From 4fbb5919e2a26f94b11233e30d4c19bdc3cd5b01 Mon Sep 17 00:00:00 2001
From: Richard MacGregor <rmacgregor@google.com>
Date: Thu, 5 Dec 2024 12:13:45 -0800
Subject: Ensure cross-user roles are not available for private space
 profile/user

Relnote: N/A
Flag: com.android.permission.flags.cross_user_role_enabled
Bug: 382514430
Test: atest RoleManagerMultiUserTest
Change-Id: I78abf982c1c633db366fb4951f3ff6fde8c6612c
---
 .../java/com/android/role/controller/model/Role.java                | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'PermissionController/role-controller/java')

diff --git a/PermissionController/role-controller/java/com/android/role/controller/model/Role.java b/PermissionController/role-controller/java/com/android/role/controller/model/Role.java
index c551c37dc..c4ed99be1 100644
--- a/PermissionController/role-controller/java/com/android/role/controller/model/Role.java
+++ b/PermissionController/role-controller/java/com/android/role/controller/model/Role.java
@@ -472,6 +472,12 @@ public class Role {
         if (!isAvailableByFeatureFlagAndSdkVersion()) {
             return false;
         }
+
+        if (getExclusivity() == EXCLUSIVITY_PROFILE_GROUP
+                && UserUtils.isPrivateProfile(user, context)) {
+            return false;
+        }
+
         if (mBehavior != null) {
             boolean isAvailableAsUser = mBehavior.isAvailableAsUser(this, user, context);
             // Ensure that cross-user role is only available if also available for
-- 
cgit v1.2.3-59-g8ed1b