method public android.os.UserHandle getUserForSerialNumber(long);
method public java.lang.String getUserName();
method public java.util.List<android.os.UserHandle> getUserProfiles();
+ method public int getUserRestrictionSource(java.lang.String, android.os.UserHandle);
method public android.os.Bundle getUserRestrictions();
method public android.os.Bundle getUserRestrictions(android.os.UserHandle);
method public boolean hasUserRestriction(java.lang.String);
method public deprecated void setUserRestrictions(android.os.Bundle);
method public deprecated void setUserRestrictions(android.os.Bundle, android.os.UserHandle);
method public static boolean supportsMultipleUsers();
- method public int getUserRestrictionSource(java.lang.String, android.os.UserHandle);
field public static final java.lang.String ALLOW_PARENT_PROFILE_APP_LINKING = "allow_parent_profile_app_linking";
field public static final java.lang.String DISALLOW_ADD_USER = "no_add_user";
field public static final java.lang.String DISALLOW_ADJUST_VOLUME = "no_adjust_volume";
field public static final java.lang.String DISALLOW_USB_FILE_TRANSFER = "no_usb_file_transfer";
field public static final java.lang.String ENSURE_VERIFY_APPS = "ensure_verify_apps";
field public static final java.lang.String KEY_RESTRICTIONS_PENDING = "restrictions_pending";
- field public static final int USER_CREATION_FAILED_NOT_PERMITTED = 1; // 0x1
- field public static final int USER_CREATION_FAILED_NO_MORE_USERS = 2; // 0x2
field public static final int RESTRICTION_NOT_SET = 0; // 0x0
- field public static final int RESTRICTION_SOURCE_SYSTEM = 1; // 0x1
field public static final int RESTRICTION_SOURCE_DEVICE_OWNER = 2; // 0x2
field public static final int RESTRICTION_SOURCE_PROFILE_OWNER = 4; // 0x4
+ field public static final int RESTRICTION_SOURCE_SYSTEM = 1; // 0x1
+ field public static final int USER_CREATION_FAILED_NOT_PERMITTED = 1; // 0x1
+ field public static final int USER_CREATION_FAILED_NO_MORE_USERS = 2; // 0x2
}
public static abstract class UserManager.UserRestrictionSource implements java.lang.annotation.Annotation {
}
/**
- * Called by the system to get the user restrictions for a user.
- *
- * @param admin Which {@link DeviceAdminReceiver} this request is associated with.
- * @param userHandle user id the admin is running as.
- *
- * @hide
- */
- public Bundle getUserRestrictionsForUser(@NonNull ComponentName admin, int userHandle) {
- Bundle ret = null;
- if (mService != null) {
- try {
- ret = mService.getUserRestrictionsForUser(admin, userHandle);
- } catch (RemoteException e) {
- throw e.rethrowFromSystemServer();
- }
- }
- return ret == null ? new Bundle() : ret;
- }
-
- /**
* Called by profile or device owners to hide or unhide packages. When a package is hidden it is
* unavailable for use, but the data and actual package file remain.
*
import android.content.pm.IPackageManager;
import android.content.pm.UserInfo;
import android.graphics.drawable.Drawable;
-import android.os.Bundle;
import android.os.RemoteException;
import android.os.UserHandle;
import android.os.UserManager;
if (dpm == null) {
return null;
}
- ComponentName deviceOwner = dpm.getDeviceOwnerComponentOnAnyUser();
- int deviceOwnerUserId = dpm.getDeviceOwnerUserId();
- boolean enforcedByDeviceOwner = false;
- if (deviceOwner != null && deviceOwnerUserId != UserHandle.USER_NULL) {
- Bundle enforcedRestrictions =
- dpm.getUserRestrictionsForUser(deviceOwner, deviceOwnerUserId);
- if (enforcedRestrictions != null
- && enforcedRestrictions.getBoolean(userRestriction, false)) {
- enforcedByDeviceOwner = true;
- }
- }
-
- ComponentName profileOwner = null;
- boolean enforcedByProfileOwner = false;
- if (userId != UserHandle.USER_NULL) {
- profileOwner = dpm.getProfileOwnerAsUser(userId);
- if (profileOwner != null) {
- Bundle enforcedRestrictions =
- dpm.getUserRestrictionsForUser(profileOwner, userId);
- if (enforcedRestrictions != null
- && enforcedRestrictions.getBoolean(userRestriction, false)) {
- enforcedByProfileOwner = true;
- }
- }
- }
+ UserManager um = UserManager.get(context);
+ int restrictionSource = um.getUserRestrictionSource(userRestriction,
+ UserHandle.of(userId));
- if (!enforcedByDeviceOwner && !enforcedByProfileOwner) {
+ // If the restriction is not enforced or enforced only by system then return null
+ if (restrictionSource == UserManager.RESTRICTION_NOT_SET
+ || restrictionSource == UserManager.RESTRICTION_SOURCE_SYSTEM) {
return null;
}
- EnforcedAdmin admin = null;
- if (enforcedByDeviceOwner && enforcedByProfileOwner) {
- admin = new EnforcedAdmin();
+ final boolean enforcedByProfileOwner =
+ (restrictionSource & UserManager.RESTRICTION_SOURCE_PROFILE_OWNER) != 0;
+ final boolean enforcedByDeviceOwner =
+ (restrictionSource & UserManager.RESTRICTION_SOURCE_DEVICE_OWNER) != 0;
+ if (enforcedByProfileOwner) {
+ return getProfileOwner(context, userId);
} else if (enforcedByDeviceOwner) {
- admin = new EnforcedAdmin(deviceOwner, deviceOwnerUserId);
- } else {
- admin = new EnforcedAdmin(profileOwner, userId);
+ // When the restriction is enforced by device owner, return the device owner admin only
+ // if the admin is for the {@param userId} otherwise return a default EnforcedAdmin.
+ final EnforcedAdmin deviceOwner = getDeviceOwner(context);
+ return deviceOwner.userId == userId
+ ? deviceOwner
+ : EnforcedAdmin.MULTIPLE_ENFORCED_ADMIN;
}
- return admin;
+ return null;
}
public static boolean hasBaseUserRestriction(Context context,
public static EnforcedAdmin checkIfMaximumTimeToLockIsSet(Context context) {
final DevicePolicyManager dpm = (DevicePolicyManager) context.getSystemService(
Context.DEVICE_POLICY_SERVICE);
+ if (dpm == null) {
+ return null;
+ }
LockPatternUtils lockPatternUtils = new LockPatternUtils(context);
EnforcedAdmin enforcedAdmin = null;
final int userId = UserHandle.myUserId();