Previously many usages of UserManager.getProfiles and getEnabledProfiles
were only using ids of returned users. Given that the list of users needs
to be parceled and unparceled for Binder calls, returning array of ids
minimizes memory usage and serialization time.
A new method getProfileIds was introduced which returns an array of userIds.
Existing method calls were updated where appropriate.
Bug: 27705805
Change-Id: Ic5d5decd77567ba0f749e48837a2c6fa10e812c0
Also associating a lastUpdateTime with every widget. This allows
the host to query the widgets which were updated only after
the last stopListening call.
Change-Id: If9375cf2d8caa0ccca14b6649821d87ada1f3a84
* renamed getPackageSuspended => isPackageSuspended
* does not return false for an error, instead throws
NameNotFoundException if the package could not be
found, or if there is an unknown RemoteException,
wraps it in a RuntimeException and rethrows.
Bug: 27532430
Bug: 22776761
Change-Id: Iee00600089b1c0556a3312b10456826464fa8f9f
Mostly consists of removing the word "encryption" from most APIs,
since we can't actually make promises about the data being encrypted.
Bug: 27531029
Change-Id: Iace9d7c4e64716abf86ed11847c40f3947e1d625
Since the data returned by these calls can grow unbounded based on
various GET flags, we need to switch 'em over.
Bug: 27391893
Change-Id: Ie849ca30dbaaa91158da4c83675657715629a0ee
Stopped profiles may have a parent still running
hosting widgets so providers should remain.
Bug: 26842832
Change-Id: I3ef97222fcfa5b183744033ece133115b3c146c1
Do not show badge icon when the suspended package is not inside
a managed profile. Tapping on a masked widget should bring up the
relevant dialog similar to tapping on the app's launcher icon.
Bug: 26948327
Bug: 26924217
Change-Id: I2bf7ac718e55063bc8ea66573e89a62a97b91ff2
Wait for parent user to be unlocked before attempting
to load widgets for a user.
Fixes issue with profile being unlocked and AppWidgetServiceImpl
thinking it has loaded parents widgets while locked and
therefore not seeing any widgets.
Bug: 27037962
Change-Id: Ice9c5e6e1dd062a622c5f984eeb3531de893f9be
Avoid launchers removing widgets by handling case
where a widget host is in an unlocked parent user and
widget providers are in a locked managed profile.
For this case allow launcher to see the widgets from
non-crypto aware widget providers.
Mask out widgets from locked profiles.
Fix issue with widgets not being masked when adding
new widgets when user is locked / quiet or package
is suspended.
Bug: 26721345
Bug: 27037962
Change-Id: I60b5bd934c1547110e374ab4eefbee6aade37dc6
Instead of always rebuilding the full ApplicationInfo for a
package when callers are only interested in the suspended status
add a new fast API in Packagemanager (which only checks the
suspended user setting for the requested package and returns
a boolean) and change the appropriate caller code too.
Bug: 26794775
Bug: 22776761
Change-Id: Ide8428ef734479360d5a8a75fd8e0ed8ddf2da7a
Finish moving all UID/GID callers to single AIDL method that requires
callers to provide flags.
Triage AppWidgets and PrintServices, which currently can only live on
internal storage; we should revisit that later.
Fix two bugs where we'd drop pending install sessions and persisted
Uri grants for apps installed on external storage.
Bug: 26471205
Change-Id: I66fdfc737fda0042050d81ff8839de55c2b4effd
Only create UserState objects when a user has been unlocked, meaning
we can connect to the spooler. Ignore package events that occur
while a user is locked, since we'll kick off updateIfNeededLocked()
when that user is eventually unlocked.
In all other cases, throw if someone tries obtaining UserState for
a still-locked user. This should help catch any edge cases in the
system, and communicate clearly through public APIs that printing
isn't available until the user is unlocked.
Bug: 26246836
Change-Id: If15744621890baee206d355484fe20933afc65d8
Only parse and load AppWidget configuration details after a user has
been unlocked. Yell loudly if someone accidentally tries loading
data for a locked user.
Tidy up protected broadcast logic a bit more to handle persistent
processes. Add backwards compatible behavior for APPWIDGET_UPDATE
broadcast simliar to APPWIDGET_CONFIGURE, since some apps are sending
it to themselves.
Add hidden USER_HANDLE extra to a handful of broadcasts to make
logic more consistent.
Bug: 26247049, 26219971
Change-Id: I54e4f2e343488571f9baa1a316962f41186c1a2c
If a work profile is in quiet mode, mask widgets belonging to that profile
with a generic RemoteView.
Bug: 22541941
Change-Id: I3baa179630af497afa02b32f236d2bdaa4a75904
When a widget provider is removed from the whitelist
of widgets that work across profiles just remove the
currently bound widgets don't remove the provider.
This allows the provider to be added back to the whitelist
or to be used from widget hosts within the profile.
Bug: 21180997
Change-Id: I5d3a81fb088092b65cc4e8e158be4a292c5c8288
- In the existing logic, the call to onProvidersChanged() is called when a package
with widgets is added or removed, but only called when a package is updated _and_
there is an app widget bound to a host. This differs from what the expected
behavior is based on the documentation and means that packages with widgets that
update have no way of notifying host apps of changes except via package events.
Bug: 20698931
Change-Id: I60af36d51e99ca1ea751d9d9d03a50ef2d5bef98
b/19904873
> Reason: to prevent TransactionTooLargeException from occuring when
binder transaction size goes over the limit.
Change-Id: I054cb161d235234f3ccdaadd70314163e690b0db
Passing null to XmlPullParser.setInput forces it to do additional
work, which can be easily avoided if we know the charset beforehand.
bug: b/20849543
Change-Id: Iaff97be9df2d0f99d7af8f19f65934439c9658e2
Track package names of bound app widgets and use the list when
querying for idle apps.
Bug: 20066058
Change-Id: If8039397a061ef04bb13aa38d57cd7f0221f5fc7
Now that we have a separate foreground service proc state
(above a sleeping top app), update various system services
to put their bindings into this state when appropriate.
There are two new bind flags for this -- one that just always
makes it a foreground service, another that only does it when
the device is awake (useful for things like the wallpaper).
And with all of that, tweak network policy manager to only
include apps that are at least foreground service state when
in power save and device idle modes. This will allow us to
further reduce the set of apps that have network access
(in particular not giving access to the current top app when
the screen is off), hopefully leading to even better battery
life.
Change-Id: I91d85a5c5ed64e856149e9a5d94a634a7925ec7f
When cross profile widget whitelist is updated by device admin
remove providers for removed packages.
Bug: 19293923
Change-Id: I7a5f7b706486055346d906c89d48510bfe1ad352
During restore first the provider records and then the applications
are restored. Therefore, we keep the restored provider records in a
zombie state and once we get the package install broadcasts from the
package manager we update the zombie providers to be real ones. The
bug was that while doing this we were not updating the provider id
from one with an undefined UID to the one with the UID under which
its package now runs.
bug:17869323
Change-Id: I20b7cbfd2f90e2f5bf3a6b858d8da99cc1c82841
PackageManager and AppWidgetHostServiceImpl should
be loading the resources of any shared libraries being
used by the app, as they have references in their Widgets
or application icons/labels, etc.
Bug:17668152
Change-Id: I359662334edb125d7570089916727df4eeba02bb
When restoring app widget state from XML we read all providers,
hosts, and widgets and only after reading all hosts and providers
for all members of the group we hookup the widgets as they may
cross profile boundary. To esntablish the host-widget and provider-
widget relation we use a tag for the host and the provider that
are assigned before saving the state to XML. When restoring we
are using the tags to match widgets with hosts and providers. The
bug was that we were not clearing the tag of all hosts and providers
before reading from XML as we want the only tags that are defined
to be the ones we are reading. This resulted in wrong app widget
restore for a secondary user.
bug:17505027
Change-Id: I035d8f13142c6b9dbc9d658b82390f9cd8d75e0d
Use enforceCallingOrSelfPermission() for throwing a security exception
rather than creating the security exception ourselves. This has the
advantage that the exception is in a well known format expected by
the CTS test android.security.cts.ServicePermissionsTest#testDumpProtected
Bug: 17165920
Change-Id: I7d3c2d2a0852a490fe1d553cd81d1efc79d2fec3
We are checking whether an app can access an app widget
based on the calling uid and the package name. The package
is mostly to make sure that hosts in different apps do
not accidentally interfere whereas the security is enforced
by the uid.
When remote views adapter binds and unbinds to a remote
views serivce it was passing the package of the context we
create to load resources for the widget instead the package
of the host. Now it is passing the host package and also
we are checking if the caller of bind remove serivce API
is in uid that has the host package - this makes it
consistent with elsewhere.
bug:17226052
Change-Id: I2b0b6669e3dc027037b7481c2871cedabd642433
App widgets can be partially updated where only the actions delta
is delivered to the client. There was a regression where instead
of sending the delta, the merged remote views were sent. This was
problematic because certain actions are ignored when merging to
avoid clutter (specifically showNext and showPrevious), hence these
actions never reached the client.
bug:16844814
Change-Id: I88ab58e610cda24154985165e6d6d93a1baa9c79
1. Notify the hosts in the group if a package gets white-listed or
un-white-listed for providing widgets across profiles.
2. Notify hosts in the group for provider changes when a profile
is deleted.
bug:17126070
Change-Id: Ic719c1c68e45842d50decc95603f1d61583b8f02
We set the system_server classpath in the environment
(like we do with BOOTCLASSPATH). After the zygote forks
the system_server, we dexopt the classpath (if needed)
and then launch the system server with the correct
PathClassLoader. This needed several small / medium
refactorings :
- The logic for connecting to installd is now in a separate
class and belongs in the system_server.
- SystemService / SystemServiceManager have now moved to
classes.jar. They are only used from there, and since they
use Class.forName, we want them to be loaded by the
system_server classloader, and not the bootclassloader.
- BootReceiver now moves to frameworks.jar, because it is
used by ActivityThread and friends.
bug: 16555230
Change-Id: Ic84f0b2baf611eeedff6d123cb7191bb0259e600
An app can access widgets hosted or provided by its uid and package.
Access is also allowed if the caller has the bind app widgets permission
but this caller can be in the wrong user. Now the caller should not
only have the bind app widget permission but also be in the same user
as the host or the provider of the widget.
bug:16834230
Change-Id: I5ddb6309f63f2b4ba95360446c2b9584350fb66f
1. Added API for badging an arbitrary drawable at a given location.
2. Updated the icon and previewImage deprecation as they are no longer
returning a badged drawable. The methods to load the icon and the
preview are now just making it easier for a developer to get the
drawables.
3. Fixed a bug in AppWidgetServiceImpl leading to a crash when a user
is removed.
4. Fixed a bug in AppWidgetHost which was unnecessarily caching its
package name and having code paths where the cached value was not
populated when calling into the system.
bug:14991269
Change-Id: I50d011a6597d88814715d5ec04ee67815e8ce0bd
The goal of this change is to enable support for appwidget from
user profiles to the user main profile. A user profile is a user
which is associated as a child of the main user profile. For example,
a user may have a personal (parent) and corporate (child) profile.
The device policy should be able to control whether adding a widget
from a child profile and given packages is allowed. This change
assumes that all packages from managed profiles are white listed.
Another change will add the device policy changes.
Change-Id: I267260b55d74c48b112a29979a9f59eef7a8194e
-> Enforce that the passed intent's component belongs to the same package as the
passed AppWidget id.
issue 15287902
Change-Id: Ic85c38d399fe1cbb6f7efa844ae0f5367a1906ed
