Skip to content
Commit 9ace1112 authored by Alex Johnston's avatar Alex Johnston
Browse files

Restrict creation of secondary users 

Background
* Secondary users should be disabled
  when the device is an organization-owned
  managed profile device.
* This is because supporting secondary
  users would complicate the semantics of
  user restrictions.

Changes
* Add DISALLOW_ADD_USER as a base restriction
  when the device is an organization-owned
  managed profile device.
* Handle removal case when the device is no
  longer in this mode.
* Remove the ability of other admins to apply
  DISALLOW_ADD_USER.

Manual Testing Steps
* Provision an organization-owned managed
  profile device.
* Check Settings > System > Multiple users
  and verify that a user cannot be added.
* Check WP TestDPC 'Set user restrictions
  on parent' and verify 'Disallow add user'
  is not present.

Bug: 155281701
Test: Manual testing
      atest com.android.server.devicepolicy.DevicePolicyManagerTest
Change-Id: I83348fc8b854cef20383803124000540b5b130cb
parent 0cdc03a7
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment