Now that we don't have UM.setUserRestriction*s*() that could remove
all existing restrictions, there's almost no point handling
DISALLOW_RECORD_AUDIO differently.
Now DISALLOW_RECORD_AUDIO is handled just like other restrictions,
except we don't persist it.
Bug 24954662
Change-Id: I27875b4a74dd95a3ce6bb774081eeaf718eaec15
This policy allows DO to specify a list of apps to cache even without being
installed on any user.
Bug: 23938464
Change-Id: I2eeab7f148409739fc23a5c44e955ad12b63fd04
- Now when DO/PO sets a user restriction, DPMS pushes it to UMS and
then UMS persists it, in order for UserManager.hasUserRestriction()
to never have to talk with DPMS, which would cause lock inversion.
- Also apply user restrictions when a user start.
- This is an updated version of the abandoned CL -- the difference
is, ActivityManager no longer has to call DPMS.
- Also removed an unnecessary write to userlist.xml in UMS.
upgradeIfNecessaryLP().
Bug 23902097
Bug 25388912
Bug 25354031
Bug 25641040
Change-Id: I0948aea06ad7d0f45fe612a431d765faddfe3c58
Add new "am unlock-user" command so we can trigger changes from the
command line.
Move FBE check to static method so it can safely be called early
during boot before the mount service is ready. Move FBE emulation
to persisted system property, and start reading/writing that value.
Change default permission grants to ignore current encryption-aware
flags, since many of the target apps aren't crypto aware.
Always prepare package data directories, which is how we create the
new "user_de" paths during boot.
Bug: 22358539
Change-Id: I6f58ea2d34b3a466d3775d614f8a13de92272621
Split-user systems will allow for combinations of management modes,
specifically managed-{user,profile} on systems with a device-owner.
Bug: 25671630
Bug: 25680065
Change-Id: I5716f55eb6c8318129b4614adc22897d53901bee
Now pure DA (not PO, not DO) aren't allowed to change the password
if one is already set.
Also update "isDeviceOwner" check and make sure we always take
user-id into account. If one really wishes to check the package name
only, then use getgetDeviceOwner() instead.
Also change the enforceNotManagedProfile() check to what's more
generic in the FBE world.
Bug 25645900
Bug 25547523
Bug 25643916
Change-Id: I588ecf9452fe3acc1fb0b4ca0457ad662382fcd2
This information, if set, will be shown in the lock screen instead
of the user owner information and the settings tile will be made readonly
(implementation in following CLs).
Bug: 22547309
Change-Id: Ic826d8049bc67f5e8fcfa6a91aa2017247c93b11
This will allow AMS to call into DPMS within the AMS lock instead,
which will help I1537bd57b34696768ee81a979d53bb396efbc12a.
- AM.clearApplicationUserData() will not be allowed for any DA
apps.
Bug 25567963
Change-Id: I9f0d071c815a011be4f4c85c502c39d0fe0fe5e8
... DISALLOW_ADJUST_VOLUME, instead of UserManager pushing
new settings to AudioService.
Also:
- Allow PO to set these two restrictions.
- Now AS.setMasterMuteInternal() respects mUseFixedVolume to make
it consistent with readPersistedSettings().
- When a user switches and restores the mute state in
AS.readPersistedSettings(), also check the current user restrictions
in addition to system settings. Because of the delay in AudioService
before persisting the mute settings in setMasterMuteInternal() and
setMicrophoneMute(), there's was an edge case
DISALLOW_UNMUTE_MICROPHONE and DISALLOW_ADJUST_VOLUME would be ignored
when the user switches right after they are set.
Bug 24981972
Change-Id: I4d9b709a0a0e6812319204568c6e44d6664bdeb4
The DPC can use it to tell if provisioning a managed profile or for
device owner would work or not.
BUG:25338478
Change-Id: I09ea6a9f23a8e88e4ed37c048170b2a68213086e
Added mUsersLock - short-term lock for internal state, when interaction and
synchronization with PM is not required. Modifications to mUsers and
mRemovingUserIds must be guarded by 3 locks: mInstallLock, mPackagesLock and
mUsersLock. While reads can use mUsersLock.
Testing revealed that the following methods in UMS often cause contention:
- exists
- getUserInfo
- getProfileParent
They all now use a short-term lock mUsersLock for reads.
Bug: 24979571
Change-Id: Ie3a22ea7cbb450c7969800fe2a4a2b2516165e5b
- Now even if a user restriction is set via UserManager, it'll be correctly
enforced.
- Changed the way AudioService enforces the OP_MUTE_MICROPHONE and
OP_AUDIO_MASTER_VOLUME app ops -- previously, when they're set, even a muting
call would be rejected. This was why DPMS.setUserRestriction() used different
calling orders for DISALLOW_UNMUTE_MICROPHONE/DISALLOW_ADJUST_VOLUME depending
on setting them or clearing them.
Now, even when the app ops are set, we still allow muting calls.
Bug 23902097
Bug 24981972
Change-Id: I865b5de43e15f5955f94006475a5ec6254904d31
- Now DPMS remembers user restrictions set by DO / PO in their ActiveAdmin.
- User restrictions set by DO/PO will no longer be saved by UserManger. Instead,
when needed, UMS will consult DPMS to build "effective" user restrictions.
- UM.getUserRestrictions() will now always return "effective" user restrictions.
- DPMS migrates existing user restrictions per the eng spec.
- Also now UM.setUserRestrictions() will crash. UMS.setUserRestrictions() has
been removed.
This was needed because UM.setUserRestrctions(UM.getUserRestrictions()) will no
longer be a valid use like it used to be.
- Also introduced a fined-grained lock for user restrictions in UM to avoid
deadlock between DPMS and also for better performance.
Bug 23902097
Change-Id: If0e1e49344e2f3e9226532d00777976d1eaa7df3
When File Based Encryption is present, allow the verify/write of
passphrases to be per-user (it used to always bubble up to the parent
user assuming it is a per-device passphrase).
This is part of the work for the Separate Work Challenge.
Change-Id: I5ae6b7b6ed1dd25aed0843d495b6f5f36e01c4eb
- Start persisting restrictions set by DO/PO.
- Also dump user restrictions on dumpsys
- More changes will follow, including migration.
- Now System settings are mockable.
Bug 23902097
Bug 23902477
Change-Id: I0bda22f484e1a8e259a1feb2df83c5f4a29116da
It was because UserManager.get() returns a static cached instance but
we should always be using the mock instance that's created for each test.
Bug 24378326
Change-Id: Id4663e7676d2d0130622055a97fbde0884714349
- Extracting into a factory allows us to use mocks in other classes.
(Such as Owners.)
- Also removed broken test ApplicationRestrictionsTest. Instead added a new
simplified test to DevicePolicyManagerTest.
- Also stop caching rarely used instances in DPMS.
Bug 24061108
Bug 24275172
Change-Id: Ice9e57204b18e7b5f6b115126dab2209041439c2
- Now all services that DPMS uses are injectable.
- Introduce some wrappers to make static methods and final class mockable.
(e.g. for Binder.getCallingUid())
- In unit tests we replace those with Mockito mocks, except we use a partial
mock for PackageManager, because we use way too many methods of this and
most of them are okay to use directly.
- To install a partial mock to PackageManager, I needed to make
ApplicationPackageManager @hide public non-final.
- For a starter, added tests for DPM.setAmin().
Bug 24061108
Change-Id: I2afd51d8bc0038992d5f9be38c686260be775b75
