Loading services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +13 −7 Original line number Diff line number Diff line Loading @@ -408,6 +408,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { private static final String ATTR_APPLICATION_RESTRICTIONS_MANAGER = "application-restrictions-manager"; private static final String CALLED_FROM_PARENT = "calledFromParent"; private static final String NOT_CALLED_FROM_PARENT = "notCalledFromParent"; // Comprehensive list of delegations. private static final String DELEGATIONS[] = { DELEGATION_CERT_INSTALL, Loading Loading @@ -4471,7 +4474,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { .createEvent(DevicePolicyEnums.SET_PASSWORD_QUALITY) .setAdmin(who) .setInt(quality) .setBoolean(parent) .setStrings(parent ? CALLED_FROM_PARENT : NOT_CALLED_FROM_PARENT) .write(); } Loading Loading @@ -5259,8 +5262,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { public int getPasswordComplexity(boolean parent) { DevicePolicyEventLogger .createEvent(DevicePolicyEnums.GET_USER_PASSWORD_COMPLEXITY_LEVEL) .setStrings(mInjector.getPackageManager() .getPackagesForUid(mInjector.binderGetCallingUid())) .setStrings(parent ? CALLED_FROM_PARENT : NOT_CALLED_FROM_PARENT, mInjector.getPackageManager().getPackagesForUid( mInjector.binderGetCallingUid())) .write(); final int callingUserId = mInjector.userHandleGetCallingUserId(); Loading Loading @@ -6934,6 +6938,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { .createEvent(DevicePolicyEnums.WIPE_DATA_WITH_REASON) .setAdmin(admin.info.getComponent()) .setInt(flags) .setStrings(calledOnParentInstance ? CALLED_FROM_PARENT : NOT_CALLED_FROM_PARENT) .write(); String internalReason = String.format( "DevicePolicyManager.wipeDataWithReason() from %s, organization-owned? %s", Loading Loading @@ -8093,6 +8098,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { .createEvent(DevicePolicyEnums.SET_CAMERA_DISABLED) .setAdmin(who) .setBoolean(disabled) .setStrings(parent ? CALLED_FROM_PARENT : NOT_CALLED_FROM_PARENT) .write(); } Loading Loading @@ -8170,7 +8176,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { .createEvent(DevicePolicyEnums.SET_KEYGUARD_DISABLED_FEATURES) .setAdmin(who) .setInt(which) .setBoolean(parent) .setStrings(parent ? CALLED_FROM_PARENT : NOT_CALLED_FROM_PARENT) .write(); } Loading Loading @@ -10677,7 +10683,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { DevicePolicyEventLogger .createEvent(eventId) .setAdmin(who) .setStrings(key) .setStrings(key, parent ? CALLED_FROM_PARENT : NOT_CALLED_FROM_PARENT) .write(); if (SecurityLog.isLoggingEnabled()) { final int eventTag = enabledFromThisOwner Loading Loading @@ -10821,8 +10827,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { .createEvent(DevicePolicyEnums.SET_APPLICATION_HIDDEN) .setAdmin(callerPackage) .setBoolean(isDelegate) .setBoolean(parent) .setStrings(packageName, hidden ? "hidden" : "not_hidden") .setStrings(packageName, hidden ? "hidden" : "not_hidden", parent ? CALLED_FROM_PARENT : NOT_CALLED_FROM_PARENT) .write(); return result; } Loading services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java +18 −0 Original line number Diff line number Diff line Loading @@ -5689,6 +5689,9 @@ public class DevicePolicyManagerTest extends DpmTestBase { } public void testGetPasswordComplexity_securityExceptionNotThrownForParentInstance() { mContext.binder.callingUid = DpmMockContext.CALLER_UID; when(getServices().packageManager.getPackagesForUid(DpmMockContext.CALLER_UID)).thenReturn( new String[0]); mServiceContext.permissions.add(permission.REQUEST_PASSWORD_COMPLEXITY); setAsProfileOwner(admin1); Loading @@ -5698,12 +5701,18 @@ public class DevicePolicyManagerTest extends DpmTestBase { } public void testGetPasswordComplexity_illegalStateExceptionIfLocked() { mContext.binder.callingUid = DpmMockContext.CALLER_UID; when(getServices().packageManager.getPackagesForUid(DpmMockContext.CALLER_UID)).thenReturn( new String[0]); when(getServices().userManager.isUserUnlocked(DpmMockContext.CALLER_USER_HANDLE)) .thenReturn(false); assertThrows(IllegalStateException.class, () -> dpm.getPasswordComplexity()); } public void testGetPasswordComplexity_securityExceptionWithoutPermissions() { mContext.binder.callingUid = DpmMockContext.CALLER_UID; when(getServices().packageManager.getPackagesForUid(DpmMockContext.CALLER_UID)).thenReturn( new String[0]); when(getServices().userManager.isUserUnlocked(DpmMockContext.CALLER_USER_HANDLE)) .thenReturn(true); assertThrows(SecurityException.class, () -> dpm.getPasswordComplexity()); Loading @@ -5711,6 +5720,9 @@ public class DevicePolicyManagerTest extends DpmTestBase { public void testGetPasswordComplexity_currentUserNoPassword() { mContext.binder.callingUid = DpmMockContext.CALLER_UID; when(getServices().packageManager.getPackagesForUid(DpmMockContext.CALLER_UID)).thenReturn( new String[0]); when(getServices().userManager.isUserUnlocked(DpmMockContext.CALLER_USER_HANDLE)) .thenReturn(true); mServiceContext.permissions.add(permission.REQUEST_PASSWORD_COMPLEXITY); Loading @@ -5721,6 +5733,9 @@ public class DevicePolicyManagerTest extends DpmTestBase { } public void testGetPasswordComplexity_currentUserHasPassword() { mContext.binder.callingUid = DpmMockContext.CALLER_UID; when(getServices().packageManager.getPackagesForUid(DpmMockContext.CALLER_UID)).thenReturn( new String[0]); when(getServices().userManager.isUserUnlocked(DpmMockContext.CALLER_USER_HANDLE)) .thenReturn(true); mServiceContext.permissions.add(permission.REQUEST_PASSWORD_COMPLEXITY); Loading @@ -5734,6 +5749,9 @@ public class DevicePolicyManagerTest extends DpmTestBase { } public void testGetPasswordComplexity_unifiedChallengeReturnsParentUserPassword() { mContext.binder.callingUid = DpmMockContext.CALLER_UID; when(getServices().packageManager.getPackagesForUid(DpmMockContext.CALLER_UID)).thenReturn( new String[0]); when(getServices().userManager.isUserUnlocked(DpmMockContext.CALLER_USER_HANDLE)) .thenReturn(true); mServiceContext.permissions.add(permission.REQUEST_PASSWORD_COMPLEXITY); Loading Loading
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +13 −7 Original line number Diff line number Diff line Loading @@ -408,6 +408,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { private static final String ATTR_APPLICATION_RESTRICTIONS_MANAGER = "application-restrictions-manager"; private static final String CALLED_FROM_PARENT = "calledFromParent"; private static final String NOT_CALLED_FROM_PARENT = "notCalledFromParent"; // Comprehensive list of delegations. private static final String DELEGATIONS[] = { DELEGATION_CERT_INSTALL, Loading Loading @@ -4471,7 +4474,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { .createEvent(DevicePolicyEnums.SET_PASSWORD_QUALITY) .setAdmin(who) .setInt(quality) .setBoolean(parent) .setStrings(parent ? CALLED_FROM_PARENT : NOT_CALLED_FROM_PARENT) .write(); } Loading Loading @@ -5259,8 +5262,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { public int getPasswordComplexity(boolean parent) { DevicePolicyEventLogger .createEvent(DevicePolicyEnums.GET_USER_PASSWORD_COMPLEXITY_LEVEL) .setStrings(mInjector.getPackageManager() .getPackagesForUid(mInjector.binderGetCallingUid())) .setStrings(parent ? CALLED_FROM_PARENT : NOT_CALLED_FROM_PARENT, mInjector.getPackageManager().getPackagesForUid( mInjector.binderGetCallingUid())) .write(); final int callingUserId = mInjector.userHandleGetCallingUserId(); Loading Loading @@ -6934,6 +6938,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { .createEvent(DevicePolicyEnums.WIPE_DATA_WITH_REASON) .setAdmin(admin.info.getComponent()) .setInt(flags) .setStrings(calledOnParentInstance ? CALLED_FROM_PARENT : NOT_CALLED_FROM_PARENT) .write(); String internalReason = String.format( "DevicePolicyManager.wipeDataWithReason() from %s, organization-owned? %s", Loading Loading @@ -8093,6 +8098,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { .createEvent(DevicePolicyEnums.SET_CAMERA_DISABLED) .setAdmin(who) .setBoolean(disabled) .setStrings(parent ? CALLED_FROM_PARENT : NOT_CALLED_FROM_PARENT) .write(); } Loading Loading @@ -8170,7 +8176,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { .createEvent(DevicePolicyEnums.SET_KEYGUARD_DISABLED_FEATURES) .setAdmin(who) .setInt(which) .setBoolean(parent) .setStrings(parent ? CALLED_FROM_PARENT : NOT_CALLED_FROM_PARENT) .write(); } Loading Loading @@ -10677,7 +10683,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { DevicePolicyEventLogger .createEvent(eventId) .setAdmin(who) .setStrings(key) .setStrings(key, parent ? CALLED_FROM_PARENT : NOT_CALLED_FROM_PARENT) .write(); if (SecurityLog.isLoggingEnabled()) { final int eventTag = enabledFromThisOwner Loading Loading @@ -10821,8 +10827,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { .createEvent(DevicePolicyEnums.SET_APPLICATION_HIDDEN) .setAdmin(callerPackage) .setBoolean(isDelegate) .setBoolean(parent) .setStrings(packageName, hidden ? "hidden" : "not_hidden") .setStrings(packageName, hidden ? "hidden" : "not_hidden", parent ? CALLED_FROM_PARENT : NOT_CALLED_FROM_PARENT) .write(); return result; } Loading
services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java +18 −0 Original line number Diff line number Diff line Loading @@ -5689,6 +5689,9 @@ public class DevicePolicyManagerTest extends DpmTestBase { } public void testGetPasswordComplexity_securityExceptionNotThrownForParentInstance() { mContext.binder.callingUid = DpmMockContext.CALLER_UID; when(getServices().packageManager.getPackagesForUid(DpmMockContext.CALLER_UID)).thenReturn( new String[0]); mServiceContext.permissions.add(permission.REQUEST_PASSWORD_COMPLEXITY); setAsProfileOwner(admin1); Loading @@ -5698,12 +5701,18 @@ public class DevicePolicyManagerTest extends DpmTestBase { } public void testGetPasswordComplexity_illegalStateExceptionIfLocked() { mContext.binder.callingUid = DpmMockContext.CALLER_UID; when(getServices().packageManager.getPackagesForUid(DpmMockContext.CALLER_UID)).thenReturn( new String[0]); when(getServices().userManager.isUserUnlocked(DpmMockContext.CALLER_USER_HANDLE)) .thenReturn(false); assertThrows(IllegalStateException.class, () -> dpm.getPasswordComplexity()); } public void testGetPasswordComplexity_securityExceptionWithoutPermissions() { mContext.binder.callingUid = DpmMockContext.CALLER_UID; when(getServices().packageManager.getPackagesForUid(DpmMockContext.CALLER_UID)).thenReturn( new String[0]); when(getServices().userManager.isUserUnlocked(DpmMockContext.CALLER_USER_HANDLE)) .thenReturn(true); assertThrows(SecurityException.class, () -> dpm.getPasswordComplexity()); Loading @@ -5711,6 +5720,9 @@ public class DevicePolicyManagerTest extends DpmTestBase { public void testGetPasswordComplexity_currentUserNoPassword() { mContext.binder.callingUid = DpmMockContext.CALLER_UID; when(getServices().packageManager.getPackagesForUid(DpmMockContext.CALLER_UID)).thenReturn( new String[0]); when(getServices().userManager.isUserUnlocked(DpmMockContext.CALLER_USER_HANDLE)) .thenReturn(true); mServiceContext.permissions.add(permission.REQUEST_PASSWORD_COMPLEXITY); Loading @@ -5721,6 +5733,9 @@ public class DevicePolicyManagerTest extends DpmTestBase { } public void testGetPasswordComplexity_currentUserHasPassword() { mContext.binder.callingUid = DpmMockContext.CALLER_UID; when(getServices().packageManager.getPackagesForUid(DpmMockContext.CALLER_UID)).thenReturn( new String[0]); when(getServices().userManager.isUserUnlocked(DpmMockContext.CALLER_USER_HANDLE)) .thenReturn(true); mServiceContext.permissions.add(permission.REQUEST_PASSWORD_COMPLEXITY); Loading @@ -5734,6 +5749,9 @@ public class DevicePolicyManagerTest extends DpmTestBase { } public void testGetPasswordComplexity_unifiedChallengeReturnsParentUserPassword() { mContext.binder.callingUid = DpmMockContext.CALLER_UID; when(getServices().packageManager.getPackagesForUid(DpmMockContext.CALLER_UID)).thenReturn( new String[0]); when(getServices().userManager.isUserUnlocked(DpmMockContext.CALLER_USER_HANDLE)) .thenReturn(true); mServiceContext.permissions.add(permission.REQUEST_PASSWORD_COMPLEXITY); Loading
