Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 9ecde421 authored by Eran Messeri's avatar Eran Messeri
Browse files

Save password requirements on the right user 

When changing the password requirements, two changes have to be saved:
(1) Whether the current password complies with the new password
requirements.
(2) The new password requirements themselves.

(1) is stored on the credential owner of the user, (2) is stored on the
user itself.

In ag/3729963 (Change-ID: Ide5b2e53cf100b087822844ca51b3bc69e7ddf82),
we've switched from saving the password sufficiency flag (1) in the
user to the credential owner.
A side effect was that the password requirements themselves, (2), which
were changed on the original user the call related to, were not saved.

This fixes the bug introduced in the aforementioned CL.

Bug: 78499736
Test: Manual with TestDPC.
Change-Id: I11faef37fa6f0e8e8e558069e77021c48ee36cd4
parent e4d1cabe

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+10 −0
Original line number Diff line number Diff line
@@ -3944,6 +3944,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { 
            if (metrics.quality != quality) {

                metrics.quality = quality;

                updatePasswordValidityCheckpointLocked(userId, parent);

                saveSettingsLocked(userId);

            }

            maybeLogPasswordComplexitySet(who, userId, parent, metrics);

        }
@@ -4055,6 +4056,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { 
            if (metrics.length != length) {

                metrics.length = length;

                updatePasswordValidityCheckpointLocked(userId, parent);

                saveSettingsLocked(userId);

            }

            maybeLogPasswordComplexitySet(who, userId, parent, metrics);

        }
@@ -4079,6 +4081,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { 
            if (ap.passwordHistoryLength != length) {

                ap.passwordHistoryLength = length;

                updatePasswordValidityCheckpointLocked(userId, parent);

                saveSettingsLocked(userId);

            }

        }

        if (SecurityLog.isLoggingEnabled()) {
@@ -4280,6 +4283,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { 
            if (metrics.upperCase != length) {

                metrics.upperCase = length;

                updatePasswordValidityCheckpointLocked(userId, parent);

                saveSettingsLocked(userId);

            }

            maybeLogPasswordComplexitySet(who, userId, parent, metrics);

        }
@@ -4302,6 +4306,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { 
            if (metrics.lowerCase != length) {

                metrics.lowerCase = length;

                updatePasswordValidityCheckpointLocked(userId, parent);

                saveSettingsLocked(userId);

            }

            maybeLogPasswordComplexitySet(who, userId, parent, metrics);

        }
@@ -4327,6 +4332,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { 
            if (metrics.letters != length) {

                metrics.letters = length;

                updatePasswordValidityCheckpointLocked(userId, parent);

                saveSettingsLocked(userId);

            }

            maybeLogPasswordComplexitySet(who, userId, parent, metrics);

        }
@@ -4352,6 +4358,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { 
            if (metrics.numeric != length) {

                metrics.numeric = length;

                updatePasswordValidityCheckpointLocked(userId, parent);

                saveSettingsLocked(userId);

            }

            maybeLogPasswordComplexitySet(who, userId, parent, metrics);

        }
@@ -4377,6 +4384,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { 
            if (metrics.symbols != length) {

                ap.minimumPasswordMetrics.symbols = length;

                updatePasswordValidityCheckpointLocked(userId, parent);

                saveSettingsLocked(userId);

            }

            maybeLogPasswordComplexitySet(who, userId, parent, metrics);

        }
@@ -4402,6 +4410,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { 
            if (metrics.nonLetter != length) {

                ap.minimumPasswordMetrics.nonLetter = length;

                updatePasswordValidityCheckpointLocked(userId, parent);

                saveSettingsLocked(userId);

            }

            maybeLogPasswordComplexitySet(who, userId, parent, metrics);

        }
@@ -6087,6 +6096,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { 
            synchronized (getLockObject()) {

                policy.mFailedPasswordAttempts = 0;

                updatePasswordValidityCheckpointLocked(userId, /* parent */ false);

                saveSettingsLocked(userId);

                updatePasswordExpirationsLocked(userId);

                setExpirationAlarmCheckLocked(mContext, userId, /* parent */ false);

































services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java



+8
−1




























Original line number
Diff line number
Diff line








@@ -4259,7 +4259,14 @@ public class DevicePolicyManagerTest extends DpmTestBase {





























        // Drain ACTION_DEVICE_POLICY_MANAGER_STATE_CHANGED broadcasts as part of















        // reportPasswordChanged()













        verify(mContext.spiedContext, times(3)).sendBroadcastAsUser(













        // This broadcast should be sent 4 times:













        // * Twice from calls to DevicePolicyManagerService.updatePasswordExpirationsLocked,













        //   once for each affected user, in DevicePolicyManagerService.reportPasswordChanged.













        // * Twice from calls to DevicePolicyManagerService.saveSettingsLocked













        //   in DevicePolicyManagerService.reportPasswordChanged, once with the userId













        //   the password change is relevant to and another with the credential owner of said













        //   userId.













        verify(mContext.spiedContext, times(4)).sendBroadcastAsUser(















                MockUtils.checkIntentAction(















                        DevicePolicyManager.ACTION_DEVICE_POLICY_MANAGER_STATE_CHANGED),















                MockUtils.checkUserHandle(userHandle));