Should check isDeviceSecure in shouldConfirmCredentials am: ae13e18c55
am: db9d529499
* commit 'db9d529499cc635c5ce3d0a4d5b44f2211afaef6':
Update RestrictedLockUtils to use UM.getUserRestrictionSource.
Change-Id: I12805ef5c1a7039ccad07e31f84231cc703dd470
This commit is contained in:
Tony Mak
@@ -5061,26 +5061,6 @@ public class DevicePolicyManager {
|
|||||||
return ret == null ? new Bundle() : ret;
|
return ret == null ? new Bundle() : ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Called by the system to get the user restrictions for a user.
|
|
||||||
*
|
|
||||||
* @param admin Which {@link DeviceAdminReceiver} this request is associated with.
|
|
||||||
* @param userHandle user id the admin is running as.
|
|
||||||
*
|
|
||||||
* @hide
|
|
||||||
*/
|
|
||||||
public Bundle getUserRestrictionsForUser(@NonNull ComponentName admin, int userHandle) {
|
|
||||||
Bundle ret = null;
|
|
||||||
if (mService != null) {
|
|
||||||
try {
|
|
||||||
ret = mService.getUserRestrictionsForUser(admin, userHandle);
|
|
||||||
} catch (RemoteException e) {
|
|
||||||
throw e.rethrowFromSystemServer();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return ret == null ? new Bundle() : ret;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Called by profile or device owners to hide or unhide packages. When a package is hidden it is
|
* Called by profile or device owners to hide or unhide packages. When a package is hidden it is
|
||||||
* unavailable for use, but the data and actual package file remain.
|
* unavailable for use, but the data and actual package file remain.
|
||||||
|
|||||||
@@ -174,7 +174,6 @@ interface IDevicePolicyManager {
|
|||||||
|
|
||||||
void setUserRestriction(in ComponentName who, in String key, boolean enable);
|
void setUserRestriction(in ComponentName who, in String key, boolean enable);
|
||||||
Bundle getUserRestrictions(in ComponentName who);
|
Bundle getUserRestrictions(in ComponentName who);
|
||||||
Bundle getUserRestrictionsForUser(in ComponentName who, int userId);
|
|
||||||
void addCrossProfileIntentFilter(in ComponentName admin, in IntentFilter filter, int flags);
|
void addCrossProfileIntentFilter(in ComponentName admin, in IntentFilter filter, int flags);
|
||||||
void clearCrossProfileIntentFilters(in ComponentName admin);
|
void clearCrossProfileIntentFilters(in ComponentName admin);
|
||||||
|
|
||||||
|
|||||||
@@ -24,7 +24,6 @@ import android.content.Intent;
|
|||||||
import android.content.pm.IPackageManager;
|
import android.content.pm.IPackageManager;
|
||||||
import android.content.pm.UserInfo;
|
import android.content.pm.UserInfo;
|
||||||
import android.graphics.drawable.Drawable;
|
import android.graphics.drawable.Drawable;
|
||||||
import android.os.Bundle;
|
|
||||||
import android.os.RemoteException;
|
import android.os.RemoteException;
|
||||||
import android.os.UserHandle;
|
import android.os.UserHandle;
|
||||||
import android.os.UserManager;
|
import android.os.UserManager;
|
||||||
@@ -74,45 +73,31 @@ public class RestrictedLockUtils {
|
|||||||
if (dpm == null) {
|
if (dpm == null) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
ComponentName deviceOwner = dpm.getDeviceOwnerComponentOnAnyUser();
|
UserManager um = UserManager.get(context);
|
||||||
int deviceOwnerUserId = dpm.getDeviceOwnerUserId();
|
int restrictionSource = um.getUserRestrictionSource(userRestriction,
|
||||||
boolean enforcedByDeviceOwner = false;
|
UserHandle.of(userId));
|
||||||
if (deviceOwner != null && deviceOwnerUserId != UserHandle.USER_NULL) {
|
|
||||||
Bundle enforcedRestrictions =
|
|
||||||
dpm.getUserRestrictionsForUser(deviceOwner, deviceOwnerUserId);
|
|
||||||
if (enforcedRestrictions != null
|
|
||||||
&& enforcedRestrictions.getBoolean(userRestriction, false)) {
|
|
||||||
enforcedByDeviceOwner = true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
ComponentName profileOwner = null;
|
// If the restriction is not enforced or enforced only by system then return null
|
||||||
boolean enforcedByProfileOwner = false;
|
if (restrictionSource == UserManager.RESTRICTION_NOT_SET
|
||||||
if (userId != UserHandle.USER_NULL) {
|
|| restrictionSource == UserManager.RESTRICTION_SOURCE_SYSTEM) {
|
||||||
profileOwner = dpm.getProfileOwnerAsUser(userId);
|
|
||||||
if (profileOwner != null) {
|
|
||||||
Bundle enforcedRestrictions =
|
|
||||||
dpm.getUserRestrictionsForUser(profileOwner, userId);
|
|
||||||
if (enforcedRestrictions != null
|
|
||||||
&& enforcedRestrictions.getBoolean(userRestriction, false)) {
|
|
||||||
enforcedByProfileOwner = true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!enforcedByDeviceOwner && !enforcedByProfileOwner) {
|
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
EnforcedAdmin admin = null;
|
final boolean enforcedByProfileOwner =
|
||||||
if (enforcedByDeviceOwner && enforcedByProfileOwner) {
|
(restrictionSource & UserManager.RESTRICTION_SOURCE_PROFILE_OWNER) != 0;
|
||||||
admin = new EnforcedAdmin();
|
final boolean enforcedByDeviceOwner =
|
||||||
|
(restrictionSource & UserManager.RESTRICTION_SOURCE_DEVICE_OWNER) != 0;
|
||||||
|
if (enforcedByProfileOwner) {
|
||||||
|
return getProfileOwner(context, userId);
|
||||||
} else if (enforcedByDeviceOwner) {
|
} else if (enforcedByDeviceOwner) {
|
||||||
admin = new EnforcedAdmin(deviceOwner, deviceOwnerUserId);
|
// When the restriction is enforced by device owner, return the device owner admin only
|
||||||
} else {
|
// if the admin is for the {@param userId} otherwise return a default EnforcedAdmin.
|
||||||
admin = new EnforcedAdmin(profileOwner, userId);
|
final EnforcedAdmin deviceOwner = getDeviceOwner(context);
|
||||||
|
return deviceOwner.userId == userId
|
||||||
|
? deviceOwner
|
||||||
|
: EnforcedAdmin.MULTIPLE_ENFORCED_ADMIN;
|
||||||
}
|
}
|
||||||
return admin;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
public static boolean hasBaseUserRestriction(Context context,
|
public static boolean hasBaseUserRestriction(Context context,
|
||||||
@@ -479,6 +464,9 @@ public class RestrictedLockUtils {
|
|||||||
public static EnforcedAdmin checkIfMaximumTimeToLockIsSet(Context context) {
|
public static EnforcedAdmin checkIfMaximumTimeToLockIsSet(Context context) {
|
||||||
final DevicePolicyManager dpm = (DevicePolicyManager) context.getSystemService(
|
final DevicePolicyManager dpm = (DevicePolicyManager) context.getSystemService(
|
||||||
Context.DEVICE_POLICY_SERVICE);
|
Context.DEVICE_POLICY_SERVICE);
|
||||||
|
if (dpm == null) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
LockPatternUtils lockPatternUtils = new LockPatternUtils(context);
|
LockPatternUtils lockPatternUtils = new LockPatternUtils(context);
|
||||||
EnforcedAdmin enforcedAdmin = null;
|
EnforcedAdmin enforcedAdmin = null;
|
||||||
final int userId = UserHandle.myUserId();
|
final int userId = UserHandle.myUserId();
|
||||||
|
|||||||
@@ -7314,23 +7314,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
|
||||||
public Bundle getUserRestrictionsForUser(ComponentName who, int userHandle) {
|
|
||||||
if (!mHasFeature) {
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
Preconditions.checkNotNull(who, "ComponentName is null");
|
|
||||||
enforceFullCrossUsersPermission(userHandle);
|
|
||||||
enforceCanManageProfileAndDeviceOwners();
|
|
||||||
synchronized (this) {
|
|
||||||
ActiveAdmin activeAdmin = getActiveAdminUncheckedLocked(who, userHandle);
|
|
||||||
if (activeAdmin == null) {
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
return activeAdmin.userRestrictions;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean setApplicationHidden(ComponentName who, String packageName,
|
public boolean setApplicationHidden(ComponentName who, String packageName,
|
||||||
boolean hidden) {
|
boolean hidden) {
|
||||||
|
|||||||
Reference in New Issue
Block a user