Merge "Remove dead code" into main (061621bb) · Commits · e / os / android_frameworks_base

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+1 −200

Original line number	Diff line number	Diff line
		@@ -76,6 +76,7 @@ import static android.Manifest.permission.MANAGE_DEVICE_POLICY_SCREEN_CONTENT;
		import static android.Manifest.permission.MANAGE_DEVICE_POLICY_SECURITY_LOGGING;
		import static android.Manifest.permission.MANAGE_DEVICE_POLICY_SMS;
		import static android.Manifest.permission.MANAGE_DEVICE_POLICY_STATUS_BAR;
		import static android.Manifest.permission.MANAGE_DEVICE_POLICY_STORAGE_LIMIT;
		import static android.Manifest.permission.MANAGE_DEVICE_POLICY_SUPPORT_MESSAGE;
		import static android.Manifest.permission.MANAGE_DEVICE_POLICY_SYSTEM_DIALOGS;
		import static android.Manifest.permission.MANAGE_DEVICE_POLICY_SYSTEM_UPDATES;
		@@ -88,7 +89,6 @@ import static android.Manifest.permission.MANAGE_DEVICE_POLICY_WALLPAPER;
		import static android.Manifest.permission.MANAGE_DEVICE_POLICY_WIFI;
		import static android.Manifest.permission.MANAGE_DEVICE_POLICY_WINDOWS;
		import static android.Manifest.permission.MANAGE_DEVICE_POLICY_WIPE_DATA;
		import static android.Manifest.permission.MANAGE_DEVICE_POLICY_STORAGE_LIMIT;
		import static android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS;
		import static android.Manifest.permission.MASTER_CLEAR;
		import static android.Manifest.permission.NOTIFY_PENDING_SYSTEM_UPDATE;
		@@ -116,7 +116,6 @@ import static android.app.admin.DeviceAdminInfo.USES_POLICY_FORCE_LOCK;
		import static android.app.admin.DeviceAdminInfo.USES_POLICY_WIPE_DATA;
		import static android.app.admin.DeviceAdminReceiver.ACTION_COMPLIANCE_ACKNOWLEDGEMENT_REQUIRED;
		import static android.app.admin.DeviceAdminReceiver.EXTRA_TRANSFER_OWNERSHIP_ADMIN_EXTRAS_BUNDLE;
		import static android.app.admin.DevicePolicyIdentifiers.AUTO_TIMEZONE_POLICY;
		import static android.app.admin.DevicePolicyManager.ACTION_CHECK_POLICY_COMPLIANCE;
		import static android.app.admin.DevicePolicyManager.ACTION_DEVICE_FINANCING_STATE_CHANGED;
		import static android.app.admin.DevicePolicyManager.ACTION_DEVICE_POLICY_RESOURCE_UPDATED;
		@@ -407,7 +406,6 @@ import android.hardware.usb.UsbManager;
		import android.location.Location;
		import android.location.LocationManager;
		import android.media.AudioManager;
		import android.media.IAudioService;
		import android.net.ConnectivityManager;
		import android.net.ConnectivitySettingsManager;
		import android.net.IIpConnectivityMetrics;
		@@ -1770,10 +1768,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		ServiceManager.getService(Context.BACKUP_SERVICE));
		}

		IAudioService getIAudioService() {
		return IAudioService.Stub.asInterface(ServiceManager.getService(Context.AUDIO_SERVICE));
		}

		PersistentDataBlockManagerInternal getPersistentDataBlockManagerInternal() {
		return LocalServices.getService(PersistentDataBlockManagerInternal.class);
		}
		@@ -1946,10 +1940,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		name, value, userHandle);
		}

		void settingsSecurePutInt(String name, int value) {
		Settings.Secure.putInt(mContext.getContentResolver(), name, value);
		}

		int settingsGlobalGetInt(String name, int def) {
		return Settings.Global.getInt(mContext.getContentResolver(), name, def);
		}
		@@ -1963,10 +1953,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		Settings.Global.putInt(mContext.getContentResolver(), name, value);
		}

		void settingsSecurePutString(String name, String value) {
		Settings.Secure.putString(mContext.getContentResolver(), name, value);
		}

		void settingsGlobalPutString(String name, String value) {
		Settings.Global.putString(mContext.getContentResolver(), name, value);
		}
		@@ -2907,16 +2893,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		return poAdmin;
		}

		@NonNull ActiveAdmin getOrganizationOwnedProfileOwnerLocked(final CallerIdentity caller) {
		Preconditions.checkCallAuthorization(
		mOwners.isProfileOwnerOfOrganizationOwnedDevice(caller.getUserId()),
		"Caller %s is not an admin of an org-owned device",
		caller.getComponentName());
		final ActiveAdmin profileOwner = getProfileOwnerLocked(caller.getUserId());

		return profileOwner;
		}

		ActiveAdmin getProfileOwnerOrDeviceOwnerLocked(@UserIdInt int userId) {
		ensureLocked();
		// Try to find an admin which can use reqPolicy
		@@ -2929,18 +2905,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		return getDeviceOwnerLocked(userId);
		}

		ActiveAdmin getProfileOwnerOrDefaultDeviceOwnerLocked(@UserIdInt int userId) {
		ensureLocked();
		// Try to find an admin which can use reqPolicy
		final ComponentName poAdminComponent = mOwners.getProfileOwnerComponent(userId);

		if (poAdminComponent != null) {
		return getProfileOwnerLocked(userId);
		}

		return getDefaultDeviceOwnerLocked(userId);
		}

		@NonNull ActiveAdmin getParentOfAdminIfRequired(ActiveAdmin admin, boolean parent) {
		Objects.requireNonNull(admin);
		return parent ? admin.getParentActiveAdmin() : admin;
		@@ -4448,25 +4412,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {

		}

		/**
		* Get the list of active admins for an affected user:
		* <ul>
		* <li>The active admins associated with the userHandle itself</li>
		* <li>The parent active admins for each managed profile associated with the userHandle</li>
		* </ul>
		*
		* @param userHandle the affected user for whom to get the active admins
		* @return the list of active admins for the affected user
		*/
		@GuardedBy("getLockObject()")
		private List<ActiveAdmin> getActiveAdminsForAffectedUserLocked(int userHandle) {
		if (isManagedProfile(userHandle)) {
		return getUserDataUnchecked(userHandle).mAdminList;
		}
		return getActiveAdminsForUserAndItsManagedProfilesLocked(userHandle,
		/* shouldIncludeProfileAdmins */ (user) -> false);
		}

		/**
		* Get the list of active admins for an affected user:
		* <ul>
		@@ -8688,17 +8633,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		.write();
		}

		// Set the latest screen capture policy, overriding any existing ones.
		// userHandle can be one of USER_ALL, USER_NULL or a concrete userId.
		private void setScreenCaptureDisabled(int userHandle) {
		int current = mPolicyCache.getScreenCaptureDisallowedUser();
		if (userHandle == current) {
		return;
		}
		mPolicyCache.setScreenCaptureDisallowedUser(userHandle);
		updateScreenCaptureDisabled();
		}

		/**
		* Returns whether or not screen capture is disabled for any active admin.
		*/
		@@ -9915,16 +9849,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		return doOrPo;
		}

		ActiveAdmin getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceParentLocked(int userId) {
		ensureLocked();
		ActiveAdmin admin = getDeviceOwnerAdminLocked();
		if (admin != null) {
		return admin;
		}
		admin = getProfileOwnerOfOrganizationOwnedDeviceLocked(userId);
		return admin != null ? admin.getParentActiveAdmin() : null;
		}

		@Override
		public void clearDeviceOwner(String packageName) {
		Objects.requireNonNull(packageName, "packageName is null");
		@@ -10253,13 +10177,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		return mInjector.hasUserSetupCompleted(getUserData(userHandle));
		}

		private boolean hasPaired(int userHandle) {
		if (!mHasFeature) {
		return true;
		}
		return getUserData(userHandle).mPaired;
		}

		@Override
		public int getUserProvisioningState(int userHandle) {
		if (!mHasFeature) {
		@@ -11054,16 +10971,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		return enforcingAdmin;
		}

		private void enforceCanCallLockTaskLocked(CallerIdentity caller) {
		Preconditions.checkCallAuthorization(isProfileOwner(caller)
		\|\| isDefaultDeviceOwner(caller) \|\| isFinancedDeviceOwner(caller));

		final int userId = caller.getUserId();
		if (!canDPCManagedUserUseLockTaskLocked(userId)) {
		throw new SecurityException("User " + userId + " is not allowed to use lock task");
		}
		}

		private boolean isSystemUid(CallerIdentity caller) {
		return UserHandle.isSameApp(caller.getUid(), Process.SYSTEM_UID);
		}
		@@ -14595,15 +14502,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		}
		}

		private void setLockTaskPackagesLocked(int userHandle, List<String> packages) {
		DevicePolicyData policy = getUserData(userHandle);
		policy.mLockTaskPackages = packages;

		// Store the settings persistently.
		saveSettingsLocked(userHandle);
		updateLockTaskPackagesLocked(mContext, packages, userHandle);
		}

		@Override
		public String[] getLockTaskPackages(ComponentName who, String callerPackageName) {
		CallerIdentity caller = getCallerIdentity(who, callerPackageName);
		@@ -14653,7 +14551,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		"Cannot use LOCK_TASK_FEATURE_NOTIFICATIONS without LOCK_TASK_FEATURE_HOME");

		CallerIdentity caller = getCallerIdentity(who, callerPackageName);
		final int userHandle = caller.getUserId();
		synchronized (getLockObject()) {
		checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_LOCK_TASK_FEATURES);
		}
		@@ -14689,13 +14586,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		}
		}

		private void setLockTaskFeaturesLocked(int userHandle, int flags) {
		DevicePolicyData policy = getUserData(userHandle);
		policy.mLockTaskFeatures = flags;
		saveSettingsLocked(userHandle);
		updateLockTaskFeaturesLocked(flags, userHandle);
		}

		@Override
		public int getLockTaskFeatures(ComponentName who, String callerPackageName) {
		CallerIdentity caller = getCallerIdentity(who, callerPackageName);
		@@ -16171,29 +16061,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		}
		}


		/**
		* Excludes restrictions imposed by UserManager.
		*/
		private List<UserManager.EnforcingUser> getDevicePolicySources(
		List<UserManager.EnforcingUser> sources) {
		int sizeBefore = sources.size();
		List<UserManager.EnforcingUser> realSources = new ArrayList<>(sizeBefore);
		for (int i = 0; i < sizeBefore; i++) {
		UserManager.EnforcingUser source = sources.get(i);
		int type = source.getUserRestrictionSource();
		if (type != UserManager.RESTRICTION_SOURCE_PROFILE_OWNER
		&& type != UserManager.RESTRICTION_SOURCE_DEVICE_OWNER) {
		// TODO(b/128928355): add unit test
		Slogf.d(LOG_TAG, "excluding source of type %s at index %d",
		userRestrictionSourceToString(type), i);
		continue;
		}
		realSources.add(source);
		}
		return realSources;
		}

		private static String userRestrictionSourceToString(@UserRestrictionSource int source) {
		return DebugUtils.flagsToString(UserManager.class, "RESTRICTION_", source);
		}
		@@ -20870,17 +20737,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		}
		}

		private void suspendPersonalAppsInPackageManager(int userId) {
		mInjector.binderWithCleanCallingIdentity(() -> {
		final String[] appsToSuspend = mInjector.getPersonalAppsForSuspension(userId);
		final String[] failedApps = mInjector.getPackageManagerInternal()
		.setPackagesSuspendedByAdmin(userId, appsToSuspend, true);
		if (!ArrayUtils.isEmpty(failedApps)) {
		Slogf.wtf(LOG_TAG, "Failed to suspend apps: " + String.join(",", failedApps));
		}
		});
		}

		private void notifyIfManagedSubscriptionsAreUnavailable(
		UserHandle managedProfile, boolean managedProfileAvailable) {
		if (!isManagedProfile(managedProfile.getIdentifier())) {
		@@ -23329,14 +23185,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		return getEnforcingAdminForCaller(admin, callerPackageName);
		}

		private static final HashMap<String, String> POLICY_IDENTIFIER_TO_PERMISSION = new HashMap<>();
		{
		POLICY_IDENTIFIER_TO_PERMISSION.put(AUTO_TIMEZONE_POLICY, SET_TIME_ZONE);
		}

		private static final HashMap<String, Integer> POLICY_IDENTIFIER_TO_ACTIVE_ADMIN_POLICY =
		new HashMap<>();

		/**
		* Checks if the calling process has been granted permission to apply a device policy.
		*
		@@ -23355,7 +23203,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		}
		}


		/**
		* Checks if the calling process has been granted permission to apply a device policy on a
		* specific user. Only one permission provided in the list needs to be granted to pass this
		@@ -24455,52 +24302,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		}
		}

		// We need to add a mapping of policyId to permission in POLICY_IDENTIFIER_TO_PERMISSION
		// for each migrated permission.
		private List<ActiveAdmin> getNonDPCActiveAdminsForPolicyLocked(String policyIdentifier) {
		Integer activeAdminPolicy = POLICY_IDENTIFIER_TO_ACTIVE_ADMIN_POLICY.get(policyIdentifier);
		if (activeAdminPolicy == null) {
		Slogf.e(LOG_TAG,
		"Can't find a active admin policy for %s in POLICY_IDENTIFIER_TO_PERMISSION",
		policyIdentifier);
		return new ArrayList<>();
		}

		List<ActiveAdmin> admins = new ArrayList<>();
		for (UserInfo userInfo : mUserManager.getUsers()) {
		List<ComponentName> activeAdmins = getActiveAdmins(userInfo.id);
		for (ComponentName admin : activeAdmins) {
		if (isDeviceOwner(admin, userInfo.id) \|\| isProfileOwner(admin, userInfo.id)) {
		continue;
		}
		DevicePolicyData policy = getUserDataUnchecked(userInfo.id);
		if (isActiveAdminWithPolicyForUserLocked(
		policy.mAdminMap.get(admin), activeAdminPolicy,
		userInfo.id)) {
		admins.add(policy.mAdminMap.get(admin));
		}
		}
		}
		return admins;
		}

		// TODO: this can actually accept an EnforcingAdmin that gets created in the permission
		// check method.
		private boolean isCallerActiveAdminOrDelegate(
		CallerIdentity caller, @Nullable String delegateScope) {
		return mInjector.binderWithCleanCallingIdentity(() -> {
		List<ComponentName> activeAdmins = getActiveAdmins(caller.getUserId());
		if (activeAdmins != null) {
		for (ComponentName admin : activeAdmins) {
		if (admin.getPackageName().equals(caller.getPackageName())) {
		return true;
		}
		}
		}
		return delegateScope != null && isCallerDelegate(caller, delegateScope);
		});
		}

		private ActiveAdmin getActiveAdminForCaller(@Nullable ComponentName who,
		CallerIdentity caller) {
		synchronized (getLockObject()) {

services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceTestable.java

+0 −22

Original line number	Diff line number	Diff line
		@@ -30,8 +30,6 @@ import android.content.Intent;
		import android.content.pm.IPackageManager;
		import android.content.pm.PackageManagerInternal;
		import android.database.ContentObserver;
		import android.hardware.usb.UsbManager;
		import android.media.IAudioService;
		import android.net.IIpConnectivityMetrics;
		import android.net.Uri;
		import android.os.Bundle;
		@@ -215,11 +213,6 @@ public class DevicePolicyManagerServiceTestable extends DevicePolicyManagerServi
		return services.lockSettingsInternal;
		}

		@Override
		IAudioService getIAudioService() {
		return services.iaudioService;
		}

		@Override
		PersistentDataBlockManagerInternal getPersistentDataBlockManagerInternal() {
		return services.persistentDataBlockManagerInternal;
		@@ -243,11 +236,6 @@ public class DevicePolicyManagerServiceTestable extends DevicePolicyManagerServi
		return services.lockPatternUtils;
		}

		@Override
		UsbManager getUsbManager() {
		return services.usbManager;
		}

		@Override
		boolean storageManagerIsFileBasedEncryptionEnabled() {
		return services.storageManager.isFileBasedEncryptionEnabled();
		@@ -379,21 +367,11 @@ public class DevicePolicyManagerServiceTestable extends DevicePolicyManagerServi
		services.settings.settingsGlobalPutStringForUser(name, value, userHandle);
		}

		@Override
		void settingsSecurePutInt(String name, int value) {
		services.settings.settingsSecurePutInt(name, value);
		}

		@Override
		void settingsGlobalPutInt(String name, int value) {
		services.settings.settingsGlobalPutInt(name, value);
		}

		@Override
		void settingsSecurePutString(String name, String value) {
		services.settings.settingsSecurePutString(name, value);
		}

		@Override
		void settingsGlobalPutString(String name, String value) {
		services.settings.settingsGlobalPutString(name, value);