Do not allow DPM.resetPassword() when child profile exists or user is locked am: 977ade26dd

am: 2281b83051 * commit '2281b83051f8f2d14dfc0a366ed54b1716370412': Do not allow DPM.resetPassword() when child profile exists or user is locked Change-Id: Ia43caa8b23eced60a8ef187ed100b106aedb74a3
2016-05-25 13:23:24 +00:00
parent 316abe21bd 2281b83051
commit cdb948c81c
2 changed files with 29 additions and 4 deletions
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -2191,7 +2191,8 @@ public class DevicePolicyManager {
     * <em>Note: This API has been limited as of {@link android.os.Build.VERSION_CODES#N} for
     * device admins that are not device owner and not profile owner.
     * The password can now only be changed if there is currently no password set.  Device owner
-     * and profile owner can still do this.</em>
+     * and profile owner can still do this when user is unlocked and does not have a managed
+     * profile.</em>
     * <p>
     * The given password must be sufficient for the current password quality and length constraints
     * as returned by {@link #getPasswordQuality(ComponentName)} and
@@ -2217,6 +2218,7 @@ public class DevicePolicyManager {
     *         current constraints or if the user has not been decrypted yet.
     * @throws SecurityException if the calling application does not own an active administrator
     *             that uses {@link DeviceAdminInfo#USES_POLICY_RESET_PASSWORD}
+     * @throws IllegalStateException if the calling user is locked or has a managed profile.
     */
    public boolean resetPassword(String password, int flags) {
        throwIfParentInstance("resetPassword");