Enforce disallow switch user in user settings
Disallow the following actions which result in switch user when DISALLOW_USER_SWITCH is set - Creating guest - Showing user setup dialog for newly created user - Clicking uninitialized user preference Bug: 71694430 Test: CTSVerifier DeviceOwnerPositiveTest - DISALLOW_USER_SWITCH Test: m -j ROBOTEST_FILTER=UserCapabilitiesTest RunSettingsRoboTests Test: m -j ROBOTEST_FILTER=AddUserWhenLockedPreferenceController RunSettingsRoboTests Test: m -j ROBOTEST_FILTER=UserSettingsTest RunSettingsRoboTests Change-Id: Ia4c7e7b4947bfaf2ebeef4d32a473bdac542d6a6
This commit is contained in:
Alex Chau
@@ -34,6 +34,7 @@ public class UserCapabilities {
|
||||
boolean mCanAddGuest;
|
||||
boolean mDisallowAddUser;
|
||||
boolean mDisallowAddUserSetByAdmin;
|
||||
boolean mDisallowSwitchUser;
|
||||
RestrictedLockUtils.EnforcedAdmin mEnforcedAdmin;
|
||||
|
||||
private UserCapabilities() {}
|
||||
@@ -79,6 +80,9 @@ public class UserCapabilities {
|
||||
final boolean canAddUsersWhenLocked = mIsAdmin || Settings.Global.getInt(
|
||||
context.getContentResolver(), Settings.Global.ADD_USERS_WHEN_LOCKED, 0) == 1;
|
||||
mCanAddGuest = !mIsGuest && !mDisallowAddUser && canAddUsersWhenLocked;
|
||||
|
||||
UserManager userManager = (UserManager) context.getSystemService(Context.USER_SERVICE);
|
||||
mDisallowSwitchUser = userManager.hasUserRestriction(UserManager.DISALLOW_USER_SWITCH);
|
||||
}
|
||||
|
||||
public boolean isAdmin() {
|
||||
@@ -109,6 +113,7 @@ public class UserCapabilities {
|
||||
", mCanAddGuest=" + mCanAddGuest +
|
||||
", mDisallowAddUser=" + mDisallowAddUser +
|
||||
", mEnforcedAdmin=" + mEnforcedAdmin +
|
||||
", mDisallowSwitchUser=" + mDisallowSwitchUser +
|
||||
'}';
|
||||
}
|
||||
}
|
||||
|
||||
@@ -754,8 +754,12 @@ public class UserSettings extends SettingsPreferenceFragment
|
||||
synchronized (mUserLock) {
|
||||
if (userType == USER_TYPE_USER) {
|
||||
mHandler.sendEmptyMessage(MESSAGE_UPDATE_LIST);
|
||||
mHandler.sendMessage(mHandler.obtainMessage(
|
||||
MESSAGE_SETUP_USER, user.id, user.serialNumber));
|
||||
// Skip setting up user which results in user switching when the
|
||||
// restriction is set.
|
||||
if (!mUserCaps.mDisallowSwitchUser) {
|
||||
mHandler.sendMessage(mHandler.obtainMessage(
|
||||
MESSAGE_SETUP_USER, user.id, user.serialNumber));
|
||||
}
|
||||
} else {
|
||||
mHandler.sendMessage(mHandler.obtainMessage(
|
||||
MESSAGE_CONFIG_USER, user.id, user.serialNumber));
|
||||
@@ -842,8 +846,12 @@ public class UserSettings extends SettingsPreferenceFragment
|
||||
} else {
|
||||
pref.setSummary(R.string.user_summary_not_set_up);
|
||||
}
|
||||
pref.setOnPreferenceClickListener(this);
|
||||
pref.setSelectable(true);
|
||||
// Disallow setting up user which results in user switching when the restriction is
|
||||
// set.
|
||||
if (!mUserCaps.mDisallowSwitchUser) {
|
||||
pref.setOnPreferenceClickListener(this);
|
||||
pref.setSelectable(true);
|
||||
}
|
||||
} else if (user.isRestricted()) {
|
||||
pref.setSummary(R.string.user_summary_restricted_profile);
|
||||
}
|
||||
@@ -882,8 +890,13 @@ public class UserSettings extends SettingsPreferenceFragment
|
||||
pref.setTitle(R.string.user_guest);
|
||||
pref.setIcon(getEncircledDefaultIcon());
|
||||
userPreferences.add(pref);
|
||||
pref.setDisabledByAdmin(
|
||||
mUserCaps.mDisallowAddUser ? mUserCaps.mEnforcedAdmin : null);
|
||||
if (mUserCaps.mDisallowAddUser) {
|
||||
pref.setDisabledByAdmin(mUserCaps.mEnforcedAdmin);
|
||||
} else if (mUserCaps.mDisallowSwitchUser) {
|
||||
pref.setDisabledByAdmin(RestrictedLockUtils.getDeviceOwner(context));
|
||||
} else {
|
||||
pref.setDisabledByAdmin(null);
|
||||
}
|
||||
int finalGuestId = guestId;
|
||||
pref.setOnPreferenceClickListener(preference -> {
|
||||
int id = finalGuestId;
|
||||
|
||||
Reference in New Issue
Block a user