parser.getName().equals(TAG_DEVICE_POLICY_RESTRICTIONS)
1380 ) {
1381 UserRestrictionsUtils.readRestrictions(parser,
1382 newDevicePolicyGlobalUserRestrictions);
Amith Yamasanida0b1682014-11-21 12:58:17 -0800[diff] [blame]1383 }
1384 break;
1385 }
1386 }
Amith Yamasani258848d2012-08-10 17:06:33 -0700[diff] [blame]1387 }
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1388 }
1389 }
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1390 synchronized (mRestrictionsLock) {
1391 mDevicePolicyGlobalUserRestrictions = newDevicePolicyGlobalUserRestrictions;
1392 }
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]1393 updateUserIds();
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1394 upgradeIfNecessaryLP();
1395 } catch (IOException | XmlPullParserException e) {
1396 fallbackToSingleUserLP();
Dianne Hackbornbfd89b32011-12-15 18:22:54 -0800[diff] [blame]1397 } finally {
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1398 IoUtils.closeQuietly(fis);
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1399 }
1400 }
1401
Amith Yamasani6f34b412012-10-22 18:19:27 -0700[diff] [blame]1402 /**
Amith Yamasanibc9625052012-11-15 14:39:18 -0800[diff] [blame]1403 * Upgrade steps between versions, either for fixing bugs or changing the data format.
Amith Yamasani6f34b412012-10-22 18:19:27 -0700[diff] [blame]1404 */
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1405 private void upgradeIfNecessaryLP() {
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1406 final int originalVersion = mUserVersion;
Amith Yamasani6f34b412012-10-22 18:19:27 -0700[diff] [blame]1407 int userVersion = mUserVersion;
1408 if (userVersion < 1) {
1409 // Assign a proper name for the owner, if not initialized correctly before
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1410 UserData userData = getUserDataNoChecks(UserHandle.USER_SYSTEM);
1411 if ("Primary".equals(userData.info.name)) {
1412 userData.info.name =
1413 mContext.getResources().getString(com.android.internal.R.string.owner_name);
1414 scheduleWriteUser(userData);
Amith Yamasani6f34b412012-10-22 18:19:27 -0700[diff] [blame]1415 }
1416 userVersion = 1;
1417 }
1418
Amith Yamasanibc9625052012-11-15 14:39:18 -0800[diff] [blame]1419 if (userVersion < 2) {
1420 // Owner should be marked as initialized
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1421 UserData userData = getUserDataNoChecks(UserHandle.USER_SYSTEM);
1422 if ((userData.info.flags & UserInfo.FLAG_INITIALIZED) == 0) {
1423 userData.info.flags |= UserInfo.FLAG_INITIALIZED;
1424 scheduleWriteUser(userData);
Amith Yamasanibc9625052012-11-15 14:39:18 -0800[diff] [blame]1425 }
1426 userVersion = 2;
1427 }
1428
Amith Yamasani350962c2013-08-06 11:18:53 -0700[diff] [blame]1429
Amith Yamasani5e486f52013-08-07 11:06:44 -0700[diff] [blame]1430 if (userVersion < 4) {
Amith Yamasani5e486f52013-08-07 11:06:44 -0700[diff] [blame]1431 userVersion = 4;
1432 }
1433
Amith Yamasaniaa6634e2014-10-06 14:20:28 -0700[diff] [blame]1434 if (userVersion < 5) {
1435 initDefaultGuestRestrictions();
1436 userVersion = 5;
1437 }
1438
Fyodor Kupolov1c363152015-09-02 13:27:21 -0700[diff] [blame]1439 if (userVersion < 6) {
1440 final boolean splitSystemUser = UserManager.isSplitSystemUser();
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]1441 synchronized (mUsersLock) {
1442 for (int i = 0; i < mUsers.size(); i++) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1443 UserData userData = mUsers.valueAt(i);
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]1444 // In non-split mode, only user 0 can have restricted profiles
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1445 if (!splitSystemUser && userData.info.isRestricted()
1446 && (userData.info.restrictedProfileParentId
1447 == UserInfo.NO_PROFILE_GROUP_ID)) {
1448 userData.info.restrictedProfileParentId = UserHandle.USER_SYSTEM;
1449 scheduleWriteUser(userData);
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]1450 }
Fyodor Kupolov1c363152015-09-02 13:27:21 -0700[diff] [blame]1451 }
1452 }
1453 userVersion = 6;
1454 }
1455
Amith Yamasani6f34b412012-10-22 18:19:27 -0700[diff] [blame]1456 if (userVersion < USER_VERSION) {
1457 Slog.w(LOG_TAG, "User version " + mUserVersion + " didn't upgrade as expected to "
1458 + USER_VERSION);
1459 } else {
1460 mUserVersion = userVersion;
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1461
1462 if (originalVersion < mUserVersion) {
1463 writeUserListLP();
1464 }
Amith Yamasani6f34b412012-10-22 18:19:27 -0700[diff] [blame]1465 }
1466 }
1467
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1468 private void fallbackToSingleUserLP() {
Xiaohui Chenb31e14a2015-07-13 16:04:55 -0700[diff] [blame]1469 int flags = UserInfo.FLAG_INITIALIZED;
1470 // In split system user mode, the admin and primary flags are assigned to the first human
1471 // user.
1472 if (!UserManager.isSplitSystemUser()) {
1473 flags |= UserInfo.FLAG_ADMIN | UserInfo.FLAG_PRIMARY;
1474 }
Xiaohui Chen70f6c382015-04-28 14:21:43 -0700[diff] [blame]1475 // Create the system user
Amith Yamasani6f48d6e2016-03-23 14:28:25 -0700[diff] [blame]1476 UserInfo system = new UserInfo(UserHandle.USER_SYSTEM, null, null, flags);
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1477 UserData userData = new UserData();
1478 userData.info = system;
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]1479 synchronized (mUsersLock) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1480 mUsers.put(system.id, userData);
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]1481 }
Amith Yamasani634cf312012-10-04 17:34:21 -0700[diff] [blame]1482 mNextSerialNumber = MIN_USER_ID;
Geoffrey Borggaard15b8b2c2013-08-28 22:11:10 -0400[diff] [blame]1483 mUserVersion = USER_VERSION;
Amith Yamasani67df64b2012-12-14 12:09:36 -0800[diff] [blame]1484
Geoffrey Borggaarde45e45e32013-01-24 10:03:20 -0500[diff] [blame]1485 Bundle restrictions = new Bundle();
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]1486 synchronized (mRestrictionsLock) {
1487 mBaseUserRestrictions.append(UserHandle.USER_SYSTEM, restrictions);
1488 }
Amith Yamasani67df64b2012-12-14 12:09:36 -0800[diff] [blame]1489
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]1490 updateUserIds();
Amith Yamasaniaa6634e2014-10-06 14:20:28 -0700[diff] [blame]1491 initDefaultGuestRestrictions();
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1492
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1493 writeUserListLP();
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1494 writeUserLP(userData);
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1495 }
1496
Amith Yamasani6f48d6e2016-03-23 14:28:25 -0700[diff] [blame]1497 private String getOwnerName() {
1498 return mContext.getResources().getString(com.android.internal.R.string.owner_name);
1499 }
1500
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1501 private void scheduleWriteUser(UserData UserData) {
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1502 if (DBG) {
1503 debug("scheduleWriteUser");
1504 }
Makoto Onuki9e935a32015-11-06 14:24:24 -0800[diff] [blame]1505 // No need to wrap it within a lock -- worst case, we'll just post the same message
1506 // twice.
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1507 if (!mHandler.hasMessages(WRITE_USER_MSG, UserData)) {
1508 Message msg = mHandler.obtainMessage(WRITE_USER_MSG, UserData);
Fyodor Kupolov75d0ea82014-12-15 16:21:07 -0800[diff] [blame]1509 mHandler.sendMessageDelayed(msg, WRITE_USER_DELAY);
1510 }
1511 }
1512
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1513 /*
1514 * Writes the user file in this format:
1515 *
1516 * <user flags="20039023" id="0">
1517 * <name>Primary</name>
1518 * </user>
1519 */
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1520 private void writeUserLP(UserData userData) {
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1521 if (DBG) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1522 debug("writeUserLP " + userData);
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1523 }
Amith Yamasani742a6712011-05-04 14:49:28 -0700[diff] [blame]1524 FileOutputStream fos = null;
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1525 AtomicFile userFile = new AtomicFile(new File(mUsersDir, userData.info.id + XML_SUFFIX));
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1526 try {
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]1527 fos = userFile.startWrite();
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1528 final BufferedOutputStream bos = new BufferedOutputStream(fos);
1529
1530 // XmlSerializer serializer = XmlUtils.serializerInstance();
1531 final XmlSerializer serializer = new FastXmlSerializer();
Wojciech Staszkiewicz9e9e2e72015-05-08 14:58:46 +0100[diff] [blame]1532 serializer.setOutput(bos, StandardCharsets.UTF_8.name());
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1533 serializer.startDocument(null, true);
1534 serializer.setFeature("http://xmlpull.org/v1/doc/features.html#indent-output", true);
1535
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1536 final UserInfo userInfo = userData.info;
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1537 serializer.startTag(null, TAG_USER);
1538 serializer.attribute(null, ATTR_ID, Integer.toString(userInfo.id));
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]1539 serializer.attribute(null, ATTR_SERIAL_NO, Integer.toString(userInfo.serialNumber));
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1540 serializer.attribute(null, ATTR_FLAGS, Integer.toString(userInfo.flags));
Amith Yamasani920ace02012-09-20 22:15:37 -0700[diff] [blame]1541 serializer.attribute(null, ATTR_CREATION_TIME, Long.toString(userInfo.creationTime));
1542 serializer.attribute(null, ATTR_LAST_LOGGED_IN_TIME,
1543 Long.toString(userInfo.lastLoggedInTime));
Amith Yamasanib8151ec2012-04-18 18:02:48 -0700[diff] [blame]1544 if (userInfo.iconPath != null) {
1545 serializer.attribute(null, ATTR_ICON_PATH, userInfo.iconPath);
1546 }
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]1547 if (userInfo.partial) {
1548 serializer.attribute(null, ATTR_PARTIAL, "true");
1549 }
Adam Lesinskieddeb492014-09-08 17:50:03 -0700[diff] [blame]1550 if (userInfo.guestToRemove) {
1551 serializer.attribute(null, ATTR_GUEST_TO_REMOVE, "true");
1552 }
Kenny Guy2a764942014-04-02 13:29:20 +0100[diff] [blame]1553 if (userInfo.profileGroupId != UserInfo.NO_PROFILE_GROUP_ID) {
1554 serializer.attribute(null, ATTR_PROFILE_GROUP_ID,
1555 Integer.toString(userInfo.profileGroupId));
Kenny Guya52dc3e2014-02-11 15:33:14 +0000[diff] [blame]1556 }
Fyodor Kupolov06a484a2015-08-21 16:33:20 -0700[diff] [blame]1557 if (userInfo.restrictedProfileParentId != UserInfo.NO_PROFILE_GROUP_ID) {
1558 serializer.attribute(null, ATTR_RESTRICTED_PROFILE_PARENT_ID,
1559 Integer.toString(userInfo.restrictedProfileParentId));
1560 }
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1561 // Write seed data
1562 if (userData.persistSeedData) {
1563 if (userData.seedAccountName != null) {
1564 serializer.attribute(null, ATTR_SEED_ACCOUNT_NAME, userData.seedAccountName);
1565 }
1566 if (userData.seedAccountType != null) {
1567 serializer.attribute(null, ATTR_SEED_ACCOUNT_TYPE, userData.seedAccountType);
1568 }
1569 }
Amith Yamasani6f48d6e2016-03-23 14:28:25 -0700[diff] [blame]1570 if (userInfo.name != null) {
1571 serializer.startTag(null, TAG_NAME);
1572 serializer.text(userInfo.name);
1573 serializer.endTag(null, TAG_NAME);
1574 }
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]1575 synchronized (mRestrictionsLock) {
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1576 UserRestrictionsUtils.writeRestrictions(serializer,
1577 mBaseUserRestrictions.get(userInfo.id), TAG_RESTRICTIONS);
1578 UserRestrictionsUtils.writeRestrictions(serializer,
1579 mDevicePolicyLocalUserRestrictions.get(userInfo.id),
1580 TAG_DEVICE_POLICY_RESTRICTIONS);
Amith Yamasanie4cf7342012-12-17 11:12:09 -0800[diff] [blame]1581 }
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1582
1583 if (userData.account != null) {
Xiaohui Chenb3b92582015-12-07 11:22:13 -0800[diff] [blame]1584 serializer.startTag(null, TAG_ACCOUNT);
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1585 serializer.text(userData.account);
Xiaohui Chenb3b92582015-12-07 11:22:13 -0800[diff] [blame]1586 serializer.endTag(null, TAG_ACCOUNT);
1587 }
1588
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1589 if (userData.persistSeedData && userData.seedAccountOptions != null) {
1590 serializer.startTag(null, TAG_SEED_ACCOUNT_OPTIONS);
1591 userData.seedAccountOptions.saveToXml(serializer);
1592 serializer.endTag(null, TAG_SEED_ACCOUNT_OPTIONS);
1593 }
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1594 serializer.endTag(null, TAG_USER);
1595
1596 serializer.endDocument();
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]1597 userFile.finishWrite(fos);
1598 } catch (Exception ioe) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1599 Slog.e(LOG_TAG, "Error writing user info " + userData.info.id + "\n" + ioe);
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]1600 userFile.failWrite(fos);
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1601 }
1602 }
1603
1604 /*
1605 * Writes the user list file in this format:
1606 *
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]1607 * <users nextSerialNumber="3">
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1608 * <user id="0"></user>
1609 * <user id="2"></user>
1610 * </users>
1611 */
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1612 private void writeUserListLP() {
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1613 if (DBG) {
1614 debug("writeUserList");
1615 }
Amith Yamasani742a6712011-05-04 14:49:28 -0700[diff] [blame]1616 FileOutputStream fos = null;
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]1617 AtomicFile userListFile = new AtomicFile(mUserListFile);
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1618 try {
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]1619 fos = userListFile.startWrite();
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1620 final BufferedOutputStream bos = new BufferedOutputStream(fos);
1621
1622 // XmlSerializer serializer = XmlUtils.serializerInstance();
1623 final XmlSerializer serializer = new FastXmlSerializer();
Wojciech Staszkiewicz9e9e2e72015-05-08 14:58:46 +0100[diff] [blame]1624 serializer.setOutput(bos, StandardCharsets.UTF_8.name());
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1625 serializer.startDocument(null, true);
1626 serializer.setFeature("http://xmlpull.org/v1/doc/features.html#indent-output", true);
1627
1628 serializer.startTag(null, TAG_USERS);
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]1629 serializer.attribute(null, ATTR_NEXT_SERIAL_NO, Integer.toString(mNextSerialNumber));
Amith Yamasani6f34b412012-10-22 18:19:27 -0700[diff] [blame]1630 serializer.attribute(null, ATTR_USER_VERSION, Integer.toString(mUserVersion));
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1631
Adam Lesinskieddeb492014-09-08 17:50:03 -0700[diff] [blame]1632 serializer.startTag(null, TAG_GUEST_RESTRICTIONS);
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1633 synchronized (mGuestRestrictions) {
1634 UserRestrictionsUtils
1635 .writeRestrictions(serializer, mGuestRestrictions, TAG_RESTRICTIONS);
1636 }
Amith Yamasanie4afaa32014-06-30 14:55:07 +0530[diff] [blame]1637 serializer.endTag(null, TAG_GUEST_RESTRICTIONS);
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1638 synchronized (mRestrictionsLock) {
1639 UserRestrictionsUtils.writeRestrictions(serializer,
1640 mDevicePolicyGlobalUserRestrictions, TAG_DEVICE_POLICY_RESTRICTIONS);
1641 }
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]1642 int[] userIdsToWrite;
1643 synchronized (mUsersLock) {
1644 userIdsToWrite = new int[mUsers.size()];
1645 for (int i = 0; i < userIdsToWrite.length; i++) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1646 UserInfo user = mUsers.valueAt(i).info;
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]1647 userIdsToWrite[i] = user.id;
1648 }
1649 }
1650 for (int id : userIdsToWrite) {
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1651 serializer.startTag(null, TAG_USER);
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]1652 serializer.attribute(null, ATTR_ID, Integer.toString(id));
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1653 serializer.endTag(null, TAG_USER);
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1654 }
1655
1656 serializer.endTag(null, TAG_USERS);
1657
1658 serializer.endDocument();
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]1659 userListFile.finishWrite(fos);
1660 } catch (Exception e) {
1661 userListFile.failWrite(fos);
Amith Yamasani0b285492011-04-14 17:35:23 -0700[diff] [blame]1662 Slog.e(LOG_TAG, "Error writing user list");
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1663 }
1664 }
1665
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1666 private UserData readUserLP(int id) {
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1667 int flags = 0;
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]1668 int serialNumber = id;
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1669 String name = null;
Xiaohui Chenb3b92582015-12-07 11:22:13 -0800[diff] [blame]1670 String account = null;
Amith Yamasanib8151ec2012-04-18 18:02:48 -0700[diff] [blame]1671 String iconPath = null;
Amith Yamasani920ace02012-09-20 22:15:37 -0700[diff] [blame]1672 long creationTime = 0L;
1673 long lastLoggedInTime = 0L;
Kenny Guy2a764942014-04-02 13:29:20 +0100[diff] [blame]1674 int profileGroupId = UserInfo.NO_PROFILE_GROUP_ID;
Fyodor Kupolov06a484a2015-08-21 16:33:20 -0700[diff] [blame]1675 int restrictedProfileParentId = UserInfo.NO_PROFILE_GROUP_ID;
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]1676 boolean partial = false;
Adam Lesinskieddeb492014-09-08 17:50:03 -0700[diff] [blame]1677 boolean guestToRemove = false;
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1678 boolean persistSeedData = false;
1679 String seedAccountName = null;
1680 String seedAccountType = null;
1681 PersistableBundle seedAccountOptions = null;
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1682 Bundle baseRestrictions = new Bundle();
1683 Bundle localRestrictions = new Bundle();
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1684
1685 FileInputStream fis = null;
1686 try {
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]1687 AtomicFile userFile =
Amith Yamasanifc95e702013-09-26 13:20:17 -0700[diff] [blame]1688 new AtomicFile(new File(mUsersDir, Integer.toString(id) + XML_SUFFIX));
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]1689 fis = userFile.openRead();
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1690 XmlPullParser parser = Xml.newPullParser();
Wojciech Staszkiewicz9e9e2e72015-05-08 14:58:46 +0100[diff] [blame]1691 parser.setInput(fis, StandardCharsets.UTF_8.name());
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1692 int type;
1693 while ((type = parser.next()) != XmlPullParser.START_TAG
1694 && type != XmlPullParser.END_DOCUMENT) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1695 // Skip
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1696 }
1697
1698 if (type != XmlPullParser.START_TAG) {
Amith Yamasani0b285492011-04-14 17:35:23 -0700[diff] [blame]1699 Slog.e(LOG_TAG, "Unable to read user " + id);
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1700 return null;
1701 }
1702
1703 if (type == XmlPullParser.START_TAG && parser.getName().equals(TAG_USER)) {
Amith Yamasani920ace02012-09-20 22:15:37 -0700[diff] [blame]1704 int storedId = readIntAttribute(parser, ATTR_ID, -1);
1705 if (storedId != id) {
Amith Yamasani0b285492011-04-14 17:35:23 -0700[diff] [blame]1706 Slog.e(LOG_TAG, "User id does not match the file name");
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1707 return null;
1708 }
Amith Yamasani920ace02012-09-20 22:15:37 -0700[diff] [blame]1709 serialNumber = readIntAttribute(parser, ATTR_SERIAL_NO, id);
1710 flags = readIntAttribute(parser, ATTR_FLAGS, 0);
Amith Yamasanib8151ec2012-04-18 18:02:48 -0700[diff] [blame]1711 iconPath = parser.getAttributeValue(null, ATTR_ICON_PATH);
Amith Yamasani920ace02012-09-20 22:15:37 -0700[diff] [blame]1712 creationTime = readLongAttribute(parser, ATTR_CREATION_TIME, 0);
1713 lastLoggedInTime = readLongAttribute(parser, ATTR_LAST_LOGGED_IN_TIME, 0);
Kenny Guy2a764942014-04-02 13:29:20 +0100[diff] [blame]1714 profileGroupId = readIntAttribute(parser, ATTR_PROFILE_GROUP_ID,
1715 UserInfo.NO_PROFILE_GROUP_ID);
Fyodor Kupolov06a484a2015-08-21 16:33:20 -0700[diff] [blame]1716 restrictedProfileParentId = readIntAttribute(parser,
1717 ATTR_RESTRICTED_PROFILE_PARENT_ID, UserInfo.NO_PROFILE_GROUP_ID);
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]1718 String valueString = parser.getAttributeValue(null, ATTR_PARTIAL);
1719 if ("true".equals(valueString)) {
1720 partial = true;
1721 }
Adam Lesinskieddeb492014-09-08 17:50:03 -0700[diff] [blame]1722 valueString = parser.getAttributeValue(null, ATTR_GUEST_TO_REMOVE);
1723 if ("true".equals(valueString)) {
1724 guestToRemove = true;
1725 }
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1726
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1727 seedAccountName = parser.getAttributeValue(null, ATTR_SEED_ACCOUNT_NAME);
1728 seedAccountType = parser.getAttributeValue(null, ATTR_SEED_ACCOUNT_TYPE);
1729 if (seedAccountName != null || seedAccountType != null) {
1730 persistSeedData = true;
1731 }
1732
Amith Yamasanie4cf7342012-12-17 11:12:09 -0800[diff] [blame]1733 int outerDepth = parser.getDepth();
1734 while ((type = parser.next()) != XmlPullParser.END_DOCUMENT
1735 && (type != XmlPullParser.END_TAG || parser.getDepth() > outerDepth)) {
1736 if (type == XmlPullParser.END_TAG || type == XmlPullParser.TEXT) {
1737 continue;
1738 }
1739 String tag = parser.getName();
1740 if (TAG_NAME.equals(tag)) {
1741 type = parser.next();
1742 if (type == XmlPullParser.TEXT) {
1743 name = parser.getText();
1744 }
1745 } else if (TAG_RESTRICTIONS.equals(tag)) {
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1746 UserRestrictionsUtils.readRestrictions(parser, baseRestrictions);
1747 } else if (TAG_DEVICE_POLICY_RESTRICTIONS.equals(tag)) {
1748 UserRestrictionsUtils.readRestrictions(parser, localRestrictions);
Xiaohui Chenb3b92582015-12-07 11:22:13 -0800[diff] [blame]1749 } else if (TAG_ACCOUNT.equals(tag)) {
1750 type = parser.next();
1751 if (type == XmlPullParser.TEXT) {
1752 account = parser.getText();
1753 }
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1754 } else if (TAG_SEED_ACCOUNT_OPTIONS.equals(tag)) {
1755 seedAccountOptions = PersistableBundle.restoreFromXml(parser);
1756 persistSeedData = true;
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1757 }
1758 }
1759 }
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1760
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1761 // Create the UserInfo object that gets passed around
Amith Yamasanib8151ec2012-04-18 18:02:48 -0700[diff] [blame]1762 UserInfo userInfo = new UserInfo(id, name, iconPath, flags);
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]1763 userInfo.serialNumber = serialNumber;
Amith Yamasani920ace02012-09-20 22:15:37 -0700[diff] [blame]1764 userInfo.creationTime = creationTime;
1765 userInfo.lastLoggedInTime = lastLoggedInTime;
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]1766 userInfo.partial = partial;
Adam Lesinskieddeb492014-09-08 17:50:03 -0700[diff] [blame]1767 userInfo.guestToRemove = guestToRemove;
Kenny Guy2a764942014-04-02 13:29:20 +0100[diff] [blame]1768 userInfo.profileGroupId = profileGroupId;
Fyodor Kupolov06a484a2015-08-21 16:33:20 -0700[diff] [blame]1769 userInfo.restrictedProfileParentId = restrictedProfileParentId;
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1770
1771 // Create the UserData object that's internal to this class
1772 UserData userData = new UserData();
1773 userData.info = userInfo;
1774 userData.account = account;
1775 userData.seedAccountName = seedAccountName;
1776 userData.seedAccountType = seedAccountType;
1777 userData.persistSeedData = persistSeedData;
1778 userData.seedAccountOptions = seedAccountOptions;
1779
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]1780 synchronized (mRestrictionsLock) {
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]1781 mBaseUserRestrictions.put(id, baseRestrictions);
1782 mDevicePolicyLocalUserRestrictions.put(id, localRestrictions);
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]1783 }
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1784 return userData;
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1785 } catch (IOException ioe) {
1786 } catch (XmlPullParserException pe) {
Dianne Hackbornbfd89b32011-12-15 18:22:54 -0800[diff] [blame]1787 } finally {
1788 if (fis != null) {
1789 try {
1790 fis.close();
1791 } catch (IOException e) {
1792 }
1793 }
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1794 }
1795 return null;
1796 }
1797
Amith Yamasani920ace02012-09-20 22:15:37 -0700[diff] [blame]1798 private int readIntAttribute(XmlPullParser parser, String attr, int defaultValue) {
1799 String valueString = parser.getAttributeValue(null, attr);
1800 if (valueString == null) return defaultValue;
1801 try {
1802 return Integer.parseInt(valueString);
1803 } catch (NumberFormatException nfe) {
1804 return defaultValue;
1805 }
1806 }
1807
1808 private long readLongAttribute(XmlPullParser parser, String attr, long defaultValue) {
1809 String valueString = parser.getAttributeValue(null, attr);
1810 if (valueString == null) return defaultValue;
1811 try {
1812 return Long.parseLong(valueString);
1813 } catch (NumberFormatException nfe) {
1814 return defaultValue;
1815 }
1816 }
1817
Amith Yamasanib82add22013-07-09 11:24:44 -0700[diff] [blame]1818 /**
Amith Yamasani1a7472e2013-07-02 11:17:30 -0700[diff] [blame]1819 * Removes the app restrictions file for a specific package and user id, if it exists.
1820 */
1821 private void cleanAppRestrictionsForPackage(String pkg, int userId) {
1822 synchronized (mPackagesLock) {
1823 File dir = Environment.getUserSystemDirectory(userId);
Amith Yamasanifc95e702013-09-26 13:20:17 -0700[diff] [blame]1824 File resFile = new File(dir, packageToRestrictionsFileName(pkg));
Amith Yamasani1a7472e2013-07-02 11:17:30 -0700[diff] [blame]1825 if (resFile.exists()) {
1826 resFile.delete();
1827 }
1828 }
1829 }
1830
Kenny Guya52dc3e2014-02-11 15:33:14 +0000[diff] [blame]1831 @Override
Kenny Guy2a764942014-04-02 13:29:20 +0100[diff] [blame]1832 public UserInfo createProfileForUser(String name, int flags, int userId) {
Kenny Guya52dc3e2014-02-11 15:33:14 +0000[diff] [blame]1833 checkManageUsersPermission("Only the system can create users");
Kenny Guy2a764942014-04-02 13:29:20 +0100[diff] [blame]1834 return createUserInternal(name, flags, userId);
Kenny Guya52dc3e2014-02-11 15:33:14 +0000[diff] [blame]1835 }
1836
Amith Yamasani258848d2012-08-10 17:06:33 -0700[diff] [blame]1837 @Override
Amith Yamasani13593602012-03-22 16:16:17 -0700[diff] [blame]1838 public UserInfo createUser(String name, int flags) {
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]1839 checkManageUsersPermission("Only the system can create users");
Nicolas Prevotc6d033e2014-02-27 13:11:09 +0000[diff] [blame]1840 return createUserInternal(name, flags, UserHandle.USER_NULL);
Kenny Guya52dc3e2014-02-11 15:33:14 +0000[diff] [blame]1841 }
Amith Yamasanifaea76f2012-09-11 10:59:48 -0700[diff] [blame]1842
Jessica Hummelbe81c802014-04-22 15:49:22 +0100[diff] [blame]1843 private UserInfo createUserInternal(String name, int flags, int parentId) {
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1844 if (hasUserRestriction(UserManager.DISALLOW_ADD_USER, UserHandle.getCallingUserId())) {
Julia Reynolds75175022014-06-26 16:35:00 -0400[diff] [blame]1845 Log.w(LOG_TAG, "Cannot add user. DISALLOW_ADD_USER is enabled.");
1846 return null;
1847 }
phweisse9c44062016-02-10 12:57:38 +0100[diff] [blame]1848 return createUserInternalUnchecked(name, flags, parentId);
1849 }
1850
1851 private UserInfo createUserInternalUnchecked(String name, int flags, int parentId) {
Nicolas Prevot12678a92015-05-13 12:15:03 -0700[diff] [blame]1852 if (ActivityManager.isLowRamDeviceStatic()) {
1853 return null;
1854 }
Amith Yamasani95ab7842014-08-11 17:09:26 -0700[diff] [blame]1855 final boolean isGuest = (flags & UserInfo.FLAG_GUEST) != 0;
Nicolas Prevot12678a92015-05-13 12:15:03 -0700[diff] [blame]1856 final boolean isManagedProfile = (flags & UserInfo.FLAG_MANAGED_PROFILE) != 0;
Fyodor Kupolov06a484a2015-08-21 16:33:20 -0700[diff] [blame]1857 final boolean isRestricted = (flags & UserInfo.FLAG_RESTRICTED) != 0;
Dianne Hackborn5dc5a002012-09-15 19:33:48 -0700[diff] [blame]1858 final long ident = Binder.clearCallingIdentity();
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1859 UserInfo userInfo;
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1860 UserData userData;
Amith Yamasanibb054c92015-07-09 14:16:27 -0700[diff] [blame]1861 final int userId;
Dianne Hackborn5dc5a002012-09-15 19:33:48 -0700[diff] [blame]1862 try {
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1863 synchronized (mPackagesLock) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1864 UserData parent = null;
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1865 if (parentId != UserHandle.USER_NULL) {
1866 synchronized (mUsersLock) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1867 parent = getUserDataLU(parentId);
Nicolas Prevotc6d033e2014-02-27 13:11:09 +0000[diff] [blame]1868 }
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1869 if (parent == null) return null;
1870 }
1871 if (isManagedProfile && !canAddMoreManagedProfiles(parentId, false)) {
1872 Log.e(LOG_TAG, "Cannot add more managed profiles for user " + parentId);
1873 return null;
1874 }
1875 if (!isGuest && !isManagedProfile && isUserLimitReached()) {
1876 // If we're not adding a guest user or a managed profile and the limit has
1877 // been reached, cannot add a user.
1878 return null;
1879 }
1880 // If we're adding a guest and there already exists one, bail.
1881 if (isGuest && findCurrentGuestUser() != null) {
1882 return null;
1883 }
1884 // In legacy mode, restricted profile's parent can only be the owner user
1885 if (isRestricted && !UserManager.isSplitSystemUser()
1886 && (parentId != UserHandle.USER_SYSTEM)) {
1887 Log.w(LOG_TAG, "Cannot add restricted profile - parent user must be owner");
1888 return null;
1889 }
1890 if (isRestricted && UserManager.isSplitSystemUser()) {
1891 if (parent == null) {
1892 Log.w(LOG_TAG, "Cannot add restricted profile - parent user must be "
1893 + "specified");
Nicolas Prevot12678a92015-05-13 12:15:03 -0700[diff] [blame]1894 return null;
1895 }
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1896 if (!parent.info.canHaveProfile()) {
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1897 Log.w(LOG_TAG, "Cannot add restricted profile - profiles cannot be "
1898 + "created for the specified parent user id " + parentId);
Amith Yamasani95ab7842014-08-11 17:09:26 -0700[diff] [blame]1899 return null;
1900 }
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1901 }
Lenka Trochtova024f9792016-02-17 13:55:17 +0100[diff] [blame]1902 if (!UserManager.isSplitSystemUser() && (flags & UserInfo.FLAG_EPHEMERAL) != 0) {
1903 Log.e(LOG_TAG,
1904 "Ephemeral users are supported on split-system-user systems only.");
1905 return null;
1906 }
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1907 // In split system user mode, we assign the first human user the primary flag.
1908 // And if there is no device owner, we also assign the admin flag to primary user.
1909 if (UserManager.isSplitSystemUser()
1910 && !isGuest && !isManagedProfile && getPrimaryUser() == null) {
1911 flags |= UserInfo.FLAG_PRIMARY;
Makoto Onukie7927da2015-11-25 10:05:17 -0800[diff] [blame]1912 synchronized (mUsersLock) {
1913 if (!mIsDeviceManaged) {
1914 flags |= UserInfo.FLAG_ADMIN;
1915 }
Amith Yamasani95ab7842014-08-11 17:09:26 -0700[diff] [blame]1916 }
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1917 }
Lenka Trochtovac4dd0212015-11-18 12:22:06 +0100[diff] [blame]1918
Lenka Trochtovaf348e8e2016-01-07 17:20:34 +0100[diff] [blame]1919 userId = getNextAvailableId();
1920 Environment.getUserSystemDirectory(userId).mkdirs();
Lenka Trochtova02fee152015-12-22 14:26:18 +0100[diff] [blame]1921 boolean ephemeralGuests = Resources.getSystem()
1922 .getBoolean(com.android.internal.R.bool.config_guestUserEphemeral);
Lenka Trochtovaf348e8e2016-01-07 17:20:34 +0100[diff] [blame]1923
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1924 synchronized (mUsersLock) {
Lenka Trochtovaf348e8e2016-01-07 17:20:34 +0100[diff] [blame]1925 // Add ephemeral flag to guests/users if required. Also inherit it from parent.
1926 if ((isGuest && ephemeralGuests) || mForceEphemeralUsers
1927 || (parent != null && parent.info.isEphemeral())) {
1928 flags |= UserInfo.FLAG_EPHEMERAL;
1929 }
1930
1931 userInfo = new UserInfo(userId, name, null, flags);
1932 userInfo.serialNumber = mNextSerialNumber++;
1933 long now = System.currentTimeMillis();
1934 userInfo.creationTime = (now > EPOCH_PLUS_30_YEARS) ? now : 0;
1935 userInfo.partial = true;
1936 userData = new UserData();
1937 userData.info = userInfo;
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1938 mUsers.put(userId, userData);
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1939 }
1940 writeUserListLP();
1941 if (parent != null) {
1942 if (isManagedProfile) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1943 if (parent.info.profileGroupId == UserInfo.NO_PROFILE_GROUP_ID) {
1944 parent.info.profileGroupId = parent.info.id;
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1945 writeUserLP(parent);
Kenny Guya52dc3e2014-02-11 15:33:14 +0000[diff] [blame]1946 }
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1947 userInfo.profileGroupId = parent.info.profileGroupId;
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1948 } else if (isRestricted) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1949 if (parent.info.restrictedProfileParentId == UserInfo.NO_PROFILE_GROUP_ID) {
1950 parent.info.restrictedProfileParentId = parent.info.id;
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1951 writeUserLP(parent);
Jeff Sharkey6dce4962015-07-03 18:08:41 -0700[diff] [blame]1952 }
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1953 userInfo.restrictedProfileParentId = parent.info.restrictedProfileParentId;
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]1954 }
Dianne Hackborn5dc5a002012-09-15 19:33:48 -0700[diff] [blame]1955 }
Dianne Hackborn4428e172012-08-24 17:43:05 -0700[diff] [blame]1956 }
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1957 final StorageManager storage = mContext.getSystemService(StorageManager.class);
Lenka Trochtovac4dd0212015-11-18 12:22:06 +0100[diff] [blame]1958 storage.createUserKey(userId, userInfo.serialNumber, userInfo.isEphemeral());
Jeff Sharkey47f71082016-02-01 17:03:54 -0700[diff] [blame]1959 prepareUserStorage(userId, userInfo.serialNumber,
1960 StorageManager.FLAG_STORAGE_DE | StorageManager.FLAG_STORAGE_CE);
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1961 mPm.createNewUser(userId);
1962 userInfo.partial = false;
1963 synchronized (mPackagesLock) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1964 writeUserLP(userData);
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1965 }
1966 updateUserIds();
1967 Bundle restrictions = new Bundle();
Fyodor Kupolove04462c2015-11-30 15:02:53 -0800[diff] [blame]1968 if (isGuest) {
1969 synchronized (mGuestRestrictions) {
1970 restrictions.putAll(mGuestRestrictions);
1971 }
1972 }
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]1973 synchronized (mRestrictionsLock) {
1974 mBaseUserRestrictions.append(userId, restrictions);
1975 }
1976 mPm.newUserCreated(userId);
1977 Intent addedIntent = new Intent(Intent.ACTION_USER_ADDED);
1978 addedIntent.putExtra(Intent.EXTRA_USER_HANDLE, userId);
1979 mContext.sendBroadcastAsUser(addedIntent, UserHandle.ALL,
1980 android.Manifest.permission.MANAGE_USERS);
Fyodor Kupolov8385e4b2015-12-29 18:15:32 -0800[diff] [blame]1981 MetricsLogger.count(mContext, isGuest ? TRON_GUEST_CREATED : TRON_USER_CREATED, 1);
Dianne Hackborn5dc5a002012-09-15 19:33:48 -0700[diff] [blame]1982 } finally {
1983 Binder.restoreCallingIdentity(ident);
Amith Yamasani258848d2012-08-10 17:06:33 -0700[diff] [blame]1984 }
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]1985 return userInfo;
1986 }
1987
Amith Yamasani0b285492011-04-14 17:35:23 -0700[diff] [blame]1988 /**
Fyodor Kupolov02cb6e72015-09-18 18:20:55 -0700[diff] [blame]1989 * @hide
1990 */
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]1991 @Override
Fyodor Kupolov02cb6e72015-09-18 18:20:55 -0700[diff] [blame]1992 public UserInfo createRestrictedProfile(String name, int parentUserId) {
1993 checkManageUsersPermission("setupRestrictedProfile");
1994 final UserInfo user = createProfileForUser(name, UserInfo.FLAG_RESTRICTED, parentUserId);
1995 if (user == null) {
1996 return null;
1997 }
Fyodor Kupolov9e912ba2016-02-09 18:29:43 -0800[diff] [blame]1998 long identity = Binder.clearCallingIdentity();
1999 try {
2000 setUserRestriction(UserManager.DISALLOW_MODIFY_ACCOUNTS, true, user.id);
2001 // Change the setting before applying the DISALLOW_SHARE_LOCATION restriction, otherwise
2002 // the putIntForUser() will fail.
2003 android.provider.Settings.Secure.putIntForUser(mContext.getContentResolver(),
2004 android.provider.Settings.Secure.LOCATION_MODE,
2005 android.provider.Settings.Secure.LOCATION_MODE_OFF, user.id);
2006 setUserRestriction(UserManager.DISALLOW_SHARE_LOCATION, true, user.id);
2007 } finally {
2008 Binder.restoreCallingIdentity(identity);
2009 }
Fyodor Kupolov02cb6e72015-09-18 18:20:55 -0700[diff] [blame]2010 return user;
2011 }
2012
2013 /**
Adam Lesinskieddeb492014-09-08 17:50:03 -0700[diff] [blame]2014 * Find the current guest user. If the Guest user is partial,
2015 * then do not include it in the results as it is about to die.
Adam Lesinskieddeb492014-09-08 17:50:03 -0700[diff] [blame]2016 */
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2017 private UserInfo findCurrentGuestUser() {
2018 synchronized (mUsersLock) {
2019 final int size = mUsers.size();
2020 for (int i = 0; i < size; i++) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2021 final UserInfo user = mUsers.valueAt(i).info;
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2022 if (user.isGuest() && !user.guestToRemove && !mRemovingUserIds.get(user.id)) {
2023 return user;
2024 }
Adam Lesinskieddeb492014-09-08 17:50:03 -0700[diff] [blame]2025 }
2026 }
2027 return null;
2028 }
2029
2030 /**
Amith Yamasani1df14732014-08-29 21:37:27 -0700[diff] [blame]2031 * Mark this guest user for deletion to allow us to create another guest
2032 * and switch to that user before actually removing this guest.
2033 * @param userHandle the userid of the current guest
2034 * @return whether the user could be marked for deletion
2035 */
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2036 @Override
Amith Yamasani1df14732014-08-29 21:37:27 -0700[diff] [blame]2037 public boolean markGuestForDeletion(int userHandle) {
2038 checkManageUsersPermission("Only the system can remove users");
2039 if (getUserRestrictions(UserHandle.getCallingUserId()).getBoolean(
2040 UserManager.DISALLOW_REMOVE_USER, false)) {
2041 Log.w(LOG_TAG, "Cannot remove user. DISALLOW_REMOVE_USER is enabled.");
2042 return false;
2043 }
2044
2045 long ident = Binder.clearCallingIdentity();
2046 try {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2047 final UserData userData;
Amith Yamasani1df14732014-08-29 21:37:27 -0700[diff] [blame]2048 synchronized (mPackagesLock) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2049 synchronized (mUsersLock) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2050 userData = mUsers.get(userHandle);
2051 if (userHandle == 0 || userData == null || mRemovingUserIds.get(userHandle)) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2052 return false;
2053 }
Amith Yamasani1df14732014-08-29 21:37:27 -0700[diff] [blame]2054 }
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2055 if (!userData.info.isGuest()) {
Amith Yamasani1df14732014-08-29 21:37:27 -0700[diff] [blame]2056 return false;
2057 }
Adam Lesinskieddeb492014-09-08 17:50:03 -0700[diff] [blame]2058 // We set this to a guest user that is to be removed. This is a temporary state
2059 // where we are allowed to add new Guest users, even if this one is still not
2060 // removed. This user will still show up in getUserInfo() calls.
2061 // If we don't get around to removing this Guest user, it will be purged on next
2062 // startup.
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2063 userData.info.guestToRemove = true;
Amith Yamasani1df14732014-08-29 21:37:27 -0700[diff] [blame]2064 // Mark it as disabled, so that it isn't returned any more when
2065 // profiles are queried.
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2066 userData.info.flags |= UserInfo.FLAG_DISABLED;
2067 writeUserLP(userData);
Amith Yamasani1df14732014-08-29 21:37:27 -0700[diff] [blame]2068 }
2069 } finally {
2070 Binder.restoreCallingIdentity(ident);
2071 }
2072 return true;
2073 }
2074
2075 /**
Amith Yamasani0b285492011-04-14 17:35:23 -0700[diff] [blame]2076 * Removes a user and all data directories created for that user. This method should be called
2077 * after the user's processes have been terminated.
Dianne Hackborn10ad9822014-03-17 11:28:36 -0700[diff] [blame]2078 * @param userHandle the user's id
Amith Yamasani0b285492011-04-14 17:35:23 -0700[diff] [blame]2079 */
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2080 @Override
Amith Yamasani258848d2012-08-10 17:06:33 -0700[diff] [blame]2081 public boolean removeUser(int userHandle) {
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]2082 checkManageUsersPermission("Only the system can remove users");
Julia Reynolds4ac5f852014-06-23 17:38:51 -0400[diff] [blame]2083 if (getUserRestrictions(UserHandle.getCallingUserId()).getBoolean(
2084 UserManager.DISALLOW_REMOVE_USER, false)) {
2085 Log.w(LOG_TAG, "Cannot remove user. DISALLOW_REMOVE_USER is enabled.");
2086 return false;
2087 }
2088
Kenny Guyee58b4f2014-05-23 15:19:53 +0100[diff] [blame]2089 long ident = Binder.clearCallingIdentity();
2090 try {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2091 final UserData userData;
Fyodor Kupolov0df68cd2015-10-01 13:54:22 -0700[diff] [blame]2092 int currentUser = ActivityManager.getCurrentUser();
2093 if (currentUser == userHandle) {
2094 Log.w(LOG_TAG, "Current user cannot be removed");
2095 return false;
2096 }
Kenny Guyee58b4f2014-05-23 15:19:53 +0100[diff] [blame]2097 synchronized (mPackagesLock) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2098 synchronized (mUsersLock) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2099 userData = mUsers.get(userHandle);
2100 if (userHandle == 0 || userData == null || mRemovingUserIds.get(userHandle)) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2101 return false;
2102 }
Jeff Sharkey6eb09392014-11-14 15:57:59 -0800[diff] [blame]2103
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2104 // We remember deleted user IDs to prevent them from being
2105 // reused during the current boot; they can still be reused
2106 // after a reboot.
2107 mRemovingUserIds.put(userHandle, true);
2108 }
Jeff Sharkey6eb09392014-11-14 15:57:59 -0800[diff] [blame]2109
Kenny Guyee58b4f2014-05-23 15:19:53 +0100[diff] [blame]2110 try {
2111 mAppOpsService.removeUser(userHandle);
2112 } catch (RemoteException e) {
2113 Log.w(LOG_TAG, "Unable to notify AppOpsService of removing user", e);
2114 }
2115 // Set this to a partially created user, so that the user will be purged
2116 // on next startup, in case the runtime stops now before stopping and
2117 // removing the user completely.
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2118 userData.info.partial = true;
Kenny Guyee58b4f2014-05-23 15:19:53 +0100[diff] [blame]2119 // Mark it as disabled, so that it isn't returned any more when
2120 // profiles are queried.
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2121 userData.info.flags |= UserInfo.FLAG_DISABLED;
2122 writeUserLP(userData);
Kenny Guyee58b4f2014-05-23 15:19:53 +0100[diff] [blame]2123 }
2124
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2125 if (userData.info.profileGroupId != UserInfo.NO_PROFILE_GROUP_ID
2126 && userData.info.isManagedProfile()) {
Kenny Guyee58b4f2014-05-23 15:19:53 +0100[diff] [blame]2127 // Send broadcast to notify system that the user removed was a
2128 // managed user.
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2129 sendProfileRemovedBroadcast(userData.info.profileGroupId, userData.info.id);
Kenny Guyee58b4f2014-05-23 15:19:53 +0100[diff] [blame]2130 }
2131
2132 if (DBG) Slog.i(LOG_TAG, "Stopping user " + userHandle);
2133 int res;
2134 try {
Fyodor Kupolov9cbfc9e2015-10-07 15:52:33 -0700[diff] [blame]2135 res = ActivityManagerNative.getDefault().stopUser(userHandle, /* force= */ true,
2136 new IStopUserCallback.Stub() {
Kenny Guyee58b4f2014-05-23 15:19:53 +0100[diff] [blame]2137 @Override
2138 public void userStopped(int userId) {
2139 finishRemoveUser(userId);
2140 }
2141 @Override
2142 public void userStopAborted(int userId) {
2143 }
2144 });
2145 } catch (RemoteException e) {
Dianne Hackborn80a4af22012-08-27 19:18:31 -0700[diff] [blame]2146 return false;
2147 }
Kenny Guyee58b4f2014-05-23 15:19:53 +0100[diff] [blame]2148 return res == ActivityManager.USER_OP_SUCCESS;
2149 } finally {
2150 Binder.restoreCallingIdentity(ident);
Dianne Hackborn80a4af22012-08-27 19:18:31 -0700[diff] [blame]2151 }
Dianne Hackborn80a4af22012-08-27 19:18:31 -0700[diff] [blame]2152 }
2153
Amith Yamasanidb6a14c2012-10-17 21:16:52 -0700[diff] [blame]2154 void finishRemoveUser(final int userHandle) {
Amith Yamasani16389312012-10-17 21:20:14 -0700[diff] [blame]2155 if (DBG) Slog.i(LOG_TAG, "finishRemoveUser " + userHandle);
Amith Yamasanidb6a14c2012-10-17 21:16:52 -0700[diff] [blame]2156 // Let other services shutdown any activity and clean up their state before completely
2157 // wiping the user's system directory and removing from the user list
Dianne Hackborn5dc5a002012-09-15 19:33:48 -0700[diff] [blame]2158 long ident = Binder.clearCallingIdentity();
2159 try {
2160 Intent addedIntent = new Intent(Intent.ACTION_USER_REMOVED);
2161 addedIntent.putExtra(Intent.EXTRA_USER_HANDLE, userHandle);
Amith Yamasanidb6a14c2012-10-17 21:16:52 -0700[diff] [blame]2162 mContext.sendOrderedBroadcastAsUser(addedIntent, UserHandle.ALL,
2163 android.Manifest.permission.MANAGE_USERS,
2164
2165 new BroadcastReceiver() {
2166 @Override
2167 public void onReceive(Context context, Intent intent) {
2168 if (DBG) {
2169 Slog.i(LOG_TAG,
2170 "USER_REMOVED broadcast sent, cleaning up user data "
2171 + userHandle);
2172 }
2173 new Thread() {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2174 @Override
Amith Yamasanidb6a14c2012-10-17 21:16:52 -0700[diff] [blame]2175 public void run() {
Amith Yamasani515d4062015-09-28 11:30:06 -0700[diff] [blame]2176 // Clean up any ActivityManager state
2177 LocalServices.getService(ActivityManagerInternal.class)
2178 .onUserRemoved(userHandle);
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]2179 removeUserState(userHandle);
Amith Yamasanidb6a14c2012-10-17 21:16:52 -0700[diff] [blame]2180 }
2181 }.start();
2182 }
2183 },
2184
2185 null, Activity.RESULT_OK, null, null);
Dianne Hackborn5dc5a002012-09-15 19:33:48 -0700[diff] [blame]2186 } finally {
2187 Binder.restoreCallingIdentity(ident);
2188 }
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]2189 }
2190
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]2191 private void removeUserState(final int userHandle) {
Paul Crowley91293792016-03-25 15:23:07 -0700[diff] [blame^]2192 try {
2193 mContext.getSystemService(StorageManager.class).destroyUserKey(userHandle);
2194 } catch (IllegalStateException e) {
2195 // This may be simply because the user was partially created.
2196 Slog.i(LOG_TAG,
2197 "Destroying key for user " + userHandle + " failed, continuing anyway", e);
2198 }
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]2199 // Cleanup package manager settings
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]2200 mPm.cleanUpUser(this, userHandle);
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]2201
2202 // Remove this user from the list
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2203 synchronized (mUsersLock) {
2204 mUsers.remove(userHandle);
Makoto Onukie7927da2015-11-25 10:05:17 -0800[diff] [blame]2205 mIsUserManaged.delete(userHandle);
2206 }
2207 synchronized (mRestrictionsLock) {
2208 mBaseUserRestrictions.remove(userHandle);
2209 mAppliedUserRestrictions.remove(userHandle);
2210 mCachedEffectiveUserRestrictions.remove(userHandle);
2211 mDevicePolicyLocalUserRestrictions.remove(userHandle);
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2212 }
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]2213 // Remove user file
Amith Yamasanifc95e702013-09-26 13:20:17 -0700[diff] [blame]2214 AtomicFile userFile = new AtomicFile(new File(mUsersDir, userHandle + XML_SUFFIX));
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]2215 userFile.delete();
2216 // Update the user list
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]2217 synchronized (mPackagesLock) {
2218 writeUserListLP();
2219 }
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2220 updateUserIds();
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2221 File userDir = Environment.getUserSystemDirectory(userHandle);
2222 File renamedUserDir = Environment.getUserSystemDirectory(UserHandle.USER_NULL - userHandle);
2223 if (userDir.renameTo(renamedUserDir)) {
2224 removeDirectoryRecursive(renamedUserDir);
2225 } else {
2226 removeDirectoryRecursive(userDir);
2227 }
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]2228 }
2229
Amith Yamasani61f57372012-08-31 12:12:28 -0700[diff] [blame]2230 private void removeDirectoryRecursive(File parent) {
2231 if (parent.isDirectory()) {
2232 String[] files = parent.list();
2233 for (String filename : files) {
2234 File child = new File(parent, filename);
2235 removeDirectoryRecursive(child);
2236 }
2237 }
2238 parent.delete();
2239 }
2240
Kenny Guyf8d3a232014-05-15 16:09:52 +0100[diff] [blame]2241 private void sendProfileRemovedBroadcast(int parentUserId, int removedUserId) {
Adam Connors7b66ed52014-04-14 11:58:10 +0100[diff] [blame]2242 Intent managedProfileIntent = new Intent(Intent.ACTION_MANAGED_PROFILE_REMOVED);
Adam Connorsd4b584e2014-06-09 13:55:47 +0100[diff] [blame]2243 managedProfileIntent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY |
2244 Intent.FLAG_RECEIVER_FOREGROUND);
Kenny Guyf8d3a232014-05-15 16:09:52 +0100[diff] [blame]2245 managedProfileIntent.putExtra(Intent.EXTRA_USER, new UserHandle(removedUserId));
Jeff Sharkeyaf6ec292015-12-17 11:19:00 -0700[diff] [blame]2246 managedProfileIntent.putExtra(Intent.EXTRA_USER_HANDLE, removedUserId);
Kenny Guyf8d3a232014-05-15 16:09:52 +0100[diff] [blame]2247 mContext.sendBroadcastAsUser(managedProfileIntent, new UserHandle(parentUserId), null);
Adam Connors7b66ed52014-04-14 11:58:10 +0100[diff] [blame]2248 }
2249
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]2250 @Override
Amith Yamasani7e99bc02013-04-16 18:24:51 -0700[diff] [blame]2251 public Bundle getApplicationRestrictions(String packageName) {
2252 return getApplicationRestrictionsForUser(packageName, UserHandle.getCallingUserId());
2253 }
2254
2255 @Override
2256 public Bundle getApplicationRestrictionsForUser(String packageName, int userId) {
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2257 if (UserHandle.getCallingUserId() != userId
Amith Yamasani9429afb2013-04-10 18:40:51 -0700[diff] [blame]2258 || !UserHandle.isSameApp(Binder.getCallingUid(), getUidForPackage(packageName))) {
Esteban Talavera5b9f1672015-12-11 15:22:34 +0000[diff] [blame]2259 checkSystemOrRoot("get application restrictions for other users/apps");
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2260 }
2261 synchronized (mPackagesLock) {
2262 // Read the restrictions from XML
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2263 return readApplicationRestrictionsLP(packageName, userId);
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2264 }
2265 }
2266
2267 @Override
Amith Yamasani7e99bc02013-04-16 18:24:51 -0700[diff] [blame]2268 public void setApplicationRestrictions(String packageName, Bundle restrictions,
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2269 int userId) {
Esteban Talavera5b9f1672015-12-11 15:22:34 +0000[diff] [blame]2270 checkSystemOrRoot("set application restrictions");
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2271 synchronized (mPackagesLock) {
Kenny Guyd21b2182014-07-17 16:38:55 +0100[diff] [blame]2272 if (restrictions == null || restrictions.isEmpty()) {
2273 cleanAppRestrictionsForPackage(packageName, userId);
2274 } else {
2275 // Write the restrictions to XML
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2276 writeApplicationRestrictionsLP(packageName, restrictions, userId);
Kenny Guyd21b2182014-07-17 16:38:55 +0100[diff] [blame]2277 }
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2278 }
Robin Lee66e5d962014-04-09 16:44:21 +0100[diff] [blame]2279
Fyodor Kupolovd2846122016-02-11 18:06:34 -0800[diff] [blame]2280 // Notify package of changes via an intent - only sent to explicitly registered receivers.
2281 Intent changeIntent = new Intent(Intent.ACTION_APPLICATION_RESTRICTIONS_CHANGED);
2282 changeIntent.setPackage(packageName);
2283 changeIntent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY);
2284 mContext.sendBroadcastAsUser(changeIntent, UserHandle.of(userId));
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2285 }
2286
2287 private int getUidForPackage(String packageName) {
Amith Yamasani9429afb2013-04-10 18:40:51 -0700[diff] [blame]2288 long ident = Binder.clearCallingIdentity();
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2289 try {
2290 return mContext.getPackageManager().getApplicationInfo(packageName,
Fyodor Kupolovd2846122016-02-11 18:06:34 -0800[diff] [blame]2291 PackageManager.MATCH_UNINSTALLED_PACKAGES).uid;
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2292 } catch (NameNotFoundException nnfe) {
2293 return -1;
Amith Yamasani9429afb2013-04-10 18:40:51 -0700[diff] [blame]2294 } finally {
2295 Binder.restoreCallingIdentity(ident);
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2296 }
2297 }
2298
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2299 private Bundle readApplicationRestrictionsLP(String packageName, int userId) {
Fyodor Kupolov262f9952015-03-23 18:55:11 -0700[diff] [blame]2300 AtomicFile restrictionsFile =
2301 new AtomicFile(new File(Environment.getUserSystemDirectory(userId),
2302 packageToRestrictionsFileName(packageName)));
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2303 return readApplicationRestrictionsLP(restrictionsFile);
Fyodor Kupolov262f9952015-03-23 18:55:11 -0700[diff] [blame]2304 }
2305
2306 @VisibleForTesting
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2307 static Bundle readApplicationRestrictionsLP(AtomicFile restrictionsFile) {
Amith Yamasani7e99bc02013-04-16 18:24:51 -0700[diff] [blame]2308 final Bundle restrictions = new Bundle();
Fyodor Kupolov262f9952015-03-23 18:55:11 -0700[diff] [blame]2309 final ArrayList<String> values = new ArrayList<>();
Fyodor Kupolov6f34d362015-04-02 12:42:13 -0700[diff] [blame]2310 if (!restrictionsFile.getBaseFile().exists()) {
Fyodor Kupolovf6ee2242015-04-06 10:15:07 -0700[diff] [blame]2311 return restrictions;
Fyodor Kupolov6f34d362015-04-02 12:42:13 -0700[diff] [blame]2312 }
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2313
2314 FileInputStream fis = null;
2315 try {
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2316 fis = restrictionsFile.openRead();
2317 XmlPullParser parser = Xml.newPullParser();
Wojciech Staszkiewicz9e9e2e72015-05-08 14:58:46 +0100[diff] [blame]2318 parser.setInput(fis, StandardCharsets.UTF_8.name());
Fyodor Kupolov262f9952015-03-23 18:55:11 -0700[diff] [blame]2319 XmlUtils.nextElement(parser);
2320 if (parser.getEventType() != XmlPullParser.START_TAG) {
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2321 Slog.e(LOG_TAG, "Unable to read restrictions file "
2322 + restrictionsFile.getBaseFile());
Amith Yamasani7e99bc02013-04-16 18:24:51 -0700[diff] [blame]2323 return restrictions;
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2324 }
Fyodor Kupolov262f9952015-03-23 18:55:11 -0700[diff] [blame]2325 while (parser.next() != XmlPullParser.END_DOCUMENT) {
2326 readEntry(restrictions, values, parser);
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2327 }
Fyodor Kupolov262f9952015-03-23 18:55:11 -0700[diff] [blame]2328 } catch (IOException|XmlPullParserException e) {
2329 Log.w(LOG_TAG, "Error parsing " + restrictionsFile.getBaseFile(), e);
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2330 } finally {
Fyodor Kupolov262f9952015-03-23 18:55:11 -0700[diff] [blame]2331 IoUtils.closeQuietly(fis);
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2332 }
Amith Yamasani7e99bc02013-04-16 18:24:51 -0700[diff] [blame]2333 return restrictions;
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2334 }
2335
Fyodor Kupolov262f9952015-03-23 18:55:11 -0700[diff] [blame]2336 private static void readEntry(Bundle restrictions, ArrayList<String> values,
2337 XmlPullParser parser) throws XmlPullParserException, IOException {
2338 int type = parser.getEventType();
2339 if (type == XmlPullParser.START_TAG && parser.getName().equals(TAG_ENTRY)) {
2340 String key = parser.getAttributeValue(null, ATTR_KEY);
2341 String valType = parser.getAttributeValue(null, ATTR_VALUE_TYPE);
2342 String multiple = parser.getAttributeValue(null, ATTR_MULTIPLE);
2343 if (multiple != null) {
2344 values.clear();
2345 int count = Integer.parseInt(multiple);
2346 while (count > 0 && (type = parser.next()) != XmlPullParser.END_DOCUMENT) {
2347 if (type == XmlPullParser.START_TAG
2348 && parser.getName().equals(TAG_VALUE)) {
2349 values.add(parser.nextText().trim());
2350 count--;
2351 }
2352 }
2353 String [] valueStrings = new String[values.size()];
2354 values.toArray(valueStrings);
2355 restrictions.putStringArray(key, valueStrings);
2356 } else if (ATTR_TYPE_BUNDLE.equals(valType)) {
2357 restrictions.putBundle(key, readBundleEntry(parser, values));
2358 } else if (ATTR_TYPE_BUNDLE_ARRAY.equals(valType)) {
2359 final int outerDepth = parser.getDepth();
2360 ArrayList<Bundle> bundleList = new ArrayList<>();
2361 while (XmlUtils.nextElementWithin(parser, outerDepth)) {
2362 Bundle childBundle = readBundleEntry(parser, values);
2363 bundleList.add(childBundle);
2364 }
2365 restrictions.putParcelableArray(key,
2366 bundleList.toArray(new Bundle[bundleList.size()]));
2367 } else {
2368 String value = parser.nextText().trim();
2369 if (ATTR_TYPE_BOOLEAN.equals(valType)) {
2370 restrictions.putBoolean(key, Boolean.parseBoolean(value));
2371 } else if (ATTR_TYPE_INTEGER.equals(valType)) {
2372 restrictions.putInt(key, Integer.parseInt(value));
2373 } else {
2374 restrictions.putString(key, value);
2375 }
2376 }
2377 }
2378 }
2379
2380 private static Bundle readBundleEntry(XmlPullParser parser, ArrayList<String> values)
2381 throws IOException, XmlPullParserException {
2382 Bundle childBundle = new Bundle();
2383 final int outerDepth = parser.getDepth();
2384 while (XmlUtils.nextElementWithin(parser, outerDepth)) {
2385 readEntry(childBundle, values, parser);
2386 }
2387 return childBundle;
2388 }
2389
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2390 private void writeApplicationRestrictionsLP(String packageName,
Amith Yamasani7e99bc02013-04-16 18:24:51 -0700[diff] [blame]2391 Bundle restrictions, int userId) {
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2392 AtomicFile restrictionsFile = new AtomicFile(
2393 new File(Environment.getUserSystemDirectory(userId),
Amith Yamasanifc95e702013-09-26 13:20:17 -0700[diff] [blame]2394 packageToRestrictionsFileName(packageName)));
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2395 writeApplicationRestrictionsLP(restrictions, restrictionsFile);
Fyodor Kupolov262f9952015-03-23 18:55:11 -0700[diff] [blame]2396 }
2397
2398 @VisibleForTesting
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2399 static void writeApplicationRestrictionsLP(Bundle restrictions, AtomicFile restrictionsFile) {
Fyodor Kupolov262f9952015-03-23 18:55:11 -0700[diff] [blame]2400 FileOutputStream fos = null;
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2401 try {
2402 fos = restrictionsFile.startWrite();
2403 final BufferedOutputStream bos = new BufferedOutputStream(fos);
2404
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2405 final XmlSerializer serializer = new FastXmlSerializer();
Wojciech Staszkiewicz9e9e2e72015-05-08 14:58:46 +0100[diff] [blame]2406 serializer.setOutput(bos, StandardCharsets.UTF_8.name());
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2407 serializer.startDocument(null, true);
2408 serializer.setFeature("http://xmlpull.org/v1/doc/features.html#indent-output", true);
2409
2410 serializer.startTag(null, TAG_RESTRICTIONS);
Fyodor Kupolov262f9952015-03-23 18:55:11 -0700[diff] [blame]2411 writeBundle(restrictions, serializer);
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2412 serializer.endTag(null, TAG_RESTRICTIONS);
2413
2414 serializer.endDocument();
2415 restrictionsFile.finishWrite(fos);
2416 } catch (Exception e) {
2417 restrictionsFile.failWrite(fos);
Fyodor Kupolov262f9952015-03-23 18:55:11 -0700[diff] [blame]2418 Slog.e(LOG_TAG, "Error writing application restrictions list", e);
2419 }
2420 }
2421
2422 private static void writeBundle(Bundle restrictions, XmlSerializer serializer)
2423 throws IOException {
2424 for (String key : restrictions.keySet()) {
2425 Object value = restrictions.get(key);
2426 serializer.startTag(null, TAG_ENTRY);
2427 serializer.attribute(null, ATTR_KEY, key);
2428
2429 if (value instanceof Boolean) {
2430 serializer.attribute(null, ATTR_VALUE_TYPE, ATTR_TYPE_BOOLEAN);
2431 serializer.text(value.toString());
2432 } else if (value instanceof Integer) {
2433 serializer.attribute(null, ATTR_VALUE_TYPE, ATTR_TYPE_INTEGER);
2434 serializer.text(value.toString());
2435 } else if (value == null || value instanceof String) {
2436 serializer.attribute(null, ATTR_VALUE_TYPE, ATTR_TYPE_STRING);
2437 serializer.text(value != null ? (String) value : "");
2438 } else if (value instanceof Bundle) {
2439 serializer.attribute(null, ATTR_VALUE_TYPE, ATTR_TYPE_BUNDLE);
2440 writeBundle((Bundle) value, serializer);
2441 } else if (value instanceof Parcelable[]) {
2442 serializer.attribute(null, ATTR_VALUE_TYPE, ATTR_TYPE_BUNDLE_ARRAY);
2443 Parcelable[] array = (Parcelable[]) value;
2444 for (Parcelable parcelable : array) {
2445 if (!(parcelable instanceof Bundle)) {
2446 throw new IllegalArgumentException("bundle-array can only hold Bundles");
2447 }
2448 serializer.startTag(null, TAG_ENTRY);
2449 serializer.attribute(null, ATTR_VALUE_TYPE, ATTR_TYPE_BUNDLE);
2450 writeBundle((Bundle) parcelable, serializer);
2451 serializer.endTag(null, TAG_ENTRY);
2452 }
2453 } else {
2454 serializer.attribute(null, ATTR_VALUE_TYPE, ATTR_TYPE_STRING_ARRAY);
2455 String[] values = (String[]) value;
2456 serializer.attribute(null, ATTR_MULTIPLE, Integer.toString(values.length));
2457 for (String choice : values) {
2458 serializer.startTag(null, TAG_VALUE);
2459 serializer.text(choice != null ? choice : "");
2460 serializer.endTag(null, TAG_VALUE);
2461 }
2462 }
2463 serializer.endTag(null, TAG_ENTRY);
Amith Yamasanidf2e92a2013-03-01 17:04:38 -0800[diff] [blame]2464 }
2465 }
2466
2467 @Override
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]2468 public int getUserSerialNumber(int userHandle) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2469 synchronized (mUsersLock) {
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]2470 if (!exists(userHandle)) return -1;
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2471 return getUserInfoLU(userHandle).serialNumber;
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]2472 }
2473 }
2474
2475 @Override
2476 public int getUserHandle(int userSerialNumber) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2477 synchronized (mUsersLock) {
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]2478 for (int userId : mUserIds) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2479 UserInfo info = getUserInfoLU(userId);
Kenny Guy945f8832015-02-10 15:17:26 +0000[diff] [blame]2480 if (info != null && info.serialNumber == userSerialNumber) return userId;
Amith Yamasani2a003292012-08-14 18:25:45 -0700[diff] [blame]2481 }
2482 // Not found
2483 return -1;
Amith Yamasani13593602012-03-22 16:16:17 -0700[diff] [blame]2484 }
2485 }
2486
Fyodor Kupolovff7233e2015-04-08 11:28:52 -0700[diff] [blame]2487 @Override
2488 public long getUserCreationTime(int userHandle) {
2489 int callingUserId = UserHandle.getCallingUserId();
2490 UserInfo userInfo = null;
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2491 synchronized (mUsersLock) {
Fyodor Kupolovff7233e2015-04-08 11:28:52 -0700[diff] [blame]2492 if (callingUserId == userHandle) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2493 userInfo = getUserInfoLU(userHandle);
Fyodor Kupolovff7233e2015-04-08 11:28:52 -0700[diff] [blame]2494 } else {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2495 UserInfo parent = getProfileParentLU(userHandle);
Fyodor Kupolovff7233e2015-04-08 11:28:52 -0700[diff] [blame]2496 if (parent != null && parent.id == callingUserId) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2497 userInfo = getUserInfoLU(userHandle);
Fyodor Kupolovff7233e2015-04-08 11:28:52 -0700[diff] [blame]2498 }
2499 }
2500 }
2501 if (userInfo == null) {
2502 throw new SecurityException("userHandle can only be the calling user or a managed "
2503 + "profile associated with this user");
2504 }
2505 return userInfo.creationTime;
2506 }
2507
Amith Yamasani0b285492011-04-14 17:35:23 -0700[diff] [blame]2508 /**
2509 * Caches the list of user ids in an array, adjusting the array size when necessary.
2510 */
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2511 private void updateUserIds() {
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]2512 int num = 0;
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2513 synchronized (mUsersLock) {
2514 final int userSize = mUsers.size();
2515 for (int i = 0; i < userSize; i++) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2516 if (!mUsers.valueAt(i).info.partial) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2517 num++;
2518 }
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]2519 }
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2520 final int[] newUsers = new int[num];
2521 int n = 0;
2522 for (int i = 0; i < userSize; i++) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2523 if (!mUsers.valueAt(i).info.partial) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2524 newUsers[n++] = mUsers.keyAt(i);
2525 }
Dianne Hackbornd4ac8d72012-09-27 23:20:10 -0700[diff] [blame]2526 }
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2527 mUserIds = newUsers;
Amith Yamasani0b285492011-04-14 17:35:23 -0700[diff] [blame]2528 }
2529 }
2530
2531 /**
Jeff Sharkey47f71082016-02-01 17:03:54 -0700[diff] [blame]2532 * Prepare storage areas for given user on all mounted devices.
2533 */
2534 private void prepareUserStorage(int userId, int userSerial, int flags) {
2535 final StorageManager storage = mContext.getSystemService(StorageManager.class);
2536 for (VolumeInfo vol : storage.getWritablePrivateVolumes()) {
2537 final String volumeUuid = vol.getFsUuid();
2538 storage.prepareUserStorage(volumeUuid, userId, userSerial, flags);
2539 }
2540 }
2541
2542 /**
Jeff Sharkey0e62384c2016-01-13 18:52:55 -0700[diff] [blame]2543 * Called right before a user is started. This gives us a chance to prepare
2544 * app storage and apply any user restrictions.
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]2545 */
2546 public void onBeforeStartUser(int userId) {
Jeff Sharkey47f71082016-02-01 17:03:54 -0700[diff] [blame]2547 final int userSerial = getUserSerialNumber(userId);
2548 prepareUserStorage(userId, userSerial, StorageManager.FLAG_STORAGE_DE);
2549 mPm.reconcileAppsData(userId, StorageManager.FLAG_STORAGE_DE);
Jeff Sharkey0e62384c2016-01-13 18:52:55 -0700[diff] [blame]2550
2551 if (userId != UserHandle.USER_SYSTEM) {
2552 synchronized (mRestrictionsLock) {
2553 applyUserRestrictionsLR(userId);
2554 }
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]2555 }
2556 }
2557
2558 /**
Jeff Sharkey0e62384c2016-01-13 18:52:55 -0700[diff] [blame]2559 * Called right before a user is unlocked. This gives us a chance to prepare
2560 * app storage.
2561 */
2562 public void onBeforeUnlockUser(int userId) {
Jeff Sharkey47f71082016-02-01 17:03:54 -0700[diff] [blame]2563 final int userSerial = getUserSerialNumber(userId);
2564 prepareUserStorage(userId, userSerial, StorageManager.FLAG_STORAGE_CE);
2565 mPm.reconcileAppsData(userId, StorageManager.FLAG_STORAGE_CE);
Jeff Sharkey0e62384c2016-01-13 18:52:55 -0700[diff] [blame]2566 }
2567
2568 /**
Amith Yamasani1a7472e2013-07-02 11:17:30 -0700[diff] [blame]2569 * Make a note of the last started time of a user and do some cleanup.
Amith Yamasani920ace02012-09-20 22:15:37 -0700[diff] [blame]2570 * @param userId the user that was just foregrounded
2571 */
Amith Yamasani06bf8242015-05-08 16:36:21 -0700[diff] [blame]2572 public void onUserForeground(int userId) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2573 UserData userData = getUserDataNoChecks(userId);
2574 if (userData == null || userData.info.partial) {
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]2575 Slog.w(LOG_TAG, "userForeground: unknown user #" + userId);
2576 return;
2577 }
2578 long now = System.currentTimeMillis();
2579 if (now > EPOCH_PLUS_30_YEARS) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2580 userData.info.lastLoggedInTime = now;
2581 scheduleWriteUser(userData);
Amith Yamasani920ace02012-09-20 22:15:37 -0700[diff] [blame]2582 }
2583 }
2584
2585 /**
Amith Yamasani0b285492011-04-14 17:35:23 -0700[diff] [blame]2586 * Returns the next available user id, filling in any holes in the ids.
Amith Yamasani742a6712011-05-04 14:49:28 -0700[diff] [blame]2587 * TODO: May not be a good idea to recycle ids, in case it results in confusion
2588 * for data and battery stats collection, or unexpected cross-talk.
Amith Yamasani0b285492011-04-14 17:35:23 -0700[diff] [blame]2589 */
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2590 private int getNextAvailableId() {
2591 synchronized (mUsersLock) {
Jeff Sharkeyffe0cb42012-11-05 17:24:43 -0800[diff] [blame]2592 int i = MIN_USER_ID;
Xiaohui Chen621b3fc2015-10-02 14:41:42 -0700[diff] [blame]2593 while (i < MAX_USER_ID) {
Jeff Sharkeyffe0cb42012-11-05 17:24:43 -0800[diff] [blame]2594 if (mUsers.indexOfKey(i) < 0 && !mRemovingUserIds.get(i)) {
Xiaohui Chen621b3fc2015-10-02 14:41:42 -0700[diff] [blame]2595 return i;
Amith Yamasani195263742012-08-21 15:40:12 -0700[diff] [blame]2596 }
2597 i++;
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]2598 }
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]2599 }
Xiaohui Chen621b3fc2015-10-02 14:41:42 -0700[diff] [blame]2600 throw new IllegalStateException("No user id available!");
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]2601 }
Amith Yamasani920ace02012-09-20 22:15:37 -0700[diff] [blame]2602
Amith Yamasanifc95e702013-09-26 13:20:17 -0700[diff] [blame]2603 private String packageToRestrictionsFileName(String packageName) {
2604 return RESTRICTIONS_FILE_PREFIX + packageName + XML_SUFFIX;
2605 }
2606
Jeff Sharkey6dce4962015-07-03 18:08:41 -0700[diff] [blame]2607 /**
Jeff Sharkey6dce4962015-07-03 18:08:41 -0700[diff] [blame]2608 * Enforce that serial number stored in user directory inode matches the
2609 * given expected value. Gracefully sets the serial number if currently
2610 * undefined.
2611 *
2612 * @throws IOException when problem extracting serial number, or serial
2613 * number is mismatched.
2614 */
2615 public static void enforceSerialNumber(File file, int serialNumber) throws IOException {
2616 final int foundSerial = getSerialNumber(file);
2617 Slog.v(LOG_TAG, "Found " + file + " with serial number " + foundSerial);
2618
2619 if (foundSerial == -1) {
2620 Slog.d(LOG_TAG, "Serial number missing on " + file + "; assuming current is valid");
2621 try {
2622 setSerialNumber(file, serialNumber);
2623 } catch (IOException e) {
2624 Slog.w(LOG_TAG, "Failed to set serial number on " + file, e);
2625 }
2626
2627 } else if (foundSerial != serialNumber) {
2628 throw new IOException("Found serial number " + foundSerial
2629 + " doesn't match expected " + serialNumber);
2630 }
2631 }
2632
2633 /**
2634 * Set serial number stored in user directory inode.
2635 *
2636 * @throws IOException if serial number was already set
2637 */
2638 private static void setSerialNumber(File file, int serialNumber)
2639 throws IOException {
2640 try {
2641 final byte[] buf = Integer.toString(serialNumber).getBytes(StandardCharsets.UTF_8);
2642 Os.setxattr(file.getAbsolutePath(), XATTR_SERIAL, buf, OsConstants.XATTR_CREATE);
2643 } catch (ErrnoException e) {
2644 throw e.rethrowAsIOException();
2645 }
2646 }
2647
2648 /**
2649 * Return serial number stored in user directory inode.
2650 *
2651 * @return parsed serial number, or -1 if not set
2652 */
2653 private static int getSerialNumber(File file) throws IOException {
2654 try {
2655 final byte[] buf = new byte[256];
2656 final int len = Os.getxattr(file.getAbsolutePath(), XATTR_SERIAL, buf);
2657 final String serial = new String(buf, 0, len);
2658 try {
2659 return Integer.parseInt(serial);
2660 } catch (NumberFormatException e) {
2661 throw new IOException("Bad serial number: " + serial);
2662 }
2663 } catch (ErrnoException e) {
2664 if (e.errno == OsConstants.ENODATA) {
2665 return -1;
2666 } else {
2667 throw e.rethrowAsIOException();
2668 }
2669 }
2670 }
2671
Amith Yamasani920ace02012-09-20 22:15:37 -0700[diff] [blame]2672 @Override
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2673 public void setSeedAccountData(int userId, String accountName, String accountType,
2674 PersistableBundle accountOptions, boolean persist) {
2675 checkManageUsersPermission("Require MANAGE_USERS permission to set user seed data");
2676 synchronized (mPackagesLock) {
2677 final UserData userData;
2678 synchronized (mUsersLock) {
2679 userData = getUserDataLU(userId);
2680 if (userData == null) {
2681 Slog.e(LOG_TAG, "No such user for settings seed data u=" + userId);
2682 return;
2683 }
2684 userData.seedAccountName = accountName;
2685 userData.seedAccountType = accountType;
2686 userData.seedAccountOptions = accountOptions;
2687 userData.persistSeedData = persist;
2688 }
2689 if (persist) {
2690 writeUserLP(userData);
2691 }
2692 }
2693 }
2694
2695 @Override
2696 public String getSeedAccountName() throws RemoteException {
2697 checkManageUsersPermission("Cannot get seed account information");
2698 synchronized (mUsersLock) {
2699 UserData userData = getUserDataLU(UserHandle.getCallingUserId());
2700 return userData.seedAccountName;
2701 }
2702 }
2703
2704 @Override
2705 public String getSeedAccountType() throws RemoteException {
2706 checkManageUsersPermission("Cannot get seed account information");
2707 synchronized (mUsersLock) {
2708 UserData userData = getUserDataLU(UserHandle.getCallingUserId());
2709 return userData.seedAccountType;
2710 }
2711 }
2712
2713 @Override
2714 public PersistableBundle getSeedAccountOptions() throws RemoteException {
2715 checkManageUsersPermission("Cannot get seed account information");
2716 synchronized (mUsersLock) {
2717 UserData userData = getUserDataLU(UserHandle.getCallingUserId());
2718 return userData.seedAccountOptions;
2719 }
2720 }
2721
2722 @Override
2723 public void clearSeedAccountData() throws RemoteException {
2724 checkManageUsersPermission("Cannot clear seed account information");
2725 synchronized (mPackagesLock) {
2726 UserData userData;
2727 synchronized (mUsersLock) {
2728 userData = getUserDataLU(UserHandle.getCallingUserId());
2729 if (userData == null) return;
2730 userData.clearSeedAccountData();
2731 }
2732 writeUserLP(userData);
2733 }
2734 }
2735
2736 @Override
2737 public boolean someUserHasSeedAccount(String accountName, String accountType)
2738 throws RemoteException {
2739 checkManageUsersPermission("Cannot check seed account information");
2740 synchronized (mUsersLock) {
2741 final int userSize = mUsers.size();
2742 for (int i = 0; i < userSize; i++) {
2743 final UserData data = mUsers.valueAt(i);
2744 if (data.info.isInitialized()) continue;
2745 if (data.seedAccountName == null || !data.seedAccountName.equals(accountName)) {
2746 continue;
2747 }
2748 if (data.seedAccountType == null || !data.seedAccountType.equals(accountType)) {
2749 continue;
2750 }
2751 return true;
2752 }
2753 }
2754 return false;
2755 }
2756
2757 @Override
Todd Kennedy60459ab2015-10-30 11:32:16 -0700[diff] [blame]2758 public void onShellCommand(FileDescriptor in, FileDescriptor out,
2759 FileDescriptor err, String[] args, ResultReceiver resultReceiver) {
2760 (new Shell()).exec(this, in, out, err, args, resultReceiver);
2761 }
2762
2763 int onShellCommand(Shell shell, String cmd) {
2764 if (cmd == null) {
2765 return shell.handleDefaultCommands(cmd);
2766 }
2767
2768 final PrintWriter pw = shell.getOutPrintWriter();
2769 try {
2770 switch(cmd) {
2771 case "list":
2772 return runList(pw);
2773 }
2774 } catch (RemoteException e) {
2775 pw.println("Remote exception: " + e);
2776 }
2777 return -1;
2778 }
2779
2780 private int runList(PrintWriter pw) throws RemoteException {
2781 final IActivityManager am = ActivityManagerNative.getDefault();
2782 final List<UserInfo> users = getUsers(false);
2783 if (users == null) {
2784 pw.println("Error: couldn't get users");
2785 return 1;
2786 } else {
2787 pw.println("Users:");
2788 for (int i = 0; i < users.size(); i++) {
Jeff Sharkeye17ac152015-11-06 22:40:29 -0800[diff] [blame]2789 String running = am.isUserRunning(users.get(i).id, 0) ? " running" : "";
Todd Kennedy60459ab2015-10-30 11:32:16 -0700[diff] [blame]2790 pw.println("\t" + users.get(i).toString() + running);
2791 }
2792 return 0;
2793 }
2794 }
2795
2796 @Override
Amith Yamasani920ace02012-09-20 22:15:37 -0700[diff] [blame]2797 protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) {
2798 if (mContext.checkCallingOrSelfPermission(android.Manifest.permission.DUMP)
2799 != PackageManager.PERMISSION_GRANTED) {
2800 pw.println("Permission Denial: can't dump UserManager from from pid="
2801 + Binder.getCallingPid()
2802 + ", uid=" + Binder.getCallingUid()
2803 + " without permission "
2804 + android.Manifest.permission.DUMP);
2805 return;
2806 }
2807
2808 long now = System.currentTimeMillis();
2809 StringBuilder sb = new StringBuilder();
2810 synchronized (mPackagesLock) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2811 synchronized (mUsersLock) {
2812 pw.println("Users:");
2813 for (int i = 0; i < mUsers.size(); i++) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2814 UserData userData = mUsers.valueAt(i);
2815 if (userData == null) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2816 continue;
2817 }
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2818 UserInfo userInfo = userData.info;
2819 final int userId = userInfo.id;
2820 pw.print(" "); pw.print(userInfo);
2821 pw.print(" serialNo="); pw.print(userInfo.serialNumber);
Makoto Onukie7927da2015-11-25 10:05:17 -0800[diff] [blame]2822 if (mRemovingUserIds.get(userId)) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2823 pw.print(" <removing> ");
2824 }
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2825 if (userInfo.partial) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2826 pw.print(" <partial>");
2827 }
2828 pw.println();
2829 pw.print(" Created: ");
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2830 if (userInfo.creationTime == 0) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2831 pw.println("<unknown>");
2832 } else {
2833 sb.setLength(0);
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2834 TimeUtils.formatDuration(now - userInfo.creationTime, sb);
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2835 sb.append(" ago");
2836 pw.println(sb);
2837 }
2838 pw.print(" Last logged in: ");
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2839 if (userInfo.lastLoggedInTime == 0) {
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2840 pw.println("<unknown>");
2841 } else {
2842 sb.setLength(0);
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2843 TimeUtils.formatDuration(now - userInfo.lastLoggedInTime, sb);
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2844 sb.append(" ago");
2845 pw.println(sb);
2846 }
Makoto Onukie7927da2015-11-25 10:05:17 -0800[diff] [blame]2847 pw.print(" Has profile owner: ");
2848 pw.println(mIsUserManaged.get(userId));
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2849 pw.println(" Restrictions:");
2850 synchronized (mRestrictionsLock) {
2851 UserRestrictionsUtils.dumpRestrictions(
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2852 pw, " ", mBaseUserRestrictions.get(userInfo.id));
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]2853 pw.println(" Device policy local restrictions:");
2854 UserRestrictionsUtils.dumpRestrictions(
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2855 pw, " ", mDevicePolicyLocalUserRestrictions.get(userInfo.id));
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2856 pw.println(" Effective restrictions:");
2857 UserRestrictionsUtils.dumpRestrictions(
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2858 pw, " ", mCachedEffectiveUserRestrictions.get(userInfo.id));
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2859 }
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2860
2861 if (userData.account != null) {
2862 pw.print(" Account name: " + userData.account);
Xiaohui Chenb3b92582015-12-07 11:22:13 -0800[diff] [blame]2863 pw.println();
2864 }
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2865
2866 if (userData.seedAccountName != null) {
2867 pw.print(" Seed account name: " + userData.seedAccountName);
2868 pw.println();
2869 if (userData.seedAccountType != null) {
2870 pw.print(" account type: " + userData.seedAccountType);
2871 pw.println();
2872 }
2873 if (userData.seedAccountOptions != null) {
2874 pw.print(" account options exist");
2875 pw.println();
2876 }
2877 }
Amith Yamasani920ace02012-09-20 22:15:37 -0700[diff] [blame]2878 }
Amith Yamasani920ace02012-09-20 22:15:37 -0700[diff] [blame]2879 }
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2880 pw.println();
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]2881 pw.println(" Device policy global restrictions:");
2882 synchronized (mRestrictionsLock) {
2883 UserRestrictionsUtils
2884 .dumpRestrictions(pw, " ", mDevicePolicyGlobalUserRestrictions);
2885 }
Makoto Onukia4f11972015-10-01 13:19:58 -0700[diff] [blame]2886 pw.println();
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]2887 pw.println(" Guest restrictions:");
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]2888 synchronized (mGuestRestrictions) {
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]2889 UserRestrictionsUtils.dumpRestrictions(pw, " ", mGuestRestrictions);
Fyodor Kupolove80085d2015-11-06 18:21:39 -0800[diff] [blame]2890 }
Makoto Onukie7927da2015-11-25 10:05:17 -0800[diff] [blame]2891 synchronized (mUsersLock) {
2892 pw.println();
2893 pw.println(" Device managed: " + mIsDeviceManaged);
2894 }
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2895 // Dump some capabilities
2896 pw.println();
2897 pw.println(" Max users: " + UserManager.getMaxSupportedUsers());
2898 pw.println(" Supports switchable users: " + UserManager.supportsMultipleUsers());
Lenka Trochtova02fee152015-12-22 14:26:18 +0100[diff] [blame]2899 pw.println(" All guests ephemeral: " + Resources.getSystem().getBoolean(
2900 com.android.internal.R.bool.config_guestUserEphemeral));
Amith Yamasani920ace02012-09-20 22:15:37 -0700[diff] [blame]2901 }
2902 }
Fyodor Kupolov75d0ea82014-12-15 16:21:07 -0800[diff] [blame]2903
2904 final class MainHandler extends Handler {
2905
2906 @Override
2907 public void handleMessage(Message msg) {
2908 switch (msg.what) {
2909 case WRITE_USER_MSG:
2910 removeMessages(WRITE_USER_MSG, msg.obj);
2911 synchronized (mPackagesLock) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2912 int userId = ((UserData) msg.obj).info.id;
2913 UserData userData = getUserDataNoChecks(userId);
2914 if (userData != null) {
2915 writeUserLP(userData);
Fyodor Kupolov75d0ea82014-12-15 16:21:07 -0800[diff] [blame]2916 }
2917 }
2918 }
2919 }
2920 }
Amith Yamasanibb054c92015-07-09 14:16:27 -0700[diff] [blame]2921
2922 /**
2923 * @param userId
2924 * @return whether the user has been initialized yet
2925 */
2926 boolean isInitialized(int userId) {
2927 return (getUserInfo(userId).flags & UserInfo.FLAG_INITIALIZED) != 0;
2928 }
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]2929
2930 private class LocalService extends UserManagerInternal {
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]2931 @Override
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]2932 public void setDevicePolicyUserRestrictions(int userId, @NonNull Bundle localRestrictions,
2933 @Nullable Bundle globalRestrictions) {
Makoto Onuki2a3c3da2016-02-18 14:25:30 -0800[diff] [blame]2934 UserManagerService.this.setDevicePolicyUserRestrictionsInner(userId, localRestrictions,
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]2935 globalRestrictions);
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]2936 }
2937
2938 @Override
2939 public Bundle getBaseUserRestrictions(int userId) {
2940 synchronized (mRestrictionsLock) {
2941 return mBaseUserRestrictions.get(userId);
2942 }
2943 }
2944
2945 @Override
2946 public void setBaseUserRestrictionsByDpmsForMigration(
2947 int userId, Bundle baseRestrictions) {
2948 synchronized (mRestrictionsLock) {
2949 mBaseUserRestrictions.put(userId, new Bundle(baseRestrictions));
Fyodor Kupolov82402752015-10-28 14:54:51 -0700[diff] [blame]2950 invalidateEffectiveUserRestrictionsLR(userId);
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]2951 }
2952
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2953 final UserData userData = getUserDataNoChecks(userId);
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]2954 synchronized (mPackagesLock) {
Amith Yamasani12747872015-12-07 14:19:49 -0800[diff] [blame]2955 if (userData != null) {
2956 writeUserLP(userData);
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]2957 } else {
2958 Slog.w(LOG_TAG, "UserInfo not found for " + userId);
2959 }
2960 }
2961 }
Makoto Onukid45a4a22015-11-02 17:17:38 -0800[diff] [blame]2962
2963 @Override
2964 public boolean getUserRestriction(int userId, String key) {
2965 return getUserRestrictions(userId).getBoolean(key);
2966 }
2967
2968 @Override
2969 public void addUserRestrictionsListener(UserRestrictionsListener listener) {
2970 synchronized (mUserRestrictionsListeners) {
2971 mUserRestrictionsListeners.add(listener);
2972 }
2973 }
2974
2975 @Override
2976 public void removeUserRestrictionsListener(UserRestrictionsListener listener) {
2977 synchronized (mUserRestrictionsListeners) {
2978 mUserRestrictionsListeners.remove(listener);
2979 }
2980 }
Makoto Onukie7927da2015-11-25 10:05:17 -0800[diff] [blame]2981
2982 @Override
2983 public void setDeviceManaged(boolean isManaged) {
2984 synchronized (mUsersLock) {
2985 mIsDeviceManaged = isManaged;
2986 }
2987 }
2988
2989 @Override
2990 public void setUserManaged(int userId, boolean isManaged) {
2991 synchronized (mUsersLock) {
2992 mIsUserManaged.put(userId, isManaged);
2993 }
2994 }
Oleksandr Peletskyi7f1f1df2016-01-18 15:40:21 +0100[diff] [blame]2995
2996 @Override
2997 public void setUserIcon(int userId, Bitmap bitmap) {
2998 long ident = Binder.clearCallingIdentity();
2999 try {
3000 synchronized (mPackagesLock) {
3001 UserData userData = getUserDataNoChecks(userId);
3002 if (userData == null || userData.info.partial) {
3003 Slog.w(LOG_TAG, "setUserIcon: unknown user #" + userId);
3004 return;
3005 }
3006 writeBitmapLP(userData.info, bitmap);
3007 writeUserLP(userData);
3008 }
3009 sendUserInfoChangedBroadcast(userId);
3010 } finally {
3011 Binder.restoreCallingIdentity(ident);
3012 }
3013 }
Lenka Trochtovaf348e8e2016-01-07 17:20:34 +0100[diff] [blame]3014
3015 @Override
3016 public void setForceEphemeralUsers(boolean forceEphemeralUsers) {
3017 synchronized (mUsersLock) {
3018 mForceEphemeralUsers = forceEphemeralUsers;
3019 }
3020 }
3021
3022 @Override
3023 public void removeAllUsers() {
3024 if (UserHandle.USER_SYSTEM == ActivityManager.getCurrentUser()) {
3025 // Remove the non-system users straight away.
3026 removeNonSystemUsers();
3027 } else {
3028 // Switch to the system user first and then remove the other users.
3029 BroadcastReceiver userSwitchedReceiver = new BroadcastReceiver() {
3030 @Override
3031 public void onReceive(Context context, Intent intent) {
3032 int userId =
3033 intent.getIntExtra(Intent.EXTRA_USER_HANDLE, UserHandle.USER_NULL);
3034 if (userId != UserHandle.USER_SYSTEM) {
3035 return;
3036 }
3037 mContext.unregisterReceiver(this);
3038 removeNonSystemUsers();
3039 }
3040 };
3041 IntentFilter userSwitchedFilter = new IntentFilter();
3042 userSwitchedFilter.addAction(Intent.ACTION_USER_SWITCHED);
3043 mContext.registerReceiver(
3044 userSwitchedReceiver, userSwitchedFilter, null, mHandler);
3045
3046 // Switch to the system user.
3047 ActivityManager am =
3048 (ActivityManager) mContext.getSystemService(Context.ACTIVITY_SERVICE);
3049 am.switchUser(UserHandle.USER_SYSTEM);
3050 }
3051 }
phweisse9c44062016-02-10 12:57:38 +0100[diff] [blame]3052
3053 @Override
Lenka Trochtova1ddda472016-02-12 10:42:12 +0100[diff] [blame]3054 public void onEphemeralUserStop(int userId) {
3055 synchronized (mUsersLock) {
3056 UserInfo userInfo = getUserInfoLU(userId);
3057 if (userInfo != null && userInfo.isEphemeral()) {
3058 // Do not allow switching back to the ephemeral user again as the user is going
3059 // to be deleted.
3060 userInfo.flags |= UserInfo.FLAG_DISABLED;
3061 if (userInfo.isGuest()) {
3062 // Indicate that the guest will be deleted after it stops.
3063 userInfo.guestToRemove = true;
3064 }
3065 }
3066 }
3067 }
3068
3069 @Override
phweisse9c44062016-02-10 12:57:38 +0100[diff] [blame]3070 public UserInfo createUserEvenWhenDisallowed(String name, int flags) {
3071 UserInfo user = createUserInternalUnchecked(name, flags, UserHandle.USER_NULL);
3072 // Keep this in sync with UserManager.createUser
3073 if (user != null && !user.isAdmin()) {
3074 setUserRestriction(UserManager.DISALLOW_SMS, true, user.id);
3075 setUserRestriction(UserManager.DISALLOW_OUTGOING_CALLS, true, user.id);
3076 }
3077 return user;
3078 }
Lenka Trochtovaf348e8e2016-01-07 17:20:34 +0100[diff] [blame]3079 }
3080
3081 /* Remove all the users except of the system one. */
3082 private void removeNonSystemUsers() {
3083 ArrayList<UserInfo> usersToRemove = new ArrayList<>();
3084 synchronized (mUsersLock) {
3085 final int userSize = mUsers.size();
3086 for (int i = 0; i < userSize; i++) {
3087 UserInfo ui = mUsers.valueAt(i).info;
3088 if (ui.id != UserHandle.USER_SYSTEM) {
3089 usersToRemove.add(ui);
3090 }
3091 }
3092 }
3093 for (UserInfo ui: usersToRemove) {
3094 removeUser(ui.id);
3095 }
Makoto Onuki068c54a2015-10-13 14:34:03 -0700[diff] [blame]3096 }
Todd Kennedy60459ab2015-10-30 11:32:16 -0700[diff] [blame]3097
3098 private class Shell extends ShellCommand {
3099 @Override
3100 public int onCommand(String cmd) {
3101 return onShellCommand(this, cmd);
3102 }
3103
3104 @Override
3105 public void onHelp() {
3106 final PrintWriter pw = getOutPrintWriter();
3107 pw.println("User manager (user) commands:");
3108 pw.println(" help");
3109 pw.println(" Print this help text.");
3110 pw.println("");
3111 pw.println(" list");
3112 pw.println(" Prints all users on the system.");
3113 }
3114 }
Makoto Onuki1a2cd742015-11-16 13:51:27 -0800[diff] [blame]3115
3116 private static void debug(String message) {
3117 Log.d(LOG_TAG, message +
3118 (DBG_WITH_STACKTRACE ? " called at\n" + Debug.getCallers(10, " ") : ""));
3119 }
Amith Yamasani4b2e9342011-03-31 12:38:53 -0700[diff] [blame]3120}