From 28b9570d0235eca305dc76c006a54c8a85cf5db8 Mon Sep 17 00:00:00 2001
From: Esteban Talavera <etalavera@google.com>
Date: Wed, 24 Jun 2015 15:23:42 +0100
Subject: [PATCH] Reset permission policy to default when device owner goes
 away

Otherwise after the Device Owner is gone, runtime
permissions might still be auto granted/denied.
I understand that there are many other policies that
we don't reset after the device/profile owner goes
away (e.g. keyguard enabled/disabled). At least now
we have a single method when we could clear the
ones that we care about.

Bug: 21889278
Change-Id: I6997655e6ef6d474bd25ae1c323eca5b17944b16
---
 .../app/admin/DevicePolicyManager.java        |  2 +-
 .../DevicePolicyManagerService.java           | 66 +++++++++----------
 2 files changed, 32 insertions(+), 36 deletions(-)

diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java
index 4d1cff58714a7..83e06d6c9805d 100644
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -4332,7 +4332,7 @@ public class DevicePolicyManager {
      * @param admin Which profile or device owner this request is associated with.
      * @return the current policy for future permission requests.
      */
-    public int getPermissionPolicy(@NonNull ComponentName admin) {
+    public int getPermissionPolicy(ComponentName admin) {
         try {
             return mService.getPermissionPolicy(admin);
         } catch (RemoteException re) {
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index e44a7ab874eb4..491b4120d544c 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -4214,20 +4214,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
             throw new SecurityException("clearDeviceOwner can only be called by the device owner");
         }
         synchronized (this) {
-            long ident = Binder.clearCallingIdentity();
-            try {
-                clearUserRestrictions(new UserHandle(UserHandle.USER_OWNER));
-                AppGlobals.getPackageManager().updatePermissionFlagsForAllApps(
-                        PackageManager.FLAG_PERMISSION_POLICY_FIXED,
-                        0, UserHandle.USER_OWNER);
-                if (mDeviceOwner != null) {
-                    mDeviceOwner.clearDeviceOwner();
-                    mDeviceOwner.writeOwnerFile();
-                    updateDeviceOwnerLocked();
-                }
-            } catch (RemoteException re) {
-            } finally {
-                Binder.restoreCallingIdentity(ident);
+            clearUserPoliciesLocked(new UserHandle(UserHandle.USER_OWNER));
+            if (mDeviceOwner != null) {
+                mDeviceOwner.clearDeviceOwner();
+                mDeviceOwner.writeOwnerFile();
+                updateDeviceOwnerLocked();
             }
         }
     }
@@ -4378,34 +4369,39 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
             return;
         }
         UserHandle callingUser = Binder.getCallingUserHandle();
-        int userId = callingUser.getIdentifier();
         // Check if this is the profile owner who is calling
         getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
         synchronized (this) {
-            // Reset some of the profile-owner policies
-            DevicePolicyData policy = getUserData(userId);
-            policy.mPermissionPolicy = DevicePolicyManager.PERMISSION_POLICY_PROMPT;
-            policy.mDelegatedCertInstallerPackage = null;
-            policy.mStatusBarDisabled = false;
-            saveSettingsLocked(userId);
-
-            long ident = Binder.clearCallingIdentity();
-            try {
-                clearUserRestrictions(callingUser);
-                AppGlobals.getPackageManager().updatePermissionFlagsForAllApps(
-                        PackageManager.FLAG_PERMISSION_POLICY_FIXED,
-                        0, callingUser.getIdentifier());
-                if (mDeviceOwner != null) {
-                    mDeviceOwner.removeProfileOwner(userId);
-                    mDeviceOwner.writeOwnerFile();
-                }
-            } catch (RemoteException re) {
-            } finally {
-                Binder.restoreCallingIdentity(ident);
+            clearUserPoliciesLocked(callingUser);
+            if (mDeviceOwner != null) {
+                mDeviceOwner.removeProfileOwner(callingUser.getIdentifier());
+                mDeviceOwner.writeOwnerFile();
             }
         }
     }
 
+    private void clearUserPoliciesLocked(UserHandle userHandle) {
+        int userId = userHandle.getIdentifier();
+        // Reset some of the user-specific policies
+        DevicePolicyData policy = getUserData(userId);
+        policy.mPermissionPolicy = DevicePolicyManager.PERMISSION_POLICY_PROMPT;
+        policy.mDelegatedCertInstallerPackage = null;
+        policy.mStatusBarDisabled = false;
+        saveSettingsLocked(userId);
+
+        final long ident = Binder.clearCallingIdentity();
+        try {
+            clearUserRestrictions(userHandle);
+            AppGlobals.getPackageManager().updatePermissionFlagsForAllApps(
+                    PackageManager.FLAG_PERMISSION_POLICY_FIXED,
+                    0  /* flagValues */, userHandle.getIdentifier());
+        } catch (RemoteException re) {
+        } finally {
+            Binder.restoreCallingIdentity(ident);
+        }
+    }
+
+
     private void clearUserRestrictions(UserHandle userHandle) {
         AudioManager audioManager =
                 (AudioManager) mContext.getSystemService(Context.AUDIO_SERVICE);