Merge "Add new DPM.setAutoTimeZonePolicy coexistable API." into main

    method @RequiresPermission(anyOf={android.Manifest.permission.SET_TIME, "android.permission.QUERY_ADMIN_POLICY"}, conditional=true) public boolean getAutoTimeEnabled(@Nullable android.content.ComponentName);

    method @Deprecated public boolean getAutoTimeRequired();

    method @RequiresPermission(anyOf={android.Manifest.permission.SET_TIME_ZONE, "android.permission.QUERY_ADMIN_POLICY"}, conditional=true) public boolean getAutoTimeZoneEnabled(@Nullable android.content.ComponentName);

    method @FlaggedApi("android.app.admin.flags.set_auto_time_zone_enabled_coexistence") @RequiresPermission(anyOf={android.Manifest.permission.SET_TIME_ZONE, "android.permission.QUERY_ADMIN_POLICY"}, conditional=true) public int getAutoTimeZonePolicy();

    method @NonNull public java.util.List<android.os.UserHandle> getBindDeviceAdminTargetUsers(@NonNull android.content.ComponentName);

    method public boolean getBluetoothContactSharingDisabled(@NonNull android.content.ComponentName);

    method @RequiresPermission(value=android.Manifest.permission.MANAGE_DEVICE_POLICY_CAMERA, conditional=true) public boolean getCameraDisabled(@Nullable android.content.ComponentName);

    method @RequiresPermission(value=android.Manifest.permission.SET_TIME, conditional=true) public void setAutoTimeEnabled(@Nullable android.content.ComponentName, boolean);

    method @Deprecated public void setAutoTimeRequired(@NonNull android.content.ComponentName, boolean);

    method @RequiresPermission(value=android.Manifest.permission.SET_TIME_ZONE, conditional=true) public void setAutoTimeZoneEnabled(@Nullable android.content.ComponentName, boolean);

    method @FlaggedApi("android.app.admin.flags.set_auto_time_zone_enabled_coexistence") @RequiresPermission(value=android.Manifest.permission.SET_TIME_ZONE, conditional=true) public void setAutoTimeZonePolicy(int);

    method public void setBackupServiceEnabled(@NonNull android.content.ComponentName, boolean);

    method public void setBluetoothContactSharingDisabled(@NonNull android.content.ComponentName, boolean);

    method @RequiresPermission(value=android.Manifest.permission.MANAGE_DEVICE_POLICY_CAMERA, conditional=true) public void setCameraDisabled(@Nullable android.content.ComponentName, boolean);

    field public static final String ACTION_SET_NEW_PASSWORD = "android.app.action.SET_NEW_PASSWORD";

    field public static final String ACTION_START_ENCRYPTION = "android.app.action.START_ENCRYPTION";

    field public static final String ACTION_SYSTEM_UPDATE_POLICY_CHANGED = "android.app.action.SYSTEM_UPDATE_POLICY_CHANGED";

    field @FlaggedApi("android.app.admin.flags.set_auto_time_zone_enabled_coexistence") public static final int AUTO_TIME_ZONE_DISABLED = 1; // 0x1

    field @FlaggedApi("android.app.admin.flags.set_auto_time_zone_enabled_coexistence") public static final int AUTO_TIME_ZONE_ENABLED = 2; // 0x2

    field @FlaggedApi("android.app.admin.flags.set_auto_time_zone_enabled_coexistence") public static final int AUTO_TIME_ZONE_NOT_CONTROLLED_BY_POLICY = 0; // 0x0

    field @FlaggedApi("android.view.contentprotection.flags.manage_device_policy_enabled") public static final int CONTENT_PROTECTION_DISABLED = 1; // 0x1

    field @FlaggedApi("android.view.contentprotection.flags.manage_device_policy_enabled") public static final int CONTENT_PROTECTION_ENABLED = 2; // 0x2

    field @FlaggedApi("android.view.contentprotection.flags.manage_device_policy_enabled") public static final int CONTENT_PROTECTION_NOT_CONTROLLED_BY_POLICY = 0; // 0x0

    /**

     * Called by a device owner, a profile owner for the primary user or a profile

     * owner of an organization-owned managed profile to turn auto time zone on and off.

     * Callers are recommended to use {@link UserManager#DISALLOW_CONFIG_DATE_TIME}

     * to prevent the user from changing this setting.

     * <p>

     * If user restriction {@link UserManager#DISALLOW_CONFIG_DATE_TIME} is used,

     * no user will be able set the date and time zone. Instead, the network date

     * and time zone will be used.

     * Callers are recommended to use {@link UserManager#DISALLOW_CONFIG_DATE_TIME} to prevent the

     * user from changing this setting, that way no user will be able set the date and time zone.

     *

     * @param admin Which {@link DeviceAdminReceiver} this request is associated with or Null if the

     *              caller is not a device admin.

     * @throws SecurityException if caller is not a device owner, a profile owner for the

     * primary user, or a profile owner of an organization-owned managed profile.

     */

    @SupportsCoexistence

    @RequiresPermission(value = SET_TIME_ZONE, conditional = true)

    public void setAutoTimeZoneEnabled(@Nullable ComponentName admin, boolean enabled) {

        throwIfParentInstance("setAutoTimeZone");

        if (mService != null) {

            try {

                if (Flags.setAutoTimeZoneEnabledCoexistence()) {

                    mService.setAutoTimeZonePolicy(mContext.getPackageName(),

                            enabled ? AUTO_TIME_ZONE_ENABLED : AUTO_TIME_ZONE_DISABLED );

                } else {

                    mService.setAutoTimeZoneEnabled(admin, mContext.getPackageName(), enabled);

                }

            } catch (RemoteException e) {

                throw e.rethrowFromSystemServer();

            }

        return false;

    }

    /**

     * Specifies that the auto time zone state is not controlled by device policy.

     *

     * @see #setAutoTimeZonePolicy(int)

     */

    @FlaggedApi(Flags.FLAG_SET_AUTO_TIME_ZONE_ENABLED_COEXISTENCE)

    public static final int AUTO_TIME_ZONE_NOT_CONTROLLED_BY_POLICY = 0;

    /**

     * Specifies the "disabled" auto time zone state.

     *

     * @see #setAutoTimeZonePolicy(int)

     */

    @FlaggedApi(Flags.FLAG_SET_AUTO_TIME_ZONE_ENABLED_COEXISTENCE)

    public static final int AUTO_TIME_ZONE_DISABLED = 1;

    /**

     * Specifies the "enabled" auto time zone state.

     *

     * @see #setAutoTimeZonePolicy(int)

     */

    @FlaggedApi(Flags.FLAG_SET_AUTO_TIME_ZONE_ENABLED_COEXISTENCE)

    public static final int AUTO_TIME_ZONE_ENABLED = 2;

    /**

     * Flags supplied to {@link #setAutoTimeZonePolicy}(int)}.

     *

     * @hide

     */

    @Retention(RetentionPolicy.SOURCE)

    @IntDef(prefix = { "AUTO_TIME_ZONE_" }, value = {

            AUTO_TIME_ZONE_NOT_CONTROLLED_BY_POLICY,

            AUTO_TIME_ZONE_DISABLED,

            AUTO_TIME_ZONE_ENABLED

    })

    public @interface AutoTimeZonePolicy {}

    /**

     * Called by a device owner, a profile owner for the primary user or a profile owner of an

     * organization-owned managed profile to turn auto time zone on and off.

     * <p>

     * Callers are recommended to use {@link UserManager#DISALLOW_CONFIG_DATE_TIME} to prevent the

     * user from changing this setting, that way no user will be able set the date and time zone.

     *

     * @param policy The desired state among {@link #AUTO_TIME_ZONE_ENABLED} to enable it,

     * {@link #AUTO_TIME_ZONE_DISABLED} to disable it or

     * {@link #AUTO_TIME_ZONE_NOT_CONTROLLED_BY_POLICY} to unset the policy.

     * @throws SecurityException if caller is not a device owner, a profile owner for the primary

     * user, or a profile owner of an organization-owned managed profile, or if the caller does not

     * hold the required permission.

     */

    @SupportsCoexistence

    @RequiresPermission(value = SET_TIME_ZONE, conditional = true)

    @FlaggedApi(Flags.FLAG_SET_AUTO_TIME_ZONE_ENABLED_COEXISTENCE)

    public void setAutoTimeZonePolicy(@AutoTimeZonePolicy int policy) {

        throwIfParentInstance("setAutoTimeZonePolicy");

        if (mService != null) {

            try {

                mService.setAutoTimeZonePolicy(mContext.getPackageName(), policy);

            } catch (RemoteException e) {

                throw e.rethrowFromSystemServer();

            }

        }

    }

    /**

     * Returns auto time zone policy's current state.

     *

     * @return One of {@link #AUTO_TIME_ZONE_ENABLED} if enabled, {@link #AUTO_TIME_ZONE_DISABLED}

     *         if disabled and {@link #AUTO_TIME_ZONE_NOT_CONTROLLED_BY_POLICY} if the state is not

     *         controlled by policy.

     * @throws SecurityException if caller is not a device owner, a profile owner for the

     * primary user, or a profile owner of an organization-owned managed profile, or if the caller

     * does not hold the required permission.

     */

    @SupportsCoexistence

    @RequiresPermission(anyOf = {SET_TIME_ZONE, QUERY_ADMIN_POLICY}, conditional = true)

    @FlaggedApi(Flags.FLAG_SET_AUTO_TIME_ZONE_ENABLED_COEXISTENCE)

    public @AutoTimeZonePolicy int getAutoTimeZonePolicy() {

        throwIfParentInstance("getAutoTimeZonePolicy");

        if (mService != null) {

            try {

                return mService.getAutoTimeZonePolicy(mContext.getPackageName());

            } catch (RemoteException e) {

                throw e.rethrowFromSystemServer();

            }

        }

        return DevicePolicyManager.AUTO_TIME_ZONE_NOT_CONTROLLED_BY_POLICY;

    }

    /**

     * TODO (b/137101239): remove this method in follow-up CL

     * since it's only used for split system user.

    void setAutoTimeZoneEnabled(in ComponentName who, String callerPackageName, boolean enabled);

    boolean getAutoTimeZoneEnabled(in ComponentName who, String callerPackageName);

    void setAutoTimeZonePolicy(String callerPackageName, int policy);

    int getAutoTimeZonePolicy(String callerPackageName);

    void setForceEphemeralUsers(in ComponentName who, boolean forceEpehemeralUsers);

    boolean getForceEphemeralUsers(in ComponentName who);

final class DevicePolicyEngine {

    static final String TAG = "DevicePolicyEngine";

    // TODO(b/281701062): reference role name from role manager once its exposed.

    static final String DEVICE_LOCK_CONTROLLER_ROLE =

            "android.app.role.SYSTEM_FINANCED_DEVICE_CONTROLLER";

    static final String SYSTEM_SUPERVISION_ROLE = "android.app.role.SYSTEM_SUPERVISION";

    private static final String CELLULAR_2G_USER_RESTRICTION_ID =

            DevicePolicyIdentifiers.getIdentifierForUserRestriction(

                    UserManager.DISALLOW_CELLULAR_2G);

            return;

        }

        CallerIdentity caller;

        if (Flags.setAutoTimeZoneEnabledCoexistence()) {

            caller = getCallerIdentity(who, callerPackageName);

        } else {

            caller = getCallerIdentity(who);

        }

        CallerIdentity caller = getCallerIdentity(who);

        if (Flags.setAutoTimeZoneEnabledCoexistence()) {

            // The effect of this policy is device-wide.

            EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin(

                    who,

                    SET_TIME_ZONE,

                    caller.getPackageName(),

                    UserHandle.USER_ALL

            );

            mDevicePolicyEngine.setGlobalPolicy(

                    PolicyDefinition.AUTO_TIMEZONE,

                    // TODO(b/260573124): add correct enforcing admin when permission changes are

                    //  merged.

                    enforcingAdmin,

                    new BooleanPolicyValue(enabled));

        } else {

        Objects.requireNonNull(who, "ComponentName is null");

        Preconditions.checkCallAuthorization(isProfileOwnerOnUser0(caller)

                || isProfileOwnerOfOrganizationOwnedDevice(caller) || isDefaultDeviceOwner(

                caller));

        mInjector.binderWithCleanCallingIdentity(() ->

                mInjector.settingsGlobalPutInt(Global.AUTO_TIME_ZONE, enabled ? 1 : 0));

        }

        DevicePolicyEventLogger

                .createEvent(DevicePolicyEnums.SET_AUTO_TIME_ZONE)

            return false;

        }

        CallerIdentity caller;

        if (Flags.setAutoTimeZoneEnabledCoexistence()) {

            caller = getCallerIdentity(who, callerPackageName);

        } else {

            caller = getCallerIdentity(who);

        }

        if (Flags.setAutoTimeZoneEnabledCoexistence()) {

            // The effect of this policy is device-wide.

            enforceCanQuery(SET_TIME_ZONE, caller.getPackageName(), UserHandle.USER_ALL);

        } else {

        CallerIdentity caller = getCallerIdentity(who);

        Objects.requireNonNull(who, "ComponentName is null");

        Preconditions.checkCallAuthorization(isProfileOwnerOnUser0(caller)

                || isProfileOwnerOfOrganizationOwnedDevice(caller) || isDefaultDeviceOwner(

                caller));

        return mInjector.settingsGlobalGetInt(Global.AUTO_TIME_ZONE, 0) > 0;

    }

        return mInjector.settingsGlobalGetInt(Global.AUTO_TIME_ZONE, 0) > 0;

    /**

     * Set auto time zone state.

     */

    public void setAutoTimeZonePolicy(String callerPackageName, int policy) {

        if (!mHasFeature) {

            return;

        }

        CallerIdentity caller = getCallerIdentity(callerPackageName);

        // The effect of this policy is device-wide.

        EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin(

                /* who */ null,

                SET_TIME_ZONE,

                caller.getPackageName(),

                UserHandle.USER_ALL

        );

        if (policy != DevicePolicyManager.AUTO_TIME_ZONE_NOT_CONTROLLED_BY_POLICY) {

            mDevicePolicyEngine.setGlobalPolicy(

                    PolicyDefinition.AUTO_TIME_ZONE,

                    enforcingAdmin,

                    new IntegerPolicyValue(policy));

            DevicePolicyEventLogger

                    .createEvent(DevicePolicyEnums.SET_AUTO_TIME_ZONE)

                    .setAdmin(caller.getPackageName())

                    .setBoolean(policy == DevicePolicyManager.AUTO_TIME_ZONE_ENABLED)

                    .write();

        } else {

            mDevicePolicyEngine.removeGlobalPolicy(

                    PolicyDefinition.AUTO_TIME_ZONE,

                    enforcingAdmin);

        }

    }

    /**

     * Returns whether auto time zone is used on the device or not.

     */

    @Override

    public int getAutoTimeZonePolicy(String callerPackageName) {

        if (!mHasFeature) {

            return DevicePolicyManager.AUTO_TIME_ZONE_NOT_CONTROLLED_BY_POLICY;

        }

        CallerIdentity caller = getCallerIdentity(callerPackageName);

        // The effect of this policy is device-wide.

        EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin(

                /* who */ null,

                SET_TIME_ZONE,

                caller.getPackageName(),

                UserHandle.USER_ALL

        );

        Integer state = mDevicePolicyEngine.getGlobalPolicySetByAdmin(

                PolicyDefinition.AUTO_TIME_ZONE, enforcingAdmin);

        return state != null ? state : DevicePolicyManager.AUTO_TIME_ZONE_NOT_CONTROLLED_BY_POLICY;

    }

    // TODO (b/137101239): remove this method in follow-up CL

                    Slogf.i(LOG_TAG,

                            "Started device policies migration to the device policy engine.");

                    // TODO(b/359188869): Move this to the current migration method.

                    if (Flags.setAutoTimeZoneEnabledCoexistence()) {

                        migrateAutoTimezonePolicy();

                    }

                    if (Flags.setPermissionGrantStateCoexistence()) {

                        migratePermissionGrantStatePolicies();

                    }

        // Additional migration steps should repeat the pattern above with a new backupId.

    }

    private void migrateAutoTimezonePolicy() {

        Slogf.i(LOG_TAG, "Skipping Migration of AUTO_TIMEZONE policy to device policy engine,"

                + "as no way to identify if the value was set by the admin or the user.");

    }

    private void migratePermissionGrantStatePolicies() {

        Slogf.i(LOG_TAG, "Migrating PERMISSION_GRANT policy to device policy engine.");

        for (UserInfo userInfo : mUserManager.getUsers()) {