Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5263c11a authored by Alex Johnston's avatar Alex Johnston Committed by Android (Google) Code Review
Browse files

Merge "Add permission to ACTION_RESET_PROTECTION_POLICY_CHANGED"

parents 1b1b9d2a 090fa3c6

api/system-current.txt

+2 −1
Original line number Diff line number Diff line
@@ -118,6 +118,7 @@ package android { 
    field public static final String MANAGE_CONTENT_CAPTURE = "android.permission.MANAGE_CONTENT_CAPTURE";

    field public static final String MANAGE_CONTENT_SUGGESTIONS = "android.permission.MANAGE_CONTENT_SUGGESTIONS";

    field public static final String MANAGE_DEBUGGING = "android.permission.MANAGE_DEBUGGING";

    field public static final String MANAGE_FACTORY_RESET_PROTECTION = "android.permission.MANAGE_FACTORY_RESET_PROTECTION";

    field public static final String MANAGE_IPSEC_TUNNELS = "android.permission.MANAGE_IPSEC_TUNNELS";

    field public static final String MANAGE_ONE_TIME_PERMISSION_SESSIONS = "android.permission.MANAGE_ONE_TIME_PERMISSION_SESSIONS";

    field public static final String MANAGE_ROLE_HOLDERS = "android.permission.MANAGE_ROLE_HOLDERS";
@@ -887,7 +888,7 @@ package android.app.admin { 
    field public static final String ACTION_PROVISION_FINALIZATION = "android.app.action.PROVISION_FINALIZATION";

    field public static final String ACTION_PROVISION_FINANCED_DEVICE = "android.app.action.PROVISION_FINANCED_DEVICE";

    field public static final String ACTION_PROVISION_MANAGED_DEVICE_FROM_TRUSTED_SOURCE = "android.app.action.PROVISION_MANAGED_DEVICE_FROM_TRUSTED_SOURCE";

    field public static final String ACTION_RESET_PROTECTION_POLICY_CHANGED = "android.app.action.RESET_PROTECTION_POLICY_CHANGED";

    field @RequiresPermission(android.Manifest.permission.MANAGE_FACTORY_RESET_PROTECTION) public static final String ACTION_RESET_PROTECTION_POLICY_CHANGED = "android.app.action.RESET_PROTECTION_POLICY_CHANGED";

    field public static final String ACTION_SET_PROFILE_OWNER = "android.app.action.SET_PROFILE_OWNER";

    field public static final String ACTION_STATE_USER_SETUP_COMPLETE = "android.app.action.STATE_USER_SETUP_COMPLETE";

    field public static final String EXTRA_PROFILE_OWNER_NAME = "android.app.extra.PROFILE_OWNER_NAME";

core/java/android/app/admin/DevicePolicyManager.java

+1 −0
Original line number Diff line number Diff line
@@ -1416,6 +1416,7 @@ public class DevicePolicyManager { 
     * @see #setFactoryResetProtectionPolicy

     * @hide

     */

    @RequiresPermission(android.Manifest.permission.MANAGE_FACTORY_RESET_PROTECTION)

    @SystemApi

    public static final String ACTION_RESET_PROTECTION_POLICY_CHANGED =

            "android.app.action.RESET_PROTECTION_POLICY_CHANGED";

core/res/AndroidManifest.xml

+15 −0
Original line number Diff line number Diff line
@@ -645,6 +645,9 @@ 


    <protected-broadcast android:name="android.intent.action.DEVICE_CUSTOMIZATION_READY" />



    <!-- Added in R -->

    <protected-broadcast android:name="android.app.action.RESET_PROTECTION_POLICY_CHANGED" />



    <!-- For tether entitlement recheck-->

    <protected-broadcast

        android:name="com.android.server.connectivity.tethering.PROVISIONING_RECHECK_ALARM" />
@@ -1951,6 +1954,18 @@ 
        android:description="@string/permdesc_modifyAudioSettings"

        android:protectionLevel="normal" />



    <!-- ======================================== -->

    <!-- Permissions for factory reset protection -->

    <!-- ======================================== -->

    <eat-comment />



    <!-- @SystemApi Allows an application to set a factory reset protection (FRP) policy.

         <p>Not for use by third-party applications.

         @hide

    -->

    <permission android:name="android.permission.MANAGE_FACTORY_RESET_PROTECTION"

        android:protectionLevel="signature|privileged"/>



    <!-- ================================== -->

    <!-- Permissions for accessing hardware -->

    <!-- ================================== -->

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+7 −3
Original line number Diff line number Diff line
@@ -7036,9 +7036,13 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { 
            saveSettingsLocked(userId);

        }













        mInjector.binderWithCleanCallingIdentity(() -> mContext.sendBroadcastAsUser(













                new Intent(DevicePolicyManager.ACTION_RESET_PROTECTION_POLICY_CHANGED),













                UserHandle.getUserHandleForUid(frpManagementAgentUid)));













        final Intent intent = new Intent(













                DevicePolicyManager.ACTION_RESET_PROTECTION_POLICY_CHANGED).addFlags(













                Intent.FLAG_RECEIVER_INCLUDE_BACKGROUND | Intent.FLAG_RECEIVER_FOREGROUND);

























        mInjector.binderWithCleanCallingIdentity(() -> mContext.sendBroadcastAsUser(intent,













                UserHandle.getUserHandleForUid(frpManagementAgentUid),













                android.Manifest.permission.MANAGE_FACTORY_RESET_PROTECTION));





























        DevicePolicyEventLogger















                .createEvent(DevicePolicyEnums.SET_FACTORY_RESET_PROTECTION)

































services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java



+6
−3




























Original line number
Diff line number
Diff line








@@ -2097,7 +2097,8 @@ public class DevicePolicyManagerTest extends DpmTestBase {













        verify(mContext.spiedContext).sendBroadcastAsUser(















                MockUtils.checkIntentAction(















                        DevicePolicyManager.ACTION_RESET_PROTECTION_POLICY_CHANGED),













                MockUtils.checkUserHandle(DpmMockContext.CALLER_USER_HANDLE));













                MockUtils.checkUserHandle(DpmMockContext.CALLER_USER_HANDLE),













                eq(android.Manifest.permission.MANAGE_FACTORY_RESET_PROTECTION));















    }































    public void testSetFactoryResetProtectionPolicyFailWithPO() throws Exception {










@@ -2144,7 +2145,8 @@ public class DevicePolicyManagerTest extends DpmTestBase {













        verify(mContext.spiedContext).sendBroadcastAsUser(















                MockUtils.checkIntentAction(















                        DevicePolicyManager.ACTION_RESET_PROTECTION_POLICY_CHANGED),













                MockUtils.checkUserHandle(DpmMockContext.CALLER_USER_HANDLE));













                MockUtils.checkUserHandle(DpmMockContext.CALLER_USER_HANDLE),













                eq(android.Manifest.permission.MANAGE_FACTORY_RESET_PROTECTION));















    }































    public void testGetFactoryResetProtectionPolicyWithFrpManagementAgent()









@@ -2171,7 +2173,8 @@ public class DevicePolicyManagerTest extends DpmTestBase {













        verify(mContext.spiedContext).sendBroadcastAsUser(















                MockUtils.checkIntentAction(















                        DevicePolicyManager.ACTION_RESET_PROTECTION_POLICY_CHANGED),













                MockUtils.checkUserHandle(DpmMockContext.CALLER_USER_HANDLE));













                MockUtils.checkUserHandle(DpmMockContext.CALLER_USER_HANDLE),













                eq(android.Manifest.permission.MANAGE_FACTORY_RESET_PROTECTION));















    }































    private void assertPoliciesAreEqual(FactoryResetProtectionPolicy expectedPolicy,