Loading core/java/android/app/admin/DevicePolicyManager.java +2 −0 Original line number Diff line number Diff line Loading @@ -1972,6 +1972,7 @@ public class DevicePolicyManager { public static final int CODE_CANNOT_ADD_MANAGED_PROFILE = 11; /** * TODO (b/137101239): clean up split system user codes * Result code for {@link #checkProvisioningPreCondition}. * * <p>Returned for {@link #ACTION_PROVISION_MANAGED_USER} and Loading @@ -1995,6 +1996,7 @@ public class DevicePolicyManager { public static final int CODE_DEVICE_ADMIN_NOT_SUPPORTED = 13; /** * TODO (b/137101239): clean up split system user codes * Result code for {@link #checkProvisioningPreCondition}. * * <p>Returned for {@link #ACTION_PROVISION_MANAGED_PROFILE} when the device the user is a Loading services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +37 −18 Original line number Diff line number Diff line Loading @@ -1228,10 +1228,15 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { SystemProperties.set(key, value); } // TODO (b/137101239): clean up split system user codes boolean userManagerIsSplitSystemUser() { return UserManager.isSplitSystemUser(); } boolean userManagerIsHeadlessSystemUserMode() { return UserManager.isHeadlessSystemUserMode(); } String getDevicePolicyFilePathForSystemUser() { return "/data/system/"; } Loading Loading @@ -7228,7 +7233,6 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { || (caller.hasPackage() && isCallerDelegate(caller, DELEGATION_KEEP_UNINSTALLED_PACKAGES))); // TODO In split system user mode, allow apps on user 0 to query the list synchronized (getLockObject()) { return getKeepUninstalledPackagesLocked(); } Loading Loading @@ -11988,6 +11992,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { case DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE: case DevicePolicyManager.ACTION_PROVISION_FINANCED_DEVICE: return checkDeviceOwnerProvisioningPreCondition(callingUserId); // TODO (b/137101239): clean up split system user codes // ACTION_PROVISION_MANAGED_USER and ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE // only supported on split-user systems. case DevicePolicyManager.ACTION_PROVISION_MANAGED_USER: return checkManagedUserProvisioningPreCondition(callingUserId); case DevicePolicyManager.ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE: Loading @@ -12010,25 +12017,28 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { if (mOwners.hasProfileOwner(deviceOwnerUserId)) { return CODE_USER_HAS_PROFILE_OWNER; } if (!mUserManager.isUserRunning(new UserHandle(deviceOwnerUserId))) { // System user is always running in headless system user mode. if (!mInjector.userManagerIsHeadlessSystemUserMode() && !mUserManager.isUserRunning(new UserHandle(deviceOwnerUserId))) { return CODE_USER_NOT_RUNNING; } if (mIsWatch && hasPaired(UserHandle.USER_SYSTEM)) { return CODE_HAS_PAIRED; } // TODO (b/137101239): clean up split system user codes if (isAdb) { // if shell command runs after user setup completed check device status. Otherwise, OK. // If shell command runs after user setup completed check device status. Otherwise, OK. if (mIsWatch || hasUserSetupCompleted(UserHandle.USER_SYSTEM)) { if (!mInjector.userManagerIsSplitSystemUser()) { if (mUserManager.getUserCount() > 1) { // In non-headless system user mode, DO can be setup only if // there's no non-system user if (!mInjector.userManagerIsHeadlessSystemUserMode() && !mInjector.userManagerIsSplitSystemUser() && mUserManager.getUserCount() > 1) { return CODE_NONSYSTEM_USER_EXISTS; } if (hasIncompatibleAccountsOrNonAdb) { return CODE_ACCOUNTS_NOT_EMPTY; } } else { // STOPSHIP Do proper check in split user mode } } return CODE_OK; } else { Loading @@ -12037,7 +12047,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { if (deviceOwnerUserId != UserHandle.USER_SYSTEM) { return CODE_NOT_SYSTEM_USER; } // In non-split user mode, only provision DO before setup wizard completes // Only provision DO before setup wizard completes // TODO (b/171423186): implement deferred DO setup for headless system user mode if (hasUserSetupCompleted(UserHandle.USER_SYSTEM)) { return CODE_USER_SETUP_COMPLETED; } Loading @@ -12048,8 +12059,14 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } } private int checkDeviceOwnerProvisioningPreCondition(@UserIdInt int deviceOwnerUserId) { private int checkDeviceOwnerProvisioningPreCondition(@UserIdInt int callingUserId) { synchronized (getLockObject()) { final int deviceOwnerUserId = mInjector.userManagerIsHeadlessSystemUserMode() ? UserHandle.USER_SYSTEM : callingUserId; Slog.i(LOG_TAG, String.format("Calling user %d, device owner will be set on user %d", callingUserId, deviceOwnerUserId)); // hasIncompatibleAccountsOrNonAdb doesn't matter since the caller is not adb. return checkDeviceOwnerProvisioningPreConditionLocked(/* owner unknown */ null, deviceOwnerUserId, /* isAdb= */ false, Loading @@ -12057,6 +12074,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } } // TODO (b/137101239): clean up split system user codes private int checkManagedProfileProvisioningPreCondition(String packageName, @UserIdInt int callingUserId) { if (!hasFeatureManagedUsers()) { Loading Loading @@ -12145,6 +12163,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { return null; } // TODO (b/137101239): clean up split system user codes private int checkManagedUserProvisioningPreCondition(int callingUserId) { if (!hasFeatureManagedUsers()) { return CODE_MANAGED_USERS_NOT_SUPPORTED; Loading @@ -12166,6 +12185,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { return CODE_OK; } // TODO (b/137101239): clean up split system user codes private int checkManagedShareableDeviceProvisioningPreCondition(int callingUserId) { if (!mInjector.userManagerIsSplitSystemUser()) { // ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE only supported on split-user systems. Loading Loading @@ -12738,9 +12758,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { return true; } if (userId == UserHandle.USER_SYSTEM) { // The system user is always affiliated in a DO device, even if the DO is set on a // different user. This could be the case if the DO is set in the primary user // of a split user device. // The system user is always affiliated in a DO device, // even if in headless system user mode. return true; } Loading
core/java/android/app/admin/DevicePolicyManager.java +2 −0 Original line number Diff line number Diff line Loading @@ -1972,6 +1972,7 @@ public class DevicePolicyManager { public static final int CODE_CANNOT_ADD_MANAGED_PROFILE = 11; /** * TODO (b/137101239): clean up split system user codes * Result code for {@link #checkProvisioningPreCondition}. * * <p>Returned for {@link #ACTION_PROVISION_MANAGED_USER} and Loading @@ -1995,6 +1996,7 @@ public class DevicePolicyManager { public static final int CODE_DEVICE_ADMIN_NOT_SUPPORTED = 13; /** * TODO (b/137101239): clean up split system user codes * Result code for {@link #checkProvisioningPreCondition}. * * <p>Returned for {@link #ACTION_PROVISION_MANAGED_PROFILE} when the device the user is a Loading
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +37 −18 Original line number Diff line number Diff line Loading @@ -1228,10 +1228,15 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { SystemProperties.set(key, value); } // TODO (b/137101239): clean up split system user codes boolean userManagerIsSplitSystemUser() { return UserManager.isSplitSystemUser(); } boolean userManagerIsHeadlessSystemUserMode() { return UserManager.isHeadlessSystemUserMode(); } String getDevicePolicyFilePathForSystemUser() { return "/data/system/"; } Loading Loading @@ -7228,7 +7233,6 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { || (caller.hasPackage() && isCallerDelegate(caller, DELEGATION_KEEP_UNINSTALLED_PACKAGES))); // TODO In split system user mode, allow apps on user 0 to query the list synchronized (getLockObject()) { return getKeepUninstalledPackagesLocked(); } Loading Loading @@ -11988,6 +11992,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { case DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE: case DevicePolicyManager.ACTION_PROVISION_FINANCED_DEVICE: return checkDeviceOwnerProvisioningPreCondition(callingUserId); // TODO (b/137101239): clean up split system user codes // ACTION_PROVISION_MANAGED_USER and ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE // only supported on split-user systems. case DevicePolicyManager.ACTION_PROVISION_MANAGED_USER: return checkManagedUserProvisioningPreCondition(callingUserId); case DevicePolicyManager.ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE: Loading @@ -12010,25 +12017,28 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { if (mOwners.hasProfileOwner(deviceOwnerUserId)) { return CODE_USER_HAS_PROFILE_OWNER; } if (!mUserManager.isUserRunning(new UserHandle(deviceOwnerUserId))) { // System user is always running in headless system user mode. if (!mInjector.userManagerIsHeadlessSystemUserMode() && !mUserManager.isUserRunning(new UserHandle(deviceOwnerUserId))) { return CODE_USER_NOT_RUNNING; } if (mIsWatch && hasPaired(UserHandle.USER_SYSTEM)) { return CODE_HAS_PAIRED; } // TODO (b/137101239): clean up split system user codes if (isAdb) { // if shell command runs after user setup completed check device status. Otherwise, OK. // If shell command runs after user setup completed check device status. Otherwise, OK. if (mIsWatch || hasUserSetupCompleted(UserHandle.USER_SYSTEM)) { if (!mInjector.userManagerIsSplitSystemUser()) { if (mUserManager.getUserCount() > 1) { // In non-headless system user mode, DO can be setup only if // there's no non-system user if (!mInjector.userManagerIsHeadlessSystemUserMode() && !mInjector.userManagerIsSplitSystemUser() && mUserManager.getUserCount() > 1) { return CODE_NONSYSTEM_USER_EXISTS; } if (hasIncompatibleAccountsOrNonAdb) { return CODE_ACCOUNTS_NOT_EMPTY; } } else { // STOPSHIP Do proper check in split user mode } } return CODE_OK; } else { Loading @@ -12037,7 +12047,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { if (deviceOwnerUserId != UserHandle.USER_SYSTEM) { return CODE_NOT_SYSTEM_USER; } // In non-split user mode, only provision DO before setup wizard completes // Only provision DO before setup wizard completes // TODO (b/171423186): implement deferred DO setup for headless system user mode if (hasUserSetupCompleted(UserHandle.USER_SYSTEM)) { return CODE_USER_SETUP_COMPLETED; } Loading @@ -12048,8 +12059,14 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } } private int checkDeviceOwnerProvisioningPreCondition(@UserIdInt int deviceOwnerUserId) { private int checkDeviceOwnerProvisioningPreCondition(@UserIdInt int callingUserId) { synchronized (getLockObject()) { final int deviceOwnerUserId = mInjector.userManagerIsHeadlessSystemUserMode() ? UserHandle.USER_SYSTEM : callingUserId; Slog.i(LOG_TAG, String.format("Calling user %d, device owner will be set on user %d", callingUserId, deviceOwnerUserId)); // hasIncompatibleAccountsOrNonAdb doesn't matter since the caller is not adb. return checkDeviceOwnerProvisioningPreConditionLocked(/* owner unknown */ null, deviceOwnerUserId, /* isAdb= */ false, Loading @@ -12057,6 +12074,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } } // TODO (b/137101239): clean up split system user codes private int checkManagedProfileProvisioningPreCondition(String packageName, @UserIdInt int callingUserId) { if (!hasFeatureManagedUsers()) { Loading Loading @@ -12145,6 +12163,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { return null; } // TODO (b/137101239): clean up split system user codes private int checkManagedUserProvisioningPreCondition(int callingUserId) { if (!hasFeatureManagedUsers()) { return CODE_MANAGED_USERS_NOT_SUPPORTED; Loading @@ -12166,6 +12185,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { return CODE_OK; } // TODO (b/137101239): clean up split system user codes private int checkManagedShareableDeviceProvisioningPreCondition(int callingUserId) { if (!mInjector.userManagerIsSplitSystemUser()) { // ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE only supported on split-user systems. Loading Loading @@ -12738,9 +12758,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { return true; } if (userId == UserHandle.USER_SYSTEM) { // The system user is always affiliated in a DO device, even if the DO is set on a // different user. This could be the case if the DO is set in the primary user // of a split user device. // The system user is always affiliated in a DO device, // even if in headless system user mode. return true; }
