Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 78e45296 authored by Jonathan Scott's avatar Jonathan Scott
Browse files

Update Device Owner and Role Holder requirements to allow FOR_TESTING 

users.

Test: btest CtsDevicePolicyTestCases
Bug: 256655297
Change-Id: I49eb2d3b669e562e91a5b83dbdd0e0128a62830a
parent 7403c8d2

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+17 −9
Original line number Diff line number Diff line
@@ -14745,14 +14745,10 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { 
        if (isAdb) {

            // If shell command runs after user setup completed check device status. Otherwise, OK.

            if (mIsWatch || hasUserSetupCompleted(UserHandle.USER_SYSTEM)) {

                // In non-headless system user mode, DO can be setup only if

                // there's no non-system user.

                // In headless system user mode, DO can be setup only if there are

                // two users: the headless system user and the foreground user.

                // If there could be multiple foreground users, this constraint should be modified.













                int maxNumberOfExistingUsers = isHeadlessSystemUserMode ? 2 : 1;













                if (mUserManager.getUserCount() > maxNumberOfExistingUsers) {













                // DO can be setup only if there are no users which are neither created by default













                // nor marked as FOR_TESTING

























                if (nonTestNonPrecreatedUsersExist()) {















                    return STATUS_NONSYSTEM_USER_EXISTS;















                }
























@@ -14782,6 +14778,18 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {













        }















    }



























    /**













     * True if there are any users on the device which were not setup by default (1 usually, 2 for













     * devices with a headless system user) and also are not marked as FOR_TESTING.













     */













    private boolean nonTestNonPrecreatedUsersExist() {













        int allowedUsers = UserManager.isHeadlessSystemUserMode() ? 2 : 1;

























        return mUserManagerInternal.getUsers(/* excludeDying= */ true).stream()













                .filter(u -> !u.isForTesting())













                .count() > allowedUsers;













    }



























    private int checkDeviceOwnerProvisioningPreCondition(@UserIdInt int callingUserId) {















        synchronized (getLockObject()) {















            final int deviceOwnerUserId = mInjector.userManagerIsHeadlessSystemUserMode()










@@ -19546,7 +19554,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {













    }





























    private boolean shouldAllowBypassingDevicePolicyManagementRoleQualificationInternal() {













        if (mUserManager.getUserCount() > 1) {













        if (nonTestNonPrecreatedUsersExist()) {















            return false;















        }















        AccountManager am = AccountManager.get(mContext);