Split CarUserManager.removeUser() into 2 APIs.
- removeUser(int): internal API that should be used by Settings and
other bundled apps.
- removeUser(UserHandle): system API that can be used by management
apps.
Bug: 155913815
Bug: 169779216
Test: atest CarUserServiceTest
Change-Id: Ia8e4b799b6d019c005124745bb6d0b7781c241b9
diff --git a/service/src/com/android/car/user/CarUserService.java b/service/src/com/android/car/user/CarUserService.java
index 74d7e46..c01b4b6 100644
--- a/service/src/com/android/car/user/CarUserService.java
+++ b/service/src/com/android/car/user/CarUserService.java
@@ -1009,9 +1009,10 @@
}
@Override
- public UserRemovalResult removeUser(@UserIdInt int userId) {
+ public UserRemovalResult removeUser(@UserIdInt int userId, boolean hasCallerRestrictions) {
checkManageOrCreateUsersPermission("removeUser");
EventLog.writeEvent(EventLogTags.CAR_USER_SVC_REMOVE_USER_REQ, userId);
+
// If the requested user is the current user, return error.
if (ActivityManager.getCurrentUser() == userId) {
return logAndGetResults(userId,
@@ -1024,6 +1025,16 @@
return logAndGetResults(userId, UserRemovalResult.STATUS_USER_DOES_NOT_EXIST);
}
+ if (hasCallerRestrictions) {
+ // Restrictions: non-admin user can only remove itself, admins have no restrictions
+ int callingUserId = Binder.getCallingUserHandle().getIdentifier();
+ UserInfo callingUser = mUserManager.getUserInfo(callingUserId);
+ if (!callingUser.isAdmin() && userId != callingUserId) {
+ throw new SecurityException("Non-admin user " + callingUserId
+ + " can only remove itself");
+ }
+ }
+
android.hardware.automotive.vehicle.V2_0.UserInfo halUser =
new android.hardware.automotive.vehicle.V2_0.UserInfo();
halUser.userId = userInfo.id;