diff options
| -rw-r--r-- | api/current.txt | 4 | ||||
| -rw-r--r-- | core/java/android/content/Intent.java | 11 | ||||
| -rw-r--r-- | core/java/android/os/IUserManager.aidl | 6 | ||||
| -rw-r--r-- | core/java/android/os/UserManager.java | 36 | ||||
| -rw-r--r-- | core/java/com/android/internal/app/RestrictionsPinActivity.java | 8 | ||||
| -rw-r--r-- | core/java/com/android/internal/app/RestrictionsPinSetupActivity.java | 111 | ||||
| -rw-r--r-- | core/res/AndroidManifest.xml | 14 | ||||
| -rw-r--r-- | services/java/com/android/server/pm/UserManagerService.java | 16 |
8 files changed, 33 insertions, 173 deletions
diff --git a/api/current.txt b/api/current.txt index eb3596a..18e3261 100644 --- a/api/current.txt +++ b/api/current.txt @@ -6373,7 +6373,6 @@ package android.content { field public static final java.lang.String ACTION_PROVIDER_CHANGED = "android.intent.action.PROVIDER_CHANGED"; field public static final java.lang.String ACTION_QUICK_CLOCK = "android.intent.action.QUICK_CLOCK"; field public static final java.lang.String ACTION_REBOOT = "android.intent.action.REBOOT"; - field public static final java.lang.String ACTION_RESTRICTIONS_PIN_CHALLENGE = "android.intent.action.RESTRICTIONS_PIN_CHALLENGE"; field public static final java.lang.String ACTION_RUN = "android.intent.action.RUN"; field public static final java.lang.String ACTION_SCREEN_OFF = "android.intent.action.SCREEN_OFF"; field public static final java.lang.String ACTION_SCREEN_ON = "android.intent.action.SCREEN_ON"; @@ -18604,14 +18603,13 @@ package android.os { method public java.lang.String getUserName(); method public android.os.Bundle getUserRestrictions(); method public android.os.Bundle getUserRestrictions(android.os.UserHandle); - method public boolean hasRestrictionsPin(); method public boolean isUserAGoat(); method public boolean isUserRunning(android.os.UserHandle); method public boolean isUserRunningOrStopping(android.os.UserHandle); + method public boolean setRestrictionsChallenge(java.lang.String); method public void setUserRestriction(java.lang.String, boolean); method public void setUserRestrictions(android.os.Bundle); method public void setUserRestrictions(android.os.Bundle, android.os.UserHandle); - field public static final java.lang.String DISALLOW_APP_RESTRICTIONS = "no_app_restrictions"; field public static final java.lang.String DISALLOW_CONFIG_BLUETOOTH = "no_config_bluetooth"; field public static final java.lang.String DISALLOW_CONFIG_CREDENTIALS = "no_config_credentials"; field public static final java.lang.String DISALLOW_CONFIG_WIFI = "no_config_wifi"; diff --git a/core/java/android/content/Intent.java b/core/java/android/content/Intent.java index dfc0412..2f2aae4 100644 --- a/core/java/android/content/Intent.java +++ b/core/java/android/content/Intent.java @@ -2469,16 +2469,19 @@ public class Intent implements Parcelable, Cloneable { "android.intent.action.GET_RESTRICTION_ENTRIES"; /** + * @hide * Activity to challenge the user for a PIN that was configured when setting up - * restrictions. Launch the activity using + * restrictions. Restrictions include blocking of apps and preventing certain user operations, + * controlled by {@link android.os.UserManager#setUserRestrictions(Bundle). + * Launch the activity using * {@link android.app.Activity#startActivityForResult(Intent, int)} and check if the * result is {@link android.app.Activity#RESULT_OK} for a successful response to the * challenge.<p/> * Before launching this activity, make sure that there is a PIN in effect, by calling - * {@link android.os.UserManager#hasRestrictionsPin()}. + * {@link android.os.UserManager#hasRestrictionsChallenge()}. */ - public static final String ACTION_RESTRICTIONS_PIN_CHALLENGE = - "android.intent.action.RESTRICTIONS_PIN_CHALLENGE"; + public static final String ACTION_RESTRICTIONS_CHALLENGE = + "android.intent.action.RESTRICTIONS_CHALLENGE"; /** * Sent the first time a user is starting, to allow system apps to diff --git a/core/java/android/os/IUserManager.aidl b/core/java/android/os/IUserManager.aidl index bd2d9ac..3c9d0d9 100644 --- a/core/java/android/os/IUserManager.aidl +++ b/core/java/android/os/IUserManager.aidl @@ -46,8 +46,8 @@ interface IUserManager { int userHandle); Bundle getApplicationRestrictions(in String packageName); Bundle getApplicationRestrictionsForUser(in String packageName, int userHandle); - boolean changeRestrictionsPin(in String newPin); - int checkRestrictionsPin(in String pin); - boolean hasRestrictionsPin(); + boolean setRestrictionsChallenge(in String newPin); + int checkRestrictionsChallenge(in String pin); + boolean hasRestrictionsChallenge(); void removeRestrictions(); } diff --git a/core/java/android/os/UserManager.java b/core/java/android/os/UserManager.java index 10b9765..a3752a1 100644 --- a/core/java/android/os/UserManager.java +++ b/core/java/android/os/UserManager.java @@ -140,16 +140,6 @@ public class UserManager { */ public static final String DISALLOW_REMOVE_USER = "no_remove_user"; - /** - * Key for user restrictions. Specifies if a user is disallowed from setting app restrictions - * via a restrictions PIN. The default is <code>false</code>. If app restrictions have already - * been set up, then this user restriction cannot be set to true. - * <p/> - * Type: Boolean - * @see #hasRestrictionsPin() - */ - public static final String DISALLOW_APP_RESTRICTIONS = "no_app_restrictions"; - /** @hide */ public static final int PIN_VERIFICATION_FAILED_INCORRECT = -3; /** @hide */ @@ -650,15 +640,14 @@ public class UserManager { } /** - * @hide - * Sets a new restrictions PIN. This should only be called after verifying that there - * currently isn't a PIN set, or after the user successfully enters the current PIN. - * @param newPin - * @return Returns true if the PIN was changed successfully. + * Sets a new challenge PIN for restrictions. This is only for use by pre-installed + * apps and requires the MANAGE_USERS permission. + * @param newPin the PIN to use for challenge dialogs. + * @return Returns true if the challenge PIN was set successfully. */ - public boolean changeRestrictionsPin(String newPin) { + public boolean setRestrictionsChallenge(String newPin) { try { - return mService.changeRestrictionsPin(newPin); + return mService.setRestrictionsChallenge(newPin); } catch (RemoteException re) { Log.w(TAG, "Could not change restrictions pin"); } @@ -674,9 +663,9 @@ public class UserManager { * Returns {@link #PIN_VERIFICATION_SUCCESS} if the input matches the saved PIN. Returns * {@link #PIN_VERIFICATION_FAILED_NOT_SET} if there is no PIN set. */ - public int checkRestrictionsPin(String pin) { + public int checkRestrictionsChallenge(String pin) { try { - return mService.checkRestrictionsPin(pin); + return mService.checkRestrictionsChallenge(pin); } catch (RemoteException re) { Log.w(TAG, "Could not check restrictions pin"); } @@ -684,16 +673,17 @@ public class UserManager { } /** + * @hide * Checks whether the user has restrictions that are PIN-protected. An application that * participates in restrictions can check if the owner has requested a PIN challenge for * any restricted operations. If there is a PIN in effect, the application should launch - * the PIN challenge activity {@link android.content.Intent#ACTION_RESTRICTIONS_PIN_CHALLENGE}. - * @see android.content.Intent#ACTION_RESTRICTIONS_PIN_CHALLENGE + * the PIN challenge activity {@link android.content.Intent#ACTION_RESTRICTIONS_CHALLENGE}. + * @see android.content.Intent#ACTION_RESTRICTIONS_CHALLENGE * @return whether a restrictions PIN is in effect. */ - public boolean hasRestrictionsPin() { + public boolean hasRestrictionsChallenge() { try { - return mService.hasRestrictionsPin(); + return mService.hasRestrictionsChallenge(); } catch (RemoteException re) { Log.w(TAG, "Could not change restrictions pin"); } diff --git a/core/java/com/android/internal/app/RestrictionsPinActivity.java b/core/java/com/android/internal/app/RestrictionsPinActivity.java index 2112474..66585c6 100644 --- a/core/java/com/android/internal/app/RestrictionsPinActivity.java +++ b/core/java/com/android/internal/app/RestrictionsPinActivity.java @@ -52,7 +52,7 @@ public class RestrictionsPinActivity extends AlertActivity super.onCreate(icicle); mUserManager = (UserManager) getSystemService(Context.USER_SERVICE); - mHasRestrictionsPin = mUserManager.hasRestrictionsPin(); + mHasRestrictionsPin = mUserManager.hasRestrictionsChallenge(); initUi(); setupAlert(); } @@ -83,7 +83,7 @@ public class RestrictionsPinActivity extends AlertActivity super.onResume(); setPositiveButtonState(false); - boolean hasPin = mUserManager.hasRestrictionsPin(); + boolean hasPin = mUserManager.hasRestrictionsChallenge(); if (hasPin) { mPinErrorMessage.setVisibility(View.INVISIBLE); mPinText.setOnEditorActionListener(this); @@ -100,7 +100,7 @@ public class RestrictionsPinActivity extends AlertActivity private boolean updatePinTimer(int pinTimerMs) { if (pinTimerMs < 0) { - pinTimerMs = mUserManager.checkRestrictionsPin(null); + pinTimerMs = mUserManager.checkRestrictionsChallenge(null); } boolean enableInput; if (pinTimerMs >= 200) { @@ -128,7 +128,7 @@ public class RestrictionsPinActivity extends AlertActivity } protected void performPositiveButtonAction() { - int result = mUserManager.checkRestrictionsPin(mPinText.getText().toString()); + int result = mUserManager.checkRestrictionsChallenge(mPinText.getText().toString()); if (result == UserManager.PIN_VERIFICATION_SUCCESS) { setResult(RESULT_OK); finish(); diff --git a/core/java/com/android/internal/app/RestrictionsPinSetupActivity.java b/core/java/com/android/internal/app/RestrictionsPinSetupActivity.java deleted file mode 100644 index f7fc6c6..0000000 --- a/core/java/com/android/internal/app/RestrictionsPinSetupActivity.java +++ /dev/null @@ -1,111 +0,0 @@ -/* - * Copyright (C) 2013 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package com.android.internal.app; - -import android.content.Context; -import android.os.UserManager; -import android.text.Editable; -import android.text.TextUtils; -import android.view.KeyEvent; -import android.view.LayoutInflater; -import android.view.View; -import android.widget.EditText; -import android.widget.TextView; - -import com.android.internal.R; - -/** - * This activity is launched by Settings and other apps to either create a new PIN or - * change an existing PIN. The PIN is maintained by UserManager. - */ -public class RestrictionsPinSetupActivity extends RestrictionsPinActivity { - - private EditText mNewPinText; - private EditText mConfirmPinText; - - protected void initUi() { - AlertController.AlertParams ap = mAlertParams; - ap.mTitle = getString(R.string.restr_pin_enter_pin); - ap.mPositiveButtonText = getString(R.string.ok); - ap.mNegativeButtonText = getString(R.string.cancel); - LayoutInflater inflater = - (LayoutInflater) getSystemService(Context.LAYOUT_INFLATER_SERVICE); - ap.mView = inflater.inflate(R.layout.restrictions_pin_setup, null); - - mPinText = (EditText) ap.mView.findViewById(R.id.pin_text); - mNewPinText = (EditText) ap.mView.findViewById(R.id.pin_new_text); - mConfirmPinText = (EditText) ap.mView.findViewById(R.id.pin_confirm_text); - mNewPinText.addTextChangedListener(this); - mConfirmPinText.addTextChangedListener(this); - - if (!mHasRestrictionsPin) { - mPinText.setVisibility(View.GONE); - } - } - - public void onResume() { - super.onResume(); - setPositiveButtonState(false); - } - - protected boolean verifyingPin() { - return false; - } - - @Override - protected void performPositiveButtonAction() { - if (mHasRestrictionsPin) { - int result = mUserManager.checkRestrictionsPin(mPinText.getText().toString()); - if (result != UserManager.PIN_VERIFICATION_SUCCESS) { - // TODO: Set message that existing pin doesn't match - return; - } - } - if (mUserManager.changeRestrictionsPin(mNewPinText.getText().toString())) { - // TODO: Send message to PIN recovery agent about the recovery email address - setResult(RESULT_OK); - finish(); - } - } - - @Override - public void beforeTextChanged(CharSequence s, int start, int count, int after) { - } - - @Override - public void onTextChanged(CharSequence s, int start, int before, int count) { - CharSequence pin = mPinText.getText(); - CharSequence pin1 = mNewPinText.getText(); - CharSequence pin2 = mConfirmPinText.getText(); - boolean match = pin1 != null && pin2 != null && pin1.length() >= 4 - && pin1.toString().equals(pin2.toString()) - && (!mHasRestrictionsPin || (pin != null && pin.length() >= 4)); - boolean showError = !TextUtils.isEmpty(pin1) && !TextUtils.isEmpty(pin2); - // TODO: Check recovery email address as well - setPositiveButtonState(match); - } - - @Override - public void afterTextChanged(Editable s) { - } - - @Override - public boolean onEditorAction(TextView v, int actionId, KeyEvent event) { - performPositiveButtonAction(); - return true; - } -} diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml index 49945f0..83a0c56 100644 --- a/core/res/AndroidManifest.xml +++ b/core/res/AndroidManifest.xml @@ -2546,25 +2546,13 @@ android:process=":ui"> </activity> - <activity android:name="com.android.internal.app.RestrictionsPinSetupActivity" - android:theme="@style/Theme.Holo.Dialog.Alert" - android:permission="android.permission.MANAGE_USERS" - android:excludeFromRecents="true" - android:windowSoftInputMode="adjustPan" - android:process=":ui"> - <intent-filter android:priority="100"> - <action android:name="android.intent.action.RESTRICTIONS_PIN_CREATE" /> - <category android:name="android.intent.category.DEFAULT" /> - </intent-filter> - </activity> - <activity android:name="com.android.internal.app.RestrictionsPinActivity" android:theme="@style/Theme.Holo.Dialog.Alert" android:excludeFromRecents="true" android:windowSoftInputMode="adjustPan" android:process=":ui"> <intent-filter android:priority="100"> - <action android:name="android.intent.action.RESTRICTIONS_PIN_CHALLENGE" /> + <action android:name="android.intent.action.RESTRICTIONS_CHALLENGE" /> <category android:name="android.intent.category.DEFAULT" /> </intent-filter> </activity> diff --git a/services/java/com/android/server/pm/UserManagerService.java b/services/java/com/android/server/pm/UserManagerService.java index af60f84..d0e9fe1 100644 --- a/services/java/com/android/server/pm/UserManagerService.java +++ b/services/java/com/android/server/pm/UserManagerService.java @@ -416,12 +416,6 @@ public class UserManagerService extends IUserManager.Stub { if (restrictions == null) return; synchronized (mPackagesLock) { - // If the user has restrictions already and call is trying to disallow restrictions, - // don't modify the flag. - if (hasRestrictionsPinLocked(userId) - && restrictions.getBoolean(UserManager.DISALLOW_APP_RESTRICTIONS, false)) { - restrictions.putBoolean(UserManager.DISALLOW_APP_RESTRICTIONS, false); - } mUserRestrictions.get(userId).clear(); mUserRestrictions.get(userId).putAll(restrictions); writeUserLocked(mUsers.get(userId)); @@ -686,7 +680,6 @@ public class UserManagerService extends IUserManager.Stub { writeBoolean(serializer, restrictions, UserManager.DISALLOW_USB_FILE_TRANSFER); writeBoolean(serializer, restrictions, UserManager.DISALLOW_CONFIG_CREDENTIALS); writeBoolean(serializer, restrictions, UserManager.DISALLOW_REMOVE_USER); - writeBoolean(serializer, restrictions, UserManager.DISALLOW_APP_RESTRICTIONS); serializer.endTag(null, TAG_RESTRICTIONS); } serializer.endTag(null, TAG_USER); @@ -817,7 +810,6 @@ public class UserManagerService extends IUserManager.Stub { readBoolean(parser, restrictions, UserManager.DISALLOW_USB_FILE_TRANSFER); readBoolean(parser, restrictions, UserManager.DISALLOW_CONFIG_CREDENTIALS); readBoolean(parser, restrictions, UserManager.DISALLOW_REMOVE_USER); - readBoolean(parser, restrictions, UserManager.DISALLOW_APP_RESTRICTIONS); } } } @@ -1130,7 +1122,7 @@ public class UserManagerService extends IUserManager.Stub { } @Override - public boolean changeRestrictionsPin(String newPin) { + public boolean setRestrictionsChallenge(String newPin) { checkManageUsersPermission("Only system can modify the restrictions pin"); int userId = UserHandle.getCallingUserId(); synchronized (mPackagesLock) { @@ -1157,7 +1149,7 @@ public class UserManagerService extends IUserManager.Stub { } @Override - public int checkRestrictionsPin(String pin) { + public int checkRestrictionsChallenge(String pin) { checkManageUsersPermission("Only system can verify the restrictions pin"); int userId = UserHandle.getCallingUserId(); synchronized (mPackagesLock) { @@ -1200,7 +1192,7 @@ public class UserManagerService extends IUserManager.Stub { } @Override - public boolean hasRestrictionsPin() { + public boolean hasRestrictionsChallenge() { int userId = UserHandle.getCallingUserId(); synchronized (mPackagesLock) { return hasRestrictionsPinLocked(userId); @@ -1227,7 +1219,7 @@ public class UserManagerService extends IUserManager.Stub { // Remove all user restrictions setUserRestrictions(new Bundle(), userHandle); // Remove restrictions pin - changeRestrictionsPin(null); + setRestrictionsChallenge(null); // Remove any app restrictions cleanAppRestrictions(userHandle, true); } |