Right now, the value of VERSION_CODES.N is 10000, but I'm writing
a caller app with target SDK level 24 for CTS, and the previous
logic didn't work for it.
Bug 25506830
Change-Id: I73613f30b437fb19406736f897d01d59b1f84c9d
even if they asked.
Also clear(Device|Profile)Owner should remove them as the active admin
too.
Also add some more unit tests.
Bug 26858840
Change-Id: I7b3ed92e1b4cbe803381ed6e3f64d8de17b2ebb0
Add Device Owner APIs for controlling and retrieving the logs. Retrieving the
logs should be rate limited unless we are at the risk of losing logs due to
constrained buffer space.
Bug: 22860162
Change-Id: I80658f5a14e86d7cfd42402fbc5e98dc11698c0e
We allow the profile owner of a managed profile to set the name of the
managed organization.
This name is used as the default header message shown in the confirm
credentials screen a.k.a. work challenge.
Bug: 26638631
Change-Id: I03c5acc9fffe06cdb9d0d60dd1580b20e21783b1
Prevent exception when calling setPasswordExpirationTimeout on the parent
DPM instance. Callen setExpirationAlarmCheckLocked with the parent userHandle
was breaking because getPasswordExpirationLocked was trying to call getProfiles
on a different user.
Bug: 26847085
Change-Id: I9d584573245aba65af7ecf236f2021b47afb5d7e
Remove @hide, and add parameter for specifying profile owner. The PO
has to live in the same package as the device owner.
Bug: 25288732
Bug: 25860170
Change-Id: I40e8984a71ee9d1ff74e57d4e79e298deef9bc35
Add explicit modelling of provisioning state so that integration
of management provisioning flows with packages such as setup-wizard
are cleaner, and can be more direct. Previously we relied upon
USER_SETUP_COMPLETE secure setting and HOME intents to signal intent,
but this is not very clear and can be fragile.
Bug: 25858670
Change-Id: Idc56a040f710c3aee281db420f21717da3960722
This is a reduced version of the (deprecated) function
createAndInitializeUser, that allows the device owner to create a
new user and pass a bundle with information for initialization. The
new version of the function has the same functionality, but the
profile owner of the new user is always the device owner.
A flag can be specified to skip the setup wizard for the new user.
The new user is not started in the background, as opposed to how
createAndInitializeUser did it. Instead, the bundle with
initialization information is stored and will be broadcast when the
user is started for the first time.
Bug: 25288732, 25860170
Change-Id: I4e1aea6d2b7821b412c131e88454dff5934192aa
A user/profile is considered affiliated if it is managed by the same
entity as the device. This is determined by having the device owner and
profile owners specify a set of opaque affiliation ids each. If the sets
intersect, they must have come from the same source, which means that the
device owner and profile owner are controlled by the same entity.
BUG=25599229
Change-Id: I393fe0de70272307ed3c811aaba4b48a5109c562
Adding a policy for profile owners to set the background color of the
confirm credential screen for the managed profile.
Bug: 26638631
Change-Id: Iea36b94c5a42b6ae12cc36921ec5f840306e81a1
The calls to LockPatternUtils#isSeparateProfileChallengeEnabled
require MANAGE_USERS permission, wrapped them in a clear identity
Bug: 26565169
Change-Id: I4a18cec3ae7beb13320350d4c3fdc63e4a7d741d
Change the current static condition to a per-user condition so we
can check and enable/disable the work challenge properly. Also add
an isAllowed API, as the Work Challenge can only be used when the
user's DPC targets N or above to maintain backwards compatibility.
Change-Id: I0cb8b475838816801868ffb24726407aa257b4de
