Merge "Add GuardedBy annotations to policy engine" into main

import android.util.SparseArray;

import android.util.Xml;

import com.android.internal.annotations.GuardedBy;

import com.android.internal.util.XmlUtils;

import com.android.modules.utils.TypedXmlPullParser;

import com.android.modules.utils.TypedXmlSerializer;

    /**

     * Map of <userId, Map<policyKey, policyState>>

     */

    @GuardedBy("mLock")

    private final SparseArray<Map<PolicyKey, PolicyState<?>>> mLocalPolicies;

    /**

     * Map of <policyKey, policyState>

     */

    @GuardedBy("mLock")

    private final Map<PolicyKey, PolicyState<?>> mGlobalPolicies;

    /**

        mAdminPolicySize = new SparseArray<>();

    }

    @GuardedBy("mLock")

    private void forceEnforcementRefreshIfUserRestrictionLocked(

            @NonNull PolicyDefinition<?> policyDefinition) {

        try {

        return false;

    }

    @GuardedBy("mLock")

    private void forceEnforcementRefreshLocked(PolicyDefinition<Boolean> policyDefinition) {

        Binder.withCleanCallingIdentity(() -> {

            // Sync global state

     *

     * <p>Passing a {@code null} value means the policy set by this admin should be removed.

     */

    @GuardedBy("mLock")

    private <V> void setNonCoexistableLocalPolicyLocked(

            PolicyDefinition<V> policyDefinition,

            PolicyState<V> localPolicyState,

    /**

     * Enforces the new policy and notifies relevant admins.

     */

    @GuardedBy("mLock")

    private <V> void onLocalPolicyChangedLocked(

            @NonNull PolicyDefinition<V> policyDefinition,

            @NonNull EnforcingAdmin enforcingAdmin,

    /**

     * Enforces the new policy globally and notifies relevant admins.

     */

    @GuardedBy("mLock")

    private <V> void onGlobalPolicyChangedLocked(

            @NonNull PolicyDefinition<V> policyDefinition,

            @NonNull EnforcingAdmin enforcingAdmin) {

     *

     * <p>Returns {@code true} if the policy is enforced successfully on all users.

     */

    @GuardedBy("mLock")

    private <V> boolean applyGlobalPolicyOnUsersWithLocalPoliciesLocked(

            @NonNull PolicyDefinition<V> policyDefinition,

            @NonNull EnforcingAdmin enforcingAdmin,

        removePoliciesForAdmin(oldAdmin);

    }

    @GuardedBy("mLock")

    private Set<UserRestrictionPolicyKey> getUserRestrictionPolicyKeysForAdminLocked(

            Map<PolicyKey, PolicyState<?>> policies,

            EnforcingAdmin admin) {

        return keys;

    }

    @GuardedBy("mLock")

    private <V> boolean hasLocalPolicyLocked(PolicyDefinition<V> policyDefinition, int userId) {

        if (policyDefinition.isGlobalOnlyPolicy()) {

            return false;

                .getPoliciesSetByAdmins().isEmpty();

    }

    @GuardedBy("mLock")

    private <V> boolean hasGlobalPolicyLocked(PolicyDefinition<V> policyDefinition) {

        if (policyDefinition.isLocalOnlyPolicy()) {

            return false;

                .isEmpty();

    }

    @GuardedBy("mLock")

    @NonNull

    private <V> PolicyState<V> getLocalPolicyStateLocked(

            PolicyDefinition<V> policyDefinition, int userId) {

        return getPolicyStateLocked(mLocalPolicies.get(userId), policyDefinition);

    }

    @GuardedBy("mLock")

    private <V> void removeLocalPolicyStateLocked(

            PolicyDefinition<V> policyDefinition, int userId) {

        if (!mLocalPolicies.contains(userId)) {

        mLocalPolicies.get(userId).remove(policyDefinition.getPolicyKey());

    }

    @GuardedBy("mLock")

    @NonNull

    private <V> PolicyState<V> getGlobalPolicyStateLocked(PolicyDefinition<V> policyDefinition) {

        if (policyDefinition.isLocalOnlyPolicy()) {

        return getPolicyStateLocked(mGlobalPolicies, policyDefinition);

    }

    @GuardedBy("mLock")

    private <V> void removeGlobalPolicyStateLocked(PolicyDefinition<V> policyDefinition) {

        mGlobalPolicies.remove(policyDefinition.getPolicyKey());

    }

    @GuardedBy("mLock")

    private static <V> PolicyState<V> getPolicyStateLocked(

            Map<PolicyKey, PolicyState<?>> policies, PolicyDefinition<V> policyDefinition) {

        try {

    }

    // TODO(b/261430877): Finalise the decision on which admins to send the updates to.

    @GuardedBy("mLock")

    private <V> void sendPolicyChangedToAdminsLocked(

            PolicyState<V> policyState,

            EnforcingAdmin callingAdmin,

        });

    }

    @GuardedBy("mLock")

    private <V> void enforcePolicyOnUserLocked(int userId, PolicyState<V> policyState) {

        if (!policyState.getPolicyDefinition().isInheritable()) {

            return;

     * Called after an admin policy has been added to start binding to the admin if a connection

     * was not already established.

     */

    @GuardedBy("mLock")

    private void updateDeviceAdminServiceOnPolicyAddLocked(@NonNull EnforcingAdmin enforcingAdmin) {

        int userId = enforcingAdmin.getUserId();

     * Called after an admin policy has been removed to stop binding to the admin if they no longer

     * have any policies set.

     */

    @GuardedBy("mLock")

    private void updateDeviceAdminServiceOnPolicyRemoveLocked(

            @NonNull EnforcingAdmin enforcingAdmin) {

        if (doesAdminHavePoliciesLocked(enforcingAdmin)) {

                /* actionForLog= */ "policy-removed");

    }

    @GuardedBy("mLock")

    private boolean doesAdminHavePoliciesLocked(@NonNull EnforcingAdmin enforcingAdmin) {

        for (PolicyKey policy : mGlobalPolicies.keySet()) {

            PolicyState<?> policyState = mGlobalPolicies.get(policy);

        }

    }

    @GuardedBy("mLock")

    <V> void reapplyAllPoliciesOnBootLocked() {

        for (PolicyKey policy : mGlobalPolicies.keySet()) {

            PolicyState<?> policyState = mGlobalPolicies.get(policy);

            }

        }

        @GuardedBy("mLock")

        void writeToFileLocked() {

            Log.d(TAG, "Writing to " + mFile);

                out.startDocument(null, true);

                // Actual content

                writeInner(out);

                writeInnerLocked(out);

                out.endDocument();

                out.flush();

            }

        }

        @GuardedBy("mLock")

        // TODO(b/256846294): Add versioning to read/write

        void writeInner(TypedXmlSerializer serializer) throws IOException {

            writeLocalPoliciesInner(serializer);

            writeGlobalPoliciesInner(serializer);

            writeEnforcingAdminsInner(serializer);

            writeEnforcingAdminSizeInner(serializer);

            writeMaxPolicySizeInner(serializer);

        void writeInnerLocked(TypedXmlSerializer serializer) throws IOException {

            writeLocalPoliciesInnerLocked(serializer);

            writeGlobalPoliciesInnerLocked(serializer);

            writeEnforcingAdminsInnerLocked(serializer);

            writeEnforcingAdminSizeInnerLocked(serializer);

            writeMaxPolicySizeInnerLocked(serializer);

        }

        private void writeLocalPoliciesInner(TypedXmlSerializer serializer) throws IOException {

        @GuardedBy("mLock")

        private void writeLocalPoliciesInnerLocked(TypedXmlSerializer serializer)

                throws IOException {

            if (mLocalPolicies != null) {

                for (int i = 0; i < mLocalPolicies.size(); i++) {

                    int userId = mLocalPolicies.keyAt(i);

            }

        }

        private void writeGlobalPoliciesInner(TypedXmlSerializer serializer) throws IOException {

        @GuardedBy("mLock")

        private void writeGlobalPoliciesInnerLocked(TypedXmlSerializer serializer)

                throws IOException {

            if (mGlobalPolicies != null) {

                for (Map.Entry<PolicyKey, PolicyState<?>> policy : mGlobalPolicies.entrySet()) {

                    serializer.startTag(/* namespace= */ null, TAG_GLOBAL_POLICY_ENTRY);

            }

        }

        private void writeEnforcingAdminsInner(TypedXmlSerializer serializer) throws IOException {

        @GuardedBy("mLock")

        private void writeEnforcingAdminsInnerLocked(TypedXmlSerializer serializer)

                throws IOException {

            if (mEnforcingAdmins != null) {

                for (int i = 0; i < mEnforcingAdmins.size(); i++) {

                    int userId = mEnforcingAdmins.keyAt(i);

            }

        }

        private void writeEnforcingAdminSizeInner(TypedXmlSerializer serializer)

        @GuardedBy("mLock")

        private void writeEnforcingAdminSizeInnerLocked(TypedXmlSerializer serializer)

                throws IOException {

            if (mAdminPolicySize != null) {

                for (int i = 0; i < mAdminPolicySize.size(); i++) {

            }

        }

        private void writeMaxPolicySizeInner(TypedXmlSerializer serializer)

        @GuardedBy("mLock")

        private void writeMaxPolicySizeInnerLocked(TypedXmlSerializer serializer)

                throws IOException {

            serializer.startTag(/* namespace= */ null, TAG_MAX_POLICY_SIZE_LIMIT);

            serializer.attributeInt(

            serializer.endTag(/* namespace= */ null, TAG_MAX_POLICY_SIZE_LIMIT);

        }

        @GuardedBy("mLock")

        void readFromFileLocked() {

            if (!mFile.exists()) {

                Log.d(TAG, "" + mFile + " doesn't exist");

                input = f.openRead();

                TypedXmlPullParser parser = Xml.resolvePullParser(input);

                readInner(parser);

                readInnerLocked(parser);

            } catch (XmlPullParserException | IOException | ClassNotFoundException e) {

                Slogf.wtf(TAG, "Error parsing resources file", e);

            }

        }

        private void readInner(TypedXmlPullParser parser)

        @GuardedBy("mLock")

        private void readInnerLocked(TypedXmlPullParser parser)

                throws IOException, XmlPullParserException, ClassNotFoundException {

            int outerDepth = parser.getDepth();

            while (XmlUtils.nextElementWithin(parser, outerDepth)) {