1 /* 2 * Copyright (C) 2012 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.os; 18 19 import static android.app.admin.DevicePolicyResources.Drawables.Style.SOLID_COLORED; 20 import static android.app.admin.DevicePolicyResources.Strings.Core.WORK_PROFILE_BADGED_LABEL; 21 import static android.app.admin.DevicePolicyResources.Strings.SystemUi.STATUS_BAR_WORK_ICON_ACCESSIBILITY; 22 import static android.app.admin.DevicePolicyResources.UNDEFINED; 23 24 import android.Manifest; 25 import android.accounts.AccountManager; 26 import android.annotation.ColorInt; 27 import android.annotation.DrawableRes; 28 import android.annotation.FlaggedApi; 29 import android.annotation.IntDef; 30 import android.annotation.NonNull; 31 import android.annotation.Nullable; 32 import android.annotation.RequiresPermission; 33 import android.annotation.SpecialUsers.CanBeALL; 34 import android.annotation.SpecialUsers.CanBeNULL; 35 import android.annotation.SpecialUsers.CannotBeSpecialUser; 36 import android.annotation.StringDef; 37 import android.annotation.SuppressAutoDoc; 38 import android.annotation.SuppressLint; 39 import android.annotation.SystemApi; 40 import android.annotation.SystemService; 41 import android.annotation.TestApi; 42 import android.annotation.UserHandleAware; 43 import android.annotation.UserIdInt; 44 import android.annotation.WorkerThread; 45 import android.app.Activity; 46 import android.app.ActivityManager; 47 import android.app.PropertyInvalidatedCache; 48 import android.app.admin.DevicePolicyManager; 49 import android.app.compat.CompatChanges; 50 import android.compat.annotation.ChangeId; 51 import android.compat.annotation.EnabledSince; 52 import android.compat.annotation.UnsupportedAppUsage; 53 import android.content.ComponentName; 54 import android.content.Context; 55 import android.content.Intent; 56 import android.content.IntentFilter; 57 import android.content.IntentSender; 58 import android.content.pm.UserInfo; 59 import android.content.pm.UserInfo.UserInfoFlag; 60 import android.content.pm.UserProperties; 61 import android.content.res.Resources; 62 import android.graphics.Bitmap; 63 import android.graphics.BitmapFactory; 64 import android.graphics.Rect; 65 import android.graphics.drawable.Drawable; 66 import android.location.LocationManager; 67 import android.nfc.Flags; 68 import android.provider.Settings; 69 import android.util.AndroidException; 70 import android.util.ArraySet; 71 import android.util.Log; 72 import android.util.Pair; 73 import android.view.WindowManager.LayoutParams; 74 75 import com.android.internal.R; 76 import com.android.internal.annotations.CachedProperty; 77 import com.android.internal.annotations.CachedPropertyDefaults; 78 79 import java.io.IOException; 80 import java.lang.annotation.Retention; 81 import java.lang.annotation.RetentionPolicy; 82 import java.util.ArrayList; 83 import java.util.List; 84 import java.util.Objects; 85 import java.util.Set; 86 87 /** 88 * Manages users and user details on a multi-user system. There are two major categories of 89 * users: fully customizable users with their own login, and profiles that share a workspace 90 * with a related user. 91 * <p> 92 * Users are different from accounts, which are managed by 93 * {@link AccountManager}. Each user can have their own set of accounts. 94 * <p> 95 * See {@link DevicePolicyManager#ACTION_PROVISION_MANAGED_PROFILE} for more on managed profiles. 96 */ 97 @SystemService(Context.USER_SERVICE) 98 @android.ravenwood.annotation.RavenwoodKeepPartialClass 99 @CachedPropertyDefaults() 100 public class UserManager { 101 102 private static final String TAG = "UserManager"; 103 104 @UnsupportedAppUsage 105 private final IUserManager mService; 106 /** Holding the Application context (not constructor param context). */ 107 private final Context mContext; 108 109 /** The userId of the constructor param context. To be used instead of mContext.getUserId(). */ 110 private final @UserIdInt int mUserId; 111 112 /** The userType of UserHandle.myUserId(); empty string if not a profile; null until cached. */ 113 private String mProfileTypeOfProcessUser = null; 114 115 /** Whether the device is in headless system user mode; null until cached. */ 116 private static Boolean sIsHeadlessSystemUser = null; 117 118 /** Generated class containing IpcDataCaches. */ 119 private final Object mIpcDataCache = new UserManagerCache(); 120 121 /** Maximum length of username. 122 * @hide 123 */ 124 public static final int MAX_USER_NAME_LENGTH = 100; 125 126 /** Maximum length of user property String value. 127 * @hide 128 */ 129 public static final int MAX_ACCOUNT_STRING_LENGTH = 500; 130 131 /** Maximum length of account options String values. 132 * @hide 133 */ 134 public static final int MAX_ACCOUNT_OPTIONS_LENGTH = 1000; 135 136 /** 137 * User type representing a {@link UserHandle#USER_SYSTEM system} user that is a human user. 138 * This type of user cannot be created; it can only pre-exist on first boot. 139 * @hide 140 */ 141 @SystemApi 142 public static final String USER_TYPE_FULL_SYSTEM = "android.os.usertype.full.SYSTEM"; 143 144 /** 145 * User type representing a regular non-profile non-{@link UserHandle#USER_SYSTEM system} human 146 * user. 147 * This is sometimes called an ordinary 'secondary user'. 148 * @hide 149 */ 150 @SystemApi 151 public static final String USER_TYPE_FULL_SECONDARY = "android.os.usertype.full.SECONDARY"; 152 153 /** 154 * User type representing a guest user that may be transient. 155 * @hide 156 */ 157 @SystemApi 158 public static final String USER_TYPE_FULL_GUEST = "android.os.usertype.full.GUEST"; 159 160 /** 161 * User type representing a user for demo purposes only, which can be removed at any time. 162 * @hide 163 */ 164 public static final String USER_TYPE_FULL_DEMO = "android.os.usertype.full.DEMO"; 165 166 /** 167 * User type representing a "restricted profile" user, which is a full user that is subject to 168 * certain restrictions from a parent user. Note, however, that it is NOT technically a profile. 169 * @hide 170 */ 171 public static final String USER_TYPE_FULL_RESTRICTED = "android.os.usertype.full.RESTRICTED"; 172 173 /** 174 * User type representing a managed profile, which is a profile that is to be managed by a 175 * device policy controller (DPC). 176 * The intended purpose is for work profiles, which are managed by a corporate entity. 177 */ 178 @FlaggedApi(android.os.Flags.FLAG_ALLOW_PRIVATE_PROFILE) 179 public static final String USER_TYPE_PROFILE_MANAGED = "android.os.usertype.profile.MANAGED"; 180 181 /** 182 * User type representing a clone profile. Clone profile is a user profile type used to run 183 * second instance of an otherwise single user App (eg, messengers). Currently only the 184 * {@link android.content.pm.UserInfo#isMain()} user can have a clone profile. 185 */ 186 @FlaggedApi(android.os.Flags.FLAG_ALLOW_PRIVATE_PROFILE) 187 public static final String USER_TYPE_PROFILE_CLONE = "android.os.usertype.profile.CLONE"; 188 189 190 /** 191 * User type representing a private profile. Private profile is a user profile that can be used 192 * as an alternative user-space to install and use sensitive apps. 193 * UI surfaces can adopt an alternative strategy to show apps belonging to this profile, in line 194 * with their sensitive nature. 195 */ 196 @FlaggedApi(android.os.Flags.FLAG_ALLOW_PRIVATE_PROFILE) 197 public static final String USER_TYPE_PROFILE_PRIVATE = "android.os.usertype.profile.PRIVATE"; 198 199 /** 200 * User type representing a generic profile for testing purposes. Only on debuggable builds. 201 * @hide 202 */ 203 public static final String USER_TYPE_PROFILE_TEST = "android.os.usertype.profile.TEST"; 204 205 /** 206 * User type representing a communal profile, which is shared by all users of the device. 207 * @hide 208 */ 209 public static final String USER_TYPE_PROFILE_COMMUNAL = "android.os.usertype.profile.COMMUNAL"; 210 211 /** 212 * User type representing a user who manages supervision on the device. 213 * When any full user on the device is supervised, the credentials for this profile will be 214 * required in order to perform certain actions for that user (i.e. those controlled by 215 * {@link android.app.supervision.SupervisionManager} or the 216 * {@link android.app.role.RoleManager#ROLE_SYSTEM_SUPERVISION supervision role holder}). 217 * There can only be one supervising profile per device, and the credentials set for that 218 * profile will be used to authorize actions for any supervised user on the device. This is 219 * distinct from a managed profile in that it functions only to authorize certain supervised 220 * actions; it does not represent the user to which restriction or management is applied. 221 * @hide 222 */ 223 @FlaggedApi(android.multiuser.Flags.FLAG_ALLOW_SUPERVISING_PROFILE) 224 @SystemApi 225 public static final String USER_TYPE_PROFILE_SUPERVISING = 226 "android.os.usertype.profile.SUPERVISING"; 227 228 /** 229 * User type representing a {@link UserHandle#USER_SYSTEM system} user that is <b>not</b> a 230 * human user. 231 * This type of user cannot be created; it can only pre-exist on first boot. 232 * @hide 233 */ 234 @SystemApi 235 public static final String USER_TYPE_SYSTEM_HEADLESS = "android.os.usertype.system.HEADLESS"; 236 237 /** 238 * Flag passed to {@link #requestQuietModeEnabled} to request disabling quiet mode only if 239 * there is no need to confirm the user credentials. If credentials are required to disable 240 * quiet mode, {@link #requestQuietModeEnabled} will do nothing and return {@code false}. 241 */ 242 public static final int QUIET_MODE_DISABLE_ONLY_IF_CREDENTIAL_NOT_REQUIRED = 0x1; 243 244 /** 245 * Flag passed to {@link #requestQuietModeEnabled} to request disabling quiet mode without 246 * asking for credentials. This is used when managed profile password is forgotten. It starts 247 * the user in locked state so that a direct boot aware DPC could reset the password. 248 * Should not be used together with 249 * {@link #QUIET_MODE_DISABLE_ONLY_IF_CREDENTIAL_NOT_REQUIRED} or an exception will be thrown. 250 * This flag is currently only allowed for {@link #isManagedProfile() managed profiles}; 251 * usage on other profiles may result in an Exception. 252 * @hide 253 */ 254 public static final int QUIET_MODE_DISABLE_DONT_ASK_CREDENTIAL = 0x2; 255 256 /** 257 * List of flags available for the {@link #requestQuietModeEnabled} method. 258 * @hide 259 */ 260 @Retention(RetentionPolicy.SOURCE) 261 @IntDef(flag = true, prefix = { "QUIET_MODE_" }, value = { 262 QUIET_MODE_DISABLE_ONLY_IF_CREDENTIAL_NOT_REQUIRED, 263 QUIET_MODE_DISABLE_DONT_ASK_CREDENTIAL}) 264 public @interface QuietModeFlag {} 265 266 /** 267 * @hide 268 * No user restriction. 269 */ 270 @SystemApi 271 public static final int RESTRICTION_NOT_SET = 0x0; 272 273 /** 274 * @hide 275 * User restriction set by system/user. 276 */ 277 @SystemApi 278 public static final int RESTRICTION_SOURCE_SYSTEM = 0x1; 279 280 /** 281 * @hide 282 * User restriction set by a device owner. 283 */ 284 @SystemApi 285 public static final int RESTRICTION_SOURCE_DEVICE_OWNER = 0x2; 286 287 /** 288 * @hide 289 * User restriction set by a profile owner. 290 */ 291 @SystemApi 292 public static final int RESTRICTION_SOURCE_PROFILE_OWNER = 0x4; 293 294 /** @removed mistakenly exposed as system-api previously */ 295 @Retention(RetentionPolicy.SOURCE) 296 @IntDef(flag = true, prefix = { "RESTRICTION_" }, value = { 297 RESTRICTION_NOT_SET, 298 RESTRICTION_SOURCE_SYSTEM, 299 RESTRICTION_SOURCE_DEVICE_OWNER, 300 RESTRICTION_SOURCE_PROFILE_OWNER 301 }) 302 public @interface UserRestrictionSource {} 303 304 /** 305 * Specifies if a user is disallowed from adding and removing accounts, unless they are 306 * {@link android.accounts.AccountManager#addAccountExplicitly programmatically} added by 307 * Authenticator. 308 * The default value is <code>false</code>. 309 * 310 * <p>From {@link android.os.Build.VERSION_CODES#N} a profile or device owner app can still 311 * use {@link android.accounts.AccountManager} APIs to add or remove accounts when account 312 * management is disallowed. 313 * 314 * <p>Holders of the permission 315 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_ACCOUNT_MANAGEMENT} 316 * can set this restriction using the DevicePolicyManager APIs mentioned below. 317 * 318 * <p>Key for user restrictions. 319 * <p>Type: Boolean 320 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 321 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 322 * @see #getUserRestrictions() 323 */ 324 public static final String DISALLOW_MODIFY_ACCOUNTS = "no_modify_accounts"; 325 326 /** 327 * Specifies if a user is disallowed from changing Wi-Fi access points via Settings. This 328 * restriction does not affect Wi-Fi tethering settings. 329 * 330 * <p>A device owner and a profile owner can set this restriction, although the restriction has 331 * no effect in a managed profile. When it is set by a device owner, a profile owner on the 332 * primary user or by a profile owner of an organization-owned managed profile on the parent 333 * profile, it disallows the primary user from changing Wi-Fi access points. 334 * 335 * <p>Holders of the permission {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_WIFI} 336 * can set this restriction using the DevicePolicyManager APIs mentioned below. 337 * 338 * <p>The default value is <code>false</code>. 339 * 340 * <p>Key for user restrictions. 341 * <p>Type: Boolean 342 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 343 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 344 * @see #getUserRestrictions() 345 */ 346 public static final String DISALLOW_CONFIG_WIFI = "no_config_wifi"; 347 348 /** 349 * Specifies if a user is disallowed from enabling/disabling Wi-Fi. 350 * 351 * <p>This restriction can only be set by a device owner, 352 * a profile owner of an organization-owned managed profile on the parent profile. 353 * When it is set by any of these owners, it applies globally - i.e., it disables airplane mode 354 * from changing Wi-Fi state. 355 * 356 * <p>Holders of the permission {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_WIFI} 357 * can set this restriction using the DevicePolicyManager APIs mentioned below. 358 * 359 * <p>The default value is <code>false</code>. 360 * 361 * <p>Key for user restrictions. 362 * <p>Type: Boolean 363 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 364 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 365 * @see #getUserRestrictions() 366 */ 367 public static final String DISALLOW_CHANGE_WIFI_STATE = "no_change_wifi_state"; 368 369 /** 370 * Specifies if a user is disallowed from using Wi-Fi tethering. 371 * 372 * <p>This restriction does not limit the user's ability to modify or connect to regular 373 * Wi-Fi networks, which is separately controlled by {@link #DISALLOW_CONFIG_WIFI}. 374 * 375 * <p>This restriction can only be set by a device owner, 376 * a profile owner of an organization-owned managed profile on the parent profile. 377 * When it is set by any of these owners, it prevents all users from using 378 * Wi-Fi tethering. Other forms of tethering are not affected. 379 * 380 * <p>Holders of the permission {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_WIFI} 381 * can set this restriction using the DevicePolicyManager APIs mentioned below. 382 * 383 * This user restriction disables only Wi-Fi tethering. 384 * Use {@link #DISALLOW_CONFIG_TETHERING} to limit all forms of tethering. 385 * When {@link #DISALLOW_CONFIG_TETHERING} is set, this user restriction becomes obsolete. 386 * 387 * <p>The default value is <code>false</code>. 388 * 389 * <p>Key for user restrictions. 390 * <p>Type: Boolean 391 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 392 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 393 * @see #getUserRestrictions() 394 */ 395 public static final String DISALLOW_WIFI_TETHERING = "no_wifi_tethering"; 396 397 /** 398 * Restricts a user's ability to possess or grant admin privileges. 399 * 400 * <p>When set to <code>true</code>, this prevents the user from: 401 * <ul> 402 * <li>Becoming an admin</li> 403 * <li>Giving other users admin privileges</li> 404 * </ul> 405 * 406 * <p>This restriction is only effective in environments where multiple admins are allowed. 407 * 408 * <p>Key for user restrictions. Type: Boolean. Default: <code>false</code>. 409 * 410 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 411 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 412 * @see #getUserRestrictions() 413 */ 414 public static final String DISALLOW_GRANT_ADMIN = "no_grant_admin"; 415 416 /** 417 * Specifies if users are disallowed from sharing Wi-Fi for admin configured networks. 418 * 419 * <p>Device owner and profile owner can set this restriction. 420 * When it is set by any of these owners, it prevents all users from 421 * sharing Wi-Fi for networks configured by these owners. 422 * Other networks not configured by these owners are not affected. 423 * 424 * <p>Holders of the permission {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_WIFI} 425 * can set this restriction using the DevicePolicyManager APIs mentioned below. 426 * 427 * <p>The default value is <code>false</code>. 428 * 429 * <p>Key for user restrictions. 430 * <p>Type: Boolean 431 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 432 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 433 * @see #getUserRestrictions() 434 */ 435 public static final String DISALLOW_SHARING_ADMIN_CONFIGURED_WIFI = 436 "no_sharing_admin_configured_wifi"; 437 438 /** 439 * Specifies if a user is disallowed from using Wi-Fi Direct. 440 * 441 * <p>This restriction can only be set by a device owner, 442 * a profile owner of an organization-owned managed profile on the parent profile. 443 * When it is set by any of these owners, it prevents all users from using 444 * Wi-Fi Direct. 445 * 446 * <p>Holders of the permission {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_WIFI} 447 * can set this restriction using the DevicePolicyManager APIs mentioned below. 448 * 449 * <p>The default value is <code>false</code>. 450 * 451 * <p>Key for user restrictions. 452 * <p>Type: Boolean 453 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 454 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 455 * @see #getUserRestrictions() 456 */ 457 public static final String DISALLOW_WIFI_DIRECT = "no_wifi_direct"; 458 459 /** 460 * Specifies if a user is disallowed from adding a new Wi-Fi configuration. 461 * 462 * <p>This restriction can only be set by a device owner, 463 * a profile owner of an organization-owned managed profile on the parent profile. 464 * When it is set by any of these owners, it prevents all users from adding 465 * a new Wi-Fi configuration. This does not limit the owner and carrier's ability 466 * to add a new configuration. 467 * 468 * <p>Holders of the permission {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_WIFI} 469 * can set this restriction using the DevicePolicyManager APIs mentioned below. 470 * 471 * <p>The default value is <code>false</code>. 472 * 473 * <p>Key for user restrictions. 474 * <p>Type: Boolean 475 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 476 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 477 * @see #getUserRestrictions() 478 */ 479 public static final String DISALLOW_ADD_WIFI_CONFIG = "no_add_wifi_config"; 480 481 /** 482 * Specifies if a user is disallowed from changing the device 483 * language. The default value is <code>false</code>. 484 * 485 * <p>Holders of the permission {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_LOCALE} 486 * can set this restriction using the DevicePolicyManager APIs mentioned below. 487 * 488 * <p>Key for user restrictions. 489 * <p>Type: Boolean 490 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 491 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 492 * @see #getUserRestrictions() 493 */ 494 public static final String DISALLOW_CONFIG_LOCALE = "no_config_locale"; 495 496 /** 497 * Specifies if a user is disallowed from installing applications. This user restriction also 498 * prevents device owners and profile owners installing apps. The default value is 499 * {@code false}. 500 * 501 * <p>Holders of the permission 502 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_APPS_CONTROL} 503 * can set this restriction using the DevicePolicyManager APIs mentioned below. 504 * 505 * <p>Key for user restrictions. 506 * <p>Type: Boolean 507 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 508 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 509 * @see #getUserRestrictions() 510 */ 511 public static final String DISALLOW_INSTALL_APPS = "no_install_apps"; 512 513 /** 514 * Specifies if a user is disallowed from uninstalling applications. 515 * The default value is <code>false</code>. 516 * 517 * <p>Holders of the permission 518 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_APPS_CONTROL} 519 * can set this restriction using the DevicePolicyManager APIs mentioned below. 520 * 521 * <p>Key for user restrictions. 522 * <p>Type: Boolean 523 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 524 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 525 * @see #getUserRestrictions() 526 */ 527 public static final String DISALLOW_UNINSTALL_APPS = "no_uninstall_apps"; 528 529 /** 530 * Specifies if a user is disallowed from turning on location sharing. 531 * 532 * <p>In a managed profile, location sharing by default reflects the primary user's setting, but 533 * can be overridden and forced off by setting this restriction to true in the managed profile. 534 * 535 * <p>A device owner and a profile owner can set this restriction. When it is set by a device 536 * owner, a profile owner on the primary user or by a profile owner of an organization-owned 537 * managed profile on the parent profile, it prevents the primary user from turning on 538 * location sharing. 539 * 540 * <p>Holders of the permission 541 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_LOCATION} 542 * can set this restriction using the DevicePolicyManager APIs mentioned below. 543 * 544 * <p>The default value is <code>false</code>. 545 * 546 * <p>Key for user restrictions. 547 * <p>Type: Boolean 548 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 549 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 550 * @see #getUserRestrictions() 551 */ 552 public static final String DISALLOW_SHARE_LOCATION = "no_share_location"; 553 554 /** 555 * Specifies if airplane mode is disallowed on the device. 556 * 557 * <p>This restriction can only be set by a device owner, a profile owner on the primary 558 * user or a profile owner of an organization-owned managed profile on the parent profile. 559 * When it is set by any of these owners, it applies globally - i.e., it disables airplane mode 560 * on the entire device. 561 * 562 * <p>Holders of the permission 563 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_AIRPLANE_MODE} 564 * can set this restriction using the DevicePolicyManager APIs mentioned below. 565 * 566 * <p>The default value is <code>false</code>. 567 * 568 * <p>Key for user restrictions. 569 * <p>Type: Boolean 570 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 571 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 572 * @see #getUserRestrictions() 573 */ 574 public static final String DISALLOW_AIRPLANE_MODE = "no_airplane_mode"; 575 576 /** 577 * Specifies if a user is disallowed from configuring brightness. When device owner sets it, 578 * it'll only be applied on the target(system) user. 579 * 580 * <p>The default value is <code>false</code>. 581 * 582 * <p>Holders of the permission 583 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_DISPLAY} 584 * can set this restriction using the DevicePolicyManager APIs mentioned below. 585 * 586 * <p>This user restriction has no effect on managed profiles. 587 * <p>Key for user restrictions. 588 * <p>Type: Boolean 589 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 590 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 591 * @see #getUserRestrictions() 592 */ 593 public static final String DISALLOW_CONFIG_BRIGHTNESS = "no_config_brightness"; 594 595 /** 596 * Specifies if ambient display is disallowed for the user. 597 * 598 * <p>The default value is <code>false</code>. 599 * 600 * <p>Holders of the permission 601 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_DISPLAY} 602 * can set this restriction using the DevicePolicyManager APIs mentioned below. 603 * 604 * <p>This user restriction has no effect on managed profiles. 605 * <p>Key for user restrictions. 606 * <p>Type: Boolean 607 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 608 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 609 * @see #getUserRestrictions() 610 */ 611 public static final String DISALLOW_AMBIENT_DISPLAY = "no_ambient_display"; 612 613 /** 614 * Specifies if a user is disallowed from changing screen off timeout. 615 * 616 * <p>The default value is <code>false</code>. 617 * 618 * <p>Holders of the permission 619 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_DISPLAY} 620 * can set this restriction using the DevicePolicyManager APIs mentioned below. 621 * 622 * <p>This user restriction has no effect on managed profiles. 623 * <p>Key for user restrictions. 624 * <p>Type: Boolean 625 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 626 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 627 * @see #getUserRestrictions() 628 */ 629 public static final String DISALLOW_CONFIG_SCREEN_TIMEOUT = "no_config_screen_timeout"; 630 631 /** 632 * Specifies if a user is disallowed from enabling the 633 * "Unknown Sources" setting, that allows installation of apps from unknown sources. 634 * Unknown sources exclude adb and special apps such as trusted app stores. 635 * The default value is <code>false</code>. 636 * 637 * <p>Holders of the permission 638 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_INSTALL_UNKNOWN_SOURCES} 639 * can set this restriction using the DevicePolicyManager APIs mentioned below. 640 * 641 * <p>Key for user restrictions. 642 * <p>Type: Boolean 643 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 644 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 645 * @see #getUserRestrictions() 646 */ 647 public static final String DISALLOW_INSTALL_UNKNOWN_SOURCES = "no_install_unknown_sources"; 648 649 /** 650 * This restriction is a device-wide version of {@link #DISALLOW_INSTALL_UNKNOWN_SOURCES}. 651 * 652 * Specifies if all users on the device are disallowed from enabling the 653 * "Unknown Sources" setting, that allows installation of apps from unknown sources. 654 * 655 * This restriction can be enabled by the profile owner, in which case all accounts and 656 * profiles will be affected. 657 * 658 * <p>Holders of the permission 659 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_INSTALL_UNKNOWN_SOURCES} 660 * can set this restriction using the DevicePolicyManager APIs mentioned below. 661 * 662 * The default value is <code>false</code>. 663 * 664 * <p>Key for user restrictions. 665 * <p>Type: Boolean 666 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 667 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 668 * @see #getUserRestrictions() 669 */ 670 public static final String DISALLOW_INSTALL_UNKNOWN_SOURCES_GLOBALLY = 671 "no_install_unknown_sources_globally"; 672 673 /** 674 * Specifies if a user is disallowed from configuring bluetooth via Settings. This does 675 * <em>not</em> restrict the user from turning bluetooth on or off. 676 * 677 * <p>This restriction doesn't prevent the user from using bluetooth. For disallowing usage of 678 * bluetooth completely on the device, use {@link #DISALLOW_BLUETOOTH}. 679 * 680 * <p>A device owner and a profile owner can set this restriction, although the restriction has 681 * no effect in a managed profile. When it is set by a device owner, a profile owner on the 682 * primary user or by a profile owner of an organization-owned managed profile on the parent 683 * profile, it disallows the primary user from configuring bluetooth. 684 * 685 * <p>Holders of the permission 686 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_BLUETOOTH} 687 * can set this restriction using the DevicePolicyManager APIs mentioned below. 688 * 689 * <p>The default value is <code>false</code>. 690 * 691 * <p>Key for user restrictions. 692 * <p>Type: Boolean 693 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 694 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 695 * @see #getUserRestrictions() 696 */ 697 public static final String DISALLOW_CONFIG_BLUETOOTH = "no_config_bluetooth"; 698 699 /** 700 * Specifies if bluetooth is disallowed on the device. If bluetooth is disallowed on the device, 701 * bluetooth cannot be turned on or configured via Settings. 702 * 703 * <p>This restriction can only be set by a device owner, a profile owner on the primary 704 * user or a profile owner of an organization-owned managed profile on the parent profile. 705 * When it is set by a device owner, it applies globally - i.e., it disables bluetooth on 706 * the entire device and all users will be affected. When it is set by a profile owner on the 707 * primary user or by a profile owner of an organization-owned managed profile on the parent 708 * profile, it disables the primary user from using bluetooth and configuring bluetooth 709 * in Settings. 710 * 711 * <p>Holders of the permission 712 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_BLUETOOTH} 713 * can set this restriction using the DevicePolicyManager APIs mentioned below. 714 * 715 * <p>The default value is <code>false</code>. 716 * 717 * <p>Key for user restrictions. 718 * <p>Type: Boolean 719 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 720 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 721 * @see #getUserRestrictions() 722 */ 723 public static final String DISALLOW_BLUETOOTH = "no_bluetooth"; 724 725 /** 726 * Specifies if outgoing bluetooth sharing is disallowed. 727 * 728 * <p>A device owner and a profile owner can set this restriction. When it is set by a device 729 * owner, it applies globally. When it is set by a profile owner on the primary user or by a 730 * profile owner of an organization-owned managed profile on the parent profile, it disables 731 * the primary user from any outgoing bluetooth sharing. 732 * 733 * <p>Holders of the permission 734 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_BLUETOOTH} 735 * can set this restriction using the DevicePolicyManager APIs mentioned below. 736 * 737 * <p>Default is <code>true</code> for managed and private profiles, false otherwise. 738 * 739 * <p>When a device upgrades to {@link android.os.Build.VERSION_CODES#O}, the system sets it 740 * for all existing managed profiles. 741 * 742 * <p>Key for user restrictions. 743 * <p>Type: Boolean 744 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 745 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 746 * @see #getUserRestrictions() 747 */ 748 public static final String DISALLOW_BLUETOOTH_SHARING = "no_bluetooth_sharing"; 749 750 /** 751 * Specifies if a user is disallowed from transferring files over USB. 752 * 753 * <p>This restriction can only be set by a <a href="https://developers.google.com/android/work/terminology#device_owner_do"> 754 * device owner</a> or a <a href="https://developers.google.com/android/work/terminology#profile_owner_po"> 755 * profile owner</a> on the primary user's profile or a profile owner of an organization-owned 756 * <a href="https://developers.google.com/android/work/terminology#managed_profile"> 757 * managed profile</a> on the parent profile. 758 * When it is set by a device owner, it applies globally. When it is set by a profile owner 759 * on the primary user or by a profile owner of an organization-owned managed profile on 760 * the parent profile, it disables the primary user from transferring files over USB. No other 761 * user on the device is able to use file transfer over USB because the UI for file transfer 762 * is always associated with the primary user. 763 * 764 * <p>Holders of the permission 765 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_USB_FILE_TRANSFER} 766 * can set this restriction using the DevicePolicyManager APIs mentioned below. 767 * 768 * <p>The default value is <code>false</code>. 769 * 770 * <p>Key for user restrictions. 771 * <p>Type: Boolean 772 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 773 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 774 * @see #getUserRestrictions() 775 */ 776 public static final String DISALLOW_USB_FILE_TRANSFER = "no_usb_file_transfer"; 777 778 /** 779 * Specifies if a user is disallowed from configuring user 780 * credentials. The default value is <code>false</code>. 781 * 782 * <p>Holders of the permission 783 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_LOCK_CREDENTIALS} 784 * can set this restriction using the DevicePolicyManager APIs mentioned below. 785 * 786 * <p>Key for user restrictions. 787 * <p>Type: Boolean 788 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 789 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 790 * @see #getUserRestrictions() 791 */ 792 public static final String DISALLOW_CONFIG_CREDENTIALS = "no_config_credentials"; 793 794 /** 795 * When set on the admin user this specifies if the user can remove secondary users. Managed 796 * profiles and private profiles can still be removed even if this is set on the admin user. 797 * When set on a non-admin secondary user, this specifies if the user can remove itself. 798 * This restriction has no effect when set on managed profiles. 799 * The default value is <code>false</code>. 800 * 801 * <p>Holders of the permission 802 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_MODIFY_USERS} 803 * can set this restriction using the DevicePolicyManager APIs mentioned below. 804 * 805 * <p>Key for user restrictions. 806 * <p>Type: Boolean 807 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 808 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 809 * @see #getUserRestrictions() 810 */ 811 public static final String DISALLOW_REMOVE_USER = "no_remove_user"; 812 813 /** 814 * Specifies if managed profiles of this user can be removed, other than by its profile owner. 815 * The default value is <code>false</code>. 816 * <p> 817 * This restriction has no effect on managed profiles, and this restriction does not block the 818 * removal of private profiles of this user. 819 * 820 * <p>Key for user restrictions. 821 * <p>Type: Boolean 822 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 823 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 824 * @see #getUserRestrictions() 825 * @deprecated As the ability to have a managed profile on a fully-managed device has been 826 * removed from the platform, this restriction will be silently ignored when applied by the 827 * device owner. 828 * When the device is provisioned with a managed profile on an organization-owned device, 829 * the managed profile could not be removed anyway. 830 */ 831 @Deprecated 832 public static final String DISALLOW_REMOVE_MANAGED_PROFILE = "no_remove_managed_profile"; 833 834 /** 835 * Specifies if a user is disallowed from enabling or accessing debugging features. 836 * 837 * <p>A device owner and a profile owner can set this restriction. When it is set by a device 838 * owner, a profile owner on the primary user or by a profile owner of an organization-owned 839 * managed profile on the parent profile, it disables debugging features altogether, including 840 * USB debugging. When set on a managed profile or a secondary user, it blocks debugging for 841 * that user only, including starting activities, making service calls, accessing content 842 * providers, sending broadcasts, installing/uninstalling packages, clearing user data, etc. 843 * 844 * <p>Holders of the permission 845 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_DEBUGGING_FEATURES} 846 * can set this restriction using the DevicePolicyManager APIs mentioned below. 847 * 848 * <p>The default value is <code>false</code>. 849 * 850 * <p>Key for user restrictions. 851 * <p>Type: Boolean 852 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 853 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 854 * @see #getUserRestrictions() 855 */ 856 public static final String DISALLOW_DEBUGGING_FEATURES = "no_debugging_features"; 857 858 /** 859 * Specifies if a user is disallowed from configuring a VPN. The default value is 860 * <code>false</code>. This restriction has an effect when set by device owners and, in Android 861 * 6.0 ({@linkplain android.os.Build.VERSION_CODES#M API level 23}) or higher, profile owners. 862 * <p>This restriction also prevents VPNs from starting. However, in Android 7.0 863 * ({@linkplain android.os.Build.VERSION_CODES#N API level 24}) or higher, the system does 864 * start always-on VPNs created by the device or profile owner. 865 * <p>From Android 12 ({@linkplain android.os.Build.VERSION_CODES#S API level 31}) enforcing 866 * this restriction clears currently active VPN if it was configured by the user. 867 * 868 * <p>Holders of the permission 869 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_VPN} 870 * can set this restriction using the DevicePolicyManager APIs mentioned below. 871 * 872 * <p>Key for user restrictions. 873 * <p>Type: Boolean 874 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 875 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 876 * @see #getUserRestrictions() 877 */ 878 public static final String DISALLOW_CONFIG_VPN = "no_config_vpn"; 879 880 /** 881 * Specifies if a user is disallowed from enabling or disabling location providers. As a 882 * result, user is disallowed from turning on or off location via Settings. 883 * 884 * <p>A device owner and a profile owner can set this restriction. When it is set by a device 885 * owner, a profile owner on the primary user or by a profile owner of an organization-owned 886 * managed profile on the parent profile, it disallows the primary user from turning location 887 * on or off. 888 * 889 * <p>Holders of the permission 890 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_LOCATION} 891 * can set this restriction using the DevicePolicyManager APIs mentioned below. 892 * 893 * <p>The default value is <code>false</code>. 894 * 895 * <p>This user restriction is different from {@link #DISALLOW_SHARE_LOCATION}, 896 * as a device owner or a profile owner can still enable or disable location mode via 897 * {@link DevicePolicyManager#setLocationEnabled} when this restriction is on. 898 * 899 * <p>Key for user restrictions. 900 * <p>Type: Boolean 901 * @see LocationManager#isLocationEnabled() 902 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 903 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 904 * @see #getUserRestrictions() 905 */ 906 public static final String DISALLOW_CONFIG_LOCATION = "no_config_location"; 907 908 /** 909 * Specifies configuring date, time and timezone is disallowed via Settings. 910 * 911 * <p>A device owner and a profile owner can set this restriction, although the restriction has 912 * no effect in a managed profile. When it is set by a device owner or by a profile owner of an 913 * organization-owned managed profile on the parent profile, it applies globally - i.e., 914 * it disables date, time and timezone setting on the entire device and all users are affected. 915 * When it is set by a profile owner on the primary user, it disables the primary user 916 * from configuring date, time and timezone and disables all configuring of date, time and 917 * timezone in Settings. 918 * 919 * <p>Holders of the permission 920 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_TIME} 921 * can set this restriction using the DevicePolicyManager APIs mentioned below. 922 * 923 * <p>The default value is <code>false</code>. 924 * 925 * <p>Key for user restrictions. 926 * <p>Type: Boolean 927 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 928 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 929 * @see #getUserRestrictions() 930 */ 931 public static final String DISALLOW_CONFIG_DATE_TIME = "no_config_date_time"; 932 933 /** 934 * Specifies if a user is disallowed from using and configuring Tethering and portable hotspots 935 * via Settings. 936 * 937 * <p>This restriction can only be set by a device owner, a profile owner on the primary 938 * user or a profile owner of an organization-owned managed profile on the parent profile. 939 * When it is set by a device owner, it applies globally. When it is set by a profile owner 940 * on the primary user or by a profile owner of an organization-owned managed profile on 941 * the parent profile, it disables the primary user from using Tethering and hotspots and 942 * disables all configuring of Tethering and hotspots in Settings. 943 * 944 * <p>Holders of the permission 945 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_MOBILE_NETWORK} 946 * can set this restriction using the DevicePolicyManager APIs mentioned below. 947 * 948 * <p>The default value is <code>false</code>. 949 * 950 * <p>In Android 9.0 or higher, if tethering is enabled when this restriction is set, 951 * tethering will be automatically turned off. 952 * 953 * <p>Key for user restrictions. 954 * <p>Type: Boolean 955 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 956 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 957 * @see #getUserRestrictions() 958 */ 959 public static final String DISALLOW_CONFIG_TETHERING = "no_config_tethering"; 960 961 /** 962 * Specifies if a user is disallowed from resetting network settings 963 * from Settings. This can only be set by device owners and profile owners on the main user. 964 * The default value is <code>false</code>. 965 * <p>This restriction has no effect on non-Admin users since they cannot reset the network 966 * settings of the device. 967 * 968 * <p>Holders of the permission 969 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_MOBILE_NETWORK} 970 * can set this restriction using the DevicePolicyManager APIs mentioned below. 971 * 972 * <p>Key for user restrictions. 973 * <p>Type: Boolean 974 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 975 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 976 * @see #getUserRestrictions() 977 */ 978 public static final String DISALLOW_NETWORK_RESET = "no_network_reset"; 979 980 /** 981 * Specifies if a user is disallowed from factory resetting from Settings. 982 * This can only be set by device owners and profile owners on an admin user. 983 * The default value is <code>false</code>. 984 * <p>This restriction has no effect on non-admin users since they cannot factory reset the 985 * device. 986 * 987 * <p>Holders of the permission 988 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_FACTORY_RESET} 989 * can set this restriction using the DevicePolicyManager APIs mentioned below. 990 * 991 * <p>Key for user restrictions. 992 * <p>Type: Boolean 993 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 994 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 995 * @see #getUserRestrictions() 996 */ 997 public static final String DISALLOW_FACTORY_RESET = "no_factory_reset"; 998 999 /** 1000 * Specifies if a user is disallowed from adding new users. This can only be set by device 1001 * owners or profile owners on the main user. The default value is <code>false</code>. 1002 * <p> When the device is an organization-owned device, this restriction will be set as 1003 * a base restriction which cannot be removed by any admin. 1004 * 1005 * <p>Holders of the permission 1006 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_MODIFY_USERS} 1007 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1008 * 1009 * <p>Key for user restrictions. 1010 * <p>Type: Boolean 1011 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1012 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1013 * @see #getUserRestrictions() 1014 */ 1015 public static final String DISALLOW_ADD_USER = "no_add_user"; 1016 1017 /** 1018 * Specifies if a user is disallowed from adding managed profiles. 1019 * <p>The default value for an unmanaged user is <code>false</code>. 1020 * For users with a device owner set, the default is <code>true</code>. 1021 * <p>This restriction has no effect on managed profiles. 1022 * 1023 * <p>Key for user restrictions. 1024 * <p>Type: Boolean 1025 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1026 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1027 * @see #getUserRestrictions() 1028 * @deprecated As the ability to have a managed profile on a fully-managed device has been 1029 * removed from the platform, this restriction will be silently ignored when applied by the 1030 * device owner. 1031 */ 1032 @Deprecated 1033 public static final String DISALLOW_ADD_MANAGED_PROFILE = "no_add_managed_profile"; 1034 1035 /** 1036 * Specifies if a user is disallowed from creating clone profile. 1037 * <p>The default value for an unmanaged user is <code>false</code>. 1038 * For users with a device owner set, the default is <code>true</code>. 1039 * 1040 * <p>Holders of the permission 1041 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_PROFILES} 1042 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1043 * 1044 * <p>Key for user restrictions. 1045 * <p>Type: Boolean 1046 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1047 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1048 * @see #getUserRestrictions() 1049 * @hide 1050 */ 1051 public static final String DISALLOW_ADD_CLONE_PROFILE = "no_add_clone_profile"; 1052 1053 /** 1054 * Specifies if a user is disallowed from creating a private profile. 1055 * <p>The default value for an unmanaged user is <code>false</code>. 1056 * For users with a device owner set, the default value is <code>true</code> and the 1057 * device owner currently cannot change it to <code>false</code>. 1058 * On organization-owned managed profile devices, the default value is <code>false</code> but 1059 * the profile owner can change it to <code>true</code> via the parent profile to block creating 1060 * of private profiles on the personal user. 1061 * 1062 * <p>Holders of the permission 1063 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_PROFILES} 1064 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1065 * 1066 * <p>Key for user restrictions. 1067 * <p>Type: Boolean 1068 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1069 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1070 * @see DevicePolicyManager#getParentProfileInstance(ComponentName) 1071 * @see #getUserRestrictions() 1072 */ 1073 @FlaggedApi(android.os.Flags.FLAG_ALLOW_PRIVATE_PROFILE) 1074 public static final String DISALLOW_ADD_PRIVATE_PROFILE = "no_add_private_profile"; 1075 1076 /** 1077 * Specifies if a user is disallowed from disabling application verification. The default 1078 * value is <code>false</code>. 1079 * 1080 * <p>In Android 8.0 ({@linkplain android.os.Build.VERSION_CODES#O API level 26}) and higher, 1081 * this is a global user restriction. If a device owner or profile owner sets this restriction, 1082 * the system enforces app verification across all users on the device. Running in earlier 1083 * Android versions, this restriction affects only the profile that sets it. 1084 * 1085 * <p>Holders of the permission 1086 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_INSTALL_UNKNOWN_SOURCES} 1087 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1088 * 1089 * <p>Key for user restrictions. 1090 * <p>Type: Boolean 1091 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1092 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1093 * @see #getUserRestrictions() 1094 */ 1095 public static final String ENSURE_VERIFY_APPS = "ensure_verify_apps"; 1096 1097 /** 1098 * Specifies if a user is disallowed from configuring cell broadcasts. 1099 * 1100 * <p>This restriction can only be set by a device owner, a profile owner on the main 1101 * user or a profile owner of an organization-owned managed profile on the parent profile. 1102 * When it is set by a device owner, it applies globally. When it is set by a profile owner 1103 * on the main user or by a profile owner of an organization-owned managed profile on 1104 * the parent profile, it disables the user from configuring cell broadcasts. 1105 * 1106 * <p>Holders of the permission 1107 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_MOBILE_NETWORK} 1108 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1109 * 1110 * <p>The default value is <code>false</code>. 1111 * 1112 * <p>This restriction has no effect on non-Admin users since they cannot configure cell 1113 * broadcasts. 1114 * 1115 * <p>Key for user restrictions. 1116 * <p>Type: Boolean 1117 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1118 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1119 * @see #getUserRestrictions() 1120 */ 1121 public static final String DISALLOW_CONFIG_CELL_BROADCASTS = "no_config_cell_broadcasts"; 1122 1123 /** 1124 * Specifies if a user is disallowed from configuring mobile networks. 1125 * 1126 * <p>This restriction can only be set by a device owner, a profile owner on the main 1127 * user or a profile owner of an organization-owned managed profile on the parent profile. 1128 * When it is set by a device owner, it applies globally. When it is set by a profile owner 1129 * on the main user or by a profile owner of an organization-owned managed profile on 1130 * the parent profile, it disables the user from configuring mobile networks. 1131 * 1132 * <p>Holders of the permission 1133 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_MOBILE_NETWORK} 1134 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1135 * 1136 * <p>The default value is <code>false</code>. 1137 * 1138 * <p>This restriction has no effect on non-Admin users since they cannot configure mobile 1139 * networks. 1140 * 1141 * <p>Key for user restrictions. 1142 * <p>Type: Boolean 1143 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1144 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1145 * @see #getUserRestrictions() 1146 */ 1147 public static final String DISALLOW_CONFIG_MOBILE_NETWORKS = "no_config_mobile_networks"; 1148 1149 /** 1150 * Specifies if a user is disallowed from modifying 1151 * applications in Settings or launchers. The following actions will not be allowed when this 1152 * restriction is enabled: 1153 * <li>uninstalling apps</li> 1154 * <li>disabling apps</li> 1155 * <li>clearing app caches</li> 1156 * <li>clearing app data</li> 1157 * <li>force stopping apps</li> 1158 * <li>clearing app defaults</li> 1159 * <p> 1160 * The default value is <code>false</code>. 1161 * 1162 * <p><strong>Note:</strong> The user will still be able to perform those actions via other 1163 * means (such as adb). Third party apps will also be able to uninstall apps via the 1164 * {@link android.content.pm.PackageInstaller}. {@link #DISALLOW_UNINSTALL_APPS} or 1165 * {@link DevicePolicyManager#setUninstallBlocked(ComponentName, String, boolean)} should be 1166 * used to prevent the user from uninstalling apps completely, and 1167 * {@link DevicePolicyManager#addPersistentPreferredActivity(ComponentName, IntentFilter, ComponentName)} 1168 * to add a default intent handler for a given intent filter. 1169 * 1170 * <p>Holders of the permission 1171 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_APPS_CONTROL} 1172 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1173 * 1174 * <p>Key for user restrictions. 1175 * <p>Type: Boolean 1176 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1177 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1178 * @see #getUserRestrictions() 1179 */ 1180 public static final String DISALLOW_APPS_CONTROL = "no_control_apps"; 1181 1182 /** 1183 * Specifies if a user is disallowed from mounting physical external media. 1184 * 1185 * <p>This restriction can only be set by a device owner, a profile owner on the primary 1186 * user or a profile owner of an organization-owned managed profile on the parent profile. 1187 * When it is set by a device owner, it applies globally. When it is set by a profile owner 1188 * on the primary user or by a profile owner of an organization-owned managed profile on 1189 * the parent profile, it disables the primary user from mounting physical external media. 1190 * 1191 * <p>Holders of the permission 1192 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_PHYSICAL_MEDIA} 1193 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1194 * 1195 * <p>The default value is <code>false</code>. 1196 * 1197 * <p>Key for user restrictions. 1198 * <p>Type: Boolean 1199 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1200 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1201 * @see #getUserRestrictions() 1202 */ 1203 public static final String DISALLOW_MOUNT_PHYSICAL_MEDIA = "no_physical_media"; 1204 1205 /** 1206 * Specifies if a user is disallowed from adjusting microphone volume. If set, the microphone 1207 * will be muted. 1208 * 1209 * <p>A device owner and a profile owner can set this restriction, although the restriction has 1210 * no effect in a managed profile. When it is set by a device owner, it applies globally. When 1211 * it is set by a profile owner on the primary user or by a profile owner of an 1212 * organization-owned managed profile on the parent profile, it will disallow the primary user 1213 * from adjusting the microphone volume. 1214 * 1215 * <p>Holders of the permission 1216 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_MICROPHONE} 1217 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1218 * 1219 * <p>The default value is <code>false</code>. 1220 * 1221 * <p>Key for user restrictions. 1222 * <p>Type: Boolean 1223 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1224 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1225 * @see #getUserRestrictions() 1226 */ 1227 public static final String DISALLOW_UNMUTE_MICROPHONE = "no_unmute_microphone"; 1228 1229 /** 1230 * Specifies if a user is disallowed from adjusting the global volume. If set, the global volume 1231 * will be muted. This can be set by device owners from API 21 and profile owners from API 24. 1232 * The default value is <code>false</code>. 1233 * 1234 * <p>When the restriction is set by profile owners, then it only applies to relevant 1235 * profiles. 1236 * 1237 * <p>Holders of the permission 1238 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_AUDIO_OUTPUT} 1239 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1240 * 1241 * <p>This restriction has no effect on managed profiles. 1242 * <p>Key for user restrictions. 1243 * <p>Type: Boolean 1244 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1245 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1246 * @see #getUserRestrictions() 1247 */ 1248 public static final String DISALLOW_ADJUST_VOLUME = "no_adjust_volume"; 1249 1250 /** 1251 * Specifies that the user is not allowed to make outgoing phone calls. Emergency calls are 1252 * still permitted. 1253 * 1254 * <p>A device owner and a profile owner can set this restriction, although the restriction has 1255 * no effect in a managed profile. When it is set by a device owner, a profile owner on the 1256 * primary user or by a profile owner of an organization-owned managed profile on the parent 1257 * profile, it disallows the primary user from making outgoing phone calls. 1258 * 1259 * <p>Holders of the permission 1260 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_CALLS} 1261 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1262 * 1263 * <p>The default value is <code>false</code>. 1264 * 1265 * <p>Key for user restrictions. 1266 * <p>Type: Boolean 1267 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1268 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1269 * @see #getUserRestrictions() 1270 */ 1271 public static final String DISALLOW_OUTGOING_CALLS = "no_outgoing_calls"; 1272 1273 /** 1274 * Specifies that the user is not allowed to send or receive SMS messages. 1275 * 1276 * <p>This restriction can only be set by a device owner, a profile owner on the primary 1277 * user or a profile owner of an organization-owned managed profile on the parent profile. 1278 * When it is set by a device owner, it applies globally. When it is set by a profile owner 1279 * on the primary user or by a profile owner of an organization-owned managed profile on 1280 * the parent profile, it disables the primary user from sending or receiving SMS messages. 1281 * 1282 * <p>Holders of the permission 1283 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_SMS} 1284 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1285 * 1286 * <p>The default value is <code>false</code>. 1287 * 1288 * <p>Key for user restrictions. 1289 * <p>Type: Boolean 1290 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1291 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1292 * @see #getUserRestrictions() 1293 */ 1294 public static final String DISALLOW_SMS = "no_sms"; 1295 1296 /** 1297 * Specifies if the user is not allowed to have fun. In some cases, the 1298 * device owner may wish to prevent the user from experiencing amusement or 1299 * joy while using the device. The default value is <code>false</code>. 1300 * 1301 * <p>Holders of the permission 1302 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_FUN} 1303 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1304 * 1305 * <p>Key for user restrictions. 1306 * <p>Type: Boolean 1307 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1308 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1309 * @see #getUserRestrictions() 1310 */ 1311 public static final String DISALLOW_FUN = "no_fun"; 1312 1313 /** 1314 * Specifies that windows besides app windows should not be 1315 * created. This will block the creation of the following types of windows. 1316 * <li>{@link LayoutParams#TYPE_TOAST}</li> 1317 * <li>{@link LayoutParams#TYPE_APPLICATION_OVERLAY}</li> 1318 * 1319 * <p>This can only be set by device owners and profile owners on the primary user. 1320 * The default value is <code>false</code>. 1321 * 1322 * <p>Holders of the permission 1323 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_WINDOWS} 1324 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1325 * 1326 * <p>Key for user restrictions. 1327 * <p>Type: Boolean 1328 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1329 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1330 * @see #getUserRestrictions() 1331 */ 1332 public static final String DISALLOW_CREATE_WINDOWS = "no_create_windows"; 1333 1334 /** 1335 * Specifies that system error dialogs for crashed or unresponsive apps should not be shown. 1336 * In this case, the system will force-stop the app as if the user chooses the "close app" 1337 * option on the UI. A feedback report isn't collected as there is no way for the user to 1338 * provide explicit consent. The default value is <code>false</code>. 1339 * 1340 * <p>When this user restriction is set by device owners, it's applied to all users. When set by 1341 * the profile owner of the primary user or a secondary user, the restriction affects only the 1342 * calling user. This user restriction has no effect on managed profiles. 1343 * 1344 * <p>Holders of the permission 1345 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_SYSTEM_DIALOGS} 1346 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1347 * 1348 * <p>Key for user restrictions. 1349 * <p>Type: Boolean 1350 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1351 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1352 * @see #getUserRestrictions() 1353 */ 1354 public static final String DISALLOW_SYSTEM_ERROR_DIALOGS = "no_system_error_dialogs"; 1355 1356 /** 1357 * Specifies if the clipboard contents can be exported by pasting the data into other users or 1358 * profiles. This restriction doesn't prevent import, such as someone pasting clipboard data 1359 * from other profiles or users. The default value is {@code false}. 1360 * 1361 * <p><strong>Note</strong>: Because it's possible to extract data from screenshots using 1362 * optical character recognition (OCR), we strongly recommend combining this user restriction 1363 * with {@link DevicePolicyManager#setScreenCaptureDisabled(ComponentName, boolean)}. 1364 * 1365 * <p>Holders of the permission 1366 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_PROFILE_INTERACTION} 1367 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1368 * 1369 * <p>Key for user restrictions. 1370 * <p>Type: Boolean 1371 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1372 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1373 * @see #getUserRestrictions() 1374 */ 1375 public static final String DISALLOW_CROSS_PROFILE_COPY_PASTE = "no_cross_profile_copy_paste"; 1376 1377 /** 1378 * Specifies if the user is not allowed to use NFC to beam out data from apps. 1379 * The default value is <code>false</code>. 1380 * 1381 * <p>Holders of the permission 1382 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_NEARBY_COMMUNICATION} 1383 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1384 * 1385 * <p>Key for user restrictions. 1386 * <p>Type: Boolean 1387 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1388 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1389 * @see #getUserRestrictions() 1390 */ 1391 public static final String DISALLOW_OUTGOING_BEAM = "no_outgoing_beam"; 1392 1393 /** 1394 * Hidden user restriction to disallow access to wallpaper manager APIs. This restriction 1395 * generally means that wallpapers are not supported for the particular user. This user 1396 * restriction is always set for managed profiles, because such profiles don't have wallpapers. 1397 * @hide 1398 * @see #DISALLOW_SET_WALLPAPER 1399 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1400 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1401 * @see #getUserRestrictions() 1402 */ 1403 public static final String DISALLOW_WALLPAPER = "no_wallpaper"; 1404 1405 /** 1406 * User restriction to disallow setting a wallpaper. Profile owner and device owner 1407 * are able to set wallpaper regardless of this restriction. 1408 * The default value is <code>false</code>. 1409 * 1410 * <p>Holders of the permission 1411 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_WALLPAPER} 1412 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1413 * 1414 * <p>Key for user restrictions. 1415 * <p>Type: Boolean 1416 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1417 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1418 * @see #getUserRestrictions() 1419 */ 1420 public static final String DISALLOW_SET_WALLPAPER = "no_set_wallpaper"; 1421 1422 /** 1423 * Specifies if the user is not allowed to reboot the device into safe boot mode. 1424 * 1425 * <p>This restriction can only be set by a device owner, a profile owner on the primary 1426 * user or a profile owner of an organization-owned managed profile on the parent profile. 1427 * When it is set by a device owner, it applies globally. When it is set by a profile owner 1428 * on the primary user or by a profile owner of an organization-owned managed profile on 1429 * the parent profile, it disables the primary user from rebooting the device into safe 1430 * boot mode. 1431 * 1432 * <p>Holders of the permission 1433 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_SAFE_BOOT} 1434 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1435 * 1436 * <p>The default value is <code>false</code>. 1437 * 1438 * <p>Key for user restrictions. 1439 * <p>Type: Boolean 1440 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1441 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1442 * @see #getUserRestrictions() 1443 */ 1444 public static final String DISALLOW_SAFE_BOOT = "no_safe_boot"; 1445 1446 /** 1447 * Specifies if a user is not allowed to record audio. This restriction is always enabled for 1448 * background users. The default value is <code>false</code>. 1449 * 1450 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1451 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1452 * @see #getUserRestrictions() 1453 * @hide 1454 */ 1455 @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553) 1456 public static final String DISALLOW_RECORD_AUDIO = "no_record_audio"; 1457 1458 /** 1459 * Specifies if a user is not allowed to run in the background and should be stopped and locked 1460 * during user switch. The default value is <code>false</code>. 1461 * 1462 * <p>This restriction can be set by device owners and profile owners. 1463 * 1464 * <p>Holders of the permission 1465 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_RUN_IN_BACKGROUND} 1466 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1467 * 1468 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1469 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1470 * @see #getUserRestrictions() 1471 * @hide 1472 */ 1473 @SystemApi 1474 public static final String DISALLOW_RUN_IN_BACKGROUND = "no_run_in_background"; 1475 1476 /** 1477 * Specifies if a user is not allowed to use the camera. 1478 * 1479 * <p>A device owner and a profile owner can set this restriction. When it is set by a 1480 * device owner, it applies globally - i.e., it disables the use of camera on the entire device 1481 * and all users are affected. When it is set by a profile owner on the primary user or by a 1482 * profile owner of an organization-owned managed profile on the parent profile, it disables 1483 * the primary user from using camera. 1484 * 1485 * <p>Holders of the permission 1486 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_CAMERA} 1487 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1488 * 1489 * <p>The default value is <code>false</code>. 1490 * 1491 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1492 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1493 * @see #getUserRestrictions() 1494 * @hide 1495 */ 1496 public static final String DISALLOW_CAMERA = "no_camera"; 1497 1498 /** 1499 * Specifies if a user is not allowed to unmute the device's global volume. 1500 * 1501 * <p>Holders of the permission 1502 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_AUDIO_OUTPUT} 1503 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1504 * 1505 * @see DevicePolicyManager#setMasterVolumeMuted(ComponentName, boolean) 1506 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1507 * @see #getUserRestrictions() 1508 * @hide 1509 */ 1510 public static final String DISALLOW_UNMUTE_DEVICE = "disallow_unmute_device"; 1511 1512 /** 1513 * Specifies if a user is not allowed to use cellular data when roaming. 1514 * 1515 * <p>This restriction can only be set by a device owner, a profile owner on the primary 1516 * user or a profile owner of an organization-owned managed profile on the parent profile. 1517 * When it is set by a device owner, it applies globally. When it is set by a profile owner 1518 * on the primary user or by a profile owner of an organization-owned managed profile on 1519 * the parent profile, it disables the primary user from using cellular data when roaming. 1520 * 1521 * <p>Holders of the permission 1522 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_MOBILE_NETWORK} 1523 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1524 * 1525 * <p>The default value is <code>false</code>. 1526 * 1527 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1528 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1529 * @see #getUserRestrictions() 1530 */ 1531 public static final String DISALLOW_DATA_ROAMING = "no_data_roaming"; 1532 1533 /** 1534 * Specifies if a user is not allowed to change their icon. Device owner and profile owner 1535 * can set this restriction. When it is set by device owner, only the target user will be 1536 * affected. The default value is <code>false</code>. 1537 * 1538 * <p>Holders of the permission 1539 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_MODIFY_USERS} 1540 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1541 * 1542 * <p>Key for user restrictions. 1543 * <p>Type: Boolean 1544 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1545 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1546 * @see #getUserRestrictions() 1547 */ 1548 public static final String DISALLOW_SET_USER_ICON = "no_set_user_icon"; 1549 1550 /** 1551 * Specifies if a user is not allowed to enable the oem unlock setting. The default value is 1552 * <code>false</code>. Setting this restriction has no effect if the bootloader is already 1553 * unlocked. 1554 * 1555 * <p>Not for use by third-party applications. 1556 * 1557 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1558 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1559 * @see #getUserRestrictions() 1560 * @deprecated use {@link OemLockManager#setOemUnlockAllowedByCarrier(boolean, byte[])} instead. 1561 * @hide 1562 */ 1563 @Deprecated 1564 @SystemApi 1565 public static final String DISALLOW_OEM_UNLOCK = "no_oem_unlock"; 1566 1567 /** 1568 * Specifies that the managed profile is not allowed to have unified lock screen challenge with 1569 * the primary user. 1570 * 1571 * <p>To ensure that there is a separate work profile password, IT admins 1572 * have to: 1573 * <ol> 1574 * <li>Enforce {@link UserManager#DISALLOW_UNIFIED_PASSWORD}</li> 1575 * <li>Verify that {@link DevicePolicyManager#isUsingUnifiedPassword(ComponentName)} 1576 * returns true. This indicates that there is now a separate work 1577 * profile password configured and the set up is completed.</li> 1578 * <li>In case {@link DevicePolicyManager#isUsingUnifiedPassword(ComponentName)} 1579 * returns false, invoke {@link DevicePolicyManager#ACTION_SET_NEW_PASSWORD} 1580 * intent and then verify again 1581 * {@link DevicePolicyManager#isUsingUnifiedPassword(ComponentName)}.</li> 1582 * </ol> 1583 * </p> 1584 * 1585 * <p>Can be set by profile owners. It only has effect on managed profiles when set by managed 1586 * profile owner. Has no effect on non-managed profiles or users. 1587 * 1588 * <p>Holders of the permission 1589 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_LOCK_CREDENTIALS} 1590 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1591 * 1592 * <p>Key for user restrictions. 1593 * <p>Type: Boolean 1594 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1595 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1596 * @see #getUserRestrictions() 1597 */ 1598 public static final String DISALLOW_UNIFIED_PASSWORD = "no_unified_password"; 1599 1600 /** 1601 * Allows apps in the parent profile to handle web links from the managed profile. 1602 * 1603 * This user restriction has an effect only in a managed profile. 1604 * If set: 1605 * Intent filters of activities in the parent profile with action 1606 * {@link android.content.Intent#ACTION_VIEW}, 1607 * category {@link android.content.Intent#CATEGORY_BROWSABLE}, scheme http or https, and which 1608 * define a host can handle intents from the managed profile. 1609 * 1610 * <p>Holders of the permission 1611 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_PROFILES} 1612 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1613 * 1614 * <p>The default value is <code>false</code>. 1615 * 1616 * <p>Key for user restrictions. 1617 * <p>Type: Boolean 1618 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1619 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1620 * @see #getUserRestrictions() 1621 */ 1622 public static final String ALLOW_PARENT_PROFILE_APP_LINKING 1623 = "allow_parent_profile_app_linking"; 1624 1625 /** 1626 * Specifies if a user is not allowed to use Autofill Services. 1627 * 1628 * <p>Device owner and profile owner can set this restriction. When it is set by device owner, 1629 * only the target user will be affected. 1630 * 1631 * <p>Holders of the permission 1632 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_AUTOFILL} 1633 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1634 * 1635 * <p>The default value is <code>false</code>. 1636 * 1637 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1638 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1639 * @see #getUserRestrictions() 1640 */ 1641 public static final String DISALLOW_AUTOFILL = "no_autofill"; 1642 1643 /** 1644 * Specifies if the contents of a user's screen is not allowed to be captured for artificial 1645 * intelligence purposes. 1646 * 1647 * <p>A device owner and a profile owner can set this restriction. When it is set by a device 1648 * owner, a profile owner on the primary user or by a profile owner of an organization-owned 1649 * managed profile on the parent profile, it disables the primary user's screen from being 1650 * captured for artificial intelligence purposes. 1651 * 1652 * <p>Holders of the permission 1653 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_SCREEN_CONTENT} 1654 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1655 * 1656 * <p>The default value is <code>false</code>. 1657 * 1658 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1659 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1660 * @see #getUserRestrictions() 1661 */ 1662 public static final String DISALLOW_CONTENT_CAPTURE = "no_content_capture"; 1663 1664 /** 1665 * Specifies if the current user is able to receive content suggestions for selections based on 1666 * the contents of their screen. 1667 * 1668 * <p>A device owner and a profile owner can set this restriction. When it is set by a device 1669 * owner, a profile owner on the primary user or by a profile owner of an organization-owned 1670 * managed profile on the parent profile, it disables the primary user from receiving content 1671 * suggestions for selections based on the contents of their screen. 1672 * 1673 * <p>Holders of the permission 1674 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_SCREEN_CONTENT} 1675 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1676 * 1677 * <p>The default value is <code>false</code>. 1678 * 1679 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1680 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1681 * @see #getUserRestrictions() 1682 */ 1683 public static final String DISALLOW_CONTENT_SUGGESTIONS = "no_content_suggestions"; 1684 1685 /** 1686 * Specifies if user switching is blocked on the current user. 1687 * 1688 * <p> This restriction can only be set by the device owner, it will be applied to all users. 1689 * Device owner can still switch user via 1690 * {@link DevicePolicyManager#switchUser(ComponentName, UserHandle)} when this restriction is 1691 * set. 1692 * 1693 * <p>Holders of the permission 1694 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_MODIFY_USERS} 1695 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1696 * 1697 * <p>The default value is <code>false</code>. 1698 * 1699 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1700 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1701 * @see #getUserRestrictions() 1702 */ 1703 public static final String DISALLOW_USER_SWITCH = "no_user_switch"; 1704 1705 /** 1706 * Specifies whether the user can share file / picture / data from the primary user into the 1707 * managed profile, either by sending them from the primary side, or by picking up data within 1708 * an app in the managed profile. 1709 * <p> 1710 * When a managed profile is created, the system allows the user to send data from the primary 1711 * side to the profile by setting up certain default cross profile intent filters. If 1712 * this is undesired, this restriction can be set to disallow it. Note that this restriction 1713 * will not block any sharing allowed by explicit 1714 * {@link DevicePolicyManager#addCrossProfileIntentFilter} calls by the profile owner. 1715 * <p> 1716 * This restriction is only meaningful when set by profile owner. When it is set by device 1717 * owner, it does not have any effect. 1718 * <p> 1719 * 1720 * <p>Holders of the permission 1721 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_PROFILE_INTERACTION} 1722 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1723 * 1724 * <p>The default value is <code>false</code>. 1725 * 1726 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1727 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1728 * @see #getUserRestrictions() 1729 */ 1730 public static final String DISALLOW_SHARE_INTO_MANAGED_PROFILE = "no_sharing_into_profile"; 1731 1732 /** 1733 * Specifies whether the user is allowed to print. 1734 * 1735 * This restriction can be set by device or profile owner. 1736 * 1737 * <p>Holders of the permission 1738 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_PRINTING} 1739 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1740 * 1741 * The default value is {@code false}. 1742 * 1743 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1744 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1745 * @see #getUserRestrictions() 1746 */ 1747 public static final String DISALLOW_PRINTING = "no_printing"; 1748 1749 /** 1750 * Specifies whether the user is allowed to modify private DNS settings. 1751 * 1752 * <p>This restriction can only be set by a device owner or a profile owner of an 1753 * organization-owned managed profile on the parent profile. When it is set by either of these 1754 * owners, it applies globally. 1755 * 1756 * <p>Holders of the permission 1757 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_RESTRICT_PRIVATE_DNS} 1758 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1759 * 1760 * <p>The default value is <code>false</code>. 1761 * 1762 * <p>Key for user restrictions. 1763 * <p>Type: Boolean 1764 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1765 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1766 * @see #getUserRestrictions() 1767 */ 1768 public static final String DISALLOW_CONFIG_PRIVATE_DNS = 1769 "disallow_config_private_dns"; 1770 1771 /** 1772 * Specifies whether the microphone toggle is available to the user. If this restriction is set, 1773 * the user will not be able to block microphone access via the system toggle. If microphone 1774 * access is blocked when the restriction is added, it will be automatically re-enabled. 1775 * 1776 * This restriction can only be set by a device owner. 1777 * 1778 * <p>The default value is <code>false</code>. 1779 * 1780 * @see android.hardware.SensorPrivacyManager 1781 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1782 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1783 * @see #getUserRestrictions() 1784 */ 1785 public static final String DISALLOW_MICROPHONE_TOGGLE = 1786 "disallow_microphone_toggle"; 1787 1788 /** 1789 * Specifies whether the camera toggle is available to the user. If this restriction is set, 1790 * the user will not be able to block camera access via the system toggle. If camera 1791 * access is blocked when the restriction is added, it will be automatically re-enabled. 1792 * 1793 * This restriction can only be set by a device owner. 1794 * 1795 * <p>The default value is <code>false</code>. 1796 * 1797 * @see android.hardware.SensorPrivacyManager 1798 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1799 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1800 * @see #getUserRestrictions() 1801 */ 1802 public static final String DISALLOW_CAMERA_TOGGLE = 1803 "disallow_camera_toggle"; 1804 1805 /** 1806 * This is really not a user restriction in the normal sense. This can't be set to a user, 1807 * via UserManager nor via DevicePolicyManager. This is not even set in UserSettingsUtils. 1808 * This is defined here purely for convenience within the settings app. 1809 * 1810 * TODO(b/191306258): Refactor the Settings app to remove the need for this field, and delete it 1811 * 1812 * Specifies whether biometrics are available to the user. This is used internally only, 1813 * as a means of communications between biometric settings and 1814 * {@link com.android.settingslib.enterprise.ActionDisabledByAdminControllerFactory}. 1815 * 1816 * @see {@link android.hardware.biometrics.ParentalControlsUtilsInternal} 1817 * @see {@link com.android.settings.biometrics.ParentalControlsUtils} 1818 * 1819 * @hide 1820 */ 1821 public static final String DISALLOW_BIOMETRIC = "disallow_biometric"; 1822 1823 /** 1824 * Specifies whether the user is allowed to modify default apps in settings. 1825 * 1826 * <p>A device owner and a profile owner can set this restriction. When it is set by a 1827 * device owner, it applies globally - i.e., modifying of default apps in Settings for all 1828 * users is disallowed. When it is set by a profile owner on the primary user or by a profile 1829 * owner of an organization-owned managed profile on the parent profile, modifying of 1830 * default apps in Settings for the primary user is disallowed. 1831 * 1832 * <p>The default value is <code>false</code>. 1833 * 1834 * <p>Key for user restrictions. 1835 * <p>Type: Boolean 1836 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1837 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1838 * @see #getUserRestrictions() 1839 */ 1840 public static final String DISALLOW_CONFIG_DEFAULT_APPS = "disallow_config_default_apps"; 1841 1842 /** 1843 * Application restriction key that is used to indicate the pending arrival 1844 * of real restrictions for the app. 1845 * 1846 * <p> 1847 * Applications that support restrictions should check for the presence of this key. 1848 * A <code>true</code> value indicates that restrictions may be applied in the near 1849 * future but are not available yet. It is the responsibility of any 1850 * management application that sets this flag to update it when the final 1851 * restrictions are enforced. 1852 * 1853 * <p>Key for application restrictions. 1854 * <p>Type: Boolean 1855 * @see android.app.admin.DevicePolicyManager#setApplicationRestrictions( 1856 * android.content.ComponentName, String, Bundle) 1857 * @see android.app.admin.DevicePolicyManager#getApplicationRestrictions( 1858 * android.content.ComponentName, String) 1859 */ 1860 public static final String KEY_RESTRICTIONS_PENDING = "restrictions_pending"; 1861 1862 /** 1863 * Specifies if a user is not allowed to use 2g networks. 1864 * 1865 * <p> This is a security feature. 2g has no mutual authentication between a device and 1866 * cellular base station and downgrading a device's connection to 2g is a common tactic for 1867 * several types of privacy and security compromising attacks that could allow an adversary 1868 * to intercept, inject, or modify cellular communications. 1869 * 1870 * <p>This restriction can only be set by a device owner or a profile owner of an 1871 * organization-owned managed profile on the parent profile. 1872 * In all cases, the setting applies globally on the device. 1873 * 1874 * <p> Cellular connectivity loss (where a device would have otherwise successfully 1875 * connected to a 2g network) occurs if the device is in an area where only 2g networks are 1876 * available. Emergency calls are an exception and are never impacted. The device will still 1877 * scan for and connect to a 2g network for emergency calls. 1878 * 1879 * <p>Holders of the permission 1880 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_MOBILE_NETWORK} 1881 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1882 * 1883 * <p>The default value is <code>false</code>. 1884 * 1885 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1886 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1887 * @see #getUserRestrictions() 1888 */ 1889 public static final String DISALLOW_CELLULAR_2G = "no_cellular_2g"; 1890 1891 /** 1892 * This user restriction specifies if Ultra-wideband is disallowed on the device. If 1893 * Ultra-wideband is disallowed it cannot be turned on via Settings. 1894 * 1895 * <p> 1896 * Ultra-wideband (UWB) is a radio technology that can use a very low energy level 1897 * for short-range, high-bandwidth communications over a large portion of the radio spectrum. 1898 * 1899 * <p>This restriction can only be set by a device owner or a profile owner of an 1900 * organization-owned managed profile on the parent profile. 1901 * In both cases, the restriction applies globally on the device and will turn off the 1902 * ultra-wideband radio if it's currently on and prevent the radio from being turned on in 1903 * the future. 1904 * 1905 * <p>Holders of the permission 1906 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_NEARBY_COMMUNICATION} 1907 * can set this restriction using the DevicePolicyManager APIs mentioned below. 1908 * 1909 * <p>Default is <code>false</code>. 1910 * 1911 * <p>Key for user restrictions. 1912 * <p>Type: Boolean 1913 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1914 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1915 * @see #getUserRestrictions() 1916 */ 1917 public static final String DISALLOW_ULTRA_WIDEBAND_RADIO = "no_ultra_wideband_radio"; 1918 1919 /** 1920 * This user restriction specifies if Near-field communication is disallowed on the device. If 1921 * Near-field communication is disallowed it cannot be turned on via Settings. 1922 * 1923 * <p>This restriction can only be set by a device owner or a profile owner of an 1924 * organization-owned managed profile on the parent profile. 1925 * In both cases, the restriction applies globally on the device and will turn off the 1926 * Near-field communication radio if it's currently on and prevent the radio from being turned 1927 * on in the future. 1928 * 1929 * <p> 1930 * Near-field communication (NFC) is a radio technology that allows two devices (like your phone 1931 * and a payments terminal) to communicate with each other when they're close together. 1932 * 1933 * <p>Default is <code>false</code>. 1934 * 1935 * <p>Key for user restrictions. 1936 * <p>Type: Boolean 1937 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1938 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1939 * @see #getUserRestrictions() 1940 */ 1941 @FlaggedApi(Flags.FLAG_ENABLE_NFC_USER_RESTRICTION) 1942 public static final String DISALLOW_NEAR_FIELD_COMMUNICATION_RADIO = 1943 "no_near_field_communication_radio"; 1944 1945 /** 1946 * This user restriction specifies if Near-field communication is disallowed to change 1947 * on the device. If Near-field communication is disallowed it cannot be changed via Settings. 1948 * 1949 * <p>This restriction can only be set by a device owner or a profile owner of an 1950 * organization-owned managed profile on the parent profile. 1951 * In both cases, the restriction applies globally on the device and will not allow Near-field 1952 * communication state being changed. 1953 * 1954 * <p> 1955 * Near-field communication (NFC) is a radio technology that allows two devices (like your phone 1956 * and a payments terminal) to communicate with each other when they're close together. 1957 * 1958 * <p>Default is <code>false</code>. 1959 * 1960 * <p>Key for user restrictions. 1961 * <p>Type: Boolean 1962 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1963 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1964 * @see #getUserRestrictions() 1965 */ 1966 @FlaggedApi(Flags.FLAG_ENABLE_NFC_USER_RESTRICTION) 1967 public static final String DISALLOW_CHANGE_NEAR_FIELD_COMMUNICATION_RADIO = 1968 "no_change_near_field_communication_radio"; 1969 1970 /** 1971 * This user restriction specifies if Thread network is disallowed on the device. If Thread 1972 * network is disallowed it cannot be turned on via Settings. 1973 * 1974 * <p>This restriction can only be set by a device owner or a profile owner of an 1975 * organization-owned managed profile on the parent profile. 1976 * In both cases, the restriction applies globally on the device and will turn off the 1977 * Thread network radio if it's currently on and prevent the radio from being turned 1978 * on in the future. 1979 * 1980 * <p> <a href="https://www.threadgroup.org">Thread</a> is a low-power and low-latency wireless 1981 * mesh networking protocol built on IPv6. 1982 * 1983 * <p>Default is <code>false</code>. 1984 * 1985 * <p>Key for user restrictions. 1986 * <p>Type: Boolean 1987 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 1988 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 1989 * @see #getUserRestrictions() 1990 */ 1991 @FlaggedApi(com.android.net.thread.platform.flags.Flags.FLAG_THREAD_USER_RESTRICTION_ENABLED) 1992 public static final String DISALLOW_THREAD_NETWORK = "no_thread_network"; 1993 1994 /** 1995 * This user restriction specifies if the user is able to add embedded SIMs to the device. 1996 * 1997 * <p> 1998 * This restriction blocks the download of embedded SIMs. 1999 * 2000 * <p> 2001 * This restriction can only be set by a device owner or a profile owner of an 2002 * organization-owned managed profile. 2003 * In both cases, the restriction applies globally on the device. 2004 * 2005 * <p> 2006 * Holders of the permission 2007 * {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_MOBILE_NETWORK} 2008 * can set this restriction using the DevicePolicyManager APIs mentioned below. 2009 * 2010 * <p>Default is <code>false</code>. 2011 * 2012 * <p>Key for user restrictions. 2013 * <p>Type: Boolean 2014 * 2015 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 2016 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 2017 * @see #getUserRestrictions() 2018 */ 2019 public static final String DISALLOW_SIM_GLOBALLY = 2020 "no_sim_globally"; 2021 2022 /** 2023 * This user restriction specifies if assist content is disallowed from being sent to 2024 * a privileged app such as the Assistant app. Assist content includes screenshots and 2025 * information about an app, such as package name. 2026 * 2027 * <p>This restriction can only be set by a device owner or a profile owner. When it is set 2028 * by a device owner, it disables the assist contextual data on the entire device. When it is 2029 * set by a profile owner, it disables assist content on the profile. 2030 * 2031 * <p>Default is <code>false</code>. 2032 * 2033 * <p>Key for user restrictions. 2034 * <p>Type: Boolean 2035 * @see DevicePolicyManager#addUserRestriction(ComponentName, String) 2036 * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) 2037 * @see #getUserRestrictions() 2038 */ 2039 public static final String DISALLOW_ASSIST_CONTENT = "no_assist_content"; 2040 2041 /** 2042 * List of key values that can be passed into the various user restriction related methods 2043 * in {@link UserManager} & {@link DevicePolicyManager}. 2044 * Note: This is slightly different from the real set of user restrictions listed in {@link 2045 * com.android.server.pm.UserRestrictionsUtils#USER_RESTRICTIONS}. For example 2046 * {@link #KEY_RESTRICTIONS_PENDING} is not a real user restriction, but is a legitimate 2047 * value that can be passed into {@link #hasUserRestriction(String)}. 2048 * @hide 2049 */ 2050 @StringDef(value = { 2051 ALLOW_PARENT_PROFILE_APP_LINKING, 2052 DISALLOW_ADD_CLONE_PROFILE, 2053 DISALLOW_ADD_MANAGED_PROFILE, 2054 DISALLOW_ADD_PRIVATE_PROFILE, 2055 DISALLOW_ADD_USER, 2056 DISALLOW_ADD_WIFI_CONFIG, 2057 DISALLOW_ADJUST_VOLUME, 2058 DISALLOW_AIRPLANE_MODE, 2059 DISALLOW_AMBIENT_DISPLAY, 2060 DISALLOW_APPS_CONTROL, 2061 DISALLOW_ASSIST_CONTENT, 2062 DISALLOW_AUTOFILL, 2063 DISALLOW_BIOMETRIC, 2064 DISALLOW_BLUETOOTH, 2065 DISALLOW_BLUETOOTH_SHARING, 2066 DISALLOW_CAMERA, 2067 DISALLOW_CAMERA_TOGGLE, 2068 DISALLOW_CELLULAR_2G, 2069 DISALLOW_CHANGE_NEAR_FIELD_COMMUNICATION_RADIO, 2070 DISALLOW_CHANGE_WIFI_STATE, 2071 DISALLOW_CONFIG_BLUETOOTH, 2072 DISALLOW_CONFIG_BRIGHTNESS, 2073 DISALLOW_CONFIG_CELL_BROADCASTS, 2074 DISALLOW_CONFIG_CREDENTIALS, 2075 DISALLOW_CONFIG_DATE_TIME, 2076 DISALLOW_CONFIG_DEFAULT_APPS, 2077 DISALLOW_CONFIG_LOCALE, 2078 DISALLOW_CONFIG_LOCATION, 2079 DISALLOW_CONFIG_MOBILE_NETWORKS, 2080 DISALLOW_CONFIG_PRIVATE_DNS, 2081 DISALLOW_CONFIG_SCREEN_TIMEOUT, 2082 DISALLOW_CONFIG_TETHERING, 2083 DISALLOW_CONFIG_VPN, 2084 DISALLOW_CONFIG_WIFI, 2085 DISALLOW_CONTENT_CAPTURE, 2086 DISALLOW_CONTENT_SUGGESTIONS, 2087 DISALLOW_CREATE_WINDOWS, 2088 DISALLOW_CROSS_PROFILE_COPY_PASTE, 2089 DISALLOW_DATA_ROAMING, 2090 DISALLOW_DEBUGGING_FEATURES, 2091 DISALLOW_FACTORY_RESET, 2092 DISALLOW_FUN, 2093 DISALLOW_GRANT_ADMIN, 2094 DISALLOW_INSTALL_APPS, 2095 DISALLOW_INSTALL_UNKNOWN_SOURCES, 2096 DISALLOW_INSTALL_UNKNOWN_SOURCES_GLOBALLY, 2097 DISALLOW_MICROPHONE_TOGGLE, 2098 DISALLOW_MODIFY_ACCOUNTS, 2099 DISALLOW_MOUNT_PHYSICAL_MEDIA, 2100 DISALLOW_NEAR_FIELD_COMMUNICATION_RADIO, 2101 DISALLOW_NETWORK_RESET, 2102 DISALLOW_OEM_UNLOCK, 2103 DISALLOW_OUTGOING_BEAM, 2104 DISALLOW_OUTGOING_CALLS, 2105 DISALLOW_PRINTING, 2106 DISALLOW_RECORD_AUDIO, 2107 DISALLOW_REMOVE_MANAGED_PROFILE, 2108 DISALLOW_REMOVE_USER, 2109 DISALLOW_RUN_IN_BACKGROUND, 2110 DISALLOW_SAFE_BOOT, 2111 DISALLOW_SET_USER_ICON, 2112 DISALLOW_SET_WALLPAPER, 2113 DISALLOW_SHARE_INTO_MANAGED_PROFILE, 2114 DISALLOW_SHARE_LOCATION, 2115 DISALLOW_SHARING_ADMIN_CONFIGURED_WIFI, 2116 DISALLOW_SIM_GLOBALLY, 2117 DISALLOW_SMS, 2118 DISALLOW_SYSTEM_ERROR_DIALOGS, 2119 DISALLOW_THREAD_NETWORK, 2120 DISALLOW_ULTRA_WIDEBAND_RADIO, 2121 DISALLOW_UNIFIED_PASSWORD, 2122 DISALLOW_UNINSTALL_APPS, 2123 DISALLOW_UNMUTE_DEVICE, 2124 DISALLOW_UNMUTE_MICROPHONE, 2125 DISALLOW_USB_FILE_TRANSFER, 2126 DISALLOW_USER_SWITCH, 2127 DISALLOW_WALLPAPER, 2128 DISALLOW_WIFI_DIRECT, 2129 DISALLOW_WIFI_TETHERING, 2130 ENSURE_VERIFY_APPS, 2131 KEY_RESTRICTIONS_PENDING, 2132 }) 2133 @Retention(RetentionPolicy.SOURCE) 2134 public @interface UserRestrictionKey {} 2135 2136 /** 2137 * Property used to override whether the device uses headless system user mode. 2138 * 2139 * <p>Only used on non-user builds. 2140 * 2141 * <p><b>NOTE: </b>setting this variable directly won't properly change the headless system user 2142 * mode behavior and might put the device in a bad state; the system user mode should be changed 2143 * using {@code cmd user set-system-user-mode-emulation} instead. 2144 * 2145 * @hide 2146 */ 2147 public static final String SYSTEM_USER_MODE_EMULATION_PROPERTY = 2148 "persist.debug.user_mode_emulation"; 2149 2150 /** @hide */ 2151 public static final String SYSTEM_USER_MODE_EMULATION_DEFAULT = "default"; 2152 /** @hide */ 2153 public static final String SYSTEM_USER_MODE_EMULATION_FULL = "full"; 2154 /** @hide */ 2155 public static final String SYSTEM_USER_MODE_EMULATION_HEADLESS = "headless"; 2156 2157 /** 2158 * System Property used to override whether users can be created even if their type is disabled 2159 * or their limit is reached. Set value to 1 to enable. 2160 * 2161 * <p>Only used on non-user builds. 2162 * 2163 * @hide 2164 */ 2165 public static final String DEV_CREATE_OVERRIDE_PROPERTY = "debug.user.creation_override"; 2166 2167 private static final String ACTION_CREATE_USER = "android.os.action.CREATE_USER"; 2168 2169 /** 2170 * Action to start an activity to create a supervised user. 2171 * Only devices with non-empty config_supervisedUserCreationPackage support this. 2172 * 2173 * @hide 2174 */ 2175 @SystemApi 2176 @RequiresPermission(Manifest.permission.MANAGE_USERS) 2177 public static final String ACTION_CREATE_SUPERVISED_USER = 2178 "android.os.action.CREATE_SUPERVISED_USER"; 2179 2180 /** 2181 * Extra containing a name for the user being created. Optional parameter passed to 2182 * ACTION_CREATE_USER activity. 2183 * @hide 2184 */ 2185 public static final String EXTRA_USER_NAME = "android.os.extra.USER_NAME"; 2186 2187 /** 2188 * Extra containing account name for the user being created. Optional parameter passed to 2189 * ACTION_CREATE_USER activity. 2190 * @hide 2191 */ 2192 public static final String EXTRA_USER_ACCOUNT_NAME = "android.os.extra.USER_ACCOUNT_NAME"; 2193 2194 /** 2195 * Extra containing account type for the user being created. Optional parameter passed to 2196 * ACTION_CREATE_USER activity. 2197 * @hide 2198 */ 2199 public static final String EXTRA_USER_ACCOUNT_TYPE = "android.os.extra.USER_ACCOUNT_TYPE"; 2200 2201 /** 2202 * Extra containing account-specific data for the user being created. Optional parameter passed 2203 * to ACTION_CREATE_USER activity. 2204 * @hide 2205 */ 2206 public static final String EXTRA_USER_ACCOUNT_OPTIONS 2207 = "android.os.extra.USER_ACCOUNT_OPTIONS"; 2208 2209 /** @hide */ 2210 public static final int PIN_VERIFICATION_FAILED_INCORRECT = -3; 2211 /** @hide */ 2212 public static final int PIN_VERIFICATION_FAILED_NOT_SET = -2; 2213 /** @hide */ 2214 public static final int PIN_VERIFICATION_SUCCESS = -1; 2215 2216 /** 2217 * Sent when user restrictions have changed. 2218 * 2219 * @hide 2220 */ 2221 @SystemApi // To allow seeing it from CTS. 2222 public static final String ACTION_USER_RESTRICTIONS_CHANGED = 2223 "android.os.action.USER_RESTRICTIONS_CHANGED"; 2224 2225 /** 2226 * Error result indicating that this user is not allowed to add other users on this device. 2227 * This is a result code returned from the activity created by the intent 2228 * {@link #createUserCreationIntent(String, String, String, PersistableBundle)}. 2229 */ 2230 public static final int USER_CREATION_FAILED_NOT_PERMITTED = Activity.RESULT_FIRST_USER; 2231 2232 /** 2233 * Error result indicating that no more users can be created on this device. 2234 * This is a result code returned from the activity created by the intent 2235 * {@link #createUserCreationIntent(String, String, String, PersistableBundle)}. 2236 */ 2237 public static final int USER_CREATION_FAILED_NO_MORE_USERS = Activity.RESULT_FIRST_USER + 1; 2238 2239 /** 2240 * Indicates that users are switchable. 2241 * @hide 2242 */ 2243 @SystemApi 2244 public static final int SWITCHABILITY_STATUS_OK = 0; 2245 2246 /** 2247 * Indicated that the user is in a phone call. 2248 * @hide 2249 */ 2250 @SystemApi 2251 public static final int SWITCHABILITY_STATUS_USER_IN_CALL = 1 << 0; 2252 2253 /** 2254 * Indicates that user switching is disallowed ({@link #DISALLOW_USER_SWITCH} is set). 2255 * @hide 2256 */ 2257 @SystemApi 2258 public static final int SWITCHABILITY_STATUS_USER_SWITCH_DISALLOWED = 1 << 1; 2259 2260 /** 2261 * Indicates that the system user is locked and user switching is not allowed. 2262 * @hide 2263 */ 2264 @SystemApi 2265 public static final int SWITCHABILITY_STATUS_SYSTEM_USER_LOCKED = 1 << 2; 2266 2267 /** 2268 * Result returned in {@link #getUserSwitchability()} indicating user switchability. 2269 * @hide 2270 */ 2271 @Retention(RetentionPolicy.SOURCE) 2272 @IntDef(flag = true, prefix = { "SWITCHABILITY_STATUS_" }, value = { 2273 SWITCHABILITY_STATUS_OK, 2274 SWITCHABILITY_STATUS_USER_IN_CALL, 2275 SWITCHABILITY_STATUS_USER_SWITCH_DISALLOWED, 2276 SWITCHABILITY_STATUS_SYSTEM_USER_LOCKED 2277 }) 2278 public @interface UserSwitchabilityResult {} 2279 2280 /** 2281 * Indicates that user can logout. 2282 * @hide 2283 */ 2284 public static final int LOGOUTABILITY_STATUS_OK = 0; 2285 2286 /** 2287 * Indicates that user cannot logout because it is the system user. 2288 * @hide 2289 */ 2290 public static final int LOGOUTABILITY_STATUS_CANNOT_LOGOUT_SYSTEM_USER = 1; 2291 2292 /** 2293 * Indicates that user cannot logout because there is no suitable user to logout to. This is 2294 * generally applicable to Headless System User Mode devices that do not have an interactive 2295 * system user. 2296 * @hide 2297 */ 2298 public static final int LOGOUTABILITY_STATUS_NO_SUITABLE_USER_TO_LOGOUT_TO = 2; 2299 2300 /** 2301 * Indicates that user cannot logout because user switch cannot happen. 2302 * @hide 2303 */ 2304 public static final int LOGOUTABILITY_STATUS_CANNOT_SWITCH = 3; 2305 2306 /** 2307 * Result returned in {@link #getUserLogoutability()} indicating user logoutability. 2308 * @hide 2309 */ 2310 @Retention(RetentionPolicy.SOURCE) 2311 @IntDef(flag = false, prefix = { "LOGOUTABILITY_STATUS_" }, value = { 2312 LOGOUTABILITY_STATUS_OK, 2313 LOGOUTABILITY_STATUS_CANNOT_LOGOUT_SYSTEM_USER, 2314 LOGOUTABILITY_STATUS_NO_SUITABLE_USER_TO_LOGOUT_TO, 2315 LOGOUTABILITY_STATUS_CANNOT_SWITCH 2316 }) 2317 public @interface UserLogoutability {} 2318 2319 /** 2320 * A response code from {@link #removeUserWhenPossible(UserHandle, boolean)} indicating that 2321 * the specified user has been successfully removed. 2322 * 2323 * @hide 2324 */ 2325 @SystemApi 2326 public static final int REMOVE_RESULT_REMOVED = 0; 2327 2328 /** 2329 * A response code from {@link #removeUserWhenPossible(UserHandle, boolean)} indicating that 2330 * the specified user is marked so that it will be removed when the user is stopped or on boot. 2331 * 2332 * @hide 2333 */ 2334 @SystemApi 2335 public static final int REMOVE_RESULT_DEFERRED = 1; 2336 2337 /** 2338 * A response code from {@link #removeUserWhenPossible(UserHandle, boolean)} indicating that 2339 * the specified user is already in the process of being removed. 2340 * 2341 * @hide 2342 */ 2343 @SystemApi 2344 public static final int REMOVE_RESULT_ALREADY_BEING_REMOVED = 2; 2345 2346 /** 2347 * A response code indicating that the specified user is removable. 2348 * 2349 * @hide 2350 */ 2351 public static final int REMOVE_RESULT_USER_IS_REMOVABLE = 3; 2352 2353 /** 2354 * A response code from {@link #removeUserWhenPossible(UserHandle, boolean)} indicating that 2355 * an unknown error occurred that prevented the user from being removed or set as ephemeral. 2356 * 2357 * @hide 2358 */ 2359 @SystemApi 2360 public static final int REMOVE_RESULT_ERROR_UNKNOWN = -1; 2361 2362 /** 2363 * A response code from {@link #removeUserWhenPossible(UserHandle, boolean)} indicating that 2364 * the user could not be removed due to a {@link #DISALLOW_REMOVE_MANAGED_PROFILE} or 2365 * {@link #DISALLOW_REMOVE_USER} user restriction. 2366 * 2367 * @hide 2368 */ 2369 @SystemApi 2370 public static final int REMOVE_RESULT_ERROR_USER_RESTRICTION = -2; 2371 2372 /** 2373 * A response code from {@link #removeUserWhenPossible(UserHandle, boolean)} indicating that 2374 * user being removed does not exist. 2375 * 2376 * @hide 2377 */ 2378 @SystemApi 2379 public static final int REMOVE_RESULT_ERROR_USER_NOT_FOUND = -3; 2380 2381 /** 2382 * A response code from {@link #removeUserWhenPossible(UserHandle, boolean)} indicating that 2383 * user being removed is a {@link UserHandle#SYSTEM} user which can't be removed. 2384 * 2385 * @hide 2386 */ 2387 @SystemApi 2388 public static final int REMOVE_RESULT_ERROR_SYSTEM_USER = -4; 2389 2390 /** 2391 * A response code from {@link #removeUserWhenPossible(UserHandle, boolean)} indicating that 2392 * user being removed is a {@link UserInfo#FLAG_MAIN} user and can't be removed because 2393 * system property {@link com.android.internal.R.bool.isMainUserPermanentAdmin} is true. 2394 * @hide 2395 */ 2396 @SystemApi 2397 public static final int REMOVE_RESULT_ERROR_MAIN_USER_PERMANENT_ADMIN = -5; 2398 2399 /** 2400 * Possible response codes from {@link #removeUserWhenPossible(UserHandle, boolean)}. 2401 * 2402 * @hide 2403 */ 2404 @IntDef(prefix = { "REMOVE_RESULT_" }, value = { 2405 REMOVE_RESULT_REMOVED, 2406 REMOVE_RESULT_DEFERRED, 2407 REMOVE_RESULT_ALREADY_BEING_REMOVED, 2408 REMOVE_RESULT_USER_IS_REMOVABLE, 2409 REMOVE_RESULT_ERROR_USER_RESTRICTION, 2410 REMOVE_RESULT_ERROR_USER_NOT_FOUND, 2411 REMOVE_RESULT_ERROR_SYSTEM_USER, 2412 REMOVE_RESULT_ERROR_MAIN_USER_PERMANENT_ADMIN, 2413 REMOVE_RESULT_ERROR_UNKNOWN, 2414 }) 2415 @Retention(RetentionPolicy.SOURCE) 2416 public @interface RemoveResult {} 2417 2418 /** 2419 * Indicates user operation is successful. 2420 */ 2421 public static final int USER_OPERATION_SUCCESS = 0; 2422 2423 /** 2424 * Indicates user operation failed for unknown reason. 2425 */ 2426 public static final int USER_OPERATION_ERROR_UNKNOWN = 1; 2427 2428 /** 2429 * Indicates user operation failed because target user is a managed profile. 2430 */ 2431 public static final int USER_OPERATION_ERROR_MANAGED_PROFILE = 2; 2432 2433 /** 2434 * Indicates user operation failed because maximum running user limit has been reached. 2435 */ 2436 public static final int USER_OPERATION_ERROR_MAX_RUNNING_USERS = 3; 2437 2438 /** 2439 * Indicates user operation failed because the target user is in the foreground. 2440 */ 2441 public static final int USER_OPERATION_ERROR_CURRENT_USER = 4; 2442 2443 /** 2444 * Indicates user operation failed because device has low data storage. 2445 */ 2446 public static final int USER_OPERATION_ERROR_LOW_STORAGE = 5; 2447 2448 /** 2449 * Indicates user operation failed because maximum user limit has been reached. 2450 */ 2451 public static final int USER_OPERATION_ERROR_MAX_USERS = 6; 2452 2453 /** 2454 * Indicates user operation failed because a user with that account already exists. 2455 * 2456 * @hide 2457 */ 2458 @SystemApi 2459 public static final int USER_OPERATION_ERROR_USER_ACCOUNT_ALREADY_EXISTS = 7; 2460 2461 /** 2462 * Indicates user operation failed because user is disabled on the device. 2463 * @hide 2464 */ 2465 public static final int USER_OPERATION_ERROR_DISABLED_USER = 8; 2466 /** 2467 * Indicates user operation failed because private space is disabled on the device. 2468 * @hide 2469 */ 2470 public static final int USER_OPERATION_ERROR_PRIVATE_PROFILE = 9; 2471 /** 2472 * Indicates user operation failed because user is restricted on the device. 2473 * @hide 2474 */ 2475 public static final int USER_OPERATION_ERROR_USER_RESTRICTED = 10; 2476 2477 /** 2478 * Result returned from various user operations. 2479 * 2480 * @hide 2481 */ 2482 @Retention(RetentionPolicy.SOURCE) 2483 @IntDef(prefix = { "USER_OPERATION_" }, value = { 2484 USER_OPERATION_SUCCESS, 2485 USER_OPERATION_ERROR_UNKNOWN, 2486 USER_OPERATION_ERROR_MANAGED_PROFILE, 2487 USER_OPERATION_ERROR_MAX_RUNNING_USERS, 2488 USER_OPERATION_ERROR_CURRENT_USER, 2489 USER_OPERATION_ERROR_LOW_STORAGE, 2490 USER_OPERATION_ERROR_MAX_USERS, 2491 USER_OPERATION_ERROR_USER_ACCOUNT_ALREADY_EXISTS, 2492 USER_OPERATION_ERROR_DISABLED_USER, 2493 USER_OPERATION_ERROR_PRIVATE_PROFILE, 2494 USER_OPERATION_ERROR_USER_RESTRICTED, 2495 }) 2496 public @interface UserOperationResult {} 2497 2498 /** 2499 * Thrown to indicate user operation failed. 2500 */ 2501 public static class UserOperationException extends RuntimeException { 2502 private final @UserOperationResult int mUserOperationResult; 2503 2504 /** 2505 * Constructs a UserOperationException with specific result code. 2506 * 2507 * @param message the detail message 2508 * @param userOperationResult the result code 2509 * @hide 2510 */ UserOperationException(String message, @UserOperationResult int userOperationResult)2511 public UserOperationException(String message, 2512 @UserOperationResult int userOperationResult) { 2513 super(message); 2514 mUserOperationResult = userOperationResult; 2515 } 2516 2517 /** 2518 * Returns the operation result code. 2519 */ getUserOperationResult()2520 public @UserOperationResult int getUserOperationResult() { 2521 return mUserOperationResult; 2522 } 2523 2524 /** 2525 * Returns a UserOperationException containing the same message and error code. 2526 * @hide 2527 */ from(ServiceSpecificException exception)2528 public static UserOperationException from(ServiceSpecificException exception) { 2529 return new UserOperationException(exception.getMessage(), exception.errorCode); 2530 } 2531 } 2532 2533 /** 2534 * Converts the ServiceSpecificException into a UserOperationException or throws null; 2535 * 2536 * @param exception exception to convert. 2537 * @param throwInsteadOfNull if an exception should be thrown or null returned. 2538 * @return null if chosen not to throw exception. 2539 * @throws UserOperationException 2540 */ returnNullOrThrowUserOperationException(ServiceSpecificException exception, boolean throwInsteadOfNull)2541 private <T> T returnNullOrThrowUserOperationException(ServiceSpecificException exception, 2542 boolean throwInsteadOfNull) throws UserOperationException { 2543 if (throwInsteadOfNull) { 2544 throw UserOperationException.from(exception); 2545 } else { 2546 return null; 2547 } 2548 } 2549 2550 /** 2551 * Thrown to indicate user operation failed. (Checked exception) 2552 * @hide 2553 */ 2554 public static class CheckedUserOperationException extends AndroidException { 2555 private final @UserOperationResult int mUserOperationResult; 2556 2557 /** 2558 * Constructs a CheckedUserOperationException with specific result code. 2559 * 2560 * @param message the detail message 2561 * @param userOperationResult the result code 2562 * @hide 2563 */ CheckedUserOperationException(String message, @UserOperationResult int userOperationResult)2564 public CheckedUserOperationException(String message, 2565 @UserOperationResult int userOperationResult) { 2566 super(message); 2567 mUserOperationResult = userOperationResult; 2568 } 2569 2570 /** Returns the operation result code. */ getUserOperationResult()2571 public @UserOperationResult int getUserOperationResult() { 2572 return mUserOperationResult; 2573 } 2574 2575 /** Return a ServiceSpecificException containing the same message and error code. */ toServiceSpecificException()2576 public ServiceSpecificException toServiceSpecificException() { 2577 return new ServiceSpecificException(mUserOperationResult, getMessage()); 2578 } 2579 } 2580 2581 /** 2582 * For apps targeting {@link Build.VERSION_CODES#TIRAMISU} and above, any UserManager API marked 2583 * as {@link android.annotation.UserHandleAware @UserHandleAware} will use the context user 2584 * (rather than the calling user). 2585 * For apps targeting an SDK version <em>below</em> this, the behaviour 2586 * depends on the particular method and when it was first introduced: 2587 * <ul> 2588 * <li> 2589 * if the {@literal @}UserHandleAware specifies a 2590 * {@link android.annotation.UserHandleAware#enabledSinceTargetSdkVersion} of 2591 * {@link Build.VERSION_CODES#TIRAMISU} the <em>calling</em> user is used. 2592 * </li> 2593 * <li> 2594 * if the {@literal @}UserHandleAware doesn't specify a 2595 * {@link android.annotation.UserHandleAware#enabledSinceTargetSdkVersion}, the 2596 * <em>context</em> user is used. 2597 * </li> 2598 * <li>there should currently be no other values used by UserManager for 2599 * {@link android.annotation.UserHandleAware#enabledSinceTargetSdkVersion}, since all 2600 * old implicitly user-dependant APIs were updated in that version and anything 2601 * introduced more recently should already be {@literal @}UserHandleAware. 2602 * </li> 2603 * </ul> 2604 * 2605 * Note that when an API marked with 2606 * {@link android.annotation.UserHandleAware#enabledSinceTargetSdkVersion} is run 2607 * on a device whose OS predates that version, the calling user will be used, since on such a 2608 * device, the API is not {@literal @}UserHandleAware yet. 2609 * 2610 * @hide 2611 */ 2612 @ChangeId 2613 @EnabledSince(targetSdkVersion = Build.VERSION_CODES.TIRAMISU) 2614 public static final long ALWAYS_USE_CONTEXT_USER = 183155436L; 2615 2616 /** 2617 * Returns the context user or the calling user, depending on the target SDK. 2618 * New APIs do not require such gating and therefore should always use mUserId instead. 2619 * @see #ALWAYS_USE_CONTEXT_USER 2620 */ getContextUserIfAppropriate()2621 private @UserIdInt int getContextUserIfAppropriate() { 2622 if (CompatChanges.isChangeEnabled(ALWAYS_USE_CONTEXT_USER)) { 2623 return mUserId; 2624 } else { 2625 final int callingUser = UserHandle.myUserId(); 2626 if (callingUser != mUserId) { 2627 Log.w(TAG, "Using the calling user " + callingUser 2628 + ", rather than the specified context user " + mUserId 2629 + ", because API is only UserHandleAware on higher targetSdkVersions.", 2630 new Throwable()); 2631 } 2632 return callingUser; 2633 } 2634 } 2635 2636 /** @hide */ 2637 @UnsupportedAppUsage get(Context context)2638 public static UserManager get(Context context) { 2639 return (UserManager) context.getSystemService(Context.USER_SERVICE); 2640 } 2641 2642 /** @hide */ UserManager(Context context, IUserManager service)2643 public UserManager(Context context, IUserManager service) { 2644 mService = service; 2645 Context appContext = context.getApplicationContext(); 2646 mContext = (appContext == null ? context : appContext); 2647 mUserId = context.getUserId(); 2648 } 2649 2650 /** 2651 * Returns whether this device supports multiple users with their own login and customizable 2652 * space. 2653 * @return whether the device supports multiple users. 2654 */ supportsMultipleUsers()2655 public static boolean supportsMultipleUsers() { 2656 return getMaxSupportedUsers() > 1 2657 && SystemProperties.getBoolean("fw.show_multiuserui", 2658 Resources.getSystem().getBoolean(R.bool.config_enableMultiUserUI)); 2659 } 2660 2661 /** 2662 * @return Whether guest user is always ephemeral 2663 * @hide 2664 */ isGuestUserAlwaysEphemeral()2665 public static boolean isGuestUserAlwaysEphemeral() { 2666 return Resources.getSystem() 2667 .getBoolean(com.android.internal.R.bool.config_guestUserEphemeral); 2668 } 2669 2670 /** 2671 * @return true, when we want to enable user manager API and UX to allow 2672 * guest user ephemeral state change based on user input 2673 * @hide 2674 */ isGuestUserAllowEphemeralStateChange()2675 public static boolean isGuestUserAllowEphemeralStateChange() { 2676 return Resources.getSystem() 2677 .getBoolean(com.android.internal.R.bool.config_guestUserAllowEphemeralStateChange); 2678 } 2679 2680 /** 2681 * Returns whether the device is configured to support a Communal Profile. 2682 * @hide 2683 */ isCommunalProfileEnabled()2684 public static boolean isCommunalProfileEnabled() { 2685 return SystemProperties.getBoolean("persist.fw.omnipresent_communal_user", 2686 Resources.getSystem() 2687 .getBoolean(com.android.internal.R.bool.config_omnipresentCommunalUser)); 2688 } 2689 2690 /** 2691 * Returns whether the device supports Private Profile 2692 * @hide 2693 */ isPrivateProfileEnabled()2694 public static boolean isPrivateProfileEnabled() { 2695 if (android.multiuser.Flags.blockPrivateSpaceCreation()) { 2696 return !ActivityManager.isLowRamDeviceStatic(); 2697 } 2698 return true; 2699 } 2700 2701 /** 2702 * Returns whether multiple admins are enabled on the device 2703 * @hide 2704 */ isMultipleAdminEnabled()2705 public static boolean isMultipleAdminEnabled() { 2706 return Resources.getSystem() 2707 .getBoolean(com.android.internal.R.bool.config_enableMultipleAdmins); 2708 } 2709 2710 /** 2711 * Checks whether the device is running in a headless system user mode. 2712 * 2713 * <p>Headless system user mode means the {@link #isSystemUser() system user} runs system 2714 * services and some system UI, but it is not associated with any real person and additional 2715 * users must be created to be associated with real persons. 2716 * 2717 * @return whether the device is running in a headless system user mode. 2718 */ isHeadlessSystemUserMode()2719 public static boolean isHeadlessSystemUserMode() { 2720 // No need for synchronization. Once it becomes non-null, it'll be non-null forever. 2721 // (Its value is determined when UMS is constructed and cannot change.) 2722 // Worst case we might end up calling the AIDL method multiple times but that's fine. 2723 if (sIsHeadlessSystemUser == null) { 2724 // Unfortunately this API is static, but the property no longer is. So go fetch the UMS. 2725 try { 2726 final IUserManager service = IUserManager.Stub.asInterface( 2727 ServiceManager.getService(Context.USER_SERVICE)); 2728 sIsHeadlessSystemUser = service.isHeadlessSystemUserMode(); 2729 } catch (RemoteException re) { 2730 throw re.rethrowFromSystemServer(); 2731 } 2732 } 2733 return sIsHeadlessSystemUser; 2734 } 2735 2736 /** 2737 * @deprecated use {@link #getUserSwitchability()} instead. 2738 * 2739 * @removed 2740 * @hide 2741 */ 2742 @Deprecated 2743 @RequiresPermission(anyOf = {android.Manifest.permission.MANAGE_USERS, 2744 android.Manifest.permission.INTERACT_ACROSS_USERS}) 2745 @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553) 2746 @UserHandleAware canSwitchUsers()2747 public boolean canSwitchUsers() { 2748 try { 2749 return mService.getUserSwitchability(mUserId) == SWITCHABILITY_STATUS_OK; 2750 } catch (RemoteException re) { 2751 throw re.rethrowFromSystemServer(); 2752 } 2753 } 2754 2755 /** 2756 * Returns whether switching users is currently allowed for the context user. 2757 * <p> 2758 * Switching users is not allowed in the following cases: 2759 * <li>the user is in a phone call</li> 2760 * <li>{@link #DISALLOW_USER_SWITCH} is set</li> 2761 * <li>system user hasn't been unlocked yet</li> 2762 * 2763 * @return A {@link UserSwitchabilityResult} flag indicating if the user is switchable. 2764 * @hide 2765 */ 2766 @SystemApi 2767 @RequiresPermission(anyOf = {android.Manifest.permission.MANAGE_USERS, 2768 android.Manifest.permission.INTERACT_ACROSS_USERS}) 2769 @UserHandleAware(enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU) getUserSwitchability()2770 public @UserSwitchabilityResult int getUserSwitchability() { 2771 return getUserSwitchability(UserHandle.of(getContextUserIfAppropriate())); 2772 } 2773 2774 /** 2775 * Returns whether switching users is currently allowed for the provided user. 2776 * <p> 2777 * Switching users is not allowed in the following cases: 2778 * <li>the user is in a phone call</li> 2779 * <li>{@link #DISALLOW_USER_SWITCH} is set</li> 2780 * <li>system user hasn't been unlocked yet</li> 2781 * 2782 * @return A {@link UserSwitchabilityResult} flag indicating if the user is switchable. 2783 * @hide 2784 */ 2785 @RequiresPermission(anyOf = {android.Manifest.permission.MANAGE_USERS, 2786 android.Manifest.permission.INTERACT_ACROSS_USERS}) getUserSwitchability(UserHandle userHandle)2787 public @UserSwitchabilityResult int getUserSwitchability(UserHandle userHandle) { 2788 try { 2789 return mService.getUserSwitchability(userHandle.getIdentifier()); 2790 } catch (RemoteException re) { 2791 throw re.rethrowFromSystemServer(); 2792 } 2793 } 2794 2795 /** 2796 * Returns whether logging out is currently allowed for the specified user. 2797 * 2798 * <p>Logging out is not allowed in the following cases: 2799 * <ol> 2800 * <li>the user is system user 2801 * <li>there is no suitable user to logout to (if no interactive system user) 2802 * <li>the user is in a phone call 2803 * <li>{@link #DISALLOW_USER_SWITCH} is set 2804 * <li>system user hasn't been unlocked yet 2805 * </ol> 2806 * 2807 * @return A {@link UserLogoutability} flag indicating if the user can logout, 2808 * one of {@link #LOGOUTABILITY_STATUS_OK}, 2809 * {@link #LOGOUTABILITY_STATUS_CANNOT_LOGOUT_SYSTEM_USER}, 2810 * {@link #LOGOUTABILITY_STATUS_NO_SUITABLE_USER_TO_LOGOUT_TO}, 2811 * {@link #LOGOUTABILITY_STATUS_CANNOT_SWITCH}. 2812 * @hide 2813 */ 2814 @RequiresPermission(Manifest.permission.MANAGE_USERS) getUserLogoutability(@serIdInt int userId)2815 public @UserLogoutability int getUserLogoutability(@UserIdInt int userId) { 2816 try { 2817 return mService.getUserLogoutability(userId); 2818 } catch (RemoteException re) { 2819 throw re.rethrowFromSystemServer(); 2820 } 2821 } 2822 2823 /** 2824 * Returns the userId for the context user. 2825 * 2826 * @return the userId of the context user. 2827 * 2828 * @deprecated To get the <em>calling</em> user, use {@link UserHandle#myUserId()}. 2829 * To get the <em>context</em> user, get it directly from the context. 2830 * 2831 * @hide 2832 */ 2833 @Deprecated 2834 @UnsupportedAppUsage 2835 @UserHandleAware(enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU) 2836 // *** Do NOT use this in UserManager. Instead always use mUserId. *** getUserHandle()2837 public @UserIdInt int getUserHandle() { 2838 return getContextUserIfAppropriate(); 2839 } 2840 2841 /** 2842 * Returns the userId for the user that this process is running under 2843 * (<em>not</em> the context user). 2844 * 2845 * @return the userId of <em>this process</em>. 2846 * 2847 * @deprecated Use {@link UserHandle#myUserId()} 2848 * @hide 2849 */ 2850 @Deprecated 2851 // NOT @UserHandleAware getProcessUserId()2852 public @UserIdInt int getProcessUserId() { 2853 return UserHandle.myUserId(); 2854 } 2855 2856 /** 2857 * @return the user type of the context user. 2858 * @hide 2859 */ 2860 @TestApi 2861 @RequiresPermission(anyOf = { 2862 android.Manifest.permission.MANAGE_USERS, 2863 android.Manifest.permission.CREATE_USERS, 2864 android.Manifest.permission.QUERY_USERS}) 2865 @UserHandleAware getUserType()2866 public @NonNull String getUserType() { 2867 UserInfo userInfo = getUserInfo(mUserId); 2868 return userInfo == null ? "" : userInfo.userType; 2869 } 2870 2871 /** 2872 * Returns the user name of the context user. This call is only available to applications on 2873 * the system image. 2874 * 2875 * @return the user name 2876 */ 2877 @RequiresPermission(anyOf = { 2878 android.Manifest.permission.MANAGE_USERS, 2879 android.Manifest.permission.CREATE_USERS, 2880 android.Manifest.permission.QUERY_USERS, 2881 android.Manifest.permission.GET_ACCOUNTS_PRIVILEGED}) 2882 2883 @UserHandleAware( 2884 requiresAnyOfPermissionsIfNotCaller = { 2885 android.Manifest.permission.MANAGE_USERS, 2886 android.Manifest.permission.CREATE_USERS, 2887 android.Manifest.permission.QUERY_USERS}) getUserName()2888 public @NonNull String getUserName() { 2889 if (UserHandle.myUserId() == mUserId) { 2890 try { 2891 return mService.getUserName(); 2892 } catch (RemoteException re) { 2893 throw re.rethrowFromSystemServer(); 2894 } 2895 } else { 2896 UserInfo userInfo = getUserInfo(mUserId); 2897 if (userInfo != null && userInfo.name != null) { 2898 return userInfo.name; 2899 } 2900 return ""; 2901 } 2902 } 2903 2904 /** 2905 * Returns whether user name has been set. 2906 * <p>This method can be used to check that the value returned by {@link #getUserName()} was 2907 * set by the user and is not a placeholder string provided by the system. 2908 * @hide 2909 */ 2910 @SystemApi 2911 @RequiresPermission(anyOf = { 2912 android.Manifest.permission.MANAGE_USERS, 2913 android.Manifest.permission.CREATE_USERS, 2914 android.Manifest.permission.QUERY_USERS, 2915 android.Manifest.permission.GET_ACCOUNTS_PRIVILEGED}) 2916 @UserHandleAware( 2917 enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU, 2918 requiresAnyOfPermissionsIfNotCaller = { 2919 android.Manifest.permission.MANAGE_USERS, 2920 android.Manifest.permission.CREATE_USERS, 2921 android.Manifest.permission.QUERY_USERS}) isUserNameSet()2922 public boolean isUserNameSet() { 2923 try { 2924 return mService.isUserNameSet(getContextUserIfAppropriate()); 2925 } catch (RemoteException re) { 2926 throw re.rethrowFromSystemServer(); 2927 } 2928 } 2929 2930 /** 2931 * Used to determine whether the user making this call is subject to 2932 * teleportations. 2933 * 2934 * <p>As of {@link android.os.Build.VERSION_CODES#LOLLIPOP}, this method can 2935 * now automatically identify goats using advanced goat recognition technology.</p> 2936 * 2937 * <p>As of {@link android.os.Build.VERSION_CODES#R}, this method always returns 2938 * {@code false} in order to protect goat privacy.</p> 2939 * 2940 * @return Returns whether the user making this call is a goat. 2941 */ 2942 @UserHandleAware(enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU) isUserAGoat()2943 public boolean isUserAGoat() { 2944 if (mContext.getApplicationInfo().targetSdkVersion >= Build.VERSION_CODES.R) { 2945 return false; 2946 } 2947 // Caution: This is NOT @UserHandleAware (because mContext is getApplicationContext and 2948 // can hold a different userId), but for R+ it returns false, so it doesn't matter anyway. 2949 return mContext.getPackageManager() 2950 .isPackageAvailable("com.coffeestainstudios.goatsimulator"); 2951 } 2952 2953 /** 2954 * Used to check if the context user is the primary user. The primary user is the first human 2955 * user on a device. This is not supported in headless system user mode. 2956 * 2957 * @return whether the context user is the primary user. 2958 * 2959 * @deprecated This method always returns true for the system user, who may not be a full user 2960 * if {@link #isHeadlessSystemUserMode} is true. Use {@link #isSystemUser}, {@link #isAdminUser} 2961 * or {@link #isMainUser} instead. 2962 * 2963 * @hide 2964 */ 2965 @Deprecated 2966 @SystemApi 2967 @RequiresPermission(anyOf = { 2968 Manifest.permission.MANAGE_USERS, 2969 Manifest.permission.CREATE_USERS, 2970 Manifest.permission.QUERY_USERS}) 2971 @UserHandleAware(enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU) isPrimaryUser()2972 public boolean isPrimaryUser() { 2973 final UserInfo user = getUserInfo(getContextUserIfAppropriate()); 2974 return user != null && user.isPrimary(); 2975 } 2976 2977 /** 2978 * Used to check if the context user is the system user. The system user 2979 * is the initial user that is implicitly created on first boot and hosts most of the 2980 * system services. 2981 * 2982 * @return whether the context user is the system user. 2983 */ 2984 @UserHandleAware(enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU) isSystemUser()2985 public boolean isSystemUser() { 2986 return getContextUserIfAppropriate() == UserHandle.USER_SYSTEM; 2987 } 2988 2989 /** 2990 * Returns {@code true} if the context user is the designated "main user" of the device. This 2991 * user may have access to certain features which are limited to at most one user. There will 2992 * never be more than one main user on a device. 2993 * 2994 * <p>Currently, on most form factors the first human user on the device will be the main user; 2995 * in the future, the concept may be transferable, so a different user (or even no user at all) 2996 * may be designated the main user instead. On other form factors there might not be a main 2997 * user. In the future, the concept may be removed, i.e. typical future devices may have no main 2998 * user. 2999 * 3000 * <p>Note that this will not be the system user on devices for which 3001 * {@link #isHeadlessSystemUserMode()} returns true. 3002 * 3003 * <p>NB: Features should ideally not limit functionality to the main user. Ideally, they 3004 * should either work for all users or for all admin users. If a feature should only work for 3005 * select users, its determination of which user should be done intelligently or be 3006 * customizable. Not all devices support a main user, and the idea of singling out one user as 3007 * special is contrary to overall multiuser goals. 3008 * 3009 * @hide 3010 */ 3011 @SystemApi 3012 @RequiresPermission(anyOf = { 3013 Manifest.permission.MANAGE_USERS, 3014 Manifest.permission.CREATE_USERS, 3015 Manifest.permission.QUERY_USERS}) 3016 @UserHandleAware isMainUser()3017 public boolean isMainUser() { 3018 final UserInfo user = getUserInfo(mUserId); 3019 return user != null && user.isMain(); 3020 } 3021 3022 /** 3023 * Returns the designated "main user" of the device, or {@code null} if there is no main user. 3024 * 3025 * <p>NB: Features should ideally not limit functionality to the main user. Ideally, they 3026 * should either work for all users or for all admin users. If a feature should only work for 3027 * select users, its determination of which user should be done intelligently or be 3028 * customizable. Not all devices support a main user, and the idea of singling out one user as 3029 * special is contrary to overall multiuser goals. 3030 * 3031 * @see #isMainUser() 3032 * @hide 3033 */ 3034 @SystemApi 3035 @RequiresPermission(anyOf = { 3036 Manifest.permission.MANAGE_USERS, 3037 Manifest.permission.CREATE_USERS, 3038 Manifest.permission.QUERY_USERS}) getMainUser()3039 public @Nullable UserHandle getMainUser() { 3040 try { 3041 final int mainUserId = mService.getMainUserId(); 3042 if (mainUserId == UserHandle.USER_NULL) { 3043 return null; 3044 } 3045 return UserHandle.of(mainUserId); 3046 } catch (RemoteException re) { 3047 throw re.rethrowFromSystemServer(); 3048 } 3049 } 3050 /** 3051 * Returns the designated "communal profile" of the device, or {@code null} if there is none. 3052 * @hide 3053 */ 3054 @FlaggedApi(android.multiuser.Flags.FLAG_SUPPORT_COMMUNAL_PROFILE) 3055 @TestApi 3056 @RequiresPermission(anyOf = { 3057 Manifest.permission.MANAGE_USERS, 3058 Manifest.permission.CREATE_USERS, 3059 Manifest.permission.QUERY_USERS}) getCommunalProfile()3060 public @Nullable UserHandle getCommunalProfile() { 3061 try { 3062 final int userId = mService.getCommunalProfileId(); 3063 if (userId == UserHandle.USER_NULL) { 3064 return null; 3065 } 3066 return UserHandle.of(userId); 3067 } catch (RemoteException re) { 3068 throw re.rethrowFromSystemServer(); 3069 } 3070 } 3071 3072 /** 3073 * Checks if the context user is running in a communal profile. 3074 * 3075 * A communal profile is a {@link #isProfile() profile}, but instead of being associated with a 3076 * particular parent user, it is communal to the device. 3077 * 3078 * @return whether the context user is a communal profile. 3079 */ 3080 @FlaggedApi(android.multiuser.Flags.FLAG_SUPPORT_COMMUNAL_PROFILE) 3081 @UserHandleAware( 3082 requiresAnyOfPermissionsIfNotCallerProfileGroup = { 3083 android.Manifest.permission.MANAGE_USERS, 3084 android.Manifest.permission.QUERY_USERS, 3085 android.Manifest.permission.INTERACT_ACROSS_USERS}) isCommunalProfile()3086 public boolean isCommunalProfile() { 3087 return isCommunalProfile(mUserId); 3088 } 3089 3090 /** 3091 * Returns {@code true} if the given user is the designated "communal profile" of the device. 3092 * @hide 3093 */ 3094 @RequiresPermission(anyOf = { 3095 android.Manifest.permission.MANAGE_USERS, 3096 android.Manifest.permission.QUERY_USERS, 3097 android.Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true) isCommunalProfile(@serIdInt int userId)3098 private boolean isCommunalProfile(@UserIdInt int userId) { 3099 return isUserTypeCommunalProfile(getProfileType(userId)); 3100 } 3101 3102 /** 3103 * Used to check if the context user is an admin user. An admin user may be allowed to 3104 * modify or configure certain settings that aren't available to non-admin users, 3105 * create and delete additional users, etc. There can be more than one admin users. 3106 * 3107 * @return whether the context user is an admin user. 3108 */ 3109 @UserHandleAware( 3110 enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU, 3111 requiresAnyOfPermissionsIfNotCallerProfileGroup = { 3112 Manifest.permission.MANAGE_USERS, 3113 Manifest.permission.CREATE_USERS, 3114 Manifest.permission.QUERY_USERS}) isAdminUser()3115 public boolean isAdminUser() { 3116 try { 3117 return mService.isAdminUser(getContextUserIfAppropriate()); 3118 } catch (RemoteException re) { 3119 throw re.rethrowFromSystemServer(); 3120 } 3121 } 3122 3123 /** 3124 * @hide 3125 * Returns whether the provided user is an admin user. There can be more than one admin 3126 * user. 3127 */ 3128 @UnsupportedAppUsage 3129 @RequiresPermission(anyOf = { 3130 Manifest.permission.MANAGE_USERS, 3131 Manifest.permission.CREATE_USERS, 3132 Manifest.permission.QUERY_USERS}) isUserAdmin(@serIdInt int userId)3133 public boolean isUserAdmin(@UserIdInt int userId) { 3134 UserInfo user = getUserInfo(userId); 3135 return user != null && user.isAdmin(); 3136 } 3137 3138 /** 3139 * Used to check if the user currently running in the <b>foreground</b> is an 3140 * {@link #isAdminUser() admin} user. 3141 * 3142 * @return whether the foreground user is an admin user. 3143 * @see #isAdminUser() 3144 * @see #isUserForeground() 3145 */ 3146 @FlaggedApi(android.multiuser.Flags.FLAG_SUPPORT_COMMUNAL_PROFILE_NEXTGEN) isForegroundUserAdmin()3147 public boolean isForegroundUserAdmin() { 3148 try { 3149 return mService.isForegroundUserAdmin(); 3150 } catch (RemoteException re) { 3151 throw re.rethrowFromSystemServer(); 3152 } 3153 } 3154 3155 /** 3156 * Returns whether the context user is of the given user type. 3157 * 3158 * @param userType the name of the user's user type, e.g. 3159 * {@link UserManager#USER_TYPE_PROFILE_MANAGED}. 3160 * @return true if the user is of the given user type. 3161 * @hide 3162 */ 3163 @SystemApi 3164 @RequiresPermission(anyOf = { 3165 android.Manifest.permission.MANAGE_USERS, 3166 android.Manifest.permission.CREATE_USERS, 3167 android.Manifest.permission.QUERY_USERS}) 3168 @UserHandleAware isUserOfType(@onNull String userType)3169 public boolean isUserOfType(@NonNull String userType) { 3170 try { 3171 return mService.isUserOfType(mUserId, userType); 3172 } catch (RemoteException re) { 3173 throw re.rethrowFromSystemServer(); 3174 } 3175 } 3176 3177 /** 3178 * Returns whether the user type is a 3179 * {@link UserManager#USER_TYPE_PROFILE_MANAGED managed profile}. 3180 * @hide 3181 */ 3182 @android.ravenwood.annotation.RavenwoodKeep isUserTypeManagedProfile(@ullable String userType)3183 public static boolean isUserTypeManagedProfile(@Nullable String userType) { 3184 return USER_TYPE_PROFILE_MANAGED.equals(userType); 3185 } 3186 3187 /** 3188 * Returns whether the user type is a {@link UserManager#USER_TYPE_FULL_GUEST guest user}. 3189 * @hide 3190 */ 3191 @android.ravenwood.annotation.RavenwoodKeep isUserTypeGuest(@ullable String userType)3192 public static boolean isUserTypeGuest(@Nullable String userType) { 3193 return USER_TYPE_FULL_GUEST.equals(userType); 3194 } 3195 3196 /** 3197 * Returns whether the user type is a 3198 * {@link UserManager#USER_TYPE_FULL_RESTRICTED restricted user}. 3199 * @hide 3200 */ 3201 @android.ravenwood.annotation.RavenwoodKeep isUserTypeRestricted(@ullable String userType)3202 public static boolean isUserTypeRestricted(@Nullable String userType) { 3203 return USER_TYPE_FULL_RESTRICTED.equals(userType); 3204 } 3205 3206 /** 3207 * Returns whether the user type is a {@link UserManager#USER_TYPE_FULL_DEMO demo user}. 3208 * @hide 3209 */ 3210 @android.ravenwood.annotation.RavenwoodKeep isUserTypeDemo(@ullable String userType)3211 public static boolean isUserTypeDemo(@Nullable String userType) { 3212 return USER_TYPE_FULL_DEMO.equals(userType); 3213 } 3214 3215 /** 3216 * Returns whether the user type is a {@link UserManager#USER_TYPE_PROFILE_CLONE clone user}. 3217 * @hide 3218 */ 3219 @android.ravenwood.annotation.RavenwoodKeep isUserTypeCloneProfile(@ullable String userType)3220 public static boolean isUserTypeCloneProfile(@Nullable String userType) { 3221 return USER_TYPE_PROFILE_CLONE.equals(userType); 3222 } 3223 3224 /** 3225 * Returns whether the user type is a 3226 * {@link UserManager#USER_TYPE_PROFILE_COMMUNAL communal profile}. 3227 * @hide 3228 */ 3229 @android.ravenwood.annotation.RavenwoodKeep isUserTypeCommunalProfile(@ullable String userType)3230 public static boolean isUserTypeCommunalProfile(@Nullable String userType) { 3231 return USER_TYPE_PROFILE_COMMUNAL.equals(userType); 3232 } 3233 3234 /** 3235 * Returns whether the user type is a 3236 * {@link UserManager#USER_TYPE_PROFILE_PRIVATE private profile}. 3237 * 3238 * @hide 3239 */ 3240 @android.ravenwood.annotation.RavenwoodKeep isUserTypePrivateProfile(@ullable String userType)3241 public static boolean isUserTypePrivateProfile(@Nullable String userType) { 3242 return USER_TYPE_PROFILE_PRIVATE.equals(userType); 3243 } 3244 3245 /** 3246 * Returns whether the user type is a 3247 * {@link UserManager#USER_TYPE_PROFILE_SUPERVISING supervising profile}. 3248 * 3249 * @hide 3250 */ 3251 @FlaggedApi(android.multiuser.Flags.FLAG_ALLOW_SUPERVISING_PROFILE) 3252 @android.ravenwood.annotation.RavenwoodKeep isUserTypeSupervisingProfile(@ullable String userType)3253 public static boolean isUserTypeSupervisingProfile(@Nullable String userType) { 3254 return USER_TYPE_PROFILE_SUPERVISING.equals(userType); 3255 } 3256 3257 /** 3258 * @hide 3259 * @deprecated Use {@link #isRestrictedProfile()} 3260 */ 3261 @UnsupportedAppUsage 3262 @Deprecated 3263 @UserHandleAware( 3264 enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU, 3265 requiresAnyOfPermissionsIfNotCaller = { 3266 android.Manifest.permission.MANAGE_USERS, 3267 android.Manifest.permission.CREATE_USERS, 3268 android.Manifest.permission.QUERY_USERS} 3269 ) isLinkedUser()3270 public boolean isLinkedUser() { 3271 return isRestrictedProfile(); 3272 } 3273 3274 /** 3275 * Used to check if the context user is a restricted profile. Restricted profiles 3276 * may have a reduced number of available apps, app restrictions, and account restrictions. 3277 * 3278 * <p>The caller must be in the same profile group as the context user or else hold 3279 * <li>{@link android.Manifest.permission#MANAGE_USERS}, 3280 * <li>or {@link android.Manifest.permission#CREATE_USERS}, 3281 * <li>or, for devices after {@link android.os.Build.VERSION_CODES#UPSIDE_DOWN_CAKE}, 3282 * {@link android.Manifest.permission#QUERY_USERS}. 3283 * 3284 * @return whether the context user is a restricted profile. 3285 * @hide 3286 */ 3287 @SystemApi 3288 @UserHandleAware( 3289 enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU, 3290 requiresAnyOfPermissionsIfNotCaller = { 3291 android.Manifest.permission.MANAGE_USERS, 3292 android.Manifest.permission.CREATE_USERS, 3293 android.Manifest.permission.QUERY_USERS} 3294 ) isRestrictedProfile()3295 public boolean isRestrictedProfile() { 3296 try { 3297 return mService.isRestricted(getContextUserIfAppropriate()); 3298 } catch (RemoteException re) { 3299 throw re.rethrowFromSystemServer(); 3300 } 3301 } 3302 3303 /** 3304 * Check if a user is a restricted profile. Restricted profiles may have a reduced number of 3305 * available apps, app restrictions, and account restrictions. 3306 * 3307 * <p>Requires 3308 * <li>{@link android.Manifest.permission#MANAGE_USERS}, 3309 * <li>or {@link android.Manifest.permission#CREATE_USERS}, 3310 * <li>or, for devices after {@link android.os.Build.VERSION_CODES#UPSIDE_DOWN_CAKE}, 3311 * {@link android.Manifest.permission#QUERY_USERS}. 3312 * 3313 * @param user the user to check 3314 * @return whether the user is a restricted profile. 3315 * @hide 3316 */ 3317 @SystemApi 3318 @RequiresPermission(anyOf = { 3319 Manifest.permission.MANAGE_USERS, 3320 Manifest.permission.CREATE_USERS, 3321 Manifest.permission.QUERY_USERS}, 3322 conditional = true) isRestrictedProfile(@onNull UserHandle user)3323 public boolean isRestrictedProfile(@NonNull UserHandle user) { 3324 try { 3325 return mService.isRestricted(user.getIdentifier()); 3326 } catch (RemoteException re) { 3327 throw re.rethrowFromSystemServer(); 3328 } 3329 } 3330 3331 /** 3332 * Checks if the context user can have a restricted profile. 3333 * @return whether the context user can have a restricted profile. 3334 * @hide 3335 */ 3336 @SystemApi 3337 @RequiresPermission(android.Manifest.permission.MANAGE_USERS) 3338 @UserHandleAware canHaveRestrictedProfile()3339 public boolean canHaveRestrictedProfile() { 3340 try { 3341 return mService.canHaveRestrictedProfile(mUserId); 3342 } catch (RemoteException re) { 3343 throw re.rethrowFromSystemServer(); 3344 } 3345 } 3346 3347 /** 3348 * Checks if it's possible to add a private profile to the context user 3349 * @return whether the context user can add a private profile. 3350 * @hide 3351 */ 3352 @TestApi 3353 @FlaggedApi(android.os.Flags.FLAG_ALLOW_PRIVATE_PROFILE) 3354 @RequiresPermission(anyOf = { 3355 Manifest.permission.MANAGE_USERS, 3356 Manifest.permission.CREATE_USERS}) 3357 @UserHandleAware canAddPrivateProfile()3358 public boolean canAddPrivateProfile() { 3359 if (!android.multiuser.Flags.enablePrivateSpaceFeatures()) return false; 3360 if (android.multiuser.Flags.blockPrivateSpaceCreation()) { 3361 try { 3362 return mService.canAddPrivateProfile(mUserId); 3363 } catch (RemoteException re) { 3364 throw re.rethrowFromSystemServer(); 3365 } 3366 } 3367 return true; 3368 } 3369 3370 /** 3371 * Returns whether the context user has at least one restricted profile associated with it. 3372 * @return whether the user has a restricted profile associated with it 3373 * @hide 3374 */ 3375 @SystemApi 3376 @RequiresPermission(android.Manifest.permission.MANAGE_USERS) 3377 @UserHandleAware(enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU) hasRestrictedProfiles()3378 public boolean hasRestrictedProfiles() { 3379 try { 3380 return mService.hasRestrictedProfiles(getContextUserIfAppropriate()); 3381 } catch (RemoteException re) { 3382 throw re.rethrowFromSystemServer(); 3383 } 3384 } 3385 3386 /** 3387 * Get the parent of a restricted profile. 3388 * 3389 * @return the parent of the user or {@code null} if the user is not restricted profile 3390 * @hide 3391 */ 3392 @SystemApi 3393 @RequiresPermission(anyOf = { 3394 Manifest.permission.MANAGE_USERS, 3395 Manifest.permission.CREATE_USERS, 3396 Manifest.permission.QUERY_USERS}) 3397 @UserHandleAware getRestrictedProfileParent()3398 public @Nullable UserHandle getRestrictedProfileParent() { 3399 final UserInfo info = getUserInfo(mUserId); 3400 if (info == null) return null; 3401 if (!info.isRestricted()) return null; 3402 final int parent = info.restrictedProfileParentId; 3403 if (parent == UserHandle.USER_NULL) return null; 3404 return UserHandle.of(parent); 3405 } 3406 3407 /** 3408 * Checks if a user is a guest user. 3409 * @return whether user is a guest user. 3410 * @hide 3411 */ 3412 @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553) 3413 @RequiresPermission(anyOf = { 3414 Manifest.permission.MANAGE_USERS, 3415 Manifest.permission.CREATE_USERS, 3416 Manifest.permission.QUERY_USERS}) isGuestUser(@serIdInt int userId)3417 public boolean isGuestUser(@UserIdInt int userId) { 3418 UserInfo user = getUserInfo(userId); 3419 return user != null && user.isGuest(); 3420 } 3421 3422 /** 3423 * Used to check if the context user is a guest user. A guest user may be transient. 3424 * 3425 * @return whether the context user is a guest user. 3426 * @hide 3427 */ 3428 @SystemApi 3429 @RequiresPermission(anyOf = { 3430 Manifest.permission.MANAGE_USERS, 3431 Manifest.permission.CREATE_USERS, 3432 Manifest.permission.QUERY_USERS}) 3433 @UserHandleAware(enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU) isGuestUser()3434 public boolean isGuestUser() { 3435 UserInfo user = getUserInfo(getContextUserIfAppropriate()); 3436 return user != null && user.isGuest(); 3437 } 3438 3439 3440 /** 3441 * Checks if the context user is a demo user. When running in a demo user, 3442 * apps can be more helpful to the user, or explain their features in more detail. 3443 * 3444 * @return whether the context user is a demo user. 3445 */ 3446 @UserHandleAware( 3447 enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU, 3448 requiresPermissionIfNotCaller = android.Manifest.permission.MANAGE_USERS 3449 ) isDemoUser()3450 public boolean isDemoUser() { 3451 try { 3452 return mService.isDemoUser(getContextUserIfAppropriate()); 3453 } catch (RemoteException re) { 3454 throw re.rethrowFromSystemServer(); 3455 } 3456 } 3457 3458 /** 3459 * Checks if the context user is running in a profile. A profile is a user that 3460 * typically has its own separate data but shares its UI with some parent user. For example, a 3461 * {@link #isManagedProfile() managed profile} is a type of profile. 3462 * 3463 * @return whether the context user is in a profile. 3464 */ 3465 @UserHandleAware( 3466 requiresAnyOfPermissionsIfNotCallerProfileGroup = { 3467 android.Manifest.permission.MANAGE_USERS, 3468 android.Manifest.permission.QUERY_USERS, 3469 android.Manifest.permission.INTERACT_ACROSS_USERS}) isProfile()3470 public boolean isProfile() { 3471 return isProfile(mUserId); 3472 } 3473 3474 /** 3475 * Returns whether the specified user is a profile. 3476 * @hide 3477 */ isProfile(@serIdInt int userId)3478 public boolean isProfile(@UserIdInt int userId) { 3479 final String profileType = getProfileType(userId); 3480 return profileType != null && !profileType.equals(""); 3481 } 3482 3483 /** 3484 * Returns the user type of the context user if it is a profile. 3485 * 3486 * This is a more specific form of {@link #getUserType()} with relaxed permission requirements. 3487 * 3488 * @return the user type of the context user if it is a {@link #isProfile() profile}, 3489 * an empty string if it is not a profile, 3490 * or null if the user doesn't exist. 3491 */ 3492 @UserHandleAware( 3493 requiresAnyOfPermissionsIfNotCallerProfileGroup = { 3494 android.Manifest.permission.MANAGE_USERS, 3495 android.Manifest.permission.QUERY_USERS, 3496 android.Manifest.permission.INTERACT_ACROSS_USERS}) getProfileType()3497 private @Nullable String getProfileType() { 3498 return getProfileType(mUserId); 3499 } 3500 3501 /** @see #getProfileType() */ getProfileType(@serIdInt int userId)3502 private @Nullable String getProfileType(@UserIdInt int userId) { 3503 // First, the typical case (i.e. the *process* user, not necessarily the context user). 3504 // This cache cannot be become invalidated since it's about the calling process itself. 3505 if (userId == UserHandle.myUserId()) { 3506 // No need for synchronization. Once it becomes non-null, it'll be non-null forever. 3507 // Worst case we might end up calling the AIDL method multiple times but that's fine. 3508 if (mProfileTypeOfProcessUser != null) { 3509 return mProfileTypeOfProcessUser; 3510 } 3511 try { 3512 final String profileType = mService.getProfileType(userId); 3513 if (profileType != null) { 3514 return mProfileTypeOfProcessUser = profileType.intern(); 3515 } 3516 } catch (RemoteException re) { 3517 throw re.rethrowFromSystemServer(); 3518 } 3519 } 3520 3521 // The userId is not for the process's user. Use a slower cache that handles invalidation. 3522 return mProfileTypeCache.query(userId); 3523 } 3524 3525 /** 3526 * Checks if the context user is a managed profile. 3527 * 3528 * Note that this applies specifically to <em>managed</em> profiles. For profiles in general, 3529 * use {@link #isProfile()} instead. 3530 * 3531 * @return whether the context user is a managed profile. 3532 */ 3533 @UserHandleAware( 3534 enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU, 3535 requiresAnyOfPermissionsIfNotCallerProfileGroup = { 3536 android.Manifest.permission.MANAGE_USERS, 3537 android.Manifest.permission.QUERY_USERS, 3538 android.Manifest.permission.INTERACT_ACROSS_USERS}) isManagedProfile()3539 public boolean isManagedProfile() { 3540 return isManagedProfile(getContextUserIfAppropriate()); 3541 } 3542 3543 /** 3544 * Checks if the specified user is a managed profile. 3545 * Requires {@link android.Manifest.permission#MANAGE_USERS} or 3546 * {@link android.Manifest.permission#INTERACT_ACROSS_USERS} or 3547 * {@link android.Manifest.permission#QUERY_USERS} permission, otherwise the caller 3548 * must be in the same profile group of specified user. 3549 * 3550 * Note that this applies specifically to <em>managed</em> profiles. For profiles in general, 3551 * use {@link #isProfile()} instead. 3552 * 3553 * @return whether the specified user is a managed profile. 3554 * @hide 3555 */ 3556 @SystemApi 3557 @RequiresPermission(anyOf = { 3558 android.Manifest.permission.MANAGE_USERS, 3559 android.Manifest.permission.QUERY_USERS, 3560 android.Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true) isManagedProfile(@serIdInt int userId)3561 public boolean isManagedProfile(@UserIdInt int userId) { 3562 return isUserTypeManagedProfile(getProfileType(userId)); 3563 } 3564 3565 /** 3566 * Checks if the context user is a clone profile. 3567 * 3568 * @return whether the context user is a clone profile. 3569 * 3570 * @see android.os.UserManager#USER_TYPE_PROFILE_CLONE 3571 * @hide 3572 */ 3573 @SystemApi 3574 @UserHandleAware( 3575 requiresAnyOfPermissionsIfNotCallerProfileGroup = { 3576 android.Manifest.permission.MANAGE_USERS, 3577 android.Manifest.permission.QUERY_USERS, 3578 android.Manifest.permission.INTERACT_ACROSS_USERS}) 3579 @SuppressAutoDoc isCloneProfile()3580 public boolean isCloneProfile() { 3581 return isUserTypeCloneProfile(getProfileType()); 3582 } 3583 3584 /** 3585 * Checks if the context user is a private profile. 3586 * 3587 * <p>A Private profile is a separate {@link #isProfile() profile} that can be used to store 3588 * sensitive apps and data, which can be hidden or revealed at the user's discretion. 3589 * 3590 * @return whether the context user is a private profile. 3591 * 3592 * @hide 3593 */ 3594 @SystemApi 3595 @FlaggedApi(android.os.Flags.FLAG_ALLOW_PRIVATE_PROFILE) 3596 @UserHandleAware( 3597 requiresAnyOfPermissionsIfNotCallerProfileGroup = { 3598 android.Manifest.permission.MANAGE_USERS, 3599 android.Manifest.permission.QUERY_USERS, 3600 android.Manifest.permission.INTERACT_ACROSS_USERS}) 3601 @SuppressAutoDoc isPrivateProfile()3602 public boolean isPrivateProfile() { 3603 return isUserTypePrivateProfile(getProfileType()); 3604 } 3605 3606 /** 3607 * Checks if the context user is an ephemeral user. 3608 * 3609 * @return whether the context user is an ephemeral user. 3610 * @hide 3611 */ 3612 @RequiresPermission(anyOf = { 3613 Manifest.permission.MANAGE_USERS, 3614 Manifest.permission.CREATE_USERS, 3615 Manifest.permission.QUERY_USERS}) 3616 @UserHandleAware isEphemeralUser()3617 public boolean isEphemeralUser() { 3618 return isUserEphemeral(mUserId); 3619 } 3620 3621 /** 3622 * Returns whether the specified user is ephemeral. 3623 * @hide 3624 */ 3625 @RequiresPermission(anyOf = { 3626 Manifest.permission.MANAGE_USERS, 3627 Manifest.permission.CREATE_USERS, 3628 Manifest.permission.QUERY_USERS}) isUserEphemeral(@serIdInt int userId)3629 public boolean isUserEphemeral(@UserIdInt int userId) { 3630 final UserInfo user = getUserInfo(userId); 3631 return user != null && user.isEphemeral(); 3632 } 3633 3634 /** 3635 * Return whether the given user is actively running. This means that 3636 * the user is in the "started" state, not "stopped" -- it is currently 3637 * allowed to run code through scheduled alarms, receiving broadcasts, 3638 * etc. A started user may be either the current foreground user or a 3639 * background user; the result here does not distinguish between the two. 3640 * 3641 * <p>Note prior to Android Nougat MR1 (SDK version <= 24; 3642 * {@link android.os.Build.VERSION_CODES#N}, this API required a system permission 3643 * in order to check other profile's status. 3644 * Since Android Nougat MR1 (SDK version >= 25; 3645 * {@link android.os.Build.VERSION_CODES#N_MR1}), the restriction has been relaxed, and now 3646 * it'll accept any {@link android.os.UserHandle} within the same profile group as the caller. 3647 * 3648 * @param user The user to retrieve the running state for. 3649 */ 3650 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 3651 Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true) isUserRunning(UserHandle user)3652 public boolean isUserRunning(UserHandle user) { 3653 return isUserRunning(user.getIdentifier()); 3654 } 3655 3656 /** @hide */ 3657 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 3658 Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true) isUserRunning(@serIdInt int userId)3659 public boolean isUserRunning(@UserIdInt int userId) { 3660 try { 3661 return mService.isUserRunning(userId); 3662 } catch (RemoteException re) { 3663 throw re.rethrowFromSystemServer(); 3664 } 3665 } 3666 3667 /** 3668 * Return whether the given user is actively running <em>or</em> stopping. 3669 * This is like {@link #isUserRunning(UserHandle)}, but will also return 3670 * true if the user had been running but is in the process of being stopped 3671 * (but is not yet fully stopped, and still running some code). 3672 * 3673 * <p>Note prior to Android Nougat MR1 (SDK version <= 24; 3674 * {@link android.os.Build.VERSION_CODES#N}, this API required a system permission 3675 * in order to check other profile's status. 3676 * Since Android Nougat MR1 (SDK version >= 25; 3677 * {@link android.os.Build.VERSION_CODES#N_MR1}), the restriction has been relaxed, and now 3678 * it'll accept any {@link android.os.UserHandle} within the same profile group as the caller. 3679 * 3680 * @param user The user to retrieve the running state for. 3681 */ 3682 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 3683 Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true) isUserRunningOrStopping(UserHandle user)3684 public boolean isUserRunningOrStopping(UserHandle user) { 3685 try { 3686 // TODO: reconcile stopped vs stopping? 3687 return ActivityManager.getService().isUserRunning( 3688 user.getIdentifier(), ActivityManager.FLAG_OR_STOPPED); 3689 } catch (RemoteException re) { 3690 throw re.rethrowFromSystemServer(); 3691 } 3692 } 3693 3694 /** 3695 * Checks if the context user is running in the foreground. 3696 * 3697 * @return whether the context user is running in the foreground. 3698 */ 3699 @UserHandleAware( 3700 requiresAnyOfPermissionsIfNotCaller = { 3701 android.Manifest.permission.MANAGE_USERS, 3702 android.Manifest.permission.INTERACT_ACROSS_USERS}) isUserForeground()3703 public boolean isUserForeground() { 3704 try { 3705 return mService.isUserForeground(mUserId); 3706 } catch (RemoteException re) { 3707 throw re.rethrowFromSystemServer(); 3708 } 3709 } 3710 3711 /** 3712 * @see #isVisibleBackgroundUsersSupported() 3713 * @hide 3714 */ isVisibleBackgroundUsersEnabled()3715 public static boolean isVisibleBackgroundUsersEnabled() { 3716 return SystemProperties.getBoolean("fw.visible_bg_users", 3717 Resources.getSystem() 3718 .getBoolean(R.bool.config_multiuserVisibleBackgroundUsers)); 3719 } 3720 3721 /** 3722 * Returns whether the device allows full users to be started in background visible in a given 3723 * display (which would allow them to launch activities in that display). 3724 * 3725 * Note that this is specifically about allowing <b>full</b> users to be background visible. 3726 * Even if it is false, there can still be background visible users. 3727 * 3728 * In particular, the Communal Profile is a background visible user, and it can be supported 3729 * unrelated to the value of this method. 3730 * 3731 * @return {@code false} for most devices, except on automotive builds for vehicles with 3732 * passenger displays. 3733 * 3734 * @hide 3735 */ 3736 // TODO(b/310249114): Rename to isVisibleBackgroundFullUsersSupported 3737 @TestApi isVisibleBackgroundUsersSupported()3738 public boolean isVisibleBackgroundUsersSupported() { 3739 return isVisibleBackgroundUsersEnabled(); 3740 } 3741 3742 /** 3743 * @hide 3744 */ isVisibleBackgroundUsersOnDefaultDisplayEnabled()3745 public static boolean isVisibleBackgroundUsersOnDefaultDisplayEnabled() { 3746 return SystemProperties.getBoolean("fw.visible_bg_users_on_default_display", 3747 Resources.getSystem() 3748 .getBoolean(R.bool.config_multiuserVisibleBackgroundUsersOnDefaultDisplay)); 3749 } 3750 3751 /** 3752 * Returns whether the device allows full users to be started in background visible in the 3753 * {@link android.view.Display#DEFAULT_DISPLAY default display}. 3754 * 3755 * @return {@code false} for most devices, except passenger-only automotive build (i.e., when 3756 * Android runs in a separate system in the back seat to manage the passenger displays). 3757 * 3758 * @see #isVisibleBackgroundUsersSupported() 3759 * @hide 3760 */ 3761 @TestApi isVisibleBackgroundUsersOnDefaultDisplaySupported()3762 public boolean isVisibleBackgroundUsersOnDefaultDisplaySupported() { 3763 return isVisibleBackgroundUsersOnDefaultDisplayEnabled(); 3764 } 3765 3766 /** 3767 * Checks if the user is visible at the moment. 3768 * 3769 * <p>Roughly speaking, a "visible user" is a user that can present UI on at least one display. 3770 * It includes: 3771 * 3772 * <ol> 3773 * <li>The current foreground user. 3774 * <li>(Running) profiles of the current foreground user. 3775 * <li>Background users assigned to secondary displays (for example, passenger users on 3776 * automotive builds, using the display associated with their seats). 3777 * <li>A communal profile, if present. 3778 * </ol> 3779 * 3780 * @return whether the user is visible at the moment, as defined above. 3781 * 3782 * @hide 3783 */ 3784 @SystemApi 3785 @UserHandleAware( 3786 requiresAnyOfPermissionsIfNotCaller = { 3787 android.Manifest.permission.MANAGE_USERS, 3788 android.Manifest.permission.INTERACT_ACROSS_USERS}) isUserVisible()3789 public boolean isUserVisible() { 3790 try { 3791 return mService.isUserVisible(mUserId); 3792 } catch (RemoteException re) { 3793 throw re.rethrowFromSystemServer(); 3794 } 3795 } 3796 3797 /** 3798 * Gets the visible users (as defined by {@link #isUserVisible()}. 3799 * 3800 * @return visible users at the moment. 3801 * 3802 * @hide 3803 */ 3804 @SystemApi 3805 @RequiresPermission(anyOf = { 3806 "android.permission.INTERACT_ACROSS_USERS", 3807 "android.permission.MANAGE_USERS" 3808 }) getVisibleUsers()3809 public @NonNull Set<UserHandle> getVisibleUsers() { 3810 ArraySet<UserHandle> result = new ArraySet<>(); 3811 try { 3812 int[] visibleUserIds = mService.getVisibleUsers(); 3813 if (visibleUserIds != null) { 3814 for (int userId : visibleUserIds) { 3815 result.add(UserHandle.of(userId)); 3816 } 3817 } 3818 } catch (RemoteException re) { 3819 throw re.rethrowFromSystemServer(); 3820 } 3821 return result; 3822 } 3823 3824 /** 3825 * See {@link com.android.server.pm.UserManagerInternal#getMainDisplayAssignedToUser(int)}. 3826 * 3827 * @hide 3828 */ 3829 @TestApi 3830 @UserHandleAware( 3831 requiresAnyOfPermissionsIfNotCaller = { 3832 android.Manifest.permission.MANAGE_USERS, 3833 android.Manifest.permission.INTERACT_ACROSS_USERS}) getMainDisplayIdAssignedToUser()3834 public int getMainDisplayIdAssignedToUser() { 3835 try { 3836 return mService.getMainDisplayIdAssignedToUser(mUserId); 3837 } catch (RemoteException re) { 3838 throw re.rethrowFromSystemServer(); 3839 } 3840 } 3841 3842 /** 3843 * Return whether the context user is running in an "unlocked" state. 3844 * <p> 3845 * On devices with direct boot, a user is unlocked only after they've 3846 * entered their credentials (such as a lock pattern or PIN). On devices 3847 * without direct boot, a user is unlocked as soon as it starts. 3848 * <p> 3849 * When a user is locked, only device-protected data storage is available. 3850 * When a user is unlocked, both device-protected and credential-protected 3851 * private app data storage is available. 3852 * 3853 * @see Intent#ACTION_USER_UNLOCKED 3854 * @see Context#createDeviceProtectedStorageContext() 3855 */ 3856 @UserHandleAware( 3857 enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU, 3858 requiresAnyOfPermissionsIfNotCallerProfileGroup = { 3859 android.Manifest.permission.MANAGE_USERS, 3860 android.Manifest.permission.INTERACT_ACROSS_USERS} 3861 ) isUserUnlocked()3862 public boolean isUserUnlocked() { 3863 return isUserUnlocked(getContextUserIfAppropriate()); 3864 } 3865 3866 /** 3867 * Return whether the given user is running in an "unlocked" state. 3868 * <p> 3869 * On devices with direct boot, a user is unlocked only after they've 3870 * entered their credentials (such as a lock pattern or PIN). On devices 3871 * without direct boot, a user is unlocked as soon as it starts. 3872 * <p> 3873 * When a user is locked, only device-protected data storage is available. 3874 * When a user is unlocked, both device-protected and credential-protected 3875 * private app data storage is available. 3876 * <p>Requires {@code android.permission.MANAGE_USERS} or 3877 * {@code android.permission.INTERACT_ACROSS_USERS}, otherwise specified {@link UserHandle user} 3878 * must be the calling user or a profile associated with it. 3879 * 3880 * @param user to retrieve the unlocked state for. 3881 * @see Intent#ACTION_USER_UNLOCKED 3882 * @see Context#createDeviceProtectedStorageContext() 3883 */ 3884 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 3885 Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true) isUserUnlocked(UserHandle user)3886 public boolean isUserUnlocked(UserHandle user) { 3887 return isUserUnlocked(user.getIdentifier()); 3888 } 3889 3890 /** @hide */ 3891 @UnsupportedAppUsage 3892 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 3893 Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true) 3894 @CachedProperty(api = "is_user_unlocked") isUserUnlocked(@serIdInt int userId)3895 public boolean isUserUnlocked(@UserIdInt int userId) { 3896 return UserManagerCache.isUserUnlocked(mService::isUserUnlocked, userId); 3897 } 3898 3899 /** @hide */ invalidateIsUserUnlockedCache()3900 public static final void invalidateIsUserUnlockedCache() { 3901 UserManagerCache.invalidateUserUnlocked(); 3902 } 3903 3904 /** 3905 * Return whether the provided user is already running in an 3906 * "unlocked" state or in the process of unlocking. 3907 * <p> 3908 * On devices with direct boot, a user is unlocked only after they've 3909 * entered their credentials (such as a lock pattern or PIN). On devices 3910 * without direct boot, a user is unlocked as soon as it starts. 3911 * <p> 3912 * When a user is locked, only device-protected data storage is available. 3913 * When a user is unlocked, both device-protected and credential-protected 3914 * private app data storage is available. 3915 * 3916 * <p>Requires {@code android.permission.MANAGE_USERS} or 3917 * {@code android.permission.INTERACT_ACROSS_USERS}, otherwise specified {@link UserHandle user} 3918 * must be the calling user or a profile associated with it. 3919 * 3920 * @hide 3921 */ 3922 @SystemApi 3923 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 3924 Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true) isUserUnlockingOrUnlocked(@onNull UserHandle user)3925 public boolean isUserUnlockingOrUnlocked(@NonNull UserHandle user) { 3926 return isUserUnlockingOrUnlocked(user.getIdentifier()); 3927 } 3928 3929 /** @hide */ 3930 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 3931 Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true) 3932 @CachedProperty(api = "is_user_unlocked") isUserUnlockingOrUnlocked(@serIdInt int userId)3933 public boolean isUserUnlockingOrUnlocked(@UserIdInt int userId) { 3934 return UserManagerCache 3935 .isUserUnlockingOrUnlocked(mService::isUserUnlockingOrUnlocked, userId); 3936 } 3937 3938 /** 3939 * Return the time when the calling user started in elapsed milliseconds since boot, 3940 * or 0 if not started. 3941 * 3942 * @hide 3943 */ 3944 @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553) 3945 // NOT @UserHandleAware getUserStartRealtime()3946 public long getUserStartRealtime() { 3947 if (getContextUserIfAppropriate() != UserHandle.myUserId()) { 3948 // Note: If we want to support this in the future, also annotate with 3949 // @UserHandleAware(enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU) 3950 throw new IllegalArgumentException("Calling from a context differing from the calling " 3951 + "user is not currently supported."); 3952 } 3953 try { 3954 return mService.getUserStartRealtime(); 3955 } catch (RemoteException re) { 3956 throw re.rethrowFromSystemServer(); 3957 } 3958 } 3959 3960 /** 3961 * Return the time when the calling user was unlocked elapsed milliseconds since boot, 3962 * or 0 if not unlocked. 3963 * 3964 * @hide 3965 */ 3966 @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553) 3967 // NOT @UserHandleAware getUserUnlockRealtime()3968 public long getUserUnlockRealtime() { 3969 if (getContextUserIfAppropriate() != UserHandle.myUserId()) { 3970 // Note: If we want to support this in the future, also annotate with 3971 // @UserHandleAware(enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU) 3972 throw new IllegalArgumentException("Calling from a context differing from the calling " 3973 + "user is not currently supported."); 3974 } 3975 try { 3976 return mService.getUserUnlockRealtime(); 3977 } catch (RemoteException re) { 3978 throw re.rethrowFromSystemServer(); 3979 } 3980 } 3981 3982 /** 3983 * Returns the UserInfo object describing a specific user. 3984 * @param userId the user handle of the user whose information is being requested. 3985 * @return the UserInfo object for a specific user. 3986 * @hide 3987 */ 3988 @UnsupportedAppUsage 3989 @RequiresPermission(anyOf = { 3990 Manifest.permission.MANAGE_USERS, 3991 Manifest.permission.CREATE_USERS, 3992 Manifest.permission.QUERY_USERS}) 3993 @CachedProperty(api = "user_manager_user_data") getUserInfo(@serIdInt int userId)3994 public UserInfo getUserInfo(@UserIdInt int userId) { 3995 if (android.multiuser.Flags.cacheUserInfoReadOnly()) { 3996 return UserManagerCache.getUserInfo(mService::getUserInfo, userId); 3997 } 3998 try { 3999 return mService.getUserInfo(userId); 4000 } catch (RemoteException re) { 4001 throw re.rethrowFromSystemServer(); 4002 } 4003 } 4004 4005 /** 4006 * Returns a {@link UserProperties} object describing the properties of the given user. 4007 * 4008 * Note that the caller may not have permission to access all items; requesting any item for 4009 * which permission is lacking will throw a {@link SecurityException}. 4010 * 4011 * <p> Requires 4012 * {@code android.Manifest.permission#MANAGE_USERS}, 4013 * {@code android.Manifest.permission#QUERY_USERS}, or 4014 * {@code android.Manifest.permission#INTERACT_ACROSS_USERS} 4015 * permission, or else the caller must be in the same profile group as the caller. 4016 * 4017 * @param userHandle the user handle of the user whose information is being requested. 4018 * @return a UserProperties object for a specific user. 4019 * @throws IllegalArgumentException if {@code userHandle} doesn't correspond to an existing user 4020 * 4021 * @hide 4022 */ 4023 @SystemApi 4024 @RequiresPermission(anyOf = { 4025 android.Manifest.permission.MANAGE_USERS, 4026 android.Manifest.permission.QUERY_USERS, 4027 android.Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true) getUserProperties( @annotBeSpecialUser @onNull UserHandle userHandle)4028 public @NonNull UserProperties getUserProperties( 4029 @CannotBeSpecialUser @NonNull UserHandle userHandle) { 4030 final int userId = userHandle.getIdentifier(); 4031 4032 if (userId < 0 && android.multiuser.Flags.fixGetUserPropertyCache()) { 4033 // Avoid calling into system server for invalid user ids. 4034 throw new IllegalArgumentException("Cannot access properties for user " + userId); 4035 } 4036 4037 if (!android.multiuser.Flags.cacheUserPropertiesCorrectlyReadOnly() || userId < 0) { 4038 // This is the historical code path, when all flags are false. 4039 try { 4040 return mService.getUserPropertiesCopy(userId); 4041 } catch (RemoteException re) { 4042 throw re.rethrowFromSystemServer(); 4043 } 4044 } 4045 4046 final int callingUid = Binder.getCallingUid(); 4047 final int processUid = Process.myUid(); 4048 if (processUid == Process.SYSTEM_UID && callingUid != processUid) { 4049 Log.w(TAG, "The System (uid " + processUid + ") is fetching a copy of" 4050 + " UserProperties on behalf of callingUid " + callingUid + ". Possibly" 4051 + " it should carefully first clearCallingIdentity or perhaps use" 4052 + " UserManagerInternal.getUserProperties() instead?", 4053 new Throwable()); 4054 } 4055 4056 return getUserPropertiesFromQuery(new QueryUserId(userId)); 4057 } 4058 4059 /** @hide */ invalidateUserPropertiesCache()4060 public static final void invalidateUserPropertiesCache() { 4061 UserManagerCache.invalidateUserPropertiesFromQuery(); 4062 } 4063 4064 /** 4065 * Cachable version of {@link #getUserProperties(UserHandle)}, caching the UserProperties 4066 * corresponding to the given QueryUserId. The cached copy depends on both the queried userId as 4067 * well as the Binder caller querying it, since the result depends on the caller's permissions. 4068 */ 4069 @CachedProperty() getUserPropertiesFromQuery(QueryUserId query)4070 private @NonNull UserProperties getUserPropertiesFromQuery(QueryUserId query) { 4071 return ((UserManagerCache) mIpcDataCache).getUserPropertiesFromQuery( 4072 (QueryUserId q) -> mService.getUserPropertiesCopy(q.getUserId()), query); 4073 } 4074 4075 /** Class keeping track of a userId, as well as the callingUid that is asking about it. */ 4076 /** @hide */ 4077 static final class QueryUserId extends Pair<Integer, Integer> { QueryUserId(@serIdInt int userId)4078 public QueryUserId(@UserIdInt int userId) { 4079 super(Binder.getCallingUid(), userId); 4080 } getUserId()4081 public @UserIdInt int getUserId() { return second; } 4082 } 4083 4084 /** 4085 * @hide 4086 * 4087 * Returns who set a user restriction on a user. 4088 * @param restrictionKey the string key representing the restriction 4089 * @param userHandle the UserHandle of the user for whom to retrieve the restrictions. 4090 * @return The source of user restriction. Any combination of {@link #RESTRICTION_NOT_SET}, 4091 * {@link #RESTRICTION_SOURCE_SYSTEM}, {@link #RESTRICTION_SOURCE_DEVICE_OWNER} 4092 * and {@link #RESTRICTION_SOURCE_PROFILE_OWNER} 4093 * @deprecated use {@link #getUserRestrictionSources(String, int)} instead. 4094 */ 4095 @Deprecated 4096 @SystemApi 4097 @UserRestrictionSource 4098 @RequiresPermission(anyOf = { 4099 Manifest.permission.MANAGE_USERS, 4100 Manifest.permission.QUERY_USERS}) getUserRestrictionSource(@serRestrictionKey String restrictionKey, UserHandle userHandle)4101 public int getUserRestrictionSource(@UserRestrictionKey String restrictionKey, 4102 UserHandle userHandle) { 4103 try { 4104 return mService.getUserRestrictionSource(restrictionKey, userHandle.getIdentifier()); 4105 } catch (RemoteException re) { 4106 throw re.rethrowFromSystemServer(); 4107 } 4108 } 4109 4110 /** 4111 * @hide 4112 * 4113 * Returns a list of users who set a user restriction on a given user. 4114 * @param restrictionKey the string key representing the restriction 4115 * @param userHandle the UserHandle of the user for whom to retrieve the restrictions. 4116 * @return a list of user ids enforcing this restriction. 4117 */ 4118 @SystemApi 4119 @RequiresPermission(anyOf = { 4120 android.Manifest.permission.MANAGE_USERS, 4121 android.Manifest.permission.QUERY_USERS}) getUserRestrictionSources( @serRestrictionKey String restrictionKey, UserHandle userHandle)4122 public List<EnforcingUser> getUserRestrictionSources( 4123 @UserRestrictionKey String restrictionKey, UserHandle userHandle) { 4124 try { 4125 return mService.getUserRestrictionSources(restrictionKey, userHandle.getIdentifier()); 4126 } catch (RemoteException re) { 4127 throw re.rethrowFromSystemServer(); 4128 } 4129 } 4130 4131 /** 4132 * Returns the user-wide restrictions imposed on the context user. 4133 * @return a Bundle containing all the restrictions. 4134 */ 4135 @UserHandleAware( 4136 enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU, 4137 requiresAnyOfPermissionsIfNotCallerProfileGroup = { 4138 android.Manifest.permission.MANAGE_USERS, 4139 android.Manifest.permission.INTERACT_ACROSS_USERS} 4140 ) getUserRestrictions()4141 public Bundle getUserRestrictions() { 4142 try { 4143 return mService.getUserRestrictions(getContextUserIfAppropriate()); 4144 } catch (RemoteException re) { 4145 throw re.rethrowFromSystemServer(); 4146 } 4147 } 4148 4149 /** 4150 * Returns the user-wide restrictions imposed on the user specified by <code>userHandle</code>. 4151 * @param userHandle the UserHandle of the user for whom to retrieve the restrictions. 4152 * @return a Bundle containing all the restrictions. 4153 * 4154 * <p>Requires {@code android.permission.MANAGE_USERS} or 4155 * {@code android.permission.INTERACT_ACROSS_USERS}, otherwise specified {@link UserHandle user} 4156 * must be the calling user or a profile associated with it. 4157 */ 4158 @RequiresPermission(anyOf = { 4159 android.Manifest.permission.MANAGE_USERS, 4160 android.Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true) getUserRestrictions(UserHandle userHandle)4161 public Bundle getUserRestrictions(UserHandle userHandle) { 4162 try { 4163 return mService.getUserRestrictions(userHandle.getIdentifier()); 4164 } catch (RemoteException re) { 4165 throw re.rethrowFromSystemServer(); 4166 } 4167 } 4168 4169 /** 4170 * @hide 4171 * Returns whether the given user has been disallowed from performing certain actions 4172 * or setting certain settings through UserManager (e.g. this type of restriction would prevent 4173 * the guest user from doing certain things, such as making calls). This method disregards 4174 * restrictions set by device policy. 4175 * @param restrictionKey the string key representing the restriction 4176 * @param userHandle the UserHandle of the user for whom to retrieve the restrictions. 4177 */ 4178 @TestApi 4179 @UnsupportedAppUsage 4180 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 4181 Manifest.permission.CREATE_USERS}) hasBaseUserRestriction(@serRestrictionKey @onNull String restrictionKey, @NonNull UserHandle userHandle)4182 public boolean hasBaseUserRestriction(@UserRestrictionKey @NonNull String restrictionKey, 4183 @NonNull UserHandle userHandle) { 4184 try { 4185 return mService.hasBaseUserRestriction(restrictionKey, userHandle.getIdentifier()); 4186 } catch (RemoteException re) { 4187 throw re.rethrowFromSystemServer(); 4188 } 4189 } 4190 4191 /** 4192 * This will no longer work. Device owners and profile owners should use 4193 * {@link DevicePolicyManager#addUserRestriction(ComponentName, String)} instead. 4194 */ 4195 // System apps should use UserManager.setUserRestriction() instead. 4196 @Deprecated setUserRestrictions(Bundle restrictions)4197 public void setUserRestrictions(Bundle restrictions) { 4198 throw new UnsupportedOperationException("This method is no longer supported"); 4199 } 4200 4201 /** 4202 * This will no longer work. Device owners and profile owners should use 4203 * {@link DevicePolicyManager#addUserRestriction(ComponentName, String)} instead. 4204 */ 4205 // System apps should use UserManager.setUserRestriction() instead. 4206 @Deprecated setUserRestrictions(Bundle restrictions, UserHandle userHandle)4207 public void setUserRestrictions(Bundle restrictions, UserHandle userHandle) { 4208 throw new UnsupportedOperationException("This method is no longer supported"); 4209 } 4210 4211 /** 4212 * Sets the value of a specific restriction on the context user. 4213 * Requires the MANAGE_USERS permission. 4214 * @param key the key of the restriction 4215 * @param value the value for the restriction 4216 * @deprecated use {@link android.app.admin.DevicePolicyManager#addUserRestriction( 4217 * android.content.ComponentName, String)} or 4218 * {@link android.app.admin.DevicePolicyManager#clearUserRestriction( 4219 * android.content.ComponentName, String)} instead. 4220 */ 4221 @Deprecated 4222 @RequiresPermission(Manifest.permission.MANAGE_USERS) 4223 @UserHandleAware(enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU) setUserRestriction(String key, boolean value)4224 public void setUserRestriction(String key, boolean value) { 4225 try { 4226 mService.setUserRestriction(key, value, getContextUserIfAppropriate()); 4227 } catch (RemoteException re) { 4228 throw re.rethrowFromSystemServer(); 4229 } 4230 } 4231 4232 /** 4233 * @hide 4234 * Sets the value of a specific restriction on a specific user. 4235 * @param key the key of the restriction 4236 * @param value the value for the restriction 4237 * @param userHandle the user whose restriction is to be changed. 4238 * @deprecated use {@link android.app.admin.DevicePolicyManager#addUserRestriction( 4239 * android.content.ComponentName, String)} or 4240 * {@link android.app.admin.DevicePolicyManager#clearUserRestriction( 4241 * android.content.ComponentName, String)} instead. 4242 */ 4243 @Deprecated 4244 @RequiresPermission(Manifest.permission.MANAGE_USERS) setUserRestriction(String key, boolean value, UserHandle userHandle)4245 public void setUserRestriction(String key, boolean value, UserHandle userHandle) { 4246 try { 4247 mService.setUserRestriction(key, value, userHandle.getIdentifier()); 4248 } catch (RemoteException re) { 4249 throw re.rethrowFromSystemServer(); 4250 } 4251 } 4252 4253 /** 4254 * Returns whether the context user has been disallowed from performing certain actions 4255 * or setting certain settings. 4256 * 4257 * @param restrictionKey The string key representing the restriction. 4258 * @return {@code true} if the context user has the given restriction, {@code false} otherwise. 4259 */ 4260 @UserHandleAware( 4261 enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU, 4262 requiresAnyOfPermissionsIfNotCallerProfileGroup = { 4263 android.Manifest.permission.MANAGE_USERS, 4264 android.Manifest.permission.INTERACT_ACROSS_USERS} 4265 ) hasUserRestriction(@serRestrictionKey String restrictionKey)4266 public boolean hasUserRestriction(@UserRestrictionKey String restrictionKey) { 4267 return hasUserRestrictionForUser(restrictionKey, getContextUserIfAppropriate()); 4268 } 4269 4270 /** 4271 * @hide 4272 * Returns whether the given user has been disallowed from performing certain actions 4273 * or setting certain settings. 4274 * @param restrictionKey the string key representing the restriction 4275 * @param userHandle the UserHandle of the user for whom to retrieve the restrictions. 4276 * @deprecated Use {@link #hasUserRestrictionForUser(String, UserHandle)} instead. 4277 */ 4278 @UnsupportedAppUsage 4279 @RequiresPermission(anyOf = { 4280 android.Manifest.permission.MANAGE_USERS, 4281 android.Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true) 4282 @Deprecated hasUserRestriction(@serRestrictionKey String restrictionKey, UserHandle userHandle)4283 public boolean hasUserRestriction(@UserRestrictionKey String restrictionKey, 4284 UserHandle userHandle) { 4285 return hasUserRestrictionForUser(restrictionKey, userHandle); 4286 } 4287 4288 /** 4289 * Returns whether the given user has been disallowed from performing certain actions 4290 * or setting certain settings. 4291 * @param restrictionKey the string key representing the restriction 4292 * @param userHandle the UserHandle of the user for whom to retrieve the restrictions. 4293 * 4294 * <p>Requires {@code android.permission.MANAGE_USERS} or 4295 * {@code android.permission.INTERACT_ACROSS_USERS}, otherwise specified {@link UserHandle user} 4296 * must be the calling user or a profile associated with it. 4297 * 4298 * @hide 4299 */ 4300 @SystemApi 4301 @RequiresPermission(anyOf = { 4302 android.Manifest.permission.MANAGE_USERS, 4303 android.Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true) hasUserRestrictionForUser(@onNull @serRestrictionKey String restrictionKey, @NonNull UserHandle userHandle)4304 public boolean hasUserRestrictionForUser(@NonNull @UserRestrictionKey String restrictionKey, 4305 @NonNull UserHandle userHandle) { 4306 return hasUserRestrictionForUser(restrictionKey, userHandle.getIdentifier()); 4307 } 4308 4309 @RequiresPermission(anyOf = { 4310 android.Manifest.permission.MANAGE_USERS, 4311 android.Manifest.permission.INTERACT_ACROSS_USERS}, conditional = true) hasUserRestrictionForUser(@onNull @serRestrictionKey String restrictionKey, @NonNull @UserIdInt int userId)4312 private boolean hasUserRestrictionForUser(@NonNull @UserRestrictionKey String restrictionKey, 4313 @NonNull @UserIdInt int userId) { 4314 return getUserRestrictionFromQuery(new Pair(restrictionKey, userId)); 4315 } 4316 4317 /** @hide */ 4318 @CachedProperty() getUserRestrictionFromQuery(@onNull Pair<String, Integer> restrictionPerUser)4319 private boolean getUserRestrictionFromQuery(@NonNull Pair<String, Integer> restrictionPerUser) { 4320 return UserManagerCache.getUserRestrictionFromQuery( 4321 (Pair<String, Integer> q) -> mService.hasUserRestriction(q.first, q.second), 4322 // bypass cache if the flag is disabled 4323 (Pair<String, Integer> q) -> !android.multiuser.Flags.cacheUserRestrictionsReadOnly(), 4324 restrictionPerUser); 4325 } 4326 4327 /** @hide */ invalidateUserRestriction()4328 public static final void invalidateUserRestriction() { 4329 if (android.multiuser.Flags.cacheUserRestrictionsReadOnly()) { 4330 UserManagerCache.invalidateUserRestrictionFromQuery(); 4331 } 4332 } 4333 4334 /** 4335 * @hide 4336 * Returns whether any user on the device has the given user restriction set. 4337 */ hasUserRestrictionOnAnyUser(@serRestrictionKey String restrictionKey)4338 public boolean hasUserRestrictionOnAnyUser(@UserRestrictionKey String restrictionKey) { 4339 try { 4340 return mService.hasUserRestrictionOnAnyUser(restrictionKey); 4341 } catch (RemoteException re) { 4342 throw re.rethrowFromSystemServer(); 4343 } 4344 } 4345 4346 /** 4347 * @hide 4348 * 4349 * Checks whether changing the given setting to the given value is prohibited 4350 * by the corresponding user restriction in the given user. 4351 * 4352 * May only be called by the OS itself. 4353 * 4354 * @return {@code true} if the change is prohibited, {@code false} if the change is allowed. 4355 */ isSettingRestrictedForUser(String setting, @UserIdInt int userId, String value, int callingUid)4356 public boolean isSettingRestrictedForUser(String setting, @UserIdInt int userId, 4357 String value, int callingUid) { 4358 try { 4359 return mService.isSettingRestrictedForUser(setting, userId, value, callingUid); 4360 } catch (RemoteException re) { 4361 throw re.rethrowFromSystemServer(); 4362 } 4363 } 4364 4365 /** 4366 * @hide 4367 * Register a binder callback for user restrictions changes. 4368 * May only be called by the OS itself. 4369 */ addUserRestrictionsListener(final IUserRestrictionsListener listener)4370 public void addUserRestrictionsListener(final IUserRestrictionsListener listener) { 4371 try { 4372 mService.addUserRestrictionsListener(listener); 4373 } catch (RemoteException re) { 4374 throw re.rethrowFromSystemServer(); 4375 } 4376 } 4377 4378 /** 4379 * Return the serial number for a user. This is a device-unique 4380 * number assigned to that user; if the user is deleted and then a new 4381 * user created, the new users will not be given the same serial number. 4382 * @param user The user whose serial number is to be retrieved. 4383 * @return The serial number of the given user; returns -1 if the 4384 * given UserHandle does not exist. 4385 * @see #getUserForSerialNumber(long) 4386 */ getSerialNumberForUser(UserHandle user)4387 public long getSerialNumberForUser(UserHandle user) { 4388 return getUserSerialNumber(user.getIdentifier()); 4389 } 4390 4391 /** 4392 * Return the user associated with a serial number previously 4393 * returned by {@link #getSerialNumberForUser(UserHandle)}. 4394 * @param serialNumber The serial number of the user that is being 4395 * retrieved. 4396 * @return Return the user associated with the serial number, or null 4397 * if there is not one. 4398 * @see #getSerialNumberForUser(UserHandle) 4399 */ getUserForSerialNumber(long serialNumber)4400 public UserHandle getUserForSerialNumber(long serialNumber) { 4401 int ident = getUserHandle((int) serialNumber); 4402 return ident >= 0 ? new UserHandle(ident) : null; 4403 } 4404 4405 /** 4406 * Creates a user with the specified name and options. 4407 * Default user restrictions will be applied. 4408 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 4409 * 4410 * @param name the user's name 4411 * @param flags UserInfo flags that identify the type of user and other properties. 4412 * @see UserInfo 4413 * 4414 * @return the UserInfo object for the created user, or null if the user could not be created. 4415 * @throws IllegalArgumentException if flags do not correspond to a valid user type. 4416 * @deprecated Use {@link #createUser(String, String, int)} instead. 4417 * @hide 4418 */ 4419 @UnsupportedAppUsage 4420 @Deprecated createUser(@ullable String name, @UserInfoFlag int flags)4421 public @Nullable UserInfo createUser(@Nullable String name, @UserInfoFlag int flags) { 4422 return createUser(name, UserInfo.getDefaultUserType(flags), flags); 4423 } 4424 4425 /** 4426 * Creates a user with the specified name and options. 4427 * Default user restrictions will be applied. 4428 * 4429 * <p>Requires {@link android.Manifest.permission#MANAGE_USERS}. 4430 * {@link android.Manifest.permission#CREATE_USERS} suffices if flags are in 4431 * com.android.server.pm.UserManagerService#ALLOWED_FLAGS_FOR_CREATE_USERS_PERMISSION. 4432 * 4433 * @param name the user's name 4434 * @param userType the type of user, such as {@link UserManager#USER_TYPE_FULL_GUEST}. 4435 * @param flags UserInfo flags that specify user properties. 4436 * @return the {@link UserInfo} object for the created user, or {@code null} if the user 4437 * could not be created. 4438 * 4439 * @see UserInfo 4440 * 4441 * @hide 4442 */ 4443 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 4444 Manifest.permission.CREATE_USERS}) 4445 @TestApi createUser(@ullable String name, @NonNull String userType, @UserInfoFlag int flags)4446 public @Nullable UserInfo createUser(@Nullable String name, @NonNull String userType, 4447 @UserInfoFlag int flags) { 4448 try { 4449 return mService.createUserWithThrow(name, userType, flags); 4450 } catch (ServiceSpecificException e) { 4451 return null; 4452 } catch (RemoteException re) { 4453 throw re.rethrowFromSystemServer(); 4454 } 4455 } 4456 4457 /** 4458 * Creates a user with the specified {@link NewUserRequest}. 4459 * 4460 * @param newUserRequest specify the user information 4461 * 4462 * @hide 4463 */ 4464 @SystemApi 4465 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 4466 Manifest.permission.CREATE_USERS}) createUser(@onNull NewUserRequest newUserRequest)4467 public @NonNull NewUserResponse createUser(@NonNull NewUserRequest newUserRequest) { 4468 try { 4469 final UserHandle userHandle = mService.createUserWithAttributes( 4470 newUserRequest.getName(), 4471 newUserRequest.getUserType(), 4472 newUserRequest.getFlags(), 4473 newUserRequest.getUserIcon(), 4474 newUserRequest.getAccountName(), 4475 newUserRequest.getAccountType(), 4476 newUserRequest.getAccountOptions()); 4477 4478 return new NewUserResponse(userHandle, USER_OPERATION_SUCCESS); 4479 4480 } catch (ServiceSpecificException e) { 4481 Log.w(TAG, "Exception while creating user " + newUserRequest, e); 4482 return new NewUserResponse(null, e.errorCode); 4483 } catch (RemoteException re) { 4484 throw re.rethrowFromSystemServer(); 4485 } 4486 } 4487 4488 /** 4489 * Pre-creates a user of the specified type. Default user restrictions will be applied. 4490 * 4491 * <p>This method can be used by OEMs to "warm" up the user creation by pre-creating some users 4492 * at the first boot, so they when the "real" user is created (for example, 4493 * by {@link #createUser(String, String, int)} or {@link #createGuest(Context)}), it 4494 * takes less time. 4495 * 4496 * <p>This method completes the majority of work necessary for user creation: it 4497 * creates user data, CE and DE encryption keys, app data directories, initializes the user and 4498 * grants default permissions. When pre-created users become "real" users, only then are 4499 * components notified of new user creation by firing user creation broadcasts. 4500 * 4501 * <p>All pre-created users are removed during system upgrade. 4502 * 4503 * <p>Requires {@link android.Manifest.permission#MANAGE_USERS}. 4504 * {@link android.Manifest.permission#CREATE_USERS} suffices if flags are in 4505 * com.android.server.pm.UserManagerService#ALLOWED_FLAGS_FOR_CREATE_USERS_PERMISSION. 4506 * 4507 * 4508 * @param userType the type of user, such as {@link UserManager#USER_TYPE_FULL_GUEST}. 4509 * @return the {@link UserInfo} object for the created user. 4510 * 4511 * @throws UserOperationException if the user could not be created. 4512 * 4513 * @deprecated Pre-created users are deprecated. This method should no longer be used, and will 4514 * be removed once all the callers are removed. 4515 * 4516 * @hide 4517 */ 4518 @Deprecated 4519 @TestApi 4520 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 4521 Manifest.permission.CREATE_USERS}) preCreateUser(@onNull String userType)4522 public @NonNull UserInfo preCreateUser(@NonNull String userType) 4523 throws UserOperationException { 4524 Log.w(TAG, "preCreateUser(): Pre-created user is deprecated."); 4525 try { 4526 return mService.preCreateUserWithThrow(userType); 4527 } catch (ServiceSpecificException e) { 4528 throw UserOperationException.from(e); 4529 } catch (RemoteException re) { 4530 throw re.rethrowFromSystemServer(); 4531 } 4532 } 4533 4534 /** 4535 * Creates a guest user and configures it. 4536 * @param context an application context 4537 * @return the {@link UserInfo} object for the created user, or {@code null} if the user 4538 * could not be created. 4539 * 4540 * @hide 4541 */ 4542 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 4543 Manifest.permission.CREATE_USERS}) createGuest(Context context)4544 public @Nullable UserInfo createGuest(Context context) { 4545 try { 4546 final UserInfo guest = mService.createUserWithThrow(null, USER_TYPE_FULL_GUEST, 0); 4547 Settings.Secure.putStringForUser(context.getContentResolver(), 4548 Settings.Secure.SKIP_FIRST_USE_HINTS, "1", guest.id); 4549 4550 if (UserManager.isGuestUserAllowEphemeralStateChange()) { 4551 // Mark guest as (changeably) ephemeral if REMOVE_GUEST_ON_EXIT is 1 4552 // This is done so that a user via a UI controller can choose to 4553 // make a guest as ephemeral or not. 4554 // Settings.Global.REMOVE_GUEST_ON_EXIT holds the choice on what the guest state 4555 // should be, with default being ephemeral. 4556 boolean resetGuestOnExit = Settings.Global.getInt(context.getContentResolver(), 4557 Settings.Global.REMOVE_GUEST_ON_EXIT, 1) == 1; 4558 4559 if (resetGuestOnExit && !guest.isEphemeral()) { 4560 setUserEphemeral(guest.id, true); 4561 } 4562 } 4563 return guest; 4564 } catch (ServiceSpecificException e) { 4565 return null; 4566 } catch (RemoteException re) { 4567 throw re.rethrowFromSystemServer(); 4568 } 4569 } 4570 4571 // TODO(b/256690588): Remove this after removing its callsites. 4572 /** 4573 * Gets the existing guest user if it exists. This does not include guest users that are dying. 4574 * @return The existing guest user if it exists. Null otherwise. 4575 * @hide 4576 * 4577 * @deprecated Use {@link #getGuestUsers()} 4578 */ 4579 @Deprecated 4580 @RequiresPermission(android.Manifest.permission.MANAGE_USERS) findCurrentGuestUser()4581 public UserInfo findCurrentGuestUser() { 4582 try { 4583 final List<UserInfo> guestUsers = mService.getGuestUsers(); 4584 if (guestUsers.size() == 0) { 4585 return null; 4586 } 4587 return guestUsers.get(0); 4588 } catch (RemoteException re) { 4589 throw re.rethrowFromSystemServer(); 4590 } 4591 } 4592 4593 /** 4594 * Returns the existing guest users. This does not include guest users that are dying. 4595 * @hide 4596 */ 4597 @RequiresPermission(android.Manifest.permission.MANAGE_USERS) getGuestUsers()4598 public @NonNull List<UserInfo> getGuestUsers() { 4599 try { 4600 return mService.getGuestUsers(); 4601 } catch (RemoteException re) { 4602 throw re.rethrowFromSystemServer(); 4603 } 4604 } 4605 4606 /** 4607 * Creates a user with the specified name and options as a profile of the context's user. 4608 * 4609 * @param name the user's name. 4610 * @param userType the type of user, such as {@link UserManager#USER_TYPE_PROFILE_MANAGED}. 4611 * @param disallowedPackages packages to not install for this profile. 4612 * 4613 * @return the {@link android.os.UserHandle} object for the created user, 4614 * or throws {@link UserOperationException} if the user could not be created 4615 * and calling app is targeting {@link android.os.Build.VERSION_CODES#R} or above 4616 * (otherwise returns {@code null}). 4617 * 4618 * @throws UserOperationException if the user could not be created and the calling app is 4619 * targeting {@link android.os.Build.VERSION_CODES#R} or above. 4620 * 4621 * @hide 4622 */ 4623 @SystemApi 4624 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 4625 Manifest.permission.CREATE_USERS}) 4626 @UserHandleAware createProfile(@onNull String name, @NonNull String userType, @NonNull Set<String> disallowedPackages)4627 public @Nullable UserHandle createProfile(@NonNull String name, @NonNull String userType, 4628 @NonNull Set<String> disallowedPackages) throws UserOperationException { 4629 try { 4630 return mService.createProfileForUserWithThrow(name, userType, 0, 4631 mUserId, disallowedPackages.toArray( 4632 new String[disallowedPackages.size()])).getUserHandle(); 4633 } catch (ServiceSpecificException e) { 4634 return returnNullOrThrowUserOperationException(e, 4635 mContext.getApplicationInfo().targetSdkVersion >= Build.VERSION_CODES.R); 4636 } catch (RemoteException re) { 4637 throw re.rethrowFromSystemServer(); 4638 } 4639 } 4640 4641 /** 4642 * Creates a user with the specified name and options as a profile of another user. 4643 * <p>Requires MANAGE_USERS. CREATE_USERS suffices for ALLOWED_FLAGS_FOR_CREATE_USERS_PERMISSION 4644 * 4645 * @param name the user's name 4646 * @param flags flags that identify the type of user and other properties. 4647 * @param userId new user will be a profile of this user. 4648 * 4649 * @return the {@link UserInfo} object for the created user, or null if the user 4650 * could not be created. 4651 * @throws IllegalArgumentException if flags do not correspond to a valid user type. 4652 * @deprecated Use {@link #createProfileForUser(String, String, int, int)} instead. 4653 * @hide 4654 */ 4655 @UnsupportedAppUsage 4656 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 4657 Manifest.permission.CREATE_USERS}) 4658 @Deprecated createProfileForUser(String name, @UserInfoFlag int flags, @UserIdInt int userId)4659 public UserInfo createProfileForUser(String name, @UserInfoFlag int flags, 4660 @UserIdInt int userId) { 4661 return createProfileForUser(name, UserInfo.getDefaultUserType(flags), flags, 4662 userId, null); 4663 } 4664 4665 /** 4666 * Creates a user with the specified name and options as a profile of another user. 4667 * 4668 * @param name the user's name 4669 * @param userType the type of user, such as {@link UserManager#USER_TYPE_PROFILE_MANAGED}. 4670 * @param flags UserInfo flags that specify user properties. 4671 * @param userId new user will be a profile of this user. 4672 * 4673 * @return the {@link UserInfo} object for the created user, or null if the user 4674 * could not be created. 4675 * @hide 4676 */ 4677 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 4678 Manifest.permission.CREATE_USERS}) createProfileForUser(String name, @NonNull String userType, @UserInfoFlag int flags, @UserIdInt int userId)4679 public @Nullable UserInfo createProfileForUser(String name, @NonNull String userType, 4680 @UserInfoFlag int flags, @UserIdInt int userId) { 4681 return createProfileForUser(name, userType, flags, userId, null); 4682 } 4683 4684 /** 4685 * Version of {@link #createProfileForUser(String, String, int, int)} that allows you to specify 4686 * any packages that should not be installed in the new profile by default, these packages can 4687 * still be installed later by the user if needed. 4688 * 4689 * @param name the user's name 4690 * @param userType the type of user, such as {@link UserManager#USER_TYPE_PROFILE_MANAGED}. 4691 * @param flags UserInfo flags that specify user properties. 4692 * @param userId new user will be a profile of this user. 4693 * @param disallowedPackages packages that will not be installed in the profile being created. 4694 * 4695 * @return the {@link UserInfo} object for the created user, or {@code null} if the user could 4696 * not be created. 4697 * 4698 * @hide 4699 */ 4700 @TestApi 4701 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 4702 Manifest.permission.CREATE_USERS}) createProfileForUser(@ullable String name, @NonNull String userType, @UserInfoFlag int flags, @UserIdInt int userId, @Nullable String[] disallowedPackages)4703 public @Nullable UserInfo createProfileForUser(@Nullable String name, @NonNull String userType, 4704 @UserInfoFlag int flags, @UserIdInt int userId, @Nullable String[] disallowedPackages) { 4705 try { 4706 return mService.createProfileForUserWithThrow(name, userType, flags, userId, 4707 disallowedPackages); 4708 } catch (ServiceSpecificException e) { 4709 return null; 4710 } catch (RemoteException re) { 4711 throw re.rethrowFromSystemServer(); 4712 } 4713 } 4714 4715 /** 4716 * Similar to {@link #createProfileForUser(String, String, int, int, String[])} 4717 * except bypassing the checking of {@link UserManager#DISALLOW_ADD_MANAGED_PROFILE}. 4718 * 4719 * @see #createProfileForUser(String, String, int, int, String[]) 4720 * @hide 4721 */ 4722 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 4723 Manifest.permission.CREATE_USERS}) createProfileForUserEvenWhenDisallowed(String name, @NonNull String userType, @UserInfoFlag int flags, @UserIdInt int userId, String[] disallowedPackages)4724 public @Nullable UserInfo createProfileForUserEvenWhenDisallowed(String name, 4725 @NonNull String userType, @UserInfoFlag int flags, @UserIdInt int userId, 4726 String[] disallowedPackages) { 4727 try { 4728 return mService.createProfileForUserEvenWhenDisallowedWithThrow(name, userType, flags, 4729 userId, disallowedPackages); 4730 } catch (ServiceSpecificException e) { 4731 return null; 4732 } catch (RemoteException re) { 4733 throw re.rethrowFromSystemServer(); 4734 } 4735 } 4736 4737 /** 4738 * Creates a restricted profile with the specified name. This method also sets necessary 4739 * restrictions and adds shared accounts (with the context user). 4740 * 4741 * @param name profile's name 4742 * @return the {@link UserInfo} object for the created user, or {@code null} if the user 4743 * could not be created. 4744 * 4745 * @hide 4746 */ 4747 @TestApi 4748 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 4749 Manifest.permission.CREATE_USERS}) 4750 @UserHandleAware createRestrictedProfile(@ullable String name)4751 public @Nullable UserInfo createRestrictedProfile(@Nullable String name) { 4752 try { 4753 final int parentUserId = mUserId; 4754 final UserInfo profile = mService.createRestrictedProfileWithThrow(name, parentUserId); 4755 final UserHandle parentUserHandle = UserHandle.of(parentUserId); 4756 AccountManager.get(mContext).addSharedAccountsFromParentUser(parentUserHandle, 4757 UserHandle.of(profile.id)); 4758 return profile; 4759 } catch (ServiceSpecificException e) { 4760 return null; 4761 } catch (RemoteException re) { 4762 throw re.rethrowFromSystemServer(); 4763 } 4764 } 4765 4766 /** 4767 * Returns an intent to create a user for the provided name and account name. The name 4768 * and account name will be used when the setup process for the new user is started. 4769 * <p> 4770 * The intent should be launched using startActivityForResult and the return result will 4771 * indicate if the user consented to adding a new user and if the operation succeeded. Any 4772 * errors in creating the user will be returned in the result code. If the user cancels the 4773 * request, the return result will be {@link Activity#RESULT_CANCELED}. On success, the 4774 * result code will be {@link Activity#RESULT_OK}. 4775 * <p> 4776 * Use {@link #supportsMultipleUsers()} to first check if the device supports this operation 4777 * at all. 4778 * <p> 4779 * The new user is created but not initialized. After switching into the user for the first 4780 * time, the preferred user name and account information are used by the setup process for that 4781 * user. 4782 * 4783 * This API should only be called if the current user is an {@link #isAdminUser() admin} user, 4784 * as otherwise the returned intent will not be able to create a user. 4785 * 4786 * @param userName Optional name to assign to the user. Character limit is 100. 4787 * @param accountName Optional account name that will be used by the setup wizard to initialize 4788 * the user. Character limit is 500. 4789 * @param accountType Optional account type for the account to be created. This is required 4790 * if the account name is specified. Character limit is 500. 4791 * @param accountOptions Optional bundle of data to be passed in during account creation in the 4792 * new user via {@link AccountManager#addAccount(String, String, String[], 4793 * Bundle, android.app.Activity, android.accounts.AccountManagerCallback, 4794 * Handler)}. Character limit is 1000. 4795 * @return An Intent that can be launched from an Activity. 4796 * @see #USER_CREATION_FAILED_NOT_PERMITTED 4797 * @see #USER_CREATION_FAILED_NO_MORE_USERS 4798 * @see #supportsMultipleUsers 4799 */ createUserCreationIntent(@ullable String userName, @Nullable String accountName, @Nullable String accountType, @Nullable PersistableBundle accountOptions)4800 public static Intent createUserCreationIntent(@Nullable String userName, 4801 @Nullable String accountName, 4802 @Nullable String accountType, @Nullable PersistableBundle accountOptions) { 4803 Intent intent = new Intent(ACTION_CREATE_USER); 4804 if (userName != null) { 4805 intent.putExtra(EXTRA_USER_NAME, userName); 4806 } 4807 if (accountName != null && accountType == null) { 4808 throw new IllegalArgumentException("accountType must be specified if accountName is " 4809 + "specified"); 4810 } 4811 if (accountName != null) { 4812 intent.putExtra(EXTRA_USER_ACCOUNT_NAME, accountName); 4813 } 4814 if (accountType != null) { 4815 intent.putExtra(EXTRA_USER_ACCOUNT_TYPE, accountType); 4816 } 4817 if (accountOptions != null) { 4818 intent.putExtra(EXTRA_USER_ACCOUNT_OPTIONS, accountOptions); 4819 } 4820 return intent; 4821 } 4822 4823 /** 4824 * Returns the list of the system packages that would be installed on this type of user upon 4825 * its creation. 4826 * 4827 * Returns {@code null} if all system packages would be installed. 4828 * 4829 * @hide 4830 */ 4831 @TestApi 4832 @SuppressLint("NullableCollection") 4833 @RequiresPermission(anyOf = { 4834 android.Manifest.permission.MANAGE_USERS, 4835 android.Manifest.permission.CREATE_USERS 4836 }) getPreInstallableSystemPackages(@onNull String userType)4837 public @Nullable Set<String> getPreInstallableSystemPackages(@NonNull String userType) { 4838 try { 4839 final String[] installableSystemPackages 4840 = mService.getPreInstallableSystemPackages(userType); 4841 if (installableSystemPackages == null) { 4842 return null; 4843 } 4844 return new ArraySet<>(installableSystemPackages); 4845 } catch (RemoteException re) { 4846 throw re.rethrowFromSystemServer(); 4847 } 4848 } 4849 4850 /** 4851 * @hide 4852 * 4853 * Returns the preferred account name for the context user's creation. 4854 */ 4855 @SystemApi 4856 @RequiresPermission(android.Manifest.permission.MANAGE_USERS) 4857 @UserHandleAware(enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU) getSeedAccountName()4858 public String getSeedAccountName() { 4859 try { 4860 return mService.getSeedAccountName(getContextUserIfAppropriate()); 4861 } catch (RemoteException re) { 4862 throw re.rethrowFromSystemServer(); 4863 } 4864 } 4865 4866 /** 4867 * @hide 4868 * 4869 * Returns the preferred account type for the context user's creation. 4870 */ 4871 @SystemApi 4872 @RequiresPermission(android.Manifest.permission.MANAGE_USERS) 4873 @UserHandleAware(enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU) getSeedAccountType()4874 public String getSeedAccountType() { 4875 try { 4876 return mService.getSeedAccountType(getContextUserIfAppropriate()); 4877 } catch (RemoteException re) { 4878 throw re.rethrowFromSystemServer(); 4879 } 4880 } 4881 4882 /** 4883 * @hide 4884 * 4885 * Returns the preferred account's options bundle for user creation. 4886 * @return Any options set by the requestor that created the context user. 4887 */ 4888 @SystemApi 4889 @RequiresPermission(android.Manifest.permission.MANAGE_USERS) 4890 @UserHandleAware(enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU) getSeedAccountOptions()4891 public PersistableBundle getSeedAccountOptions() { 4892 try { 4893 return mService.getSeedAccountOptions(getContextUserIfAppropriate()); 4894 } catch (RemoteException re) { 4895 throw re.rethrowFromSystemServer(); 4896 } 4897 } 4898 4899 /** 4900 * @hide 4901 * 4902 * Called by a system activity to set the seed account information of a user created 4903 * through the user creation intent. 4904 * @param userId 4905 * @param accountName 4906 * @param accountType 4907 * @param accountOptions 4908 * @see #createUserCreationIntent(String, String, String, PersistableBundle) 4909 */ 4910 @RequiresPermission(android.Manifest.permission.MANAGE_USERS) setSeedAccountData(int userId, String accountName, String accountType, PersistableBundle accountOptions)4911 public void setSeedAccountData(int userId, String accountName, String accountType, 4912 PersistableBundle accountOptions) { 4913 try { 4914 mService.setSeedAccountData(userId, accountName, accountType, accountOptions, 4915 /* persist= */ true); 4916 } catch (RemoteException re) { 4917 throw re.rethrowFromSystemServer(); 4918 } 4919 } 4920 4921 /** 4922 * @hide 4923 * Clears the seed information used to create the context user. 4924 */ 4925 @SystemApi 4926 @RequiresPermission(android.Manifest.permission.MANAGE_USERS) 4927 @UserHandleAware(enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU) clearSeedAccountData()4928 public void clearSeedAccountData() { 4929 try { 4930 mService.clearSeedAccountData(getContextUserIfAppropriate()); 4931 } catch (RemoteException re) { 4932 throw re.rethrowFromSystemServer(); 4933 } 4934 } 4935 4936 /** 4937 * @hide 4938 * Marks the guest user for deletion to allow a new guest to be created before deleting 4939 * the current user who is a guest. 4940 * @param userId 4941 * @return 4942 */ 4943 @RequiresPermission(android.Manifest.permission.MANAGE_USERS) markGuestForDeletion(@serIdInt int userId)4944 public boolean markGuestForDeletion(@UserIdInt int userId) { 4945 try { 4946 return mService.markGuestForDeletion(userId); 4947 } catch (RemoteException re) { 4948 throw re.rethrowFromSystemServer(); 4949 } 4950 } 4951 4952 /** 4953 * Sets the user as enabled, if such an user exists. 4954 * 4955 * <p>Note that the default is true, it's only that managed profiles might not be enabled. 4956 * (Managed profiles created by DevicePolicyManager will start out disabled, and DPM will later 4957 * toggle them to enabled once they are provisioned. This is the primary purpose of the 4958 * {@link UserInfo#FLAG_DISABLED} flag.) 4959 * Also ephemeral users can be disabled to indicate that their removal is in progress and they 4960 * shouldn't be re-entered. Therefore ephemeral users should not be re-enabled once disabled. 4961 * 4962 * @param userId the id of the profile to enable 4963 * @hide 4964 */ 4965 @RequiresPermission(android.Manifest.permission.MANAGE_USERS) setUserEnabled(@serIdInt int userId)4966 public void setUserEnabled(@UserIdInt int userId) { 4967 try { 4968 mService.setUserEnabled(userId); 4969 } catch (RemoteException re) { 4970 throw re.rethrowFromSystemServer(); 4971 } 4972 } 4973 4974 /** 4975 * Assigns admin privileges to the user, if such a user exists. 4976 * 4977 * <p>Note that this does not alter the user's pre-existing user restrictions. 4978 * 4979 * @param userId the id of the user to become admin 4980 * @throws SecurityException if changing ADMIN status of the user is not allowed 4981 * @hide 4982 */ 4983 @RequiresPermission(allOf = { 4984 Manifest.permission.INTERACT_ACROSS_USERS_FULL, 4985 Manifest.permission.MANAGE_USERS 4986 }) setUserAdmin(@serIdInt int userId)4987 public void setUserAdmin(@UserIdInt int userId) { 4988 try { 4989 mService.setUserAdmin(userId); 4990 } catch (RemoteException re) { 4991 throw re.rethrowFromSystemServer(); 4992 } 4993 } 4994 4995 /** 4996 * Revokes admin privileges from the user, if such a user exists. 4997 * 4998 * <p>Note that this does not alter the user's pre-existing user restrictions. 4999 * 5000 * @param userId the id of the user to revoke admin rights from 5001 * @throws SecurityException if changing ADMIN status of the user is not allowed 5002 * @hide 5003 */ 5004 @RequiresPermission(allOf = { 5005 Manifest.permission.INTERACT_ACROSS_USERS_FULL, 5006 Manifest.permission.MANAGE_USERS 5007 }) revokeUserAdmin(@serIdInt int userId)5008 public void revokeUserAdmin(@UserIdInt int userId) { 5009 try { 5010 mService.revokeUserAdmin(userId); 5011 } catch (RemoteException re) { 5012 throw re.rethrowFromSystemServer(); 5013 } 5014 } 5015 5016 /** 5017 * Evicts the user's credential encryption key from memory by stopping and restarting the user. 5018 * 5019 * @hide 5020 */ 5021 @RequiresPermission(android.Manifest.permission.MANAGE_USERS) evictCredentialEncryptionKey(@serIdInt int userId)5022 public void evictCredentialEncryptionKey(@UserIdInt int userId) { 5023 try { 5024 mService.evictCredentialEncryptionKey(userId); 5025 } catch (RemoteException re) { 5026 throw re.rethrowFromSystemServer(); 5027 } 5028 } 5029 5030 /** 5031 * Return the number of users currently created on the device. 5032 */ 5033 @RequiresPermission(anyOf = { 5034 android.Manifest.permission.MANAGE_USERS, 5035 android.Manifest.permission.CREATE_USERS 5036 }) getUserCount()5037 public int getUserCount() { 5038 List<UserInfo> users = getUsers(); 5039 return users != null ? users.size() : 1; 5040 } 5041 5042 /** 5043 * Returns information for all fully-created users on this device, including ones marked for 5044 * deletion. 5045 * 5046 * <p>To retrieve only users that are not marked for deletion, use {@link #getAliveUsers()}. 5047 * 5048 * <p>To retrieve *all* users (including partial and pre-created users), use 5049 * {@link #getUsers(boolean, boolean, boolean)) getUsers(false, false, false)}. 5050 * 5051 * <p>To retrieve a more specific list of users, use 5052 * {@link #getUsers(boolean, boolean, boolean)}. 5053 * 5054 * @return the list of users that were created. 5055 * 5056 * @hide 5057 */ 5058 @UnsupportedAppUsage 5059 @RequiresPermission(anyOf = { 5060 android.Manifest.permission.MANAGE_USERS, 5061 android.Manifest.permission.CREATE_USERS 5062 }) 5063 @TestApi getUsers()5064 public @NonNull List<UserInfo> getUsers() { 5065 return getUsers(/*excludePartial= */ true, /* excludeDying= */ false, 5066 /* excludePreCreated= */ true); 5067 } 5068 5069 /** 5070 * Returns information for all "usable" users on this device (i.e, it excludes users that are 5071 * marked for deletion, pre-created users, etc...). 5072 * 5073 * <p>To retrieve all fully-created users, use {@link #getUsers()}. 5074 * 5075 * <p>To retrieve a more specific list of users, use 5076 * {@link #getUsers(boolean, boolean, boolean)}. 5077 * 5078 * @return the list of users that were created. 5079 * @hide 5080 */ 5081 @RequiresPermission(anyOf = { 5082 android.Manifest.permission.MANAGE_USERS, 5083 android.Manifest.permission.CREATE_USERS 5084 }) 5085 @TestApi getAliveUsers()5086 public @NonNull List<UserInfo> getAliveUsers() { 5087 return getUsers(/*excludePartial= */ true, /* excludeDying= */ true, 5088 /* excludePreCreated= */ true); 5089 } 5090 5091 /** 5092 * @deprecated use {@link #getAliveUsers()} for {@code getUsers(true)}, or 5093 * {@link #getUsers()} for @code getUsers(false)}. 5094 * 5095 * @hide 5096 */ 5097 @Deprecated 5098 @UnsupportedAppUsage 5099 @RequiresPermission(anyOf = { 5100 android.Manifest.permission.MANAGE_USERS, 5101 android.Manifest.permission.CREATE_USERS 5102 }) getUsers(boolean excludeDying)5103 public @NonNull List<UserInfo> getUsers(boolean excludeDying) { 5104 return getUsers(/*excludePartial= */ true, excludeDying, 5105 /* excludePreCreated= */ true); 5106 } 5107 5108 /** 5109 * Returns information for all users on this device, based on the filtering parameters. 5110 * 5111 * @deprecated Pre-created users are deprecated and no longer supported. 5112 * Use {@link #getUsers()}, or {@link #getAliveUsers()} instead. 5113 * @hide 5114 */ 5115 @Deprecated 5116 @TestApi 5117 @RequiresPermission(anyOf = { 5118 android.Manifest.permission.MANAGE_USERS, 5119 android.Manifest.permission.CREATE_USERS 5120 }) getUsers(boolean excludePartial, boolean excludeDying, boolean excludePreCreated)5121 public @NonNull List<UserInfo> getUsers(boolean excludePartial, boolean excludeDying, 5122 boolean excludePreCreated) { 5123 try { 5124 return mService.getUsers(excludePartial, excludeDying, excludePreCreated); 5125 } catch (RemoteException re) { 5126 throw re.rethrowFromSystemServer(); 5127 } 5128 } 5129 5130 /** 5131 * Returns the user handles for all users on this device, based on the filtering parameters. 5132 * 5133 * @param excludeDying specify if the list should exclude users being removed. 5134 * @return the list of user handles. 5135 * @hide 5136 */ 5137 @SystemApi 5138 @RequiresPermission(anyOf = { 5139 android.Manifest.permission.MANAGE_USERS, 5140 android.Manifest.permission.CREATE_USERS 5141 }) getUserHandles(boolean excludeDying)5142 public @NonNull List<UserHandle> getUserHandles(boolean excludeDying) { 5143 List<UserInfo> users = getUsers(/* excludePartial= */ true, excludeDying, 5144 /* excludePreCreated= */ true); 5145 List<UserHandle> result = new ArrayList<>(users.size()); 5146 for (UserInfo user : users) { 5147 result.add(user.getUserHandle()); 5148 } 5149 return result; 5150 } 5151 5152 /** 5153 * Returns serial numbers of all users on this device. 5154 * 5155 * @param excludeDying specify if the list should exclude users being removed. 5156 * @return the list of serial numbers of users that exist on the device. 5157 * @hide 5158 */ 5159 @SystemApi 5160 @RequiresPermission(anyOf = { 5161 android.Manifest.permission.MANAGE_USERS, 5162 android.Manifest.permission.CREATE_USERS 5163 }) getSerialNumbersOfUsers(boolean excludeDying)5164 public long[] getSerialNumbersOfUsers(boolean excludeDying) { 5165 List<UserInfo> users = getUsers(/* excludePartial= */ true, excludeDying, 5166 /* excludePreCreated= */ true); 5167 long[] result = new long[users.size()]; 5168 for (int i = 0; i < result.length; i++) { 5169 result[i] = users.get(i).serialNumber; 5170 } 5171 return result; 5172 } 5173 5174 /** 5175 * @return the user's account name, null if not found. 5176 * @hide 5177 */ 5178 @RequiresPermission( allOf = { 5179 Manifest.permission.INTERACT_ACROSS_USERS_FULL, 5180 Manifest.permission.MANAGE_USERS 5181 }) getUserAccount(@serIdInt int userId)5182 public @Nullable String getUserAccount(@UserIdInt int userId) { 5183 try { 5184 return mService.getUserAccount(userId); 5185 } catch (RemoteException re) { 5186 throw re.rethrowFromSystemServer(); 5187 } 5188 } 5189 5190 /** 5191 * Set account name for the given user. 5192 * @hide 5193 */ 5194 @RequiresPermission( allOf = { 5195 Manifest.permission.INTERACT_ACROSS_USERS_FULL, 5196 Manifest.permission.MANAGE_USERS 5197 }) setUserAccount(@serIdInt int userId, @Nullable String accountName)5198 public void setUserAccount(@UserIdInt int userId, @Nullable String accountName) { 5199 try { 5200 mService.setUserAccount(userId, accountName); 5201 } catch (RemoteException re) { 5202 throw re.rethrowFromSystemServer(); 5203 } 5204 } 5205 5206 /** 5207 * Returns information for Primary user (which in practice is the same as the System user). 5208 * 5209 * @return the Primary user, null if not found. 5210 * @deprecated For the system user, call {@link #getUserInfo} on {@link UserHandle#USER_SYSTEM}, 5211 * or just use {@link UserHandle#SYSTEM} or {@link UserHandle#USER_SYSTEM}. 5212 * For the designated MainUser, use {@link #getMainUser()}. 5213 * 5214 * @hide 5215 */ 5216 @Deprecated 5217 @RequiresPermission(android.Manifest.permission.MANAGE_USERS) getPrimaryUser()5218 public @Nullable UserInfo getPrimaryUser() { 5219 try { 5220 return mService.getPrimaryUser(); 5221 } catch (RemoteException re) { 5222 throw re.rethrowFromSystemServer(); 5223 } 5224 } 5225 5226 /** 5227 * Returns the user who was last in the foreground, not including the current user and not 5228 * including profiles. 5229 * 5230 * <p>Returns {@code null} if there is no previous user, for example if there 5231 * is only one full user (i.e. only one user which is not a profile) on the device. 5232 * 5233 * <p>This method may be used for example to find the user to switch back to if the 5234 * current user is removed, or if creating a new user is aborted. 5235 * 5236 * <p>Note that reboots do not interrupt this calculation; the previous user need not have 5237 * used the device since it rebooted. 5238 * 5239 * <p>Note also that on devices that support multiple users on multiple displays, it is possible 5240 * that the returned user will be visible on a secondary display, as the foreground user is the 5241 * one associated with the main display. 5242 * 5243 * @hide 5244 */ 5245 @SystemApi 5246 @RequiresPermission(anyOf = { 5247 android.Manifest.permission.MANAGE_USERS, 5248 android.Manifest.permission.CREATE_USERS, 5249 android.Manifest.permission.QUERY_USERS 5250 }) getPreviousForegroundUser()5251 public @Nullable UserHandle getPreviousForegroundUser() { 5252 try { 5253 final int previousUser = mService.getPreviousFullUserToEnterForeground(); 5254 if (previousUser == UserHandle.USER_NULL) { 5255 return null; 5256 } 5257 return UserHandle.of(previousUser); 5258 } catch (RemoteException re) { 5259 throw re.rethrowFromSystemServer(); 5260 } 5261 } 5262 5263 /** 5264 * Checks whether it's possible to add more users. 5265 * 5266 * @return true if more users can be added, false if limit has been reached. 5267 * 5268 * @deprecated use {@link #canAddMoreUsers(String)} instead. 5269 * 5270 * @hide 5271 */ 5272 @Deprecated 5273 @RequiresPermission(anyOf = { 5274 android.Manifest.permission.MANAGE_USERS, 5275 android.Manifest.permission.CREATE_USERS 5276 }) canAddMoreUsers()5277 public boolean canAddMoreUsers() { 5278 // TODO(b/142482943): UMS has different logic, excluding Demo and Profile from counting. Why 5279 // not here? The logic is inconsistent. See UMS.canAddMoreManagedProfiles 5280 final List<UserInfo> users = getAliveUsers(); 5281 final int totalUserCount = users.size(); 5282 int aliveUserCount = 0; 5283 for (int i = 0; i < totalUserCount; i++) { 5284 UserInfo user = users.get(i); 5285 if (!user.isGuest()) { 5286 aliveUserCount++; 5287 } 5288 } 5289 return aliveUserCount < getMaxSupportedUsers(); 5290 } 5291 5292 /** 5293 * Checks whether it is possible to add more users of the given user type. 5294 * 5295 * @param userType the type of user, such as {@link UserManager#USER_TYPE_FULL_SECONDARY}. 5296 * @return true if more users of the given type can be added, otherwise false. 5297 * @hide 5298 */ 5299 @RequiresPermission(anyOf = { 5300 android.Manifest.permission.MANAGE_USERS, 5301 android.Manifest.permission.CREATE_USERS 5302 }) canAddMoreUsers(@onNull String userType)5303 public boolean canAddMoreUsers(@NonNull String userType) { 5304 try { 5305 if (userType.equals(USER_TYPE_FULL_GUEST)) { 5306 return mService.canAddMoreUsersOfType(userType); 5307 } else { 5308 return canAddMoreUsers() && mService.canAddMoreUsersOfType(userType); 5309 } 5310 } catch (RemoteException re) { 5311 throw re.rethrowFromSystemServer(); 5312 } 5313 } 5314 5315 /** 5316 * Returns the remaining number of users of the given type that can be created. 5317 * 5318 * @param userType the type of user, such as {@link UserManager#USER_TYPE_FULL_SECONDARY}. 5319 * @return how many additional users can be created. 5320 * @hide 5321 */ 5322 @SystemApi 5323 @RequiresPermission(anyOf = { 5324 android.Manifest.permission.MANAGE_USERS, 5325 android.Manifest.permission.CREATE_USERS, 5326 android.Manifest.permission.QUERY_USERS 5327 }) getRemainingCreatableUserCount(@onNull String userType)5328 public int getRemainingCreatableUserCount(@NonNull String userType) { 5329 Objects.requireNonNull(userType, "userType must not be null"); 5330 try { 5331 return mService.getRemainingCreatableUserCount(userType); 5332 } catch (RemoteException re) { 5333 throw re.rethrowFromSystemServer(); 5334 } 5335 } 5336 5337 /** 5338 * Returns the remaining number of profiles that can be added to the context user. 5339 * <p>Note that is applicable to any profile type (currently not including Restricted profiles). 5340 * 5341 * @param userType the type of profile, such as {@link UserManager#USER_TYPE_PROFILE_MANAGED}. 5342 * @return how many additional profiles can be created. 5343 * @hide 5344 */ 5345 @SystemApi 5346 @RequiresPermission(anyOf = { 5347 android.Manifest.permission.MANAGE_USERS, 5348 android.Manifest.permission.CREATE_USERS, 5349 android.Manifest.permission.QUERY_USERS 5350 }) 5351 @UserHandleAware getRemainingCreatableProfileCount(@onNull String userType)5352 public int getRemainingCreatableProfileCount(@NonNull String userType) { 5353 Objects.requireNonNull(userType, "userType must not be null"); 5354 try { 5355 // TODO(b/142482943): Perhaps let the following code apply to restricted users too. 5356 return mService.getRemainingCreatableProfileCount(userType, mUserId); 5357 } catch (RemoteException re) { 5358 throw re.rethrowFromSystemServer(); 5359 } 5360 } 5361 5362 /** 5363 * Checks whether it's possible to add more managed profiles. 5364 * if allowedToRemoveOne is true and if the user already has a managed profile, then return if 5365 * we could add a new managed profile to this user after removing the existing one. 5366 * 5367 * @return true if more managed profiles can be added, false if limit has been reached. 5368 * @hide 5369 */ 5370 @RequiresPermission(anyOf = { 5371 android.Manifest.permission.MANAGE_USERS, 5372 android.Manifest.permission.CREATE_USERS, 5373 android.Manifest.permission.QUERY_USERS 5374 }) canAddMoreManagedProfiles(@serIdInt int userId, boolean allowedToRemoveOne)5375 public boolean canAddMoreManagedProfiles(@UserIdInt int userId, boolean allowedToRemoveOne) { 5376 try { 5377 return mService.canAddMoreManagedProfiles(userId, allowedToRemoveOne); 5378 } catch (RemoteException re) { 5379 throw re.rethrowFromSystemServer(); 5380 } 5381 } 5382 5383 /** 5384 * Checks whether it's possible to add more profiles of the given type to the given user. 5385 * 5386 * @param userType the type of user, such as {@link UserManager#USER_TYPE_PROFILE_MANAGED}. 5387 * @return true if more profiles can be added, false if limit has been reached. 5388 * @hide 5389 */ 5390 @RequiresPermission(anyOf = { 5391 android.Manifest.permission.MANAGE_USERS, 5392 android.Manifest.permission.CREATE_USERS, 5393 android.Manifest.permission.QUERY_USERS 5394 }) canAddMoreProfilesToUser(@onNull String userType, @UserIdInt int userId)5395 public boolean canAddMoreProfilesToUser(@NonNull String userType, @UserIdInt int userId) { 5396 try { 5397 return mService.canAddMoreProfilesToUser(userType, userId, false); 5398 } catch (RemoteException re) { 5399 throw re.rethrowFromSystemServer(); 5400 } 5401 } 5402 5403 /** 5404 * Checks whether this device supports users of the given user type. 5405 * 5406 * @param userType the type of user, such as {@link UserManager#USER_TYPE_FULL_SECONDARY}. 5407 * @return true if the creation of users of the given user type is enabled on this device. 5408 * @hide 5409 */ 5410 @TestApi 5411 @RequiresPermission(anyOf = { 5412 android.Manifest.permission.MANAGE_USERS, 5413 android.Manifest.permission.CREATE_USERS 5414 }) isUserTypeEnabled(@onNull String userType)5415 public boolean isUserTypeEnabled(@NonNull String userType) { 5416 try { 5417 return mService.isUserTypeEnabled(userType); 5418 } catch (RemoteException re) { 5419 throw re.rethrowFromSystemServer(); 5420 } 5421 } 5422 5423 /** 5424 * Returns a list of the users that are associated with userId, including userId itself. This 5425 * includes the user, its profiles, its parent, and its parent's other profiles, as applicable. 5426 * 5427 * Note that this returns both enabled and not enabled profiles. See 5428 * {@link #getEnabledProfiles(int)} if you need only the enabled ones. 5429 * <p>Note that this includes all profile types (not including Restricted profiles). 5430 * 5431 * <p>Requires {@link android.Manifest.permission#MANAGE_USERS} or 5432 * {@link android.Manifest.permission#CREATE_USERS} or 5433 * {@link android.Manifest.permission#QUERY_USERS} if userId is not the calling user. 5434 * @param userId profiles associated with this user (including itself) will be returned. 5435 * @return the list of profiles. 5436 * @hide 5437 */ 5438 @UnsupportedAppUsage 5439 @RequiresPermission(anyOf = { 5440 Manifest.permission.MANAGE_USERS, 5441 Manifest.permission.CREATE_USERS, 5442 Manifest.permission.QUERY_USERS}, conditional = true) 5443 @CachedProperty(api = "user_manager_user_data") getProfiles(@serIdInt int userId)5444 public List<UserInfo> getProfiles(@UserIdInt int userId) { 5445 if (android.multiuser.Flags.cacheProfilesReadOnly()) { 5446 return UserManagerCache.getProfiles( 5447 (Integer userIdentifier) -> mService.getProfiles(userIdentifier, false), 5448 userId); 5449 } 5450 try { 5451 return mService.getProfiles(userId, false /* enabledOnly */); 5452 } catch (RemoteException re) { 5453 throw re.rethrowFromSystemServer(); 5454 } 5455 } 5456 5457 /** 5458 * Returns a list of the users that are associated with userId, including userId itself, 5459 * as well as the communal profile, if there is one. 5460 * 5461 * <p>Note that this returns both enabled and not enabled profiles. 5462 * <p>Note that this includes all profile types (not including Restricted profiles). 5463 * 5464 * @see #getProfiles(int) 5465 * @hide 5466 */ 5467 @FlaggedApi(android.multiuser.Flags.FLAG_SUPPORT_COMMUNAL_PROFILE) 5468 @RequiresPermission(anyOf = { 5469 Manifest.permission.MANAGE_USERS, 5470 Manifest.permission.CREATE_USERS, 5471 Manifest.permission.QUERY_USERS}) getProfilesIncludingCommunal(@serIdInt int userId)5472 public List<UserInfo> getProfilesIncludingCommunal(@UserIdInt int userId) { 5473 final List<UserInfo> profiles = getProfiles(userId); 5474 final UserHandle communalProfile = getCommunalProfile(); 5475 if (communalProfile != null) { 5476 final UserInfo communalInfo = getUserInfo(communalProfile.getIdentifier()); 5477 if (communalInfo != null) { 5478 profiles.add(communalInfo); 5479 } 5480 } 5481 return profiles; 5482 } 5483 5484 /** 5485 * Checks if the 2 provided user handles belong to the same profile group. 5486 * 5487 * @param user one of the two user handles to check. 5488 * @param otherUser one of the two user handles to check. 5489 * @return true if the two users are in the same profile group. 5490 * 5491 * @hide 5492 */ 5493 @SystemApi 5494 @RequiresPermission(anyOf = { 5495 android.Manifest.permission.MANAGE_USERS, 5496 android.Manifest.permission.QUERY_USERS}) isSameProfileGroup(@onNull UserHandle user, @NonNull UserHandle otherUser)5497 public boolean isSameProfileGroup(@NonNull UserHandle user, @NonNull UserHandle otherUser) { 5498 return isSameProfileGroup(user.getIdentifier(), otherUser.getIdentifier()); 5499 } 5500 5501 /** 5502 * Checks if the 2 provided user ids belong to the same profile group. 5503 * @param userId one of the two user ids to check. 5504 * @param otherUserId one of the two user ids to check. 5505 * @return true if the two user ids are in the same profile group. 5506 * @hide 5507 */ 5508 @RequiresPermission(anyOf = { 5509 android.Manifest.permission.MANAGE_USERS, 5510 android.Manifest.permission.QUERY_USERS}) isSameProfileGroup(@serIdInt int userId, int otherUserId)5511 public boolean isSameProfileGroup(@UserIdInt int userId, int otherUserId) { 5512 try { 5513 return mService.isSameProfileGroup(userId, otherUserId); 5514 } catch (RemoteException re) { 5515 throw re.rethrowFromSystemServer(); 5516 } 5517 } 5518 5519 /** 5520 * Returns a list of the enabled users that are associated with userId, including userId itself. 5521 * This includes the user, its profiles, its parent, and its parent's other profiles, as 5522 * applicable. 5523 * 5524 * Note that this returns only {@link UserInfo#isEnabled() enabled} profiles. 5525 * <p>Note that this includes all profile types (not including Restricted profiles). 5526 * 5527 * <p>Requires {@link android.Manifest.permission#MANAGE_USERS} or 5528 * {@link android.Manifest.permission#CREATE_USERS} or 5529 * {@link android.Manifest.permission#QUERY_USERS} if userId is not the calling user. 5530 * @param userId profiles of this user will be returned. 5531 * @return the list of profiles. 5532 * @deprecated use {@link #getUserProfiles()} instead. 5533 * 5534 * @hide 5535 */ 5536 @Deprecated 5537 @UnsupportedAppUsage 5538 @RequiresPermission(anyOf = { 5539 Manifest.permission.MANAGE_USERS, 5540 Manifest.permission.CREATE_USERS, 5541 Manifest.permission.QUERY_USERS}, conditional = true) getEnabledProfiles(@serIdInt int userId)5542 public List<UserInfo> getEnabledProfiles(@UserIdInt int userId) { 5543 try { 5544 return mService.getProfiles(userId, true /* enabledOnly */); 5545 } catch (RemoteException re) { 5546 throw re.rethrowFromSystemServer(); 5547 } 5548 } 5549 5550 /** 5551 * Returns a list of the users that are associated with the context user, including the user 5552 * itself. This includes the user, its profiles, its parent, and its parent's other profiles, 5553 * as applicable. 5554 * 5555 * <p>Note that this includes all profile types (not including Restricted profiles). 5556 * 5557 * @return A non-empty list of UserHandles associated with the context user. 5558 */ 5559 @UserHandleAware( 5560 enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU, 5561 requiresAnyOfPermissionsIfNotCaller = { 5562 Manifest.permission.MANAGE_USERS, 5563 Manifest.permission.CREATE_USERS, 5564 Manifest.permission.QUERY_USERS}) getUserProfiles()5565 public List<UserHandle> getUserProfiles() { 5566 int[] userIds = getProfileIds(getContextUserIfAppropriate(), true /* enabledOnly */); 5567 return convertUserIdsToUserHandles(userIds); 5568 } 5569 5570 /** 5571 * Returns a list of the enabled users that are associated with the context user, including the 5572 * user itself. This includes the user, its profiles, its parent, and its parent's other 5573 * profiles, as applicable. 5574 * 5575 * <p>Note that this includes all profile types (not including Restricted profiles). 5576 * 5577 * @return A non-empty list of UserHandles associated with the context user. 5578 * @hide 5579 */ 5580 @SystemApi 5581 @UserHandleAware( 5582 requiresAnyOfPermissionsIfNotCaller = { 5583 Manifest.permission.MANAGE_USERS, 5584 Manifest.permission.CREATE_USERS, 5585 Manifest.permission.QUERY_USERS}) getEnabledProfiles()5586 public @NonNull List<UserHandle> getEnabledProfiles() { 5587 return getProfiles(true); 5588 } 5589 5590 /** 5591 * Returns a list of all users that are associated with the context user, including the user 5592 * itself. This includes the user, its profiles, its parent, and its parent's other profiles, 5593 * as applicable. 5594 * 5595 * <p>Note that this includes all profile types (not including Restricted profiles). 5596 * 5597 * @return A non-empty list of UserHandles associated with the context user. 5598 * @hide 5599 */ 5600 @SystemApi 5601 @UserHandleAware( 5602 requiresAnyOfPermissionsIfNotCaller = { 5603 Manifest.permission.MANAGE_USERS, 5604 Manifest.permission.CREATE_USERS, 5605 Manifest.permission.QUERY_USERS}) getAllProfiles()5606 public @NonNull List<UserHandle> getAllProfiles() { 5607 return getProfiles(false); 5608 } 5609 5610 /** 5611 * Returns a list of the users that are associated with the context user, including the user 5612 * itself. This includes the user, its profiles, its parent, and its parent's other profiles, as 5613 * applicable. 5614 * 5615 * <p>Note that this includes all profile types (not including Restricted profiles). 5616 * 5617 * @param enabledOnly whether to return only {@link UserInfo#isEnabled() enabled} profiles 5618 * @return A non-empty list of UserHandles associated with the context user. 5619 */ 5620 @UserHandleAware( 5621 requiresAnyOfPermissionsIfNotCaller = { 5622 Manifest.permission.MANAGE_USERS, 5623 Manifest.permission.CREATE_USERS, 5624 Manifest.permission.QUERY_USERS}) getProfiles(boolean enabledOnly)5625 private @NonNull List<UserHandle> getProfiles(boolean enabledOnly) { 5626 final int[] userIds = getProfileIds(mUserId, enabledOnly); 5627 return convertUserIdsToUserHandles(userIds); 5628 } 5629 5630 /** Converts the given array of userIds to a List of UserHandles. */ convertUserIdsToUserHandles(@onNull int[] userIds)5631 private @NonNull List<UserHandle> convertUserIdsToUserHandles(@NonNull int[] userIds) { 5632 final List<UserHandle> result = new ArrayList<>(userIds.length); 5633 for (int userId : userIds) { 5634 result.add(UserHandle.of(userId)); 5635 } 5636 return result; 5637 } 5638 5639 /** 5640 * Returns a list of the users that are associated with the specified user, including the user 5641 * itself. This includes the user, its profiles, its parent, and its parent's other profiles, 5642 * as applicable. 5643 * 5644 * <p>Note that this includes all profile types (not including Restricted profiles). 5645 * 5646 * @param userId id of the user to return profiles for 5647 * @param enabledOnly whether return only {@link UserInfo#isEnabled() enabled} profiles 5648 * @return A non-empty list of ids of profiles associated with the specified user. 5649 * 5650 * @hide 5651 */ 5652 @RequiresPermission(anyOf = { 5653 Manifest.permission.MANAGE_USERS, 5654 Manifest.permission.CREATE_USERS, 5655 Manifest.permission.QUERY_USERS}, conditional = true) getProfileIds(@serIdInt int userId, boolean enabledOnly)5656 public @NonNull int[] getProfileIds(@UserIdInt int userId, boolean enabledOnly) { 5657 if (android.multiuser.Flags.cacheProfileIdsReadOnly()) { 5658 return enabledOnly ? getEnabledProfileIds(userId) : getProfileIdsWithDisabled(userId); 5659 } else { 5660 try { 5661 return mService.getProfileIds(userId, enabledOnly); 5662 } catch (RemoteException re) { 5663 throw re.rethrowFromSystemServer(); 5664 } 5665 } 5666 } 5667 5668 /** 5669 * @see #getProfileIds(int, boolean) 5670 * @hide 5671 */ 5672 @UnsupportedAppUsage 5673 @RequiresPermission(anyOf = { 5674 Manifest.permission.MANAGE_USERS, 5675 Manifest.permission.CREATE_USERS, 5676 Manifest.permission.QUERY_USERS}, conditional = true) 5677 @CachedProperty(api = "user_manager_users") getProfileIdsWithDisabled(@serIdInt int userId)5678 public int[] getProfileIdsWithDisabled(@UserIdInt int userId) { 5679 if (android.multiuser.Flags.cacheProfileIdsReadOnly()) { 5680 return UserManagerCache.getProfileIdsWithDisabled( 5681 (Integer userIdentifuer) -> mService.getProfileIds(userIdentifuer, false), userId); 5682 } else { 5683 return getProfileIds(userId, false /* enabledOnly */); 5684 } 5685 } 5686 5687 /** 5688 * @see #getProfileIds(int, boolean) 5689 * @hide 5690 */ 5691 @RequiresPermission(anyOf = { 5692 Manifest.permission.MANAGE_USERS, 5693 Manifest.permission.CREATE_USERS, 5694 Manifest.permission.QUERY_USERS}, conditional = true) 5695 @CachedProperty(api = "user_manager_users_enabled") getEnabledProfileIds(@serIdInt int userId)5696 public int[] getEnabledProfileIds(@UserIdInt int userId) { 5697 if (android.multiuser.Flags.cacheProfileIdsReadOnly()) { 5698 return UserManagerCache.getEnabledProfileIds( 5699 (Integer userIdentifuer) -> mService.getProfileIds(userIdentifuer, true), userId); 5700 } else { 5701 return getProfileIds(userId, true /* enabledOnly */); 5702 } 5703 } 5704 5705 /** @hide */ invalidateEnabledProfileIds()5706 public static final void invalidateEnabledProfileIds() { 5707 if (android.multiuser.Flags.cacheProfileIdsReadOnly()) { 5708 UserManagerCache.invalidateEnabledProfileIds(); 5709 } 5710 } 5711 5712 /** 5713 * @return A list of ids of profiles associated with the specified user excluding those with 5714 * {@link UserProperties#getProfileApiVisibility()} set to hidden. The returned list includes 5715 * the user itself. 5716 * @hide 5717 * @see #getProfileIds(int, boolean) 5718 */ 5719 @RequiresPermission(anyOf = { 5720 Manifest.permission.MANAGE_USERS, 5721 Manifest.permission.CREATE_USERS, 5722 Manifest.permission.QUERY_USERS}, conditional = true) getProfileIdsExcludingHidden(@serIdInt int userId, boolean enabled)5723 public int[] getProfileIdsExcludingHidden(@UserIdInt int userId, boolean enabled) { 5724 try { 5725 return mService.getProfileIdsExcludingHidden(userId, enabled); 5726 } catch (RemoteException re) { 5727 throw re.rethrowFromSystemServer(); 5728 } 5729 } 5730 5731 /** 5732 * Returns the device credential owner id of the profile from 5733 * which this method is called, or userId if called from a user that 5734 * is not a profile. 5735 * 5736 * @hide 5737 */ 5738 @RequiresPermission(Manifest.permission.MANAGE_USERS) getCredentialOwnerProfile(@serIdInt int userId)5739 public int getCredentialOwnerProfile(@UserIdInt int userId) { 5740 try { 5741 return mService.getCredentialOwnerProfile(userId); 5742 } catch (RemoteException re) { 5743 throw re.rethrowFromSystemServer(); 5744 } 5745 } 5746 5747 /** 5748 * Returns the parent of the profile which this method is called from 5749 * or null if it has no parent (e.g. if it is not a profile). 5750 * 5751 * @hide 5752 */ 5753 @UnsupportedAppUsage 5754 @RequiresPermission(anyOf = { 5755 android.Manifest.permission.MANAGE_USERS, 5756 android.Manifest.permission.INTERACT_ACROSS_USERS 5757 }) getProfileParent(@serIdInt int userId)5758 public UserInfo getProfileParent(@UserIdInt int userId) { 5759 try { 5760 return mService.getProfileParent(userId); 5761 } catch (RemoteException re) { 5762 throw re.rethrowFromSystemServer(); 5763 } 5764 } 5765 5766 /** 5767 * Get the parent of a user profile. 5768 * 5769 * @param user the handle of the user profile 5770 * 5771 * @return the parent of the user or {@code null} if the user has no parent 5772 * 5773 * @hide 5774 */ 5775 @SystemApi 5776 @RequiresPermission(anyOf = { 5777 android.Manifest.permission.MANAGE_USERS, 5778 android.Manifest.permission.INTERACT_ACROSS_USERS 5779 }) 5780 @CachedProperty(api = "user_manager_users") getProfileParent(@onNull UserHandle user)5781 public @Nullable UserHandle getProfileParent(@NonNull UserHandle user) { 5782 if (android.multiuser.Flags.cacheProfileParentReadOnly()) { 5783 final UserHandle userHandle = UserManagerCache.getProfileParent( 5784 (UserHandle query) -> { 5785 UserInfo info = getProfileParent(query.getIdentifier()); 5786 // TODO: Remove when b/372923336 is fixed 5787 if (info == null) { 5788 return UserHandle.of(UserHandle.USER_NULL); 5789 } 5790 return UserHandle.of(info.id); 5791 }, 5792 user); 5793 if (userHandle.getIdentifier() == UserHandle.USER_NULL) { 5794 return null; 5795 } 5796 return userHandle; 5797 } else { 5798 UserInfo info = getProfileParent(user.getIdentifier()); 5799 if (info == null) { 5800 return null; 5801 } 5802 return UserHandle.of(info.id); 5803 } 5804 } 5805 5806 /** 5807 * Enables or disables quiet mode for a profile. If quiet mode is enabled, apps in the profile 5808 * don't run, generate notifications, or consume data or battery. 5809 * <p> 5810 * If a user's credential is needed to turn off quiet mode, a confirm credential screen will be 5811 * shown to the user. 5812 * <p> 5813 * The change may not happen instantly, however apps can listen for 5814 * {@link Intent#ACTION_MANAGED_PROFILE_AVAILABLE} and 5815 * {@link Intent#ACTION_MANAGED_PROFILE_UNAVAILABLE} broadcasts in order to be notified of 5816 * the change of the quiet mode for managed profile. 5817 * Apps can listen to generic broadcasts {@link Intent#ACTION_PROFILE_AVAILABLE} and 5818 * {@link Intent#ACTION_PROFILE_UNAVAILABLE} to be notified of the change in quiet mode for 5819 * any profiles. Apps can also check the current state of quiet mode by calling 5820 * {@link #isQuietModeEnabled(UserHandle)}. 5821 * <p> 5822 * The caller must either be the foreground default launcher or have one of these permissions: 5823 * {@code MANAGE_USERS} or {@code MODIFY_QUIET_MODE}. 5824 * 5825 * @param enableQuietMode whether quiet mode should be enabled or disabled 5826 * @param userHandle user handle of the profile 5827 * @return {@code false} if user's credential is needed in order to turn off quiet mode, 5828 * {@code true} otherwise 5829 * @throws SecurityException if the caller is invalid 5830 * @throws IllegalArgumentException if {@code userHandle} is not a profile 5831 * 5832 * @see #isQuietModeEnabled(UserHandle) 5833 */ 5834 @RequiresPermission(anyOf = {android.Manifest.permission.MANAGE_USERS, 5835 Manifest.permission.MODIFY_QUIET_MODE}, conditional = true) requestQuietModeEnabled(boolean enableQuietMode, @NonNull UserHandle userHandle)5836 public boolean requestQuietModeEnabled(boolean enableQuietMode, @NonNull UserHandle userHandle) { 5837 return requestQuietModeEnabled(enableQuietMode, userHandle, null); 5838 } 5839 5840 /** 5841 * Perform the same operation as {@link #requestQuietModeEnabled(boolean, UserHandle)}, but 5842 * with a flag to tweak the behavior of the request. 5843 * 5844 * @param enableQuietMode whether quiet mode should be enabled or disabled 5845 * @param userHandle user handle of the profile 5846 * @param flags Can be 0 or {@link #QUIET_MODE_DISABLE_ONLY_IF_CREDENTIAL_NOT_REQUIRED}. 5847 * @return {@code false} if user's credential is needed in order to turn off quiet mode, 5848 * {@code true} otherwise 5849 * @throws SecurityException if the caller is invalid 5850 * @throws IllegalArgumentException if {@code userHandle} is not a managed profile 5851 * 5852 * @see #isQuietModeEnabled(UserHandle) 5853 */ requestQuietModeEnabled(boolean enableQuietMode, @NonNull UserHandle userHandle, @QuietModeFlag int flags)5854 public boolean requestQuietModeEnabled(boolean enableQuietMode, @NonNull UserHandle userHandle, 5855 @QuietModeFlag int flags) { 5856 return requestQuietModeEnabled(enableQuietMode, userHandle, null, flags); 5857 } 5858 5859 /** 5860 * Similar to {@link #requestQuietModeEnabled(boolean, UserHandle)}, except you can specify 5861 * a target to start when user is unlocked. If {@code target} is specified, caller must have 5862 * the {@link android.Manifest.permission#MANAGE_USERS} permission. 5863 * 5864 * @see {@link #requestQuietModeEnabled(boolean, UserHandle)} 5865 * @hide 5866 */ 5867 @RequiresPermission(android.Manifest.permission.MANAGE_USERS) requestQuietModeEnabled( boolean enableQuietMode, @NonNull UserHandle userHandle, IntentSender target)5868 public boolean requestQuietModeEnabled( 5869 boolean enableQuietMode, @NonNull UserHandle userHandle, IntentSender target) { 5870 return requestQuietModeEnabled(enableQuietMode, userHandle, target, 0); 5871 } 5872 5873 /** 5874 * Similar to {@link #requestQuietModeEnabled(boolean, UserHandle)}, except you can specify 5875 * a target to start when user is unlocked. If {@code target} is specified, caller must have 5876 * the {@link android.Manifest.permission#MANAGE_USERS} permission. 5877 * 5878 * @see #requestQuietModeEnabled(boolean, UserHandle) 5879 * @hide 5880 */ requestQuietModeEnabled( boolean enableQuietMode, @NonNull UserHandle userHandle, IntentSender target, int flags)5881 public boolean requestQuietModeEnabled( 5882 boolean enableQuietMode, @NonNull UserHandle userHandle, IntentSender target, 5883 int flags) { 5884 try { 5885 return mService.requestQuietModeEnabled( 5886 mContext.getPackageName(), enableQuietMode, userHandle.getIdentifier(), target, 5887 flags); 5888 } catch (RemoteException re) { 5889 throw re.rethrowFromSystemServer(); 5890 } 5891 } 5892 5893 /** @hide */ invalidateQuietModeEnabledCache()5894 public static final void invalidateQuietModeEnabledCache() { 5895 UserManagerCache.invalidateQuietModeEnabled(); 5896 } 5897 5898 /** 5899 * Returns whether the given profile is in quiet mode or not. 5900 * 5901 * @param userHandle The user handle of the profile to be queried. 5902 * @return true if the profile is in quiet mode, false otherwise. 5903 */ 5904 @CachedProperty(mods = {}) isQuietModeEnabled(UserHandle userHandle)5905 public boolean isQuietModeEnabled(UserHandle userHandle) { 5906 if (android.multiuser.Flags.cacheQuietModeState()) { 5907 final int userId = userHandle.getIdentifier(); 5908 if (userId < 0) { 5909 return false; 5910 } 5911 return ((UserManagerCache) mIpcDataCache).isQuietModeEnabled( 5912 (UserHandle uh) -> mService.isQuietModeEnabled(uh.getIdentifier()), userHandle); 5913 } 5914 try { 5915 return mService.isQuietModeEnabled(userHandle.getIdentifier()); 5916 } catch (RemoteException re) { 5917 throw re.rethrowFromSystemServer(); 5918 } 5919 } 5920 5921 /** 5922 * Returns whether the given user has a badge (generally to put on profiles' icons). 5923 * 5924 * @param userId userId of the user in question 5925 * @return true if the user's icons should display a badge; false otherwise. 5926 * 5927 * @see #getBadgedIconForUser more information about badging in general 5928 * @hide 5929 */ hasBadge(@serIdInt int userId)5930 public boolean hasBadge(@UserIdInt int userId) { 5931 if (!isProfile(userId)) { 5932 // Since currently only profiles actually have badges, we can do this optimization. 5933 return false; 5934 } 5935 try { 5936 return mService.hasBadge(userId); 5937 } catch (RemoteException re) { 5938 throw re.rethrowFromSystemServer(); 5939 } 5940 } 5941 5942 /** 5943 * Returns whether the user associated with the context has a badge (generally to put on 5944 * profiles' icons). 5945 * 5946 * @return true if the user's icons should display a badge; false otherwise. 5947 * @see #getBadgedIconForUser more information about badging in general 5948 * @hide 5949 */ 5950 @UserHandleAware hasBadge()5951 public boolean hasBadge() { 5952 return hasBadge(mUserId); 5953 } 5954 5955 /** 5956 * Returns the light theme badge color for the given user (generally to color a profile's 5957 * icon's badge). 5958 * 5959 * <p>To check whether a badge color is expected for the user, first call {@link #hasBadge}. 5960 * 5961 * @return the color (not the resource ID) to be used for the user's badge 5962 * @throws Resources.NotFoundException if no valid badge color exists for this user 5963 * 5964 * @see #getBadgedIconForUser more information about badging in general 5965 * @hide 5966 */ getUserBadgeColor(@serIdInt int userId)5967 public @ColorInt int getUserBadgeColor(@UserIdInt int userId) { 5968 try { 5969 final int resourceId = mService.getUserBadgeColorResId(userId); 5970 return Resources.getSystem().getColor(resourceId, null); 5971 } catch (RemoteException re) { 5972 throw re.rethrowFromSystemServer(); 5973 } 5974 } 5975 5976 /** 5977 * Returns the dark theme badge color for the given user (generally to color a profile's icon's 5978 * badge). 5979 * 5980 * <p>To check whether a badge color is expected for the user, first call {@link #hasBadge}. 5981 * 5982 * @return the color (not the resource ID) to be used for the user's badge 5983 * @throws Resources.NotFoundException if no valid badge color exists for this user 5984 * 5985 * @see #getBadgedIconForUser more information about badging in general 5986 * @hide 5987 */ getUserBadgeDarkColor(@serIdInt int userId)5988 public @ColorInt int getUserBadgeDarkColor(@UserIdInt int userId) { 5989 try { 5990 final int resourceId = mService.getUserBadgeDarkColorResId(userId); 5991 return Resources.getSystem().getColor(resourceId, null); 5992 } catch (RemoteException re) { 5993 throw re.rethrowFromSystemServer(); 5994 } 5995 } 5996 5997 /** 5998 * Returns the Resource ID of the user's icon badge. 5999 * 6000 * @return the Resource ID of the user's icon badge if it has one; otherwise 6001 * {@link Resources#ID_NULL}. 6002 * 6003 * @see #getBadgedIconForUser more information about badging in general 6004 * @hide 6005 */ getUserIconBadgeResId(@serIdInt int userId)6006 public @DrawableRes int getUserIconBadgeResId(@UserIdInt int userId) { 6007 try { 6008 return mService.getUserIconBadgeResId(userId); 6009 } catch (RemoteException re) { 6010 throw re.rethrowFromSystemServer(); 6011 } 6012 } 6013 6014 /** 6015 * Returns the Resource ID of the user's badge. 6016 * 6017 * @return the Resource ID of the user's badge if it has one; otherwise 6018 * {@link Resources#ID_NULL}. 6019 * 6020 * @see #getBadgedIconForUser more information about badging in general 6021 * @hide 6022 */ getUserBadgeResId(@serIdInt int userId)6023 public @DrawableRes int getUserBadgeResId(@UserIdInt int userId) { 6024 try { 6025 return mService.getUserBadgeResId(userId); 6026 } catch (RemoteException re) { 6027 throw re.rethrowFromSystemServer(); 6028 } 6029 } 6030 6031 /** 6032 * Returns the Resource ID of the user's badge without a background. 6033 * 6034 * @return the Resource ID of the user's no-background badge if it has one; otherwise 6035 * {@link Resources#ID_NULL}. 6036 * 6037 * @see #getBadgedIconForUser more information about badging in general 6038 * @hide 6039 */ getUserBadgeNoBackgroundResId(@serIdInt int userId)6040 public @DrawableRes int getUserBadgeNoBackgroundResId(@UserIdInt int userId) { 6041 try { 6042 return mService.getUserBadgeNoBackgroundResId(userId); 6043 } catch (RemoteException re) { 6044 throw re.rethrowFromSystemServer(); 6045 } 6046 } 6047 6048 /** 6049 * Returns the Resource ID of the user's status bar icon. 6050 * 6051 * @return the Resource ID of the user's status bar icon if it has one; otherwise 6052 * {@link Resources#ID_NULL}. 6053 * @hide 6054 */ getUserStatusBarIconResId(@serIdInt int userId)6055 public @DrawableRes int getUserStatusBarIconResId(@UserIdInt int userId) { 6056 try { 6057 return mService.getUserStatusBarIconResId(userId); 6058 } catch (RemoteException re) { 6059 throw re.rethrowFromSystemServer(); 6060 } 6061 } 6062 6063 /** 6064 * If the target user is a profile of the calling user or the caller 6065 * is itself a profile, then this returns a badged copy of the given 6066 * icon to be able to distinguish it from the original icon. For badging an 6067 * arbitrary drawable use {@link #getBadgedDrawableForUser( 6068 * android.graphics.drawable.Drawable, UserHandle, android.graphics.Rect, int)}. 6069 * <p> 6070 * If the original drawable is a BitmapDrawable and the backing bitmap is 6071 * mutable as per {@link android.graphics.Bitmap#isMutable()}, the badging 6072 * is performed in place and the original drawable is returned. 6073 * </p> 6074 * 6075 * @param icon The icon to badge. 6076 * @param user The target user. 6077 * @return A drawable that combines the original icon and a badge as 6078 * determined by the system. 6079 * @removed 6080 */ getBadgedIconForUser(Drawable icon, UserHandle user)6081 public Drawable getBadgedIconForUser(Drawable icon, UserHandle user) { 6082 return mContext.getPackageManager().getUserBadgedIcon(icon, user); 6083 } 6084 6085 /** 6086 * If the target user is a profile of the calling user or the caller 6087 * is itself a profile, then this returns a badged copy of the given 6088 * drawable allowing the user to distinguish it from the original drawable. 6089 * The caller can specify the location in the bounds of the drawable to be 6090 * badged where the badge should be applied as well as the density of the 6091 * badge to be used. 6092 * <p> 6093 * If the original drawable is a BitmapDrawable and the backing bitmap is 6094 * mutable as per {@link android.graphics.Bitmap#isMutable()}, the badging 6095 * is performed in place and the original drawable is returned. 6096 * </p> 6097 * 6098 * @param badgedDrawable The drawable to badge. 6099 * @param user The target user. 6100 * @param badgeLocation Where in the bounds of the badged drawable to place 6101 * the badge. If it's {@code null}, the badge is applied on top of the entire 6102 * drawable being badged. 6103 * @param badgeDensity The optional desired density for the badge as per 6104 * {@link android.util.DisplayMetrics#densityDpi}. If it's not positive, 6105 * the density of the display is used. 6106 * @return A drawable that combines the original drawable and a badge as 6107 * determined by the system. 6108 * @removed 6109 */ getBadgedDrawableForUser(Drawable badgedDrawable, UserHandle user, Rect badgeLocation, int badgeDensity)6110 public Drawable getBadgedDrawableForUser(Drawable badgedDrawable, UserHandle user, 6111 Rect badgeLocation, int badgeDensity) { 6112 return mContext.getPackageManager().getUserBadgedDrawableForDensity(badgedDrawable, user, 6113 badgeLocation, badgeDensity); 6114 } 6115 6116 /** 6117 * Retrieves a user badge associated with the current context user. This is only 6118 * applicable to profile users since non-profile users do not have badges. 6119 * 6120 * @return A {@link Drawable} user badge corresponding to the context user 6121 * @throws android.content.res.Resources.NotFoundException if the user is not a profile or 6122 * does not have a badge defined. 6123 * @hide 6124 */ 6125 @SystemApi 6126 @UserHandleAware( 6127 requiresAnyOfPermissionsIfNotCallerProfileGroup = { 6128 Manifest.permission.MANAGE_USERS, 6129 Manifest.permission.INTERACT_ACROSS_USERS}) 6130 @SuppressLint("UnflaggedApi") // b/306636213 getUserBadge()6131 public @NonNull Drawable getUserBadge() { 6132 if (!isProfile(mUserId)) { 6133 throw new Resources.NotFoundException("No badge found for this user."); 6134 } 6135 if (isManagedProfile(mUserId)) { 6136 DevicePolicyManager dpm = mContext.getSystemService(DevicePolicyManager.class); 6137 return dpm.getResources().getDrawable( 6138 android.app.admin.DevicePolicyResources.Drawables.WORK_PROFILE_ICON_BADGE, 6139 SOLID_COLORED, () -> getDefaultUserBadge(mUserId)); 6140 } 6141 return getDefaultUserBadge(mUserId); 6142 } 6143 getDefaultUserBadge(@serIdInt int userId)6144 private Drawable getDefaultUserBadge(@UserIdInt int userId){ 6145 return mContext.getResources().getDrawable(getUserBadgeResId(userId), mContext.getTheme()); 6146 } 6147 6148 /** 6149 * If the target user is a profile of the calling user or the caller 6150 * is itself a profile, then this returns a copy of the label with 6151 * badging for accessibility services like talkback. E.g. passing in "Email" 6152 * and it might return "Work Email" for Email in the work profile. 6153 * 6154 * <p>Requires {@link android.Manifest.permission#MANAGE_USERS} or 6155 * {@link android.Manifest.permission#INTERACT_ACROSS_USERS} permission, otherwise the caller 6156 * must be in the same profile group of specified user. 6157 * 6158 * @param label The label to change. 6159 * @param user The target user. 6160 * @return A label that combines the original label and a badge as 6161 * determined by the system. 6162 * @removed 6163 */ getBadgedLabelForUser(CharSequence label, UserHandle user)6164 public CharSequence getBadgedLabelForUser(CharSequence label, UserHandle user) { 6165 final int userId = user.getIdentifier(); 6166 if (!hasBadge(userId)) { 6167 return label; 6168 } 6169 DevicePolicyManager dpm = mContext.getSystemService(DevicePolicyManager.class); 6170 return dpm.getResources().getString( 6171 getUpdatableUserBadgedLabelId(userId), 6172 () -> getDefaultUserBadgedLabel(label, userId), 6173 /* formatArgs= */ label); 6174 } 6175 getUpdatableUserBadgedLabelId(int userId)6176 private String getUpdatableUserBadgedLabelId(int userId) { 6177 return isManagedProfile(userId) ? WORK_PROFILE_BADGED_LABEL : UNDEFINED; 6178 } 6179 getDefaultUserBadgedLabel(CharSequence label, int userId)6180 private String getDefaultUserBadgedLabel(CharSequence label, int userId) { 6181 try { 6182 final int resourceId = mService.getUserBadgeLabelResId(userId); 6183 return Resources.getSystem().getString(resourceId, label); 6184 } catch (RemoteException re) { 6185 throw re.rethrowFromSystemServer(); 6186 } 6187 } 6188 6189 /** 6190 * Returns the string/label that should be used to represent the context user. For example, 6191 * this string can represent a profile in tabbed views. This is only applicable to 6192 * {@link #isProfile() profile users}. This string is translated to the device default language. 6193 * 6194 * @return String representing the label for the context user. 6195 * 6196 * @throws android.content.res.Resources.NotFoundException if the user does not have a label 6197 * defined. 6198 * 6199 * @hide 6200 */ 6201 @SystemApi 6202 @SuppressLint("UnflaggedApi") // b/306636213 6203 @UserHandleAware( 6204 requiresAnyOfPermissionsIfNotCallerProfileGroup = { 6205 Manifest.permission.MANAGE_USERS, 6206 Manifest.permission.QUERY_USERS, 6207 Manifest.permission.INTERACT_ACROSS_USERS}) getProfileLabel()6208 public @NonNull String getProfileLabel() { 6209 if (isManagedProfile(mUserId)) { 6210 DevicePolicyManager dpm = mContext.getSystemService(DevicePolicyManager.class); 6211 return dpm.getResources().getString( 6212 android.app.admin.DevicePolicyResources.Strings.Core.RESOLVER_WORK_TAB, 6213 () -> getDefaultProfileLabel(mUserId)); 6214 } 6215 return getDefaultProfileLabel(mUserId); 6216 } 6217 getDefaultProfileLabel(int userId)6218 private String getDefaultProfileLabel(int userId) { 6219 try { 6220 final int resourceId = mService.getProfileLabelResId(userId); 6221 return Resources.getSystem().getString(resourceId); 6222 } catch (RemoteException re) { 6223 throw re.rethrowFromSystemServer(); 6224 } 6225 } 6226 6227 /** 6228 * Returns the string used to represent the profile associated with the given userId. This 6229 * string typically includes the profile name used by accessibility services like TalkBack. 6230 * 6231 * @return String representing the accessibility label for the given profile user. 6232 * 6233 * @throws android.content.res.Resources.NotFoundException if the user does not have a label 6234 * defined. 6235 * 6236 * @see #getBadgedLabelForUser(CharSequence, UserHandle) 6237 * 6238 * @hide 6239 */ 6240 @UserHandleAware( 6241 requiresAnyOfPermissionsIfNotCallerProfileGroup = { 6242 Manifest.permission.MANAGE_USERS, 6243 Manifest.permission.QUERY_USERS, 6244 Manifest.permission.INTERACT_ACROSS_USERS}) getProfileAccessibilityString(@serIdInt int userId)6245 public String getProfileAccessibilityString(@UserIdInt int userId) { 6246 if (isManagedProfile(mUserId)) { 6247 DevicePolicyManager dpm = mContext.getSystemService(DevicePolicyManager.class); 6248 dpm.getResources().getString( 6249 STATUS_BAR_WORK_ICON_ACCESSIBILITY, 6250 () -> getProfileAccessibilityLabel(userId)); 6251 } 6252 return getProfileAccessibilityLabel(userId); 6253 } 6254 getProfileAccessibilityLabel(@serIdInt int userId)6255 private String getProfileAccessibilityLabel(@UserIdInt int userId) { 6256 try { 6257 final int resourceId = mService.getProfileAccessibilityLabelResId(userId); 6258 return Resources.getSystem().getString(resourceId); 6259 } catch (Resources.NotFoundException nfe) { 6260 Log.e(TAG, "Accessibility label not defined for user " + userId); 6261 throw nfe; 6262 } catch (RemoteException e) { 6263 throw new RuntimeException(e); 6264 } 6265 } 6266 6267 /** 6268 * If the user is a {@link UserManager#isProfile profile}, checks if the user 6269 * shares media with its parent user (the user that created this profile). 6270 * Returns false for any other type of user. 6271 * 6272 * @return true if the user shares media with its parent user, false otherwise. 6273 * 6274 * @deprecated use {@link #getUserProperties(UserHandle)} with 6275 * {@link UserProperties#isMediaSharedWithParent()} instead. 6276 * @hide 6277 */ 6278 @SystemApi 6279 @Deprecated 6280 @UserHandleAware( 6281 requiresAnyOfPermissionsIfNotCallerProfileGroup = { 6282 Manifest.permission.MANAGE_USERS, 6283 Manifest.permission.QUERY_USERS, 6284 Manifest.permission.INTERACT_ACROSS_USERS}) 6285 @SuppressAutoDoc isMediaSharedWithParent()6286 public boolean isMediaSharedWithParent() { 6287 try { 6288 return getUserProperties(UserHandle.of(mUserId)).isMediaSharedWithParent(); 6289 } catch (IllegalArgumentException e) { 6290 // If the user doesn't exist, return false (for historical reasons) 6291 return false; 6292 } 6293 } 6294 6295 /** 6296 * Returns whether the user can have shared lockscreen credential with its parent user. 6297 * 6298 * This API only works for {@link UserManager#isProfile() profiles} 6299 * and will always return false for any other user type. 6300 * 6301 * @deprecated use {@link #getUserProperties(UserHandle)} with 6302 * {@link UserProperties#isCredentialShareableWithParent()} instead. 6303 * @hide 6304 */ 6305 @SystemApi 6306 @Deprecated 6307 @UserHandleAware( 6308 requiresAnyOfPermissionsIfNotCallerProfileGroup = { 6309 Manifest.permission.MANAGE_USERS, 6310 Manifest.permission.QUERY_USERS, 6311 Manifest.permission.INTERACT_ACROSS_USERS}) 6312 @SuppressAutoDoc isCredentialSharableWithParent()6313 public boolean isCredentialSharableWithParent() { 6314 try { 6315 return getUserProperties(UserHandle.of(mUserId)).isCredentialShareableWithParent(); 6316 } catch (IllegalArgumentException e) { 6317 // If the user doesn't exist, return false (for historical reasons) 6318 return false; 6319 } 6320 } 6321 6322 /** 6323 * Removes a user and its profiles along with their associated data. 6324 * @param userId the integer handle of the user. 6325 * @hide 6326 */ 6327 @UnsupportedAppUsage 6328 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 6329 Manifest.permission.CREATE_USERS}) removeUser(@serIdInt int userId)6330 public boolean removeUser(@UserIdInt int userId) { 6331 try { 6332 return mService.removeUser(userId); 6333 } catch (RemoteException re) { 6334 throw re.rethrowFromSystemServer(); 6335 } 6336 } 6337 6338 /** 6339 * Removes a user and its profiles along with their associated data. 6340 * 6341 * @param user the user that needs to be removed. 6342 * @return {@code true} if the user was successfully removed, {@code false} otherwise. 6343 * @throws IllegalArgumentException if {@code user} is {@code null} 6344 * @hide 6345 */ 6346 @SystemApi 6347 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 6348 Manifest.permission.CREATE_USERS}) removeUser(@onNull UserHandle user)6349 public boolean removeUser(@NonNull UserHandle user) { 6350 if (user == null) { 6351 throw new IllegalArgumentException("user cannot be null"); 6352 } 6353 return removeUser(user.getIdentifier()); 6354 } 6355 6356 6357 /** 6358 * Similar to {@link #removeUser(int)} except bypassing the checking of 6359 * {@link UserManager#DISALLOW_REMOVE_USER} 6360 * or {@link UserManager#DISALLOW_REMOVE_MANAGED_PROFILE}. 6361 * 6362 * @see {@link #removeUser(int)} 6363 * @hide 6364 */ 6365 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 6366 Manifest.permission.CREATE_USERS}) removeUserEvenWhenDisallowed(@serIdInt int userId)6367 public boolean removeUserEvenWhenDisallowed(@UserIdInt int userId) { 6368 try { 6369 return mService.removeUserEvenWhenDisallowed(userId); 6370 } catch (RemoteException re) { 6371 throw re.rethrowFromSystemServer(); 6372 } 6373 } 6374 6375 /** 6376 * Immediately removes the user and its profiles or, if the user cannot be removed, such as 6377 * when the user is the current user, then set the user as ephemeral 6378 * so that it will be removed when it is stopped. 6379 * 6380 * @param overrideDevicePolicy when {@code true}, user is removed even if the caller has 6381 * the {@link #DISALLOW_REMOVE_USER} or {@link #DISALLOW_REMOVE_MANAGED_PROFILE} restriction 6382 * 6383 * @return the {@link RemoveResult} code: {@link #REMOVE_RESULT_REMOVED}, 6384 * {@link #REMOVE_RESULT_DEFERRED}, {@link #REMOVE_RESULT_ALREADY_BEING_REMOVED}, 6385 * {@link #REMOVE_RESULT_ERROR_USER_RESTRICTION}, {@link #REMOVE_RESULT_ERROR_USER_NOT_FOUND}, 6386 * {@link #REMOVE_RESULT_ERROR_SYSTEM_USER}, 6387 * {@link #REMOVE_RESULT_ERROR_MAIN_USER_PERMANENT_ADMIN}, or 6388 * {@link #REMOVE_RESULT_ERROR_UNKNOWN}. All error codes have negative values. 6389 * 6390 * @hide 6391 */ 6392 @SystemApi 6393 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 6394 Manifest.permission.CREATE_USERS}) removeUserWhenPossible(@onNull UserHandle user, boolean overrideDevicePolicy)6395 public @RemoveResult int removeUserWhenPossible(@NonNull UserHandle user, 6396 boolean overrideDevicePolicy) { 6397 try { 6398 return mService.removeUserWhenPossible(user.getIdentifier(), overrideDevicePolicy); 6399 } catch (RemoteException re) { 6400 throw re.rethrowFromSystemServer(); 6401 } 6402 } 6403 6404 /** 6405 * Check if {@link #removeUserWhenPossible} returned a success code which means that the user 6406 * has been removed or is slated for removal. 6407 * 6408 * @param result is {@link #RemoveResult} code return by {@link #removeUserWhenPossible}. 6409 * @return {@code true} if it is a success code. 6410 * @hide 6411 */ 6412 @SystemApi isRemoveResultSuccessful(@emoveResult int result)6413 public static boolean isRemoveResultSuccessful(@RemoveResult int result) { 6414 return result >= 0; 6415 } 6416 6417 /** 6418 * Updates the user's name. 6419 * 6420 * @param userId the user's integer id 6421 * @param name the new name for the user 6422 * @hide 6423 */ 6424 @RequiresPermission(android.Manifest.permission.MANAGE_USERS) setUserName(@serIdInt int userId, String name)6425 public void setUserName(@UserIdInt int userId, String name) { 6426 try { 6427 mService.setUserName(userId, name); 6428 } catch (RemoteException re) { 6429 throw re.rethrowFromSystemServer(); 6430 } 6431 } 6432 6433 /** 6434 * Set the user as ephemeral or non-ephemeral. 6435 * 6436 * If the user was initially created as ephemeral then this 6437 * method has no effect and false is returned. 6438 * 6439 * @param userId the user's integer id 6440 * @param enableEphemeral true: change user state to ephemeral, 6441 * false: change user state to non-ephemeral 6442 * @return true: user now has the desired ephemeral state, 6443 * false: desired user ephemeral state could not be set 6444 * 6445 * @hide 6446 */ 6447 @RequiresPermission(anyOf = { 6448 android.Manifest.permission.MANAGE_USERS, 6449 android.Manifest.permission.CREATE_USERS}) setUserEphemeral(@serIdInt int userId, boolean enableEphemeral)6450 public boolean setUserEphemeral(@UserIdInt int userId, boolean enableEphemeral) { 6451 try { 6452 return mService.setUserEphemeral(userId, enableEphemeral); 6453 } catch (RemoteException re) { 6454 throw re.rethrowFromSystemServer(); 6455 } 6456 } 6457 6458 /** 6459 * Updates the context user's name. 6460 * 6461 * @param name the new name for the user 6462 * @hide 6463 */ 6464 @SystemApi 6465 @RequiresPermission(android.Manifest.permission.MANAGE_USERS) 6466 @UserHandleAware setUserName(@ullable String name)6467 public void setUserName(@Nullable String name) { 6468 setUserName(mUserId, name); 6469 } 6470 6471 /** 6472 * Sets the user's photo. 6473 * @param userId the user for whom to change the photo. 6474 * @param icon the bitmap to set as the photo. 6475 * 6476 * @hide 6477 */ 6478 @RequiresPermission(android.Manifest.permission.MANAGE_USERS) setUserIcon(@serIdInt int userId, @NonNull Bitmap icon)6479 public void setUserIcon(@UserIdInt int userId, @NonNull Bitmap icon) { 6480 try { 6481 mService.setUserIcon(userId, icon); 6482 } catch (ServiceSpecificException e) { 6483 return; 6484 } catch (RemoteException re) { 6485 throw re.rethrowFromSystemServer(); 6486 } 6487 } 6488 6489 /** 6490 * Sets the context user's photo. 6491 * 6492 * @param icon the bitmap to set as the photo. 6493 * 6494 * @throws UserOperationException according to the function signature, but may not actually 6495 * throw it in practice. Catch RuntimeException instead. 6496 * 6497 * @hide 6498 */ 6499 @SystemApi 6500 @RequiresPermission(android.Manifest.permission.MANAGE_USERS) 6501 @UserHandleAware setUserIcon(@onNull Bitmap icon)6502 public void setUserIcon(@NonNull Bitmap icon) throws UserOperationException { 6503 setUserIcon(mUserId, icon); 6504 } 6505 6506 /** 6507 * Returns a bitmap of the user's photo 6508 * @param userId the user whose photo we want to read. 6509 * @return a {@link Bitmap} of the user's photo, or null if there's no photo. 6510 * @see com.android.internal.util.UserIcons#getDefaultUserIcon for a default. 6511 * @hide 6512 */ 6513 @UnsupportedAppUsage 6514 @RequiresPermission(anyOf = {android.Manifest.permission.MANAGE_USERS, 6515 android.Manifest.permission.GET_ACCOUNTS_PRIVILEGED}) getUserIcon(@serIdInt int userId)6516 public Bitmap getUserIcon(@UserIdInt int userId) { 6517 try { 6518 ParcelFileDescriptor fd = mService.getUserIcon(userId); 6519 if (fd != null) { 6520 try { 6521 return BitmapFactory.decodeFileDescriptor(fd.getFileDescriptor()); 6522 } finally { 6523 try { 6524 fd.close(); 6525 } catch (IOException e) { 6526 } 6527 } 6528 } 6529 } catch (RemoteException re) { 6530 throw re.rethrowFromSystemServer(); 6531 } 6532 return null; 6533 } 6534 6535 /** 6536 * Returns a Bitmap for the context user's photo. 6537 * 6538 * @return a {@link Bitmap} of the user's photo, or null if there's no photo. 6539 * @see com.android.internal.util.UserIcons#getDefaultUserIcon for a default. 6540 * @hide 6541 */ 6542 @SystemApi 6543 @RequiresPermission(anyOf = {android.Manifest.permission.MANAGE_USERS, 6544 android.Manifest.permission.GET_ACCOUNTS_PRIVILEGED}) 6545 @UserHandleAware getUserIcon()6546 public @Nullable Bitmap getUserIcon() { 6547 return getUserIcon(mUserId); 6548 } 6549 6550 /** 6551 * Returns the maximum number of users that can be created on this device. A return value 6552 * of 1 means that it is a single user device. 6553 * @hide 6554 * @return a value greater than or equal to 1 6555 */ 6556 @UnsupportedAppUsage getMaxSupportedUsers()6557 public static int getMaxSupportedUsers() { 6558 // Don't allow multiple users on certain builds 6559 if (android.os.Build.ID.startsWith("JVP")) return 1; 6560 return Math.max(1, SystemProperties.getInt("fw.max_users", 6561 Resources.getSystem().getInteger(R.integer.config_multiuserMaximumUsers))); 6562 } 6563 6564 /** 6565 * Returns true if the user switcher is enabled (regardless of whether there is anything 6566 * interesting for it to show). 6567 * 6568 * @return true if user switcher is enabled 6569 * @hide 6570 */ 6571 @RequiresPermission(anyOf = { 6572 android.Manifest.permission.MANAGE_USERS, 6573 android.Manifest.permission.CREATE_USERS // And INTERACT_ if diff profile group 6574 }) 6575 @UserHandleAware isUserSwitcherEnabled()6576 public boolean isUserSwitcherEnabled() { 6577 return isUserSwitcherEnabled(true); 6578 } 6579 6580 /** 6581 * Returns true if the user switcher should be shown. 6582 * 6583 * @param showEvenIfNotActionable value to return if the feature is enabled but there is nothing 6584 * actionable for the user to do anyway 6585 * @return true if user switcher should be shown. 6586 * @hide 6587 */ 6588 @RequiresPermission(anyOf = { 6589 android.Manifest.permission.MANAGE_USERS, 6590 android.Manifest.permission.CREATE_USERS // And INTERACT_ if diff profile group 6591 }) 6592 @UserHandleAware isUserSwitcherEnabled(boolean showEvenIfNotActionable)6593 public boolean isUserSwitcherEnabled(boolean showEvenIfNotActionable) { 6594 6595 try { 6596 return mService.isUserSwitcherEnabled(showEvenIfNotActionable, mUserId); 6597 } catch (RemoteException re) { 6598 throw re.rethrowFromSystemServer(); 6599 } 6600 } 6601 6602 /** 6603 * @hide 6604 */ 6605 @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553) isDeviceInDemoMode(Context context)6606 public static boolean isDeviceInDemoMode(Context context) { 6607 return Settings.Global.getInt(context.getContentResolver(), 6608 Settings.Global.DEVICE_DEMO_MODE, 0) > 0; 6609 } 6610 6611 6612 /** 6613 * This method is used to invalidate caches, when user was added or removed. 6614 * @hide 6615 */ invalidateCacheOnUserListChange()6616 public static final void invalidateCacheOnUserListChange() { 6617 UserManagerCache.invalidateUserSerialNumber(); 6618 if (android.multiuser.Flags.cacheProfileParentReadOnly()) { 6619 UserManagerCache.invalidateProfileParent(); 6620 } 6621 invalidateEnabledProfileIds(); 6622 invalidateUserRestriction(); 6623 } 6624 6625 /** 6626 * Invalidate caches when related to specific user info flags change. 6627 * 6628 * @param flag a combination of FLAG_ constants, from the list in 6629 * {@link UserInfo#UserInfoFlag}, whose value has changed and the associated 6630 * invalidations must therefore be performed. 6631 * @hide 6632 */ invalidateOnUserInfoFlagChange(@serInfoFlag int flags)6633 public static final void invalidateOnUserInfoFlagChange(@UserInfoFlag int flags) { 6634 if ((flags & UserInfo.FLAG_DISABLED) > 0) { 6635 invalidateEnabledProfileIds(); 6636 } 6637 } 6638 6639 /** 6640 * This method is used to invalidate caches, when UserManagerService.mUsers 6641 * {@link UserManagerService.UserData} is modified, including changes to {@link UserInfo}. 6642 * In practice we determine modification by when that data is persisted, or scheduled to be 6643 * presisted, to xml. 6644 * @hide 6645 */ invalidateCacheOnUserDataChanged()6646 public static final void invalidateCacheOnUserDataChanged() { 6647 if (android.multiuser.Flags.cacheProfilesReadOnly() 6648 || android.multiuser.Flags.cacheUserInfoReadOnly()) { 6649 // TODO(b/383175685): Rename the invalidation call to make it clearer that it 6650 // invalidates the caches for both getProfiles and getUserInfo (since they both use the 6651 // same user_manager_user_data CachedProperty.api). 6652 UserManagerCache.invalidateProfiles(); 6653 } 6654 } 6655 6656 /** 6657 * Returns a serial number on this device for a given userId. User handles can be recycled 6658 * when deleting and creating users, but serial numbers are not reused until the device is 6659 * wiped. 6660 * @param userId 6661 * @return a serial number associated with that user, or -1 if the userId is not valid. 6662 * @hide 6663 */ 6664 @UnsupportedAppUsage 6665 @CachedProperty(mods = {}, api = "user_manager_users") getUserSerialNumber(@serIdInt int userId)6666 public int getUserSerialNumber(@UserIdInt int userId) { 6667 // Read only flag should is to fix early access to this API 6668 // cacheUserSerialNumber to be removed after the 6669 // cacheUserSerialNumberReadOnly is fully rolled out 6670 if (android.multiuser.Flags.cacheUserSerialNumberReadOnly() 6671 || android.multiuser.Flags.cacheUserSerialNumber()) { 6672 // System user serial number is always 0, and it always exists. 6673 // There is no need to call binder for that. 6674 if (userId == UserHandle.USER_SYSTEM) { 6675 return UserHandle.USER_SERIAL_SYSTEM; 6676 } 6677 return ((UserManagerCache) mIpcDataCache).getUserSerialNumber( 6678 mService::getUserSerialNumber, userId); 6679 } 6680 try { 6681 return mService.getUserSerialNumber(userId); 6682 } catch (RemoteException re) { 6683 throw re.rethrowFromSystemServer(); 6684 } 6685 } 6686 6687 /** 6688 * Returns a userId on this device for a given user serial number. User handles can be 6689 * recycled when deleting and creating users, but serial numbers are not reused until the device 6690 * is wiped. 6691 * @param userSerialNumber 6692 * @return the userId associated with that user serial number, or -1 if the serial number 6693 * is not valid. 6694 * @hide 6695 */ 6696 @UnsupportedAppUsage getUserHandle(int userSerialNumber)6697 public @UserIdInt int getUserHandle(int userSerialNumber) { 6698 try { 6699 return mService.getUserHandle(userSerialNumber); 6700 } catch (RemoteException re) { 6701 throw re.rethrowFromSystemServer(); 6702 } 6703 } 6704 6705 /** 6706 * Returns a {@link Bundle} containing any saved application restrictions for the context user, 6707 * for the given package name. Only an application with this package name can call this method. 6708 * 6709 * <p>The returned {@link Bundle} consists of key-value pairs, as defined by the application, 6710 * where the types of values may be: 6711 * <ul> 6712 * <li>{@code boolean} 6713 * <li>{@code int} 6714 * <li>{@code String} or {@code String[]} 6715 * <li>From {@link android.os.Build.VERSION_CODES#M}, {@code Bundle} or {@code Bundle[]} 6716 * </ul> 6717 * 6718 * <p>NOTE: The method performs disk I/O and shouldn't be called on the main thread 6719 * 6720 * @param packageName the package name of the calling application 6721 * @return a {@link Bundle} with the restrictions for that package, or an empty {@link Bundle} 6722 * if there are no saved restrictions. 6723 * 6724 * @see #KEY_RESTRICTIONS_PENDING 6725 * 6726 * <p>Starting from Android version {@link android.os.Build.VERSION_CODES#UPSIDE_DOWN_CAKE}, 6727 * it is possible for there to be multiple managing apps on the device with the ability to set 6728 * restrictions, e.g. an Enterprise Device Policy Controller (DPC) and a Supervision admin. 6729 * This API will only to return the restrictions set by the DPCs. To retrieve restrictions 6730 * set by all managing apps, use 6731 * {@link android.content.RestrictionsManager#getApplicationRestrictionsPerAdmin} instead. 6732 * 6733 * @see DevicePolicyManager 6734 */ 6735 @WorkerThread 6736 @UserHandleAware(enabledSinceTargetSdkVersion = Build.VERSION_CODES.TIRAMISU) getApplicationRestrictions(String packageName)6737 public Bundle getApplicationRestrictions(String packageName) { 6738 try { 6739 return mService.getApplicationRestrictionsForUser(packageName, 6740 getContextUserIfAppropriate()); 6741 } catch (RemoteException re) { 6742 throw re.rethrowFromSystemServer(); 6743 } 6744 } 6745 6746 /** 6747 * <p>Starting from Android version {@link android.os.Build.VERSION_CODES#UPSIDE_DOWN_CAKE}, 6748 * it is possible for there to be multiple managing apps on the device with the ability to set 6749 * restrictions, e.g. an Enterprise Device Policy Controller (DPC) and a Supervision admin. 6750 * This API will only to return the restrictions set by the DPCs. To retrieve restrictions 6751 * set by all managing apps, use 6752 * {@link android.content.RestrictionsManager#getApplicationRestrictionsPerAdmin} instead. 6753 * 6754 * @hide 6755 */ 6756 @WorkerThread getApplicationRestrictions(String packageName, UserHandle user)6757 public Bundle getApplicationRestrictions(String packageName, UserHandle user) { 6758 try { 6759 return mService.getApplicationRestrictionsForUser(packageName, user.getIdentifier()); 6760 } catch (RemoteException re) { 6761 throw re.rethrowFromSystemServer(); 6762 } 6763 } 6764 6765 /** 6766 * @hide 6767 */ 6768 @WorkerThread setApplicationRestrictions(String packageName, Bundle restrictions, UserHandle user)6769 public void setApplicationRestrictions(String packageName, Bundle restrictions, 6770 UserHandle user) { 6771 try { 6772 mService.setApplicationRestrictions(packageName, restrictions, user.getIdentifier()); 6773 } catch (RemoteException re) { 6774 throw re.rethrowFromSystemServer(); 6775 } 6776 } 6777 6778 /** 6779 * Sets a new challenge PIN for restrictions. This is only for use by pre-installed 6780 * apps and requires the MANAGE_USERS permission. 6781 * @param newPin the PIN to use for challenge dialogs. 6782 * @return Returns true if the challenge PIN was set successfully. 6783 * @deprecated The restrictions PIN functionality is no longer provided by the system. 6784 * This method is preserved for backwards compatibility reasons and always returns false. 6785 */ 6786 @Deprecated setRestrictionsChallenge(String newPin)6787 public boolean setRestrictionsChallenge(String newPin) { 6788 return false; 6789 } 6790 6791 /** 6792 * @hide 6793 * Set restrictions that should apply to any future guest user that's created. 6794 */ 6795 @RequiresPermission(android.Manifest.permission.MANAGE_USERS) setDefaultGuestRestrictions(Bundle restrictions)6796 public void setDefaultGuestRestrictions(Bundle restrictions) { 6797 try { 6798 mService.setDefaultGuestRestrictions(restrictions); 6799 } catch (RemoteException re) { 6800 throw re.rethrowFromSystemServer(); 6801 } 6802 } 6803 6804 /** 6805 * @hide 6806 * Gets the default guest restrictions. 6807 */ 6808 @RequiresPermission(android.Manifest.permission.MANAGE_USERS) getDefaultGuestRestrictions()6809 public Bundle getDefaultGuestRestrictions() { 6810 try { 6811 return mService.getDefaultGuestRestrictions(); 6812 } catch (RemoteException re) { 6813 throw re.rethrowFromSystemServer(); 6814 } 6815 } 6816 6817 /** 6818 * Returns creation time of the given user. The given user must be the calling user or 6819 * a profile associated with it. 6820 * @param userHandle user handle of the calling user or a profile associated with the 6821 * calling user. 6822 * @return creation time in milliseconds since Epoch time. 6823 */ getUserCreationTime(UserHandle userHandle)6824 public long getUserCreationTime(UserHandle userHandle) { 6825 try { 6826 return mService.getUserCreationTime(userHandle.getIdentifier()); 6827 } catch (RemoteException re) { 6828 throw re.rethrowFromSystemServer(); 6829 } 6830 } 6831 6832 /** 6833 * Checks if any uninitialized user has the specific seed account name and type. 6834 * 6835 * @param accountName The account name to check for 6836 * @param accountType The account type of the account to check for 6837 * @return whether the seed account was found 6838 * @hide 6839 */ 6840 @RequiresPermission(android.Manifest.permission.MANAGE_USERS) someUserHasSeedAccount(String accountName, String accountType)6841 public boolean someUserHasSeedAccount(String accountName, String accountType) { 6842 try { 6843 return mService.someUserHasSeedAccount(accountName, accountType); 6844 } catch (RemoteException re) { 6845 throw re.rethrowFromSystemServer(); 6846 } 6847 } 6848 6849 /** 6850 * Checks if any initialized or uninitialized user has the specific account name and type. 6851 * 6852 * @param accountName The account name to check for 6853 * @param accountType The account type of the account to check for 6854 * @return whether the account was found 6855 * @hide 6856 */ 6857 @SystemApi 6858 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 6859 Manifest.permission.CREATE_USERS}) someUserHasAccount( @onNull String accountName, @NonNull String accountType)6860 public boolean someUserHasAccount( 6861 @NonNull String accountName, @NonNull String accountType) { 6862 Objects.requireNonNull(accountName, "accountName must not be null"); 6863 Objects.requireNonNull(accountType, "accountType must not be null"); 6864 6865 try { 6866 return mService.someUserHasAccount(accountName, accountType); 6867 } catch (RemoteException re) { 6868 throw re.rethrowFromSystemServer(); 6869 } 6870 } 6871 6872 /** 6873 * Sets the user who should be in the foreground when boot completes. This should be called 6874 * during boot, and the provided user must be a full user (i.e. not a profile). 6875 * 6876 * @hide 6877 */ 6878 @SystemApi 6879 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 6880 Manifest.permission.CREATE_USERS}) setBootUser(@onNull UserHandle bootUser)6881 public void setBootUser(@NonNull UserHandle bootUser) { 6882 try { 6883 mService.setBootUser(bootUser.getIdentifier()); 6884 } catch (RemoteException re) { 6885 throw re.rethrowFromSystemServer(); 6886 } 6887 } 6888 6889 /** 6890 * Returns the user who should be in the foreground when boot completes. 6891 * 6892 * @hide 6893 */ 6894 @TestApi 6895 @RequiresPermission(anyOf = {Manifest.permission.MANAGE_USERS, 6896 Manifest.permission.CREATE_USERS}) 6897 @SuppressWarnings("[AndroidFrameworkContextUserId]") getBootUser()6898 public @NonNull UserHandle getBootUser() { 6899 try { 6900 return UserHandle.of(mService.getBootUser()); 6901 } catch (RemoteException re) { 6902 throw re.rethrowFromSystemServer(); 6903 } 6904 } 6905 6906 /* Cache key for anything that assumes that userIds cannot be re-used without rebooting. */ 6907 private static final String CACHE_KEY_STATIC_USER_PROPERTIES = 6908 PropertyInvalidatedCache.createPropertyName( 6909 PropertyInvalidatedCache.MODULE_SYSTEM, "static_user_props"); 6910 6911 private final PropertyInvalidatedCache<Integer, String> mProfileTypeCache = 6912 new PropertyInvalidatedCache<Integer, String>(32, CACHE_KEY_STATIC_USER_PROPERTIES) { 6913 @Override 6914 public String recompute(Integer query) { 6915 try { 6916 // Will be null (and not cached) if invalid user; otherwise cache the type. 6917 String profileType = mService.getProfileType(query); 6918 if (profileType != null) profileType = profileType.intern(); 6919 return profileType; 6920 } catch (RemoteException re) { 6921 throw re.rethrowFromSystemServer(); 6922 } 6923 } 6924 @Override 6925 public boolean bypass(Integer query) { 6926 return query < 0; 6927 } 6928 }; 6929 6930 /** @hide */ invalidateStaticUserProperties()6931 public static final void invalidateStaticUserProperties() { 6932 PropertyInvalidatedCache.invalidateCache(CACHE_KEY_STATIC_USER_PROPERTIES); 6933 } 6934 6935 /** 6936 * @hide 6937 * User that enforces a restriction. 6938 * 6939 * @see #getUserRestrictionSources(String, UserHandle) 6940 */ 6941 @SystemApi 6942 public static final class EnforcingUser implements Parcelable { 6943 private final @CanBeALL @CanBeNULL @UserIdInt int userId; 6944 private final @UserRestrictionSource int userRestrictionSource; 6945 6946 /** 6947 * @hide 6948 */ EnforcingUser( @serIdInt int userId, @UserRestrictionSource int userRestrictionSource)6949 public EnforcingUser( 6950 @UserIdInt int userId, @UserRestrictionSource int userRestrictionSource) { 6951 this.userId = userId; 6952 this.userRestrictionSource = userRestrictionSource; 6953 } 6954 EnforcingUser(Parcel in)6955 private EnforcingUser(Parcel in) { 6956 userId = in.readInt(); 6957 userRestrictionSource = in.readInt(); 6958 } 6959 6960 public static final @android.annotation.NonNull Creator<EnforcingUser> CREATOR = new Creator<EnforcingUser>() { 6961 @Override 6962 public EnforcingUser createFromParcel(Parcel in) { 6963 return new EnforcingUser(in); 6964 } 6965 6966 @Override 6967 public EnforcingUser[] newArray(int size) { 6968 return new EnforcingUser[size]; 6969 } 6970 }; 6971 6972 @Override describeContents()6973 public int describeContents() { 6974 return 0; 6975 } 6976 6977 @Override writeToParcel(Parcel dest, int flags)6978 public void writeToParcel(Parcel dest, int flags) { 6979 dest.writeInt(userId); 6980 dest.writeInt(userRestrictionSource); 6981 } 6982 6983 /** 6984 * Returns an id of the enforcing user. 6985 * 6986 * <p> Will be UserHandle.USER_NULL when restriction is set by the system. 6987 */ getUserHandle()6988 public @CanBeALL @CanBeNULL UserHandle getUserHandle() { 6989 return UserHandle.of(userId); 6990 } 6991 6992 /** 6993 * Returns the status of the enforcing user. 6994 * 6995 * <p> One of {@link #RESTRICTION_SOURCE_SYSTEM}, 6996 * {@link #RESTRICTION_SOURCE_DEVICE_OWNER} and 6997 * {@link #RESTRICTION_SOURCE_PROFILE_OWNER} 6998 */ getUserRestrictionSource()6999 public @UserRestrictionSource int getUserRestrictionSource() { 7000 return userRestrictionSource; 7001 } 7002 } 7003 } 7004