drgreen/android_frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Persist bypassDevicePolicyMmanagementRoleQualification in global setting

Browse Source 
Bug: 226386138
Test: manual
Change-Id: I7db40e4e0bcde98d190e6d6e9e841355da506aed
This commit is contained in:
kholoud mohamed 2022-03-24 17:58:24 +00:00 committed by Kholoud Mohamed
parent d5d9b3869e
commit cfe99b7774
3 changed files with 29 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
core/java/android/provider/Settings.java
View File

@ -11481,6 +11481,15 @@ public final class Settings {
@Readable
public static final String DEVICE_PROVISIONED = "device_provisioned";
/**
* Whether bypassing the device policy management role holder qualifcation is allowed,
* (0 = false, 1 = true).
*
* @hide
*/
public static final String BYPASS_DEVICE_POLICY_MANAGEMENT_ROLE_QUALIFICATIONS =
"bypass_device_policy_management_role_qualifications";
/**
* Indicates whether mobile data should be allowed while the device is being provisioned.
* This allows the provisioning process to turn off mobile data before the user

1
packages/SettingsProvider/test/src/android/provider/SettingsBackupTest.java
View File

@ -236,6 +236,7 @@ public class SettingsBackupTest {
Settings.Global.DEVICE_NAME,
Settings.Global.DEVICE_POLICY_CONSTANTS,
Settings.Global.DEVICE_PROVISIONED,
Settings.Global.BYPASS_DEVICE_POLICY_MANAGEMENT_ROLE_QUALIFICATIONS,
Settings.Global.DEVICE_PROVISIONING_MOBILE_DATA_ENABLED,
Settings.Global.DISK_FREE_CHANGE_REPORTING_THRESHOLD,
Settings.Global.DISPLAY_PANEL_LPM,

24
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
View File

@ -138,6 +138,7 @@ import static android.net.ConnectivityManager.PROFILE_NETWORK_PREFERENCE_DEFAULT
import static android.net.ConnectivityManager.PROFILE_NETWORK_PREFERENCE_ENTERPRISE;
import static android.net.ConnectivityManager.PROFILE_NETWORK_PREFERENCE_ENTERPRISE_NO_FALLBACK;
import static android.net.NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK;
import static android.provider.Settings.Global.BYPASS_DEVICE_POLICY_MANAGEMENT_ROLE_QUALIFICATIONS;
import static android.provider.Settings.Global.PRIVATE_DNS_SPECIFIER;
import static android.provider.Settings.Secure.MANAGED_PROVISIONING_DPC_DOWNLOADED;
import static android.provider.Settings.Secure.USER_SETUP_COMPLETE;
@ -18824,15 +18825,28 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
Preconditions.checkCallAuthorization(hasCallingOrSelfPermission(
android.Manifest.permission.MANAGE_ROLE_HOLDERS));
return mInjector.binderWithCleanCallingIdentity(() -> {
if (mUserManager.getUserCount() > 1) {
return false;
if (mInjector.settingsGlobalGetInt(
BYPASS_DEVICE_POLICY_MANAGEMENT_ROLE_QUALIFICATIONS, /* def= */ 0) == 1) {
return true;
}
AccountManager am = AccountManager.get(mContext);
Account[] accounts = am.getAccounts();
return accounts.length == 0;
if (shouldAllowBypassingDevicePolicyManagementRoleQualificationInternal()) {
mInjector.settingsGlobalPutInt(
BYPASS_DEVICE_POLICY_MANAGEMENT_ROLE_QUALIFICATIONS, /* value= */ 1);
return true;
}
return false;
});
}
private boolean shouldAllowBypassingDevicePolicyManagementRoleQualificationInternal() {
if (mUserManager.getUserCount() > 1) {
return false;
}
AccountManager am = AccountManager.get(mContext);
Account[] accounts = am.getAccounts();
return accounts.length == 0;
}
@Override
public List<UserHandle> getPolicyManagedProfiles(@NonNull UserHandle user) {
Preconditions.checkCallAuthorization(hasCallingOrSelfPermission(