Merge "Add MANAGE_PROFILE_AND_DEVICE_OWNERS permission to some APIs" (c273e395) · Commits · e / os / android_frameworks_base

core/api/system-current.txt

+5 −5

Original line number	Diff line number	Diff line
		@@ -961,20 +961,20 @@ package android.app.admin {
		method @RequiresPermission(android.Manifest.permission.INTERACT_ACROSS_USERS) public boolean getBluetoothContactSharingDisabled(@NonNull android.os.UserHandle);
		method @Nullable @RequiresPermission(android.Manifest.permission.MANAGE_USERS) public String getDeviceOwner();
		method @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS}) public android.content.ComponentName getDeviceOwnerComponentOnAnyUser();
		method @RequiresPermission(android.Manifest.permission.MANAGE_USERS) public String getDeviceOwnerNameOnAnyUser();
		method @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS}) public String getDeviceOwnerNameOnAnyUser();
		method @Nullable public CharSequence getDeviceOwnerOrganizationName();
		method @Nullable @RequiresPermission(android.Manifest.permission.MANAGE_USERS) public android.os.UserHandle getDeviceOwnerUser();
		method @Nullable @RequiresPermission(android.Manifest.permission.MANAGE_USERS) public java.util.List<java.lang.String> getPermittedAccessibilityServices(int);
		method @Nullable @RequiresPermission(android.Manifest.permission.MANAGE_USERS) public java.util.List<java.lang.String> getPermittedInputMethodsForCurrentUser();
		method @Nullable public android.content.ComponentName getProfileOwner() throws java.lang.IllegalArgumentException;
		method @Nullable @RequiresPermission(android.Manifest.permission.MANAGE_USERS) public String getProfileOwnerNameAsUser(int) throws java.lang.IllegalArgumentException;
		method @RequiresPermission(android.Manifest.permission.MANAGE_USERS) public int getUserProvisioningState();
		method @Nullable @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS}) public String getProfileOwnerNameAsUser(int) throws java.lang.IllegalArgumentException;
		method @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS}) public int getUserProvisioningState();
		method public boolean isDeviceManaged();
		method @RequiresPermission(android.Manifest.permission.MANAGE_USERS) public boolean isDeviceProvisioned();
		method @RequiresPermission(android.Manifest.permission.MANAGE_USERS) public boolean isDeviceProvisioningConfigApplied();
		method @RequiresPermission(android.Manifest.permission.MANAGE_USERS) public boolean isManagedKiosk();
		method @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS}) public boolean isManagedKiosk();
		method public boolean isSecondaryLockscreenEnabled(@NonNull android.os.UserHandle);
		method @RequiresPermission(android.Manifest.permission.MANAGE_USERS) public boolean isUnattendedManagedKiosk();
		method @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS}) public boolean isUnattendedManagedKiosk();
		method @RequiresPermission("android.permission.NOTIFY_PENDING_SYSTEM_UPDATE") public void notifyPendingSystemUpdate(long);
		method @RequiresPermission("android.permission.NOTIFY_PENDING_SYSTEM_UPDATE") public void notifyPendingSystemUpdate(long, boolean);
		method @RequiresPermission(android.Manifest.permission.INTERACT_ACROSS_USERS_FULL) public boolean packageHasActiveAdmins(String);

core/java/android/app/admin/DevicePolicyManager.java

+23 −8

Original line number	Diff line number	Diff line
		@@ -7867,7 +7867,7 @@ public class DevicePolicyManager {
		@SystemApi
		@RequiresPermission(anyOf = {
		android.Manifest.permission.MANAGE_USERS,
		android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS,
		android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS
		})
		public ComponentName getDeviceOwnerComponentOnAnyUser() {
		return getDeviceOwnerComponentInner(/* callingUserOnly =*/ false);
		@@ -7980,8 +7980,8 @@ public class DevicePolicyManager {
		* Called by the system to find out whether the device is managed by a Device Owner.
		*
		* @return whether the device is managed by a Device Owner.
		* @throws SecurityException if the caller is not the device owner, does not hold the
		* MANAGE_USERS permission and is not the system.
		* @throws SecurityException if the caller is not the device owner, does not hold
		* MANAGE_USERS or MANAGE_PROFILE_AND_DEVICE_OWNERS permissions and is not the system.
		*
		* @hide
		*/
		@@ -8002,7 +8002,10 @@ public class DevicePolicyManager {
		* @hide
		*/
		@SystemApi
		@RequiresPermission(android.Manifest.permission.MANAGE_USERS)
		@RequiresPermission(anyOf = {
		android.Manifest.permission.MANAGE_USERS,
		android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS
		})
		public String getDeviceOwnerNameOnAnyUser() {
		throwIfParentInstance("getDeviceOwnerNameOnAnyUser");
		if (mService != null) {
		@@ -8392,7 +8395,10 @@ public class DevicePolicyManager {
		* @throws IllegalArgumentException if the userId is invalid.
		*/
		@SystemApi
		@RequiresPermission(android.Manifest.permission.MANAGE_USERS)
		@RequiresPermission(anyOf = {
		android.Manifest.permission.MANAGE_USERS,
		android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS
		})
		public @Nullable String getProfileOwnerNameAsUser(int userId) throws IllegalArgumentException {
		throwIfParentInstance("getProfileOwnerNameAsUser");
		if (mService != null) {
		@@ -11930,7 +11936,10 @@ public class DevicePolicyManager {
		* @hide
		*/
		@SystemApi
		@RequiresPermission(android.Manifest.permission.MANAGE_USERS)
		@RequiresPermission(anyOf = {
		android.Manifest.permission.MANAGE_USERS,
		android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS
		})
		@UserProvisioningState
		public int getUserProvisioningState() {
		throwIfParentInstance("getUserProvisioningState");
		@@ -13439,7 +13448,10 @@ public class DevicePolicyManager {
		* @hide
		*/
		@SystemApi
		@RequiresPermission(android.Manifest.permission.MANAGE_USERS)
		@RequiresPermission(anyOf = {
		android.Manifest.permission.MANAGE_USERS,
		android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS
		})
		public boolean isManagedKiosk() {
		throwIfParentInstance("isManagedKiosk");
		if (mService != null) {
		@@ -13468,7 +13480,10 @@ public class DevicePolicyManager {
		* @hide
		*/
		@SystemApi
		@RequiresPermission(android.Manifest.permission.MANAGE_USERS)
		@RequiresPermission(anyOf = {
		android.Manifest.permission.MANAGE_USERS,
		android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS
		})
		public boolean isUnattendedManagedKiosk() {
		throwIfParentInstance("isUnattendedManagedKiosk");
		if (mService != null) {

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+13 −6

Original line number	Diff line number	Diff line
		@@ -8460,7 +8460,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		@Override
		public boolean hasDeviceOwner() {
		final CallerIdentity caller = getCallerIdentity();
		Preconditions.checkCallAuthorization(isDeviceOwner(caller) \|\| canManageUsers(caller));
		Preconditions.checkCallAuthorization(isDeviceOwner(caller)
		\|\| canManageUsers(caller)
		\|\| hasCallingOrSelfPermission(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS));
		return mOwners.hasDeviceOwner();
		}

		@@ -8640,7 +8642,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		if (!mHasFeature) {
		return null;
		}
		Preconditions.checkCallAuthorization(canManageUsers(getCallerIdentity()));
		Preconditions.checkCallAuthorization(canManageUsers(getCallerIdentity())
		\|\| hasCallingOrSelfPermission(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS));

		synchronized (getLockObject()) {
		if (!mOwners.hasDeviceOwner()) {
		@@ -8986,7 +8989,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		return DevicePolicyManager.STATE_USER_UNMANAGED;
		}
		final CallerIdentity caller = getCallerIdentity();
		Preconditions.checkCallAuthorization(canManageUsers(caller));
		Preconditions.checkCallAuthorization(canManageUsers(caller)
		\|\| hasCallingOrSelfPermission(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS));

		return getUserProvisioningState(caller.getUserId());
		}
		@@ -9240,7 +9244,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		if (!mHasFeature) {
		return null;
		}
		Preconditions.checkCallAuthorization(canManageUsers(getCallerIdentity()));
		Preconditions.checkCallAuthorization(canManageUsers(getCallerIdentity())
		\|\| hasCallingOrSelfPermission(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS));
		return getProfileOwnerNameUnchecked(userHandle);
		}

		@@ -16466,7 +16471,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		if (!mHasFeature) {
		return false;
		}
		Preconditions.checkCallAuthorization(canManageUsers(getCallerIdentity()));
		Preconditions.checkCallAuthorization(canManageUsers(getCallerIdentity())
		\|\| hasCallingOrSelfPermission(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS));

		long id = mInjector.binderClearCallingIdentity();
		try {
		@@ -16492,7 +16498,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
		if (!mHasFeature) {
		return false;
		}
		Preconditions.checkCallAuthorization(canManageUsers(getCallerIdentity()));
		Preconditions.checkCallAuthorization(canManageUsers(getCallerIdentity())
		\|\| hasCallingOrSelfPermission(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS));

		return mInjector.binderWithCleanCallingIdentity(() -> isUnattendedManagedKioskUnchecked());
		}