Loading core/api/test-current.txt +12 −0 Original line number Diff line number Diff line Loading @@ -382,6 +382,18 @@ package android.app.admin { field public static final int OPERATION_LOGOUT_USER = 9; // 0x9 field public static final int OPERATION_REBOOT = 7; // 0x7 field public static final int OPERATION_REMOVE_USER = 6; // 0x6 field public static final int OPERATION_SET_APPLICATION_HIDDEN = 15; // 0xf field public static final int OPERATION_SET_APPLICATION_RESTRICTIONS = 16; // 0x10 field public static final int OPERATION_SET_KEEP_UNINSTALLED_PACKAGES = 17; // 0x11 field public static final int OPERATION_SET_KEYGUARD_DISABLED = 12; // 0xc field public static final int OPERATION_SET_LOCK_TASK_FEATURES = 18; // 0x12 field public static final int OPERATION_SET_LOCK_TASK_PACKAGES = 19; // 0x13 field public static final int OPERATION_SET_PACKAGES_SUSPENDED = 20; // 0x14 field public static final int OPERATION_SET_STATUS_BAR_DISABLED = 13; // 0xd field public static final int OPERATION_SET_SYSTEM_SETTING = 11; // 0xb field public static final int OPERATION_SET_SYSTEM_UPDATE_POLICY = 14; // 0xe field public static final int OPERATION_SET_TRUST_AGENT_CONFIGURATION = 21; // 0x15 field public static final int OPERATION_SET_USER_CONTROL_DISABLED_PACKAGES = 22; // 0x16 field public static final int OPERATION_SET_USER_RESTRICTION = 10; // 0xa field public static final int OPERATION_START_USER_IN_BACKGROUND = 3; // 0x3 field public static final int OPERATION_STOP_USER = 4; // 0x4 Loading core/java/android/app/admin/DevicePolicyManager.java +49 −1 Original line number Diff line number Diff line Loading @@ -2624,6 +2624,42 @@ public class DevicePolicyManager { /** @hide */ @TestApi public static final int OPERATION_SET_USER_RESTRICTION = 10; /** @hide */ @TestApi public static final int OPERATION_SET_SYSTEM_SETTING = 11; /** @hide */ @TestApi public static final int OPERATION_SET_KEYGUARD_DISABLED = 12; /** @hide */ @TestApi public static final int OPERATION_SET_STATUS_BAR_DISABLED = 13; /** @hide */ @TestApi public static final int OPERATION_SET_SYSTEM_UPDATE_POLICY = 14; /** @hide */ @TestApi public static final int OPERATION_SET_APPLICATION_HIDDEN = 15; /** @hide */ @TestApi public static final int OPERATION_SET_APPLICATION_RESTRICTIONS = 16; /** @hide */ @TestApi public static final int OPERATION_SET_KEEP_UNINSTALLED_PACKAGES = 17; /** @hide */ @TestApi public static final int OPERATION_SET_LOCK_TASK_FEATURES = 18; /** @hide */ @TestApi public static final int OPERATION_SET_LOCK_TASK_PACKAGES = 19; /** @hide */ @TestApi public static final int OPERATION_SET_PACKAGES_SUSPENDED = 20; /** @hide */ @TestApi public static final int OPERATION_SET_TRUST_AGENT_CONFIGURATION = 21; /** @hide */ @TestApi public static final int OPERATION_SET_USER_CONTROL_DISABLED_PACKAGES = 22; private static final String PREFIX_OPERATION = "OPERATION_"; Loading @@ -2638,7 +2674,19 @@ public class DevicePolicyManager { OPERATION_REBOOT, OPERATION_WIPE_DATA, OPERATION_LOGOUT_USER, OPERATION_SET_USER_RESTRICTION OPERATION_SET_USER_RESTRICTION, OPERATION_SET_SYSTEM_SETTING, OPERATION_SET_KEYGUARD_DISABLED, OPERATION_SET_STATUS_BAR_DISABLED, OPERATION_SET_SYSTEM_UPDATE_POLICY, OPERATION_SET_APPLICATION_HIDDEN, OPERATION_SET_APPLICATION_RESTRICTIONS, OPERATION_SET_KEEP_UNINSTALLED_PACKAGES, OPERATION_SET_LOCK_TASK_FEATURES, OPERATION_SET_LOCK_TASK_PACKAGES, OPERATION_SET_PACKAGES_SUSPENDED, OPERATION_SET_TRUST_AGENT_CONFIGURATION, OPERATION_SET_USER_CONTROL_DISABLED_PACKAGES }) @Retention(RetentionPolicy.SOURCE) public static @interface DevicePolicyOperation { Loading services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +17 −0 Original line number Diff line number Diff line Loading @@ -7507,6 +7507,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkCallAuthorization((caller.hasAdminComponent() && isDeviceOwner(caller)) || (caller.hasPackage() && isCallerDelegate(caller, DELEGATION_KEEP_UNINSTALLED_PACKAGES))); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_KEEP_UNINSTALLED_PACKAGES); synchronized (getLockObject()) { // Get the device owner Loading Loading @@ -8975,6 +8976,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkCallAuthorization((caller.hasAdminComponent() && (isProfileOwner(caller) || isDeviceOwner(caller))) || (caller.hasPackage() && isCallerDelegate(caller, DELEGATION_APP_RESTRICTIONS))); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_APPLICATION_RESTRICTIONS); mInjector.binderWithCleanCallingIdentity(() -> { mUserManager.setApplicationRestrictions(packageName, settings, Loading @@ -9000,6 +9002,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { synchronized (getLockObject()) { ActiveAdmin ap = getActiveAdminForCallerLocked(admin, DeviceAdminInfo.USES_POLICY_DISABLE_KEYGUARD_FEATURES, parent); checkCanExecuteOrThrowUnsafe( DevicePolicyManager.OPERATION_SET_TRUST_AGENT_CONFIGURATION); ap.trustAgentInfos.put(agent.flattenToString(), new TrustAgentInfo(args)); saveSettingsLocked(userHandle); } Loading Loading @@ -9939,6 +9944,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkCallAuthorization((caller.hasAdminComponent() && (isProfileOwner(caller) || isDeviceOwner(caller))) || (caller.hasPackage() && isCallerDelegate(caller, DELEGATION_PACKAGE_ACCESS))); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_PACKAGES_SUSPENDED); String[] result = null; synchronized (getLockObject()) { Loading Loading @@ -10146,6 +10152,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { mInjector.binderWithCleanCallingIdentity(() -> enforcePackageIsSystemPackage(packageName, userId)); } checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_APPLICATION_HIDDEN); result = mInjector.binderWithCleanCallingIdentity(() -> mIPackageManager .setApplicationHiddenSettingAsUser(packageName, hidden, userId)); } Loading Loading @@ -10744,6 +10752,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { synchronized (getLockObject()) { enforceCanCallLockTaskLocked(caller); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_LOCK_TASK_PACKAGES); final int userHandle = caller.getUserId(); setLockTaskPackagesLocked(userHandle, new ArrayList<>(Arrays.asList(packages))); } Loading Loading @@ -10796,6 +10805,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { final int userHandle = caller.getUserId(); synchronized (getLockObject()) { enforceCanCallLockTaskLocked(caller); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_LOCK_TASK_FEATURES); setLockTaskFeaturesLocked(userHandle, flags); } } Loading Loading @@ -10924,6 +10934,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkStringNotEmpty(setting, "String setting is null or empty"); final CallerIdentity caller = getCallerIdentity(who); Preconditions.checkCallAuthorization(isProfileOwner(caller) || isDeviceOwner(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_SYSTEM_SETTING); synchronized (getLockObject()) { if (!SYSTEM_SETTINGS_ALLOWLIST.contains(setting)) { Loading Loading @@ -11225,6 +11236,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { if (isManagedProfile(userId)) { throw new SecurityException("Managed profile cannot disable keyguard"); } checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_KEYGUARD_DISABLED); long ident = mInjector.binderClearCallingIdentity(); try { Loading Loading @@ -11264,6 +11276,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { if (isManagedProfile(userId)) { throw new SecurityException("Managed profile cannot disable status bar"); } checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_STATUS_BAR_DISABLED); DevicePolicyData policy = getUserData(userId); if (policy.mStatusBarDisabled != disabled) { boolean isLockTaskMode = false; Loading Loading @@ -11931,6 +11945,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { synchronized (getLockObject()) { Preconditions.checkCallAuthorization(isProfileOwnerOfOrganizationOwnedDevice(caller) || isDeviceOwner(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_SYSTEM_UPDATE_POLICY); if (policy == null) { mOwners.clearSystemUpdatePolicy(); Loading Loading @@ -15077,6 +15092,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkNotNull(packages, "packages is null"); final CallerIdentity caller = getCallerIdentity(who); Preconditions.checkCallAuthorization(isDeviceOwner(caller)); checkCanExecuteOrThrowUnsafe( DevicePolicyManager.OPERATION_SET_USER_CONTROL_DISABLED_PACKAGES); synchronized (getLockObject()) { setUserControlDisabledPackagesLocked(caller.getUserId(), packages); Loading
core/api/test-current.txt +12 −0 Original line number Diff line number Diff line Loading @@ -382,6 +382,18 @@ package android.app.admin { field public static final int OPERATION_LOGOUT_USER = 9; // 0x9 field public static final int OPERATION_REBOOT = 7; // 0x7 field public static final int OPERATION_REMOVE_USER = 6; // 0x6 field public static final int OPERATION_SET_APPLICATION_HIDDEN = 15; // 0xf field public static final int OPERATION_SET_APPLICATION_RESTRICTIONS = 16; // 0x10 field public static final int OPERATION_SET_KEEP_UNINSTALLED_PACKAGES = 17; // 0x11 field public static final int OPERATION_SET_KEYGUARD_DISABLED = 12; // 0xc field public static final int OPERATION_SET_LOCK_TASK_FEATURES = 18; // 0x12 field public static final int OPERATION_SET_LOCK_TASK_PACKAGES = 19; // 0x13 field public static final int OPERATION_SET_PACKAGES_SUSPENDED = 20; // 0x14 field public static final int OPERATION_SET_STATUS_BAR_DISABLED = 13; // 0xd field public static final int OPERATION_SET_SYSTEM_SETTING = 11; // 0xb field public static final int OPERATION_SET_SYSTEM_UPDATE_POLICY = 14; // 0xe field public static final int OPERATION_SET_TRUST_AGENT_CONFIGURATION = 21; // 0x15 field public static final int OPERATION_SET_USER_CONTROL_DISABLED_PACKAGES = 22; // 0x16 field public static final int OPERATION_SET_USER_RESTRICTION = 10; // 0xa field public static final int OPERATION_START_USER_IN_BACKGROUND = 3; // 0x3 field public static final int OPERATION_STOP_USER = 4; // 0x4 Loading
core/java/android/app/admin/DevicePolicyManager.java +49 −1 Original line number Diff line number Diff line Loading @@ -2624,6 +2624,42 @@ public class DevicePolicyManager { /** @hide */ @TestApi public static final int OPERATION_SET_USER_RESTRICTION = 10; /** @hide */ @TestApi public static final int OPERATION_SET_SYSTEM_SETTING = 11; /** @hide */ @TestApi public static final int OPERATION_SET_KEYGUARD_DISABLED = 12; /** @hide */ @TestApi public static final int OPERATION_SET_STATUS_BAR_DISABLED = 13; /** @hide */ @TestApi public static final int OPERATION_SET_SYSTEM_UPDATE_POLICY = 14; /** @hide */ @TestApi public static final int OPERATION_SET_APPLICATION_HIDDEN = 15; /** @hide */ @TestApi public static final int OPERATION_SET_APPLICATION_RESTRICTIONS = 16; /** @hide */ @TestApi public static final int OPERATION_SET_KEEP_UNINSTALLED_PACKAGES = 17; /** @hide */ @TestApi public static final int OPERATION_SET_LOCK_TASK_FEATURES = 18; /** @hide */ @TestApi public static final int OPERATION_SET_LOCK_TASK_PACKAGES = 19; /** @hide */ @TestApi public static final int OPERATION_SET_PACKAGES_SUSPENDED = 20; /** @hide */ @TestApi public static final int OPERATION_SET_TRUST_AGENT_CONFIGURATION = 21; /** @hide */ @TestApi public static final int OPERATION_SET_USER_CONTROL_DISABLED_PACKAGES = 22; private static final String PREFIX_OPERATION = "OPERATION_"; Loading @@ -2638,7 +2674,19 @@ public class DevicePolicyManager { OPERATION_REBOOT, OPERATION_WIPE_DATA, OPERATION_LOGOUT_USER, OPERATION_SET_USER_RESTRICTION OPERATION_SET_USER_RESTRICTION, OPERATION_SET_SYSTEM_SETTING, OPERATION_SET_KEYGUARD_DISABLED, OPERATION_SET_STATUS_BAR_DISABLED, OPERATION_SET_SYSTEM_UPDATE_POLICY, OPERATION_SET_APPLICATION_HIDDEN, OPERATION_SET_APPLICATION_RESTRICTIONS, OPERATION_SET_KEEP_UNINSTALLED_PACKAGES, OPERATION_SET_LOCK_TASK_FEATURES, OPERATION_SET_LOCK_TASK_PACKAGES, OPERATION_SET_PACKAGES_SUSPENDED, OPERATION_SET_TRUST_AGENT_CONFIGURATION, OPERATION_SET_USER_CONTROL_DISABLED_PACKAGES }) @Retention(RetentionPolicy.SOURCE) public static @interface DevicePolicyOperation { Loading
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +17 −0 Original line number Diff line number Diff line Loading @@ -7507,6 +7507,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkCallAuthorization((caller.hasAdminComponent() && isDeviceOwner(caller)) || (caller.hasPackage() && isCallerDelegate(caller, DELEGATION_KEEP_UNINSTALLED_PACKAGES))); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_KEEP_UNINSTALLED_PACKAGES); synchronized (getLockObject()) { // Get the device owner Loading Loading @@ -8975,6 +8976,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkCallAuthorization((caller.hasAdminComponent() && (isProfileOwner(caller) || isDeviceOwner(caller))) || (caller.hasPackage() && isCallerDelegate(caller, DELEGATION_APP_RESTRICTIONS))); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_APPLICATION_RESTRICTIONS); mInjector.binderWithCleanCallingIdentity(() -> { mUserManager.setApplicationRestrictions(packageName, settings, Loading @@ -9000,6 +9002,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { synchronized (getLockObject()) { ActiveAdmin ap = getActiveAdminForCallerLocked(admin, DeviceAdminInfo.USES_POLICY_DISABLE_KEYGUARD_FEATURES, parent); checkCanExecuteOrThrowUnsafe( DevicePolicyManager.OPERATION_SET_TRUST_AGENT_CONFIGURATION); ap.trustAgentInfos.put(agent.flattenToString(), new TrustAgentInfo(args)); saveSettingsLocked(userHandle); } Loading Loading @@ -9939,6 +9944,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkCallAuthorization((caller.hasAdminComponent() && (isProfileOwner(caller) || isDeviceOwner(caller))) || (caller.hasPackage() && isCallerDelegate(caller, DELEGATION_PACKAGE_ACCESS))); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_PACKAGES_SUSPENDED); String[] result = null; synchronized (getLockObject()) { Loading Loading @@ -10146,6 +10152,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { mInjector.binderWithCleanCallingIdentity(() -> enforcePackageIsSystemPackage(packageName, userId)); } checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_APPLICATION_HIDDEN); result = mInjector.binderWithCleanCallingIdentity(() -> mIPackageManager .setApplicationHiddenSettingAsUser(packageName, hidden, userId)); } Loading Loading @@ -10744,6 +10752,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { synchronized (getLockObject()) { enforceCanCallLockTaskLocked(caller); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_LOCK_TASK_PACKAGES); final int userHandle = caller.getUserId(); setLockTaskPackagesLocked(userHandle, new ArrayList<>(Arrays.asList(packages))); } Loading Loading @@ -10796,6 +10805,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { final int userHandle = caller.getUserId(); synchronized (getLockObject()) { enforceCanCallLockTaskLocked(caller); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_LOCK_TASK_FEATURES); setLockTaskFeaturesLocked(userHandle, flags); } } Loading Loading @@ -10924,6 +10934,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkStringNotEmpty(setting, "String setting is null or empty"); final CallerIdentity caller = getCallerIdentity(who); Preconditions.checkCallAuthorization(isProfileOwner(caller) || isDeviceOwner(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_SYSTEM_SETTING); synchronized (getLockObject()) { if (!SYSTEM_SETTINGS_ALLOWLIST.contains(setting)) { Loading Loading @@ -11225,6 +11236,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { if (isManagedProfile(userId)) { throw new SecurityException("Managed profile cannot disable keyguard"); } checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_KEYGUARD_DISABLED); long ident = mInjector.binderClearCallingIdentity(); try { Loading Loading @@ -11264,6 +11276,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { if (isManagedProfile(userId)) { throw new SecurityException("Managed profile cannot disable status bar"); } checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_STATUS_BAR_DISABLED); DevicePolicyData policy = getUserData(userId); if (policy.mStatusBarDisabled != disabled) { boolean isLockTaskMode = false; Loading Loading @@ -11931,6 +11945,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { synchronized (getLockObject()) { Preconditions.checkCallAuthorization(isProfileOwnerOfOrganizationOwnedDevice(caller) || isDeviceOwner(caller)); checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_SYSTEM_UPDATE_POLICY); if (policy == null) { mOwners.clearSystemUpdatePolicy(); Loading Loading @@ -15077,6 +15092,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkNotNull(packages, "packages is null"); final CallerIdentity caller = getCallerIdentity(who); Preconditions.checkCallAuthorization(isDeviceOwner(caller)); checkCanExecuteOrThrowUnsafe( DevicePolicyManager.OPERATION_SET_USER_CONTROL_DISABLED_PACKAGES); synchronized (getLockObject()) { setUserControlDisabledPackagesLocked(caller.getUserId(), packages);
