1 /* 2 * Copyright 2016, The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.managedprovisioning.ota; 18 19 import static android.app.admin.DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE; 20 import static android.app.admin.DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE; 21 import static android.app.admin.DevicePolicyManager.ACTION_PROVISION_MANAGED_USER; 22 23 import static com.android.internal.util.Preconditions.checkNotNull; 24 25 import android.app.admin.DevicePolicyManager; 26 import android.content.ComponentName; 27 import android.content.Context; 28 import android.content.pm.UserInfo; 29 import android.os.UserHandle; 30 import android.os.UserManager; 31 32 import com.android.internal.annotations.VisibleForTesting; 33 import com.android.managedprovisioning.common.ProvisionLogger; 34 import com.android.managedprovisioning.model.ProvisioningParams; 35 import com.android.managedprovisioning.task.CrossProfileIntentFiltersSetter; 36 import com.android.managedprovisioning.task.DeleteNonRequiredAppsTask; 37 import com.android.managedprovisioning.task.DisableInstallShortcutListenersTask; 38 import com.android.managedprovisioning.task.DisallowAddUserTask; 39 import com.android.managedprovisioning.task.InstallExistingPackageTask; 40 import com.android.managedprovisioning.task.MigrateSystemAppsSnapshotTask; 41 42 /** 43 * After a system update, this class resets the cross-profile intent filters and performs any 44 * tasks necessary to bring the system up to date. 45 */ 46 public class OtaController { 47 48 private static final String TELECOM_PACKAGE = "com.android.server.telecom"; 49 50 private final Context mContext; 51 private final TaskExecutor mTaskExecutor; 52 private final CrossProfileIntentFiltersSetter mCrossProfileIntentFiltersSetter; 53 54 private final UserManager mUserManager; 55 private final DevicePolicyManager mDevicePolicyManager; 56 57 public OtaController(Context context) { 58 this(context, new TaskExecutor(), new CrossProfileIntentFiltersSetter(context)); 59 } 60 61 @VisibleForTesting 62 OtaController(Context context, TaskExecutor taskExecutor, 63 CrossProfileIntentFiltersSetter crossProfileIntentFiltersSetter) { 64 mContext = checkNotNull(context); 65 mTaskExecutor = checkNotNull(taskExecutor); 66 mCrossProfileIntentFiltersSetter = checkNotNull(crossProfileIntentFiltersSetter); 67 68 mUserManager = (UserManager) context.getSystemService(Context.USER_SERVICE); 69 mDevicePolicyManager = (DevicePolicyManager) context.getSystemService( 70 Context.DEVICE_POLICY_SERVICE); 71 } 72 73 public void run() { 74 if (mContext.getUserId() != UserHandle.USER_SYSTEM) { 75 return; 76 } 77 // Migrate snapshot files to use user serial number as file name. 78 mTaskExecutor.execute( 79 UserHandle.USER_SYSTEM, new MigrateSystemAppsSnapshotTask(mContext, mTaskExecutor)); 80 81 // Check for device owner. 82 final int deviceOwnerUserId = mDevicePolicyManager.getDeviceOwnerUserId(); 83 if (deviceOwnerUserId != UserHandle.USER_NULL) { 84 addDeviceOwnerTasks(deviceOwnerUserId, mContext); 85 } 86 87 for (UserInfo userInfo : mUserManager.getUsers()) { 88 if (userInfo.isManagedProfile()) { 89 addManagedProfileTasks(userInfo.id, mContext); 90 } else if (mDevicePolicyManager.getProfileOwnerAsUser(userInfo.id) != null) { 91 addManagedUserTasks(userInfo.id, mContext); 92 } else { 93 // if this user has managed profiles, reset the cross-profile intent filters between 94 // this user and its managed profiles. 95 mCrossProfileIntentFiltersSetter.resetFilters(userInfo.id); 96 } 97 } 98 } 99 100 void addDeviceOwnerTasks(final int userId, Context context) { 101 ComponentName deviceOwner = mDevicePolicyManager.getDeviceOwnerComponentOnAnyUser(); 102 if (deviceOwner == null) { 103 // Shouldn't happen 104 ProvisionLogger.loge("No device owner found."); 105 return; 106 } 107 108 // Build a set of fake params to be able to run the tasks 109 ProvisioningParams fakeParams = new ProvisioningParams.Builder() 110 .setDeviceAdminComponentName(deviceOwner) 111 .setProvisioningAction(ACTION_PROVISION_MANAGED_DEVICE) 112 .build(); 113 114 mTaskExecutor.execute(userId, 115 new DeleteNonRequiredAppsTask(false, context, fakeParams, mTaskExecutor)); 116 mTaskExecutor.execute(userId, 117 new DisallowAddUserTask(context, fakeParams, mTaskExecutor)); 118 } 119 120 void addManagedProfileTasks(final int userId, Context context) { 121 mUserManager.setUserRestriction(UserManager.DISALLOW_WALLPAPER, true, 122 UserHandle.of(userId)); 123 // Enabling telecom package as it supports managed profiles from N. 124 mTaskExecutor.execute(userId, 125 new InstallExistingPackageTask(TELECOM_PACKAGE, context, null, mTaskExecutor)); 126 127 ComponentName profileOwner = mDevicePolicyManager.getProfileOwnerAsUser(userId); 128 if (profileOwner == null) { 129 // Shouldn't happen. 130 ProvisionLogger.loge("No profile owner on managed profile " + userId); 131 return; 132 } 133 134 // Build a set of fake params to be able to run the tasks 135 ProvisioningParams fakeParams = new ProvisioningParams.Builder() 136 .setDeviceAdminComponentName(profileOwner) 137 .setProvisioningAction(ACTION_PROVISION_MANAGED_PROFILE) 138 .build(); 139 mTaskExecutor.execute(userId, 140 new DisableInstallShortcutListenersTask(context, fakeParams, mTaskExecutor)); 141 mTaskExecutor.execute(userId, 142 new DeleteNonRequiredAppsTask(false, context, fakeParams, mTaskExecutor)); 143 } 144 145 void addManagedUserTasks(final int userId, Context context) { 146 ComponentName profileOwner = mDevicePolicyManager.getProfileOwnerAsUser(userId); 147 if (profileOwner == null) { 148 // Shouldn't happen. 149 ProvisionLogger.loge("No profile owner on managed user " + userId); 150 return; 151 } 152 153 // Build a set of fake params to be able to run the tasks 154 ProvisioningParams fakeParams = new ProvisioningParams.Builder() 155 .setDeviceAdminComponentName(profileOwner) 156 .setProvisioningAction(ACTION_PROVISION_MANAGED_USER) 157 .build(); 158 mTaskExecutor.execute(userId, 159 new DeleteNonRequiredAppsTask(false, context, fakeParams, mTaskExecutor)); 160 } 161 } 162