1 /* 2 * Copyright (C) 2010 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.settings; 18 19 import android.app.Activity; 20 import android.app.ActivityManager; 21 import android.app.AlertDialog; 22 import android.app.AppOpsManager; 23 import android.app.Dialog; 24 import android.app.admin.DeviceAdminInfo; 25 import android.app.admin.DeviceAdminReceiver; 26 import android.app.admin.DevicePolicyManager; 27 import android.content.ComponentName; 28 import android.content.Context; 29 import android.content.DialogInterface; 30 import android.content.Intent; 31 import android.content.pm.ActivityInfo; 32 import android.content.pm.ApplicationInfo; 33 import android.content.pm.PackageInfo; 34 import android.content.pm.PackageManager; 35 import android.content.pm.PackageManager.NameNotFoundException; 36 import android.content.pm.ResolveInfo; 37 import android.content.pm.UserInfo; 38 import android.content.res.Resources; 39 import android.net.Uri; 40 import android.os.Binder; 41 import android.os.Bundle; 42 import android.os.Handler; 43 import android.os.IBinder; 44 import android.os.RemoteCallback; 45 import android.os.RemoteException; 46 import android.os.UserHandle; 47 import android.os.UserManager; 48 import android.text.TextUtils; 49 import android.text.TextUtils.TruncateAt; 50 import android.util.EventLog; 51 import android.util.Log; 52 import android.view.Display; 53 import android.view.View; 54 import android.view.ViewGroup; 55 import android.view.ViewTreeObserver; 56 import android.view.WindowManager; 57 import android.widget.AppSecurityPermissions; 58 import android.widget.Button; 59 import android.widget.ImageView; 60 import android.widget.TextView; 61 62 import com.android.internal.logging.nano.MetricsProto; 63 import com.android.settings.core.instrumentation.MetricsFeatureProvider; 64 import com.android.settings.overlay.FeatureFactory; 65 import com.android.settings.R; 66 import com.android.settings.users.UserDialogs; 67 import com.android.settingslib.RestrictedLockUtils; 68 import com.android.settingslib.RestrictedLockUtils.EnforcedAdmin; 69 import org.xmlpull.v1.XmlPullParserException; 70 71 import java.io.IOException; 72 import java.util.ArrayList; 73 import java.util.List; 74 75 public class DeviceAdminAdd extends Activity { 76 static final String TAG = "DeviceAdminAdd"; 77 78 static final int DIALOG_WARNING = 1; 79 80 private static final int MAX_ADD_MSG_LINES_PORTRAIT = 5; 81 private static final int MAX_ADD_MSG_LINES_LANDSCAPE = 2; 82 private static final int MAX_ADD_MSG_LINES = 15; 83 84 /** 85 * Optional key to map to the package name of the Device Admin. 86 * Currently only used when uninstalling an active device admin. 87 */ 88 public static final String EXTRA_DEVICE_ADMIN_PACKAGE_NAME = 89 "android.app.extra.DEVICE_ADMIN_PACKAGE_NAME"; 90 91 public static final String EXTRA_CALLED_FROM_SUPPORT_DIALOG = 92 "android.app.extra.CALLED_FROM_SUPPORT_DIALOG"; 93 94 private final IBinder mToken = new Binder(); 95 Handler mHandler; 96 97 DevicePolicyManager mDPM; 98 AppOpsManager mAppOps; 99 DeviceAdminInfo mDeviceAdmin; 100 CharSequence mAddMsgText; 101 String mProfileOwnerName; 102 103 ImageView mAdminIcon; 104 TextView mAdminName; 105 TextView mAdminDescription; 106 TextView mAddMsg; 107 TextView mProfileOwnerWarning; 108 ImageView mAddMsgExpander; 109 boolean mAddMsgEllipsized = true; 110 TextView mAdminWarning; 111 TextView mSupportMessage; 112 ViewGroup mAdminPolicies; 113 Button mActionButton; 114 Button mUninstallButton; 115 Button mCancelButton; 116 117 boolean mUninstalling = false; 118 boolean mAdding; 119 boolean mRefreshing; 120 boolean mWaitingForRemoveMsg; 121 boolean mAddingProfileOwner; 122 boolean mAdminPoliciesInitialized; 123 124 boolean mIsCalledFromSupportDialog = false; 125 126 @Override onCreate(Bundle icicle)127 protected void onCreate(Bundle icicle) { 128 super.onCreate(icicle); 129 130 mHandler = new Handler(getMainLooper()); 131 132 mDPM = (DevicePolicyManager)getSystemService(Context.DEVICE_POLICY_SERVICE); 133 mAppOps = (AppOpsManager)getSystemService(Context.APP_OPS_SERVICE); 134 PackageManager packageManager = getPackageManager(); 135 136 if ((getIntent().getFlags()&Intent.FLAG_ACTIVITY_NEW_TASK) != 0) { 137 Log.w(TAG, "Cannot start ADD_DEVICE_ADMIN as a new task"); 138 finish(); 139 return; 140 } 141 142 mIsCalledFromSupportDialog = getIntent().getBooleanExtra( 143 EXTRA_CALLED_FROM_SUPPORT_DIALOG, false); 144 145 String action = getIntent().getAction(); 146 ComponentName who = (ComponentName)getIntent().getParcelableExtra( 147 DevicePolicyManager.EXTRA_DEVICE_ADMIN); 148 if (who == null) { 149 String packageName = getIntent().getStringExtra(EXTRA_DEVICE_ADMIN_PACKAGE_NAME); 150 for (ComponentName component : mDPM.getActiveAdmins()) { 151 if (component.getPackageName().equals(packageName)) { 152 who = component; 153 mUninstalling = true; 154 break; 155 } 156 } 157 if (who == null) { 158 Log.w(TAG, "No component specified in " + action); 159 finish(); 160 return; 161 } 162 } 163 164 if (action != null && action.equals(DevicePolicyManager.ACTION_SET_PROFILE_OWNER)) { 165 setResult(RESULT_CANCELED); 166 setFinishOnTouchOutside(true); 167 mAddingProfileOwner = true; 168 mProfileOwnerName = 169 getIntent().getStringExtra(DevicePolicyManager.EXTRA_PROFILE_OWNER_NAME); 170 String callingPackage = getCallingPackage(); 171 if (callingPackage == null || !callingPackage.equals(who.getPackageName())) { 172 Log.e(TAG, "Unknown or incorrect caller"); 173 finish(); 174 return; 175 } 176 try { 177 PackageInfo packageInfo = packageManager.getPackageInfo(callingPackage, 0); 178 if ((packageInfo.applicationInfo.flags & ApplicationInfo.FLAG_SYSTEM) == 0) { 179 Log.e(TAG, "Cannot set a non-system app as a profile owner"); 180 finish(); 181 return; 182 } 183 } catch (NameNotFoundException nnfe) { 184 Log.e(TAG, "Cannot find the package " + callingPackage); 185 finish(); 186 return; 187 } 188 } 189 190 ActivityInfo ai; 191 try { 192 ai = packageManager.getReceiverInfo(who, PackageManager.GET_META_DATA); 193 } catch (PackageManager.NameNotFoundException e) { 194 Log.w(TAG, "Unable to retrieve device policy " + who, e); 195 finish(); 196 return; 197 } 198 199 // When activating, make sure the given component name is actually a valid device admin. 200 // No need to check this when deactivating, because it is safe to deactivate an active 201 // invalid device admin. 202 if (!mDPM.isAdminActive(who)) { 203 List<ResolveInfo> avail = packageManager.queryBroadcastReceivers( 204 new Intent(DeviceAdminReceiver.ACTION_DEVICE_ADMIN_ENABLED), 205 PackageManager.GET_DISABLED_UNTIL_USED_COMPONENTS); 206 int count = avail == null ? 0 : avail.size(); 207 boolean found = false; 208 for (int i=0; i<count; i++) { 209 ResolveInfo ri = avail.get(i); 210 if (ai.packageName.equals(ri.activityInfo.packageName) 211 && ai.name.equals(ri.activityInfo.name)) { 212 try { 213 // We didn't retrieve the meta data for all possible matches, so 214 // need to use the activity info of this specific one that was retrieved. 215 ri.activityInfo = ai; 216 DeviceAdminInfo dpi = new DeviceAdminInfo(this, ri); 217 found = true; 218 } catch (XmlPullParserException e) { 219 Log.w(TAG, "Bad " + ri.activityInfo, e); 220 } catch (IOException e) { 221 Log.w(TAG, "Bad " + ri.activityInfo, e); 222 } 223 break; 224 } 225 } 226 if (!found) { 227 Log.w(TAG, "Request to add invalid device admin: " + who); 228 finish(); 229 return; 230 } 231 } 232 233 ResolveInfo ri = new ResolveInfo(); 234 ri.activityInfo = ai; 235 try { 236 mDeviceAdmin = new DeviceAdminInfo(this, ri); 237 } catch (XmlPullParserException e) { 238 Log.w(TAG, "Unable to retrieve device policy " + who, e); 239 finish(); 240 return; 241 } catch (IOException e) { 242 Log.w(TAG, "Unable to retrieve device policy " + who, e); 243 finish(); 244 return; 245 } 246 247 // This admin already exists, an we have two options at this point. If new policy 248 // bits are set, show the user the new list. If nothing has changed, simply return 249 // "OK" immediately. 250 if (DevicePolicyManager.ACTION_ADD_DEVICE_ADMIN.equals(getIntent().getAction())) { 251 mRefreshing = false; 252 if (mDPM.isAdminActive(who)) { 253 if (mDPM.isRemovingAdmin(who, android.os.Process.myUserHandle().getIdentifier())) { 254 Log.w(TAG, "Requested admin is already being removed: " + who); 255 finish(); 256 return; 257 } 258 259 ArrayList<DeviceAdminInfo.PolicyInfo> newPolicies = mDeviceAdmin.getUsedPolicies(); 260 for (int i = 0; i < newPolicies.size(); i++) { 261 DeviceAdminInfo.PolicyInfo pi = newPolicies.get(i); 262 if (!mDPM.hasGrantedPolicy(who, pi.ident)) { 263 mRefreshing = true; 264 break; 265 } 266 } 267 if (!mRefreshing) { 268 // Nothing changed (or policies were removed) - return immediately 269 setResult(Activity.RESULT_OK); 270 finish(); 271 return; 272 } 273 } 274 } 275 276 // If we're trying to add a profile owner and user setup hasn't completed yet, no 277 // need to prompt for permission. Just add and finish. 278 if (mAddingProfileOwner && !mDPM.hasUserSetupCompleted()) { 279 addAndFinish(); 280 return; 281 } 282 283 mAddMsgText = getIntent().getCharSequenceExtra(DevicePolicyManager.EXTRA_ADD_EXPLANATION); 284 285 setContentView(R.layout.device_admin_add); 286 287 mAdminIcon = (ImageView)findViewById(R.id.admin_icon); 288 mAdminName = (TextView)findViewById(R.id.admin_name); 289 mAdminDescription = (TextView)findViewById(R.id.admin_description); 290 mProfileOwnerWarning = (TextView) findViewById(R.id.profile_owner_warning); 291 292 mAddMsg = (TextView)findViewById(R.id.add_msg); 293 mAddMsgExpander = (ImageView) findViewById(R.id.add_msg_expander); 294 final View.OnClickListener onClickListener = new View.OnClickListener() { 295 @Override 296 public void onClick(View v) { 297 toggleMessageEllipsis(mAddMsg); 298 } 299 }; 300 mAddMsgExpander.setOnClickListener(onClickListener); 301 mAddMsg.setOnClickListener(onClickListener); 302 303 // Determine whether the message can be collapsed - getLineCount() gives the correct 304 // number of lines only after a layout pass. 305 mAddMsg.getViewTreeObserver().addOnGlobalLayoutListener( 306 new ViewTreeObserver.OnGlobalLayoutListener() { 307 @Override 308 public void onGlobalLayout() { 309 final int maxLines = getEllipsizedLines(); 310 // hide the icon if number of visible lines does not exceed maxLines 311 boolean hideMsgExpander = mAddMsg.getLineCount() <= maxLines; 312 mAddMsgExpander.setVisibility(hideMsgExpander ? View.GONE : View.VISIBLE); 313 if (hideMsgExpander) { 314 mAddMsg.setOnClickListener(null); 315 ((View)mAddMsgExpander.getParent()).invalidate(); 316 } 317 mAddMsg.getViewTreeObserver().removeOnGlobalLayoutListener(this); 318 } 319 }); 320 321 // toggleMessageEllipsis also handles initial layout: 322 toggleMessageEllipsis(mAddMsg); 323 324 mAdminWarning = (TextView) findViewById(R.id.admin_warning); 325 mAdminPolicies = (ViewGroup) findViewById(R.id.admin_policies); 326 mSupportMessage = (TextView) findViewById(R.id.admin_support_message); 327 328 mCancelButton = (Button) findViewById(R.id.cancel_button); 329 mCancelButton.setFilterTouchesWhenObscured(true); 330 mCancelButton.setOnClickListener(new View.OnClickListener() { 331 public void onClick(View v) { 332 EventLog.writeEvent(EventLogTags.EXP_DET_DEVICE_ADMIN_DECLINED_BY_USER, 333 mDeviceAdmin.getActivityInfo().applicationInfo.uid); 334 finish(); 335 } 336 }); 337 338 mUninstallButton = (Button) findViewById(R.id.uninstall_button); 339 mUninstallButton.setFilterTouchesWhenObscured(true); 340 mUninstallButton.setOnClickListener(new View.OnClickListener() { 341 public void onClick(View v) { 342 EventLog.writeEvent(EventLogTags.EXP_DET_DEVICE_ADMIN_UNINSTALLED_BY_USER, 343 mDeviceAdmin.getActivityInfo().applicationInfo.uid); 344 mDPM.uninstallPackageWithActiveAdmins(mDeviceAdmin.getPackageName()); 345 finish(); 346 } 347 }); 348 349 mActionButton = (Button) findViewById(R.id.action_button); 350 351 final View restrictedAction = findViewById(R.id.restricted_action); 352 restrictedAction.setFilterTouchesWhenObscured(true); 353 restrictedAction.setOnClickListener(new View.OnClickListener() { 354 public void onClick(View v) { 355 if (!mActionButton.isEnabled()) { 356 return; 357 } 358 if (mAdding) { 359 addAndFinish(); 360 } else if (isManagedProfile(mDeviceAdmin) 361 && mDeviceAdmin.getComponent().equals(mDPM.getProfileOwner())) { 362 if (hasBaseCantRemoveProfileRestriction()) { 363 // If DISALLOW_REMOVE_MANAGED_PROFILE is set by the system, there's no 364 // point showing a dialog saying it's disabled by an admin. 365 return; 366 } 367 EnforcedAdmin enforcedAdmin = getAdminEnforcingCantRemoveProfile(); 368 if (enforcedAdmin != null) { 369 RestrictedLockUtils.sendShowAdminSupportDetailsIntent(DeviceAdminAdd.this, 370 enforcedAdmin); 371 return; 372 } 373 final int userId = UserHandle.myUserId(); 374 UserDialogs.createRemoveDialog(DeviceAdminAdd.this, userId, 375 new DialogInterface.OnClickListener() { 376 @Override 377 public void onClick(DialogInterface dialog, int which) { 378 UserManager um = UserManager.get(DeviceAdminAdd.this); 379 um.removeUser(userId); 380 finish(); 381 } 382 } 383 ).show(); 384 } else if (mUninstalling) { 385 mDPM.uninstallPackageWithActiveAdmins(mDeviceAdmin.getPackageName()); 386 finish(); 387 } else if (!mWaitingForRemoveMsg) { 388 try { 389 // Don't allow the admin to put a dialog up in front 390 // of us while we interact with the user. 391 ActivityManager.getService().stopAppSwitches(); 392 } catch (RemoteException e) { 393 } 394 mWaitingForRemoveMsg = true; 395 mDPM.getRemoveWarning(mDeviceAdmin.getComponent(), 396 new RemoteCallback(new RemoteCallback.OnResultListener() { 397 @Override 398 public void onResult(Bundle result) { 399 CharSequence msg = result != null 400 ? result.getCharSequence( 401 DeviceAdminReceiver.EXTRA_DISABLE_WARNING) 402 : null; 403 continueRemoveAction(msg); 404 } 405 }, mHandler)); 406 // Don't want to wait too long. 407 getWindow().getDecorView().getHandler().postDelayed(new Runnable() { 408 @Override public void run() { 409 continueRemoveAction(null); 410 } 411 }, 2*1000); 412 } 413 } 414 }); 415 } 416 addAndFinish()417 void addAndFinish() { 418 try { 419 logSpecialPermissionChange(true, mDeviceAdmin.getComponent().getPackageName()); 420 mDPM.setActiveAdmin(mDeviceAdmin.getComponent(), mRefreshing); 421 EventLog.writeEvent(EventLogTags.EXP_DET_DEVICE_ADMIN_ACTIVATED_BY_USER, 422 mDeviceAdmin.getActivityInfo().applicationInfo.uid); 423 setResult(Activity.RESULT_OK); 424 } catch (RuntimeException e) { 425 // Something bad happened... could be that it was 426 // already set, though. 427 Log.w(TAG, "Exception trying to activate admin " 428 + mDeviceAdmin.getComponent(), e); 429 if (mDPM.isAdminActive(mDeviceAdmin.getComponent())) { 430 setResult(Activity.RESULT_OK); 431 } 432 } 433 if (mAddingProfileOwner) { 434 try { 435 mDPM.setProfileOwner(mDeviceAdmin.getComponent(), 436 mProfileOwnerName, UserHandle.myUserId()); 437 } catch (RuntimeException re) { 438 setResult(Activity.RESULT_CANCELED); 439 } 440 } 441 finish(); 442 } 443 continueRemoveAction(CharSequence msg)444 void continueRemoveAction(CharSequence msg) { 445 if (!mWaitingForRemoveMsg) { 446 return; 447 } 448 mWaitingForRemoveMsg = false; 449 if (msg == null) { 450 try { 451 ActivityManager.getService().resumeAppSwitches(); 452 } catch (RemoteException e) { 453 } 454 logSpecialPermissionChange(false, mDeviceAdmin.getComponent().getPackageName()); 455 mDPM.removeActiveAdmin(mDeviceAdmin.getComponent()); 456 finish(); 457 } else { 458 try { 459 // Continue preventing anything from coming in front. 460 ActivityManager.getService().stopAppSwitches(); 461 } catch (RemoteException e) { 462 } 463 Bundle args = new Bundle(); 464 args.putCharSequence( 465 DeviceAdminReceiver.EXTRA_DISABLE_WARNING, msg); 466 showDialog(DIALOG_WARNING, args); 467 } 468 } 469 logSpecialPermissionChange(boolean allow, String packageName)470 void logSpecialPermissionChange(boolean allow, String packageName) { 471 int logCategory = allow ? MetricsProto.MetricsEvent.APP_SPECIAL_PERMISSION_ADMIN_ALLOW : 472 MetricsProto.MetricsEvent.APP_SPECIAL_PERMISSION_ADMIN_DENY; 473 FeatureFactory.getFactory(this).getMetricsFeatureProvider().action(this, logCategory, packageName); 474 } 475 476 @Override onResume()477 protected void onResume() { 478 super.onResume(); 479 mActionButton.setEnabled(true); 480 updateInterface(); 481 // As long as we are running, don't let anyone overlay stuff on top of the screen. 482 mAppOps.setUserRestriction(AppOpsManager.OP_SYSTEM_ALERT_WINDOW, true, mToken); 483 mAppOps.setUserRestriction(AppOpsManager.OP_TOAST_WINDOW, true, mToken); 484 485 } 486 487 @Override onPause()488 protected void onPause() { 489 super.onPause(); 490 // This just greys out the button. The actual listener is attached to R.id.restricted_action 491 mActionButton.setEnabled(false); 492 mAppOps.setUserRestriction(AppOpsManager.OP_SYSTEM_ALERT_WINDOW, false, mToken); 493 mAppOps.setUserRestriction(AppOpsManager.OP_TOAST_WINDOW, false, mToken); 494 try { 495 ActivityManager.getService().resumeAppSwitches(); 496 } catch (RemoteException e) { 497 } 498 } 499 500 @Override onUserLeaveHint()501 protected void onUserLeaveHint() { 502 super.onUserLeaveHint(); 503 // In case this is triggered from support dialog, finish this activity once the user leaves 504 // so that this won't appear as a background next time support dialog is triggered. This 505 // is because the support dialog activity and this belong to the same task and we can't 506 // start this in new activity since we need to know the calling package in this activity. 507 if (mIsCalledFromSupportDialog) { 508 finish(); 509 } 510 } 511 512 @Override onCreateDialog(int id, Bundle args)513 protected Dialog onCreateDialog(int id, Bundle args) { 514 switch (id) { 515 case DIALOG_WARNING: { 516 CharSequence msg = args.getCharSequence(DeviceAdminReceiver.EXTRA_DISABLE_WARNING); 517 AlertDialog.Builder builder = new AlertDialog.Builder(this); 518 builder.setMessage(msg); 519 builder.setPositiveButton(R.string.dlg_ok, 520 new DialogInterface.OnClickListener() { 521 public void onClick(DialogInterface dialog, int which) { 522 try { 523 ActivityManager.getService().resumeAppSwitches(); 524 } catch (RemoteException e) { 525 } 526 mDPM.removeActiveAdmin(mDeviceAdmin.getComponent()); 527 finish(); 528 } 529 }); 530 builder.setNegativeButton(R.string.dlg_cancel, null); 531 return builder.create(); 532 } 533 default: 534 return super.onCreateDialog(id, args); 535 536 } 537 } 538 updateInterface()539 void updateInterface() { 540 findViewById(R.id.restricted_icon).setVisibility(View.GONE); 541 mAdminIcon.setImageDrawable(mDeviceAdmin.loadIcon(getPackageManager())); 542 mAdminName.setText(mDeviceAdmin.loadLabel(getPackageManager())); 543 try { 544 mAdminDescription.setText( 545 mDeviceAdmin.loadDescription(getPackageManager())); 546 mAdminDescription.setVisibility(View.VISIBLE); 547 } catch (Resources.NotFoundException e) { 548 mAdminDescription.setVisibility(View.GONE); 549 } 550 if (mAddingProfileOwner) { 551 mProfileOwnerWarning.setVisibility(View.VISIBLE); 552 } 553 if (mAddMsgText != null) { 554 mAddMsg.setText(mAddMsgText); 555 mAddMsg.setVisibility(View.VISIBLE); 556 } else { 557 mAddMsg.setVisibility(View.GONE); 558 mAddMsgExpander.setVisibility(View.GONE); 559 } 560 if (!mRefreshing && !mAddingProfileOwner 561 && mDPM.isAdminActive(mDeviceAdmin.getComponent())) { 562 mAdding = false; 563 final boolean isProfileOwner = 564 mDeviceAdmin.getComponent().equals(mDPM.getProfileOwner()); 565 final boolean isManagedProfile = isManagedProfile(mDeviceAdmin); 566 if (isProfileOwner && isManagedProfile) { 567 // Profile owner in a managed profile, user can remove profile to disable admin. 568 mAdminWarning.setText(R.string.admin_profile_owner_message); 569 mActionButton.setText(R.string.remove_managed_profile_label); 570 571 final EnforcedAdmin admin = getAdminEnforcingCantRemoveProfile(); 572 final boolean hasBaseRestriction = hasBaseCantRemoveProfileRestriction(); 573 if (admin != null && !hasBaseRestriction) { 574 findViewById(R.id.restricted_icon).setVisibility(View.VISIBLE); 575 } 576 mActionButton.setEnabled(admin == null && !hasBaseRestriction); 577 } else if (isProfileOwner || mDeviceAdmin.getComponent().equals( 578 mDPM.getDeviceOwnerComponentOnCallingUser())) { 579 // Profile owner in a user or device owner, user can't disable admin. 580 if (isProfileOwner) { 581 // Show profile owner in a user description. 582 mAdminWarning.setText(R.string.admin_profile_owner_user_message); 583 } else { 584 // Show device owner description. 585 mAdminWarning.setText(R.string.admin_device_owner_message); 586 } 587 mActionButton.setText(R.string.remove_device_admin); 588 mActionButton.setEnabled(false); 589 } else { 590 addDeviceAdminPolicies(false /* showDescription */); 591 mAdminWarning.setText(getString(R.string.device_admin_status, 592 mDeviceAdmin.getActivityInfo().applicationInfo.loadLabel( 593 getPackageManager()))); 594 setTitle(R.string.active_device_admin_msg); 595 if (mUninstalling) { 596 mActionButton.setText(R.string.remove_and_uninstall_device_admin); 597 } else { 598 mActionButton.setText(R.string.remove_device_admin); 599 } 600 } 601 CharSequence supportMessage = mDPM.getLongSupportMessageForUser( 602 mDeviceAdmin.getComponent(), UserHandle.myUserId()); 603 if (!TextUtils.isEmpty(supportMessage)) { 604 mSupportMessage.setText(supportMessage); 605 mSupportMessage.setVisibility(View.VISIBLE); 606 } else { 607 mSupportMessage.setVisibility(View.GONE); 608 } 609 } else { 610 addDeviceAdminPolicies(true /* showDescription */); 611 mAdminWarning.setText(getString(R.string.device_admin_warning, 612 mDeviceAdmin.getActivityInfo().applicationInfo.loadLabel(getPackageManager()))); 613 if (mAddingProfileOwner) { 614 setTitle(getText(R.string.profile_owner_add_title)); 615 } else { 616 setTitle(getText(R.string.add_device_admin_msg)); 617 } 618 mActionButton.setText(getText(R.string.add_device_admin)); 619 if (isAdminUninstallable()) { 620 mUninstallButton.setVisibility(View.VISIBLE); 621 } 622 mSupportMessage.setVisibility(View.GONE); 623 mAdding = true; 624 } 625 } 626 getAdminEnforcingCantRemoveProfile()627 private EnforcedAdmin getAdminEnforcingCantRemoveProfile() { 628 // Removing a managed profile is disallowed if DISALLOW_REMOVE_MANAGED_PROFILE 629 // is set in the parent rather than the user itself. 630 return RestrictedLockUtils.checkIfRestrictionEnforced(this, 631 UserManager.DISALLOW_REMOVE_MANAGED_PROFILE, getParentUserId()); 632 } 633 hasBaseCantRemoveProfileRestriction()634 private boolean hasBaseCantRemoveProfileRestriction() { 635 return RestrictedLockUtils.hasBaseUserRestriction(this, 636 UserManager.DISALLOW_REMOVE_MANAGED_PROFILE, getParentUserId()); 637 } 638 getParentUserId()639 private int getParentUserId() { 640 return UserManager.get(this).getProfileParent(UserHandle.myUserId()).id; 641 } 642 addDeviceAdminPolicies(boolean showDescription)643 private void addDeviceAdminPolicies(boolean showDescription) { 644 if (!mAdminPoliciesInitialized) { 645 boolean isAdminUser = UserManager.get(this).isAdminUser(); 646 for (DeviceAdminInfo.PolicyInfo pi : mDeviceAdmin.getUsedPolicies()) { 647 int descriptionId = isAdminUser ? pi.description : pi.descriptionForSecondaryUsers; 648 int labelId = isAdminUser ? pi.label : pi.labelForSecondaryUsers; 649 View view = AppSecurityPermissions.getPermissionItemView(this, getText(labelId), 650 showDescription ? getText(descriptionId) : "", true); 651 mAdminPolicies.addView(view); 652 } 653 mAdminPoliciesInitialized = true; 654 } 655 } 656 toggleMessageEllipsis(View v)657 void toggleMessageEllipsis(View v) { 658 TextView tv = (TextView) v; 659 660 mAddMsgEllipsized = ! mAddMsgEllipsized; 661 tv.setEllipsize(mAddMsgEllipsized ? TruncateAt.END : null); 662 tv.setMaxLines(mAddMsgEllipsized ? getEllipsizedLines() : MAX_ADD_MSG_LINES); 663 664 mAddMsgExpander.setImageResource(mAddMsgEllipsized ? 665 com.android.internal.R.drawable.expander_ic_minimized : 666 com.android.internal.R.drawable.expander_ic_maximized); 667 } 668 getEllipsizedLines()669 int getEllipsizedLines() { 670 Display d = ((WindowManager) getSystemService(Context.WINDOW_SERVICE)) 671 .getDefaultDisplay(); 672 673 return d.getHeight() > d.getWidth() ? 674 MAX_ADD_MSG_LINES_PORTRAIT : MAX_ADD_MSG_LINES_LANDSCAPE; 675 } 676 677 /** 678 * @return true if adminInfo is running in a managed profile. 679 */ isManagedProfile(DeviceAdminInfo adminInfo)680 private boolean isManagedProfile(DeviceAdminInfo adminInfo) { 681 UserManager um = UserManager.get(this); 682 UserInfo info = um.getUserInfo( 683 UserHandle.getUserId(adminInfo.getActivityInfo().applicationInfo.uid)); 684 return info != null ? info.isManagedProfile() : false; 685 } 686 isAdminUninstallable()687 private boolean isAdminUninstallable() { 688 // System apps can't be uninstalled. 689 return !mDeviceAdmin.getActivityInfo().applicationInfo.isSystemApp(); 690 } 691 } 692