Loading core/java/android/app/admin/flags/flags.aconfig +0 −7 Original line number Diff line number Diff line Loading @@ -67,13 +67,6 @@ flag { bug: "289520697" } flag { name: "permission_migration_for_zero_trust_impl_enabled" namespace: "enterprise" description: "(Implementation) Migrate existing APIs to permission based, and enable DMRH to call them to collect Zero Trust signals." bug: "289520697" } flag { name: "device_theft_api_enabled" is_exported: true Loading services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +10 −26 Original line number Diff line number Diff line Loading @@ -16801,7 +16801,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { mContext.sendBroadcastAsUser(intent, UserHandle.of(userId)); } if (Flags.permissionMigrationForZeroTrustImplEnabled()) { final UserHandle user = UserHandle.of(userId); final String roleHolderPackage = getRoleHolderPackageNameOnUser( RoleManager.ROLE_DEVICE_POLICY_MANAGEMENT, userId); Loading @@ -16809,24 +16808,15 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { broadcastExplicitIntentToPackage(intent, roleHolderPackage, user); } } } }); } @Override public SystemUpdateInfo getPendingSystemUpdate(ComponentName admin, String callerPackage) { if (Flags.permissionMigrationForZeroTrustImplEnabled()) { CallerIdentity caller = getCallerIdentity(admin, callerPackage); enforcePermissions(new String[] {NOTIFY_PENDING_SYSTEM_UPDATE, MANAGE_DEVICE_POLICY_QUERY_SYSTEM_UPDATES}, caller.getPackageName(), caller.getUserId()); } else { Objects.requireNonNull(admin, "ComponentName is null"); final CallerIdentity caller = getCallerIdentity(admin); Preconditions.checkCallAuthorization( isDefaultDeviceOwner(caller) || isProfileOwner(caller)); } return mOwners.getSystemUpdateInfo(); } Loading Loading @@ -21421,13 +21411,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { final CallerIdentity caller = getCallerIdentity(callerPackage); if (Flags.permissionMigrationForZeroTrustImplEnabled()) { enforcePermission(MANAGE_DEVICE_POLICY_CERTIFICATES, caller.getPackageName()); } else { Preconditions.checkCallAuthorization( isDefaultDeviceOwner(caller) || isProfileOwner(caller) || isCallerDelegate(caller, DELEGATION_CERT_INSTALL)); } synchronized (getLockObject()) { final ActiveAdmin requiredAdmin = getDeviceOrProfileOwnerAdminLocked( caller.getUserId()); Loading
core/java/android/app/admin/flags/flags.aconfig +0 −7 Original line number Diff line number Diff line Loading @@ -67,13 +67,6 @@ flag { bug: "289520697" } flag { name: "permission_migration_for_zero_trust_impl_enabled" namespace: "enterprise" description: "(Implementation) Migrate existing APIs to permission based, and enable DMRH to call them to collect Zero Trust signals." bug: "289520697" } flag { name: "device_theft_api_enabled" is_exported: true Loading
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +10 −26 Original line number Diff line number Diff line Loading @@ -16801,7 +16801,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { mContext.sendBroadcastAsUser(intent, UserHandle.of(userId)); } if (Flags.permissionMigrationForZeroTrustImplEnabled()) { final UserHandle user = UserHandle.of(userId); final String roleHolderPackage = getRoleHolderPackageNameOnUser( RoleManager.ROLE_DEVICE_POLICY_MANAGEMENT, userId); Loading @@ -16809,24 +16808,15 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { broadcastExplicitIntentToPackage(intent, roleHolderPackage, user); } } } }); } @Override public SystemUpdateInfo getPendingSystemUpdate(ComponentName admin, String callerPackage) { if (Flags.permissionMigrationForZeroTrustImplEnabled()) { CallerIdentity caller = getCallerIdentity(admin, callerPackage); enforcePermissions(new String[] {NOTIFY_PENDING_SYSTEM_UPDATE, MANAGE_DEVICE_POLICY_QUERY_SYSTEM_UPDATES}, caller.getPackageName(), caller.getUserId()); } else { Objects.requireNonNull(admin, "ComponentName is null"); final CallerIdentity caller = getCallerIdentity(admin); Preconditions.checkCallAuthorization( isDefaultDeviceOwner(caller) || isProfileOwner(caller)); } return mOwners.getSystemUpdateInfo(); } Loading Loading @@ -21421,13 +21411,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { final CallerIdentity caller = getCallerIdentity(callerPackage); if (Flags.permissionMigrationForZeroTrustImplEnabled()) { enforcePermission(MANAGE_DEVICE_POLICY_CERTIFICATES, caller.getPackageName()); } else { Preconditions.checkCallAuthorization( isDefaultDeviceOwner(caller) || isProfileOwner(caller) || isCallerDelegate(caller, DELEGATION_CERT_INSTALL)); } synchronized (getLockObject()) { final ActiveAdmin requiredAdmin = getDeviceOrProfileOwnerAdminLocked( caller.getUserId());
