Loading core/java/android/app/admin/DevicePolicyManager.java +4 −21 Original line number Diff line number Diff line Loading @@ -10476,10 +10476,6 @@ public class DevicePolicyManager { @WorkerThread public void setApplicationRestrictions(@Nullable ComponentName admin, String packageName, Bundle settings) { if (!Flags.dmrhSetAppRestrictions()) { throwIfParentInstance("setApplicationRestrictions"); } if (mService != null) { try { mService.setApplicationRestrictions(admin, mContext.getPackageName(), packageName, Loading Loading @@ -11884,9 +11880,6 @@ public class DevicePolicyManager { @WorkerThread public @NonNull Bundle getApplicationRestrictions( @Nullable ComponentName admin, String packageName) { if (!Flags.dmrhSetAppRestrictions()) { throwIfParentInstance("getApplicationRestrictions"); } if (mService != null) { try { Loading Loading @@ -14231,21 +14224,11 @@ public class DevicePolicyManager { */ public @NonNull DevicePolicyManager getParentProfileInstance(@NonNull ComponentName admin) { throwIfParentInstance("getParentProfileInstance"); try { if (Flags.dmrhSetAppRestrictions()) { UserManager um = mContext.getSystemService(UserManager.class); if (!um.isManagedProfile()) { throw new SecurityException("The current user does not have a parent profile."); } } else { if (!mService.isManagedProfile(admin)) { throw new SecurityException("The current user does not have a parent profile."); } } return new DevicePolicyManager(mContext, mService, true); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } } /** core/java/android/app/admin/flags/flags.aconfig +0 −10 Original line number Diff line number Diff line Loading @@ -209,16 +209,6 @@ flag { bug: "295301164" } flag { name: "dmrh_set_app_restrictions" namespace: "enterprise" description: "Allow DMRH to set application restrictions (both on the profile and the parent)" bug: "328758346" metadata { purpose: PURPOSE_BUGFIX } } flag { name: "always_persist_do" namespace: "enterprise" Loading services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +2 −24 Original line number Diff line number Diff line Loading @@ -11858,7 +11858,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } setBackwardsCompatibleAppRestrictions( caller, packageName, restrictions, caller.getUserHandle()); } else if (Flags.dmrhSetAppRestrictions()) { } else { final boolean isRoleHolder; if (who != null) { // DO or PO Loading Loading @@ -11905,15 +11905,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { caller.getUserHandle()); }); } } else { Preconditions.checkCallAuthorization((caller.hasAdminComponent() && (isProfileOwner(caller) || isDefaultDeviceOwner(caller))) || (caller.hasPackage() && isCallerDelegate(caller, DELEGATION_APP_RESTRICTIONS))); mInjector.binderWithCleanCallingIdentity(() -> { mUserManager.setApplicationRestrictions(packageName, restrictions, caller.getUserHandle()); }); } DevicePolicyEventLogger Loading Loading @@ -13244,7 +13235,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return Bundle.EMPTY; } return policies.get(enforcingAdmin).getValue(); } else if (Flags.dmrhSetAppRestrictions()) { } else { final boolean isRoleHolder; if (who != null) { // Caller is DO or PO. They cannot call this on parent Loading Loading @@ -13287,19 +13278,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return bundle != null ? bundle : Bundle.EMPTY; }); } } else { Preconditions.checkCallAuthorization((caller.hasAdminComponent() && (isProfileOwner(caller) || isDefaultDeviceOwner(caller))) || (caller.hasPackage() && isCallerDelegate(caller, DELEGATION_APP_RESTRICTIONS))); return mInjector.binderWithCleanCallingIdentity(() -> { Bundle bundle = mUserManager.getApplicationRestrictions(packageName, caller.getUserHandle()); // if no restrictions were saved, mUserManager.getApplicationRestrictions // returns null, but DPM method should return an empty Bundle as per JavaDoc return bundle != null ? bundle : Bundle.EMPTY; }); } } Loading
core/java/android/app/admin/DevicePolicyManager.java +4 −21 Original line number Diff line number Diff line Loading @@ -10476,10 +10476,6 @@ public class DevicePolicyManager { @WorkerThread public void setApplicationRestrictions(@Nullable ComponentName admin, String packageName, Bundle settings) { if (!Flags.dmrhSetAppRestrictions()) { throwIfParentInstance("setApplicationRestrictions"); } if (mService != null) { try { mService.setApplicationRestrictions(admin, mContext.getPackageName(), packageName, Loading Loading @@ -11884,9 +11880,6 @@ public class DevicePolicyManager { @WorkerThread public @NonNull Bundle getApplicationRestrictions( @Nullable ComponentName admin, String packageName) { if (!Flags.dmrhSetAppRestrictions()) { throwIfParentInstance("getApplicationRestrictions"); } if (mService != null) { try { Loading Loading @@ -14231,21 +14224,11 @@ public class DevicePolicyManager { */ public @NonNull DevicePolicyManager getParentProfileInstance(@NonNull ComponentName admin) { throwIfParentInstance("getParentProfileInstance"); try { if (Flags.dmrhSetAppRestrictions()) { UserManager um = mContext.getSystemService(UserManager.class); if (!um.isManagedProfile()) { throw new SecurityException("The current user does not have a parent profile."); } } else { if (!mService.isManagedProfile(admin)) { throw new SecurityException("The current user does not have a parent profile."); } } return new DevicePolicyManager(mContext, mService, true); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } } /**
core/java/android/app/admin/flags/flags.aconfig +0 −10 Original line number Diff line number Diff line Loading @@ -209,16 +209,6 @@ flag { bug: "295301164" } flag { name: "dmrh_set_app_restrictions" namespace: "enterprise" description: "Allow DMRH to set application restrictions (both on the profile and the parent)" bug: "328758346" metadata { purpose: PURPOSE_BUGFIX } } flag { name: "always_persist_do" namespace: "enterprise" Loading
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +2 −24 Original line number Diff line number Diff line Loading @@ -11858,7 +11858,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } setBackwardsCompatibleAppRestrictions( caller, packageName, restrictions, caller.getUserHandle()); } else if (Flags.dmrhSetAppRestrictions()) { } else { final boolean isRoleHolder; if (who != null) { // DO or PO Loading Loading @@ -11905,15 +11905,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { caller.getUserHandle()); }); } } else { Preconditions.checkCallAuthorization((caller.hasAdminComponent() && (isProfileOwner(caller) || isDefaultDeviceOwner(caller))) || (caller.hasPackage() && isCallerDelegate(caller, DELEGATION_APP_RESTRICTIONS))); mInjector.binderWithCleanCallingIdentity(() -> { mUserManager.setApplicationRestrictions(packageName, restrictions, caller.getUserHandle()); }); } DevicePolicyEventLogger Loading Loading @@ -13244,7 +13235,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return Bundle.EMPTY; } return policies.get(enforcingAdmin).getValue(); } else if (Flags.dmrhSetAppRestrictions()) { } else { final boolean isRoleHolder; if (who != null) { // Caller is DO or PO. They cannot call this on parent Loading Loading @@ -13287,19 +13278,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return bundle != null ? bundle : Bundle.EMPTY; }); } } else { Preconditions.checkCallAuthorization((caller.hasAdminComponent() && (isProfileOwner(caller) || isDefaultDeviceOwner(caller))) || (caller.hasPackage() && isCallerDelegate(caller, DELEGATION_APP_RESTRICTIONS))); return mInjector.binderWithCleanCallingIdentity(() -> { Bundle bundle = mUserManager.getApplicationRestrictions(packageName, caller.getUserHandle()); // if no restrictions were saved, mUserManager.getApplicationRestrictions // returns null, but DPM method should return an empty Bundle as per JavaDoc return bundle != null ? bundle : Bundle.EMPTY; }); } }
