Loading core/java/android/app/admin/DevicePolicyManagerInternal.java +20 −0 Original line number Diff line number Diff line Loading @@ -87,6 +87,26 @@ public abstract class DevicePolicyManagerInternal { */ public abstract boolean isActiveAdminWithPolicy(int uid, int reqPolicy); /** * Checks if an app with given uid is an active device owner of its user. * * <p>This takes the DPMS lock. DO NOT call from PM/UM/AM with their lock held. * * @param uid App uid. * @return true if the uid is an active device owner. */ public abstract boolean isActiveDeviceOwner(int uid); /** * Checks if an app with given uid is an active profile owner of its user. * * <p>This takes the DPMS lock. DO NOT call from PM/UM/AM with their lock held. * * @param uid App uid. * @return true if the uid is an active profile owner. */ public abstract boolean isActiveProfileOwner(int uid); /** * Checks if an app with given uid is the active supervision admin. * Loading services/core/java/com/android/server/net/NetworkStatsAccess.java +4 −5 Original line number Diff line number Diff line Loading @@ -24,7 +24,6 @@ import static android.net.TrafficStats.UID_TETHERING; import android.Manifest; import android.annotation.IntDef; import android.app.AppOpsManager; import android.app.admin.DeviceAdminInfo; import android.app.admin.DevicePolicyManagerInternal; import android.content.Context; import android.content.pm.PackageManager; Loading Loading @@ -112,8 +111,7 @@ public final class NetworkStatsAccess { boolean hasCarrierPrivileges = tm != null && tm.checkCarrierPrivilegesForPackageAnyPhone(callingPackage) == TelephonyManager.CARRIER_PRIVILEGE_STATUS_HAS_ACCESS; boolean isDeviceOwner = dpmi != null && dpmi.isActiveAdminWithPolicy(callingUid, DeviceAdminInfo.USES_POLICY_DEVICE_OWNER); boolean isDeviceOwner = dpmi != null && dpmi.isActiveDeviceOwner(callingUid); final int appId = UserHandle.getAppId(callingUid); if (hasCarrierPrivileges || isDeviceOwner || appId == Process.SYSTEM_UID || appId == Process.NETWORK_STACK_UID) { Loading @@ -128,8 +126,9 @@ public final class NetworkStatsAccess { return NetworkStatsAccess.Level.DEVICESUMMARY; } boolean isProfileOwner = dpmi != null && dpmi.isActiveAdminWithPolicy(callingUid, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER); //TODO(b/169395065) Figure out if this flow makes sense in Device Owner mode. boolean isProfileOwner = dpmi != null && (dpmi.isActiveProfileOwner(callingUid) || dpmi.isActiveDeviceOwner(callingUid)); if (isProfileOwner) { // Apps with the AppOps permission, profile owners, and apps with the privileged // permission can access data usage for all apps in this user/profile. Loading services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +16 −0 Original line number Diff line number Diff line Loading @@ -12473,6 +12473,22 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } } @Override public boolean isActiveDeviceOwner(int uid) { synchronized (getLockObject()) { return getActiveAdminWithPolicyForUidLocked( null, DeviceAdminInfo.USES_POLICY_DEVICE_OWNER, uid) != null; } } @Override public boolean isActiveProfileOwner(int uid) { synchronized (getLockObject()) { return getActiveAdminWithPolicyForUidLocked( null, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER, uid) != null; } } @Override public boolean isActiveSupervisionApp(int uid) { synchronized (getLockObject()) { tests/net/java/com/android/server/net/NetworkStatsAccessTest.java +2 −5 Original line number Diff line number Diff line Loading @@ -22,7 +22,6 @@ import static org.mockito.Mockito.when; import android.Manifest; import android.Manifest.permission; import android.app.AppOpsManager; import android.app.admin.DeviceAdminInfo; import android.app.admin.DevicePolicyManagerInternal; import android.content.Context; import android.content.pm.PackageManager; Loading Loading @@ -167,13 +166,11 @@ public class NetworkStatsAccessTest { } private void setIsDeviceOwner(boolean isOwner) { when(mDpmi.isActiveAdminWithPolicy(TEST_UID, DeviceAdminInfo.USES_POLICY_DEVICE_OWNER)) .thenReturn(isOwner); when(mDpmi.isActiveDeviceOwner(TEST_UID)).thenReturn(isOwner); } private void setIsProfileOwner(boolean isOwner) { when(mDpmi.isActiveAdminWithPolicy(TEST_UID, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER)) .thenReturn(isOwner); when(mDpmi.isActiveProfileOwner(TEST_UID)).thenReturn(isOwner); } private void setHasAppOpsPermission(int appOpsMode, boolean hasPermission) { Loading Loading
core/java/android/app/admin/DevicePolicyManagerInternal.java +20 −0 Original line number Diff line number Diff line Loading @@ -87,6 +87,26 @@ public abstract class DevicePolicyManagerInternal { */ public abstract boolean isActiveAdminWithPolicy(int uid, int reqPolicy); /** * Checks if an app with given uid is an active device owner of its user. * * <p>This takes the DPMS lock. DO NOT call from PM/UM/AM with their lock held. * * @param uid App uid. * @return true if the uid is an active device owner. */ public abstract boolean isActiveDeviceOwner(int uid); /** * Checks if an app with given uid is an active profile owner of its user. * * <p>This takes the DPMS lock. DO NOT call from PM/UM/AM with their lock held. * * @param uid App uid. * @return true if the uid is an active profile owner. */ public abstract boolean isActiveProfileOwner(int uid); /** * Checks if an app with given uid is the active supervision admin. * Loading
services/core/java/com/android/server/net/NetworkStatsAccess.java +4 −5 Original line number Diff line number Diff line Loading @@ -24,7 +24,6 @@ import static android.net.TrafficStats.UID_TETHERING; import android.Manifest; import android.annotation.IntDef; import android.app.AppOpsManager; import android.app.admin.DeviceAdminInfo; import android.app.admin.DevicePolicyManagerInternal; import android.content.Context; import android.content.pm.PackageManager; Loading Loading @@ -112,8 +111,7 @@ public final class NetworkStatsAccess { boolean hasCarrierPrivileges = tm != null && tm.checkCarrierPrivilegesForPackageAnyPhone(callingPackage) == TelephonyManager.CARRIER_PRIVILEGE_STATUS_HAS_ACCESS; boolean isDeviceOwner = dpmi != null && dpmi.isActiveAdminWithPolicy(callingUid, DeviceAdminInfo.USES_POLICY_DEVICE_OWNER); boolean isDeviceOwner = dpmi != null && dpmi.isActiveDeviceOwner(callingUid); final int appId = UserHandle.getAppId(callingUid); if (hasCarrierPrivileges || isDeviceOwner || appId == Process.SYSTEM_UID || appId == Process.NETWORK_STACK_UID) { Loading @@ -128,8 +126,9 @@ public final class NetworkStatsAccess { return NetworkStatsAccess.Level.DEVICESUMMARY; } boolean isProfileOwner = dpmi != null && dpmi.isActiveAdminWithPolicy(callingUid, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER); //TODO(b/169395065) Figure out if this flow makes sense in Device Owner mode. boolean isProfileOwner = dpmi != null && (dpmi.isActiveProfileOwner(callingUid) || dpmi.isActiveDeviceOwner(callingUid)); if (isProfileOwner) { // Apps with the AppOps permission, profile owners, and apps with the privileged // permission can access data usage for all apps in this user/profile. Loading
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +16 −0 Original line number Diff line number Diff line Loading @@ -12473,6 +12473,22 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } } @Override public boolean isActiveDeviceOwner(int uid) { synchronized (getLockObject()) { return getActiveAdminWithPolicyForUidLocked( null, DeviceAdminInfo.USES_POLICY_DEVICE_OWNER, uid) != null; } } @Override public boolean isActiveProfileOwner(int uid) { synchronized (getLockObject()) { return getActiveAdminWithPolicyForUidLocked( null, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER, uid) != null; } } @Override public boolean isActiveSupervisionApp(int uid) { synchronized (getLockObject()) {
tests/net/java/com/android/server/net/NetworkStatsAccessTest.java +2 −5 Original line number Diff line number Diff line Loading @@ -22,7 +22,6 @@ import static org.mockito.Mockito.when; import android.Manifest; import android.Manifest.permission; import android.app.AppOpsManager; import android.app.admin.DeviceAdminInfo; import android.app.admin.DevicePolicyManagerInternal; import android.content.Context; import android.content.pm.PackageManager; Loading Loading @@ -167,13 +166,11 @@ public class NetworkStatsAccessTest { } private void setIsDeviceOwner(boolean isOwner) { when(mDpmi.isActiveAdminWithPolicy(TEST_UID, DeviceAdminInfo.USES_POLICY_DEVICE_OWNER)) .thenReturn(isOwner); when(mDpmi.isActiveDeviceOwner(TEST_UID)).thenReturn(isOwner); } private void setIsProfileOwner(boolean isOwner) { when(mDpmi.isActiveAdminWithPolicy(TEST_UID, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER)) .thenReturn(isOwner); when(mDpmi.isActiveProfileOwner(TEST_UID)).thenReturn(isOwner); } private void setHasAppOpsPermission(int appOpsMode, boolean hasPermission) { Loading
