| Methods Summary |
|---|
| public void | addCrossProfileIntentFilter(android.content.ComponentName who, android.content.IntentFilter filter, int flags)
int callingUserId = UserHandle.getCallingUserId();
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
IPackageManager pm = AppGlobals.getPackageManager();
long id = Binder.clearCallingIdentity();
try {
if ((flags & DevicePolicyManager.FLAG_PARENT_CAN_ACCESS_MANAGED) != 0) {
pm.addCrossProfileIntentFilter(filter, who.getPackageName(),
mContext.getUserId(), callingUserId, UserHandle.USER_OWNER, 0);
}
if ((flags & DevicePolicyManager.FLAG_MANAGED_CAN_ACCESS_PARENT) != 0) {
pm.addCrossProfileIntentFilter(filter, who.getPackageName(),
mContext.getUserId(), UserHandle.USER_OWNER, callingUserId, 0);
}
} catch (RemoteException re) {
// Shouldn't happen
} finally {
restoreCallingIdentity(id);
}
}
|
| public boolean | addCrossProfileWidgetProvider(android.content.ComponentName admin, java.lang.String packageName)
final int userId = UserHandle.getCallingUserId();
List<String> changedProviders = null;
synchronized (this) {
ActiveAdmin activeAdmin = getActiveAdminForCallerLocked(admin,
DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
if (activeAdmin.crossProfileWidgetProviders == null) {
activeAdmin.crossProfileWidgetProviders = new ArrayList<>();
}
List<String> providers = activeAdmin.crossProfileWidgetProviders;
if (!providers.contains(packageName)) {
providers.add(packageName);
changedProviders = new ArrayList<>(providers);
saveSettingsLocked(userId);
}
}
if (changedProviders != null) {
mLocalService.notifyCrossProfileProvidersChanged(userId, changedProviders);
return true;
}
return false;
|
| public void | addPersistentPreferredActivity(android.content.ComponentName who, android.content.IntentFilter filter, android.content.ComponentName activity)
final int userHandle = UserHandle.getCallingUserId();
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
IPackageManager pm = AppGlobals.getPackageManager();
long id = Binder.clearCallingIdentity();
try {
pm.addPersistentPreferredActivity(filter, activity, userHandle);
} catch (RemoteException re) {
// Shouldn't happen
} finally {
restoreCallingIdentity(id);
}
}
|
| private boolean | allowedToSetDeviceOwnerOnDevice()Device owner can only be set on an unprovisioned device, unless it was initiated by "adb", in
which case we allow it if no account is associated with the device.
int callingId = Binder.getCallingUid();
if (callingId == Process.SHELL_UID || callingId == Process.ROOT_UID) {
return AccountManager.get(mContext).getAccounts().length == 0;
} else {
return !hasUserSetupCompleted(UserHandle.USER_OWNER);
}
|
| private boolean | checkCallerIsCurrentUserOrProfile()
int callingUserId = UserHandle.getCallingUserId();
long token = Binder.clearCallingIdentity();
try {
UserInfo currentUser;
UserInfo callingUser = mUserManager.getUserInfo(callingUserId);
try {
currentUser = ActivityManagerNative.getDefault().getCurrentUser();
} catch (RemoteException e) {
Slog.e(LOG_TAG, "Failed to talk to activity managed.", e);
return false;
}
if (callingUser.isManagedProfile() && callingUser.profileGroupId != currentUser.id) {
Slog.e(LOG_TAG, "Cannot set permitted input methods for managed profile "
+ "of a user that isn't the foreground user.");
return false;
}
if (!callingUser.isManagedProfile() && callingUserId != currentUser.id ) {
Slog.e(LOG_TAG, "Cannot set permitted input methods "
+ "of a user that isn't the foreground user.");
return false;
}
} finally {
Binder.restoreCallingIdentity(token);
}
return true;
|
| private boolean | checkPackagesInPermittedListOrSystem(java.util.List enabledPackages, java.util.List permittedList)
int userIdToCheck = UserHandle.getCallingUserId();
long id = Binder.clearCallingIdentity();
try {
// If we have an enabled packages list for a managed profile the packages
// we should check are installed for the parent user.
UserInfo user = mUserManager.getUserInfo(userIdToCheck);
if (user.isManagedProfile()) {
userIdToCheck = user.profileGroupId;
}
IPackageManager pm = AppGlobals.getPackageManager();
for (String enabledPackage : enabledPackages) {
boolean systemService = false;
try {
ApplicationInfo applicationInfo = pm.getApplicationInfo(enabledPackage,
PackageManager.GET_UNINSTALLED_PACKAGES, userIdToCheck);
systemService = (applicationInfo.flags
& ApplicationInfo.FLAG_SYSTEM) != 0;
} catch (RemoteException e) {
Log.i(LOG_TAG, "Can't talk to package managed", e);
}
if (!systemService && !permittedList.contains(enabledPackage)) {
return false;
}
}
} finally {
restoreCallingIdentity(id);
}
return true;
|
| private void | cleanUpOldUsers()
// This is needed in case the broadcast {@link Intent.ACTION_USER_REMOVED} was not handled
// before reboot
Set<Integer> usersWithProfileOwners;
Set<Integer> usersWithData;
synchronized(this) {
usersWithProfileOwners = mDeviceOwner != null
? mDeviceOwner.getProfileOwnerKeys() : new HashSet<Integer>();
usersWithData = new HashSet<Integer>();
for (int i = 0; i < mUserData.size(); i++) {
usersWithData.add(mUserData.keyAt(i));
}
}
List<UserInfo> allUsers = mUserManager.getUsers();
Set<Integer> deletedUsers = new HashSet<Integer>();
deletedUsers.addAll(usersWithProfileOwners);
deletedUsers.addAll(usersWithData);
for (UserInfo userInfo : allUsers) {
deletedUsers.remove(userInfo.id);
}
for (Integer userId : deletedUsers) {
removeUserData(userId);
}
|
| public void | clearCrossProfileIntentFilters(android.content.ComponentName who)
int callingUserId = UserHandle.getCallingUserId();
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
IPackageManager pm = AppGlobals.getPackageManager();
long id = Binder.clearCallingIdentity();
try {
pm.clearCrossProfileIntentFilters(callingUserId, who.getPackageName(),
callingUserId);
// If we want to support multiple managed profiles, we will have to only remove
// those that have callingUserId as their target.
pm.clearCrossProfileIntentFilters(UserHandle.USER_OWNER, who.getPackageName(),
callingUserId);
} catch (RemoteException re) {
// Shouldn't happen
} finally {
restoreCallingIdentity(id);
}
}
|
| public void | clearDeviceOwner(java.lang.String packageName)
if (packageName == null) {
throw new NullPointerException("packageName is null");
}
try {
int uid = mContext.getPackageManager().getPackageUid(packageName, 0);
if (uid != Binder.getCallingUid()) {
throw new SecurityException("Invalid packageName");
}
} catch (NameNotFoundException e) {
throw new SecurityException(e);
}
if (!isDeviceOwner(packageName)) {
throw new SecurityException("clearDeviceOwner can only be called by the device owner");
}
synchronized (this) {
long ident = Binder.clearCallingIdentity();
try {
clearUserRestrictions(new UserHandle(UserHandle.USER_OWNER));
if (mDeviceOwner != null) {
mDeviceOwner.clearDeviceOwner();
mDeviceOwner.writeOwnerFile();
}
} finally {
Binder.restoreCallingIdentity(ident);
}
}
|
| public void | clearPackagePersistentPreferredActivities(android.content.ComponentName who, java.lang.String packageName)
final int userHandle = UserHandle.getCallingUserId();
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
IPackageManager pm = AppGlobals.getPackageManager();
long id = Binder.clearCallingIdentity();
try {
pm.clearPackagePersistentPreferredActivities(packageName, userHandle);
} catch (RemoteException re) {
// Shouldn't happen
} finally {
restoreCallingIdentity(id);
}
}
|
| public void | clearProfileOwner(android.content.ComponentName who)
if (!mHasFeature) {
return;
}
UserHandle callingUser = Binder.getCallingUserHandle();
// Check if this is the profile owner who is calling
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
synchronized (this) {
long ident = Binder.clearCallingIdentity();
try {
clearUserRestrictions(callingUser);
if (mDeviceOwner != null) {
mDeviceOwner.removeProfileOwner(callingUser.getIdentifier());
mDeviceOwner.writeOwnerFile();
}
} finally {
Binder.restoreCallingIdentity(ident);
}
}
|
| private void | clearUserRestrictions(android.os.UserHandle userHandle)
AudioManager audioManager =
(AudioManager) mContext.getSystemService(Context.AUDIO_SERVICE);
Bundle userRestrictions = mUserManager.getUserRestrictions();
mUserManager.setUserRestrictions(new Bundle(), userHandle);
if (userRestrictions.getBoolean(UserManager.DISALLOW_ADJUST_VOLUME)) {
audioManager.setMasterMute(false);
}
if (userRestrictions.getBoolean(UserManager.DISALLOW_UNMUTE_MICROPHONE)) {
audioManager.setMicrophoneMute(false);
}
|
| public android.os.UserHandle | createAndInitializeUser(android.content.ComponentName who, java.lang.String name, java.lang.String ownerName, android.content.ComponentName profileOwnerComponent, android.os.Bundle adminExtras)
UserHandle user = createUser(who, name);
if (user == null) {
return null;
}
long id = Binder.clearCallingIdentity();
try {
String profileOwnerPkg = profileOwnerComponent.getPackageName();
final IPackageManager ipm = AppGlobals.getPackageManager();
IActivityManager activityManager = ActivityManagerNative.getDefault();
try {
// Install the profile owner if not present.
if (!ipm.isPackageAvailable(profileOwnerPkg, user.getIdentifier())) {
ipm.installExistingPackageAsUser(profileOwnerPkg, user.getIdentifier());
}
// Start user in background.
activityManager.startUserInBackground(user.getIdentifier());
} catch (RemoteException e) {
Slog.e(LOG_TAG, "Failed to make remote calls for configureUser", e);
}
setActiveAdmin(profileOwnerComponent, true, user.getIdentifier(), adminExtras);
setProfileOwner(profileOwnerComponent, ownerName, user.getIdentifier());
return user;
} finally {
restoreCallingIdentity(id);
}
|
| public android.os.UserHandle | createUser(android.content.ComponentName who, java.lang.String name)
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_DEVICE_OWNER);
long id = Binder.clearCallingIdentity();
try {
UserInfo userInfo = mUserManager.createUser(name, 0 /* flags */);
if (userInfo != null) {
return userInfo.getUserHandle();
}
return null;
} finally {
restoreCallingIdentity(id);
}
}
|
| protected void | dump(java.io.FileDescriptor fd, java.io.PrintWriter pw, java.lang.String[] args)
if (mContext.checkCallingOrSelfPermission(android.Manifest.permission.DUMP)
!= PackageManager.PERMISSION_GRANTED) {
pw.println("Permission Denial: can't dump DevicePolicyManagerService from from pid="
+ Binder.getCallingPid()
+ ", uid=" + Binder.getCallingUid());
return;
}
final Printer p = new PrintWriterPrinter(pw);
synchronized (this) {
p.println("Current Device Policy Manager state:");
int userCount = mUserData.size();
for (int u = 0; u < userCount; u++) {
DevicePolicyData policy = getUserData(mUserData.keyAt(u));
p.println(" Enabled Device Admins (User " + policy.mUserHandle + "):");
final int N = policy.mAdminList.size();
for (int i=0; i<N; i++) {
ActiveAdmin ap = policy.mAdminList.get(i);
if (ap != null) {
pw.print(" "); pw.print(ap.info.getComponent().flattenToShortString());
pw.println(":");
ap.dump(" ", pw);
}
}
if (!policy.mRemovingAdmins.isEmpty()) {
p.println(" Removing Device Admins (User " + policy.mUserHandle + "): "
+ policy.mRemovingAdmins);
}
pw.println(" ");
pw.print(" mPasswordOwner="); pw.println(policy.mPasswordOwner);
}
}
|
| private void | enableIfNecessary(java.lang.String packageName, int userId)
try {
IPackageManager ipm = AppGlobals.getPackageManager();
ApplicationInfo ai = ipm.getApplicationInfo(packageName,
PackageManager.GET_DISABLED_UNTIL_USED_COMPONENTS,
userId);
if (ai.enabledSetting
== PackageManager.COMPONENT_ENABLED_STATE_DISABLED_UNTIL_USED) {
ipm.setApplicationEnabledSetting(packageName,
PackageManager.COMPONENT_ENABLED_STATE_DEFAULT,
PackageManager.DONT_KILL_APP, userId, "DevicePolicyManager");
}
} catch (RemoteException e) {
}
|
| public void | enableSystemApp(android.content.ComponentName who, java.lang.String packageName)
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
// This API can only be called by an active device admin,
// so try to retrieve it to check that the caller is one.
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
int userId = UserHandle.getCallingUserId();
long id = Binder.clearCallingIdentity();
try {
if (DBG) {
Slog.v(LOG_TAG, "installing " + packageName + " for "
+ userId);
}
UserManager um = UserManager.get(mContext);
UserInfo primaryUser = um.getProfileParent(userId);
// Call did not come from a managed profile
if (primaryUser == null) {
primaryUser = um.getUserInfo(userId);
}
IPackageManager pm = AppGlobals.getPackageManager();
if (!isSystemApp(pm, packageName, primaryUser.id)) {
throw new IllegalArgumentException("Only system apps can be enabled this way.");
}
// Install the app.
pm.installExistingPackageAsUser(packageName, userId);
} catch (RemoteException re) {
// shouldn't happen
Slog.wtf(LOG_TAG, "Failed to install " + packageName, re);
} finally {
restoreCallingIdentity(id);
}
}
|
| public int | enableSystemAppWithIntent(android.content.ComponentName who, android.content.Intent intent)
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
// This API can only be called by an active device admin,
// so try to retrieve it to check that the caller is one.
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
int userId = UserHandle.getCallingUserId();
long id = Binder.clearCallingIdentity();
try {
UserManager um = UserManager.get(mContext);
UserInfo primaryUser = um.getProfileParent(userId);
// Call did not come from a managed profile.
if (primaryUser == null) {
primaryUser = um.getUserInfo(userId);
}
IPackageManager pm = AppGlobals.getPackageManager();
List<ResolveInfo> activitiesToEnable = pm.queryIntentActivities(intent,
intent.resolveTypeIfNeeded(mContext.getContentResolver()),
0, // no flags
primaryUser.id);
if (DBG) Slog.d(LOG_TAG, "Enabling system activities: " + activitiesToEnable);
int numberOfAppsInstalled = 0;
if (activitiesToEnable != null) {
for (ResolveInfo info : activitiesToEnable) {
if (info.activityInfo != null) {
if (!isSystemApp(pm, info.activityInfo.packageName, primaryUser.id)) {
throw new IllegalArgumentException(
"Only system apps can be enabled this way.");
}
numberOfAppsInstalled++;
pm.installExistingPackageAsUser(info.activityInfo.packageName, userId);
}
}
}
return numberOfAppsInstalled;
} catch (RemoteException e) {
// shouldn't happen
Slog.wtf(LOG_TAG, "Failed to resolve intent for: " + intent);
return 0;
} finally {
restoreCallingIdentity(id);
}
}
|
| public void | enforceCanManageCaCerts(android.content.ComponentName who)
if (who == null) {
mContext.enforceCallingOrSelfPermission(MANAGE_CA_CERTIFICATES, null);
} else {
synchronized (this) {
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
}
}
|
| private void | enforceCrossUserPermission(int userHandle)
if (userHandle < 0) {
throw new IllegalArgumentException("Invalid userId " + userHandle);
}
final int callingUid = Binder.getCallingUid();
if (userHandle == UserHandle.getUserId(callingUid)) return;
if (callingUid != Process.SYSTEM_UID && callingUid != 0) {
mContext.enforceCallingOrSelfPermission(
android.Manifest.permission.INTERACT_ACROSS_USERS_FULL, "Must be system or have"
+ " INTERACT_ACROSS_USERS_FULL permission");
}
|
| private void | enforceNotManagedProfile(int userHandle, java.lang.String message)
if(isManagedProfile(userHandle)) {
throw new SecurityException("You can not " + message + " for a managed profile. ");
}
|
| private void | enforceSystemProcess(java.lang.String message)
if (Binder.getCallingUid() != Process.SYSTEM_UID) {
throw new SecurityException(message);
}
|
| public android.app.admin.DeviceAdminInfo | findAdmin(android.content.ComponentName adminName, int userHandle)
if (!mHasFeature) {
return null;
}
enforceCrossUserPermission(userHandle);
Intent resolveIntent = new Intent();
resolveIntent.setComponent(adminName);
List<ResolveInfo> infos = mContext.getPackageManager().queryBroadcastReceivers(
resolveIntent,
PackageManager.GET_META_DATA | PackageManager.GET_DISABLED_UNTIL_USED_COMPONENTS,
userHandle);
if (infos == null || infos.size() <= 0) {
throw new IllegalArgumentException("Unknown admin: " + adminName);
}
try {
return new DeviceAdminInfo(mContext, infos.get(0));
} catch (XmlPullParserException e) {
Slog.w(LOG_TAG, "Bad device admin requested for user=" + userHandle + ": " + adminName,
e);
return null;
} catch (IOException e) {
Slog.w(LOG_TAG, "Bad device admin requested for user=" + userHandle + ": " + adminName,
e);
return null;
}
|
| private android.view.accessibility.AccessibilityManager | getAccessibilityManagerForUser(int userId)
// Not using AccessibilityManager.getInstance because that guesses
// at the user you require based on callingUid and caches for a given
// process.
IBinder iBinder = ServiceManager.getService(Context.ACCESSIBILITY_SERVICE);
IAccessibilityManager service = iBinder == null
? null : IAccessibilityManager.Stub.asInterface(iBinder);
return new AccessibilityManager(mContext, service, userId);
|
| public java.lang.String[] | getAccountTypesWithManagementDisabled()
return getAccountTypesWithManagementDisabledAsUser(UserHandle.getCallingUserId());
|
| public java.lang.String[] | getAccountTypesWithManagementDisabledAsUser(int userId)
enforceCrossUserPermission(userId);
if (!mHasFeature) {
return null;
}
synchronized (this) {
DevicePolicyData policy = getUserData(userId);
final int N = policy.mAdminList.size();
HashSet<String> resultSet = new HashSet<String>();
for (int i = 0; i < N; i++) {
ActiveAdmin admin = policy.mAdminList.get(i);
resultSet.addAll(admin.accountTypesWithManagementDisabled);
}
return resultSet.toArray(new String[resultSet.size()]);
}
|
| com.android.server.devicepolicy.DevicePolicyManagerService$ActiveAdmin | getActiveAdminForCallerLocked(android.content.ComponentName who, int reqPolicy)
final int callingUid = Binder.getCallingUid();
final int userHandle = UserHandle.getUserId(callingUid);
final DevicePolicyData policy = getUserData(userHandle);
List<ActiveAdmin> candidates = new ArrayList<ActiveAdmin>();
// Build a list of admins for this uid matching the given ComponentName
if (who != null) {
ActiveAdmin admin = policy.mAdminMap.get(who);
if (admin == null) {
throw new SecurityException("No active admin " + who);
}
if (admin.getUid() != callingUid) {
throw new SecurityException("Admin " + who + " is not owned by uid "
+ Binder.getCallingUid());
}
candidates.add(admin);
} else {
for (ActiveAdmin admin : policy.mAdminList) {
if (admin.getUid() == callingUid) {
candidates.add(admin);
}
}
}
// Try to find an admin which can use reqPolicy
for (ActiveAdmin admin : candidates) {
boolean ownsDevice = isDeviceOwner(admin.info.getPackageName());
boolean ownsProfile = (getProfileOwner(userHandle) != null
&& getProfileOwner(userHandle).getPackageName()
.equals(admin.info.getPackageName()));
if (reqPolicy == DeviceAdminInfo.USES_POLICY_DEVICE_OWNER) {
if (ownsDevice) {
return admin;
}
} else if (reqPolicy == DeviceAdminInfo.USES_POLICY_PROFILE_OWNER) {
if (ownsDevice || ownsProfile) {
return admin;
}
} else {
if (admin.info.usesPolicy(reqPolicy)) {
return admin;
}
}
}
if (who != null) {
if (reqPolicy == DeviceAdminInfo.USES_POLICY_DEVICE_OWNER) {
throw new SecurityException("Admin " + candidates.get(0).info.getComponent()
+ " does not own the device");
}
if (reqPolicy == DeviceAdminInfo.USES_POLICY_PROFILE_OWNER) {
throw new SecurityException("Admin " + candidates.get(0).info.getComponent()
+ " does not own the profile");
}
throw new SecurityException("Admin " + candidates.get(0).info.getComponent()
+ " did not specify uses-policy for: "
+ candidates.get(0).info.getTagForPolicy(reqPolicy));
} else {
throw new SecurityException("No active admin owned by uid "
+ Binder.getCallingUid() + " for policy #" + reqPolicy);
}
|
| com.android.server.devicepolicy.DevicePolicyManagerService$ActiveAdmin | getActiveAdminUncheckedLocked(android.content.ComponentName who, int userHandle)
ActiveAdmin admin = getUserData(userHandle).mAdminMap.get(who);
if (admin != null
&& who.getPackageName().equals(admin.info.getActivityInfo().packageName)
&& who.getClassName().equals(admin.info.getActivityInfo().name)) {
return admin;
}
return null;
|
| public java.util.List | getActiveAdmins(int userHandle)
if (!mHasFeature) {
return Collections.EMPTY_LIST;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
DevicePolicyData policy = getUserData(userHandle);
final int N = policy.mAdminList.size();
if (N <= 0) {
return null;
}
ArrayList<ComponentName> res = new ArrayList<ComponentName>(N);
for (int i=0; i<N; i++) {
res.add(policy.mAdminList.get(i).info.getComponent());
}
return res;
}
|
| private com.android.server.devicepolicy.DevicePolicyManagerService$ActiveAdmin | getAdminWithMinimumFailedPasswordsForWipeLocked(int userHandle)Returns the admin with the strictest policy on maximum failed passwords for this user and all
profiles that are visible from this user. If the policy for the primary and any other profile
are equal, it returns the admin for the primary profile.
Returns {@code null} if none of them have that policy set.
int count = 0;
ActiveAdmin strictestAdmin = null;
for (UserInfo userInfo : mUserManager.getProfiles(userHandle)) {
DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
for (ActiveAdmin admin : policy.mAdminList) {
if (admin.maximumFailedPasswordsForWipe ==
ActiveAdmin.DEF_MAXIMUM_FAILED_PASSWORDS_FOR_WIPE) {
continue; // No max number of failed passwords policy set for this profile.
}
// We always favor the primary profile if several profiles have the same value set.
if (count == 0 ||
count > admin.maximumFailedPasswordsForWipe ||
(userInfo.isPrimary() && count >= admin.maximumFailedPasswordsForWipe)) {
count = admin.maximumFailedPasswordsForWipe;
strictestAdmin = admin;
}
}
}
return strictestAdmin;
|
| public android.os.Bundle | getApplicationRestrictions(android.content.ComponentName who, java.lang.String packageName)
final UserHandle userHandle = new UserHandle(UserHandle.getCallingUserId());
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
long id = Binder.clearCallingIdentity();
try {
return mUserManager.getApplicationRestrictions(packageName, userHandle);
} finally {
restoreCallingIdentity(id);
}
}
|
| public boolean | getAutoTimeRequired()Returns whether or not auto time is required by the device owner.
if (!mHasFeature) {
return false;
}
synchronized (this) {
ActiveAdmin deviceOwner = getDeviceOwnerAdmin();
return (deviceOwner != null) ? deviceOwner.requireAutoTime : false;
}
|
| public boolean | getCameraDisabled(android.content.ComponentName who, int userHandle)Gets whether or not all device cameras are disabled for a given admin, or disabled for any
active admins.
if (!mHasFeature) {
return false;
}
synchronized (this) {
if (who != null) {
ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
return (admin != null) ? admin.disableCamera : false;
}
DevicePolicyData policy = getUserData(userHandle);
// Determine whether or not the device camera is disabled for any active admins.
final int N = policy.mAdminList.size();
for (int i = 0; i < N; i++) {
ActiveAdmin admin = policy.mAdminList.get(i);
if (admin.disableCamera) {
return true;
}
}
return false;
}
|
| public boolean | getCrossProfileCallerIdDisabled(android.content.ComponentName who)
if (!mHasFeature) {
return false;
}
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
ActiveAdmin admin = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
return admin.disableCallerId;
}
|
| public boolean | getCrossProfileCallerIdDisabledForUser(int userId)
// TODO: Should there be a check to make sure this relationship is within a profile group?
//enforceSystemProcess("getCrossProfileCallerIdDisabled can only be called by system");
synchronized (this) {
ActiveAdmin admin = getProfileOwnerAdmin(userId);
return (admin != null) ? admin.disableCallerId : false;
}
|
| public java.util.List | getCrossProfileWidgetProviders(android.content.ComponentName admin)
synchronized (this) {
ActiveAdmin activeAdmin = getActiveAdminForCallerLocked(admin,
DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
if (activeAdmin.crossProfileWidgetProviders == null
|| activeAdmin.crossProfileWidgetProviders.isEmpty()) {
return null;
}
if (Binder.getCallingUid() == Process.myUid()) {
return new ArrayList<>(activeAdmin.crossProfileWidgetProviders);
} else {
return activeAdmin.crossProfileWidgetProviders;
}
}
|
| public int | getCurrentFailedPasswordAttempts(int userHandle)
synchronized (this) {
// This API can only be called by an active device admin,
// so try to retrieve it to check that the caller is one.
getActiveAdminForCallerLocked(null,
DeviceAdminInfo.USES_POLICY_WATCH_LOGIN);
// The active password is stored in the parent.
UserInfo parent = getProfileParent(userHandle);
int id = (parent == null) ? userHandle : parent.id;
DevicePolicyData policy = getUserDataUnchecked(id);
return policy.mFailedPasswordAttempts;
}
|
| public java.lang.String | getDeviceOwner()
if (!mHasFeature) {
return null;
}
synchronized (this) {
if (mDeviceOwner != null && mDeviceOwner.hasDeviceOwner()) {
return mDeviceOwner.getDeviceOwnerPackageName();
}
}
return null;
|
| private com.android.server.devicepolicy.DevicePolicyManagerService$ActiveAdmin | getDeviceOwnerAdmin()
String deviceOwnerPackageName = getDeviceOwner();
if (deviceOwnerPackageName == null) {
return null;
}
DevicePolicyData policy = getUserData(UserHandle.USER_OWNER);
final int n = policy.mAdminList.size();
for (int i = 0; i < n; i++) {
ActiveAdmin admin = policy.mAdminList.get(i);
if (deviceOwnerPackageName.equals(admin.info.getPackageName())) {
return admin;
}
}
return null;
|
| public java.lang.String | getDeviceOwnerName()
if (!mHasFeature) {
return null;
}
mContext.enforceCallingOrSelfPermission(android.Manifest.permission.MANAGE_USERS, null);
synchronized (this) {
if (mDeviceOwner != null) {
return mDeviceOwner.getDeviceOwnerName();
}
}
return null;
|
| private int | getEncryptionStatus()Hook to low-levels: Reporting the current status of encryption.
String status = SystemProperties.get("ro.crypto.state", "unsupported");
if ("encrypted".equalsIgnoreCase(status)) {
final long token = Binder.clearCallingIdentity();
try {
return LockPatternUtils.isDeviceEncrypted()
? DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE
: DevicePolicyManager.ENCRYPTION_STATUS_INACTIVE;
} finally {
Binder.restoreCallingIdentity(token);
}
} else if ("unencrypted".equalsIgnoreCase(status)) {
return DevicePolicyManager.ENCRYPTION_STATUS_INACTIVE;
} else {
return DevicePolicyManager.ENCRYPTION_STATUS_UNSUPPORTED;
}
|
| public android.content.ComponentName | getGlobalProxyAdmin(int userHandle)
if (!mHasFeature) {
return null;
}
enforceCrossUserPermission(userHandle);
synchronized(this) {
DevicePolicyData policy = getUserData(UserHandle.USER_OWNER);
// Scan through active admins and find if anyone has already
// set the global proxy.
final int N = policy.mAdminList.size();
for (int i = 0; i < N; i++) {
ActiveAdmin ap = policy.mAdminList.get(i);
if (ap.specifiesGlobalProxy) {
// Device admin sets the global proxy
// Return it to the caller.
return ap.info.getComponent();
}
}
}
// No device admin sets the global proxy.
return null;
|
| public int | getKeyguardDisabledFeatures(android.content.ComponentName who, int userHandle)Gets the disabled state for features in keyguard for the given admin,
or the aggregate of all active admins if who is null.
if (!mHasFeature) {
return 0;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
if (who != null) {
ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
return (admin != null) ? admin.disabledKeyguardFeatures : 0;
}
// Determine which keyguard features are disabled for any active admins.
DevicePolicyData policy = getUserData(userHandle);
final int N = policy.mAdminList.size();
int which = 0;
for (int i = 0; i < N; i++) {
ActiveAdmin admin = policy.mAdminList.get(i);
which |= admin.disabledKeyguardFeatures;
}
return which;
}
|
| public java.lang.String[] | getLockTaskPackages(android.content.ComponentName who)This function returns the list of components allowed to start the task lock mode.
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_DEVICE_OWNER);
int userHandle = Binder.getCallingUserHandle().getIdentifier();
DevicePolicyData policy = getUserData(userHandle);
return policy.mLockTaskPackages.toArray(new String[0]);
}
|
| public int | getMaximumFailedPasswordsForWipe(android.content.ComponentName who, int userHandle)
if (!mHasFeature) {
return 0;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
ActiveAdmin admin = (who != null) ? getActiveAdminUncheckedLocked(who, userHandle)
: getAdminWithMinimumFailedPasswordsForWipeLocked(userHandle);
return admin != null ? admin.maximumFailedPasswordsForWipe : 0;
}
|
| public long | getMaximumTimeToLock(android.content.ComponentName who, int userHandle)
if (!mHasFeature) {
return 0;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
long time = 0;
if (who != null) {
ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
return admin != null ? admin.maximumTimeToUnlock : time;
}
// Return strictest policy for this user and profiles that are visible from this user.
List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
for (UserInfo userInfo : profiles) {
DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
final int N = policy.mAdminList.size();
for (int i=0; i<N; i++) {
ActiveAdmin admin = policy.mAdminList.get(i);
if (time == 0) {
time = admin.maximumTimeToUnlock;
} else if (admin.maximumTimeToUnlock != 0
&& time > admin.maximumTimeToUnlock) {
time = admin.maximumTimeToUnlock;
}
}
}
return time;
}
|
| private android.app.NotificationManager | getNotificationManager()
if (mNotificationManager == null) {
mNotificationManager =
(NotificationManager) mContext.getSystemService(Context.NOTIFICATION_SERVICE);
}
return mNotificationManager;
|
| public long | getPasswordExpiration(android.content.ComponentName who, int userHandle)
if (!mHasFeature) {
return 0L;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
return getPasswordExpirationLocked(who, userHandle);
}
|
| private long | getPasswordExpirationLocked(android.content.ComponentName who, int userHandle)Return a single admin's expiration date/time, or the min (soonest) for all admins.
Returns 0 if not configured.
long timeout = 0L;
if (who != null) {
ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
return admin != null ? admin.passwordExpirationDate : timeout;
}
List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
for (UserInfo userInfo : profiles) {
DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
final int N = policy.mAdminList.size();
for (int i = 0; i < N; i++) {
ActiveAdmin admin = policy.mAdminList.get(i);
if (timeout == 0L || (admin.passwordExpirationDate != 0
&& timeout > admin.passwordExpirationDate)) {
timeout = admin.passwordExpirationDate;
}
}
}
return timeout;
|
| public long | getPasswordExpirationTimeout(android.content.ComponentName who, int userHandle)Return a single admin's expiration cycle time, or the min of all cycle times.
Returns 0 if not configured.
if (!mHasFeature) {
return 0L;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
long timeout = 0L;
if (who != null) {
ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
return admin != null ? admin.passwordExpirationTimeout : timeout;
}
List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
for (UserInfo userInfo : profiles) {
DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
final int N = policy.mAdminList.size();
for (int i = 0; i < N; i++) {
ActiveAdmin admin = policy.mAdminList.get(i);
if (timeout == 0L || (admin.passwordExpirationTimeout != 0L
&& timeout > admin.passwordExpirationTimeout)) {
timeout = admin.passwordExpirationTimeout;
}
}
}
return timeout;
}
|
| public int | getPasswordHistoryLength(android.content.ComponentName who, int userHandle)
if (!mHasFeature) {
return 0;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
int length = 0;
if (who != null) {
ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
return admin != null ? admin.passwordHistoryLength : length;
}
// Return strictest policy for this user and profiles that are visible from this user.
List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
for (UserInfo userInfo : profiles) {
DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
final int N = policy.mAdminList.size();
for (int i = 0; i < N; i++) {
ActiveAdmin admin = policy.mAdminList.get(i);
if (length < admin.passwordHistoryLength) {
length = admin.passwordHistoryLength;
}
}
}
return length;
}
|
| public int | getPasswordMinimumLength(android.content.ComponentName who, int userHandle)
if (!mHasFeature) {
return 0;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
int length = 0;
if (who != null) {
ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
return admin != null ? admin.minimumPasswordLength : length;
}
// Return strictest policy for this user and profiles that are visible from this user.
List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
for (UserInfo userInfo : profiles) {
DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
final int N = policy.mAdminList.size();
for (int i=0; i<N; i++) {
ActiveAdmin admin = policy.mAdminList.get(i);
if (length < admin.minimumPasswordLength) {
length = admin.minimumPasswordLength;
}
}
}
return length;
}
|
| public int | getPasswordMinimumLetters(android.content.ComponentName who, int userHandle)
if (!mHasFeature) {
return 0;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
int length = 0;
if (who != null) {
ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
return admin != null ? admin.minimumPasswordLetters : length;
}
// Return strictest policy for this user and profiles that are visible from this user.
List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
for (UserInfo userInfo : profiles) {
DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
final int N = policy.mAdminList.size();
for (int i=0; i<N; i++) {
ActiveAdmin admin = policy.mAdminList.get(i);
if (length < admin.minimumPasswordLetters) {
length = admin.minimumPasswordLetters;
}
}
}
return length;
}
|
| public int | getPasswordMinimumLowerCase(android.content.ComponentName who, int userHandle)
if (!mHasFeature) {
return 0;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
int length = 0;
if (who != null) {
ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
return admin != null ? admin.minimumPasswordLowerCase : length;
}
// Return strictest policy for this user and profiles that are visible from this user.
List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
for (UserInfo userInfo : profiles) {
DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
final int N = policy.mAdminList.size();
for (int i=0; i<N; i++) {
ActiveAdmin admin = policy.mAdminList.get(i);
if (length < admin.minimumPasswordLowerCase) {
length = admin.minimumPasswordLowerCase;
}
}
}
return length;
}
|
| public int | getPasswordMinimumNonLetter(android.content.ComponentName who, int userHandle)
if (!mHasFeature) {
return 0;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
int length = 0;
if (who != null) {
ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
return admin != null ? admin.minimumPasswordNonLetter : length;
}
// Return strictest policy for this user and profiles that are visible from this user.
List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
for (UserInfo userInfo : profiles) {
DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
final int N = policy.mAdminList.size();
for (int i=0; i<N; i++) {
ActiveAdmin admin = policy.mAdminList.get(i);
if (length < admin.minimumPasswordNonLetter) {
length = admin.minimumPasswordNonLetter;
}
}
}
return length;
}
|
| public int | getPasswordMinimumNumeric(android.content.ComponentName who, int userHandle)
if (!mHasFeature) {
return 0;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
int length = 0;
if (who != null) {
ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
return admin != null ? admin.minimumPasswordNumeric : length;
}
// Return strictest policy for this user and profiles that are visible from this user.
List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
for (UserInfo userInfo : profiles) {
DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
final int N = policy.mAdminList.size();
for (int i = 0; i < N; i++) {
ActiveAdmin admin = policy.mAdminList.get(i);
if (length < admin.minimumPasswordNumeric) {
length = admin.minimumPasswordNumeric;
}
}
}
return length;
}
|
| public int | getPasswordMinimumSymbols(android.content.ComponentName who, int userHandle)
if (!mHasFeature) {
return 0;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
int length = 0;
if (who != null) {
ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
return admin != null ? admin.minimumPasswordSymbols : length;
}
// Return strictest policy for this user and profiles that are visible from this user.
List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
for (UserInfo userInfo : profiles) {
DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
final int N = policy.mAdminList.size();
for (int i=0; i<N; i++) {
ActiveAdmin admin = policy.mAdminList.get(i);
if (length < admin.minimumPasswordSymbols) {
length = admin.minimumPasswordSymbols;
}
}
}
return length;
}
|
| public int | getPasswordMinimumUpperCase(android.content.ComponentName who, int userHandle)
if (!mHasFeature) {
return 0;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
int length = 0;
if (who != null) {
ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
return admin != null ? admin.minimumPasswordUpperCase : length;
}
// Return strictest policy for this user and profiles that are visible from this user.
List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
for (UserInfo userInfo : profiles) {
DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
final int N = policy.mAdminList.size();
for (int i=0; i<N; i++) {
ActiveAdmin admin = policy.mAdminList.get(i);
if (length < admin.minimumPasswordUpperCase) {
length = admin.minimumPasswordUpperCase;
}
}
}
return length;
}
|
| public int | getPasswordQuality(android.content.ComponentName who, int userHandle)
if (!mHasFeature) {
return DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
int mode = DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED;
if (who != null) {
ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
return admin != null ? admin.passwordQuality : mode;
}
// Return strictest policy for this user and profiles that are visible from this user.
List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
for (UserInfo userInfo : profiles) {
DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
final int N = policy.mAdminList.size();
for (int i=0; i<N; i++) {
ActiveAdmin admin = policy.mAdminList.get(i);
if (mode < admin.passwordQuality) {
mode = admin.passwordQuality;
}
}
}
return mode;
}
|
| public java.util.List | getPermittedAccessibilityServices(android.content.ComponentName who)
if (!mHasFeature) {
return null;
}
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
synchronized (this) {
ActiveAdmin admin = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
return admin.permittedAccessiblityServices;
}
|
| public java.util.List | getPermittedAccessibilityServicesForUser(int userId)
if (!mHasFeature) {
return null;
}
synchronized (this) {
List<String> result = null;
// If we have multiple profiles we return the intersection of the
// permitted lists. This can happen in cases where we have a device
// and profile owner.
List<UserInfo> profiles = mUserManager.getProfiles(userId);
final int PROFILES_SIZE = profiles.size();
for (int i = 0; i < PROFILES_SIZE; ++i) {
// Just loop though all admins, only device or profiles
// owners can have permitted lists set.
DevicePolicyData policy = getUserDataUnchecked(profiles.get(i).id);
final int N = policy.mAdminList.size();
for (int j = 0; j < N; j++) {
ActiveAdmin admin = policy.mAdminList.get(j);
List<String> fromAdmin = admin.permittedAccessiblityServices;
if (fromAdmin != null) {
if (result == null) {
result = new ArrayList<String>(fromAdmin);
} else {
result.retainAll(fromAdmin);
}
}
}
}
// If we have a permitted list add all system accessibility services.
if (result != null) {
long id = Binder.clearCallingIdentity();
try {
UserInfo user = mUserManager.getUserInfo(userId);
if (user.isManagedProfile()) {
userId = user.profileGroupId;
}
AccessibilityManager accessibilityManager =
getAccessibilityManagerForUser(userId);
List<AccessibilityServiceInfo> installedServices =
accessibilityManager.getInstalledAccessibilityServiceList();
IPackageManager pm = AppGlobals.getPackageManager();
if (installedServices != null) {
for (AccessibilityServiceInfo service : installedServices) {
String packageName = service.getResolveInfo().serviceInfo.packageName;
try {
ApplicationInfo applicationInfo = pm.getApplicationInfo(packageName,
PackageManager.GET_UNINSTALLED_PACKAGES, userId);
if ((applicationInfo.flags & ApplicationInfo.FLAG_SYSTEM) != 0) {
result.add(packageName);
}
} catch (RemoteException e) {
Log.i(LOG_TAG, "Accessibility service in missing package", e);
}
}
}
} finally {
restoreCallingIdentity(id);
}
}
return result;
}
|
| public java.util.List | getPermittedInputMethods(android.content.ComponentName who)
if (!mHasFeature) {
return null;
}
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
synchronized (this) {
ActiveAdmin admin = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
return admin.permittedInputMethods;
}
|
| public java.util.List | getPermittedInputMethodsForCurrentUser()
UserInfo currentUser;
try {
currentUser = ActivityManagerNative.getDefault().getCurrentUser();
} catch (RemoteException e) {
Slog.e(LOG_TAG, "Failed to make remote calls to get current user", e);
// Activity managed is dead, just allow all IMEs
return null;
}
int userId = currentUser.id;
synchronized (this) {
List<String> result = null;
// If we have multiple profiles we return the intersection of the
// permitted lists. This can happen in cases where we have a device
// and profile owner.
List<UserInfo> profiles = mUserManager.getProfiles(userId);
final int PROFILES_SIZE = profiles.size();
for (int i = 0; i < PROFILES_SIZE; ++i) {
// Just loop though all admins, only device or profiles
// owners can have permitted lists set.
DevicePolicyData policy = getUserDataUnchecked(profiles.get(i).id);
final int N = policy.mAdminList.size();
for (int j = 0; j < N; j++) {
ActiveAdmin admin = policy.mAdminList.get(j);
List<String> fromAdmin = admin.permittedInputMethods;
if (fromAdmin != null) {
if (result == null) {
result = new ArrayList<String>(fromAdmin);
} else {
result.retainAll(fromAdmin);
}
}
}
}
// If we have a permitted list add all system input methods.
if (result != null) {
InputMethodManager inputMethodManager = (InputMethodManager) mContext
.getSystemService(Context.INPUT_METHOD_SERVICE);
List<InputMethodInfo> imes = inputMethodManager.getInputMethodList();
long id = Binder.clearCallingIdentity();
try {
IPackageManager pm = AppGlobals.getPackageManager();
if (imes != null) {
for (InputMethodInfo ime : imes) {
String packageName = ime.getPackageName();
try {
ApplicationInfo applicationInfo = pm.getApplicationInfo(
packageName, PackageManager.GET_UNINSTALLED_PACKAGES,
userId);
if ((applicationInfo.flags & ApplicationInfo.FLAG_SYSTEM) != 0) {
result.add(packageName);
}
} catch (RemoteException e) {
Log.i(LOG_TAG, "Input method for missing package", e);
}
}
}
} finally {
restoreCallingIdentity(id);
}
}
return result;
}
|
| public android.content.ComponentName | getProfileOwner(int userHandle)
if (!mHasFeature) {
return null;
}
synchronized (this) {
if (mDeviceOwner != null) {
return mDeviceOwner.getProfileOwnerComponent(userHandle);
}
}
return null;
|
| private com.android.server.devicepolicy.DevicePolicyManagerService$ActiveAdmin | getProfileOwnerAdmin(int userHandle)
ComponentName profileOwner =
mDeviceOwner != null ? mDeviceOwner.getProfileOwnerComponent(userHandle) : null;
if (profileOwner == null) {
return null;
}
DevicePolicyData policy = getUserData(userHandle);
final int n = policy.mAdminList.size();
for (int i = 0; i < n; i++) {
ActiveAdmin admin = policy.mAdminList.get(i);
if (profileOwner.equals(admin.info.getComponent())) {
return admin;
}
}
return null;
|
| public java.lang.String | getProfileOwnerName(int userHandle)
if (!mHasFeature) {
return null;
}
mContext.enforceCallingOrSelfPermission(android.Manifest.permission.MANAGE_USERS, null);
synchronized (this) {
if (mDeviceOwner != null) {
return mDeviceOwner.getProfileOwnerName(userHandle);
}
}
return null;
|
| private android.content.pm.UserInfo | getProfileParent(int userHandle)
long ident = Binder.clearCallingIdentity();
try {
return mUserManager.getProfileParent(userHandle);
} finally {
Binder.restoreCallingIdentity(ident);
}
|
| public int | getProfileWithMinimumFailedPasswordsForWipe(int userHandle)
if (!mHasFeature) {
return UserHandle.USER_NULL;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
ActiveAdmin admin = getAdminWithMinimumFailedPasswordsForWipeLocked(userHandle);
return admin != null ? admin.getUserHandle().getIdentifier() : UserHandle.USER_NULL;
}
|
| public void | getRemoveWarning(android.content.ComponentName comp, android.os.RemoteCallback result, int userHandle)
if (!mHasFeature) {
return;
}
enforceCrossUserPermission(userHandle);
mContext.enforceCallingOrSelfPermission(
android.Manifest.permission.BIND_DEVICE_ADMIN, null);
synchronized (this) {
ActiveAdmin admin = getActiveAdminUncheckedLocked(comp, userHandle);
if (admin == null) {
try {
result.sendResult(null);
} catch (RemoteException e) {
}
return;
}
Intent intent = new Intent(DeviceAdminReceiver.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED);
intent.setFlags(Intent.FLAG_RECEIVER_FOREGROUND);
intent.setComponent(admin.info.getComponent());
mContext.sendOrderedBroadcastAsUser(intent, new UserHandle(userHandle),
null, new BroadcastReceiver() {
@Override
public void onReceive(Context context, Intent intent) {
try {
result.sendResult(getResultExtras(false));
} catch (RemoteException e) {
}
}
}, null, Activity.RESULT_OK, null, null);
}
|
| public android.content.ComponentName | getRestrictionsProvider(int userHandle)
synchronized (this) {
if (Binder.getCallingUid() != Process.SYSTEM_UID) {
throw new SecurityException("Only the system can query the permission provider");
}
DevicePolicyData userData = getUserData(userHandle);
return userData != null ? userData.mRestrictionsProvider : null;
}
|
| public boolean | getScreenCaptureDisabled(android.content.ComponentName who, int userHandle)Returns whether or not screen capture is disabled for a given admin, or disabled for any
active admin (if given admin is null).
if (!mHasFeature) {
return false;
}
synchronized (this) {
if (who != null) {
ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
return (admin != null) ? admin.disableScreenCapture : false;
}
DevicePolicyData policy = getUserData(userHandle);
final int N = policy.mAdminList.size();
for (int i = 0; i < N; i++) {
ActiveAdmin admin = policy.mAdminList.get(i);
if (admin.disableScreenCapture) {
return true;
}
}
return false;
}
|
| public boolean | getStorageEncryption(android.content.ComponentName who, int userHandle)Get the current storage encryption request status for a given admin, or aggregate of all
active admins.
if (!mHasFeature) {
return false;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
// Check for permissions if a particular caller is specified
if (who != null) {
// When checking for a single caller, status is based on caller's request
ActiveAdmin ap = getActiveAdminUncheckedLocked(who, userHandle);
return ap != null ? ap.encryptionRequested : false;
}
// If no particular caller is specified, return the aggregate set of requests.
// This is short circuited by returning true on the first hit.
DevicePolicyData policy = getUserData(userHandle);
final int N = policy.mAdminList.size();
for (int i = 0; i < N; i++) {
if (policy.mAdminList.get(i).encryptionRequested) {
return true;
}
}
return false;
}
|
| public int | getStorageEncryptionStatus(int userHandle)Get the current encryption status of the device.
if (!mHasFeature) {
// Ok to return current status.
}
enforceCrossUserPermission(userHandle);
return getEncryptionStatus();
|
| public java.util.List | getTrustAgentConfiguration(android.content.ComponentName admin, android.content.ComponentName agent, int userHandle)
if (!mHasFeature) {
return null;
}
enforceCrossUserPermission(userHandle);
if (agent == null) {
throw new NullPointerException("agent is null");
}
synchronized (this) {
final String componentName = agent.flattenToString();
if (admin != null) {
final ActiveAdmin ap = getActiveAdminUncheckedLocked(admin, userHandle);
if (ap == null) return null;
TrustAgentInfo trustAgentInfo = ap.trustAgentInfos.get(componentName);
if (trustAgentInfo == null || trustAgentInfo.options == null) return null;
List<PersistableBundle> result = new ArrayList<PersistableBundle>();
result.add(trustAgentInfo.options);
return result;
}
// Return strictest policy for this user and profiles that are visible from this user.
final List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
List<PersistableBundle> result = null;
// Search through all admins that use KEYGUARD_DISABLE_TRUST_AGENTS and keep track
// of the options. If any admin doesn't have options, discard options for the rest
// and return null.
boolean allAdminsHaveOptions = true;
for (UserInfo userInfo : profiles) {
DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
final int N = policy.mAdminList.size();
for (int i=0; i < N; i++) {
final ActiveAdmin active = policy.mAdminList.get(i);
final boolean disablesTrust = (active.disabledKeyguardFeatures
& DevicePolicyManager.KEYGUARD_DISABLE_TRUST_AGENTS) != 0;
final TrustAgentInfo info = active.trustAgentInfos.get(componentName);
if (info != null && info.options != null && !info.options.isEmpty()) {
if (disablesTrust) {
if (result == null) {
result = new ArrayList<PersistableBundle>();
}
result.add(info.options);
} else {
Log.w(LOG_TAG, "Ignoring admin " + active.info
+ " because it has trust options but doesn't declare "
+ "KEYGUARD_DISABLE_TRUST_AGENTS");
}
} else if (disablesTrust) {
allAdminsHaveOptions = false;
break;
}
}
}
return allAdminsHaveOptions ? result : null;
}
|
| com.android.server.devicepolicy.DevicePolicyManagerService$DevicePolicyData | getUserData(int userHandle)Creates and loads the policy data from xml.
synchronized (this) {
DevicePolicyData policy = mUserData.get(userHandle);
if (policy == null) {
policy = new DevicePolicyData(userHandle);
mUserData.append(userHandle, policy);
loadSettingsLocked(policy, userHandle);
}
return policy;
}
|
| com.android.server.devicepolicy.DevicePolicyManagerService$DevicePolicyData | getUserDataUnchecked(int userHandle)Creates and loads the policy data from xml for data that is shared between
various profiles of a user. In contrast to {@link #getUserData(int)}
it allows access to data of users other than the calling user.
This function should only be used for shared data, e.g. everything regarding
passwords and should be removed once multiple screen locks are present.
long ident = Binder.clearCallingIdentity();
try {
return getUserData(userHandle);
} finally {
Binder.restoreCallingIdentity(ident);
}
|
| private android.view.IWindowManager | getWindowManager()
if (mIWindowManager == null) {
IBinder b = ServiceManager.getService(Context.WINDOW_SERVICE);
mIWindowManager = IWindowManager.Stub.asInterface(b);
}
return mIWindowManager;
|
| private void | handlePackagesChanged(java.lang.String packageName, int userHandle)
boolean removed = false;
if (DBG) Slog.d(LOG_TAG, "Handling package changes for user " + userHandle);
DevicePolicyData policy = getUserData(userHandle);
IPackageManager pm = AppGlobals.getPackageManager();
synchronized (this) {
for (int i = policy.mAdminList.size() - 1; i >= 0; i--) {
ActiveAdmin aa = policy.mAdminList.get(i);
try {
// If we're checking all packages or if the specific one we're checking matches,
// then check if the package and receiver still exist.
final String adminPackage = aa.info.getPackageName();
if (packageName == null || packageName.equals(adminPackage)) {
if (pm.getPackageInfo(adminPackage, 0, userHandle) == null
|| pm.getReceiverInfo(aa.info.getComponent(), 0, userHandle)
== null) {
removed = true;
policy.mAdminList.remove(i);
policy.mAdminMap.remove(aa.info.getComponent());
}
}
} catch (RemoteException re) {
// Shouldn't happen
}
}
if (removed) {
validatePasswordOwnerLocked(policy);
syncDeviceCapabilitiesLocked(policy);
saveSettingsLocked(policy.mUserHandle);
}
}
|
| private void | handlePasswordExpirationNotification(int userHandle)
synchronized (this) {
final long now = System.currentTimeMillis();
List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
for (UserInfo ui : profiles) {
int profileUserHandle = ui.id;
final DevicePolicyData policy = getUserData(profileUserHandle);
final int count = policy.mAdminList.size();
if (count > 0) {
for (int i = 0; i < count; i++) {
final ActiveAdmin admin = policy.mAdminList.get(i);
if (admin.info.usesPolicy(DeviceAdminInfo.USES_POLICY_EXPIRE_PASSWORD)
&& admin.passwordExpirationTimeout > 0L
&& now >= admin.passwordExpirationDate - EXPIRATION_GRACE_PERIOD_MS
&& admin.passwordExpirationDate > 0L) {
sendAdminCommandLocked(admin,
DeviceAdminReceiver.ACTION_PASSWORD_EXPIRING);
}
}
}
}
setExpirationAlarmCheckLocked(mContext, getUserData(userHandle));
}
|
| public boolean | hasGrantedPolicy(android.content.ComponentName adminReceiver, int policyId, int userHandle)
if (!mHasFeature) {
return false;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
ActiveAdmin administrator = getActiveAdminUncheckedLocked(adminReceiver, userHandle);
if (administrator == null) {
throw new SecurityException("No active admin " + adminReceiver);
}
return administrator.info.usesPolicy(policyId);
}
|
| public boolean | hasUserSetupCompleted()
return hasUserSetupCompleted(UserHandle.getCallingUserId());
|
| private boolean | hasUserSetupCompleted(int userHandle)
if (!mHasFeature) {
return true;
}
DevicePolicyData policy = getUserData(userHandle);
// If policy is null, return true, else check if the setup has completed.
return policy == null || policy.mUserSetupComplete;
|
| public boolean | installCaCert(android.content.ComponentName admin, byte[] certBuffer)
enforceCanManageCaCerts(admin);
byte[] pemCert;
try {
X509Certificate cert = parseCert(certBuffer);
pemCert = Credentials.convertToPem(cert);
} catch (CertificateException ce) {
Log.e(LOG_TAG, "Problem converting cert", ce);
return false;
} catch (IOException ioe) {
Log.e(LOG_TAG, "Problem reading cert", ioe);
return false;
}
final UserHandle userHandle = new UserHandle(UserHandle.getCallingUserId());
final long id = Binder.clearCallingIdentity();
try {
final KeyChainConnection keyChainConnection = KeyChain.bindAsUser(mContext, userHandle);
try {
keyChainConnection.getService().installCaCertificate(pemCert);
return true;
} catch (RemoteException e) {
Log.e(LOG_TAG, "installCaCertsToKeyChain(): ", e);
} finally {
keyChainConnection.close();
}
} catch (InterruptedException e1) {
Log.w(LOG_TAG, "installCaCertsToKeyChain(): ", e1);
Thread.currentThread().interrupt();
} finally {
Binder.restoreCallingIdentity(id);
}
return false;
|
| public boolean | installKeyPair(android.content.ComponentName who, byte[] privKey, byte[] cert, java.lang.String alias)
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
synchronized (this) {
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
}
final UserHandle userHandle = new UserHandle(UserHandle.getCallingUserId());
final long id = Binder.clearCallingIdentity();
try {
final KeyChainConnection keyChainConnection = KeyChain.bindAsUser(mContext, userHandle);
try {
IKeyChainService keyChain = keyChainConnection.getService();
return keyChain.installKeyPair(privKey, cert, alias);
} catch (RemoteException e) {
Log.e(LOG_TAG, "Installing certificate", e);
} finally {
keyChainConnection.close();
}
} catch (InterruptedException e) {
Log.w(LOG_TAG, "Interrupted while installing certificate", e);
Thread.currentThread().interrupt();
} finally {
Binder.restoreCallingIdentity(id);
}
return false;
|
| public boolean | isActivePasswordSufficient(int userHandle)
if (!mHasFeature) {
return true;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
// The active password is stored in the user that runs the launcher
// If the user this is called from is part of a profile group, that is the parent
// of the group.
UserInfo parent = getProfileParent(userHandle);
int id = (parent == null) ? userHandle : parent.id;
DevicePolicyData policy = getUserDataUnchecked(id);
// This API can only be called by an active device admin,
// so try to retrieve it to check that the caller is one.
getActiveAdminForCallerLocked(null,
DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD);
if (policy.mActivePasswordQuality < getPasswordQuality(null, userHandle)
|| policy.mActivePasswordLength < getPasswordMinimumLength(null, userHandle)) {
return false;
}
if (policy.mActivePasswordQuality != DevicePolicyManager.PASSWORD_QUALITY_COMPLEX) {
return true;
}
return policy.mActivePasswordUpperCase >= getPasswordMinimumUpperCase(null, userHandle)
&& policy.mActivePasswordLowerCase >= getPasswordMinimumLowerCase(null, userHandle)
&& policy.mActivePasswordLetters >= getPasswordMinimumLetters(null, userHandle)
&& policy.mActivePasswordNumeric >= getPasswordMinimumNumeric(null, userHandle)
&& policy.mActivePasswordSymbols >= getPasswordMinimumSymbols(null, userHandle)
&& policy.mActivePasswordNonLetter >= getPasswordMinimumNonLetter(null, userHandle);
}
|
| public boolean | isAdminActive(android.content.ComponentName adminReceiver, int userHandle)
if (!mHasFeature) {
return false;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
return getActiveAdminUncheckedLocked(adminReceiver, userHandle) != null;
}
|
| public boolean | isApplicationHidden(android.content.ComponentName who, java.lang.String packageName)
int callingUserId = UserHandle.getCallingUserId();
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
long id = Binder.clearCallingIdentity();
try {
IPackageManager pm = AppGlobals.getPackageManager();
return pm.getApplicationHiddenSettingAsUser(packageName, callingUserId);
} catch (RemoteException re) {
// shouldn't happen
Slog.e(LOG_TAG, "Failed to getApplicationHiddenSettingAsUser", re);
} finally {
restoreCallingIdentity(id);
}
return false;
}
|
| public boolean | isDeviceOwner(java.lang.String packageName)
if (!mHasFeature) {
return false;
}
synchronized (this) {
return mDeviceOwner != null
&& mDeviceOwner.hasDeviceOwner()
&& mDeviceOwner.getDeviceOwnerPackageName().equals(packageName);
}
|
| private boolean | isEncryptionSupported()Hook to low-levels: This should report if the filesystem supports encrypted storage.
// Note, this can be implemented as
// return getEncryptionStatus() != DevicePolicyManager.ENCRYPTION_STATUS_UNSUPPORTED;
// But is provided as a separate internal method if there's a faster way to do a
// simple check for supported-or-not.
return getEncryptionStatus() != DevicePolicyManager.ENCRYPTION_STATUS_UNSUPPORTED;
|
| private boolean | isExtStorageEncrypted()
String state = SystemProperties.get("vold.decrypt");
return !"".equals(state);
|
| public boolean | isLockTaskPermitted(java.lang.String pkg)This function lets the caller know whether the given package is allowed to start the
lock task mode.
// Get current user's devicepolicy
int uid = Binder.getCallingUid();
int userHandle = UserHandle.getUserId(uid);
DevicePolicyData policy = getUserData(userHandle);
synchronized (this) {
for (int i = 0; i < policy.mLockTaskPackages.size(); i++) {
String lockTaskPackage = policy.mLockTaskPackages.get(i);
// If the given package equals one of the packages stored our list,
// we allow this package to start lock task mode.
if (lockTaskPackage.equals(pkg)) {
return true;
}
}
}
return false;
|
| private boolean | isManagedProfile(int userHandle)
long ident = Binder.clearCallingIdentity();
try {
return mUserManager.getUserInfo(userHandle).isManagedProfile();
} finally {
Binder.restoreCallingIdentity(ident);
}
|
| public boolean | isMasterVolumeMuted(android.content.ComponentName who)
final ContentResolver contentResolver = mContext.getContentResolver();
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
AudioManager audioManager =
(AudioManager) mContext.getSystemService(Context.AUDIO_SERVICE);
return audioManager.isMasterMute();
}
|
| public boolean | isRemovingAdmin(android.content.ComponentName adminReceiver, int userHandle)
if (!mHasFeature) {
return false;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
DevicePolicyData policyData = getUserData(userHandle);
return policyData.mRemovingAdmins.contains(adminReceiver);
}
|
| private boolean | isSystemApp(android.content.pm.IPackageManager pm, java.lang.String packageName, int userId)
ApplicationInfo appInfo = pm.getApplicationInfo(packageName, GET_UNINSTALLED_PACKAGES,
userId);
return (appInfo.flags & ApplicationInfo.FLAG_SYSTEM) > 0;
|
| public boolean | isUninstallBlocked(android.content.ComponentName who, java.lang.String packageName)
// This function should return true if and only if the package is blocked by
// setUninstallBlocked(). It should still return false for other cases of blocks, such as
// when the package is a system app, or when it is an active device admin.
final int userId = UserHandle.getCallingUserId();
synchronized (this) {
if (who != null) {
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
}
long id = Binder.clearCallingIdentity();
try {
IPackageManager pm = AppGlobals.getPackageManager();
return pm.getBlockUninstallForUser(packageName, userId);
} catch (RemoteException re) {
// Shouldn't happen.
Slog.e(LOG_TAG, "Failed to getBlockUninstallForUser", re);
} finally {
restoreCallingIdentity(id);
}
}
return false;
|
| void | loadDeviceOwner()
synchronized (this) {
mDeviceOwner = DeviceOwner.load();
}
|
| private void | loadSettingsLocked(com.android.server.devicepolicy.DevicePolicyManagerService$DevicePolicyData policy, int userHandle)
JournaledFile journal = makeJournaledFile(userHandle);
FileInputStream stream = null;
File file = journal.chooseForRead();
try {
stream = new FileInputStream(file);
XmlPullParser parser = Xml.newPullParser();
parser.setInput(stream, null);
int type;
while ((type=parser.next()) != XmlPullParser.END_DOCUMENT
&& type != XmlPullParser.START_TAG) {
}
String tag = parser.getName();
if (!"policies".equals(tag)) {
throw new XmlPullParserException(
"Settings do not start with policies tag: found " + tag);
}
// Extract the permission provider component name if available
String permissionProvider = parser.getAttributeValue(null, ATTR_PERMISSION_PROVIDER);
if (permissionProvider != null) {
policy.mRestrictionsProvider = ComponentName.unflattenFromString(permissionProvider);
}
String userSetupComplete = parser.getAttributeValue(null, ATTR_SETUP_COMPLETE);
if (userSetupComplete != null && Boolean.toString(true).equals(userSetupComplete)) {
policy.mUserSetupComplete = true;
}
type = parser.next();
int outerDepth = parser.getDepth();
policy.mLockTaskPackages.clear();
policy.mAdminList.clear();
policy.mAdminMap.clear();
while ((type=parser.next()) != XmlPullParser.END_DOCUMENT
&& (type != XmlPullParser.END_TAG || parser.getDepth() > outerDepth)) {
if (type == XmlPullParser.END_TAG || type == XmlPullParser.TEXT) {
continue;
}
tag = parser.getName();
if ("admin".equals(tag)) {
String name = parser.getAttributeValue(null, "name");
try {
DeviceAdminInfo dai = findAdmin(
ComponentName.unflattenFromString(name), userHandle);
if (DBG && (UserHandle.getUserId(dai.getActivityInfo().applicationInfo.uid)
!= userHandle)) {
Slog.w(LOG_TAG, "findAdmin returned an incorrect uid "
+ dai.getActivityInfo().applicationInfo.uid + " for user "
+ userHandle);
}
if (dai != null) {
ActiveAdmin ap = new ActiveAdmin(dai);
ap.readFromXml(parser);
policy.mAdminMap.put(ap.info.getComponent(), ap);
}
} catch (RuntimeException e) {
Slog.w(LOG_TAG, "Failed loading admin " + name, e);
}
} else if ("failed-password-attempts".equals(tag)) {
policy.mFailedPasswordAttempts = Integer.parseInt(
parser.getAttributeValue(null, "value"));
XmlUtils.skipCurrentTag(parser);
} else if ("password-owner".equals(tag)) {
policy.mPasswordOwner = Integer.parseInt(
parser.getAttributeValue(null, "value"));
XmlUtils.skipCurrentTag(parser);
} else if ("active-password".equals(tag)) {
policy.mActivePasswordQuality = Integer.parseInt(
parser.getAttributeValue(null, "quality"));
policy.mActivePasswordLength = Integer.parseInt(
parser.getAttributeValue(null, "length"));
policy.mActivePasswordUpperCase = Integer.parseInt(
parser.getAttributeValue(null, "uppercase"));
policy.mActivePasswordLowerCase = Integer.parseInt(
parser.getAttributeValue(null, "lowercase"));
policy.mActivePasswordLetters = Integer.parseInt(
parser.getAttributeValue(null, "letters"));
policy.mActivePasswordNumeric = Integer.parseInt(
parser.getAttributeValue(null, "numeric"));
policy.mActivePasswordSymbols = Integer.parseInt(
parser.getAttributeValue(null, "symbols"));
policy.mActivePasswordNonLetter = Integer.parseInt(
parser.getAttributeValue(null, "nonletter"));
XmlUtils.skipCurrentTag(parser);
} else if (LOCK_TASK_COMPONENTS_XML.equals(tag)) {
policy.mLockTaskPackages.add(parser.getAttributeValue(null, "name"));
XmlUtils.skipCurrentTag(parser);
} else {
Slog.w(LOG_TAG, "Unknown tag: " + tag);
XmlUtils.skipCurrentTag(parser);
}
}
} catch (NullPointerException e) {
Slog.w(LOG_TAG, "failed parsing " + file + " " + e);
} catch (NumberFormatException e) {
Slog.w(LOG_TAG, "failed parsing " + file + " " + e);
} catch (XmlPullParserException e) {
Slog.w(LOG_TAG, "failed parsing " + file + " " + e);
} catch (FileNotFoundException e) {
// Don't be noisy, this is normal if we haven't defined any policies.
} catch (IOException e) {
Slog.w(LOG_TAG, "failed parsing " + file + " " + e);
} catch (IndexOutOfBoundsException e) {
Slog.w(LOG_TAG, "failed parsing " + file + " " + e);
}
try {
if (stream != null) {
stream.close();
}
} catch (IOException e) {
// Ignore
}
// Generate a list of admins from the admin map
policy.mAdminList.addAll(policy.mAdminMap.values());
// Validate that what we stored for the password quality matches
// sufficiently what is currently set. Note that this is only
// a sanity check in case the two get out of sync; this should
// never normally happen.
LockPatternUtils utils = new LockPatternUtils(mContext);
if (utils.getActivePasswordQuality() < policy.mActivePasswordQuality) {
Slog.w(LOG_TAG, "Active password quality 0x"
+ Integer.toHexString(policy.mActivePasswordQuality)
+ " does not match actual quality 0x"
+ Integer.toHexString(utils.getActivePasswordQuality()));
policy.mActivePasswordQuality = DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED;
policy.mActivePasswordLength = 0;
policy.mActivePasswordUpperCase = 0;
policy.mActivePasswordLowerCase = 0;
policy.mActivePasswordLetters = 0;
policy.mActivePasswordNumeric = 0;
policy.mActivePasswordSymbols = 0;
policy.mActivePasswordNonLetter = 0;
}
validatePasswordOwnerLocked(policy);
syncDeviceCapabilitiesLocked(policy);
updateMaximumTimeToLockLocked(policy);
|
| public void | lockNow()
if (!mHasFeature) {
return;
}
synchronized (this) {
// This API can only be called by an active device admin,
// so try to retrieve it to check that the caller is one.
getActiveAdminForCallerLocked(null,
DeviceAdminInfo.USES_POLICY_FORCE_LOCK);
lockNowUnchecked();
}
|
| private void | lockNowUnchecked()
long ident = Binder.clearCallingIdentity();
try {
// Power off the display
mPowerManager.goToSleep(SystemClock.uptimeMillis(),
PowerManager.GO_TO_SLEEP_REASON_DEVICE_ADMIN, 0);
// Ensure the device is locked
new LockPatternUtils(mContext).requireCredentialEntry(UserHandle.USER_ALL);
getWindowManager().lockNow(null);
} catch (RemoteException e) {
} finally {
Binder.restoreCallingIdentity(ident);
}
|
| private static com.android.internal.util.JournaledFile | makeJournaledFile(int userHandle)
final String base = userHandle == 0
? "/data/system/" + DEVICE_POLICIES_XML
: new File(Environment.getUserSystemDirectory(userHandle), DEVICE_POLICIES_XML)
.getAbsolutePath();
return new JournaledFile(new File(base), new File(base + ".tmp"));
|
| public void | notifyLockTaskModeChanged(boolean isEnabled, java.lang.String pkg, int userHandle)
if (Binder.getCallingUid() != Process.SYSTEM_UID) {
throw new SecurityException("notifyLockTaskModeChanged can only be called by system");
}
synchronized (this) {
final DevicePolicyData policy = getUserData(userHandle);
Bundle adminExtras = new Bundle();
adminExtras.putString(DeviceAdminReceiver.EXTRA_LOCK_TASK_PACKAGE, pkg);
for (ActiveAdmin admin : policy.mAdminList) {
boolean ownsDevice = isDeviceOwner(admin.info.getPackageName());
boolean ownsProfile = (getProfileOwner(userHandle) != null
&& getProfileOwner(userHandle).equals(admin.info.getPackageName()));
if (ownsDevice || ownsProfile) {
if (isEnabled) {
sendAdminCommandLocked(admin, DeviceAdminReceiver.ACTION_LOCK_TASK_ENTERING,
adminExtras, null);
} else {
sendAdminCommandLocked(admin, DeviceAdminReceiver.ACTION_LOCK_TASK_EXITING);
}
}
}
}
|
| public boolean | packageHasActiveAdmins(java.lang.String packageName, int userHandle)
if (!mHasFeature) {
return false;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
DevicePolicyData policy = getUserData(userHandle);
final int N = policy.mAdminList.size();
for (int i=0; i<N; i++) {
if (policy.mAdminList.get(i).info.getPackageName().equals(packageName)) {
return true;
}
}
return false;
}
|
| private static java.security.cert.X509Certificate | parseCert(byte[] certBuffer)
CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
return (X509Certificate) certFactory.generateCertificate(new ByteArrayInputStream(
certBuffer));
|
| public void | removeActiveAdmin(android.content.ComponentName adminReceiver, int userHandle)
if (!mHasFeature) {
return;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
ActiveAdmin admin = getActiveAdminUncheckedLocked(adminReceiver, userHandle);
if (admin == null) {
return;
}
if (admin.getUid() != Binder.getCallingUid()) {
// If trying to remove device owner, refuse when the caller is not the owner.
if (isDeviceOwner(adminReceiver.getPackageName())) {
return;
}
mContext.enforceCallingOrSelfPermission(
android.Manifest.permission.MANAGE_DEVICE_ADMINS, null);
}
long ident = Binder.clearCallingIdentity();
try {
removeActiveAdminLocked(adminReceiver, userHandle);
} finally {
Binder.restoreCallingIdentity(ident);
}
}
|
| void | removeActiveAdminLocked(android.content.ComponentName adminReceiver, int userHandle)
final ActiveAdmin admin = getActiveAdminUncheckedLocked(adminReceiver, userHandle);
if (admin != null) {
synchronized (this) {
getUserData(userHandle).mRemovingAdmins.add(adminReceiver);
}
sendAdminCommandLocked(admin,
DeviceAdminReceiver.ACTION_DEVICE_ADMIN_DISABLED,
new BroadcastReceiver() {
@Override
public void onReceive(Context context, Intent intent) {
synchronized (DevicePolicyManagerService.this) {
int userHandle = admin.getUserHandle().getIdentifier();
DevicePolicyData policy = getUserData(userHandle);
boolean doProxyCleanup = admin.info.usesPolicy(
DeviceAdminInfo.USES_POLICY_SETS_GLOBAL_PROXY);
policy.mAdminList.remove(admin);
policy.mAdminMap.remove(adminReceiver);
validatePasswordOwnerLocked(policy);
syncDeviceCapabilitiesLocked(policy);
if (doProxyCleanup) {
resetGlobalProxyLocked(getUserData(userHandle));
}
saveSettingsLocked(userHandle);
updateMaximumTimeToLockLocked(policy);
policy.mRemovingAdmins.remove(adminReceiver);
}
}
});
}
|
| public boolean | removeCrossProfileWidgetProvider(android.content.ComponentName admin, java.lang.String packageName)
final int userId = UserHandle.getCallingUserId();
List<String> changedProviders = null;
synchronized (this) {
ActiveAdmin activeAdmin = getActiveAdminForCallerLocked(admin,
DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
if (activeAdmin.crossProfileWidgetProviders == null) {
return false;
}
List<String> providers = activeAdmin.crossProfileWidgetProviders;
if (providers.remove(packageName)) {
changedProviders = new ArrayList<>(providers);
saveSettingsLocked(userId);
}
}
if (changedProviders != null) {
mLocalService.notifyCrossProfileProvidersChanged(userId, changedProviders);
return true;
}
return false;
|
| public boolean | removeUser(android.content.ComponentName who, android.os.UserHandle userHandle)
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_DEVICE_OWNER);
long id = Binder.clearCallingIdentity();
try {
return mUserManager.removeUser(userHandle.getIdentifier());
} finally {
restoreCallingIdentity(id);
}
}
|
| void | removeUserData(int userHandle)
synchronized (this) {
if (userHandle == UserHandle.USER_OWNER) {
Slog.w(LOG_TAG, "Tried to remove device policy file for user 0! Ignoring.");
return;
}
if (mDeviceOwner != null) {
mDeviceOwner.removeProfileOwner(userHandle);
mDeviceOwner.writeOwnerFile();
}
DevicePolicyData policy = mUserData.get(userHandle);
if (policy != null) {
mUserData.remove(userHandle);
}
File policyFile = new File(Environment.getUserSystemDirectory(userHandle),
DEVICE_POLICIES_XML);
policyFile.delete();
Slog.i(LOG_TAG, "Removed device policy file " + policyFile.getAbsolutePath());
}
updateScreenCaptureDisabledInWindowManager(userHandle, false /* default value */);
|
| public void | reportFailedPasswordAttempt(int userHandle)
enforceCrossUserPermission(userHandle);
enforceNotManagedProfile(userHandle, "report failed password attempt");
mContext.enforceCallingOrSelfPermission(
android.Manifest.permission.BIND_DEVICE_ADMIN, null);
long ident = Binder.clearCallingIdentity();
try {
boolean wipeData = false;
int identifier = 0;
synchronized (this) {
DevicePolicyData policy = getUserData(userHandle);
policy.mFailedPasswordAttempts++;
saveSettingsLocked(userHandle);
if (mHasFeature) {
ActiveAdmin strictestAdmin =
getAdminWithMinimumFailedPasswordsForWipeLocked(userHandle);
int max = strictestAdmin != null
? strictestAdmin.maximumFailedPasswordsForWipe : 0;
if (max > 0 && policy.mFailedPasswordAttempts >= max) {
// Wipe the user/profile associated with the policy that was violated. This
// is not necessarily calling user: if the policy that fired was from a
// managed profile rather than the main user profile, we wipe former only.
wipeData = true;
identifier = strictestAdmin.getUserHandle().getIdentifier();
}
sendAdminCommandToSelfAndProfilesLocked(
DeviceAdminReceiver.ACTION_PASSWORD_FAILED,
DeviceAdminInfo.USES_POLICY_WATCH_LOGIN, userHandle);
}
}
if (wipeData) {
// Call without holding lock.
wipeDeviceOrUserLocked(false, identifier,
"reportFailedPasswordAttempt()");
}
} finally {
Binder.restoreCallingIdentity(ident);
}
|
| public void | reportSuccessfulPasswordAttempt(int userHandle)
enforceCrossUserPermission(userHandle);
mContext.enforceCallingOrSelfPermission(
android.Manifest.permission.BIND_DEVICE_ADMIN, null);
synchronized (this) {
DevicePolicyData policy = getUserData(userHandle);
if (policy.mFailedPasswordAttempts != 0 || policy.mPasswordOwner >= 0) {
long ident = Binder.clearCallingIdentity();
try {
policy.mFailedPasswordAttempts = 0;
policy.mPasswordOwner = -1;
saveSettingsLocked(userHandle);
if (mHasFeature) {
sendAdminCommandToSelfAndProfilesLocked(
DeviceAdminReceiver.ACTION_PASSWORD_SUCCEEDED,
DeviceAdminInfo.USES_POLICY_WATCH_LOGIN, userHandle);
}
} finally {
Binder.restoreCallingIdentity(ident);
}
}
}
|
| private void | resetGlobalProxyLocked(com.android.server.devicepolicy.DevicePolicyManagerService$DevicePolicyData policy)
final int N = policy.mAdminList.size();
for (int i = 0; i < N; i++) {
ActiveAdmin ap = policy.mAdminList.get(i);
if (ap.specifiesGlobalProxy) {
saveGlobalProxyLocked(ap.globalProxySpec, ap.globalProxyExclusionList);
return;
}
}
// No device admins defining global proxies - reset global proxy settings to none
saveGlobalProxyLocked(null, null);
|
| public boolean | resetPassword(java.lang.String passwordOrNull, int flags, int userHandle)
if (!mHasFeature) {
return false;
}
enforceCrossUserPermission(userHandle);
enforceNotManagedProfile(userHandle, "reset the password");
String password = passwordOrNull != null ? passwordOrNull : "";
int quality;
synchronized (this) {
// This api can only be called by an active device admin,
// so try to retrieve it to check that the caller is one.
getActiveAdminForCallerLocked(null,
DeviceAdminInfo.USES_POLICY_RESET_PASSWORD);
quality = getPasswordQuality(null, userHandle);
if (quality != DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) {
int realQuality = LockPatternUtils.computePasswordQuality(password);
if (realQuality < quality
&& quality != DevicePolicyManager.PASSWORD_QUALITY_COMPLEX) {
Slog.w(LOG_TAG, "resetPassword: password quality 0x"
+ Integer.toHexString(realQuality)
+ " does not meet required quality 0x"
+ Integer.toHexString(quality));
return false;
}
quality = Math.max(realQuality, quality);
}
int length = getPasswordMinimumLength(null, userHandle);
if (password.length() < length) {
Slog.w(LOG_TAG, "resetPassword: password length " + password.length()
+ " does not meet required length " + length);
return false;
}
if (quality == DevicePolicyManager.PASSWORD_QUALITY_COMPLEX) {
int letters = 0;
int uppercase = 0;
int lowercase = 0;
int numbers = 0;
int symbols = 0;
int nonletter = 0;
for (int i = 0; i < password.length(); i++) {
char c = password.charAt(i);
if (c >= 'A" && c <= 'Z") {
letters++;
uppercase++;
} else if (c >= 'a" && c <= 'z") {
letters++;
lowercase++;
} else if (c >= '0" && c <= '9") {
numbers++;
nonletter++;
} else {
symbols++;
nonletter++;
}
}
int neededLetters = getPasswordMinimumLetters(null, userHandle);
if(letters < neededLetters) {
Slog.w(LOG_TAG, "resetPassword: number of letters " + letters
+ " does not meet required number of letters " + neededLetters);
return false;
}
int neededNumbers = getPasswordMinimumNumeric(null, userHandle);
if (numbers < neededNumbers) {
Slog.w(LOG_TAG, "resetPassword: number of numerical digits " + numbers
+ " does not meet required number of numerical digits "
+ neededNumbers);
return false;
}
int neededLowerCase = getPasswordMinimumLowerCase(null, userHandle);
if (lowercase < neededLowerCase) {
Slog.w(LOG_TAG, "resetPassword: number of lowercase letters " + lowercase
+ " does not meet required number of lowercase letters "
+ neededLowerCase);
return false;
}
int neededUpperCase = getPasswordMinimumUpperCase(null, userHandle);
if (uppercase < neededUpperCase) {
Slog.w(LOG_TAG, "resetPassword: number of uppercase letters " + uppercase
+ " does not meet required number of uppercase letters "
+ neededUpperCase);
return false;
}
int neededSymbols = getPasswordMinimumSymbols(null, userHandle);
if (symbols < neededSymbols) {
Slog.w(LOG_TAG, "resetPassword: number of special symbols " + symbols
+ " does not meet required number of special symbols " + neededSymbols);
return false;
}
int neededNonLetter = getPasswordMinimumNonLetter(null, userHandle);
if (nonletter < neededNonLetter) {
Slog.w(LOG_TAG, "resetPassword: number of non-letter characters " + nonletter
+ " does not meet required number of non-letter characters "
+ neededNonLetter);
return false;
}
}
}
int callingUid = Binder.getCallingUid();
DevicePolicyData policy = getUserData(userHandle);
if (policy.mPasswordOwner >= 0 && policy.mPasswordOwner != callingUid) {
Slog.w(LOG_TAG, "resetPassword: already set by another uid and not entered by user");
return false;
}
// Don't do this with the lock held, because it is going to call
// back in to the service.
long ident = Binder.clearCallingIdentity();
try {
LockPatternUtils utils = new LockPatternUtils(mContext);
if (!TextUtils.isEmpty(password)) {
utils.saveLockPassword(password, quality, false, userHandle);
} else {
utils.clearLock(false, userHandle);
}
boolean requireEntry = (flags & DevicePolicyManager.RESET_PASSWORD_REQUIRE_ENTRY) != 0;
if (requireEntry) {
utils.requireCredentialEntry(UserHandle.USER_ALL);
}
synchronized (this) {
int newOwner = requireEntry ? callingUid : -1;
if (policy.mPasswordOwner != newOwner) {
policy.mPasswordOwner = newOwner;
saveSettingsLocked(userHandle);
}
}
} finally {
Binder.restoreCallingIdentity(ident);
}
return true;
|
| private void | saveGlobalProxyLocked(java.lang.String proxySpec, java.lang.String exclusionList)
if (exclusionList == null) {
exclusionList = "";
}
if (proxySpec == null) {
proxySpec = "";
}
// Remove white spaces
proxySpec = proxySpec.trim();
String data[] = proxySpec.split(":");
int proxyPort = 8080;
if (data.length > 1) {
try {
proxyPort = Integer.parseInt(data[1]);
} catch (NumberFormatException e) {}
}
exclusionList = exclusionList.trim();
ContentResolver res = mContext.getContentResolver();
ProxyInfo proxyProperties = new ProxyInfo(data[0], proxyPort, exclusionList);
if (!proxyProperties.isValid()) {
Slog.e(LOG_TAG, "Invalid proxy properties, ignoring: " + proxyProperties.toString());
return;
}
Settings.Global.putString(res, Settings.Global.GLOBAL_HTTP_PROXY_HOST, data[0]);
Settings.Global.putInt(res, Settings.Global.GLOBAL_HTTP_PROXY_PORT, proxyPort);
Settings.Global.putString(res, Settings.Global.GLOBAL_HTTP_PROXY_EXCLUSION_LIST,
exclusionList);
|
| private void | saveSettingsLocked(int userHandle)
DevicePolicyData policy = getUserData(userHandle);
JournaledFile journal = makeJournaledFile(userHandle);
FileOutputStream stream = null;
try {
stream = new FileOutputStream(journal.chooseForWrite(), false);
XmlSerializer out = new FastXmlSerializer();
out.setOutput(stream, "utf-8");
out.startDocument(null, true);
out.startTag(null, "policies");
if (policy.mRestrictionsProvider != null) {
out.attribute(null, ATTR_PERMISSION_PROVIDER,
policy.mRestrictionsProvider.flattenToString());
}
if (policy.mUserSetupComplete) {
out.attribute(null, ATTR_SETUP_COMPLETE,
Boolean.toString(true));
}
final int N = policy.mAdminList.size();
for (int i=0; i<N; i++) {
ActiveAdmin ap = policy.mAdminList.get(i);
if (ap != null) {
out.startTag(null, "admin");
out.attribute(null, "name", ap.info.getComponent().flattenToString());
ap.writeToXml(out);
out.endTag(null, "admin");
}
}
if (policy.mPasswordOwner >= 0) {
out.startTag(null, "password-owner");
out.attribute(null, "value", Integer.toString(policy.mPasswordOwner));
out.endTag(null, "password-owner");
}
if (policy.mFailedPasswordAttempts != 0) {
out.startTag(null, "failed-password-attempts");
out.attribute(null, "value", Integer.toString(policy.mFailedPasswordAttempts));
out.endTag(null, "failed-password-attempts");
}
if (policy.mActivePasswordQuality != 0 || policy.mActivePasswordLength != 0
|| policy.mActivePasswordUpperCase != 0 || policy.mActivePasswordLowerCase != 0
|| policy.mActivePasswordLetters != 0 || policy.mActivePasswordNumeric != 0
|| policy.mActivePasswordSymbols != 0 || policy.mActivePasswordNonLetter != 0) {
out.startTag(null, "active-password");
out.attribute(null, "quality", Integer.toString(policy.mActivePasswordQuality));
out.attribute(null, "length", Integer.toString(policy.mActivePasswordLength));
out.attribute(null, "uppercase", Integer.toString(policy.mActivePasswordUpperCase));
out.attribute(null, "lowercase", Integer.toString(policy.mActivePasswordLowerCase));
out.attribute(null, "letters", Integer.toString(policy.mActivePasswordLetters));
out.attribute(null, "numeric", Integer
.toString(policy.mActivePasswordNumeric));
out.attribute(null, "symbols", Integer.toString(policy.mActivePasswordSymbols));
out.attribute(null, "nonletter", Integer.toString(policy.mActivePasswordNonLetter));
out.endTag(null, "active-password");
}
for (int i=0; i<policy.mLockTaskPackages.size(); i++) {
String component = policy.mLockTaskPackages.get(i);
out.startTag(null, LOCK_TASK_COMPONENTS_XML);
out.attribute(null, "name", component);
out.endTag(null, LOCK_TASK_COMPONENTS_XML);
}
out.endTag(null, "policies");
out.endDocument();
stream.flush();
FileUtils.sync(stream);
stream.close();
journal.commit();
sendChangedNotification(userHandle);
} catch (IOException e) {
try {
if (stream != null) {
stream.close();
}
} catch (IOException ex) {
// Ignore
}
journal.rollback();
}
|
| void | sendAdminCommandLocked(com.android.server.devicepolicy.DevicePolicyManagerService$ActiveAdmin admin, java.lang.String action)
sendAdminCommandLocked(admin, action, null);
|
| void | sendAdminCommandLocked(com.android.server.devicepolicy.DevicePolicyManagerService$ActiveAdmin admin, java.lang.String action, android.content.BroadcastReceiver result)
sendAdminCommandLocked(admin, action, null, result);
|
| void | sendAdminCommandLocked(com.android.server.devicepolicy.DevicePolicyManagerService$ActiveAdmin admin, java.lang.String action, android.os.Bundle adminExtras, android.content.BroadcastReceiver result)Send an update to one specific admin, get notified when that admin returns a result.
Intent intent = new Intent(action);
intent.setComponent(admin.info.getComponent());
if (action.equals(DeviceAdminReceiver.ACTION_PASSWORD_EXPIRING)) {
intent.putExtra("expiration", admin.passwordExpirationDate);
}
if (adminExtras != null) {
intent.putExtras(adminExtras);
}
if (result != null) {
mContext.sendOrderedBroadcastAsUser(intent, admin.getUserHandle(),
null, result, mHandler, Activity.RESULT_OK, null, null);
} else {
mContext.sendBroadcastAsUser(intent, admin.getUserHandle());
}
|
| void | sendAdminCommandLocked(java.lang.String action, int reqPolicy, int userHandle)Send an update to all admins of a user that enforce a specified policy.
final DevicePolicyData policy = getUserData(userHandle);
final int count = policy.mAdminList.size();
if (count > 0) {
for (int i = 0; i < count; i++) {
final ActiveAdmin admin = policy.mAdminList.get(i);
if (admin.info.usesPolicy(reqPolicy)) {
sendAdminCommandLocked(admin, action);
}
}
}
|
| private void | sendAdminCommandToSelfAndProfilesLocked(java.lang.String action, int reqPolicy, int userHandle)Send an update intent to all admins of a user and its profiles. Only send to admins that
enforce a specified policy.
List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
for (UserInfo ui : profiles) {
int id = ui.id;
sendAdminCommandLocked(action, reqPolicy, id);
}
|
| private void | sendChangedNotification(int userHandle)
Intent intent = new Intent(DevicePolicyManager.ACTION_DEVICE_POLICY_MANAGER_STATE_CHANGED);
intent.setFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY);
long ident = Binder.clearCallingIdentity();
try {
mContext.sendBroadcastAsUser(intent, new UserHandle(userHandle));
} finally {
Binder.restoreCallingIdentity(ident);
}
|
| public void | setAccountManagementDisabled(android.content.ComponentName who, java.lang.String accountType, boolean disabled)
if (!mHasFeature) {
return;
}
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
ActiveAdmin ap = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
if (disabled) {
ap.accountTypesWithManagementDisabled.add(accountType);
} else {
ap.accountTypesWithManagementDisabled.remove(accountType);
}
saveSettingsLocked(UserHandle.getCallingUserId());
}
|
| public void | setActiveAdmin(android.content.ComponentName adminReceiver, boolean refreshing, int userHandle)
if (!mHasFeature) {
return;
}
setActiveAdmin(adminReceiver, refreshing, userHandle, null);
|
| private void | setActiveAdmin(android.content.ComponentName adminReceiver, boolean refreshing, int userHandle, android.os.Bundle onEnableData)
mContext.enforceCallingOrSelfPermission(
android.Manifest.permission.MANAGE_DEVICE_ADMINS, null);
enforceCrossUserPermission(userHandle);
DevicePolicyData policy = getUserData(userHandle);
DeviceAdminInfo info = findAdmin(adminReceiver, userHandle);
if (info == null) {
throw new IllegalArgumentException("Bad admin: " + adminReceiver);
}
synchronized (this) {
long ident = Binder.clearCallingIdentity();
try {
if (!refreshing
&& getActiveAdminUncheckedLocked(adminReceiver, userHandle) != null) {
throw new IllegalArgumentException("Admin is already added");
}
ActiveAdmin newAdmin = new ActiveAdmin(info);
policy.mAdminMap.put(adminReceiver, newAdmin);
int replaceIndex = -1;
final int N = policy.mAdminList.size();
for (int i=0; i < N; i++) {
ActiveAdmin oldAdmin = policy.mAdminList.get(i);
if (oldAdmin.info.getComponent().equals(adminReceiver)) {
replaceIndex = i;
break;
}
}
if (replaceIndex == -1) {
policy.mAdminList.add(newAdmin);
enableIfNecessary(info.getPackageName(), userHandle);
} else {
policy.mAdminList.set(replaceIndex, newAdmin);
}
saveSettingsLocked(userHandle);
sendAdminCommandLocked(newAdmin, DeviceAdminReceiver.ACTION_DEVICE_ADMIN_ENABLED,
onEnableData, null);
} finally {
Binder.restoreCallingIdentity(ident);
}
}
|
| public void | setActivePasswordState(int quality, int length, int letters, int uppercase, int lowercase, int numbers, int symbols, int nonletter, int userHandle)
if (!mHasFeature) {
return;
}
enforceCrossUserPermission(userHandle);
enforceNotManagedProfile(userHandle, "set the active password");
mContext.enforceCallingOrSelfPermission(
android.Manifest.permission.BIND_DEVICE_ADMIN, null);
DevicePolicyData p = getUserData(userHandle);
validateQualityConstant(quality);
synchronized (this) {
if (p.mActivePasswordQuality != quality || p.mActivePasswordLength != length
|| p.mFailedPasswordAttempts != 0 || p.mActivePasswordLetters != letters
|| p.mActivePasswordUpperCase != uppercase
|| p.mActivePasswordLowerCase != lowercase
|| p.mActivePasswordNumeric != numbers
|| p.mActivePasswordSymbols != symbols
|| p.mActivePasswordNonLetter != nonletter) {
long ident = Binder.clearCallingIdentity();
try {
p.mActivePasswordQuality = quality;
p.mActivePasswordLength = length;
p.mActivePasswordLetters = letters;
p.mActivePasswordLowerCase = lowercase;
p.mActivePasswordUpperCase = uppercase;
p.mActivePasswordNumeric = numbers;
p.mActivePasswordSymbols = symbols;
p.mActivePasswordNonLetter = nonletter;
p.mFailedPasswordAttempts = 0;
saveSettingsLocked(userHandle);
updatePasswordExpirationsLocked(userHandle);
setExpirationAlarmCheckLocked(mContext, p);
sendAdminCommandToSelfAndProfilesLocked(
DeviceAdminReceiver.ACTION_PASSWORD_CHANGED,
DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD, userHandle);
} finally {
Binder.restoreCallingIdentity(ident);
}
}
}
|
| public boolean | setApplicationHidden(android.content.ComponentName who, java.lang.String packageName, boolean hidden)
int callingUserId = UserHandle.getCallingUserId();
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
long id = Binder.clearCallingIdentity();
try {
IPackageManager pm = AppGlobals.getPackageManager();
return pm.setApplicationHiddenSettingAsUser(packageName, hidden, callingUserId);
} catch (RemoteException re) {
// shouldn't happen
Slog.e(LOG_TAG, "Failed to setApplicationHiddenSetting", re);
} finally {
restoreCallingIdentity(id);
}
return false;
}
|
| public void | setApplicationRestrictions(android.content.ComponentName who, java.lang.String packageName, android.os.Bundle settings)
final UserHandle userHandle = new UserHandle(UserHandle.getCallingUserId());
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
long id = Binder.clearCallingIdentity();
try {
mUserManager.setApplicationRestrictions(packageName, settings, userHandle);
} finally {
restoreCallingIdentity(id);
}
}
|
| public void | setAutoTimeRequired(android.content.ComponentName who, int userHandle, boolean required)Set whether auto time is required by the specified admin (must be device owner).
if (!mHasFeature) {
return;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
ActiveAdmin admin = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_DEVICE_OWNER);
if (admin.requireAutoTime != required) {
admin.requireAutoTime = required;
saveSettingsLocked(userHandle);
}
}
// Turn AUTO_TIME on in settings if it is required
if (required) {
long ident = Binder.clearCallingIdentity();
try {
Settings.Global.putInt(mContext.getContentResolver(),
Settings.Global.AUTO_TIME, 1 /* AUTO_TIME on */);
} finally {
Binder.restoreCallingIdentity(ident);
}
}
|
| public void | setCameraDisabled(android.content.ComponentName who, boolean disabled, int userHandle)Disables all device cameras according to the specified admin.
if (!mHasFeature) {
return;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
ActiveAdmin ap = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_DISABLE_CAMERA);
if (ap.disableCamera != disabled) {
ap.disableCamera = disabled;
saveSettingsLocked(userHandle);
}
syncDeviceCapabilitiesLocked(getUserData(userHandle));
}
|
| public void | setCrossProfileCallerIdDisabled(android.content.ComponentName who, boolean disabled)
if (!mHasFeature) {
return;
}
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
ActiveAdmin admin = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
if (admin.disableCallerId != disabled) {
admin.disableCallerId = disabled;
saveSettingsLocked(UserHandle.getCallingUserId());
}
}
|
| public boolean | setDeviceOwner(java.lang.String packageName, java.lang.String ownerName)
if (!mHasFeature) {
return false;
}
if (packageName == null
|| !DeviceOwner.isInstalled(packageName, mContext.getPackageManager())) {
throw new IllegalArgumentException("Invalid package name " + packageName
+ " for device owner");
}
synchronized (this) {
if (!allowedToSetDeviceOwnerOnDevice()) {
throw new IllegalStateException(
"Trying to set device owner but device is already provisioned.");
}
if (mDeviceOwner != null && mDeviceOwner.hasDeviceOwner()) {
throw new IllegalStateException(
"Trying to set device owner but device owner is already set.");
}
// Shutting down backup manager service permanently.
long ident = Binder.clearCallingIdentity();
try {
IBackupManager ibm = IBackupManager.Stub.asInterface(
ServiceManager.getService(Context.BACKUP_SERVICE));
ibm.setBackupServiceActive(UserHandle.USER_OWNER, false);
} catch (RemoteException e) {
throw new IllegalStateException("Failed deactivating backup service.", e);
} finally {
Binder.restoreCallingIdentity(ident);
}
if (mDeviceOwner == null) {
// Device owner is not set and does not exist, set it.
mDeviceOwner = DeviceOwner.createWithDeviceOwner(packageName, ownerName);
mDeviceOwner.writeOwnerFile();
return true;
} else {
// Device owner is not set but a profile owner exists, update Device owner state.
mDeviceOwner.setDeviceOwner(packageName, ownerName);
mDeviceOwner.writeOwnerFile();
return true;
}
}
|
| private void | setEncryptionRequested(boolean encrypt)Hook to low-levels: If needed, record the new admin setting for encryption.
|
| protected void | setExpirationAlarmCheckLocked(android.content.Context context, com.android.server.devicepolicy.DevicePolicyManagerService$DevicePolicyData policy)Set an alarm for an upcoming event - expiration warning, expiration, or post-expiration
reminders. Clears alarm if no expirations are configured.
final long expiration = getPasswordExpirationLocked(null, policy.mUserHandle);
final long now = System.currentTimeMillis();
final long timeToExpire = expiration - now;
final long alarmTime;
if (expiration == 0) {
// No expirations are currently configured: Cancel alarm.
alarmTime = 0;
} else if (timeToExpire <= 0) {
// The password has already expired: Repeat every 24 hours.
alarmTime = now + MS_PER_DAY;
} else {
// Selecting the next alarm time: Roll forward to the next 24 hour multiple before
// the expiration time.
long alarmInterval = timeToExpire % MS_PER_DAY;
if (alarmInterval == 0) {
alarmInterval = MS_PER_DAY;
}
alarmTime = now + alarmInterval;
}
long token = Binder.clearCallingIdentity();
try {
AlarmManager am = (AlarmManager) context.getSystemService(Context.ALARM_SERVICE);
PendingIntent pi = PendingIntent.getBroadcastAsUser(context, REQUEST_EXPIRE_PASSWORD,
new Intent(ACTION_EXPIRED_PASSWORD_NOTIFICATION),
PendingIntent.FLAG_ONE_SHOT | PendingIntent.FLAG_UPDATE_CURRENT,
new UserHandle(policy.mUserHandle));
am.cancel(pi);
if (alarmTime != 0) {
am.set(AlarmManager.RTC, alarmTime, pi);
}
} finally {
Binder.restoreCallingIdentity(token);
}
|
| public android.content.ComponentName | setGlobalProxy(android.content.ComponentName who, java.lang.String proxySpec, java.lang.String exclusionList, int userHandle)
if (!mHasFeature) {
return null;
}
enforceCrossUserPermission(userHandle);
synchronized(this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
// Only check if owner has set global proxy. We don't allow other users to set it.
DevicePolicyData policy = getUserData(UserHandle.USER_OWNER);
ActiveAdmin admin = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_SETS_GLOBAL_PROXY);
// Scan through active admins and find if anyone has already
// set the global proxy.
Set<ComponentName> compSet = policy.mAdminMap.keySet();
for (ComponentName component : compSet) {
ActiveAdmin ap = policy.mAdminMap.get(component);
if ((ap.specifiesGlobalProxy) && (!component.equals(who))) {
// Another admin already sets the global proxy
// Return it to the caller.
return component;
}
}
// If the user is not the owner, don't set the global proxy. Fail silently.
if (UserHandle.getCallingUserId() != UserHandle.USER_OWNER) {
Slog.w(LOG_TAG, "Only the owner is allowed to set the global proxy. User "
+ userHandle + " is not permitted.");
return null;
}
if (proxySpec == null) {
admin.specifiesGlobalProxy = false;
admin.globalProxySpec = null;
admin.globalProxyExclusionList = null;
} else {
admin.specifiesGlobalProxy = true;
admin.globalProxySpec = proxySpec;
admin.globalProxyExclusionList = exclusionList;
}
// Reset the global proxy accordingly
// Do this using system permissions, as apps cannot write to secure settings
long origId = Binder.clearCallingIdentity();
try {
resetGlobalProxyLocked(policy);
} finally {
Binder.restoreCallingIdentity(origId);
}
return null;
}
|
| public void | setGlobalSetting(android.content.ComponentName who, java.lang.String setting, java.lang.String value)
final ContentResolver contentResolver = mContext.getContentResolver();
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_DEVICE_OWNER);
if (!GLOBAL_SETTINGS_WHITELIST.contains(setting)) {
throw new SecurityException(String.format(
"Permission denial: device owners cannot update %1$s", setting));
}
long id = Binder.clearCallingIdentity();
try {
Settings.Global.putString(contentResolver, setting, value);
} finally {
restoreCallingIdentity(id);
}
}
|
| public void | setKeyguardDisabledFeatures(android.content.ComponentName who, int which, int userHandle)Selectively disable keyguard features.
if (!mHasFeature) {
return;
}
enforceCrossUserPermission(userHandle);
enforceNotManagedProfile(userHandle, "disable keyguard features");
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
ActiveAdmin ap = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_DISABLE_KEYGUARD_FEATURES);
if (ap.disabledKeyguardFeatures != which) {
ap.disabledKeyguardFeatures = which;
saveSettingsLocked(userHandle);
}
syncDeviceCapabilitiesLocked(getUserData(userHandle));
}
|
| public void | setLockTaskPackages(android.content.ComponentName who, java.lang.String[] packages)Sets which packages may enter lock task mode.
This function can only be called by the device owner.
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_DEVICE_OWNER);
int userHandle = Binder.getCallingUserHandle().getIdentifier();
DevicePolicyData policy = getUserData(userHandle);
policy.mLockTaskPackages.clear();
if (packages != null) {
for (int j = 0; j < packages.length; j++) {
String pkg = packages[j];
policy.mLockTaskPackages.add(pkg);
}
}
// Store the settings persistently.
saveSettingsLocked(userHandle);
}
|
| public void | setMasterVolumeMuted(android.content.ComponentName who, boolean on)
final ContentResolver contentResolver = mContext.getContentResolver();
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
IAudioService iAudioService = IAudioService.Stub.asInterface(
ServiceManager.getService(Context.AUDIO_SERVICE));
try{
iAudioService.setMasterMute(on, 0, who.getPackageName(), null);
} catch (RemoteException re) {
Slog.e(LOG_TAG, "Failed to setMasterMute", re);
}
}
|
| public void | setMaximumFailedPasswordsForWipe(android.content.ComponentName who, int num, int userHandle)
if (!mHasFeature) {
return;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
// This API can only be called by an active device admin,
// so try to retrieve it to check that the caller is one.
getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_WIPE_DATA);
ActiveAdmin ap = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_WATCH_LOGIN);
if (ap.maximumFailedPasswordsForWipe != num) {
ap.maximumFailedPasswordsForWipe = num;
saveSettingsLocked(userHandle);
}
}
|
| public void | setMaximumTimeToLock(android.content.ComponentName who, long timeMs, int userHandle)
if (!mHasFeature) {
return;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
ActiveAdmin ap = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_FORCE_LOCK);
if (ap.maximumTimeToUnlock != timeMs) {
ap.maximumTimeToUnlock = timeMs;
saveSettingsLocked(userHandle);
updateMaximumTimeToLockLocked(getUserData(userHandle));
}
}
|
| public void | setPasswordExpirationTimeout(android.content.ComponentName who, long timeout, int userHandle)
if (!mHasFeature) {
return;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
if (timeout < 0) {
throw new IllegalArgumentException("Timeout must be >= 0 ms");
}
ActiveAdmin ap = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_EXPIRE_PASSWORD);
// Calling this API automatically bumps the expiration date
final long expiration = timeout > 0L ? (timeout + System.currentTimeMillis()) : 0L;
ap.passwordExpirationDate = expiration;
ap.passwordExpirationTimeout = timeout;
if (timeout > 0L) {
Slog.w(LOG_TAG, "setPasswordExpiration(): password will expire on "
+ DateFormat.getDateTimeInstance(DateFormat.DEFAULT, DateFormat.DEFAULT)
.format(new Date(expiration)));
}
saveSettingsLocked(userHandle);
// in case this is the first one
setExpirationAlarmCheckLocked(mContext, getUserData(userHandle));
}
|
| public void | setPasswordHistoryLength(android.content.ComponentName who, int length, int userHandle)
if (!mHasFeature) {
return;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
ActiveAdmin ap = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD);
if (ap.passwordHistoryLength != length) {
ap.passwordHistoryLength = length;
saveSettingsLocked(userHandle);
}
}
|
| public void | setPasswordMinimumLength(android.content.ComponentName who, int length, int userHandle)
if (!mHasFeature) {
return;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
ActiveAdmin ap = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD);
if (ap.minimumPasswordLength != length) {
ap.minimumPasswordLength = length;
saveSettingsLocked(userHandle);
}
}
|
| public void | setPasswordMinimumLetters(android.content.ComponentName who, int length, int userHandle)
if (!mHasFeature) {
return;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
ActiveAdmin ap = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD);
if (ap.minimumPasswordLetters != length) {
ap.minimumPasswordLetters = length;
saveSettingsLocked(userHandle);
}
}
|
| public void | setPasswordMinimumLowerCase(android.content.ComponentName who, int length, int userHandle)
enforceCrossUserPermission(userHandle);
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
ActiveAdmin ap = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD);
if (ap.minimumPasswordLowerCase != length) {
ap.minimumPasswordLowerCase = length;
saveSettingsLocked(userHandle);
}
}
|
| public void | setPasswordMinimumNonLetter(android.content.ComponentName who, int length, int userHandle)
if (!mHasFeature) {
return;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
ActiveAdmin ap = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD);
if (ap.minimumPasswordNonLetter != length) {
ap.minimumPasswordNonLetter = length;
saveSettingsLocked(userHandle);
}
}
|
| public void | setPasswordMinimumNumeric(android.content.ComponentName who, int length, int userHandle)
if (!mHasFeature) {
return;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
ActiveAdmin ap = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD);
if (ap.minimumPasswordNumeric != length) {
ap.minimumPasswordNumeric = length;
saveSettingsLocked(userHandle);
}
}
|
| public void | setPasswordMinimumSymbols(android.content.ComponentName who, int length, int userHandle)
if (!mHasFeature) {
return;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
ActiveAdmin ap = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD);
if (ap.minimumPasswordSymbols != length) {
ap.minimumPasswordSymbols = length;
saveSettingsLocked(userHandle);
}
}
|
| public void | setPasswordMinimumUpperCase(android.content.ComponentName who, int length, int userHandle)
if (!mHasFeature) {
return;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
ActiveAdmin ap = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD);
if (ap.minimumPasswordUpperCase != length) {
ap.minimumPasswordUpperCase = length;
saveSettingsLocked(userHandle);
}
}
|
| public void | setPasswordQuality(android.content.ComponentName who, int quality, int userHandle)
if (!mHasFeature) {
return;
}
validateQualityConstant(quality);
enforceCrossUserPermission(userHandle);
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
ActiveAdmin ap = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD);
if (ap.passwordQuality != quality) {
ap.passwordQuality = quality;
saveSettingsLocked(userHandle);
}
}
|
| public boolean | setPermittedAccessibilityServices(android.content.ComponentName who, java.util.List packageList)
if (!mHasFeature) {
return false;
}
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
if (packageList != null) {
int userId = UserHandle.getCallingUserId();
List<AccessibilityServiceInfo> enabledServices = null;
long id = Binder.clearCallingIdentity();
try {
UserInfo user = mUserManager.getUserInfo(userId);
if (user.isManagedProfile()) {
userId = user.profileGroupId;
}
AccessibilityManager accessibilityManager = getAccessibilityManagerForUser(userId);
enabledServices = accessibilityManager.getEnabledAccessibilityServiceList(
AccessibilityServiceInfo.FEEDBACK_ALL_MASK);
} finally {
restoreCallingIdentity(id);
}
if (enabledServices != null) {
List<String> enabledPackages = new ArrayList<String>();
for (AccessibilityServiceInfo service : enabledServices) {
enabledPackages.add(service.getResolveInfo().serviceInfo.packageName);
}
if (!checkPackagesInPermittedListOrSystem(enabledPackages, packageList)) {
Slog.e(LOG_TAG, "Cannot set permitted accessibility services, "
+ "because it contains already enabled accesibility services.");
return false;
}
}
}
synchronized (this) {
ActiveAdmin admin = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
admin.permittedAccessiblityServices = packageList;
saveSettingsLocked(UserHandle.getCallingUserId());
}
return true;
|
| public boolean | setPermittedInputMethods(android.content.ComponentName who, java.util.List packageList)
if (!mHasFeature) {
return false;
}
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
// TODO When InputMethodManager supports per user calls remove
// this restriction.
if (!checkCallerIsCurrentUserOrProfile()) {
return false;
}
if (packageList != null) {
// InputMethodManager fetches input methods for current user.
// So this can only be set when calling user is the current user
// or parent is current user in case of managed profiles.
InputMethodManager inputMethodManager = (InputMethodManager) mContext
.getSystemService(Context.INPUT_METHOD_SERVICE);
List<InputMethodInfo> enabledImes = inputMethodManager.getEnabledInputMethodList();
if (enabledImes != null) {
List<String> enabledPackages = new ArrayList<String>();
for (InputMethodInfo ime : enabledImes) {
enabledPackages.add(ime.getPackageName());
}
if (!checkPackagesInPermittedListOrSystem(enabledPackages, packageList)) {
Slog.e(LOG_TAG, "Cannot set permitted input methods, "
+ "because it contains already enabled input method.");
return false;
}
}
}
synchronized (this) {
ActiveAdmin admin = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
admin.permittedInputMethods = packageList;
saveSettingsLocked(UserHandle.getCallingUserId());
}
return true;
|
| public void | setProfileEnabled(android.content.ComponentName who)
if (!mHasFeature) {
return;
}
final int userHandle = UserHandle.getCallingUserId();
synchronized (this) {
// Check for permissions
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
// Check if this is the profile owner who is calling
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
int userId = UserHandle.getCallingUserId();
long id = Binder.clearCallingIdentity();
try {
mUserManager.setUserEnabled(userId);
Intent intent = new Intent(Intent.ACTION_MANAGED_PROFILE_ADDED);
intent.putExtra(Intent.EXTRA_USER, new UserHandle(userHandle));
intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY |
Intent.FLAG_RECEIVER_FOREGROUND);
// TODO This should send to parent of profile (which is always owner at the moment).
mContext.sendBroadcastAsUser(intent, UserHandle.OWNER);
} finally {
restoreCallingIdentity(id);
}
}
|
| public void | setProfileName(android.content.ComponentName who, java.lang.String profileName)
int userId = UserHandle.getCallingUserId();
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
// Check if this is the profile owner (includes device owner).
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
long id = Binder.clearCallingIdentity();
try {
mUserManager.setUserName(userId, profileName);
} finally {
restoreCallingIdentity(id);
}
|
| public boolean | setProfileOwner(android.content.ComponentName who, java.lang.String ownerName, int userHandle)
if (!mHasFeature) {
return false;
}
mContext.enforceCallingOrSelfPermission(android.Manifest.permission.MANAGE_USERS, null);
UserInfo info = mUserManager.getUserInfo(userHandle);
if (info == null) {
// User doesn't exist.
throw new IllegalArgumentException(
"Attempted to set profile owner for invalid userId: " + userHandle);
}
if (info.isGuest()) {
throw new IllegalStateException("Cannot set a profile owner on a guest");
}
if (who == null
|| !DeviceOwner.isInstalledForUser(who.getPackageName(), userHandle)) {
throw new IllegalArgumentException("Component " + who
+ " not installed for userId:" + userHandle);
}
synchronized (this) {
// Only SYSTEM_UID can override the userSetupComplete
if (UserHandle.getAppId(Binder.getCallingUid()) != Process.SYSTEM_UID
&& hasUserSetupCompleted(userHandle)) {
throw new IllegalStateException(
"Trying to set profile owner but user is already set-up.");
}
if (mDeviceOwner == null) {
// Device owner state does not exist, create it.
mDeviceOwner = DeviceOwner.createWithProfileOwner(who, ownerName,
userHandle);
mDeviceOwner.writeOwnerFile();
return true;
} else {
// Device owner already exists, update it.
mDeviceOwner.setProfileOwner(who, ownerName, userHandle);
mDeviceOwner.writeOwnerFile();
return true;
}
}
|
| public void | setRecommendedGlobalProxy(android.content.ComponentName who, android.net.ProxyInfo proxyInfo)
synchronized (this) {
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_DEVICE_OWNER);
}
long token = Binder.clearCallingIdentity();
try {
ConnectivityManager connectivityManager = (ConnectivityManager)
mContext.getSystemService(Context.CONNECTIVITY_SERVICE);
connectivityManager.setGlobalProxy(proxyInfo);
} finally {
Binder.restoreCallingIdentity(token);
}
|
| public void | setRestrictionsProvider(android.content.ComponentName who, android.content.ComponentName permissionProvider)
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
int userHandle = UserHandle.getCallingUserId();
DevicePolicyData userData = getUserData(userHandle);
userData.mRestrictionsProvider = permissionProvider;
saveSettingsLocked(userHandle);
}
|
| public void | setScreenCaptureDisabled(android.content.ComponentName who, int userHandle, boolean disabled)Set whether the screen capture is disabled for the user managed by the specified admin.
if (!mHasFeature) {
return;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
ActiveAdmin ap = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
if (ap.disableScreenCapture != disabled) {
ap.disableScreenCapture = disabled;
saveSettingsLocked(userHandle);
updateScreenCaptureDisabledInWindowManager(userHandle, disabled);
}
}
|
| public void | setSecureSetting(android.content.ComponentName who, java.lang.String setting, java.lang.String value)
int callingUserId = UserHandle.getCallingUserId();
final ContentResolver contentResolver = mContext.getContentResolver();
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
ActiveAdmin activeAdmin =
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
if (isDeviceOwner(activeAdmin.info.getPackageName())) {
if (!SECURE_SETTINGS_DEVICEOWNER_WHITELIST.contains(setting)) {
throw new SecurityException(String.format(
"Permission denial: Device owners cannot update %1$s", setting));
}
} else if (!SECURE_SETTINGS_WHITELIST.contains(setting)) {
throw new SecurityException(String.format(
"Permission denial: Profile owners cannot update %1$s", setting));
}
long id = Binder.clearCallingIdentity();
try {
Settings.Secure.putStringForUser(contentResolver, setting, value, callingUserId);
} finally {
restoreCallingIdentity(id);
}
}
|
| public int | setStorageEncryption(android.content.ComponentName who, boolean encrypt, int userHandle)Set the storage encryption request for a single admin. Returns the new total request
status (for all admins).
if (!mHasFeature) {
return DevicePolicyManager.ENCRYPTION_STATUS_UNSUPPORTED;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
// Check for permissions
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
// Only owner can set storage encryption
if (userHandle != UserHandle.USER_OWNER
|| UserHandle.getCallingUserId() != UserHandle.USER_OWNER) {
Slog.w(LOG_TAG, "Only owner is allowed to set storage encryption. User "
+ UserHandle.getCallingUserId() + " is not permitted.");
return 0;
}
ActiveAdmin ap = getActiveAdminForCallerLocked(who,
DeviceAdminInfo.USES_ENCRYPTED_STORAGE);
// Quick exit: If the filesystem does not support encryption, we can exit early.
if (!isEncryptionSupported()) {
return DevicePolicyManager.ENCRYPTION_STATUS_UNSUPPORTED;
}
// (1) Record the value for the admin so it's sticky
if (ap.encryptionRequested != encrypt) {
ap.encryptionRequested = encrypt;
saveSettingsLocked(userHandle);
}
DevicePolicyData policy = getUserData(UserHandle.USER_OWNER);
// (2) Compute "max" for all admins
boolean newRequested = false;
final int N = policy.mAdminList.size();
for (int i = 0; i < N; i++) {
newRequested |= policy.mAdminList.get(i).encryptionRequested;
}
// Notify OS of new request
setEncryptionRequested(newRequested);
// Return the new global request status
return newRequested
? DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE
: DevicePolicyManager.ENCRYPTION_STATUS_INACTIVE;
}
|
| public void | setTrustAgentConfiguration(android.content.ComponentName admin, android.content.ComponentName agent, android.os.PersistableBundle args, int userHandle)
if (!mHasFeature) {
return;
}
enforceCrossUserPermission(userHandle);
enforceNotManagedProfile(userHandle, "set trust agent configuration");
synchronized (this) {
if (admin == null) {
throw new NullPointerException("admin is null");
}
if (agent == null) {
throw new NullPointerException("agent is null");
}
ActiveAdmin ap = getActiveAdminForCallerLocked(admin,
DeviceAdminInfo.USES_POLICY_DISABLE_KEYGUARD_FEATURES);
ap.trustAgentInfos.put(agent.flattenToString(), new TrustAgentInfo(args));
saveSettingsLocked(userHandle);
syncDeviceCapabilitiesLocked(getUserData(userHandle));
}
|
| public void | setUninstallBlocked(android.content.ComponentName who, java.lang.String packageName, boolean uninstallBlocked)
final int userId = UserHandle.getCallingUserId();
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
long id = Binder.clearCallingIdentity();
try {
IPackageManager pm = AppGlobals.getPackageManager();
pm.setBlockUninstallForUser(packageName, uninstallBlocked, userId);
} catch (RemoteException re) {
// Shouldn't happen.
Slog.e(LOG_TAG, "Failed to setBlockUninstallForUser", re);
} finally {
restoreCallingIdentity(id);
}
}
|
| public void | setUserRestriction(android.content.ComponentName who, java.lang.String key, boolean enabled)
final UserHandle user = new UserHandle(UserHandle.getCallingUserId());
final int userHandle = user.getIdentifier();
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
ActiveAdmin activeAdmin =
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
boolean isDeviceOwner = isDeviceOwner(activeAdmin.info.getPackageName());
if (!isDeviceOwner && userHandle != UserHandle.USER_OWNER
&& DEVICE_OWNER_USER_RESTRICTIONS.contains(key)) {
throw new SecurityException("Profile owners cannot set user restriction " + key);
}
boolean alreadyRestricted = mUserManager.hasUserRestriction(key, user);
IAudioService iAudioService = null;
if (UserManager.DISALLOW_UNMUTE_MICROPHONE.equals(key)
|| UserManager.DISALLOW_ADJUST_VOLUME.equals(key)) {
iAudioService = IAudioService.Stub.asInterface(
ServiceManager.getService(Context.AUDIO_SERVICE));
}
if (enabled && !alreadyRestricted) {
try {
if (UserManager.DISALLOW_UNMUTE_MICROPHONE.equals(key)) {
iAudioService.setMicrophoneMute(true, who.getPackageName());
} else if (UserManager.DISALLOW_ADJUST_VOLUME.equals(key)) {
iAudioService.setMasterMute(true, 0, who.getPackageName(), null);
}
} catch (RemoteException re) {
Slog.e(LOG_TAG, "Failed to talk to AudioService.", re);
}
}
long id = Binder.clearCallingIdentity();
try {
if (enabled && !alreadyRestricted) {
if (UserManager.DISALLOW_CONFIG_WIFI.equals(key)) {
Settings.Secure.putIntForUser(mContext.getContentResolver(),
Settings.Secure.WIFI_NETWORKS_AVAILABLE_NOTIFICATION_ON, 0,
userHandle);
} else if (UserManager.DISALLOW_USB_FILE_TRANSFER.equals(key)) {
UsbManager manager =
(UsbManager) mContext.getSystemService(Context.USB_SERVICE);
manager.setCurrentFunction("none", false);
} else if (UserManager.DISALLOW_SHARE_LOCATION.equals(key)) {
Settings.Secure.putIntForUser(mContext.getContentResolver(),
Settings.Secure.LOCATION_MODE, Settings.Secure.LOCATION_MODE_OFF,
userHandle);
Settings.Secure.putStringForUser(mContext.getContentResolver(),
Settings.Secure.LOCATION_PROVIDERS_ALLOWED, "",
userHandle);
} else if (UserManager.DISALLOW_DEBUGGING_FEATURES.equals(key)) {
// Only disable adb if changing for primary user, since it is global
if (userHandle == UserHandle.USER_OWNER) {
Settings.Global.putStringForUser(mContext.getContentResolver(),
Settings.Global.ADB_ENABLED, "0", userHandle);
}
} else if (UserManager.ENSURE_VERIFY_APPS.equals(key)) {
Settings.Global.putStringForUser(mContext.getContentResolver(),
Settings.Global.PACKAGE_VERIFIER_ENABLE, "1",
userHandle);
Settings.Global.putStringForUser(mContext.getContentResolver(),
Settings.Global.PACKAGE_VERIFIER_INCLUDE_ADB, "1",
userHandle);
} else if (UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES.equals(key)) {
Settings.Secure.putIntForUser(mContext.getContentResolver(),
Settings.Secure.INSTALL_NON_MARKET_APPS, 0,
userHandle);
}
}
mUserManager.setUserRestriction(key, enabled, user);
if (enabled != alreadyRestricted) {
if (UserManager.DISALLOW_SHARE_LOCATION.equals(key)) {
// Send out notifications however as some clients may want to reread the
// value which actually changed due to a restriction having been applied.
final String property = Settings.Secure.SYS_PROP_SETTING_VERSION;
long version = SystemProperties.getLong(property, 0) + 1;
SystemProperties.set(property, Long.toString(version));
final String name = Settings.Secure.LOCATION_PROVIDERS_ALLOWED;
Uri url = Uri.withAppendedPath(Settings.Secure.CONTENT_URI, name);
mContext.getContentResolver().notifyChange(url, null, true, userHandle);
}
}
} finally {
restoreCallingIdentity(id);
}
if (!enabled && alreadyRestricted) {
try {
if (UserManager.DISALLOW_UNMUTE_MICROPHONE.equals(key)) {
iAudioService.setMicrophoneMute(false, who.getPackageName());
} else if (UserManager.DISALLOW_ADJUST_VOLUME.equals(key)) {
iAudioService.setMasterMute(false, 0, who.getPackageName(), null);
}
} catch (RemoteException re) {
Slog.e(LOG_TAG, "Failed to talk to AudioService.", re);
}
}
sendChangedNotification(userHandle);
}
|
| public boolean | switchUser(android.content.ComponentName who, android.os.UserHandle userHandle)
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");
}
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_DEVICE_OWNER);
long id = Binder.clearCallingIdentity();
try {
int userId = UserHandle.USER_OWNER;
if (userHandle != null) {
userId = userHandle.getIdentifier();
}
return ActivityManagerNative.getDefault().switchUser(userId);
} catch (RemoteException e) {
Log.e(LOG_TAG, "Couldn't switch user", e);
return false;
} finally {
restoreCallingIdentity(id);
}
}
|
| void | syncDeviceCapabilitiesLocked(com.android.server.devicepolicy.DevicePolicyManagerService$DevicePolicyData policy)Pushes down policy information to the system for any policies related to general device
capabilities that need to be enforced by lower level services (e.g. Camera services).
// Ensure the status of the camera is synced down to the system. Interested native services
// should monitor this value and act accordingly.
boolean systemState = SystemProperties.getBoolean(SYSTEM_PROP_DISABLE_CAMERA, false);
boolean cameraDisabled = getCameraDisabled(null, policy.mUserHandle);
if (cameraDisabled != systemState) {
long token = Binder.clearCallingIdentity();
try {
String value = cameraDisabled ? "1" : "0";
if (DBG) Slog.v(LOG_TAG, "Change in camera state ["
+ SYSTEM_PROP_DISABLE_CAMERA + "] = " + value);
SystemProperties.set(SYSTEM_PROP_DISABLE_CAMERA, value);
} finally {
Binder.restoreCallingIdentity(token);
}
}
|
| public void | systemReady()
if (!mHasFeature) {
return;
}
getUserData(UserHandle.USER_OWNER);
loadDeviceOwner();
cleanUpOldUsers();
// Register an observer for watching for user setup complete.
new SetupContentObserver(mHandler).register(mContext.getContentResolver());
// Initialize the user setup state, to handle the upgrade case.
updateUserSetupComplete();
// Update the screen capture disabled cache in the window manager
List<UserInfo> users = mUserManager.getUsers(true);
final int N = users.size();
for (int i = 0; i < N; i++) {
int userHandle = users.get(i).id;
updateScreenCaptureDisabledInWindowManager(userHandle,
getScreenCaptureDisabled(null, userHandle));
}
|
| public void | uninstallCaCert(android.content.ComponentName admin, java.lang.String alias)
enforceCanManageCaCerts(admin);
final UserHandle userHandle = new UserHandle(UserHandle.getCallingUserId());
final long id = Binder.clearCallingIdentity();
try {
final KeyChainConnection keyChainConnection = KeyChain.bindAsUser(mContext, userHandle);
try {
keyChainConnection.getService().deleteCaCertificate(alias);
} catch (RemoteException e) {
Log.e(LOG_TAG, "from CaCertUninstaller: ", e);
} finally {
keyChainConnection.close();
}
} catch (InterruptedException ie) {
Log.w(LOG_TAG, "CaCertUninstaller: ", ie);
Thread.currentThread().interrupt();
} finally {
Binder.restoreCallingIdentity(id);
}
|
| void | updateMaximumTimeToLockLocked(com.android.server.devicepolicy.DevicePolicyManagerService$DevicePolicyData policy)
long timeMs = getMaximumTimeToLock(null, policy.mUserHandle);
if (policy.mLastMaximumTimeToLock == timeMs) {
return;
}
long ident = Binder.clearCallingIdentity();
try {
if (timeMs <= 0) {
timeMs = Integer.MAX_VALUE;
} else {
// Make sure KEEP_SCREEN_ON is disabled, since that
// would allow bypassing of the maximum time to lock.
Settings.Global.putInt(mContext.getContentResolver(),
Settings.Global.STAY_ON_WHILE_PLUGGED_IN, 0);
}
policy.mLastMaximumTimeToLock = timeMs;
mPowerManagerInternal.setMaximumScreenOffTimeoutFromDeviceAdmin((int)timeMs);
} finally {
Binder.restoreCallingIdentity(ident);
}
|
| private void | updatePasswordExpirationsLocked(int userHandle)Called any time the device password is updated. Resets all password expiration clocks.
List<UserInfo> profiles = mUserManager.getProfiles(userHandle);
for (UserInfo userInfo : profiles) {
int profileId = userInfo.id;
DevicePolicyData policy = getUserDataUnchecked(profileId);
final int N = policy.mAdminList.size();
if (N > 0) {
for (int i=0; i<N; i++) {
ActiveAdmin admin = policy.mAdminList.get(i);
if (admin.info.usesPolicy(DeviceAdminInfo.USES_POLICY_EXPIRE_PASSWORD)) {
long timeout = admin.passwordExpirationTimeout;
long expiration = timeout > 0L ? (timeout + System.currentTimeMillis()) : 0L;
admin.passwordExpirationDate = expiration;
}
}
}
saveSettingsLocked(profileId);
}
|
| private void | updateScreenCaptureDisabledInWindowManager(int userHandle, boolean disabled)
long ident = Binder.clearCallingIdentity();
try {
getWindowManager().setScreenCaptureDisabled(userHandle, disabled);
} catch (RemoteException e) {
Log.w(LOG_TAG, "Unable to notify WindowManager.", e);
} finally {
Binder.restoreCallingIdentity(ident);
}
|
| void | updateUserSetupComplete()We need to update the internal state of whether a user has completed setup once. After
that, we ignore any changes that reset the Settings.Secure.USER_SETUP_COMPLETE changes
as we don't trust any apps that might try to reset it.
Unfortunately, we don't know which user's setup state was changed, so we write all of
them.
List<UserInfo> users = mUserManager.getUsers(true);
ContentResolver resolver = mContext.getContentResolver();
final int N = users.size();
for (int i = 0; i < N; i++) {
int userHandle = users.get(i).id;
if (Settings.Secure.getIntForUser(resolver, Settings.Secure.USER_SETUP_COMPLETE, 0,
userHandle) != 0) {
DevicePolicyData policy = getUserData(userHandle);
if (!policy.mUserSetupComplete) {
policy.mUserSetupComplete = true;
synchronized (this) {
saveSettingsLocked(userHandle);
}
}
}
}
|
| void | validatePasswordOwnerLocked(com.android.server.devicepolicy.DevicePolicyManagerService$DevicePolicyData policy)
if (policy.mPasswordOwner >= 0) {
boolean haveOwner = false;
for (int i = policy.mAdminList.size() - 1; i >= 0; i--) {
if (policy.mAdminList.get(i).getUid() == policy.mPasswordOwner) {
haveOwner = true;
break;
}
}
if (!haveOwner) {
Slog.w(LOG_TAG, "Previous password owner " + policy.mPasswordOwner
+ " no longer active; disabling");
policy.mPasswordOwner = -1;
}
}
|
| static void | validateQualityConstant(int quality)
switch (quality) {
case DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED:
case DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK:
case DevicePolicyManager.PASSWORD_QUALITY_SOMETHING:
case DevicePolicyManager.PASSWORD_QUALITY_NUMERIC:
case DevicePolicyManager.PASSWORD_QUALITY_NUMERIC_COMPLEX:
case DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC:
case DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC:
case DevicePolicyManager.PASSWORD_QUALITY_COMPLEX:
return;
}
throw new IllegalArgumentException("Invalid quality constant: 0x"
+ Integer.toHexString(quality));
|
| public void | wipeData(int flags, int userHandle)
if (!mHasFeature) {
return;
}
enforceCrossUserPermission(userHandle);
synchronized (this) {
// This API can only be called by an active device admin,
// so try to retrieve it to check that the caller is one.
final ActiveAdmin admin = getActiveAdminForCallerLocked(null,
DeviceAdminInfo.USES_POLICY_WIPE_DATA);
final String source;
final ComponentName cname = admin.info.getComponent();
if (cname != null) {
source = cname.flattenToShortString();
} else {
source = admin.info.getPackageName();
}
long ident = Binder.clearCallingIdentity();
try {
if ((flags & WIPE_RESET_PROTECTION_DATA) != 0) {
if (userHandle != UserHandle.USER_OWNER
|| !isDeviceOwner(admin.info.getPackageName())) {
throw new SecurityException(
"Only device owner admins can set WIPE_RESET_PROTECTION_DATA");
}
PersistentDataBlockManager manager = (PersistentDataBlockManager)
mContext.getSystemService(Context.PERSISTENT_DATA_BLOCK_SERVICE);
manager.wipe();
}
boolean wipeExtRequested = (flags & WIPE_EXTERNAL_STORAGE) != 0;
wipeDeviceOrUserLocked(wipeExtRequested, userHandle,
"DevicePolicyManager.wipeData() from " + source);
} finally {
Binder.restoreCallingIdentity(ident);
}
}
|
| private void | wipeDataLocked(boolean wipeExtRequested, java.lang.String reason)
// If the SD card is encrypted and non-removable, we have to force a wipe.
boolean forceExtWipe = !Environment.isExternalStorageRemovable() && isExtStorageEncrypted();
// Note: we can only do the wipe via ExternalStorageFormatter if the volume is not emulated.
if ((forceExtWipe || wipeExtRequested) && !Environment.isExternalStorageEmulated()) {
Intent intent = new Intent(ExternalStorageFormatter.FORMAT_AND_FACTORY_RESET);
intent.putExtra(ExternalStorageFormatter.EXTRA_ALWAYS_RESET, true);
intent.putExtra(Intent.EXTRA_REASON, reason);
intent.setComponent(ExternalStorageFormatter.COMPONENT_NAME);
mWakeLock.acquire(10000);
mContext.startService(intent);
} else {
try {
RecoverySystem.rebootWipeUserData(mContext, reason);
} catch (IOException | SecurityException e) {
Slog.w(LOG_TAG, "Failed requesting data wipe", e);
}
}
|
| private void | wipeDeviceOrUserLocked(boolean wipeExtRequested, int userHandle, java.lang.String reason)
if (userHandle == UserHandle.USER_OWNER) {
wipeDataLocked(wipeExtRequested, reason);
} else {
mHandler.post(new Runnable() {
public void run() {
try {
IActivityManager am = ActivityManagerNative.getDefault();
if (am.getCurrentUser().id == userHandle) {
am.switchUser(UserHandle.USER_OWNER);
}
if (!mUserManager.removeUser(userHandle)) {
Slog.w(LOG_TAG, "Couldn't remove user " + userHandle);
}
} catch (RemoteException re) {
// Shouldn't happen
}
}
});
}
|
