Don't back up / restore non-primary users' data

Christopher Tate · Christopher Tate · commit aac71ff46539 · 2012-08-13T17:36:14.000-07:00
For now only the device owner "user" gets cloud backups.  Also, only the
device owner account has access to local backup/restore.

Bug 6956438

Change-Id: I87d7ba5969e606c23f4214469f9bf2fd47a6c61b
diff --git a/core/java/android/os/UserId.java b/core/java/android/os/UserId.java
@@ -33,6 +33,8 @@ public final class UserId {
     /** A user id to indicate the currently active user */
     public static final int USER_CURRENT = -2;
 
+    /** A user id constant to indicate the "owner" user of the device */
+    public static final int USER_OWNER = 0;
 
     /**
      * Enable multi-user related side effects. Set this to false if there are problems with single
diff --git a/services/java/com/android/server/BackupManagerService.java b/services/java/com/android/server/BackupManagerService.java
@@ -65,6 +65,7 @@
 import android.os.RemoteException;
 import android.os.ServiceManager;
 import android.os.SystemClock;
+import android.os.UserId;
 import android.os.WorkSource;
 import android.os.storage.IMountService;
 import android.provider.Settings;
@@ -4845,6 +4846,18 @@ private void writeToJournalLocked(String str) {
     // ----- IBackupManager binder interface -----
 
     public void dataChanged(final String packageName) {
+        final int callingUserHandle = UserId.getCallingUserId();
+        if (callingUserHandle != UserId.USER_OWNER) {
+            // App is running under a non-owner user profile.  For now, we do not back
+            // up data from secondary user profiles.
+            // TODO: backups for all user profiles.
+            if (MORE_DEBUG) {
+                Slog.v(TAG, "dataChanged(" + packageName + ") ignored because it's user "
+                        + callingUserHandle);
+            }
+            return;
+        }
+
         final HashSet<String> targets = dataChangedTargets(packageName);
         if (targets == null) {
             Slog.w(TAG, "dataChanged but no participant pkg='" + packageName + "'"
@@ -4937,6 +4950,11 @@ public void fullBackup(ParcelFileDescriptor fd, boolean includeApks, boolean inc
             boolean doAllApps, boolean includeSystem, String[] pkgList) {
         mContext.enforceCallingPermission(android.Manifest.permission.BACKUP, "fullBackup");
 
+        final int callingUserHandle = UserId.getCallingUserId();
+        if (callingUserHandle != UserId.USER_OWNER) {
+            throw new IllegalStateException("Backup supported only for the device owner");
+        }
+
         // Validate
         if (!doAllApps) {
             if (!includeShared) {
@@ -5001,6 +5019,11 @@ public void fullBackup(ParcelFileDescriptor fd, boolean includeApks, boolean inc
     public void fullRestore(ParcelFileDescriptor fd) {
         mContext.enforceCallingPermission(android.Manifest.permission.BACKUP, "fullRestore");
 
+        final int callingUserHandle = UserId.getCallingUserId();
+        if (callingUserHandle != UserId.USER_OWNER) {
+            throw new IllegalStateException("Restore supported only for the device owner");
+        }
+
         long oldId = Binder.clearCallingIdentity();
 
         try {
