UserRestrictionsUtils.java revision 830e32cdccdeeeadc5f07ba006b2b5779f8be65d
1/* 2 * Copyright (C) 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17package com.android.server.pm; 18 19import com.google.android.collect.Sets; 20 21import com.android.internal.util.Preconditions; 22 23import android.annotation.NonNull; 24import android.annotation.Nullable; 25import android.app.ActivityManager; 26import android.app.ActivityManagerNative; 27import android.content.ContentResolver; 28import android.content.Context; 29import android.net.Uri; 30import android.os.Binder; 31import android.os.Bundle; 32import android.os.RemoteException; 33import android.os.SystemProperties; 34import android.os.UserHandle; 35import android.os.UserManager; 36import android.service.persistentdata.PersistentDataBlockManager; 37import android.telephony.SubscriptionInfo; 38import android.telephony.SubscriptionManager; 39import android.util.Log; 40import android.util.Slog; 41 42import org.xmlpull.v1.XmlPullParser; 43import org.xmlpull.v1.XmlSerializer; 44 45import java.io.IOException; 46import java.io.PrintWriter; 47import java.util.List; 48import java.util.Set; 49 50/** 51 * Utility methods for user restrictions. 52 * 53 * <p>See {@link UserManagerService} for the method suffixes. 54 */ 55public class UserRestrictionsUtils { 56 private static final String TAG = "UserRestrictionsUtils"; 57 58 private UserRestrictionsUtils() { 59 } 60 61 private static Set<String> newSetWithUniqueCheck(String[] strings) { 62 final Set<String> ret = Sets.newArraySet(strings); 63 64 // Make sure there's no overlap. 65 Preconditions.checkState(ret.size() == strings.length); 66 return ret; 67 } 68 69 public static final Set<String> USER_RESTRICTIONS = newSetWithUniqueCheck(new String[] { 70 UserManager.DISALLOW_CONFIG_WIFI, 71 UserManager.DISALLOW_MODIFY_ACCOUNTS, 72 UserManager.DISALLOW_INSTALL_APPS, 73 UserManager.DISALLOW_UNINSTALL_APPS, 74 UserManager.DISALLOW_SHARE_LOCATION, 75 UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES, 76 UserManager.DISALLOW_CONFIG_BLUETOOTH, 77 UserManager.DISALLOW_USB_FILE_TRANSFER, 78 UserManager.DISALLOW_CONFIG_CREDENTIALS, 79 UserManager.DISALLOW_REMOVE_USER, 80 UserManager.DISALLOW_DEBUGGING_FEATURES, 81 UserManager.DISALLOW_CONFIG_VPN, 82 UserManager.DISALLOW_CONFIG_TETHERING, 83 UserManager.DISALLOW_NETWORK_RESET, 84 UserManager.DISALLOW_FACTORY_RESET, 85 UserManager.DISALLOW_ADD_USER, 86 UserManager.ENSURE_VERIFY_APPS, 87 UserManager.DISALLOW_CONFIG_CELL_BROADCASTS, 88 UserManager.DISALLOW_CONFIG_MOBILE_NETWORKS, 89 UserManager.DISALLOW_APPS_CONTROL, 90 UserManager.DISALLOW_MOUNT_PHYSICAL_MEDIA, 91 UserManager.DISALLOW_UNMUTE_MICROPHONE, 92 UserManager.DISALLOW_ADJUST_VOLUME, 93 UserManager.DISALLOW_OUTGOING_CALLS, 94 UserManager.DISALLOW_SMS, 95 UserManager.DISALLOW_FUN, 96 UserManager.DISALLOW_CREATE_WINDOWS, 97 UserManager.DISALLOW_CROSS_PROFILE_COPY_PASTE, 98 UserManager.DISALLOW_OUTGOING_BEAM, 99 UserManager.DISALLOW_WALLPAPER, 100 UserManager.DISALLOW_SAFE_BOOT, 101 UserManager.ALLOW_PARENT_PROFILE_APP_LINKING, 102 UserManager.DISALLOW_RECORD_AUDIO, 103 UserManager.DISALLOW_CAMERA, 104 UserManager.DISALLOW_RUN_IN_BACKGROUND, 105 UserManager.DISALLOW_DATA_ROAMING, 106 UserManager.DISALLOW_SET_USER_ICON, 107 UserManager.DISALLOW_SET_WALLPAPER 108 }); 109 110 /** 111 * Set of user restriction which we don't want to persist. 112 */ 113 private static final Set<String> NON_PERSIST_USER_RESTRICTIONS = Sets.newArraySet( 114 UserManager.DISALLOW_RECORD_AUDIO 115 ); 116 117 /** 118 * User restrictions that can not be set by profile owners. 119 */ 120 private static final Set<String> DEVICE_OWNER_ONLY_RESTRICTIONS = Sets.newArraySet( 121 UserManager.DISALLOW_USB_FILE_TRANSFER, 122 UserManager.DISALLOW_CONFIG_TETHERING, 123 UserManager.DISALLOW_NETWORK_RESET, 124 UserManager.DISALLOW_FACTORY_RESET, 125 UserManager.DISALLOW_ADD_USER, 126 UserManager.DISALLOW_CONFIG_CELL_BROADCASTS, 127 UserManager.DISALLOW_CONFIG_MOBILE_NETWORKS, 128 UserManager.DISALLOW_MOUNT_PHYSICAL_MEDIA, 129 UserManager.DISALLOW_SMS, 130 UserManager.DISALLOW_FUN, 131 UserManager.DISALLOW_SAFE_BOOT, 132 UserManager.DISALLOW_CREATE_WINDOWS, 133 UserManager.DISALLOW_DATA_ROAMING 134 ); 135 136 /** 137 * User restrictions that can't be changed by device owner or profile owner. 138 */ 139 private static final Set<String> IMMUTABLE_BY_OWNERS = Sets.newArraySet( 140 UserManager.DISALLOW_RECORD_AUDIO, 141 UserManager.DISALLOW_WALLPAPER 142 ); 143 144 /** 145 * Special user restrictions that can be applied to a user as well as to all users globally, 146 * depending on callers. When device owner sets them, they'll be applied to all users. 147 */ 148 private static final Set<String> GLOBAL_RESTRICTIONS = Sets.newArraySet( 149 UserManager.DISALLOW_ADJUST_VOLUME, 150 UserManager.DISALLOW_RUN_IN_BACKGROUND, 151 UserManager.DISALLOW_UNMUTE_MICROPHONE 152 ); 153 154 /** 155 * Throws {@link IllegalArgumentException} if the given restriction name is invalid. 156 */ 157 public static boolean isValidRestriction(@NonNull String restriction) { 158 if (!USER_RESTRICTIONS.contains(restriction)) { 159 Slog.e(TAG, "Unknown restriction: " + restriction); 160 return false; 161 } 162 return true; 163 } 164 165 public static void writeRestrictions(@NonNull XmlSerializer serializer, 166 @Nullable Bundle restrictions, @NonNull String tag) throws IOException { 167 if (restrictions == null) { 168 return; 169 } 170 171 serializer.startTag(null, tag); 172 for (String key : restrictions.keySet()) { 173 if (NON_PERSIST_USER_RESTRICTIONS.contains(key)) { 174 continue; // Don't persist. 175 } 176 if (USER_RESTRICTIONS.contains(key)) { 177 if (restrictions.getBoolean(key)) { 178 serializer.attribute(null, key, "true"); 179 } 180 continue; 181 } 182 Log.w(TAG, "Unknown user restriction detected: " + key); 183 } 184 serializer.endTag(null, tag); 185 } 186 187 public static void readRestrictions(XmlPullParser parser, Bundle restrictions) 188 throws IOException { 189 for (String key : USER_RESTRICTIONS) { 190 final String value = parser.getAttributeValue(null, key); 191 if (value != null) { 192 restrictions.putBoolean(key, Boolean.parseBoolean(value)); 193 } 194 } 195 } 196 197 /** 198 * @return {@code in} itself when it's not null, or an empty bundle (which can writable). 199 */ 200 public static Bundle nonNull(@Nullable Bundle in) { 201 return in != null ? in : new Bundle(); 202 } 203 204 public static boolean isEmpty(@Nullable Bundle in) { 205 return (in == null) || (in.size() == 0); 206 } 207 208 /** 209 * Creates a copy of the {@code in} Bundle. If {@code in} is null, it'll return an empty 210 * bundle. 211 * 212 * <p>The resulting {@link Bundle} is always writable. (i.e. it won't return 213 * {@link Bundle#EMPTY}) 214 */ 215 public static @NonNull Bundle clone(@Nullable Bundle in) { 216 return (in != null) ? new Bundle(in) : new Bundle(); 217 } 218 219 public static void merge(@NonNull Bundle dest, @Nullable Bundle in) { 220 Preconditions.checkNotNull(dest); 221 Preconditions.checkArgument(dest != in); 222 if (in == null) { 223 return; 224 } 225 for (String key : in.keySet()) { 226 if (in.getBoolean(key, false)) { 227 dest.putBoolean(key, true); 228 } 229 } 230 } 231 232 /** 233 * @return true if a restriction is settable by device owner. 234 */ 235 public static boolean canDeviceOwnerChange(String restriction) { 236 return !IMMUTABLE_BY_OWNERS.contains(restriction); 237 } 238 239 /** 240 * @return true if a restriction is settable by profile owner. Note it takes a user ID because 241 * some restrictions can be changed by PO only when it's running on the system user. 242 */ 243 public static boolean canProfileOwnerChange(String restriction, int userId) { 244 return !IMMUTABLE_BY_OWNERS.contains(restriction) 245 && !(userId != UserHandle.USER_SYSTEM 246 && DEVICE_OWNER_ONLY_RESTRICTIONS.contains(restriction)); 247 } 248 249 /** 250 * Takes restrictions that can be set by device owner, and sort them into what should be applied 251 * globally and what should be applied only on the current user. 252 */ 253 public static void sortToGlobalAndLocal(@Nullable Bundle in, @NonNull Bundle global, 254 @NonNull Bundle local) { 255 if (in == null || in.size() == 0) { 256 return; 257 } 258 for (String key : in.keySet()) { 259 if (!in.getBoolean(key)) { 260 continue; 261 } 262 if (DEVICE_OWNER_ONLY_RESTRICTIONS.contains(key) || GLOBAL_RESTRICTIONS.contains(key)) { 263 global.putBoolean(key, true); 264 } else { 265 local.putBoolean(key, true); 266 } 267 } 268 } 269 270 /** 271 * @return true if two Bundles contain the same user restriction. 272 * A null bundle and an empty bundle are considered to be equal. 273 */ 274 public static boolean areEqual(@Nullable Bundle a, @Nullable Bundle b) { 275 if (a == b) { 276 return true; 277 } 278 if (isEmpty(a)) { 279 return isEmpty(b); 280 } 281 if (isEmpty(b)) { 282 return false; 283 } 284 for (String key : a.keySet()) { 285 if (a.getBoolean(key) != b.getBoolean(key)) { 286 return false; 287 } 288 } 289 for (String key : b.keySet()) { 290 if (a.getBoolean(key) != b.getBoolean(key)) { 291 return false; 292 } 293 } 294 return true; 295 } 296 297 /** 298 * Takes a new use restriction set and the previous set, and apply the restrictions that have 299 * changed. 300 * 301 * <p>Note this method is called by {@link UserManagerService} without holding any locks. 302 */ 303 public static void applyUserRestrictions(Context context, int userId, 304 Bundle newRestrictions, Bundle prevRestrictions) { 305 for (String key : USER_RESTRICTIONS) { 306 final boolean newValue = newRestrictions.getBoolean(key); 307 final boolean prevValue = prevRestrictions.getBoolean(key); 308 309 if (newValue != prevValue) { 310 applyUserRestriction(context, userId, key, newValue); 311 } 312 } 313 } 314 315 /** 316 * Apply each user restriction. 317 * 318 * <p>See also {@link 319 * com.android.providers.settings.SettingsProvider#isGlobalOrSecureSettingRestrictedForUser}, 320 * which should be in sync with this method. 321 */ 322 private static void applyUserRestriction(Context context, int userId, String key, 323 boolean newValue) { 324 if (UserManagerService.DBG) { 325 Log.d(TAG, "Applying user restriction: userId=" + userId 326 + " key=" + key + " value=" + newValue); 327 } 328 // When certain restrictions are cleared, we don't update the system settings, 329 // because these settings are changeable on the Settings UI and we don't know the original 330 // value -- for example LOCATION_MODE might have been off already when the restriction was 331 // set, and in that case even if the restriction is lifted, changing it to ON would be 332 // wrong. So just don't do anything in such a case. If the user hopes to enable location 333 // later, they can do it on the Settings UI. 334 335 final ContentResolver cr = context.getContentResolver(); 336 final long id = Binder.clearCallingIdentity(); 337 try { 338 switch (key) { 339 case UserManager.DISALLOW_CONFIG_WIFI: 340 if (newValue) { 341 android.provider.Settings.Secure.putIntForUser(cr, 342 android.provider.Settings.Global 343 .WIFI_NETWORKS_AVAILABLE_NOTIFICATION_ON, 0, userId); 344 } 345 break; 346 case UserManager.DISALLOW_DATA_ROAMING: 347 if (newValue) { 348 // DISALLOW_DATA_ROAMING user restriction is set. 349 350 // Multi sim device. 351 SubscriptionManager subscriptionManager = new SubscriptionManager(context); 352 final List<SubscriptionInfo> subscriptionInfoList = 353 subscriptionManager.getActiveSubscriptionInfoList(); 354 if (subscriptionInfoList != null) { 355 for (SubscriptionInfo subInfo : subscriptionInfoList) { 356 android.provider.Settings.Global.putStringForUser(cr, 357 android.provider.Settings.Global.DATA_ROAMING 358 + subInfo.getSubscriptionId(), "0", userId); 359 } 360 } 361 362 // Single sim device. 363 android.provider.Settings.Global.putStringForUser(cr, 364 android.provider.Settings.Global.DATA_ROAMING, "0", userId); 365 } 366 break; 367 case UserManager.DISALLOW_SHARE_LOCATION: 368 if (newValue) { 369 android.provider.Settings.Secure.putIntForUser(cr, 370 android.provider.Settings.Secure.LOCATION_MODE, 371 android.provider.Settings.Secure.LOCATION_MODE_OFF, 372 userId); 373 } 374 break; 375 case UserManager.DISALLOW_DEBUGGING_FEATURES: 376 if (newValue) { 377 // Only disable adb if changing for system user, since it is global 378 // TODO: should this be admin user? 379 if (userId == UserHandle.USER_SYSTEM) { 380 android.provider.Settings.Global.putStringForUser(cr, 381 android.provider.Settings.Global.ADB_ENABLED, "0", 382 userId); 383 } 384 } 385 break; 386 case UserManager.ENSURE_VERIFY_APPS: 387 if (newValue) { 388 android.provider.Settings.Global.putStringForUser( 389 context.getContentResolver(), 390 android.provider.Settings.Global.PACKAGE_VERIFIER_ENABLE, "1", 391 userId); 392 android.provider.Settings.Global.putStringForUser( 393 context.getContentResolver(), 394 android.provider.Settings.Global.PACKAGE_VERIFIER_INCLUDE_ADB, "1", 395 userId); 396 } 397 break; 398 case UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES: 399 if (newValue) { 400 android.provider.Settings.Secure.putIntForUser(cr, 401 android.provider.Settings.Secure.INSTALL_NON_MARKET_APPS, 0, 402 userId); 403 } 404 break; 405 case UserManager.DISALLOW_RUN_IN_BACKGROUND: 406 if (newValue) { 407 int currentUser = ActivityManager.getCurrentUser(); 408 if (currentUser != userId && userId != UserHandle.USER_SYSTEM) { 409 try { 410 ActivityManagerNative.getDefault().stopUser(userId, false, null); 411 } catch (RemoteException e) { 412 throw e.rethrowAsRuntimeException(); 413 } 414 } 415 } 416 break; 417 case UserManager.DISALLOW_SAFE_BOOT: 418 // Unlike with the other restrictions, we want to propagate the new value to 419 // the system settings even if it is false. The other restrictions modify 420 // settings which could be manually changed by the user from the Settings app 421 // after the policies enforcing these restrictions have been revoked, so we 422 // leave re-setting of those settings to the user. 423 android.provider.Settings.Global.putInt( 424 context.getContentResolver(), 425 android.provider.Settings.Global.SAFE_BOOT_DISALLOWED, 426 newValue ? 1 : 0); 427 break; 428 case UserManager.DISALLOW_FACTORY_RESET: 429 if (newValue) { 430 PersistentDataBlockManager manager = (PersistentDataBlockManager) context 431 .getSystemService(Context.PERSISTENT_DATA_BLOCK_SERVICE); 432 if (manager != null) { 433 manager.setOemUnlockEnabled(false); 434 } 435 } 436 } 437 } finally { 438 Binder.restoreCallingIdentity(id); 439 } 440 } 441 442 public static void dumpRestrictions(PrintWriter pw, String prefix, Bundle restrictions) { 443 boolean noneSet = true; 444 if (restrictions != null) { 445 for (String key : restrictions.keySet()) { 446 if (restrictions.getBoolean(key, false)) { 447 pw.println(prefix + key); 448 noneSet = false; 449 } 450 } 451 if (noneSet) { 452 pw.println(prefix + "none"); 453 } 454 } else { 455 pw.println(prefix + "null"); 456 } 457 } 458} 459