Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c0440e5f authored by Victor Chang's avatar Victor Chang Committed by Android (Google) Code Review
Browse files

Merge "Deleting lock screen clears all CA approvals" into nyc-dev

parents 784c93e3 dc068eba

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+18 −0
Original line number Diff line number Diff line
@@ -4218,6 +4218,23 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { 
        }

    }



    private void removeCaApprovalsIfNeeded(int userId) {

        for (UserInfo userInfo : mUserManager.getProfiles(userId)) {

            boolean isSecure = mLockPatternUtils.isSecure(userInfo.id);

            if (userInfo.isManagedProfile()){

                isSecure |= mLockPatternUtils.isSecure(getProfileParentId(userInfo.id));

            }

            if (!isSecure) {

                synchronized (this) {

                    getUserData(userInfo.id).mAcceptedCaCertificates.clear();

                    saveSettingsLocked(userInfo.id);

                }



                new MonitoringCertNotificationTask().execute(userInfo.id);

            }

        }

    }



    @Override

    public boolean installCaCert(ComponentName admin, byte[] certBuffer) throws RemoteException {

        enforceCanManageCaCerts(admin);
@@ -4644,6 +4661,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { 
                        DeviceAdminReceiver.ACTION_PASSWORD_CHANGED,

                        DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD, userHandle);

            }

            removeCaApprovalsIfNeeded(userHandle);

        } finally {

            mInjector.binderRestoreCallingIdentity(ident);

        }