PawletOS/app_Settings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Implement SET_PROFILE_OWNER intent

Browse Source 
This will be shown when a system priv-app tries to add a profile owner
to a device that's already been through setupwizard.

Refactored the Add Device Admin dialog to also be used for this
purpose with additional warning text.

Also, make sure that profile owners cannot be deactivated.

Bug: 16207721
Change-Id: I25499a22718b2219a5a56b158ca2681243751549
This commit is contained in:
Amith Yamasani
2014-07-28 16:28:36 -07:00
parent 01daaca547
commit b8e0f608cf
5 changed files with 117 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
AndroidManifest.xml
View File

@@ -973,6 +973,15 @@
</intent-filter> </intent-filter>
</activity> </activity>
<activity-alias android:name="SetProfileOwner"
android:label="@string/profile_owner_add_title"
android:targetActivity="DeviceAdminAdd">
<intent-filter android:priority="1000">
<action android:name="android.app.action.SET_PROFILE_OWNER" />
<category android:name="android.intent.category.DEFAULT" />
</intent-filter>
</activity-alias>
<activity android:name="IccLockSettings" <activity android:name="IccLockSettings"
android:label="@string/sim_lock_settings" android:label="@string/sim_lock_settings"
android:theme="@style/Theme.SubSettingsDialogWhenLarge" android:theme="@style/Theme.SubSettingsDialogWhenLarge"

13
res/layout/device_admin_add.xml
View File

@@ -39,6 +39,7 @@
android:layout_height="wrap_content" android:layout_height="wrap_content"
android:orientation="horizontal" android:orientation="horizontal"
android:layout_marginTop="16dip"> android:layout_marginTop="16dip">
<ImageView android:id="@+id/admin_icon" <ImageView android:id="@+id/admin_icon"
android:layout_width="@android:dimen/app_icon_size" android:layout_width="@android:dimen/app_icon_size"
android:layout_height="@android:dimen/app_icon_size" android:layout_height="@android:dimen/app_icon_size"
@@ -46,6 +47,7 @@
android:layout_gravity="center_vertical" android:layout_gravity="center_vertical"
android:scaleType="fitCenter" android:scaleType="fitCenter"
android:contentDescription="@null" /> android:contentDescription="@null" />
<TextView android:id="@+id/admin_name" <TextView android:id="@+id/admin_name"
android:layout_width="wrap_content" android:layout_width="wrap_content"
android:layout_height="wrap_content" android:layout_height="wrap_content"
@@ -62,21 +64,32 @@
android:layout_width="match_parent" android:layout_width="match_parent"
android:layout_height="wrap_content" android:layout_height="wrap_content"
android:orientation="vertical"> android:orientation="vertical">
<TextView android:id="@+id/profile_owner_warning"
android:layout_width="fill_parent"
android:layout_height="wrap_content"
android:padding="0dp"
android:visibility="gone"
android:text="@string/adding_profile_owner_warning" />
<TextView android:id="@+id/admin_description" <TextView android:id="@+id/admin_description"
android:layout_width="fill_parent" android:layout_width="fill_parent"
android:layout_height="0dip" android:layout_height="0dip"
android:layout_weight="0" android:layout_weight="0"
android:padding="0dip" /> android:padding="0dip" />
<LinearLayout <LinearLayout
android:layout_width="match_parent" android:layout_width="match_parent"
android:layout_height="wrap_content" android:layout_height="wrap_content"
android:orientation="horizontal" android:orientation="horizontal"
android:gravity="center_vertical"> android:gravity="center_vertical">
<ImageView android:id="@+id/add_msg_expander" <ImageView android:id="@+id/add_msg_expander"
android:layout_width="wrap_content" android:layout_width="wrap_content"
android:layout_height="wrap_content" android:layout_height="wrap_content"
android:gravity="center_vertical" android:gravity="center_vertical"
android:contentDescription="@null" /> android:contentDescription="@null" />
<TextView android:id="@+id/add_msg" <TextView android:id="@+id/add_msg"
android:layout_width="fill_parent" android:layout_width="fill_parent"
android:layout_height="wrap_content" android:layout_height="wrap_content"

5
res/values/strings.xml
View File

@@ -4402,6 +4402,11 @@
the app <xliff:g id="app_name">%1$s</xliff:g> to perform the the app <xliff:g id="app_name">%1$s</xliff:g> to perform the
following operations:</string> following operations:</string>
<!-- Title for screen to set a profile owner [CHAR LIMIT=40] -->
<string name="profile_owner_add_title">Profile owner</string>
<!-- Warning when trying to add a profile owner admin after setup has completed. [CHAR LIMIT=none] -->
<string name="adding_profile_owner_warning" translatable="false">This application wants to assume COMPLETE control of this user, including restricting critical operations. Only allow this if you trust this application.</string>
<!-- Name to assign to a Network Access Point that was saved without a name --> <!-- Name to assign to a Network Access Point that was saved without a name -->
<string name="untitled_apn">Untitled</string> <string name="untitled_apn">Untitled</string>

101
src/com/android/settings/DeviceAdminAdd.java
View File

@@ -17,6 +17,7 @@
package com.android.settings; package com.android.settings;
import android.app.AppOpsManager; import android.app.AppOpsManager;
import org.xmlpull.v1.XmlPullParserException; import org.xmlpull.v1.XmlPullParserException;
import android.app.Activity; import android.app.Activity;
@@ -38,6 +39,7 @@ import android.os.Bundle;
import android.os.Handler; import android.os.Handler;
import android.os.RemoteCallback; import android.os.RemoteCallback;
import android.os.RemoteException; import android.os.RemoteException;
import android.os.UserHandle;
import android.text.TextUtils.TruncateAt; import android.text.TextUtils.TruncateAt;
import android.util.EventLog; import android.util.EventLog;
import android.util.Log; import android.util.Log;
@@ -69,11 +71,13 @@ public class DeviceAdminAdd extends Activity {
AppOpsManager mAppOps; AppOpsManager mAppOps;
DeviceAdminInfo mDeviceAdmin; DeviceAdminInfo mDeviceAdmin;
CharSequence mAddMsgText; CharSequence mAddMsgText;
String mProfileOwnerName;
ImageView mAdminIcon; ImageView mAdminIcon;
TextView mAdminName; TextView mAdminName;
TextView mAdminDescription; TextView mAdminDescription;
TextView mAddMsg; TextView mAddMsg;
TextView mProfileOwnerWarning;
ImageView mAddMsgExpander; ImageView mAddMsgExpander;
boolean mAddMsgEllipsized = true; boolean mAddMsgEllipsized = true;
TextView mAdminWarning; TextView mAdminWarning;
@@ -87,6 +91,7 @@ public class DeviceAdminAdd extends Activity {
boolean mAdding; boolean mAdding;
boolean mRefreshing; boolean mRefreshing;
boolean mWaitingForRemoveMsg; boolean mWaitingForRemoveMsg;
boolean mAddingProfileOwner;
int mCurSysAppOpMode; int mCurSysAppOpMode;
int mCurToastAppOpMode; int mCurToastAppOpMode;
@@ -105,19 +110,32 @@ public class DeviceAdminAdd extends Activity {
return; return;
} }
ComponentName cn = (ComponentName)getIntent().getParcelableExtra( String action = getIntent().getAction();
ComponentName who = (ComponentName)getIntent().getParcelableExtra(
DevicePolicyManager.EXTRA_DEVICE_ADMIN); DevicePolicyManager.EXTRA_DEVICE_ADMIN);
if (cn == null) { if (who == null) {
Log.w(TAG, "No component specified in " + getIntent().getAction()); Log.w(TAG, "No component specified in " + action);
finish(); finish();
return; return;
} }
if (action != null && action.equals(DevicePolicyManager.ACTION_SET_PROFILE_OWNER)) {
mAddingProfileOwner = true;
mProfileOwnerName =
getIntent().getStringExtra(DevicePolicyManager.EXTRA_PROFILE_OWNER_NAME);
String callingPackage = getCallingPackage();
if (callingPackage == null || !callingPackage.equals(who.getPackageName())) {
Log.e(TAG, "Unknown or incorrect caller");
finish();
return;
}
}
ActivityInfo ai; ActivityInfo ai;
try { try {
ai = getPackageManager().getReceiverInfo(cn, PackageManager.GET_META_DATA); ai = getPackageManager().getReceiverInfo(who, PackageManager.GET_META_DATA);
} catch (PackageManager.NameNotFoundException e) { } catch (PackageManager.NameNotFoundException e) {
Log.w(TAG, "Unable to retrieve device policy " + cn, e); Log.w(TAG, "Unable to retrieve device policy " + who, e);
finish(); finish();
return; return;
} }
@@ -125,7 +143,7 @@ public class DeviceAdminAdd extends Activity {
// When activating, make sure the given component name is actually a valid device admin. // When activating, make sure the given component name is actually a valid device admin.
// No need to check this when deactivating, because it is safe to deactivate an active // No need to check this when deactivating, because it is safe to deactivate an active
// invalid device admin. // invalid device admin.
if (!mDPM.isAdminActive(cn)) { if (!mDPM.isAdminActive(who)) {
List<ResolveInfo> avail = getPackageManager().queryBroadcastReceivers( List<ResolveInfo> avail = getPackageManager().queryBroadcastReceivers(
new Intent(DeviceAdminReceiver.ACTION_DEVICE_ADMIN_ENABLED), new Intent(DeviceAdminReceiver.ACTION_DEVICE_ADMIN_ENABLED),
PackageManager.GET_DISABLED_UNTIL_USED_COMPONENTS); PackageManager.GET_DISABLED_UNTIL_USED_COMPONENTS);
@@ -150,7 +168,7 @@ public class DeviceAdminAdd extends Activity {
} }
} }
if (!found) { if (!found) {
Log.w(TAG, "Request to add invalid device admin: " + cn); Log.w(TAG, "Request to add invalid device admin: " + who);
finish(); finish();
return; return;
} }
@@ -161,11 +179,11 @@ public class DeviceAdminAdd extends Activity {
try { try {
mDeviceAdmin = new DeviceAdminInfo(this, ri); mDeviceAdmin = new DeviceAdminInfo(this, ri);
} catch (XmlPullParserException e) { } catch (XmlPullParserException e) {
Log.w(TAG, "Unable to retrieve device policy " + cn, e); Log.w(TAG, "Unable to retrieve device policy " + who, e);
finish(); finish();
return; return;
} catch (IOException e) { } catch (IOException e) {
Log.w(TAG, "Unable to retrieve device policy " + cn, e); Log.w(TAG, "Unable to retrieve device policy " + who, e);
finish(); finish();
return; return;
} }
@@ -175,11 +193,11 @@ public class DeviceAdminAdd extends Activity {
// "OK" immediately. // "OK" immediately.
if (DevicePolicyManager.ACTION_ADD_DEVICE_ADMIN.equals(getIntent().getAction())) { if (DevicePolicyManager.ACTION_ADD_DEVICE_ADMIN.equals(getIntent().getAction())) {
mRefreshing = false; mRefreshing = false;
if (mDPM.isAdminActive(cn)) { if (mDPM.isAdminActive(who)) {
ArrayList<DeviceAdminInfo.PolicyInfo> newPolicies = mDeviceAdmin.getUsedPolicies(); ArrayList<DeviceAdminInfo.PolicyInfo> newPolicies = mDeviceAdmin.getUsedPolicies();
for (int i = 0; i < newPolicies.size(); i++) { for (int i = 0; i < newPolicies.size(); i++) {
DeviceAdminInfo.PolicyInfo pi = newPolicies.get(i); DeviceAdminInfo.PolicyInfo pi = newPolicies.get(i);
if (!mDPM.hasGrantedPolicy(cn, pi.ident)) { if (!mDPM.hasGrantedPolicy(who, pi.ident)) {
mRefreshing = true; mRefreshing = true;
break; break;
} }
@@ -192,6 +210,14 @@ public class DeviceAdminAdd extends Activity {
} }
} }
} }
// If we're trying to add a profile owner and user setup hasn't completed yet, no
// need to prompt for permission. Just add and finish.
if (mAddingProfileOwner && !mDPM.hasUserSetupCompleted()) {
addAndFinish();
return;
}
mAddMsgText = getIntent().getCharSequenceExtra(DevicePolicyManager.EXTRA_ADD_EXPLANATION); mAddMsgText = getIntent().getCharSequenceExtra(DevicePolicyManager.EXTRA_ADD_EXPLANATION);
setContentView(R.layout.device_admin_add); setContentView(R.layout.device_admin_add);
@@ -199,6 +225,7 @@ public class DeviceAdminAdd extends Activity {
mAdminIcon = (ImageView)findViewById(R.id.admin_icon); mAdminIcon = (ImageView)findViewById(R.id.admin_icon);
mAdminName = (TextView)findViewById(R.id.admin_name); mAdminName = (TextView)findViewById(R.id.admin_name);
mAdminDescription = (TextView)findViewById(R.id.admin_description); mAdminDescription = (TextView)findViewById(R.id.admin_description);
mProfileOwnerWarning = (TextView) findViewById(R.id.profile_owner_warning);
mAddMsg = (TextView)findViewById(R.id.add_msg); mAddMsg = (TextView)findViewById(R.id.add_msg);
mAddMsgExpander = (ImageView) findViewById(R.id.add_msg_expander); mAddMsgExpander = (ImageView) findViewById(R.id.add_msg_expander);
@@ -225,21 +252,7 @@ public class DeviceAdminAdd extends Activity {
mActionButton.setOnClickListener(new View.OnClickListener() { mActionButton.setOnClickListener(new View.OnClickListener() {
public void onClick(View v) { public void onClick(View v) {
if (mAdding) { if (mAdding) {
try { addAndFinish();
mDPM.setActiveAdmin(mDeviceAdmin.getComponent(), mRefreshing);
setResult(Activity.RESULT_OK);
EventLog.writeEvent(EventLogTags.EXP_DET_DEVICE_ADMIN_ACTIVATED_BY_USER,
mDeviceAdmin.getActivityInfo().applicationInfo.uid);
} catch (RuntimeException e) {
// Something bad happened... could be that it was
// already set, though.
Log.w(TAG, "Exception trying to activate admin "
+ mDeviceAdmin.getComponent(), e);
if (mDPM.isAdminActive(mDeviceAdmin.getComponent())) {
setResult(Activity.RESULT_OK);
}
}
finish();
} else if (!mWaitingForRemoveMsg) { } else if (!mWaitingForRemoveMsg) {
try { try {
// Don't allow the admin to put a dialog up in front // Don't allow the admin to put a dialog up in front
@@ -270,6 +283,32 @@ public class DeviceAdminAdd extends Activity {
}); });
} }
void addAndFinish() {
try {
mDPM.setActiveAdmin(mDeviceAdmin.getComponent(), mRefreshing);
EventLog.writeEvent(EventLogTags.EXP_DET_DEVICE_ADMIN_ACTIVATED_BY_USER,
mDeviceAdmin.getActivityInfo().applicationInfo.uid);
setResult(Activity.RESULT_OK);
} catch (RuntimeException e) {
// Something bad happened... could be that it was
// already set, though.
Log.w(TAG, "Exception trying to activate admin "
+ mDeviceAdmin.getComponent(), e);
if (mDPM.isAdminActive(mDeviceAdmin.getComponent())) {
setResult(Activity.RESULT_OK);
}
}
if (mAddingProfileOwner) {
try {
mDPM.setProfileOwner(mDeviceAdmin.getComponent(),
mProfileOwnerName, UserHandle.myUserId());
} catch (RuntimeException re) {
setResult(Activity.RESULT_CANCELED);
}
}
finish();
}
void continueRemoveAction(CharSequence msg) { void continueRemoveAction(CharSequence msg) {
if (!mWaitingForRemoveMsg) { if (!mWaitingForRemoveMsg) {
return; return;
@@ -367,6 +406,9 @@ public class DeviceAdminAdd extends Activity {
} catch (Resources.NotFoundException e) { } catch (Resources.NotFoundException e) {
mAdminDescription.setVisibility(View.GONE); mAdminDescription.setVisibility(View.GONE);
} }
if (mAddingProfileOwner) {
mProfileOwnerWarning.setVisibility(View.VISIBLE);
}
if (mAddMsgText != null) { if (mAddMsgText != null) {
mAddMsg.setText(mAddMsgText); mAddMsg.setText(mAddMsgText);
mAddMsg.setVisibility(View.VISIBLE); mAddMsg.setVisibility(View.VISIBLE);
@@ -374,7 +416,8 @@ public class DeviceAdminAdd extends Activity {
mAddMsg.setVisibility(View.GONE); mAddMsg.setVisibility(View.GONE);
mAddMsgExpander.setVisibility(View.GONE); mAddMsgExpander.setVisibility(View.GONE);
} }
if (!mRefreshing && mDPM.isAdminActive(mDeviceAdmin.getComponent())) { if (!mRefreshing && !mAddingProfileOwner
&& mDPM.isAdminActive(mDeviceAdmin.getComponent())) {
if (mActivePolicies.size() == 0) { if (mActivePolicies.size() == 0) {
ArrayList<DeviceAdminInfo.PolicyInfo> policies = mDeviceAdmin.getUsedPolicies(); ArrayList<DeviceAdminInfo.PolicyInfo> policies = mDeviceAdmin.getUsedPolicies();
for (int i=0; i<policies.size(); i++) { for (int i=0; i<policies.size(); i++) {
@@ -407,7 +450,11 @@ public class DeviceAdminAdd extends Activity {
setViewVisibility(mActivePolicies, View.GONE); setViewVisibility(mActivePolicies, View.GONE);
mAdminWarning.setText(getString(R.string.device_admin_warning, mAdminWarning.setText(getString(R.string.device_admin_warning,
mDeviceAdmin.getActivityInfo().applicationInfo.loadLabel(getPackageManager()))); mDeviceAdmin.getActivityInfo().applicationInfo.loadLabel(getPackageManager())));
if (mAddingProfileOwner) {
setTitle(getText(R.string.profile_owner_add_title));
} else {
setTitle(getText(R.string.add_device_admin_msg)); setTitle(getText(R.string.add_device_admin_msg));
}
mActionButton.setText(getText(R.string.add_device_admin)); mActionButton.setText(getText(R.string.add_device_admin));
mAdding = true; mAdding = true;
} }

9
src/com/android/settings/DeviceAdminSettings.java
View File

@@ -57,6 +57,7 @@ public class DeviceAdminSettings extends ListFragment {
final HashSet<ComponentName> mActiveAdmins = new HashSet<ComponentName>(); final HashSet<ComponentName> mActiveAdmins = new HashSet<ComponentName>();
final ArrayList<DeviceAdminInfo> mAvailableAdmins = new ArrayList<DeviceAdminInfo>(); final ArrayList<DeviceAdminInfo> mAvailableAdmins = new ArrayList<DeviceAdminInfo>();
String mDeviceOwnerPkg; String mDeviceOwnerPkg;
ComponentName mProfileOwnerComponent;
@Override @Override
public void onCreate(Bundle icicle) { public void onCreate(Bundle icicle) {
@@ -84,6 +85,7 @@ public class DeviceAdminSettings extends ListFragment {
if (mDeviceOwnerPkg != null && !mDPM.isDeviceOwner(mDeviceOwnerPkg)) { if (mDeviceOwnerPkg != null && !mDPM.isDeviceOwner(mDeviceOwnerPkg)) {
mDeviceOwnerPkg = null; mDeviceOwnerPkg = null;
} }
mProfileOwnerComponent = mDPM.getProfileOwner();
updateList(); updateList();
} }
@@ -189,8 +191,11 @@ public class DeviceAdminSettings extends ListFragment {
public boolean isEnabled(int position) { public boolean isEnabled(int position) {
DeviceAdminInfo info = mAvailableAdmins.get(position); DeviceAdminInfo info = mAvailableAdmins.get(position);
if (mActiveAdmins.contains(info.getComponent()) String packageName = info.getPackageName();
&& info.getPackageName().equals(mDeviceOwnerPkg)) { ComponentName component = info.getComponent();
if (mActiveAdmins.contains(component)
&& (packageName.equals(mDeviceOwnerPkg)
|| component.equals(mProfileOwnerComponent))) {
return false; return false;
} else { } else {
return true; return true;