}
/**
- * Returns a Bundle containing any saved application restrictions for this user, for the
+ * Returns a {@code Bundle} containing any saved application restrictions for this user, for the
* given package name. Only an application with this package name can call this method.
+ *
+ * <p>The returned {@link Bundle} consists of key-value pairs, as defined by the application,
+ * where the types of values may be:
+ * <ul>
+ * <li>{@code boolean}
+ * <li>{@code int}
+ * <li>{@code String} or {@code String[]}
+ * <li>From {@link android.os.Build.VERSION_CODES#M}, {@code Bundle} or {@code Bundle[]}
+ * </ul>
+ *
* @param packageName the package name of the calling application
- * @return a Bundle with the restrictions as key/value pairs, or null if there are no
- * saved restrictions. The values can be of type Boolean, String or String[], depending
- * on the restriction type, as defined by the application.
+ * @return a {@code Bundle} with the restrictions for that package, or {@code null} if there
+ * are no saved restrictions.
+ *
+ * @see #KEY_RESTRICTIONS_PENDING
*/
public Bundle getApplicationRestrictions(String packageName) {
try {
*/
private static final void checkManageUsersPermission(String message) {
final int uid = Binder.getCallingUid();
- if (uid != Process.SYSTEM_UID && uid != 0
+ if (!UserHandle.isSameApp(uid, Process.SYSTEM_UID) && uid != Process.ROOT_UID
&& ActivityManager.checkComponentPermission(
android.Manifest.permission.MANAGE_USERS,
uid, -1, true) != PackageManager.PERMISSION_GRANTED) {
}
}
+ /**
+ * Enforces that only the system UID or root's UID (on any user) can make certain calls to the
+ * UserManager.
+ *
+ * @param message used as message if SecurityException is thrown
+ * @throws SecurityException if the caller is not system or root
+ */
+ private static void checkSystemOrRoot(String message) {
+ final int uid = Binder.getCallingUid();
+ if (!UserHandle.isSameApp(uid, Process.SYSTEM_UID) && uid != Process.ROOT_UID) {
+ throw new SecurityException("Only system may: " + message);
+ }
+ }
+
private void writeBitmapLP(UserInfo info, Bitmap bitmap) {
try {
File dir = new File(mUsersDir, Integer.toString(info.id));
public Bundle getApplicationRestrictionsForUser(String packageName, int userId) {
if (UserHandle.getCallingUserId() != userId
|| !UserHandle.isSameApp(Binder.getCallingUid(), getUidForPackage(packageName))) {
- checkManageUsersPermission("get application restrictions for other users/apps");
+ checkSystemOrRoot("get application restrictions for other users/apps");
}
synchronized (mPackagesLock) {
// Read the restrictions from XML
@Override
public void setApplicationRestrictions(String packageName, Bundle restrictions,
int userId) {
- checkManageUsersPermission("set application restrictions");
+ checkSystemOrRoot("set application restrictions");
synchronized (mPackagesLock) {
if (restrictions == null || restrictions.isEmpty()) {
cleanAppRestrictionsForPackage(packageName, userId);
public void choosePrivateKeyAlias(final int uid, final Uri uri, final String alias,
final IBinder response) {
// Caller UID needs to be trusted, so we restrict this method to SYSTEM_UID callers.
- if (UserHandle.getAppId(mInjector.binderGetCallingUid()) != Process.SYSTEM_UID) {
+ if (!UserHandle.isSameApp(mInjector.binderGetCallingUid(), Process.SYSTEM_UID)) {
return;
}
mContext.enforceCallingOrSelfPermission(
android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS, null);
if (hasUserSetupCompleted(userHandle)
- && UserHandle.getAppId(callingUid) != Process.SYSTEM_UID) {
+ && !UserHandle.isSameApp(callingUid, Process.SYSTEM_UID)) {
throw new IllegalStateException("Cannot set the profile owner on a user which is "
+ "already set-up");
}
private void enforceManageUsers() {
final int callingUid = mInjector.binderGetCallingUid();
- if (!(UserHandle.isSameApp(callingUid, Process.SYSTEM_UID) || callingUid == 0)) {
+ if (!(UserHandle.isSameApp(callingUid, Process.SYSTEM_UID)
+ || callingUid == Process.ROOT_UID)) {
mContext.enforceCallingOrSelfPermission(android.Manifest.permission.MANAGE_USERS, null);
}
}
}
final int callingUid = mInjector.binderGetCallingUid();
if (userHandle == UserHandle.getUserId(callingUid)) return;
- if (!(UserHandle.isSameApp(callingUid, Process.SYSTEM_UID) || callingUid == 0)) {
+ if (!(UserHandle.isSameApp(callingUid, Process.SYSTEM_UID)
+ || callingUid == Process.ROOT_UID)) {
mContext.enforceCallingOrSelfPermission(
android.Manifest.permission.INTERACT_ACROSS_USERS_FULL, "Must be system or have"
+ " INTERACT_ACROSS_USERS_FULL permission");
@Override
public ComponentName getRestrictionsProvider(int userHandle) {
synchronized (this) {
- if (mInjector.binderGetCallingUid() != Process.SYSTEM_UID) {
+ if (!UserHandle.isSameApp(mInjector.binderGetCallingUid(), Process.SYSTEM_UID)) {
throw new SecurityException("Only the system can query the permission provider");
}
DevicePolicyData userData = getUserData(userHandle);
@Override
public void notifyLockTaskModeChanged(boolean isEnabled, String pkg, int userHandle) {
- if (mInjector.binderGetCallingUid() != Process.SYSTEM_UID) {
+ if (!UserHandle.isSameApp(mInjector.binderGetCallingUid(), Process.SYSTEM_UID)) {
throw new SecurityException("notifyLockTaskModeChanged can only be called by system");
}
synchronized (this) {