• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2018 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 package com.android.server.devicepolicy;
17 
18 import android.annotation.UserIdInt;
19 import android.app.admin.DevicePolicyCache;
20 import android.app.admin.DevicePolicyManager;
21 import android.util.IndentingPrintWriter;
22 import android.util.SparseBooleanArray;
23 import android.util.SparseIntArray;
24 
25 import com.android.internal.annotations.GuardedBy;
26 
27 /**
28  * Implementation of {@link DevicePolicyCache}, to which {@link DevicePolicyManagerService} pushes
29  * policies.
30  *
31  * TODO Move other copies of policies into this class too.
32  */
33 public class DevicePolicyCacheImpl extends DevicePolicyCache {
34     /**
35      * Lock object. For simplicity we just always use this as the lock. We could use each object
36      * as a lock object to make it more fine-grained, but that'd make copy-paste error-prone.
37      */
38     private final Object mLock = new Object();
39 
40     @GuardedBy("mLock")
41     private final SparseBooleanArray mScreenCaptureDisabled = new SparseBooleanArray();
42 
43     @GuardedBy("mLock")
44     private final SparseIntArray mPasswordQuality = new SparseIntArray();
45 
46     @GuardedBy("mLock")
47     private final SparseIntArray mPermissionPolicy = new SparseIntArray();
48 
49     @GuardedBy("mLock")
50     private final SparseBooleanArray mCanGrantSensorsPermissions = new SparseBooleanArray();
51 
onUserRemoved(int userHandle)52     public void onUserRemoved(int userHandle) {
53         synchronized (mLock) {
54             mScreenCaptureDisabled.delete(userHandle);
55             mPasswordQuality.delete(userHandle);
56             mPermissionPolicy.delete(userHandle);
57             mCanGrantSensorsPermissions.delete(userHandle);
58         }
59     }
60 
61     @Override
isScreenCaptureAllowed(int userHandle, boolean ownerCanAddInternalSystemWindow)62     public boolean isScreenCaptureAllowed(int userHandle, boolean ownerCanAddInternalSystemWindow) {
63         synchronized (mLock) {
64             return !mScreenCaptureDisabled.get(userHandle) || ownerCanAddInternalSystemWindow;
65         }
66     }
67 
setScreenCaptureAllowed(int userHandle, boolean allowed)68     public void setScreenCaptureAllowed(int userHandle, boolean allowed) {
69         synchronized (mLock) {
70             mScreenCaptureDisabled.put(userHandle, !allowed);
71         }
72     }
73 
74     @Override
getPasswordQuality(@serIdInt int userHandle)75     public int getPasswordQuality(@UserIdInt int userHandle) {
76         synchronized (mLock) {
77             return mPasswordQuality.get(userHandle,
78                     DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED);
79         }
80     }
81 
82     /** Updat the password quality cache for the given user */
setPasswordQuality(int userHandle, int quality)83     public void setPasswordQuality(int userHandle, int quality) {
84         synchronized (mLock) {
85             mPasswordQuality.put(userHandle, quality);
86         }
87     }
88 
89     @Override
getPermissionPolicy(@serIdInt int userHandle)90     public int getPermissionPolicy(@UserIdInt int userHandle) {
91         synchronized (mLock) {
92             return mPermissionPolicy.get(userHandle,
93                     DevicePolicyManager.PERMISSION_POLICY_PROMPT);
94         }
95     }
96 
97     /** Update the permission policy for the given user. */
setPermissionPolicy(@serIdInt int userHandle, int policy)98     public void setPermissionPolicy(@UserIdInt int userHandle, int policy) {
99         synchronized (mLock) {
100             mPermissionPolicy.put(userHandle, policy);
101         }
102     }
103 
104     @Override
canAdminGrantSensorsPermissionsForUser(@serIdInt int userHandle)105     public boolean canAdminGrantSensorsPermissionsForUser(@UserIdInt int userHandle) {
106         synchronized (mLock) {
107             return mCanGrantSensorsPermissions.get(userHandle, false);
108         }
109     }
110 
111     /** Sets ahmin control over permission grants for user. */
setAdminCanGrantSensorsPermissions(@serIdInt int userHandle, boolean canGrant)112     public void setAdminCanGrantSensorsPermissions(@UserIdInt int userHandle,
113             boolean canGrant) {
114         synchronized (mLock) {
115             mCanGrantSensorsPermissions.put(userHandle, canGrant);
116         }
117     }
118 
119     /** Dump content */
dump(IndentingPrintWriter pw)120     public void dump(IndentingPrintWriter pw) {
121         pw.println("Device policy cache:");
122         pw.increaseIndent();
123         pw.println("Screen capture disabled: " + mScreenCaptureDisabled.toString());
124         pw.println("Password quality: " + mPasswordQuality.toString());
125         pw.println("Permission policy: " + mPermissionPolicy.toString());
126         pw.println("Admin can grant sensors permission: "
127                 + mCanGrantSensorsPermissions.toString());
128         pw.decreaseIndent();
129     }
130 }
131