diff options
| author | Sander Alewijnse <salewijnse@google.com> | 2014-07-09 12:57:05 +0100 |
|---|---|---|
| committer | Sander Alewijnse <salewijnse@google.com> | 2014-07-23 13:44:28 +0000 |
| commit | d2a1eec400128f39e1b223a720a88dbd395f3e6e (patch) | |
| tree | e0375970d7d1d412071be022c8a41a18307ba5f3 /services/devicepolicy | |
| parent | dedc4a379ff2697d5abce37aa422918a01ad0676 (diff) | |
| download | frameworks_base-d2a1eec400128f39e1b223a720a88dbd395f3e6e.zip frameworks_base-d2a1eec400128f39e1b223a720a88dbd395f3e6e.tar.gz frameworks_base-d2a1eec400128f39e1b223a720a88dbd395f3e6e.tar.bz2 | |
Add Device Policy API to disable screen capture.
WindowManager will set secure flag on SurfaceControl for
all windows of a flagged user to prevent screen capture.
API is consistent with the camera disable API.
Change-Id: Ib180f67f1ad827b6f4aca2af615274256cce58f4
Diffstat (limited to 'services/devicepolicy')
| -rw-r--r-- | services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index 5c661af..e0612eb 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -258,6 +258,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { private static final String TAG_DISABLE_KEYGUARD_FEATURES = "disable-keyguard-features"; private static final String TAG_DISABLE_CAMERA = "disable-camera"; private static final String TAG_DISABLE_CALLER_ID = "disable-caller-id"; + private static final String TAG_DISABLE_SCREEN_CAPTURE = "disable-screen-capture"; private static final String TAG_DISABLE_ACCOUNT_MANAGEMENT = "disable-account-management"; private static final String TAG_ACCOUNT_TYPE = "account-type"; private static final String TAG_ENCRYPTION_REQUESTED = "encryption-requested"; @@ -326,6 +327,8 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { boolean encryptionRequested = false; boolean disableCamera = false; boolean disableCallerId = false; + boolean disableScreenCapture = false; // Can only be set by a device/profile owner. + Set<String> accountTypesWithManagementDisabled = new HashSet<String>(); // TODO: review implementation decisions with frameworks team @@ -443,6 +446,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { out.attribute(null, ATTR_VALUE, Boolean.toString(disableCallerId)); out.endTag(null, TAG_DISABLE_CALLER_ID); } + if (disableScreenCapture) { + out.startTag(null, TAG_DISABLE_SCREEN_CAPTURE); + out.attribute(null, ATTR_VALUE, Boolean.toString(disableScreenCapture)); + out.endTag(null, TAG_DISABLE_SCREEN_CAPTURE); + } if (disabledKeyguardFeatures != DEF_KEYGUARD_FEATURES_DISABLED) { out.startTag(null, TAG_DISABLE_KEYGUARD_FEATURES); out.attribute(null, ATTR_VALUE, Integer.toString(disabledKeyguardFeatures)); @@ -528,6 +536,9 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } else if (TAG_DISABLE_CALLER_ID.equals(tag)) { disableCallerId = Boolean.parseBoolean( parser.getAttributeValue(null, ATTR_VALUE)); + } else if (TAG_DISABLE_SCREEN_CAPTURE.equals(tag)) { + disableScreenCapture = Boolean.parseBoolean( + parser.getAttributeValue(null, ATTR_VALUE)); } else if (TAG_DISABLE_KEYGUARD_FEATURES.equals(tag)) { disabledKeyguardFeatures = Integer.parseInt( parser.getAttributeValue(null, ATTR_VALUE)); @@ -606,6 +617,8 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { pw.println(disableCamera); pw.print(prefix); pw.print("disableCallerId="); pw.println(disableCallerId); + pw.print(prefix); pw.print("disableScreenCapture="); + pw.println(disableScreenCapture); pw.print(prefix); pw.print("disabledKeyguardFeatures="); pw.println(disabledKeyguardFeatures); } @@ -2977,6 +2990,58 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { private void setEncryptionRequested(boolean encrypt) { } + + /** + * Set whether the screen capture is disabled for the user managed by the specified admin. + */ + public void setScreenCaptureDisabled(ComponentName who, int userHandle, boolean disabled) { + if (!mHasFeature) { + return; + } + synchronized (this) { + if (who == null) { + throw new NullPointerException("ComponentName is null"); + } + ActiveAdmin ap = getActiveAdminForCallerLocked(who, + DeviceAdminInfo.USES_POLICY_PROFILE_OWNER); + if (ap.disableScreenCapture != disabled) { + ap.disableScreenCapture = disabled; + saveSettingsLocked(userHandle); + try { + getWindowManager().updateScreenCaptureDisabled(userHandle); + } catch (RemoteException e) { + Log.w(LOG_TAG, "Unable to notify WindowManager.", e); + } + } + } + } + + /** + * Returns whether or not screen capture is disabled for a given admin, or disabled for any + * active admin (if given admin is null). + */ + public boolean getScreenCaptureDisabled(ComponentName who, int userHandle) { + if (!mHasFeature) { + return false; + } + synchronized (this) { + if (who != null) { + ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle); + return (admin != null) ? admin.disableScreenCapture : false; + } + + DevicePolicyData policy = getUserData(userHandle); + final int N = policy.mAdminList.size(); + for (int i = 0; i < N; i++) { + ActiveAdmin admin = policy.mAdminList.get(i); + if (admin.disableScreenCapture) { + return true; + } + } + return false; + } + } + /** * The system property used to share the state of the camera. The native camera service * is expected to read this property and act accordingly. |