PawletOS/app_Settings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enforce disallow switch user in user settings

Browse Source 
Disallow the following actions which result in switch user when DISALLOW_USER_SWITCH is set
- Creating guest
- Showing user setup dialog for newly created user
- Clicking uninitialized user preference

Bug: 71694430
Test: CTSVerifier DeviceOwnerPositiveTest - DISALLOW_USER_SWITCH
Test: m -j ROBOTEST_FILTER=UserCapabilitiesTest RunSettingsRoboTests
Test: m -j ROBOTEST_FILTER=AddUserWhenLockedPreferenceController RunSettingsRoboTests
Test: m -j ROBOTEST_FILTER=UserSettingsTest RunSettingsRoboTests
Change-Id: Ia4c7e7b4947bfaf2ebeef4d32a473bdac542d6a6
This commit is contained in:
Alex Chau
2018-01-30 14:22:50 +00:00
parent 54e304b897
commit ffae4c1a0e
3 changed files with 94 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/com/android/settings/users/UserCapabilities.java
View File

@@ -34,6 +34,7 @@ public class UserCapabilities {
boolean mCanAddGuest; boolean mCanAddGuest;
boolean mDisallowAddUser; boolean mDisallowAddUser;
boolean mDisallowAddUserSetByAdmin; boolean mDisallowAddUserSetByAdmin;
boolean mDisallowSwitchUser;
RestrictedLockUtils.EnforcedAdmin mEnforcedAdmin; RestrictedLockUtils.EnforcedAdmin mEnforcedAdmin;
private UserCapabilities() {} private UserCapabilities() {}
@@ -79,6 +80,9 @@ public class UserCapabilities {
final boolean canAddUsersWhenLocked = mIsAdmin || Settings.Global.getInt( final boolean canAddUsersWhenLocked = mIsAdmin || Settings.Global.getInt(
context.getContentResolver(), Settings.Global.ADD_USERS_WHEN_LOCKED, 0) == 1; context.getContentResolver(), Settings.Global.ADD_USERS_WHEN_LOCKED, 0) == 1;
mCanAddGuest = !mIsGuest && !mDisallowAddUser && canAddUsersWhenLocked; mCanAddGuest = !mIsGuest && !mDisallowAddUser && canAddUsersWhenLocked;
UserManager userManager = (UserManager) context.getSystemService(Context.USER_SERVICE);
mDisallowSwitchUser = userManager.hasUserRestriction(UserManager.DISALLOW_USER_SWITCH);
} }
public boolean isAdmin() { public boolean isAdmin() {
@@ -109,6 +113,7 @@ public class UserCapabilities {
", mCanAddGuest=" + mCanAddGuest + ", mCanAddGuest=" + mCanAddGuest +
", mDisallowAddUser=" + mDisallowAddUser + ", mDisallowAddUser=" + mDisallowAddUser +
", mEnforcedAdmin=" + mEnforcedAdmin + ", mEnforcedAdmin=" + mEnforcedAdmin +
", mDisallowSwitchUser=" + mDisallowSwitchUser +
'}'; '}';
} }
} }

25
src/com/android/settings/users/UserSettings.java
View File

@@ -754,8 +754,12 @@ public class UserSettings extends SettingsPreferenceFragment
synchronized (mUserLock) { synchronized (mUserLock) {
if (userType == USER_TYPE_USER) { if (userType == USER_TYPE_USER) {
mHandler.sendEmptyMessage(MESSAGE_UPDATE_LIST); mHandler.sendEmptyMessage(MESSAGE_UPDATE_LIST);
mHandler.sendMessage(mHandler.obtainMessage( // Skip setting up user which results in user switching when the
MESSAGE_SETUP_USER, user.id, user.serialNumber)); // restriction is set.
if (!mUserCaps.mDisallowSwitchUser) {
mHandler.sendMessage(mHandler.obtainMessage(
MESSAGE_SETUP_USER, user.id, user.serialNumber));
}
} else { } else {
mHandler.sendMessage(mHandler.obtainMessage( mHandler.sendMessage(mHandler.obtainMessage(
MESSAGE_CONFIG_USER, user.id, user.serialNumber)); MESSAGE_CONFIG_USER, user.id, user.serialNumber));
@@ -842,8 +846,12 @@ public class UserSettings extends SettingsPreferenceFragment
} else { } else {
pref.setSummary(R.string.user_summary_not_set_up); pref.setSummary(R.string.user_summary_not_set_up);
} }
pref.setOnPreferenceClickListener(this); // Disallow setting up user which results in user switching when the restriction is
pref.setSelectable(true); // set.
if (!mUserCaps.mDisallowSwitchUser) {
pref.setOnPreferenceClickListener(this);
pref.setSelectable(true);
}
} else if (user.isRestricted()) { } else if (user.isRestricted()) {
pref.setSummary(R.string.user_summary_restricted_profile); pref.setSummary(R.string.user_summary_restricted_profile);
} }
@@ -882,8 +890,13 @@ public class UserSettings extends SettingsPreferenceFragment
pref.setTitle(R.string.user_guest); pref.setTitle(R.string.user_guest);
pref.setIcon(getEncircledDefaultIcon()); pref.setIcon(getEncircledDefaultIcon());
userPreferences.add(pref); userPreferences.add(pref);
pref.setDisabledByAdmin( if (mUserCaps.mDisallowAddUser) {
mUserCaps.mDisallowAddUser ? mUserCaps.mEnforcedAdmin : null); pref.setDisabledByAdmin(mUserCaps.mEnforcedAdmin);
} else if (mUserCaps.mDisallowSwitchUser) {
pref.setDisabledByAdmin(RestrictedLockUtils.getDeviceOwner(context));
} else {
pref.setDisabledByAdmin(null);
}
int finalGuestId = guestId; int finalGuestId = guestId;
pref.setOnPreferenceClickListener(preference -> { pref.setOnPreferenceClickListener(preference -> {
int id = finalGuestId; int id = finalGuestId;

70
tests/robotests/src/com/android/settings/users/UserCapabilitiesTest.java Normal file
View File

@@ -0,0 +1,70 @@
/*
* Copyright (C) 2018 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.android.settings.users;
import static com.google.common.truth.Truth.assertThat;
import static org.mockito.Mockito.when;
import android.content.Context;
import android.os.UserManager;
import com.android.settings.TestConfig;
import com.android.settings.testutils.SettingsRobolectricTestRunner;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.MockitoAnnotations;
import org.robolectric.annotation.Config;
@RunWith(SettingsRobolectricTestRunner.class)
@Config(manifest = TestConfig.MANIFEST_PATH, sdk = TestConfig.SDK_VERSION)
public class UserCapabilitiesTest {
@Mock
private Context mContext;
@Mock
private UserManager mUserManager;
@Before
public void setUp() {
MockitoAnnotations.initMocks(this);
when(mContext.getSystemService(Context.USER_SERVICE)).thenReturn(mUserManager);
}
@Test
public void disallowUserSwitchWhenRestrictionIsSet() {
when(mUserManager.hasUserRestriction(UserManager.DISALLOW_USER_SWITCH)).thenReturn(true);
UserCapabilities userCapabilities = UserCapabilities.create(mContext);
userCapabilities.updateAddUserCapabilities(mContext);
assertThat(userCapabilities.mDisallowSwitchUser).isTrue();
}
@Test
public void allowUserSwitchWhenRestrictionIsNotSet() {
when(mUserManager.hasUserRestriction(UserManager.DISALLOW_USER_SWITCH)).thenReturn(false);
UserCapabilities userCapabilities = UserCapabilities.create(mContext);
userCapabilities.updateAddUserCapabilities(mContext);
assertThat(userCapabilities.mDisallowSwitchUser).isFalse();
}
}