Loading core/api/test-current.txt +18 −0 Original line number Diff line number Diff line Loading @@ -385,18 +385,35 @@ package android.app.admin { method @NonNull public static String operationToString(int); method @RequiresPermission("android.permission.MANAGE_DEVICE_ADMINS") public void setNextOperationSafety(int, boolean); field public static final String ACTION_DATA_SHARING_RESTRICTION_APPLIED = "android.app.action.DATA_SHARING_RESTRICTION_APPLIED"; field public static final int OPERATION_CLEAR_APPLICATION_USER_DATA = 23; // 0x17 field public static final int OPERATION_CREATE_AND_MANAGE_USER = 5; // 0x5 field public static final int OPERATION_INSTALL_CA_CERT = 24; // 0x18 field public static final int OPERATION_INSTALL_KEY_PAIR = 25; // 0x19 field public static final int OPERATION_INSTALL_SYSTEM_UPDATE = 26; // 0x1a field public static final int OPERATION_LOCK_NOW = 1; // 0x1 field public static final int OPERATION_LOGOUT_USER = 9; // 0x9 field public static final int OPERATION_REBOOT = 7; // 0x7 field public static final int OPERATION_REMOVE_ACTIVE_ADMIN = 27; // 0x1b field public static final int OPERATION_REMOVE_KEY_PAIR = 28; // 0x1c field public static final int OPERATION_REMOVE_USER = 6; // 0x6 field public static final int OPERATION_REQUEST_BUGREPORT = 29; // 0x1d field public static final int OPERATION_SET_ALWAYS_ON_VPN_PACKAGE = 30; // 0x1e field public static final int OPERATION_SET_APPLICATION_HIDDEN = 15; // 0xf field public static final int OPERATION_SET_APPLICATION_RESTRICTIONS = 16; // 0x10 field public static final int OPERATION_SET_CAMERA_DISABLED = 31; // 0x1f field public static final int OPERATION_SET_FACTORY_RESET_PROTECTION_POLICY = 32; // 0x20 field public static final int OPERATION_SET_GLOBAL_PRIVATE_DNS = 33; // 0x21 field public static final int OPERATION_SET_KEEP_UNINSTALLED_PACKAGES = 17; // 0x11 field public static final int OPERATION_SET_KEYGUARD_DISABLED = 12; // 0xc field public static final int OPERATION_SET_LOCK_TASK_FEATURES = 18; // 0x12 field public static final int OPERATION_SET_LOCK_TASK_PACKAGES = 19; // 0x13 field public static final int OPERATION_SET_LOGOUT_ENABLED = 34; // 0x22 field public static final int OPERATION_SET_MASTER_VOLUME_MUTED = 35; // 0x23 field public static final int OPERATION_SET_OVERRIDE_APNS_ENABLED = 36; // 0x24 field public static final int OPERATION_SET_PACKAGES_SUSPENDED = 20; // 0x14 field public static final int OPERATION_SET_PERMISSION_GRANT_STATE = 37; // 0x25 field public static final int OPERATION_SET_PERMISSION_POLICY = 38; // 0x26 field public static final int OPERATION_SET_RESTRICTIONS_PROVIDER = 39; // 0x27 field public static final int OPERATION_SET_STATUS_BAR_DISABLED = 13; // 0xd field public static final int OPERATION_SET_SYSTEM_SETTING = 11; // 0xb field public static final int OPERATION_SET_SYSTEM_UPDATE_POLICY = 14; // 0xe Loading @@ -406,6 +423,7 @@ package android.app.admin { field public static final int OPERATION_START_USER_IN_BACKGROUND = 3; // 0x3 field public static final int OPERATION_STOP_USER = 4; // 0x4 field public static final int OPERATION_SWITCH_USER = 2; // 0x2 field public static final int OPERATION_UNINSTALL_CA_CERT = 40; // 0x28 field public static final int OPERATION_WIPE_DATA = 8; // 0x8 } Loading core/java/android/app/admin/DevicePolicyManager.java +74 −2 Original line number Diff line number Diff line Loading @@ -2690,6 +2690,60 @@ public class DevicePolicyManager { /** @hide */ @TestApi public static final int OPERATION_SET_USER_CONTROL_DISABLED_PACKAGES = 22; /** @hide */ @TestApi public static final int OPERATION_CLEAR_APPLICATION_USER_DATA = 23; /** @hide */ @TestApi public static final int OPERATION_INSTALL_CA_CERT = 24; /** @hide */ @TestApi public static final int OPERATION_INSTALL_KEY_PAIR = 25; /** @hide */ @TestApi public static final int OPERATION_INSTALL_SYSTEM_UPDATE = 26; /** @hide */ @TestApi public static final int OPERATION_REMOVE_ACTIVE_ADMIN = 27; /** @hide */ @TestApi public static final int OPERATION_REMOVE_KEY_PAIR = 28; /** @hide */ @TestApi public static final int OPERATION_REQUEST_BUGREPORT = 29; /** @hide */ @TestApi public static final int OPERATION_SET_ALWAYS_ON_VPN_PACKAGE = 30; /** @hide */ @TestApi public static final int OPERATION_SET_CAMERA_DISABLED = 31; /** @hide */ @TestApi public static final int OPERATION_SET_FACTORY_RESET_PROTECTION_POLICY = 32; /** @hide */ @TestApi public static final int OPERATION_SET_GLOBAL_PRIVATE_DNS = 33; /** @hide */ @TestApi public static final int OPERATION_SET_LOGOUT_ENABLED = 34; /** @hide */ @TestApi public static final int OPERATION_SET_MASTER_VOLUME_MUTED = 35; /** @hide */ @TestApi public static final int OPERATION_SET_OVERRIDE_APNS_ENABLED = 36; /** @hide */ @TestApi public static final int OPERATION_SET_PERMISSION_GRANT_STATE = 37; /** @hide */ @TestApi public static final int OPERATION_SET_PERMISSION_POLICY = 38; /** @hide */ @TestApi public static final int OPERATION_SET_RESTRICTIONS_PROVIDER = 39; /** @hide */ @TestApi public static final int OPERATION_UNINSTALL_CA_CERT = 40; private static final String PREFIX_OPERATION = "OPERATION_"; Loading @@ -2716,7 +2770,25 @@ public class DevicePolicyManager { OPERATION_SET_LOCK_TASK_PACKAGES, OPERATION_SET_PACKAGES_SUSPENDED, OPERATION_SET_TRUST_AGENT_CONFIGURATION, OPERATION_SET_USER_CONTROL_DISABLED_PACKAGES OPERATION_SET_USER_CONTROL_DISABLED_PACKAGES, OPERATION_CLEAR_APPLICATION_USER_DATA, OPERATION_INSTALL_CA_CERT, OPERATION_INSTALL_KEY_PAIR, OPERATION_INSTALL_SYSTEM_UPDATE, OPERATION_REMOVE_ACTIVE_ADMIN, OPERATION_REMOVE_KEY_PAIR, OPERATION_REQUEST_BUGREPORT, OPERATION_SET_ALWAYS_ON_VPN_PACKAGE, OPERATION_SET_CAMERA_DISABLED, OPERATION_SET_FACTORY_RESET_PROTECTION_POLICY, OPERATION_SET_GLOBAL_PRIVATE_DNS, OPERATION_SET_LOGOUT_ENABLED, OPERATION_SET_MASTER_VOLUME_MUTED, OPERATION_SET_OVERRIDE_APNS_ENABLED, OPERATION_SET_PERMISSION_GRANT_STATE, OPERATION_SET_PERMISSION_POLICY, OPERATION_SET_RESTRICTIONS_PROVIDER, OPERATION_UNINSTALL_CA_CERT }) @Retention(RetentionPolicy.SOURCE) public static @interface DevicePolicyOperation { Loading Loading @@ -9823,7 +9895,7 @@ public class DevicePolicyManager { * Designates a specific service component as the provider for making permission requests of a * local or remote administrator of the user. * <p/> * Only a profile owner can designate the restrictions provider. * Only a device owner or profile owner can designate the restrictions provider. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param provider The component name of the service that implements Loading services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +20 −0 Original line number Diff line number Diff line Loading @@ -3383,6 +3383,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { final CallerIdentity caller = getCallerIdentity(); Preconditions.checkCallAuthorization(hasFullCrossUsersPermission(caller, userHandle)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_REMOVE_ACTIVE_ADMIN); enforceUserUnlocked(userHandle); synchronized (getLockObject()) { Loading Loading @@ -5143,6 +5144,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } final CallerIdentity caller = getCallerIdentity(admin, callerPackage); Preconditions.checkCallAuthorization(canManageCaCerts(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_INSTALL_CA_CERT); final String alias = mInjector.binderWithCleanCallingIdentity(() -> { String installedAlias = mCertificateMonitor.installCaCert( Loading Loading @@ -5174,6 +5176,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } final CallerIdentity caller = getCallerIdentity(admin, callerPackage); Preconditions.checkCallAuthorization(canManageCaCerts(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_UNINSTALL_CA_CERT); mInjector.binderWithCleanCallingIdentity(() -> { mCertificateMonitor.uninstallCaCerts(caller.getUserHandle(), aliases); Loading Loading @@ -5203,6 +5206,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkCallAuthorization((caller.hasAdminComponent() && (isProfileOwner(caller) || isDeviceOwner(caller))) || (caller.hasPackage() && (isCallerDelegate || isCredentialManagementApp))); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_INSTALL_KEY_PAIR); final long id = mInjector.binderClearCallingIdentity(); try { Loading Loading @@ -5260,6 +5264,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkCallAuthorization((caller.hasAdminComponent() && (isProfileOwner(caller) || isDeviceOwner(caller))) || (caller.hasPackage() && (isCallerDelegate || isCredentialManagementApp))); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_REMOVE_KEY_PAIR); final long id = Binder.clearCallingIdentity(); try { Loading Loading @@ -6157,6 +6162,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { final CallerIdentity caller = getCallerIdentity(who); Preconditions.checkCallAuthorization(isDeviceOwner(caller) || isProfileOwner(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_ALWAYS_ON_VPN_PACKAGE); final int userId = caller.getUserId(); mInjector.binderWithCleanCallingIdentity(() -> { Loading Loading @@ -6500,6 +6506,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { CallerIdentity caller = getCallerIdentity(who); Preconditions.checkCallAuthorization(isDeviceOwner(caller) || isProfileOwnerOfOrganizationOwnedDevice(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager .OPERATION_SET_FACTORY_RESET_PROTECTION_POLICY); final int frpManagementAgentUid = getFrpManagementAgentUidOrThrow(); synchronized (getLockObject()) { Loading Loading @@ -7397,6 +7405,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { final CallerIdentity caller = getCallerIdentity(who); Preconditions.checkCallAuthorization(isDeviceOwner(caller)); checkAllUsersAreAffiliatedWithDevice(); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_REQUEST_BUGREPORT); if (mBugreportCollectionManager.requestBugreport()) { DevicePolicyEventLogger Loading Loading @@ -7506,6 +7515,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { if (parent) { Preconditions.checkCallAuthorization(isProfileOwnerOfOrganizationOwnedDevice(caller)); } checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_CAMERA_DISABLED); final int userHandle = caller.getUserId(); synchronized (getLockObject()) { Loading Loading @@ -9256,6 +9266,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Objects.requireNonNull(who, "ComponentName is null"); final CallerIdentity caller = getCallerIdentity(who); Preconditions.checkCallAuthorization(isProfileOwner(caller) || isDeviceOwner(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_RESTRICTIONS_PROVIDER); synchronized (getLockObject()) { int userHandle = caller.getUserId(); Loading Loading @@ -11431,6 +11442,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Objects.requireNonNull(who, "ComponentName is null"); final CallerIdentity caller = getCallerIdentity(who); Preconditions.checkCallAuthorization(isProfileOwner(caller) || isDeviceOwner(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_MASTER_VOLUME_MUTED); synchronized (getLockObject()) { setUserRestriction(who, UserManager.DISALLOW_UNMUTE_DEVICE, on, /* parent */ false); Loading Loading @@ -12407,6 +12419,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkCallAuthorization((caller.hasAdminComponent() && (isProfileOwner(caller) || isDeviceOwner(caller))) || (caller.hasPackage() && isCallerDelegate(caller, DELEGATION_PERMISSION_GRANT))); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_PERMISSION_POLICY); synchronized (getLockObject()) { DevicePolicyData userPolicy = getUserData(caller.getUserId()); Loading Loading @@ -12442,6 +12455,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkCallAuthorization((caller.hasAdminComponent() && (isProfileOwner(caller) || isDeviceOwner(caller))) || (caller.hasPackage() && isCallerDelegate(caller, DELEGATION_PERMISSION_GRANT))); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_PERMISSION_GRANT_STATE); synchronized (getLockObject()) { long ident = mInjector.binderClearCallingIdentity(); Loading Loading @@ -14418,6 +14432,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { final CallerIdentity caller = getCallerIdentity(admin); Preconditions.checkCallAuthorization(isDeviceOwner(caller) || isProfileOwner(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_CLEAR_APPLICATION_USER_DATA); long ident = mInjector.binderClearCallingIdentity(); try { Loading Loading @@ -14449,6 +14464,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Objects.requireNonNull(admin, "ComponentName is null"); final CallerIdentity caller = getCallerIdentity(admin); Preconditions.checkCallAuthorization(isDeviceOwner(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_LOGOUT_ENABLED); synchronized (getLockObject()) { ActiveAdmin deviceOwner = getDeviceOwnerAdminLocked(); Loading Loading @@ -14816,6 +14832,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Objects.requireNonNull(who, "ComponentName is null"); final CallerIdentity caller = getCallerIdentity(who); Preconditions.checkCallAuthorization(isDeviceOwner(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_OVERRIDE_APNS_ENABLED); setOverrideApnsEnabledUnchecked(enabled); } Loading Loading @@ -14917,6 +14935,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Objects.requireNonNull(who, "ComponentName is null"); final CallerIdentity caller = getCallerIdentity(who); Preconditions.checkCallAuthorization(isDeviceOwner(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_GLOBAL_PRIVATE_DNS); switch (mode) { case PRIVATE_DNS_MODE_OPPORTUNISTIC: Loading Loading @@ -14989,6 +15008,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { final CallerIdentity caller = getCallerIdentity(admin); Preconditions.checkCallAuthorization(isDeviceOwner(caller) || isProfileOwnerOfOrganizationOwnedDevice(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_INSTALL_SYSTEM_UPDATE); DevicePolicyEventLogger .createEvent(DevicePolicyEnums.INSTALL_SYSTEM_UPDATE) Loading
core/api/test-current.txt +18 −0 Original line number Diff line number Diff line Loading @@ -385,18 +385,35 @@ package android.app.admin { method @NonNull public static String operationToString(int); method @RequiresPermission("android.permission.MANAGE_DEVICE_ADMINS") public void setNextOperationSafety(int, boolean); field public static final String ACTION_DATA_SHARING_RESTRICTION_APPLIED = "android.app.action.DATA_SHARING_RESTRICTION_APPLIED"; field public static final int OPERATION_CLEAR_APPLICATION_USER_DATA = 23; // 0x17 field public static final int OPERATION_CREATE_AND_MANAGE_USER = 5; // 0x5 field public static final int OPERATION_INSTALL_CA_CERT = 24; // 0x18 field public static final int OPERATION_INSTALL_KEY_PAIR = 25; // 0x19 field public static final int OPERATION_INSTALL_SYSTEM_UPDATE = 26; // 0x1a field public static final int OPERATION_LOCK_NOW = 1; // 0x1 field public static final int OPERATION_LOGOUT_USER = 9; // 0x9 field public static final int OPERATION_REBOOT = 7; // 0x7 field public static final int OPERATION_REMOVE_ACTIVE_ADMIN = 27; // 0x1b field public static final int OPERATION_REMOVE_KEY_PAIR = 28; // 0x1c field public static final int OPERATION_REMOVE_USER = 6; // 0x6 field public static final int OPERATION_REQUEST_BUGREPORT = 29; // 0x1d field public static final int OPERATION_SET_ALWAYS_ON_VPN_PACKAGE = 30; // 0x1e field public static final int OPERATION_SET_APPLICATION_HIDDEN = 15; // 0xf field public static final int OPERATION_SET_APPLICATION_RESTRICTIONS = 16; // 0x10 field public static final int OPERATION_SET_CAMERA_DISABLED = 31; // 0x1f field public static final int OPERATION_SET_FACTORY_RESET_PROTECTION_POLICY = 32; // 0x20 field public static final int OPERATION_SET_GLOBAL_PRIVATE_DNS = 33; // 0x21 field public static final int OPERATION_SET_KEEP_UNINSTALLED_PACKAGES = 17; // 0x11 field public static final int OPERATION_SET_KEYGUARD_DISABLED = 12; // 0xc field public static final int OPERATION_SET_LOCK_TASK_FEATURES = 18; // 0x12 field public static final int OPERATION_SET_LOCK_TASK_PACKAGES = 19; // 0x13 field public static final int OPERATION_SET_LOGOUT_ENABLED = 34; // 0x22 field public static final int OPERATION_SET_MASTER_VOLUME_MUTED = 35; // 0x23 field public static final int OPERATION_SET_OVERRIDE_APNS_ENABLED = 36; // 0x24 field public static final int OPERATION_SET_PACKAGES_SUSPENDED = 20; // 0x14 field public static final int OPERATION_SET_PERMISSION_GRANT_STATE = 37; // 0x25 field public static final int OPERATION_SET_PERMISSION_POLICY = 38; // 0x26 field public static final int OPERATION_SET_RESTRICTIONS_PROVIDER = 39; // 0x27 field public static final int OPERATION_SET_STATUS_BAR_DISABLED = 13; // 0xd field public static final int OPERATION_SET_SYSTEM_SETTING = 11; // 0xb field public static final int OPERATION_SET_SYSTEM_UPDATE_POLICY = 14; // 0xe Loading @@ -406,6 +423,7 @@ package android.app.admin { field public static final int OPERATION_START_USER_IN_BACKGROUND = 3; // 0x3 field public static final int OPERATION_STOP_USER = 4; // 0x4 field public static final int OPERATION_SWITCH_USER = 2; // 0x2 field public static final int OPERATION_UNINSTALL_CA_CERT = 40; // 0x28 field public static final int OPERATION_WIPE_DATA = 8; // 0x8 } Loading
core/java/android/app/admin/DevicePolicyManager.java +74 −2 Original line number Diff line number Diff line Loading @@ -2690,6 +2690,60 @@ public class DevicePolicyManager { /** @hide */ @TestApi public static final int OPERATION_SET_USER_CONTROL_DISABLED_PACKAGES = 22; /** @hide */ @TestApi public static final int OPERATION_CLEAR_APPLICATION_USER_DATA = 23; /** @hide */ @TestApi public static final int OPERATION_INSTALL_CA_CERT = 24; /** @hide */ @TestApi public static final int OPERATION_INSTALL_KEY_PAIR = 25; /** @hide */ @TestApi public static final int OPERATION_INSTALL_SYSTEM_UPDATE = 26; /** @hide */ @TestApi public static final int OPERATION_REMOVE_ACTIVE_ADMIN = 27; /** @hide */ @TestApi public static final int OPERATION_REMOVE_KEY_PAIR = 28; /** @hide */ @TestApi public static final int OPERATION_REQUEST_BUGREPORT = 29; /** @hide */ @TestApi public static final int OPERATION_SET_ALWAYS_ON_VPN_PACKAGE = 30; /** @hide */ @TestApi public static final int OPERATION_SET_CAMERA_DISABLED = 31; /** @hide */ @TestApi public static final int OPERATION_SET_FACTORY_RESET_PROTECTION_POLICY = 32; /** @hide */ @TestApi public static final int OPERATION_SET_GLOBAL_PRIVATE_DNS = 33; /** @hide */ @TestApi public static final int OPERATION_SET_LOGOUT_ENABLED = 34; /** @hide */ @TestApi public static final int OPERATION_SET_MASTER_VOLUME_MUTED = 35; /** @hide */ @TestApi public static final int OPERATION_SET_OVERRIDE_APNS_ENABLED = 36; /** @hide */ @TestApi public static final int OPERATION_SET_PERMISSION_GRANT_STATE = 37; /** @hide */ @TestApi public static final int OPERATION_SET_PERMISSION_POLICY = 38; /** @hide */ @TestApi public static final int OPERATION_SET_RESTRICTIONS_PROVIDER = 39; /** @hide */ @TestApi public static final int OPERATION_UNINSTALL_CA_CERT = 40; private static final String PREFIX_OPERATION = "OPERATION_"; Loading @@ -2716,7 +2770,25 @@ public class DevicePolicyManager { OPERATION_SET_LOCK_TASK_PACKAGES, OPERATION_SET_PACKAGES_SUSPENDED, OPERATION_SET_TRUST_AGENT_CONFIGURATION, OPERATION_SET_USER_CONTROL_DISABLED_PACKAGES OPERATION_SET_USER_CONTROL_DISABLED_PACKAGES, OPERATION_CLEAR_APPLICATION_USER_DATA, OPERATION_INSTALL_CA_CERT, OPERATION_INSTALL_KEY_PAIR, OPERATION_INSTALL_SYSTEM_UPDATE, OPERATION_REMOVE_ACTIVE_ADMIN, OPERATION_REMOVE_KEY_PAIR, OPERATION_REQUEST_BUGREPORT, OPERATION_SET_ALWAYS_ON_VPN_PACKAGE, OPERATION_SET_CAMERA_DISABLED, OPERATION_SET_FACTORY_RESET_PROTECTION_POLICY, OPERATION_SET_GLOBAL_PRIVATE_DNS, OPERATION_SET_LOGOUT_ENABLED, OPERATION_SET_MASTER_VOLUME_MUTED, OPERATION_SET_OVERRIDE_APNS_ENABLED, OPERATION_SET_PERMISSION_GRANT_STATE, OPERATION_SET_PERMISSION_POLICY, OPERATION_SET_RESTRICTIONS_PROVIDER, OPERATION_UNINSTALL_CA_CERT }) @Retention(RetentionPolicy.SOURCE) public static @interface DevicePolicyOperation { Loading Loading @@ -9823,7 +9895,7 @@ public class DevicePolicyManager { * Designates a specific service component as the provider for making permission requests of a * local or remote administrator of the user. * <p/> * Only a profile owner can designate the restrictions provider. * Only a device owner or profile owner can designate the restrictions provider. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param provider The component name of the service that implements Loading
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +20 −0 Original line number Diff line number Diff line Loading @@ -3383,6 +3383,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { final CallerIdentity caller = getCallerIdentity(); Preconditions.checkCallAuthorization(hasFullCrossUsersPermission(caller, userHandle)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_REMOVE_ACTIVE_ADMIN); enforceUserUnlocked(userHandle); synchronized (getLockObject()) { Loading Loading @@ -5143,6 +5144,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } final CallerIdentity caller = getCallerIdentity(admin, callerPackage); Preconditions.checkCallAuthorization(canManageCaCerts(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_INSTALL_CA_CERT); final String alias = mInjector.binderWithCleanCallingIdentity(() -> { String installedAlias = mCertificateMonitor.installCaCert( Loading Loading @@ -5174,6 +5176,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } final CallerIdentity caller = getCallerIdentity(admin, callerPackage); Preconditions.checkCallAuthorization(canManageCaCerts(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_UNINSTALL_CA_CERT); mInjector.binderWithCleanCallingIdentity(() -> { mCertificateMonitor.uninstallCaCerts(caller.getUserHandle(), aliases); Loading Loading @@ -5203,6 +5206,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkCallAuthorization((caller.hasAdminComponent() && (isProfileOwner(caller) || isDeviceOwner(caller))) || (caller.hasPackage() && (isCallerDelegate || isCredentialManagementApp))); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_INSTALL_KEY_PAIR); final long id = mInjector.binderClearCallingIdentity(); try { Loading Loading @@ -5260,6 +5264,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkCallAuthorization((caller.hasAdminComponent() && (isProfileOwner(caller) || isDeviceOwner(caller))) || (caller.hasPackage() && (isCallerDelegate || isCredentialManagementApp))); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_REMOVE_KEY_PAIR); final long id = Binder.clearCallingIdentity(); try { Loading Loading @@ -6157,6 +6162,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { final CallerIdentity caller = getCallerIdentity(who); Preconditions.checkCallAuthorization(isDeviceOwner(caller) || isProfileOwner(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_ALWAYS_ON_VPN_PACKAGE); final int userId = caller.getUserId(); mInjector.binderWithCleanCallingIdentity(() -> { Loading Loading @@ -6500,6 +6506,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { CallerIdentity caller = getCallerIdentity(who); Preconditions.checkCallAuthorization(isDeviceOwner(caller) || isProfileOwnerOfOrganizationOwnedDevice(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager .OPERATION_SET_FACTORY_RESET_PROTECTION_POLICY); final int frpManagementAgentUid = getFrpManagementAgentUidOrThrow(); synchronized (getLockObject()) { Loading Loading @@ -7397,6 +7405,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { final CallerIdentity caller = getCallerIdentity(who); Preconditions.checkCallAuthorization(isDeviceOwner(caller)); checkAllUsersAreAffiliatedWithDevice(); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_REQUEST_BUGREPORT); if (mBugreportCollectionManager.requestBugreport()) { DevicePolicyEventLogger Loading Loading @@ -7506,6 +7515,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { if (parent) { Preconditions.checkCallAuthorization(isProfileOwnerOfOrganizationOwnedDevice(caller)); } checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_CAMERA_DISABLED); final int userHandle = caller.getUserId(); synchronized (getLockObject()) { Loading Loading @@ -9256,6 +9266,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Objects.requireNonNull(who, "ComponentName is null"); final CallerIdentity caller = getCallerIdentity(who); Preconditions.checkCallAuthorization(isProfileOwner(caller) || isDeviceOwner(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_RESTRICTIONS_PROVIDER); synchronized (getLockObject()) { int userHandle = caller.getUserId(); Loading Loading @@ -11431,6 +11442,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Objects.requireNonNull(who, "ComponentName is null"); final CallerIdentity caller = getCallerIdentity(who); Preconditions.checkCallAuthorization(isProfileOwner(caller) || isDeviceOwner(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_MASTER_VOLUME_MUTED); synchronized (getLockObject()) { setUserRestriction(who, UserManager.DISALLOW_UNMUTE_DEVICE, on, /* parent */ false); Loading Loading @@ -12407,6 +12419,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkCallAuthorization((caller.hasAdminComponent() && (isProfileOwner(caller) || isDeviceOwner(caller))) || (caller.hasPackage() && isCallerDelegate(caller, DELEGATION_PERMISSION_GRANT))); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_PERMISSION_POLICY); synchronized (getLockObject()) { DevicePolicyData userPolicy = getUserData(caller.getUserId()); Loading Loading @@ -12442,6 +12455,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkCallAuthorization((caller.hasAdminComponent() && (isProfileOwner(caller) || isDeviceOwner(caller))) || (caller.hasPackage() && isCallerDelegate(caller, DELEGATION_PERMISSION_GRANT))); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_PERMISSION_GRANT_STATE); synchronized (getLockObject()) { long ident = mInjector.binderClearCallingIdentity(); Loading Loading @@ -14418,6 +14432,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { final CallerIdentity caller = getCallerIdentity(admin); Preconditions.checkCallAuthorization(isDeviceOwner(caller) || isProfileOwner(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_CLEAR_APPLICATION_USER_DATA); long ident = mInjector.binderClearCallingIdentity(); try { Loading Loading @@ -14449,6 +14464,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Objects.requireNonNull(admin, "ComponentName is null"); final CallerIdentity caller = getCallerIdentity(admin); Preconditions.checkCallAuthorization(isDeviceOwner(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_LOGOUT_ENABLED); synchronized (getLockObject()) { ActiveAdmin deviceOwner = getDeviceOwnerAdminLocked(); Loading Loading @@ -14816,6 +14832,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Objects.requireNonNull(who, "ComponentName is null"); final CallerIdentity caller = getCallerIdentity(who); Preconditions.checkCallAuthorization(isDeviceOwner(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_OVERRIDE_APNS_ENABLED); setOverrideApnsEnabledUnchecked(enabled); } Loading Loading @@ -14917,6 +14935,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Objects.requireNonNull(who, "ComponentName is null"); final CallerIdentity caller = getCallerIdentity(who); Preconditions.checkCallAuthorization(isDeviceOwner(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_GLOBAL_PRIVATE_DNS); switch (mode) { case PRIVATE_DNS_MODE_OPPORTUNISTIC: Loading Loading @@ -14989,6 +15008,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { final CallerIdentity caller = getCallerIdentity(admin); Preconditions.checkCallAuthorization(isDeviceOwner(caller) || isProfileOwnerOfOrganizationOwnedDevice(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_INSTALL_SYSTEM_UPDATE); DevicePolicyEventLogger .createEvent(DevicePolicyEnums.INSTALL_SYSTEM_UPDATE)
