Loading core/java/android/app/admin/DevicePolicyManagerInternal.java +6 −0 Original line number Diff line number Diff line Loading @@ -349,4 +349,10 @@ public abstract class DevicePolicyManagerInternal { */ public abstract void setInternalEventsCallback( @Nullable Consumer<List<SecurityLog.SecurityEvent>> callback); /** * Removes all policies associated with admins with `packageName` and `userId`. */ public abstract void removePoliciesForAdmins( @NonNull String packageName, @UserIdInt int userId); } core/java/android/app/supervision/flags.aconfig +8 −0 Original line number Diff line number Diff line Loading @@ -110,3 +110,11 @@ flag { description: "Enable restricting factory reset when device supervision is enabled and a supervision PIN recovery method is set" bug: "383624414" } flag { name: "enable_remove_policies_on_supervision_disable" is_exported: false namespace: "supervision" description: "Removes all enforced policies to the user when supervision is disabled." bug: "414575617" } services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyEngine.java +35 −0 Original line number Diff line number Diff line Loading @@ -31,6 +31,7 @@ import static android.content.pm.UserProperties.INHERIT_DEVICE_POLICY_FROM_PAREN import android.Manifest; import android.annotation.NonNull; import android.annotation.Nullable; import android.annotation.UserIdInt; import android.app.AppGlobals; import android.app.BroadcastOptions; import android.app.admin.BooleanPolicyValue; Loading Loading @@ -2076,6 +2077,40 @@ final class DevicePolicyEngine { } } /** * Removes all local and global policies set by enforcing admins with * `packageName` and `userId`. */ void removePoliciesForAdmins( String packageName, @UserIdInt int userId) { synchronized (mLock) { Set<PolicyKey> globalPolicies = new HashSet<>(mGlobalPolicies.keySet()); for (PolicyKey policy : globalPolicies) { PolicyState<?> policyState = mGlobalPolicies.get(policy); for (EnforcingAdmin admin : policyState.getPoliciesSetByAdmins().keySet()) { if (admin.getPackageName().equals(packageName) && admin.getUserId() == userId) { removeGlobalPolicy(policyState.getPolicyDefinition(), admin); } } } if (mLocalPolicies.containsKey(userId)) { Set<PolicyKey> localPolicies = new HashSet<>(mLocalPolicies.get(userId).keySet()); for (PolicyKey policy : localPolicies) { PolicyState<?> policyState = mLocalPolicies.get(userId).get(policy); for (EnforcingAdmin admin : policyState.getPoliciesSetByAdmins().keySet()) { if (admin.getPackageName().equals(packageName) && admin.getUserId() == userId) { removeLocalPolicy( policyState.getPolicyDefinition(), admin, userId); } } } } } } /** * Removes all local policies for the provided {@code userId}. */ Loading services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +6 −0 Original line number Diff line number Diff line Loading @@ -16216,6 +16216,12 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { mSecurityLogMonitor.setInternalEventsCallback(callback); } @Override public void removePoliciesForAdmins( @NonNull String packageName, @UserIdInt int userId) { mDevicePolicyEngine.removePoliciesForAdmins(packageName, userId); } private List<EnforcingUser> getEnforcingUsers(Set<EnforcingAdmin> admins) { List<EnforcingUser> enforcingUsers = new ArrayList(); ComponentName deviceOwner = mOwners.getDeviceOwnerComponent(); services/supervision/java/com/android/server/supervision/SupervisionService.java +5 −0 Original line number Diff line number Diff line Loading @@ -364,6 +364,11 @@ public class SupervisionService extends ISupervisionManager.Stub { } } } DevicePolicyManagerInternal dpmi = mInjector.getDpmInternal(); if (Flags.enableRemovePoliciesOnSupervisionDisable() && dpmi != null && supervisionAppPackage != null) { dpmi.removePoliciesForAdmins(supervisionAppPackage, userId); } } finally { Binder.restoreCallingIdentity(token); } Loading Loading
core/java/android/app/admin/DevicePolicyManagerInternal.java +6 −0 Original line number Diff line number Diff line Loading @@ -349,4 +349,10 @@ public abstract class DevicePolicyManagerInternal { */ public abstract void setInternalEventsCallback( @Nullable Consumer<List<SecurityLog.SecurityEvent>> callback); /** * Removes all policies associated with admins with `packageName` and `userId`. */ public abstract void removePoliciesForAdmins( @NonNull String packageName, @UserIdInt int userId); }
core/java/android/app/supervision/flags.aconfig +8 −0 Original line number Diff line number Diff line Loading @@ -110,3 +110,11 @@ flag { description: "Enable restricting factory reset when device supervision is enabled and a supervision PIN recovery method is set" bug: "383624414" } flag { name: "enable_remove_policies_on_supervision_disable" is_exported: false namespace: "supervision" description: "Removes all enforced policies to the user when supervision is disabled." bug: "414575617" }
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyEngine.java +35 −0 Original line number Diff line number Diff line Loading @@ -31,6 +31,7 @@ import static android.content.pm.UserProperties.INHERIT_DEVICE_POLICY_FROM_PAREN import android.Manifest; import android.annotation.NonNull; import android.annotation.Nullable; import android.annotation.UserIdInt; import android.app.AppGlobals; import android.app.BroadcastOptions; import android.app.admin.BooleanPolicyValue; Loading Loading @@ -2076,6 +2077,40 @@ final class DevicePolicyEngine { } } /** * Removes all local and global policies set by enforcing admins with * `packageName` and `userId`. */ void removePoliciesForAdmins( String packageName, @UserIdInt int userId) { synchronized (mLock) { Set<PolicyKey> globalPolicies = new HashSet<>(mGlobalPolicies.keySet()); for (PolicyKey policy : globalPolicies) { PolicyState<?> policyState = mGlobalPolicies.get(policy); for (EnforcingAdmin admin : policyState.getPoliciesSetByAdmins().keySet()) { if (admin.getPackageName().equals(packageName) && admin.getUserId() == userId) { removeGlobalPolicy(policyState.getPolicyDefinition(), admin); } } } if (mLocalPolicies.containsKey(userId)) { Set<PolicyKey> localPolicies = new HashSet<>(mLocalPolicies.get(userId).keySet()); for (PolicyKey policy : localPolicies) { PolicyState<?> policyState = mLocalPolicies.get(userId).get(policy); for (EnforcingAdmin admin : policyState.getPoliciesSetByAdmins().keySet()) { if (admin.getPackageName().equals(packageName) && admin.getUserId() == userId) { removeLocalPolicy( policyState.getPolicyDefinition(), admin, userId); } } } } } } /** * Removes all local policies for the provided {@code userId}. */ Loading
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +6 −0 Original line number Diff line number Diff line Loading @@ -16216,6 +16216,12 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { mSecurityLogMonitor.setInternalEventsCallback(callback); } @Override public void removePoliciesForAdmins( @NonNull String packageName, @UserIdInt int userId) { mDevicePolicyEngine.removePoliciesForAdmins(packageName, userId); } private List<EnforcingUser> getEnforcingUsers(Set<EnforcingAdmin> admins) { List<EnforcingUser> enforcingUsers = new ArrayList(); ComponentName deviceOwner = mOwners.getDeviceOwnerComponent();
services/supervision/java/com/android/server/supervision/SupervisionService.java +5 −0 Original line number Diff line number Diff line Loading @@ -364,6 +364,11 @@ public class SupervisionService extends ISupervisionManager.Stub { } } } DevicePolicyManagerInternal dpmi = mInjector.getDpmInternal(); if (Flags.enableRemovePoliciesOnSupervisionDisable() && dpmi != null && supervisionAppPackage != null) { dpmi.removePoliciesForAdmins(supervisionAppPackage, userId); } } finally { Binder.restoreCallingIdentity(token); } Loading
