Merge "Require delegated cert installer and app restriction manager to exist" into nyc-dev

     * Delegated certificate installer is a per-user state. The delegated access is persistent until

     * it is later cleared by calling this method with a null value or uninstallling the certificate

     * installer.

     *<p>

     * <b>Note:</b>Starting from {@link android.os.Build.VERSION_CODES#N}, if the caller

     * application's target SDK version is {@link android.os.Build.VERSION_CODES#N} or newer, the

     * supplied certificate installer package must be installed when calling this API,

     * otherwise an {@link IllegalArgumentException} will be thrown.

     *

     * @param admin Which {@link DeviceAdminReceiver} this request is associated with.

     * @param installerPackage The package name of the certificate installer which will be given

     * <p>

     * This permission is persistent until it is later cleared by calling this method with a

     * {@code null} value or uninstalling the managing package.

     * <p>

     * The supplied application restriction managing package must be installed when calling this

     * API, otherwise an {@link IllegalArgumentException} will be thrown.

     *

     * @param admin Which {@link DeviceAdminReceiver} this request is associated with.

     * @param packageName The package name which will be given access to application restrictions

import android.accessibilityservice.AccessibilityServiceInfo;

import android.accounts.AccountManager;

import android.annotation.NonNull;

import android.annotation.Nullable;

import android.app.Activity;

import android.app.ActivityManager;

import android.app.ActivityManagerNative;

        }

    }

    private boolean isAdminApiLevelMOrBelow(@NonNull ComponentName who, int userHandle) {

        DeviceAdminInfo adminInfo = findAdmin(who, userHandle, false);

        return adminInfo.getActivityInfo().applicationInfo.targetSdkVersion

                <= Build.VERSION_CODES.M;

    }

    @Override

    public boolean isSeparateProfileChallengeAllowed(int userHandle) {

        ComponentName profileOwner = getProfileOwner(userHandle);

        return profileOwner != null && !isAdminApiLevelMOrBelow(profileOwner, userHandle);

        try {

            // Profile challenge is supported on N or newer release.

            return profileOwner != null &&

                    getTargetSdk(profileOwner.getPackageName(), userHandle) > Build.VERSION_CODES.M;

        } catch (RemoteException e) {

            return false;

        }

    }

    @Override

        int userHandle = UserHandle.getCallingUserId();

        synchronized (this) {

            getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);

            try {

                if (getTargetSdk(who.getPackageName(), userHandle) >= Build.VERSION_CODES.N) {

                    if (installerPackage != null &&

                            !isPackageInstalledForUser(installerPackage, userHandle)) {

                        throw new IllegalArgumentException("Package " + installerPackage

                                + " is not installed on the current user");

                    }

                }

            } catch (RemoteException e) {

            }

            DevicePolicyData policy = getUserData(userHandle);

            policy.mDelegatedCertInstallerPackage = installerPackage;

            saveSettingsLocked(userHandle);

        final int userHandle = mInjector.userHandleGetCallingUserId();

        synchronized (this) {

            getActiveAdminForCallerLocked(admin, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);

            if (packageName != null && !isPackageInstalledForUser(packageName, userHandle)) {

                throw new IllegalArgumentException("Package " + packageName + " is not installed "

                        + "on the current user");

            }

            DevicePolicyData policy = getUserData(userHandle);

            policy.mApplicationRestrictionsManagingPackage = packageName;

            saveSettingsLocked(userHandle);