159 lines
5.6 KiB
Java
159 lines
5.6 KiB
Java
/*
|
|
* Copyright (C) 2016 The Android Open Source Project
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
package com.android.settings.accounts;
|
|
|
|
import static android.os.UserManager.DISALLOW_REMOVE_MANAGED_PROFILE;
|
|
|
|
import static com.android.settingslib.RestrictedLockUtils.EnforcedAdmin;
|
|
|
|
import android.annotation.UserIdInt;
|
|
import android.app.admin.DevicePolicyManager;
|
|
import android.content.ComponentName;
|
|
import android.content.Context;
|
|
import android.content.pm.UserInfo;
|
|
import android.os.UserHandle;
|
|
import android.os.UserManager;
|
|
|
|
import androidx.preference.Preference;
|
|
|
|
import com.android.settings.AccessiblePreferenceCategory;
|
|
import com.android.settingslib.Restrictable;
|
|
import com.android.settingslib.RestrictedLockUtilsInternal;
|
|
|
|
import java.util.ArrayList;
|
|
|
|
public class AccountRestrictionHelper {
|
|
|
|
private final Context mContext;
|
|
|
|
public AccountRestrictionHelper(Context context) {
|
|
mContext = context;
|
|
}
|
|
|
|
/**
|
|
* Checks if the account should be shown based on the required authorities for the account type
|
|
*
|
|
* @param authorities given authority that is passed as activity extra
|
|
* @param auths list of authorities for particular account type
|
|
* @return true if the activity has the required authority to show the account
|
|
*/
|
|
public static boolean showAccount(String[] authorities, ArrayList<String> auths) {
|
|
boolean showAccount = true;
|
|
if (authorities != null && auths != null) {
|
|
showAccount = false;
|
|
for (String requestedAuthority : authorities) {
|
|
if (auths.contains(requestedAuthority)) {
|
|
return true;
|
|
}
|
|
}
|
|
}
|
|
return showAccount;
|
|
}
|
|
|
|
/**
|
|
* Configure the UI of the preference by checking user restriction.
|
|
*
|
|
* @param preference The preference we are configuring.
|
|
* @param userRestriction The user restriction related to the preference.
|
|
* @param userId The user that we retrieve user restriction of.
|
|
*/
|
|
public void enforceRestrictionOnPreference(Preference preference,
|
|
String userRestriction, @UserIdInt int userId) {
|
|
if (preference == null) {
|
|
return;
|
|
}
|
|
if (!(preference instanceof Restrictable)) {
|
|
return;
|
|
}
|
|
|
|
final Restrictable restrictedPreference = (Restrictable) preference;
|
|
|
|
if (hasBaseUserRestriction(userRestriction, userId)) {
|
|
if (userRestriction.equals(DISALLOW_REMOVE_MANAGED_PROFILE)
|
|
&& isOrganizationOwnedDevice()) {
|
|
restrictedPreference.setDisabledByAdmin(getEnforcedAdmin(userRestriction, userId));
|
|
} else {
|
|
preference.setEnabled(false);
|
|
}
|
|
} else {
|
|
restrictedPreference.checkRestrictionAndSetDisabled(userRestriction, userId);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Check if the system has set the user restriction.
|
|
* @param userRestriction The user restriction.
|
|
* @param userId The user that we retrieve user restriction of.
|
|
* @return {@code true} if set restriction.
|
|
*/
|
|
public boolean hasBaseUserRestriction(String userRestriction, @UserIdInt int userId) {
|
|
return RestrictedLockUtilsInternal.hasBaseUserRestriction(mContext, userRestriction,
|
|
userId);
|
|
}
|
|
|
|
/**
|
|
* Apps can use this method to find out if the device was provisioned as
|
|
* organization-owend device.
|
|
*
|
|
* @return {@code true} if the device was provisioned as organization-owned device,
|
|
* {@code false} otherwise.
|
|
*/
|
|
public boolean isOrganizationOwnedDevice() {
|
|
final DevicePolicyManager dpm = (DevicePolicyManager) mContext.getSystemService(
|
|
Context.DEVICE_POLICY_SERVICE);
|
|
if (dpm == null) {
|
|
return false;
|
|
}
|
|
return dpm.isOrganizationOwnedDeviceWithManagedProfile();
|
|
}
|
|
|
|
/**
|
|
* Get the restriction enforced by admin
|
|
* @param userRestriction The user restriction.
|
|
* @param userId The user that we retrieve user restriction of.
|
|
* @return {EnforcedAdmin}
|
|
*/
|
|
public EnforcedAdmin getEnforcedAdmin(String userRestriction, int userId) {
|
|
final DevicePolicyManager dpm = (DevicePolicyManager) mContext.getSystemService(
|
|
Context.DEVICE_POLICY_SERVICE);
|
|
if (dpm == null) {
|
|
return null;
|
|
}
|
|
final int managedUsedId = getManagedUserId(userId);
|
|
ComponentName adminComponent = dpm.getProfileOwnerAsUser(managedUsedId);
|
|
if (adminComponent != null) {
|
|
return new EnforcedAdmin(adminComponent, userRestriction,
|
|
UserHandle.of(managedUsedId));
|
|
}
|
|
return null;
|
|
}
|
|
|
|
private int getManagedUserId(int userId) {
|
|
final UserManager um = UserManager.get(mContext);
|
|
for (UserInfo ui : um.getProfiles(userId)) {
|
|
if (ui.id == userId || !ui.isManagedProfile()) {
|
|
continue;
|
|
}
|
|
return ui.id;
|
|
}
|
|
return -1;
|
|
}
|
|
|
|
public AccessiblePreferenceCategory createAccessiblePreferenceCategory(Context context) {
|
|
return new AccessiblePreferenceCategory(context);
|
|
}
|
|
}
|