• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2012 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 package android.os;
17 
18 import android.app.ActivityManagerNative;
19 import android.content.Context;
20 import android.content.RestrictionEntry;
21 import android.content.pm.UserInfo;
22 import android.content.res.Resources;
23 import android.graphics.Bitmap;
24 import android.util.Log;
25 
26 import com.android.internal.R;
27 
28 import java.util.List;
29 
30 /**
31  * Manages users and user details on a multi-user system.
32  */
33 public class UserManager {
34 
35     private static String TAG = "UserManager";
36     private final IUserManager mService;
37     private final Context mContext;
38 
39     /**
40      * Key for user restrictions. Specifies if a user is disallowed from adding and removing
41      * accounts.
42      * The default value is <code>false</code>.
43      * <p/>
44      * Type: Boolean
45      * @see #setUserRestrictions(Bundle)
46      * @see #getUserRestrictions()
47      */
48     public static final String DISALLOW_MODIFY_ACCOUNTS = "no_modify_accounts";
49 
50     /**
51      * Key for user restrictions. Specifies if a user is disallowed from changing Wi-Fi
52      * access points.
53      * The default value is <code>false</code>.
54      * <p/>
55      * Type: Boolean
56      * @see #setUserRestrictions(Bundle)
57      * @see #getUserRestrictions()
58      */
59     public static final String DISALLOW_CONFIG_WIFI = "no_config_wifi";
60 
61     /**
62      * Key for user restrictions. Specifies if a user is disallowed from installing applications.
63      * The default value is <code>false</code>.
64      * <p/>
65      * Type: Boolean
66      * @see #setUserRestrictions(Bundle)
67      * @see #getUserRestrictions()
68      */
69     public static final String DISALLOW_INSTALL_APPS = "no_install_apps";
70 
71     /**
72      * Key for user restrictions. Specifies if a user is disallowed from uninstalling applications.
73      * The default value is <code>false</code>.
74      * <p/>
75      * Type: Boolean
76      * @see #setUserRestrictions(Bundle)
77      * @see #getUserRestrictions()
78      */
79     public static final String DISALLOW_UNINSTALL_APPS = "no_uninstall_apps";
80 
81     /**
82      * Key for user restrictions. Specifies if a user is disallowed from toggling location sharing.
83      * The default value is <code>false</code>.
84      * <p/>
85      * Type: Boolean
86      * @see #setUserRestrictions(Bundle)
87      * @see #getUserRestrictions()
88      */
89 
90     public static final String DISALLOW_SHARE_LOCATION = "no_share_location";
91 
92     /**
93      * Key for user restrictions. Specifies if a user is disallowed from enabling the
94      * "Unknown Sources" setting, that allows installation of apps from unknown sources.
95      * The default value is <code>false</code>.
96      * <p/>
97      * Type: Boolean
98      * @see #setUserRestrictions(Bundle)
99      * @see #getUserRestrictions()
100      */
101     public static final String DISALLOW_INSTALL_UNKNOWN_SOURCES = "no_install_unknown_sources";
102 
103     /**
104      * Key for user restrictions. Specifies if a user is disallowed from configuring bluetooth.
105      * The default value is <code>false</code>.
106      * <p/>
107      * Type: Boolean
108      * @see #setUserRestrictions(Bundle)
109      * @see #getUserRestrictions()
110      */
111     public static final String DISALLOW_CONFIG_BLUETOOTH = "no_config_bluetooth";
112 
113     /**
114      * Key for user restrictions. Specifies if a user is disallowed from transferring files over
115      * USB. The default value is <code>false</code>.
116      * <p/>
117      * Type: Boolean
118      * @see #setUserRestrictions(Bundle)
119      * @see #getUserRestrictions()
120      */
121     public static final String DISALLOW_USB_FILE_TRANSFER = "no_usb_file_transfer";
122 
123     /**
124      * Key for user restrictions. Specifies if a user is disallowed from configuring user
125      * credentials. The default value is <code>false</code>.
126      * <p/>
127      * Type: Boolean
128      * @see #setUserRestrictions(Bundle)
129      * @see #getUserRestrictions()
130      */
131     public static final String DISALLOW_CONFIG_CREDENTIALS = "no_config_credentials";
132 
133     /**
134      * Key for user restrictions. Specifies if a user is disallowed from removing users.
135      * The default value is <code>false</code>.
136      * <p/>
137      * Type: Boolean
138      * @see #setUserRestrictions(Bundle)
139      * @see #getUserRestrictions()
140      */
141     public static final String DISALLOW_REMOVE_USER = "no_remove_user";
142 
143     private static UserManager sInstance = null;
144 
145     /** @hide */
get(Context context)146     public synchronized static UserManager get(Context context) {
147         if (sInstance == null) {
148             sInstance = (UserManager) context.getSystemService(Context.USER_SERVICE);
149         }
150         return sInstance;
151     }
152 
153     /** @hide */
UserManager(Context context, IUserManager service)154     public UserManager(Context context, IUserManager service) {
155         mService = service;
156         mContext = context;
157     }
158 
159     /**
160      * Returns whether the system supports multiple users.
161      * @return true if multiple users can be created, false if it is a single user device.
162      * @hide
163      */
supportsMultipleUsers()164     public static boolean supportsMultipleUsers() {
165         return getMaxSupportedUsers() > 1;
166     }
167 
168     /**
169      * Returns the user handle for the user that this application is running for.
170      * @return the user handle of the user making this call.
171      * @hide
172      */
getUserHandle()173     public int getUserHandle() {
174         return UserHandle.myUserId();
175     }
176 
177     /**
178      * Returns the user name of the user making this call.  This call is only
179      * available to applications on the system image; it requires the
180      * MANAGE_USERS permission.
181      * @return the user name
182      */
getUserName()183     public String getUserName() {
184         try {
185             return mService.getUserInfo(getUserHandle()).name;
186         } catch (RemoteException re) {
187             Log.w(TAG, "Could not get user name", re);
188             return "";
189         }
190     }
191 
192    /**
193      * Used to determine whether the user making this call is subject to
194      * teleportations.
195      * @return whether the user making this call is a goat
196      */
isUserAGoat()197     public boolean isUserAGoat() {
198         return false;
199     }
200 
201     /**
202      * Used to check if the user making this call is linked to another user. Linked users may have
203      * a reduced number of available apps, app restrictions and account restrictions.
204      * @return whether the user making this call is a linked user
205      * @hide
206      */
isLinkedUser()207     public boolean isLinkedUser() {
208         try {
209             return mService.isRestricted();
210         } catch (RemoteException re) {
211             Log.w(TAG, "Could not check if user is limited ", re);
212             return false;
213         }
214     }
215 
216     /**
217      * Return whether the given user is actively running.  This means that
218      * the user is in the "started" state, not "stopped" -- it is currently
219      * allowed to run code through scheduled alarms, receiving broadcasts,
220      * etc.  A started user may be either the current foreground user or a
221      * background user; the result here does not distinguish between the two.
222      * @param user The user to retrieve the running state for.
223      */
isUserRunning(UserHandle user)224     public boolean isUserRunning(UserHandle user) {
225         try {
226             return ActivityManagerNative.getDefault().isUserRunning(
227                     user.getIdentifier(), false);
228         } catch (RemoteException e) {
229             return false;
230         }
231     }
232 
233     /**
234      * Return whether the given user is actively running <em>or</em> stopping.
235      * This is like {@link #isUserRunning(UserHandle)}, but will also return
236      * true if the user had been running but is in the process of being stopped
237      * (but is not yet fully stopped, and still running some code).
238      * @param user The user to retrieve the running state for.
239      */
isUserRunningOrStopping(UserHandle user)240     public boolean isUserRunningOrStopping(UserHandle user) {
241         try {
242             return ActivityManagerNative.getDefault().isUserRunning(
243                     user.getIdentifier(), true);
244         } catch (RemoteException e) {
245             return false;
246         }
247     }
248 
249     /**
250      * Returns the UserInfo object describing a specific user.
251      * Requires {@link android.Manifest.permission#MANAGE_USERS} permission.
252      * @param userHandle the user handle of the user whose information is being requested.
253      * @return the UserInfo object for a specific user.
254      * @hide
255      */
getUserInfo(int userHandle)256     public UserInfo getUserInfo(int userHandle) {
257         try {
258             return mService.getUserInfo(userHandle);
259         } catch (RemoteException re) {
260             Log.w(TAG, "Could not get user info", re);
261             return null;
262         }
263     }
264 
265     /**
266      * Returns the user-wide restrictions imposed on this user.
267      * @return a Bundle containing all the restrictions.
268      */
getUserRestrictions()269     public Bundle getUserRestrictions() {
270         return getUserRestrictions(Process.myUserHandle());
271     }
272 
273     /**
274      * Returns the user-wide restrictions imposed on the user specified by <code>userHandle</code>.
275      * @param userHandle the UserHandle of the user for whom to retrieve the restrictions.
276      * @return a Bundle containing all the restrictions.
277      */
getUserRestrictions(UserHandle userHandle)278     public Bundle getUserRestrictions(UserHandle userHandle) {
279         try {
280             return mService.getUserRestrictions(userHandle.getIdentifier());
281         } catch (RemoteException re) {
282             Log.w(TAG, "Could not get user restrictions", re);
283             return Bundle.EMPTY;
284         }
285     }
286 
287     /**
288      * Sets all the user-wide restrictions for this user.
289      * Requires the MANAGE_USERS permission.
290      * @param restrictions the Bundle containing all the restrictions.
291      */
setUserRestrictions(Bundle restrictions)292     public void setUserRestrictions(Bundle restrictions) {
293         setUserRestrictions(restrictions, Process.myUserHandle());
294     }
295 
296     /**
297      * Sets all the user-wide restrictions for the specified user.
298      * Requires the MANAGE_USERS permission.
299      * @param restrictions the Bundle containing all the restrictions.
300      * @param userHandle the UserHandle of the user for whom to set the restrictions.
301      */
setUserRestrictions(Bundle restrictions, UserHandle userHandle)302     public void setUserRestrictions(Bundle restrictions, UserHandle userHandle) {
303         try {
304             mService.setUserRestrictions(restrictions, userHandle.getIdentifier());
305         } catch (RemoteException re) {
306             Log.w(TAG, "Could not set user restrictions", re);
307         }
308     }
309 
310     /**
311      * Sets the value of a specific restriction.
312      * Requires the MANAGE_USERS permission.
313      * @param key the key of the restriction
314      * @param value the value for the restriction
315      */
setUserRestriction(String key, boolean value)316     public void setUserRestriction(String key, boolean value) {
317         Bundle bundle = getUserRestrictions();
318         bundle.putBoolean(key, value);
319         setUserRestrictions(bundle);
320     }
321 
322     /**
323      * @hide
324      * Sets the value of a specific restriction on a specific user.
325      * Requires the {@link android.Manifest.permission#MANAGE_USERS} permission.
326      * @param key the key of the restriction
327      * @param value the value for the restriction
328      * @param userHandle the user whose restriction is to be changed.
329      */
setUserRestriction(String key, boolean value, UserHandle userHandle)330     public void setUserRestriction(String key, boolean value, UserHandle userHandle) {
331         Bundle bundle = getUserRestrictions(userHandle);
332         bundle.putBoolean(key, value);
333         setUserRestrictions(bundle, userHandle);
334     }
335 
336     /**
337      * @hide
338      * Returns whether the current user has been disallowed from performing certain actions
339      * or setting certain settings.
340      * @param restrictionKey the string key representing the restriction
341      */
hasUserRestriction(String restrictionKey)342     public boolean hasUserRestriction(String restrictionKey) {
343         return getUserRestrictions().getBoolean(restrictionKey, false);
344     }
345 
346     /**
347      * Return the serial number for a user.  This is a device-unique
348      * number assigned to that user; if the user is deleted and then a new
349      * user created, the new users will not be given the same serial number.
350      * @param user The user whose serial number is to be retrieved.
351      * @return The serial number of the given user; returns -1 if the
352      * given UserHandle does not exist.
353      * @see #getUserForSerialNumber(long)
354      */
getSerialNumberForUser(UserHandle user)355     public long getSerialNumberForUser(UserHandle user) {
356         return getUserSerialNumber(user.getIdentifier());
357     }
358 
359     /**
360      * Return the user associated with a serial number previously
361      * returned by {@link #getSerialNumberForUser(UserHandle)}.
362      * @param serialNumber The serial number of the user that is being
363      * retrieved.
364      * @return Return the user associated with the serial number, or null
365      * if there is not one.
366      * @see #getSerialNumberForUser(UserHandle)
367      */
getUserForSerialNumber(long serialNumber)368     public UserHandle getUserForSerialNumber(long serialNumber) {
369         int ident = getUserHandle((int)serialNumber);
370         return ident >= 0 ? new UserHandle(ident) : null;
371     }
372 
373     /**
374      * Creates a user with the specified name and options.
375      * Requires {@link android.Manifest.permission#MANAGE_USERS} permission.
376      *
377      * @param name the user's name
378      * @param flags flags that identify the type of user and other properties.
379      * @see UserInfo
380      *
381      * @return the UserInfo object for the created user, or null if the user could not be created.
382      * @hide
383      */
createUser(String name, int flags)384     public UserInfo createUser(String name, int flags) {
385         try {
386             return mService.createUser(name, flags);
387         } catch (RemoteException re) {
388             Log.w(TAG, "Could not create a user", re);
389             return null;
390         }
391     }
392 
393     /**
394      * Return the number of users currently created on the device.
395      */
getUserCount()396     public int getUserCount() {
397         List<UserInfo> users = getUsers();
398         return users != null ? users.size() : 1;
399     }
400 
401     /**
402      * Returns information for all users on this device.
403      * Requires {@link android.Manifest.permission#MANAGE_USERS} permission.
404      * @return the list of users that were created.
405      * @hide
406      */
getUsers()407     public List<UserInfo> getUsers() {
408         try {
409             return mService.getUsers(false);
410         } catch (RemoteException re) {
411             Log.w(TAG, "Could not get user list", re);
412             return null;
413         }
414     }
415 
416     /**
417      * Returns information for all users on this device.
418      * Requires {@link android.Manifest.permission#MANAGE_USERS} permission.
419      * @param excludeDying specify if the list should exclude users being removed.
420      * @return the list of users that were created.
421      * @hide
422      */
getUsers(boolean excludeDying)423     public List<UserInfo> getUsers(boolean excludeDying) {
424         try {
425             return mService.getUsers(excludeDying);
426         } catch (RemoteException re) {
427             Log.w(TAG, "Could not get user list", re);
428             return null;
429         }
430     }
431 
432     /**
433      * Removes a user and all associated data.
434      * Requires {@link android.Manifest.permission#MANAGE_USERS} permission.
435      * @param userHandle the integer handle of the user, where 0 is the primary user.
436      * @hide
437      */
removeUser(int userHandle)438     public boolean removeUser(int userHandle) {
439         try {
440             return mService.removeUser(userHandle);
441         } catch (RemoteException re) {
442             Log.w(TAG, "Could not remove user ", re);
443             return false;
444         }
445     }
446 
447     /**
448      * Updates the user's name.
449      * Requires {@link android.Manifest.permission#MANAGE_USERS} permission.
450      *
451      * @param userHandle the user's integer handle
452      * @param name the new name for the user
453      * @hide
454      */
setUserName(int userHandle, String name)455     public void setUserName(int userHandle, String name) {
456         try {
457             mService.setUserName(userHandle, name);
458         } catch (RemoteException re) {
459             Log.w(TAG, "Could not set the user name ", re);
460         }
461     }
462 
463     /**
464      * Sets the user's photo.
465      * @param userHandle the user for whom to change the photo.
466      * @param icon the bitmap to set as the photo.
467      * @hide
468      */
setUserIcon(int userHandle, Bitmap icon)469     public void setUserIcon(int userHandle, Bitmap icon) {
470         try {
471             mService.setUserIcon(userHandle, icon);
472         } catch (RemoteException re) {
473             Log.w(TAG, "Could not set the user icon ", re);
474         }
475     }
476 
477     /**
478      * Returns a file descriptor for the user's photo. PNG data can be read from this file.
479      * @param userHandle the user whose photo we want to read.
480      * @return a {@link Bitmap} of the user's photo, or null if there's no photo.
481      * @hide
482      */
getUserIcon(int userHandle)483     public Bitmap getUserIcon(int userHandle) {
484         try {
485             return mService.getUserIcon(userHandle);
486         } catch (RemoteException re) {
487             Log.w(TAG, "Could not get the user icon ", re);
488             return null;
489         }
490     }
491 
492     /**
493      * Enable or disable the use of a guest account. If disabled, the existing guest account
494      * will be wiped.
495      * Requires {@link android.Manifest.permission#MANAGE_USERS} permission.
496      * @param enable whether to enable a guest account.
497      * @hide
498      */
setGuestEnabled(boolean enable)499     public void setGuestEnabled(boolean enable) {
500         try {
501             mService.setGuestEnabled(enable);
502         } catch (RemoteException re) {
503             Log.w(TAG, "Could not change guest account availability to " + enable);
504         }
505     }
506 
507     /**
508      * Checks if a guest user is enabled for this device.
509      * Requires {@link android.Manifest.permission#MANAGE_USERS} permission.
510      * @return whether a guest user is enabled
511      * @hide
512      */
isGuestEnabled()513     public boolean isGuestEnabled() {
514         try {
515             return mService.isGuestEnabled();
516         } catch (RemoteException re) {
517             Log.w(TAG, "Could not retrieve guest enabled state");
518             return false;
519         }
520     }
521 
522     /**
523      * Wipes all the data for a user, but doesn't remove the user.
524      * Requires {@link android.Manifest.permission#MANAGE_USERS} permission.
525      * @param userHandle
526      * @hide
527      */
wipeUser(int userHandle)528     public void wipeUser(int userHandle) {
529         try {
530             mService.wipeUser(userHandle);
531         } catch (RemoteException re) {
532             Log.w(TAG, "Could not wipe user " + userHandle);
533         }
534     }
535 
536     /**
537      * Returns the maximum number of users that can be created on this device. A return value
538      * of 1 means that it is a single user device.
539      * @hide
540      * @return a value greater than or equal to 1
541      */
getMaxSupportedUsers()542     public static int getMaxSupportedUsers() {
543         // Don't allow multiple users on certain builds
544         if (android.os.Build.ID.startsWith("JVP")) return 1;
545         return SystemProperties.getInt("fw.max_users",
546                 Resources.getSystem().getInteger(R.integer.config_multiuserMaximumUsers));
547     }
548 
549     /**
550      * Returns a serial number on this device for a given userHandle. User handles can be recycled
551      * when deleting and creating users, but serial numbers are not reused until the device is wiped.
552      * @param userHandle
553      * @return a serial number associated with that user, or -1 if the userHandle is not valid.
554      * @hide
555      */
getUserSerialNumber(int userHandle)556     public int getUserSerialNumber(int userHandle) {
557         try {
558             return mService.getUserSerialNumber(userHandle);
559         } catch (RemoteException re) {
560             Log.w(TAG, "Could not get serial number for user " + userHandle);
561         }
562         return -1;
563     }
564 
565     /**
566      * Returns a userHandle on this device for a given user serial number. User handles can be
567      * recycled when deleting and creating users, but serial numbers are not reused until the device
568      * is wiped.
569      * @param userSerialNumber
570      * @return the userHandle associated with that user serial number, or -1 if the serial number
571      * is not valid.
572      * @hide
573      */
getUserHandle(int userSerialNumber)574     public int getUserHandle(int userSerialNumber) {
575         try {
576             return mService.getUserHandle(userSerialNumber);
577         } catch (RemoteException re) {
578             Log.w(TAG, "Could not get userHandle for user " + userSerialNumber);
579         }
580         return -1;
581     }
582 
583     /**
584      * Returns a Bundle containing any saved application restrictions for this user, for the
585      * given package name. Only an application with this package name can call this method.
586      * @param packageName the package name of the calling application
587      * @return a Bundle with the restrictions as key/value pairs, or null if there are no
588      * saved restrictions. The values can be of type Boolean, String or String[], depending
589      * on the restriction type, as defined by the application.
590      */
getApplicationRestrictions(String packageName)591     public Bundle getApplicationRestrictions(String packageName) {
592         try {
593             return mService.getApplicationRestrictions(packageName);
594         } catch (RemoteException re) {
595             Log.w(TAG, "Could not get application restrictions for package " + packageName);
596         }
597         return null;
598     }
599 
600     /**
601      * @hide
602      */
getApplicationRestrictions(String packageName, UserHandle user)603     public Bundle getApplicationRestrictions(String packageName, UserHandle user) {
604         try {
605             return mService.getApplicationRestrictionsForUser(packageName, user.getIdentifier());
606         } catch (RemoteException re) {
607             Log.w(TAG, "Could not get application restrictions for user " + user.getIdentifier());
608         }
609         return null;
610     }
611 
612     /**
613      * @hide
614      */
setApplicationRestrictions(String packageName, Bundle restrictions, UserHandle user)615     public void setApplicationRestrictions(String packageName, Bundle restrictions,
616             UserHandle user) {
617         try {
618             mService.setApplicationRestrictions(packageName, restrictions, user.getIdentifier());
619         } catch (RemoteException re) {
620             Log.w(TAG, "Could not set application restrictions for user " + user.getIdentifier());
621         }
622     }
623 }
624