Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit bdd52cb4 authored by Eran Messeri's avatar Eran Messeri
Browse files

DO NOT MERGE: Introduce DPMS shim for active DO/PO check 

Introduce a shim into DevicePolicyManagerInternal &
DevicePolicyManagerService so that NetworkStatsAccessTest would not
diverge from internal development branches.

The DevicePolicyManagerService refactoring on the internal branch
removed isActiveAdminWithPolicy in favour of isActiveDeviceOwner and
isActiveProfileOwner.

These methods are being made available in AOSP for
NetworkStatsAccessTest.

Bug: 170459325
Test: atest NetworkStatsAccessTest
Change-Id: Ic7e0898989fb8222aaba2b35436765c04eb3250c
parent b665c63c

core/java/android/app/admin/DevicePolicyManagerInternal.java

+20 −0
Original line number Diff line number Diff line
@@ -87,6 +87,26 @@ public abstract class DevicePolicyManagerInternal { 
     */

    public abstract boolean isActiveAdminWithPolicy(int uid, int reqPolicy);



    /**

     * Checks if an app with given uid is an active device owner of its user.

     *

     * <p>This takes the DPMS lock.  DO NOT call from PM/UM/AM with their lock held.

     *

     * @param uid App uid.

     * @return true if the uid is an active device owner.

     */

    public abstract boolean isActiveDeviceOwner(int uid);



    /**

     * Checks if an app with given uid is an active profile owner of its user.

     *

     * <p>This takes the DPMS lock.  DO NOT call from PM/UM/AM with their lock held.

     *

     * @param uid App uid.

     * @return true if the uid is an active profile owner.

     */

    public abstract boolean isActiveProfileOwner(int uid);



    /**

     * Checks if an app with given uid is the active supervision admin.

     *

services/core/java/com/android/server/net/NetworkStatsAccess.java

+4 −5
Original line number Diff line number Diff line
@@ -24,7 +24,6 @@ import static android.net.TrafficStats.UID_TETHERING; 
import android.Manifest;

import android.annotation.IntDef;

import android.app.AppOpsManager;

import android.app.admin.DeviceAdminInfo;

import android.app.admin.DevicePolicyManagerInternal;

import android.content.Context;

import android.content.pm.PackageManager;
@@ -112,8 +111,7 @@ public final class NetworkStatsAccess { 
        boolean hasCarrierPrivileges = tm != null &&

                tm.checkCarrierPrivilegesForPackageAnyPhone(callingPackage) ==

                        TelephonyManager.CARRIER_PRIVILEGE_STATUS_HAS_ACCESS;

        boolean isDeviceOwner = dpmi != null && dpmi.isActiveAdminWithPolicy(callingUid,

                DeviceAdminInfo.USES_POLICY_DEVICE_OWNER);

        boolean isDeviceOwner = dpmi != null && dpmi.isActiveDeviceOwner(callingUid);

        final int appId = UserHandle.getAppId(callingUid);

        if (hasCarrierPrivileges || isDeviceOwner

                || appId == Process.SYSTEM_UID || appId == Process.NETWORK_STACK_UID) {
@@ -128,8 +126,9 @@ public final class NetworkStatsAccess { 
            return NetworkStatsAccess.Level.DEVICESUMMARY;

        }



        boolean isProfileOwner = dpmi != null && dpmi.isActiveAdminWithPolicy(callingUid,

                DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);

        //TODO(b/169395065) Figure out if this flow makes sense in Device Owner mode.

        boolean isProfileOwner = dpmi != null && (dpmi.isActiveProfileOwner(callingUid)

                || dpmi.isActiveDeviceOwner(callingUid));

        if (isProfileOwner) {

            // Apps with the AppOps permission, profile owners, and apps with the privileged

            // permission can access data usage for all apps in this user/profile.

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+16 −0
Original line number Diff line number Diff line
@@ -12473,6 +12473,22 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { 
            }

        }













        @Override













        public boolean isActiveDeviceOwner(int uid) {













            synchronized (getLockObject()) {













                return getActiveAdminWithPolicyForUidLocked(













                        null, DeviceAdminInfo.USES_POLICY_DEVICE_OWNER, uid) != null;













            }













        }

























        @Override













        public boolean isActiveProfileOwner(int uid) {













            synchronized (getLockObject()) {













                return getActiveAdminWithPolicyForUidLocked(













                        null, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER, uid) != null;













            }













        }



























        @Override















        public boolean isActiveSupervisionApp(int uid) {















            synchronized (getLockObject()) {

























tests/net/java/com/android/server/net/NetworkStatsAccessTest.java



+2
−5




























Original line number
Diff line number
Diff line








@@ -22,7 +22,6 @@ import static org.mockito.Mockito.when;













import android.Manifest;















import android.Manifest.permission;















import android.app.AppOpsManager;













import android.app.admin.DeviceAdminInfo;















import android.app.admin.DevicePolicyManagerInternal;















import android.content.Context;















import android.content.pm.PackageManager;










@@ -167,13 +166,11 @@ public class NetworkStatsAccessTest {













    }































    private void setIsDeviceOwner(boolean isOwner) {













        when(mDpmi.isActiveAdminWithPolicy(TEST_UID, DeviceAdminInfo.USES_POLICY_DEVICE_OWNER))













                .thenReturn(isOwner);













        when(mDpmi.isActiveDeviceOwner(TEST_UID)).thenReturn(isOwner);















    }































    private void setIsProfileOwner(boolean isOwner) {













        when(mDpmi.isActiveAdminWithPolicy(TEST_UID, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER))













                .thenReturn(isOwner);













        when(mDpmi.isActiveProfileOwner(TEST_UID)).thenReturn(isOwner);















    }































    private void setHasAppOpsPermission(int appOpsMode, boolean hasPermission) {