Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a5f2fb1a authored by Edman Anjos's avatar Edman Anjos
Browse files

Add block uninstall delegation in DPMS. 

Implement the uninstall blocker delegation scope API in
DevicePolicyManagerSercice.

This feature gives a device owner or profile owner the ability to
delegate some of its privileges to another application.

Bug: 33105718
Test: cts-tradefed run cts-dev --module CtsDevicePolicyManagerTestCases --test com.android.cts.devicepolicy.MixedDeviceOwnerTest#testDelegation
Change-Id: Ieb347ce3fb6219fe7f04cafbcd1e6b7359b31a10
parent 78c57e3f

api/current.txt

+1 −0
Original line number Diff line number Diff line
@@ -6272,6 +6272,7 @@ package android.app.admin { 
    field public static final java.lang.String ACTION_START_ENCRYPTION = "android.app.action.START_ENCRYPTION";

    field public static final java.lang.String ACTION_SYSTEM_UPDATE_POLICY_CHANGED = "android.app.action.SYSTEM_UPDATE_POLICY_CHANGED";

    field public static final java.lang.String DELEGATION_APP_RESTRICTIONS = "delegation-app-restrictions";

    field public static final java.lang.String DELEGATION_BLOCK_UNINSTALL = "delegation-block-uninstall";

    field public static final java.lang.String DELEGATION_CERT_INSTALL = "delegation-cert-install";

    field public static final int ENCRYPTION_STATUS_ACTIVATING = 2; // 0x2

    field public static final int ENCRYPTION_STATUS_ACTIVE = 3; // 0x3

api/system-current.txt

+1 −0
Original line number Diff line number Diff line
@@ -6490,6 +6490,7 @@ package android.app.admin { 
    field public static final java.lang.String ACTION_START_ENCRYPTION = "android.app.action.START_ENCRYPTION";

    field public static final java.lang.String ACTION_SYSTEM_UPDATE_POLICY_CHANGED = "android.app.action.SYSTEM_UPDATE_POLICY_CHANGED";

    field public static final java.lang.String DELEGATION_APP_RESTRICTIONS = "delegation-app-restrictions";

    field public static final java.lang.String DELEGATION_BLOCK_UNINSTALL = "delegation-block-uninstall";

    field public static final java.lang.String DELEGATION_CERT_INSTALL = "delegation-cert-install";

    field public static final int ENCRYPTION_STATUS_ACTIVATING = 2; // 0x2

    field public static final int ENCRYPTION_STATUS_ACTIVE = 3; // 0x3

api/test-current.txt

+1 −0
Original line number Diff line number Diff line
@@ -6294,6 +6294,7 @@ package android.app.admin { 
    field public static final java.lang.String ACTION_START_ENCRYPTION = "android.app.action.START_ENCRYPTION";

    field public static final java.lang.String ACTION_SYSTEM_UPDATE_POLICY_CHANGED = "android.app.action.SYSTEM_UPDATE_POLICY_CHANGED";

    field public static final java.lang.String DELEGATION_APP_RESTRICTIONS = "delegation-app-restrictions";

    field public static final java.lang.String DELEGATION_BLOCK_UNINSTALL = "delegation-block-uninstall";

    field public static final java.lang.String DELEGATION_CERT_INSTALL = "delegation-cert-install";

    field public static final int ENCRYPTION_STATUS_ACTIVATING = 2; // 0x2

    field public static final int ENCRYPTION_STATUS_ACTIVE = 3; // 0x3

core/java/android/app/admin/DevicePolicyManager.java

+16 −4
Original line number Diff line number Diff line
@@ -1223,6 +1223,12 @@ public class DevicePolicyManager { 
     */

    public static final String DELEGATION_APP_RESTRICTIONS = "delegation-app-restrictions";



    /**

     * Delegation of application uninstall block. This scope grants access to the

     * {@link #setUninstallBlocked} API.

     */

    public static final String DELEGATION_BLOCK_UNINSTALL = "delegation-block-uninstall";



    /**

     * No management for current user in-effect. This is the default.

     * @hide
@@ -6127,19 +6133,25 @@ public class DevicePolicyManager { 
    }



    /**

     * Called by profile or device owners to change whether a user can uninstall a package.

     * Change whether a user can uninstall a package. This function can be called by a device owner,

     * profile owner, or by a delegate given the {@link #DELEGATION_BLOCK_UNINSTALL} scope via

     * {@link #setDelegatedScopes}.

     *

     * @param admin Which {@link DeviceAdminReceiver} this request is associated with.

     * @param admin Which {@link DeviceAdminReceiver} this request is associated with, or

     *             {@code null} if the caller is a block uninstall delegate.

     * @param packageName package to change.

     * @param uninstallBlocked true if the user shouldn't be able to uninstall the package.

     * @throws SecurityException if {@code admin} is not a device or profile owner.

     * @see #setDelegatedScopes

     * @see #DELEGATION_BLOCK_UNINSTALL

     */

    public void setUninstallBlocked(@NonNull ComponentName admin, String packageName,

    public void setUninstallBlocked(@Nullable ComponentName admin, String packageName,

            boolean uninstallBlocked) {

        throwIfParentInstance("setUninstallBlocked");

        if (mService != null) {

            try {

                mService.setUninstallBlocked(admin, packageName, uninstallBlocked);

                mService.setUninstallBlocked(admin, mContext.getPackageName(), packageName,

                    uninstallBlocked);

            } catch (RemoteException re) {

                throw re.rethrowFromSystemServer();

            }

core/java/android/app/admin/IDevicePolicyManager.aidl

+1 −1
Original line number Diff line number Diff line
@@ -227,7 +227,7 @@ interface IDevicePolicyManager { 


    void notifyLockTaskModeChanged(boolean isEnabled, String pkg, int userId);



    void setUninstallBlocked(in ComponentName admin, in String packageName, boolean uninstallBlocked);

    void setUninstallBlocked(in ComponentName admin, in String callerPackage, in String packageName, boolean uninstallBlocked);

    boolean isUninstallBlocked(in ComponentName admin, in String packageName);



    void setCrossProfileCallerIdDisabled(in ComponentName who, boolean disabled);