From 1952637425eece18aa1ce3d80d4b49086ef3bcf7 Mon Sep 17 00:00:00 2001 From: Amith Yamasani Date: Tue, 21 Aug 2012 15:40:12 -0700 Subject: Remove permission requirement for some UserManager calls Update javadocs to be explicit about permissions. Minor fixes in UserManagerService Change-Id: I0d355e0a60e5dbdb49ed06091111d480ff249f3d --- core/java/android/os/UserManager.java | 9 ++++++ core/res/AndroidManifest.xml | 2 +- .../com/android/server/pm/UserManagerService.java | 33 ++++++++++++++-------- services/tests/servicestests/AndroidManifest.xml | 3 +- 4 files changed, 33 insertions(+), 14 deletions(-) diff --git a/core/java/android/os/UserManager.java b/core/java/android/os/UserManager.java index 0338ee7..de8e78c 100644 --- a/core/java/android/os/UserManager.java +++ b/core/java/android/os/UserManager.java @@ -56,6 +56,7 @@ public class UserManager { /** * Returns the user name of the user making this call. + * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. * @return the user name */ public String getUserName() { @@ -69,6 +70,7 @@ public class UserManager { /** * Returns the UserInfo object describing a specific user. + * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. * @param userHandle the user handle of the user whose information is being requested. * @return the UserInfo object for a specific user. * @hide @@ -84,6 +86,7 @@ public class UserManager { /** * Creates a user with the specified name and options. + * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. * * @param name the user's name * @param flags flags that identify the type of user and other properties. @@ -103,6 +106,7 @@ public class UserManager { /** * Returns information for all users on this device. + * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. * @return the list of users that were created. * @hide */ @@ -117,6 +121,7 @@ public class UserManager { /** * Removes a user and all associated data. + * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. * @param userHandle the integer handle of the user, where 0 is the primary user. * @hide */ @@ -131,6 +136,7 @@ public class UserManager { /** * Updates the user's name. + * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. * * @param userHandle the user's integer handle * @param name the new name for the user @@ -162,6 +168,7 @@ public class UserManager { /** * Enable or disable the use of a guest account. If disabled, the existing guest account * will be wiped. + * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. * @param enable whether to enable a guest account. * @hide */ @@ -175,6 +182,7 @@ public class UserManager { /** * Checks if a guest user is enabled for this device. + * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. * @return whether a guest user is enabled * @hide */ @@ -189,6 +197,7 @@ public class UserManager { /** * Wipes all the data for a user, but doesn't remove the user. + * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. * @param userHandle * @hide */ diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml index 89be5cb..1c9b440 100644 --- a/core/res/AndroidManifest.xml +++ b/core/res/AndroidManifest.xml @@ -790,7 +790,7 @@ third party applications. --> diff --git a/services/java/com/android/server/pm/UserManagerService.java b/services/java/com/android/server/pm/UserManagerService.java index c292bbc..f5b4053 100644 --- a/services/java/com/android/server/pm/UserManagerService.java +++ b/services/java/com/android/server/pm/UserManagerService.java @@ -137,11 +137,17 @@ public class UserManagerService extends IUserManager.Stub { public UserInfo getUserInfo(int userId) { checkManageUsersPermission("query user"); synchronized (mUsers) { - UserInfo info = mUsers.get(userId); - return info; + return getUserInfoLocked(userId); } } + /* + * Should be locked on mUsers before calling this. + */ + private UserInfo getUserInfoLocked(int userId) { + return mUsers.get(userId); + } + public boolean exists(int userId) { synchronized (mUsers) { return ArrayUtils.contains(mUserIds, userId); @@ -212,8 +218,9 @@ public class UserManagerService extends IUserManager.Stub { } /** - * Enforces that only the system UID or root's UID can call a method exposed - * via Binder. + * Enforces that only the system UID or root's UID or apps that have the + * {@link android.Manifest.permission.MANAGE_USERS MANAGE_USERS} + * permission can make certain calls to the UserManager. * * @param message used as message if SecurityException is thrown * @throws SecurityException if the caller is not system or root @@ -534,7 +541,7 @@ public class UserManagerService extends IUserManager.Stub { public int getUserSerialNumber(int userHandle) { synchronized (mUsers) { if (!exists(userHandle)) return -1; - return getUserInfo(userHandle).serialNumber; + return getUserInfoLocked(userHandle).serialNumber; } } @@ -542,7 +549,7 @@ public class UserManagerService extends IUserManager.Stub { public int getUserHandle(int userSerialNumber) { synchronized (mUsers) { for (int userId : mUserIds) { - if (getUserInfo(userId).serialNumber == userSerialNumber) return userId; + if (getUserInfoLocked(userId).serialNumber == userSerialNumber) return userId; } // Not found return -1; @@ -617,14 +624,16 @@ public class UserManagerService extends IUserManager.Stub { * @return */ private int getNextAvailableId() { - int i = 0; - while (i < Integer.MAX_VALUE) { - if (mUsers.indexOfKey(i) < 0) { - break; + synchronized (mUsers) { + int i = 0; + while (i < Integer.MAX_VALUE) { + if (mUsers.indexOfKey(i) < 0) { + break; + } + i++; } - i++; + return i; } - return i; } private boolean createPackageFolders(int id, File userPath) { diff --git a/services/tests/servicestests/AndroidManifest.xml b/services/tests/servicestests/AndroidManifest.xml index 89b2474..8aeb2af 100644 --- a/services/tests/servicestests/AndroidManifest.xml +++ b/services/tests/servicestests/AndroidManifest.xml @@ -34,7 +34,8 @@ - + + -- cgit v1.1