Merge "Restrict admin status change when DISALLOW_GRANT_ADMIN is present" into main
This commit is contained in:
Nikhil Kumar
Android (Google) Code Review
@@ -370,11 +370,18 @@ public class UserDetailsSettings extends SettingsPreferenceFragment
|
||||
}
|
||||
mSwitchUserPref.setOnPreferenceClickListener(this);
|
||||
}
|
||||
if (android.multiuser.Flags.unicornModeRefactoringForHsumReadOnly()) {
|
||||
if (isChangingAdminStatusRestricted()) {
|
||||
removePreference(KEY_GRANT_ADMIN);
|
||||
}
|
||||
} else {
|
||||
if (mUserInfo.isMain() || mUserInfo.isGuest() || !UserManager.isMultipleAdminEnabled()
|
||||
|| mUserManager.hasUserRestrictionForUser(UserManager.DISALLOW_GRANT_ADMIN,
|
||||
mUserInfo.getUserHandle()) || !mUserManager.isAdminUser()) {
|
||||
removePreference(KEY_GRANT_ADMIN);
|
||||
}
|
||||
}
|
||||
|
||||
if (!mUserManager.isAdminUser()) { // non admin users can't remove users and allow calls
|
||||
removePreference(KEY_ENABLE_TELEPHONY);
|
||||
removePreference(KEY_REMOVE_USER);
|
||||
@@ -552,4 +559,33 @@ public class UserDetailsSettings extends SettingsPreferenceFragment
|
||||
// return true so there will be no setup prompt dialog shown to the user anymore.
|
||||
return isSecondaryUser(mUserInfo) && !mUserInfo.isInitialized();
|
||||
}
|
||||
|
||||
/**
|
||||
* Determines if changing admin status is restricted.
|
||||
*
|
||||
* <p>Admin status change is restricted under the following conditions of current & target user.
|
||||
*
|
||||
* <ul>
|
||||
* <li>The <b>current</b> user is NOT an admin user.</li>
|
||||
* <li>OR multiple admin support is NOT enabled.</li>
|
||||
* <li>OR the <b>current</b> user has DISALLOW_GRANT_ADMIN restriction applied</li>
|
||||
*
|
||||
* <li>OR the <b>target</b> user ('mUserInfo') is a main user OR a guest user.</li>
|
||||
* <li>OR the <b>target</b> user ('mUserInfo') has DISALLOW_GRANT_ADMIN restriction.</li>
|
||||
* </ul>
|
||||
*
|
||||
* @return true if changing admin status is restricted, false otherwise
|
||||
*/
|
||||
private boolean isChangingAdminStatusRestricted() {
|
||||
boolean currentUserRestricted = !mUserManager.isAdminUser()
|
||||
|| !UserManager.isMultipleAdminEnabled()
|
||||
|| mUserManager.hasUserRestriction(UserManager.DISALLOW_GRANT_ADMIN);
|
||||
|
||||
boolean targetUserRestricted = mUserInfo.isMain()
|
||||
|| mUserInfo.isGuest()
|
||||
|| mUserManager.hasUserRestrictionForUser(UserManager.DISALLOW_GRANT_ADMIN,
|
||||
mUserInfo.getUserHandle());
|
||||
|
||||
return currentUserRestricted || targetUserRestricted;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -729,12 +729,25 @@ public class UserDetailsSettingsTest {
|
||||
public void initialize_restrictUserSelected_shouldNotShowGrantAdminPref_MultipleAdminEnabled() {
|
||||
setupSelectedUser();
|
||||
ShadowUserManager.setIsMultipleAdminEnabled(true);
|
||||
// target user has DISALLOW_GRANT_ADMIN restriction
|
||||
mUserManager.setUserRestriction(mUserInfo.getUserHandle(),
|
||||
UserManager.DISALLOW_GRANT_ADMIN, true);
|
||||
mFragment.initialize(mActivity, mArguments);
|
||||
verify(mFragment).removePreference(KEY_GRANT_ADMIN);
|
||||
}
|
||||
|
||||
@Test
|
||||
@RequiresFlagsEnabled(Flags.FLAG_UNICORN_MODE_REFACTORING_FOR_HSUM_READ_ONLY)
|
||||
public void initialize_currentUserRestrict_shouldNotShowGrantAdminPref_MultipleAdminEnabled() {
|
||||
setupSelectedUser();
|
||||
ShadowUserManager.setIsMultipleAdminEnabled(true);
|
||||
// current user has DISALLOW_GRANT_ADMIN restriction
|
||||
mUserManager.setUserRestriction(mContext.getUser(),
|
||||
UserManager.DISALLOW_GRANT_ADMIN, true);
|
||||
mFragment.initialize(mActivity, mArguments);
|
||||
verify(mFragment).removePreference(KEY_GRANT_ADMIN);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void initialize_mainUserSelected_shouldShowGrantAdminPref_MultipleAdminEnabled() {
|
||||
setupSelectedMainUser();
|
||||
|
||||
Reference in New Issue
Block a user