Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Add lockdownEnabled parameter to always-on VPN API" into nyc-dev

Browse Source 
am: 7ec93a1ee2

* commit '7ec93a1ee2d381fdcd3be271712e4179ddbf9829':
  Add lockdownEnabled parameter to always-on VPN API

Change-Id: I7e3f9edd802dfe7c98abf79dcf8f6fa14ce39c01
This commit is contained in:
Robin Lee
2016-05-04 18:52:53 +00:00
committed by android-build-merger
parent 31b3676cce 7ec93a1ee2
commit 78d0888e8c
9 changed files with 33 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
api/current.txt
View File

@@ -5967,7 +5967,7 @@ package android.app.admin {
method public java.util.List<android.app.admin.SecurityLog.SecurityEvent> retrievePreRebootSecurityLogs(android.content.ComponentName);
method public java.util.List<android.app.admin.SecurityLog.SecurityEvent> retrieveSecurityLogs(android.content.ComponentName);
method public void setAccountManagementDisabled(android.content.ComponentName, java.lang.String, boolean);
method public void setAlwaysOnVpnPackage(android.content.ComponentName, java.lang.String) throws android.content.pm.PackageManager.NameNotFoundException, java.lang.UnsupportedOperationException;
method public void setAlwaysOnVpnPackage(android.content.ComponentName, java.lang.String, boolean) throws android.content.pm.PackageManager.NameNotFoundException, java.lang.UnsupportedOperationException;
method public boolean setApplicationHidden(android.content.ComponentName, java.lang.String, boolean);
method public void setApplicationRestrictions(android.content.ComponentName, java.lang.String, android.os.Bundle);
method public void setApplicationRestrictionsManagingPackage(android.content.ComponentName, java.lang.String) throws android.content.pm.PackageManager.NameNotFoundException;

2
api/system-current.txt
View File

@@ -6128,7 +6128,7 @@ package android.app.admin {
method public java.util.List<android.app.admin.SecurityLog.SecurityEvent> retrieveSecurityLogs(android.content.ComponentName);
method public void setAccountManagementDisabled(android.content.ComponentName, java.lang.String, boolean);
method public deprecated boolean setActiveProfileOwner(android.content.ComponentName, java.lang.String) throws java.lang.IllegalArgumentException;
method public void setAlwaysOnVpnPackage(android.content.ComponentName, java.lang.String) throws android.content.pm.PackageManager.NameNotFoundException, java.lang.UnsupportedOperationException;
method public void setAlwaysOnVpnPackage(android.content.ComponentName, java.lang.String, boolean) throws android.content.pm.PackageManager.NameNotFoundException, java.lang.UnsupportedOperationException;
method public boolean setApplicationHidden(android.content.ComponentName, java.lang.String, boolean);
method public void setApplicationRestrictions(android.content.ComponentName, java.lang.String, android.os.Bundle);
method public void setApplicationRestrictionsManagingPackage(android.content.ComponentName, java.lang.String) throws android.content.pm.PackageManager.NameNotFoundException;

2
api/test-current.txt
View File

@@ -5971,7 +5971,7 @@ package android.app.admin {
method public java.util.List<android.app.admin.SecurityLog.SecurityEvent> retrievePreRebootSecurityLogs(android.content.ComponentName);
method public java.util.List<android.app.admin.SecurityLog.SecurityEvent> retrieveSecurityLogs(android.content.ComponentName);
method public void setAccountManagementDisabled(android.content.ComponentName, java.lang.String, boolean);
method public void setAlwaysOnVpnPackage(android.content.ComponentName, java.lang.String) throws android.content.pm.PackageManager.NameNotFoundException, java.lang.UnsupportedOperationException;
method public void setAlwaysOnVpnPackage(android.content.ComponentName, java.lang.String, boolean) throws android.content.pm.PackageManager.NameNotFoundException, java.lang.UnsupportedOperationException;
method public boolean setApplicationHidden(android.content.ComponentName, java.lang.String, boolean);
method public void setApplicationRestrictions(android.content.ComponentName, java.lang.String, android.os.Bundle);
method public void setApplicationRestrictionsManagingPackage(android.content.ComponentName, java.lang.String) throws android.content.pm.PackageManager.NameNotFoundException;

23
core/java/android/app/admin/DevicePolicyManager.java
View File

@@ -2996,6 +2996,19 @@ public class DevicePolicyManager {
return null;
}
/**
* Called by a device or profile owner to configure an always-on VPN connection through a
* specific application for the current user.
*
* @deprecated this version only exists for compability with previous developer preview builds.
* TODO: delete once there are no longer any live references.
* @hide
*/
public void setAlwaysOnVpnPackage(@NonNull ComponentName admin, @Nullable String vpnPackage)
throws NameNotFoundException, UnsupportedOperationException {
setAlwaysOnVpnPackage(admin, vpnPackage, /* lockdownEnabled */ true);
}
/**
* Called by a device or profile owner to configure an always-on VPN connection through a
* specific application for the current user. This connection is automatically granted and
@@ -3006,7 +3019,10 @@ public class DevicePolicyManager {
* fail.
*
* @param vpnPackage The package name for an installed VPN app on the device, or {@code null} to
* remove an existing always-on VPN configuration.
* remove an existing always-on VPN configuration.
* @param lockdownEnabled {@code true} to disallow networking when the VPN is not connected or
* {@code false} otherwise. This carries the risk that any failure of the VPN provider
* could break networking for all apps. This has no effect when clearing.
* @return {@code true} if the package is set as always-on VPN controller; {@code false}
* otherwise.
* @throws SecurityException if {@code admin} is not a device or a profile owner.
@@ -3014,12 +3030,13 @@ public class DevicePolicyManager {
* @throws UnsupportedOperationException if {@code vpnPackage} exists but does not support being
* set as always-on, or if always-on VPN is not available.
*/
public void setAlwaysOnVpnPackage(@NonNull ComponentName admin, @Nullable String vpnPackage)
public void setAlwaysOnVpnPackage(@NonNull ComponentName admin, @Nullable String vpnPackage,
boolean lockdownEnabled)
throws NameNotFoundException, UnsupportedOperationException {
throwIfParentInstance("setAlwaysOnVpnPackage");
if (mService != null) {
try {
if (!mService.setAlwaysOnVpnPackage(admin, vpnPackage)) {
if (!mService.setAlwaysOnVpnPackage(admin, vpnPackage, lockdownEnabled)) {
throw new NameNotFoundException(vpnPackage);
}
} catch (RemoteException e) {

2
core/java/android/app/admin/IDevicePolicyManager.aidl
View File

@@ -157,7 +157,7 @@ interface IDevicePolicyManager {
void setCertInstallerPackage(in ComponentName who, String installerPackage);
String getCertInstallerPackage(in ComponentName who);
boolean setAlwaysOnVpnPackage(in ComponentName who, String vpnPackage);
boolean setAlwaysOnVpnPackage(in ComponentName who, String vpnPackage, boolean lockdown);
String getAlwaysOnVpnPackage(in ComponentName who);
void addPersistentPreferredActivity(in ComponentName admin, in IntentFilter filter, in ComponentName activity);

8
core/java/android/net/ConnectivityManager.java
View File

@@ -797,14 +797,16 @@ public class ConnectivityManager {
* @param userId The identifier of the user to set an always-on VPN for.
* @param vpnPackage The package name for an installed VPN app on the device, or {@code null}
* to remove an existing always-on VPN configuration.
* @param lockdownEnabled {@code true} to disallow networking when the VPN is not connected or
* {@code false} otherwise.
* @return {@code true} if the package is set as always-on VPN controller;
* {@code false} otherwise.
* @hide
*/
public boolean setAlwaysOnVpnPackageForUser(int userId, @Nullable String vpnPackage) {
public boolean setAlwaysOnVpnPackageForUser(int userId, @Nullable String vpnPackage,
boolean lockdownEnabled) {
try {
return mService.setAlwaysOnVpnPackage(userId, vpnPackage);
return mService.setAlwaysOnVpnPackage(userId, vpnPackage, lockdownEnabled);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}

2
core/java/android/net/IConnectivityManager.aidl
View File

@@ -122,7 +122,7 @@ interface IConnectivityManager
VpnInfo[] getAllVpnInfo();
boolean updateLockdownVpn();
boolean setAlwaysOnVpnPackage(int userId, String packageName);
boolean setAlwaysOnVpnPackage(int userId, String packageName, boolean lockdown);
String getAlwaysOnVpnPackage(int userId);
int checkMobileProvisioning(int suggestedTimeOutMs);

2
services/core/java/com/android/server/ConnectivityService.java
View File

@@ -3347,7 +3347,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
}
@Override
public boolean setAlwaysOnVpnPackage(int userId, String packageName) {
public boolean setAlwaysOnVpnPackage(int userId, String packageName, boolean lockdown) {
enforceConnectivityInternalPermission();
enforceCrossUserPermission(userId);

4
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
View File

@@ -4459,7 +4459,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
* @throws UnsupportedException if the package does not support being set as always-on.
*/
@Override
public boolean setAlwaysOnVpnPackage(ComponentName admin, String vpnPackage)
public boolean setAlwaysOnVpnPackage(ComponentName admin, String vpnPackage, boolean lockdown)
throws SecurityException {
synchronized (this) {
getActiveAdminForCallerLocked(admin, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
@@ -4473,7 +4473,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
}
ConnectivityManager connectivityManager = (ConnectivityManager)
mContext.getSystemService(Context.CONNECTIVITY_SERVICE);
if (!connectivityManager.setAlwaysOnVpnPackageForUser(userId, vpnPackage)) {
if (!connectivityManager.setAlwaysOnVpnPackageForUser(userId, vpnPackage, lockdown)) {
throw new UnsupportedOperationException();
}
} finally {