Only the device owner should be able to create a managed
profile if that restriction is set
Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Bug: 31952368
Change-Id: Ia5170e54594ccba1e5bcedffaec98c2af42264c0
Add the network logging icon in Quick Settings' footer if
network logging is enabled, possible next to the VPN icon.
Quicksettings has to be able to tell that network logging
is enabled, so this CL changes DPM.isNetworkLoggingEnabled() to be
callable from the device owner or from any app with the MANAGE_USERS
permission.
The icon is only a placeholder until the official icon is finished.
CTS Verifier tests will be added when all Network logging UX changes are
done.
Cherry-picked from master, and then modified to work in N:
I had to remove the QSFooterTest change because the testing infrastructure
is not there in N. Also, I had to add DPMS.enforceDeviceOwnerOrManageUsers()
to which did not exist in N before.
BUG: 33126618
BUG: 29748723
Test: Manual, CTS-Verifier tests will be added in a follow-up
(cherry picked from commit a4e169ed68ee57aa249e5e79fcd6bff5df46199e)
Change-Id: Ib35d323605ab11f883a4b6199d1db79b9e53c49b
Only store the metrics in RAM, computing them at first log in.
Test: com.android.cts.devicepolicy.DeviceAdminHostSideTestApi24
Bug: 32793550
Change-Id: Iaf9516c193f054331e3e2c68cb3f627bd543b408
Reverting because the length of the prop key is out of bounds.
Bug: 33662416
This reverts commit 60d1feed92bcca9f437a9b323152609d8d5fc714.
Change-Id: I66a3f7f18e668acbf2ddaf60ab8efa2584799906
Fixes a potential race condition - when enabling/disabling the logging
some events might have been lost.
Bug: 29748723
Change-Id: I8a436d525393b2314805e287eddcea26d4ec073b
Fixes a potential race condition - when enabling/disabling the logging
some events might have been lost.
Bug: 29748723
Change-Id: I8a436d525393b2314805e287eddcea26d4ec073b
Timeout can be set to lower than 1h on debuggable builds (eng, user-debug)
using persist.sys.min_strong_auth_timeout system property.
Bug: 29825955
Change-Id: I51d421c3e10625787ecfdbe011f9128cd47cb2a2
Test: this only adds a log message
Bug: 29748723
(cherry picked from commit bcf1c58ec25f275fa25f8aab1c265da868e64e29)
Change-Id: Iad57528c60f35d4820a2f0196cccc92f7c4d3830
We should disable those features before the DO is actually cleared.
Bug: 32901196
Bug: 29748723
(cherry picked from commit c44e67961170ddfb668372dc6e9ce6b391e3740f)
Change-Id: I74679abc26753585f302f3d52bca81fe21e2e668
Added a comment and renamed field to follow mConvention.
Test: will be CTS tested once APIs unhidden
Bug: 29748723
(cherry picked from commit aabe96db87838501d3abeb96c25a4b1c50b9c12c)
Change-Id: I7ef118723d13ce1d313c3c56299c2dca2411eee6
the same batch many times
This allows DO to:
a) know that some logs were dropped (by trying with token and not
getting anything)
b) know how many logs were there in each batch (useful especially
for the dropped ones)
c) retry batch retrieval if it failed
Test: will be CTS tested once APIs unhidden
Bug: 29748723
(cherry picked from commit a9ff206af26871695bfce54969428b8ad03e31e6)
Change-Id: Iac10e61cdf3b100719a9c029ff897bd5ef5c8e2f
This CL follows up on ag/1530343 and adds:
1) Various network events.
2) Retrieval method in DPM and APIs in DeviceAdminReceiver.
3) Extension of NetworkLogger and it's NetworkLoggingHandler.
Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/NetworkEventTest.java
Bug: 29748723
Change-Id: I42a1a477e7c75c109a3982f809c22732b814e8b2
This CL adds:
1) Setter and getter in DPM to manipulate logging switch (retrieval
method to come in a subsequent CL(s)).
2) A way for DPM to register to listen for events.
3) Skeleton of NetworkLogger class (more to come in subsequent CL(s)).
Bug: 29748723
Change-Id: I5c04662ccc6febd2ba294b0eaca1ed1da9c16e47
Add the network logging icon in Quick Settings' footer if
network logging is enabled, possible next to the VPN icon.
Quicksettings has to be able to tell that network logging
is enabled, so this CL changes DPM.isNetworkLoggingEnabled() to be
callable from the device owner or from any app with the MANAGE_USERS
permission.
The icon is only a placeholder until the official icon is finished.
CTS Verifier tests will be added when all Network logging UX changes are
done.
BUG: 33126618
BUG: 29748723
Test: runtest --path frameworks/base/packages/SystemUI/tests
Change-Id: Ib35d323605ab11f883a4b6199d1db79b9e53c49b
- Make the CTS hermetic and not adding new restriction after CTS test
- DeviceOwner can't clear this user restriction in CTS, as it's set by ManagedProvisioning
- It can be only clear when testOnly DPC becomes deviceOwner, and being removed by remove-active-admin in shell
Bug:31856203
Test: build successfully
Change-Id: I75b91629ef09c54e9dbe7253df6a52894a938e83
Added hidden pre condition codes for PO and DO provsioning.
Added hidden api checkProvisioningPreCondition, which returns codes
instead of boolean. Managed provisioning can use this to show
useful debug information and user facing error dialogs.
Test: All DevicePolicyManagerTest pass
Bug: 27467633
Change-Id: I7d2a79921bc3ac2e12d506629a35563fc7ff62bf
Introduce a new internal flag MATCH_ANY_USER for genuine uses
of searching through all apps on the device.
Some temporary accommodations for Launchers that reach across
to the work profile until we have a new LauncherApps API to do
that officially.
Bug: 31000380
Test: CTS tests added
Change-Id: I2e43dc49d6c2e11814a8f8d1eb07ef557f31af34
The Profile Owner of a managed profile can set a string that will be
shown in the UI to identify the organization managing the profile.
This CL extends the functionality to the Device Owner of a managed
device.
Bug: 32692748
Test: DevicePolicyManagerTest unit test + CTS test in separate CL
Change-Id: I47295da2fd6485ebf0e890da13990a044accaf17
1. No longer throw SecurityException when we fail to resolve the intent.
Return false instead.
2. Throw IllegalArgumentException early if the incoming intent is not
explicit.
3. Throw SecurityException with different error message. It makes debug
easier and allows tests to verify a particular thing happened.
Bug: 33197200
Test: cts-tradefed run cts --module DevicePolicyManager --test com.android.cts.devicepolicy.DeviceOwnerPlusManagedProfileTest
Change-Id: I723ab7f434c10407aa4e7dc8e9a6e3e9bb9f2059
This CL makes DPM.isDeviceManaged() accessible to the DO so that it
can be CTS-tested.
Bug: 32692748
Test: Device policy manager unit test + CTS & GTS in separate CLs
Change-Id: I5326e86b0ffee81d04bd48f0267044463a899b78
Make setAffiliationIds public so that it can be used for COMP.
That way we can allow network logging and other features to
work on devices that have a DO and a managed profile.
Those features are currently restricted to single user devices but we'll
open them up to devices where all users are affiliated.
Also create a getter for that API.
Bug: 32326223
Test: m FrameworksServicesTests &&
adb install \
-r ${ANDROID_PRODUCT_OUT}/data/app/FrameworksServicesTests/FrameworksServicesTests.apk &&
adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest \
-w com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: Ie443be887a6ca61a7f7a07e137757dceab7eb3d3
Was meant to write test for bindDeviceAdminServiceAsUser, but
it can't be done without having tests for
getBindDeviceAdminTargetUsers first as bindDeviceAdminService depends
on getBindDeviceAdminTargetUsers.
A bit shocked by we didn't have any managed profile tests in
DevicePolicyManagerTest. Added managed profile support in the CL.
Bug: 32764274
Test: runtest -x frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
Change-Id: If412e4f44c3ae998f69e17411f2503a97f80149f
The getLastSecurityLogRetrievalTime(), getLastBugReportRequestTime()
and getLastNetworkLogRetrievalTime() methods are meant to be used by
system code. However, there is no harm in allowing the DO to access the
information they return - because it is information about actions that
the DO itself took.
The advantage of opening up these methods to the DO is that we can
CTS-test them.
Bug: 32692748
Test: DevicePolicyManager unit test + CTS test in separate CL
Change-Id: I1470fca2a82b9955f7aed5e8b50220bea8b56fc9
Add getBindDeviceAdminTargetUsers API. To be used
for the device or profile owner in a COMP setup to
know the UserHandle of their instance running on
the other profile.
Bug: 31952368,33033966
Test: cts-tradefed run cts --module DevicePolicyManager --test com.android.cts.devicepolicy.DeviceOwnerPlusManagedProfileTest
Change-Id: I05c9ac0f6c3cdce1ec17cf2910ca7a7214064af2
This CL adds bookkeeping to DPMS which will allow us to tell the user
in the Settings UI whether/when the admin requested a bug report or
retrieved logs from the device.
Bug: 32692748
Test: Full DevicePolicyManagerTest unit test coverage; end-to-end tests
will follow as Settings CTS verifier tests
Change-Id: I89728fce4b7e0ff061b354c73caf3742e95a3a3e
