Add APIs for cross profile calendar whitelist in DPM. (4bcea96b) · Commits · e / os / android_frameworks_base

api/current.txt

+3 −0

Original line number	Diff line number	Diff line
		@@ -6511,6 +6511,7 @@ package android.app.admin {
		}

		public class DevicePolicyManager {
		method public void addCrossProfileCalendarPackage(android.content.ComponentName, java.lang.String);
		method public void addCrossProfileIntentFilter(android.content.ComponentName, android.content.IntentFilter, int);
		method public boolean addCrossProfileWidgetProvider(android.content.ComponentName, java.lang.String);
		method public int addOverrideApn(android.content.ComponentName, android.telephony.data.ApnSetting);
		@@ -6540,6 +6541,7 @@ package android.app.admin {
		method public boolean getBluetoothContactSharingDisabled(android.content.ComponentName);
		method public boolean getCameraDisabled(android.content.ComponentName);
		method public deprecated java.lang.String getCertInstallerPackage(android.content.ComponentName) throws java.lang.SecurityException;
		method public java.util.Set<java.lang.String> getCrossProfileCalendarPackages(android.content.ComponentName);
		method public boolean getCrossProfileCallerIdDisabled(android.content.ComponentName);
		method public boolean getCrossProfileContactsSearchDisabled(android.content.ComponentName);
		method public java.util.List<java.lang.String> getCrossProfileWidgetProviders(android.content.ComponentName);
		@@ -6628,6 +6630,7 @@ package android.app.admin {
		method public int logoutUser(android.content.ComponentName);
		method public void reboot(android.content.ComponentName);
		method public void removeActiveAdmin(android.content.ComponentName);
		method public boolean removeCrossProfileCalendarPackage(android.content.ComponentName, java.lang.String);
		method public boolean removeCrossProfileWidgetProvider(android.content.ComponentName, java.lang.String);
		method public boolean removeKeyPair(android.content.ComponentName, java.lang.String);
		method public boolean removeOverrideApn(android.content.ComponentName, int);

core/java/android/app/admin/DevicePolicyManager.java

+107 −0

Original line number	Diff line number	Diff line
		@@ -9992,4 +9992,111 @@ public class DevicePolicyManager {
		throw re.rethrowFromSystemServer();
		}
		}

		/**
		* Whitelists a package that is allowed to access cross profile calendar APIs.
		*
		* <p>Called by a profile owner of a managed profile.
		*
		* @param admin which {@link DeviceAdminReceiver} this request is associated with.
		* @param packageName name of the package to be whitelisted.
		* @throws SecurityException if {@code admin} is not a profile owner.
		*
		* @see #removeCrossProfileCalendarPackage(ComponentName, String)
		* @see #getCrossProfileCalendarPackages(ComponentName)
		*/
		public void addCrossProfileCalendarPackage(@NonNull ComponentName admin,
		@NonNull String packageName) {
		throwIfParentInstance("addCrossProfileCalendarPackage");
		if (mService != null) {
		try {
		mService.addCrossProfileCalendarPackage(admin, packageName);
		} catch (RemoteException e) {
		throw e.rethrowFromSystemServer();
		}
		}
		}

		/**
		* Removes a package that was allowed to access cross profile calendar APIs
		* from the whitelist.
		*
		* <p>Called by a profile owner of a managed profile.
		*
		* @param admin which {@link DeviceAdminReceiver} this request is associated with.
		* @param packageName name of the package to be removed from the whitelist.
		* @return {@code true} if the package is successfully removed from the whitelist,
		* {@code false} otherwise.
		* @throws SecurityException if {@code admin} is not a profile owner.
		*
		* @see #addCrossProfileCalendarPackage(ComponentName, String)
		* @see #getCrossProfileCalendarPackages(ComponentName)
		*/
		public boolean removeCrossProfileCalendarPackage(@NonNull ComponentName admin,
		@NonNull String packageName) {
		throwIfParentInstance("removeCrossProfileCalendarPackage");
		if (mService != null) {
		try {
		return mService.removeCrossProfileCalendarPackage(admin, packageName);
		} catch (RemoteException e) {
		throw e.rethrowFromSystemServer();
		}
		}
		return false;
		}

		/**
		* Gets a set of package names that are whitelisted to access cross profile calendar APIs.
		*
		* <p>Called by a profile owner of a managed profile.
		*
		* @param admin which {@link DeviceAdminReceiver} this request is associated with.
		* @return the set of names of packages that were previously whitelisted via
		* {@link #addCrossProfileCalendarPackage(ComponentName, String)}, or an
		* empty set if none have been whitelisted.
		* @throws SecurityException if {@code admin} is not a profile owner.
		*
		* @see #addCrossProfileCalendarPackage(ComponentName, String)
		* @see #removeCrossProfileCalendarPackage(ComponentName, String)
		*/
		public @NonNull Set<String> getCrossProfileCalendarPackages(@NonNull ComponentName admin) {
		throwIfParentInstance("getCrossProfileCalendarPackages");
		if (mService != null) {
		try {
		return new ArraySet<>(mService.getCrossProfileCalendarPackages(admin));
		} catch (RemoteException e) {
		throw e.rethrowFromSystemServer();
		}
		}
		return Collections.emptySet();
		}

		/**
		* Returns if a package is whitelisted to access cross profile calendar APIs.
		*
		* <p>To query for a specific user, use
		* {@link Context#createPackageContextAsUser(String, int, UserHandle)} to create a context for
		* that user, and get a {@link DevicePolicyManager} from this context.
		*
		* @param packageName the name of the package
		* @return {@code true} if the package is whitelisted to access cross profile calendar APIs.
		* {@code false} otherwise.
		*
		* @see #addCrossProfileCalendarPackage(ComponentName, String)
		* @see #removeCrossProfileCalendarPackage(ComponentName, String)
		* @see #getCrossProfileCalendarPackages(ComponentName)
		* @hide
		*/
		public @NonNull boolean isPackageAllowedToAccessCalendar(@NonNull String packageName) {
		throwIfParentInstance("isPackageAllowedToAccessCalendar");
		if (mService != null) {
		try {
		return mService.isPackageAllowedToAccessCalendarForUser(packageName,
		mContext.getUserId());
		} catch (RemoteException e) {
		throw e.rethrowFromSystemServer();
		}
		}
		return false;
		}
		}

core/java/android/app/admin/IDevicePolicyManager.aidl

+5 −0

Original line number	Diff line number	Diff line
		@@ -422,4 +422,9 @@ interface IDevicePolicyManager {
		void grantDeviceIdsAccessToProfileOwner(in ComponentName who, int userId);

		void installUpdateFromFile(in ComponentName admin, in ParcelFileDescriptor updateFileDescriptor, in StartInstallingUpdateCallback listener);

		void addCrossProfileCalendarPackage(in ComponentName admin, String packageName);
		boolean removeCrossProfileCalendarPackage(in ComponentName admin, String packageName);
		List<String> getCrossProfileCalendarPackages(in ComponentName admin);
		boolean isPackageAllowedToAccessCalendarForUser(String packageName, int userHandle);
		}

services/devicepolicy/java/com/android/server/devicepolicy/BaseIDevicePolicyManager.java

+23 −0

Original line number	Diff line number	Diff line
		@@ -23,6 +23,9 @@ import android.os.ParcelFileDescriptor;

		import com.android.server.SystemService;

		import java.util.Collections;
		import java.util.List;

		/**
		* Defines the required interface for IDevicePolicyManager implemenation.
		*
		@@ -97,4 +100,24 @@ abstract class BaseIDevicePolicyManager extends IDevicePolicyManager.Stub {
		@Override
		public void installUpdateFromFile(ComponentName admin,
		ParcelFileDescriptor updateFileDescriptor, StartInstallingUpdateCallback listener) {}

		@Override
		public void addCrossProfileCalendarPackage(ComponentName admin, String packageName) {
		}

		@Override
		public boolean removeCrossProfileCalendarPackage(ComponentName admin, String packageName) {
		return false;
		}

		@Override
		public List<String> getCrossProfileCalendarPackages(ComponentName admin) {
		return Collections.emptyList();
		}

		@Override
		public boolean isPackageAllowedToAccessCalendarForUser(String packageName,
		int userHandle) {
		return false;
		}
		}

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+93 −5

Original line number	Diff line number	Diff line
		@@ -74,8 +74,10 @@ import static com.android.internal.logging.nano.MetricsProto.MetricsEvent
		.PROVISIONING_ENTRY_POINT_ADB;
		import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker
		.STRONG_AUTH_REQUIRED_AFTER_DPM_LOCK_NOW;
		import static com.android.server.devicepolicy.TransferOwnershipMetadataManager.ADMIN_TYPE_DEVICE_OWNER;
		import static com.android.server.devicepolicy.TransferOwnershipMetadataManager.ADMIN_TYPE_PROFILE_OWNER;
		import static com.android.server.devicepolicy.TransferOwnershipMetadataManager
		.ADMIN_TYPE_DEVICE_OWNER;
		import static com.android.server.devicepolicy.TransferOwnershipMetadataManager
		.ADMIN_TYPE_PROFILE_OWNER;
		import static com.android.server.pm.PackageManagerService.PLATFORM_PACKAGE_NAME;

		import static org.xmlpull.v1.XmlPullParser.END_DOCUMENT;
		@@ -908,8 +910,12 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		private static final String TAG_IS_LOGOUT_ENABLED = "is_logout_enabled";
		private static final String TAG_START_USER_SESSION_MESSAGE = "start_user_session_message";
		private static final String TAG_END_USER_SESSION_MESSAGE = "end_user_session_message";
		private static final String TAG_METERED_DATA_DISABLED_PACKAGES
		= "metered_data_disabled_packages";
		private static final String TAG_METERED_DATA_DISABLED_PACKAGES =
		"metered_data_disabled_packages";
		private static final String TAG_CROSS_PROFILE_CALENDAR_PACKAGES =
		"cross-profile-calendar-packages";
		private static final String TAG_PACKAGE = "package";


		DeviceAdminInfo info;

		@@ -1030,6 +1036,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		String startUserSessionMessage = null;
		String endUserSessionMessage = null;

		// The whitelist of packages that can access cross profile calendar APIs.
		final Set<String> mCrossProfileCalendarPackages = new ArraySet<>();

		ActiveAdmin(DeviceAdminInfo _info, boolean parent) {
		info = _info;
		isParent = parent;
		@@ -1299,6 +1308,12 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		out.text(endUserSessionMessage);
		out.endTag(null, TAG_END_USER_SESSION_MESSAGE);
		}
		if (!mCrossProfileCalendarPackages.isEmpty()) {
		out.startTag(null, TAG_CROSS_PROFILE_CALENDAR_PACKAGES);
		writeAttributeValuesToXml(
		out, TAG_PACKAGE, mCrossProfileCalendarPackages);
		out.endTag(null, TAG_CROSS_PROFILE_CALENDAR_PACKAGES);
		}
		}

		void writePackageListToXml(XmlSerializer out, String outerTag,
		@@ -1491,6 +1506,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		} else {
		Log.w(LOG_TAG, "Missing text when loading end session message");
		}
		} else if (TAG_CROSS_PROFILE_CALENDAR_PACKAGES.equals(tag)) {
		readAttributeValues(
		parser, TAG_PACKAGE, mCrossProfileCalendarPackages);
		} else {
		Slog.w(LOG_TAG, "Unknown admin tag: " + tag);
		XmlUtils.skipCurrentTag(parser);
		@@ -1706,6 +1724,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		pw.print(prefix); pw.println("parentAdmin:");
		parentAdmin.dump(prefix + " ", pw);
		}
		pw.print(prefix); pw.print("mCrossProfileCalendarPackages=");
		pw.println(mCrossProfileCalendarPackages);
		}
		}

		@@ -13339,9 +13359,77 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		}
		}


		private boolean isDeviceAB() {
		return "true".equalsIgnoreCase(android.os.SystemProperties
		.get(AB_DEVICE_KEY, ""));
		}

		@Override
		public void addCrossProfileCalendarPackage(ComponentName who, String packageName) {
		if (!mHasFeature) {
		return;
		}
		Preconditions.checkNotNull(who, "ComponentName is null");
		Preconditions.checkStringNotEmpty(packageName, "Package name is null or empty");

		synchronized (getLockObject()) {
		final ActiveAdmin admin = getActiveAdminForCallerLocked(
		who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
		if (admin.mCrossProfileCalendarPackages.add(packageName)) {
		saveSettingsLocked(mInjector.userHandleGetCallingUserId());
		}
		}
		}

		@Override
		public boolean removeCrossProfileCalendarPackage(ComponentName who, String packageName) {
		if (!mHasFeature) {
		return false;
		}
		Preconditions.checkNotNull(who, "ComponentName is null");
		Preconditions.checkStringNotEmpty(packageName, "Package name is null or empty");

		boolean isRemoved = false;
		synchronized (getLockObject()) {
		final ActiveAdmin admin = getActiveAdminForCallerLocked(
		who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
		isRemoved = admin.mCrossProfileCalendarPackages.remove(packageName);
		if (isRemoved) {
		saveSettingsLocked(mInjector.userHandleGetCallingUserId());
		}
		}
		return isRemoved;
		}

		@Override
		public List<String> getCrossProfileCalendarPackages(ComponentName who) {
		if (!mHasFeature) {
		return Collections.emptyList();
		}
		Preconditions.checkNotNull(who, "ComponentName is null");

		synchronized (getLockObject()) {
		final ActiveAdmin admin = getActiveAdminForCallerLocked(
		who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
		return new ArrayList<String>(admin.mCrossProfileCalendarPackages);
		}
		}

		@Override
		public boolean isPackageAllowedToAccessCalendarForUser(String packageName,
		int userHandle) {
		if (!mHasFeature) {
		return false;
		}
		Preconditions.checkStringNotEmpty(packageName, "Package name is null or empty");

		enforceCrossUsersPermission(userHandle);
		synchronized (getLockObject()) {
		final ActiveAdmin admin = getProfileOwnerAdminLocked(userHandle);
		if (admin != null && admin.mCrossProfileCalendarPackages != null) {
		return admin.mCrossProfileCalendarPackages.contains(packageName);
		}
		}
		return false;
		}
		}