Remove UID checks from LockPatternUtils

Jim Miller · Jim Miller · commit 25645d8bbcce · 2012-09-21T14:47:54.000-07:00
The UID checks should be unnecessary because LockPatternUtils already relies
on system permission checks in Settings, LockSettings, DevicePolicyManager
and Keystore.  These checks should already catch illegal operations.

This was interfering with the stand-alone test app for keyguard.

Change-Id: I2da2a729ca29feae9e962c2e360ec47490bcbbf0
diff --git a/core/java/com/android/internal/widget/LockPatternUtils.java b/core/java/com/android/internal/widget/LockPatternUtils.java
@@ -215,36 +215,26 @@ public void reportSuccessfulPasswordAttempt() {
     }
 
     public void setCurrentUser(int userId) {
-        if (Process.myUid() == Process.SYSTEM_UID) {
-            mCurrentUserId = userId;
-        } else {
-            throw new SecurityException("Only the system process can set the current user");
-        }
+        mCurrentUserId = userId;
     }
 
     public int getCurrentUser() {
-        if (Process.myUid() == Process.SYSTEM_UID) {
-            if (mCurrentUserId != UserHandle.USER_NULL) {
-                // Someone is regularly updating using setCurrentUser() use that value.
-                return mCurrentUserId;
-            }
-            try {
-                return ActivityManagerNative.getDefault().getCurrentUser().id;
-            } catch (RemoteException re) {
-                return UserHandle.USER_OWNER;
-            }
-        } else {
-            throw new SecurityException("Only the system process can get the current user");
+        if (mCurrentUserId != UserHandle.USER_NULL) {
+            // Someone is regularly updating using setCurrentUser() use that value.
+            return mCurrentUserId;
+        }
+        try {
+            return ActivityManagerNative.getDefault().getCurrentUser().id;
+        } catch (RemoteException re) {
+            return UserHandle.USER_OWNER;
         }
     }
 
     public void removeUser(int userId) {
-        if (Process.myUid() == Process.SYSTEM_UID) {
-            try {
-                getLockSettings().removeUser(userId);
-            } catch (RemoteException re) {
-                Log.e(TAG, "Couldn't remove lock settings for user " + userId);
-            }
+        try {
+            getLockSettings().removeUser(userId);
+        } catch (RemoteException re) {
+            Log.e(TAG, "Couldn't remove lock settings for user " + userId);
         }
     }
 
@@ -591,10 +581,6 @@ public void saveLockPassword(String password, int quality, boolean isFallback, i
         // Compute the hash
         final byte[] hash = passwordToHash(password);
         try {
-            if (Process.myUid() != Process.SYSTEM_UID && userHandle != UserHandle.myUserId()) {
-                throw new SecurityException(
-                        "Only the system process can save lock password for another user");
-            }
             getLockSettings().setLockPassword(hash, userHandle);
             DevicePolicyManager dpm = getDevicePolicyManager();
             KeyStore keyStore = KeyStore.getInstance();
