1 /* 2 * Copyright (C) 2012 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 package android.os; 17 18 import android.app.ActivityManagerNative; 19 import android.content.Context; 20 import android.content.RestrictionEntry; 21 import android.content.pm.UserInfo; 22 import android.content.res.Resources; 23 import android.graphics.Bitmap; 24 import android.util.Log; 25 26 import com.android.internal.R; 27 28 import java.util.List; 29 30 /** 31 * Manages users and user details on a multi-user system. 32 */ 33 public class UserManager { 34 35 private static String TAG = "UserManager"; 36 private final IUserManager mService; 37 private final Context mContext; 38 39 /** 40 * Key for user restrictions. Specifies if a user is disallowed from adding and removing 41 * accounts. 42 * The default value is <code>false</code>. 43 * <p/> 44 * Type: Boolean 45 * @see #setUserRestrictions(Bundle) 46 * @see #getUserRestrictions() 47 */ 48 public static final String DISALLOW_MODIFY_ACCOUNTS = "no_modify_accounts"; 49 50 /** 51 * Key for user restrictions. Specifies if a user is disallowed from changing Wi-Fi 52 * access points. 53 * The default value is <code>false</code>. 54 * <p/> 55 * Type: Boolean 56 * @see #setUserRestrictions(Bundle) 57 * @see #getUserRestrictions() 58 */ 59 public static final String DISALLOW_CONFIG_WIFI = "no_config_wifi"; 60 61 /** 62 * Key for user restrictions. Specifies if a user is disallowed from installing applications. 63 * The default value is <code>false</code>. 64 * <p/> 65 * Type: Boolean 66 * @see #setUserRestrictions(Bundle) 67 * @see #getUserRestrictions() 68 */ 69 public static final String DISALLOW_INSTALL_APPS = "no_install_apps"; 70 71 /** 72 * Key for user restrictions. Specifies if a user is disallowed from uninstalling applications. 73 * The default value is <code>false</code>. 74 * <p/> 75 * Type: Boolean 76 * @see #setUserRestrictions(Bundle) 77 * @see #getUserRestrictions() 78 */ 79 public static final String DISALLOW_UNINSTALL_APPS = "no_uninstall_apps"; 80 81 /** 82 * Key for user restrictions. Specifies if a user is disallowed from toggling location sharing. 83 * The default value is <code>false</code>. 84 * <p/> 85 * Type: Boolean 86 * @see #setUserRestrictions(Bundle) 87 * @see #getUserRestrictions() 88 */ 89 90 public static final String DISALLOW_SHARE_LOCATION = "no_share_location"; 91 92 /** 93 * Key for user restrictions. Specifies if a user is disallowed from enabling the 94 * "Unknown Sources" setting, that allows installation of apps from unknown sources. 95 * The default value is <code>false</code>. 96 * <p/> 97 * Type: Boolean 98 * @see #setUserRestrictions(Bundle) 99 * @see #getUserRestrictions() 100 */ 101 public static final String DISALLOW_INSTALL_UNKNOWN_SOURCES = "no_install_unknown_sources"; 102 103 /** 104 * Key for user restrictions. Specifies if a user is disallowed from configuring bluetooth. 105 * The default value is <code>false</code>. 106 * <p/> 107 * Type: Boolean 108 * @see #setUserRestrictions(Bundle) 109 * @see #getUserRestrictions() 110 */ 111 public static final String DISALLOW_CONFIG_BLUETOOTH = "no_config_bluetooth"; 112 113 /** 114 * Key for user restrictions. Specifies if a user is disallowed from transferring files over 115 * USB. The default value is <code>false</code>. 116 * <p/> 117 * Type: Boolean 118 * @see #setUserRestrictions(Bundle) 119 * @see #getUserRestrictions() 120 */ 121 public static final String DISALLOW_USB_FILE_TRANSFER = "no_usb_file_transfer"; 122 123 /** 124 * Key for user restrictions. Specifies if a user is disallowed from configuring user 125 * credentials. The default value is <code>false</code>. 126 * <p/> 127 * Type: Boolean 128 * @see #setUserRestrictions(Bundle) 129 * @see #getUserRestrictions() 130 */ 131 public static final String DISALLOW_CONFIG_CREDENTIALS = "no_config_credentials"; 132 133 /** 134 * Key for user restrictions. Specifies if a user is disallowed from removing users. 135 * The default value is <code>false</code>. 136 * <p/> 137 * Type: Boolean 138 * @see #setUserRestrictions(Bundle) 139 * @see #getUserRestrictions() 140 */ 141 public static final String DISALLOW_REMOVE_USER = "no_remove_user"; 142 143 private static UserManager sInstance = null; 144 145 /** @hide */ get(Context context)146 public synchronized static UserManager get(Context context) { 147 if (sInstance == null) { 148 sInstance = (UserManager) context.getSystemService(Context.USER_SERVICE); 149 } 150 return sInstance; 151 } 152 153 /** @hide */ UserManager(Context context, IUserManager service)154 public UserManager(Context context, IUserManager service) { 155 mService = service; 156 mContext = context; 157 } 158 159 /** 160 * Returns whether the system supports multiple users. 161 * @return true if multiple users can be created, false if it is a single user device. 162 * @hide 163 */ supportsMultipleUsers()164 public static boolean supportsMultipleUsers() { 165 return getMaxSupportedUsers() > 1; 166 } 167 168 /** 169 * Returns the user handle for the user that this application is running for. 170 * @return the user handle of the user making this call. 171 * @hide 172 */ getUserHandle()173 public int getUserHandle() { 174 return UserHandle.myUserId(); 175 } 176 177 /** 178 * Returns the user name of the user making this call. This call is only 179 * available to applications on the system image; it requires the 180 * MANAGE_USERS permission. 181 * @return the user name 182 */ getUserName()183 public String getUserName() { 184 try { 185 return mService.getUserInfo(getUserHandle()).name; 186 } catch (RemoteException re) { 187 Log.w(TAG, "Could not get user name", re); 188 return ""; 189 } 190 } 191 192 /** 193 * Used to determine whether the user making this call is subject to 194 * teleportations. 195 * @return whether the user making this call is a goat 196 */ isUserAGoat()197 public boolean isUserAGoat() { 198 return false; 199 } 200 201 /** 202 * Used to check if the user making this call is linked to another user. Linked users may have 203 * a reduced number of available apps, app restrictions and account restrictions. 204 * @return whether the user making this call is a linked user 205 * @hide 206 */ isLinkedUser()207 public boolean isLinkedUser() { 208 try { 209 return mService.isRestricted(); 210 } catch (RemoteException re) { 211 Log.w(TAG, "Could not check if user is limited ", re); 212 return false; 213 } 214 } 215 216 /** 217 * Return whether the given user is actively running. This means that 218 * the user is in the "started" state, not "stopped" -- it is currently 219 * allowed to run code through scheduled alarms, receiving broadcasts, 220 * etc. A started user may be either the current foreground user or a 221 * background user; the result here does not distinguish between the two. 222 * @param user The user to retrieve the running state for. 223 */ isUserRunning(UserHandle user)224 public boolean isUserRunning(UserHandle user) { 225 try { 226 return ActivityManagerNative.getDefault().isUserRunning( 227 user.getIdentifier(), false); 228 } catch (RemoteException e) { 229 return false; 230 } 231 } 232 233 /** 234 * Return whether the given user is actively running <em>or</em> stopping. 235 * This is like {@link #isUserRunning(UserHandle)}, but will also return 236 * true if the user had been running but is in the process of being stopped 237 * (but is not yet fully stopped, and still running some code). 238 * @param user The user to retrieve the running state for. 239 */ isUserRunningOrStopping(UserHandle user)240 public boolean isUserRunningOrStopping(UserHandle user) { 241 try { 242 return ActivityManagerNative.getDefault().isUserRunning( 243 user.getIdentifier(), true); 244 } catch (RemoteException e) { 245 return false; 246 } 247 } 248 249 /** 250 * Returns the UserInfo object describing a specific user. 251 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 252 * @param userHandle the user handle of the user whose information is being requested. 253 * @return the UserInfo object for a specific user. 254 * @hide 255 */ getUserInfo(int userHandle)256 public UserInfo getUserInfo(int userHandle) { 257 try { 258 return mService.getUserInfo(userHandle); 259 } catch (RemoteException re) { 260 Log.w(TAG, "Could not get user info", re); 261 return null; 262 } 263 } 264 265 /** 266 * Returns the user-wide restrictions imposed on this user. 267 * @return a Bundle containing all the restrictions. 268 */ getUserRestrictions()269 public Bundle getUserRestrictions() { 270 return getUserRestrictions(Process.myUserHandle()); 271 } 272 273 /** 274 * Returns the user-wide restrictions imposed on the user specified by <code>userHandle</code>. 275 * @param userHandle the UserHandle of the user for whom to retrieve the restrictions. 276 * @return a Bundle containing all the restrictions. 277 */ getUserRestrictions(UserHandle userHandle)278 public Bundle getUserRestrictions(UserHandle userHandle) { 279 try { 280 return mService.getUserRestrictions(userHandle.getIdentifier()); 281 } catch (RemoteException re) { 282 Log.w(TAG, "Could not get user restrictions", re); 283 return Bundle.EMPTY; 284 } 285 } 286 287 /** 288 * Sets all the user-wide restrictions for this user. 289 * Requires the MANAGE_USERS permission. 290 * @param restrictions the Bundle containing all the restrictions. 291 */ setUserRestrictions(Bundle restrictions)292 public void setUserRestrictions(Bundle restrictions) { 293 setUserRestrictions(restrictions, Process.myUserHandle()); 294 } 295 296 /** 297 * Sets all the user-wide restrictions for the specified user. 298 * Requires the MANAGE_USERS permission. 299 * @param restrictions the Bundle containing all the restrictions. 300 * @param userHandle the UserHandle of the user for whom to set the restrictions. 301 */ setUserRestrictions(Bundle restrictions, UserHandle userHandle)302 public void setUserRestrictions(Bundle restrictions, UserHandle userHandle) { 303 try { 304 mService.setUserRestrictions(restrictions, userHandle.getIdentifier()); 305 } catch (RemoteException re) { 306 Log.w(TAG, "Could not set user restrictions", re); 307 } 308 } 309 310 /** 311 * Sets the value of a specific restriction. 312 * Requires the MANAGE_USERS permission. 313 * @param key the key of the restriction 314 * @param value the value for the restriction 315 */ setUserRestriction(String key, boolean value)316 public void setUserRestriction(String key, boolean value) { 317 Bundle bundle = getUserRestrictions(); 318 bundle.putBoolean(key, value); 319 setUserRestrictions(bundle); 320 } 321 322 /** 323 * @hide 324 * Sets the value of a specific restriction on a specific user. 325 * Requires the {@link android.Manifest.permission#MANAGE_USERS} permission. 326 * @param key the key of the restriction 327 * @param value the value for the restriction 328 * @param userHandle the user whose restriction is to be changed. 329 */ setUserRestriction(String key, boolean value, UserHandle userHandle)330 public void setUserRestriction(String key, boolean value, UserHandle userHandle) { 331 Bundle bundle = getUserRestrictions(userHandle); 332 bundle.putBoolean(key, value); 333 setUserRestrictions(bundle, userHandle); 334 } 335 336 /** 337 * @hide 338 * Returns whether the current user has been disallowed from performing certain actions 339 * or setting certain settings. 340 * @param restrictionKey the string key representing the restriction 341 */ hasUserRestriction(String restrictionKey)342 public boolean hasUserRestriction(String restrictionKey) { 343 return getUserRestrictions().getBoolean(restrictionKey, false); 344 } 345 346 /** 347 * Return the serial number for a user. This is a device-unique 348 * number assigned to that user; if the user is deleted and then a new 349 * user created, the new users will not be given the same serial number. 350 * @param user The user whose serial number is to be retrieved. 351 * @return The serial number of the given user; returns -1 if the 352 * given UserHandle does not exist. 353 * @see #getUserForSerialNumber(long) 354 */ getSerialNumberForUser(UserHandle user)355 public long getSerialNumberForUser(UserHandle user) { 356 return getUserSerialNumber(user.getIdentifier()); 357 } 358 359 /** 360 * Return the user associated with a serial number previously 361 * returned by {@link #getSerialNumberForUser(UserHandle)}. 362 * @param serialNumber The serial number of the user that is being 363 * retrieved. 364 * @return Return the user associated with the serial number, or null 365 * if there is not one. 366 * @see #getSerialNumberForUser(UserHandle) 367 */ getUserForSerialNumber(long serialNumber)368 public UserHandle getUserForSerialNumber(long serialNumber) { 369 int ident = getUserHandle((int)serialNumber); 370 return ident >= 0 ? new UserHandle(ident) : null; 371 } 372 373 /** 374 * Creates a user with the specified name and options. 375 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 376 * 377 * @param name the user's name 378 * @param flags flags that identify the type of user and other properties. 379 * @see UserInfo 380 * 381 * @return the UserInfo object for the created user, or null if the user could not be created. 382 * @hide 383 */ createUser(String name, int flags)384 public UserInfo createUser(String name, int flags) { 385 try { 386 return mService.createUser(name, flags); 387 } catch (RemoteException re) { 388 Log.w(TAG, "Could not create a user", re); 389 return null; 390 } 391 } 392 393 /** 394 * Return the number of users currently created on the device. 395 */ getUserCount()396 public int getUserCount() { 397 List<UserInfo> users = getUsers(); 398 return users != null ? users.size() : 1; 399 } 400 401 /** 402 * Returns information for all users on this device. 403 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 404 * @return the list of users that were created. 405 * @hide 406 */ getUsers()407 public List<UserInfo> getUsers() { 408 try { 409 return mService.getUsers(false); 410 } catch (RemoteException re) { 411 Log.w(TAG, "Could not get user list", re); 412 return null; 413 } 414 } 415 416 /** 417 * Returns information for all users on this device. 418 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 419 * @param excludeDying specify if the list should exclude users being removed. 420 * @return the list of users that were created. 421 * @hide 422 */ getUsers(boolean excludeDying)423 public List<UserInfo> getUsers(boolean excludeDying) { 424 try { 425 return mService.getUsers(excludeDying); 426 } catch (RemoteException re) { 427 Log.w(TAG, "Could not get user list", re); 428 return null; 429 } 430 } 431 432 /** 433 * Removes a user and all associated data. 434 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 435 * @param userHandle the integer handle of the user, where 0 is the primary user. 436 * @hide 437 */ removeUser(int userHandle)438 public boolean removeUser(int userHandle) { 439 try { 440 return mService.removeUser(userHandle); 441 } catch (RemoteException re) { 442 Log.w(TAG, "Could not remove user ", re); 443 return false; 444 } 445 } 446 447 /** 448 * Updates the user's name. 449 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 450 * 451 * @param userHandle the user's integer handle 452 * @param name the new name for the user 453 * @hide 454 */ setUserName(int userHandle, String name)455 public void setUserName(int userHandle, String name) { 456 try { 457 mService.setUserName(userHandle, name); 458 } catch (RemoteException re) { 459 Log.w(TAG, "Could not set the user name ", re); 460 } 461 } 462 463 /** 464 * Sets the user's photo. 465 * @param userHandle the user for whom to change the photo. 466 * @param icon the bitmap to set as the photo. 467 * @hide 468 */ setUserIcon(int userHandle, Bitmap icon)469 public void setUserIcon(int userHandle, Bitmap icon) { 470 try { 471 mService.setUserIcon(userHandle, icon); 472 } catch (RemoteException re) { 473 Log.w(TAG, "Could not set the user icon ", re); 474 } 475 } 476 477 /** 478 * Returns a file descriptor for the user's photo. PNG data can be read from this file. 479 * @param userHandle the user whose photo we want to read. 480 * @return a {@link Bitmap} of the user's photo, or null if there's no photo. 481 * @hide 482 */ getUserIcon(int userHandle)483 public Bitmap getUserIcon(int userHandle) { 484 try { 485 return mService.getUserIcon(userHandle); 486 } catch (RemoteException re) { 487 Log.w(TAG, "Could not get the user icon ", re); 488 return null; 489 } 490 } 491 492 /** 493 * Enable or disable the use of a guest account. If disabled, the existing guest account 494 * will be wiped. 495 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 496 * @param enable whether to enable a guest account. 497 * @hide 498 */ setGuestEnabled(boolean enable)499 public void setGuestEnabled(boolean enable) { 500 try { 501 mService.setGuestEnabled(enable); 502 } catch (RemoteException re) { 503 Log.w(TAG, "Could not change guest account availability to " + enable); 504 } 505 } 506 507 /** 508 * Checks if a guest user is enabled for this device. 509 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 510 * @return whether a guest user is enabled 511 * @hide 512 */ isGuestEnabled()513 public boolean isGuestEnabled() { 514 try { 515 return mService.isGuestEnabled(); 516 } catch (RemoteException re) { 517 Log.w(TAG, "Could not retrieve guest enabled state"); 518 return false; 519 } 520 } 521 522 /** 523 * Wipes all the data for a user, but doesn't remove the user. 524 * Requires {@link android.Manifest.permission#MANAGE_USERS} permission. 525 * @param userHandle 526 * @hide 527 */ wipeUser(int userHandle)528 public void wipeUser(int userHandle) { 529 try { 530 mService.wipeUser(userHandle); 531 } catch (RemoteException re) { 532 Log.w(TAG, "Could not wipe user " + userHandle); 533 } 534 } 535 536 /** 537 * Returns the maximum number of users that can be created on this device. A return value 538 * of 1 means that it is a single user device. 539 * @hide 540 * @return a value greater than or equal to 1 541 */ getMaxSupportedUsers()542 public static int getMaxSupportedUsers() { 543 // Don't allow multiple users on certain builds 544 if (android.os.Build.ID.startsWith("JVP")) return 1; 545 return SystemProperties.getInt("fw.max_users", 546 Resources.getSystem().getInteger(R.integer.config_multiuserMaximumUsers)); 547 } 548 549 /** 550 * Returns a serial number on this device for a given userHandle. User handles can be recycled 551 * when deleting and creating users, but serial numbers are not reused until the device is wiped. 552 * @param userHandle 553 * @return a serial number associated with that user, or -1 if the userHandle is not valid. 554 * @hide 555 */ getUserSerialNumber(int userHandle)556 public int getUserSerialNumber(int userHandle) { 557 try { 558 return mService.getUserSerialNumber(userHandle); 559 } catch (RemoteException re) { 560 Log.w(TAG, "Could not get serial number for user " + userHandle); 561 } 562 return -1; 563 } 564 565 /** 566 * Returns a userHandle on this device for a given user serial number. User handles can be 567 * recycled when deleting and creating users, but serial numbers are not reused until the device 568 * is wiped. 569 * @param userSerialNumber 570 * @return the userHandle associated with that user serial number, or -1 if the serial number 571 * is not valid. 572 * @hide 573 */ getUserHandle(int userSerialNumber)574 public int getUserHandle(int userSerialNumber) { 575 try { 576 return mService.getUserHandle(userSerialNumber); 577 } catch (RemoteException re) { 578 Log.w(TAG, "Could not get userHandle for user " + userSerialNumber); 579 } 580 return -1; 581 } 582 583 /** 584 * Returns a Bundle containing any saved application restrictions for this user, for the 585 * given package name. Only an application with this package name can call this method. 586 * @param packageName the package name of the calling application 587 * @return a Bundle with the restrictions as key/value pairs, or null if there are no 588 * saved restrictions. The values can be of type Boolean, String or String[], depending 589 * on the restriction type, as defined by the application. 590 */ getApplicationRestrictions(String packageName)591 public Bundle getApplicationRestrictions(String packageName) { 592 try { 593 return mService.getApplicationRestrictions(packageName); 594 } catch (RemoteException re) { 595 Log.w(TAG, "Could not get application restrictions for package " + packageName); 596 } 597 return null; 598 } 599 600 /** 601 * @hide 602 */ getApplicationRestrictions(String packageName, UserHandle user)603 public Bundle getApplicationRestrictions(String packageName, UserHandle user) { 604 try { 605 return mService.getApplicationRestrictionsForUser(packageName, user.getIdentifier()); 606 } catch (RemoteException re) { 607 Log.w(TAG, "Could not get application restrictions for user " + user.getIdentifier()); 608 } 609 return null; 610 } 611 612 /** 613 * @hide 614 */ setApplicationRestrictions(String packageName, Bundle restrictions, UserHandle user)615 public void setApplicationRestrictions(String packageName, Bundle restrictions, 616 UserHandle user) { 617 try { 618 mService.setApplicationRestrictions(packageName, restrictions, user.getIdentifier()); 619 } catch (RemoteException re) { 620 Log.w(TAG, "Could not set application restrictions for user " + user.getIdentifier()); 621 } 622 } 623 } 624