am 833af023: am e4ffec21: Merge "Reset permission policy to default when device owner goes away" into mnc-dev
* commit '833af023a1ffe0dfa40831c6f71af48e55cc29bb': Reset permission policy to default when device owner goes away
This commit is contained in:
Esteban Talavera
@@ -4332,7 +4332,7 @@ public class DevicePolicyManager {
|
|||||||
* @param admin Which profile or device owner this request is associated with.
|
* @param admin Which profile or device owner this request is associated with.
|
||||||
* @return the current policy for future permission requests.
|
* @return the current policy for future permission requests.
|
||||||
*/
|
*/
|
||||||
public int getPermissionPolicy(@NonNull ComponentName admin) {
|
public int getPermissionPolicy(ComponentName admin) {
|
||||||
try {
|
try {
|
||||||
return mService.getPermissionPolicy(admin);
|
return mService.getPermissionPolicy(admin);
|
||||||
} catch (RemoteException re) {
|
} catch (RemoteException re) {
|
||||||
|
|||||||
@@ -4214,20 +4214,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
|
|||||||
throw new SecurityException("clearDeviceOwner can only be called by the device owner");
|
throw new SecurityException("clearDeviceOwner can only be called by the device owner");
|
||||||
}
|
}
|
||||||
synchronized (this) {
|
synchronized (this) {
|
||||||
long ident = Binder.clearCallingIdentity();
|
clearUserPoliciesLocked(new UserHandle(UserHandle.USER_OWNER));
|
||||||
try {
|
if (mDeviceOwner != null) {
|
||||||
clearUserRestrictions(new UserHandle(UserHandle.USER_OWNER));
|
mDeviceOwner.clearDeviceOwner();
|
||||||
AppGlobals.getPackageManager().updatePermissionFlagsForAllApps(
|
mDeviceOwner.writeOwnerFile();
|
||||||
PackageManager.FLAG_PERMISSION_POLICY_FIXED,
|
updateDeviceOwnerLocked();
|
||||||
0, UserHandle.USER_OWNER);
|
|
||||||
if (mDeviceOwner != null) {
|
|
||||||
mDeviceOwner.clearDeviceOwner();
|
|
||||||
mDeviceOwner.writeOwnerFile();
|
|
||||||
updateDeviceOwnerLocked();
|
|
||||||
}
|
|
||||||
} catch (RemoteException re) {
|
|
||||||
} finally {
|
|
||||||
Binder.restoreCallingIdentity(ident);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -4378,34 +4369,39 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
UserHandle callingUser = Binder.getCallingUserHandle();
|
UserHandle callingUser = Binder.getCallingUserHandle();
|
||||||
int userId = callingUser.getIdentifier();
|
|
||||||
// Check if this is the profile owner who is calling
|
// Check if this is the profile owner who is calling
|
||||||
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
|
getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
|
||||||
synchronized (this) {
|
synchronized (this) {
|
||||||
// Reset some of the profile-owner policies
|
clearUserPoliciesLocked(callingUser);
|
||||||
DevicePolicyData policy = getUserData(userId);
|
if (mDeviceOwner != null) {
|
||||||
policy.mPermissionPolicy = DevicePolicyManager.PERMISSION_POLICY_PROMPT;
|
mDeviceOwner.removeProfileOwner(callingUser.getIdentifier());
|
||||||
policy.mDelegatedCertInstallerPackage = null;
|
mDeviceOwner.writeOwnerFile();
|
||||||
policy.mStatusBarDisabled = false;
|
|
||||||
saveSettingsLocked(userId);
|
|
||||||
|
|
||||||
long ident = Binder.clearCallingIdentity();
|
|
||||||
try {
|
|
||||||
clearUserRestrictions(callingUser);
|
|
||||||
AppGlobals.getPackageManager().updatePermissionFlagsForAllApps(
|
|
||||||
PackageManager.FLAG_PERMISSION_POLICY_FIXED,
|
|
||||||
0, callingUser.getIdentifier());
|
|
||||||
if (mDeviceOwner != null) {
|
|
||||||
mDeviceOwner.removeProfileOwner(userId);
|
|
||||||
mDeviceOwner.writeOwnerFile();
|
|
||||||
}
|
|
||||||
} catch (RemoteException re) {
|
|
||||||
} finally {
|
|
||||||
Binder.restoreCallingIdentity(ident);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private void clearUserPoliciesLocked(UserHandle userHandle) {
|
||||||
|
int userId = userHandle.getIdentifier();
|
||||||
|
// Reset some of the user-specific policies
|
||||||
|
DevicePolicyData policy = getUserData(userId);
|
||||||
|
policy.mPermissionPolicy = DevicePolicyManager.PERMISSION_POLICY_PROMPT;
|
||||||
|
policy.mDelegatedCertInstallerPackage = null;
|
||||||
|
policy.mStatusBarDisabled = false;
|
||||||
|
saveSettingsLocked(userId);
|
||||||
|
|
||||||
|
final long ident = Binder.clearCallingIdentity();
|
||||||
|
try {
|
||||||
|
clearUserRestrictions(userHandle);
|
||||||
|
AppGlobals.getPackageManager().updatePermissionFlagsForAllApps(
|
||||||
|
PackageManager.FLAG_PERMISSION_POLICY_FIXED,
|
||||||
|
0 /* flagValues */, userHandle.getIdentifier());
|
||||||
|
} catch (RemoteException re) {
|
||||||
|
} finally {
|
||||||
|
Binder.restoreCallingIdentity(ident);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
private void clearUserRestrictions(UserHandle userHandle) {
|
private void clearUserRestrictions(UserHandle userHandle) {
|
||||||
AudioManager audioManager =
|
AudioManager audioManager =
|
||||||
(AudioManager) mContext.getSystemService(Context.AUDIO_SERVICE);
|
(AudioManager) mContext.getSystemService(Context.AUDIO_SERVICE);
|
||||||
|
|||||||
Reference in New Issue
Block a user