diff options
| author | Amith Yamasani <yamasani@google.com> | 2013-03-26 22:26:38 +0000 |
|---|---|---|
| committer | Android (Google) Code Review <android-gerrit@google.com> | 2013-03-26 22:27:13 +0000 |
| commit | df5e9fe1819099097901641b1267374ca0bbc319 (patch) | |
| tree | dd7f2a704dcf1abe2941eca5dcaf0dd7f89475ab /services/java/com/android/server/pm | |
| parent | 8074cc0c068c06cea7e174f82c0f1c235fae43a7 (diff) | |
| parent | 71e6c697e54a43d357cc25d87a446d140f17396a (diff) | |
Merge "Device Owner, a special kind of device admin" into jb-mr2-dev
Diffstat (limited to 'services/java/com/android/server/pm')
| -rw-r--r-- | services/java/com/android/server/pm/PackageManagerService.java | 19 | ||||
| -rw-r--r-- | services/java/com/android/server/pm/UserManagerService.java | 42 |
2 files changed, 30 insertions, 31 deletions
diff --git a/services/java/com/android/server/pm/PackageManagerService.java b/services/java/com/android/server/pm/PackageManagerService.java index bba9471058a8..afdd294b4b06 100644 --- a/services/java/com/android/server/pm/PackageManagerService.java +++ b/services/java/com/android/server/pm/PackageManagerService.java @@ -5945,7 +5945,7 @@ public class PackageManagerService extends IPackageManager.Stub { null); final int uid = Binder.getCallingUid(); - if (!isUserAllowed(UserHandle.getUserId(uid), UserManager.ALLOW_INSTALL_APPS)) { + if (isUserRestricted(UserHandle.getUserId(uid), UserManager.DISALLOW_INSTALL_APPS)) { try { observer.packageInstalled("", PackageManager.INSTALL_FAILED_USER_RESTRICTED); } catch (RemoteException re) { @@ -5993,7 +5993,7 @@ public class PackageManagerService extends IPackageManager.Stub { android.Manifest.permission.INTERACT_ACROSS_USERS_FULL, "installExistingPackage for user " + userId); } - if (!isUserAllowed(userId, UserManager.ALLOW_INSTALL_APPS)) { + if (isUserRestricted(userId, UserManager.DISALLOW_INSTALL_APPS)) { return PackageManager.INSTALL_FAILED_USER_RESTRICTED; } @@ -6027,13 +6027,13 @@ public class PackageManagerService extends IPackageManager.Stub { return PackageManager.INSTALL_SUCCEEDED; } - private boolean isUserAllowed(int userId, String restrictionKey) { + private boolean isUserRestricted(int userId, String restrictionKey) { Bundle restrictions = sUserManager.getUserRestrictions(userId); - if (!restrictions.getBoolean(UserManager.ALLOW_INSTALL_APPS)) { - Log.w(TAG, "User does not have permission to: " + restrictionKey); - return false; + if (restrictions.getBoolean(restrictionKey, false)) { + Log.w(TAG, "User is restricted: " + restrictionKey); + return true; } - return true; + return false; } @Override @@ -8430,7 +8430,7 @@ public class PackageManagerService extends IPackageManager.Stub { android.Manifest.permission.INTERACT_ACROSS_USERS_FULL, "deletePackage for user " + userId); } - if (!isUserAllowed(userId, UserManager.ALLOW_UNINSTALL_APPS)) { + if (isUserRestricted(userId, UserManager.DISALLOW_UNINSTALL_APPS)) { try { observer.packageDeleted(packageName, PackageManager.DELETE_FAILED_USER_RESTRICTED); } catch (RemoteException re) { @@ -8476,7 +8476,8 @@ public class PackageManagerService extends IPackageManager.Stub { IDevicePolicyManager dpm = IDevicePolicyManager.Stub.asInterface( ServiceManager.getService(Context.DEVICE_POLICY_SERVICE)); try { - if (dpm != null && dpm.packageHasActiveAdmins(packageName, userId)) { + if (dpm != null && (dpm.packageHasActiveAdmins(packageName, userId) + || dpm.isDeviceOwner(packageName))) { Slog.w(TAG, "Not removing package " + packageName + ": has active device admin"); return PackageManager.DELETE_FAILED_DEVICE_POLICY_MANAGER; } diff --git a/services/java/com/android/server/pm/UserManagerService.java b/services/java/com/android/server/pm/UserManagerService.java index 636b0e59913a..fecc2dfdfd4e 100644 --- a/services/java/com/android/server/pm/UserManagerService.java +++ b/services/java/com/android/server/pm/UserManagerService.java @@ -226,6 +226,13 @@ public class UserManagerService extends IUserManager.Stub { } } + @Override + public boolean isRestricted() { + synchronized (mPackagesLock) { + return getUserInfoLocked(UserHandle.getCallingUserId()).isRestricted(); + } + } + /* * Should be locked on mUsers before calling this. */ @@ -558,7 +565,6 @@ public class UserManagerService extends IUserManager.Stub { mNextSerialNumber = MIN_USER_ID; Bundle restrictions = new Bundle(); - initRestrictionsToDefaults(restrictions); mUserRestrictions.append(UserHandle.USER_OWNER, restrictions); updateUserIdsLocked(); @@ -608,11 +614,11 @@ public class UserManagerService extends IUserManager.Stub { Bundle restrictions = mUserRestrictions.get(userInfo.id); if (restrictions != null) { serializer.startTag(null, TAG_RESTRICTIONS); - writeBoolean(serializer, restrictions, UserManager.ALLOW_CONFIG_WIFI); - writeBoolean(serializer, restrictions, UserManager.ALLOW_MODIFY_ACCOUNTS); - writeBoolean(serializer, restrictions, UserManager.ALLOW_INSTALL_APPS); - writeBoolean(serializer, restrictions, UserManager.ALLOW_UNINSTALL_APPS); - writeBoolean(serializer, restrictions, UserManager.ALLOW_CONFIG_LOCATION_ACCESS); + writeBoolean(serializer, restrictions, UserManager.DISALLOW_CONFIG_WIFI); + writeBoolean(serializer, restrictions, UserManager.DISALLOW_MODIFY_ACCOUNTS); + writeBoolean(serializer, restrictions, UserManager.DISALLOW_INSTALL_APPS); + writeBoolean(serializer, restrictions, UserManager.DISALLOW_UNINSTALL_APPS); + writeBoolean(serializer, restrictions, UserManager.DISALLOW_SHARE_LOCATION); serializer.endTag(null, TAG_RESTRICTIONS); } serializer.endTag(null, TAG_USER); @@ -676,7 +682,6 @@ public class UserManagerService extends IUserManager.Stub { long lastLoggedInTime = 0L; boolean partial = false; Bundle restrictions = new Bundle(); - initRestrictionsToDefaults(restrictions); FileInputStream fis = null; try { @@ -725,11 +730,11 @@ public class UserManagerService extends IUserManager.Stub { name = parser.getText(); } } else if (TAG_RESTRICTIONS.equals(tag)) { - readBoolean(parser, restrictions, UserManager.ALLOW_CONFIG_WIFI); - readBoolean(parser, restrictions, UserManager.ALLOW_MODIFY_ACCOUNTS); - readBoolean(parser, restrictions, UserManager.ALLOW_INSTALL_APPS); - readBoolean(parser, restrictions, UserManager.ALLOW_UNINSTALL_APPS); - readBoolean(parser, restrictions, UserManager.ALLOW_CONFIG_LOCATION_ACCESS); + readBoolean(parser, restrictions, UserManager.DISALLOW_CONFIG_WIFI); + readBoolean(parser, restrictions, UserManager.DISALLOW_MODIFY_ACCOUNTS); + readBoolean(parser, restrictions, UserManager.DISALLOW_INSTALL_APPS); + readBoolean(parser, restrictions, UserManager.DISALLOW_UNINSTALL_APPS); + readBoolean(parser, restrictions, UserManager.DISALLOW_SHARE_LOCATION); } } } @@ -758,7 +763,9 @@ public class UserManagerService extends IUserManager.Stub { private void readBoolean(XmlPullParser parser, Bundle restrictions, String restrictionKey) { String value = parser.getAttributeValue(null, restrictionKey); - restrictions.putBoolean(restrictionKey, value == null ? true : Boolean.parseBoolean(value)); + if (value != null) { + restrictions.putBoolean(restrictionKey, Boolean.parseBoolean(value)); + } } private void writeBoolean(XmlSerializer xml, Bundle restrictions, String restrictionKey) @@ -769,14 +776,6 @@ public class UserManagerService extends IUserManager.Stub { } } - private void initRestrictionsToDefaults(Bundle restrictions) { - restrictions.putBoolean(UserManager.ALLOW_CONFIG_WIFI, true); - restrictions.putBoolean(UserManager.ALLOW_MODIFY_ACCOUNTS, true); - restrictions.putBoolean(UserManager.ALLOW_INSTALL_APPS, true); - restrictions.putBoolean(UserManager.ALLOW_UNINSTALL_APPS, true); - restrictions.putBoolean(UserManager.ALLOW_CONFIG_LOCATION_ACCESS, true); - } - private int readIntAttribute(XmlPullParser parser, String attr, int defaultValue) { String valueString = parser.getAttributeValue(null, attr); if (valueString == null) return defaultValue; @@ -823,7 +822,6 @@ public class UserManagerService extends IUserManager.Stub { writeUserLocked(userInfo); updateUserIdsLocked(); Bundle restrictions = new Bundle(); - initRestrictionsToDefaults(restrictions); mUserRestrictions.append(userId, restrictions); } } |