Merge "Return null value if getActiveAdminUncheckedLocked returns null." into nyc-dev
am: d2a968f
* commit 'd2a968f9c31ba1864bc514bb88a9a939508fe794':
Return null value if getActiveAdminUncheckedLocked returns null.
Change-Id: I2767b95af01a0ef78bf1c216579b81ee705e1468
This commit is contained in:
Sudheer Shanka
@@ -4889,15 +4889,30 @@ public class DevicePolicyManager {
|
||||
* @throws SecurityException if {@code admin} is not a device or profile owner.
|
||||
*/
|
||||
public Bundle getUserRestrictions(@NonNull ComponentName admin) {
|
||||
return getUserRestrictions(admin, myUserId());
|
||||
}
|
||||
|
||||
/** @hide per-user version */
|
||||
public Bundle getUserRestrictions(@NonNull ComponentName admin, int userHandle) {
|
||||
Bundle ret = null;
|
||||
if (mService != null) {
|
||||
try {
|
||||
ret = mService.getUserRestrictions(admin, userHandle);
|
||||
ret = mService.getUserRestrictions(admin);
|
||||
} catch (RemoteException e) {
|
||||
throw e.rethrowFromSystemServer();
|
||||
}
|
||||
}
|
||||
return ret == null ? new Bundle() : ret;
|
||||
}
|
||||
|
||||
/**
|
||||
* Called by the system to get the user restrictions for a user.
|
||||
*
|
||||
* @param admin Which {@link DeviceAdminReceiver} this request is associated with.
|
||||
* @param userHandle user id the admin is running as.
|
||||
*
|
||||
* @hide
|
||||
*/
|
||||
public Bundle getUserRestrictionsForUser(@NonNull ComponentName admin, int userHandle) {
|
||||
Bundle ret = null;
|
||||
if (mService != null) {
|
||||
try {
|
||||
ret = mService.getUserRestrictionsForUser(admin, userHandle);
|
||||
} catch (RemoteException e) {
|
||||
throw e.rethrowFromSystemServer();
|
||||
}
|
||||
|
||||
@@ -169,7 +169,8 @@ interface IDevicePolicyManager {
|
||||
ComponentName getRestrictionsProvider(int userHandle);
|
||||
|
||||
void setUserRestriction(in ComponentName who, in String key, boolean enable);
|
||||
Bundle getUserRestrictions(in ComponentName who, int userId);
|
||||
Bundle getUserRestrictions(in ComponentName who);
|
||||
Bundle getUserRestrictionsForUser(in ComponentName who, int userId);
|
||||
void addCrossProfileIntentFilter(in ComponentName admin, in IntentFilter filter, int flags);
|
||||
void clearCrossProfileIntentFilters(in ComponentName admin);
|
||||
|
||||
|
||||
@@ -78,7 +78,8 @@ public class RestrictedLockUtils {
|
||||
int deviceOwnerUserId = dpm.getDeviceOwnerUserId();
|
||||
boolean enforcedByDeviceOwner = false;
|
||||
if (deviceOwner != null && deviceOwnerUserId != UserHandle.USER_NULL) {
|
||||
Bundle enforcedRestrictions = dpm.getUserRestrictions(deviceOwner, deviceOwnerUserId);
|
||||
Bundle enforcedRestrictions =
|
||||
dpm.getUserRestrictionsForUser(deviceOwner, deviceOwnerUserId);
|
||||
if (enforcedRestrictions != null
|
||||
&& enforcedRestrictions.getBoolean(userRestriction, false)) {
|
||||
enforcedByDeviceOwner = true;
|
||||
@@ -90,7 +91,8 @@ public class RestrictedLockUtils {
|
||||
if (userId != UserHandle.USER_NULL) {
|
||||
profileOwner = dpm.getProfileOwnerAsUser(userId);
|
||||
if (profileOwner != null) {
|
||||
Bundle enforcedRestrictions = dpm.getUserRestrictions(profileOwner, userId);
|
||||
Bundle enforcedRestrictions =
|
||||
dpm.getUserRestrictionsForUser(profileOwner, userId);
|
||||
if (enforcedRestrictions != null
|
||||
&& enforcedRestrictions.getBoolean(userRestriction, false)) {
|
||||
enforcedByProfileOwner = true;
|
||||
|
||||
@@ -5796,8 +5796,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
|
||||
transitionCheckNeeded = false;
|
||||
} else {
|
||||
// For all other cases, caller must have MANAGE_PROFILE_AND_DEVICE_OWNERS.
|
||||
mContext.enforceCallingOrSelfPermission(
|
||||
android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS, null);
|
||||
enforceCanManageProfileAndDeviceOwners();
|
||||
}
|
||||
|
||||
final DevicePolicyData policyData = getUserData(userHandle);
|
||||
@@ -5990,8 +5989,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
|
||||
}
|
||||
return;
|
||||
}
|
||||
mContext.enforceCallingOrSelfPermission(
|
||||
android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS, null);
|
||||
enforceCanManageProfileAndDeviceOwners();
|
||||
if (hasUserSetupCompleted(userHandle) && !isCallerWithSystemUid()) {
|
||||
throw new IllegalStateException("Cannot set the profile owner on a user which is "
|
||||
+ "already set-up");
|
||||
@@ -6006,8 +6004,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
|
||||
int callingUid = mInjector.binderGetCallingUid();
|
||||
boolean isAdb = callingUid == Process.SHELL_UID || callingUid == Process.ROOT_UID;
|
||||
if (!isAdb) {
|
||||
mContext.enforceCallingOrSelfPermission(
|
||||
android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS, null);
|
||||
enforceCanManageProfileAndDeviceOwners();
|
||||
}
|
||||
|
||||
final int code = checkSetDeviceOwnerPreCondition(userId, isAdb);
|
||||
@@ -6663,6 +6660,9 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
|
||||
}
|
||||
synchronized (this) {
|
||||
ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
|
||||
if (admin == null) {
|
||||
return false;
|
||||
}
|
||||
if (admin.permittedAccessiblityServices == null) {
|
||||
return true;
|
||||
}
|
||||
@@ -6833,6 +6833,9 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
|
||||
}
|
||||
synchronized (this) {
|
||||
ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
|
||||
if (admin == null) {
|
||||
return false;
|
||||
}
|
||||
if (admin.permittedInputMethods == null) {
|
||||
return true;
|
||||
}
|
||||
@@ -7103,19 +7106,30 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
|
||||
}
|
||||
|
||||
@Override
|
||||
public Bundle getUserRestrictions(ComponentName who, int userHandle) {
|
||||
public Bundle getUserRestrictions(ComponentName who) {
|
||||
if (!mHasFeature) {
|
||||
return null;
|
||||
}
|
||||
Preconditions.checkNotNull(who, "ComponentName is null");
|
||||
synchronized (this) {
|
||||
final ActiveAdmin activeAdmin = getActiveAdminForCallerLocked(who,
|
||||
DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
|
||||
return activeAdmin.userRestrictions;
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public Bundle getUserRestrictionsForUser(ComponentName who, int userHandle) {
|
||||
if (!mHasFeature) {
|
||||
return null;
|
||||
}
|
||||
Preconditions.checkNotNull(who, "ComponentName is null");
|
||||
enforceFullCrossUsersPermission(userHandle);
|
||||
enforceCanManageProfileAndDeviceOwners();
|
||||
synchronized (this) {
|
||||
ActiveAdmin activeAdmin = getActiveAdminUncheckedLocked(who, userHandle);
|
||||
if (activeAdmin == null) {
|
||||
throw new SecurityException("No active admin: " + activeAdmin);
|
||||
}
|
||||
if (activeAdmin.getUid() != mInjector.binderGetCallingUid()) {
|
||||
mContext.enforceCallingOrSelfPermission(
|
||||
android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS,
|
||||
"Calling uid " + mInjector.binderGetCallingUid() + " neither owns the admin"
|
||||
+ " " + who + " nor has MANAGE_PROFILE_AND_DEVICE_OWNERS permission");
|
||||
return null;
|
||||
}
|
||||
return activeAdmin.userRestrictions;
|
||||
}
|
||||
@@ -8689,6 +8703,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
|
||||
null);
|
||||
}
|
||||
|
||||
private void enforceCanManageProfileAndDeviceOwners() {
|
||||
mContext.enforceCallingOrSelfPermission(
|
||||
android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS, null);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isUninstallInQueue(final String packageName) {
|
||||
enforceCanManageDeviceAdmin();
|
||||
|
||||
Reference in New Issue
Block a user