Loading core/api/test-current.txt +1 −0 Original line number Diff line number Diff line Loading @@ -448,6 +448,7 @@ package android.app.admin { method @RequiresPermission("android.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS") public void resetDefaultCrossProfileIntentFilters(int); method @RequiresPermission(allOf={"android.permission.MANAGE_DEVICE_ADMINS", android.Manifest.permission.INTERACT_ACROSS_USERS_FULL}) public void setActiveAdmin(@NonNull android.content.ComponentName, boolean, int); method @RequiresPermission("android.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS") public boolean setDeviceOwner(@NonNull android.content.ComponentName, @Nullable String, int); method @RequiresPermission("android.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS") public boolean setDeviceOwnerOnly(@NonNull android.content.ComponentName, @Nullable String, int); method @RequiresPermission("android.permission.MANAGE_DEVICE_ADMINS") public void setNextOperationSafety(int, int); field public static final String ACTION_DATA_SHARING_RESTRICTION_APPLIED = "android.app.action.DATA_SHARING_RESTRICTION_APPLIED"; field public static final String ACTION_DEVICE_POLICY_CONSTANTS_CHANGED = "android.app.action.DEVICE_POLICY_CONSTANTS_CHANGED"; Loading core/java/android/app/admin/DevicePolicyManager.java +47 −10 Original line number Diff line number Diff line Loading @@ -7726,27 +7726,64 @@ public class DevicePolicyManager { } /** * @hide * Sets the given package as the device owner. The package must already be installed. There * must not already be a device owner. * Only apps with the MANAGE_PROFILE_AND_DEVICE_OWNERS permission and the shell uid can call * this method. * Calling this after the setup phase of the primary user has completed is allowed only if * the caller is the shell uid, and there are no additional users and no accounts. * Sets the given package as the device owner. * * <p>Preconditions: * <ul> * <li>The package must already be installed. * <li>There must not already be a device owner. * <li>Only apps with the {@code MANAGE_PROFILE_AND_DEVICE_OWNERS} permission or the * {@link Process#SHELL_UID Shell UID} can call this method. * </ul> * * <p>Calling this after the setup phase of the device owner user has completed is allowed only * if the caller is the {@link Process#SHELL_UID Shell UID}, and there are no additional users * (except when the device runs on headless system user mode, in which case it could have exact * one extra user, which is the current user - the device owner will be set in the * {@link UserHandle#SYSTEM system} user and a profile owner will be set in the current user) * and no accounts. * * @param who the component name to be registered as device owner. * @param ownerName the human readable name of the institution that owns this device. * @param userId ID of the user on which the device owner runs. * * @return whether the package was successfully registered as the device owner. * @throws IllegalArgumentException if the package name is null or invalid * * @throws IllegalArgumentException if the package name is {@code null} or invalid. * @throws IllegalStateException If the preconditions mentioned are not met. * * @hide */ @TestApi @RequiresPermission(android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS) public boolean setDeviceOwner(@NonNull ComponentName who, @Nullable String ownerName, @UserIdInt int userId) { if (mService != null) { try { return mService.setDeviceOwner(who, ownerName, userId, /* setProfileOwnerOnCurrentUserIfNecessary= */ true); } catch (RemoteException re) { throw re.rethrowFromSystemServer(); } } return false; } /** * Same as {@link #setDeviceOwner(ComponentName, String, int)}, but without setting the profile * owner on current user when running on headless system user mode - should be used only by * testing infra. * * @hide */ @TestApi @RequiresPermission(android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS) public boolean setDeviceOwner( public boolean setDeviceOwnerOnly( @NonNull ComponentName who, @Nullable String ownerName, @UserIdInt int userId) { if (mService != null) { try { return mService.setDeviceOwner(who, ownerName, userId); return mService.setDeviceOwner(who, ownerName, userId, /* setProfileOwnerOnCurrentUserIfNecessary= */ false); } catch (RemoteException re) { throw re.rethrowFromSystemServer(); } Loading core/java/android/app/admin/IDevicePolicyManager.aidl +1 −1 Original line number Diff line number Diff line Loading @@ -159,7 +159,7 @@ interface IDevicePolicyManager { void reportKeyguardDismissed(int userHandle); void reportKeyguardSecured(int userHandle); boolean setDeviceOwner(in ComponentName who, String ownerName, int userId); boolean setDeviceOwner(in ComponentName who, String ownerName, int userId, boolean setProfileOwnerOnCurrentUserIfNecessary); ComponentName getDeviceOwnerComponent(boolean callingUserOnly); boolean hasDeviceOwner(); String getDeviceOwnerName(); Loading services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +6 −3 Original line number Diff line number Diff line Loading @@ -8356,7 +8356,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } @Override public boolean setDeviceOwner(ComponentName admin, String ownerName, int userId) { public boolean setDeviceOwner(ComponentName admin, String ownerName, int userId, boolean setProfileOwnerOnCurrentUserIfNecessary) { if (!mHasFeature) { logMissingFeatureAction("Cannot set " + ComponentName.flattenToShortString(admin) + " as device owner for user " + userId); Loading Loading @@ -8420,7 +8421,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Slogf.i(LOG_TAG, "Device owner set: %s on user %d", admin.flattenToShortString(), userId); if (mInjector.userManagerIsHeadlessSystemUserMode()) { if (setProfileOwnerOnCurrentUserIfNecessary && mInjector.userManagerIsHeadlessSystemUserMode()) { int currentForegroundUser = getCurrentForegroundUserId(); Slogf.i(LOG_TAG, "setDeviceOwner(): setting %s as profile owner on user %d", admin.flattenToShortString(), currentForegroundUser); Loading Loading @@ -17432,7 +17434,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { // TODO(b/178187130): Directly set DO and remove the check once silent provisioning is no // longer used. if (getDeviceOwnerComponent(/* callingUserOnly= */ true) == null) { return setDeviceOwner(adminComponent, name, userId); return setDeviceOwner(adminComponent, name, userId, /* setProfileOwnerOnCurrentUserIfNecessary= */ true); } return true; } services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerServiceShellCommand.java +8 −3 Original line number Diff line number Diff line Loading @@ -46,11 +46,13 @@ final class DevicePolicyManagerServiceShellCommand extends ShellCommand { private static final String USER_OPTION = "--user"; private static final String NAME_OPTION = "--name"; private static final String DO_ONLY_OPTION = "--device-owner-only"; private final DevicePolicyManagerService mService; private int mUserId = UserHandle.USER_SYSTEM; private String mName = ""; private ComponentName mComponent; private boolean mSetDoOnly; DevicePolicyManagerServiceShellCommand(DevicePolicyManagerService service) { mService = Objects.requireNonNull(service); Loading Loading @@ -130,8 +132,8 @@ final class DevicePolicyManagerServiceShellCommand extends ShellCommand { pw.printf(" %s [ %s <USER_ID> | current ] <COMPONENT>\n", CMD_SET_ACTIVE_ADMIN, USER_OPTION); pw.printf(" Sets the given component as active admin for an existing user.\n\n"); pw.printf(" %s [ %s <USER_ID> | current *EXPERIMENTAL* ] [ %s <NAME> ] " + "<COMPONENT>\n", CMD_SET_DEVICE_OWNER, USER_OPTION, NAME_OPTION); pw.printf(" %s [ %s <USER_ID> | current *EXPERIMENTAL* ] [ %s <NAME> ] [ %s ]" + "<COMPONENT>\n", CMD_SET_DEVICE_OWNER, USER_OPTION, NAME_OPTION, DO_ONLY_OPTION); pw.printf(" Sets the given component as active admin, and its package as device owner." + "\n\n"); pw.printf(" %s [ %s <USER_ID> | current ] [ %s <NAME> ] <COMPONENT>\n", Loading Loading @@ -254,7 +256,8 @@ final class DevicePolicyManagerServiceShellCommand extends ShellCommand { mService.setActiveAdmin(mComponent, /* refreshing= */ true, mUserId); try { if (!mService.setDeviceOwner(mComponent, mName, mUserId)) { if (!mService.setDeviceOwner(mComponent, mName, mUserId, /* setProfileOwnerOnCurrentUserIfNecessary= */ !mSetDoOnly)) { throw new RuntimeException( "Can't set package " + mComponent + " as device owner."); } Loading Loading @@ -351,6 +354,8 @@ final class DevicePolicyManagerServiceShellCommand extends ShellCommand { if (mUserId == UserHandle.USER_CURRENT) { mUserId = ActivityManager.getCurrentUser(); } } else if (DO_ONLY_OPTION.equals(opt)) { mSetDoOnly = true; } else if (canHaveName && NAME_OPTION.equals(opt)) { mName = getNextArgRequired(); } else { Loading Loading
core/api/test-current.txt +1 −0 Original line number Diff line number Diff line Loading @@ -448,6 +448,7 @@ package android.app.admin { method @RequiresPermission("android.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS") public void resetDefaultCrossProfileIntentFilters(int); method @RequiresPermission(allOf={"android.permission.MANAGE_DEVICE_ADMINS", android.Manifest.permission.INTERACT_ACROSS_USERS_FULL}) public void setActiveAdmin(@NonNull android.content.ComponentName, boolean, int); method @RequiresPermission("android.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS") public boolean setDeviceOwner(@NonNull android.content.ComponentName, @Nullable String, int); method @RequiresPermission("android.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS") public boolean setDeviceOwnerOnly(@NonNull android.content.ComponentName, @Nullable String, int); method @RequiresPermission("android.permission.MANAGE_DEVICE_ADMINS") public void setNextOperationSafety(int, int); field public static final String ACTION_DATA_SHARING_RESTRICTION_APPLIED = "android.app.action.DATA_SHARING_RESTRICTION_APPLIED"; field public static final String ACTION_DEVICE_POLICY_CONSTANTS_CHANGED = "android.app.action.DEVICE_POLICY_CONSTANTS_CHANGED"; Loading
core/java/android/app/admin/DevicePolicyManager.java +47 −10 Original line number Diff line number Diff line Loading @@ -7726,27 +7726,64 @@ public class DevicePolicyManager { } /** * @hide * Sets the given package as the device owner. The package must already be installed. There * must not already be a device owner. * Only apps with the MANAGE_PROFILE_AND_DEVICE_OWNERS permission and the shell uid can call * this method. * Calling this after the setup phase of the primary user has completed is allowed only if * the caller is the shell uid, and there are no additional users and no accounts. * Sets the given package as the device owner. * * <p>Preconditions: * <ul> * <li>The package must already be installed. * <li>There must not already be a device owner. * <li>Only apps with the {@code MANAGE_PROFILE_AND_DEVICE_OWNERS} permission or the * {@link Process#SHELL_UID Shell UID} can call this method. * </ul> * * <p>Calling this after the setup phase of the device owner user has completed is allowed only * if the caller is the {@link Process#SHELL_UID Shell UID}, and there are no additional users * (except when the device runs on headless system user mode, in which case it could have exact * one extra user, which is the current user - the device owner will be set in the * {@link UserHandle#SYSTEM system} user and a profile owner will be set in the current user) * and no accounts. * * @param who the component name to be registered as device owner. * @param ownerName the human readable name of the institution that owns this device. * @param userId ID of the user on which the device owner runs. * * @return whether the package was successfully registered as the device owner. * @throws IllegalArgumentException if the package name is null or invalid * * @throws IllegalArgumentException if the package name is {@code null} or invalid. * @throws IllegalStateException If the preconditions mentioned are not met. * * @hide */ @TestApi @RequiresPermission(android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS) public boolean setDeviceOwner(@NonNull ComponentName who, @Nullable String ownerName, @UserIdInt int userId) { if (mService != null) { try { return mService.setDeviceOwner(who, ownerName, userId, /* setProfileOwnerOnCurrentUserIfNecessary= */ true); } catch (RemoteException re) { throw re.rethrowFromSystemServer(); } } return false; } /** * Same as {@link #setDeviceOwner(ComponentName, String, int)}, but without setting the profile * owner on current user when running on headless system user mode - should be used only by * testing infra. * * @hide */ @TestApi @RequiresPermission(android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS) public boolean setDeviceOwner( public boolean setDeviceOwnerOnly( @NonNull ComponentName who, @Nullable String ownerName, @UserIdInt int userId) { if (mService != null) { try { return mService.setDeviceOwner(who, ownerName, userId); return mService.setDeviceOwner(who, ownerName, userId, /* setProfileOwnerOnCurrentUserIfNecessary= */ false); } catch (RemoteException re) { throw re.rethrowFromSystemServer(); } Loading
core/java/android/app/admin/IDevicePolicyManager.aidl +1 −1 Original line number Diff line number Diff line Loading @@ -159,7 +159,7 @@ interface IDevicePolicyManager { void reportKeyguardDismissed(int userHandle); void reportKeyguardSecured(int userHandle); boolean setDeviceOwner(in ComponentName who, String ownerName, int userId); boolean setDeviceOwner(in ComponentName who, String ownerName, int userId, boolean setProfileOwnerOnCurrentUserIfNecessary); ComponentName getDeviceOwnerComponent(boolean callingUserOnly); boolean hasDeviceOwner(); String getDeviceOwnerName(); Loading
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +6 −3 Original line number Diff line number Diff line Loading @@ -8356,7 +8356,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } @Override public boolean setDeviceOwner(ComponentName admin, String ownerName, int userId) { public boolean setDeviceOwner(ComponentName admin, String ownerName, int userId, boolean setProfileOwnerOnCurrentUserIfNecessary) { if (!mHasFeature) { logMissingFeatureAction("Cannot set " + ComponentName.flattenToShortString(admin) + " as device owner for user " + userId); Loading Loading @@ -8420,7 +8421,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Slogf.i(LOG_TAG, "Device owner set: %s on user %d", admin.flattenToShortString(), userId); if (mInjector.userManagerIsHeadlessSystemUserMode()) { if (setProfileOwnerOnCurrentUserIfNecessary && mInjector.userManagerIsHeadlessSystemUserMode()) { int currentForegroundUser = getCurrentForegroundUserId(); Slogf.i(LOG_TAG, "setDeviceOwner(): setting %s as profile owner on user %d", admin.flattenToShortString(), currentForegroundUser); Loading Loading @@ -17432,7 +17434,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { // TODO(b/178187130): Directly set DO and remove the check once silent provisioning is no // longer used. if (getDeviceOwnerComponent(/* callingUserOnly= */ true) == null) { return setDeviceOwner(adminComponent, name, userId); return setDeviceOwner(adminComponent, name, userId, /* setProfileOwnerOnCurrentUserIfNecessary= */ true); } return true; }
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerServiceShellCommand.java +8 −3 Original line number Diff line number Diff line Loading @@ -46,11 +46,13 @@ final class DevicePolicyManagerServiceShellCommand extends ShellCommand { private static final String USER_OPTION = "--user"; private static final String NAME_OPTION = "--name"; private static final String DO_ONLY_OPTION = "--device-owner-only"; private final DevicePolicyManagerService mService; private int mUserId = UserHandle.USER_SYSTEM; private String mName = ""; private ComponentName mComponent; private boolean mSetDoOnly; DevicePolicyManagerServiceShellCommand(DevicePolicyManagerService service) { mService = Objects.requireNonNull(service); Loading Loading @@ -130,8 +132,8 @@ final class DevicePolicyManagerServiceShellCommand extends ShellCommand { pw.printf(" %s [ %s <USER_ID> | current ] <COMPONENT>\n", CMD_SET_ACTIVE_ADMIN, USER_OPTION); pw.printf(" Sets the given component as active admin for an existing user.\n\n"); pw.printf(" %s [ %s <USER_ID> | current *EXPERIMENTAL* ] [ %s <NAME> ] " + "<COMPONENT>\n", CMD_SET_DEVICE_OWNER, USER_OPTION, NAME_OPTION); pw.printf(" %s [ %s <USER_ID> | current *EXPERIMENTAL* ] [ %s <NAME> ] [ %s ]" + "<COMPONENT>\n", CMD_SET_DEVICE_OWNER, USER_OPTION, NAME_OPTION, DO_ONLY_OPTION); pw.printf(" Sets the given component as active admin, and its package as device owner." + "\n\n"); pw.printf(" %s [ %s <USER_ID> | current ] [ %s <NAME> ] <COMPONENT>\n", Loading Loading @@ -254,7 +256,8 @@ final class DevicePolicyManagerServiceShellCommand extends ShellCommand { mService.setActiveAdmin(mComponent, /* refreshing= */ true, mUserId); try { if (!mService.setDeviceOwner(mComponent, mName, mUserId)) { if (!mService.setDeviceOwner(mComponent, mName, mUserId, /* setProfileOwnerOnCurrentUserIfNecessary= */ !mSetDoOnly)) { throw new RuntimeException( "Can't set package " + mComponent + " as device owner."); } Loading Loading @@ -351,6 +354,8 @@ final class DevicePolicyManagerServiceShellCommand extends ShellCommand { if (mUserId == UserHandle.USER_CURRENT) { mUserId = ActivityManager.getCurrentUser(); } } else if (DO_ONLY_OPTION.equals(opt)) { mSetDoOnly = true; } else if (canHaveName && NAME_OPTION.equals(opt)) { mName = getNextArgRequired(); } else { Loading
