System server is no longer allowed to grant uri permission directly. As a result
we use grantUriPermissionFromIntent() to grant permission from the shell UID,
who is the owner of the bug report content.
Also fix a security bug where the broadcast to notify user consent of remote
bug report mismatches the <protected-broadcast> definition, causing it to be
sendable by anyone.
Bug: 34159108
Test: manual - Install TestDPC and request bugreport, try accept and decline
once the report is ready (Bullhead).
Merged-In: I66e3f2a16d4547549f09d3c96d52aed2330caedf
Change-Id: I66e3f2a16d4547549f09d3c96d52aed2330caedf
Note DPM.wipeData() on a secondary user is now blocking, just like
it's been always blocking on the primary user.
Test: Manually tested wipeData() with ApiDemos, both on 1) the primary user,
2) a secondary user and 3) work profile.
Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest -w com.android.frameworks.servicestests
Bug 30681079
Change-Id: Ia832bed0f22396998d6307ab46e262dae9463838
Merged-in: Ia832bed0f22396998d6307ab46e262dae9463838
(cherry picked from commit efdec8f5688ce6b0a287eddb6d5dad93ffa0e1ee)
Note DPM.wipeData() on a secondary user is now blocking, just like
it's been always blocking on the primary user.
Test: Manually tested wipeData() with ApiDemos, both on 1) the primary user,
2) a secondary user and 3) work profile.
Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest -w com.android.frameworks.servicestests
Bug 30681079
Change-Id: Ia832bed0f22396998d6307ab46e262dae9463838
Merged-in: Ib97a92a6af87a5589d2643b9ae0522395735e1a5
Handler#sendMessageDelayed() to a wakeful alarm
Messages sent with Handler#sendMessageDelayed() didn't get delivered
until the device woke up after being idle, which resulted in
potentially very long windows of logs accumulation and highly possible
network log loss from before the device becaming idle.
Bug: 34157435
Test: manual with decreased timeout over a few timeout iterations
Change-Id: I22d9cc743acb1a478d2da5407c5718e7f95e89cb
Saving device policy managers settings to clear out
password stats was happening before initializing mAdminList
so could wipe active admins.
Test: manual - flash with N2G05C add google account with dmagent flash wth this fix, check dmagent is still an active admin, reboot check admin is still active.
Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Bug: 34277435
Change-Id: I13660b47f30e9aba001eb13f2e457c3b3f36da3e
(cherry picked from commit adbda7474cc1968b66e9948aee566dc346e71340)
Saving device policy managers settings to clear out
password stats was happening before initializing mAdminList
so could wipe active admins.
Test: manual - flash with N2G05C add google account with dmagent flash wth this fix, check dmagent is still an active admin, reboot check admin is still active.
Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Bug: 34277435
Change-Id: I13660b47f30e9aba001eb13f2e457c3b3f36da3e
The full batch will still be available to DPC if there were no
network logs pending.
Added some more debug logging to better investigate the issues.
Test: manual for both cases - pending batch was empty and non-empty,
with locally decreased timeout
Test: cts-tradefed run cts --module DevicePolicyManager --test com.android.cts.devicepolicy.DeviceOwnerTest#testNetworkLoggingWithSingleUser
Bug: 34245471
Bug: 29748723
Change-Id: Iee229d74d4b0a06025b305a15687f336a0aa337e
On FBE devices, don't save the metrics to disk but compute them when the
password is first entered and only store them in RAM.
Merged-in: 5daf273b7e3272269c53eda20ce494d0e7a365b5
Bug: 32793550
Change-Id: Icee7f615167761177b224b342970a36c7d90f6ba
Set ticker text to title for accessibility.
Bug:31207965
Test: manual
Change-Id: I0b78f9e6464dd470b74e0db97813623b335835d9
(cherry picked from commit d4a54bbfd1902dccb0e4de03f15bfbbba50b9531)
Bug:34116213
Bug:29748723
Test: CTSVerifier in a separate CL.
Change-Id: Ie652505ff57665f626712c67837577833f1595d6
(cherry picked from commit 82ed31c1efeb98acba60d79d1fc0a291b1440dc2)
A notification is shown after network logging is enabled
and after the next three reboots that are at least one day apart.
Clicking it sends an intent to quick settings to shown its device monitoring
dialog.
Cherry-picked from master.
Bug: 29748723
Bug: 33126577
(cherry-picked from commit a0cb251ca6a8ea8df17ff8089573bc50f2f1849f)
Test: Manual, CTS-Verifier tests will be added later
Change-Id: I2bf517bd27ab23ad3f66270602dbf062efab8cbb
Add the network logging icon in Quick Settings' footer if
network logging is enabled, possible next to the VPN icon.
Quicksettings has to be able to tell that network logging
is enabled, so this CL changes DPM.isNetworkLoggingEnabled() to be
callable from the device owner or from any app with the MANAGE_USERS
permission.
The icon is only a placeholder until the official icon is finished.
CTS Verifier tests will be added when all Network logging UX changes are
done.
Cherry-picked from master, and then modified to work in N:
I had to remove the QSFooterTest change because the testing infrastructure
is not there in N. Also, I had to add DPMS.enforceDeviceOwnerOrManageUsers()
to which did not exist in N before.
BUG: 33126618
BUG: 29748723
Test: Manual, CTS-Verifier tests will be added in a follow-up
(cherry picked from commit a4e169ed68ee57aa249e5e79fcd6bff5df46199e)
Change-Id: Ib35d323605ab11f883a4b6199d1db79b9e53c49b
Fixes a potential race condition - when enabling/disabling the logging
some events might have been lost.
Bug: 29748723
Change-Id: I8a436d525393b2314805e287eddcea26d4ec073b
Test: this only adds a log message
Bug: 29748723
(cherry picked from commit bcf1c58ec25f275fa25f8aab1c265da868e64e29)
Change-Id: Iad57528c60f35d4820a2f0196cccc92f7c4d3830
We should disable those features before the DO is actually cleared.
Bug: 32901196
Bug: 29748723
(cherry picked from commit c44e67961170ddfb668372dc6e9ce6b391e3740f)
Change-Id: I74679abc26753585f302f3d52bca81fe21e2e668
Added a comment and renamed field to follow mConvention.
Test: will be CTS tested once APIs unhidden
Bug: 29748723
(cherry picked from commit aabe96db87838501d3abeb96c25a4b1c50b9c12c)
Change-Id: I7ef118723d13ce1d313c3c56299c2dca2411eee6
the same batch many times
This allows DO to:
a) know that some logs were dropped (by trying with token and not
getting anything)
b) know how many logs were there in each batch (useful especially
for the dropped ones)
c) retry batch retrieval if it failed
Test: will be CTS tested once APIs unhidden
Bug: 29748723
(cherry picked from commit a9ff206af26871695bfce54969428b8ad03e31e6)
Change-Id: Iac10e61cdf3b100719a9c029ff897bd5ef5c8e2f
This CL follows up on ag/1530343 and adds:
1) Various network events.
2) Retrieval method in DPM and APIs in DeviceAdminReceiver.
3) Extension of NetworkLogger and it's NetworkLoggingHandler.
Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/NetworkEventTest.java
Bug: 29748723
Change-Id: I42a1a477e7c75c109a3982f809c22732b814e8b2
This CL adds:
1) Setter and getter in DPM to manipulate logging switch (retrieval
method to come in a subsequent CL(s)).
2) A way for DPM to register to listen for events.
3) Skeleton of NetworkLogger class (more to come in subsequent CL(s)).
Bug: 29748723
Change-Id: I5c04662ccc6febd2ba294b0eaca1ed1da9c16e47
In this case, don't require the device to have gone through the
Setup Wizard before disqualifying DO/PO if there's an incompatible
account on the device.
BUG: 32438704,32438210
Change-Id: I6858db13c8df6e95d01d18a903f4343f70370e8b
