Enforce DISALLOW_ADD_MANAGED_PROFILE

            "com.android.server.action.BUGREPORT_SHARING_DECLINED";

    /**

     * Action: Bugreport has been collected and is dispatched to {@link DevicePolicyManagerService}.

     * Action: Bugreport has been collected and is dispatched to {@code DevicePolicyManagerService}.

     *

     * @hide

     */

    public @interface UserProvisioningState {}

    /**

     * Result code for {@link checkProvisioningPreCondition}.

     * Result code for {@link #checkProvisioningPreCondition}.

     *

     * <p>Returned for {@link #ACTION_PROVISION_MANAGED_DEVICE},

     * {@link #ACTION_PROVISION_MANAGED_PROFILE}, {@link #ACTION_PROVISION_MANAGED_USER} and

    public static final int CODE_OK = 0;

    /**

     * Result code for {@link checkProvisioningPreCondition}.

     * Result code for {@link #checkProvisioningPreCondition}.

     *

     * <p>Returned for {@link #ACTION_PROVISION_MANAGED_DEVICE} and

     * {@link #ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE} when the device already has a device

    public static final int CODE_HAS_DEVICE_OWNER = 1;

    /**

     * Result code for {@link checkProvisioningPreCondition}.

     * Result code for {@link #checkProvisioningPreCondition}.

     *

     * <p>Returned for {@link #ACTION_PROVISION_MANAGED_DEVICE},

     * {@link #ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE} when the user has a profile owner and for

    public static final int CODE_USER_HAS_PROFILE_OWNER = 2;

    /**

     * Result code for {@link checkProvisioningPreCondition}.

     * Result code for {@link #checkProvisioningPreCondition}.

     *

     * <p>Returned for {@link #ACTION_PROVISION_MANAGED_DEVICE} and

     * {@link #ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE} when the user isn't running.

    public static final int CODE_USER_NOT_RUNNING = 3;

    /**

     * Result code for {@link checkProvisioningPreCondition}.

     * Result code for {@link #checkProvisioningPreCondition}.

     *

     * <p>Returned for {@link #ACTION_PROVISION_MANAGED_DEVICE},

     * {@link #ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE} if the device has already been setup and

    public static final int CODE_ACCOUNTS_NOT_EMPTY = 6;

    /**

     * Result code for {@link checkProvisioningPreCondition}.

     * Result code for {@link #checkProvisioningPreCondition}.

     *

     * <p>Returned for {@link #ACTION_PROVISION_MANAGED_DEVICE} and

     * {@link #ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE} if the user is not a system user.

    public static final int CODE_NOT_SYSTEM_USER = 7;

    /**

     * Result code for {@link checkProvisioningPreCondition}.

     * Result code for {@link #checkProvisioningPreCondition}.

     *

     * <p>Returned for {@link #ACTION_PROVISION_MANAGED_DEVICE},

     * {@link #ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE} and {@link #ACTION_PROVISION_MANAGED_USER}

    public static final int CODE_HAS_PAIRED = 8;

    /**

     * Result code for {@link checkProvisioningPreCondition}.

     * Result code for {@link #checkProvisioningPreCondition}.

     *

     * <p>Returned for {@link #ACTION_PROVISION_MANAGED_PROFILE} and

     * {@link #ACTION_PROVISION_MANAGED_USER} on devices which do not support managed users.

    public static final int CODE_MANAGED_USERS_NOT_SUPPORTED = 9;

    /**

     * Result code for {@link checkProvisioningPreCondition}.

     * Result code for {@link #checkProvisioningPreCondition}.

     *

     * <p>Returned for {@link #ACTION_PROVISION_MANAGED_USER} if the user is a system user.

     *

    public static final int CODE_SYSTEM_USER = 10;

    /**

     * Result code for {@link checkProvisioningPreCondition}.

     * Result code for {@link #checkProvisioningPreCondition}.

     *

     * <p>Returned for {@link #ACTION_PROVISION_MANAGED_PROFILE} when the user cannot have more

     * managed profiles.

    public static final int CODE_CANNOT_ADD_MANAGED_PROFILE = 11;

    /**

     * Result code for {@link checkProvisioningPreCondition}.

     * Result code for {@link #checkProvisioningPreCondition}.

     *

     * <p>Returned for {@link #ACTION_PROVISION_MANAGED_USER} and

     * {@link #ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE} on devices not running with split system

    public static final int CODE_NOT_SYSTEM_USER_SPLIT = 12;

    /**

     * Result code for {@link checkProvisioningPreCondition}.

     * Result code for {@link #checkProvisioningPreCondition}.

     *

     * <p>Returned for {@link #ACTION_PROVISION_MANAGED_DEVICE},

     * {@link #ACTION_PROVISION_MANAGED_PROFILE}, {@link #ACTION_PROVISION_MANAGED_USER} and

    public static final int CODE_DEVICE_ADMIN_NOT_SUPPORTED = 13;

    /**

     * Result code for {@link checkProvisioningPreCondition}.

     * Result code for {@link #checkProvisioningPreCondition}.

     *

     * <p>Returned for {@link #ACTION_PROVISION_MANAGED_PROFILE} when the device the user is a

     * system user on a split system user device.

    public static final int CODE_SPLIT_SYSTEM_USER_DEVICE_SYSTEM_USER = 14;

    /**

     * Result codes for {@link checkProvisioningPreCondition} indicating all the provisioning pre

     * Result code for {@link #checkProvisioningPreCondition}.

     *

     * <p>Returned for {@link #ACTION_PROVISION_MANAGED_PROFILE} when adding a managed profile is

     * disallowed by {@link UserManager#DISALLOW_ADD_MANAGED_PROFILE}.

     *

     * @hide

     */

    public static final int CODE_ADD_MANAGED_PROFILE_DISALLOWED = 15;

    /**

     * Result codes for {@link #checkProvisioningPreCondition} indicating all the provisioning pre

     * conditions.

     *

     * @hide

            CODE_USER_SETUP_COMPLETED, CODE_NOT_SYSTEM_USER, CODE_HAS_PAIRED,

            CODE_MANAGED_USERS_NOT_SUPPORTED, CODE_SYSTEM_USER, CODE_CANNOT_ADD_MANAGED_PROFILE,

            CODE_NOT_SYSTEM_USER_SPLIT, CODE_DEVICE_ADMIN_NOT_SUPPORTED,

            CODE_SPLIT_SYSTEM_USER_DEVICE_SYSTEM_USER})

            CODE_SPLIT_SYSTEM_USER_DEVICE_SYSTEM_USER, CODE_ADD_MANAGED_PROFILE_DISALLOWED})

    public @interface ProvisioningPreCondition {}

    /**

    }

    /**

     * Returns if provisioning a managed profile or device is possible or not.

     * Returns whether it is possible for the caller to initiate provisioning of a managed profile

     * or device, setting itself as the device or profile owner.

     *

     * @param action One of {@link #ACTION_PROVISION_MANAGED_DEVICE},

     * {@link #ACTION_PROVISION_MANAGED_PROFILE}.

     * @return if provisioning a managed profile or device is possible or not.

     * @return whether provisioning a managed profile or device is possible.

     * @throws IllegalArgumentException if the supplied action is not valid.

     */

    public boolean isProvisioningAllowed(String action) {

    public boolean isProvisioningAllowed(@NonNull String action) {

        throwIfParentInstance("isProvisioningAllowed");

        try {

            return mService.isProvisioningAllowed(action);

            return mService.isProvisioningAllowed(action, mContext.getPackageName());

        } catch (RemoteException re) {

            throw re.rethrowFromSystemServer();

        }

    }

    /**

     * Checks if provisioning a managed profile or device is possible and returns one of the

     * {@link ProvisioningPreCondition}.

     * Checks whether it is possible to initiate provisioning a managed device,

     * profile or user, setting the given package as owner.

     *

     * @param action One of {@link #ACTION_PROVISION_MANAGED_DEVICE},

     *        {@link #ACTION_PROVISION_MANAGED_PROFILE},

     *        {@link #ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE},

     *        {@link #ACTION_PROVISION_MANAGED_USER}

     * @param packageName The package of the component that would be set as device, user, or profile

     *        owner.

     * @return A {@link ProvisioningPreCondition} value indicating whether provisioning is allowed.

     * @hide

     */

    public @ProvisioningPreCondition int checkProvisioningPreCondition(String action) {

    public @ProvisioningPreCondition int checkProvisioningPreCondition(

            String action, @NonNull String packageName) {

        try {

            return mService.checkProvisioningPreCondition(action);

            return mService.checkProvisioningPreCondition(action, packageName);

        } catch (RemoteException re) {

            throw re.rethrowFromSystemServer();

        }

     * @hide

     * Force update user setup completed status. This API has no effect on user build.

     * @throws {@link SecurityException} if the caller has no

     *         {@link android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS} or the caller is

     *         not {@link UserHandle.SYSTEM_USER}

     *         {@code android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS} or the caller is

     *         not {@link UserHandle#SYSTEM_USER}

     */

    public void forceUpdateUserSetupComplete() {

        try {

    boolean setPermissionGrantState(in ComponentName admin, String packageName,

            String permission, int grantState);

    int getPermissionGrantState(in ComponentName admin, String packageName, String permission);

    boolean isProvisioningAllowed(String action);

    int checkProvisioningPreCondition(String action);

    boolean isProvisioningAllowed(String action, String packageName);

    int checkProvisioningPreCondition(String action, String packageName);

    void setKeepUninstalledPackages(in ComponentName admin,in List<String> packageList);

    List<String> getKeepUninstalledPackages(in ComponentName admin);

    boolean isManagedProfile(in ComponentName admin);

import static android.Manifest.permission.MANAGE_CA_CERTIFICATES;

import static android.app.admin.DevicePolicyManager.CODE_ACCOUNTS_NOT_EMPTY;

import static android.app.admin.DevicePolicyManager.CODE_ADD_MANAGED_PROFILE_DISALLOWED;

import static android.app.admin.DevicePolicyManager.CODE_CANNOT_ADD_MANAGED_PROFILE;

import static android.app.admin.DevicePolicyManager.CODE_DEVICE_ADMIN_NOT_SUPPORTED;

import static android.app.admin.DevicePolicyManager.CODE_HAS_DEVICE_OWNER;

        mSecurityLogMonitor = new SecurityLogMonitor(this);

        mHasFeature = mContext.getPackageManager()

        mHasFeature = mInjector.getPackageManager()

                .hasSystemFeature(PackageManager.FEATURE_DEVICE_ADMIN);

        mIsWatch = mContext.getPackageManager()

        mIsWatch = mInjector.getPackageManager()

                .hasSystemFeature(PackageManager.FEATURE_WATCH);

        if (!mHasFeature) {

            // Skip the rest of the initialization

            }

            try {

                int uid = mContext.getPackageManager().getPackageUidAsUser(

                int uid = mInjector.getPackageManager().getPackageUidAsUser(

                        policy.mDelegatedCertInstallerPackage, userHandle);

                return uid == callingUid;

            } catch (NameNotFoundException e) {

        }

    }

    private boolean isDeviceOwnerPackage(String packageName, int userId) {

        synchronized (this) {

            return mOwners.hasDeviceOwner()

                    && mOwners.getDeviceOwnerUserId() == userId

                    && mOwners.getDeviceOwnerPackageName().equals(packageName);

        }

    }

    public boolean isProfileOwner(ComponentName who, int userId) {

        final ComponentName profileOwner = getProfileOwner(userId);

        return who != null && who.equals(profileOwner);

        Preconditions.checkNotNull(packageName, "packageName is null");

        final int callingUid = mInjector.binderGetCallingUid();

        try {

            int uid = mContext.getPackageManager().getPackageUidAsUser(packageName,

            int uid = mInjector.getPackageManager().getPackageUidAsUser(packageName,

                    UserHandle.getUserId(callingUid));

            if (uid != callingUid) {

                throw new SecurityException("Invalid packageName");

            }

            try {

                int uid = mContext.getPackageManager().getPackageUidAsUser(

                int uid = mInjector.getPackageManager().getPackageUidAsUser(

                        policy.mApplicationRestrictionsManagingPackage, userHandle);

                return uid == callingUid;

            } catch (NameNotFoundException e) {

            }

            final String deviceOwnerPackageName = mOwners.getDeviceOwnerComponent()

                    .getPackageName();

            final String[] pkgs = mContext.getPackageManager().getPackagesForUid(callerUid);

            final String[] pkgs = mInjector.getPackageManager().getPackagesForUid(callerUid);

            for (String pkg : pkgs) {

                if (deviceOwnerPackageName.equals(pkg)) {

            ActivityInfo[] receivers = null;

            try {

                receivers  = mContext.getPackageManager().getPackageInfo(

                receivers  = mInjector.getPackageManager().getPackageInfo(

                        deviceOwnerPackage, PackageManager.GET_RECEIVERS).receivers;

            } catch (NameNotFoundException e) {

                Log.e(LOG_TAG, "Cannot find device owner package", e);

                        < android.os.Build.VERSION_CODES.M) {

                    return false;

                }

                final PackageManager packageManager = mContext.getPackageManager();

                final PackageManager packageManager = mInjector.getPackageManager();

                switch (grantState) {

                    case DevicePolicyManager.PERMISSION_GRANT_STATE_GRANTED: {

                        mInjector.getPackageManagerInternal().grantRuntimePermission(packageName,

    @Override

    public int getPermissionGrantState(ComponentName admin, String packageName,

            String permission) throws RemoteException {

        PackageManager packageManager = mContext.getPackageManager();

        PackageManager packageManager = mInjector.getPackageManager();

        UserHandle user = mInjector.binderGetCallingUserHandle();

        synchronized (this) {

    }

    @Override

    public boolean isProvisioningAllowed(String action) {

        return checkProvisioningPreConditionSkipPermission(action) == CODE_OK;

    public boolean isProvisioningAllowed(String action, String packageName) {

        Preconditions.checkNotNull(packageName);

        final int callingUid = mInjector.binderGetCallingUid();

        final long ident = mInjector.binderClearCallingIdentity();

        try {

            final int uidForPackage = mInjector.getPackageManager().getPackageUidAsUser(

                    packageName, UserHandle.getUserId(callingUid));

            Preconditions.checkArgument(callingUid == uidForPackage,

                    "Caller uid doesn't match the one for the provided package.");

        } catch (NameNotFoundException e) {

            throw new IllegalArgumentException("Invalid package provided " + packageName, e);

        } finally {

            mInjector.binderRestoreCallingIdentity(ident);

        }

        return checkProvisioningPreConditionSkipPermission(action, packageName) == CODE_OK;

    }

    @Override

    public int checkProvisioningPreCondition(String action) {

    public int checkProvisioningPreCondition(String action, String packageName) {

        Preconditions.checkNotNull(packageName);

        enforceCanManageProfileAndDeviceOwners();

        return checkProvisioningPreConditionSkipPermission(action);

        return checkProvisioningPreConditionSkipPermission(action, packageName);

    }

    private int checkProvisioningPreConditionSkipPermission(String action) {

    private int checkProvisioningPreConditionSkipPermission(String action, String packageName) {

        if (!mHasFeature) {

            return CODE_DEVICE_ADMIN_NOT_SUPPORTED;

        }

        if (action != null) {

            switch (action) {

                case DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE:

                    return checkManagedProfileProvisioningPreCondition(callingUserId);

                    return checkManagedProfileProvisioningPreCondition(packageName, callingUserId);

                case DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE:

                    return checkDeviceOwnerProvisioningPreCondition(callingUserId);

                case DevicePolicyManager.ACTION_PROVISION_MANAGED_USER:

        }

    }

    private int checkManagedProfileProvisioningPreCondition(int callingUserId) {

    private int checkManagedProfileProvisioningPreCondition(String packageName, int callingUserId) {

        if (!hasFeatureManagedUsers()) {

            return CODE_MANAGED_USERS_NOT_SUPPORTED;

        }

            // Managed user cannot have a managed profile.

            return CODE_USER_HAS_PROFILE_OWNER;

        }

        final long ident = mInjector.binderClearCallingIdentity();

        try {

             /* STOPSHIP(b/31952368) Reinstate a check similar to this once ManagedProvisioning

                   uses checkProvisioningPreCondition (see ag/1607846) and passes the packageName

                   there. In isProvisioningAllowed we should check isCallerDeviceOwner, but for

                   managed provisioning we need to check the package that is going to be set as PO

                if (mUserManager.hasUserRestriction(UserManager.DISALLOW_ADD_MANAGED_PROFILE)) {

                    if (!isCallerDeviceOwner(callingUid)

            final UserHandle callingUserHandle = UserHandle.of(callingUserId);

            if (mUserManager.hasUserRestriction(

                    UserManager.DISALLOW_ADD_MANAGED_PROFILE, callingUserHandle)) {

                // The DO can initiate provisioning if the restriction was set by the DO.

                if (!isDeviceOwnerPackage(packageName, callingUserId)

                        || isAdminAffectedByRestriction(mOwners.getDeviceOwnerComponent(),

                                UserManager.DISALLOW_ADD_MANAGED_PROFILE, callingUserId)) {

                    // Caller is not DO or the restriction was set by the system.

                    return false;

                    return CODE_ADD_MANAGED_PROFILE_DISALLOWED;

                }

                } */

            }

            // TODO: Allow it if the caller is the DO? DO could just call removeUser() before

            // provisioning, so not strictly required...

            boolean canRemoveProfile = !mUserManager.hasUserRestriction(

                        UserManager.DISALLOW_REMOVE_MANAGED_PROFILE, UserHandle.of(callingUserId));

                        UserManager.DISALLOW_REMOVE_MANAGED_PROFILE, callingUserHandle);

            if (!mUserManager.canAddMoreManagedProfiles(callingUserId, canRemoveProfile)) {

                return CODE_CANNOT_ADD_MANAGED_PROFILE;

            }

                eq(packageName),

                eq(0),

                eq(userId));

        doReturn(ai.uid).when(mMockContext.packageManager).getPackageUidAsUser(

                eq(packageName),

                eq(userId));

    }

    protected void setUpPackageManagerForAdmin(ComponentName admin, int packageUid)