If createUser returns null, we run into a NullPointerException
in createAndInitializeUser. This can happen when the policy
DISALLOW_ADD_USER is set.
Bug: 19121141
Change-Id: Id4bda832a243fa42c31eb5a176ecaa248aee68f5
When the restriction 'DISALLOW_SHARE_LOCATION' is applied or removed on a user
it is important to send out notifications to content observers of
LOCATION_PROVIDERS_ALLOWED.
Bug: 18995405
Change-Id: I8b3910a423a012ea9d15470eec101723c9f0eaf7
Currently we risk getting a SecurityException in a number of places,
where getUserData is called for a different user than the calling user.
To avoid this, the caller is cleared in a helper function.
Bug: 18662452
Change-Id: Ibc131c602e52d9f013fe739a9c18e693181ded67
Ext4 doesn't guarantee that write file.new / close file.new
rename file.new to file will mean data in file.new makes it
to file atomically. The rename may happen with previous contents
of file.new and then later update to new contents
See docs for noauto_da_alloc
So rebooting the device during JournaledFile.commit may
mean we are left with an empty file.
Bug: 18590558
Change-Id: I35322c82871bed30c2c6ebbd1388338f0471f3ba
The version of the warning with a named installer should be shown in
the case of a managed profile, not only a managed device.
Bug: 18224038
Change-Id: I27865f77e963b9b15416f2e4a4ffc38fed8f5532
This reverts commit e1d8dcd9e170c1ed8a13b6e1256ea1fb22c26c49.
Something funny happened in the process of submitting this,
swathes of strings.xml became mis-encoded.
Bug: 18224038
Change-Id: I0276ff3f880fe749546e8cc7e3e2f41c22c27705
The version of the warning with a named installer should be shown in
the case of a managed profile, not only a managed device.
Bug: 18224038
Change-Id: I58bddb162799481d5e8feb169b0c0bff17cbeeb7
Added isRemovingAdmin method, so that clients can query if device
admin is currently being removed.
Bug: 17609838
Change-Id: I82547a9eeb228fcf8ac2a6e639ca1a75fa41d161
This is a safeguard to only check for changing packages when
re-validating active admins.
1. If package is being removed, only check if it's not being
replaced.
2. If package is changing, only check the changing package that
matches one of the active admins.
3. If package is being added and is a replacement (update), then
check if it affects any matching active admins and verify the
validity of the receivers.
If by any chance some package broadcast was occuring at a time when
an admin was being updated, or the package removed broadcast was
coming in much before the update was registered with package manager
then this will help in avoiding accidental deactivation.
Bug: 18590558
Change-Id: I7f4897e8836f81aa037b8be87d399942ce78b1a2
Setting up a managed profile should have included a step to warn about
this sort of thing already. As the user should trust the profile owner
anyway it's hard to argue this warning is needed.
Bug: 18224038
Change-Id: Ie86ba26851af726c0dec30eb9c32894ed6bb4a00
There are 3 types of users
1. Primary - device will be wiped
2. Managed profile - profile will be removed
3. Secondary user - user will be removed
Show different messages for almost wipe and wipe in each
of these 3 cases.
Bug: 16843155
Change-Id: Icecfe520622773da9e45465bf2217e8ed38b266e
This is to allow Play to use this API to find out whether a package
is uninstallable due to profile or device owner policy's restriction.
Bug: 17914630
Change-Id: I4ce2963884ecdf3306805f36db80ed1ebf04d88f
Method handlePackagesChanged modifies the policy data without holding the
lock. It also calls methods which expect a lock to be held -
validatePasswordOwnerLocked, syncDeviceCapabilitiesLocked, saveSettingsLocked.
Bug: 18262633
Change-Id: Ia4bdc6edc66bccf8a4288e048171ff20858ae2f6
This allows work profile MDM to enable unknown sources
even if the user doesn't have UI for it. Installing an
app from an unknown source will still prompt the user
with the package installer dialog, so it's not like the
MDM can now quietly install apps from non-market sources.
Bug: 18316350
Change-Id: Ia8f4fe36f12a258aa888e085acc0b358925f4817
The setting was previously exposed in IPowerManager but it
doesn't need to be there.
Bug: 17656076
Change-Id: If3ed0cbe89f67c60aa00376be0c54b1bd9656144
This change incorporates API council feedback and enables the
TrustAgent whitelisting API.
It also contains a minor cleanup of DPM's use of UserHandle
to eliminate unnecessary object creation.
Fixes bug 17008504
Change-Id: I63cc50169fde54b34406845818bcaf6aadc1a3db
Some tests rely on this being dismissible. Additionally it turns out
some users don't like having a hulking great notification follow them
around everywhere.
Bug: 17985258
Change-Id: If05a07b9eaa402a48f9a14647effc1df32c796e1
DPM's method will return false if encrypted by default password,
preventing the changing of encryption password to lockscreen password.
Check if the device is encrypted by some means, instead.
Also fix a SecurityException when Device Admin queries encryption state
(recent regression)
Bug: 17881324
Change-Id: Id897e61c5e254ab3f8dc569285428a73005303ea
This fixes a bug introduced by a change where the function
ignores systems with default encryption where it's disabled.
The fix also checks to see if vold thinks the device is secure.
Fixes bug 17881324
Change-Id: I2c40f76cf990d90d1a825955aa3b080b21684426
Some of the admin policies are throwing security exceptions in
a managed profile without being documented correctly and others
shouldn't be throwing security exceptions.
Changed setCameraDisabled() to not throw an exception. It now just
prevents work profile apps from using the camera.
Changed wipeData() to allow passing in ERASE_EXTERNAL_STORAGE. In
secondary users/profiles, this is just going to remove the user, so
the flag is harmless.
Updated documentation for setKeyguardDisabledFeatures() and resetPassword()
to indicate that they cannot be called in a managed profile.
Bug: 17987913
Change-Id: I8060be4c2d32bdd4edb46ce543551fabb9c8c983
It is possible that the device does not have an owner. If there
is no owner we get a NPE when asking the device policy manager
for cross-profile widget providers.
bug:17989189
Change-Id: I5759f2dec160ed8076ab47fdf09134f78c57458d
Shows one notification per profile instead of one notification per
user or (previously) one notification per device.
Bug: 17794425
Change-Id: I6f0d34a16fa2a45082941387ac765dd99eefa131
In the past we wrote out badly formed ComponentNames with no
class part. Loading these results in a null pointer exception
blocking boot.
Bug: 17652534
Change-Id: Iec592343425a23c7ada5f73cf30b8646d31eae81
We had an additional check for managed profile in there, so it wasn't working for device owners. Also needed to look at uninstalled packages.
Change-Id: I4813f23b00d7905e92ade582ce082a6f295a322d
Bug: 17384318
In addition to device owners, profile owners on the primary user
can also set user restrictions that are necessary to lock down the
user.
This is to enable the case of a profile owner registered after setup
wizard is completed, on the primary user.
Also make managed profile vs. profile wording consistent in the
DevicePolicyManager docs.
Bug: 17555025
Change-Id: Ib9d08b8af34a99b25e11757fa7dc83673a7deb32
This change prevents adding a device owner after setupwizard
has finished provisioning. Only the new dpm shell command
can set a device owner.
Bug: 17316711
Change-Id: I98bdfd9b8c8da3042111c45e2e7fd2b559fac510
Adds new adb command to execute DevicePolicyManager tasks. First subcommand
allows us to set a device owner on a provisioned device (provided no accounts
are associated with the device). This is required as GTS tests run on provisioned
devices. We plan to add more subcomands required for new GTS tests, such as the
ability to create a managed profile.
Bug: 17312478, 17316711
Change-Id: I2613178ea82a6c6268e7f8012e74c4a852fea0d4
