UserManager.java revision 1df1473008c24487701c5bc15f39ed9f9697f421
1/* 2 * Copyright (C) 2012 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16package android.os; 17 18import android.app.ActivityManager; 19import android.app.ActivityManagerNative; 20import android.content.Context; 21import android.content.pm.UserInfo; 22import android.content.res.Resources; 23import android.graphics.Bitmap; 24import android.graphics.Canvas; 25import android.graphics.Bitmap.Config; 26import android.graphics.Rect; 27import android.graphics.drawable.BitmapDrawable; 28import android.graphics.drawable.Drawable; 29import android.provider.Settings; 30import android.util.Log; 31import android.view.WindowManager.LayoutParams; 32 33import com.android.internal.R; 34 35import java.util.ArrayList; 36import java.util.List; 37 38/** 39 * Manages users and user details on a multi-user system. 40 */ 41public class UserManager { 42 43 private static String TAG = "UserManager"; 44 private final IUserManager mService; 45 private final Context mContext; 46 47 /** 48 * Key for user restrictions. Specifies if a user is disallowed from adding and removing 49 * accounts. 50 * The default value is <code>false</code>. 51 * <p/> 52 * Type: Boolean 53 * @see #setUserRestrictions(Bundle) 54 * @see #getUserRestrictions() 55 */ 56 public static final String DISALLOW_MODIFY_ACCOUNTS = "no_modify_accounts"; 57 58 /** 59 * Key for user restrictions. Specifies if a user is disallowed from changing Wi-Fi 60 * access points. The default value is <code>false</code>. 61 * <p/> 62 * Type: Boolean 63 * @see #setUserRestrictions(Bundle) 64 * @see #getUserRestrictions() 65 */ 66 public static final String DISALLOW_CONFIG_WIFI = "no_config_wifi"; 67 68 /** 69 * Key for user restrictions. Specifies if a user is disallowed from installing applications. 70 * The default value is <code>false</code>. 71 * <p/> 72 * Type: Boolean 73 * @see #setUserRestrictions(Bundle) 74 * @see #getUserRestrictions() 75 */ 76 public static final String DISALLOW_INSTALL_APPS = "no_install_apps"; 77 78 /** 79 * Key for user restrictions. Specifies if a user is disallowed from uninstalling applications. 80 * The default value is <code>false</code>. 81 * <p/> 82 * Type: Boolean 83 * @see #setUserRestrictions(Bundle) 84 * @see #getUserRestrictions() 85 */ 86 public static final String DISALLOW_UNINSTALL_APPS = "no_uninstall_apps"; 87 88 /** 89 * Key for user restrictions. Specifies if a user is disallowed from toggling location sharing. 90 * The default value is <code>false</code>. 91 * <p/> 92 * Type: Boolean 93 * @see #setUserRestrictions(Bundle) 94 * @see #getUserRestrictions() 95 */ 96 public static final String DISALLOW_SHARE_LOCATION = "no_share_location"; 97 98 /** 99 * Key for user restrictions. Specifies if a user is disallowed from enabling the 100 * "Unknown Sources" setting, that allows installation of apps from unknown sources. 101 * The default value is <code>false</code>. 102 * <p/> 103 * Type: Boolean 104 * @see #setUserRestrictions(Bundle) 105 * @see #getUserRestrictions() 106 */ 107 public static final String DISALLOW_INSTALL_UNKNOWN_SOURCES = "no_install_unknown_sources"; 108 109 /** 110 * Key for user restrictions. Specifies if a user is disallowed from configuring bluetooth. 111 * The default value is <code>false</code>. 112 * <p/> 113 * Type: Boolean 114 * @see #setUserRestrictions(Bundle) 115 * @see #getUserRestrictions() 116 */ 117 public static final String DISALLOW_CONFIG_BLUETOOTH = "no_config_bluetooth"; 118 119 /** 120 * Key for user restrictions. Specifies if a user is disallowed from transferring files over 121 * USB. This can only be set by device owners. The default value is <code>false</code>. 122 * <p/> 123 * Type: Boolean 124 * @see #setUserRestrictions(Bundle) 125 * @see #getUserRestrictions() 126 */ 127 public static final String DISALLOW_USB_FILE_TRANSFER = "no_usb_file_transfer"; 128 129 /** 130 * Key for user restrictions. Specifies if a user is disallowed from configuring user 131 * credentials. The default value is <code>false</code>. 132 * <p/> 133 * Type: Boolean 134 * @see #setUserRestrictions(Bundle) 135 * @see #getUserRestrictions() 136 */ 137 public static final String DISALLOW_CONFIG_CREDENTIALS = "no_config_credentials"; 138 139 /** 140 * Key for user restrictions. Specifies if a user is disallowed from removing itself and other 141 * users. The default value is <code>false</code>. 142 * <p/> 143 * Type: Boolean 144 * @see #setUserRestrictions(Bundle) 145 * @see #getUserRestrictions() 146 */ 147 public static final String DISALLOW_REMOVE_USER = "no_remove_user"; 148 149 /** 150 * Key for user restrictions. Specifies if a user is disallowed from enabling or 151 * accessing debugging features. The default value is <code>false</code>. 152 * <p/> 153 * Type: Boolean 154 * @see #setUserRestrictions(Bundle) 155 * @see #getUserRestrictions() 156 */ 157 public static final String DISALLOW_DEBUGGING_FEATURES = "no_debugging_features"; 158 159 /** 160 * Key for user restrictions. Specifies if a user is disallowed from configuring VPN. 161 * The default value is <code>false</code>. 162 * <p/> 163 * Type: Boolean 164 * @see #setUserRestrictions(Bundle) 165 * @see #getUserRestrictions() 166 */ 167 public static final String DISALLOW_CONFIG_VPN = "no_config_vpn"; 168 169 /** 170 * Key for user restrictions. Specifies if a user is disallowed from configuring Tethering 171 * & portable hotspots. This can only be set by device owners. The default value is 172 * <code>false</code>. 173 * <p/> 174 * Type: Boolean 175 * @see #setUserRestrictions(Bundle) 176 * @see #getUserRestrictions() 177 */ 178 public static final String DISALLOW_CONFIG_TETHERING = "no_config_tethering"; 179 180 /** 181 * Key for user restrictions. Specifies if a user is disallowed from factory resetting 182 * from Settings. This can only be set by device owners. The default value is 183 * <code>false</code>. 184 * <p> 185 * @see #setUserRestrictions(Bundle) 186 * @see #getUserRestrictions() 187 */ 188 public static final String DISALLOW_FACTORY_RESET = "no_factory_reset"; 189 190 /** 191 * Key for user restrictions. Specifies if a user is disallowed from adding new users and 192 * profiles. This can only be set by device owners. The default value is <code>false</code>. 193 * <p> 194 * Type: Boolean 195 * @see #setUserRestrictions(Bundle) 196 * @see #getUserRestrictions() 197 */ 198 public static final String DISALLOW_ADD_USER = "no_add_user"; 199 200 /** 201 * Key for user restrictions. Specifies if a user is disallowed from disabling application 202 * verification. The default value is <code>false</code>. 203 * <p> 204 * Type: Boolean 205 * @see #setUserRestrictions(Bundle) 206 * @see #getUserRestrictions() 207 */ 208 public static final String ENSURE_VERIFY_APPS = "ensure_verify_apps"; 209 210 /** 211 * Key for user restrictions. Specifies if a user is disallowed from configuring cell 212 * broadcasts. This can only be set by device owners. The default value is <code>false</code>. 213 * <p> 214 * Type: Boolean 215 * @see #setUserRestrictions(Bundle) 216 * @see #getUserRestrictions() 217 */ 218 public static final String DISALLOW_CONFIG_CELL_BROADCASTS = "no_config_cell_broadcasts"; 219 220 /** 221 * Key for user restrictions. Specifies if a user is disallowed from configuring mobile 222 * networks. This can only be set by device owners. The default value is <code>false</code>. 223 * <p> 224 * Type: Boolean 225 * @see #setUserRestrictions(Bundle) 226 * @see #getUserRestrictions() 227 */ 228 public static final String DISALLOW_CONFIG_MOBILE_NETWORKS = "no_config_mobile_networks"; 229 230 /** 231 * Key for user restrictions. Specifies if a user is disallowed from modifying 232 * applications in Settings or launchers. The following actions will not be allowed when this 233 * restriction is enabled: 234 * <li>uninstalling apps</li> 235 * <li>disabling apps</li> 236 * <li>clearing app caches</li> 237 * <li>clearing app data</li> 238 * <li>force stopping apps</li> 239 * <li>clearing app defaults</li> 240 * <p> 241 * The default value is <code>false</code>. 242 * <p> 243 * Type: Boolean 244 * @see #setUserRestrictions(Bundle) 245 * @see #getUserRestrictions() 246 */ 247 public static final String DISALLOW_APPS_CONTROL = "no_control_apps"; 248 249 /** 250 * Key for user restrictions. Specifies if a user is disallowed from mounting 251 * physical external media. This can only be set by device owners. The default value is 252 * <code>false</code>. 253 * <p/> 254 * Type: Boolean 255 * @see #setUserRestrictions(Bundle) 256 * @see #getUserRestrictions() 257 */ 258 public static final String DISALLOW_MOUNT_PHYSICAL_MEDIA = "no_physical_media"; 259 260 /** 261 * Key for user restrictions. Specifies if a user is disallowed from adjusting microphone 262 * volume. If set, the microphone will be muted. This can only be set by device owners. 263 * The default value is <code>false</code>. 264 * <p/> 265 * Type: Boolean 266 * @see #setUserRestrictions(Bundle) 267 * @see #getUserRestrictions() 268 */ 269 public static final String DISALLOW_UNMUTE_MICROPHONE = "no_unmute_microphone"; 270 271 /** 272 * Key for user restrictions. Specifies if a user is disallowed from adjusting the master 273 * volume. If set, the master volume will be muted. This can only be set by device owners. 274 * The default value is <code>false</code>. 275 * <p/> 276 * Type: Boolean 277 * @see #setUserRestrictions(Bundle) 278 * @see #getUserRestrictions() 279 */ 280 public static final String DISALLOW_ADJUST_VOLUME = "no_adjust_volume"; 281 282 /** 283 * Key for user restrictions. Specifies that the user is not allowed to make outgoing 284 * phone calls. Emergency calls are still permitted. 285 * The default value is <code>false</code>. 286 * <p/> 287 * Type: Boolean 288 * @see #setUserRestrictions(Bundle) 289 * @see #getUserRestrictions() 290 */ 291 public static final String DISALLOW_OUTGOING_CALLS = "no_outgoing_calls"; 292 293 /** 294 * Key for user restrictions. Specifies that the user is not allowed to send or receive 295 * SMS messages. This can only be set by device owners. The default value is <code>false</code>. 296 * <p/> 297 * Type: Boolean 298 * @see #setUserRestrictions(Bundle) 299 * @see #getUserRestrictions() 300 */ 301 public static final String DISALLOW_SMS = "no_sms"; 302 303 /** 304 * Key for user restrictions. Specifies that windows besides app windows should not be 305 * created. This will block the creation of the following types of windows. 306 * <li>{@link LayoutParams#TYPE_TOAST}</li> 307 * <li>{@link LayoutParams#TYPE_PHONE}</li> 308 * <li>{@link LayoutParams#TYPE_PRIORITY_PHONE}</li> 309 * <li>{@link LayoutParams#TYPE_SYSTEM_ALERT}</li> 310 * <li>{@link LayoutParams#TYPE_SYSTEM_ERROR}</li> 311 * <li>{@link LayoutParams#TYPE_SYSTEM_OVERLAY}</li> 312 * 313 * <p>This can only be set by device owners. The default value is <code>false</code>. 314 * <p/> 315 * Type: Boolean 316 * @see #setUserRestrictions(Bundle) 317 * @see #getUserRestrictions() 318 */ 319 public static final String DISALLOW_CREATE_WINDOWS = "no_create_windows"; 320 321 /** 322 * Key for user restrictions. Specifies if what is copied in the clipboard of this profile can 323 * be pasted in related profiles. Does not restrict if the clipboard of related profiles can be 324 * pasted in this profile. 325 * The default value is <code>false</code>. 326 * <p/> 327 * Type: Boolean 328 * @see #setUserRestrictions(Bundle) 329 * @see #getUserRestrictions() 330 */ 331 public static final String DISALLOW_CROSS_PROFILE_COPY_PASTE = "no_cross_profile_copy_paste"; 332 333 /** @hide */ 334 public static final int PIN_VERIFICATION_FAILED_INCORRECT = -3; 335 /** @hide */ 336 public static final int PIN_VERIFICATION_FAILED_NOT_SET = -2; 337 /** @hide */ 338 public static final int PIN_VERIFICATION_SUCCESS = -1; 339 340 private static UserManager sInstance = null; 341 342 /** @hide */ 343 public synchronized static UserManager get(Context context) { 344 if (sInstance == null) { 345 sInstance = (UserManager) context.getSystemService(Context.USER_SERVICE); 346 } 347 return sInstance; 348 } 349 350 /** @hide */ 351 public UserManager(Context context, IUserManager service) { 352 mService = service; 353 mContext = context; 354 } 355 356 /** 357 * Returns whether the system supports multiple users. 358 * @return true if multiple users can be created by user, false if it is a single user device. 359 * @hide 360 */ 361 public static boolean supportsMultipleUsers() { 362 return getMaxSupportedUsers() > 1 363 && SystemProperties.getBoolean("fw.show_multiuserui", 364 Resources.getSystem().getBoolean(R.bool.config_enableMultiUserUI)); 365 } 366 367 /** 368 * Returns the user handle for the user that the calling process is running on. 369 * 370 * @return the user handle of the user making this call. 371 * @hide 372 */ 373 public int getUserHandle() { 374 return UserHandle.myUserId(); 375 } 376 377 /** 378 * Returns the user name of the user making this call. This call is only 379 * available to applications on the system image; it requires the 380 * MANAGE_USERS permission. 381 * @return the user name 382 */ 383 public String getUserName() { 384 try { 385 return mService.getUserInfo(getUserHandle()).name; 386 } catch (RemoteException re) { 387 Log.w(TAG, "Could not get user name", re); 388 return ""; 389 } 390 } 391 392 /** 393 * Used to determine whether the user making this call is subject to 394 * teleportations. 395 * @return whether the user making this call is a goat 396 */ 397 public boolean isUserAGoat() { 398 return false; 399 } 400 401 /** 402 * Used to check if the user making this call is linked to another user. Linked users may have 403 * a reduced number of available apps, app restrictions and account restrictions. 404 * @return whether the user making this call is a linked user 405 * @hide 406 */ 407 public boolean isLinkedUser() { 408 try { 409 return mService.isRestricted(); 410 } catch (RemoteException re) { 411 Log.w(TAG, "Could not check if user is limited ", re); 412 return false; 413 } 414 } 415 416 /** 417 * Checks if the calling app is running as a guest user. 418 * @return whether the caller is a guest user. 419 * @hide 420 */ 421 public boolean isGuestUser() { 422 UserInfo user = getUserInfo(UserHandle.myUserId()); 423 return user != null ? user.isGuest() : false; 424 } 425 426 /** 427 * Return whether the given user is actively running. This means that 428 * the user is in the "started" state, not "stopped" -- it is currently 429 * allowed to run code through scheduled alarms, receiving broadcasts, 430 * etc. A started user may be either the current foreground user or a 431 * background user; the result here does not distinguish between the two. 432 * @param user The user to retrieve the running state for. 433 */ 434 public boolean isUserRunning(UserHandle user) { 435 try { 436 return ActivityManagerNative.getDefault().isUserRunning( 437 user.getIdentifier(), false); 438 } catch (RemoteException e) { 439 return false; 440 } 441 } 442 443 /** 444 * Return whether the given user is actively running <em>or</em> stopping. 445 * This is like {@link #isUserRunning(UserHandle)}, but will also return 446 * true if the user had been running but is in the process of being stopped 447 * (but is not yet fully stopped, and still running some code). 448 * @param user The user to retrieve the running state for. 449 */ 450 public boolean isUserRunningOrStopping(UserHandle user) { 451 try { 452 return ActivityManagerNative.getDefault().isUserRunning( 453 user.getIdentifier(), true); 454 } catch (RemoteException e) { 455 return false; 456 } 457 } 458 459 /** 460 * Returns the UserInfo object describing a specific user. 461 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 462 * @param userHandle the user handle of the user whose information is being requested. 463 * @return the UserInfo object for a specific user. 464 * @hide 465 */ 466 public UserInfo getUserInfo(int userHandle) { 467 try { 468 return mService.getUserInfo(userHandle); 469 } catch (RemoteException re) { 470 Log.w(TAG, "Could not get user info", re); 471 return null; 472 } 473 } 474 475 /** 476 * Returns the user-wide restrictions imposed on this user. 477 * @return a Bundle containing all the restrictions. 478 */ 479 public Bundle getUserRestrictions() { 480 return getUserRestrictions(Process.myUserHandle()); 481 } 482 483 /** 484 * Returns the user-wide restrictions imposed on the user specified by <code>userHandle</code>. 485 * @param userHandle the UserHandle of the user for whom to retrieve the restrictions. 486 * @return a Bundle containing all the restrictions. 487 */ 488 public Bundle getUserRestrictions(UserHandle userHandle) { 489 try { 490 return mService.getUserRestrictions(userHandle.getIdentifier()); 491 } catch (RemoteException re) { 492 Log.w(TAG, "Could not get user restrictions", re); 493 return Bundle.EMPTY; 494 } 495 } 496 497 /** 498 * Sets all the user-wide restrictions for this user. 499 * Requires the MANAGE_USERS permission. 500 * @param restrictions the Bundle containing all the restrictions. 501 * @deprecated use {@link android.app.admin.DevicePolicyManager#addUserRestriction( 502 * android.content.ComponentName, String)} or 503 * {@link android.app.admin.DevicePolicyManager#clearUserRestriction( 504 * android.content.ComponentName, String)} instead. 505 */ 506 @Deprecated 507 public void setUserRestrictions(Bundle restrictions) { 508 setUserRestrictions(restrictions, Process.myUserHandle()); 509 } 510 511 /** 512 * Sets all the user-wide restrictions for the specified user. 513 * Requires the MANAGE_USERS permission. 514 * @param restrictions the Bundle containing all the restrictions. 515 * @param userHandle the UserHandle of the user for whom to set the restrictions. 516 * @deprecated use {@link android.app.admin.DevicePolicyManager#addUserRestriction( 517 * android.content.ComponentName, String)} or 518 * {@link android.app.admin.DevicePolicyManager#clearUserRestriction( 519 * android.content.ComponentName, String)} instead. 520 */ 521 @Deprecated 522 public void setUserRestrictions(Bundle restrictions, UserHandle userHandle) { 523 try { 524 mService.setUserRestrictions(restrictions, userHandle.getIdentifier()); 525 } catch (RemoteException re) { 526 Log.w(TAG, "Could not set user restrictions", re); 527 } 528 } 529 530 /** 531 * Sets the value of a specific restriction. 532 * Requires the MANAGE_USERS permission. 533 * @param key the key of the restriction 534 * @param value the value for the restriction 535 * @deprecated use {@link android.app.admin.DevicePolicyManager#addUserRestriction( 536 * android.content.ComponentName, String)} or 537 * {@link android.app.admin.DevicePolicyManager#clearUserRestriction( 538 * android.content.ComponentName, String)} instead. 539 */ 540 @Deprecated 541 public void setUserRestriction(String key, boolean value) { 542 Bundle bundle = getUserRestrictions(); 543 bundle.putBoolean(key, value); 544 setUserRestrictions(bundle); 545 } 546 547 /** 548 * @hide 549 * Sets the value of a specific restriction on a specific user. 550 * Requires the MANAGE_USERS permission. 551 * @param key the key of the restriction 552 * @param value the value for the restriction 553 * @param userHandle the user whose restriction is to be changed. 554 * @deprecated use {@link android.app.admin.DevicePolicyManager#addUserRestriction( 555 * android.content.ComponentName, String)} or 556 * {@link android.app.admin.DevicePolicyManager#clearUserRestriction( 557 * android.content.ComponentName, String)} instead. 558 */ 559 @Deprecated 560 public void setUserRestriction(String key, boolean value, UserHandle userHandle) { 561 Bundle bundle = getUserRestrictions(userHandle); 562 bundle.putBoolean(key, value); 563 setUserRestrictions(bundle, userHandle); 564 } 565 566 /** 567 * Returns whether the current user has been disallowed from performing certain actions 568 * or setting certain settings. 569 * 570 * @param restrictionKey The string key representing the restriction. 571 * @return {@code true} if the current user has the given restriction, {@code false} otherwise. 572 */ 573 public boolean hasUserRestriction(String restrictionKey) { 574 return hasUserRestriction(restrictionKey, Process.myUserHandle()); 575 } 576 577 /** 578 * @hide 579 * Returns whether the given user has been disallowed from performing certain actions 580 * or setting certain settings. 581 * @param restrictionKey the string key representing the restriction 582 * @param userHandle the UserHandle of the user for whom to retrieve the restrictions. 583 */ 584 public boolean hasUserRestriction(String restrictionKey, UserHandle userHandle) { 585 return getUserRestrictions(userHandle).getBoolean(restrictionKey, false); 586 } 587 588 /** 589 * Return the serial number for a user. This is a device-unique 590 * number assigned to that user; if the user is deleted and then a new 591 * user created, the new users will not be given the same serial number. 592 * @param user The user whose serial number is to be retrieved. 593 * @return The serial number of the given user; returns -1 if the 594 * given UserHandle does not exist. 595 * @see #getUserForSerialNumber(long) 596 */ 597 public long getSerialNumberForUser(UserHandle user) { 598 return getUserSerialNumber(user.getIdentifier()); 599 } 600 601 /** 602 * Return the user associated with a serial number previously 603 * returned by {@link #getSerialNumberForUser(UserHandle)}. 604 * @param serialNumber The serial number of the user that is being 605 * retrieved. 606 * @return Return the user associated with the serial number, or null 607 * if there is not one. 608 * @see #getSerialNumberForUser(UserHandle) 609 */ 610 public UserHandle getUserForSerialNumber(long serialNumber) { 611 int ident = getUserHandle((int)serialNumber); 612 return ident >= 0 ? new UserHandle(ident) : null; 613 } 614 615 /** 616 * Creates a user with the specified name and options. 617 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 618 * 619 * @param name the user's name 620 * @param flags flags that identify the type of user and other properties. 621 * @see UserInfo 622 * 623 * @return the UserInfo object for the created user, or null if the user could not be created. 624 * @hide 625 */ 626 public UserInfo createUser(String name, int flags) { 627 try { 628 return mService.createUser(name, flags); 629 } catch (RemoteException re) { 630 Log.w(TAG, "Could not create a user", re); 631 return null; 632 } 633 } 634 635 /** 636 * Creates a guest user and configures it. 637 * @param context an application context 638 * @param name the name to set for the user 639 * @hide 640 */ 641 public UserInfo createGuest(Context context, String name) { 642 UserInfo guest = createUser(name, UserInfo.FLAG_GUEST); 643 if (guest != null) { 644 Settings.Secure.putStringForUser(context.getContentResolver(), 645 Settings.Secure.SKIP_FIRST_USE_HINTS, "1", guest.id); 646 try { 647 Bundle guestRestrictions = mService.getDefaultGuestRestrictions(); 648 guestRestrictions.putBoolean(DISALLOW_SMS, true); 649 mService.setUserRestrictions(guestRestrictions, guest.id); 650 } catch (RemoteException re) { 651 Log.w(TAG, "Could not update guest restrictions"); 652 } 653 } 654 return guest; 655 } 656 657 /** 658 * Creates a user with the specified name and options as a profile of another user. 659 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 660 * 661 * @param name the user's name 662 * @param flags flags that identify the type of user and other properties. 663 * @see UserInfo 664 * @param userHandle new user will be a profile of this use. 665 * 666 * @return the UserInfo object for the created user, or null if the user could not be created. 667 * @hide 668 */ 669 public UserInfo createProfileForUser(String name, int flags, int userHandle) { 670 try { 671 return mService.createProfileForUser(name, flags, userHandle); 672 } catch (RemoteException re) { 673 Log.w(TAG, "Could not create a user", re); 674 return null; 675 } 676 } 677 678 /** 679 * @hide 680 * Marks the guest user for deletion to allow a new guest to be created before deleting 681 * the current user who is a guest. 682 * @param userHandle 683 * @return 684 */ 685 public boolean markGuestForDeletion(int userHandle) { 686 try { 687 return mService.markGuestForDeletion(userHandle); 688 } catch (RemoteException re) { 689 Log.w(TAG, "Could not mark guest for deletion", re); 690 return false; 691 } 692 } 693 694 /** 695 * Sets the user as enabled, if such an user exists. 696 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 697 * Note that the default is true, it's only that managed profiles might not be enabled. 698 * 699 * @param userHandle the id of the profile to enable 700 * @hide 701 */ 702 public void setUserEnabled(int userHandle) { 703 try { 704 mService.setUserEnabled(userHandle); 705 } catch (RemoteException e) { 706 Log.w(TAG, "Could not enable the profile", e); 707 } 708 } 709 710 /** 711 * Return the number of users currently created on the device. 712 */ 713 public int getUserCount() { 714 List<UserInfo> users = getUsers(); 715 return users != null ? users.size() : 1; 716 } 717 718 /** 719 * Returns information for all users on this device. 720 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 721 * @return the list of users that were created. 722 * @hide 723 */ 724 public List<UserInfo> getUsers() { 725 try { 726 return mService.getUsers(false); 727 } catch (RemoteException re) { 728 Log.w(TAG, "Could not get user list", re); 729 return null; 730 } 731 } 732 733 /** 734 * Checks whether it's possible to add more users. Caller must hold the MANAGE_USERS 735 * permission. 736 * 737 * @return true if more users can be added, false if limit has been reached. 738 * @hide 739 */ 740 public boolean canAddMoreUsers() { 741 final List<UserInfo> users = getUsers(true); 742 final int totalUserCount = users.size(); 743 int aliveUserCount = 0; 744 for (int i = 0; i < totalUserCount; i++) { 745 UserInfo user = users.get(i); 746 if (!user.isGuest()) { 747 aliveUserCount++; 748 } 749 } 750 return aliveUserCount < getMaxSupportedUsers(); 751 } 752 753 /** 754 * Returns list of the profiles of userHandle including 755 * userHandle itself. 756 * Note that this returns both enabled and not enabled profiles. See 757 * {@link #getUserProfiles()} if you need only the enabled ones. 758 * 759 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 760 * @param userHandle profiles of this user will be returned. 761 * @return the list of profiles. 762 * @hide 763 */ 764 public List<UserInfo> getProfiles(int userHandle) { 765 try { 766 return mService.getProfiles(userHandle, false /* enabledOnly */); 767 } catch (RemoteException re) { 768 Log.w(TAG, "Could not get user list", re); 769 return null; 770 } 771 } 772 773 /** 774 * Returns a list of UserHandles for profiles associated with the user that the calling process 775 * is running on, including the user itself. 776 * 777 * @return A non-empty list of UserHandles associated with the calling user. 778 */ 779 public List<UserHandle> getUserProfiles() { 780 ArrayList<UserHandle> profiles = new ArrayList<UserHandle>(); 781 List<UserInfo> users = new ArrayList<UserInfo>(); 782 try { 783 users = mService.getProfiles(UserHandle.myUserId(), true /* enabledOnly */); 784 } catch (RemoteException re) { 785 Log.w(TAG, "Could not get user list", re); 786 return null; 787 } 788 for (UserInfo info : users) { 789 UserHandle userHandle = new UserHandle(info.id); 790 profiles.add(userHandle); 791 } 792 return profiles; 793 } 794 795 /** 796 * Returns the parent of the profile which this method is called from 797 * or null if called from a user that is not a profile. 798 * 799 * @hide 800 */ 801 public UserInfo getProfileParent(int userHandle) { 802 try { 803 return mService.getProfileParent(userHandle); 804 } catch (RemoteException re) { 805 Log.w(TAG, "Could not get profile parent", re); 806 return null; 807 } 808 } 809 810 /** 811 * If the target user is a managed profile of the calling user or the caller 812 * is itself a managed profile, then this returns a badged copy of the given 813 * icon to be able to distinguish it from the original icon. For badging an 814 * arbitrary drawable use {@link #getBadgedDrawableForUser( 815 * android.graphics.drawable.Drawable, UserHandle, android.graphics.Rect, int)}. 816 * <p> 817 * If the original drawable is a BitmapDrawable and the backing bitmap is 818 * mutable as per {@link android.graphics.Bitmap#isMutable()}, the bading 819 * is performed in place and the original drawable is returned. 820 * </p> 821 * 822 * @param icon The icon to badge. 823 * @param user The target user. 824 * @return A drawable that combines the original icon and a badge as 825 * determined by the system. 826 */ 827 public Drawable getBadgedIconForUser(Drawable icon, UserHandle user) { 828 final int badgeResId = getBadgeResIdForUser(user.getIdentifier()); 829 if (badgeResId == 0) { 830 return icon; 831 } 832 Drawable badgeIcon = mContext.getPackageManager() 833 .getDrawable("system", badgeResId, null); 834 return getBadgedDrawable(icon, badgeIcon, null, true); 835 } 836 837 /** 838 * If the target user is a managed profile of the calling user or the caller 839 * is itself a managed profile, then this returns a badged copy of the given 840 * icon to be able to distinguish it from the original icon. 841 * <p> 842 * If the original drawable is not a BitmapDrawable, then the original 843 * drawable is returned. 844 * </p> 845 * 846 * @param icon The icon to badge. 847 * @param user The target user. 848 * @return A drawable that combines the original icon and a badge as 849 * determined by the system. 850 * 851 * @deprecation Use {@link #getBadgedIconForUser( 852 * android.graphics.drawable.Drawable, UserHandle)} 853 * 854 * @hide 855 */ 856 @Deprecated 857 public Drawable getBadgedDrawableForUser(Drawable icon, UserHandle user) { 858 int badgeResId = getBadgeResIdForUser(user.getIdentifier()); 859 if (badgeResId == 0) { 860 return icon; 861 } else { 862 Drawable badgeIcon = mContext.getPackageManager() 863 .getDrawable("system", badgeResId, null); 864 return getBadgedDrawable(icon, badgeIcon, null, false); 865 } 866 } 867 868 /** 869 * If the target user is a managed profile of the calling user or the caller 870 * is itself a managed profile, then this returns a badged copy of the given 871 * drawable allowing the user to distinguish it from the original drawable. 872 * The caller can specify the location in the bounds of the drawable to be 873 * badged where the badge should be applied as well as the density of the 874 * badge to be used. 875 * <p> 876 * If the original drawable is a BitmapDrawable and the backing bitmap is 877 * mutable as per {@link android.graphics.Bitmap#isMutable()}, the bading 878 * is performed in place and the original drawable is returned. 879 * </p> 880 * 881 * @param badgedDrawable The drawable to badge. 882 * @param user The target user. 883 * @param badgeLocation Where in the bounds of the badged drawable to place 884 * the badge. If not provided, the badge is applied on top of the entire 885 * drawable being badged. 886 * @param badgeDensity The optional desired density for the badge as per 887 * {@link android.util.DisplayMetrics#densityDpi}. If not provided, 888 * the density of the display is used. 889 * @return A drawable that combines the original drawable and a badge as 890 * determined by the system. 891 */ 892 public Drawable getBadgedDrawableForUser(Drawable badgedDrawable, UserHandle user, 893 Rect badgeLocation, int badgeDensity) { 894 Drawable badgeDrawable = getBadgeForUser(user, badgeDensity); 895 if (badgeDrawable == null) { 896 return badgedDrawable; 897 } 898 return getBadgedDrawable(badgedDrawable, badgeDrawable, badgeLocation, true); 899 } 900 901 /** 902 * If the target user is a managed profile of the calling user or the caller 903 * is itself a managed profile, then this returns a copy of the label with 904 * badging for accessibility services like talkback. E.g. passing in "Email" 905 * and it might return "Work Email" for Email in the work profile. 906 * 907 * @param label The label to change. 908 * @param user The target user. 909 * @return A label that combines the original label and a badge as 910 * determined by the system. 911 */ 912 public CharSequence getBadgedLabelForUser(CharSequence label, UserHandle user) { 913 UserInfo userInfo = getUserIfProfile(user.getIdentifier()); 914 if (userInfo != null && userInfo.isManagedProfile()) { 915 return Resources.getSystem().getString( 916 R.string.managed_profile_label_badge, label); 917 } 918 return label; 919 } 920 921 /** 922 * If the target user is a managed profile of the calling user or the caller 923 * is itself a managed profile, then this returns a drawable to use as a small 924 * icon to include in a view to distinguish it from the original icon. 925 * 926 * @param user The target user. 927 * @param density The optional desired density for the badge as per 928 * {@link android.util.DisplayMetrics#densityDpi}. If not provided 929 * the density of the current display is used. 930 * @return the drawable or null if no drawable is required. 931 * @hide 932 */ 933 public Drawable getBadgeForUser(UserHandle user, int density) { 934 UserInfo userInfo = getUserIfProfile(user.getIdentifier()); 935 if (userInfo != null && userInfo.isManagedProfile()) { 936 if (density <= 0) { 937 density = mContext.getResources().getDisplayMetrics().densityDpi; 938 } 939 return Resources.getSystem().getDrawableForDensity( 940 com.android.internal.R.drawable.ic_corp_badge, density); 941 } 942 return null; 943 } 944 945 private int getBadgeResIdForUser(int userHandle) { 946 // Return the framework-provided badge. 947 UserInfo userInfo = getUserIfProfile(userHandle); 948 if (userInfo != null && userInfo.isManagedProfile()) { 949 return com.android.internal.R.drawable.ic_corp_icon_badge; 950 } 951 return 0; 952 } 953 954 /** 955 * @return UserInfo for userHandle if it exists and is a profile of the current 956 * user or null. 957 */ 958 private UserInfo getUserIfProfile(int userHandle) { 959 List<UserInfo> userProfiles = getProfiles(getUserHandle()); 960 for (UserInfo user : userProfiles) { 961 if (user.id == userHandle) { 962 return user; 963 } 964 } 965 return null; 966 } 967 968 private Drawable getBadgedDrawable(Drawable badgedDrawable, Drawable badgeDrawable, 969 Rect badgeLocation, boolean tryBadgeInPlace) { 970 final int badgedWidth = badgedDrawable.getIntrinsicWidth(); 971 final int badgedHeight = badgedDrawable.getIntrinsicHeight(); 972 final boolean canBadgeInPlace = tryBadgeInPlace 973 && (badgedDrawable instanceof BitmapDrawable) 974 && ((BitmapDrawable) badgedDrawable).getBitmap().isMutable(); 975 976 final Bitmap bitmap; 977 if (canBadgeInPlace) { 978 bitmap = ((BitmapDrawable) badgedDrawable).getBitmap(); 979 } else { 980 bitmap = Bitmap.createBitmap(badgedWidth, badgedHeight, Config.ARGB_8888); 981 } 982 Canvas canvas = new Canvas(bitmap); 983 984 if (!canBadgeInPlace) { 985 badgedDrawable.setBounds(0, 0, badgedWidth, badgedHeight); 986 badgedDrawable.draw(canvas); 987 } 988 989 if (badgeLocation != null) { 990 if (badgeLocation.left < 0 || badgeLocation.top < 0 991 || badgeLocation.width() > badgedWidth || badgeLocation.height() > badgedHeight) { 992 throw new IllegalArgumentException("Badge location " + badgeLocation 993 + " not in badged drawable bounds " 994 + new Rect(0, 0, badgedWidth, badgedHeight)); 995 } 996 badgeDrawable.setBounds(0, 0, badgeLocation.width(), badgeLocation.height()); 997 998 canvas.save(); 999 canvas.translate(badgeLocation.left, badgeLocation.top); 1000 badgeDrawable.draw(canvas); 1001 canvas.restore(); 1002 } else { 1003 badgeDrawable.setBounds(0, 0, badgedWidth, badgedHeight); 1004 badgeDrawable.draw(canvas); 1005 } 1006 1007 if (!canBadgeInPlace) { 1008 BitmapDrawable mergedDrawable = new BitmapDrawable(mContext.getResources(), bitmap); 1009 1010 if (badgedDrawable instanceof BitmapDrawable) { 1011 BitmapDrawable bitmapDrawable = (BitmapDrawable) badgedDrawable; 1012 mergedDrawable.setTargetDensity(bitmapDrawable.getBitmap().getDensity()); 1013 } 1014 1015 return mergedDrawable; 1016 } 1017 1018 return badgedDrawable; 1019 } 1020 1021 /** 1022 * Returns information for all users on this device. Requires 1023 * {@link android.Manifest.permission#MANAGE_USERS} permission. 1024 * 1025 * @param excludeDying specify if the list should exclude users being 1026 * removed. 1027 * @return the list of users that were created. 1028 * @hide 1029 */ 1030 public List<UserInfo> getUsers(boolean excludeDying) { 1031 try { 1032 return mService.getUsers(excludeDying); 1033 } catch (RemoteException re) { 1034 Log.w(TAG, "Could not get user list", re); 1035 return null; 1036 } 1037 } 1038 1039 /** 1040 * Removes a user and all associated data. 1041 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 1042 * @param userHandle the integer handle of the user, where 0 is the primary user. 1043 * @hide 1044 */ 1045 public boolean removeUser(int userHandle) { 1046 try { 1047 return mService.removeUser(userHandle); 1048 } catch (RemoteException re) { 1049 Log.w(TAG, "Could not remove user ", re); 1050 return false; 1051 } 1052 } 1053 1054 /** 1055 * Updates the user's name. 1056 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 1057 * 1058 * @param userHandle the user's integer handle 1059 * @param name the new name for the user 1060 * @hide 1061 */ 1062 public void setUserName(int userHandle, String name) { 1063 try { 1064 mService.setUserName(userHandle, name); 1065 } catch (RemoteException re) { 1066 Log.w(TAG, "Could not set the user name ", re); 1067 } 1068 } 1069 1070 /** 1071 * Sets the user's photo. 1072 * @param userHandle the user for whom to change the photo. 1073 * @param icon the bitmap to set as the photo. 1074 * @hide 1075 */ 1076 public void setUserIcon(int userHandle, Bitmap icon) { 1077 try { 1078 mService.setUserIcon(userHandle, icon); 1079 } catch (RemoteException re) { 1080 Log.w(TAG, "Could not set the user icon ", re); 1081 } 1082 } 1083 1084 /** 1085 * Returns a file descriptor for the user's photo. PNG data can be read from this file. 1086 * @param userHandle the user whose photo we want to read. 1087 * @return a {@link Bitmap} of the user's photo, or null if there's no photo. 1088 * @hide 1089 */ 1090 public Bitmap getUserIcon(int userHandle) { 1091 try { 1092 return mService.getUserIcon(userHandle); 1093 } catch (RemoteException re) { 1094 Log.w(TAG, "Could not get the user icon ", re); 1095 return null; 1096 } 1097 } 1098 1099 /** 1100 * Returns the maximum number of users that can be created on this device. A return value 1101 * of 1 means that it is a single user device. 1102 * @hide 1103 * @return a value greater than or equal to 1 1104 */ 1105 public static int getMaxSupportedUsers() { 1106 // Don't allow multiple users on certain builds 1107 if (android.os.Build.ID.startsWith("JVP")) return 1; 1108 // Svelte devices don't get multi-user. 1109 if (ActivityManager.isLowRamDeviceStatic()) return 1; 1110 return SystemProperties.getInt("fw.max_users", 1111 Resources.getSystem().getInteger(R.integer.config_multiuserMaximumUsers)); 1112 } 1113 1114 /** 1115 * Returns true if the user switcher should be shown, this will be if there 1116 * are multiple users that aren't managed profiles. 1117 * @hide 1118 * @return true if user switcher should be shown. 1119 */ 1120 public boolean isUserSwitcherEnabled() { 1121 List<UserInfo> users = getUsers(true); 1122 if (users == null) { 1123 return false; 1124 } 1125 int switchableUserCount = 0; 1126 for (UserInfo user : users) { 1127 if (user.supportsSwitchTo()) { 1128 ++switchableUserCount; 1129 } 1130 } 1131 final boolean guestEnabled = Settings.Global.getInt(mContext.getContentResolver(), 1132 Settings.Global.GUEST_USER_ENABLED, 0) == 1; 1133 return switchableUserCount > 1 || guestEnabled; 1134 } 1135 1136 /** 1137 * Returns a serial number on this device for a given userHandle. User handles can be recycled 1138 * when deleting and creating users, but serial numbers are not reused until the device is wiped. 1139 * @param userHandle 1140 * @return a serial number associated with that user, or -1 if the userHandle is not valid. 1141 * @hide 1142 */ 1143 public int getUserSerialNumber(int userHandle) { 1144 try { 1145 return mService.getUserSerialNumber(userHandle); 1146 } catch (RemoteException re) { 1147 Log.w(TAG, "Could not get serial number for user " + userHandle); 1148 } 1149 return -1; 1150 } 1151 1152 /** 1153 * Returns a userHandle on this device for a given user serial number. User handles can be 1154 * recycled when deleting and creating users, but serial numbers are not reused until the device 1155 * is wiped. 1156 * @param userSerialNumber 1157 * @return the userHandle associated with that user serial number, or -1 if the serial number 1158 * is not valid. 1159 * @hide 1160 */ 1161 public int getUserHandle(int userSerialNumber) { 1162 try { 1163 return mService.getUserHandle(userSerialNumber); 1164 } catch (RemoteException re) { 1165 Log.w(TAG, "Could not get userHandle for user " + userSerialNumber); 1166 } 1167 return -1; 1168 } 1169 1170 /** 1171 * Returns a Bundle containing any saved application restrictions for this user, for the 1172 * given package name. Only an application with this package name can call this method. 1173 * @param packageName the package name of the calling application 1174 * @return a Bundle with the restrictions as key/value pairs, or null if there are no 1175 * saved restrictions. The values can be of type Boolean, String or String[], depending 1176 * on the restriction type, as defined by the application. 1177 */ 1178 public Bundle getApplicationRestrictions(String packageName) { 1179 try { 1180 return mService.getApplicationRestrictions(packageName); 1181 } catch (RemoteException re) { 1182 Log.w(TAG, "Could not get application restrictions for package " + packageName); 1183 } 1184 return null; 1185 } 1186 1187 /** 1188 * @hide 1189 */ 1190 public Bundle getApplicationRestrictions(String packageName, UserHandle user) { 1191 try { 1192 return mService.getApplicationRestrictionsForUser(packageName, user.getIdentifier()); 1193 } catch (RemoteException re) { 1194 Log.w(TAG, "Could not get application restrictions for user " + user.getIdentifier()); 1195 } 1196 return null; 1197 } 1198 1199 /** 1200 * @hide 1201 */ 1202 public void setApplicationRestrictions(String packageName, Bundle restrictions, 1203 UserHandle user) { 1204 try { 1205 mService.setApplicationRestrictions(packageName, restrictions, user.getIdentifier()); 1206 } catch (RemoteException re) { 1207 Log.w(TAG, "Could not set application restrictions for user " + user.getIdentifier()); 1208 } 1209 } 1210 1211 /** 1212 * Sets a new challenge PIN for restrictions. This is only for use by pre-installed 1213 * apps and requires the MANAGE_USERS permission. 1214 * @param newPin the PIN to use for challenge dialogs. 1215 * @return Returns true if the challenge PIN was set successfully. 1216 */ 1217 public boolean setRestrictionsChallenge(String newPin) { 1218 try { 1219 return mService.setRestrictionsChallenge(newPin); 1220 } catch (RemoteException re) { 1221 Log.w(TAG, "Could not change restrictions pin"); 1222 } 1223 return false; 1224 } 1225 1226 /** 1227 * @hide 1228 * @param pin The PIN to verify, or null to get the number of milliseconds to wait for before 1229 * allowing the user to enter the PIN. 1230 * @return Returns a positive number (including zero) for how many milliseconds before 1231 * you can accept another PIN, when the input is null or the input doesn't match the saved PIN. 1232 * Returns {@link #PIN_VERIFICATION_SUCCESS} if the input matches the saved PIN. Returns 1233 * {@link #PIN_VERIFICATION_FAILED_NOT_SET} if there is no PIN set. 1234 */ 1235 public int checkRestrictionsChallenge(String pin) { 1236 try { 1237 return mService.checkRestrictionsChallenge(pin); 1238 } catch (RemoteException re) { 1239 Log.w(TAG, "Could not check restrictions pin"); 1240 } 1241 return PIN_VERIFICATION_FAILED_INCORRECT; 1242 } 1243 1244 /** 1245 * @hide 1246 * Checks whether the user has restrictions that are PIN-protected. An application that 1247 * participates in restrictions can check if the owner has requested a PIN challenge for 1248 * any restricted operations. If there is a PIN in effect, the application should launch 1249 * the PIN challenge activity {@link android.content.Intent#ACTION_RESTRICTIONS_CHALLENGE}. 1250 * @see android.content.Intent#ACTION_RESTRICTIONS_CHALLENGE 1251 * @return whether a restrictions PIN is in effect. 1252 */ 1253 public boolean hasRestrictionsChallenge() { 1254 try { 1255 return mService.hasRestrictionsChallenge(); 1256 } catch (RemoteException re) { 1257 Log.w(TAG, "Could not change restrictions pin"); 1258 } 1259 return false; 1260 } 1261 1262 /** @hide */ 1263 public void removeRestrictions() { 1264 try { 1265 mService.removeRestrictions(); 1266 } catch (RemoteException re) { 1267 Log.w(TAG, "Could not change restrictions pin"); 1268 } 1269 } 1270 1271 /** 1272 * @hide 1273 * Set restrictions that should apply to any future guest user that's created. 1274 */ 1275 public void setDefaultGuestRestrictions(Bundle restrictions) { 1276 try { 1277 mService.setDefaultGuestRestrictions(restrictions); 1278 } catch (RemoteException re) { 1279 Log.w(TAG, "Could not set guest restrictions"); 1280 } 1281 } 1282 1283 /** 1284 * @hide 1285 * Gets the default guest restrictions. 1286 */ 1287 public Bundle getDefaultGuestRestrictions() { 1288 try { 1289 return mService.getDefaultGuestRestrictions(); 1290 } catch (RemoteException re) { 1291 Log.w(TAG, "Could not set guest restrictions"); 1292 } 1293 return new Bundle(); 1294 } 1295} 1296