Policy transparency for mandatory backups. (16a91c0c) · Commits · e / os / android_frameworks_base

api/current.txt

+1 −0

Original line number	Diff line number	Diff line
		@@ -6672,6 +6672,7 @@ package android.app.admin {
		field public static final int PERMISSION_POLICY_PROMPT = 0; // 0x0
		field public static final java.lang.String POLICY_DISABLE_CAMERA = "policy_disable_camera";
		field public static final java.lang.String POLICY_DISABLE_SCREEN_CAPTURE = "policy_disable_screen_capture";
		field public static final java.lang.String POLICY_MANDATORY_BACKUPS = "policy_mandatory_backups";
		field public static final int RESET_PASSWORD_DO_NOT_ASK_CREDENTIALS_ON_BOOT = 2; // 0x2
		field public static final int RESET_PASSWORD_REQUIRE_ENTRY = 1; // 0x1
		field public static final int SKIP_SETUP_WIZARD = 1; // 0x1

core/java/android/app/admin/DevicePolicyManager.java

+11 −2

Original line number	Diff line number	Diff line
		@@ -1156,10 +1156,18 @@ public class DevicePolicyManager {
		*/
		public static final String POLICY_DISABLE_SCREEN_CAPTURE = "policy_disable_screen_capture";

		/**
		* Constant to indicate the feature of mandatory backups. Used as argument to
		* {@link #createAdminSupportIntent(String)}.
		* @see #setMandatoryBackupTransport(ComponentName, ComponentName)
		*/
		public static final String POLICY_MANDATORY_BACKUPS = "policy_mandatory_backups";

		/**
		* A String indicating a specific restricted feature. Can be a user restriction from the
		* {@link UserManager}, e.g. {@link UserManager#DISALLOW_ADJUST_VOLUME}, or one of the values
		* {@link #POLICY_DISABLE_CAMERA} or {@link #POLICY_DISABLE_SCREEN_CAPTURE}.
		* {@link #POLICY_DISABLE_CAMERA}, {@link #POLICY_DISABLE_SCREEN_CAPTURE} or
		* {@link #POLICY_MANDATORY_BACKUPS}.
		* @see #createAdminSupportIntent(String)
		* @hide
		*/
		@@ -6806,7 +6814,8 @@ public class DevicePolicyManager {
		* @param restriction Indicates for which feature the dialog should be displayed. Can be a
		* user restriction from {@link UserManager}, e.g.
		* {@link UserManager#DISALLOW_ADJUST_VOLUME}, or one of the constants
		* {@link #POLICY_DISABLE_CAMERA} or {@link #POLICY_DISABLE_SCREEN_CAPTURE}.
		* {@link #POLICY_DISABLE_CAMERA}, {@link #POLICY_DISABLE_SCREEN_CAPTURE} or
		* {@link #POLICY_MANDATORY_BACKUPS}.
		* @return Intent An intent to be used to start the dialog-activity if the restriction is
		* set by an admin, or null if the restriction does not exist or no admin set it.
		*/

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+5 −2

Original line number	Diff line number	Diff line
		@@ -10216,7 +10216,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		final int userId = UserHandle.getUserId(uid);
		Intent intent = null;
		if (DevicePolicyManager.POLICY_DISABLE_CAMERA.equals(restriction) \|\|
		DevicePolicyManager.POLICY_DISABLE_SCREEN_CAPTURE.equals(restriction)) {
		DevicePolicyManager.POLICY_DISABLE_SCREEN_CAPTURE.equals(restriction) \|\|
		DevicePolicyManager.POLICY_MANDATORY_BACKUPS.equals(restriction)) {
		synchronized(this) {
		final DevicePolicyData policy = getUserData(userId);
		final int N = policy.mAdminList.size();
		@@ -10225,7 +10226,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		if ((admin.disableCamera &&
		DevicePolicyManager.POLICY_DISABLE_CAMERA.equals(restriction)) \|\|
		(admin.disableScreenCapture && DevicePolicyManager
		.POLICY_DISABLE_SCREEN_CAPTURE.equals(restriction))) {
		.POLICY_DISABLE_SCREEN_CAPTURE.equals(restriction)) \|\|
		(admin.mandatoryBackupTransport != null && DevicePolicyManager
		.POLICY_MANDATORY_BACKUPS.equals(restriction))) {
		intent = createShowAdminSupportIntent(admin.info.getComponent(), userId);
		break;
		}

services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java

+15 −2

Original line number	Diff line number	Diff line
		@@ -2119,8 +2119,8 @@ public class DevicePolicyManagerTest extends DpmTestBase {
		assertEquals(UserManager.DISALLOW_ADJUST_VOLUME,
		intent.getStringExtra(DevicePolicyManager.EXTRA_RESTRICTION));

		// Try with POLICY_DISABLE_CAMERA and POLICY_DISABLE_SCREEN_CAPTURE, which are not
		// user restrictions
		// Try with POLICY_DISABLE_CAMERA, POLICY_DISABLE_SCREEN_CAPTURE and
		// POLICY_MANDATORY_BACKUPS, which are not user restrictions

		// Camera is not disabled
		intent = dpm.createAdminSupportIntent(DevicePolicyManager.POLICY_DISABLE_CAMERA);
		@@ -2144,6 +2144,19 @@ public class DevicePolicyManagerTest extends DpmTestBase {
		assertEquals(DevicePolicyManager.POLICY_DISABLE_SCREEN_CAPTURE,
		intent.getStringExtra(DevicePolicyManager.EXTRA_RESTRICTION));

		// Backups are not mandatory
		intent = dpm.createAdminSupportIntent(DevicePolicyManager.POLICY_MANDATORY_BACKUPS);
		assertNull(intent);

		// Backups are mandatory
		ComponentName transportComponent = ComponentName.unflattenFromString(
		"android/com.android.internal.backup.LocalTransport");
		dpm.setMandatoryBackupTransport(admin1, transportComponent);
		intent = dpm.createAdminSupportIntent(DevicePolicyManager.POLICY_MANDATORY_BACKUPS);
		assertNotNull(intent);
		assertEquals(DevicePolicyManager.POLICY_MANDATORY_BACKUPS,
		intent.getStringExtra(DevicePolicyManager.EXTRA_RESTRICTION));

		// Same checks for different user
		mContext.binder.callingUid = DpmMockContext.CALLER_UID;
		// Camera should be disabled by device owner