Merge "Remove ownerName from DPMS.setProfileOwner arguments"

            try {

                final int myUserId = myUserId();

                mService.setActiveAdmin(admin, false, myUserId);

                return mService.setProfileOwner(admin, ownerName, myUserId);

                return mService.setProfileOwner(admin, myUserId);

            } catch (RemoteException re) {

                throw re.rethrowFromSystemServer();

            }

     * - the caller is SYSTEM_UID.

     * - or the caller is the shell uid, and there are no accounts on the specified user.

     * @param admin the component name to be registered as profile owner.

     * @param ownerName the human readable name of the organisation associated with this DPM.

     * @param userHandle the userId to set the profile owner for.

     * @return whether the component was successfully registered as the profile owner.

     * @throws IllegalArgumentException if admin is null, the package isn't installed, or the

     * preconditions mentioned are not met.

     */

    public boolean setProfileOwner(@NonNull ComponentName admin, @Deprecated String ownerName,

            int userHandle) throws IllegalArgumentException {

    public boolean setProfileOwner(@NonNull ComponentName admin, int userHandle)

            throws IllegalArgumentException {

        if (mService != null) {

            try {

                if (ownerName == null) {

                    ownerName = "";

                }

                return mService.setProfileOwner(admin, ownerName, userHandle);

                return mService.setProfileOwner(admin, userHandle);

            } catch (RemoteException re) {

                throw re.rethrowFromSystemServer();

            }

    void clearDeviceOwner(String packageName);

    int getDeviceOwnerUserId();

    boolean setProfileOwner(in ComponentName who, String ownerName, int userHandle);

    boolean setProfileOwner(in ComponentName who, int userHandle);

    ComponentName getProfileOwnerAsUser(int userHandle);

    ComponentName getProfileOwnerOrDeviceOwnerSupervisionComponent(in UserHandle userHandle);

    boolean isSupervisionComponent(in ComponentName who);

        });

    }

    // TODO(b/240562946): Remove owner name from API parameters.

    @Override

    public boolean setProfileOwner(ComponentName who, String ownerName, int userHandle) {

    public boolean setProfileOwner(ComponentName who, int userHandle) {

        if (!mHasFeature) {

            logMissingFeatureAction("Cannot set " + ComponentName.flattenToShortString(who)

                    + " as profile owner for user " + userHandle);

        // Set admin.

        setActiveAdmin(profileOwner, /* refreshing= */ true, userId);

        final String ownerName = getProfileOwnerNameUnchecked(

                Process.myUserHandle().getIdentifier());

        setProfileOwner(profileOwner, ownerName, userId);

        setProfileOwner(profileOwner, userId);

        synchronized (getLockObject()) {

            DevicePolicyData policyData = getUserData(userId);

            maybeInstallDevicePolicyManagementRoleHolderInUser(userInfo.id);

            installExistingAdminPackage(userInfo.id, admin.getPackageName());

            if (!enableAdminAndSetProfileOwner(

                    userInfo.id, caller.getUserId(), admin, provisioningParams.getOwnerName())) {

            if (!enableAdminAndSetProfileOwner(userInfo.id, caller.getUserId(), admin)) {

                throw new ServiceSpecificException(

                        ERROR_SETTING_PROFILE_OWNER_FAILED,

                        "Error setting profile owner.");

    }

    private boolean enableAdminAndSetProfileOwner(

            @UserIdInt int userId, @UserIdInt int callingUserId, ComponentName adminComponent,

            String ownerName) {

            @UserIdInt int userId, @UserIdInt int callingUserId, ComponentName adminComponent) {

        enableAndSetActiveAdmin(userId, callingUserId, adminComponent);

        return setProfileOwner(adminComponent, ownerName, userId);

        return setProfileOwner(adminComponent, userId);

    }

    private void enableAndSetActiveAdmin(

    private final DevicePolicyManagerService mService;

    private int mUserId = UserHandle.USER_SYSTEM;

    //TODO(b/240562946): remove mName once it is not used by setDeviceOwner

    private String mName = "";

    private ComponentName mComponent;

    private boolean mSetDoOnly;

        mService.setActiveAdmin(mComponent, /* refreshing= */ true, mUserId);

        try {

            if (!mService.setProfileOwner(mComponent, mName, mUserId)) {

            if (!mService.setProfileOwner(mComponent, mUserId)) {

                throw new RuntimeException("Can't set component "

                        + mComponent.flattenToShortString() + " as profile owner for user "

                        + mUserId);

            // PO needs to be a DA.

            dpm.setActiveAdmin(admin, /*replace=*/ false);

            // Fire!

            assertThat(dpm.setProfileOwner(admin, "owner-name", CALLER_USER_HANDLE)).isTrue();

            assertThat(dpm.setProfileOwner(admin, CALLER_USER_HANDLE)).isTrue();

            // Check

            assertThat(dpm.getProfileOwnerAsUser(CALLER_USER_HANDLE)).isEqualTo(admin);

        });

        dpm.setActiveAdmin(admin2, /* refreshing= */ true, UserHandle.USER_SYSTEM);

        assertExpectException(IllegalStateException.class,

                /* messageRegex= */ "already has a device owner",

                () -> dpm.setProfileOwner(admin2, "owner-name", UserHandle.USER_SYSTEM));

                () -> dpm.setProfileOwner(admin2, UserHandle.USER_SYSTEM));

        // DO admin can't be deactivated.

        dpm.removeActiveAdmin(admin1);

        dpm.setActiveAdmin(admin2, /* refreshing= */ true, CALLER_USER_HANDLE);

        assertExpectException(IllegalStateException.class,

                /* messageRegex= */ "profile owner is already set",

                () -> dpm.setProfileOwner(admin2, "owner-name", CALLER_USER_HANDLE));

                () -> dpm.setProfileOwner(admin2, CALLER_USER_HANDLE));

        // DO admin can't be deactivated.

        dpm.removeActiveAdmin(admin1);

        // Package doesn't exist and caller is not system

        assertExpectException(SecurityException.class,

                /* messageRegex= */ "Calling identity is not authorized",

                () -> dpm.setProfileOwner(admin1, "owner-name", UserHandle.USER_SYSTEM));

                () -> dpm.setProfileOwner(admin1, UserHandle.USER_SYSTEM));

        // Package exists, but caller is not system

        setUpPackageManagerForAdmin(admin1, DpmMockContext.CALLER_SYSTEM_USER_UID);

        assertExpectException(SecurityException.class,

                /* messageRegex= */ "Calling identity is not authorized",

                () -> dpm.setProfileOwner(admin1, "owner-name", UserHandle.USER_SYSTEM));

                () -> dpm.setProfileOwner(admin1, UserHandle.USER_SYSTEM));

    }

    @Test

                () -> dpm.getWifiMacAddress(admin1));

        // Test 3. Caller has PO, but not DO.

        assertThat(dpm.setProfileOwner(admin1, null, UserHandle.USER_SYSTEM)).isTrue();

        assertThat(dpm.setProfileOwner(admin1, UserHandle.USER_SYSTEM)).isTrue();

        assertExpectException(SecurityException.class,

                /* messageRegex= */ INVALID_CALLING_IDENTITY_MSG,

                () -> dpm.getWifiMacAddress(admin1));

                INVALID_CALLING_IDENTITY_MSG, () -> dpm.reboot(admin1));

        // Set admin1 as PO.

        assertThat(dpm.setProfileOwner(admin1, null, UserHandle.USER_SYSTEM)).isTrue();

        assertThat(dpm.setProfileOwner(admin1, UserHandle.USER_SYSTEM)).isTrue();

        assertExpectException(SecurityException.class, /* messageRegex= */

                INVALID_CALLING_IDENTITY_MSG, () -> dpm.reboot(admin1));

        setUpPackageManagerForAdmin(admin1, DpmMockContext.CALLER_UID);

        dpm.setActiveAdmin(admin1, false);

        assertThat(dpm.setProfileOwner(admin1, null, CALLER_USER_HANDLE)).isTrue();

        assertThat(dpm.setProfileOwner(admin1, CALLER_USER_HANDLE)).isTrue();

        mContext.callerPermissions.removeAll(OWNER_SETUP_PERMISSIONS);

    }

        setUpPackageManagerForAdmin(admin1, DpmMockContext.SYSTEM_UID);

        dpm.setActiveAdmin(admin1, false);

        assertThat(dpm.setProfileOwner(admin1, null, UserHandle.USER_SYSTEM)).isTrue();

        assertThat(dpm.setProfileOwner(admin1, UserHandle.USER_SYSTEM)).isTrue();

        mContext.callerPermissions.removeAll(OWNER_SETUP_PERMISSIONS);

    }

        mContext.callerPermissions.addAll(OWNER_SETUP_PERMISSIONS);

        setUpPackageManagerForFakeAdmin(admin1, managedProfileAdminUid, admin1);

        dpm.setActiveAdmin(admin1, false, userId);

        assertThat(dpm.setProfileOwner(admin1, null, userId)).isFalse();

        assertThat(dpm.setProfileOwner(admin1, userId)).isFalse();

        mContext.callerPermissions.removeAll(OWNER_SETUP_PERMISSIONS);

    }

        setUpPackageManagerForFakeAdmin(admin, adminUid, /* enabledSetting= */ null,

                appTargetSdk, copyFromAdmin);

        dpm.setActiveAdmin(admin, false, userId);

        assertThat(dpm.setProfileOwner(admin, null, userId)).isTrue();

        assertThat(dpm.setProfileOwner(admin, userId)).isTrue();

        mContext.callerPermissions.removeAll(OWNER_SETUP_PERMISSIONS);

    }