BasicManageProfile申请设备管理user的流程分析

上篇双开中提及了BasicManagedProfile demo，本文分析下demo中申请manage profile user的流程

development/samples/browseable/BasicManagedProfile/src/com/example/android/basicmanagedprofile/SetupProfileFragment.java

private void provisionManagedProfile() {
...
Intent intent = new Intent(ACTION_PROVISION_MANAGED_PROFILE);
intent.putExtra(EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_NAME,
activity.getApplicationContext().getPackageName());
...
startActivityForResult(intent, REQUEST_PROVISION_MANAGED_PROFILE);
...
}

demo中的代码特别简单，就是发送intent就完了。后续流程会跳转到ManagedProvisioning.apk

源码位于packages/apps/ManagedProvisioning，这个apk个人理解是DevicePolicyManager的UI层面。

<activity
android:name=".uiflows.PreProvisioningActivity"
android:excludeFromRecents="true"
android:immersive="true"
android:launchMode="singleTop"
android:theme="@style/SetupWorkSpaceTheme">
<intent-filter android:priority="10">
<action android:name="android.app.action.PROVISION_MANAGED_PROFILE" />
<action android:name="android.app.action.PROVISION_MANAGED_USER" />
<action android:name="android.app.action.PROVISION_MANAGED_DEVICE" />
<action android:name="android.app.action.PROVISION_MANAGED_SHAREABLE_DEVICE" />
<category android:name="android.intent.category.DEFAULT" />
</intent-filter>
</activity>

从AndroidManifest中看到入口在PreProvisioningActivity

@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);

mController = new PreProvisioningController(
this,
this);

mController.initiateProvisioning(getIntent(), getCallingPackage());
}

跳转到PreProvisioningController.java中

public void initiateProvisioning(Intent intent, String callingPackage) {
...

mIsProfileOwnerProvisioning = mUtils.isProfileOwnerAction(mParams.provisioningAction);
...

// Initiate the corresponding provisioning mode
if (mIsProfileOwnerProvisioning) {
initiateProfileOwnerProvisioning(intent);
} else {
initiateDeviceOwnerProvisioning(intent);
}
}

这里mIsProfileOwnerProvisioning=true

private void initiateProfileOwnerProvisioning(Intent intent) {
mUi.initiateUi(
R.string.setup_work_profile,
R.string.setup_profile_start_setup,
R.string.company_controls_workspace,
R.string.the_following_is_your_mdm,
mParams);

// If there is already a managed profile, setup the profile deletion dialog.
int existingManagedProfileUserId = mUtils.alreadyHasManagedProfile(mContext);
if (existingManagedProfileUserId != -1) {
ComponentName mdmPackageName = mDevicePolicyManager
.getProfileOwnerAsUser(existingManagedProfileUserId);
String domainName = mDevicePolicyManager
.getProfileOwnerNameAsUser(existingManagedProfileUserId);
mUi.showDeleteManagedProfileDialog(mdmPackageName, domainName,
existingManagedProfileUserId);
}
}

代码主要分为两部分，第一个是初始化UI，第二个是如果系统中已有manage profile user的话，会先弹出删除当前manage profile user的UI，这里看出manage profile user只可以有一个

mUi实际上是PreProvisioningActivity

public void initiateUi(int headerRes, int titleRes, int consentRes, int mdmInfoRes,
ProvisioningParams params) {
// Setup the UI.
initializeLayoutParams(R.layout.user_consent, headerRes, false);
Button nextButton = (Button) findViewById(R.id.setup_button);
nextButton.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
mController.afterNavigateNext();
}
});
...
}

全部是UI的初始化代码，这个时候Activity就会等待用户点击唯一的按键继续后续流程

public void afterNavigateNext() {
...
mUi.showUserConsentDialog(mParams, mIsProfileOwnerProvisioning);
...
}

@Override
public void showUserConsentDialog(ProvisioningParams params,
boolean isProfileOwnerProvisioning) {
UserConsentDialog dialog;
if (isProfileOwnerProvisioning) {
dialog = UserConsentDialog.newProfileOwnerInstance();
} else {
dialog = UserConsentDialog.newDeviceOwnerInstance(!params.startedByTrustedSource);
}
dialog.show(getFragmentManager(), "UserConsentDialogFragment");
}

中间又是dialog的相关代码，这个太熟悉的不贴代码了，在dailog的点击事件中进行后续处理

@Override
public void onDialogConsent() {
...

mController.continueProvisioningAfterUserConsent();
}

后续一路跳转会到

@Override
public void startProfileOwnerProvisioning(ProvisioningParams params) {
Intent intent = new Intent(this, ProfileOwnerProvisioningActivity.class);
intent.putExtra(ProvisioningParams.EXTRA_PROVISIONING_PARAMS, params);
startActivityForResult(intent, PROVISIONING_REQUEST_CODE);
// Set cross-fade transition animation into the interstitial progress activity.
overridePendingTransition(android.R.anim.fade_in, android.R.anim.fade_out);
}

跳转到另一个Activity ProfileOwnerProvisioningActivity

@Override
protected void onResume() {
...

// Start service async to make sure the UI is loaded first.
final Handler handler = new Handler(getMainLooper());
handler.post(new Runnable() {
@Override
public void run() {
Intent intent = new Intent(ProfileOwnerProvisioningActivity.this,
ProfileOwnerProvisioningService.class);
intent.putExtras(getIntent());
startService(intent);
}
});
}

在onResume中启动了进行真正工作的Service ProfileOwnerProvisioningService

private class RunnerTask extends AsyncTask<Intent, Void, Void> {
@Override
protected Void doInBackground(Intent ... intents) {
...
initialize(intents[0]);
startManagedProfileOrUserProvisioning();
...
}
}

在onStartCommand中启动了自定义的异步任务

private void startManagedProfileOrUserProvisioning() throws ProvisioningException {

ProvisionLogger.logd("Starting managed profile or user provisioning");

if(isProvisioningManagedUser()) {
mManagedProfileOrUserInfo = mUserManager.getUserInfo(mUserManager.getUserHandle());
if(mManagedProfileOrUserInfo == null) {
throw raiseError("Couldn't get current user information");
}
} else {
// Work through the provisioning steps in their corresponding order
//代码流程会走到这里，创建profile user
createProfile(getString(R.string.default_managed_profile_name));
}
if (mManagedProfileOrUserInfo != null) {
final DeleteNonRequiredAppsTask deleteNonRequiredAppsTask; //删除新user不需要的app
final DisableInstallShortcutListenersTask disableInstallShortcutListenersTask; //禁止新user创建快捷方式
final DisableBluetoothSharingTask disableBluetoothSharingTask; //禁止蓝牙分享功能
final ManagedProfileSettingsTask managedProfileSettingsTask =
new ManagedProfileSettingsTask(this, mManagedProfileOrUserInfo.id);
//设置SettingProvider中的MANAGED_PROFILE_CONTACT_REMOTE_SEARCH字段，该字段功能详细可见
//packages/providers/ContactsProvider/src/com/android/providers/contacts/enterprise/EnterprisePolicyGuard.java
//能控制跨user查询联系人数据库的行为。

disableInstallShortcutListenersTask = new DisableInstallShortcutListenersTask(this,
mManagedProfileOrUserInfo.id);
disableBluetoothSharingTask = new DisableBluetoothSharingTask(
mManagedProfileOrUserInfo.id);
// TODO Add separate set of apps for MANAGED_USER, currently same as of DEVICE_OWNER.
deleteNonRequiredAppsTask = new DeleteNonRequiredAppsTask(this,
mParams.deviceAdminComponentName.getPackageName(),
(isProvisioningManagedUser() ? DeleteNonRequiredAppsTask.MANAGED_USER
: DeleteNonRequiredAppsTask.PROFILE_OWNER),
true /* creating new profile */,
mManagedProfileOrUserInfo.id, false /* delete non-required system apps */,
new DeleteNonRequiredAppsTask.Callback() {

@Override
public void onSuccess() {
// Need to explicitly handle exceptions here, as
// onError() is not invoked for failures in
// onSuccess().
try {
disableBluetoothSharingTask.run();
if (!isProvisioningManagedUser()) {
managedProfileSettingsTask.run();
disableInstallShortcutListenersTask.run();
}
setUpUserOrProfile();
} catch (ProvisioningException e) {
error(e.getMessage(), e);
} catch (Exception e) {startManagedProfileOrUserProvisioning
error("Provisioning failed", e);
}
finish();
}

@Override
public void onError() {
// Raise an error with a tracing exception attached.
error("Delete non required apps task failed.", new Exception());
finish();
}
});

deleteNonRequiredAppsTask.run();
}
}

这里先看下createProfile

private void createProfile(String profileName) throws ProvisioningException {

ProvisionLogger.logd("Creating managed profile with name " + profileName);

mManagedProfileOrUserInfo = mUserManager.createProfileForUser(profileName,
UserInfo.FLAG_MANAGED_PROFILE | UserInfo.FLAG_DISABLED,
Process.myUserHandle().getIdentifier());

if (mManagedProfileOrUserInfo == null) {
throw raiseError("Couldn't create profile.");
}
}

该方法就是调用UserManager创建了profile user，接下来走到setUpUserOrProfile

private void setUpUserOrProfile() throws ProvisioningException {
installMdmOnManagedProfile(); //创建BasicManagedProfile应用到新创建的user
setMdmAsActiveAdmin();  //设置BasicManagedProfile应用为当前的admin
setMdmAsManagedProfileOwner(); //设置BasicManagedProfile应用为profile user owner

if (!isProvisioningManagedUser()) {
setOrganizationColor();
setDefaultUserRestrictions();  //设置默认的限制，其实只有一条，就是不能更换壁纸
CrossProfileIntentFiltersHelper.setFilters( //使intent跨user使用的关键方法
getPackageManager(), getUserId(), mManagedProfileOrUserInfo.id);
if (!startManagedProfile(mManagedProfileOrUserInfo.id)) { //真正切换用户的方法
throw raiseError("Could not start user in background");
}
// Wait for ACTION_USER_UNLOCKED to be sent before trying to migrate the account.
// Even if no account is present, we should not send the provisioning complete broadcast
// before the managed profile user is properly started.
if ((mUnlockedReceiver != null) && !mUnlockedReceiver.waitForUserUnlocked()) {
return; //等待user创建完毕并为解锁状态，正常状况下不会走return
}

// Note: account migration must happen after setting the profile owner.
// Otherwise, there will be a time interval where some apps may think that the account
// does not have a profile owner.
//account在user间的迁移，对于BasicManagedProfile来说accountToMigrate是null
mUtils.maybeCopyAccount(this, mParams.accountToMigrate, Process.myUserHandle(),
mManagedProfileOrUserInfo.getUserHandle());
}
}

代码行数不多是因为基本每一行都是另一个方法的调用，其实做了大量的工作，整个app中到处使用的缩写mdm，展开是mobile device management application (MDM).

private boolean startManagedProfile(int userId)  {
ProvisionLogger.logd("Starting user in background");
IActivityManager iActivityManager = ActivityManagerNative.getDefault();
// Register a receiver for the Intent.ACTION_USER_UNLOCKED to know when the managed profile
// has been started and unlocked.
mUnlockedReceiver = new UserUnlockedReceiver(this, userId);
//接受user启动并解锁消息的Receiver，以便后续操作
try {
return iActivityManager.startUserInBackground(userId); //切换user到刚创建的profile user
} catch (RemoteException neverThrown) {
// Never thrown, as we are making local calls.
ProvisionLogger.loge("This should not happen.", neverThrown);
}
return false;
}

最终切换到刚创建的用户，整个流程结束。

从整个流程看PackageManagerService，ActivityManagerService，UserManagerService和DevicePolicyManager几个之间耦合的挺紧的，例如代码中AsUser为后缀的的各种方法肯定和UserManagerService相关；切换、启动，停止用户代码却不在UserManagerService中，而是在ActivityManagerService中；用户切换app的控制要通过PackageManagerService来完成；PackageManagerService最核心的工作是创建一个profile
user。要想彻底搞懂它们之间的关系，四个服务都要看呀，想想PackageManagerService.java就有21000+行...感到压力山大