UserManager.java revision 6090995951c6e2e4dcf38102f01793f8a94166e1
1/* 2 * Copyright (C) 2012 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16package android.os; 17 18import android.app.ActivityManagerNative; 19import android.content.Context; 20import android.content.pm.UserInfo; 21import android.content.res.Resources; 22import android.graphics.Bitmap; 23import android.util.Log; 24 25import com.android.internal.R; 26 27import java.util.List; 28 29/** 30 * Manages users and user details on a multi-user system. 31 */ 32public class UserManager { 33 34 private static String TAG = "UserManager"; 35 private final IUserManager mService; 36 private final Context mContext; 37 38 /** 39 * Key for user restrictions. Specifies if a user is disallowed from adding and removing 40 * accounts. 41 * The default value is <code>false</code>. 42 * <p/> 43 * Type: Boolean 44 * @see #setUserRestrictions(Bundle) 45 * @see #getUserRestrictions() 46 */ 47 public static final String DISALLOW_MODIFY_ACCOUNTS = "no_modify_accounts"; 48 49 /** 50 * Key for user restrictions. Specifies if a user is disallowed from changing Wi-Fi 51 * access points. 52 * The default value is <code>false</code>. 53 * <p/> 54 * Type: Boolean 55 * @see #setUserRestrictions(Bundle) 56 * @see #getUserRestrictions() 57 */ 58 public static final String DISALLOW_CONFIG_WIFI = "no_config_wifi"; 59 60 /** 61 * Key for user restrictions. Specifies if a user is disallowed from installing applications. 62 * The default value is <code>false</code>. 63 * <p/> 64 * Type: Boolean 65 * @see #setUserRestrictions(Bundle) 66 * @see #getUserRestrictions() 67 */ 68 public static final String DISALLOW_INSTALL_APPS = "no_install_apps"; 69 70 /** 71 * Key for user restrictions. Specifies if a user is disallowed from uninstalling applications. 72 * The default value is <code>false</code>. 73 * <p/> 74 * Type: Boolean 75 * @see #setUserRestrictions(Bundle) 76 * @see #getUserRestrictions() 77 */ 78 public static final String DISALLOW_UNINSTALL_APPS = "no_uninstall_apps"; 79 80 /** 81 * Key for user restrictions. Specifies if a user is disallowed from toggling location sharing. 82 * The default value is <code>false</code>. 83 * <p/> 84 * Type: Boolean 85 * @see #setUserRestrictions(Bundle) 86 * @see #getUserRestrictions() 87 */ 88 89 public static final String DISALLOW_SHARE_LOCATION = "no_share_location"; 90 91 /** 92 * Key for user restrictions. Specifies if a user is disallowed from enabling the 93 * "Unknown Sources" setting, that allows installation of apps from unknown sources. 94 * The default value is <code>false</code>. 95 * <p/> 96 * Type: Boolean 97 * @see #setUserRestrictions(Bundle) 98 * @see #getUserRestrictions() 99 */ 100 public static final String DISALLOW_INSTALL_UNKNOWN_SOURCES = "no_install_unknown_sources"; 101 102 /** 103 * Key for user restrictions. Specifies if a user is disallowed from configuring bluetooth. 104 * The default value is <code>false</code>. 105 * <p/> 106 * Type: Boolean 107 * @see #setUserRestrictions(Bundle) 108 * @see #getUserRestrictions() 109 */ 110 public static final String DISALLOW_CONFIG_BLUETOOTH = "no_config_bluetooth"; 111 112 /** 113 * Key for user restrictions. Specifies if a user is disallowed from transferring files over 114 * USB. The default value is <code>false</code>. 115 * <p/> 116 * Type: Boolean 117 * @see #setUserRestrictions(Bundle) 118 * @see #getUserRestrictions() 119 */ 120 public static final String DISALLOW_USB_FILE_TRANSFER = "no_usb_file_transfer"; 121 122 /** 123 * Key for user restrictions. Specifies if a user is disallowed from configuring user 124 * credentials. The default value is <code>false</code>. 125 * <p/> 126 * Type: Boolean 127 * @see #setUserRestrictions(Bundle) 128 * @see #getUserRestrictions() 129 */ 130 public static final String DISALLOW_CONFIG_CREDENTIALS = "no_config_credentials"; 131 132 /** 133 * Key for user restrictions. Specifies if a user is disallowed from removing users. 134 * The default value is <code>false</code>. 135 * <p/> 136 * Type: Boolean 137 * @see #setUserRestrictions(Bundle) 138 * @see #getUserRestrictions() 139 */ 140 public static final String DISALLOW_REMOVE_USER = "no_remove_user"; 141 142 /** @hide */ 143 public static final int PIN_VERIFICATION_FAILED_INCORRECT = -3; 144 /** @hide */ 145 public static final int PIN_VERIFICATION_FAILED_NOT_SET = -2; 146 /** @hide */ 147 public static final int PIN_VERIFICATION_SUCCESS = -1; 148 149 private static UserManager sInstance = null; 150 151 /** @hide */ 152 public synchronized static UserManager get(Context context) { 153 if (sInstance == null) { 154 sInstance = (UserManager) context.getSystemService(Context.USER_SERVICE); 155 } 156 return sInstance; 157 } 158 159 /** @hide */ 160 public UserManager(Context context, IUserManager service) { 161 mService = service; 162 mContext = context; 163 } 164 165 /** 166 * Returns whether the system supports multiple users. 167 * @return true if multiple users can be created, false if it is a single user device. 168 * @hide 169 */ 170 public static boolean supportsMultipleUsers() { 171 return getMaxSupportedUsers() > 1; 172 } 173 174 /** 175 * Returns the user handle for the user that this application is running for. 176 * @return the user handle of the user making this call. 177 * @hide 178 */ 179 public int getUserHandle() { 180 return UserHandle.myUserId(); 181 } 182 183 /** 184 * Returns the user name of the user making this call. This call is only 185 * available to applications on the system image; it requires the 186 * MANAGE_USERS permission. 187 * @return the user name 188 */ 189 public String getUserName() { 190 try { 191 return mService.getUserInfo(getUserHandle()).name; 192 } catch (RemoteException re) { 193 Log.w(TAG, "Could not get user name", re); 194 return ""; 195 } 196 } 197 198 /** 199 * Used to determine whether the user making this call is subject to 200 * teleportations. 201 * @return whether the user making this call is a goat 202 */ 203 public boolean isUserAGoat() { 204 return false; 205 } 206 207 /** 208 * Used to check if the user making this call is linked to another user. Linked users may have 209 * a reduced number of available apps, app restrictions and account restrictions. 210 * @return whether the user making this call is a linked user 211 * @hide 212 */ 213 public boolean isLinkedUser() { 214 try { 215 return mService.isRestricted(); 216 } catch (RemoteException re) { 217 Log.w(TAG, "Could not check if user is limited ", re); 218 return false; 219 } 220 } 221 222 /** 223 * Return whether the given user is actively running. This means that 224 * the user is in the "started" state, not "stopped" -- it is currently 225 * allowed to run code through scheduled alarms, receiving broadcasts, 226 * etc. A started user may be either the current foreground user or a 227 * background user; the result here does not distinguish between the two. 228 * @param user The user to retrieve the running state for. 229 */ 230 public boolean isUserRunning(UserHandle user) { 231 try { 232 return ActivityManagerNative.getDefault().isUserRunning( 233 user.getIdentifier(), false); 234 } catch (RemoteException e) { 235 return false; 236 } 237 } 238 239 /** 240 * Return whether the given user is actively running <em>or</em> stopping. 241 * This is like {@link #isUserRunning(UserHandle)}, but will also return 242 * true if the user had been running but is in the process of being stopped 243 * (but is not yet fully stopped, and still running some code). 244 * @param user The user to retrieve the running state for. 245 */ 246 public boolean isUserRunningOrStopping(UserHandle user) { 247 try { 248 return ActivityManagerNative.getDefault().isUserRunning( 249 user.getIdentifier(), true); 250 } catch (RemoteException e) { 251 return false; 252 } 253 } 254 255 /** 256 * Returns the UserInfo object describing a specific user. 257 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 258 * @param userHandle the user handle of the user whose information is being requested. 259 * @return the UserInfo object for a specific user. 260 * @hide 261 */ 262 public UserInfo getUserInfo(int userHandle) { 263 try { 264 return mService.getUserInfo(userHandle); 265 } catch (RemoteException re) { 266 Log.w(TAG, "Could not get user info", re); 267 return null; 268 } 269 } 270 271 /** 272 * Returns the user-wide restrictions imposed on this user. 273 * @return a Bundle containing all the restrictions. 274 */ 275 public Bundle getUserRestrictions() { 276 return getUserRestrictions(Process.myUserHandle()); 277 } 278 279 /** 280 * Returns the user-wide restrictions imposed on the user specified by <code>userHandle</code>. 281 * @param userHandle the UserHandle of the user for whom to retrieve the restrictions. 282 * @return a Bundle containing all the restrictions. 283 */ 284 public Bundle getUserRestrictions(UserHandle userHandle) { 285 try { 286 return mService.getUserRestrictions(userHandle.getIdentifier()); 287 } catch (RemoteException re) { 288 Log.w(TAG, "Could not get user restrictions", re); 289 return Bundle.EMPTY; 290 } 291 } 292 293 /** 294 * Sets all the user-wide restrictions for this user. 295 * Requires the MANAGE_USERS permission. 296 * @param restrictions the Bundle containing all the restrictions. 297 */ 298 public void setUserRestrictions(Bundle restrictions) { 299 setUserRestrictions(restrictions, Process.myUserHandle()); 300 } 301 302 /** 303 * Sets all the user-wide restrictions for the specified user. 304 * Requires the MANAGE_USERS permission. 305 * @param restrictions the Bundle containing all the restrictions. 306 * @param userHandle the UserHandle of the user for whom to set the restrictions. 307 */ 308 public void setUserRestrictions(Bundle restrictions, UserHandle userHandle) { 309 try { 310 mService.setUserRestrictions(restrictions, userHandle.getIdentifier()); 311 } catch (RemoteException re) { 312 Log.w(TAG, "Could not set user restrictions", re); 313 } 314 } 315 316 /** 317 * Sets the value of a specific restriction. 318 * Requires the MANAGE_USERS permission. 319 * @param key the key of the restriction 320 * @param value the value for the restriction 321 */ 322 public void setUserRestriction(String key, boolean value) { 323 Bundle bundle = getUserRestrictions(); 324 bundle.putBoolean(key, value); 325 setUserRestrictions(bundle); 326 } 327 328 /** 329 * @hide 330 * Sets the value of a specific restriction on a specific user. 331 * Requires the {@link android.Manifest.permission#MANAGE_USERS} permission. 332 * @param key the key of the restriction 333 * @param value the value for the restriction 334 * @param userHandle the user whose restriction is to be changed. 335 */ 336 public void setUserRestriction(String key, boolean value, UserHandle userHandle) { 337 Bundle bundle = getUserRestrictions(userHandle); 338 bundle.putBoolean(key, value); 339 setUserRestrictions(bundle, userHandle); 340 } 341 342 /** 343 * @hide 344 * Returns whether the current user has been disallowed from performing certain actions 345 * or setting certain settings. 346 * @param restrictionKey the string key representing the restriction 347 */ 348 public boolean hasUserRestriction(String restrictionKey) { 349 return hasUserRestriction(restrictionKey, Process.myUserHandle()); 350 } 351 352 /** 353 * @hide 354 * Returns whether the given user has been disallowed from performing certain actions 355 * or setting certain settings. 356 * @param restrictionKey the string key representing the restriction 357 * @param userHandle the UserHandle of the user for whom to retrieve the restrictions. 358 */ 359 public boolean hasUserRestriction(String restrictionKey, UserHandle userHandle) { 360 return getUserRestrictions(userHandle).getBoolean(restrictionKey, false); 361 } 362 363 /** 364 * Return the serial number for a user. This is a device-unique 365 * number assigned to that user; if the user is deleted and then a new 366 * user created, the new users will not be given the same serial number. 367 * @param user The user whose serial number is to be retrieved. 368 * @return The serial number of the given user; returns -1 if the 369 * given UserHandle does not exist. 370 * @see #getUserForSerialNumber(long) 371 */ 372 public long getSerialNumberForUser(UserHandle user) { 373 return getUserSerialNumber(user.getIdentifier()); 374 } 375 376 /** 377 * Return the user associated with a serial number previously 378 * returned by {@link #getSerialNumberForUser(UserHandle)}. 379 * @param serialNumber The serial number of the user that is being 380 * retrieved. 381 * @return Return the user associated with the serial number, or null 382 * if there is not one. 383 * @see #getSerialNumberForUser(UserHandle) 384 */ 385 public UserHandle getUserForSerialNumber(long serialNumber) { 386 int ident = getUserHandle((int)serialNumber); 387 return ident >= 0 ? new UserHandle(ident) : null; 388 } 389 390 /** 391 * Creates a user with the specified name and options. 392 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 393 * 394 * @param name the user's name 395 * @param flags flags that identify the type of user and other properties. 396 * @see UserInfo 397 * 398 * @return the UserInfo object for the created user, or null if the user could not be created. 399 * @hide 400 */ 401 public UserInfo createUser(String name, int flags) { 402 try { 403 return mService.createUser(name, flags); 404 } catch (RemoteException re) { 405 Log.w(TAG, "Could not create a user", re); 406 return null; 407 } 408 } 409 410 /** 411 * Return the number of users currently created on the device. 412 */ 413 public int getUserCount() { 414 List<UserInfo> users = getUsers(); 415 return users != null ? users.size() : 1; 416 } 417 418 /** 419 * Returns information for all users on this device. 420 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 421 * @return the list of users that were created. 422 * @hide 423 */ 424 public List<UserInfo> getUsers() { 425 try { 426 return mService.getUsers(false); 427 } catch (RemoteException re) { 428 Log.w(TAG, "Could not get user list", re); 429 return null; 430 } 431 } 432 433 /** 434 * Returns information for all users on this device. 435 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 436 * @param excludeDying specify if the list should exclude users being removed. 437 * @return the list of users that were created. 438 * @hide 439 */ 440 public List<UserInfo> getUsers(boolean excludeDying) { 441 try { 442 return mService.getUsers(excludeDying); 443 } catch (RemoteException re) { 444 Log.w(TAG, "Could not get user list", re); 445 return null; 446 } 447 } 448 449 /** 450 * Removes a user and all associated data. 451 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 452 * @param userHandle the integer handle of the user, where 0 is the primary user. 453 * @hide 454 */ 455 public boolean removeUser(int userHandle) { 456 try { 457 return mService.removeUser(userHandle); 458 } catch (RemoteException re) { 459 Log.w(TAG, "Could not remove user ", re); 460 return false; 461 } 462 } 463 464 /** 465 * Updates the user's name. 466 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 467 * 468 * @param userHandle the user's integer handle 469 * @param name the new name for the user 470 * @hide 471 */ 472 public void setUserName(int userHandle, String name) { 473 try { 474 mService.setUserName(userHandle, name); 475 } catch (RemoteException re) { 476 Log.w(TAG, "Could not set the user name ", re); 477 } 478 } 479 480 /** 481 * Sets the user's photo. 482 * @param userHandle the user for whom to change the photo. 483 * @param icon the bitmap to set as the photo. 484 * @hide 485 */ 486 public void setUserIcon(int userHandle, Bitmap icon) { 487 try { 488 mService.setUserIcon(userHandle, icon); 489 } catch (RemoteException re) { 490 Log.w(TAG, "Could not set the user icon ", re); 491 } 492 } 493 494 /** 495 * Returns a file descriptor for the user's photo. PNG data can be read from this file. 496 * @param userHandle the user whose photo we want to read. 497 * @return a {@link Bitmap} of the user's photo, or null if there's no photo. 498 * @hide 499 */ 500 public Bitmap getUserIcon(int userHandle) { 501 try { 502 return mService.getUserIcon(userHandle); 503 } catch (RemoteException re) { 504 Log.w(TAG, "Could not get the user icon ", re); 505 return null; 506 } 507 } 508 509 /** 510 * Enable or disable the use of a guest account. If disabled, the existing guest account 511 * will be wiped. 512 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 513 * @param enable whether to enable a guest account. 514 * @hide 515 */ 516 public void setGuestEnabled(boolean enable) { 517 try { 518 mService.setGuestEnabled(enable); 519 } catch (RemoteException re) { 520 Log.w(TAG, "Could not change guest account availability to " + enable); 521 } 522 } 523 524 /** 525 * Checks if a guest user is enabled for this device. 526 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 527 * @return whether a guest user is enabled 528 * @hide 529 */ 530 public boolean isGuestEnabled() { 531 try { 532 return mService.isGuestEnabled(); 533 } catch (RemoteException re) { 534 Log.w(TAG, "Could not retrieve guest enabled state"); 535 return false; 536 } 537 } 538 539 /** 540 * Wipes all the data for a user, but doesn't remove the user. 541 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 542 * @param userHandle 543 * @hide 544 */ 545 public void wipeUser(int userHandle) { 546 try { 547 mService.wipeUser(userHandle); 548 } catch (RemoteException re) { 549 Log.w(TAG, "Could not wipe user " + userHandle); 550 } 551 } 552 553 /** 554 * Returns the maximum number of users that can be created on this device. A return value 555 * of 1 means that it is a single user device. 556 * @hide 557 * @return a value greater than or equal to 1 558 */ 559 public static int getMaxSupportedUsers() { 560 // Don't allow multiple users on certain builds 561 if (android.os.Build.ID.startsWith("JVP")) return 1; 562 return SystemProperties.getInt("fw.max_users", 563 Resources.getSystem().getInteger(R.integer.config_multiuserMaximumUsers)); 564 } 565 566 /** 567 * Returns a serial number on this device for a given userHandle. User handles can be recycled 568 * when deleting and creating users, but serial numbers are not reused until the device is wiped. 569 * @param userHandle 570 * @return a serial number associated with that user, or -1 if the userHandle is not valid. 571 * @hide 572 */ 573 public int getUserSerialNumber(int userHandle) { 574 try { 575 return mService.getUserSerialNumber(userHandle); 576 } catch (RemoteException re) { 577 Log.w(TAG, "Could not get serial number for user " + userHandle); 578 } 579 return -1; 580 } 581 582 /** 583 * Returns a userHandle on this device for a given user serial number. User handles can be 584 * recycled when deleting and creating users, but serial numbers are not reused until the device 585 * is wiped. 586 * @param userSerialNumber 587 * @return the userHandle associated with that user serial number, or -1 if the serial number 588 * is not valid. 589 * @hide 590 */ 591 public int getUserHandle(int userSerialNumber) { 592 try { 593 return mService.getUserHandle(userSerialNumber); 594 } catch (RemoteException re) { 595 Log.w(TAG, "Could not get userHandle for user " + userSerialNumber); 596 } 597 return -1; 598 } 599 600 /** 601 * Returns a Bundle containing any saved application restrictions for this user, for the 602 * given package name. Only an application with this package name can call this method. 603 * @param packageName the package name of the calling application 604 * @return a Bundle with the restrictions as key/value pairs, or null if there are no 605 * saved restrictions. The values can be of type Boolean, String or String[], depending 606 * on the restriction type, as defined by the application. 607 */ 608 public Bundle getApplicationRestrictions(String packageName) { 609 try { 610 return mService.getApplicationRestrictions(packageName); 611 } catch (RemoteException re) { 612 Log.w(TAG, "Could not get application restrictions for package " + packageName); 613 } 614 return null; 615 } 616 617 /** 618 * @hide 619 */ 620 public Bundle getApplicationRestrictions(String packageName, UserHandle user) { 621 try { 622 return mService.getApplicationRestrictionsForUser(packageName, user.getIdentifier()); 623 } catch (RemoteException re) { 624 Log.w(TAG, "Could not get application restrictions for user " + user.getIdentifier()); 625 } 626 return null; 627 } 628 629 /** 630 * @hide 631 */ 632 public void setApplicationRestrictions(String packageName, Bundle restrictions, 633 UserHandle user) { 634 try { 635 mService.setApplicationRestrictions(packageName, restrictions, user.getIdentifier()); 636 } catch (RemoteException re) { 637 Log.w(TAG, "Could not set application restrictions for user " + user.getIdentifier()); 638 } 639 } 640 641 /** 642 * Sets a new challenge PIN for restrictions. This is only for use by pre-installed 643 * apps and requires the MANAGE_USERS permission. 644 * @param newPin the PIN to use for challenge dialogs. 645 * @return Returns true if the challenge PIN was set successfully. 646 */ 647 public boolean setRestrictionsChallenge(String newPin) { 648 try { 649 return mService.setRestrictionsChallenge(newPin); 650 } catch (RemoteException re) { 651 Log.w(TAG, "Could not change restrictions pin"); 652 } 653 return false; 654 } 655 656 /** 657 * @hide 658 * @param pin The PIN to verify, or null to get the number of milliseconds to wait for before 659 * allowing the user to enter the PIN. 660 * @return Returns a positive number (including zero) for how many milliseconds before 661 * you can accept another PIN, when the input is null or the input doesn't match the saved PIN. 662 * Returns {@link #PIN_VERIFICATION_SUCCESS} if the input matches the saved PIN. Returns 663 * {@link #PIN_VERIFICATION_FAILED_NOT_SET} if there is no PIN set. 664 */ 665 public int checkRestrictionsChallenge(String pin) { 666 try { 667 return mService.checkRestrictionsChallenge(pin); 668 } catch (RemoteException re) { 669 Log.w(TAG, "Could not check restrictions pin"); 670 } 671 return PIN_VERIFICATION_FAILED_INCORRECT; 672 } 673 674 /** 675 * @hide 676 * Checks whether the user has restrictions that are PIN-protected. An application that 677 * participates in restrictions can check if the owner has requested a PIN challenge for 678 * any restricted operations. If there is a PIN in effect, the application should launch 679 * the PIN challenge activity {@link android.content.Intent#ACTION_RESTRICTIONS_CHALLENGE}. 680 * @see android.content.Intent#ACTION_RESTRICTIONS_CHALLENGE 681 * @return whether a restrictions PIN is in effect. 682 */ 683 public boolean hasRestrictionsChallenge() { 684 try { 685 return mService.hasRestrictionsChallenge(); 686 } catch (RemoteException re) { 687 Log.w(TAG, "Could not change restrictions pin"); 688 } 689 return false; 690 } 691 692 /** @hide */ 693 public void removeRestrictions() { 694 try { 695 mService.removeRestrictions(); 696 } catch (RemoteException re) { 697 Log.w(TAG, "Could not change restrictions pin"); 698 } 699 } 700} 701