For device owners set pre-O, that restriction will not
be set via setDeviceOwner(). Therefore set it during
first boot after O OTA.
Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Bug: 31952368
Change-Id: I7db9b14c49a75ae2760e6923a1f3f7cde0e2784b
A notification is shown after network logging is enabled
and after the next three reboots that are at least one day apart.
Clicking it sends an intent to quick settings to shown its device monitoring
dialog.
Bug: 29748723
Bug: 33126577
Test: Manual, CTS-Verifier tests will be added later
Change-Id: I2bf517bd27ab23ad3f66270602dbf062efab8cbb
Only the device owner should be able to create a managed
profile if that restriction is set
Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Bug: 31952368
Change-Id: Ia5170e54594ccba1e5bcedffaec98c2af42264c0
Only store the metrics in RAM, computing them at first log in.
Test: com.android.cts.devicepolicy.DeviceAdminHostSideTestApi24
Bug: 32793550
Change-Id: Iaf9516c193f054331e3e2c68cb3f627bd543b408
Reverting because the length of the prop key is out of bounds.
Bug: 33662416
This reverts commit 60d1feed92.
Change-Id: I66a3f7f18e668acbf2ddaf60ab8efa2584799906
Fixes a potential race condition - when enabling/disabling the logging
some events might have been lost.
Bug: 29748723
Change-Id: I8a436d525393b2314805e287eddcea26d4ec073b
Timeout can be set to lower than 1h on debuggable builds (eng, user-debug)
using persist.sys.min_strong_auth_timeout system property.
Bug: 29825955
Change-Id: I51d421c3e10625787ecfdbe011f9128cd47cb2a2
Add the network logging icon in Quick Settings' footer if
network logging is enabled, possible next to the VPN icon.
Quicksettings has to be able to tell that network logging
is enabled, so this CL changes DPM.isNetworkLoggingEnabled() to be
callable from the device owner or from any app with the MANAGE_USERS
permission.
The icon is only a placeholder until the official icon is finished.
CTS Verifier tests will be added when all Network logging UX changes are
done.
BUG: 33126618
BUG: 29748723
Test: runtest --path frameworks/base/packages/SystemUI/tests
Change-Id: Ib35d323605ab11f883a4b6199d1db79b9e53c49b
- Make the CTS hermetic and not adding new restriction after CTS test
- DeviceOwner can't clear this user restriction in CTS, as it's set by ManagedProvisioning
- It can be only clear when testOnly DPC becomes deviceOwner, and being removed by remove-active-admin in shell
Bug:31856203
Test: build successfully
Change-Id: I75b91629ef09c54e9dbe7253df6a52894a938e83
Added hidden pre condition codes for PO and DO provsioning.
Added hidden api checkProvisioningPreCondition, which returns codes
instead of boolean. Managed provisioning can use this to show
useful debug information and user facing error dialogs.
Test: All DevicePolicyManagerTest pass
Bug: 27467633
Change-Id: I7d2a79921bc3ac2e12d506629a35563fc7ff62bf
Introduce a new internal flag MATCH_ANY_USER for genuine uses
of searching through all apps on the device.
Some temporary accommodations for Launchers that reach across
to the work profile until we have a new LauncherApps API to do
that officially.
Bug: 31000380
Test: CTS tests added
Change-Id: I2e43dc49d6c2e11814a8f8d1eb07ef557f31af34
The Profile Owner of a managed profile can set a string that will be
shown in the UI to identify the organization managing the profile.
This CL extends the functionality to the Device Owner of a managed
device.
Bug: 32692748
Test: DevicePolicyManagerTest unit test + CTS test in separate CL
Change-Id: I47295da2fd6485ebf0e890da13990a044accaf17
1. No longer throw SecurityException when we fail to resolve the intent.
Return false instead.
2. Throw IllegalArgumentException early if the incoming intent is not
explicit.
3. Throw SecurityException with different error message. It makes debug
easier and allows tests to verify a particular thing happened.
Bug: 33197200
Test: cts-tradefed run cts --module DevicePolicyManager --test com.android.cts.devicepolicy.DeviceOwnerPlusManagedProfileTest
Change-Id: I723ab7f434c10407aa4e7dc8e9a6e3e9bb9f2059
This CL makes DPM.isDeviceManaged() accessible to the DO so that it
can be CTS-tested.
Bug: 32692748
Test: Device policy manager unit test + CTS & GTS in separate CLs
Change-Id: I5326e86b0ffee81d04bd48f0267044463a899b78
Make setAffiliationIds public so that it can be used for COMP.
That way we can allow network logging and other features to
work on devices that have a DO and a managed profile.
Those features are currently restricted to single user devices but we'll
open them up to devices where all users are affiliated.
Also create a getter for that API.
Bug: 32326223
Test: m FrameworksServicesTests &&
adb install \
-r ${ANDROID_PRODUCT_OUT}/data/app/FrameworksServicesTests/FrameworksServicesTests.apk &&
adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest \
-w com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: Ie443be887a6ca61a7f7a07e137757dceab7eb3d3
Was meant to write test for bindDeviceAdminServiceAsUser, but
it can't be done without having tests for
getBindDeviceAdminTargetUsers first as bindDeviceAdminService depends
on getBindDeviceAdminTargetUsers.
A bit shocked by we didn't have any managed profile tests in
DevicePolicyManagerTest. Added managed profile support in the CL.
Bug: 32764274
Test: runtest -x frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
Change-Id: If412e4f44c3ae998f69e17411f2503a97f80149f
The getLastSecurityLogRetrievalTime(), getLastBugReportRequestTime()
and getLastNetworkLogRetrievalTime() methods are meant to be used by
system code. However, there is no harm in allowing the DO to access the
information they return - because it is information about actions that
the DO itself took.
The advantage of opening up these methods to the DO is that we can
CTS-test them.
Bug: 32692748
Test: DevicePolicyManager unit test + CTS test in separate CL
Change-Id: I1470fca2a82b9955f7aed5e8b50220bea8b56fc9
Add getBindDeviceAdminTargetUsers API. To be used
for the device or profile owner in a COMP setup to
know the UserHandle of their instance running on
the other profile.
Bug: 31952368,33033966
Test: cts-tradefed run cts --module DevicePolicyManager --test com.android.cts.devicepolicy.DeviceOwnerPlusManagedProfileTest
Change-Id: I05c9ac0f6c3cdce1ec17cf2910ca7a7214064af2
This CL adds bookkeeping to DPMS which will allow us to tell the user
in the Settings UI whether/when the admin requested a bug report or
retrieved logs from the device.
Bug: 32692748
Test: Full DevicePolicyManagerTest unit test coverage; end-to-end tests
will follow as Settings CTS verifier tests
Change-Id: I89728fce4b7e0ff061b354c73caf3742e95a3a3e
If DISALLOW_REMOVE_USER is set and there is already a managed profile:
isProvisioningAllowed() should return false
BUG:32629873
Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest -w
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: I093bed0a4a54f83decf11716ebfd50dd4f17c089
