On uninstall cred mng app (141652b4) · Commits · e / os / android_frameworks_base

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+19 −0

Original line number	Diff line number	Diff line
		@@ -819,6 +819,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		} else if (Intent.ACTION_PACKAGE_REMOVED.equals(action)
		&& !intent.getBooleanExtra(Intent.EXTRA_REPLACING, false)) {
		handlePackagesChanged(intent.getData().getSchemeSpecificPart(), userHandle);
		removeCredentialManagementApp(intent.getData().getSchemeSpecificPart());
		} else if (Intent.ACTION_MANAGED_PROFILE_ADDED.equals(action)) {
		clearWipeProfileNotification();
		} else if (Intent.ACTION_DATE_CHANGED.equals(action)
		@@ -949,6 +950,20 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		}
		}

		private void removeCredentialManagementApp(String packageName) {
		mBackgroundHandler.post(() -> {
		try (KeyChainConnection connection = mInjector.keyChainBind()) {
		IKeyChainService service = connection.getService();
		if (service.hasCredentialManagementApp()
		&& packageName.equals(service.getCredentialManagementAppPackageName())) {
		service.removeCredentialManagementApp();
		}
		} catch (RemoteException \| InterruptedException \| IllegalStateException e) {
		Log.e(LOG_TAG, "Unable to remove the credential management app");
		}
		});
		}

		private boolean isRemovedPackage(String changedPackage, String targetPackage, int userHandle) {
		try {
		return targetPackage != null
		@@ -1419,6 +1434,10 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		return SecurityLog.isLoggingEnabled();
		}

		KeyChainConnection keyChainBind() throws InterruptedException {
		return KeyChain.bind(mContext);
		}

		KeyChainConnection keyChainBindAsUser(UserHandle user) throws InterruptedException {
		return KeyChain.bindAsUser(mContext, user);
		}

services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceTestable.java

+5 −0

Original line number	Diff line number	Diff line
		@@ -459,6 +459,11 @@ public class DevicePolicyManagerServiceTestable extends DevicePolicyManagerServi
		return services.buildMock.isDebuggable;
		}

		@Override
		KeyChain.KeyChainConnection keyChainBind() {
		return services.keyChainConnection;
		}

		@Override
		KeyChain.KeyChainConnection keyChainBindAsUser(UserHandle user) {
		return services.keyChainConnection;

services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java

+27 −0

Original line number	Diff line number	Diff line
		@@ -1616,6 +1616,33 @@ public class DevicePolicyManagerTest extends DpmTestBase {
		)), eq(user));
		}

		@Test
		public void testRemoveCredentialManagementApp() throws Exception {
		final String packageName = "com.test.cred.mng";
		Intent intent = new Intent(Intent.ACTION_PACKAGE_REMOVED);
		intent.setData(Uri.parse("package:" + packageName));
		dpms.mReceiver.setPendingResult(
		new BroadcastReceiver.PendingResult(Activity.RESULT_OK,
		"resultData",
		/* resultExtras= */ null,
		BroadcastReceiver.PendingResult.TYPE_UNREGISTERED,
		/* ordered= */ true,
		/* sticky= */ false,
		/* token= */ null,
		CALLER_USER_HANDLE,
		/* flags= */ 0));
		when(getServices().keyChainConnection.getService().hasCredentialManagementApp())
		.thenReturn(true);
		when(getServices().keyChainConnection.getService().getCredentialManagementAppPackageName())
		.thenReturn(packageName);

		dpms.mReceiver.onReceive(mContext, intent);

		flushTasks(dpms);
		verify(getServices().keyChainConnection.getService()).hasCredentialManagementApp();
		verify(getServices().keyChainConnection.getService()).removeCredentialManagementApp();
		}

		/**
		* Simple test for delegate set/get and general delegation. Tests verifying that delegated
		* privileges can acually be exercised by a delegate are not covered here.