The admin can instead use the value of 0 to reset to default.
Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
Bug: 31430135
Change-Id: I0d6b29ca4eca65d7ca72a8975a0c28c9050a946c
(cherry picked from commit 943aabd11cce3ab453762d3912395363720e1f5d)
We were disabling backup in consumer mode as well.
BUG=31754835
TEST=android.content.pm.cts.shortcuthost.ShortcutManagerBackupTest
Change-Id: I42e5cfa512fda1b471eb62c7eb8bc346383da2fa
Allows PO and DO configure strong auth timeout for fingerprint.
Bug: 31430135
Change-Id: Ie6451d49aa95527adc3720d9a2a0848f58940510
(cherry picked from commit 8f010dd25d18151cc47accc7d853b4f8f7fe8491)
- Non-test-only DO/PO still can't be installed when there are
accounts.
- Test-only DO/PO can be installed even when there are accounts,
as long as all the accounts have the
"android.account.DEVICE_OR_PROFILE_OWNER_ALLOWED" feature.
Some authenticators claim to have any features, so to detect it,
we also check android.account.DEVICE_OR_PROFILE_OWNER_DISALLOWED
and disallow installing if any of the accounts have it.
- Also add logs on certain important events in DPMS.
Bug 28928996
Change-Id: I62efce10e9cc22e994ea8cae91a4fafcce25dd77
Bypassing work challenge in freeform mode was trivial by just keeping
work apps open in freeform mode and then switching focus to them from
another app.
Because the only interception point is startActivity this never
triggered work challenge.
The solution is to trigger the check on focus change events and also to
allow passing the result back into the freeform stack instead of dumping
our user out into the homescreen.
Change-Id: I141ecf90b5f0e708a21d27141b6fec6074e5d475
Fix: 30693465
If someone calls removeActiveAdminLocked more than once, it is possible
for the device policy data to end up with more than one copy of an admin
in the list mRemovingAdmins. Due to extra entries, once the admin
component is removed, it is not being allowed to be set as an admin again,
until the device reboots or mRemovingAdmins is cleared from the memory
due to some other reason. Fixing this by making sure we do not add
duplicate entries to mRemovingAdmins
Bug: 30369197
Change-Id: I1d53c41312171425bbd6e6e4153148276f1b098d
The minimum password length is only required for certain password
qualities so only check the minimum length in those cases.
Bug: 30109030
Change-Id: I330c88fc0b22179e126fc1241a9c58d5e0d73e8e
Currently for OobConfig app we used DEVICE_PROVISIONED Global setting to
verify if device was provisioned. This setting can be modified using
adb. we just need to know if it was set atleast once. Added an api in
DPM to return whether system property "ro.device_owner" was set.
Bug: 29935702
Change-Id: I9a2b5217c0bc2cc11d68282e05a5450ea3f6cf21
If any /data/system_[c|d]e folders were not erased
when the user was removed (maybe due to a reboot),
make sure they're cleaned up on restart as well
as when the userId is recycled later.
Mark the users' system folders with the correct
serial number for later verification.
AccountManager shouldn't be querying accounts of
partially created/destroyed users.
Change-Id: I4313756b7464f34cd5ce4fb296d61daa50b41fcb
Fixes: 29285673
This method is called by AM with the lock held, so can't take the
DPMS lock.
It still takes a different lock, but we don't call into the external
world while holding this lock, so this is fine.
Bug 29242568
Change-Id: Idbecdd7d97385ca66c693903443471fdbae833e6
cause: Work mode is turned on before entering USER_STOPPED state.
Thus, BOOT_COMPLETED broadcast is not sent, but the notification has been dismissed.
use USER_STARTED + USER_UNLOCKED because both are foreground.
Bug: 28864104
Change-Id: I4796b61586e194d8367b9e52a9c56f858cbcbe7d
KeyChain isn't direct boot aware & attempting to bind to a service
inside a dying user isn't going to end well.
Change-Id: I5a0acc34f98c39705ec404765c87e7ac61ca9b71
Fix: 28725354
