Add method to tell the dpc if provisioning is allowed.

The DPC can use it to tell if provisioning a managed profile or for device owner would work or not. BUG:25338478 Change-Id: I09ea6a9f23a8e88e4ed37c048170b2a68213086e
2015-10-30 17:53:30 +00:00
parent 3034538ca8
commit 07387fedfa
8 changed files with 79 additions and 9 deletions
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -4299,4 +4299,23 @@ public class DevicePolicyManager {
            return PERMISSION_GRANT_STATE_DEFAULT;
        }
    }
+
+    /**
+     * Returns if provisioning a managed profile or device is possible or not.
+     * @param action One of {@link #ACTION_PROVISION_MANAGED_DEVICE},
+     * {@link #ACTION_PROVISION_MANAGED_PROFILE}.
+     * Note that even if this method returns true, there is a slight possibility that the
+     * provisioning will not be allowed when it is actually initiated because some event has
+     * happened in between.
+     * @return if provisioning a managed profile or device is possible or not.
+     * @throws IllegalArgumentException if the supplied action is not valid.
+     */
+    public boolean isProvisioningAllowed(String action) {
+        try {
+            return mService.isProvisioningAllowed(action);
+        } catch (RemoteException re) {
+            Log.w(TAG, "Failed talking with device policy service", re);
+            return false;
+        }
+    }
 }
--- a/core/java/android/app/admin/IDevicePolicyManager.aidl
+++ b/core/java/android/app/admin/IDevicePolicyManager.aidl
@@ -227,4 +227,5 @@ interface IDevicePolicyManager {
    boolean setPermissionGrantState(in ComponentName admin, String packageName,
            String permission, int grantState);
    int getPermissionGrantState(in ComponentName admin, String packageName, String permission);
+    boolean isProvisioningAllowed(String action);
 }
--- a/core/java/android/os/IUserManager.aidl
+++ b/core/java/android/os/IUserManager.aidl
@@ -44,7 +44,7 @@ interface IUserManager {
    UserInfo getPrimaryUser();
    List<UserInfo> getUsers(boolean excludeDying);
    List<UserInfo> getProfiles(int userHandle, boolean enabledOnly);
-    boolean canAddMoreManagedProfiles(int userId);
+    boolean canAddMoreManagedProfiles(int userId, boolean allowedToRemoveOne);
    UserInfo getProfileParent(int userHandle);
    boolean isSameProfileGroup(int userId, int otherUserId);
    UserInfo getUserInfo(int userHandle);
--- a/core/java/android/os/UserManager.java
+++ b/core/java/android/os/UserManager.java
@@ -1077,13 +1077,15 @@ public class UserManager {
    /**
     * Checks whether it's possible to add more managed profiles. Caller must hold the MANAGE_USERS
     * permission.
+     * if allowedToRemoveOne is true and if the user already has a managed profile, then return if
+     * we could add a new managed profile to this user after removing the existing one.
     *
     * @return true if more managed profiles can be added, false if limit has been reached.
     * @hide
     */
-    public boolean canAddMoreManagedProfiles(int userId) {
+    public boolean canAddMoreManagedProfiles(int userId, boolean allowedToRemoveOne) {
        try {
-            return mService.canAddMoreManagedProfiles(userId);
+            return mService.canAddMoreManagedProfiles(userId, allowedToRemoveOne);
        } catch (RemoteException re) {
            Log.w(TAG, "Could not check if we can add more managed profiles", re);
            return false;