[AAPM] Add DevicePolicyManager#getEnforcingAdmin for settings pages (e9727237) · Commits · e / os / android_frameworks_base

core/java/android/app/admin/DevicePolicyManager.java

+30 −0

Original line number	Diff line number	Diff line
		@@ -12485,6 +12485,36 @@ public class DevicePolicyManager {
		return null;
		}

		/**
		* Returns the {@link EnforcingAdmin} who have set this policy.
		*
		* <p>Important: this API is a temporary solution, hence should be kept hidden. That is because
		* the string argument can't define policies with arguments.
		*
		* <p>Note that for {@link #POLICY_SUSPEND_PACKAGES} it returns the PO or DO to keep the
		* behavior the same as before the bug fix for b/192245204.
		*
		* <p>This API is only callable by the system UID
		*
		* @param userId The user for whom to retrieve the information.
		* @param identifier The policy enforced by admins. It could be any user restriction or
		* policy like {@link DevicePolicyManager#POLICY_DISABLE_CAMERA} and
		* {@link DevicePolicyManager#POLICY_DISABLE_SCREEN_CAPTURE}. This also works
		* for {@link DevicePolicyIdentifiers#MEMORY_TAGGING_POLICY}.
		*
		* @hide
		*/
		public @Nullable EnforcingAdmin getEnforcingAdmin(int userId, String identifier) {
		if (mService != null) {
		try {
		return mService.getEnforcingAdmin(userId, identifier);
		} catch (RemoteException e) {
		throw e.rethrowFromSystemServer();
		}
		}
		return null;
		}

		/**
		* Returns the list of {@link EnforcingAdmin}s who have set this restriction.
		*

core/java/android/app/admin/IDevicePolicyManager.aidl

+3 −2

Original line number	Diff line number	Diff line
		@@ -280,6 +280,7 @@ interface IDevicePolicyManager {

		Intent createAdminSupportIntent(in String restriction);
		Bundle getEnforcingAdminAndUserDetails(int userId, String restriction);
		EnforcingAdmin getEnforcingAdmin(int userId, String identifier);
		List<EnforcingAdmin> getEnforcingAdminsForRestriction(int userId, String restriction);
		boolean setApplicationHidden(in ComponentName admin, in String callerPackage, in String packageName, boolean hidden, boolean parent);
		boolean isApplicationHidden(in ComponentName admin, in String callerPackage, in String packageName, boolean parent);

core/java/android/app/admin/UnknownAuthority.java

+29 −6

Original line number	Diff line number	Diff line
		@@ -22,6 +22,8 @@ import android.annotation.SystemApi;
		import android.annotation.TestApi;
		import android.os.Parcel;

		import java.util.Objects;

		/**
		* Class used to identify a default value for the authority of the {@link EnforcingAdmin} setting
		* a policy, meaning it is not one of the other known subclasses of {@link Authority}, this would be
		@@ -31,6 +33,7 @@ import android.os.Parcel;
		*/
		@SystemApi
		public final class UnknownAuthority extends Authority {
		private final String mName;

		/**
		* Object representing an unknown authority.
		@@ -45,22 +48,40 @@ public final class UnknownAuthority extends Authority {
		* Creates an authority that represents an admin that can set a policy but
		* doesn't have a known authority (e.g. a system components).
		*/
		public UnknownAuthority() {}
		public UnknownAuthority() {
		mName = null;
		}

		/** @hide */
		public UnknownAuthority(String name) {
		mName = name;
		}

		private UnknownAuthority(Parcel source) {
		this(source.readString8());
		}

		/** @hide */
		public String getName() {
		return mName;
		}

		@Override
		public String toString() {
		return "DefaultAuthority {}";
		return "DefaultAuthority {" + mName + "}";
		}

		@Override
		public boolean equals(@Nullable Object o) {
		if (this == o) return true;
		return o != null && getClass() == o.getClass();
		if (o != null && getClass() == o.getClass()) return false;
		UnknownAuthority other = (UnknownAuthority) o;
		return Objects.equals(mName, other.mName);
		}

		@Override
		public int hashCode() {
		return 0;
		return mName.hashCode();
		}

		@Override
		@@ -69,14 +90,16 @@ public final class UnknownAuthority extends Authority {
		}

		@Override
		public void writeToParcel(@NonNull Parcel dest, int flags) {}
		public void writeToParcel(@NonNull Parcel dest, int flags) {
		dest.writeString8(mName);
		}

		@NonNull
		public static final Creator<UnknownAuthority> CREATOR =
		new Creator<UnknownAuthority>() {
		@Override
		public UnknownAuthority createFromParcel(Parcel source) {
		return UNKNOWN_AUTHORITY;
		return new UnknownAuthority(source);
		}

		@Override

core/java/android/security/advancedprotection/AdvancedProtectionManager.java

+25 −0

Original line number	Diff line number	Diff line
		@@ -16,7 +16,10 @@

		package android.security.advancedprotection;

		import static android.app.admin.DevicePolicyIdentifiers.MEMORY_TAGGING_POLICY;
		import static android.content.Intent.FLAG_ACTIVITY_NEW_TASK;
		import static android.os.UserManager.DISALLOW_CELLULAR_2G;
		import static android.os.UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES_GLOBALLY;

		import android.Manifest;
		import android.annotation.CallbackExecutor;
		@@ -343,6 +346,28 @@ public final class AdvancedProtectionManager {
		return intent;
		}

		/** @hide */
		public @NonNull Intent createSupportIntentForPolicyIdentifierOrRestriction(
		@NonNull String identifier, @Nullable @SupportDialogType String type) {
		Objects.requireNonNull(identifier);
		if (type != null && !ALL_SUPPORT_DIALOG_TYPES.contains(type)) {
		throw new IllegalArgumentException(type + " is not a valid type. See"
		+ " SUPPORT_DIALOG_TYPE_* APIs.");
		}
		final String featureId;
		if (DISALLOW_INSTALL_UNKNOWN_SOURCES_GLOBALLY.equals(identifier)) {
		featureId = FEATURE_ID_DISALLOW_INSTALL_UNKNOWN_SOURCES;
		} else if (DISALLOW_CELLULAR_2G.equals(identifier)) {
		featureId = FEATURE_ID_DISALLOW_CELLULAR_2G;
		} else if (android.app.admin.flags.Flags.setMtePolicyCoexistence() && MEMORY_TAGGING_POLICY
		.equals(identifier)) {
		featureId = FEATURE_ID_ENABLE_MTE;
		} else {
		throw new UnsupportedOperationException("Unsupported identifier: " + identifier);
		}
		return createSupportIntent(featureId, type);
		}

		/**
		* A callback class for monitoring changes to Advanced Protection state
		*

packages/SettingsLib/RestrictedLockUtils/res/values/strings.xml

+7 −4

Original line number	Diff line number	Diff line
		@@ -17,9 +17,12 @@

		<resources xmlns:xliff="urn:oasis:names:tc:xliff:document:1.2">

		<!-- Summary for switch preference to denote it is switched on [CHAR LIMIT=50] -->
		<!-- Summary for switch preference to denote it is switched on by an admin [CHAR LIMIT=50] -->
		<string name="enabled_by_admin">Enabled by admin</string>
		<!-- Summary for switch preference to denote it is switched off [CHAR LIMIT=50] -->
		<!-- Summary for switch preference to denote it is switched off by an admin [CHAR LIMIT=50] -->
		<string name="disabled_by_admin">Disabled by admin</string>

		<!-- Summary for switch preference to denote it is switched on by Advanced protection [CHAR LIMIT=50] -->
		<string name="enabled_by_advanced_protection">Enabled by Advanced Protection</string>
		<!-- Summary for switch preference to denote it is switched off by Advanced protection [CHAR LIMIT=50] -->
		<string name="disabled_by_advanced_protection">Disabled by Advanced Protection</string>
		</resources>