am 833af023: am e4ffec21: Merge "Reset permission policy to default when device owner goes away" into mnc-dev

* commit '833af023a1ffe0dfa40831c6f71af48e55cc29bb': Reset permission policy to default when device owner goes away
2015-06-24 17:05:23 +00:00
parent bc12a725e7 833af023a1
commit b8abc40824
2 changed files with 32 additions and 36 deletions
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -4332,7 +4332,7 @@ public class DevicePolicyManager {
     * @param admin Which profile or device owner this request is associated with.
     * @return the current policy for future permission requests.
     */
-    public int getPermissionPolicy(@NonNull ComponentName admin) {
+    public int getPermissionPolicy(ComponentName admin) {
        try {
            return mService.getPermissionPolicy(admin);
        } catch (RemoteException re) {
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -4214,20 +4214,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
            throw new SecurityException("clearDeviceOwner can only be called by the device owner");
        }
        synchronized (this) {
-            long ident = Binder.clearCallingIdentity();
-            try {
-                clearUserRestrictions(new UserHandle(UserHandle.USER_OWNER));
-                AppGlobals.getPackageManager().updatePermissionFlagsForAllApps(
-                        PackageManager.FLAG_PERMISSION_POLICY_FIXED,
-                        0, UserHandle.USER_OWNER);
-                if (mDeviceOwner != null) {
-                    mDeviceOwner.clearDeviceOwner();
-                    mDeviceOwner.writeOwnerFile();
-                    updateDeviceOwnerLocked();
-                }
-            } catch (RemoteException re) {
-            } finally {
-                Binder.restoreCallingIdentity(ident);
+            clearUserPoliciesLocked(new UserHandle(UserHandle.USER_OWNER));
+            if (mDeviceOwner != null) {
+                mDeviceOwner.clearDeviceOwner();
+                mDeviceOwner.writeOwnerFile();
+                updateDeviceOwnerLocked();
            }
        }
    }
@@ -4378,34 +4369,39 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
            return;
        }
        UserHandle callingUser = Binder.getCallingUserHandle();
-        int userId = callingUser.getIdentifier();
        // Check if this is the profile owner who is calling
        getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
        synchronized (this) {
-            // Reset some of the profile-owner policies
-            DevicePolicyData policy = getUserData(userId);
-            policy.mPermissionPolicy = DevicePolicyManager.PERMISSION_POLICY_PROMPT;
-            policy.mDelegatedCertInstallerPackage = null;
-            policy.mStatusBarDisabled = false;
-            saveSettingsLocked(userId);
-
-            long ident = Binder.clearCallingIdentity();
-            try {
-                clearUserRestrictions(callingUser);
-                AppGlobals.getPackageManager().updatePermissionFlagsForAllApps(
-                        PackageManager.FLAG_PERMISSION_POLICY_FIXED,
-                        0, callingUser.getIdentifier());
-                if (mDeviceOwner != null) {
-                    mDeviceOwner.removeProfileOwner(userId);
-                    mDeviceOwner.writeOwnerFile();
-                }
-            } catch (RemoteException re) {
-            } finally {
-                Binder.restoreCallingIdentity(ident);
+            clearUserPoliciesLocked(callingUser);
+            if (mDeviceOwner != null) {
+                mDeviceOwner.removeProfileOwner(callingUser.getIdentifier());
+                mDeviceOwner.writeOwnerFile();
            }
        }
    }

+    private void clearUserPoliciesLocked(UserHandle userHandle) {
+        int userId = userHandle.getIdentifier();
+        // Reset some of the user-specific policies
+        DevicePolicyData policy = getUserData(userId);
+        policy.mPermissionPolicy = DevicePolicyManager.PERMISSION_POLICY_PROMPT;
+        policy.mDelegatedCertInstallerPackage = null;
+        policy.mStatusBarDisabled = false;
+        saveSettingsLocked(userId);
+
+        final long ident = Binder.clearCallingIdentity();
+        try {
+            clearUserRestrictions(userHandle);
+            AppGlobals.getPackageManager().updatePermissionFlagsForAllApps(
+                    PackageManager.FLAG_PERMISSION_POLICY_FIXED,
+                    0  /* flagValues */, userHandle.getIdentifier());
+        } catch (RemoteException re) {
+        } finally {
+            Binder.restoreCallingIdentity(ident);
+        }
+    }
+
+
    private void clearUserRestrictions(UserHandle userHandle) {
        AudioManager audioManager =
                (AudioManager) mContext.getSystemService(Context.AUDIO_SERVICE);