Merge "DPM.isProvisioningAllowed(ACTION_PROVISION_MANAGED_DEVICE) should...

         */

        public static final String WEB_ACTION_ENABLED = "web_action_enabled";

        /**

         * Has this pairable device been paired or upgraded from a previously paired system.

         * @hide

         */

        public static final String DEVICE_PAIRED = "device_paired";

        /**

         * This are the settings to be backed up.

         *

    private static final String ATTR_PERMISSION_POLICY = "permission-policy";

    private static final String ATTR_DEVICE_PROVISIONING_CONFIG_APPLIED =

            "device-provisioning-config-applied";

    private static final String ATTR_DEVICE_PAIRED = "device-paired";

    private static final String ATTR_DELEGATED_CERT_INSTALLER = "delegated-cert-installer";

    private static final String ATTR_APPLICATION_RESTRICTIONS_MANAGER

    private static final int CODE_NONSYSTEM_USER_EXISTS = 5;

    private static final int CODE_ACCOUNTS_NOT_EMPTY = 6;

    private static final int CODE_NOT_SYSTEM_USER = 7;

    private static final int CODE_HAS_PAIRED = 8;

    @Retention(RetentionPolicy.SOURCE)

    @IntDef({ CODE_OK, CODE_HAS_DEVICE_OWNER, CODE_USER_HAS_PROFILE_OWNER, CODE_USER_NOT_RUNNING,

     */

    boolean mHasFeature;

    /**

     * Whether or not this device is a watch.

     */

    boolean mIsWatch;

    private final SecurityLogMonitor mSecurityLogMonitor;

    private final AtomicBoolean mRemoteBugreportServiceIsActive = new AtomicBoolean();

        int mPasswordOwner = -1;

        long mLastMaximumTimeToLock = -1;

        boolean mUserSetupComplete = false;

        boolean mPaired = false;

        int mUserProvisioningState;

        int mPermissionPolicy;

        mHasFeature = mContext.getPackageManager()

                .hasSystemFeature(PackageManager.FEATURE_DEVICE_ADMIN);

        mIsWatch = mContext.getPackageManager()

                .hasSystemFeature(PackageManager.FEATURE_WATCH);

        if (!mHasFeature) {

            // Skip the rest of the initialization

            return;

                out.attribute(null, ATTR_SETUP_COMPLETE,

                        Boolean.toString(true));

            }

            if (policy.mPaired) {

                out.attribute(null, ATTR_DEVICE_PAIRED,

                        Boolean.toString(true));

            }

            if (policy.mDeviceProvisioningConfigApplied) {

                out.attribute(null, ATTR_DEVICE_PROVISIONING_CONFIG_APPLIED,

                        Boolean.toString(true));

            if (userSetupComplete != null && Boolean.toString(true).equals(userSetupComplete)) {

                policy.mUserSetupComplete = true;

            }

            String paired = parser.getAttributeValue(null, ATTR_DEVICE_PAIRED);

            if (paired != null && Boolean.toString(true).equals(paired)) {

                policy.mPaired = true;

            }

            String deviceProvisioningConfigApplied = parser.getAttributeValue(null,

                    ATTR_DEVICE_PROVISIONING_CONFIG_APPLIED);

            if (deviceProvisioningConfigApplied != null

        // Register an observer for watching for user setup complete.

        new SetupContentObserver(mHandler).register();

        // Initialize the user setup state, to handle the upgrade case.

        updateUserSetupComplete();

        updateUserSetupCompleteAndPaired();

        List<String> packageList;

        synchronized (this) {

        return getUserData(userHandle).mUserSetupComplete;

    }

    private boolean hasPaired(int userHandle) {

        if (!mHasFeature) {

            return true;

        }

        return getUserData(userHandle).mPaired;

    }

    @Override

    public int getUserProvisioningState() {

        if (!mHasFeature) {

            case CODE_ACCOUNTS_NOT_EMPTY:

                throw new IllegalStateException("Not allowed to set the device owner because there "

                        + "are already some accounts on the device");

            case CODE_HAS_PAIRED:

                throw new IllegalStateException("Not allowed to set the device owner because this "

                        + "device has already paired");

            default:

                throw new IllegalStateException("Unknown @DeviceOwnerPreConditionCode " + code);

        }

    }

    /**

     * We need to update the internal state of whether a user has completed setup once. After

     * that, we ignore any changes that reset the Settings.Secure.USER_SETUP_COMPLETE changes

     * as we don't trust any apps that might try to reset it.

     * We need to update the internal state of whether a user has completed setup or a

     * device has paired once. After that, we ignore any changes that reset the

     * Settings.Secure.USER_SETUP_COMPLETE or Settings.Secure.DEVICE_PAIRED change

     * as we don't trust any apps that might try to reset them.

     * <p>

     * Unfortunately, we don't know which user's setup state was changed, so we write all of

     * them.

     */

    void updateUserSetupComplete() {

    void updateUserSetupCompleteAndPaired() {

        List<UserInfo> users = mUserManager.getUsers(true);

        final int N = users.size();

        for (int i = 0; i < N; i++) {

                    }

                }

            }

            if (mIsWatch && mInjector.settingsSecureGetIntForUser(Settings.Secure.DEVICE_PAIRED, 0,

                    userHandle) != 0) {

                DevicePolicyData policy = getUserData(userHandle);

                if (!policy.mPaired) {

                    policy.mPaired = true;

                    synchronized (this) {

                        saveSettingsLocked(userHandle);

                    }

                }

            }

        }

    }

                Settings.Secure.USER_SETUP_COMPLETE);

        private final Uri mDeviceProvisioned = Settings.Global.getUriFor(

                Settings.Global.DEVICE_PROVISIONED);

        private final Uri mPaired = Settings.Secure.getUriFor(Settings.Secure.DEVICE_PAIRED);

        public SetupContentObserver(Handler handler) {

            super(handler);

        void register() {

            mInjector.registerContentObserver(mUserSetupComplete, false, this, UserHandle.USER_ALL);

            mInjector.registerContentObserver(mDeviceProvisioned, false, this, UserHandle.USER_ALL);

            if (mIsWatch) {

                mInjector.registerContentObserver(mPaired, false, this, UserHandle.USER_ALL);

            }

        }

        @Override

        public void onChange(boolean selfChange, Uri uri) {

            if (mUserSetupComplete.equals(uri)) {

                updateUserSetupComplete();

            if (mUserSetupComplete.equals(uri) || (mIsWatch && mPaired.equals(uri))) {

                updateUserSetupCompleteAndPaired();

            } else if (mDeviceProvisioned.equals(uri)) {

                synchronized (DevicePolicyManagerService.this) {

                    // Set PROPERTY_DEVICE_OWNER_PRESENT, for the SUW case where setting the property

        if (!mUserManager.isUserRunning(new UserHandle(deviceOwnerUserId))) {

            return CODE_USER_NOT_RUNNING;

        }

        if (mIsWatch && hasPaired(UserHandle.USER_SYSTEM)) {

            return CODE_HAS_PAIRED;

        }

        if (isAdb) {

            // if shell command runs after user setup completed check device status. Otherwise, OK.

            if (hasUserSetupCompleted(UserHandle.USER_SYSTEM)) {