Make base user restrictions queriable for system apps

Needed by e.g. Settings > Location

Bug:22541939
Change-Id: I6cdd5f1c32cde143232eb53f531bbf3a737d8a9a

3 files changed, 28 insertions, 0 deletions

diff --git a/core/java/android/os/IUserManager.aidl b/core/java/android/os/IUserManager.aidl
index c71d6cc00e54..1b71f0b9457f 100644
--- a/core/java/android/os/IUserManager.aidl
+++ b/core/java/android/os/IUserManager.aidl
@@ -54,6 +54,7 @@ interface IUserManager {
     int getUserSerialNumber(int userHandle);
     int getUserHandle(int userSerialNumber);
     Bundle getUserRestrictions(int userHandle);
+    boolean hasBaseUserRestriction(String restrictionKey, int userHandle);
     boolean hasUserRestriction(in String restrictionKey, int userHandle);
     void setUserRestriction(String key, boolean value, int userId);
     void setApplicationRestrictions(in String packageName, in Bundle restrictions,
diff --git a/core/java/android/os/UserManager.java b/core/java/android/os/UserManager.java
index f26693c853fb..7259a4f3cb99 100644
--- a/core/java/android/os/UserManager.java
+++ b/core/java/android/os/UserManager.java
@@ -779,6 +779,24 @@ public class UserManager {
         }
     }
 
+     /**
+     * @hide
+     * Returns whether the given user has been disallowed from performing certain actions
+     * or setting certain settings through UserManager. This method disregards restrictions
+     * set by device policy.
+     * @param restrictionKey the string key representing the restriction
+     * @param userHandle the UserHandle of the user for whom to retrieve the restrictions.
+     */
+    public boolean hasBaseUserRestriction(String restrictionKey, UserHandle userHandle) {
+        try {
+            return mService.hasBaseUserRestriction(restrictionKey, userHandle.getIdentifier());
+        } catch (RemoteException re) {
+            Log.w(TAG, "Could not get base user restrictions for user " +
+                    userHandle.getIdentifier(), re);
+            return false;
+        }
+    }
+
     /**
      * This will no longer work.  Device owners and profile owners should use
      * {@link DevicePolicyManager#addUserRestriction(ComponentName, String)} instead.
diff --git a/services/core/java/com/android/server/pm/UserManagerService.java b/services/core/java/com/android/server/pm/UserManagerService.java
index da10a94215dc..a65a18961509 100644
--- a/services/core/java/com/android/server/pm/UserManagerService.java
+++ b/services/core/java/com/android/server/pm/UserManagerService.java
@@ -784,6 +784,15 @@ public class UserManagerService extends IUserManager.Stub {
     }
 
     @Override
+    public boolean hasBaseUserRestriction(String restrictionKey, int userId) {
+        checkManageUsersPermission("hasBaseUserRestriction");
+        synchronized (mRestrictionsLock) {
+            Bundle bundle = mBaseUserRestrictions.get(userId);
+            return (bundle != null && bundle.getBoolean(restrictionKey, false));
+        }
+    }
+
+    @Override
     public void setUserRestriction(String key, boolean value, int userId) {
         checkManageUsersPermission("setUserRestriction");
         synchronized (mRestrictionsLock) {