summaryrefslogtreecommitdiffstats
path: root/core/java
diff options
context:
space:
mode:
authorAmith Yamasani <yamasani@google.com>2012-09-14 23:20:08 -0700
committerAmith Yamasani <yamasani@google.com>2012-09-18 14:28:33 -0700
commit599dd7ce9adf8ca067cefb0b191a5ac20ec35a79 (patch)
tree37665dd877c99b5c0fd921123adec8d4ea3d737a /core/java
parent24ed2769130a8f9df44e7fc22be52b6282e724c3 (diff)
downloadframeworks_base-599dd7ce9adf8ca067cefb0b191a5ac20ec35a79.zip
frameworks_base-599dd7ce9adf8ca067cefb0b191a5ac20ec35a79.tar.gz
frameworks_base-599dd7ce9adf8ca067cefb0b191a5ac20ec35a79.tar.bz2
DevicePolicyManager per user
Bug: 7136483 Store device policy information for each user and apply them when user switches. Global proxy can only be controlled by owner. Camera restriction applies to all users, if any one has an admin that disables it. Storage encryption can only be controlled by owner, although other users can query the state. Wipe data will only remove the user if non-zero, wipe the device, if zero. Change-Id: I359be46c1bc3828fd13d4be3228f11495081c8f2
Diffstat (limited to 'core/java')
-rw-r--r--core/java/android/app/PendingIntent.java9
-rwxr-xr-xcore/java/android/app/admin/DevicePolicyManager.java176
-rw-r--r--core/java/android/app/admin/IDevicePolicyManager.aidl96
-rw-r--r--core/java/com/android/internal/widget/LockPatternUtils.java111
4 files changed, 255 insertions, 137 deletions
diff --git a/core/java/android/app/PendingIntent.java b/core/java/android/app/PendingIntent.java
index e7cea57..8fb6948 100644
--- a/core/java/android/app/PendingIntent.java
+++ b/core/java/android/app/PendingIntent.java
@@ -413,6 +413,13 @@ public final class PendingIntent implements Parcelable {
*/
public static PendingIntent getBroadcast(Context context, int requestCode,
Intent intent, int flags) {
+ return getBroadcastAsUser(context, requestCode, intent, flags,
+ new UserHandle(UserHandle.myUserId()));
+ }
+
+ /** @hide */
+ public static PendingIntent getBroadcastAsUser(Context context, int requestCode,
+ Intent intent, int flags, UserHandle userHandle) {
String packageName = context.getPackageName();
String resolvedType = intent != null ? intent.resolveTypeIfNeeded(
context.getContentResolver()) : null;
@@ -423,7 +430,7 @@ public final class PendingIntent implements Parcelable {
ActivityManager.INTENT_SENDER_BROADCAST, packageName,
null, null, requestCode, new Intent[] { intent },
resolvedType != null ? new String[] { resolvedType } : null,
- flags, null, UserHandle.myUserId());
+ flags, null, userHandle.getIdentifier());
return target != null ? new PendingIntent(target) : null;
} catch (RemoteException e) {
}
diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java
index 4c55bb3..600d02a 100755
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -29,6 +29,7 @@ import android.os.Handler;
import android.os.RemoteCallback;
import android.os.RemoteException;
import android.os.ServiceManager;
+import android.os.UserHandle;
import android.util.Log;
import java.io.IOException;
@@ -131,7 +132,7 @@ public class DevicePolicyManager {
public boolean isAdminActive(ComponentName who) {
if (mService != null) {
try {
- return mService.isAdminActive(who);
+ return mService.isAdminActive(who, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -147,7 +148,7 @@ public class DevicePolicyManager {
public List<ComponentName> getActiveAdmins() {
if (mService != null) {
try {
- return mService.getActiveAdmins();
+ return mService.getActiveAdmins(UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -156,12 +157,14 @@ public class DevicePolicyManager {
}
/**
+ * Used by package administration code to determine if a package can be stopped
+ * or uninstalled.
* @hide
*/
public boolean packageHasActiveAdmins(String packageName) {
if (mService != null) {
try {
- return mService.packageHasActiveAdmins(packageName);
+ return mService.packageHasActiveAdmins(packageName, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -178,7 +181,7 @@ public class DevicePolicyManager {
public void removeActiveAdmin(ComponentName who) {
if (mService != null) {
try {
- mService.removeActiveAdmin(who);
+ mService.removeActiveAdmin(who, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -197,7 +200,7 @@ public class DevicePolicyManager {
public boolean hasGrantedPolicy(ComponentName admin, int usesPolicy) {
if (mService != null) {
try {
- return mService.hasGrantedPolicy(admin, usesPolicy);
+ return mService.hasGrantedPolicy(admin, usesPolicy, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -289,7 +292,7 @@ public class DevicePolicyManager {
public void setPasswordQuality(ComponentName admin, int quality) {
if (mService != null) {
try {
- mService.setPasswordQuality(admin, quality);
+ mService.setPasswordQuality(admin, quality, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -303,9 +306,14 @@ public class DevicePolicyManager {
* all admins.
*/
public int getPasswordQuality(ComponentName admin) {
+ return getPasswordQuality(admin, UserHandle.myUserId());
+ }
+
+ /** @hide per-user version */
+ public int getPasswordQuality(ComponentName admin, int userHandle) {
if (mService != null) {
try {
- return mService.getPasswordQuality(admin);
+ return mService.getPasswordQuality(admin, userHandle);
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -337,7 +345,7 @@ public class DevicePolicyManager {
public void setPasswordMinimumLength(ComponentName admin, int length) {
if (mService != null) {
try {
- mService.setPasswordMinimumLength(admin, length);
+ mService.setPasswordMinimumLength(admin, length, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -351,9 +359,14 @@ public class DevicePolicyManager {
* all admins.
*/
public int getPasswordMinimumLength(ComponentName admin) {
+ return getPasswordMinimumLength(admin, UserHandle.myUserId());
+ }
+
+ /** @hide per-user version */
+ public int getPasswordMinimumLength(ComponentName admin, int userHandle) {
if (mService != null) {
try {
- return mService.getPasswordMinimumLength(admin);
+ return mService.getPasswordMinimumLength(admin, userHandle);
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -386,7 +399,7 @@ public class DevicePolicyManager {
public void setPasswordMinimumUpperCase(ComponentName admin, int length) {
if (mService != null) {
try {
- mService.setPasswordMinimumUpperCase(admin, length);
+ mService.setPasswordMinimumUpperCase(admin, length, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -406,9 +419,14 @@ public class DevicePolicyManager {
* password.
*/
public int getPasswordMinimumUpperCase(ComponentName admin) {
+ return getPasswordMinimumUpperCase(admin, UserHandle.myUserId());
+ }
+
+ /** @hide per-user version */
+ public int getPasswordMinimumUpperCase(ComponentName admin, int userHandle) {
if (mService != null) {
try {
- return mService.getPasswordMinimumUpperCase(admin);
+ return mService.getPasswordMinimumUpperCase(admin, userHandle);
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -441,7 +459,7 @@ public class DevicePolicyManager {
public void setPasswordMinimumLowerCase(ComponentName admin, int length) {
if (mService != null) {
try {
- mService.setPasswordMinimumLowerCase(admin, length);
+ mService.setPasswordMinimumLowerCase(admin, length, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -461,9 +479,14 @@ public class DevicePolicyManager {
* password.
*/
public int getPasswordMinimumLowerCase(ComponentName admin) {
+ return getPasswordMinimumLowerCase(admin, UserHandle.myUserId());
+ }
+
+ /** @hide per-user version */
+ public int getPasswordMinimumLowerCase(ComponentName admin, int userHandle) {
if (mService != null) {
try {
- return mService.getPasswordMinimumLowerCase(admin);
+ return mService.getPasswordMinimumLowerCase(admin, userHandle);
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -495,7 +518,7 @@ public class DevicePolicyManager {
public void setPasswordMinimumLetters(ComponentName admin, int length) {
if (mService != null) {
try {
- mService.setPasswordMinimumLetters(admin, length);
+ mService.setPasswordMinimumLetters(admin, length, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -514,9 +537,14 @@ public class DevicePolicyManager {
* @return The minimum number of letters required in the password.
*/
public int getPasswordMinimumLetters(ComponentName admin) {
+ return getPasswordMinimumLetters(admin, UserHandle.myUserId());
+ }
+
+ /** @hide per-user version */
+ public int getPasswordMinimumLetters(ComponentName admin, int userHandle) {
if (mService != null) {
try {
- return mService.getPasswordMinimumLetters(admin);
+ return mService.getPasswordMinimumLetters(admin, userHandle);
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -548,7 +576,7 @@ public class DevicePolicyManager {
public void setPasswordMinimumNumeric(ComponentName admin, int length) {
if (mService != null) {
try {
- mService.setPasswordMinimumNumeric(admin, length);
+ mService.setPasswordMinimumNumeric(admin, length, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -567,9 +595,14 @@ public class DevicePolicyManager {
* @return The minimum number of numerical digits required in the password.
*/
public int getPasswordMinimumNumeric(ComponentName admin) {
+ return getPasswordMinimumNumeric(admin, UserHandle.myUserId());
+ }
+
+ /** @hide per-user version */
+ public int getPasswordMinimumNumeric(ComponentName admin, int userHandle) {
if (mService != null) {
try {
- return mService.getPasswordMinimumNumeric(admin);
+ return mService.getPasswordMinimumNumeric(admin, userHandle);
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -601,7 +634,7 @@ public class DevicePolicyManager {
public void setPasswordMinimumSymbols(ComponentName admin, int length) {
if (mService != null) {
try {
- mService.setPasswordMinimumSymbols(admin, length);
+ mService.setPasswordMinimumSymbols(admin, length, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -620,9 +653,14 @@ public class DevicePolicyManager {
* @return The minimum number of symbols required in the password.
*/
public int getPasswordMinimumSymbols(ComponentName admin) {
+ return getPasswordMinimumSymbols(admin, UserHandle.myUserId());
+ }
+
+ /** @hide per-user version */
+ public int getPasswordMinimumSymbols(ComponentName admin, int userHandle) {
if (mService != null) {
try {
- return mService.getPasswordMinimumSymbols(admin);
+ return mService.getPasswordMinimumSymbols(admin, userHandle);
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -654,7 +692,7 @@ public class DevicePolicyManager {
public void setPasswordMinimumNonLetter(ComponentName admin, int length) {
if (mService != null) {
try {
- mService.setPasswordMinimumNonLetter(admin, length);
+ mService.setPasswordMinimumNonLetter(admin, length, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -673,9 +711,14 @@ public class DevicePolicyManager {
* @return The minimum number of letters required in the password.
*/
public int getPasswordMinimumNonLetter(ComponentName admin) {
+ return getPasswordMinimumNonLetter(admin, UserHandle.myUserId());
+ }
+
+ /** @hide per-user version */
+ public int getPasswordMinimumNonLetter(ComponentName admin, int userHandle) {
if (mService != null) {
try {
- return mService.getPasswordMinimumNonLetter(admin);
+ return mService.getPasswordMinimumNonLetter(admin, userHandle);
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -708,7 +751,7 @@ public class DevicePolicyManager {
public void setPasswordHistoryLength(ComponentName admin, int length) {
if (mService != null) {
try {
- mService.setPasswordHistoryLength(admin, length);
+ mService.setPasswordHistoryLength(admin, length, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -737,7 +780,7 @@ public class DevicePolicyManager {
public void setPasswordExpirationTimeout(ComponentName admin, long timeout) {
if (mService != null) {
try {
- mService.setPasswordExpirationTimeout(admin, timeout);
+ mService.setPasswordExpirationTimeout(admin, timeout, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -756,7 +799,7 @@ public class DevicePolicyManager {
public long getPasswordExpirationTimeout(ComponentName admin) {
if (mService != null) {
try {
- return mService.getPasswordExpirationTimeout(admin);
+ return mService.getPasswordExpirationTimeout(admin, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -776,7 +819,7 @@ public class DevicePolicyManager {
public long getPasswordExpiration(ComponentName admin) {
if (mService != null) {
try {
- return mService.getPasswordExpiration(admin);
+ return mService.getPasswordExpiration(admin, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -792,9 +835,14 @@ public class DevicePolicyManager {
* @return The length of the password history
*/
public int getPasswordHistoryLength(ComponentName admin) {
+ return getPasswordHistoryLength(admin, UserHandle.myUserId());
+ }
+
+ /** @hide per-user version */
+ public int getPasswordHistoryLength(ComponentName admin, int userHandle) {
if (mService != null) {
try {
- return mService.getPasswordHistoryLength(admin);
+ return mService.getPasswordHistoryLength(admin, userHandle);
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -828,7 +876,7 @@ public class DevicePolicyManager {
public boolean isActivePasswordSufficient() {
if (mService != null) {
try {
- return mService.isActivePasswordSufficient();
+ return mService.isActivePasswordSufficient(UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -847,7 +895,7 @@ public class DevicePolicyManager {
public int getCurrentFailedPasswordAttempts() {
if (mService != null) {
try {
- return mService.getCurrentFailedPasswordAttempts();
+ return mService.getCurrentFailedPasswordAttempts(UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -877,7 +925,7 @@ public class DevicePolicyManager {
public void setMaximumFailedPasswordsForWipe(ComponentName admin, int num) {
if (mService != null) {
try {
- mService.setMaximumFailedPasswordsForWipe(admin, num);
+ mService.setMaximumFailedPasswordsForWipe(admin, num, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -892,9 +940,14 @@ public class DevicePolicyManager {
* all admins.
*/
public int getMaximumFailedPasswordsForWipe(ComponentName admin) {
+ return getMaximumFailedPasswordsForWipe(admin, UserHandle.myUserId());
+ }
+
+ /** @hide per-user version */
+ public int getMaximumFailedPasswordsForWipe(ComponentName admin, int userHandle) {
if (mService != null) {
try {
- return mService.getMaximumFailedPasswordsForWipe(admin);
+ return mService.getMaximumFailedPasswordsForWipe(admin, userHandle);
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -933,7 +986,7 @@ public class DevicePolicyManager {
public boolean resetPassword(String password, int flags) {
if (mService != null) {
try {
- return mService.resetPassword(password, flags);
+ return mService.resetPassword(password, flags, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -957,7 +1010,7 @@ public class DevicePolicyManager {
public void setMaximumTimeToLock(ComponentName admin, long timeMs) {
if (mService != null) {
try {
- mService.setMaximumTimeToLock(admin, timeMs);
+ mService.setMaximumTimeToLock(admin, timeMs, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -971,9 +1024,14 @@ public class DevicePolicyManager {
* all admins.
*/
public long getMaximumTimeToLock(ComponentName admin) {
+ return getMaximumTimeToLock(admin, UserHandle.myUserId());
+ }
+
+ /** @hide per-user version */
+ public long getMaximumTimeToLock(ComponentName admin, int userHandle) {
if (mService != null) {
try {
- return mService.getMaximumTimeToLock(admin);
+ return mService.getMaximumTimeToLock(admin, userHandle);
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -1021,7 +1079,7 @@ public class DevicePolicyManager {
public void wipeData(int flags) {
if (mService != null) {
try {
- mService.wipeData(flags);
+ mService.wipeData(flags, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -1090,7 +1148,7 @@ public class DevicePolicyManager {
}
android.net.Proxy.validate(hostName, Integer.toString(port), exclSpec);
}
- return mService.setGlobalProxy(admin, hostSpec, exclSpec);
+ return mService.setGlobalProxy(admin, hostSpec, exclSpec, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -1107,7 +1165,7 @@ public class DevicePolicyManager {
public ComponentName getGlobalProxyAdmin() {
if (mService != null) {
try {
- return mService.getGlobalProxyAdmin();
+ return mService.getGlobalProxyAdmin(UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -1199,7 +1257,7 @@ public class DevicePolicyManager {
public int setStorageEncryption(ComponentName admin, boolean encrypt) {
if (mService != null) {
try {
- return mService.setStorageEncryption(admin, encrypt);
+ return mService.setStorageEncryption(admin, encrypt, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -1219,7 +1277,7 @@ public class DevicePolicyManager {
public boolean getStorageEncryption(ComponentName admin) {
if (mService != null) {
try {
- return mService.getStorageEncryption(admin);
+ return mService.getStorageEncryption(admin, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -1244,9 +1302,14 @@ public class DevicePolicyManager {
* {@link #ENCRYPTION_STATUS_ACTIVATING}, or{@link #ENCRYPTION_STATUS_ACTIVE}.
*/
public int getStorageEncryptionStatus() {
+ return getStorageEncryptionStatus(UserHandle.myUserId());
+ }
+
+ /** @hide per-user version */
+ public int getStorageEncryptionStatus(int userHandle) {
if (mService != null) {
try {
- return mService.getStorageEncryptionStatus();
+ return mService.getStorageEncryptionStatus(userHandle);
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -1269,7 +1332,7 @@ public class DevicePolicyManager {
public void setCameraDisabled(ComponentName admin, boolean disabled) {
if (mService != null) {
try {
- mService.setCameraDisabled(admin, disabled);
+ mService.setCameraDisabled(admin, disabled, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -1283,9 +1346,14 @@ public class DevicePolicyManager {
* have disabled the camera
*/
public boolean getCameraDisabled(ComponentName admin) {
+ return getCameraDisabled(admin, UserHandle.myUserId());
+ }
+
+ /** @hide per-user version */
+ public boolean getCameraDisabled(ComponentName admin, int userHandle) {
if (mService != null) {
try {
- return mService.getCameraDisabled(admin);
+ return mService.getCameraDisabled(admin, userHandle);
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -1309,7 +1377,7 @@ public class DevicePolicyManager {
public void setKeyguardWidgetsDisabled(ComponentName admin, int which) {
if (mService != null) {
try {
- mService.setKeyguardWidgetsDisabled(admin, which);
+ mService.setKeyguardWidgetsDisabled(admin, which, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -1323,9 +1391,14 @@ public class DevicePolicyManager {
* have disabled widgets in keyguard.
*/
public int getKeyguardWidgetsDisabled(ComponentName admin) {
+ return getKeyguardWidgetsDisabled(admin, UserHandle.myUserId());
+ }
+
+ /** @hide per-user version */
+ public int getKeyguardWidgetsDisabled(ComponentName admin, int userHandle) {
if (mService != null) {
try {
- return mService.getKeyguardWidgetsDisabled(admin);
+ return mService.getKeyguardWidgetsDisabled(admin, userHandle);
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -1339,7 +1412,7 @@ public class DevicePolicyManager {
public void setActiveAdmin(ComponentName policyReceiver, boolean refreshing) {
if (mService != null) {
try {
- mService.setActiveAdmin(policyReceiver, refreshing);
+ mService.setActiveAdmin(policyReceiver, refreshing, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -1380,7 +1453,7 @@ public class DevicePolicyManager {
public void getRemoveWarning(ComponentName admin, RemoteCallback result) {
if (mService != null) {
try {
- mService.getRemoveWarning(admin, result);
+ mService.getRemoveWarning(admin, result, UserHandle.myUserId());
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -1391,11 +1464,11 @@ public class DevicePolicyManager {
* @hide
*/
public void setActivePasswordState(int quality, int length, int letters, int uppercase,
- int lowercase, int numbers, int symbols, int nonletter) {
+ int lowercase, int numbers, int symbols, int nonletter, int userHandle) {
if (mService != null) {
try {
mService.setActivePasswordState(quality, length, letters, uppercase, lowercase,
- numbers, symbols, nonletter);
+ numbers, symbols, nonletter, userHandle);
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -1405,10 +1478,10 @@ public class DevicePolicyManager {
/**
* @hide
*/
- public void reportFailedPasswordAttempt() {
+ public void reportFailedPasswordAttempt(int userHandle) {
if (mService != null) {
try {
- mService.reportFailedPasswordAttempt();
+ mService.reportFailedPasswordAttempt(userHandle);
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
@@ -1418,14 +1491,13 @@ public class DevicePolicyManager {
/**
* @hide
*/
- public void reportSuccessfulPasswordAttempt() {
+ public void reportSuccessfulPasswordAttempt(int userHandle) {
if (mService != null) {
try {
- mService.reportSuccessfulPasswordAttempt();
+ mService.reportSuccessfulPasswordAttempt(userHandle);
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
}
}
}
-
}
diff --git a/core/java/android/app/admin/IDevicePolicyManager.aidl b/core/java/android/app/admin/IDevicePolicyManager.aidl
index 0b7ec12..bdfb177 100644
--- a/core/java/android/app/admin/IDevicePolicyManager.aidl
+++ b/core/java/android/app/admin/IDevicePolicyManager.aidl
@@ -25,76 +25,76 @@ import android.os.RemoteCallback;
* {@hide}
*/
interface IDevicePolicyManager {
- void setPasswordQuality(in ComponentName who, int quality);
- int getPasswordQuality(in ComponentName who);
+ void setPasswordQuality(in ComponentName who, int quality, int userHandle);
+ int getPasswordQuality(in ComponentName who, int userHandle);
- void setPasswordMinimumLength(in ComponentName who, int length);
- int getPasswordMinimumLength(in ComponentName who);
+ void setPasswordMinimumLength(in ComponentName who, int length, int userHandle);
+ int getPasswordMinimumLength(in ComponentName who, int userHandle);
- void setPasswordMinimumUpperCase(in ComponentName who, int length);
- int getPasswordMinimumUpperCase(in ComponentName who);
+ void setPasswordMinimumUpperCase(in ComponentName who, int length, int userHandle);
+ int getPasswordMinimumUpperCase(in ComponentName who, int userHandle);
- void setPasswordMinimumLowerCase(in ComponentName who, int length);
- int getPasswordMinimumLowerCase(in ComponentName who);
+ void setPasswordMinimumLowerCase(in ComponentName who, int length, int userHandle);
+ int getPasswordMinimumLowerCase(in ComponentName who, int userHandle);
- void setPasswordMinimumLetters(in ComponentName who, int length);
- int getPasswordMinimumLetters(in ComponentName who);
+ void setPasswordMinimumLetters(in ComponentName who, int length, int userHandle);
+ int getPasswordMinimumLetters(in ComponentName who, int userHandle);
- void setPasswordMinimumNumeric(in ComponentName who, int length);
- int getPasswordMinimumNumeric(in ComponentName who);
+ void setPasswordMinimumNumeric(in ComponentName who, int length, int userHandle);
+ int getPasswordMinimumNumeric(in ComponentName who, int userHandle);
- void setPasswordMinimumSymbols(in ComponentName who, int length);
- int getPasswordMinimumSymbols(in ComponentName who);
+ void setPasswordMinimumSymbols(in ComponentName who, int length, int userHandle);
+ int getPasswordMinimumSymbols(in ComponentName who, int userHandle);
- void setPasswordMinimumNonLetter(in ComponentName who, int length);
- int getPasswordMinimumNonLetter(in ComponentName who);
+ void setPasswordMinimumNonLetter(in ComponentName who, int length, int userHandle);
+ int getPasswordMinimumNonLetter(in ComponentName who, int userHandle);
- void setPasswordHistoryLength(in ComponentName who, int length);
- int getPasswordHistoryLength(in ComponentName who);
+ void setPasswordHistoryLength(in ComponentName who, int length, int userHandle);
+ int getPasswordHistoryLength(in ComponentName who, int userHandle);
- void setPasswordExpirationTimeout(in ComponentName who, long expiration);
- long getPasswordExpirationTimeout(in ComponentName who);
+ void setPasswordExpirationTimeout(in ComponentName who, long expiration, int userHandle);
+ long getPasswordExpirationTimeout(in ComponentName who, int userHandle);
- long getPasswordExpiration(in ComponentName who);
+ long getPasswordExpiration(in ComponentName who, int userHandle);
- boolean isActivePasswordSufficient();
- int getCurrentFailedPasswordAttempts();
+ boolean isActivePasswordSufficient(int userHandle);
+ int getCurrentFailedPasswordAttempts(int userHandle);
- void setMaximumFailedPasswordsForWipe(in ComponentName admin, int num);
- int getMaximumFailedPasswordsForWipe(in ComponentName admin);
+ void setMaximumFailedPasswordsForWipe(in ComponentName admin, int num, int userHandle);
+ int getMaximumFailedPasswordsForWipe(in ComponentName admin, int userHandle);
- boolean resetPassword(String password, int flags);
+ boolean resetPassword(String password, int flags, int userHandle);
- void setMaximumTimeToLock(in ComponentName who, long timeMs);
- long getMaximumTimeToLock(in ComponentName who);
+ void setMaximumTimeToLock(in ComponentName who, long timeMs, int userHandle);
+ long getMaximumTimeToLock(in ComponentName who, int userHandle);
void lockNow();
- void wipeData(int flags);
+ void wipeData(int flags, int userHandle);
- ComponentName setGlobalProxy(in ComponentName admin, String proxySpec, String exclusionList);
- ComponentName getGlobalProxyAdmin();
+ ComponentName setGlobalProxy(in ComponentName admin, String proxySpec, String exclusionList, int userHandle);
+ ComponentName getGlobalProxyAdmin(int userHandle);
- int setStorageEncryption(in ComponentName who, boolean encrypt);
- boolean getStorageEncryption(in ComponentName who);
- int getStorageEncryptionStatus();
+ int setStorageEncryption(in ComponentName who, boolean encrypt, int userHandle);
+ boolean getStorageEncryption(in ComponentName who, int userHandle);
+ int getStorageEncryptionStatus(int userHandle);
- void setCameraDisabled(in ComponentName who, boolean disabled);
- boolean getCameraDisabled(in ComponentName who);
+ void setCameraDisabled(in ComponentName who, boolean disabled, int userHandle);
+ boolean getCameraDisabled(in ComponentName who, int userHandle);
- void setKeyguardWidgetsDisabled(in ComponentName who, int which);
- int getKeyguardWidgetsDisabled(in ComponentName who);
+ void setKeyguardWidgetsDisabled(in ComponentName who, int which, int userHandle);
+ int getKeyguardWidgetsDisabled(in ComponentName who, int userHandle);
- void setActiveAdmin(in ComponentName policyReceiver, boolean refreshing);
- boolean isAdminActive(in ComponentName policyReceiver);
- List<ComponentName> getActiveAdmins();
- boolean packageHasActiveAdmins(String packageName);
- void getRemoveWarning(in ComponentName policyReceiver, in RemoteCallback result);
- void removeActiveAdmin(in ComponentName policyReceiver);
- boolean hasGrantedPolicy(in ComponentName policyReceiver, int usesPolicy);
+ void setActiveAdmin(in ComponentName policyReceiver, boolean refreshing, int userHandle);
+ boolean isAdminActive(in ComponentName policyReceiver, int userHandle);
+ List<ComponentName> getActiveAdmins(int userHandle);
+ boolean packageHasActiveAdmins(String packageName, int userHandle);
+ void getRemoveWarning(in ComponentName policyReceiver, in RemoteCallback result, int userHandle);
+ void removeActiveAdmin(in ComponentName policyReceiver, int userHandle);
+ boolean hasGrantedPolicy(in ComponentName policyReceiver, int usesPolicy, int userHandle);
void setActivePasswordState(int quality, int length, int letters, int uppercase, int lowercase,
- int numbers, int symbols, int nonletter);
- void reportFailedPasswordAttempt();
- void reportSuccessfulPasswordAttempt();
+ int numbers, int symbols, int nonletter, int userHandle);
+ void reportFailedPasswordAttempt(int userHandle);
+ void reportSuccessfulPasswordAttempt(int userHandle);
}
diff --git a/core/java/com/android/internal/widget/LockPatternUtils.java b/core/java/com/android/internal/widget/LockPatternUtils.java
index 0710d96..3207435 100644
--- a/core/java/com/android/internal/widget/LockPatternUtils.java
+++ b/core/java/com/android/internal/widget/LockPatternUtils.java
@@ -165,7 +165,7 @@ public class LockPatternUtils {
}
public int getRequestedMinimumPasswordLength() {
- return getDevicePolicyManager().getPasswordMinimumLength(null);
+ return getDevicePolicyManager().getPasswordMinimumLength(null, getCurrentOrCallingUserId());
}
/**
@@ -173,47 +173,54 @@ public class LockPatternUtils {
* MODE_PATTERN which allows the user to choose anything.
*/
public int getRequestedPasswordQuality() {
- return getDevicePolicyManager().getPasswordQuality(null);
+ return getDevicePolicyManager().getPasswordQuality(null, getCurrentOrCallingUserId());
}
public int getRequestedPasswordHistoryLength() {
- return getDevicePolicyManager().getPasswordHistoryLength(null);
+ return getDevicePolicyManager().getPasswordHistoryLength(null, getCurrentOrCallingUserId());
}
public int getRequestedPasswordMinimumLetters() {
- return getDevicePolicyManager().getPasswordMinimumLetters(null);
+ return getDevicePolicyManager().getPasswordMinimumLetters(null,
+ getCurrentOrCallingUserId());
}
public int getRequestedPasswordMinimumUpperCase() {
- return getDevicePolicyManager().getPasswordMinimumUpperCase(null);
+ return getDevicePolicyManager().getPasswordMinimumUpperCase(null,
+ getCurrentOrCallingUserId());
}
public int getRequestedPasswordMinimumLowerCase() {
- return getDevicePolicyManager().getPasswordMinimumLowerCase(null);
+ return getDevicePolicyManager().getPasswordMinimumLowerCase(null,
+ getCurrentOrCallingUserId());
}
public int getRequestedPasswordMinimumNumeric() {
- return getDevicePolicyManager().getPasswordMinimumNumeric(null);
+ return getDevicePolicyManager().getPasswordMinimumNumeric(null,
+ getCurrentOrCallingUserId());
}
public int getRequestedPasswordMinimumSymbols() {
- return getDevicePolicyManager().getPasswordMinimumSymbols(null);
+ return getDevicePolicyManager().getPasswordMinimumSymbols(null,
+ getCurrentOrCallingUserId());
}
public int getRequestedPasswordMinimumNonLetter() {
- return getDevicePolicyManager().getPasswordMinimumNonLetter(null);
+ return getDevicePolicyManager().getPasswordMinimumNonLetter(null,
+ getCurrentOrCallingUserId());
}
+
/**
* Returns the actual password mode, as set by keyguard after updating the password.
*
* @return
*/
public void reportFailedPasswordAttempt() {
- getDevicePolicyManager().reportFailedPasswordAttempt();
+ getDevicePolicyManager().reportFailedPasswordAttempt(getCurrentOrCallingUserId());
}
public void reportSuccessfulPasswordAttempt() {
- getDevicePolicyManager().reportSuccessfulPasswordAttempt();
+ getDevicePolicyManager().reportSuccessfulPasswordAttempt(getCurrentOrCallingUserId());
}
public void setCurrentUser(int userId) {
@@ -249,7 +256,9 @@ public class LockPatternUtils {
private int getCurrentOrCallingUserId() {
int callingUid = Binder.getCallingUid();
if (callingUid == android.os.Process.SYSTEM_UID) {
- return mCurrentUserId;
+ // TODO: This is a little inefficient. See if all users of this are able to
+ // handle USER_CURRENT and pass that instead.
+ return getCurrentUser();
} else {
return UserHandle.getUserId(callingUid);
}
@@ -481,21 +490,21 @@ public class LockPatternUtils {
deleteGallery();
setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING);
dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_SOMETHING,
- pattern.size(), 0, 0, 0, 0, 0, 0);
+ pattern.size(), 0, 0, 0, 0, 0, 0, getCurrentOrCallingUserId());
} else {
setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK);
setLong(PASSWORD_TYPE_ALTERNATE_KEY,
DevicePolicyManager.PASSWORD_QUALITY_SOMETHING);
finishBiometricWeak();
dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK,
- 0, 0, 0, 0, 0, 0, 0);
+ 0, 0, 0, 0, 0, 0, 0, getCurrentOrCallingUserId());
}
} else {
if (keyStore.isEmpty()) {
keyStore.reset();
}
dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, 0, 0,
- 0, 0, 0, 0, 0);
+ 0, 0, 0, 0, 0, getCurrentOrCallingUserId());
}
} catch (RemoteException re) {
Log.e(TAG, "Couldn't save lock pattern " + re);
@@ -532,7 +541,8 @@ public class LockPatternUtils {
/** Update the encryption password if it is enabled **/
private void updateEncryptionPassword(String password) {
DevicePolicyManager dpm = getDevicePolicyManager();
- if (dpm.getStorageEncryptionStatus() != DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE) {
+ if (dpm.getStorageEncryptionStatus(getCurrentOrCallingUserId())
+ != DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE) {
return;
}
@@ -558,7 +568,7 @@ public class LockPatternUtils {
* @param quality {@see DevicePolicyManager#getPasswordQuality(android.content.ComponentName)}
*/
public void saveLockPassword(String password, int quality) {
- this.saveLockPassword(password, quality, false);
+ this.saveLockPassword(password, quality, false, getCurrentOrCallingUserId());
}
/**
@@ -570,23 +580,42 @@ public class LockPatternUtils {
* @param isFallback Specifies if this is a fallback to biometric weak
*/
public void saveLockPassword(String password, int quality, boolean isFallback) {
+ saveLockPassword(password, quality, isFallback, getCurrentOrCallingUserId());
+ }
+
+ /**
+ * Save a lock password. Does not ensure that the password is as good
+ * as the requested mode, but will adjust the mode to be as good as the
+ * pattern.
+ * @param password The password to save
+ * @param quality {@see DevicePolicyManager#getPasswordQuality(android.content.ComponentName)}
+ * @param isFallback Specifies if this is a fallback to biometric weak
+ * @param userHandle The userId of the user to change the password for
+ */
+ public void saveLockPassword(String password, int quality, boolean isFallback, int userHandle) {
// Compute the hash
final byte[] hash = passwordToHash(password);
try {
- getLockSettings().setLockPassword(hash, getCurrentOrCallingUserId());
+ if (Process.myUid() != Process.SYSTEM_UID && userHandle != UserHandle.myUserId()) {
+ throw new SecurityException(
+ "Only the system process can save lock password for another user");
+ }
+ getLockSettings().setLockPassword(hash, userHandle);
DevicePolicyManager dpm = getDevicePolicyManager();
KeyStore keyStore = KeyStore.getInstance();
if (password != null) {
- // Update the encryption password.
- updateEncryptionPassword(password);
+ if (userHandle == UserHandle.USER_OWNER) {
+ // Update the encryption password.
+ updateEncryptionPassword(password);
- // Update the keystore password
- keyStore.password(password);
+ // Update the keystore password
+ keyStore.password(password);
+ }
int computedQuality = computePasswordQuality(password);
if (!isFallback) {
deleteGallery();
- setLong(PASSWORD_TYPE_KEY, Math.max(quality, computedQuality));
+ setLong(PASSWORD_TYPE_KEY, Math.max(quality, computedQuality), userHandle);
if (computedQuality != DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) {
int letters = 0;
int uppercase = 0;
@@ -612,25 +641,27 @@ public class LockPatternUtils {
}
dpm.setActivePasswordState(Math.max(quality, computedQuality),
password.length(), letters, uppercase, lowercase,
- numbers, symbols, nonletter);
+ numbers, symbols, nonletter, userHandle);
} else {
// The password is not anything.
dpm.setActivePasswordState(
DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED,
- 0, 0, 0, 0, 0, 0, 0);
+ 0, 0, 0, 0, 0, 0, 0, userHandle);
}
} else {
// Case where it's a fallback for biometric weak
- setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK);
- setLong(PASSWORD_TYPE_ALTERNATE_KEY, Math.max(quality, computedQuality));
+ setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK,
+ userHandle);
+ setLong(PASSWORD_TYPE_ALTERNATE_KEY, Math.max(quality, computedQuality),
+ userHandle);
finishBiometricWeak();
dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK,
- 0, 0, 0, 0, 0, 0, 0);
+ 0, 0, 0, 0, 0, 0, 0, userHandle);
}
// Add the password to the password history. We assume all
// password
// hashes have the same length for simplicity of implementation.
- String passwordHistory = getString(PASSWORD_HISTORY_KEY);
+ String passwordHistory = getString(PASSWORD_HISTORY_KEY, userHandle);
if (passwordHistory == null) {
passwordHistory = new String();
}
@@ -645,7 +676,7 @@ public class LockPatternUtils {
* passwordHistoryLength + passwordHistoryLength - 1, passwordHistory
.length()));
}
- setString(PASSWORD_HISTORY_KEY, passwordHistory);
+ setString(PASSWORD_HISTORY_KEY, passwordHistory, userHandle);
} else {
// Conditionally reset the keystore if empty. If
// non-empty, we are just switching key guard type
@@ -653,7 +684,8 @@ public class LockPatternUtils {
keyStore.reset();
}
dpm.setActivePasswordState(
- DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, 0, 0, 0, 0, 0, 0, 0);
+ DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, 0, 0, 0, 0, 0, 0, 0,
+ userHandle);
}
} catch (RemoteException re) {
// Cant do much
@@ -849,7 +881,7 @@ public class LockPatternUtils {
if (!pm.hasSystemFeature(PackageManager.FEATURE_CAMERA_FRONT)) {
return false;
}
- if (getDevicePolicyManager().getCameraDisabled(null)) {
+ if (getDevicePolicyManager().getCameraDisabled(null, getCurrentOrCallingUserId())) {
return false;
}
@@ -1027,6 +1059,10 @@ public class LockPatternUtils {
}
private void setLong(String secureSettingKey, long value) {
+ setLong(secureSettingKey, value, getCurrentOrCallingUserId());
+ }
+
+ private void setLong(String secureSettingKey, long value, int userHandle) {
try {
getLockSettings().setLong(secureSettingKey, value, getCurrentOrCallingUserId());
} catch (RemoteException re) {
@@ -1036,17 +1072,20 @@ public class LockPatternUtils {
}
private String getString(String secureSettingKey) {
+ return getString(secureSettingKey, getCurrentOrCallingUserId());
+ }
+
+ private String getString(String secureSettingKey, int userHandle) {
try {
- return getLockSettings().getString(secureSettingKey, null,
- getCurrentOrCallingUserId());
+ return getLockSettings().getString(secureSettingKey, null, userHandle);
} catch (RemoteException re) {
return null;
}
}
- private void setString(String secureSettingKey, String value) {
+ private void setString(String secureSettingKey, String value, int userHandle) {
try {
- getLockSettings().setString(secureSettingKey, value, getCurrentOrCallingUserId());
+ getLockSettings().setString(secureSettingKey, value, userHandle);
} catch (RemoteException re) {
// What can we do?
Log.e(TAG, "Couldn't write string " + secureSettingKey + re);
generated by cgit v1.1 at 2024-09-17 06:37:23 +0000