Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 10662b3f authored by Rafael Prado's avatar Rafael Prado
Browse files

Verify reset password token activity using DPE when coexistence is enabled. 

Test: Manual with TestDPC: adding and activating a token enables "forgot password" for work profile.
Bug: 374727579
Bug: 336297680
Flag: android.app.admin.flags.reset_password_with_token_coexistence
Change-Id: I87c260ff880b95a39941e122b796e4792485ca33
parent 117ae7bf

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+11 −0
Original line number Diff line number Diff line
@@ -19148,6 +19148,14 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { 
        }

    }













    private boolean isAnyResetPasswordTokenActiveForUser(int userId) {













        return mDevicePolicyEngine













                .getLocalPoliciesSetByAdmins(PolicyDefinition.RESET_PASSWORD_TOKEN, userId)













                .values()













                .stream()













                .anyMatch((p) -> isResetPasswordTokenActiveForUserLocked(p.getValue(), userId));













    }



























    private boolean isResetPasswordTokenActiveForUserLocked(















            long passwordTokenHandle, int userHandle) {















        if (passwordTokenHandle != 0) {










@@ -21003,6 +21011,9 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {













        Preconditions.checkCallAuthorization(isSystemUid(getCallerIdentity()),















                String.format(NOT_SYSTEM_CALLER_MSG,















                        "call canProfileOwnerResetPasswordWhenLocked"));













        if (Flags.resetPasswordWithTokenCoexistence()) {













            return isAnyResetPasswordTokenActiveForUser(userId);













        }















        synchronized (getLockObject()) {















            final ActiveAdmin poAdmin = getProfileOwnerAdminLocked(userId);















            DevicePolicyData policy = getUserData(userId);