Remove assumption that COPE profile owner is on profile of system user

    private static final String KEEP_PROFILES_RUNNING_FLAG = "enable_keep_profiles_running";

    private static final boolean DEFAULT_KEEP_PROFILES_RUNNING_FLAG = false;

    // TODO(b/261999445) remove the flag after rollout.

    private static final String HEADLESS_FLAG = "headless";

    private static final boolean DEFAULT_HEADLESS_FLAG = true;

    /**

     * This feature flag is checked once after boot and this value us used until the next reboot to

     * avoid needing to handle the flag changing on the fly.

                Preconditions.checkCallAuthorization(frpManagementAgentUid == caller.getUid()

                                || hasCallingPermission(permission.MASTER_CLEAR),

                        "Must be called by the FRP management agent on device");

                // TODO(b/261999445): Remove

                if (isHeadlessFlagEnabled()) {

                    admin = getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceLocked();

                } else {

                    admin = getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceLocked(

                            UserHandle.getUserId(frpManagementAgentUid));

                }

            } else {

                Preconditions.checkCallAuthorization(

                        isDefaultDeviceOwner(caller)

                hasCallingOrSelfPermission(permission.TRIGGER_LOST_MODE));

        synchronized (getLockObject()) {

            final ActiveAdmin admin = getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceLocked(

            // TODO(b/261999445): Remove

            ActiveAdmin admin;

            if (isHeadlessFlagEnabled()) {

                admin = getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceLocked();

            } else {

                admin = getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceLocked(

                        UserHandle.USER_SYSTEM);

            }

            Preconditions.checkState(admin != null,

                    "Lost mode location updates can only be sent on an organization-owned device.");

            mInjector.binderWithCleanCallingIdentity(() -> {

        return null;

    }

    /**

     * @deprecated Use the version which does not take a user id.

     */

    @Deprecated

    ActiveAdmin getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceLocked(int userId) {

        ensureLocked();

        ActiveAdmin admin = getDeviceOwnerAdminLocked();

        return admin;

    }

    ActiveAdmin getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceLocked() {

        ensureLocked();

        ActiveAdmin admin = getDeviceOwnerAdminLocked();

        if (admin == null) {

            admin = getProfileOwnerOfOrganizationOwnedDeviceLocked();

        }

        return admin;

    }

    /**

     * @deprecated Use the version which does not take a user id.

     */

    @Deprecated

    ActiveAdmin getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceParentLocked(int userId) {

        ensureLocked();

        ActiveAdmin admin = getDeviceOwnerAdminLocked();

        return admin != null ? admin.getParentActiveAdmin() : null;

    }

    ActiveAdmin getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceParentLocked() {

        ensureLocked();

        ActiveAdmin admin = getDeviceOwnerAdminLocked();

        if (admin != null) {

            return admin;

        }

        admin = getProfileOwnerOfOrganizationOwnedDeviceLocked();

        return admin != null ? admin.getParentActiveAdmin() : null;

    }

    @Override

    public void clearDeviceOwner(String packageName) {

        Objects.requireNonNull(packageName, "packageName is null");

        return admin;

    }

    /**

     * @deprecated use the version which does not take a user id.

     */

    @Deprecated

    @GuardedBy("getLockObject()")

    ActiveAdmin getProfileOwnerOfOrganizationOwnedDeviceLocked(int userHandle) {

        return mInjector.binderWithCleanCallingIdentity(() -> {

        });

    }

    @GuardedBy("getLockObject()")

    ActiveAdmin getProfileOwnerOfOrganizationOwnedDeviceLocked() {

        return mInjector.binderWithCleanCallingIdentity(() -> {

            for (UserInfo userInfo : mUserManager.getUsers()) {

                if (userInfo.isManagedProfile()) {

                    if (getProfileOwnerAsUser(userInfo.id) != null

                            && isProfileOwnerOfOrganizationOwnedDevice(userInfo.id)) {

                        ComponentName who = getProfileOwnerAsUser(userInfo.id);

                        return getActiveAdminUncheckedLocked(who, userInfo.id);

                    }

                }

            }

            return null;

        });

    }

    /**

     * This API is cached: invalidate with invalidateBinderCaches().

     */

        synchronized (getLockObject()) {

            // Only DO or COPE PO can turn on CC mode, so take a shortcut here and only look at

            // their ActiveAdmin, instead of iterating through all admins.

            final ActiveAdmin admin = getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceLocked(

            ActiveAdmin admin;

            // TODO(b/261999445): remove

            if (isHeadlessFlagEnabled()) {

                admin = getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceLocked();

            } else {

                admin = getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceLocked(

                        UserHandle.USER_SYSTEM);

            }

            return admin != null ? admin.mCommonCriteriaMode : false;

        }

    }

    }

    private boolean isUsbDataSignalingEnabledInternalLocked() {

        final ActiveAdmin admin = getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceLocked(

        // TODO(b/261999445): remove

        ActiveAdmin admin;

        if (isHeadlessFlagEnabled()) {

            admin = getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceLocked();

        } else {

            admin = getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceLocked(

                    UserHandle.USER_SYSTEM);

        }

        return admin == null || admin.mUsbDataSignalingEnabled;

    }

    @Override

    public int getMinimumRequiredWifiSecurityLevel() {

        synchronized (getLockObject()) {

            final ActiveAdmin admin = getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceLocked(

            ActiveAdmin admin;

            // TODO(b/261999445): remove

            if (isHeadlessFlagEnabled()) {

                admin = getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceLocked();

            } else {

                admin = getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceLocked(

                        UserHandle.USER_SYSTEM);

            }

            return (admin == null) ? DevicePolicyManager.WIFI_SECURITY_OPEN

                    : admin.mWifiMinimumSecurityLevel;

        }

                        + "a profile owner on an organization-owned device or "

                        + "an app with the QUERY_ADMIN_POLICY permission.");

        synchronized (getLockObject()) {

            final ActiveAdmin admin = getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceLocked(

            ActiveAdmin admin;

            // TODO(b/261999445): remove

            if (isHeadlessFlagEnabled()) {

                admin = getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceLocked();

            } else {

                admin = getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceLocked(

                        UserHandle.USER_SYSTEM);

            }

            return admin != null ? admin.mWifiSsidPolicy : null;

        }

    }

                            || isProfileOwnerOfOrganizationOwnedDevice(caller));

        }

        synchronized (getLockObject()) {

            ActiveAdmin admin =

            // TODO(b/261999445): Remove

            ActiveAdmin admin;

            if (isHeadlessFlagEnabled()) {

                admin =

                        getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceLocked();

            } else {

                admin =

                        getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceLocked(

                                UserHandle.USER_SYSTEM);

            }

            if (admin != null) {

                final String memtagProperty = "arm64.memtag.bootctl";

                if (flags == DevicePolicyManager.MTE_ENABLED) {

                        || isProfileOwnerOfOrganizationOwnedDevice(caller)

                        || isSystemUid(caller));

        synchronized (getLockObject()) {

            ActiveAdmin admin =

            // TODO(b/261999445): Remove

            ActiveAdmin admin;

            if (isHeadlessFlagEnabled()) {

                admin =

                        getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceLocked();

            } else {

                admin =

                        getDeviceOwnerOrProfileOwnerOfOrganizationOwnedDeviceLocked(

                                UserHandle.USER_SYSTEM);

            }

            return admin != null

                    ? admin.mtePolicy

                    : DevicePolicyManager.MTE_NOT_CONTROLLED_BY_POLICY;

        }

    }

    private boolean isHeadlessFlagEnabled() {

        return DeviceConfig.getBoolean(

                NAMESPACE_DEVICE_POLICY_MANAGER,

                HEADLESS_FLAG,

                DEFAULT_HEADLESS_FLAG);

    }

}

 No newline at end of file