Loading services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +8 −3 Original line number Diff line number Diff line Loading @@ -2969,7 +2969,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { private class DpmsUpgradeDataProvider implements PolicyUpgraderDataProvider { @Override public boolean isUserDeviceOwner(int userId, ComponentName who) { public boolean isDeviceOwner(int userId, ComponentName who) { return mOwners.isDeviceOwnerUserId(userId) && mOwners.getDeviceOwnerComponent().equals(who); } Loading Loading @@ -2999,14 +2999,19 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { return component -> findAdmin(component, userId, /* throwForMissingPermission= */ false); } @Override public int[] getUsersForUpgrade() { List<UserInfo> allUsers = mUserManager.getUsers(); return allUsers.stream().mapToInt(u -> u.id).toArray(); } } private void performPolicyVersionUpgrade() { List<UserInfo> allUsers = mUserManager.getUsers(); PolicyVersionUpgrader upgrader = new PolicyVersionUpgrader( new DpmsUpgradeDataProvider()); upgrader.upgradePolicy(allUsers.stream().mapToInt(u -> u.id).toArray(), DPMS_VERSION); upgrader.upgradePolicy(DPMS_VERSION); } private void revertTransferOwnershipIfNecessaryLocked() { Loading services/devicepolicy/java/com/android/server/devicepolicy/PolicyUpgraderDataProvider.java +6 −1 Original line number Diff line number Diff line Loading @@ -33,7 +33,7 @@ public interface PolicyUpgraderDataProvider { * Returns true if the provided {@code userId} is a device owner. May affect some policy * defaults. */ boolean isUserDeviceOwner(int userId, ComponentName who); boolean isDeviceOwner(int userId, ComponentName who); /** * Returns true if the storage manager indicates file-based encryption is enabled. Loading @@ -60,4 +60,9 @@ public interface PolicyUpgraderDataProvider { * user. */ Function<ComponentName, DeviceAdminInfo> getAdminInfoSupplier(int userId); /** * Returns the users to upgrade. */ int[] getUsersForUpgrade(); } services/devicepolicy/java/com/android/server/devicepolicy/PolicyVersionUpgrader.java +4 −2 Original line number Diff line number Diff line Loading @@ -62,7 +62,7 @@ public class PolicyVersionUpgrader { * managed profile user IDs. * @param dpmsVersion The version to upgrade to. */ public void upgradePolicy(int[] allUsers, int dpmsVersion) { public void upgradePolicy(int dpmsVersion) { int oldVersion = readVersion(); if (oldVersion >= dpmsVersion) { Slog.i(LOG_TAG, String.format("Current version %d, latest version %d, not upgrading.", Loading @@ -70,6 +70,8 @@ public class PolicyVersionUpgrader { return; } final int[] allUsers = mProvider.getUsersForUpgrade(); //NOTE: The current version is provided in case the XML file format changes in a // non-backwards-compatible way, so that DeviceAdminData could load it with // old tags, for example. Loading @@ -94,7 +96,7 @@ public class PolicyVersionUpgrader { continue; } for (ActiveAdmin admin : userData.mAdminList) { if (mProvider.isUserDeviceOwner(userId, admin.info.getComponent())) { if (mProvider.isDeviceOwner(userId, admin.info.getComponent())) { Slog.i(LOG_TAG, String.format( "Marking Device Owner in user %d for permission grant ", userId)); admin.mAdminCanGrantSensorsPermissions = true; Loading services/tests/servicestests/src/com/android/server/devicepolicy/PolicyVersionUpgraderTest.java +24 −16 Original line number Diff line number Diff line Loading @@ -65,9 +65,10 @@ public class PolicyVersionUpgraderTest { Map<Integer, ComponentName> mUserToComponent = new HashMap<>(); Map<ComponentName, DeviceAdminInfo> mComponentToDeviceAdminInfo = new HashMap<>(); File mDataDir; int[] mUsers; @Override public boolean isUserDeviceOwner(int userId, ComponentName who) { public boolean isDeviceOwner(int userId, ComponentName who) { return userId == mDeviceOwnerUserId && mDeviceOwnerComponent.equals(who); } Loading Loading @@ -105,6 +106,11 @@ public class PolicyVersionUpgraderTest { public Function<ComponentName, DeviceAdminInfo> getAdminInfoSupplier(int userId) { return componentName -> mComponentToDeviceAdminInfo.get(componentName); } @Override public int[] getUsersForUpgrade() { return mUsers; } } private final Context mRealTestContext = InstrumentationRegistry.getTargetContext(); Loading @@ -126,16 +132,17 @@ public class PolicyVersionUpgraderTest { ActivityInfo activityInfo = createActivityInfo(mFakeAdmin); DeviceAdminInfo dai = createDeviceAdminInfo(activityInfo); mProvider.mComponentToDeviceAdminInfo.put(mFakeAdmin, dai); mProvider.mUsers = new int[] {0}; } @Test public void testSameVersionDoesNothing() throws IOException { int[] users = new int[] {0}; writeVersionToXml(DevicePolicyManagerService.DPMS_VERSION); preparePoliciesFile(users[0]); String oldContents = readPoliciesFile(0); final int userId = mProvider.mUsers[0]; preparePoliciesFile(userId); String oldContents = readPoliciesFile(userId); mUpgrader.upgradePolicy(users, DevicePolicyManagerService.DPMS_VERSION); mUpgrader.upgradePolicy(DevicePolicyManagerService.DPMS_VERSION); String newContents = readPoliciesFile(0); assertThat(newContents).isEqualTo(oldContents); Loading @@ -144,18 +151,18 @@ public class PolicyVersionUpgraderTest { @Test public void testUpgrade0To1RemovesPasswordMetrics() throws IOException, XmlPullParserException { final String activePasswordTag = "active-password"; int[] users = new int[] {0, 10}; mProvider.mUsers = new int[] {0, 10}; writeVersionToXml(0); for (int userId : users) { for (int userId : mProvider.mUsers) { preparePoliciesFile(userId); } // Validate test set-up. assertThat(isTagPresent(readPoliciesFileToStream(0), activePasswordTag)).isTrue(); mUpgrader.upgradePolicy(users, 1); mUpgrader.upgradePolicy(1); assertThat(readVersionFromXml()).isGreaterThan(1); for (int user: users) { for (int user: mProvider.mUsers) { assertThat(isTagPresent(readPoliciesFileToStream(user), activePasswordTag)).isFalse(); } } Loading @@ -163,21 +170,22 @@ public class PolicyVersionUpgraderTest { @Test public void testUpgrade1To2MarksDoForPermissionControl() throws IOException, XmlPullParserException { int[] users = new int[] {0, 10}; final int ownerUser = 10; mProvider.mUsers = new int[] {0, ownerUser}; writeVersionToXml(1); for (int userId : users) { for (int userId : mProvider.mUsers) { preparePoliciesFile(userId); } mProvider.mDeviceOwnerUserId = 10; mProvider.mDeviceOwnerUserId = ownerUser; mProvider.mDeviceOwnerComponent = mFakeAdmin; mProvider.mUserToComponent.put(10, mFakeAdmin); mProvider.mUserToComponent.put(ownerUser, mFakeAdmin); mUpgrader.upgradePolicy(users, 2); mUpgrader.upgradePolicy(2); assertThat(readVersionFromXml()).isEqualTo(2); assertThat(getBooleanValueTag(readPoliciesFileToStream(users[0]), assertThat(getBooleanValueTag(readPoliciesFileToStream(mProvider.mUsers[0]), PERMISSIONS_TAG)).isFalse(); assertThat(getBooleanValueTag(readPoliciesFileToStream(users[1]), assertThat(getBooleanValueTag(readPoliciesFileToStream(ownerUser), PERMISSIONS_TAG)).isTrue(); } Loading Loading
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +8 −3 Original line number Diff line number Diff line Loading @@ -2969,7 +2969,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { private class DpmsUpgradeDataProvider implements PolicyUpgraderDataProvider { @Override public boolean isUserDeviceOwner(int userId, ComponentName who) { public boolean isDeviceOwner(int userId, ComponentName who) { return mOwners.isDeviceOwnerUserId(userId) && mOwners.getDeviceOwnerComponent().equals(who); } Loading Loading @@ -2999,14 +2999,19 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { return component -> findAdmin(component, userId, /* throwForMissingPermission= */ false); } @Override public int[] getUsersForUpgrade() { List<UserInfo> allUsers = mUserManager.getUsers(); return allUsers.stream().mapToInt(u -> u.id).toArray(); } } private void performPolicyVersionUpgrade() { List<UserInfo> allUsers = mUserManager.getUsers(); PolicyVersionUpgrader upgrader = new PolicyVersionUpgrader( new DpmsUpgradeDataProvider()); upgrader.upgradePolicy(allUsers.stream().mapToInt(u -> u.id).toArray(), DPMS_VERSION); upgrader.upgradePolicy(DPMS_VERSION); } private void revertTransferOwnershipIfNecessaryLocked() { Loading
services/devicepolicy/java/com/android/server/devicepolicy/PolicyUpgraderDataProvider.java +6 −1 Original line number Diff line number Diff line Loading @@ -33,7 +33,7 @@ public interface PolicyUpgraderDataProvider { * Returns true if the provided {@code userId} is a device owner. May affect some policy * defaults. */ boolean isUserDeviceOwner(int userId, ComponentName who); boolean isDeviceOwner(int userId, ComponentName who); /** * Returns true if the storage manager indicates file-based encryption is enabled. Loading @@ -60,4 +60,9 @@ public interface PolicyUpgraderDataProvider { * user. */ Function<ComponentName, DeviceAdminInfo> getAdminInfoSupplier(int userId); /** * Returns the users to upgrade. */ int[] getUsersForUpgrade(); }
services/devicepolicy/java/com/android/server/devicepolicy/PolicyVersionUpgrader.java +4 −2 Original line number Diff line number Diff line Loading @@ -62,7 +62,7 @@ public class PolicyVersionUpgrader { * managed profile user IDs. * @param dpmsVersion The version to upgrade to. */ public void upgradePolicy(int[] allUsers, int dpmsVersion) { public void upgradePolicy(int dpmsVersion) { int oldVersion = readVersion(); if (oldVersion >= dpmsVersion) { Slog.i(LOG_TAG, String.format("Current version %d, latest version %d, not upgrading.", Loading @@ -70,6 +70,8 @@ public class PolicyVersionUpgrader { return; } final int[] allUsers = mProvider.getUsersForUpgrade(); //NOTE: The current version is provided in case the XML file format changes in a // non-backwards-compatible way, so that DeviceAdminData could load it with // old tags, for example. Loading @@ -94,7 +96,7 @@ public class PolicyVersionUpgrader { continue; } for (ActiveAdmin admin : userData.mAdminList) { if (mProvider.isUserDeviceOwner(userId, admin.info.getComponent())) { if (mProvider.isDeviceOwner(userId, admin.info.getComponent())) { Slog.i(LOG_TAG, String.format( "Marking Device Owner in user %d for permission grant ", userId)); admin.mAdminCanGrantSensorsPermissions = true; Loading
services/tests/servicestests/src/com/android/server/devicepolicy/PolicyVersionUpgraderTest.java +24 −16 Original line number Diff line number Diff line Loading @@ -65,9 +65,10 @@ public class PolicyVersionUpgraderTest { Map<Integer, ComponentName> mUserToComponent = new HashMap<>(); Map<ComponentName, DeviceAdminInfo> mComponentToDeviceAdminInfo = new HashMap<>(); File mDataDir; int[] mUsers; @Override public boolean isUserDeviceOwner(int userId, ComponentName who) { public boolean isDeviceOwner(int userId, ComponentName who) { return userId == mDeviceOwnerUserId && mDeviceOwnerComponent.equals(who); } Loading Loading @@ -105,6 +106,11 @@ public class PolicyVersionUpgraderTest { public Function<ComponentName, DeviceAdminInfo> getAdminInfoSupplier(int userId) { return componentName -> mComponentToDeviceAdminInfo.get(componentName); } @Override public int[] getUsersForUpgrade() { return mUsers; } } private final Context mRealTestContext = InstrumentationRegistry.getTargetContext(); Loading @@ -126,16 +132,17 @@ public class PolicyVersionUpgraderTest { ActivityInfo activityInfo = createActivityInfo(mFakeAdmin); DeviceAdminInfo dai = createDeviceAdminInfo(activityInfo); mProvider.mComponentToDeviceAdminInfo.put(mFakeAdmin, dai); mProvider.mUsers = new int[] {0}; } @Test public void testSameVersionDoesNothing() throws IOException { int[] users = new int[] {0}; writeVersionToXml(DevicePolicyManagerService.DPMS_VERSION); preparePoliciesFile(users[0]); String oldContents = readPoliciesFile(0); final int userId = mProvider.mUsers[0]; preparePoliciesFile(userId); String oldContents = readPoliciesFile(userId); mUpgrader.upgradePolicy(users, DevicePolicyManagerService.DPMS_VERSION); mUpgrader.upgradePolicy(DevicePolicyManagerService.DPMS_VERSION); String newContents = readPoliciesFile(0); assertThat(newContents).isEqualTo(oldContents); Loading @@ -144,18 +151,18 @@ public class PolicyVersionUpgraderTest { @Test public void testUpgrade0To1RemovesPasswordMetrics() throws IOException, XmlPullParserException { final String activePasswordTag = "active-password"; int[] users = new int[] {0, 10}; mProvider.mUsers = new int[] {0, 10}; writeVersionToXml(0); for (int userId : users) { for (int userId : mProvider.mUsers) { preparePoliciesFile(userId); } // Validate test set-up. assertThat(isTagPresent(readPoliciesFileToStream(0), activePasswordTag)).isTrue(); mUpgrader.upgradePolicy(users, 1); mUpgrader.upgradePolicy(1); assertThat(readVersionFromXml()).isGreaterThan(1); for (int user: users) { for (int user: mProvider.mUsers) { assertThat(isTagPresent(readPoliciesFileToStream(user), activePasswordTag)).isFalse(); } } Loading @@ -163,21 +170,22 @@ public class PolicyVersionUpgraderTest { @Test public void testUpgrade1To2MarksDoForPermissionControl() throws IOException, XmlPullParserException { int[] users = new int[] {0, 10}; final int ownerUser = 10; mProvider.mUsers = new int[] {0, ownerUser}; writeVersionToXml(1); for (int userId : users) { for (int userId : mProvider.mUsers) { preparePoliciesFile(userId); } mProvider.mDeviceOwnerUserId = 10; mProvider.mDeviceOwnerUserId = ownerUser; mProvider.mDeviceOwnerComponent = mFakeAdmin; mProvider.mUserToComponent.put(10, mFakeAdmin); mProvider.mUserToComponent.put(ownerUser, mFakeAdmin); mUpgrader.upgradePolicy(users, 2); mUpgrader.upgradePolicy(2); assertThat(readVersionFromXml()).isEqualTo(2); assertThat(getBooleanValueTag(readPoliciesFileToStream(users[0]), assertThat(getBooleanValueTag(readPoliciesFileToStream(mProvider.mUsers[0]), PERMISSIONS_TAG)).isFalse(); assertThat(getBooleanValueTag(readPoliciesFileToStream(users[1]), assertThat(getBooleanValueTag(readPoliciesFileToStream(ownerUser), PERMISSIONS_TAG)).isTrue(); } Loading
