Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ce15af46 authored by Kholoud Mohamed's avatar Kholoud Mohamed Committed by Automerger Merge Worker
Browse files

Merge "Enable unicorn APIs" into udc-dev am: a8b0dcfa

parents 8032f68d a8b0dcfa
Loading
Loading
Loading
Loading
+38 −38
Original line number Diff line number Diff line
@@ -6038,7 +6038,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
    @Override
    public void lockNow(int flags, String callerPackageName, boolean parent) {
        CallerIdentity caller;
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            caller = getCallerIdentity(callerPackageName);
        } else {
            caller = getCallerIdentity();
@@ -6050,7 +6050,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
            ActiveAdmin admin;
            // Make sure the caller has any active admin with the right policy or
            // the required permission.
            if (isPermissionCheckFlagEnabled()) {
            if (isPolicyEngineForFinanceFlagEnabled()) {
                admin = enforcePermissionAndGetEnforcingAdmin(
                        /* admin= */ null,
                        /* permission= */ MANAGE_DEVICE_POLICY_LOCK,
@@ -8901,13 +8901,13 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
        }
        CallerIdentity caller;
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            caller = getCallerIdentity(who, callerPackageName);
        } else {
            caller = getCallerIdentity(who);
        }
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            // The effect of this policy is device-wide.
            enforcePermission(SET_TIME, caller.getPackageName(), UserHandle.USER_ALL);
        } else {
@@ -8935,13 +8935,13 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
            return false;
        }
        CallerIdentity caller;
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            caller = getCallerIdentity(who, callerPackageName);
        } else {
            caller = getCallerIdentity(who);
        }
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            enforceCanQuery(SET_TIME, caller.getPackageName(), UserHandle.USER_ALL);
        } else {
            Objects.requireNonNull(who, "ComponentName is null");
@@ -8970,7 +8970,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
            caller = getCallerIdentity(who);
        }
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            // The effect of this policy is device-wide.
            EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin(
                    who,
@@ -9010,13 +9010,13 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
        }
        CallerIdentity caller;
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            caller = getCallerIdentity(who, callerPackageName);
        } else {
            caller = getCallerIdentity(who);
        }
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            // The effect of this policy is device-wide.
            enforceCanQuery(SET_TIME_ZONE, caller.getPackageName(), UserHandle.USER_ALL);
        } else {
@@ -9319,7 +9319,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
        }
        CallerIdentity caller;
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            caller = getCallerIdentity(who, callerPackageName);
        } else {
            caller = getCallerIdentity(who);
@@ -9329,7 +9329,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
        final int userHandle = caller.getUserId();
        int affectedUserId = parent ? getProfileParentId(userHandle) : userHandle;
        synchronized (getLockObject()) {
            if (isPermissionCheckFlagEnabled()) {
            if (isPolicyEngineForFinanceFlagEnabled()) {
                // SUPPORT USES_POLICY_DISABLE_KEYGUARD_FEATURES
                EnforcingAdmin admin = enforcePermissionAndGetEnforcingAdmin(
                        who, MANAGE_DEVICE_POLICY_KEYGUARD, caller.getPackageName(),
@@ -9408,7 +9408,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
        synchronized (getLockObject()) {
            if (who != null) {
                if (isPermissionCheckFlagEnabled()) {
                if (isPolicyEngineForFinanceFlagEnabled()) {
                    EnforcingAdmin admin = getEnforcingAdminForCaller(
                            who, who.getPackageName());
                    Integer features = mDevicePolicyEngine.getLocalPolicySetByAdmin(
@@ -9422,7 +9422,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
                }
            }
            if (isPermissionCheckFlagEnabled()) {
            if (isPolicyEngineForFinanceFlagEnabled()) {
                Integer features = mDevicePolicyEngine.getResolvedPolicy(
                        PolicyDefinition.KEYGUARD_DISABLED_FEATURES,
                        affectedUserId);
@@ -11617,7 +11617,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
        final CallerIdentity caller = getCallerIdentity(who, callerPackage);
        checkCanExecuteOrThrowUnsafe(DevicePolicyManager.OPERATION_SET_APPLICATION_RESTRICTIONS);
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin(
                    who,
                    MANAGE_DEVICE_POLICY_APP_RESTRICTIONS,
@@ -12993,7 +12993,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
            String packageName) {
        final CallerIdentity caller = getCallerIdentity(who, callerPackage);
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            EnforcingAdmin enforcingAdmin = enforceCanQueryAndGetEnforcingAdmin(
                    who,
                    MANAGE_DEVICE_POLICY_APP_RESTRICTIONS,
@@ -13063,7 +13063,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
        final CallerIdentity caller = getCallerIdentity(who, callerPackage);
        ActiveAdmin admin;
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin(
                    who,
                    MANAGE_DEVICE_POLICY_PACKAGE_STATE,
@@ -13160,7 +13160,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
    public boolean isPackageSuspended(ComponentName who, String callerPackage, String packageName) {
        final CallerIdentity caller = getCallerIdentity(who, callerPackage);
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            enforcePermission(
                    MANAGE_DEVICE_POLICY_PACKAGE_STATE,
                    caller.getPackageName(),
@@ -13766,7 +13766,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
            boolean hidden, boolean parent) {
        CallerIdentity caller = getCallerIdentity(who, callerPackage);
        final int userId = parent ? getProfileParentId(caller.getUserId()) : caller.getUserId();
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            // TODO: We need to ensure the delegate with DELEGATION_PACKAGE_ACCESS can do this
            enforcePermission(MANAGE_DEVICE_POLICY_PACKAGE_STATE, caller.getPackageName(), userId);
        } else {
@@ -13785,7 +13785,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
        boolean result;
        synchronized (getLockObject()) {
            if (parent) {
                if (!isPermissionCheckFlagEnabled()) {
                if (!isPolicyEngineForFinanceFlagEnabled()) {
                    Preconditions.checkCallAuthorization(
                            isProfileOwnerOfOrganizationOwnedDevice(
                                    caller.getUserId()) && isManagedProfile(caller.getUserId()));
@@ -13802,7 +13802,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
                Slogf.v(LOG_TAG, "calling pm.setApplicationHiddenSettingAsUser(%s, %b, %d)",
                        packageName, hidden, userId);
            }
            if (isPermissionCheckFlagEnabled()) {
            if (isPolicyEngineForFinanceFlagEnabled()) {
                EnforcingAdmin admin = getEnforcingAdminForCaller(who, callerPackage);
                mDevicePolicyEngine.setLocalPolicy(
                        PolicyDefinition.APPLICATION_HIDDEN(packageName),
@@ -13841,7 +13841,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
            String packageName, boolean parent) {
        CallerIdentity caller = getCallerIdentity(who, callerPackage);
        int userId = parent ? getProfileParentId(caller.getUserId()) : caller.getUserId();
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            // TODO: Also support DELEGATION_PACKAGE_ACCESS
            enforcePermission(MANAGE_DEVICE_POLICY_PACKAGE_STATE, caller.getPackageName(), userId);
        } else {
@@ -13853,7 +13853,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
        synchronized (getLockObject()) {
            if (parent) {
                if (!isPermissionCheckFlagEnabled()) {
                if (!isPolicyEngineForFinanceFlagEnabled()) {
                    Preconditions.checkCallAuthorization(
                            isProfileOwnerOfOrganizationOwnedDevice(caller.getUserId())
                                    && isManagedProfile(caller.getUserId()));
@@ -14042,13 +14042,13 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
            return;
        }
        CallerIdentity caller;
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            caller = getCallerIdentity(who, callerPackageName);
        } else {
            caller = getCallerIdentity(who);
        }
        synchronized (getLockObject()) {
            if (isPermissionCheckFlagEnabled()) {
            if (isPolicyEngineForFinanceFlagEnabled()) {
                int affectedUser = getAffectedUser(parent);
                EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin(
                        who,
@@ -14111,7 +14111,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
        CallerIdentity caller;
        Preconditions.checkArgumentNonnegative(userId, "Invalid userId");
        final ArraySet<String> resultSet = new ArraySet<>();
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            int affectedUser = parent ? getProfileParentId(userId) : userId;
            caller = getCallerIdentity(callerPackageName);
            if (!hasPermission(MANAGE_DEVICE_POLICY_ACCOUNT_MANAGEMENT,
@@ -15462,12 +15462,12 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
    public boolean setStatusBarDisabled(ComponentName who, String callerPackageName,
            boolean disabled) {
        CallerIdentity caller;
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            caller = getCallerIdentity(who, callerPackageName);
        } else {
            caller = getCallerIdentity(who);
        }
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            enforcePermission(MANAGE_DEVICE_POLICY_STATUS_BAR, caller.getPackageName(),
                    UserHandle.USER_ALL);
        } else {
@@ -15478,7 +15478,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
        int userId = caller.getUserId();
        synchronized (getLockObject()) {
            if (!isPermissionCheckFlagEnabled()) {
            if (!isPolicyEngineForFinanceFlagEnabled()) {
                Preconditions.checkCallAuthorization(isUserAffiliatedWithDeviceLocked(userId),
                        "Admin " + who + " is neither the device owner or affiliated "
                                + "user's profile owner.");
@@ -15537,7 +15537,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
    @Override
    public boolean isStatusBarDisabled(String callerPackage) {
        final CallerIdentity caller = getCallerIdentity(callerPackage);
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            enforceCanQuery(
                    MANAGE_DEVICE_POLICY_STATUS_BAR, caller.getPackageName(), caller.getUserId());
        } else {
@@ -15547,7 +15547,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
        int userId = caller.getUserId();
        synchronized (getLockObject()) {
            if (!isPermissionCheckFlagEnabled()) {
            if (!isPolicyEngineForFinanceFlagEnabled()) {
                Preconditions.checkCallAuthorization(isUserAffiliatedWithDeviceLocked(userId),
                        "Admin " + callerPackage
                                + " is neither the device owner or affiliated user's profile owner.");
@@ -16684,7 +16684,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
            }
        }
        EnforcingAdmin enforcingAdmin;
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            enforcingAdmin = enforcePermissionAndGetEnforcingAdmin(
                    admin,
                    MANAGE_DEVICE_POLICY_RUNTIME_PERMISSIONS,
@@ -16855,7 +16855,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
    public int getPermissionGrantState(ComponentName admin, String callerPackage,
            String packageName, String permission) throws RemoteException {
        final CallerIdentity caller = getCallerIdentity(admin, callerPackage);
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            enforceCanQuery(MANAGE_DEVICE_POLICY_RUNTIME_PERMISSIONS, caller.getPackageName(),
                    caller.getUserId());
        } else {
@@ -18986,14 +18986,14 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
            throw new IllegalArgumentException("token must be at least 32-byte long");
        }
        CallerIdentity caller;
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            caller = getCallerIdentity(admin, callerPackageName);
        } else {
            caller = getCallerIdentity(admin);
        }
        final int userId = caller.getUserId();
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin(
                    admin,
                    MANAGE_DEVICE_POLICY_RESET_PASSWORD,
@@ -19049,7 +19049,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
            return false;
        }
        CallerIdentity caller;
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            caller = getCallerIdentity(admin, callerPackageName);
        } else {
            caller = getCallerIdentity(admin);
@@ -19057,7 +19057,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
        final int userId = caller.getUserId();
        boolean result = false;
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin(
                    admin,
                    MANAGE_DEVICE_POLICY_RESET_PASSWORD,
@@ -19096,14 +19096,14 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
            return false;
        }
        CallerIdentity caller;
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            caller = getCallerIdentity(admin, callerPackageName);
        } else {
            caller = getCallerIdentity(admin);
        }
        int userId = caller.getUserId();
        if (isPermissionCheckFlagEnabled()) {
        if (isPolicyEngineForFinanceFlagEnabled()) {
            EnforcingAdmin enforcingAdmin = enforcePermissionAndGetEnforcingAdmin(
                    admin,
                    MANAGE_DEVICE_POLICY_RESET_PASSWORD,
+13 −0
Original line number Diff line number Diff line
@@ -1511,6 +1511,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
     * Validates that when the device owner is removed, the reset password token is cleared
     */
    @Test
    @Ignore("b/277916462")
    public void testClearDeviceOwner_clearResetPasswordToken() throws Exception {
        mContext.callerPermissions.add(android.Manifest.permission.MANAGE_DEVICE_ADMINS);
        mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS);
@@ -2601,6 +2602,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
    }

    @Test
    @Ignore("b/277916462")
    public void testSetApplicationHiddenWithDO() throws Exception {
        mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID;
        setupDeviceOwner();
@@ -2626,6 +2628,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
    }

    @Test
    @Ignore("b/277916462")
    public void testSetApplicationHiddenWithPOOfOrganizationOwnedDevice() throws Exception {
        final int MANAGED_PROFILE_USER_ID = CALLER_USER_HANDLE;
        final int MANAGED_PROFILE_ADMIN_UID =
@@ -4372,6 +4375,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
    }

    @Test
    @Ignore("b/277916462")
    public void testSetAutoTimeZoneEnabledModifiesSetting() throws Exception {
        mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID;
        setupDeviceOwner();
@@ -4383,6 +4387,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
    }

    @Test
    @Ignore("b/277916462")
    public void testSetAutoTimeZoneEnabledWithPOOnUser0() throws Exception {
        mContext.binder.callingUid = DpmMockContext.SYSTEM_UID;
        setupProfileOwnerOnUser0();
@@ -4394,6 +4399,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
    }

    @Test
    @Ignore("b/277916462")
    public void testSetAutoTimeZoneEnabledFailWithPONotOnUser0() throws Exception {
        setupProfileOwner();
        assertExpectException(SecurityException.class, null,
@@ -4403,6 +4409,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
    }

    @Test
    @Ignore("b/277916462")
    public void testSetAutoTimeZoneEnabledWithPOOfOrganizationOwnedDevice() throws Exception {
        setupProfileOwner();
        configureProfileOwnerOfOrgOwnedDevice(admin1, CALLER_USER_HANDLE);
@@ -5376,6 +5383,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
    }

    @Test
    @Ignore("b/277916462")
    public void testResetPasswordWithToken() throws Exception {
        mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID;
        setupDeviceOwner();
@@ -5410,6 +5418,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
    }

    @Test
    @Ignore("b/277916462")
    public void resetPasswordWithToken_NumericPin() throws Exception {
        mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID;
        setupDeviceOwner();
@@ -5430,6 +5439,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
    }

    @Test
    @Ignore("b/277916462")
    public void resetPasswordWithToken_EmptyPassword() throws Exception {
        mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID;
        setupDeviceOwner();
@@ -7250,6 +7260,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
    }

    @Test
    @Ignore("b/277916462")
    public void testCanProfileOwnerResetPasswordWhenLocked() throws Exception {
        setDeviceEncryptionPerUser();
        setupProfileOwner();
@@ -7313,6 +7324,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
    }

    @Test
    @Ignore("b/277916462")
    public void testSetAccountTypesWithManagementDisabledOnManagedProfile() throws Exception {
        setupProfileOwner();

@@ -7332,6 +7344,7 @@ public class DevicePolicyManagerTest extends DpmTestBase {
    }

    @Test
    @Ignore("b/277916462")
    public void testSetAccountTypesWithManagementDisabledOnOrgOwnedManagedProfile()
            throws Exception {
        mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS);