Merge changes from topic 'provisioning-entry-point'

    // OPEN Settings > Bluetooth > Attempt to connect to device that shows dialog

    // OPEN Settings > Bluetooth > Attempt to connect to device that shows dialog

    BLUETOOTH_DIALOG_FRAGMENT = 613;

    BLUETOOTH_DIALOG_FRAGMENT = 613;

    // ACTION: Logs provisioning started by zero touch.

    PROVISIONING_ENTRY_POINT_ZERO_TOUCH = 614;

    // ACTION: Logs provisioning started by NFC bump.

    PROVISIONING_ENTRY_POINT_NFC = 615;

    // ACTION: Logs provisioning started using QR code.

    PROVISIONING_ENTRY_POINT_QR_CODE = 616;

    // ACTION: Logs provisioning started using adb.

    PROVISIONING_ENTRY_POINT_ADB = 617;

    // ACTION: Logs provisioning started by trusted source.

    PROVISIONING_ENTRY_POINT_TRUSTED_SOURCE = 618;

    // ---- End O Constants, all O constants go above this line ----

    // ---- End O Constants, all O constants go above this line ----

    // Add new aosp constants above this line.

    // Add new aosp constants above this line.

import static android.app.admin.DevicePolicyManager.WIPE_RESET_PROTECTION_DATA;

import static android.app.admin.DevicePolicyManager.WIPE_RESET_PROTECTION_DATA;

import static android.content.pm.PackageManager.GET_UNINSTALLED_PACKAGES;

import static android.content.pm.PackageManager.GET_UNINSTALLED_PACKAGES;

import static com.android.internal.logging.MetricsProto.MetricsEvent.PROVISIONING_ENTRY_POINT_ADB;

import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_DPM_LOCK_NOW;

import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_DPM_LOCK_NOW;

import static org.xmlpull.v1.XmlPullParser.END_DOCUMENT;

import static org.xmlpull.v1.XmlPullParser.END_DOCUMENT;

import static org.xmlpull.v1.XmlPullParser.END_TAG;

import static org.xmlpull.v1.XmlPullParser.END_TAG;

import com.android.internal.R;

import com.android.internal.R;

import com.android.internal.annotations.VisibleForTesting;

import com.android.internal.annotations.VisibleForTesting;

import com.android.internal.logging.MetricsLogger;

import com.android.internal.statusbar.IStatusBarService;

import com.android.internal.statusbar.IStatusBarService;

import com.android.internal.util.FastXmlSerializer;

import com.android.internal.util.FastXmlSerializer;

import com.android.internal.util.JournaledFile;

import com.android.internal.util.JournaledFile;

     */

     */

    private static final long MINIMUM_STRONG_AUTH_TIMEOUT_MS = 1 * 60 * 60 * 1000; // 1h

    private static final long MINIMUM_STRONG_AUTH_TIMEOUT_MS = 1 * 60 * 60 * 1000; // 1h

    /**

     * Strings logged with {@link #PROVISIONING_ENTRY_POINT_ADB}.

     */

    private static final String LOG_TAG_PROFILE_OWNER = "profile-owner";

    private static final String LOG_TAG_DEVICE_OWNER = "device-owner";

    final Context mContext;

    final Context mContext;

    final Injector mInjector;

    final Injector mInjector;

    final IPackageManager mIPackageManager;

    final IPackageManager mIPackageManager;

                mInjector.binderRestoreCallingIdentity(ident);

                mInjector.binderRestoreCallingIdentity(ident);

            }

            }

            if (isAdb()) {

                // Log device owner provisioning was started using adb.

                MetricsLogger.action(mContext, PROVISIONING_ENTRY_POINT_ADB, LOG_TAG_DEVICE_OWNER);

            }

            mOwners.setDeviceOwner(admin, ownerName, userId);

            mOwners.setDeviceOwner(admin, ownerName, userId);

            mOwners.writeDeviceOwner();

            mOwners.writeDeviceOwner();

            updateDeviceOwnerLocked();

            updateDeviceOwnerLocked();

                throw new IllegalArgumentException("Not active admin: " + who);

                throw new IllegalArgumentException("Not active admin: " + who);

            }

            }

            if (isAdb()) {

                // Log profile owner provisioning was started using adb.

                MetricsLogger.action(mContext, PROVISIONING_ENTRY_POINT_ADB, LOG_TAG_PROFILE_OWNER);

            }

            mOwners.setProfileOwner(who, ownerName, userHandle);

            mOwners.setProfileOwner(who, ownerName, userHandle);

            mOwners.writeProfileOwner(userHandle);

            mOwners.writeProfileOwner(userHandle);

            Slog.i(LOG_TAG, "Profile owner set: " + who + " on user " + userHandle);

            Slog.i(LOG_TAG, "Profile owner set: " + who + " on user " + userHandle);

            boolean transitionCheckNeeded = true;

            boolean transitionCheckNeeded = true;

            // Calling identity/permission checks.

            // Calling identity/permission checks.

            final int callingUid = mInjector.binderGetCallingUid();

            if (isAdb()) {

            if (callingUid == Process.SHELL_UID || callingUid == Process.ROOT_UID) {

                // ADB shell can only move directly from un-managed to finalized as part of directly

                // ADB shell can only move directly from un-managed to finalized as part of directly

                // setting profile-owner or device-owner.

                // setting profile-owner or device-owner.

                if (getUserProvisioningState(userHandle) !=

                if (getUserProvisioningState(userHandle) !=

            throw new IllegalStateException("Trying to set the profile owner, but the user "

            throw new IllegalStateException("Trying to set the profile owner, but the user "

                    + "already has a device owner.");

                    + "already has a device owner.");

        }

        }

        int callingUid = mInjector.binderGetCallingUid();

        if (isAdb()) {

        if (callingUid == Process.SHELL_UID || callingUid == Process.ROOT_UID) {

            if (hasUserSetupCompleted(userHandle)

            if (hasUserSetupCompleted(userHandle)

                    && hasIncompatibleAccountsLocked(userHandle, owner)) {

                    && hasIncompatibleAccountsLocked(userHandle, owner)) {

                throw new IllegalStateException("Not allowed to set the profile owner because "

                throw new IllegalStateException("Not allowed to set the profile owner because "

     * permission.

     * permission.

     */

     */

    private void enforceCanSetDeviceOwnerLocked(@Nullable ComponentName owner, int userId) {

    private void enforceCanSetDeviceOwnerLocked(@Nullable ComponentName owner, int userId) {

        int callingUid = mInjector.binderGetCallingUid();

        if (!isAdb()) {

        boolean isAdb = callingUid == Process.SHELL_UID || callingUid == Process.ROOT_UID;

        if (!isAdb) {

            enforceCanManageProfileAndDeviceOwners();

            enforceCanManageProfileAndDeviceOwners();

        }

        }

        final int code = checkSetDeviceOwnerPreConditionLocked(owner, userId, isAdb);

        final int code = checkSetDeviceOwnerPreConditionLocked(owner, userId, isAdb());

        switch (code) {

        switch (code) {

            case CODE_OK:

            case CODE_OK:

                return;

                return;

            return false;

            return false;

        }

        }

    }

    }

    private boolean isAdb() {

        final int callingUid = mInjector.binderGetCallingUid();

        return callingUid == Process.SHELL_UID || callingUid == Process.ROOT_UID;

    }

}

}