UserManager.java revision 53019287fd4fed9837363cff4de87100d85c2b81 
1/*
2 * Copyright (C) 2012 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16package android.os;
17
18import android.annotation.SystemApi;
19import android.app.ActivityManager;
20import android.app.ActivityManagerNative;
21import android.content.Context;
22import android.content.pm.UserInfo;
23import android.content.res.Resources;
24import android.graphics.Bitmap;
25import android.graphics.BitmapFactory;
26import android.graphics.Rect;
27import android.graphics.drawable.Drawable;
28import android.provider.Settings;
29import android.util.Log;
30import android.view.WindowManager.LayoutParams;
31
32import com.android.internal.R;
33
34import java.io.IOException;
35import java.util.ArrayList;
36import java.util.List;
37
38/**
39 * Manages users and user details on a multi-user system.
40 */
41public class UserManager {
42
43    private static String TAG = "UserManager";
44    private final IUserManager mService;
45    private final Context mContext;
46
47    /**
48     * Specifies if a user is disallowed from adding and removing accounts, unless they are
49     * {@link android.accounts.AccountManager#addAccountExplicitly programmatically} added by
50     * Authenticator.
51     * The default value is <code>false</code>.
52     *
53     * <p/>Key for user restrictions.
54     * <p/>Type: Boolean
55     * @see #setUserRestrictions(Bundle)
56     * @see #getUserRestrictions()
57     */
58    public static final String DISALLOW_MODIFY_ACCOUNTS = "no_modify_accounts";
59
60    /**
61     * Specifies if a user is disallowed from changing Wi-Fi
62     * access points. The default value is <code>false</code>.
63     * <p/>This restriction has no effect in a managed profile.
64     *
65     * <p/>Key for user restrictions.
66     * <p/>Type: Boolean
67     * @see #setUserRestrictions(Bundle)
68     * @see #getUserRestrictions()
69     */
70    public static final String DISALLOW_CONFIG_WIFI = "no_config_wifi";
71
72    /**
73     * Specifies if a user is disallowed from installing applications.
74     * The default value is <code>false</code>.
75     *
76     * <p/>Key for user restrictions.
77     * <p/>Type: Boolean
78     * @see #setUserRestrictions(Bundle)
79     * @see #getUserRestrictions()
80     */
81    public static final String DISALLOW_INSTALL_APPS = "no_install_apps";
82
83    /**
84     * Specifies if a user is disallowed from uninstalling applications.
85     * The default value is <code>false</code>.
86     *
87     * <p/>Key for user restrictions.
88     * <p/>Type: Boolean
89     * @see #setUserRestrictions(Bundle)
90     * @see #getUserRestrictions()
91     */
92    public static final String DISALLOW_UNINSTALL_APPS = "no_uninstall_apps";
93
94    /**
95     * Specifies if a user is disallowed from turning on location sharing.
96     * The default value is <code>false</code>.
97     * <p/>In a managed profile, location sharing always reflects the primary user's setting, but
98     * can be overridden and forced off by setting this restriction to true in the managed profile.
99     *
100     * <p/>Key for user restrictions.
101     * <p/>Type: Boolean
102     * @see #setUserRestrictions(Bundle)
103     * @see #getUserRestrictions()
104     */
105    public static final String DISALLOW_SHARE_LOCATION = "no_share_location";
106
107    /**
108     * Specifies if a user is disallowed from enabling the
109     * "Unknown Sources" setting, that allows installation of apps from unknown sources.
110     * The default value is <code>false</code>.
111     *
112     * <p/>Key for user restrictions.
113     * <p/>Type: Boolean
114     * @see #setUserRestrictions(Bundle)
115     * @see #getUserRestrictions()
116     */
117    public static final String DISALLOW_INSTALL_UNKNOWN_SOURCES = "no_install_unknown_sources";
118
119    /**
120     * Specifies if a user is disallowed from configuring bluetooth.
121     * This does <em>not</em> restrict the user from turning bluetooth on or off.
122     * The default value is <code>false</code>.
123     * <p/>This restriction has no effect in a managed profile.
124     *
125     * <p/>Key for user restrictions.
126     * <p/>Type: Boolean
127     * @see #setUserRestrictions(Bundle)
128     * @see #getUserRestrictions()
129     */
130    public static final String DISALLOW_CONFIG_BLUETOOTH = "no_config_bluetooth";
131
132    /**
133     * Specifies if a user is disallowed from transferring files over
134     * USB. This can only be set by device owners and profile owners on the primary user.
135     * The default value is <code>false</code>.
136     *
137     * <p/>Key for user restrictions.
138     * <p/>Type: Boolean
139     * @see #setUserRestrictions(Bundle)
140     * @see #getUserRestrictions()
141     */
142    public static final String DISALLOW_USB_FILE_TRANSFER = "no_usb_file_transfer";
143
144    /**
145     * Specifies if a user is disallowed from configuring user
146     * credentials. The default value is <code>false</code>.
147     *
148     * <p/>Key for user restrictions.
149     * <p/>Type: Boolean
150     * @see #setUserRestrictions(Bundle)
151     * @see #getUserRestrictions()
152     */
153    public static final String DISALLOW_CONFIG_CREDENTIALS = "no_config_credentials";
154
155    /**
156     * When set on the primary user this specifies if the user can remove other users.
157     * When set on a secondary user, this specifies if the user can remove itself.
158     * This restriction has no effect on managed profiles.
159     * The default value is <code>false</code>.
160     *
161     * <p/>Key for user restrictions.
162     * <p/>Type: Boolean
163     * @see #setUserRestrictions(Bundle)
164     * @see #getUserRestrictions()
165     */
166    public static final String DISALLOW_REMOVE_USER = "no_remove_user";
167
168    /**
169     * Specifies if a user is disallowed from enabling or
170     * accessing debugging features. The default value is <code>false</code>.
171     *
172     * <p/>Key for user restrictions.
173     * <p/>Type: Boolean
174     * @see #setUserRestrictions(Bundle)
175     * @see #getUserRestrictions()
176     */
177    public static final String DISALLOW_DEBUGGING_FEATURES = "no_debugging_features";
178
179    /**
180     * Specifies if a user is disallowed from configuring VPN.
181     * The default value is <code>false</code>.
182     * This restriction has an effect in a managed profile only from
183     * {@link android.os.Build.VERSION_CODES#MNC}
184     *
185     * <p/>Key for user restrictions.
186     * <p/>Type: Boolean
187     * @see #setUserRestrictions(Bundle)
188     * @see #getUserRestrictions()
189     */
190    public static final String DISALLOW_CONFIG_VPN = "no_config_vpn";
191
192    /**
193     * Specifies if a user is disallowed from configuring Tethering
194     * & portable hotspots. This can only be set by device owners and profile owners on the
195     * primary user. The default value is <code>false</code>.
196     *
197     * <p/>Key for user restrictions.
198     * <p/>Type: Boolean
199     * @see #setUserRestrictions(Bundle)
200     * @see #getUserRestrictions()
201     */
202    public static final String DISALLOW_CONFIG_TETHERING = "no_config_tethering";
203
204    /**
205     * Specifies if a user is disallowed from resetting network settings
206     * from Settings. This can only be set by device owners and profile owners on the primary user.
207     * The default value is <code>false</code>.
208     * <p/>This restriction has no effect on secondary users and managed profiles since only the
209     * primary user can reset the network settings of the device.
210     *
211     * <p/>Key for user restrictions.
212     * <p/>Type: Boolean
213     * @see #setUserRestrictions(Bundle)
214     * @see #getUserRestrictions()
215     */
216    public static final String DISALLOW_NETWORK_RESET = "no_network_reset";
217
218    /**
219     * Specifies if a user is disallowed from factory resetting
220     * from Settings. This can only be set by device owners and profile owners on the primary user.
221     * The default value is <code>false</code>.
222     * <p/>This restriction has no effect on secondary users and managed profiles since only the
223     * primary user can factory reset the device.
224     *
225     * <p/>Key for user restrictions.
226     * <p/>Type: Boolean
227     * @see #setUserRestrictions(Bundle)
228     * @see #getUserRestrictions()
229     */
230    public static final String DISALLOW_FACTORY_RESET = "no_factory_reset";
231
232    /**
233     * Specifies if a user is disallowed from adding new users and
234     * profiles. This can only be set by device owners and profile owners on the primary user.
235     * The default value is <code>false</code>.
236     * <p/>This restriction has no effect on secondary users and managed profiles since only the
237     * primary user can add other users.
238     *
239     * <p/>Key for user restrictions.
240     * <p/>Type: Boolean
241     * @see #setUserRestrictions(Bundle)
242     * @see #getUserRestrictions()
243     */
244    public static final String DISALLOW_ADD_USER = "no_add_user";
245
246    /**
247     * Specifies if a user is disallowed from disabling application
248     * verification. The default value is <code>false</code>.
249     *
250     * <p/>Key for user restrictions.
251     * <p/>Type: Boolean
252     * @see #setUserRestrictions(Bundle)
253     * @see #getUserRestrictions()
254     */
255    public static final String ENSURE_VERIFY_APPS = "ensure_verify_apps";
256
257    /**
258     * Specifies if a user is disallowed from configuring cell
259     * broadcasts. This can only be set by device owners and profile owners on the primary user.
260     * The default value is <code>false</code>.
261     * <p/>This restriction has no effect on secondary users and managed profiles since only the
262     * primary user can configure cell broadcasts.
263     *
264     * <p/>Key for user restrictions.
265     * <p/>Type: Boolean
266     * @see #setUserRestrictions(Bundle)
267     * @see #getUserRestrictions()
268     */
269    public static final String DISALLOW_CONFIG_CELL_BROADCASTS = "no_config_cell_broadcasts";
270
271    /**
272     * Specifies if a user is disallowed from configuring mobile
273     * networks. This can only be set by device owners and profile owners on the primary user.
274     * The default value is <code>false</code>.
275     * <p/>This restriction has no effect on secondary users and managed profiles since only the
276     * primary user can configure mobile networks.
277     *
278     * <p/>Key for user restrictions.
279     * <p/>Type: Boolean
280     * @see #setUserRestrictions(Bundle)
281     * @see #getUserRestrictions()
282     */
283    public static final String DISALLOW_CONFIG_MOBILE_NETWORKS = "no_config_mobile_networks";
284
285    /**
286     * Specifies if a user is disallowed from modifying
287     * applications in Settings or launchers. The following actions will not be allowed when this
288     * restriction is enabled:
289     * <li>uninstalling apps</li>
290     * <li>disabling apps</li>
291     * <li>clearing app caches</li>
292     * <li>clearing app data</li>
293     * <li>force stopping apps</li>
294     * <li>clearing app defaults</li>
295     * <p>
296     * The default value is <code>false</code>.
297     *
298     * <p/>Key for user restrictions.
299     * <p/>Type: Boolean
300     * @see #setUserRestrictions(Bundle)
301     * @see #getUserRestrictions()
302     */
303    public static final String DISALLOW_APPS_CONTROL = "no_control_apps";
304
305    /**
306     * Specifies if a user is disallowed from mounting
307     * physical external media. This can only be set by device owners and profile owners on the
308     * primary user. The default value is <code>false</code>.
309     *
310     * <p/>Key for user restrictions.
311     * <p/>Type: Boolean
312     * @see #setUserRestrictions(Bundle)
313     * @see #getUserRestrictions()
314     */
315    public static final String DISALLOW_MOUNT_PHYSICAL_MEDIA = "no_physical_media";
316
317    /**
318     * Specifies if a user is disallowed from adjusting microphone
319     * volume. If set, the microphone will be muted. This can only be set by device owners
320     * and profile owners on the primary user. The default value is <code>false</code>.
321     *
322     * <p/>Key for user restrictions.
323     * <p/>Type: Boolean
324     * @see #setUserRestrictions(Bundle)
325     * @see #getUserRestrictions()
326     */
327    public static final String DISALLOW_UNMUTE_MICROPHONE = "no_unmute_microphone";
328
329    /**
330     * Specifies if a user is disallowed from adjusting the master
331     * volume. If set, the master volume will be muted. This can only be set by device owners
332     * and profile owners on the primary user. The default value is <code>false</code>.
333     *
334     * <p/>Key for user restrictions.
335     * <p/>Type: Boolean
336     * @see #setUserRestrictions(Bundle)
337     * @see #getUserRestrictions()
338     */
339    public static final String DISALLOW_ADJUST_VOLUME = "no_adjust_volume";
340
341    /**
342     * Specifies that the user is not allowed to make outgoing
343     * phone calls. Emergency calls are still permitted.
344     * The default value is <code>false</code>.
345     * <p/>This restriction has no effect on managed profiles since call intents are normally
346     * forwarded to the primary user.
347     *
348     * <p/>Key for user restrictions.
349     * <p/>Type: Boolean
350     * @see #setUserRestrictions(Bundle)
351     * @see #getUserRestrictions()
352     */
353    public static final String DISALLOW_OUTGOING_CALLS = "no_outgoing_calls";
354
355    /**
356     * Specifies that the user is not allowed to send or receive
357     * SMS messages. The default value is <code>false</code>.
358     *
359     * <p/>Key for user restrictions.
360     * <p/>Type: Boolean
361     * @see #setUserRestrictions(Bundle)
362     * @see #getUserRestrictions()
363     */
364    public static final String DISALLOW_SMS = "no_sms";
365
366    /**
367     * Specifies if the user is not allowed to have fun. In some cases, the
368     * device owner may wish to prevent the user from experiencing amusement or
369     * joy while using the device. The default value is <code>false</code>.
370     *
371     * <p/>Key for user restrictions.
372     * <p/>Type: Boolean
373     * @see #setUserRestrictions(Bundle)
374     * @see #getUserRestrictions()
375     */
376    public static final String DISALLOW_FUN = "no_fun";
377
378    /**
379     * Specifies that windows besides app windows should not be
380     * created. This will block the creation of the following types of windows.
381     * <li>{@link LayoutParams#TYPE_TOAST}</li>
382     * <li>{@link LayoutParams#TYPE_PHONE}</li>
383     * <li>{@link LayoutParams#TYPE_PRIORITY_PHONE}</li>
384     * <li>{@link LayoutParams#TYPE_SYSTEM_ALERT}</li>
385     * <li>{@link LayoutParams#TYPE_SYSTEM_ERROR}</li>
386     * <li>{@link LayoutParams#TYPE_SYSTEM_OVERLAY}</li>
387     *
388     * <p>This can only be set by device owners and profile owners on the primary user.
389     * The default value is <code>false</code>.
390     *
391     * <p/>Key for user restrictions.
392     * <p/>Type: Boolean
393     * @see #setUserRestrictions(Bundle)
394     * @see #getUserRestrictions()
395     */
396    public static final String DISALLOW_CREATE_WINDOWS = "no_create_windows";
397
398    /**
399     * Specifies if what is copied in the clipboard of this profile can
400     * be pasted in related profiles. Does not restrict if the clipboard of related profiles can be
401     * pasted in this profile.
402     * The default value is <code>false</code>.
403     *
404     * <p/>Key for user restrictions.
405     * <p/>Type: Boolean
406     * @see #setUserRestrictions(Bundle)
407     * @see #getUserRestrictions()
408     */
409    public static final String DISALLOW_CROSS_PROFILE_COPY_PASTE = "no_cross_profile_copy_paste";
410
411    /**
412     * Specifies if the user is not allowed to use NFC to beam out data from apps.
413     * The default value is <code>false</code>.
414     *
415     * <p/>Key for user restrictions.
416     * <p/>Type: Boolean
417     * @see #setUserRestrictions(Bundle)
418     * @see #getUserRestrictions()
419     */
420    public static final String DISALLOW_OUTGOING_BEAM = "no_outgoing_beam";
421
422    /**
423     * Hidden user restriction to disallow access to wallpaper manager APIs. This user restriction
424     * is always set for managed profiles.
425     * @hide
426     * @see #setUserRestrictions(Bundle)
427     * @see #getUserRestrictions()
428     */
429    public static final String DISALLOW_WALLPAPER = "no_wallpaper";
430
431    /**
432     * Specifies if the user is not allowed to reboot the device into safe boot mode.
433     * This can only be set by device owners and profile owners on the primary user.
434     * The default value is <code>false</code>.
435     *
436     * <p/>Key for user restrictions.
437     * <p/>Type: Boolean
438     * @see #setUserRestrictions(Bundle)
439     * @see #getUserRestrictions()
440     */
441    public static final String DISALLOW_SAFE_BOOT = "no_safe_boot";
442
443    /**
444     * Specifies if a user is not allowed to record audio. This restriction is always enabled for
445     * background users. The default value is <code>false</code>.
446     *
447     * @see #setUserRestrictions(Bundle)
448     * @see #getUserRestrictions()
449     * @hide
450     */
451    public static final String DISALLOW_RECORD_AUDIO = "no_record_audio";
452
453    /**
454     * Allows apps in the parent profile to handle web links from the managed profile.
455     *
456     * This user restriction has an effect only in a managed profile.
457     * If set:
458     * Intent filters of activities in the parent profile with action
459     * {@link android.content.Intent#ACTION_VIEW},
460     * category {@link android.content.Intent#CATEGORY_BROWSABLE}, scheme http or https, and which
461     * define a host can handle intents from the managed profile.
462     * The default value is <code>false</code>.
463     *
464     * <p/>Key for user restrictions.
465     * <p/>Type: Boolean
466     * @see #setUserRestrictions(Bundle)
467     * @see #getUserRestrictions()
468     */
469    public static final String ALLOW_PARENT_PROFILE_APP_LINKING
470            = "allow_parent_profile_app_linking";
471
472    /**
473     * Application restriction key that is used to indicate the pending arrival
474     * of real restrictions for the app.
475     *
476     * <p>
477     * Applications that support restrictions should check for the presence of this key.
478     * A <code>true</code> value indicates that restrictions may be applied in the near
479     * future but are not available yet. It is the responsibility of any
480     * management application that sets this flag to update it when the final
481     * restrictions are enforced.
482     *
483     * <p/>Key for application restrictions.
484     * <p/>Type: Boolean
485     * @see android.app.admin.DevicePolicyManager#setApplicationRestrictions(
486     *      android.content.ComponentName, String, Bundle)
487     * @see android.app.admin.DevicePolicyManager#getApplicationRestrictions(
488     *      android.content.ComponentName, String)
489     */
490    public static final String KEY_RESTRICTIONS_PENDING = "restrictions_pending";
491
492    /** @hide */
493    public static final int PIN_VERIFICATION_FAILED_INCORRECT = -3;
494    /** @hide */
495    public static final int PIN_VERIFICATION_FAILED_NOT_SET = -2;
496    /** @hide */
497    public static final int PIN_VERIFICATION_SUCCESS = -1;
498
499    private static UserManager sInstance = null;
500
501    /** @hide */
502    public synchronized static UserManager get(Context context) {
503        if (sInstance == null) {
504            sInstance = (UserManager) context.getSystemService(Context.USER_SERVICE);
505        }
506        return sInstance;
507    }
508
509    /** @hide */
510    public UserManager(Context context, IUserManager service) {
511        mService = service;
512        mContext = context;
513    }
514
515    /**
516     * Returns whether the system supports multiple users.
517     * @return true if multiple users can be created by user, false if it is a single user device.
518     * @hide
519     */
520    public static boolean supportsMultipleUsers() {
521        return getMaxSupportedUsers() > 1
522                && SystemProperties.getBoolean("fw.show_multiuserui",
523                Resources.getSystem().getBoolean(R.bool.config_enableMultiUserUI));
524    }
525
526    /**
527     * Returns the user handle for the user that this process is running under.
528     *
529     * @return the user handle of this process.
530     * @hide
531     */
532    public int getUserHandle() {
533        return UserHandle.myUserId();
534    }
535
536    /**
537     * Returns the user name of the user making this call.  This call is only
538     * available to applications on the system image; it requires the
539     * MANAGE_USERS permission.
540     * @return the user name
541     */
542    public String getUserName() {
543        try {
544            return mService.getUserInfo(getUserHandle()).name;
545        } catch (RemoteException re) {
546            Log.w(TAG, "Could not get user name", re);
547            return "";
548        }
549    }
550
551    /**
552     * Used to determine whether the user making this call is subject to
553     * teleportations.
554     *
555     * <p>As of {@link android.os.Build.VERSION_CODES#LOLLIPOP}, this method can
556     * now automatically identify goats using advanced goat recognition technology.</p>
557     *
558     * @return Returns true if the user making this call is a goat.
559     */
560    public boolean isUserAGoat() {
561        return mContext.getPackageManager()
562                .isPackageAvailable("com.coffeestainstudios.goatsimulator");
563    }
564
565    /**
566     * Used to check if this process is running under the system user. The system user
567     * is the initial user that is implicitly created on first boot and hosts most of the
568     * system services.
569     *
570     * @return whether this process is running under the system user.
571     */
572    public boolean isSystemUser() {
573        return UserHandle.myUserId() == UserHandle.USER_OWNER;
574    }
575
576    /**
577     * @hide
578     * Returns whether the caller is running as an admin user. There can be more than one admin
579     * user.
580     */
581    public boolean isAdminUser() {
582        UserInfo user = getUserInfo(UserHandle.myUserId());
583        return user != null ? user.isAdmin() : false;
584    }
585
586    /**
587     * Used to check if the user making this call is linked to another user. Linked users may have
588     * a reduced number of available apps, app restrictions and account restrictions.
589     * @return whether the user making this call is a linked user
590     * @hide
591     */
592    public boolean isLinkedUser() {
593        try {
594            return mService.isRestricted();
595        } catch (RemoteException re) {
596            Log.w(TAG, "Could not check if user is limited ", re);
597            return false;
598        }
599    }
600
601    /**
602     * Checks if the calling app is running as a guest user.
603     * @return whether the caller is a guest user.
604     * @hide
605     */
606    public boolean isGuestUser() {
607        UserInfo user = getUserInfo(UserHandle.myUserId());
608        return user != null ? user.isGuest() : false;
609    }
610
611    /**
612     * Checks if the calling app is running in a managed profile.
613     * Requires {@link android.Manifest.permission#MANAGE_USERS} permission.
614     *
615     * @return whether the caller is in a managed profile.
616     * @hide
617     */
618    @SystemApi
619    public boolean isManagedProfile() {
620        UserInfo user = getUserInfo(UserHandle.myUserId());
621        return user != null ? user.isManagedProfile() : false;
622    }
623
624    /**
625     * Return whether the given user is actively running.  This means that
626     * the user is in the "started" state, not "stopped" -- it is currently
627     * allowed to run code through scheduled alarms, receiving broadcasts,
628     * etc.  A started user may be either the current foreground user or a
629     * background user; the result here does not distinguish between the two.
630     * @param user The user to retrieve the running state for.
631     */
632    public boolean isUserRunning(UserHandle user) {
633        try {
634            return ActivityManagerNative.getDefault().isUserRunning(
635                    user.getIdentifier(), false);
636        } catch (RemoteException e) {
637            return false;
638        }
639    }
640
641    /**
642     * Return whether the given user is actively running <em>or</em> stopping.
643     * This is like {@link #isUserRunning(UserHandle)}, but will also return
644     * true if the user had been running but is in the process of being stopped
645     * (but is not yet fully stopped, and still running some code).
646     * @param user The user to retrieve the running state for.
647     */
648    public boolean isUserRunningOrStopping(UserHandle user) {
649        try {
650            return ActivityManagerNative.getDefault().isUserRunning(
651                    user.getIdentifier(), true);
652        } catch (RemoteException e) {
653            return false;
654        }
655    }
656
657    /**
658     * Returns the UserInfo object describing a specific user.
659     * Requires {@link android.Manifest.permission#MANAGE_USERS} permission.
660     * @param userHandle the user handle of the user whose information is being requested.
661     * @return the UserInfo object for a specific user.
662     * @hide
663     */
664    public UserInfo getUserInfo(int userHandle) {
665        try {
666            return mService.getUserInfo(userHandle);
667        } catch (RemoteException re) {
668            Log.w(TAG, "Could not get user info", re);
669            return null;
670        }
671    }
672
673    /**
674     * Returns the user-wide restrictions imposed on this user.
675     * @return a Bundle containing all the restrictions.
676     */
677    public Bundle getUserRestrictions() {
678        return getUserRestrictions(Process.myUserHandle());
679    }
680
681    /**
682     * Returns the user-wide restrictions imposed on the user specified by <code>userHandle</code>.
683     * @param userHandle the UserHandle of the user for whom to retrieve the restrictions.
684     * @return a Bundle containing all the restrictions.
685     */
686    public Bundle getUserRestrictions(UserHandle userHandle) {
687        try {
688            return mService.getUserRestrictions(userHandle.getIdentifier());
689        } catch (RemoteException re) {
690            Log.w(TAG, "Could not get user restrictions", re);
691            return Bundle.EMPTY;
692        }
693    }
694
695    /**
696     * Sets all the user-wide restrictions for this user.
697     * Requires the MANAGE_USERS permission.
698     * @param restrictions the Bundle containing all the restrictions.
699     * @deprecated use {@link android.app.admin.DevicePolicyManager#addUserRestriction(
700     * android.content.ComponentName, String)} or
701     * {@link android.app.admin.DevicePolicyManager#clearUserRestriction(
702     * android.content.ComponentName, String)} instead.
703     */
704    @Deprecated
705    public void setUserRestrictions(Bundle restrictions) {
706        setUserRestrictions(restrictions, Process.myUserHandle());
707    }
708
709    /**
710     * Sets all the user-wide restrictions for the specified user.
711     * Requires the MANAGE_USERS permission.
712     * @param restrictions the Bundle containing all the restrictions.
713     * @param userHandle the UserHandle of the user for whom to set the restrictions.
714     * @deprecated use {@link android.app.admin.DevicePolicyManager#addUserRestriction(
715     * android.content.ComponentName, String)} or
716     * {@link android.app.admin.DevicePolicyManager#clearUserRestriction(
717     * android.content.ComponentName, String)} instead.
718     */
719    @Deprecated
720    public void setUserRestrictions(Bundle restrictions, UserHandle userHandle) {
721        try {
722            mService.setUserRestrictions(restrictions, userHandle.getIdentifier());
723        } catch (RemoteException re) {
724            Log.w(TAG, "Could not set user restrictions", re);
725        }
726    }
727
728    /**
729     * Sets the value of a specific restriction.
730     * Requires the MANAGE_USERS permission.
731     * @param key the key of the restriction
732     * @param value the value for the restriction
733     * @deprecated use {@link android.app.admin.DevicePolicyManager#addUserRestriction(
734     * android.content.ComponentName, String)} or
735     * {@link android.app.admin.DevicePolicyManager#clearUserRestriction(
736     * android.content.ComponentName, String)} instead.
737     */
738    @Deprecated
739    public void setUserRestriction(String key, boolean value) {
740        Bundle bundle = getUserRestrictions();
741        bundle.putBoolean(key, value);
742        setUserRestrictions(bundle);
743    }
744
745    /**
746     * @hide
747     * Sets the value of a specific restriction on a specific user.
748     * Requires the MANAGE_USERS permission.
749     * @param key the key of the restriction
750     * @param value the value for the restriction
751     * @param userHandle the user whose restriction is to be changed.
752     * @deprecated use {@link android.app.admin.DevicePolicyManager#addUserRestriction(
753     * android.content.ComponentName, String)} or
754     * {@link android.app.admin.DevicePolicyManager#clearUserRestriction(
755     * android.content.ComponentName, String)} instead.
756     */
757    @Deprecated
758    public void setUserRestriction(String key, boolean value, UserHandle userHandle) {
759        try {
760            mService.setUserRestriction(key, value, userHandle.getIdentifier());
761        } catch (RemoteException re) {
762            Log.w(TAG, "Could not set user restriction", re);
763        }
764    }
765
766    /**
767     * Returns whether the current user has been disallowed from performing certain actions
768     * or setting certain settings.
769     *
770     * @param restrictionKey The string key representing the restriction.
771     * @return {@code true} if the current user has the given restriction, {@code false} otherwise.
772     */
773    public boolean hasUserRestriction(String restrictionKey) {
774        return hasUserRestriction(restrictionKey, Process.myUserHandle());
775    }
776
777    /**
778     * @hide
779     * Returns whether the given user has been disallowed from performing certain actions
780     * or setting certain settings.
781     * @param restrictionKey the string key representing the restriction
782     * @param userHandle the UserHandle of the user for whom to retrieve the restrictions.
783     */
784    public boolean hasUserRestriction(String restrictionKey, UserHandle userHandle) {
785        try {
786            return mService.hasUserRestriction(restrictionKey,
787                    userHandle.getIdentifier());
788        } catch (RemoteException re) {
789            Log.w(TAG, "Could not check user restrictions", re);
790            return false;
791        }
792    }
793
794    /**
795     * Return the serial number for a user.  This is a device-unique
796     * number assigned to that user; if the user is deleted and then a new
797     * user created, the new users will not be given the same serial number.
798     * @param user The user whose serial number is to be retrieved.
799     * @return The serial number of the given user; returns -1 if the
800     * given UserHandle does not exist.
801     * @see #getUserForSerialNumber(long)
802     */
803    public long getSerialNumberForUser(UserHandle user) {
804        return getUserSerialNumber(user.getIdentifier());
805    }
806
807    /**
808     * Return the user associated with a serial number previously
809     * returned by {@link #getSerialNumberForUser(UserHandle)}.
810     * @param serialNumber The serial number of the user that is being
811     * retrieved.
812     * @return Return the user associated with the serial number, or null
813     * if there is not one.
814     * @see #getSerialNumberForUser(UserHandle)
815     */
816    public UserHandle getUserForSerialNumber(long serialNumber) {
817        int ident = getUserHandle((int) serialNumber);
818        return ident >= 0 ? new UserHandle(ident) : null;
819    }
820
821    /**
822     * Creates a user with the specified name and options.
823     * Requires {@link android.Manifest.permission#MANAGE_USERS} permission.
824     *
825     * @param name the user's name
826     * @param flags flags that identify the type of user and other properties.
827     * @see UserInfo
828     *
829     * @return the UserInfo object for the created user, or null if the user could not be created.
830     * @hide
831     */
832    public UserInfo createUser(String name, int flags) {
833        try {
834            return mService.createUser(name, flags);
835        } catch (RemoteException re) {
836            Log.w(TAG, "Could not create a user", re);
837            return null;
838        }
839    }
840
841    /**
842     * Creates a guest user and configures it.
843     * @param context an application context
844     * @param name the name to set for the user
845     * @hide
846     */
847    public UserInfo createGuest(Context context, String name) {
848        UserInfo guest = createUser(name, UserInfo.FLAG_GUEST);
849        if (guest != null) {
850            Settings.Secure.putStringForUser(context.getContentResolver(),
851                    Settings.Secure.SKIP_FIRST_USE_HINTS, "1", guest.id);
852            try {
853                Bundle guestRestrictions = mService.getDefaultGuestRestrictions();
854                guestRestrictions.putBoolean(DISALLOW_SMS, true);
855                guestRestrictions.putBoolean(DISALLOW_INSTALL_UNKNOWN_SOURCES, true);
856                mService.setUserRestrictions(guestRestrictions, guest.id);
857            } catch (RemoteException re) {
858                Log.w(TAG, "Could not update guest restrictions");
859            }
860        }
861        return guest;
862    }
863
864    /**
865     * Creates a secondary user with the specified name and options and configures it with default
866     * restrictions.
867     * Requires {@link android.Manifest.permission#MANAGE_USERS} permission.
868     *
869     * @param name the user's name
870     * @param flags flags that identify the type of user and other properties.
871     * @see UserInfo
872     *
873     * @return the UserInfo object for the created user, or null if the user could not be created.
874     * @hide
875     */
876    public UserInfo createSecondaryUser(String name, int flags) {
877        try {
878            UserInfo user = mService.createUser(name, flags);
879            if (user == null) {
880                return null;
881            }
882            Bundle userRestrictions = mService.getUserRestrictions(user.id);
883            addDefaultUserRestrictions(userRestrictions);
884            mService.setUserRestrictions(userRestrictions, user.id);
885            return user;
886        } catch (RemoteException re) {
887            Log.w(TAG, "Could not create a user", re);
888            return null;
889        }
890    }
891
892    private static void addDefaultUserRestrictions(Bundle restrictions) {
893        restrictions.putBoolean(DISALLOW_OUTGOING_CALLS, true);
894        restrictions.putBoolean(DISALLOW_SMS, true);
895    }
896
897    /**
898     * Creates a user with the specified name and options as a profile of another user.
899     * Requires {@link android.Manifest.permission#MANAGE_USERS} permission.
900     *
901     * @param name the user's name
902     * @param flags flags that identify the type of user and other properties.
903     * @see UserInfo
904     * @param userHandle new user will be a profile of this use.
905     *
906     * @return the UserInfo object for the created user, or null if the user could not be created.
907     * @hide
908     */
909    public UserInfo createProfileForUser(String name, int flags, int userHandle) {
910        try {
911            return mService.createProfileForUser(name, flags, userHandle);
912        } catch (RemoteException re) {
913            Log.w(TAG, "Could not create a user", re);
914            return null;
915        }
916    }
917
918    /**
919     * @hide
920     * Marks the guest user for deletion to allow a new guest to be created before deleting
921     * the current user who is a guest.
922     * @param userHandle
923     * @return
924     */
925    public boolean markGuestForDeletion(int userHandle) {
926        try {
927            return mService.markGuestForDeletion(userHandle);
928        } catch (RemoteException re) {
929            Log.w(TAG, "Could not mark guest for deletion", re);
930            return false;
931        }
932    }
933
934    /**
935     * Sets the user as enabled, if such an user exists.
936     * Requires {@link android.Manifest.permission#MANAGE_USERS} permission.
937     * Note that the default is true, it's only that managed profiles might not be enabled.
938     *
939     * @param userHandle the id of the profile to enable
940     * @hide
941     */
942    public void setUserEnabled(int userHandle) {
943        try {
944            mService.setUserEnabled(userHandle);
945        } catch (RemoteException e) {
946            Log.w(TAG, "Could not enable the profile", e);
947        }
948    }
949
950    /**
951     * Return the number of users currently created on the device.
952     */
953    public int getUserCount() {
954        List<UserInfo> users = getUsers();
955        return users != null ? users.size() : 1;
956    }
957
958    /**
959     * Returns information for all users on this device.
960     * Requires {@link android.Manifest.permission#MANAGE_USERS} permission.
961     * @return the list of users that were created.
962     * @hide
963     */
964    public List<UserInfo> getUsers() {
965        try {
966            return mService.getUsers(false);
967        } catch (RemoteException re) {
968            Log.w(TAG, "Could not get user list", re);
969            return null;
970        }
971    }
972
973    /**
974     * Checks whether it's possible to add more users. Caller must hold the MANAGE_USERS
975     * permission.
976     *
977     * @return true if more users can be added, false if limit has been reached.
978     * @hide
979     */
980    public boolean canAddMoreUsers() {
981        final List<UserInfo> users = getUsers(true);
982        final int totalUserCount = users.size();
983        int aliveUserCount = 0;
984        for (int i = 0; i < totalUserCount; i++) {
985            UserInfo user = users.get(i);
986            if (!user.isGuest()) {
987                aliveUserCount++;
988            }
989        }
990        return aliveUserCount < getMaxSupportedUsers();
991    }
992
993    /**
994     * Checks whether it's possible to add more managed profiles. Caller must hold the MANAGE_USERS
995     * permission.
996     *
997     * @return true if more managed profiles can be added, false if limit has been reached.
998     * @hide
999     */
1000    public boolean canAddMoreManagedProfiles() {
1001        try {
1002            return mService.canAddMoreManagedProfiles();
1003        } catch (RemoteException re) {
1004            Log.w(TAG, "Could not check if we can add more managed profiles", re);
1005            return false;
1006        }
1007    }
1008
1009    /**
1010     * Returns list of the profiles of userHandle including
1011     * userHandle itself.
1012     * Note that this returns both enabled and not enabled profiles. See
1013     * {@link #getEnabledProfiles(int)} if you need only the enabled ones.
1014     *
1015     * Requires {@link android.Manifest.permission#MANAGE_USERS} permission.
1016     * @param userHandle profiles of this user will be returned.
1017     * @return the list of profiles.
1018     * @hide
1019     */
1020    public List<UserInfo> getProfiles(int userHandle) {
1021        try {
1022            return mService.getProfiles(userHandle, false /* enabledOnly */);
1023        } catch (RemoteException re) {
1024            Log.w(TAG, "Could not get user list", re);
1025            return null;
1026        }
1027    }
1028
1029    /**
1030     * Returns list of the profiles of userHandle including
1031     * userHandle itself.
1032     * Note that this returns only enabled.
1033     *
1034     * Requires {@link android.Manifest.permission#MANAGE_USERS} permission.
1035     * @param userHandle profiles of this user will be returned.
1036     * @return the list of profiles.
1037     * @hide
1038     */
1039    public List<UserInfo> getEnabledProfiles(int userHandle) {
1040        try {
1041            return mService.getProfiles(userHandle, true /* enabledOnly */);
1042        } catch (RemoteException re) {
1043            Log.w(TAG, "Could not get user list", re);
1044            return null;
1045        }
1046    }
1047
1048    /**
1049     * Returns a list of UserHandles for profiles associated with the user that the calling process
1050     * is running on, including the user itself.
1051     *
1052     * @return A non-empty list of UserHandles associated with the calling user.
1053     */
1054    public List<UserHandle> getUserProfiles() {
1055        ArrayList<UserHandle> profiles = new ArrayList<UserHandle>();
1056        List<UserInfo> users = new ArrayList<UserInfo>();
1057        try {
1058            users = mService.getProfiles(UserHandle.myUserId(), true /* enabledOnly */);
1059        } catch (RemoteException re) {
1060            Log.w(TAG, "Could not get user list", re);
1061            return null;
1062        }
1063        for (UserInfo info : users) {
1064            UserHandle userHandle = new UserHandle(info.id);
1065            profiles.add(userHandle);
1066        }
1067        return profiles;
1068    }
1069
1070    /**
1071     * Returns the parent of the profile which this method is called from
1072     * or null if called from a user that is not a profile.
1073     *
1074     * @hide
1075     */
1076    public UserInfo getProfileParent(int userHandle) {
1077        try {
1078            return mService.getProfileParent(userHandle);
1079        } catch (RemoteException re) {
1080            Log.w(TAG, "Could not get profile parent", re);
1081            return null;
1082        }
1083    }
1084
1085    /**
1086     * If the target user is a managed profile of the calling user or the caller
1087     * is itself a managed profile, then this returns a badged copy of the given
1088     * icon to be able to distinguish it from the original icon. For badging an
1089     * arbitrary drawable use {@link #getBadgedDrawableForUser(
1090     * android.graphics.drawable.Drawable, UserHandle, android.graphics.Rect, int)}.
1091     * <p>
1092     * If the original drawable is a BitmapDrawable and the backing bitmap is
1093     * mutable as per {@link android.graphics.Bitmap#isMutable()}, the bading
1094     * is performed in place and the original drawable is returned.
1095     * </p>
1096     *
1097     * @param icon The icon to badge.
1098     * @param user The target user.
1099     * @return A drawable that combines the original icon and a badge as
1100     *         determined by the system.
1101     * @removed
1102     */
1103    public Drawable getBadgedIconForUser(Drawable icon, UserHandle user) {
1104        return mContext.getPackageManager().getUserBadgedIcon(icon, user);
1105    }
1106
1107    /**
1108     * If the target user is a managed profile of the calling user or the caller
1109     * is itself a managed profile, then this returns a badged copy of the given
1110     * drawable allowing the user to distinguish it from the original drawable.
1111     * The caller can specify the location in the bounds of the drawable to be
1112     * badged where the badge should be applied as well as the density of the
1113     * badge to be used.
1114     * <p>
1115     * If the original drawable is a BitmapDrawable and the backing bitmap is
1116     * mutable as per {@link android.graphics.Bitmap#isMutable()}, the bading
1117     * is performed in place and the original drawable is returned.
1118     * </p>
1119     *
1120     * @param badgedDrawable The drawable to badge.
1121     * @param user The target user.
1122     * @param badgeLocation Where in the bounds of the badged drawable to place
1123     *         the badge. If not provided, the badge is applied on top of the entire
1124     *         drawable being badged.
1125     * @param badgeDensity The optional desired density for the badge as per
1126     *         {@link android.util.DisplayMetrics#densityDpi}. If not provided,
1127     *         the density of the display is used.
1128     * @return A drawable that combines the original drawable and a badge as
1129     *         determined by the system.
1130     * @removed
1131     */
1132    public Drawable getBadgedDrawableForUser(Drawable badgedDrawable, UserHandle user,
1133            Rect badgeLocation, int badgeDensity) {
1134        return mContext.getPackageManager().getUserBadgedDrawableForDensity(badgedDrawable, user,
1135                badgeLocation, badgeDensity);
1136    }
1137
1138    /**
1139     * If the target user is a managed profile of the calling user or the caller
1140     * is itself a managed profile, then this returns a copy of the label with
1141     * badging for accessibility services like talkback. E.g. passing in "Email"
1142     * and it might return "Work Email" for Email in the work profile.
1143     *
1144     * @param label The label to change.
1145     * @param user The target user.
1146     * @return A label that combines the original label and a badge as
1147     *         determined by the system.
1148     * @removed
1149     */
1150    public CharSequence getBadgedLabelForUser(CharSequence label, UserHandle user) {
1151        return mContext.getPackageManager().getUserBadgedLabel(label, user);
1152    }
1153
1154    /**
1155     * Returns information for all users on this device. Requires
1156     * {@link android.Manifest.permission#MANAGE_USERS} permission.
1157     *
1158     * @param excludeDying specify if the list should exclude users being
1159     *            removed.
1160     * @return the list of users that were created.
1161     * @hide
1162     */
1163    public List<UserInfo> getUsers(boolean excludeDying) {
1164        try {
1165            return mService.getUsers(excludeDying);
1166        } catch (RemoteException re) {
1167            Log.w(TAG, "Could not get user list", re);
1168            return null;
1169        }
1170    }
1171
1172    /**
1173     * Removes a user and all associated data.
1174     * Requires {@link android.Manifest.permission#MANAGE_USERS} permission.
1175     * @param userHandle the integer handle of the user, where 0 is the primary user.
1176     * @hide
1177     */
1178    public boolean removeUser(int userHandle) {
1179        try {
1180            return mService.removeUser(userHandle);
1181        } catch (RemoteException re) {
1182            Log.w(TAG, "Could not remove user ", re);
1183            return false;
1184        }
1185    }
1186
1187    /**
1188     * Updates the user's name.
1189     * Requires {@link android.Manifest.permission#MANAGE_USERS} permission.
1190     *
1191     * @param userHandle the user's integer handle
1192     * @param name the new name for the user
1193     * @hide
1194     */
1195    public void setUserName(int userHandle, String name) {
1196        try {
1197            mService.setUserName(userHandle, name);
1198        } catch (RemoteException re) {
1199            Log.w(TAG, "Could not set the user name ", re);
1200        }
1201    }
1202
1203    /**
1204     * Sets the user's photo.
1205     * @param userHandle the user for whom to change the photo.
1206     * @param icon the bitmap to set as the photo.
1207     * @hide
1208     */
1209    public void setUserIcon(int userHandle, Bitmap icon) {
1210        try {
1211            mService.setUserIcon(userHandle, icon);
1212        } catch (RemoteException re) {
1213            Log.w(TAG, "Could not set the user icon ", re);
1214        }
1215    }
1216
1217    /**
1218     * Returns a file descriptor for the user's photo. PNG data can be read from this file.
1219     * @param userHandle the user whose photo we want to read.
1220     * @return a {@link Bitmap} of the user's photo, or null if there's no photo.
1221     * @see com.android.internal.util.UserIcons#getDefaultUserIcon for a default.
1222     * @hide
1223     */
1224    public Bitmap getUserIcon(int userHandle) {
1225        try {
1226            ParcelFileDescriptor fd = mService.getUserIcon(userHandle);
1227            if (fd != null) {
1228                try {
1229                    return BitmapFactory.decodeFileDescriptor(fd.getFileDescriptor());
1230                } finally {
1231                    try {
1232                        fd.close();
1233                    } catch (IOException e) {
1234                    }
1235                }
1236            }
1237        } catch (RemoteException re) {
1238            Log.w(TAG, "Could not get the user icon ", re);
1239        }
1240        return null;
1241    }
1242
1243    /**
1244     * Returns the maximum number of users that can be created on this device. A return value
1245     * of 1 means that it is a single user device.
1246     * @hide
1247     * @return a value greater than or equal to 1
1248     */
1249    public static int getMaxSupportedUsers() {
1250        // Don't allow multiple users on certain builds
1251        if (android.os.Build.ID.startsWith("JVP")) return 1;
1252        // Svelte devices don't get multi-user.
1253        if (ActivityManager.isLowRamDeviceStatic()) return 1;
1254        return SystemProperties.getInt("fw.max_users",
1255                Resources.getSystem().getInteger(R.integer.config_multiuserMaximumUsers));
1256    }
1257
1258    /**
1259     * Returns true if the user switcher should be shown, this will be if there
1260     * are multiple users that aren't managed profiles.
1261     * @hide
1262     * @return true if user switcher should be shown.
1263     */
1264    public boolean isUserSwitcherEnabled() {
1265        List<UserInfo> users = getUsers(true);
1266        if (users == null) {
1267           return false;
1268        }
1269        int switchableUserCount = 0;
1270        for (UserInfo user : users) {
1271            if (user.supportsSwitchTo()) {
1272                ++switchableUserCount;
1273            }
1274        }
1275        final boolean guestEnabled = Settings.Global.getInt(mContext.getContentResolver(),
1276                Settings.Global.GUEST_USER_ENABLED, 0) == 1;
1277        return switchableUserCount > 1 || guestEnabled;
1278    }
1279
1280    /**
1281     * Returns a serial number on this device for a given userHandle. User handles can be recycled
1282     * when deleting and creating users, but serial numbers are not reused until the device is wiped.
1283     * @param userHandle
1284     * @return a serial number associated with that user, or -1 if the userHandle is not valid.
1285     * @hide
1286     */
1287    public int getUserSerialNumber(int userHandle) {
1288        try {
1289            return mService.getUserSerialNumber(userHandle);
1290        } catch (RemoteException re) {
1291            Log.w(TAG, "Could not get serial number for user " + userHandle);
1292        }
1293        return -1;
1294    }
1295
1296    /**
1297     * Returns a userHandle on this device for a given user serial number. User handles can be
1298     * recycled when deleting and creating users, but serial numbers are not reused until the device
1299     * is wiped.
1300     * @param userSerialNumber
1301     * @return the userHandle associated with that user serial number, or -1 if the serial number
1302     * is not valid.
1303     * @hide
1304     */
1305    public int getUserHandle(int userSerialNumber) {
1306        try {
1307            return mService.getUserHandle(userSerialNumber);
1308        } catch (RemoteException re) {
1309            Log.w(TAG, "Could not get userHandle for user " + userSerialNumber);
1310        }
1311        return -1;
1312    }
1313
1314    /**
1315     * Returns a Bundle containing any saved application restrictions for this user, for the
1316     * given package name. Only an application with this package name can call this method.
1317     * @param packageName the package name of the calling application
1318     * @return a Bundle with the restrictions as key/value pairs, or null if there are no
1319     * saved restrictions. The values can be of type Boolean, String or String[], depending
1320     * on the restriction type, as defined by the application.
1321     */
1322    public Bundle getApplicationRestrictions(String packageName) {
1323        try {
1324            return mService.getApplicationRestrictions(packageName);
1325        } catch (RemoteException re) {
1326            Log.w(TAG, "Could not get application restrictions for package " + packageName);
1327        }
1328        return null;
1329    }
1330
1331    /**
1332     * @hide
1333     */
1334    public Bundle getApplicationRestrictions(String packageName, UserHandle user) {
1335        try {
1336            return mService.getApplicationRestrictionsForUser(packageName, user.getIdentifier());
1337        } catch (RemoteException re) {
1338            Log.w(TAG, "Could not get application restrictions for user " + user.getIdentifier());
1339        }
1340        return null;
1341    }
1342
1343    /**
1344     * @hide
1345     */
1346    public void setApplicationRestrictions(String packageName, Bundle restrictions,
1347            UserHandle user) {
1348        try {
1349            mService.setApplicationRestrictions(packageName, restrictions, user.getIdentifier());
1350        } catch (RemoteException re) {
1351            Log.w(TAG, "Could not set application restrictions for user " + user.getIdentifier());
1352        }
1353    }
1354
1355    /**
1356     * Sets a new challenge PIN for restrictions. This is only for use by pre-installed
1357     * apps and requires the MANAGE_USERS permission.
1358     * @param newPin the PIN to use for challenge dialogs.
1359     * @return Returns true if the challenge PIN was set successfully.
1360     * @deprecated The restrictions PIN functionality is no longer provided by the system.
1361     * This method is preserved for backwards compatibility reasons and always returns false.
1362     */
1363    public boolean setRestrictionsChallenge(String newPin) {
1364        return false;
1365    }
1366
1367    /** @hide */
1368    public void removeRestrictions() {
1369        try {
1370            mService.removeRestrictions();
1371        } catch (RemoteException re) {
1372            Log.w(TAG, "Could not change restrictions pin");
1373        }
1374    }
1375
1376    /**
1377     * @hide
1378     * Set restrictions that should apply to any future guest user that's created.
1379     */
1380    public void setDefaultGuestRestrictions(Bundle restrictions) {
1381        try {
1382            mService.setDefaultGuestRestrictions(restrictions);
1383        } catch (RemoteException re) {
1384            Log.w(TAG, "Could not set guest restrictions");
1385        }
1386    }
1387
1388    /**
1389     * @hide
1390     * Gets the default guest restrictions.
1391     */
1392    public Bundle getDefaultGuestRestrictions() {
1393        try {
1394            return mService.getDefaultGuestRestrictions();
1395        } catch (RemoteException re) {
1396            Log.w(TAG, "Could not set guest restrictions");
1397        }
1398        return new Bundle();
1399    }
1400
1401    /**
1402     * Returns creation time of the user or of a managed profile associated with the calling user.
1403     * @param userHandle user handle of the user or a managed profile associated with the
1404     *                   calling user.
1405     * @return creation time in milliseconds since Epoch time.
1406     */
1407    public long getUserCreationTime(UserHandle userHandle) {
1408        try {
1409            return mService.getUserCreationTime(userHandle.getIdentifier());
1410        } catch (RemoteException re) {
1411            Log.w(TAG, "Could not get user creation time", re);
1412            return 0;
1413        }
1414    }
1415}
1416