UserRestrictionsUtils.java revision 5485ed46ff337769589c6e06b3469246e60b9e3b
1/* 2 * Copyright (C) 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17package com.android.server.pm; 18 19import com.google.android.collect.Sets; 20 21import com.android.internal.util.Preconditions; 22 23import android.annotation.NonNull; 24import android.annotation.Nullable; 25import android.app.ActivityManager; 26import android.app.ActivityManagerNative; 27import android.content.ContentResolver; 28import android.content.Context; 29import android.net.Uri; 30import android.os.Binder; 31import android.os.Bundle; 32import android.os.RemoteException; 33import android.os.SystemProperties; 34import android.os.UserHandle; 35import android.os.UserManager; 36import android.util.Log; 37 38import org.xmlpull.v1.XmlPullParser; 39import org.xmlpull.v1.XmlSerializer; 40 41import java.io.IOException; 42import java.io.PrintWriter; 43import java.util.Set; 44 45/** 46 * Utility methods for uesr restrictions. 47 * 48 * <p>See {@link UserManagerService} for the method suffixes. 49 */ 50public class UserRestrictionsUtils { 51 private static final String TAG = "UserRestrictionsUtils"; 52 53 private UserRestrictionsUtils() { 54 } 55 56 public static final Set<String> USER_RESTRICTIONS = Sets.newArraySet( 57 UserManager.DISALLOW_CONFIG_WIFI, 58 UserManager.DISALLOW_MODIFY_ACCOUNTS, 59 UserManager.DISALLOW_INSTALL_APPS, 60 UserManager.DISALLOW_UNINSTALL_APPS, 61 UserManager.DISALLOW_SHARE_LOCATION, 62 UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES, 63 UserManager.DISALLOW_CONFIG_BLUETOOTH, 64 UserManager.DISALLOW_USB_FILE_TRANSFER, 65 UserManager.DISALLOW_CONFIG_CREDENTIALS, 66 UserManager.DISALLOW_REMOVE_USER, 67 UserManager.DISALLOW_DEBUGGING_FEATURES, 68 UserManager.DISALLOW_CONFIG_VPN, 69 UserManager.DISALLOW_CONFIG_TETHERING, 70 UserManager.DISALLOW_NETWORK_RESET, 71 UserManager.DISALLOW_FACTORY_RESET, 72 UserManager.DISALLOW_ADD_USER, 73 UserManager.ENSURE_VERIFY_APPS, 74 UserManager.DISALLOW_CONFIG_CELL_BROADCASTS, 75 UserManager.DISALLOW_CONFIG_MOBILE_NETWORKS, 76 UserManager.DISALLOW_APPS_CONTROL, 77 UserManager.DISALLOW_MOUNT_PHYSICAL_MEDIA, 78 UserManager.DISALLOW_UNMUTE_MICROPHONE, 79 UserManager.DISALLOW_ADJUST_VOLUME, 80 UserManager.DISALLOW_OUTGOING_CALLS, 81 UserManager.DISALLOW_SMS, 82 UserManager.DISALLOW_FUN, 83 UserManager.DISALLOW_CREATE_WINDOWS, 84 UserManager.DISALLOW_CROSS_PROFILE_COPY_PASTE, 85 UserManager.DISALLOW_OUTGOING_BEAM, 86 UserManager.DISALLOW_WALLPAPER, 87 UserManager.DISALLOW_SAFE_BOOT, 88 UserManager.ALLOW_PARENT_PROFILE_APP_LINKING, 89 UserManager.DISALLOW_RECORD_AUDIO, 90 UserManager.DISALLOW_CAMERA, 91 UserManager.DISALLOW_RUN_IN_BACKGROUND 92 ); 93 94 /** 95 * Set of user restriction which we don't want to persist. 96 */ 97 private static final Set<String> NON_PERSIST_USER_RESTRICTIONS = Sets.newArraySet( 98 UserManager.DISALLOW_RECORD_AUDIO 99 ); 100 101 /** 102 * User restrictions that can not be set by profile owners. 103 */ 104 private static final Set<String> DEVICE_OWNER_ONLY_RESTRICTIONS = Sets.newArraySet( 105 UserManager.DISALLOW_USB_FILE_TRANSFER, 106 UserManager.DISALLOW_CONFIG_TETHERING, 107 UserManager.DISALLOW_NETWORK_RESET, 108 UserManager.DISALLOW_FACTORY_RESET, 109 UserManager.DISALLOW_ADD_USER, 110 UserManager.DISALLOW_CONFIG_CELL_BROADCASTS, 111 UserManager.DISALLOW_CONFIG_MOBILE_NETWORKS, 112 UserManager.DISALLOW_MOUNT_PHYSICAL_MEDIA, 113 UserManager.DISALLOW_SMS, 114 UserManager.DISALLOW_FUN, 115 UserManager.DISALLOW_SAFE_BOOT, 116 UserManager.DISALLOW_CREATE_WINDOWS 117 ); 118 119 /** 120 * User restrictions that can't be changed by device owner or profile owner. 121 */ 122 private static final Set<String> IMMUTABLE_BY_OWNERS = Sets.newArraySet( 123 UserManager.DISALLOW_RECORD_AUDIO, 124 UserManager.DISALLOW_WALLPAPER 125 ); 126 127 /** 128 * Special user restrictions that can be applied to a user as well as to all users globally, 129 * depending on callers. When device owner sets them, they'll be applied to all users. 130 */ 131 private static final Set<String> GLOBAL_RESTRICTIONS = Sets.newArraySet( 132 UserManager.DISALLOW_ADJUST_VOLUME, 133 UserManager.DISALLOW_RUN_IN_BACKGROUND, 134 UserManager.DISALLOW_UNMUTE_MICROPHONE 135 ); 136 137 public static void writeRestrictions(@NonNull XmlSerializer serializer, 138 @Nullable Bundle restrictions, @NonNull String tag) throws IOException { 139 if (restrictions == null) { 140 return; 141 } 142 143 serializer.startTag(null, tag); 144 for (String key : restrictions.keySet()) { 145 if (NON_PERSIST_USER_RESTRICTIONS.contains(key)) { 146 continue; // Don't persist. 147 } 148 if (USER_RESTRICTIONS.contains(key)) { 149 if (restrictions.getBoolean(key)) { 150 serializer.attribute(null, key, "true"); 151 } 152 continue; 153 } 154 Log.w(TAG, "Unknown user restriction detected: " + key); 155 } 156 serializer.endTag(null, tag); 157 } 158 159 public static void readRestrictions(XmlPullParser parser, Bundle restrictions) 160 throws IOException { 161 for (String key : USER_RESTRICTIONS) { 162 final String value = parser.getAttributeValue(null, key); 163 if (value != null) { 164 restrictions.putBoolean(key, Boolean.parseBoolean(value)); 165 } 166 } 167 } 168 169 /** 170 * @return {@code in} itself when it's not null, or an empty bundle (which can writable). 171 */ 172 public static Bundle nonNull(@Nullable Bundle in) { 173 return in != null ? in : new Bundle(); 174 } 175 176 public static boolean isEmpty(@Nullable Bundle in) { 177 return (in == null) || (in.size() == 0); 178 } 179 180 /** 181 * Creates a copy of the {@code in} Bundle. If {@code in} is null, it'll return an empty 182 * bundle. 183 * 184 * <p>The resulting {@link Bundle} is always writable. (i.e. it won't return 185 * {@link Bundle#EMPTY}) 186 */ 187 public static @NonNull Bundle clone(@Nullable Bundle in) { 188 return (in != null) ? new Bundle(in) : new Bundle(); 189 } 190 191 public static void merge(@NonNull Bundle dest, @Nullable Bundle in) { 192 Preconditions.checkNotNull(dest); 193 Preconditions.checkArgument(dest != in); 194 if (in == null) { 195 return; 196 } 197 for (String key : in.keySet()) { 198 if (in.getBoolean(key, false)) { 199 dest.putBoolean(key, true); 200 } 201 } 202 } 203 204 /** 205 * @return true if a restriction is settable by device owner. 206 */ 207 public static boolean canDeviceOwnerChange(String restriction) { 208 return !IMMUTABLE_BY_OWNERS.contains(restriction); 209 } 210 211 /** 212 * @return true if a restriction is settable by profile owner. Note it takes a user ID because 213 * some restrictions can be changed by PO only when it's running on the system user. 214 */ 215 public static boolean canProfileOwnerChange(String restriction, int userId) { 216 return !IMMUTABLE_BY_OWNERS.contains(restriction) 217 && !(userId != UserHandle.USER_SYSTEM 218 && DEVICE_OWNER_ONLY_RESTRICTIONS.contains(restriction)); 219 } 220 221 /** 222 * Takes restrictions that can be set by device owner, and sort them into what should be applied 223 * globally and what should be applied only on the current user. 224 */ 225 public static void sortToGlobalAndLocal(@Nullable Bundle in, @NonNull Bundle global, 226 @NonNull Bundle local) { 227 if (in == null || in.size() == 0) { 228 return; 229 } 230 for (String key : in.keySet()) { 231 if (!in.getBoolean(key)) { 232 continue; 233 } 234 if (DEVICE_OWNER_ONLY_RESTRICTIONS.contains(key) || GLOBAL_RESTRICTIONS.contains(key)) { 235 global.putBoolean(key, true); 236 } else { 237 local.putBoolean(key, true); 238 } 239 } 240 } 241 242 /** 243 * @return true if two Bundles contain the same user restriction. 244 * A null bundle and an empty bundle are considered to be equal. 245 */ 246 public static boolean areEqual(@Nullable Bundle a, @Nullable Bundle b) { 247 if (a == b) { 248 return true; 249 } 250 if (isEmpty(a)) { 251 return isEmpty(b); 252 } 253 if (isEmpty(b)) { 254 return false; 255 } 256 for (String key : a.keySet()) { 257 if (a.getBoolean(key) != b.getBoolean(key)) { 258 return false; 259 } 260 } 261 for (String key : b.keySet()) { 262 if (a.getBoolean(key) != b.getBoolean(key)) { 263 return false; 264 } 265 } 266 return true; 267 } 268 269 /** 270 * Takes a new use restriction set and the previous set, and apply the restrictions that have 271 * changed. 272 * 273 * <p>Note this method is called by {@link UserManagerService} without holding any locks. 274 */ 275 public static void applyUserRestrictions(Context context, int userId, 276 Bundle newRestrictions, Bundle prevRestrictions) { 277 for (String key : USER_RESTRICTIONS) { 278 final boolean newValue = newRestrictions.getBoolean(key); 279 final boolean prevValue = prevRestrictions.getBoolean(key); 280 281 if (newValue != prevValue) { 282 applyUserRestriction(context, userId, key, newValue); 283 } 284 } 285 } 286 287 /** 288 * Apply each user restriction. 289 * 290 * <p>See also {@link 291 * com.android.providers.settings.SettingsProvider#isGlobalOrSecureSettingRestrictedForUser}, 292 * which should be in sync with this method. 293 */ 294 private static void applyUserRestriction(Context context, int userId, String key, 295 boolean newValue) { 296 if (UserManagerService.DBG) { 297 Log.d(TAG, "Applying user restriction: userId=" + userId 298 + " key=" + key + " value=" + newValue); 299 } 300 // When certain restrictions are cleared, we don't update the system settings, 301 // because these settings are changeable on the Settings UI and we don't know the original 302 // value -- for example LOCATION_MODE might have been off already when the restriction was 303 // set, and in that case even if the restriction is lifted, changing it to ON would be 304 // wrong. So just don't do anything in such a case. If the user hopes to enable location 305 // later, they can do it on the Settings UI. 306 307 final ContentResolver cr = context.getContentResolver(); 308 final long id = Binder.clearCallingIdentity(); 309 try { 310 switch (key) { 311 case UserManager.DISALLOW_CONFIG_WIFI: 312 if (newValue) { 313 android.provider.Settings.Secure.putIntForUser(cr, 314 android.provider.Settings.Global 315 .WIFI_NETWORKS_AVAILABLE_NOTIFICATION_ON, 0, userId); 316 } 317 break; 318 case UserManager.DISALLOW_SHARE_LOCATION: 319 if (newValue) { 320 android.provider.Settings.Secure.putIntForUser(cr, 321 android.provider.Settings.Secure.LOCATION_MODE, 322 android.provider.Settings.Secure.LOCATION_MODE_OFF, 323 userId); 324 } 325 // Send out notifications as some clients may want to reread the 326 // value which actually changed due to a restriction having been 327 // applied. 328 final String property = 329 android.provider.Settings.Secure.SYS_PROP_SETTING_VERSION; 330 long version = SystemProperties.getLong(property, 0) + 1; 331 SystemProperties.set(property, Long.toString(version)); 332 333 final String name = android.provider.Settings.Secure.LOCATION_PROVIDERS_ALLOWED; 334 final Uri url = Uri.withAppendedPath( 335 android.provider.Settings.Secure.CONTENT_URI, name); 336 context.getContentResolver().notifyChange(url, null, true, userId); 337 338 break; 339 case UserManager.DISALLOW_DEBUGGING_FEATURES: 340 if (newValue) { 341 // Only disable adb if changing for system user, since it is global 342 // TODO: should this be admin user? 343 if (userId == UserHandle.USER_SYSTEM) { 344 android.provider.Settings.Global.putStringForUser(cr, 345 android.provider.Settings.Global.ADB_ENABLED, "0", 346 userId); 347 } 348 } 349 break; 350 case UserManager.ENSURE_VERIFY_APPS: 351 if (newValue) { 352 android.provider.Settings.Global.putStringForUser( 353 context.getContentResolver(), 354 android.provider.Settings.Global.PACKAGE_VERIFIER_ENABLE, "1", 355 userId); 356 android.provider.Settings.Global.putStringForUser( 357 context.getContentResolver(), 358 android.provider.Settings.Global.PACKAGE_VERIFIER_INCLUDE_ADB, "1", 359 userId); 360 } 361 break; 362 case UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES: 363 if (newValue) { 364 android.provider.Settings.Secure.putIntForUser(cr, 365 android.provider.Settings.Secure.INSTALL_NON_MARKET_APPS, 0, 366 userId); 367 } 368 break; 369 case UserManager.DISALLOW_RUN_IN_BACKGROUND: 370 if (newValue) { 371 int currentUser = ActivityManager.getCurrentUser(); 372 if (currentUser != userId && userId != UserHandle.USER_SYSTEM) { 373 try { 374 ActivityManagerNative.getDefault().stopUser(userId, false, null); 375 } catch (RemoteException e) { 376 throw e.rethrowAsRuntimeException(); 377 } 378 } 379 } 380 } 381 } finally { 382 Binder.restoreCallingIdentity(id); 383 } 384 } 385 386 public static void dumpRestrictions(PrintWriter pw, String prefix, Bundle restrictions) { 387 boolean noneSet = true; 388 if (restrictions != null) { 389 for (String key : restrictions.keySet()) { 390 if (restrictions.getBoolean(key, false)) { 391 pw.println(prefix + key); 392 noneSet = false; 393 } 394 } 395 if (noneSet) { 396 pw.println(prefix + "none"); 397 } 398 } else { 399 pw.println(prefix + "null"); 400 } 401 } 402} 403