From a92e1216ca3af5d03e17734b6b990be5116d07a9 Mon Sep 17 00:00:00 2001 From: phweiss Date: Mon, 25 Jan 2016 17:14:10 +0100 Subject: [PATCH] Make API createAndManageUser public Remove @hide, and add parameter for specifying profile owner. The PO has to live in the same package as the device owner. Bug: 25288732 Bug: 25860170 Change-Id: I40e8984a71ee9d1ff74e57d4e79e298deef9bc35 --- api/current.txt | 2 ++ api/system-current.txt | 2 ++ api/test-current.txt | 2 ++ .../android/app/admin/DevicePolicyManager.java | 31 ++++++++++++---------- .../android/app/admin/IDevicePolicyManager.aidl | 2 +- .../devicepolicy/DevicePolicyManagerService.java | 13 ++++++--- 6 files changed, 33 insertions(+), 19 deletions(-) diff --git a/api/current.txt b/api/current.txt index f71aa8473ed1..020f2d844ed8 100644 --- a/api/current.txt +++ b/api/current.txt @@ -5790,6 +5790,7 @@ package android.app.admin { method public void clearPackagePersistentPreferredActivities(android.content.ComponentName, java.lang.String); method public void clearUserRestriction(android.content.ComponentName, java.lang.String); method public deprecated android.os.UserHandle createAndInitializeUser(android.content.ComponentName, java.lang.String, java.lang.String, android.content.ComponentName, android.os.Bundle); + method public android.os.UserHandle createAndManageUser(android.content.ComponentName, java.lang.String, android.content.ComponentName, android.os.PersistableBundle, int); method public deprecated android.os.UserHandle createUser(android.content.ComponentName, java.lang.String); method public void enableSystemApp(android.content.ComponentName, java.lang.String); method public int enableSystemApp(android.content.ComponentName, android.content.Intent); @@ -5982,6 +5983,7 @@ package android.app.admin { field public static final int PERMISSION_POLICY_PROMPT = 0; // 0x0 field public static final int RESET_PASSWORD_DO_NOT_ASK_CREDENTIALS_ON_BOOT = 2; // 0x2 field public static final int RESET_PASSWORD_REQUIRE_ENTRY = 1; // 0x1 + field public static final int SKIP_SETUP_WIZARD = 1; // 0x1 field public static final int WIPE_EXTERNAL_STORAGE = 1; // 0x1 field public static final int WIPE_RESET_PROTECTION_DATA = 2; // 0x2 } diff --git a/api/system-current.txt b/api/system-current.txt index 0b31525963a1..4286431c77c1 100644 --- a/api/system-current.txt +++ b/api/system-current.txt @@ -5926,6 +5926,7 @@ package android.app.admin { method public void clearProfileOwner(android.content.ComponentName); method public void clearUserRestriction(android.content.ComponentName, java.lang.String); method public deprecated android.os.UserHandle createAndInitializeUser(android.content.ComponentName, java.lang.String, java.lang.String, android.content.ComponentName, android.os.Bundle); + method public android.os.UserHandle createAndManageUser(android.content.ComponentName, java.lang.String, android.content.ComponentName, android.os.PersistableBundle, int); method public deprecated android.os.UserHandle createUser(android.content.ComponentName, java.lang.String); method public void enableSystemApp(android.content.ComponentName, java.lang.String); method public int enableSystemApp(android.content.ComponentName, android.content.Intent); @@ -6130,6 +6131,7 @@ package android.app.admin { field public static final int PERMISSION_POLICY_PROMPT = 0; // 0x0 field public static final int RESET_PASSWORD_DO_NOT_ASK_CREDENTIALS_ON_BOOT = 2; // 0x2 field public static final int RESET_PASSWORD_REQUIRE_ENTRY = 1; // 0x1 + field public static final int SKIP_SETUP_WIZARD = 1; // 0x1 field public static final int WIPE_EXTERNAL_STORAGE = 1; // 0x1 field public static final int WIPE_RESET_PROTECTION_DATA = 2; // 0x2 } diff --git a/api/test-current.txt b/api/test-current.txt index 786a7c7c8d0d..974eb9b15b8a 100644 --- a/api/test-current.txt +++ b/api/test-current.txt @@ -5792,6 +5792,7 @@ package android.app.admin { method public void clearPackagePersistentPreferredActivities(android.content.ComponentName, java.lang.String); method public void clearUserRestriction(android.content.ComponentName, java.lang.String); method public deprecated android.os.UserHandle createAndInitializeUser(android.content.ComponentName, java.lang.String, java.lang.String, android.content.ComponentName, android.os.Bundle); + method public android.os.UserHandle createAndManageUser(android.content.ComponentName, java.lang.String, android.content.ComponentName, android.os.PersistableBundle, int); method public deprecated android.os.UserHandle createUser(android.content.ComponentName, java.lang.String); method public void enableSystemApp(android.content.ComponentName, java.lang.String); method public int enableSystemApp(android.content.ComponentName, android.content.Intent); @@ -5984,6 +5985,7 @@ package android.app.admin { field public static final int PERMISSION_POLICY_PROMPT = 0; // 0x0 field public static final int RESET_PASSWORD_DO_NOT_ASK_CREDENTIALS_ON_BOOT = 2; // 0x2 field public static final int RESET_PASSWORD_REQUIRE_ENTRY = 1; // 0x1 + field public static final int SKIP_SETUP_WIZARD = 1; // 0x1 field public static final int WIPE_EXTERNAL_STORAGE = 1; // 0x1 field public static final int WIPE_RESET_PROTECTION_DATA = 2; // 0x2 } diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java index c78174f2a594..7007afee5890 100644 --- a/core/java/android/app/admin/DevicePolicyManager.java +++ b/core/java/android/app/admin/DevicePolicyManager.java @@ -4125,21 +4125,21 @@ public class DevicePolicyManager { } /** - * Flag used by {@link createAndManageUser} to skip setup wizard after creating a new user. - * @hide + * Flag used by {@link #createAndManageUser} to skip setup wizard after creating a new user. */ public static final int SKIP_SETUP_WIZARD = 0x0001; /** - * Called by a device owner to create a user with the specified name and the caller as profile - * owner. The UserHandle returned by this method should not be persisted as user handles are - * recycled as users are removed and created. If you need to persist an identifier for this - * user, use {@link UserManager#getSerialNumberForUser}. The new user will not be started in the - * background. + * Called by a device owner to create a user with the specified name and a given component of + * the calling package as profile owner. The UserHandle returned by this method should not be + * persisted as user handles are recycled as users are removed and created. If you need to + * persist an identifier for this user, use {@link UserManager#getSerialNumberForUser}. The new + * user will not be started in the background. * - *

admin is the {@link DeviceAdminReceiver} which is the device owner, and will become the - * profile owner and will be registered as an active admin on the new user. The profile owner - * package will be installed on the new user. + *

admin is the {@link DeviceAdminReceiver} which is the device owner. profileOwner is also + * a DeviceAdminReceiver in the same package as admin, and will become the profile owner and + * will be registered as an active admin on the new user. The profile owner package will be + * installed on the new user. * *

If the adminExtras are not null, they will be stored on the device until the user is * started for the first time. Then the extras will be passed to the admin when @@ -4147,18 +4147,21 @@ public class DevicePolicyManager { * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param name The user's name. + * @param profileOwner Which {@link DeviceAdminReceiver} will be profile owner. Has to be in the + * same package as admin, otherwise no user is created and an IllegalArgumentException is + * thrown. * @param adminExtras Extras that will be passed to onEnable of the admin receiver on the new * user. - * @param flags {@link SKIP_SETUP_WIZARD} is supported. + * @param flags {@link #SKIP_SETUP_WIZARD} is supported. * @see UserHandle * @return the {@link android.os.UserHandle} object for the created user, or {@code null} if the * user could not be created. - * @hide */ public UserHandle createAndManageUser(@NonNull ComponentName admin, @NonNull String name, - @Nullable PersistableBundle adminExtras, int flags) { + @NonNull ComponentName profileOwner, @Nullable PersistableBundle adminExtras, + int flags) { try { - return mService.createAndManageUser(admin, name, adminExtras, flags); + return mService.createAndManageUser(admin, name, profileOwner, adminExtras, flags); } catch (RemoteException re) { Log.w(TAG, REMOTE_EXCEPTION_MESSAGE, re); } diff --git a/core/java/android/app/admin/IDevicePolicyManager.aidl b/core/java/android/app/admin/IDevicePolicyManager.aidl index e08b80b27145..e97bdf2bd4e9 100644 --- a/core/java/android/app/admin/IDevicePolicyManager.aidl +++ b/core/java/android/app/admin/IDevicePolicyManager.aidl @@ -179,7 +179,7 @@ interface IDevicePolicyManager { UserHandle createUser(in ComponentName who, in String name); UserHandle createAndInitializeUser(in ComponentName who, in String name, in String profileOwnerName, in ComponentName profileOwnerComponent, in Bundle adminExtras); - UserHandle createAndManageUser(in ComponentName who, in String name, in PersistableBundle adminExtras, in int flags); + UserHandle createAndManageUser(in ComponentName who, in String name, in ComponentName profileOwner, in PersistableBundle adminExtras, in int flags); boolean removeUser(in ComponentName who, in UserHandle userHandle); boolean switchUser(in ComponentName who, in UserHandle userHandle); diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index 0fffd76ec401..e3e90b668bb9 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -6389,9 +6389,14 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { @Override public UserHandle createAndManageUser(ComponentName admin, String name, - PersistableBundle adminExtras, int flags) { + ComponentName profileOwner, PersistableBundle adminExtras, int flags) { + Preconditions.checkNotNull(admin, "admin is null"); + Preconditions.checkNotNull(profileOwner, "profileOwner is null"); + if (!admin.getPackageName().equals(profileOwner.getPackageName())) { + throw new IllegalArgumentException("profileOwner " + profileOwner + " and admin " + + admin + " are not in the same package"); + } // Create user. - Preconditions.checkNotNull(admin, "ComponentName is null"); UserHandle user = null; synchronized (this) { getActiveAdminForCallerLocked(admin, DeviceAdminInfo.USES_POLICY_DEVICE_OWNER); @@ -6427,7 +6432,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return null; } - setActiveAdmin(admin, true, userHandle); + setActiveAdmin(profileOwner, true, userHandle); // User is not started yet, the broadcast by setActiveAdmin will not be received. // So we store adminExtras for broadcasting when the user starts for first time. synchronized(this) { @@ -6437,7 +6442,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { saveSettingsLocked(userHandle); } final String ownerName = getProfileOwnerName(Process.myUserHandle().getIdentifier()); - setProfileOwner(admin, ownerName, userHandle); + setProfileOwner(profileOwner, ownerName, userHandle); if ((flags & DevicePolicyManager.SKIP_SETUP_WIZARD) != 0) { Settings.Secure.putIntForUser(mContext.getContentResolver(), -- 2.11.0