Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 1ba83297 authored by Kholoud Mohamed's avatar Kholoud Mohamed Committed by Android (Google) Code Review
Browse files

Merge changes from topic "queryDevicePolicy" 

* changes:
  Add QUERY_ADMIN_POLICY to some DevicePolicyManaged APIs
  Add new QUERY_ADMIN_POLICY permission
parents fb6d7eaa 2f2bf87a

core/api/system-current.txt

+3 −2
Original line number Diff line number Diff line
@@ -215,6 +215,7 @@ package android { 
    field public static final String POWER_SAVER = "android.permission.POWER_SAVER";

    field public static final String PROVIDE_RESOLVER_RANKER_SERVICE = "android.permission.PROVIDE_RESOLVER_RANKER_SERVICE";

    field public static final String PROVIDE_TRUST_AGENT = "android.permission.PROVIDE_TRUST_AGENT";

    field public static final String QUERY_ADMIN_POLICY = "android.permission.QUERY_ADMIN_POLICY";

    field public static final String QUERY_TIME_ZONE_RULES = "android.permission.QUERY_TIME_ZONE_RULES";

    field public static final String RADIO_SCAN_WITHOUT_LOCATION = "android.permission.RADIO_SCAN_WITHOUT_LOCATION";

    field public static final String READ_ACTIVE_EMERGENCY_SESSION = "android.permission.READ_ACTIVE_EMERGENCY_SESSION";
@@ -970,8 +971,8 @@ package android.app.admin { 
    method @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS}) public String getDeviceOwnerNameOnAnyUser();

    method @Nullable public CharSequence getDeviceOwnerOrganizationName();

    method @Nullable @RequiresPermission(android.Manifest.permission.MANAGE_USERS) public android.os.UserHandle getDeviceOwnerUser();

    method @Nullable @RequiresPermission(android.Manifest.permission.MANAGE_USERS) public java.util.List<java.lang.String> getPermittedAccessibilityServices(int);

    method @Nullable @RequiresPermission(android.Manifest.permission.MANAGE_USERS) public java.util.List<java.lang.String> getPermittedInputMethodsForCurrentUser();

    method @Nullable @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.QUERY_ADMIN_POLICY}) public java.util.List<java.lang.String> getPermittedAccessibilityServices(int);

    method @Nullable @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.QUERY_ADMIN_POLICY}) public java.util.List<java.lang.String> getPermittedInputMethodsForCurrentUser();

    method @Nullable public android.content.ComponentName getProfileOwner() throws java.lang.IllegalArgumentException;

    method @Nullable @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS}) public String getProfileOwnerNameAsUser(int) throws java.lang.IllegalArgumentException;

    method @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS}) public int getUserProvisioningState();

core/java/android/app/admin/DevicePolicyManager.java

+6 −2
Original line number Diff line number Diff line
@@ -9146,7 +9146,9 @@ public class DevicePolicyManager { 
     * @hide

     */

     @SystemApi

     @RequiresPermission(android.Manifest.permission.MANAGE_USERS)

     @RequiresPermission(anyOf = {

             android.Manifest.permission.MANAGE_USERS,

             android.Manifest.permission.QUERY_ADMIN_POLICY})

     public @Nullable List<String> getPermittedAccessibilityServices(int userId) {

        throwIfParentInstance("getPermittedAccessibilityServices");

        if (mService != null) {
@@ -9283,7 +9285,9 @@ public class DevicePolicyManager { 
     * @hide

     */

    @SystemApi

    @RequiresPermission(android.Manifest.permission.MANAGE_USERS)

    @RequiresPermission(anyOf = {

            android.Manifest.permission.MANAGE_USERS,

            android.Manifest.permission.QUERY_ADMIN_POLICY})

    public @Nullable List<String> getPermittedInputMethodsForCurrentUser() {

        throwIfParentInstance("getPermittedInputMethodsForCurrentUser");

        if (mService != null) {

core/res/AndroidManifest.xml

+5 −0
Original line number Diff line number Diff line
@@ -2793,6 +2793,11 @@ 
        android:label="@string/permlab_manageProfileAndDeviceOwners"

        android:description="@string/permdesc_manageProfileAndDeviceOwners" />



    <!-- @SystemApi @hide Allows an application to query device policies set by any admin on

         the device.-->

    <permission android:name="android.permission.QUERY_ADMIN_POLICY"

                android:protectionLevel="signature|role" />



    <!-- @TestApi @hide Allows an application to reset the record of previous system update freeze

         periods. -->

    <permission android:name="android.permission.CLEAR_FREEZE_PERIOD"

packages/Shell/AndroidManifest.xml

+1 −0
Original line number Diff line number Diff line
@@ -204,6 +204,7 @@ 
    <uses-permission android:name="android.permission.MANAGE_CREDENTIAL_MANAGEMENT_APP" />

    <uses-permission android:name="android.permission.MANAGE_DEVICE_ADMINS" />

    <uses-permission android:name="android.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS" />

    <uses-permission android:name="android.permission.QUERY_ADMIN_POLICY" />

    <uses-permission android:name="android.permission.FORCE_DEVICE_POLICY_MANAGER_LOGS" />

    <uses-permission android:name="android.permission.CLEAR_FREEZE_PERIOD" />

    <uses-permission android:name="android.permission.MODIFY_QUIET_MODE" />

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+4 −2
Original line number Diff line number Diff line
@@ -10231,7 +10231,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { 
        if (!mHasFeature) {

            return null;

        }

        Preconditions.checkCallAuthorization(canManageUsers(getCallerIdentity()));

        Preconditions.checkCallAuthorization(canManageUsers(getCallerIdentity())

                        || hasCallingOrSelfPermission(permission.QUERY_ADMIN_POLICY));















        synchronized (getLockObject()) {















            List<String> result = null;










@@ -10402,7 +10403,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {













    public @Nullable List<String> getPermittedInputMethodsAsUser(@UserIdInt int userId) {















        final CallerIdentity caller = getCallerIdentity();















        Preconditions.checkCallAuthorization(hasFullCrossUsersPermission(caller, userId));













        Preconditions.checkCallAuthorization(canManageUsers(caller));













        Preconditions.checkCallAuthorization(canManageUsers(caller)













                || hasCallingOrSelfPermission(permission.QUERY_ADMIN_POLICY));















        final long callingIdentity = Binder.clearCallingIdentity();















        try {















            return getPermittedInputMethodsUnchecked(userId);