Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit b999ca23 authored by Priyanka Advani (xWF)'s avatar Priyanka Advani (xWF)
Browse files

Revert "Clean up fully rolled out DmrhSetAppRestrictions" 

Revert submission 28993807-hdop-cleaup

Reason for revert: Droidmonitor created revert due to b/363275535. Will be verifying through ABTD before submission.

Reverted changes: /q/submissionid:28993807-hdop-cleaup

Change-Id: Ifad5434182709ae0e685d4ebe753d28d2db2bf81
parent a60e329c

core/java/android/app/admin/DevicePolicyManager.java

+21 −4
Original line number Diff line number Diff line
@@ -10478,6 +10478,10 @@ public class DevicePolicyManager { 
    @WorkerThread

    public void setApplicationRestrictions(@Nullable ComponentName admin, String packageName,

            Bundle settings) {

        if (!Flags.dmrhSetAppRestrictions()) {

            throwIfParentInstance("setApplicationRestrictions");

        }















        if (mService != null) {















            try {















                mService.setApplicationRestrictions(admin, mContext.getPackageName(), packageName,










@@ -11882,6 +11886,9 @@ public class DevicePolicyManager {













    @WorkerThread















    public @NonNull Bundle getApplicationRestrictions(















            @Nullable ComponentName admin, String packageName) {













        if (!Flags.dmrhSetAppRestrictions()) {













            throwIfParentInstance("getApplicationRestrictions");













        }





























        if (mService != null) {















            try {










@@ -14226,11 +14233,21 @@ public class DevicePolicyManager {













     */















    public @NonNull DevicePolicyManager getParentProfileInstance(@NonNull ComponentName admin) {















        throwIfParentInstance("getParentProfileInstance");













        try {













            if (Flags.dmrhSetAppRestrictions()) {















                UserManager um = mContext.getSystemService(UserManager.class);















                if (!um.isManagedProfile()) {















                    throw new SecurityException("The current user does not have a parent profile.");















                }













            } else {













                if (!mService.isManagedProfile(admin)) {













                    throw new SecurityException("The current user does not have a parent profile.");













                }













            }















            return new DevicePolicyManager(mContext, mService, true);













        } catch (RemoteException e) {













            throw e.rethrowFromSystemServer();













        }















    }





























    /**

























core/java/android/app/admin/flags/flags.aconfig



+10
−0




























Original line number
Diff line number
Diff line








@@ -230,6 +230,16 @@ flag {













  }















}





























flag {













  name: "dmrh_set_app_restrictions"













  namespace: "enterprise"













  description: "Allow DMRH to set application restrictions (both on the profile and the parent)"













  bug: "328758346"













  metadata {













    purpose: PURPOSE_BUGFIX













  }













}





























flag {















  name: "allow_screen_brightness_control_on_cope"















  namespace: "enterprise"

































services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java



+24
−2




























Original line number
Diff line number
Diff line








@@ -11844,7 +11844,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {













            }















            setBackwardsCompatibleAppRestrictions(















                    caller, packageName, restrictions, caller.getUserHandle());













        } else {













        } else if (Flags.dmrhSetAppRestrictions()) {















            final boolean isRoleHolder;















            if (who != null) {















                // DO or PO










@@ -11891,6 +11891,15 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {













                            caller.getUserHandle());















                });















            }













        } else {













            Preconditions.checkCallAuthorization((caller.hasAdminComponent()













                    && (isProfileOwner(caller) || isDefaultDeviceOwner(caller)))













                    || (caller.hasPackage() && isCallerDelegate(caller,













                    DELEGATION_APP_RESTRICTIONS)));













            mInjector.binderWithCleanCallingIdentity(() -> {













                mUserManager.setApplicationRestrictions(packageName, restrictions,













                        caller.getUserHandle());













            });















        }





























        DevicePolicyEventLogger










@@ -13227,7 +13236,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {













                return Bundle.EMPTY;















            }















            return policies.get(enforcingAdmin).getValue();













        } else {













        } else if (Flags.dmrhSetAppRestrictions()) {















            final boolean isRoleHolder;















            if (who != null) {















                // Caller is DO or PO. They cannot call this on parent










@@ -13270,6 +13279,19 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {













                    return bundle != null ? bundle : Bundle.EMPTY;















                });















            }

























        } else {













            Preconditions.checkCallAuthorization((caller.hasAdminComponent()













                    && (isProfileOwner(caller) || isDefaultDeviceOwner(caller)))













                    || (caller.hasPackage() && isCallerDelegate(caller,













                    DELEGATION_APP_RESTRICTIONS)));













            return mInjector.binderWithCleanCallingIdentity(() -> {













                Bundle bundle = mUserManager.getApplicationRestrictions(packageName,













                        caller.getUserHandle());













                // if no restrictions were saved, mUserManager.getApplicationRestrictions













                // returns null, but DPM method should return an empty Bundle as per JavaDoc













                return bundle != null ? bundle : Bundle.EMPTY;













            });















        }















    }