Admins without limit-password policy or passwordQuality below
PASSWORD_QUALITY_COMPLEX, should be excluded from the list when
calculating effective limits.
Bug: 19603660
Change-Id: I7b7d8498c8a072a4c050be48709ce34bddba39a5
Silently fail when a managed profile app tries to change the
wallpaper and return default values for getters in that case.
This is implemented through a new AppOp that is controlled by
a new user restriction that will be set during provisioning.
Bug: 18725052
Change-Id: I1601852617e738be86560f054daf3435dd9f5a9f
The owner user id was used to identify in which user an app had set
a cross-profile intent filter. But it's not really necessary.
BUG:19505190
Change-Id: Iacc49d31c95e34efee1895e5fbe7224277dbc493
A device initializer is an application that is allowed to run
during user provisioning on device owner devices. During
device provisioning (or, user provisioning of the first user
of the device), a device initializer is granted device owner
permissions. During secondary user provisioning, a device
initializer is granted profile owner permissions. Once
provisioning is complete for a user, all elevated permissions
are removed from the device initializer and the device admin
component of the app is disabled.
Bug: 19230954
Change-Id: Ib6725fb3b09bb21e4198a5dc0b445ccebb40b27e
If the device owner tries to change BLUETOOTH_ON or WIFI_ON via
DevicePolicyManager.setGlobalSetting, fail silently.
There was not much point for the device owner to do it since it can
also change bluetooth/wifi state via normal bluetooth and wifi apis.
BUG:19311992
Change-Id: Ifba163800aa413865b8a2877cb21aacfa5cfc6c8
Some devices come from carriers with a preinstalled account. This
means that we couldn't set a device owner via "adb shell dpm"
commands, while the regular device owner flow worked (as the
latter just checked whether the device was provisioned).
Bug: 18354022
Change-Id: I9a677de9d34d073e218b9179ec4b0f5b4b82adc9
This is the default state on some devices which ship with encrypted key
storage set up already but no initial password.
Bug: 18048558
Change-Id: I055527fde21298bae2dbdca8c3a145f19b045aad
If a device admin for a user disables the device cameras,
only apply that policy to that user and not globally.
Corresponding change in CameraService looks into the
per-user system property.
This also fixes the bug that managed profile owner is
able to disable camera for the personal profile.
Bug: 19345698
Change-Id: Ibd5e438544a0409f26087ced247d50c706fcf843
In EnableSystemAppWithIntent: if a non-system app matches the intent:
ignore it instead of throwing an exception.
Change-Id: I64dc9a0bbc1a6bc5e2159a33b7273464ed2518c5
In enableSystemApp: if the app is absent, throw a IllegalArgumentException
instead of failing with a NullPointerException.
BUG:19321306
Change-Id: I4ec09a0a77d29ca04e8d52f5546c1e4d0f8641e5
Support for certificate chooser (keychain) to first query a profile
owner (if one exists) for a silent credentials grant which will be
passed back to the caller as an alias.
Bug: 15065444
Change-Id: I0729b435c218b7991e6cb5faedefb7900577afcc
User handle is now extracted from UID of the calling process.
Previously setXXX methods may not work properly, if userHandle parameter
was different from a user of the calling process. In practice, this wouldn't
have happened because setters were always called with a userHandle of the
caller process.
Bug:17202572
Change-Id: I1c08c54c975a04b8c54719a1e280ad3cfaff2e67
This deprecates the setStreamMute and setStreamSolo APIs. Soloing is no
longer supported and muting is redirected through the adjust volume APIs.
Also updates the hidden master versions of these APIs.
Change-Id: I65d2a5d5fc15b386bd497abf8ca6869fec75a26a
If createUser returns null, we run into a NullPointerException
in createAndInitializeUser. This can happen when the policy
DISALLOW_ADD_USER is set.
Bug: 19121141
Change-Id: Id4bda832a243fa42c31eb5a176ecaa248aee68f5
When the restriction 'DISALLOW_SHARE_LOCATION' is applied or removed on a user
it is important to send out notifications to content observers of
LOCATION_PROVIDERS_ALLOWED.
Bug: 18995405
Change-Id: I8b3910a423a012ea9d15470eec101723c9f0eaf7
Currently we risk getting a SecurityException in a number of places,
where getUserData is called for a different user than the calling user.
To avoid this, the caller is cleared in a helper function.
Bug: 18662452
Change-Id: Ibc131c602e52d9f013fe739a9c18e693181ded67
Ext4 doesn't guarantee that write file.new / close file.new
rename file.new to file will mean data in file.new makes it
to file atomically. The rename may happen with previous contents
of file.new and then later update to new contents
See docs for noauto_da_alloc
So rebooting the device during JournaledFile.commit may
mean we are left with an empty file.
Bug: 18590558
Change-Id: I35322c82871bed30c2c6ebbd1388338f0471f3ba
The version of the warning with a named installer should be shown in
the case of a managed profile, not only a managed device.
Bug: 18224038
Change-Id: I27865f77e963b9b15416f2e4a4ffc38fed8f5532
This reverts commit e1d8dcd9e170c1ed8a13b6e1256ea1fb22c26c49.
Something funny happened in the process of submitting this,
swathes of strings.xml became mis-encoded.
Bug: 18224038
Change-Id: I0276ff3f880fe749546e8cc7e3e2f41c22c27705
