Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8185a938 authored by Kholoud Mohamed's avatar Kholoud Mohamed Committed by Automerger Merge Worker
Browse files

Merge changes Id3c16654,I57d8730e into udc-dev am: 87746643 

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/22411300



Change-Id: Ibf141e94ba78b660275b32da41af78fb17214bb9
Signed-off-by: default avatarAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
parents dbaf2d54 87746643

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyEngine.java

+45 −76
Original line number Diff line number Diff line
@@ -23,7 +23,6 @@ import static android.app.admin.PolicyUpdateResult.RESULT_FAILURE_HARDWARE_LIMIT 
import static android.app.admin.PolicyUpdateResult.RESULT_POLICY_CLEARED;

import static android.app.admin.PolicyUpdateResult.RESULT_POLICY_SET;

import static android.content.pm.UserProperties.INHERIT_DEVICE_POLICY_FROM_PARENT;

import static android.provider.DeviceConfig.NAMESPACE_DEVICE_POLICY_MANAGER;



import android.Manifest;

import android.annotation.NonNull;
@@ -47,7 +46,6 @@ import android.os.Bundle; 
import android.os.Environment;

import android.os.UserHandle;

import android.os.UserManager;

import android.provider.DeviceConfig;

import android.telephony.TelephonyManager;

import android.util.AtomicFile;

import android.util.Log;
@@ -86,9 +84,6 @@ final class DevicePolicyEngine { 
            DevicePolicyIdentifiers.getIdentifierForUserRestriction(

                    UserManager.DISALLOW_CELLULAR_2G);



    private static final String ENABLE_COEXISTENCE_FLAG = "enable_coexistence";

    private static final boolean DEFAULT_ENABLE_COEXISTENCE_FLAG = true;



    private final Context mContext;

    private final UserManager mUserManager;
@@ -771,7 +766,9 @@ final class DevicePolicyEngine { 
        Intent intent = new Intent(PolicyUpdateReceiver.ACTION_DEVICE_POLICY_SET_RESULT);

        intent.setPackage(admin.getPackageName());



        List<ResolveInfo> receivers = mContext.getPackageManager().queryBroadcastReceiversAsUser(

        Binder.withCleanCallingIdentity(() -> {

            List<ResolveInfo> receivers =

                    mContext.getPackageManager().queryBroadcastReceiversAsUser(

                            intent,

                            PackageManager.ResolveInfoFlags.of(PackageManager.GET_RECEIVERS),

                            admin.getUserId());
@@ -793,6 +790,7 @@ final class DevicePolicyEngine { 
            intent.putExtras(extras);



            maybeSendIntentToAdminReceivers(intent, UserHandle.of(admin.getUserId()), receivers);

        });

    }



    // TODO(b/261430877): Finalise the decision on which admins to send the updates to.
@@ -821,7 +819,9 @@ final class DevicePolicyEngine { 
        Intent intent = new Intent(PolicyUpdateReceiver.ACTION_DEVICE_POLICY_CHANGED);

        intent.setPackage(admin.getPackageName());



        List<ResolveInfo> receivers = mContext.getPackageManager().queryBroadcastReceiversAsUser(

        Binder.withCleanCallingIdentity(() -> {

            List<ResolveInfo> receivers =

                    mContext.getPackageManager().queryBroadcastReceiversAsUser(

                            intent,

                            PackageManager.ResolveInfoFlags.of(PackageManager.GET_RECEIVERS),

                            admin.getUserId());
@@ -842,6 +842,7 @@ final class DevicePolicyEngine { 


            maybeSendIntentToAdminReceivers(

                    intent, UserHandle.of(admin.getUserId()), receivers);

        });

    }



    private void maybeSendIntentToAdminReceivers(
@@ -1146,38 +1147,6 @@ final class DevicePolicyEngine { 
        return mEnforcingAdmins.size() > 0;

    }



    /**

     * Returns {@code true} if the coexistence flag is enabled or:

     * <ul>

     * <li>If the provided package is an admin with existing policies

     * <li>A new admin and no other admin have policies set

     * <li>More than one admin have policies set

     */

    boolean canAdminAddPolicies(String packageName, int userId) {

        if (isCoexistenceFlagEnabled()) {

            return true;

        }



        if (mEnforcingAdmins.contains(userId)

                && mEnforcingAdmins.get(userId).stream().anyMatch(admin ->

                admin.getPackageName().equals(packageName))) {

            return true;

        }



        int numOfEnforcingAdmins = 0;

        for (int i = 0; i < mEnforcingAdmins.size(); i++) {

            numOfEnforcingAdmins += mEnforcingAdmins.get(i).size();

        }

        return numOfEnforcingAdmins == 0 || numOfEnforcingAdmins > 1;

    }



    private boolean isCoexistenceFlagEnabled() {

        return DeviceConfig.getBoolean(

                NAMESPACE_DEVICE_POLICY_MANAGER,

                ENABLE_COEXISTENCE_FLAG,

                DEFAULT_ENABLE_COEXISTENCE_FLAG);

    }



    private <V> boolean checkFor2gFailure(@NonNull PolicyDefinition<V> policyDefinition,

            @NonNull EnforcingAdmin enforcingAdmin) {

        if (!policyDefinition.getPolicyKey().getIdentifier().equals(

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+92 −157

File changed.

Preview size limit exceeded, changes collapsed.

services/devicepolicy/java/com/android/server/devicepolicy/PolicyDefinition.java

+33 −2
Original line number Diff line number Diff line
@@ -226,8 +226,7 @@ final class PolicyDefinition<V> { 
     * Passing in {@code null} for {@code packageName} will return

     * {@link #GENERIC_APPLICATION_RESTRICTIONS}.

     */

    static PolicyDefinition<Bundle> APPLICATION_RESTRICTIONS(

            String packageName) {

    static PolicyDefinition<Bundle> APPLICATION_RESTRICTIONS(String packageName) {

        if (packageName == null) {

            return GENERIC_APPLICATION_RESTRICTIONS;

        }
@@ -254,6 +253,34 @@ final class PolicyDefinition<V> { 
            (Integer value, Context context, Integer userId, PolicyKey policyKey) -> true,

            new IntegerPolicySerializer());



    // This is saved in the static map sPolicyDefinitions so that we're able to reconstruct the

    // actual policy with the correct arguments (i.e. packageName) when reading the policies from

    // xml.

    static PolicyDefinition<Boolean> GENERIC_APPLICATION_HIDDEN =

            new PolicyDefinition<>(

                    new PackagePolicyKey(

                            DevicePolicyIdentifiers.APPLICATION_HIDDEN_POLICY),

                    // TODO(b/276713779): Don't need to take in a resolution mechanism since its

                    //  never used, but might need some refactoring to not always assume a non-null

                    //  mechanism.

                    TRUE_MORE_RESTRICTIVE,

                    POLICY_FLAG_LOCAL_ONLY_POLICY,

                    PolicyEnforcerCallbacks::setApplicationHidden,

                    new BooleanPolicySerializer());



    /**

     * Passing in {@code null} for {@code packageName} will return

     * {@link #GENERIC_APPLICATION_HIDDEN}.

     */

    static PolicyDefinition<Boolean> APPLICATION_HIDDEN(String packageName) {

        if (packageName == null) {

            return GENERIC_APPLICATION_HIDDEN;

        }

        return GENERIC_APPLICATION_HIDDEN.createPolicyDefinition(

                new PackagePolicyKey(

                        DevicePolicyIdentifiers.APPLICATION_HIDDEN_POLICY, packageName));

    }



    private static final Map<String, PolicyDefinition<?>> POLICY_DEFINITIONS = new HashMap<>();

    private static Map<String, Integer> USER_RESTRICTION_FLAGS = new HashMap<>();
@@ -272,6 +299,10 @@ final class PolicyDefinition<V> { 
                GENERIC_APPLICATION_RESTRICTIONS);

        POLICY_DEFINITIONS.put(DevicePolicyIdentifiers.RESET_PASSWORD_TOKEN_POLICY,

                RESET_PASSWORD_TOKEN);

        POLICY_DEFINITIONS.put(DevicePolicyIdentifiers.KEYGUARD_DISABLED_FEATURES_POLICY,

                KEYGUARD_DISABLED_FEATURES);

        POLICY_DEFINITIONS.put(DevicePolicyIdentifiers.APPLICATION_HIDDEN_POLICY,

                GENERIC_APPLICATION_HIDDEN);



        // User Restriction Policies

        USER_RESTRICTION_FLAGS.put(UserManager.DISALLOW_MODIFY_ACCOUNTS, /* flags= */ 0);

services/devicepolicy/java/com/android/server/devicepolicy/PolicyEnforcerCallbacks.java

+20 −4
Original line number Diff line number Diff line
@@ -73,7 +73,7 @@ final class PolicyEnforcerCallbacks { 
        return Boolean.TRUE.equals(Binder.withCleanCallingIdentity(() -> {

            if (!(policyKey instanceof PackagePermissionPolicyKey)) {

                throw new IllegalArgumentException("policyKey is not of type "

                        + "PermissionGrantStatePolicyKey");

                        + "PermissionGrantStatePolicyKey, passed in policyKey is: " + policyKey);

            }

            PackagePermissionPolicyKey parsedKey = (PackagePermissionPolicyKey) policyKey;

            Objects.requireNonNull(parsedKey.getPermissionName());
@@ -165,7 +165,7 @@ final class PolicyEnforcerCallbacks { 
            try {

                if (!(policyKey instanceof IntentFilterPolicyKey)) {

                    throw new IllegalArgumentException("policyKey is not of type "

                            + "IntentFilterPolicyKey");

                            + "IntentFilterPolicyKey, passed in policyKey is: " + policyKey);

                }

                IntentFilterPolicyKey parsedKey =

                        (IntentFilterPolicyKey) policyKey;
@@ -193,7 +193,7 @@ final class PolicyEnforcerCallbacks { 
        return Boolean.TRUE.equals(Binder.withCleanCallingIdentity(() -> {

            if (!(policyKey instanceof PackagePolicyKey)) {

                throw new IllegalArgumentException("policyKey is not of type "

                        + "PackagePolicyKey");

                        + "PackagePolicyKey, passed in policyKey is: " + policyKey);

            }

            PackagePolicyKey parsedKey = (PackagePolicyKey) policyKey;

            String packageName = Objects.requireNonNull(parsedKey.getPackageName());
@@ -211,7 +211,7 @@ final class PolicyEnforcerCallbacks { 
        return Boolean.TRUE.equals(Binder.withCleanCallingIdentity(() -> {

            if (!(policyKey instanceof UserRestrictionPolicyKey)) {

                throw new IllegalArgumentException("policyKey is not of type "

                        + "UserRestrictionPolicyKey");

                        + "UserRestrictionPolicyKey, passed in policyKey is: " + policyKey);

            }

            UserRestrictionPolicyKey parsedKey =

                    (UserRestrictionPolicyKey) policyKey;
@@ -221,4 +221,20 @@ final class PolicyEnforcerCallbacks { 
            return true;

        }));

    }



    static boolean setApplicationHidden(

            @Nullable Boolean hide, @NonNull Context context, int userId,

            @NonNull PolicyKey policyKey) {

        return Boolean.TRUE.equals(Binder.withCleanCallingIdentity(() -> {

            if (!(policyKey instanceof PackagePolicyKey)) {

                throw new IllegalArgumentException("policyKey is not of type "

                        + "PackagePolicyKey, passed in policyKey is: " + policyKey);

            }

            PackagePolicyKey parsedKey = (PackagePolicyKey) policyKey;

            String packageName = Objects.requireNonNull(parsedKey.getPackageName());

            IPackageManager packageManager = AppGlobals.getPackageManager();

            return packageManager.setApplicationHiddenSettingAsUser(

                    packageName, hide != null && hide, userId);

        }));

    }

}