Merge changes from topic "fixSettingsCrash" into udc-dev (25ffa223) · Commits · e / os / android_frameworks_base

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyEngine.java

+32 −0

Original line number	Diff line number	Diff line
		@@ -684,6 +684,38 @@ final class DevicePolicyEngine {
		}
		}

		<V> void transferPolicies(EnforcingAdmin oldAdmin, EnforcingAdmin newAdmin) {
		Set<PolicyKey> globalPolicies = new HashSet<>(mGlobalPolicies.keySet());
		for (PolicyKey policy : globalPolicies) {
		PolicyState<?> policyState = mGlobalPolicies.get(policy);
		if (policyState.getPoliciesSetByAdmins().containsKey(oldAdmin)) {
		PolicyDefinition<V> policyDefinition =
		(PolicyDefinition<V>) policyState.getPolicyDefinition();
		PolicyValue<V> policyValue =
		(PolicyValue<V>) policyState.getPoliciesSetByAdmins().get(oldAdmin);
		setGlobalPolicy(policyDefinition, newAdmin, policyValue);
		}
		}

		for (int i = 0; i < mLocalPolicies.size(); i++) {
		int userId = mLocalPolicies.keyAt(i);
		Set<PolicyKey> localPolicies = new HashSet<>(
		mLocalPolicies.get(userId).keySet());
		for (PolicyKey policy : localPolicies) {
		PolicyState<?> policyState = mLocalPolicies.get(userId).get(policy);
		if (policyState.getPoliciesSetByAdmins().containsKey(oldAdmin)) {
		PolicyDefinition<V> policyDefinition =
		(PolicyDefinition<V>) policyState.getPolicyDefinition();
		PolicyValue<V> policyValue =
		(PolicyValue<V>) policyState.getPoliciesSetByAdmins().get(oldAdmin);
		setLocalPolicy(policyDefinition, newAdmin, policyValue, userId);
		}
		}
		}

		removePoliciesForAdmin(oldAdmin);
		}

		private Set<UserRestrictionPolicyKey> getUserRestrictionPolicyKeysForAdminLocked(
		Map<PolicyKey, PolicyState<?>> policies,
		EnforcingAdmin admin) {

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+84 −44

Original line number	Diff line number	Diff line
		@@ -3882,6 +3882,17 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		final ActiveAdmin adminToTransfer = policy.mAdminMap.get(outgoingReceiver);
		final int oldAdminUid = adminToTransfer.getUid();

		if (isPolicyEngineForFinanceFlagEnabled() \|\| isPermissionCheckFlagEnabled()) {
		EnforcingAdmin oldAdmin =
		EnforcingAdmin.createEnterpriseEnforcingAdmin(
		outgoingReceiver, userHandle, adminToTransfer);
		EnforcingAdmin newAdmin =
		EnforcingAdmin.createEnterpriseEnforcingAdmin(
		incomingReceiver, userHandle, adminToTransfer);

		mDevicePolicyEngine.transferPolicies(oldAdmin, newAdmin);
		}

		adminToTransfer.transfer(incomingDeviceInfo);
		policy.mAdminMap.remove(outgoingReceiver);
		policy.mAdminMap.put(incomingReceiver, adminToTransfer);
		@@ -6051,7 +6062,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		@Override
		public void lockNow(int flags, String callerPackageName, boolean parent) {
		CallerIdentity caller;
		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		caller = getCallerIdentity(callerPackageName);
		} else {
		caller = getCallerIdentity();
		@@ -6063,7 +6074,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		ActiveAdmin admin;
		// Make sure the caller has any active admin with the right policy or
		// the required permission.
		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		admin = enforcePermissionAndGetEnforcingAdmin(
		/* admin= */ null,
		/* permission= */ MANAGE_DEVICE_POLICY_LOCK,
		@@ -8917,13 +8928,13 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		}

		CallerIdentity caller;
		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		caller = getCallerIdentity(who, callerPackageName);
		} else {
		caller = getCallerIdentity(who);
		}

		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		// The effect of this policy is device-wide.
		enforcePermission(SET_TIME, caller.getPackageName(), UserHandle.USER_ALL);
		} else {
		@@ -8951,13 +8962,13 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		return false;
		}
		CallerIdentity caller;
		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		caller = getCallerIdentity(who, callerPackageName);
		} else {
		caller = getCallerIdentity(who);
		}

		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		enforceCanQuery(SET_TIME, caller.getPackageName(), UserHandle.USER_ALL);
		} else {
		Objects.requireNonNull(who, "ComponentName is null");
		@@ -8980,13 +8991,13 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		}

		CallerIdentity caller;
		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		caller = getCallerIdentity(who, callerPackageName);
		} else {
		caller = getCallerIdentity(who);
		}

		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		// The effect of this policy is device-wide.
		EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin(
		who,
		@@ -9026,13 +9037,13 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		}

		CallerIdentity caller;
		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		caller = getCallerIdentity(who, callerPackageName);
		} else {
		caller = getCallerIdentity(who);
		}

		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		// The effect of this policy is device-wide.
		enforceCanQuery(SET_TIME_ZONE, caller.getPackageName(), UserHandle.USER_ALL);
		} else {
		@@ -9335,7 +9346,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		}

		CallerIdentity caller;
		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		caller = getCallerIdentity(who, callerPackageName);
		} else {
		caller = getCallerIdentity(who);
		@@ -9345,7 +9356,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		final int userHandle = caller.getUserId();
		int affectedUserId = parent ? getProfileParentId(userHandle) : userHandle;
		synchronized (getLockObject()) {
		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		// SUPPORT USES_POLICY_DISABLE_KEYGUARD_FEATURES
		EnforcingAdmin admin = enforcePermissionAndGetEnforcingAdmin(
		who, MANAGE_DEVICE_POLICY_KEYGUARD, caller.getPackageName(),
		@@ -9424,13 +9435,14 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {

		synchronized (getLockObject()) {
		if (who != null) {
		if (isPermissionCheckFlagEnabled()) {
		EnforcingAdmin admin = getEnforcingAdminForCaller(
		who, who.getPackageName());
		if (isUnicornFlagEnabled()) {
		EnforcingAdmin admin = getEnforcingAdminForPackage(
		who, who.getPackageName(), userHandle);
		Integer features = mDevicePolicyEngine.getLocalPolicySetByAdmin(
		PolicyDefinition.KEYGUARD_DISABLED_FEATURES,
		admin,
		affectedUserId);

		return features == null ? 0 : features;
		} else {
		ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle, parent);
		@@ -9438,7 +9450,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		}
		}

		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		Integer features = mDevicePolicyEngine.getResolvedPolicy(
		PolicyDefinition.KEYGUARD_DISABLED_FEATURES,
		affectedUserId);
		@@ -11637,7 +11649,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		final CallerIdentity caller = getCallerIdentity(who, callerPackage);
		checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_APPLICATION_RESTRICTIONS);

		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin(
		who,
		MANAGE_DEVICE_POLICY_APP_RESTRICTIONS,
		@@ -13064,7 +13076,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		String packageName) {
		final CallerIdentity caller = getCallerIdentity(who, callerPackage);

		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		EnforcingAdmin enforcingAdmin = enforceCanQueryAndGetEnforcingAdmin(
		who,
		MANAGE_DEVICE_POLICY_APP_RESTRICTIONS,
		@@ -13134,7 +13146,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		final CallerIdentity caller = getCallerIdentity(who, callerPackage);
		ActiveAdmin admin;

		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin(
		who,
		MANAGE_DEVICE_POLICY_PACKAGE_STATE,
		@@ -13231,7 +13243,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		public boolean isPackageSuspended(ComponentName who, String callerPackage, String packageName) {
		final CallerIdentity caller = getCallerIdentity(who, callerPackage);

		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		enforcePermission(
		MANAGE_DEVICE_POLICY_PACKAGE_STATE,
		caller.getPackageName(),
		@@ -13837,7 +13849,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		boolean hidden, boolean parent) {
		CallerIdentity caller = getCallerIdentity(who, callerPackage);
		final int userId = parent ? getProfileParentId(caller.getUserId()) : caller.getUserId();
		if (isPermissionCheckFlagEnabled()) {
		if (isPolicyEngineForFinanceFlagEnabled()) {
		// TODO: We need to ensure the delegate with DELEGATION_PACKAGE_ACCESS can do this
		enforcePermission(MANAGE_DEVICE_POLICY_PACKAGE_STATE, caller.getPackageName(), userId);
		} else {
		@@ -13856,7 +13868,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		boolean result;
		synchronized (getLockObject()) {
		if (parent) {
		if (!isPermissionCheckFlagEnabled()) {
		if (!isPolicyEngineForFinanceFlagEnabled()) {
		Preconditions.checkCallAuthorization(
		isProfileOwnerOfOrganizationOwnedDevice(
		caller.getUserId()) && isManagedProfile(caller.getUserId()));
		@@ -13873,7 +13885,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		Slogf.v(LOG_TAG, "calling pm.setApplicationHiddenSettingAsUser(%s, %b, %d)",
		packageName, hidden, userId);
		}
		if (isPermissionCheckFlagEnabled()) {
		if (isPolicyEngineForFinanceFlagEnabled()) {
		EnforcingAdmin admin = getEnforcingAdminForCaller(who, callerPackage);
		mDevicePolicyEngine.setLocalPolicy(
		PolicyDefinition.APPLICATION_HIDDEN(packageName),
		@@ -13912,7 +13924,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		String packageName, boolean parent) {
		CallerIdentity caller = getCallerIdentity(who, callerPackage);
		int userId = parent ? getProfileParentId(caller.getUserId()) : caller.getUserId();
		if (isPermissionCheckFlagEnabled()) {
		if (isPolicyEngineForFinanceFlagEnabled()) {
		// TODO: Also support DELEGATION_PACKAGE_ACCESS
		enforcePermission(MANAGE_DEVICE_POLICY_PACKAGE_STATE, caller.getPackageName(), userId);
		} else {
		@@ -13924,7 +13936,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {

		synchronized (getLockObject()) {
		if (parent) {
		if (!isPermissionCheckFlagEnabled()) {
		if (!isPolicyEngineForFinanceFlagEnabled()) {
		Preconditions.checkCallAuthorization(
		isProfileOwnerOfOrganizationOwnedDevice(caller.getUserId())
		&& isManagedProfile(caller.getUserId()));
		@@ -14116,13 +14128,13 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		enforceMaxStringLength(accountType, "account type");

		CallerIdentity caller;
		if (isPermissionCheckFlagEnabled()) {
		if (isPolicyEngineForFinanceFlagEnabled()) {
		caller = getCallerIdentity(who, callerPackageName);
		} else {
		caller = getCallerIdentity(who);
		}
		synchronized (getLockObject()) {
		if (isPermissionCheckFlagEnabled()) {
		if (isPolicyEngineForFinanceFlagEnabled()) {
		int affectedUser = getAffectedUser(parent);
		EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin(
		who,
		@@ -14185,7 +14197,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		CallerIdentity caller;
		Preconditions.checkArgumentNonnegative(userId, "Invalid userId");
		final ArraySet<String> resultSet = new ArraySet<>();
		if (isPermissionCheckFlagEnabled()) {
		if (isPolicyEngineForFinanceFlagEnabled()) {
		int affectedUser = parent ? getProfileParentId(userId) : userId;
		caller = getCallerIdentity(callerPackageName);
		if (!hasPermission(MANAGE_DEVICE_POLICY_ACCOUNT_MANAGEMENT,
		@@ -15556,12 +15568,12 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		public boolean setStatusBarDisabled(ComponentName who, String callerPackageName,
		boolean disabled) {
		CallerIdentity caller;
		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		caller = getCallerIdentity(who, callerPackageName);
		} else {
		caller = getCallerIdentity(who);
		}
		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		enforcePermission(MANAGE_DEVICE_POLICY_STATUS_BAR, caller.getPackageName(),
		UserHandle.USER_ALL);
		} else {
		@@ -15572,7 +15584,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {

		int userId = caller.getUserId();
		synchronized (getLockObject()) {
		if (!isPermissionCheckFlagEnabled()) {
		if (!isUnicornFlagEnabled()) {
		Preconditions.checkCallAuthorization(isUserAffiliatedWithDeviceLocked(userId),
		"Admin " + who + " is neither the device owner or affiliated "
		+ "user's profile owner.");
		@@ -15631,7 +15643,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		@Override
		public boolean isStatusBarDisabled(String callerPackage) {
		final CallerIdentity caller = getCallerIdentity(callerPackage);
		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		enforceCanQuery(
		MANAGE_DEVICE_POLICY_STATUS_BAR, caller.getPackageName(), caller.getUserId());
		} else {
		@@ -15641,7 +15653,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {

		int userId = caller.getUserId();
		synchronized (getLockObject()) {
		if (!isPermissionCheckFlagEnabled()) {
		if (!isUnicornFlagEnabled()) {
		Preconditions.checkCallAuthorization(isUserAffiliatedWithDeviceLocked(userId),
		"Admin " + callerPackage
		+ " is neither the device owner or affiliated user's profile owner.");
		@@ -16802,7 +16814,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		}
		}
		EnforcingAdmin enforcingAdmin;
		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		enforcingAdmin = enforcePermissionAndGetEnforcingAdmin(
		admin,
		MANAGE_DEVICE_POLICY_RUNTIME_PERMISSIONS,
		@@ -16973,7 +16985,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		public int getPermissionGrantState(ComponentName admin, String callerPackage,
		String packageName, String permission) throws RemoteException {
		final CallerIdentity caller = getCallerIdentity(admin, callerPackage);
		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		enforceCanQuery(MANAGE_DEVICE_POLICY_RUNTIME_PERMISSIONS, caller.getPackageName(),
		caller.getUserId());
		} else {
		@@ -19111,14 +19123,14 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		throw new IllegalArgumentException("token must be at least 32-byte long");
		}
		CallerIdentity caller;
		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		caller = getCallerIdentity(admin, callerPackageName);
		} else {
		caller = getCallerIdentity(admin);
		}
		final int userId = caller.getUserId();

		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin(
		admin,
		MANAGE_DEVICE_POLICY_RESET_PASSWORD,
		@@ -19174,7 +19186,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		return false;
		}
		CallerIdentity caller;
		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		caller = getCallerIdentity(admin, callerPackageName);
		} else {
		caller = getCallerIdentity(admin);
		@@ -19182,7 +19194,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		final int userId = caller.getUserId();
		boolean result = false;

		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin(
		admin,
		MANAGE_DEVICE_POLICY_RESET_PASSWORD,
		@@ -19221,14 +19233,14 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		return false;
		}
		CallerIdentity caller;
		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		caller = getCallerIdentity(admin, callerPackageName);
		} else {
		caller = getCallerIdentity(admin);
		}
		int userId = caller.getUserId();

		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin(
		admin,
		MANAGE_DEVICE_POLICY_RESET_PASSWORD,
		@@ -19270,7 +19282,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		Objects.requireNonNull(token);

		CallerIdentity caller;
		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		caller = getCallerIdentity(admin, callerPackageName);
		} else {
		caller = getCallerIdentity(admin);
		@@ -19280,7 +19292,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		boolean result = false;
		final String password = passwordOrNull != null ? passwordOrNull : "";

		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin(
		admin,
		MANAGE_DEVICE_POLICY_RESET_PASSWORD,
		@@ -19311,7 +19323,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		}

		if (result) {
		if (isPermissionCheckFlagEnabled()) {
		if (isUnicornFlagEnabled()) {
		DevicePolicyEventLogger
		.createEvent(DevicePolicyEnums.RESET_PASSWORD_WITH_TOKEN)
		.setAdmin(callerPackageName)
		@@ -23569,6 +23581,30 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		return EnforcingAdmin.createEnforcingAdmin(caller.getPackageName(), userId, admin);
		}

		private EnforcingAdmin getEnforcingAdminForPackage(@Nullable ComponentName who,
		String packageName, int userId) {
		ActiveAdmin admin;
		if (who != null) {
		if (isDeviceOwner(who, userId) \|\| isProfileOwner(who, userId)) {
		synchronized (getLockObject()) {
		admin = getActiveAdminUncheckedLocked(who, userId);
		}
		if (admin != null) {
		return EnforcingAdmin.createEnterpriseEnforcingAdmin(who, userId, admin);
		}
		} else {
		// Check for non-DPC active admins.
		admin = getActiveAdminUncheckedLocked(who, userId);
		if (admin != null) {
		return EnforcingAdmin.createDeviceAdminEnforcingAdmin(who, userId, admin);
		}
		}
		}

		admin = getUserData(userId).createOrGetPermissionBasedAdmin(userId);
		return EnforcingAdmin.createEnforcingAdmin(packageName, userId, admin);
		}

		private int getAffectedUser(boolean calledOnParent) {
		int callingUserId = mInjector.userHandleGetCallingUserId();
		return calledOnParent ? getProfileParentId(callingUserId) : callingUserId;
		@@ -23624,6 +23660,10 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
		DEFAULT_KEEP_PROFILES_RUNNING_FLAG);
		}

		private boolean isUnicornFlagEnabled() {
		return false;
		}

		private boolean isWorkProfileTelephonyEnabled() {
		return isWorkProfileTelephonyDevicePolicyManagerFlagEnabled()
		&& isWorkProfileTelephonySubscriptionManagerFlagEnabled();

services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java

+13 −0

Original line number	Diff line number	Diff line
		@@ -1512,6 +1512,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
		* Validates that when the device owner is removed, the reset password token is cleared
		*/
		@Test
		@Ignore("b/277916462")
		public void testClearDeviceOwner_clearResetPasswordToken() throws Exception {
		mContext.callerPermissions.add(android.Manifest.permission.MANAGE_DEVICE_ADMINS);
		mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS);
		@@ -2602,6 +2603,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
		}

		@Test
		@Ignore("b/277916462")
		public void testSetApplicationHiddenWithDO() throws Exception {
		mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID;
		setupDeviceOwner();
		@@ -2627,6 +2629,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
		}

		@Test
		@Ignore("b/277916462")
		public void testSetApplicationHiddenWithPOOfOrganizationOwnedDevice() throws Exception {
		final int MANAGED_PROFILE_USER_ID = CALLER_USER_HANDLE;
		final int MANAGED_PROFILE_ADMIN_UID =
		@@ -4373,6 +4376,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
		}

		@Test
		@Ignore("b/277916462")
		public void testSetAutoTimeZoneEnabledModifiesSetting() throws Exception {
		mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID;
		setupDeviceOwner();
		@@ -4384,6 +4388,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
		}

		@Test
		@Ignore("b/277916462")
		public void testSetAutoTimeZoneEnabledWithPOOnUser0() throws Exception {
		mContext.binder.callingUid = DpmMockContext.SYSTEM_UID;
		setupProfileOwnerOnUser0();
		@@ -4395,6 +4400,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
		}

		@Test
		@Ignore("b/277916462")
		public void testSetAutoTimeZoneEnabledFailWithPONotOnUser0() throws Exception {
		setupProfileOwner();
		assertExpectException(SecurityException.class, null,
		@@ -4404,6 +4410,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
		}

		@Test
		@Ignore("b/277916462")
		public void testSetAutoTimeZoneEnabledWithPOOfOrganizationOwnedDevice() throws Exception {
		setupProfileOwner();
		configureProfileOwnerOfOrgOwnedDevice(admin1, CALLER_USER_HANDLE);
		@@ -5377,6 +5384,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
		}

		@Test
		@Ignore("b/277916462")
		public void testResetPasswordWithToken() throws Exception {
		mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID;
		setupDeviceOwner();
		@@ -5411,6 +5419,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
		}

		@Test
		@Ignore("b/277916462")
		public void resetPasswordWithToken_NumericPin() throws Exception {
		mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID;
		setupDeviceOwner();
		@@ -5431,6 +5440,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
		}

		@Test
		@Ignore("b/277916462")
		public void resetPasswordWithToken_EmptyPassword() throws Exception {
		mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID;
		setupDeviceOwner();
		@@ -7251,6 +7261,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
		}

		@Test
		@Ignore("b/277916462")
		public void testCanProfileOwnerResetPasswordWhenLocked() throws Exception {
		setDeviceEncryptionPerUser();
		setupProfileOwner();
		@@ -7314,6 +7325,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
		}

		@Test
		@Ignore("b/277916462")
		public void testSetAccountTypesWithManagementDisabledOnManagedProfile() throws Exception {
		setupProfileOwner();

		@@ -7333,6 +7345,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
		}

		@Test
		@Ignore("b/277916462")
		public void testSetAccountTypesWithManagementDisabledOnOrgOwnedManagedProfile()
		throws Exception {
		mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS);