diff options
author | jovanak <jovanak@google.com> | 2018-06-12 10:50:40 -0700 |
---|---|---|
committer | jovanak <jovanak@google.com> | 2018-06-12 13:52:26 -0700 |
commit | d388b96eeb1a209f409c8051add59b7ba9b86983 (patch) | |
tree | 5d9cdd7847ca2d987cf1fc0f25721113c1c0b55e /car-lib | |
parent | 7ed841d0abffe75c763c408fc6164136bbf4436d (diff) | |
download | Car-d388b96eeb1a209f409c8051add59b7ba9b86983.tar.gz |
Adding default user restrictions for non-admin users.
When a new non-admin is created, restrictions are applied.
When a non-admin is upgraded to admin status, restrictions are lifted.
Change-Id: I3798ec181cb0752cfb8851815c115bef349b311a
Fixes: 109697822
Test: atest CarUserManagerHelperTest
Diffstat (limited to 'car-lib')
-rw-r--r-- | car-lib/src/android/car/user/CarUserManagerHelper.java | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/car-lib/src/android/car/user/CarUserManagerHelper.java b/car-lib/src/android/car/user/CarUserManagerHelper.java index 59e030b983..160a870349 100644 --- a/car-lib/src/android/car/user/CarUserManagerHelper.java +++ b/car-lib/src/android/car/user/CarUserManagerHelper.java @@ -34,8 +34,11 @@ import android.util.Log; import com.android.internal.util.UserIcons; +import com.google.android.collect.Sets; + import java.util.Iterator; import java.util.List; +import java.util.Set; /** * Helper class for {@link UserManager}, this is meant to be used by builds that support @@ -50,6 +53,14 @@ import java.util.List; public class CarUserManagerHelper { private static final String TAG = "CarUserManagerHelper"; private static final String HEADLESS_SYSTEM_USER = "android.car.systemuser.headless"; + /** + * Default set of restrictions for Non-Admin users. + */ + private static final Set<String> DEFAULT_NON_ADMIN_RESTRICTIONS = Sets.newArraySet( + UserManager.DISALLOW_REMOVE_USER, + UserManager.DISALLOW_FACTORY_RESET + ); + private final Context mContext; private final UserManager mUserManager; private final ActivityManager mActivityManager; @@ -383,6 +394,9 @@ public class CarUserManagerHelper { } mUserManager.setUserAdmin(user.id); + + // Remove restrictions imposed on non-admins. + setDefaultNonAdminRestrictions(user, /* enable= */ false); } /** @@ -419,11 +433,37 @@ public class CarUserManagerHelper { Log.w(TAG, "can't create non-admin user."); return null; } + setDefaultNonAdminRestrictions(user, /* enable= */ true); assignDefaultIcon(user); return user; } /** + * Sets the values of default Non-Admin restrictions to the passed in value. + * + * @param userInfo User to set restrictions on. + * @param enable If true, restriction is ON, If false, restriction is OFF. + */ + private void setDefaultNonAdminRestrictions(UserInfo userInfo, boolean enable) { + for (String restriction : DEFAULT_NON_ADMIN_RESTRICTIONS) { + setUserRestriction(userInfo, restriction, enable); + } + } + + /** + * Sets the value of the specified restriction for the specified user. + * + * @param userInfo the user whose restriction is to be changed + * @param restriction the key of the restriction + * @param enable the value for the restriction. if true, turns the restriction ON, if false, + * turns the restriction OFF. + */ + public void setUserRestriction(UserInfo userInfo, String restriction, boolean enable) { + UserHandle userHandle = UserHandle.of(userInfo.id); + mUserManager.setUserRestriction(restriction, enable, userHandle); + } + + /** * Tries to remove the user that's passed in. System user cannot be removed. * If the user to be removed is user currently running the process, * it switches to the guest user first, and then removes the user. |