Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ae0abdd8 authored by Mahaver Chopra's avatar Mahaver Chopra Committed by Android (Google) Code Review
Browse files

Merge changes from topic 'provisioning-entry-point'

* changes:
  Analytics for provisioning entry point: ADB
  Metrics constants for provisioning entry points
parents 6bfdc272 4e6ded25
Loading
Loading
Loading
Loading
+15 −0
Original line number Original line Diff line number Diff line
@@ -2578,6 +2578,21 @@ message MetricsEvent {
    // OPEN Settings > Bluetooth > Attempt to connect to device that shows dialog
    // OPEN Settings > Bluetooth > Attempt to connect to device that shows dialog
    BLUETOOTH_DIALOG_FRAGMENT = 613;
    BLUETOOTH_DIALOG_FRAGMENT = 613;


    // ACTION: Logs provisioning started by zero touch.
    PROVISIONING_ENTRY_POINT_ZERO_TOUCH = 614;

    // ACTION: Logs provisioning started by NFC bump.
    PROVISIONING_ENTRY_POINT_NFC = 615;

    // ACTION: Logs provisioning started using QR code.
    PROVISIONING_ENTRY_POINT_QR_CODE = 616;

    // ACTION: Logs provisioning started using adb.
    PROVISIONING_ENTRY_POINT_ADB = 617;

    // ACTION: Logs provisioning started by trusted source.
    PROVISIONING_ENTRY_POINT_TRUSTED_SOURCE = 618;

    // ---- End O Constants, all O constants go above this line ----
    // ---- End O Constants, all O constants go above this line ----


    // Add new aosp constants above this line.
    // Add new aosp constants above this line.
+27 −8
Original line number Original line Diff line number Diff line
@@ -22,6 +22,7 @@ import static android.app.admin.DevicePolicyManager.WIPE_EXTERNAL_STORAGE;
import static android.app.admin.DevicePolicyManager.WIPE_RESET_PROTECTION_DATA;
import static android.app.admin.DevicePolicyManager.WIPE_RESET_PROTECTION_DATA;
import static android.content.pm.PackageManager.GET_UNINSTALLED_PACKAGES;
import static android.content.pm.PackageManager.GET_UNINSTALLED_PACKAGES;


import static com.android.internal.logging.MetricsProto.MetricsEvent.PROVISIONING_ENTRY_POINT_ADB;
import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_DPM_LOCK_NOW;
import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_DPM_LOCK_NOW;
import static org.xmlpull.v1.XmlPullParser.END_DOCUMENT;
import static org.xmlpull.v1.XmlPullParser.END_DOCUMENT;
import static org.xmlpull.v1.XmlPullParser.END_TAG;
import static org.xmlpull.v1.XmlPullParser.END_TAG;
@@ -130,6 +131,7 @@ import android.view.inputmethod.InputMethodManager;


import com.android.internal.R;
import com.android.internal.R;
import com.android.internal.annotations.VisibleForTesting;
import com.android.internal.annotations.VisibleForTesting;
import com.android.internal.logging.MetricsLogger;
import com.android.internal.statusbar.IStatusBarService;
import com.android.internal.statusbar.IStatusBarService;
import com.android.internal.util.FastXmlSerializer;
import com.android.internal.util.FastXmlSerializer;
import com.android.internal.util.JournaledFile;
import com.android.internal.util.JournaledFile;
@@ -317,6 +319,12 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
     */
     */
    private static final long MINIMUM_STRONG_AUTH_TIMEOUT_MS = 1 * 60 * 60 * 1000; // 1h
    private static final long MINIMUM_STRONG_AUTH_TIMEOUT_MS = 1 * 60 * 60 * 1000; // 1h


    /**
     * Strings logged with {@link #PROVISIONING_ENTRY_POINT_ADB}.
     */
    private static final String LOG_TAG_PROFILE_OWNER = "profile-owner";
    private static final String LOG_TAG_DEVICE_OWNER = "device-owner";

    final Context mContext;
    final Context mContext;
    final Injector mInjector;
    final Injector mInjector;
    final IPackageManager mIPackageManager;
    final IPackageManager mIPackageManager;
@@ -5891,6 +5899,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
                mInjector.binderRestoreCallingIdentity(ident);
                mInjector.binderRestoreCallingIdentity(ident);
            }
            }


            if (isAdb()) {
                // Log device owner provisioning was started using adb.
                MetricsLogger.action(mContext, PROVISIONING_ENTRY_POINT_ADB, LOG_TAG_DEVICE_OWNER);
            }

            mOwners.setDeviceOwner(admin, ownerName, userId);
            mOwners.setDeviceOwner(admin, ownerName, userId);
            mOwners.writeDeviceOwner();
            mOwners.writeDeviceOwner();
            updateDeviceOwnerLocked();
            updateDeviceOwnerLocked();
@@ -6073,6 +6086,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
                throw new IllegalArgumentException("Not active admin: " + who);
                throw new IllegalArgumentException("Not active admin: " + who);
            }
            }


            if (isAdb()) {
                // Log profile owner provisioning was started using adb.
                MetricsLogger.action(mContext, PROVISIONING_ENTRY_POINT_ADB, LOG_TAG_PROFILE_OWNER);
            }

            mOwners.setProfileOwner(who, ownerName, userHandle);
            mOwners.setProfileOwner(who, ownerName, userHandle);
            mOwners.writeProfileOwner(userHandle);
            mOwners.writeProfileOwner(userHandle);
            Slog.i(LOG_TAG, "Profile owner set: " + who + " on user " + userHandle);
            Slog.i(LOG_TAG, "Profile owner set: " + who + " on user " + userHandle);
@@ -6206,8 +6224,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
            boolean transitionCheckNeeded = true;
            boolean transitionCheckNeeded = true;


            // Calling identity/permission checks.
            // Calling identity/permission checks.
            final int callingUid = mInjector.binderGetCallingUid();
            if (isAdb()) {
            if (callingUid == Process.SHELL_UID || callingUid == Process.ROOT_UID) {
                // ADB shell can only move directly from un-managed to finalized as part of directly
                // ADB shell can only move directly from un-managed to finalized as part of directly
                // setting profile-owner or device-owner.
                // setting profile-owner or device-owner.
                if (getUserProvisioningState(userHandle) !=
                if (getUserProvisioningState(userHandle) !=
@@ -6410,8 +6427,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
            throw new IllegalStateException("Trying to set the profile owner, but the user "
            throw new IllegalStateException("Trying to set the profile owner, but the user "
                    + "already has a device owner.");
                    + "already has a device owner.");
        }
        }
        int callingUid = mInjector.binderGetCallingUid();
        if (isAdb()) {
        if (callingUid == Process.SHELL_UID || callingUid == Process.ROOT_UID) {
            if (hasUserSetupCompleted(userHandle)
            if (hasUserSetupCompleted(userHandle)
                    && hasIncompatibleAccountsLocked(userHandle, owner)) {
                    && hasIncompatibleAccountsLocked(userHandle, owner)) {
                throw new IllegalStateException("Not allowed to set the profile owner because "
                throw new IllegalStateException("Not allowed to set the profile owner because "
@@ -6431,13 +6447,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
     * permission.
     * permission.
     */
     */
    private void enforceCanSetDeviceOwnerLocked(@Nullable ComponentName owner, int userId) {
    private void enforceCanSetDeviceOwnerLocked(@Nullable ComponentName owner, int userId) {
        int callingUid = mInjector.binderGetCallingUid();
        if (!isAdb()) {
        boolean isAdb = callingUid == Process.SHELL_UID || callingUid == Process.ROOT_UID;
        if (!isAdb) {
            enforceCanManageProfileAndDeviceOwners();
            enforceCanManageProfileAndDeviceOwners();
        }
        }


        final int code = checkSetDeviceOwnerPreConditionLocked(owner, userId, isAdb);
        final int code = checkSetDeviceOwnerPreConditionLocked(owner, userId, isAdb());
        switch (code) {
        switch (code) {
            case CODE_OK:
            case CODE_OK:
                return;
                return;
@@ -9483,4 +9497,9 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
            return false;
            return false;
        }
        }
    }
    }

    private boolean isAdb() {
        final int callingUid = mInjector.binderGetCallingUid();
        return callingUid == Process.SHELL_UID || callingUid == Process.ROOT_UID;
    }
}
}