| 09c529a9bc85bfd0d50b65f447472ad064eac16c |
|
01-May-2017 |
Makoto Onuki <omakoto@google.com> |
Reconnect to DAService after binding is dead
- When the DO/PO process crashes twice with a short interval, AM gives up
and the binding will be "died". Once binding is in this state it'll never
be re-connected.
(Still, DO/PO can disable and re-enable their DAS to force DPMS to bind again
though.)
- Detect this and re-connect after one hour.
- Back-off time will be exponentially increased and never reset until DPMS
explicitly re-connects, which happens when:
-- the device rebooted,
-- the user stopped and re-started, or
-- the DAS is disabled and re-enabled.
Test: adb shell am instrument -e class com.android.server.am.PersistentConnectionTest -w com.android.frameworks.servicestests
Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyConstantsTest -w com.android.frameworks.servicestests
Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest -w com.android.frameworks.servicestests
Test: cts-tradefed run cts-dev --skip-device-info --skip-preconditions --skip-system-status-check com.android.compatibility.common.tradefed.targetprep.NetworkConnectivityChecker -a armeabi-v7a -l VERBOSE -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceAdminServiceDeviceOwnerTest
Test: cts-tradefed run cts-dev --skip-device-info --skip-preconditions --skip-system-status-check com.android.compatibility.common.tradefed.targetprep.NetworkConnectivityChecker -a armeabi-v7a -l VERBOSE -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceAdminServiceProfileOwnerTest
Bug 37711907
Change-Id: Ie0b227a94e6ce85d72a969a4dea1020baf734e2f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 5bb8294f926dcaf4a7288ba4457d84d57bb4ab53 |
|
29-Apr-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Add managed profile whitelist to control NotificationListenerServices" into oc-dev
|
| 2c20a0f8852f0d0d179614fbcb86be06833cd2aa |
|
28-Apr-2017 |
Andrew Scull <ascull@google.com> |
Merge "Expand abbreviation in constant identifier." into oc-dev
|
| 17e1b5da53d508c3eccc9a6be276f0b6dacfc246 |
|
25-Apr-2017 |
Andrew Scull <ascull@google.com> |
Expand abbreviation in constant identifier.
The abbreviation is not in common use. Also remove FBE from
documentation as it also isn't used elsewhere.
Test: Build success
Bug: 37621349
Change-Id: Icf19be5e96e71dcd45aa7cac8f58b05b6d77d02b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 4f4f6f83c20162814e95e9ca0654eee89a818bde |
|
28-Mar-2017 |
Pavel Grafov <pgrafov@google.com> |
Introduce DISALLOW_BLUETOOTH_SHARING.
When this restriction is enforced Bluetooth sharing option should not be
present when the user tries to share something. Previously this was handled
by explicitly disabling bluetooth sharing activity during managed
provisioning, now this code is to be removed (see topic CLs) and the same
behavior should be achieved by setting this restriction for profile owners
by default.
In Bluetooth:
1) Don't check restrictions on boot, it is invoked anyway through the
listener during boot.
2) Ignore when the restriction is "changed" from true to true - i think
it was the initial intent in that condition.
3) Disable the component for a particular user and not always the
system user. This is something that has to be fixed in O I think since
currently in secondary user the bluetooth itself gets disabled but the
sharing thing still shows up.
In DPMS:
1) Now ActiveAdmin for PO also contains a set of restrictions applied by
default.
2) Now all ActiveAdmins for POs are loaded quite early. That shouldn't
have huge impact though.
Bug: 36249732
Test: run cts -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.ManagedProfileTest#testBluetoothSharingRestriction
Test: run cts -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testBluetoothRestriction
Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceMigrationTest.java
Change-Id: I78c4ffbd503c4a10138e8c0862a9f206f24c5631
Merged-in: I78c4ffbd503c4a10138e8c0862a9f206f24c5631
(cherry picked from commit 7f4ad75218bdd3f1bdf9022a146147eae032cc0c)
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 9c6458dd58106538e790bbc702dbc10798e1bd18 |
|
30-Mar-2017 |
Esteban Talavera <etalavera@google.com> |
Add managed profile whitelist to control NotificationListenerServices
Only let notification listeners installed in the primary profile
see work profile notification if allowed by policy
Bug: 36657192
Test: runtest systemui-notification
Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Change-Id: If719151644380e9162180a24d12f798e42867c0a
(cherry picked from commit 7e4cbadc6a561be62bf3b5e4c949bbb863018cc7)
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 424dd39e256b880b0a18d8570daf399885a7567b |
|
27-Apr-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "setAffiliationIds and getAffiliationIds uses set instead of list" into oc-dev
|
| 3165743c5040fb47a32ef30ccb7ffe11275a547e |
|
25-Apr-2017 |
Tony Mak <tonymak@google.com> |
setAffiliationIds and getAffiliationIds uses set instead of list
Didn't use @remove because java doesn't support two methods differs from
the return type only.
Test: cts-tradefed run cts-dev --module DevicePolicyManager --test com.android.cts.devicepolicy.DeviceOwnerTest#testLockTask_unaffiliatedUser
Test: runtest -x frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
Test: cts-tradefed run cts-dev --module DevicePolicyManager --test com.android.cts.devicepolicy.DeviceOwnerPlusProfileOwnerTest
Change-Id: Ic7c7221ef5e680a6765f028c2ab73d4c2f908c58
Fix: 37622682
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| eda0a9ae33273765afc7ec65081408f3c24c5640 |
|
25-Apr-2017 |
Tony Mak <tonymak@google.com> |
bindDeviceAdminService requires service to be proected by BIND_DEVICE_ADMIN
Test: cts-tradefed cts-dev --module DevicePolicyManager --test com.android.cts.devicepolicy.DeviceOwnerPlusProfileOwnerTest
Fix: 37624960
Change-Id: I0df88d2a019a0c5f8f997db1efede35a20441fa8
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| ebb9fc309d4159d44a73be1397fd5f3aeb208e0b |
|
30-Mar-2017 |
phweiss <phweiss@google.com> |
Decrease number of network logging notifications shown
Now, network logging will show one notification when it is enabled
and one after the next reboot.
Bug: 36254499
Test: CTS Verifier > Managed Provisioning > Device Owner Tests
> Network Logging UI
Change-Id: I60fc64e96ceb0ec0ae7ca832b74ac8b47e581be4
(cherry picked from commit 55dba53ed433d713a075ba0de15504a1ed42852b)
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| dcc792a13feeb6c79d8740c1fcb875fbeb76b4bc |
|
03-Apr-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Persistent connection to DO/PO service." into oc-dev
|
| fe9a53bc45fd0124a876dc0a49680aaf86641d3e |
|
31-Mar-2017 |
Jeff Sharkey <jsharkey@android.com> |
Consistent dump() permission checking.
This change introduces new methods on DumpUtils that can check if the
caller has DUMP and/or PACKAGE_USAGE_STATS access. It then moves all
existing dump() methods to use these checks so that we emit
consistent error messages.
Test: cts-tradefed run commandAndExit cts-dev -m CtsSecurityTestCases -t android.security.cts.ServicePermissionsTest
Bug: 32806790
Change-Id: Iaff6b9506818ee082b1e169c89ebe1001b3bfeca
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| fc73d799e95f512628da326b0e69ea314f92a5aa |
|
22-Mar-2017 |
Makoto Onuki <omakoto@google.com> |
Persistent connection to DO/PO service.
Test: Manual test with customize API tests; CTS coming.
Change-Id: I1d7eaa4b1fdd20726c1832c736d32f934c6a82f9
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 282cfefea0fbbd299839e353e6d30affdcd4a55c |
|
27-Mar-2017 |
Chris Wren <cwren@android.com> |
standardize system notification IDs
All the trivial cases, plus some fixes to try to
mitigate collisions with the complex ones.
Complex services to follow in another CL,
Bug: 32584866
Test: make framework services
Change-Id: Ie9663600171d8ede11676e9d66f009dbb06def03
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 0ec0000c225370375c9813c95651d55ee753e600 |
|
24-Mar-2017 |
Bartosz Fabianowski <bartfab@google.com> |
Allow system UID to call isSecurityLoggingEnabled()
This CL allows code running under the system UID to call
isSecurityLoggingEnabled(), so that Settings can find out whether
logging is on or off.
Bug: 36584321
Test: m RunSettingsRoboTests
Change-Id: Icf8b7d6cef0f4e23f57bcf0498ffdcf124d16d38
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 74cb00696e27924de4fc7052a90aa2348b536b2d |
|
21-Mar-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Exfiltrate cert code from DevicePolicyManager"
|
| c8aeef6ae6469c1db5e7a67eb2e968d29c84e908 |
|
20-Mar-2017 |
Edman Anjos <edmanp@google.com> |
Remove leftover DO/PO check in isPackageSuspended
We already check if the caller is a DO, PO, or a delegate in
enforceCanManageScope, the additional call to
getActiveAdminForCallerLocked makes this function inaccessible to
delegate applications and was removed.
Test: cts-tradefed run cts-dev --module CtsDevicePolicyManagerTestCases --test com.android.cts.devicepolicy.MixedDeviceOwnerTest#testDelegation
Change-Id: I5df0f19a017a3b6e130329940c79b12cbb95ec9e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 088d7aa9c1e9b73ea9dce1616b4958f0c41ca05e |
|
17-Mar-2017 |
Robin Lee <rgl@google.com> |
Exfiltrate cert code from DevicePolicyManager
The intent is for this not to cause any behaviour changes, just to
make it easier to see what is going on with the code.
Permissions are checked in DevicePolicyManagerService. All calls to
CertificateMonitor are privileged.
Test: runtest -x frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
Test: cts-tradefed run cts-dev --module CtsDevicePolicyManagerTestCases
Change-Id: I98224087315a62234732f08b53fe91884be86386
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| e5b9d366c1bfc3a7e575ea2211570a32dae695b2 |
|
17-Mar-2017 |
phweiss <phweiss@google.com> |
Finalize Strings and Icon for Network Logging Notification
Replace network logging icon with generic info icon as the
network logging icon will be deprecated.
Bug: 36254499
Test: CtsVerifier > Managed Provisioning0 > Device Owner Tests
> Network Logging UI
Change-Id: I648f160c09761a007948491f5b4ca772beddad70
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| b64daad73365f181f4c4bacf379c779e7e95bbf3 |
|
13-Mar-2017 |
Chad Brubaker <cbrubaker@google.com> |
Explicitly disallow Instant App admins
Instant Apps have no business being device admins, reject any attempt to
install one as an admin.
Bug: 33387067
Test: None currently -- Instant apps already cannot request becoming
device admin.
Change-Id: Ia1daaff659990ff25f16e8cbad240747b67242e2
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 172f7801c7376a33d7cfe07c8cb4525d14db0c8f |
|
06-Mar-2017 |
Bartosz Fabianowski <bartfab@google.com> |
Rename DPM.isDefaultInputMethodSetByOwner()
Settings.Secure.DEFAULT_INPUT_METHOD is a misnomer. It does not really
record a permanent default of any sort - it just indicates the currently
chosen IME. Thus, isDefaultInputMethodSetByOwner() should more
appropriately be called isCurrentInputMethodSetByOwner().
Furthermore, it turns out that setting a different IME for a user and
the user's work profile is unsupported. Thus, it is sufficient for the
intended use case to just retrieve the calling user's default IME.
There is no need for a |user| parameter.
Bug: 32692748
Test: unit tests (see DevicePolicyManagerTest.java for invocation)
Test: cts-tradefed run cts-dev --module CtsDevicePolicyManagerTestCases
Change-Id: Ia0846d38a1361042429dae7430a8b055575ef2e0
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 05dc9f764c9d399add8b7495e680f66d098c55eb |
|
22-Feb-2017 |
Bartosz Fabianowski <bartfab@google.com> |
Add API for checking which CA certs were installed by the DO/PO
With this API, the system can determine whether a CA cert was
installed by the user or the user's DO/PO.
Bug: 32692748
Test: unit tests (see DevicePolicyManagerTest.java for invocation)
Test: cts-tradefed run cts-dev --module CtsDevicePolicyManagerTestCases
Change-Id: I3bcae5ac18ec2b110154184fc515df804fd73da6
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| af759c52ce01fe6b5144957e38da956af01a217b |
|
15-Feb-2017 |
Geoffrey Pitsch <gpitsch@google.com> |
Channels for Frameworks notifications
Adapts all notifications used by system services to use channels.
Channels are initialized by SystemServer after the NotificationService
has started.
Test: runtest systemui-notification
Change-Id: I25c45293b786adb57787aeab4c2613c9d7c89dab
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a7aaae881cb3168641e3117a0de6db15b63b5a44 |
|
28-Feb-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Delete ParcelableString, add StringParceledListSlice"
|
| 3814d5d021981671de6912999488adb15d8e1b0a |
|
28-Feb-2017 |
Edman Anjos <edmanp@google.com> |
Merge "Fix is installed check condition in DevicePolicyManagerService"
|
| abaa0695c5361b36a7a2cdbe87c77bf60be20af7 |
|
20-Feb-2017 |
Robin Lee <rgl@google.com> |
Delete ParcelableString, add StringParceledListSlice
Both inherit from package private BaseParceledListSlice.
This is still bad, but it's not as bad. The existing code that uses
this can just do Foo.bar().getList() now instead of having to marshal
to and from an oddball type at either end as well.
In the longer term ParceledListSlice<> should be eliminated, but it's
not clear how far into the future that is going to happen.
Test: runtest -x services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
Test: runtest -x core/tests/coretests/src/android/content/pm/ParceledListSliceTest.java
Change-Id: Ie69b96b5215d6e04990f6d31345772cdfee21d78
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 8732003f6918f725a115fdbc04aa6858d1a82337 |
|
27-Feb-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Make IKeyChainAliasCallback oneway"
|
| 3e7cf168a547982676f18d3308b83381abc95f06 |
|
25-Feb-2017 |
Robin Lee <rgl@google.com> |
Make IKeyChainAliasCallback oneway
So it can be sent from devicepolicymanager (system_server) to keychain
(a system_app) without waiting on the response and having to do
everything in a background thread.
Side-effect: the regular keychain => app callback is slightly more
efficient now too. in case anyone particularly needs blazing fast
private key user selections.
Fix: 35675253
Test: cts-tradefed run cts --abi=arm64-v8a --skip-device-info --module CtsDevicePolicyManagerTestCases --test 'com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement' </dev/null 2>&1
Change-Id: I6e9d96ca3c42e6489d879d8cfb0507eb94838bf1
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| ab6798951a12b55c309975dd9fe6eeb2de926420 |
|
24-Feb-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Fix broken RestrictedLockUtils KeyGuard APIs"
|
| 0423b8f72f69da200eab2efee6ca897dfabede31 |
|
24-Feb-2017 |
Edman Anjos <edmanp@google.com> |
Fix is installed check condition in DevicePolicyManagerService
DPMS#setDelegatedScopes generally enforces the delegate is installed in
the device, but this check should be skipped on DELEGATION_CERT_INSTALL
scopes on pre-N. Additionally the check is also skipped when clearing up
delegations on pre-N. The check was extracted to a separate function for
clarity.
Bug: 35234284
Test: cts-tradefed run cts-dev --module CtsDevicePolicyManagerTestCases --test com.android.cts.devicepolicy.ProfileOwnerTestApi23#testDelegatedCertInstaller
Change-Id: Ib723b58243f901af907e368017b1ae0bb101360d
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| acdeac6809f4cb6c96f47b6cdf72572c9969c6eb |
|
21-Feb-2017 |
Robin Lee <rgl@google.com> |
Fix broken RestrictedLockUtils KeyGuard APIs
They were all broken in that they returned profile admins for parent
queries even when they clearly shouldn't.
Examples:
- disable unredacted notifications
- disable fingerprint
This doesn't seem to have been tested beyond the bare basics of one
user with one device admin. Added some reasonable coverage. It could
still do with more.
Test: make RunSettingsLibRoboTests
Bug: 34929375
Change-Id: I1b0e986056ffa62d47091c0010977ac810ebd690
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 0b1356ff1f3cd2fd06d770af1ad466822173cc3a |
|
21-Feb-2017 |
Suprabh Shukla <suprabh@google.com> |
Fix 'Modifying dpm.setSecureSetting call for install_non_market_apps'
The previous change was reverted as it broke work profile provisioning.
Clearing binder calling identity before calling into settings provider
should fix the issue.
Test: runtest managed-provisioning
Test: runtest -x services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
Test: Manually tested that work profile is inflated with expected values
of install_non_market_apps
Bug: 33947615
Bug: 35590590
Change-Id: I3c31a73fef0c25c0e682e18f637272adad39b28d
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 5663e051099cdf442bc3316a88e1a7600c58aaaa |
|
20-Feb-2017 |
Victor Chang <vichang@google.com> |
Revert "Modifying dpm.setSecureSetting call for install_non_market_apps"
This reverts commit 2e7d6d64b9b16ea27634bc0e8843717a465142b4.
Bug: 35590590
Fix: 35590106
Test: runtest managed-provisioning
Test: manual verified that work profile can be inflated
Change-Id: Ie780b94053e65bca2f96b32055937c0c9e8beae8
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| e453d8e7629c422ab8982a871e5799fa5e8cff90 |
|
18-Feb-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Removing unnecessary call to ArraySet#toArray"
|
| 3dea1c7972ba350716b2f9b95de95ed4b2f3ea90 |
|
18-Feb-2017 |
Suprabh Shukla <suprabh@google.com> |
Removing unnecessary call to ArraySet#toArray
Iterating over ArraySet using iterators is still more efficient than
first calling ArraySet#toArray and then iterating over the array.
Test: Minor optimization. make and existing tests should suffice.
Change-Id: Ifc282bfca98cf89b047dddddd78a6de020f27381
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| dd903d4f0ee4cebcef03e54f5b07f4bcc14c5dbc |
|
18-Feb-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Modifying dpm.setSecureSetting call for install_non_market_apps"
|
| 2e7d6d64b9b16ea27634bc0e8843717a465142b4 |
|
10-Feb-2017 |
Suprabh Shukla <suprabh@google.com> |
Modifying dpm.setSecureSetting call for install_non_market_apps
Starting from O, install_non_market_apps is deprecated and will not be
checked by the package installer. Device admin apps should be using the
user restriction instead.
Since on managed profiles, the default value blocked install from
unknown sources, the system will set the user restriction on behalf of
the profile owners (if the profile has one).
For non-managed profiles, the user had access to the settings to change
the value of install_non_market_apps. So going forward, any request to
change it's value by dpm#setSecureSetting in such users is going to be
ignored.
Test: Manually tested that:
1. For a profile with PO, when install_non_market_apps was set to 0,
user restriction is set on upgrade
2. For a profile with PO, when install_non_market_apps was set to 1,
user restriction is not set on upgrade
3. After upgrade, newly created managed profiles with PO have user
restriction set
Bug: 33947615
Change-Id: I063e9ee608b52086ffdf8ed2b24e2928574c58cd
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 8c9a6b0089ff712df4e06454ade1443b77a4a9f4 |
|
17-Feb-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Revert "Revert "Per user setting for instant app"""
|
| a4f3891d28054027cccbb1f34436046cf2b59d44 |
|
17-Feb-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Mark clearDeviceOwnerApp/clearProfileOwner as deprecated"
|
| 4f7e1fc9af698e08576c9beadef872f5c4ea04a8 |
|
17-Feb-2017 |
Bartosz Fabianowski <bartfab@google.com> |
Merge "Add API for checking whether the default IME was set by the DO/PO"
|
| 939ccc3854d841e4aa1fc33017d49a2446315ca6 |
|
16-Feb-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Clear DISALLOW_ADD_USER in clearDeviceOwner for all cases"
|
| be0b8896d1bc385d4c8fb54c21929745935dcbea |
|
15-Feb-2017 |
Todd Kennedy <toddke@google.com> |
Revert "Revert "Per user setting for instant app""
This reverts commit be9ffa15af9e1906e9ffb505768328d62d4a3793.
Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.EphemeralTest
Change-Id: Ib21321cf157a79890de487060a093840f7182047
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 348f696d33ffc188459e6318c65c8f9058f8d974 |
|
30-Jan-2017 |
Victor Chang <vichang@google.com> |
Clear DISALLOW_ADD_USER in clearDeviceOwner for all cases
We are not moving the restriction from system to the DO in the end.
clearDeviceOwnerUserRestrictionLocked becomes the permanent solution
for DeviceOwner CTS. Looks like no one setting DISALLOW_ADD_USER
directly in UserManager except DO/PO, and so remove it when DO is
clear
Change-Id: I235bebebd02b5e0d9883eea6dd3a4e49b40fe043
Fix: 33476323
Test: runtest frameworks-services -c com.android.server.devicepolicy.DevicePolicyManagerTest
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a5b0963c0c49e379912239755caee2fe5b873353 |
|
10-Feb-2017 |
Esteban Talavera <etalavera@google.com> |
Mark clearDeviceOwnerApp/clearProfileOwner as deprecated
Bug: 33175679
Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Change-Id: I05e10638d838ccf8dc67b7a01b3ffeb7cbea8500
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| aff5e9c21c28f21f7a3688d84e747727cf17f382 |
|
25-Jan-2017 |
Bartosz Fabianowski <bartfab@google.com> |
Add API for checking whether the default IME was set by the DO/PO
With this API, the system can determine whether a user's default
IME was set by the user or the user's DO/PO.
Bug: 32692748
Test: DPMS unit tests and CTS CtsDevicePolicyManagerTestCases
Change-Id: Ibd703ff5c9e4c072599ad8d6023c94a97d728109
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 824b073fbeee57154316c1e60d211e8e9ab54ac6 |
|
16-Feb-2017 |
Rubin Xu <rubinxu@google.com> |
Merge "Add escrow token API in DevicePolicyManager."
|
| 626ffb455650e334fff3fe407a31aa0fa437fdf2 |
|
15-Feb-2017 |
Guang Zhu <guangzhu@google.com> |
Merge "Revert "Per user setting for instant app""
|
| be9ffa15af9e1906e9ffb505768328d62d4a3793 |
|
15-Feb-2017 |
Guang Zhu <guangzhu@google.com> |
Revert "Per user setting for instant app"
Bug: 35390781
This reverts commit 2f5811dcfd840e149851a9333e27ef3cdddf7a46.
Change-Id: Ibb1c8dacbdc6908fc7fa2bc5dca664f2455162bf
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| aab7a4146ccd14f94ac87f4c52895f1bb5d37645 |
|
30-Dec-2016 |
Rubin Xu <rubinxu@google.com> |
Add escrow token API in DevicePolicyManager.
Take advantage of the new authentication flow in LockSettingsService
and allow PO or DO to provision escrow tokens on the device. The
escrow token grants them the ability to change device lockscreen
(if used by DO) or work profile challenge (if used by PO). The
new password reset mechanism is even usable before user unlocks,
and it preserves authentication-bound keys in keystore.
Test: runtest frameworks-services -c com.android.server.SyntheticPasswordTests
Test: runtest frameworks-services -c com.android.server.devicepolicy.DevicePolicyManagerTest
Test: cts-tradefed run cts-dev -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.MixedDeviceOwnerTest#testResetPasswordWithToken
Bug: 33126620
Change-Id: Iaa684c51946f726cbd909e9ac70ad3e9ca3de1ac
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| bf92b812dbe1c762ff2381ca4ba14290a5ece8b8 |
|
15-Feb-2017 |
Todd Kennedy <toddke@google.com> |
Merge "Per user setting for instant app"
|
| 2f5811dcfd840e149851a9333e27ef3cdddf7a46 |
|
30-Jan-2017 |
Todd Kennedy <toddke@google.com> |
Per user setting for instant app
The same application can run as either an instant app or an installed
app. Store this setting per-user instead of based upon the install
location.
Bug: 25119046
Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.EphemeralTest
Change-Id: Iff565bb1ac10d631499f0bd0f69b401cb073c10e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f5e107140d9f9dd0b0b5d5068f8a89bcadd53dd5 |
|
14-Feb-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Flush addPersistentPreferredActivity setting in DPMS"
|
| 723eac769eab985e052275f9e8ac4bc1965fed9f |
|
14-Feb-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Use DevicePolicyData#mUserSetupComplete for DPM's isDeviceProvisioned."
|
| 288639860a8ab05cc7d09d3dc21b4224b3a832db |
|
13-Feb-2017 |
Tony Mak <tonymak@google.com> |
Flush addPersistentPreferredActivity setting in DPMS
To fix the glitch that "kiosk mode" does not persist if device
is rebooted within 10s after addPersistentPreferredActivity is called.
Test: Manual Test
1. Using TestDPC to start kisok mode, reboot right away.
Observed that TestDPC is launched in kiosk mode.
2. Stop the kiosk mode, reboot without 10s.
Kisok mode is stopped.
Fix: 28169791
Change-Id: I555fc18efe86380f2e028b698c2bdb01017bf9f5
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a10b057bb869ca7c99938053ca5fe60029555b3b |
|
14-Feb-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "MonitoringCertTask no longer relies on software.device_admin"
|
| 5108f1efa6e4db4fac3b83047917f35192488d11 |
|
14-Feb-2017 |
Lenka Trochtova <ltrochtova@google.com> |
Use DevicePolicyData#mUserSetupComplete for DPM's isDeviceProvisioned.
DevicePolicyData#mUserSetupComplete on user 0 us a more accurate and
reliable indicator of whether the device has been provisioned than
the currently used 'ro.device_owner' property.
Test: gts-tradefed run gts -m GtsGmscoreHostTestCases --test com.google.android.gts.devicepolicy.DevicePolicyManagerTest
BUG: 29935702
Change-Id: Iec62f2aebe865ac0ee69c2cc7177333ce5450474
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 7f5c91c6bce6a8ff2414549219a321a98a98ab31 |
|
08-Feb-2017 |
Robin Lee <rgl@google.com> |
MonitoringCertTask no longer relies on software.device_admin
Added a test to validate that it still works the way it should before
and after the change.
Bug: 33258404
Bug: 35196414
Fix: 35129745
Test: runtest -x services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
Test: also manual, instructions:
Test: (1) Disable software.device_admin from tablet_core_hardware, rebuild.
Test: (2) Install CA cert. Notification should appear.
Test: (3) Reboot. Notification should still be there.
Change-Id: Id992725c1844a2fffbde4d8acaba531e99f853ad
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 33a119c94fbef9a185b82204fc58292e08c3d33d |
|
13-Feb-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Fix typo on DISALLOW_UNMUTE_DEVICE"
|
| 492b4724fb42adf29f3978f01ebc5238f893d194 |
|
13-Feb-2017 |
Esteban Talavera <etalavera@google.com> |
Fix typo on DISALLOW_UNMUTE_DEVICE
Test: Builds sucessfully. Cannot find other usages in code search
Change-Id: I83f85b4715b11630b0ce0b471be536aef46a2936
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 150a584aee758ccb23844115f9936035d7971bee |
|
09-Feb-2017 |
Greg Plesur <plesur@google.com> |
Allow any device with a device_owner to execute setDeviceOwnerSystemPropertyLocked(). am: 735b4dc0af am: d78a0d21cb
am: 82a3793269
Change-Id: I3f7fe9ba2c572eb0dda23386a62c50f58a6a08f9
|
| d78a0d21cb7b845be55a7d7e917be249d606a69e |
|
09-Feb-2017 |
Greg Plesur <plesur@google.com> |
Allow any device with a device_owner to execute setDeviceOwnerSystemPropertyLocked().
am: 735b4dc0af
Change-Id: I5c8ca6d0a63af83cde91c17d10a634469c726442
|
| 735b4dc0af2571926d4ca573377881959237a6a4 |
|
09-Feb-2017 |
Greg Plesur <plesur@google.com> |
Allow any device with a device_owner to execute setDeviceOwnerSystemPropertyLocked().
BUG: 34824902
Change-Id: I95fbe0a352c48a3fff5af57b91325901a16d3d89
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| c928e9fa5343bd11d477240c119268a980cdf229 |
|
09-Feb-2017 |
Greg Plesur <plesur@google.com> |
Don't check device_provisioned on Wear devices in setDeviceOwnerSystemPropertyLocked() am: c7b18342ea am: b6323817db
am: f206de957a
Change-Id: Ic1f2bd765ecc3eb7239923147a93fc4afa6eb70c
|
| f206de957a15420d25eefdca656ee9a0528dd93f |
|
09-Feb-2017 |
Greg Plesur <plesur@google.com> |
Don't check device_provisioned on Wear devices in setDeviceOwnerSystemPropertyLocked() am: c7b18342ea
am: b6323817db
Change-Id: I5f3b6935af32ba94fef35d8db573d75925eee434
|
| 66af3515dee796d8303c313ca999ee957675c310 |
|
09-Feb-2017 |
Greg Plesur <plesur@google.com> |
Don't check device_provisioned on Wear devices in setDeviceOwnerSystemPropertyLocked()
am: c7b18342ea
Change-Id: I692fee4165de9a274d8eb8f0deaf49762974bb22
|
| c7b18342eafa53a741e3e8d8cfc85f35f9416b12 |
|
08-Feb-2017 |
Greg Plesur <plesur@google.com> |
Don't check device_provisioned on Wear devices in setDeviceOwnerSystemPropertyLocked()
BUG: 34824902
Change-Id: I49d4d7043829862e1abacb3f400a6690f454d6c0
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| b94a914c9e2446f791cf165a38dd6683c4251f0a |
|
08-Feb-2017 |
Rubin Xu <rubinxu@google.com> |
Merge "Small tweaks in LockSettingsService"
|
| 84e706fb9b1cd6e3c7e6a4cd97bee6f22732b288 |
|
07-Feb-2017 |
Esteban Talavera <etalavera@google.com> |
Merge "Unhide getLockTaskPackages"
|
| f810cc9a5b0f8f295cb53e31b4ba974a1598e233 |
|
07-Feb-2017 |
Rubin Xu <rubinxu@google.com> |
Merge "Fix uri permission grant on remote bug report uri"
|
| bfb666da53c6ca65ab4c469fc6e2c0631aeaffc0 |
|
03-Feb-2017 |
Esteban Talavera <etalavera@google.com> |
Unhide getLockTaskPackages
getLockTaskPackages is currently hidden, and can only be
called by a device or profile owner, which doesn't make
much sense. Unhidding it to be consistent with the rest
of the DevicePolicyManager APIs that have a getter for
each setter.
Bug: 34614754
Test: cts-tradefed run cts-dev --module DevicePolicyManager --test com.android.cts.devicepolicy.DeviceOwnerTest#testLockTask_affiliatedSecondaryUser
Test: cts-tradefed run cts-dev --module DevicePolicyManager --test com.android.cts.devicepolicy.DeviceOwnerTest#testLockTask_unaffiliatedUser
Test: Test: cts-tradefed run cts-dev --module DevicePolicyManager --test com.android.cts.devicepolicy.DeviceOwnerTest#testLockTask_deviceOwnerUser
Change-Id: I6e03c2f47c0f9e7a635e798a1bf7f131a8e37c65
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 7226c7dc9fd85bdd1639632b0e5761526fdcba30 |
|
06-Feb-2017 |
Rubin Xu <rubinxu@google.com> |
Fix uri permission grant on remote bug report uri
System server is no longer allowed to grant uri permission directly. As a result
we use grantUriPermissionFromIntent() to grant permission from the shell UID,
who is the owner of the bug report content.
Also fix a security bug where the broadcast to notify user consent of remote
bug report mismatches the <protected-broadcast> definition, causing it to be
sendable by anyone.
Bug: 34159108
Test: manual - Install TestDPC and request bugreport, try accept and decline
once the report is ready (Bullhead).
Change-Id: I66e3f2a16d4547549f09d3c96d52aed2330caedf
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 4d600d150f60249995c2212cff5acc9d11cbfc80 |
|
06-Feb-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Clear affiliation ids and lock task packages when clearing DO/PO"
|
| a7bd04e89271fe0bce7bb5136bc8df0466827c6c |
|
02-Feb-2017 |
Esteban Talavera <etalavera@google.com> |
Clear affiliation ids and lock task packages when clearing DO/PO
Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Change-Id: I38eea34cff82766c7e3b8cd79dd9757a212bb451
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a55b168b5d5a0584b2411793f870a7849c5014f1 |
|
31-Jan-2017 |
Rubin Xu <rubinxu@google.com> |
Small tweaks in LockSettingsService
Paves way for synthetic password flow: Two notable changes:
1. when unify/un-unify work challenges, provide the old work profile password.
2. when clearing lock, supply old credentials.
Test: Unit test to be added in a follow up CL.
Bug: 33126414
Change-Id: I2a9553c5e7cc701338436e99e5a1289cebd1eda9
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f1e276384dddcef7c28080c88696707b4a52442f |
|
02-Feb-2017 |
Makoto Onuki <omakoto@google.com> |
DO NOT MERGE Do not call RecoverySystem with DPMS lock held am: 2317451acc am: 01f971dcdc
am: 963cba5b5b
Change-Id: I3a1421f656d1a90970eac6156e0840625662fb17
|
| 963cba5b5b1feea9d66239df6e86fa21c32fd6fd |
|
02-Feb-2017 |
Makoto Onuki <omakoto@google.com> |
DO NOT MERGE Do not call RecoverySystem with DPMS lock held am: 2317451acc
am: 01f971dcdc
Change-Id: If5f5e5d47b97e2b8480adc5ca2cb08702056ca87
|
| 01f971dcdc836b487e31ff064143a4593afa149b |
|
02-Feb-2017 |
Makoto Onuki <omakoto@google.com> |
DO NOT MERGE Do not call RecoverySystem with DPMS lock held
am: 2317451acc
Change-Id: Id3441141d4feea4c7291350c9670bd59ec017240
|
| bdcada976298716b9fb566fd6264e31098df4391 |
|
01-Feb-2017 |
Esteban Talavera <etalavera@google.com> |
Affiliated profile owners can set lock task packages
Mentioned that in the documentation, cleaned up the code
a bit and added unit tests
Bug: 34614754
Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Change-Id: I91232bbe494398015094ab977c6a2adce339811f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 2317451acc84174cbe30d1899428d1b2953a4363 |
|
04-Jan-2017 |
Makoto Onuki <omakoto@google.com> |
DO NOT MERGE Do not call RecoverySystem with DPMS lock held
Note DPM.wipeData() on a secondary user is now blocking, just like
it's been always blocking on the primary user.
Test: Manually tested wipeData() with ApiDemos, both on 1) the primary user,
2) a secondary user and 3) work profile.
Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest -w com.android.frameworks.servicestests
Bug 30681079
Change-Id: Ia832bed0f22396998d6307ab46e262dae9463838
Merged-in: Ia832bed0f22396998d6307ab46e262dae9463838
(cherry picked from commit efdec8f5688ce6b0a287eddb6d5dad93ffa0e1ee)
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 9e62c3111e6d32008332689066cc96e924868180 |
|
26-Jan-2017 |
Edman Anjos <edmanp@google.com> |
Update in DPM delegation documentation.
Add note on DPM#setDelegatedScopes documentation regarding the
broadcast sent to the delegate package to notify its new scopes; and
change the admin ComponentName annotation to @Nullable in
DPM#getDelegatedScopes.
Bug: 33099995
Test: cts-tradefed run cts-dev --module CtsDevicePolicyManagerTestCases --test com.android.cts.devicepolicy.MixedDeviceOwnerTest#testDelegation
Change-Id: I28fe3a631c05a9e6b8dae766ce6c42881f2e3a00
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a5ec280b4a684a5298279a0c303b85e47cd8763e |
|
26-Jan-2017 |
Edman Anjos <edmanp@google.com> |
Fix delegation broadcast to send an ArrayList<String> extra.
Change DPMS to call Intent#putStringArrayListExtra to ensure the extra
is sent as an array list of strings.
Bug: 33099995
Test: cts-tradefed run cts-dev --module CtsDevicePolicyManagerTestCases --test com.android.cts.devicepolicy.MixedDeviceOwnerTest#testDelegation
Change-Id: I1466fb457e34adbfb7704320c021210c1569f55f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| b3231029b5642474264b3d574fb7d5b68b0bfc57 |
|
30-Jan-2017 |
Esteban Talavera <etalavera@google.com> |
Merge "Profile owners on a user can communicate with device owners"
|
| efdec8f5688ce6b0a287eddb6d5dad93ffa0e1ee |
|
04-Jan-2017 |
Makoto Onuki <omakoto@google.com> |
Do not call RecoverySystem with DPMS lock held
Note DPM.wipeData() on a secondary user is now blocking, just like
it's been always blocking on the primary user.
Test: Manually tested wipeData() with ApiDemos, both on 1) the primary user,
2) a secondary user and 3) work profile.
Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest -w com.android.frameworks.servicestests
Bug 30681079
Change-Id: Ia832bed0f22396998d6307ab46e262dae9463838
Merged-in: Ib97a92a6af87a5589d2643b9ae0522395735e1a5
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 695417c25275a555d2775d46d2dcb8f9210e7cbe |
|
27-Jan-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Fix DPM.getPermissionGrantState()"
|
| 2dbf9ae67a972e83f248eab06c583ff988da7422 |
|
27-Jan-2017 |
Bartosz Fabianowski <bartfab@google.com> |
Fix DPM.getPermissionGrantState()
The recent addition of DPM API access delegation introduced a bug in
this method. When a system app (UID 1000) called the method, it would
crash.
Bug: 34760123
Test: DPM unit tests
Change-Id: I69390ca30270d64a4d28a74c13a7679f14a62959
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 2f897917fd47c07c11900daf1df75c45154aaff7 |
|
26-Jan-2017 |
Esteban Talavera <etalavera@google.com> |
Profile owners on a user can communicate with device owners
Allow device owners and profile owners on a user
to communicate with each other, rather than restricting
it to device owners and managed profile owners as it is
at the moment
Bug: 34429083
Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Test: cts-tradefed run cts -a armeabi-v7a --module DevicePolicyManager --test com.android.cts.devicepolicy.DeviceOwnerPlusManagedProfileTest
Change-Id: I81561a9838c3ccb623354a1b718da2fc6a5af1fe
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f32925405368ca5bbddf86436835c6c238b3b4ba |
|
26-Jan-2017 |
Michal Karpinski <mkarpinski@google.com> |
Merge "Change batch finalization timeout mechanism from Handler#sendMessageDelayed() to a wakeful alarm"
|
| 1710e5f0794466cdd293e8fd883dc4b8ea0491b7 |
|
25-Jan-2017 |
Michal Karpinski <mkarpinski@google.com> |
DO NOT MERGE Change batch finalization timeout mechanism from
Handler#sendMessageDelayed() to a wakeful alarm
Messages sent with Handler#sendMessageDelayed() didn't get delivered
until the device woke up after being idle, which resulted in
potentially very long windows of logs accumulation and highly possible
network log loss from before the device becaming idle.
Bug: 34157435
Test: manual with decreased timeout over a few timeout iterations
Change-Id: I22d9cc743acb1a478d2da5407c5718e7f95e89cb
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 9a2e4207d79dd4568c0f90dee6c775f598e24d95 |
|
25-Jan-2017 |
Michal Karpinski <mkarpinski@google.com> |
Change batch finalization timeout mechanism from
Handler#sendMessageDelayed() to a wakeful alarm
Messages sent with Handler#sendMessageDelayed() didn't get delivered
until the device woke up after being idle, which resulted in
potentially very long windows of logs accumulation and highly possible
network log loss from before the device becaming idle.
Bug: 34157435
Test: manual with decreased timeout over a few timeout iterations
Change-Id: I50b29b9f132856a629e28f46c022f21976bd92fb
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 73145f4e60b874a408d26842d1cfc9c9506bfd9a |
|
17-Jan-2017 |
phweiss <phweiss@google.com> |
Create public API for policy transparency outside of Settings
The new DPM.createAdminSupportIntent() returns an intent that shows the
"This action was disabled by your admin"-dialog from settings.
This enables apps to inform the user about the cause of restricted
functionality.
A new extra for the intent allows to specialize the dialog for different
restricted features, instead of a generic message for all features.
Bug: 31215663
Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Change-Id: I3de7aeec0f88b8f013a63957aec803cd123fbedc
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 452efaac32a9c0d73abae1b9f0bbe5b1e99440d8 |
|
25-Jan-2017 |
Edman Anjos <edmanp@google.com> |
Merge changes I50d2903e,Ieb347ce3
* changes:
Add DPMS delegation scopes.
Add block uninstall delegation in DPMS.
|
| 8f3b34338aca7276a45033e362776678c2adf984 |
|
25-Jan-2017 |
Esteban Talavera <etalavera@google.com> |
Merge "Wipe device or profile if max failed attempt reached"
|
| 52088e4859ab81f2ec23a1063c1e1ffd8f23cf3f |
|
13-Jan-2017 |
Edman Anjos <edmanp@google.com> |
Add DPMS delegation scopes.
Implement the permission grant, package access, enable system app, and
keep uninstalled packages delegation scope APIs in the
DevicePolicyManagerService.
This feature gives a device owner or profile owner the ability to
delegate some of its privileges to another application.
Bug: 33105287, 33105284, 33105719
Test: cts-tradefed run cts-dev --module CtsDevicePolicyManagerTestCases --test com.android.cts.devicepolicy.MixedDeviceOwnerTest#testDelegation
Change-Id: I50d2903eb73ae7844ec1f6fe07e41101ea2760ea
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a5f2fb1a43aebe0481c45376812ad7d58e699647 |
|
19-Dec-2016 |
Edman Anjos <edmanp@google.com> |
Add block uninstall delegation in DPMS.
Implement the uninstall blocker delegation scope API in
DevicePolicyManagerSercice.
This feature gives a device owner or profile owner the ability to
delegate some of its privileges to another application.
Bug: 33105718
Test: cts-tradefed run cts-dev --module CtsDevicePolicyManagerTestCases --test com.android.cts.devicepolicy.MixedDeviceOwnerTest#testDelegation
Change-Id: Ieb347ce3fb6219fe7f04cafbcd1e6b7359b31a10
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 4877b9c29810ee3049d1712624dc6156634f776b |
|
25-Jan-2017 |
Edman Anjos <edmanp@google.com> |
Merge "Refactor DPMS Cert Installer and App Restrictions delegation."
|
| 954cfce18d94c30c84899b38fed4e09aaa6e601d |
|
25-Jan-2017 |
Victor Chang <vichang@google.com> |
Merge "Send DEVICE_OWNER_CHANGED to manifest receivers in background"
|
| b88f42b6b1414ae8107be13c0d2f3957549ecaaf |
|
24-Jan-2017 |
Esteban Talavera <etalavera@google.com> |
Wipe device or profile if max failed attempt reached
If the device or profile owner have set a max password failed
attempts policy, the device or profile should be wiped even if
DISALLOW_FACTORY_RESET / DISALLOW_REMOVE_USER /
DISALLOW_REMOVE_MANAGED_PROFILE was set by that admin. However
it should still fail if another device admin set the policy - this
is in line with what wipeData() does at the moment.
Bug: 34450538
Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Test: cts-tradefed run cts --module DevicePolicyManager --test com.android.cts.devicepolicy.DeviceOwnerPlusManagedProfileTest#testWipeData
Test: cts-tradefed run cts --module DevicePolicyManager --test com.android.cts.devicepolicy.ManagedProfileTest#testWipeData
Test: cts-tradefed run cts --module DevicePolicyManager --test com.android.cts.devicepolicy.DeviceOwnerTest#testDisallowFactoryReset
Change-Id: Ifac240692ce74432f7b57f3dfbbbac2a7282297b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 94666c0570aff5f545592482ffdcae55c5b763cf |
|
24-Jan-2017 |
Victor Chang <vichang@google.com> |
Send DEVICE_OWNER_CHANGED to manifest receivers in background
- DEVICE_OWNER_CHANGED is an event that could happen maximum of 2 times
after device factory reset. The event rarely
happens, and it shouldn't affect any system health
Fix: 34446573
Test: adb shell am instrument -w -e class
com.android.server.devicepolicy.DevicePolicyManagerTest
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: Ic1af2016f590e1200bb3e56f63caa0e0b12f71f8
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f994677626a6babc5121647646f17a7de85065a7 |
|
28-Nov-2016 |
Edman Anjos <edmanp@google.com> |
Refactor DPMS Cert Installer and App Restrictions delegation.
The DevicePolicyManagerService currently supports delegation of
certificate installation and application restriction management, both
of which are individually handled by DPMS.
Upcoming framework features will add four more delegation types,
namely: block uninstall; app permission management; app access
management; and system app enabler. At this moment it makes sense to
refactor the underlying delegation system in DPMS so that current and
future delegates can be handled in a more generic way.
Bug: 33099995
Test: DPMS unit tests
Change-Id: I9e350143572c6690febdd59d1ed5149af8ee4388
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d37c4a99b2602dd4483ca2985e63b5316e8f4f63 |
|
23-Jan-2017 |
Nicolas Prevot <nprevot@google.com> |
Allow DO to provision even if it has set disallow remove mp.
If the device owner has set DISALLOW_REMOVE_MANAGED_PROFILE,
and there is already a managed profile:
it should be allowed to provision a new managed profile by
deleting the old one.
Test: adb shell am instrument -e class
com.android.server.devicepolicy.DevicePolicyManagerTest
-w
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
BUG:34116228
Change-Id: I9e6f39924107aee40b57d22e638487a1ea3132de
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 841cb0a37f5602de1b410f558930f8e5d09e013a |
|
17-Jan-2017 |
Jason Parks <jparks@google.com> |
Allow the profile owner to enforce auto time.
Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Change-Id: I1cb04cce5d232fba668535dd391459a050d62dd7
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| dea0c3b654abefa488edc1e037424fbbceb759ed |
|
13-Jan-2017 |
Charles He <qiurui@google.com> |
DPM: Notify DO/PO of security updates.
We add a variant of notifyPendingSystemUpdate method which takes an
additional isSecurityPatch boolean flag. This information, if available,
will be persisted and available to device and profile owners when they
call getPendingSystemUpdate method.
Test: gts-tradefed run gts -m GtsGmscoreHostTestCases -t com.google.android.gts.devicepolicy.DeviceOwnerTest#testPendingSystemUpdate
Test: gts-tradefed run gts -m GtsGmscoreHostTestCases -t com.google.android.gts.devicepolicy.ManagedProfileTest#testPendingSystemUpdate
Bug: 33102479
Bug: 30961046
Change-Id: If3f1b765bb18a359836ac43ac9a0a9f29e9f8428
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| b271f34625c6661ed1ea7ec3886d491a4970d833 |
|
19-Jan-2017 |
Pavel Grafov <pgrafov@google.com> |
Merge "Store pending OTA state and make it accessible via polling api."
|
| e24743203591fde0f3b1fe7d5e250f2b21ec0b6a |
|
18-Jan-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Fix test DevicePolicyManagerTest#testSetRequiredStrongAuthTimeout_DeviceOwner"
|
| 189463286449b618633ea928de39113499a08c03 |
|
18-Jan-2017 |
Kenny Guy <kennyguy@google.com> |
Fix issue with saving admins before finishing loading. am: f98ed6863a am: b275a205af
am: ee9f03d1ed
Change-Id: Ic724588cbab8d4282eeb5bc806f8c67791189a05
|
| ee9f03d1ed263d975fea213453204729ec80730f |
|
18-Jan-2017 |
Kenny Guy <kennyguy@google.com> |
Fix issue with saving admins before finishing loading. am: f98ed6863a
am: b275a205af
Change-Id: I01487d9c39f4e82b63961cdd43df238f2bfd2b89
|
| 094119df3ebc49b7158aa448fe3cc24ad4267569 |
|
18-Jan-2017 |
Bartosz Fabianowski <bartfab@google.com> |
Merge "Allow system to retrieve permission grant state"
|
| 4b0624fee452138951de919bbe74003258e9bc19 |
|
16-Jan-2017 |
Bartosz Fabianowski <bartfab@google.com> |
Allow system to retrieve permission grant state
To inform the user which apps were granted permissions by the admin,
the Settings app needs to access this information without being a DO/PO.
Bug: 32692748
Test: FrameworksServicesTests unit test
Change-Id: I3770ec6343b85be9c6f7655675ed6db5cb50612c
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| b275a205af6014c67a34507240ce0fc1026815b5 |
|
18-Jan-2017 |
Kenny Guy <kennyguy@google.com> |
Fix issue with saving admins before finishing loading.
am: f98ed6863a
Change-Id: I7f816c164548df86f9607c86772902efd0d53620
|
| d084ca5fad1cef70aac9eed8d5d79fc87d6e5397 |
|
18-Jan-2017 |
Michal Karpinski <mkarpinski@google.com> |
Fix test DevicePolicyManagerTest#testSetRequiredStrongAuthTimeout_DeviceOwner
1) Started returning the default value for getLong() on SystemProperties mock
2) Added a test that the minimum timeout cannot be changed using a system
property on non-debuggable builds
3) Added new within range test for completeness.
4) Started using TimeUnit instead of ms constants.
Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
Bug: 34317979
Change-Id: I0409451ae39e74ec3d96a098042302291ec3408f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f98ed6863a7f64c535a66006852a934b05d550bc |
|
18-Jan-2017 |
Kenny Guy <kennyguy@google.com> |
Fix issue with saving admins before finishing loading.
Saving device policy managers settings to clear out
password stats was happening before initializing mAdminList
so could wipe active admins.
Test: manual - flash with N2G05C add google account with dmagent flash wth this fix, check dmagent is still an active admin, reboot check admin is still active.
Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Bug: 34277435
Change-Id: I13660b47f30e9aba001eb13f2e457c3b3f36da3e
(cherry picked from commit adbda7474cc1968b66e9948aee566dc346e71340)
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| eaed75d923c132f7bb7679d3246a89eff78e6811 |
|
18-Jan-2017 |
Pavel Grafov <pgrafov@google.com> |
Merge "Make ENSURE_VERIFY_APPS global even when set by PO."
|
| 4228bcadb4aaa3e04d9faa3bfff8f7aa6c91fc1b |
|
18-Jan-2017 |
Kenny Guy <kennyguy@google.com> |
Fix issue with saving admins before finishing loading. am: adbda7474c
am: 4cccc791f4
Change-Id: Ifa4c9557a3c7f505e6ced657ecd42cd0242a5ea4
|
| adbda7474cc1968b66e9948aee566dc346e71340 |
|
18-Jan-2017 |
Kenny Guy <kennyguy@google.com> |
Fix issue with saving admins before finishing loading.
Saving device policy managers settings to clear out
password stats was happening before initializing mAdminList
so could wipe active admins.
Test: manual - flash with N2G05C add google account with dmagent flash wth this fix, check dmagent is still an active admin, reboot check admin is still active.
Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Bug: 34277435
Change-Id: I13660b47f30e9aba001eb13f2e457c3b3f36da3e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d65799ee812132bc54fd9d67d4ef9b19906b9da5 |
|
02-Dec-2016 |
Pavel Grafov <pgrafov@google.com> |
Store pending OTA state and make it accessible via polling api.
Change-Id: Ieb71dfb902371a683b17561f51ba9c2c730eb37b
Test: gts-tradefed run gts -a armeabi-v7a -m GtsGmscoreHostTestCases -t com.google.android.gts.devicepolicy.DeviceOwnerTest
Bug: 31000521
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 6a40f09083fc52acc3309d0b04401fca02df6372 |
|
25-Oct-2016 |
Pavel Grafov <pgrafov@google.com> |
Make ENSURE_VERIFY_APPS global even when set by PO.
Currently only device owner can set global user restrictions.
With this CL ENSURE_VERIFY_APPS will be global no matter who
enforces it, DO or PO.
To make it possible for system apps to check who enforces a
particular restriction in this case a new API method is added
to UserManager: getUserRestrictionSources which returns a list
of users who enforce the restriction.
Bug:31000521
Test: cts-tradefed run cts -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.UserRestrictionsTest (ag/1732744)
Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/pm/UserRestrictionsUtilsTest.java
Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceMigrationTest.java
Test: installed M on a Nexus5x device, created a managed profile with some user restrictions, and checked that after upgrading M->O all restrictions are preserved and split correctly into base, global and local.
Change-Id: I543d3ec9ef0cf2b730da6f7406021c0bba43b785
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| ef99fb85f95a2cc17e5d41f452d4632f0ec12fb7 |
|
16-Jan-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Make device wide DO features available if all users affiliated"
|
| d36dd15d9bf9f65270b9bee16d6419b96b18bd86 |
|
15-Dec-2016 |
Esteban Talavera <etalavera@google.com> |
Make device wide DO features available if all users affiliated
Currently, those features are available on single user devices only
(since they collect privacy sensitive data device wide). Now making
them available as long as all users are affiliated.
It'll take a certain amount of time between user creation and the DPC
of that new user setting the appropriate affiliation ids. The DO won't
be able to access the logs during that time (and won't get any "logs
ready" callback). Once the affiliation ids are set, if they match,
logs become available again - this includes logs collected while the
user was being setup. Some logs might be lost though if the amount of
data exceeds the internal limit.
Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Test: cts-tradefed run cts -a armeabi-v7a --module CtsDevicePolicyManagerTestCases --test com.android.cts.devicepolicy.DeviceOwnerTest
Bug: 32326223
Change-Id: Idfe881dd6497d3ad2bead10addfd37b98b8a6e2b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 18de051c986b0871848a77d2c2dd11659af365c9 |
|
14-Jan-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Send EXTRA_USER with DevicePolicy lock broadcasts"
|
| 9e0642287e1f6d907356f1724272332f0db7f7af |
|
14-Jan-2017 |
Bartosz Fabianowski <bartfab@google.com> |
Merge "Add install reason"
|
| 3c9b36482f0120756ddcc3b6fe5f57d3136c7902 |
|
13-Jan-2017 |
Andrew Scull <ascull@google.com> |
resolve merge conflicts of ad4aa1ce7d3d to nyc-mr1-dev am: eb35ad9969
am: 3aac3ebee1
Change-Id: Id7be6d9656b292ec1bf526750db8081022267c4a
|
| 3aac3ebee1079ba56afde5d149b0653c891cb5a8 |
|
13-Jan-2017 |
Andrew Scull <ascull@google.com> |
resolve merge conflicts of ad4aa1ce7d3d to nyc-mr1-dev
am: eb35ad9969
Change-Id: I4fd9ce4c79db5a10f28008c89205fc9c8ef2888f
|
| a34f53f61be31b7171d6cbcb12490ee143acffff |
|
11-Jan-2017 |
Bartosz Fabianowski <bartfab@google.com> |
Add install reason
This CL allows a reason to be specified when installing a package. The
install reason is a sticky piece of metadata: When a package is e.g.
installed via enterprise policy and an update is then manually
installed or sideloaded, the install reason will remain "policy."
The install reason is tracked separately for each user.
With this CL, two install reasons exist: "policy" and "unknown." Other
install reasons will likely be supported in the future.
Bug: 32692748
Bug: 33415829
Test: Tested manually with "adb install" / "adb uninstall"
Change-Id: I0c9b9e1b8eb666bb6962564f6efd97e41703cd86
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| eb35ad9969a173ac4d6279a5e322e8176c2ae6d1 |
|
13-Jan-2017 |
Andrew Scull <ascull@google.com> |
resolve merge conflicts of ad4aa1ce7d3d to nyc-mr1-dev
Change-Id: I97ef31536cd06495a08a3f94f81df2d1376186e0
|
| ad4aa1ce7d3dd2dd8d5690eb2f7653ca3c27000e |
|
13-Jan-2017 |
Andrew Scull <ascull@google.com> |
resolve merge conflicts of e4cefbf4fce4 to nyc-dr1-dev
Change-Id: Ib536a33ba381c28397320edd516d52727e5bdacc
|
| a7d158054705635422ddcef0081d99004184e471 |
|
13-Jan-2017 |
Andrew Scull <ascull@google.com> |
Merge "Save password metrics on non-FBE devices."
|
| e4cefbf4fce458489b5f1bebc79dfaf566bcc5d5 |
|
02-Dec-2016 |
Andrew Scull <ascull@google.com> |
Don't save password metrics to disk.
On FBE devices, don't save the metrics to disk but compute them when the
password is first entered and only store them in RAM.
Merged-in: 5daf273b7e3272269c53eda20ce494d0e7a365b5
Bug: 32793550
Change-Id: Icee7f615167761177b224b342970a36c7d90f6ba
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 3e17ea13c14eb8d2b6afffaa110d86f2cede8670 |
|
12-Jan-2017 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "[DPM] Allow lower strong auth timeout on debuggable builds"
|
| 7df0cb2924cd963cda2f5c82828a04c4a3987d24 |
|
12-Jan-2017 |
Andrew Scull <ascull@google.com> |
Save password metrics on non-FBE devices.
DPM.setActivePasswordSufficient() can be called by a DPC before the
password has been entered on non-FBE devices. The metrics must be saved
so this API can work correctly.
Bug: 32793550
Test: manual
Change-Id: I078d0f1f98875d577aeaf25f12dc9c27e3f80658
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 2df5919faadc172d71fbb1a20d1f13667a1981af |
|
14-Dec-2016 |
Michal Karpinski <mkarpinski@google.com> |
[DPM] Allow lower strong auth timeout on debuggable builds
Timeout can be set to lower than 1h on debuggable builds (eng, user-debug)
using persist.sys.min_str_auth_timeo system property. This allows manual
testers to more easily carry out testing scenarios.
Bug: 29825955
Test: manual without setting the property: if timeout is set to less than 1h, it's clamped to 1h
Test: manual with setting the property: on user-debug build with "adb root && adb shell setprop persist.sys.min_str_auth_timeo 30000"
Change-Id: I8cd871e3d04b2c6c7164f684b9a6a24e7292bfab
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a902e5c255619a21dce3733019e45bfa5359a8c5 |
|
12-Jan-2017 |
Pavel Grafov <pgrafov@google.com> |
Merge "Let profile owners also receive OTA notification."
|
| 19b3ecb9c865f34545f0c84454a1865692d06284 |
|
10-Nov-2016 |
Pavel Grafov <pgrafov@google.com> |
Let profile owners also receive OTA notification.
Also removed the code that sends broadcast to all device admins
in profile owner package since it was used for legacy
provisioning of the whole package and now should be migrated
by findOwnerComponentIfNecessaryLocked().
Test: gts-tradefed run gts -a armeabi-v7a -m GtsGmscoreHostTestCases -t com.google.android.gts.devicepolicy.ManagedProfileTest
Change-Id: I6316df7375fd24da133c83c7930815ba909194f2
Bug:31000521
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| df7bfcfc22fd131623e081f98f2c8c0fd33655c8 |
|
10-Jan-2017 |
phweiss <phweiss@google.com> |
Add ticker text for network logging notification
Set ticker text to title for accessibility.
Bug:31207965
Test: manual
Change-Id: I0b78f9e6464dd470b74e0db97813623b335835d9
(cherry picked from commit d4a54bbfd1902dccb0e4de03f15bfbbba50b9531)
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d4a54bbfd1902dccb0e4de03f15bfbbba50b9531 |
|
10-Jan-2017 |
phweiss <phweiss@google.com> |
Add ticker text for network logging notification
Set ticker text to title for accessibility.
Bug:31207965
Test: manual
Change-Id: I0b78f9e6464dd470b74e0db97813623b335835d9
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 54402aab14deb9f21b0a9b451f80113ab9821b04 |
|
10-Jan-2017 |
Andrew Scull <ascull@google.com> |
Merge "Evict CE key on request and when work mode is turned off."
|
| 971236480c2a95db94b073877c8595c274d28893 |
|
09-Jan-2017 |
phweiss <phweiss@google.com> |
Dismiss network logging notification when disabling logging
Bug:34116213
Bug:29748723
Test: CTSVerifier in a separate CL.
Change-Id: Ie652505ff57665f626712c67837577833f1595d6
(cherry picked from commit 82ed31c1efeb98acba60d79d1fc0a291b1440dc2)
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 18315230f641ab0704485465d39a31e235fc3268 |
|
10-Jan-2017 |
Philipp Weiß <phweiss@google.com> |
Merge "Dismiss network logging notification when disabling logging"
|
| d2a73ed21152517097a603e03c08eafbce926c3d |
|
19-Dec-2016 |
Robin Lee <rgl@google.com> |
Send EXTRA_USER with DevicePolicy lock broadcasts
DeviceAdmins inside profiles may receive broadcasts referring either
to the parent profile or to themselves.
We need a way to differentiate that.
Same commit fixes a bug in DevicePolicyManagerTest where USER_SYSTEM
is returned twice in getProfiles() when called for a managed profile of
USER_SYSTEM. This does not happen in the real API.
Bug: 30185351
Bug: 31001762
Test: runtest -x services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
Change-Id: Iea2735357f4019b2b81b6784e7ea6aead63f2636
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 82ed31c1efeb98acba60d79d1fc0a291b1440dc2 |
|
09-Jan-2017 |
phweiss <phweiss@google.com> |
Dismiss network logging notification when disabling logging
Bug:34116213
Bug:29748723
Test: CTSVerifier in a separate CL.
Change-Id: Ie652505ff57665f626712c67837577833f1595d6
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a755fb1030d65452eb3ed85b714c3073339a43f1 |
|
04-Jan-2017 |
Makoto Onuki <omakoto@google.com> |
Do not call RecoverySystem with DPMS lock held
Note DPM.wipeData() on a secondary user is now blocking, just like
it's been always blocking on the primary user.
Test: Manually tested wipeData() with TestDPC, both on 1) the primary user,
2) a secondary user and 3) work profile.
* Modified TestDPC so it supports secondary users
Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest -w com.android.frameworks.servicestests
Bug 30681079
Change-Id: Ib97a92a6af87a5589d2643b9ae0522395735e1a5
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| cbfec5d4917ade60aa1c58aaafec36e30b8cc922 |
|
04-Jan-2017 |
Makoto Onuki <omakoto@google.com> |
Follow-up to I1e4dd97
Don't check the accounts when the caller is not ADB.
MR2 already has this change.
Test: cts-tradefed run cts --skip-device-info --skip-preconditions --skip-system-status-check com.android.compatibility.common.tradefed.targetprep.NetworkConnectivityChecker -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.AccountCheckHostSideTest
* without having Id49f2bd5dfa80ecf35b3a23c789100ade38c2656 *
Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest -w com.android.frameworks.servicestests
Change-Id: I654c41d0e7434c5fce75eb2df5fd7686a54e9093
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| fd24353d75adbb0237fa13d209abe6b790535b8b |
|
15-Dec-2016 |
Makoto Onuki <omakoto@google.com> |
Get account features before taking lock (cherry-pick from master)
Test: cts-tradefed run cts --skip-device-info --skip-preconditions --skip-system-status-check com.android.compatibility.common.tradefed.targetprep.NetworkConnectivityChecker -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.AccountCheckHostSideTest
* without having Id49f2bd5dfa80ecf35b3a23c789100ade38c2656 *
Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest -w com.android.frameworks.servicestests
Bug: 33481725
Change-Id: Ie2fe9aea87d1a7167581f4cd74ae063ef24a4567
Merged-in: I1e4dd9701a76ca366f86fdaf2fc6c282e9dbe5c1
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 9bab1c4dd505903dbdd7403ea38d8b9d449e9be4 |
|
03-Jan-2017 |
Makoto Onuki <omakoto@google.com> |
Merge "Get account features before taking lock"
|
| 606da7778fffcb8251808ef53903eefebc2db9a7 |
|
15-Dec-2016 |
Makoto Onuki <omakoto@google.com> |
Get account features before taking lock
Test: cts-tradefed run cts --skip-device-info --skip-preconditions --skip-system-status-check com.android.compatibility.common.tradefed.targetprep.NetworkConnectivityChecker -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.AccountCheckHostSideTest
* without having Id49f2bd5dfa80ecf35b3a23c789100ade38c2656 *
Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest -w com.android.frameworks.servicestests
Bug: 33481725
Change-Id: I1e4dd9701a76ca366f86fdaf2fc6c282e9dbe5c1
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f8ced7790a6815ec6a57ba53ece409df26573439 |
|
03-Jan-2017 |
Robin Lee <rgl@google.com> |
Merge "Don't check for monitoring CA certs in cryptkeeper"
|
| a04a29ae02f100d61012c4834ab255ec76dc7d16 |
|
23-Dec-2016 |
Robin Lee <rgl@google.com> |
Don't check for monitoring CA certs in cryptkeeper
Change-Id: I35dc031e4cd652a79174d03f6a9f02120f46abd2
Test: CtsVerifier (ca certificate test)
Fix: 33454899
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 43769ddb2c348325c9d571626251a233c7ee9b7f |
|
22-Dec-2016 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Add DISALLOW_ADD_MANAGED_PROFILE to existing device owners"
|
| 548a04b8f894c55e0612790ee6bc222e4398f33e |
|
20-Dec-2016 |
Esteban Talavera <etalavera@google.com> |
Add DISALLOW_ADD_MANAGED_PROFILE to existing device owners
For device owners set pre-O, that restriction will not
be set via setDeviceOwner(). Therefore set it during
first boot after O OTA.
Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Bug: 31952368
Change-Id: I7db9b14c49a75ae2760e6923a1f3f7cde0e2784b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 923d2cc9d9915b18a8d29e9087add48dbe820eeb |
|
14-Dec-2016 |
phweiss <phweiss@google.com> |
DO NOT MERGE Show notification when network logging is enabled
A notification is shown after network logging is enabled
and after the next three reboots that are at least one day apart.
Clicking it sends an intent to quick settings to shown its device monitoring
dialog.
Cherry-picked from master.
Bug: 29748723
Bug: 33126577
(cherry-picked from commit a0cb251ca6a8ea8df17ff8089573bc50f2f1849f)
Test: Manual, CTS-Verifier tests will be added later
Change-Id: I2bf517bd27ab23ad3f66270602dbf062efab8cbb
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 85a63bc1a06870b5a86926b0bce94a2bf559e3f0 |
|
24-Oct-2016 |
Andrew Scull <ascull@google.com> |
Evict CE key on request and when work mode is turned off.
DPMS.lockNow takes a flag which can request the managed profile CE key to
be evicted.
Test: com.android.cts.devicepolicy.ManagedProfileTest#testLockNowWithKeyEviction*
Bug: 31000719
Change-Id: I68f4d6eed4b041c39fd13375f7f284f5d6ac33da
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| cbe76a0f1e83f74648ea24a9e8bd4814f9d87c8c |
|
20-Dec-2016 |
Philipp Weiß <phweiss@google.com> |
Merge "Show notification when network logging is enabled"
|
| a0cb251ca6a8ea8df17ff8089573bc50f2f1849f |
|
14-Dec-2016 |
phweiss <phweiss@google.com> |
Show notification when network logging is enabled
A notification is shown after network logging is enabled
and after the next three reboots that are at least one day apart.
Clicking it sends an intent to quick settings to shown its device monitoring
dialog.
Bug: 29748723
Bug: 33126577
Test: Manual, CTS-Verifier tests will be added later
Change-Id: I2bf517bd27ab23ad3f66270602dbf062efab8cbb
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 7cd4536e80eebb3cfb6df451560a159d2c27efd3 |
|
19-Dec-2016 |
Andrew Scull <ascull@google.com> |
Merge "Don't save the password metrics to disk."
|
| 01576869a3f46923d1d893866677e3bf9a00fc2b |
|
15-Dec-2016 |
Esteban Talavera <etalavera@google.com> |
Enforce DISALLOW_ADD_MANAGED_PROFILE
Only the device owner should be able to create a managed
profile if that restriction is set
Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Bug: 31952368
Change-Id: Ia5170e54594ccba1e5bcedffaec98c2af42264c0
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| c94b63730584dd4dd2e1c19266d6bbe1bbf56174 |
|
24-Nov-2016 |
phweiss <phweiss@google.com> |
DO NOT MERGE Add network logging icon to Quicksettings when enabled
Add the network logging icon in Quick Settings' footer if
network logging is enabled, possible next to the VPN icon.
Quicksettings has to be able to tell that network logging
is enabled, so this CL changes DPM.isNetworkLoggingEnabled() to be
callable from the device owner or from any app with the MANAGE_USERS
permission.
The icon is only a placeholder until the official icon is finished.
CTS Verifier tests will be added when all Network logging UX changes are
done.
Cherry-picked from master, and then modified to work in N:
I had to remove the QSFooterTest change because the testing infrastructure
is not there in N. Also, I had to add DPMS.enforceDeviceOwnerOrManageUsers()
to which did not exist in N before.
BUG: 33126618
BUG: 29748723
Test: Manual, CTS-Verifier tests will be added in a follow-up
(cherry picked from commit a4e169ed68ee57aa249e5e79fcd6bff5df46199e)
Change-Id: Ib35d323605ab11f883a4b6199d1db79b9e53c49b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 5daf273b7e3272269c53eda20ce494d0e7a365b5 |
|
14-Nov-2016 |
Andrew Scull <ascull@google.com> |
Don't save the password metrics to disk.
Only store the metrics in RAM, computing them at first log in.
Test: com.android.cts.devicepolicy.DeviceAdminHostSideTestApi24
Bug: 32793550
Change-Id: Iaf9516c193f054331e3e2c68cb3f627bd543b408
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 0a5aeecf4eb3e37770a8d4462e26192e91179179 |
|
15-Dec-2016 |
Amith Yamasani <yamasani@google.com> |
Merge "Revert "[DPM] Allow lower strong auth timeout on debuggable builds""
|
| 960128c9c6dd3b25889e1494baf5a403e46617bb |
|
15-Dec-2016 |
Amith Yamasani <yamasani@google.com> |
Revert "[DPM] Allow lower strong auth timeout on debuggable builds"
Reverting because the length of the prop key is out of bounds.
Bug: 33662416
This reverts commit 60d1feed92bcca9f437a9b323152609d8d5fc714.
Change-Id: I66a3f7f18e668acbf2ddaf60ab8efa2584799906
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 1548d5c43b789b6d5b3ab0929dcb55a2f12c57a9 |
|
15-Dec-2016 |
Nicolas Prévot <nprevot@google.com> |
Merge "Use affiliation ids when checking bind target users."
|
| 67ed651dab38934ac7dd729f6fe9a503d9ebb9d1 |
|
15-Dec-2016 |
Michal Karpinski <mkarpinski@google.com> |
Merge "[DPM] Allow lower strong auth timeout on debuggable builds"
|
| 60d1feed92bcca9f437a9b323152609d8d5fc714 |
|
14-Dec-2016 |
Michal Karpinski <mkarpinski@google.com> |
[DPM] Allow lower strong auth timeout on debuggable builds
Timeout can be set to lower than 1h on debuggable builds (eng, user-debug)
using persist.sys.min_strong_auth_timeout system property.
Bug: 29825955
Change-Id: I51d421c3e10625787ecfdbe011f9128cd47cb2a2
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d5b036014d632c7c28f8499f39bafd4b95ac49d1 |
|
06-Dec-2016 |
Nicolas Prevot <nprevot@google.com> |
Use affiliation ids when checking bind target users.
BUG:32764274
Test: adb shell am instrument -e class
com.android.server.devicepolicy.DevicePolicyManagerTest -w
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: Ic79b58dcb583b1d9eb9e7af0d1501cf8cfd0ee86
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 6c9116a6430ca5cd55b1b926213a5e8de77e4fc6 |
|
24-Nov-2016 |
Esteban Talavera <etalavera@google.com> |
Create DISALLOW_{ADD,REMOVE}_MANAGED_PROFILE user restrictions
Bug: 31952368
Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Test: runtest -c com.android.server.pm.UserManagerTest frameworks-services
Test: cts-tradefed run cts --module DevicePolicyManager --test com.android.cts.devicepolicy.UserRestrictionsTest
Change-Id: I240ab99c2409bbabffbc574bef202f2457026905
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 504fa62f9ec2eab7e6ec88002735940575c89f08 |
|
16-Nov-2016 |
Michal Karpinski <mkarpinski@google.com> |
DO NOT MERGE Disable DO single user features when clearDeviceOwner() is called
regardless of the amount of users
Bug: 32901196
Bug: 29748723
Change-Id: Ie419b5e496e23656cbe5436942d9aba402bfe68e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 5c64223da4265aef87a63f7a04dab313eb345e14 |
|
15-Nov-2016 |
Michal Karpinski <mkarpinski@google.com> |
DO NOT MERGE Fix disabling DO single user features when clearDeviceOwner() is called
We should disable those features before the DO is actually cleared.
Bug: 32901196
Bug: 29748723
(cherry picked from commit c44e67961170ddfb668372dc6e9ce6b391e3740f)
Change-Id: I74679abc26753585f302f3d52bca81fe21e2e668
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 896b9db8ed14bdfa88d5dce96405361e78dee80e |
|
14-Nov-2016 |
Michal Karpinski <mkarpinski@google.com> |
DO NOT MERGE [DPM] Minor code fixes in NetworkLoggingHandler
Added a comment and renamed field to follow mConvention.
Test: will be CTS tested once APIs unhidden
Bug: 29748723
(cherry picked from commit aabe96db87838501d3abeb96c25a4b1c50b9c12c)
Change-Id: I7ef118723d13ce1d313c3c56299c2dca2411eee6
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| bbf352a2c136bfeb1fa7ad751df75d3069e9fdb0 |
|
03-Nov-2016 |
Michal Karpinski <mkarpinski@google.com> |
DO NOT MERGE [DPM] DO uses batch token to retrieve network logs, and can retrieve
the same batch many times
This allows DO to:
a) know that some logs were dropped (by trying with token and not
getting anything)
b) know how many logs were there in each batch (useful especially
for the dropped ones)
c) retry batch retrieval if it failed
Test: will be CTS tested once APIs unhidden
Bug: 29748723
(cherry picked from commit a9ff206af26871695bfce54969428b8ad03e31e6)
Change-Id: Iac10e61cdf3b100719a9c029ff897bd5ef5c8e2f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 4c47adef60ca0326bdbe124dfdd335382e5c0787 |
|
12-Oct-2016 |
Michal Karpinski <mkarpinski@google.com> |
DO NOT MERGE [DPM] Management and retrieval of network logs
This CL follows up on ag/1530343 and adds:
1) Various network events.
2) Retrieval method in DPM and APIs in DeviceAdminReceiver.
3) Extension of NetworkLogger and it's NetworkLoggingHandler.
Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/NetworkEventTest.java
Bug: 29748723
Change-Id: I42a1a477e7c75c109a3982f809c22732b814e8b2
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| c3abd34cfed63d5b71366901d19f6d9cd8319306 |
|
12-Oct-2016 |
Michal Karpinski <mkarpinski@google.com> |
DO NOT MERGE [DPM] DO can start network logging and listen for events
This CL adds:
1) Setter and getter in DPM to manipulate logging switch (retrieval
method to come in a subsequent CL(s)).
2) A way for DPM to register to listen for events.
3) Skeleton of NetworkLogger class (more to come in subsequent CL(s)).
Bug: 29748723
Change-Id: I5c04662ccc6febd2ba294b0eaca1ed1da9c16e47
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 9498f5a81bad3febd86b4fdb015d398cbe049a76 |
|
09-Dec-2016 |
Philipp Weiß <phweiss@google.com> |
Merge "Add network logging icon to Quicksettings when enabled"
|
| a4e169ed68ee57aa249e5e79fcd6bff5df46199e |
|
24-Nov-2016 |
phweiss <phweiss@google.com> |
Add network logging icon to Quicksettings when enabled
Add the network logging icon in Quick Settings' footer if
network logging is enabled, possible next to the VPN icon.
Quicksettings has to be able to tell that network logging
is enabled, so this CL changes DPM.isNetworkLoggingEnabled() to be
callable from the device owner or from any app with the MANAGE_USERS
permission.
The icon is only a placeholder until the official icon is finished.
CTS Verifier tests will be added when all Network logging UX changes are
done.
BUG: 33126618
BUG: 29748723
Test: runtest --path frameworks/base/packages/SystemUI/tests
Change-Id: Ib35d323605ab11f883a4b6199d1db79b9e53c49b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 3c41744b8cab0eb540dee45a7f986bf25d78188e |
|
08-Dec-2016 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Clear DISALLOW_ADD_USER user restriction when dpm remove-active-admin is called from shell"
|
| d9758e7479a3d398bc8fcf80846153cf72d61fb6 |
|
07-Dec-2016 |
Victor Chang <vichang@google.com> |
Clear DISALLOW_ADD_USER user restriction when dpm remove-active-admin is called from shell
- Make the CTS hermetic and not adding new restriction after CTS test
- DeviceOwner can't clear this user restriction in CTS, as it's set by ManagedProvisioning
- It can be only clear when testOnly DPC becomes deviceOwner, and being removed by remove-active-admin in shell
Bug:31856203
Test: build successfully
Change-Id: I75b91629ef09c54e9dbe7253df6a52894a938e83
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| abf86385f8ba14d4f4789df59adec619a682b238 |
|
06-Dec-2016 |
Mahaver Chopra <mahaver@google.com> |
Merge "Return error code from isProvisioningAllowed"
|
| 849fd6f58e92476af3e3eeb802e71fddf372d6f2 |
|
03-Nov-2016 |
Mahaver Chopra <mahaver@google.com> |
Return error code from isProvisioningAllowed
Added hidden pre condition codes for PO and DO provsioning.
Added hidden api checkProvisioningPreCondition, which returns codes
instead of boolean. Managed provisioning can use this to show
useful debug information and user facing error dialogs.
Test: All DevicePolicyManagerTest pass
Bug: 27467633
Change-Id: I7d2a79921bc3ac2e12d506629a35563fc7ff62bf
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f81df2d5e52e50fe7197135baf5cabcabdba4628 |
|
01-Dec-2016 |
Amith Yamasani <yamasani@google.com> |
Merge "Secure MATCH_UNINSTALLED_PACKAGES across users"
|
| 3db81ae38d942831057960347e4bc0d297b85127 |
|
01-Dec-2016 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Revise when to throw SecurityException in bindDeviceAdminServiceAsUser"
|
| 0d1fd8d09163566d2c7eb72037f63b6404ada642 |
|
12-Oct-2016 |
Amith Yamasani <yamasani@google.com> |
Secure MATCH_UNINSTALLED_PACKAGES across users
Introduce a new internal flag MATCH_ANY_USER for genuine uses
of searching through all apps on the device.
Some temporary accommodations for Launchers that reach across
to the work profile until we have a new LauncherApps API to do
that officially.
Bug: 31000380
Test: CTS tests added
Change-Id: I2e43dc49d6c2e11814a8f8d1eb07ef557f31af34
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 365a3db47001c1298fd01146e866997a9cbc3c8c |
|
30-Nov-2016 |
Bartosz Fabianowski <bartfab@google.com> |
Allow setting managing organization for the device
The Profile Owner of a managed profile can set a string that will be
shown in the UI to identify the organization managing the profile.
This CL extends the functionality to the Device Owner of a managed
device.
Bug: 32692748
Test: DevicePolicyManagerTest unit test + CTS test in separate CL
Change-Id: I47295da2fd6485ebf0e890da13990a044accaf17
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 700c6ae74813182ec5cc1423911526197b5cf2a9 |
|
30-Nov-2016 |
Tony Mak <tonymak@google.com> |
Revise when to throw SecurityException in bindDeviceAdminServiceAsUser
1. No longer throw SecurityException when we fail to resolve the intent.
Return false instead.
2. Throw IllegalArgumentException early if the incoming intent is not
explicit.
3. Throw SecurityException with different error message. It makes debug
easier and allows tests to verify a particular thing happened.
Bug: 33197200
Test: cts-tradefed run cts --module DevicePolicyManager --test com.android.cts.devicepolicy.DeviceOwnerPlusManagedProfileTest
Change-Id: I723ab7f434c10407aa4e7dc8e9a6e3e9bb9f2059
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| dd7f8dafd862fa1a6132b37b47f1b160a4065a9e |
|
30-Nov-2016 |
Bartosz Fabianowski <bartfab@google.com> |
Allow DO to access DevicePolicyManager.isDeviceManaged()
This CL makes DPM.isDeviceManaged() accessible to the DO so that it
can be CTS-tested.
Bug: 32692748
Test: Device policy manager unit test + CTS & GTS in separate CLs
Change-Id: I5326e86b0ffee81d04bd48f0267044463a899b78
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 9f9e453b649b3507e25049c94990717dc92b269e |
|
30-Nov-2016 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Unit test for getBindDeviceAdminTargetUsers"
|
| b57bd791bf55215110839322ef7c0f72ed915a7b |
|
29-Nov-2016 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Add user affiliation APIs"
|
| c9bb378a8b3633bc427dd2439ab4ae8e3b17771a |
|
11-Nov-2016 |
Esteban Talavera <etalavera@google.com> |
Add user affiliation APIs
Make setAffiliationIds public so that it can be used for COMP.
That way we can allow network logging and other features to
work on devices that have a DO and a managed profile.
Those features are currently restricted to single user devices but we'll
open them up to devices where all users are affiliated.
Also create a getter for that API.
Bug: 32326223
Test: m FrameworksServicesTests &&
adb install \
-r ${ANDROID_PRODUCT_OUT}/data/app/FrameworksServicesTests/FrameworksServicesTests.apk &&
adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest \
-w com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: Ie443be887a6ca61a7f7a07e137757dceab7eb3d3
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 2f26b79eea905f88c872804be01431020e4efb2e |
|
28-Nov-2016 |
Tony Mak <tonymak@google.com> |
Unit test for getBindDeviceAdminTargetUsers
Was meant to write test for bindDeviceAdminServiceAsUser, but
it can't be done without having tests for
getBindDeviceAdminTargetUsers first as bindDeviceAdminService depends
on getBindDeviceAdminTargetUsers.
A bit shocked by we didn't have any managed profile tests in
DevicePolicyManagerTest. Added managed profile support in the CL.
Bug: 32764274
Test: runtest -x frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
Change-Id: If412e4f44c3ae998f69e17411f2503a97f80149f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 22b2a81f7598f643cddc4c1098cdf8951878c4d5 |
|
28-Nov-2016 |
Nicolas Prévot <nprevot@google.com> |
Merge "Send callbacks to DO when a user is added or removed."
|
| 8d76e72251eb6f83580cd8b70000d6904fe24096 |
|
25-Nov-2016 |
Bartosz Fabianowski <bartfab@google.com> |
Allow DO to access bookkeeping information about its own actions
The getLastSecurityLogRetrievalTime(), getLastBugReportRequestTime()
and getLastNetworkLogRetrievalTime() methods are meant to be used by
system code. However, there is no harm in allowing the DO to access the
information they return - because it is information about actions that
the DO itself took.
The advantage of opening up these methods to the DO is that we can
CTS-test them.
Bug: 32692748
Test: DevicePolicyManager unit test + CTS test in separate CL
Change-Id: I1470fca2a82b9955f7aed5e8b50220bea8b56fc9
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 8d4527db199b67de3a142a37adaa887bd026c22c |
|
24-Nov-2016 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Add getBindDeviceAdminTargetUsers API"
|
| e95c2817f753aa4572dca38cfa29d988d692b00e |
|
17-Nov-2016 |
Nicolas Prevot <nprevot@google.com> |
Send callbacks to DO when a user is added or removed.
BUG:32764090
Test: manual
Change-Id: Icfac801fd2c9670f3d68cf6971f7aba2332dbb6b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| fc291bcbe007692ab7a6de0651769b1f2e09de49 |
|
21-Nov-2016 |
Esteban Talavera <etalavera@google.com> |
Add getBindDeviceAdminTargetUsers API
Add getBindDeviceAdminTargetUsers API. To be used
for the device or profile owner in a COMP setup to
know the UserHandle of their instance running on
the other profile.
Bug: 31952368,33033966
Test: cts-tradefed run cts --module DevicePolicyManager --test com.android.cts.devicepolicy.DeviceOwnerPlusManagedProfileTest
Change-Id: I05c9ac0f6c3cdce1ec17cf2910ca7a7214064af2
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 08be96ec870d01ec7f7fa26f810777c60af666d4 |
|
16-Nov-2016 |
Michal Karpinski <mkarpinski@google.com> |
Disable DO single user features when clearDeviceOwner() is called
regardless of the amount of users
Bug: 32901196
Bug: 29748723
Change-Id: Ie419b5e496e23656cbe5436942d9aba402bfe68e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 29993074b0708d71b9d752f562ed6aee2a360fa1 |
|
17-Nov-2016 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Keep track of admin actions for DO disclosures"
|
| b21b241f0f12377c115e9c4f5bae26814fdab3fb |
|
17-Nov-2016 |
Bartosz Fabianowski <bartfab@google.com> |
Keep track of admin actions for DO disclosures
This CL adds bookkeeping to DPMS which will allow us to tell the user
in the Settings UI whether/when the admin requested a bug report or
retrieved logs from the device.
Bug: 32692748
Test: Full DevicePolicyManagerTest unit test coverage; end-to-end tests
will follow as Settings CTS verifier tests
Change-Id: I89728fce4b7e0ff061b354c73caf3742e95a3a3e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 554140fc8954044d455cfe25f63339f14c985a25 |
|
17-Nov-2016 |
Nicolas Prévot <nprevot@google.com> |
Merge "Check user restriction DISALLOW_REMOVE_USER in isProvisioningAllowed."
|
| 56400a445fa29b0a90e92d15daf6246cfc3f310d |
|
10-Nov-2016 |
Nicolas Prevot <nprevot@google.com> |
Check user restriction DISALLOW_REMOVE_USER in isProvisioningAllowed.
If DISALLOW_REMOVE_USER is set and there is already a managed profile:
isProvisioningAllowed() should return false
BUG:32629873
Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest -w
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: I093bed0a4a54f83decf11716ebfd50dd4f17c089
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 75ec5465f046149f4b53976a1cfd5f46dc51e944 |
|
16-Nov-2016 |
Michal Karpinski <mkarpinski@google.com> |
Merge "Fix disabling DO single user features when clearDeviceOwner() is called"
|
| c44e67961170ddfb668372dc6e9ce6b391e3740f |
|
15-Nov-2016 |
Michal Karpinski <mkarpinski@google.com> |
Fix disabling DO single user features when clearDeviceOwner() is called
We should disable those features before the DO is actually cleared.
Bug: 32901196
Bug: 29748723
Change-Id: I3cf24636feb1715af10fb874d4fecd7a4e32495d
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| dc589ac82b5fe2063f4cfd94c8ae26d43d5420a0 |
|
11-Nov-2016 |
Sudheer Shanka <sudheersai@google.com> |
Update usage of ActivityManagerNative.
- Remove references to ActivityManagerProxy.
- Add isSystemReady to ActivityManager.
Bug: 30977067
Test: cts/hostsidetests/services/activityandwindowmanager/util/run-test android.server.cts
adb shell am instrument -e class com.android.server.am.ActivityManagerTest,com.android.server.am.TaskStackChangedListenerTest \
-w com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: I07390b6124fb1515821f5c0b37baf6ae74adc8fa
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 2c2fb6189c7dfd56b61faec84e69e4f7912a32a6 |
|
14-Nov-2016 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Allow cross profile call between DO and PO"
|
| 46aabe5ef4362014914b7df707c2de2341211d69 |
|
14-Nov-2016 |
Tony Mak <tonymak@google.com> |
Allow cross profile call between DO and PO
Allow DO to bind service of PO in managed profile and vice versa.
DO and PO must be the same package.
Bug: 31895999
Change-Id: I3ce2943aebd1249401d5814757a0ce25b9f85279
Test: cts-tradefed run cts --module DevicePolicyManager --test com.android.cts.devicepolicy.CorpOwnedManagedProfileTest
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| aabe96db87838501d3abeb96c25a4b1c50b9c12c |
|
14-Nov-2016 |
Michal Karpinski <mkarpinski@google.com> |
[DPM] Minor code fixes in NetworkLoggingHandler
Added a comment and renamed field to follow mConvention.
Test: will be CTS tested once APIs unhidden
Bug: 29748723
Change-Id: I351be4680eed9c4ab51365e1b983b452ca210858
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a9ff206af26871695bfce54969428b8ad03e31e6 |
|
03-Nov-2016 |
Michal Karpinski <mkarpinski@google.com> |
[DPM] DO uses batch token to retrieve network logs, and can retrieve
the same batch many times
This allows DO to:
a) know that some logs were dropped (by trying with token and not
getting anything)
b) know how many logs were there in each batch (useful especially
for the dropped ones)
c) retry batch retrieval if it failed
Test: will be CTS tested once APIs unhidden
Bug: 29748723
Change-Id: I788359242e3b2a4cb638edb25e5db8b25646c29f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 383db5ebcc3a4a615faf249bf4f126f42e80b82e |
|
22-Jun-2016 |
Tamas Berghammer <tberghammer@google.com> |
Update package names to work with the proto3 compiler
Bug: b/28974522
Change-Id: I5f3adf4946ee4ba1e09e4f40afe83c151405972a
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d1ceaff82c8ca6a690d19a87d1a39ecdc1881bb8 |
|
04-Nov-2016 |
Greg Plesur <plesur@google.com> |
resolve merge conflicts of c874e60 to master
Change-Id: I39381c516e4a1267d06e3f7b682d1cf73eeb6f9b
|
| 34fb70ab88408b629350a80f6f68648a95db62bf |
|
01-Nov-2016 |
Greg Plesur <plesur@google.com> |
If the current device is a watch, fix DeviceOwner/ProfileOwner logic.
In this case, don't require the device to have gone through the
Setup Wizard before disqualifying DO/PO if there's an incompatible
account on the device.
BUG: 32438704,32438210
Change-Id: I6858db13c8df6e95d01d18a903f4343f70370e8b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a27884236fe1eade93a124f00f0b843997b40a31 |
|
03-Nov-2016 |
Michal Karpinski <mkarpinski@google.com> |
Stop non-DO devices from disabling network logging
Bug: 32623860
Change-Id: Ia53ce842fffb2a15c16c9535fbe07421ae7f2578
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f77ee4f1b79929a77f603e5e879f3616ae464e3e |
|
12-Oct-2016 |
Michal Karpinski <mkarpinski@google.com> |
[DPM] Management and retrieval of network logs
This CL follows up on ag/1530343 and adds:
1) Various network events.
2) Retrieval method in DPM and APIs in DeviceAdminReceiver.
3) Extension of NetworkLogger and it's NetworkLoggingHandler.
Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/NetworkEventTest.java
Bug: 29748723
Change-Id: I42a1a477e7c75c109a3982f809c22732b814e8b2
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| dd9bb4fdd9f4b528734a7907d2bc92841ca648ab |
|
12-Oct-2016 |
Michal Karpinski <mkarpinski@google.com> |
[DPM] DO can start network logging and listen for events
This CL adds:
1) Setter and getter in DPM to manipulate logging switch (retrieval
method to come in a subsequent CL(s)).
2) A way for DPM to register to listen for events.
3) Skeleton of NetworkLogger class (more to come in subsequent CL(s)).
Bug: 29748723
Change-Id: I5c04662ccc6febd2ba294b0eaca1ed1da9c16e47
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 4b3c306268b745153b1efa093d74f88044accff1 |
|
31-Oct-2016 |
Makoto Onuki <omakoto@google.com> |
Merge "Add @NonNull / @Nullable to DPM return types"
|
| 408e8e4491b72407334c81522c79822061424efd |
|
25-Oct-2016 |
Makoto Onuki <omakoto@google.com> |
Add @NonNull / @Nullable to DPM return types
Fix: 31331663
Fix: 32466757
Test: Signature change only; checkbuild.
Change-Id: I361cdd43b9fccf309ff3efefa3783d5399e65748
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| df1b87db5d1b473511b4f06bbc85dd7b418b7031 |
|
25-Oct-2016 |
Nicolas Prevot <nprevot@google.com> |
Allow DO to remove user even if DISALLOW_REMOVE_USER is set.
BUG:32300784
Test: create user in TestDPC, set DISALLOW_REMOVE_USER restriction,
and remove this user.
Change-Id: I96ab02d594cd1a8ab14420e12357f2083da1ce63
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 5f9e6f37b276fac7be6db982c9cb7fbd93150c4a |
|
02-Aug-2016 |
Andrew Scull <ascull@google.com> |
Refactor password metric computation.
This unifies previously duplicated code.
Bug: 30558331
Test: runtest -x frameworks/base/core/tests/coretests/src/android/app/admin/PasswordMetricsTest.java
Change-Id: I37678b83a03d4f05b9894d4b00e9a741d1a8df27
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 4e6ded256f7d840d71eeb7c8ec190ae12f36453e |
|
14-Oct-2016 |
Mahaver Chopra <mahaver@google.com> |
Analytics for provisioning entry point: ADB
To get the better understanding of provisioning flows, we are logging
all the entry points to Managed provisioning. This change implements it
for ADB.
Test: cts-tradefed run cts --module DevicePolicyManager
Bug: 31424428
Change-Id: Id8b6638fcec1642c54efaffdfaaee81040f4de8a
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| bc755da55cc00110a3c77b013c350a9b62c1f1cd |
|
14-Oct-2016 |
Michal Karpinski <mkarpinski@google.com> |
Don't expose default strong auth timeout as constant
am: 6dbf67fc48
Change-Id: Iacbe9a2de7024e29e9c2c98594ebca828b855a43
|
| a6b3caf58e8ab18f4c3164afb8fba25e9954198b |
|
14-Oct-2016 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Don't expose default strong auth timeout as constant" into nyc-mr1-dev
|
| f38aac7fc0033a0b2227638fe4a6ccf985a59579 |
|
13-Oct-2016 |
Greg Plesur <plesur@google.com> |
DPM.isProvisioningAllowed(ACTION_PROVISION_MANAGED_DEVICE) should return 'false' for Wear devices after pairing/upgrade. am: 3514404984
am: 43ed3a5b6a
Change-Id: I20248c835034935c25ee6fa25f8eeeb9125f121e
|
| 43ed3a5b6af89da9a89c5876fde6e4d343bd2652 |
|
13-Oct-2016 |
Greg Plesur <plesur@google.com> |
DPM.isProvisioningAllowed(ACTION_PROVISION_MANAGED_DEVICE) should return 'false' for Wear devices after pairing/upgrade.
am: 3514404984
Change-Id: I8d24007831ba030af0d84f717802c79172db970f
|
| 216ee1f0e76f6a36bebb5490c951db2a5513ae03 |
|
13-Oct-2016 |
Greg Plesur <plesur@google.com> |
Merge "DPM.isProvisioningAllowed(ACTION_PROVISION_MANAGED_DEVICE) should return 'false' for Wear devices after pairing/upgrade." into cw-f-dev
|
| 35144049846e115b7d1e03fb6c935ed497d83cb2 |
|
10-Oct-2016 |
Greg Plesur <plesur@google.com> |
DPM.isProvisioningAllowed(ACTION_PROVISION_MANAGED_DEVICE) should
return 'false' for Wear devices after pairing/upgrade.
BUG: 32019375
Change-Id: I2563efe58c98c5dd8440891e478c89e093d8d9ac
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 543befb7c222c258ad899de2c7ff9c19ce171186 |
|
13-Oct-2016 |
Vladislav Kuzkokov <vkuzkokov@google.com> |
resolve merge conflicts of 792e051 to master
Change-Id: I75e604639959df77ddf11bbb9805392e4141da23
|
| 98a145b5afb71b5fb95092d9df0e6453dad77f79 |
|
13-Oct-2016 |
Vladislav Kuzkokov <vkuzkokov@google.com> |
Revert "Fix backup for users hit by erroneous backup disabling"
am: 9f61d17e6a
Change-Id: I460fbb670fbc7a724c981c4fceae0048ff4c9ded
|
| b24489e20aefaaaeb8251491fc5845b555952139 |
|
13-Oct-2016 |
Vladislav Kuzkokov <vkuzkokov@google.com> |
Merge "Revert "Fix backup for users hit by erroneous backup disabling"" into nyc-mr1-dev
|
| 6dbf67fc4889c49151415e986be98f70816f81ec |
|
06-Oct-2016 |
Michal Karpinski <mkarpinski@google.com> |
Don't expose default strong auth timeout as constant
The admin can instead use the value of 0 to reset to default.
Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
Bug: 31430135
Change-Id: I0d6b29ca4eca65d7ca72a8975a0c28c9050a946c
(cherry picked from commit 943aabd11cce3ab453762d3912395363720e1f5d)
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d227a66aade35f61f1401e73f888eda153be2a55 |
|
11-Oct-2016 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Don't expose default strong auth timeout as constant"
|
| 6dc428f677f2b80b085466961e9495972e1c88c9 |
|
10-Oct-2016 |
Tony Mak <tonymak@google.com> |
Allow device owner to inflate managed profile
1. Modify DPM.isProvisioningAllowed to allow it to happen
2. Introduce hidden API createProfileForUserEvenWhenDisallowed for
ManagedProvisioning app to create profile under DO.
Apps with MANAGE_USERS permission can clear the
DISALLOW_ADD_USER restriction anyway, so they do not gain extra power.
Test: runtest -x frameworks/base/services/tests/servicestests/src/com/android/server/pm/UserManagerTest.java
Test: cts-tradefed run cts --module DevicePolicyManager --test com.android.cts.devicepolicy.CustomDeviceOwnerTest#testIsProvisioningAllowed
Bug: 31895999
Change-Id: I10dc3043653130ae717a1d3d8256c9e73231bb21
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 943aabd11cce3ab453762d3912395363720e1f5d |
|
06-Oct-2016 |
Michal Karpinski <mkarpinski@google.com> |
Don't expose default strong auth timeout as constant
The admin can instead use the value of 0 to reset to default.
Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
Bug: 31430135
Change-Id: I0d6b29ca4eca65d7ca72a8975a0c28c9050a946c
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 9f61d17e6a41e80732fb78a8a8fb723b92498a15 |
|
05-Oct-2016 |
Vladislav Kuzkokov <vkuzkokov@google.com> |
Revert "Fix backup for users hit by erroneous backup disabling"
BUG=31754835
This reverts commit 1975021d88da6623a570a6ddab8b2397b1c0e59f.
Change-Id: I5cf7862126755a34cf3b4d70436529401fddc87f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 700e1e7ee8e4ed491768a35ed692a4e8f0ff0d4b |
|
28-Sep-2016 |
Nicolas Prevot <nprevot@google.com> |
Don't allow the shell to change admin-locked app permissions.
BUG:27432532
Change-Id: I67f8794ea923edb5024033bb2a4474a1fb6d5fd9
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 84ba6b0f27d00e2958587bbeb3f1431245e46e83 |
|
29-Sep-2016 |
Vladislav Kuzkokov <vkuzkokov@google.com> |
Fix logic in disabling BackupTransport in DO mode. am: bbaadc0166 am: cfaef4287d
am: da82fa0a3f
Change-Id: Ib2215eda1c95b6e04429ca30011bb84789bb9b6e
|
| 2555a1211d16f1a532227fd52a56b4e1dc3f2ea6 |
|
29-Sep-2016 |
Vladislav Kuzkokov <vkuzkokov@google.com> |
resolve merge conflicts of 852c394 to master
Change-Id: I75562584559c1b11111e316edded61587892ee8b
|
| cfaef4287d87e8c7d8faf0f6605c5a9f02f1b4fd |
|
28-Sep-2016 |
Vladislav Kuzkokov <vkuzkokov@google.com> |
Fix logic in disabling BackupTransport in DO mode.
am: bbaadc0166
Change-Id: I89c0a7fb44bc50efedf2e8dc5eabaa4711b2687b
|
| 56d7022d48d67b133491dd803876c632d4aae87a |
|
28-Sep-2016 |
Vladislav Kuzkokov <vkuzkokov@google.com> |
Fix backup for users hit by erroneous backup disabling
am: 1975021d88
Change-Id: I4421e9642c2e89bf17535ef3212617d268c1c9d2
|
| cd339f211ae976d0ffeaffcceb178b45804556a9 |
|
28-Sep-2016 |
Vladislav Kuzkokov <vkuzkokov@google.com> |
Merge "Fix logic in disabling BackupTransport in DO mode." into nyc-mr1-dev
|
| 1975021d88da6623a570a6ddab8b2397b1c0e59f |
|
28-Sep-2016 |
Vladislav Kuzkokov <vkuzkokov@google.com> |
Fix backup for users hit by erroneous backup disabling
BUG=31754835
Change-Id: I89dd08b7958dd8fe20d70bc50f2c89996ae46cc5
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| bbaadc01663495736fa597305525e874a896ade4 |
|
28-Sep-2016 |
Vladislav Kuzkokov <vkuzkokov@google.com> |
Fix logic in disabling BackupTransport in DO mode.
We were disabling backup in consumer mode as well.
BUG=31754835
TEST=android.content.pm.cts.shortcuthost.ShortcutManagerBackupTest
Change-Id: I42e5cfa512fda1b471eb62c7eb8bc346383da2fa
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 357ca56f8b3b419d6b05294adae1fefcf0e63d3a |
|
25-Sep-2016 |
Makoto Onuki <omakoto@google.com> |
Fix DPM unit tests, also fix a log message. am: 6ad5f92512 am: 2f78ab5387
am: 4001a2b4c4
Change-Id: Ifc1735798074af6758da5cc3a40d9adada1376cb
|
| 2f78ab5387341982b81259ec574cfca09ee7085a |
|
23-Sep-2016 |
Makoto Onuki <omakoto@google.com> |
Fix DPM unit tests, also fix a log message.
am: 6ad5f92512
Change-Id: Ieab914cf8538e3086fb32cc351e45e6a5c2017c5
|
| 18fb24c5d3e8f9e2a66e78f13a7fa2567fbd3231 |
|
23-Sep-2016 |
Makoto Onuki <omakoto@google.com> |
Merge "Fix DPM unit tests, also fix a log message." into nyc-mr1-dev
|
| 369672b8bb5e65ad926314c6d6a1c0e28c3e2d1b |
|
23-Sep-2016 |
Michal Karpinski <mkarpinski@google.com> |
Fingerprint Strong auth timeout
am: 0b72a722ed
Change-Id: I70a4c0288aa2d98c02706a055a5dda710ace2ae2
|
| 69659cb96df2b149bbb0577179f16712054a8bc2 |
|
23-Sep-2016 |
Michal Karpinski <mkarpinski@google.com> |
Merge "Fingerprint Strong auth timeout" into nyc-mr1-dev
|
| 8a4808526741b8058a361e5c8aad810b0e412802 |
|
22-Sep-2016 |
Vladislav Kuzkokov <vkuzkokov@google.com> |
Add DevicePolicyManager.setBackupServiceEnabled as hidden API.
am: 5a122a1ce9
Change-Id: I134891f0b24cc666c34ae54cb3c937ba2f16648e
|
| 6ad5f92512462f774a2ff7e59abdf5edbfd215b3 |
|
19-Sep-2016 |
Makoto Onuki <omakoto@google.com> |
Fix DPM unit tests, also fix a log message.
Bug 31446501
Change-Id: I37debbe2f4e983fb8bad026f8dd9bd91b7448dce
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 0b72a722edacfd790178a2a6183bb985656b2887 |
|
21-Jun-2016 |
Michal Karpinski <mkarpinski@google.com> |
Fingerprint Strong auth timeout
Allows PO and DO configure strong auth timeout for fingerprint.
Bug: 31430135
Change-Id: Ie6451d49aa95527adc3720d9a2a0848f58940510
(cherry picked from commit 8f010dd25d18151cc47accc7d853b4f8f7fe8491)
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 4a134a93d23b8463ade9696316d4824a27cddec9 |
|
15-Sep-2016 |
Michal Karpinski <mkarpinski@google.com> |
Merge "Fingerprint Strong auth timeout"
|
| 5a122a1ce90c8c09fd579147061cb7b4cd8b23e9 |
|
06-Sep-2016 |
Vladislav Kuzkokov <vkuzkokov@google.com> |
Add DevicePolicyManager.setBackupServiceEnabled as hidden API.
BUG=28628532
Change-Id: I48c3423734e54b6a4d70e58d50c98c3e17790e0d
(based on a8202524608a4fc9178e6b18e13602c5a8abb404)
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 3ef6f111c0b3fc9292bd4b67cebf2373586a3ad8 |
|
14-Sep-2016 |
Makoto Onuki <omakoto@google.com> |
Persist package's test-only flag and always use it am: 46ea8e7f9d am: c146ed5d26
am: 47803d9cbd
Change-Id: I73d1d0f9d370e1e85b0dc487c9574d397afda64d
|
| c146ed5d2611c09bc90005c0c982c00d36ec4dfa |
|
12-Sep-2016 |
Makoto Onuki <omakoto@google.com> |
Persist package's test-only flag and always use it
am: 46ea8e7f9d
Change-Id: Ib6a24171828bbdf884c9d71ab8c07622a8f1fddb
|
| 46ea8e7f9d24d1fab4824f570400d6fb7bf355e0 |
|
09-Sep-2016 |
Makoto Onuki <omakoto@google.com> |
Persist package's test-only flag and always use it
Bug 31382361
Change-Id: Ie48aba5827074d2a6efb6966f61af30444376384
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f9c376b7869810c91e067500cf0edbf94c4f6cda |
|
08-Sep-2016 |
Suprabh Shukla <suprabh@google.com> |
resolve merge conflicts of 37ad463 to master
Change-Id: I51b2097ac3ea4ce3ec8bb29e674d1cdd789aa1a1
|
| 12c4d4132f6bab5eecfb7b8fc8cfdc55e0f8ab77 |
|
08-Sep-2016 |
Robin Lee <rgl@google.com> |
DO NOT MERGE Stop work challenge freeform bypass am: 0737c2b4c2 am: ec5ceae174
am: 32daa7a95c
Change-Id: I8580890ee0fcd6b1fb80352b4437d2a1379dfaee
|
| 32daa7a95cd49cbedf00c006cf80929518cc5465 |
|
08-Sep-2016 |
Robin Lee <rgl@google.com> |
DO NOT MERGE Stop work challenge freeform bypass am: 0737c2b4c2
am: ec5ceae174
Change-Id: Ic4bbce08944881f0d20a08c1ebb4db5531208f23
|
| ec5ceae1743b64822cb7ca35d5938109a8beb370 |
|
08-Sep-2016 |
Robin Lee <rgl@google.com> |
DO NOT MERGE Stop work challenge freeform bypass
am: 0737c2b4c2
Change-Id: Ia76391f710e42e9634010bd211a0370230b318e3
|
| 9d46e5e044541bbe470ae72074a7aa18b862c827 |
|
07-Sep-2016 |
Makoto Onuki <omakoto@google.com> |
Allow DO/PO to be installed with certain preconfigured accounts.
am: 5e7e0670c7
Change-Id: I9191a60bf4071b8205c04131cb2d97ef1a32fb19
|
| 5e7e0670c7b4b0f15c812fc83991afcc7fa24bf9 |
|
02-Sep-2016 |
Makoto Onuki <omakoto@google.com> |
Allow DO/PO to be installed with certain preconfigured accounts.
- Non-test-only DO/PO still can't be installed when there are
accounts.
- Test-only DO/PO can be installed even when there are accounts,
as long as all the accounts have the
"android.account.DEVICE_OR_PROFILE_OWNER_ALLOWED" feature.
Some authenticators claim to have any features, so to detect it,
we also check android.account.DEVICE_OR_PROFILE_OWNER_DISALLOWED
and disallow installing if any of the accounts have it.
- Also add logs on certain important events in DPMS.
Bug 28928996
Change-Id: I62efce10e9cc22e994ea8cae91a4fafcce25dd77
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 8f010dd25d18151cc47accc7d853b4f8f7fe8491 |
|
21-Jun-2016 |
Michal Karpinski <mkarpinski@google.com> |
Fingerprint Strong auth timeout
Allows PO and DO configure strong auth timeout for fingerprint.
Bug: 29825955
Change-Id: Ie6451d49aa95527adc3720d9a2a0848f58940510
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 1970f97e4758224132329a3e0dbe9c3946c4499b |
|
30-Aug-2016 |
Tony Mak <tonymak@google.com> |
Send ACTION_DEVICE_OWNER_CHANGED broadcast after clearing device owner
Change-Id: Iaac182c69a30e941da3a017a923247d813881521
Fix: 27261692
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 3f98ea1eeef5bed165f77d1cf64b8d4b2dd3f0b4 |
|
30-Aug-2016 |
Victor Chang <vichang@google.com> |
Merge "forceUpdateUserSetupComplete should have no effect in user build"
|
| 3577ed2556f20f7ab09e58b6b286217c7e1560c9 |
|
25-Aug-2016 |
Victor Chang <vichang@google.com> |
forceUpdateUserSetupComplete should have no effect in user build
Bug:30031808
Change-Id: I908a495633e03ace770a8ec19196841d19dfd41d
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 0737c2b4c2ae6415eced00926235f848d1957bae |
|
08-Aug-2016 |
Robin Lee <rgl@google.com> |
DO NOT MERGE Stop work challenge freeform bypass
Bypassing work challenge in freeform mode was trivial by just keeping
work apps open in freeform mode and then switching focus to them from
another app.
Because the only interception point is startActivity this never
triggered work challenge.
The solution is to trigger the check on focus change events and also to
allow passing the result back into the freeform stack instead of dumping
our user out into the homescreen.
Change-Id: I141ecf90b5f0e708a21d27141b6fec6074e5d475
Fix: 30693465
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a8202524608a4fc9178e6b18e13602c5a8abb404 |
|
18-Aug-2016 |
Vladislav Kuzkokov <vkuzkokov@google.com> |
Add DevicePolicyManager.setBackupServiceEnabled as hidden API.
BUG=28628532
Change-Id: I48c3423734e54b6a4d70e58d50c98c3e17790e0d
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| feef989771c8b4393e0c742097390bc95c1ba4fb |
|
25-Aug-2016 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Add missing comment."
|
| 1e26c2950a3bfdb3a0bcdcbe283bd5f1f73b3c29 |
|
25-Aug-2016 |
Rubin Xu <rubinxu@google.com> |
Add missing comment.
Change-Id: I78b24c0a56e0f06a692e6e5665873c994241a487
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| fce4b4acfc7dd4408ff60e898313406495facbf0 |
|
25-Aug-2016 |
Andrew Scull <ascull@google.com> |
Only check password length for relevant qualities.
am: 83ab85410b
Change-Id: I89354ab06c70fd7b23d32aeebf84df85f6375765
|
| b038c4f617ef15d5f691adee51e5684677e3073e |
|
25-Aug-2016 |
Andrew Scull <ascull@google.com> |
Merge "Only check password length for relevant qualities." into nyc-mr1-dev
|
| c148ba90fb963b96c62854da65f60299446a6501 |
|
25-Aug-2016 |
Nicolas Prévot <nprevot@google.com> |
Merge "Allow DO to factory reset if it has set DISALLOW_FACTORY_RESET."
|
| 8d79662301a701881f00330cec3bc41806754d00 |
|
28-Jul-2016 |
Nicolas Prevot <nprevot@google.com> |
Allow DO to factory reset if it has set DISALLOW_FACTORY_RESET.
The Device Owner could remove this user restriction anyway.
Also do the same for PO in primary user.
BUG:27263403
Change-Id: I0f7b9a6237e40668b1eab2f55dc5c3f79e0d6eeb
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 9bfc65f321ec7f4eb3bffb5148d8e3b90b0bdc0f |
|
15-Aug-2016 |
Victor Chang <vichang@google.com> |
Add api to update user_setup_completed flag to allow e2e testing in ManagedProvisioning
Bug:30031808
Change-Id: Idd4b230931718a6d10f0fc41cdcf9bccb5c6354c
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| fb4d7e8838c1c3ab6f69a3ff3d4141ab0f721f4c |
|
08-Aug-2016 |
Ashley Smith <ashleymarie@google.com> |
Fixing NPE in device policy tests am: 68a2a0feed
am: d83eee9445
Change-Id: I29a02cc933c1bb46b85bb70050123d3c223bed81
|
| d83eee9445b4d5c65b91f67f2b1013358cc1d6d3 |
|
08-Aug-2016 |
Ashley Smith <ashleymarie@google.com> |
Fixing NPE in device policy tests
am: 68a2a0feed
Change-Id: Ic637f7380d674e17b82ce417df82b8e940f92aa8
|
| 67d9c792a8122204775e2e18289fe1b7ce0c2693 |
|
08-Aug-2016 |
Ashley Smith <ashleymarie@google.com> |
Merge "Fixing NPE in device policy tests" into cw-f-dev
|
| f0b9bd4f80cde7ac29049737d067707cad37e5c9 |
|
06-Aug-2016 |
Suprabh Shukla <suprabh@google.com> |
Not trying to remove admins already being removed am: 9704e409df am: 636cd41893
am: 58da13b6fa
Change-Id: I2da5ec521d940156dc6f06019a0b85cddece0ce5
|
| 68a2a0feed79e8e8928785461740525f6e384960 |
|
05-Aug-2016 |
Ashley Smith <ashleymarie@google.com> |
Fixing NPE in device policy tests
Bug: 30224255
Change-Id: I5c21f8d0e5660cca1cf7861649195672348f802c
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 9704e409dfe1c1fc582d98837f2a315886a1cd61 |
|
05-Aug-2016 |
Suprabh Shukla <suprabh@google.com> |
Not trying to remove admins already being removed
If someone calls removeActiveAdminLocked more than once, it is possible
for the device policy data to end up with more than one copy of an admin
in the list mRemovingAdmins. Due to extra entries, once the admin
component is removed, it is not being allowed to be set as an admin again,
until the device reboots or mRemovingAdmins is cleared from the memory
due to some other reason. Fixing this by making sure we do not add
duplicate entries to mRemovingAdmins
Bug: 30369197
Change-Id: I1d53c41312171425bbd6e6e4153148276f1b098d
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 83ab85410b98bb6e4e01be5db54ec244aeeb3182 |
|
20-Jul-2016 |
Andrew Scull <ascull@google.com> |
Only check password length for relevant qualities.
The minimum password length is only required for certain password
qualities so only check the minimum length in those cases.
Bug: 30109030
Change-Id: I330c88fc0b22179e126fc1241a9c58d5e0d73e8e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| fe84fe01d7415ea86e37824c0aff0d988089b6c2 |
|
25-Jul-2016 |
Tony Mak <tonymak@google.com> |
Persist master volume mute across reboot am: c1205111a9
am: c33b549af8
Change-Id: Id5e57ebdf81824af0f86854d8668a05f8109e0e1
|
| c1205111a92b52283078f1a2e86c8d32c5928b92 |
|
22-Jul-2016 |
Tony Mak <tonymak@google.com> |
Persist master volume mute across reboot
Fix: 30133263
Change-Id: I53450a504e40e55516acc88550f369a74a244eaf
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| cca00b0e7f2d939ef6e84f0cbc50256aed6043c6 |
|
20-Jul-2016 |
Andrew Scull <ascull@google.com> |
Only check password length for relevant qualities.
The minimum password length is only required for certain password
qualities so only check the minimum length in those cases.
Bug: 30109030
Change-Id: I330c88fc0b22179e126fc1241a9c58d5e0d73e8e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| c69f21c357bc0fd3687d9dba1825effe30f968c0 |
|
18-Jul-2016 |
Makoto Onuki <omakoto@google.com> |
Merge \\"Remove the DMAgent whitelisting\\" into nyc-mr1-dev am: bf6c6b44e1
am: 41fa9fe0a4
Change-Id: I5bbe059464a8719b92bf16997482382c7de02e99
|
| 0b4b58f5077562c8f2d084974d001d0f714bcaad |
|
16-Jul-2016 |
Makoto Onuki <omakoto@google.com> |
Remove the DMAgent whitelisting
Bug 30075554
Change-Id: Ib089353ff9f58eb175a7b5d9addfb371655afc6b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| e4da41e6be7b6cc5d2f26d1c24910785d04c751c |
|
13-Jul-2016 |
Benjamin Franz <bfranz@google.com> |
Merge \\"Add hidden API to store whether provisioning config has been applied\\" into nyc-mr1-dev am: 17ca90430b
am: b3fa8d87e0
Change-Id: If65317cf6ec5237cff36fba86ed219ab078776ad
|
| 2aa9bab8a1edd7a9dc62f4a2ae51defa026a7de6 |
|
11-Jul-2016 |
Benjamin Franz <bfranz@google.com> |
Add hidden API to store whether provisioning config has been applied
Bug: 29629204
Change-Id: Iaf4164357868b17dbc6615a77babb0e7cbc183b7
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 1f984d7f6bb5b86dcb0da06402cb941b3aa88009 |
|
12-Jul-2016 |
Mahaver Chopra <mahaver@google.com> |
Merge \\"Add an api to verify if ro.device_owner was set\\" into nyc-mr1-dev am: c1182a8128
am: 325af20235
Change-Id: I18fc9c4d7662c6b05e3b66d9a1fcddb9c9e43730
|
| 790d198860dc550f2dbaa5ac502cbcda1f8530c9 |
|
07-Jul-2016 |
Mahaver Chopra <mahaver@google.com> |
Add an api to verify if ro.device_owner was set
Currently for OobConfig app we used DEVICE_PROVISIONED Global setting to
verify if device was provisioned. This setting can be modified using
adb. we just need to know if it was set atleast once. Added an api in
DPM to return whether system property "ro.device_owner" was set.
Bug: 29935702
Change-Id: I9a2b5217c0bc2cc11d68282e05a5450ea3f6cf21
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d1349217270559e5ada6e44a0d0528495d5ec8d5 |
|
07-Jul-2016 |
Rubin Xu <rubinxu@google.com> |
Merge \\"Bump ACTION_CHOOSE_PRIVATE_KEY_ALIAS broadcast to foreground\\" into nyc-mr1-dev am: f627e9c09e
am: 2a1491061d
Change-Id: I30bad0f21b35f98db769a92ea81be7be50b86186
|
| ca081ca39642e507588e284dfe98ff3ad4bc12d1 |
|
06-Jul-2016 |
Rubin Xu <rubinxu@google.com> |
Bump ACTION_CHOOSE_PRIVATE_KEY_ALIAS broadcast to foreground
Bug: 29966726
Change-Id: Ifdbdd26df40518d9e50f9a0b0dfc5c01cb9accb2
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 6d4f195f1ab24942e9a56e37b05e5c80500b3ba4 |
|
30-Jun-2016 |
Chad Brubaker <cbrubaker@google.com> |
Merge changes from topics 'handle-storage-update', 'action-storage-changed'
* changes:
Update trusted certificates when the trust store is changed
Deprecate ACTION_STORAGE_CHANGED
|
| 4de59ef3238c4bf4b8c994b83be2c703ffad2a5b |
|
02-May-2016 |
Chad Brubaker <cbrubaker@google.com> |
Deprecate ACTION_STORAGE_CHANGED
ACTION_STORAGE_CHANGED is too noisy and fires on too many events. It has
been split into ACTION_KEYCHAIN_CHANGED for
addition/modification/removal of user certificates and keys,
ACTION_TRUST_STORE_CHANGED for changes the the user added and system CA
stores on the device and ACTION_KEY_ACCESS_CHANGED for changes to key
grants.
ACTION_STORAGE_CHANGED will only be sent to applications targeting N
and below. Applications targeting future releases should use the new
broadcasts.
Bug:28450538
Change-Id: I34ff838e9858db65f7308ca2b0f7d652c48fae17
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 6e150baa881edce56ad653f80bf92617b8d0cf55 |
|
29-Jun-2016 |
Suprabh Shukla <suprabh@google.com> |
Merge changes Id876f01f,If7c94cf8 into nyc-mr1-dev am: 634ed6bc17
am: a07ed2f383
Change-Id: I795b47e1c7e2c944c0c7525bb108af577546ee53
|
| f8c04cbe959e6bb6fed2c2779ad45185f66b8855 |
|
28-Jun-2016 |
Suprabh Shukla <suprabh@google.com> |
Enabling auto-ota in retail demo mode
Bug: 29542384
Change-Id: If7c94cf8a8e5851011f23dc5d64fc795f9a07b22
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f574cf568bb24b5336322d9b4be7e80a9df8d499 |
|
28-Jun-2016 |
Tony Mak <tonymak@google.com> |
Merge "setProfileEnabled should be no-op when the profile is already enabled"
|
| 709a63d9c0a71bdf2af66904ed6e7440915b45d2 |
|
09-Jun-2016 |
Nicolas Prevot <nprevot@google.com> |
Show policy transparency screen if adding an account is not allowed.
If DISALLOW_MODIFY_ACCOUNTS has been set by a profile/device owner,
or account management is disabled:
When an app tries to add an account, show the policy transparency screen.
BUG:26762383
Change-Id: I721220c37c74493020f5a1be1f15731e9863a1de
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 26704957fe48d75a5b4f3a51cff520a9e4d8b82c |
|
13-Jun-2016 |
Makoto Onuki <omakoto@google.com> |
Don't take the DPMS lock in DPMI.createPackageSuspendedDialogIntent
This method is called by AM with the lock held, so can't take the
DPMS lock.
It still takes a different lock, but we don't call into the external
world while holding this lock, so this is fine.
Bug 29242568
Change-Id: Idbecdd7d97385ca66c693903443471fdbae833e6
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| bd4148bbab494efc51c6333696237a7ce6e12076 |
|
14-Jun-2016 |
Tony Mak <tonymak@google.com> |
setProfileEnabled should be no-op when the profile is already enabled
Just printing log if we encounter this situation, we may consider to
throw exception if we provide API to check is profile enabled later.
Bug: 29069975
Change-Id: I819be0f97b038dbdd6c6cea81c42ff73be60027b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| c29f62c7388f550da2c7368c5dbc0aec7d1564fe |
|
07-Jun-2016 |
Makoto Onuki <omakoto@google.com> |
Push DO/PO package names from DPMS to PM
Bug 29126573
Change-Id: I95ea1559f6acf5d2f0e1b0953568cdfc938e83b9
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 90c9dbc91910a77b8660ec66de0725aee472e0ab |
|
31-May-2016 |
Ricky Wai <rickywai@google.com> |
Do not get device owner admin info when device owner is null
Bug: 29043723
Change-Id: I355c549f891a5e71f654f42ed16a7139da86482a
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 977ade26dd8bc6a442be2db2470459058246844f |
|
24-May-2016 |
Ricky Wai <rickywai@google.com> |
Do not allow DPM.resetPassword() when child profile exists or user is locked
Bug: 28878708
Change-Id: Iaae2a9ba9c7c0ff388264c474c78a0dcd9fec258
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 12753ded44813a77a4cad5114d34345bec7b21ef |
|
23-May-2016 |
Victor Chang <vichang@google.com> |
Fix Certificate authority installed notification is gone when turning off and on the work mode.
cause: Work mode is turned on before entering USER_STOPPED state.
Thus, BOOT_COMPLETED broadcast is not sent, but the notification has been dismissed.
use USER_STARTED + USER_UNLOCKED because both are foreground.
Bug: 28864104
Change-Id: I4796b61586e194d8367b9e52a9c56f858cbcbe7d
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 93f8fd714ad89067bf81d2ce8be3b2f2e816dee2 |
|
05-May-2016 |
Sudheer Shanka <sudheersai@google.com> |
Update RestrictedLockUtils to use UM.getUserRestrictionSource.
Bug: 28269827
Change-Id: Ib4a1441b71986ca6637a9236136b60e18dbc1643
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| bc73347152a3562a7f957a07433d64912f4acd83 |
|
17-May-2016 |
Robin Lee <rgl@google.com> |
Merge "Skip 'network may be monitored' if dying or locked" into nyc-dev
|
| 820ae5a47587f3d0a7bc4be9acb1c46c590c9860 |
|
12-May-2016 |
Ashley Smith <ashleymarie@google.com> |
Fixing a NPE in DevicePolicyManagerService
Bug: 28786940
Change-Id: I73de8dea9221765ed0751039f3d472cf78d341af
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| fe47b6eefa266e2a43294f6472e58698be711ee2 |
|
13-May-2016 |
Robin Lee <rgl@google.com> |
Skip 'network may be monitored' if dying or locked
KeyChain isn't direct boot aware & attempting to bind to a service
inside a dying user isn't going to end well.
Change-Id: I5a0acc34f98c39705ec404765c87e7ac61ca9b71
Fix: 28725354
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 090b5a8e8c6cbe069c9818eda25b1976da6426a9 |
|
11-May-2016 |
Victor Chang <vichang@google.com> |
Merge "Fix ConfirmCredential is not presented before trusting cert installed by PO/DO" into nyc-dev
|
| 8560a7c2a1681276ccf8cb04dfd02bfea6251af4 |
|
09-May-2016 |
Victor Chang <vichang@google.com> |
Fix ConfirmCredential is not presented before trusting cert installed by PO/DO
- TrustedCredential is responsible to show ConfirmCredential
- Show the MonitoringCerInfoActivity in personal side instead to avoid showing work challenge
- put user id into extra
Bug: 28619980
Change-Id: Iedbc0b721ef56675f3c9eb6f1d12daf1222ad080
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 0fb6b9e18c4f9fad98c426ace0190017e8b2060a |
|
04-May-2016 |
Rubin Xu <rubinxu@google.com> |
Guard retrievePreRebootSecurityLogs with config flag
Bug: 28160645
Change-Id: Ifce884c319019758dfaaa39bc239e9f30962c920
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| fc0810b4d47b3cd679c5c761eb225be3d1351060 |
|
05-May-2016 |
Paul Lawrence <paullawrence@google.com> |
Merge "Revert "Don't enforce this API - it's not sensitive"" into nyc-dev
|
| 9de713d42269a5888d31423b74d4203dce382853 |
|
03-May-2016 |
Paul Lawrence <paullawrence@google.com> |
Revert "Don't enforce this API - it's not sensitive"
This reverts commit 895504e55788c5c7fd90830dcf01c41a79ca7fe4.
Also adds a change to device manager to prevent failure there
as in the bug below.
Bug: 28512889
Change-Id: I4a445ec365133e9e2764e2d625d61fc6ee2008ec
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| dc67971a996c447c71ceb9ad983c79c96f598bcc |
|
03-May-2016 |
Robin Lee <rgl@google.com> |
Add lockdownEnabled parameter to always-on VPN API
Allows callers to opt-out of blockading network traffic during boot and
on VPN app failure.
Bug: 26694104
Change-Id: Ibfbd43ad09a25f2e38053fcd6306df3711f8bde2
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| ce18c8167766f92856f94a8e88e19de4698960e6 |
|
28-Apr-2016 |
Jeff Sharkey <jsharkey@android.com> |
Introduce "unlocking" vs "unlocked" nuance.
There is a narrow window of time during user unlock where we're
reconciling user storage and dispatching the "unlock" status to
various internal system services. While in this "unlocking" state,
apps need to be told that the user still isn't actually "unlocked"
so they don't try making calls to AccountManager, etc.
The majority of internal services are interested in merging together
both the "unlocking" and "unlocked" state, so update them.
Clarify naming in AccountManagerService to make it clear that a local
list is being used, which mirrors the naming in MountService.
To match UX/PM requested behavior, move PRE_BOOT_COMPLETED dispatch
after the user is unlocked, but block BOOT_COMPLETED dispatch until
after all PRE_BOOT receivers are finished to avoid ANRs.
Bug: 28040947, 28164677
Change-Id: I57af2351633d9159f4483f19657ce0b62118d1ce
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| c0440e5f4dfa695d2347c68bbec787d3e16847eb |
|
22-Apr-2016 |
Victor Chang <vichang@google.com> |
Merge "Deleting lock screen clears all CA approvals" into nyc-dev
|
| dc068eba6f577b0ec37f5830df5c19f4ff2e85cf |
|
21-Apr-2016 |
Victor Chang <vichang@google.com> |
Deleting lock screen clears all CA approvals
When both screenlocks for profile user and parent user has been removed (both set to none),
remove CA approvls on that user, and show the "Certificate authority installed" notification.
Bug: 28161447
Change-Id: I3c78dc5cfcdf7c02c91b64abe44984ee790d8f3e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 38dcca51a739d3273b24e84ba5e89e505f45960c |
|
19-Apr-2016 |
Kenny Guy <kennyguy@google.com> |
Add test method to remove admins.
Add test method to remove admins that declare
FLAG_TEST_APP without informing them.
The method will also remove the device and profile
owner status of the admin.
Bug: 28027468
Change-Id: Idb4d3299a9c6595c94bfb424546cd8a384131835
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| fd580f7d1a5a19b062bea49602f0f6136bce7e5e |
|
13-Apr-2016 |
Sudheer Shanka <sudheersai@google.com> |
Merge "Update {set,get}{Long,Short}SupportMessage APIs to use CharSequence." into nyc-dev
|
| 1271cef419bdb7577f64b1dfa05d5678df706ef5 |
|
13-Apr-2016 |
Michal Karpinski <mkarpinski@google.com> |
Merge "API polish in DPM for organization color and name methods" into nyc-dev
|
| caf566a5372b05230885b787997b98ff4508eadd |
|
13-Apr-2016 |
Victor Chang <vichang@google.com> |
Merge "Update display text in cert notification" into nyc-dev
|
| 74cd73079c6901f7e081fcac744a2597ed96a991 |
|
12-Apr-2016 |
Michal Karpinski <mkarpinski@google.com> |
API polish in DPM for organization color and name methods
- Returning and accepting CharSequence instead of String
- Enforcing 100% opacity and adjusting javadocs for color
format
- Adding @ColorInt annotations
Bug: 27531295
Change-Id: Id27d4fd5e7bb4d746cc61288457eb4eb86224505
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 3ccca91e6ee2106004c3762ee682deff7343c6d4 |
|
12-Apr-2016 |
Sudheer Shanka <sudheersai@google.com> |
Update {set,get}{Long,Short}SupportMessage APIs to use CharSequence.
Bug: 27531295
Change-Id: Ib28c509a3112046c14d812265ce43bc5b5574f12
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 4c74334c4425e43dfb53bc2ef707eebb1bef7d5b |
|
11-Apr-2016 |
Fyodor Kupolov <fkupolov@google.com> |
Merge "Added getProfileIds method returning array of userIds" into nyc-dev
|
| 355d47697c346ad4c7f41a8af1febcdf4ff95988 |
|
07-Apr-2016 |
Victor Chang <vichang@google.com> |
Update display text in cert notification
- Show DPC app name for PO
- Check user id for DO
- Update notification title for all cases
- update symbols for private resource ssl_ca_cert_warning changed from string to plural
- Pass number of certificate to MonitoringCertInfoActivity
Bug: 25772443
Bug: 18224038
Change-Id: I68db06f55a24879c1d5f532e38b97e2932bf990e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a078b4ba6a30532585e93b7d99f81fd0184aeb56 |
|
08-Apr-2016 |
Nicolas Prévot <nprevot@google.com> |
Merge "Still return a package suspsended dialog if there is no owner." into nyc-dev
|
| 8aa48028f36a411192623881191c2591a009a997 |
|
08-Apr-2016 |
Nicolas Prevot <nprevot@google.com> |
Still return a package suspsended dialog if there is no owner.
When an application cannot be started, and there is no profile/device
owner, still return a PackageSuspendedDialog.
BUG: 28042198
Change-Id: I5c30393f9481840a965bb815235af5181561a063
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 7f98aa4aa93497692f200c553d2d6fff402e3de2 |
|
07-Apr-2016 |
Fyodor Kupolov <fkupolov@google.com> |
Added getProfileIds method returning array of userIds
Previously many usages of UserManager.getProfiles and getEnabledProfiles
were only using ids of returned users. Given that the list of users needs
to be parceled and unparceled for Binder calls, returning array of ids
minimizes memory usage and serialization time.
A new method getProfileIds was introduced which returns an array of userIds.
Existing method calls were updated where appropriate.
Bug: 27705805
Change-Id: Ic5d5decd77567ba0f749e48837a2c6fa10e812c0
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 035e92447084b96ef2c9125e77105c237e20bad3 |
|
18-Mar-2016 |
Ricky Wai <rickywai@google.com> |
Fix work profile screen timeout policy
Settings screen should apply both primary and managed maximum
timeout policy, even separate profile challenge is enabled.
Bug: 27493348
Change-Id: Ia1ec1cafc7665c54816833af64e0f446a77a55b2
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| dc283a897680ffd33c4d15535ebe778ba5b42c43 |
|
24-Mar-2016 |
Ricky Wai <rickywai@google.com> |
Keymaster init for work profile
Changes:
(1) When unified work challenge is enabled and screen lock is secure
- Store work profile secure key in primary profile
- When primary user keystore unlocked, unlock work profile keystore
- When primary user change lock to none, remove work secure key
(2) When unified work challenge is enabled but screen lock is not secure
- When screen lock changes to secure, store work secure key in primary
(3) When user changes work challenge from unified to separated
- Remove work secure key in primary
(4) When user changes work challenge from separate to unified
- Do (1) and (2)
Bug: 27460698
Change-Id: I8f77bde5dc6b8e59c90256e75c5990100e93366b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a01c1f0d90def31de9bdd21bada11a3dfc0444b0 |
|
06-Apr-2016 |
Tony Mak <tonymak@google.com> |
Merge "xxxTrustAgentConfiguration should be supported in the parent DPM instance" into nyc-dev
|
| 589b855719ce89ba68ce1a93f15a4c79a2461adc |
|
06-Apr-2016 |
Robin Lee <rgl@google.com> |
Merge "Remove bool return from setAlwaysOnVpnPackage" into nyc-dev
|
| ee5eb934e349ee6a01a028cb431afac9018b8e56 |
|
05-Apr-2016 |
Robin Lee <rgl@google.com> |
Remove bool return from setAlwaysOnVpnPackage
Bug: 27533151
Change-Id: I4c656488e69cb5247dbb9cfd62d6f6f7043f9a90
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 73ebf33d76c1d06b275b011e043680c410fd70ac |
|
05-Apr-2016 |
Tony Mak <tonymak@google.com> |
Merge "getProfiles should only returns non-partial user info" into nyc-dev
|
| f4b30e2147671476564c8bba6edf33aa63334f6e |
|
05-Apr-2016 |
Sudheer Shanka <sudheersai@google.com> |
Merge "Remove the admin from the removing list when refreshing that admin." into nyc-dev
|
| 80189cdece046e2e915e07c0ee166b6375dbde84 |
|
05-Apr-2016 |
Tony Mak <tonymak@google.com> |
getProfiles should only returns non-partial user info
Bug: 26928524
Change-Id: I537bb0a9632cad603717a367b81d5e072452a6d7
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 089d840383c511ed170a284ba343bd9a00db790e |
|
05-Apr-2016 |
Tony Mak <tonymak@google.com> |
xxxTrustAgentConfiguration should be supported in the parent DPM instance
1. Fix trust agent config does not persist across reboot
2. xxxTrustAgentConfiguration now supported in parent DPM instance
Bug: 27601827
Change-Id: I6ea4a089bf590d6c44be40318f3a69c35c54f796
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 691b1a6005ed373ad75361aa5a1bd120f138f15c |
|
05-Apr-2016 |
Robin Lee <rgl@google.com> |
Merge "Switch to work challenge if MP calls resetPassword" into nyc-dev
|
| 7c9213313440be5925441b7bfbac4837336c6006 |
|
01-Apr-2016 |
Sudheer Shanka <sudheersai@google.com> |
Remove the admin from the removing list when refreshing that admin.
Change-Id: I9b597a116db4f1fb894427b4e885f29c3e94abdb
Fixes: 27909181
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| ce5c4009cf555b1ece69356949f4c2c4b38cc25a |
|
23-Mar-2016 |
Robin Lee <rgl@google.com> |
Switch to work challenge if MP calls resetPassword
If the profile owner wants to set a lock screen for a profile which they
created, we should let them. This will cancel any lock screen
unification that has been set up.
Attempting to clear the password will continue to throw
SecurityException if called from a managed profile.
Bug: 26682008
Change-Id: Ia09aef879a21c074ccb517905e43f62696837998
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f1fe782e912d3feed9cded8fb80b179c4ee5d09c |
|
31-Mar-2016 |
Robin Lee <rgl@google.com> |
Merge "API to approve CA certificates" into nyc-dev
|
| 2f7e1e487c8ef486a16ad2398ffee413b53da04e |
|
21-Mar-2016 |
Robin Lee <rgl@google.com> |
API to approve CA certificates
Bug: 18224038
Change-Id: Id928872cd70dac5a5ecfdcd52150fe6dea544e3b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| e04ac3d7d2027ea3149748ca6520405b7e1b1dbb |
|
31-Mar-2016 |
Victor Chang <vichang@google.com> |
Merge "Unit test for isProvisioningAllowed" into nyc-dev
|
| aa604694450539b4c99901b0714efaa79db3c87d |
|
31-Mar-2016 |
Andrei Stingaceanu <stg@google.com> |
Merge "AfW - suspend apps - API polish" into nyc-dev
|
| d2a968f9c31ba1864bc514bb88a9a939508fe794 |
|
31-Mar-2016 |
Sudheer Shanka <sudheersai@google.com> |
Merge "Return null value if getActiveAdminUncheckedLocked returns null." into nyc-dev
|
| 549b9692808cbd7d64e732b199b453b2b372dd32 |
|
31-Mar-2016 |
Sudheer Shanka <sudheersai@google.com> |
Return null value if getActiveAdminUncheckedLocked returns null.
- Split per user version of getUserRestrictions into a separate method
in DPMS and make the per-user version return null if the admin
parameter is not a valid one.
- Update isAccessibilityServicePermittedByAdmin and
isInputMethodPermittedByAdmin to return false if the admin parameter
is not a valid one.
Bug: 27909087
Change-Id: I6f4cae6552cbfe02dc4a92b04eeeddf0314e0974
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 3e794afb82228199c0a83bed5463dbeb3c48dd62 |
|
04-Mar-2016 |
Victor Chang <vichang@google.com> |
Unit test for isProvisioningAllowed
Note:
DevicePolicyManagerService is changed to inject ContentObserver notifier
Test: all test cases in DevicePolicyManagerTest pass
BUG: 25710621
Change-Id: I347cec71769d0e9dd6a334d7d6339d5ce6a3fa6a
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 5b7ca24f14ae4d1189ca7683fdad1ec0e62b88b8 |
|
30-Mar-2016 |
Rubin Xu <rubinxu@google.com> |
Merge "Add DevicePolicyManager API to install a client cert chain." into nyc-dev
|
| 30fb0534492478a3f95f6953b31bbb666ced8fe5 |
|
30-Mar-2016 |
Clara Bayarri <clarabayarri@google.com> |
Merge "Change default work challenge background color" into nyc-dev
|
| 8d0bd7fa634c090514ff27bbc0cd25a609c22b83 |
|
30-Mar-2016 |
Clara Bayarri <clarabayarri@google.com> |
Change default work challenge background color
Requested by UX
Bug: 27829562
Change-Id: I815c06784189e68b09e464e936521e82091c93c3
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| b70ba1971c29db87e405434161489e2450309050 |
|
30-Mar-2016 |
Andrei Stingaceanu <stg@google.com> |
Merge "AfW custom lock screen message - API polish" into nyc-dev
|
| b43659170824dd8d753d9249fe6ccfd37c6221ae |
|
23-Mar-2016 |
Rubin Xu <rubinxu@google.com> |
Add DevicePolicyManager API to install a client cert chain.
When installing a keypair the caller will have the option to specify a
certificate chain which will later be returned to whoever requests access
to the keypair via KeyChain.
Bug: 18239590
Change-Id: Id21ef026e31537db38d891cb9b712dd4fe7159c7
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| efc4a344a173ae20ec72b8c05c45b794687fda87 |
|
22-Mar-2016 |
Andrei Stingaceanu <stg@google.com> |
AfW - suspend apps - API polish
* renamed getPackageSuspended => isPackageSuspended
* does not return false for an error, instead throws
NameNotFoundException if the package could not be
found, or if there is an unknown RemoteException,
wraps it in a RuntimeException and rethrows.
Bug: 27532430
Bug: 22776761
Change-Id: Iee00600089b1c0556a3312b10456826464fa8f9f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 81a95700e591d098d829df86eb25a77a70b23d79 |
|
29-Mar-2016 |
Rubin Xu <rubinxu@google.com> |
Fix SecurityException in getStorageEncryptionStatus
Bug: 27892709
Change-Id: Ic6a3ccb8d266cfb04708413b767fe4f284219e57
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 16187903b40014e28b97e2bd1429543e2c27ffb9 |
|
21-Mar-2016 |
Andrei Stingaceanu <stg@google.com> |
AfW custom lock screen message - API polish
DevicePolicyManager:
* getDeviceOwnerLockScreenInfo now returns CharSequence as it returns a string
for display to a user
* setDeviceOwnerLockScreenInfo
** accepts CharSequence, not String as this is a string displayed to the user
** Returns void; throws an appropriate runtime exception on failure
Bug: 27531295
Change-Id: I30528569cfa66ee76f857fbee1c3196f821718fd
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| fac4ddbd25e7ccaa763b9ac93ef1df5015b85628 |
|
28-Mar-2016 |
Jeff Sharkey <jsharkey@android.com> |
Work around buggy DMAgent.
They're targeting new API level, but they aren't handling the new
constants.
Bug: 27785116
Change-Id: I8391294d963c86af1f948b91c7d1de6b7f44f66a
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a7c85adeda9283442b313c3e8a565b1655591c7a |
|
23-Mar-2016 |
Lenka Trochtova <ltrochtova@google.com> |
Let the profile owner set lock-to-apps if the user is affiliated.
BUG: 25632687
Change-Id: I76008b6a8e2194155154dc7693d43ce20f7e9fad
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d3c0cf50b6c8e71c0c409abcd3b8c32f98f7cb71 |
|
21-Mar-2016 |
Victor Chang <vichang@google.com> |
Merge "Api change of DPM.setApplicationRestrictionsManagingPackage()" into nyc-dev
|
| cd14c0a9daa42a7ccacef345b3b2ef255790f993 |
|
16-Mar-2016 |
Victor Chang <vichang@google.com> |
Api change of DPM.setApplicationRestrictionsManagingPackage()
Throws NameNotFoundException instead of IllegalArgumentException
Can't throw NameNotFoundException directly from DPMS as
aidl doesn't support checked exception
Bug: 27532565
Change-Id: I202721f41057f92ad2dd851d4769ba4502a8f9b3
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 8a372a0a280127743ce9a7ce4b6198c7a02d2a4f |
|
16-Mar-2016 |
Jeff Sharkey <jsharkey@android.com> |
Refactoring FBE APIs based on council feedback.
Mostly consists of removing the word "encryption" from most APIs,
since we can't actually make promises about the data being encrypted.
Bug: 27531029
Change-Id: Iace9d7c4e64716abf86ed11847c40f3947e1d625
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 6235a94ffaed1d82cee2317481c18776f601da1b |
|
15-Mar-2016 |
Michal Karpinski <mkarpinski@google.com> |
Unifying method names and comments to security logging, not device logging
Also move SecurityLog to android.app.admin package.
Bug: 27531824
Bug: 27532560
Bug: 27532564
Bug: 27532425
Change-Id: I2677afdb5685bc5d21e52c41b381b57a41e364b6
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 8a8e8ea19a825dd45117909df2f0140ca20565e7 |
|
15-Mar-2016 |
Mahaver Chopra <mahaver@google.com> |
Merge "Update DPM.reboot with new restriction" into nyc-dev
|
| 1216ae5d023e8f6e4f158a447a5764288e4ccc3e |
|
11-Mar-2016 |
Mahaver Chopra <mahaver@google.com> |
Update DPM.reboot with new restriction
DPM.reboot() should not be called when there is an ongoing call on the
device.
Bug:27531799
Change-Id: Idc1fa4c7aa79b20ec9c2afcccf855455ee316787
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| b5a4d9605f6ee009984165f1c894b3949dc8417a |
|
15-Mar-2016 |
Sudheer Shanka <sudheersai@google.com> |
Merge "Show admin support dialog if app is suspended." into nyc-dev
|
| 7a9c34bd7a65bf27a3a7ea83d7a1391667bae50a |
|
11-Mar-2016 |
Sudheer Shanka <sudheersai@google.com> |
Show admin support dialog if app is suspended.
Bug: 26922950
Change-Id: I21f048873244df52d14910cc01a658af476d9149
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| c4927b9fd43efab3f69c4cba90624153a885e0aa |
|
15-Mar-2016 |
Michal Karpinski <mkarpinski@google.com> |
Logging of setting ro.device_owner property
Without logging of setting it's impossible to test the setup, unless
device is rooted.
Bug: 22860162
Change-Id: I0532654ef4e4b7272d2749b30590a1b47da9f645
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d4c9e541ec7110d3c842d6f92c3ec6beb0b6d997 |
|
26-Feb-2016 |
Makoto Onuki <omakoto@google.com> |
Add ENCRYPTION_STATUS_ACTIVE_PER_USER to...
getStorageEncryptionStatus()
Use StorageManager APIs to get the encryption
state instead of from the system properties
directly.
Bug 26547262
Change-Id: Ic27baa9489d43a93873f8bb0428084f8886aed67
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 03128dceab3a7cc517b7c253e740caac82e74033 |
|
10-Mar-2016 |
Paul Lawrence <paullawrence@google.com> |
Fix bug in new encryption API
Bug: 27583871
Change-Id: I372f0a6a411704dc57ca9bcc53c4c5a10b236772
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 2f79ae98afd895ec1179b38fccb538f64164b9fd |
|
09-Mar-2016 |
Michal Karpinski <mkarpinski@google.com> |
Tuning down wtf to warning for setting ro.device_owner property
This was logged to often, especially while running CTS hostside tests
and looked too scary to people.
Bug: 27230864
Change-Id: I9e81d9efe87b4aed18aa473be647c560ff9cfa0d
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d5a3f3df4097e4a57e0d31fba994c91d8996abf8 |
|
09-Mar-2016 |
Paul Lawrence <paullawrence@google.com> |
Merge "Add API to IMountService to get encryption state" into nyc-dev
|
| 20be5d62471d520eed3a52d90c11944464a71c07 |
|
26-Feb-2016 |
Paul Lawrence <paullawrence@google.com> |
Add API to IMountService to get encryption state
Bug: 18002358
Change-Id: If7d9c9a5ed38ac37849fcf638ec10c76d2f419a1
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 97e89c624e19c0a0ebe3d76506a493cfe29c0558 |
|
08-Mar-2016 |
Sudheer Shanka <sudheersai@google.com> |
Merge "Update DPM.getWifiMacAddress to take admin component as argument." into nyc-dev
|
| 4d9abf92d4d5f77f025531b70ed1f58e7482acf5 |
|
08-Mar-2016 |
Tony Mak <tonymak@google.com> |
clear calling identity before calling getUserInfo
Bug: 27523508
Change-Id: I243a5423de850477cf65968c8ea26cbb3ae896d5
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 3cb4da16dcf07474acefb709d10b22cdfdefd81b |
|
08-Mar-2016 |
Sudheer Shanka <sudheersai@google.com> |
Update DPM.getWifiMacAddress to take admin component as argument.
Bug: 27532280
Change-Id: I3a5e9557c3c6ac43c458c911a5309bdb2655fb66
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 1145cd26bd8acff6aced86a98819172fd7e4cbd1 |
|
07-Mar-2016 |
Kenny Guy <kennyguy@google.com> |
Don't crash if KeyChain can't be bound to.
KeyChain can throw an assertion error if
is not around, don't allow that to take down
system.
Bug: 27518175
Change-Id: I99418dfb65c58d3e07cbda91860cdb493b96a836
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| fdc5ba8f43e09cfbc8f5de0bf819b7684094953e |
|
05-Mar-2016 |
Jeff Sharkey <jsharkey@google.com> |
Merge "Move more PM calls to ParceledListSlice." into nyc-dev
|
| d5896630f6a2f21da107031cab216dc93bdcd851 |
|
05-Mar-2016 |
Jeff Sharkey <jsharkey@android.com> |
Move more PM calls to ParceledListSlice.
Since the data returned by these calls can grow unbounded based on
various GET flags, we need to switch 'em over.
Bug: 27391893
Change-Id: Ie849ca30dbaaa91158da4c83675657715629a0ee
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| e1fd7f09d5149055b8ad7bcf24846ecd8d87027a |
|
04-Mar-2016 |
Suprabh Shukla <suprabh@google.com> |
Merge "Not clearing data for a package that is a DO or PO" into nyc-dev
|
| 0114263a1aff5dea92fdafbec81c1b40093e9aba |
|
04-Mar-2016 |
Victor Chang <vichang@google.com> |
Merge "enforceCanSetDeviceOwnerLocked should enforce userId == USER_SYSTEM for non-split user mode" into nyc-dev
|
| 915d5245533c449550b9dae54b71414394ae2d74 |
|
04-Mar-2016 |
Victor Chang <vichang@google.com> |
Merge "isDeviceOwnerProvisioningAllowed implementation to match enforceCanSetDeviceOwnerLocked" into nyc-dev
|
| e29cd4724ff41f1cd81c1493f02fb0ba2b2f8197 |
|
02-Mar-2016 |
Victor Chang <vichang@google.com> |
enforceCanSetDeviceOwnerLocked should enforce userId == USER_SYSTEM for non-split user mode
Bug: 27453111
Change-Id: I1acdfecdf4474696e904a6a4df189453be306aa4
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 5676ae256a15b73d724c38940356be324fc9647a |
|
02-Mar-2016 |
Victor Chang <vichang@google.com> |
isDeviceOwnerProvisioningAllowed implementation to match enforceCanSetDeviceOwnerLocked
The main purpose is to fix the security flaw that
user can force isDeviceOwnerProvisioningAllowed to return true
by setting the device_provisioned without factory reset
Check UserSetupComplete instead, as it's cached by DPMS if it's ever set to true
Refactor common code of isDeviceOwnerProvisioningAllowed and enforceCanSetDeviceOwnerLocked
The functionality of enforceCanSetDeviceOwnerLocked should be exactly the same.
DPM Unit Test all pass
Bug:27403225
Change-Id: I32dae8e222e01e08664abb313ead3a92d4186658
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d04525214b9a999339cd553a22b95b52debecde5 |
|
02-Mar-2016 |
Suprabh Shukla <suprabh@google.com> |
Not clearing data for a package that is a DO or PO
Added a check inside PackageManagerService to make sure data for a
package with a DO or PO for the running user is not cleared. Currently,
the 'pm clear' command goes through without any such checks.
Bug: b/27243904
Change-Id: I87d4ad2db031f47946f34627a5ee465ef144f85e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| ba24409033241e680d111e7dea6501e760d972c5 |
|
25-Feb-2016 |
Michal Karpinski <mkarpinski@google.com> |
Rework of remote bugreports UX
New notifications, that open dialogs.
Bug: 26226230
Change-Id: I50f9ab23b6c6d03892889d9081cabb0a3d858f91
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 8bbace3afcae7ca614fd8c8d86c4d48d47ded392 |
|
03-Mar-2016 |
Ricky Wai <rickywai@google.com> |
Merge "Fix clearDeviceOwner() not working in split-user mode" into nyc-dev
|
| e9aa6ec1cf57d20aaf4da5d90a78f891a8f0ca5b |
|
29-Feb-2016 |
Tony Mak <tonymak@google.com> |
Fix setBluetoothContactSharingDisabled does not persist
The default value of bluetotoh contact sharing is true.
So we should save when it is false.
Bug: 27410265
Change-Id: Icaf4ceeda09eca46d160acfecc53834819b66a18
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 45eb8bd9b9ab81273e23d64adb806542900bca02 |
|
25-Feb-2016 |
Ricky Wai <rickywai@google.com> |
Fix clearDeviceOwner() not working in split-user mode
Bug: 25906481
Change-Id: Iefe004b4bac7a7fc79c613e61a42f916fce7230e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a4fae1545ae38f61385e45e8f635994f447efca5 |
|
24-Feb-2016 |
Makoto Onuki <omakoto@google.com> |
Merge "Support safe mode properly." into nyc-dev
|
| 889c0880661bda16e3759995e03766ddf0350732 |
|
17-Feb-2016 |
Makoto Onuki <omakoto@google.com> |
Support safe mode properly.
In safe mode, IPM.queryXxx() doesn't work. Use IPM.getReceiverInfo()
directly instead.
Bug 27108276
Change-Id: Ice8f882559b8f0596a19ddb3a16395a4dc538a25
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 155a280e18200aeaa0e7d5e31d6b8b0115c58e42 |
|
24-Feb-2016 |
Robin Lee <rgl@google.com> |
Merge "DPM: installKeyPair variant: caller can self-grant" into nyc-dev
|
| ce3399fbb46972d223b0cd154eaea3b68a16e051 |
|
24-Feb-2016 |
Robin Lee <rgl@google.com> |
DPM: installKeyPair variant: caller can self-grant
If 'requestAccess' is true, the caller (either profile/device owner or a
designated certificate installer) will be granted usage of the keypair
on successful installation.
This has no security implications for a profile/device owner which would
already be able to self-grant. Delegated certificate installers did not
have this ability before.
This is only allowed at install-time- not afterward.
Bug: 24746231
Change-Id: Ia0ec290bb0bcde1d8137c188e2667cb7718dbfd7
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 515a6c7030f73aeb812b13e7073e814dcd35c297 |
|
24-Feb-2016 |
Lenka Trochtova <ltrochtova@google.com> |
Merge "Throw UnsupportedOperationException when creating ephemeral user on a system without split system user." into nyc-dev
|
| a0ea967d111b9f8e01ebbb1ac8d393270e1788b6 |
|
19-Feb-2016 |
Michal Karpinski <mkarpinski@google.com> |
Removing lock contention in SecurityLogMonitor
After being interrupted the monitor thread tried to acquire
a lock that is held by interrupting thread, resulting in timeouting
on join().
Bug: 27061904
Change-Id: Ifbd578d5f5a266083b207fedd8ebb6d26ab08c31
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 3dfe7f655d3707c0b89746ca8834a155de4e5e31 |
|
23-Feb-2016 |
Lenka Trochtova <ltrochtova@google.com> |
Throw UnsupportedOperationException when creating ephemeral
user on a system without split system user.
BUG: 27143201
Change-Id: I7b7e634ba7fce576dd72a416e802c80939f05d3e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 27ee33482a2fdecbbbedbd33a137ceae3e93fa2a |
|
08-Feb-2016 |
phweiss <phweiss@google.com> |
Remove deprecated APIs DPM.createUser, createAndInitializeUser
They were deprecated in M and slated for removal in N.
Bug: 26974903
Change-Id: I7ae4d60bcf226c1e1de42852b378ad1ff71a914b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 024f979dfdae1938afc3c509ea9762c06784cef5 |
|
17-Feb-2016 |
Lenka Trochtova <ltrochtova@google.com> |
Allow ephemeral users on the split-system-user systems only.
BUG: 27143201
Change-Id: I37f3ca7366648dbf07df39a7a972857e0ff78a9a
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 4ab36372fb7f2f8236d9fa308ec508582fc52607 |
|
19-Feb-2016 |
Makoto Onuki <omakoto@google.com> |
Merge "Clean up on UserManagerService and DPMS" into nyc-dev
|
| 2a3c3da0fc07ef37abc45cfb0166bdf5f7f202b6 |
|
18-Feb-2016 |
Makoto Onuki <omakoto@google.com> |
Clean up on UserManagerService and DPMS
- Avoid the ART warning about 4.1 compatibility
- Avoid integer overflow in DPMS
Bug 27243525
Bug 27242859
Change-Id: I92af323287e348fbd0eff31e6cf9823be8e41024
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 60949288064460894bdd288f4865cdb180c0e501 |
|
18-Feb-2016 |
Makoto Onuki <omakoto@google.com> |
Fix bugs in user restriction migration
Originally I didn't know user-0 could have PO, so I excluded this case
from migration. Now we handle it properly.
Also make sure only restrictions that can actually be set by each
owner moves to the owner restriction. (Because of this, we no longer
have to have DISALLOW_WALLPAPER in the exception list, because
owners can't set DISALLOW_WALLPAPER.)
Bug 27225996
Change-Id: I6ad79d90e6c4400abbb1e4feba6ba59e3b650815
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| aafff2f835ea7c6dd08cadea0d92dfa7288c8e09 |
|
18-Feb-2016 |
Makoto Onuki <omakoto@google.com> |
Merge "Ensure DO/PO are also DA." into nyc-dev
|
| 184db600df42c2b27a2d34deecab57d591434b22 |
|
18-Feb-2016 |
Makoto Onuki <omakoto@google.com> |
Ensure DO/PO are also DA.
Bug 24503508
Change-Id: Ib957b84d5bee185501636c406d9aaf4985a79d8d
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| fc482c30b7a3c2cf7bc14d5c86de758a16f6433d |
|
17-Feb-2016 |
Makoto Onuki <omakoto@google.com> |
Merge "[framework] Don't allow apps on external storage to be active admin" into nyc-dev
|
| f34db0a17ee035c165a4e81e9192f73d2455bd1c |
|
17-Feb-2016 |
Makoto Onuki <omakoto@google.com> |
[framework] Don't allow apps on external storage to be active admin
Bug 27149287
Change-Id: I6d959d2e66dc0b19f78e6135fbdcf45ca8551958
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| eb84b1843a3f6805c6109c1d9d023550229a3fc5 |
|
26-Jan-2016 |
Andrei Stingaceanu <stg@google.com> |
Suspend packages - one call for multiple packages
Refactor setPackageSuspended into setPackagesSuspended. The rationale
is that the consumers of this API are likely to want to remove
multiple packages at once. Rather than calling the API N times, call
it just once.
The good part is that we already have the broadcast intent for
suspended packages take an array so only one broadcast. Less stress
on the system.
Another good part is that (right now) we only have one consumer of
this API and it will be easy to make changes once this CL goes in.
As a shell command, for consistency only allowed one package at
a time.
Bug: 22776761
Change-Id: Ic8b8cf64d0a288ea3a282bb7b72f9d663b3b0049
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 5ae4e73ef0747c2d08a901f1a76d8fb8ee64a53a |
|
17-Feb-2016 |
Andrei Stingaceanu <stg@google.com> |
Merge "Suspend packages - new API for retrieving the suspended status" into nyc-dev
|
| 910a367cbf36bd1f8d93416b9379224c76371dc8 |
|
17-Feb-2016 |
Michal Karpinski <mkarpinski@google.com> |
Merge "Remote bugreport notifications rework" into nyc-dev
|
| dafec11e698daf054730cfb04db64f3e31a0c9ff |
|
16-Feb-2016 |
Makoto Onuki <omakoto@google.com> |
Merge "Don't allow deactivating DAs when the user is not unlocked" into nyc-dev
|
| f79c887c5997f4a7735987a524869421a1a3ac2d |
|
16-Feb-2016 |
Esteban Talavera <etalavera@google.com> |
Merge "Let admin disable fingerprint for the work challenge" into nyc-dev
|
| e9377a7d84c23571342ea1c4dc6c12875eaaf3df |
|
15-Feb-2016 |
Michal Karpinski <mkarpinski@google.com> |
Remote bugreport notifications rework
Merging two notifications into one.
Bug: 27095707
Change-Id: Ib6582dabb7370f9b3b6e673b19ab43b70c73433a
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 355b232d7998cfc9b29d42a0356390e25191bcbd |
|
12-Feb-2016 |
Andrei Stingaceanu <stg@google.com> |
Suspend packages - new API for retrieving the suspended status
Instead of always rebuilding the full ApplicationInfo for a
package when callers are only interested in the suspended status
add a new fast API in Packagemanager (which only checks the
suspended user setting for the requested package and returns
a boolean) and change the appropriate caller code too.
Bug: 26794775
Bug: 22776761
Change-Id: Ide8428ef734479360d5a8a75fd8e0ed8ddf2da7a
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 115d2c189a46f535778d9dd0923f703ff2f888fe |
|
16-Feb-2016 |
Jeff Sharkey <jsharkey@android.com> |
Add feature versions for devices and apps.
We're starting to see more instances of device features that will
increment separately from the SDK API level, such as camera HAL,
GPU capabilities, Bluetooth, and other hardware standards.
This change adds the ability for device features to specify a
version, which is defined to be backwards compatible. That is, apps
requesting an older version of a feature must continue working on
devices with a newer version of that same feature.
When a version is undefined, we assume the default version "0".
Bug: 27162500
Change-Id: If890bf3f3dbb715e8feb80e7059a0d65618482ea
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| eff90bd5ff6bd50325149a5010183277bd76f4c6 |
|
15-Feb-2016 |
Nicolas Prévot <nprevot@google.com> |
Merge "Allow privileged apps to set the organization color." into nyc-dev
|
| 1a5ee776ee51ae6fba30c8f3b33e26eb7f9dedc6 |
|
13-Feb-2016 |
Makoto Onuki <omakoto@google.com> |
Don't allow deactivating DAs when the user is not unlocked
Bug 27149570
Change-Id: I772d9cbd6edc822c8f7b1988905b702e05e674cd
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 29b13190cd57bd823eb803f6fca03f671a32a5fe |
|
12-Feb-2016 |
Clara Bayarri <clarabayarri@google.com> |
Merge "Add support for current failed lock attempts and max attempts" into nyc-dev
|
| 51e41ad887a2e30a1366f0a3b4750f0204912b8e |
|
11-Feb-2016 |
Clara Bayarri <clarabayarri@google.com> |
Add support for current failed lock attempts and max attempts
This is needed from Settings to show a message informing the user
of the number of attempts before their work profile gets wiped
when using ConfirmDeviceCredentials.
Bug: 26677759
Change-Id: I4b16f7dc2f415d0ce0215a3b7a646f98fabece33
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d6c90a88831af5c8d3a3587173873031cf6f5d7f |
|
12-Feb-2016 |
Rubin Xu <rubinxu@google.com> |
Merge "Fix testApplicationRestrictionsManagingApp unit test" into nyc-dev
|
| 8f7698aaf630787693ec7edb4779a27fdd2b888b |
|
11-Feb-2016 |
Nicolas Prevot <nprevot@google.com> |
Allow privileged apps to set the organization color.
BUG:26923835
Change-Id: I97b0cbbc0d4fb9e9ca0e3d335a9d15eb5a1f9602
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 5f05cf96127ee1acb6d80efdc0a87fad2a9daa02 |
|
11-Feb-2016 |
Makoto Onuki <omakoto@google.com> |
Merge "If package has no active admins, just uninstall right away" into nyc-dev
|
| 641ea634eeebc52b7bdc825b32dc22881d63ae30 |
|
11-Feb-2016 |
Kenny Guy <kennyguy@google.com> |
Merge "DPMS shouldn't remove admins that aren't crypto aware." into nyc-dev
|
| 44fc4aeb1f3a6fcc6c1b8532530cb0589b2815c4 |
|
11-Feb-2016 |
Kenny Guy <kennyguy@google.com> |
DPMS shouldn't remove admins that aren't crypto aware.
DevicePolicyManagerService checks admins on boot
and removes ones that aren't found so it needs
to match crypto and non-crypto admins.
Match non-crypto aware apps when admin is enabling
system apps.
Bug: 27126412
Change-Id: Ibb20841679fb660de281782964b068d5a13b8fe9
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| ed1928a981cbff9a67b5c1786ded8cbdf848056b |
|
11-Feb-2016 |
Rubin Xu <rubinxu@google.com> |
Fix testApplicationRestrictionsManagingApp unit test
The API now requires the app restriction manager app to exist
on the current user when it is called.
Change-Id: I809816d4f5d73378c23b18d7b74ebb282b7dc444
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 09f856805902078931aa5de006bc5e2c5403dfa6 |
|
11-Feb-2016 |
Philipp Weiß <phweiss@google.com> |
Merge "DPM.createAndManageUser should work even with DISALLOW_ADD_USER set" into nyc-dev
|
| 2547071ff8d83dc51c915a56202081ca3a100b23 |
|
11-Feb-2016 |
Esteban Talavera <etalavera@google.com> |
Let admin disable fingerprint for the work challenge
Also, reworked the logic a bit:
* Admins can only set flags that affect the parent on the
parent DPM instance (i.e. no unredacted notifications)
* Admins can set flags not supported on the work challenge on
the regular DPM instance. If there is a work challenge,
they will have no effect (as managed profile policies don't
affect the regular lockscreen if there is a work challenge).
If there is no work challenge, they'll affect the parent profile.
Bug: 26891832
Change-Id: I8978e1aa6abe9c8dc07e030dfd069b5f4e1301f6
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| e9c440638e27a123a82feb5e4677ce1242785288 |
|
10-Feb-2016 |
phweiss <phweiss@google.com> |
DPM.createAndManageUser should work even with DISALLOW_ADD_USER set
For this, the DPM calls a new function
UserManagerInternal.createUserEvenWhenDisallowed() instead of
UserManager.createUser(). This calls
UserManagerService.createUserInternalUnchecked().
Also, only the system user is allowed to call this method, otherwise
a security exception is thrown.
Bug: 26952210
Bug: 26786199
Change-Id: I69c16354898d68592d13f5f53b840551f7ad4779
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| ed5c8f0216bf97e896936e2a2e24fc3fb18303a1 |
|
09-Feb-2016 |
Michal Karpinski <mkarpinski@google.com> |
Log strength of auth method used into security log
As approved by Android Security team, added logging of
strength of auth method as well as logging of fingerprint
keyguard actions.
Bug: 26841997
Change-Id: Ic8e3f125f775a7585fe56003f4c6442390edea61
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| ed9fa2ca3c9d0ed5f656a6aca459acf6f170660d |
|
11-Feb-2016 |
Makoto Onuki <omakoto@google.com> |
If package has no active admins, just uninstall right away
Also fix the bug where removeAdminArtifacts() is called
for all active admins on the target user.
Bug 27107878
Change-Id: I6edbdadffe8c75628539976d304e39d6abed73a4
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 338c1d860772edc3101ed4860a149e7f3c5fe493 |
|
10-Feb-2016 |
Suprabh Shukla <suprabh@google.com> |
Merge "Added an api to uninstall a packge with active DAs" into nyc-dev
|
| a2ae2238e506d5b092015440792d5a885b7a7b1d |
|
29-Jan-2016 |
Suprabh Shukla <suprabh@google.com> |
Added an api to uninstall a packge with active DAs
The api deactivates all the active admins in the package, then force
stops the package and starts the uninstall intent for the package. This
is intended to provide an easy way for a user to delete a misbehaving
Device Admin
Bug: b/22359208
cherrypick of Ic7ddd89ef6db53e7e76f805808d9e806100374db
Change-Id: I0d677839120c46f22231a7d6f9cf6630cb020227
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 66a320d368e93a03d5aee33eac85807a227c0a3c |
|
10-Feb-2016 |
Esteban Talavera <etalavera@google.com> |
Merge "Check for null on app restrictions managing app APIs" into nyc-dev
|
| f03d0a6bfcff0f36a623b4fad7bd505d94b22e9a |
|
10-Feb-2016 |
Rubin Xu <rubinxu@google.com> |
Require delegated cert installer and app restriction manager to exist
Enforce that apps with delegated powers to exist on device before
empowering them. This is consistent with DevicePolicyManagerService's
internal logic to clear the delegation power once the package is removed.
For delegated cert installer, only enforce this new restriction on
device admins targeting N or later.
Bug: 26233778
Change-Id: Ia8f45dfd5290958cebb36991c4b6baa03e8c28ae
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 48e64f20f328a40505f35062f870a7f6e5ab9ff6 |
|
10-Feb-2016 |
Esteban Talavera <etalavera@google.com> |
Check for null on app restrictions managing app APIs
Change-Id: I3d3cc9b4a4bd6a2526fd0bd7d8662c6b07183208
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| e28e5a9d3b3115ec00c1209bec393a397d359a9f |
|
05-Feb-2016 |
Nicolas Prevot <nprevot@google.com> |
Fail if setProfileEnabled is called outside a managed profile.
BUG:26709495
Change-Id: I98adf2dab1e7b27fef926144c460af8823fe96e7
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 57218cbbf773f389e5e9493623dd3d017e459590 |
|
04-Feb-2016 |
Sudheer Shanka <sudheersai@google.com> |
Merge "Made changes to fix some policy transparency options."
|
| 569258689a0d28f25cbdf7189038833d45a63a80 |
|
28-Jan-2016 |
Sudheer Shanka <sudheersai@google.com> |
Made changes to fix some policy transparency options.
Add isInputMethodPermittedByAdmin and
isAccessibilityServicePermittedByAdmin APIs in DevicePolicyManager.
And update utility methods in RestrictedLockUtils to use the correct
userId when checking if disabled by admin.
Bug: 26897250
Bug: 26767564
Bug: 26966213
Change-Id: I0b74b3e57904a82f8ce72d856769d35b5e8403e5
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 8c41a1c9bc9c61b7b63ce7ab1a6b2f0a099dbf01 |
|
03-Feb-2016 |
Kenny Guy <kennyguy@google.com> |
Match non-crypto aware admins when registering.
Profile owners are registered before the user is
started and unlocked, so we need to check for
components that aren't cryptoware when looking
for the admin.
Bug: 26924254
Change-Id: I61fca0a3d6e490ca6fea9a7bdc8f2c44efde74f2
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a0fddc1ed41a4bb14fc33e5bdbc4de1317dc79b7 |
|
03-Feb-2016 |
Makoto Onuki <omakoto@google.com> |
Merge "Ignore unknown user restrictions and WTF instead."
|
| 939be877760f1a3f32c96fbd34eed37a0fcf656c |
|
03-Feb-2016 |
Makoto Onuki <omakoto@google.com> |
Slightly change the "pre-N" so it's CTS-friendly.
Right now, the value of VERSION_CODES.N is 10000, but I'm writing
a caller app with target SDK level 24 for CTS, and the previous
logic didn't work for it.
Bug 25506830
Change-Id: I73613f30b437fb19406736f897d01d59b1f84c9d
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 1f1ceef0f88a8c2758d1ec0ed6c1366bac7c9de4 |
|
28-Jan-2016 |
Makoto Onuki <omakoto@google.com> |
Ignore unknown user restrictions and WTF instead.
Bug 23902097
Change-Id: I1ac147ecd0286a8eb674d6f9f527edfea6e1198e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 90b896533eb6a8867e7951bbbdbbacd9b520199c |
|
28-Jan-2016 |
Makoto Onuki <omakoto@google.com> |
DO / PO Shouldn't be removed as active admin...
even if they asked.
Also clear(Device|Profile)Owner should remove them as the active admin
too.
Also add some more unit tests.
Bug 26858840
Change-Id: I7b3ed92e1b4cbe803381ed6e3f64d8de17b2ebb0
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 49caead1c2608f57ac6c260396c6bfd058b921ae |
|
02-Feb-2016 |
Rubin Xu <rubinxu@google.com> |
Call SecurityLog methods via Injector
This is to make sure the unit test can mock them out.
Bug: 26911599
Change-Id: I07a1a8b43ad5716a4b667bc5266b3b03997268c5
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| fe13c5fbe11a6ee004d1b4e6b27a44fafbe22bd4 |
|
02-Feb-2016 |
Victor Chang <vichang@google.com> |
Merge "Fix that can't launch managed QuickContact in ContactSearch"
|
| d38308e4d0599836f9c5446ba9d6edbc0713c428 |
|
02-Feb-2016 |
Makoto Onuki <omakoto@google.com> |
Merge "Fix DPM unit tests"
|
| 3f3657a61b54d495bf2e692289eb92a48fe5a0b2 |
|
28-Jan-2016 |
Makoto Onuki <omakoto@google.com> |
Fix DPM unit tests
Bug 26911599
Change-Id: I874c9cd4f63c79bc984777ef3b1b654a414c4911
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 70b1751d14610c18439c5d0c4a8dce704eb819a8 |
|
01-Feb-2016 |
Victor Chang <vichang@google.com> |
Fix that can't launch managed QuickContact in ContactSearch
It happens when caller id is disabled but contacts search is enabled
BUG=26740020
Change-Id: I4ca79c82ed27f6f1da514b31d8d89fc71fd243fb
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| b4ec8aaaba6ee5f564875741217bdfaf53a10d5f |
|
01-Feb-2016 |
Makoto Onuki <omakoto@google.com> |
Merge "Revert "Throw for unknown user restrictions.""
|
| 2ec157d928b7804367091ee6c146b196ac6841e2 |
|
01-Feb-2016 |
Makoto Onuki <omakoto@google.com> |
Revert "Throw for unknown user restrictions."
This reverts commit 3861bf7e73fab9e39e8d1f6e5194f3600ed929a0.
Bug 26896902
Change-Id: I26fa0159b5bb832048ccd013054a01f91b54947b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| c3cd05f8a45ab789aae1cb553df86f94667d595a |
|
11-Jan-2016 |
Rubin Xu <rubinxu@google.com> |
Add DevicePolicyManager APIs for process logging.
Add Device Owner APIs for controlling and retrieving the logs. Retrieving the
logs should be rate limited unless we are at the risk of losing logs due to
constrained buffer space.
Bug: 22860162
Change-Id: I80658f5a14e86d7cfd42402fbc5e98dc11698c0e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f3bc593a627b67425b3b103ff148cf1f3da0fd29 |
|
29-Jan-2016 |
Makoto Onuki <omakoto@google.com> |
Merge "Throw for unknown user restrictions."
|
| 3861bf7e73fab9e39e8d1f6e5194f3600ed929a0 |
|
28-Jan-2016 |
Makoto Onuki <omakoto@google.com> |
Throw for unknown user restrictions.
Bug 23902097
Change-Id: I78a4b09db880134577d690be0c50ee9a64e6a309
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| dd231a16a1152beacdece7d32a9b85803e0cdb67 |
|
29-Jan-2016 |
Benjamin Franz <bfranz@google.com> |
Merge "Add policy to set the organization name"
|
| 3e8a7090642d58dcd435121650a243dca262c96a |
|
25-Jan-2016 |
Benjamin Franz <bfranz@google.com> |
Add policy to set the organization name
We allow the profile owner of a managed profile to set the name of the
managed organization.
This name is used as the default header message shown in the confirm
credentials screen a.k.a. work challenge.
Bug: 26638631
Change-Id: I03c5acc9fffe06cdb9d0d60dd1580b20e21783b1
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d4efab1173a55618e307f3cef078efa727270955 |
|
28-Jan-2016 |
Esteban Talavera <etalavera@google.com> |
Merge "Fix exception when calling setPasswordExpirationTimeout"
|
| d07438f300a0321bde09b3fffafa6ffd8771269b |
|
28-Jan-2016 |
Esteban Talavera <etalavera@google.com> |
Fix exception when calling setPasswordExpirationTimeout
Prevent exception when calling setPasswordExpirationTimeout on the parent
DPM instance. Callen setExpirationAlarmCheckLocked with the parent userHandle
was breaking because getPasswordExpirationLocked was trying to call getProfiles
on a different user.
Bug: 26847085
Change-Id: I9d584573245aba65af7ecf236f2021b47afb5d7e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| bc0ce990435fe02a356b3e43272f692709f633ed |
|
28-Jan-2016 |
Michal Karpinski <mkarpinski@google.com> |
Merge "Logging of keyguard actions into security log"
|
| 31502d3d95610930b56bb7931dbd57a997f9ce8f |
|
25-Jan-2016 |
Michal Karpinski <mkarpinski@google.com> |
Logging of keyguard actions into security log
Bug: 22860162
Change-Id: I7dbe68fff7d9d45b6c417d960cf025c8d0694917
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| ca3f6fae604880db14c3f3eb5bc8908c339be0a8 |
|
28-Jan-2016 |
Makoto Onuki <omakoto@google.com> |
Fix exception message
Change-Id: I6fe4b8b745414ed589337079e2893d87dadb34f5
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 1244ece2e345aea5a64c15c87b107c01dca3f9c9 |
|
27-Jan-2016 |
Makoto Onuki <omakoto@google.com> |
Merge "Make DPM.clearProfileOwner() public."
|
| 5bf68027cf502c2835ad258aec05544958fcd354 |
|
27-Jan-2016 |
Makoto Onuki <omakoto@google.com> |
Make DPM.clearProfileOwner() public.
Bug 26827204
Change-Id: Ib32e5370b493aa3e36b869d9ed3d78782df4c895
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f348e8e22bed4b56fdb0c02702d12b36467dedd7 |
|
07-Jan-2016 |
Lenka Trochtova <ltrochtova@google.com> |
Add policy for enforcing that all users are ephemeral.
BUG: 24883058
Change-Id: I8e53ca677c935a6c828dd6ece00b345d0eff182a
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a269c5d584a572d91a0640bb8f8f58885ff9d71b |
|
27-Jan-2016 |
Lenka Trochtova <ltrochtova@google.com> |
Merge "Add a flag for creating an ephemeral user with DevicePolicyManager#createAndManageUser."
|
| c8202c8d1d7c9bc2ee44cec538dc7fa4f95f960f |
|
26-Jan-2016 |
Lenka Trochtova <ltrochtova@google.com> |
Add a flag for creating an ephemeral user with
DevicePolicyManager#createAndManageUser.
BUG: 24883058
Change-Id: I225ee6f1f6692663349040676e7a6c742b3ede79
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d7693917a7c7348cb12692116d2693314c29e809 |
|
22-Jan-2016 |
Clara Bayarri <clarabayarri@google.com> |
Check if the profile password would comply as the device lock
Bug: 26801330
Change-Id: Ide31464dd0292ca97b03abe08cdde5b41d517b66
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 697815eddb0139e6d4284b72f9393cf46c6e544b |
|
26-Jan-2016 |
Victor Chang <vichang@google.com> |
Merge "Launch managed quick contacts without contact id"
|
| 44a18081546345a0655748717862a89ae6dd7948 |
|
26-Jan-2016 |
Alan Treadway <alantreadway@google.com> |
Merge "Add explicit and persistent user provisioning state."
|
| a92e1216ca3af5d03e17734b6b990be5116d07a9 |
|
25-Jan-2016 |
phweiss <phweiss@google.com> |
Make API createAndManageUser public
Remove @hide, and add parameter for specifying profile owner. The PO
has to live in the same package as the device owner.
Bug: 25288732
Bug: 25860170
Change-Id: I40e8984a71ee9d1ff74e57d4e79e298deef9bc35
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 97bdacc6d124f08a3f1c362fc35a5eed16af9880 |
|
21-Jan-2016 |
Victor Chang <vichang@google.com> |
Launch managed quick contacts without contact id
set contact id to enterprise base contact id if it's enterprise uri
BUG=26176780
Change-Id: Ie1160bef22d44c90eb4015783fafdafd160bcdd8
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| ab83fd5739bf475c07e8e7ff140489cdcdcb73be |
|
25-Jan-2016 |
Robin Lee <rgl@google.com> |
Merge "DPMS organisation API - Add a missing checkNotNull"
|
| 5f09616e6bb793e789167e3281478b13413d0932 |
|
25-Jan-2016 |
Philipp Weiß <phweiss@google.com> |
Merge "Add new API function createAndManageUser"
|
| d48788c1011893fbe13c5f64db906f140a66dd0b |
|
25-Jan-2016 |
Robin Lee <rgl@google.com> |
DPMS organisation API - Add a missing checkNotNull
Corrects a failing test.
Change-Id: I6be8a23caef53d1e9681733e5b340237952bd3e5
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| afad8783699b1ba6f3c7ee5961d6ddc2bd771dc1 |
|
19-Jan-2016 |
Alan Treadway <alantreadway@google.com> |
Add explicit and persistent user provisioning state.
Add explicit modelling of provisioning state so that integration
of management provisioning flows with packages such as setup-wizard
are cleaner, and can be more direct. Previously we relied upon
USER_SETUP_COMPLETE secure setting and HOME intents to signal intent,
but this is not very clear and can be fragile.
Bug: 25858670
Change-Id: Idc56a040f710c3aee281db420f21717da3960722
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 343fb33a9be819bbf33eae2c3f93bc44b3477ecd |
|
25-Jan-2016 |
phweiss <phweiss@google.com> |
Add new API function createAndManageUser
This is a reduced version of the (deprecated) function
createAndInitializeUser, that allows the device owner to create a
new user and pass a bundle with information for initialization. The
new version of the function has the same functionality, but the
profile owner of the new user is always the device owner.
A flag can be specified to skip the setup wizard for the new user.
The new user is not started in the background, as opposed to how
createAndInitializeUser did it. Instead, the bundle with
initialization information is stored and will be broadcast when the
user is started for the first time.
Bug: 25288732, 25860170
Change-Id: I4e1aea6d2b7821b412c131e88454dff5934192aa
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| fe434a15d6bde9299b51dc284b336944e5cf8a1c |
|
25-Jan-2016 |
Esteban Talavera <etalavera@google.com> |
Merge "Add additional APIs supported work on the parent DPM instance"
|
| 4c052f237a108457fca3d3864c5654ebd4505111 |
|
25-Jan-2016 |
Bartosz Fabianowski <bartfab@google.com> |
Implement user affiliation
A user/profile is considered affiliated if it is managed by the same
entity as the device. This is determined by having the device owner and
profile owners specify a set of opaque affiliation ids each. If the sets
intersect, they must have come from the same source, which means that the
device owner and profile owner are controlled by the same entity.
BUG=25599229
Change-Id: I393fe0de70272307ed3c811aaba4b48a5109c562
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 623999185029a2c5baf29efe4ebdcbcdebcca294 |
|
11-Jan-2016 |
Esteban Talavera <etalavera@google.com> |
Add additional APIs supported work on the parent DPM instance
Bug: 22543972
Change-Id: I05061e34d120c64d5c49ca6b7b4014d7dadb68f4
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 947f3557a5917617a6a738e3e2c4a2f055601270 |
|
22-Jan-2016 |
Benjamin Franz <bfranz@google.com> |
Merge "Add profile policy to set work challenge background color"
|
| 59720bb2a67dae70cd2e46a9f611d66e4a3f7221 |
|
18-Jan-2016 |
Benjamin Franz <bfranz@google.com> |
Add profile policy to set work challenge background color
Adding a policy for profile owners to set the background color of the
confirm credential screen for the managed profile.
Bug: 26638631
Change-Id: Iea36b94c5a42b6ae12cc36921ec5f840306e81a1
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| b7cc096fd49e99c01a9e963a895f6d26d685e474 |
|
21-Jan-2016 |
Oleksandr Peletskyi <peletskyi@google.com> |
Merge "Added restriction if a user is allowed to change the icon. BUG: 25305966"
|
| 7f1f1dfc8713fbecbab60cfbe14ab4d97d27deee |
|
18-Jan-2016 |
Oleksandr Peletskyi <peletskyi@google.com> |
Added restriction if a user is allowed to change the icon.
BUG: 25305966
Change-Id: I3d527224f00087b2bd959879ebb143e2ecb9c914
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 0fdcd3df83b4af1e6cd89246b5f38401d8062148 |
|
13-Jan-2016 |
Oleksandr Peletskyi <peletskyi@google.com> |
Added new password quality constant PASSWORD_QUALITY_MANAGED to make it possible
to prevent user from unlock modification.
BUG: 25549437
Change-Id: Iae9adccbb8f9e1db8a21d596137f69f6cad54988
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a8c8851caa0d1d44eccfcae2e01a2b6e7235d290 |
|
18-Jan-2016 |
Michal Karpinski <mkarpinski@google.com> |
Merge "DPM changes to support remote bugreports"
|
| 206747d9f60a0f554aac71c9da9ccfe1a6582c80 |
|
15-Jan-2016 |
Clara Bayarri <clarabayarri@google.com> |
Fix Device policy crashes after adding the account while checking isActivePasswordSufficient
The calls to LockPatternUtils#isSeparateProfileChallengeEnabled
require MANAGE_USERS permission, wrapped them in a clear identity
Bug: 26565169
Change-Id: I4a18cec3ae7beb13320350d4c3fdc63e4a7d741d
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| b68d2d5b68dc58fb7b75ce94af74de58a1b9d3f9 |
|
14-Jan-2016 |
Robin Lee <rgl@google.com> |
Merge "Always-on app VPNs"
|
| 3fc437e89b018f258a3dee1a83014555aa156dc4 |
|
15-Dec-2015 |
Michal Karpinski <mkarpinski@google.com> |
DPM changes to support remote bugreports
Bug: 22860136
Change-Id: If984318e421f511d9b0fc7138aacd36d5334698f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a1771110d67fa7361f92d92f2e91019882ce3305 |
|
18-Dec-2015 |
Clara Bayarri <clarabayarri@google.com> |
Create Work Challenge per-user condition
Change the current static condition to a per-user condition so we
can check and enable/disable the work challenge properly. Also add
an isAllowed API, as the Work Challenge can only be used when the
user's DPC targets N or above to maintain backwards compatibility.
Change-Id: I0cb8b475838816801868ffb24726407aa257b4de
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 244ce8ef5f201cf403bab43df8281671a9e94512 |
|
05-Jan-2016 |
Robin Lee <rgl@google.com> |
Always-on app VPNs
Bug: 22547950
Change-Id: I46b204170bfac58d944f39b22f815b080de71a58
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| c754dffe1980cb6c3be96fb258b046dfcdf82353 |
|
12-Jan-2016 |
Victor Chang <vichang@google.com> |
Merge "Create a new device policy for controlling work contacts search"
|
| 1060c61866d57bd82cc474447205471c15e0d901 |
|
04-Jan-2016 |
Victor Chang <vichang@google.com> |
Create a new device policy for controlling work contacts search
BUG=25981902
Change-Id: I5cea59d7d09bf54051ae0e56e824e4d3a08a49e7
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 3e826effedc89e326114a7abcbdd4ac7b3e125c0 |
|
14-Dec-2015 |
Clara Bayarri <clarabayarri@google.com> |
Create parent APIs in DevicePolicyManager
This change creates the infrastructure for a parent
DPM and implements the actual parent APIs for
- set/getPasswordQuality
- isActivePasswordSufficient
This is part of the Separate Work Challenge
Change-Id: I0477051b3162cbb26aac79467da08932f22fd1b7
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 51f3908c6a788f82d8188762c0680594a54b17ae |
|
06-Jan-2016 |
Jeff Sharkey <jsharkey@google.com> |
Merge "Consistent naming for PackageManager methods."
|
| e06b4d1d9f718b9fe02980fea794a36831a16db2 |
|
06-Jan-2016 |
Jeff Sharkey <jsharkey@android.com> |
Consistent naming for PackageManager methods.
When hidden PackageManager methods take a userId argument, they
should be named explicitly with the "AsUser" suffix. This fixes
several lagging examples so that we can pave the way to safely
start passing flags to new methods without scary overloading.
Also fix spacing issues in various logging statements.
Change-Id: I1e42f7f66427410275df713bea04f6e0445fba28
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 06de4e77c20be239384262b1508f0cf53bedb145 |
|
22-Dec-2015 |
Kenny Guy <kennyguy@google.com> |
Add support message for device admins
Allow admins to set a long and short support
message for settings to display.
Bug: 25659579
Change-Id: Ib645490785642e49c69d8dbc65455eb3398547ee
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 137241c714734d5559b3a3b3bd1d5c900ca7a879 |
|
30-Dec-2015 |
Sudheer Shanka <sudheersai@google.com> |
Update an error message.
Change-Id: Ifc32120ccccd14e8e821770995de91008ed518d7
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f3378a29e9c270f1cbfebb126de6f14355ccba08 |
|
17-Dec-2015 |
Esteban Talavera <etalavera@google.com> |
Merge "Device or profile owner can let another app manage app restrictions"
|
| 699d537d1b7410268c639653e66746398101ff81 |
|
17-Dec-2015 |
Mahaver Chopra <mahaver@google.com> |
Merge "Adding DPM.reboot"
|
| bf60f728cc7ed326fb8978afd9f589a685bb87b7 |
|
10-Dec-2015 |
Esteban Talavera <etalavera@google.com> |
Device or profile owner can let another app manage app restrictions
The device or profile owner can allow another
package to set app restrictions for any app in that user
Similar to the way it can give permission to access
CA certificate related APIs from M.
Bug: 22541936
Change-Id: I0c1b0804ad300dfa4fbdc1c7721c5d8653d77861
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 1e2839188fb49575b86646d3aadb355c81ef9cc5 |
|
26-Nov-2015 |
Andrei Stingaceanu <stg@google.com> |
Wire call to suspend a package
Adds APIs in DevicePolicyManager and PackageManager for allowing
a device admin to suspend a package. PackageManagerService sets
or unsets a new PackageUserState 'suspended' setting. Terminal
command to suspend/unsuspend has been added via
PackageManagerShellCommand (as root).
Next steps:
* use the new 'suspended' setting for denying access to start app
(probably in ActivityStackSupervisor)
* broadcast a PACKAGE_(UN)SUSPENDED intent for launchers to pick up
* remove app from recents (go further and kill it if it is running)
* erase existing notifications for this app
Bug: 22776576
Change-Id: I718b3498f6a53cc0c6fdfb6d15031e53ddca4353
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 1ce53bc571563d8bf448a81a38da342ed5413ee4 |
|
14-Dec-2015 |
Mahaver Chopra <mahaver@google.com> |
Adding DPM.reboot
Adding new policy in DPM to trigger reboot on the device.
Requirement: Device owner can reboot the device if it is stuck or is
not useable due to some unresponsive UI.
Bug: 25304994
Change-Id: I7a6d5c8ad611de9c1cf6619378e492a306b41626
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 5b9f167a8e7395ca54fc0ef78af4523858de87a7 |
|
11-Dec-2015 |
Esteban Talavera <etalavera@google.com> |
Only system can set application restrictions via UserManager
Preventing apps with MANAGE_USERS from managing application
restrictions via UserManager. Application restrictions should
only be set via DevicePolicyManager.setApplicationRestrictions,
or via Settings (for restricted profiles).
Bug: 22541936
Change-Id: Ieed51ef54b4c23a73f383465e9af9b3bcf18a514
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 055d8396ef6b99f9dcd639e98cce6029fca1c145 |
|
11-Dec-2015 |
Makoto Onuki <omakoto@google.com> |
Merge "Allow PO to set DO restrictions if it's on user 0"
|
| 5485ed46ff337769589c6e06b3469246e60b9e3b |
|
09-Dec-2015 |
Makoto Onuki <omakoto@google.com> |
Allow PO to set DO restrictions if it's on user 0
Bug 26091525
Change-Id: Ie6d2cd4ade076d8d2ec47243ff1280b95b7c9044
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 55c46f291dda5012e7ed0548653d7b8ca7a424e2 |
|
25-Nov-2015 |
Makoto Onuki <omakoto@google.com> |
Clean up DPM/DPMS to reduce code size.
Change-Id: Id6c1666ef4cdba795e3b6e4ddcb9c32e6ee90665
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| fbc65644b9bda216699f5f1f883d6dfa2668e545 |
|
03-Aug-2015 |
Robin Lee <rgl@google.com> |
DevicePolicy API to remove an installed KeyPair
The keypair is specified by alias and removed via a call to the
KeyChainService, which will have installed the pair in the first place.
Bug: 22541933
Change-Id: I37317e7c22e89816156e6e9a7abf4c5a59e8440a
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| ee3a437464026219ceec03c633e61b55e2f12a1d |
|
19-Nov-2015 |
Robin Lee <rgl@google.com> |
Send pwchange broadcast to caller only in FBE case
When per-user encryption is set up and we change the password of a
profile, the parent and other profiles shouldn't receive an
ACTION_PASSWORD_CHANGED as they have their own distinct passwords.
Change-Id: I70d4ec81277a9bdc3ac6cd952b84cd769a2800b4
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 10ad84a17d7248488c1653bacc9f20d3a7193999 |
|
01-Dec-2015 |
Clara Bayarri <clarabayarri@google.com> |
Create a separate Work Challenge check
This allows us to tell lock checks from FBE checks separately,
and will be useful when dealing with password unification.
Change-Id: Ifbea425f749fee4d6d51faddd8b64bf717a1a5f8
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 29fcf1b1dbb7740836eb78e06d3ef4fc5769623d |
|
26-Nov-2015 |
Clara Bayarri <clarabayarri@google.com> |
Apply Admin password restrictions to work profile
When the Work Challenge is in place, re-route the
enforcing of Admin policies on the password to the
work profile. The Admin should not be allowed to
dictate policies on the device lock in this case.
This is part of the Separate Work Challenge feature.
Change-Id: I757973e540797b5fb10bea7a2fd1925561655bc9
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 968dea0969c6aec651b91845e8d63462c5f20609 |
|
03-Dec-2015 |
Robin Lee <rgl@google.com> |
DPMS: Replace ArrayList<>(1) with SingletonList
Change-Id: I78f8230d959f17c3aa2f248122973a8cd5c96693
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 574f038a571ec9e1fd26db35a187b2f06b7484fd |
|
02-Dec-2015 |
Robin Lee <rgl@google.com> |
Resolve merge conflicts of 5ec51457e1 to master.
Change-Id: I70c12ad663c3b4d3b5e3b8f40bc659cb94d82c14
|
| 9c165d76010d9f79f5cd71978742a335b6b8d1b4 |
|
02-Dec-2015 |
Svet Ganov <svetoslavganov@google.com> |
Add optional permission review for legacy apps - framework
For some markets we have to allow the user to review permissions
for legacy apps at runtime despite them not supporting the new
permission model. This is achieved by showing a review UI before
launching any app component. If an update is installed the user
should see a permission review UI for the newly requested
permissions.
To allow distinguishing which permissions need a review we set
a special flag in the permission flags that a review is required.
This flag is set if a runtime permission is granted to a legacy
app and the system does not launch any app components until this
flag is cleared. Since install permissions are shared across all
users the dangerous permissions for legacy apps in review mode
are represented as always granted runtime permissions since the
reivew requirement is on a per user basis.
Whether the build supports permission review for legacy apps is
determined by a build constant allowing us to compile away the
unnecessary code for markets that do not require a permissions
review.
If an app launches an activity in another app that has some
permissions needing review, we launch the permissions review
UI and pass it a pending intent to launch the activity after
the review is completed.
If an app sends a broadcast to another app that has some permissions
needing review, we do not deliver the broadcast and if the sending
app is in the foreground plus the broadcast is explicit (has a
component) we launch the review UI giving it a pending intent to
send the broadcast after the review is completed.
If an app starts a service in another app that has some permissions
needing review, we do not start the service and if the calling app
is in the foreground we launch the review UI and pass it a pending
intent to start the service after the review is completed.
If an app binds to a service in another app that has some permissions
needing review, we schedule the binding but do not spin the target
service's process and we launch the review UI and pass it a callback
to invoke after the review is completed which spins the service
process and completes the binding.
If an app requests a content provider in another app that has some
permissions needing review we do not return the provider and if
the calling app is in the foreground we show the review UI.
Change-Id: I550f5ff6cadc46a98a1d1a7b8415eca551203acf
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 28860b7570d2b3e7bc6a136a7bb7312e5aaf6e61 |
|
26-Nov-2015 |
Alan Treadway <alantreadway@google.com> |
Fix for being able to setup Managed User from system user.
Also move feature flag check to ensure it is used in all cases.
Change-Id: If42787c5bc9ab824449c70f90fb827cf2da7507f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 777ef95ebf18c61ff09e7567a06058d351c530ca |
|
26-Nov-2015 |
Yohei Yukawa <yukawa@google.com> |
Use Context.getSystemService(Class<T>) for InputMethodManager.
This is a mechanical replacement of Context.getSystemService(String)
with Context.getSystemService(Class<T>) when retrieving
InputMethodManager. Note those are bundled code. Hence we don't need
to make sure Build.VERSION.SDK_INT >= 23.
Change-Id: Icc64942ad8f11e44bf84f8d4fe476b2fdd1257f3
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| e7927da1b6dc4f96714aa9bc4fbb71b3659f8cea |
|
25-Nov-2015 |
Makoto Onuki <omakoto@google.com> |
Don't call DPM from UserManager to avoid lock inversion
- Also make sure DPMS.mOwners is always guarded with DPMS.this.
(and remove synchronization from Owners.)
Bug 25796840
Change-Id: I83f7b78e7b437d9c2a2b1d6e714346cd15f95330
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 3ab6f2e219c167fd35f16b6cf233ae6a39d9de02 |
|
05-Nov-2015 |
Makoto Onuki <omakoto@google.com> |
DA receiver should be protected with BIND_DEVICE_ADMIN.
- DPM.setActiveAdmin() will not accept DAs without BIND_DEVICE_ADMIN
when it's targeting NYC or above.
- DAs without BIND_DEVICE_ADMIN targeting MNC or below will still be
accepted. (with a logcat warning)
- DAs that are already set on a device without BIND_DEVICE_ADMIN
will still be accepted regardless of the target API level, even when
it's upgraded to a version targeting NYC.
Bug 24168653
Change-Id: I1914c2ec99135d9dd8cbac3f6914f9e43bafacc8
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a31ebbc439364a4993e79fd385cf6373408a42fe |
|
24-Nov-2015 |
Makoto Onuki <omakoto@google.com> |
Add DO API to get wifi mac address
Bug 25496044
Change-Id: Ib1f0ce4ca10951edcfaa0aa79ae5c2d142a74599
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| c8a5a555f1482d0f45b538eb898d6ee7e26552a6 |
|
19-Nov-2015 |
Makoto Onuki <omakoto@google.com> |
DPM.isDeviceOwnerApp() and getDeviceOwner() now check calling user
- Previously on MNC, they would return the same result regardless who
the calling user is.
- Now they properly take DO user-id into account. Meaning, they'll
always return false and null respectively, if the calling user doesn't
run device owner.
- Note isDeviceOwnerApp() is a public API and getDeviceOwner() is
a system API. Meaning we're changing the behavior or non-private
APIs.
- Also cleaned up hidden APIs, and gave them explicit suffixes
to avoid confusion. Bundled code should prefer them for clarity.
Now we have:
* APIs that work cross-users: They all require MANAGE_USERS.
boolean isDeviceOwnerAppOnAnyUser(String packageName)
ComponentName getDeviceOwnerComponentOnAnyUser()
int getDeviceOwnerUserId()
boolean isDeviceOwnedByDeviceOwner()
String getDeviceOwnerNameOnAnyUser()
* APIs that work within user. No permissions are required.
boolean isDeviceOwnerAppOnCallingUser(String packageName)
ComponentName getDeviceOwnerComponentOnCallingUser()
Bug 24676413
Change-Id: I751a907c7aaf7b019335d67065d183236effaa80
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 15a46b07c5734b14df60ea28ab7a7cd26df2fc17 |
|
11-Nov-2015 |
Mahaver Chopra <mahaver@google.com> |
Add method isManagedProfile and isSystemOnlyUser
Adding method isManagedProfile() and isSystemOnlyUser() for DPC to know
if running in a managed profile or system only user
Bug: 24464823
Change-Id: I79974fdfd60d2bfe52dee3b4c95becf47a5bf0b1
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 42490c074dc8ff568d0459ed0f9247d55ad95c2f |
|
23-Nov-2015 |
Makoto Onuki <omakoto@google.com> |
Merge "Remove UserManager.setSystemControlledUserRestriction()"
|
| ac65e1e1dba1cf0ea237a389220ec818ade07a16 |
|
21-Nov-2015 |
Makoto Onuki <omakoto@google.com> |
Remove UserManager.setSystemControlledUserRestriction()
Now that we don't have UM.setUserRestriction*s*() that could remove
all existing restrictions, there's almost no point handling
DISALLOW_RECORD_AUDIO differently.
Now DISALLOW_RECORD_AUDIO is handled just like other restrictions,
except we don't persist it.
Bug 24954662
Change-Id: I27875b4a74dd95a3ce6bb774081eeaf718eaec15
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 883f12ac5ac818e678af46b64a3f6e97b51caabe |
|
23-Nov-2015 |
Alan Treadway <alantreadway@google.com> |
Merge "Revert "Disable multiple user for corp-liable mode""
|
| 86e5d6b868aec6fa4d3070f36d458798968c85f9 |
|
23-Nov-2015 |
Alan Treadway <alantreadway@google.com> |
Revert "Disable multiple user for corp-liable mode"
This reverts commit 1dc510eb5bc7f279002a3479f24761f08cc390f7.
Change-Id: I12ea8275369cbdc4e95b21c7f5d51b4f0e5da7b2
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 9aa233899f7cf5c1cdf4181412a9e197d83ab1a3 |
|
23-Nov-2015 |
Ricky Wai <rickywai@google.com> |
Merge "Add work contacts directory support in Quick Contacts API"
|
| 494b95d30266335044a854845219b6e34cf43edb |
|
20-Nov-2015 |
Ricky Wai <rickywai@google.com> |
Add work contacts directory support in Quick Contacts API
Bug: 25764505
Change-Id: I61f9d13ea03352e3df1686ee4b3bcc43e9a9a760
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 71c84e515e73f6a3cb30d68fc81f88e1bd02b5e3 |
|
23-Nov-2015 |
Mahaver Chopra <mahaver@google.com> |
Merge "Disable multiple user for corp-liable mode"
|
| 09b108e2bb6b585947249eda92c047d0b582e8a0 |
|
21-Nov-2015 |
Fyodor Kupolov <fkupolov@google.com> |
Merge "Added keep-uninstalled-packages DO policy"
|
| cb6fd80721253ffa9dcab5cf8c2f4e9b9cd17ccc |
|
05-Nov-2015 |
Fyodor Kupolov <fkupolov@google.com> |
Added keep-uninstalled-packages DO policy
This policy allows DO to specify a list of apps to cache even without being
installed on any user.
Bug: 23938464
Change-Id: I2eeab7f148409739fc23a5c44e955ad12b63fd04
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 1dc510eb5bc7f279002a3479f24761f08cc390f7 |
|
19-Nov-2015 |
Mahaver Chopra <mahaver@google.com> |
Disable multiple user for corp-liable mode
Bug: 25443050
Change-Id: Iad34e7ad0d3679626880f905f9bab9b6c2a192ed
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d7b43dd4bb315d9456f6eb74097d60a806b2db70 |
|
20-Nov-2015 |
Sudheer Shanka <sudheersai@google.com> |
Merge "Add per-user version of DevicePolicyManager.getUserRestrictions."
|
| 1fae502824dfb77a109fedd80dad61fe094d8284 |
|
19-Nov-2015 |
Makoto Onuki <omakoto@google.com> |
Merge "More work on layered user restrictions."
|
| 1a2cd74526113b45d9108b6997609122c4311fb1 |
|
16-Nov-2015 |
Makoto Onuki <omakoto@google.com> |
More work on layered user restrictions.
- Now when DO/PO sets a user restriction, DPMS pushes it to UMS and
then UMS persists it, in order for UserManager.hasUserRestriction()
to never have to talk with DPMS, which would cause lock inversion.
- Also apply user restrictions when a user start.
- This is an updated version of the abandoned CL -- the difference
is, ActivityManager no longer has to call DPMS.
- Also removed an unnecessary write to userlist.xml in UMS.
upgradeIfNecessaryLP().
Bug 23902097
Bug 25388912
Bug 25354031
Bug 25641040
Change-Id: I0948aea06ad7d0f45fe612a431d765faddfe3c58
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 5145df278bc7b607599e81370a2aecbfe0834c0c |
|
19-Nov-2015 |
Robin Lee <rgl@google.com> |
DevicePolicy: Always send ACTION_PASSWORD_CHANGED
The old check looks a lot like an equality check, but it's not valid
because two passwords can share the same parameters.
For example:
'11Aa' and
'Y99z'
Are not different according to the old logic.
Bug: 25319928
Change-Id: Ia69861d9103670d1fc1dbf0130516e18e85e8de0
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| ba51235ef5c598d845b77fcf14491329493da34f |
|
13-Nov-2015 |
Jeff Sharkey <jsharkey@android.com> |
More file-based encryption work.
Add new "am unlock-user" command so we can trigger changes from the
command line.
Move FBE check to static method so it can safely be called early
during boot before the mount service is ready. Move FBE emulation
to persisted system property, and start reading/writing that value.
Change default permission grants to ignore current encryption-aware
flags, since many of the target apps aren't crypto aware.
Always prepare package data directories, which is how we create the
new "user_de" paths during boot.
Bug: 22358539
Change-Id: I6f58ea2d34b3a466d3775d614f8a13de92272621
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a87401054fc6960c4b0ac2d361ddbcf415350b33 |
|
17-Nov-2015 |
Makoto Onuki <omakoto@google.com> |
Merge "Allow PO to clear password even if the same apk has DA"
|
| c2f521a7d8eb40d92ae32f7828f14fb26be63c1a |
|
17-Nov-2015 |
Makoto Onuki <omakoto@google.com> |
Allow PO to clear password even if the same apk has DA
Bug 25645900
Change-Id: I7d2d9fbf6a4dc65ac63fb14e6ee6b9abc1f1c0e7
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 1c277a5d8f79ebf8beeb80f67b67512d9217d953 |
|
11-Nov-2015 |
Sudheer Shanka <sudheersai@google.com> |
Add per-user version of DevicePolicyManager.getUserRestrictions.
Bug: 25663001
Change-Id: Ic5b34fee7b57670c338f11263330a1c702002edc
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 0c9ce28c12c187f44ba0a7cba5fa2b452de0bcee |
|
17-Nov-2015 |
Alan Treadway <alantreadway@google.com> |
Fix edge-cases for split-user provisioning cases.
Split-user systems will allow for combinations of management modes,
specifically managed-{user,profile} on systems with a device-owner.
Bug: 25671630
Bug: 25680065
Change-Id: I5716f55eb6c8318129b4614adc22897d53901bee
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 46dd449420c52a8bb30f5bfe839c6043392381a1 |
|
09-Nov-2015 |
Alan Treadway <alantreadway@google.com> |
Add new ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE intent action.
Bug: 25462877
Change-Id: I14bcabf993436d9936091aa82fab698eced9e4d6
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 70f929eedec10b154170ad66c9d53f18bfc4f613 |
|
11-Nov-2015 |
Makoto Onuki <omakoto@google.com> |
Disallow DA to reset password, also fix all DO checks
Now pure DA (not PO, not DO) aren't allowed to change the password
if one is already set.
Also update "isDeviceOwner" check and make sure we always take
user-id into account. If one really wishes to check the package name
only, then use getgetDeviceOwner() instead.
Also change the enforceNotManagedProfile() check to what's more
generic in the FBE world.
Bug 25645900
Bug 25547523
Bug 25643916
Change-Id: I588ecf9452fe3acc1fb0b4ca0457ad662382fcd2
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| bfd2290824069b6eaeae4fdfd9a52c60bd73689e |
|
12-Nov-2015 |
Andrei Stingaceanu <stg@google.com> |
Merge "Introduce APIs in DPM for setting/getting the device owner info"
|
| 54b5f25b85e4bf4df82cb7450114fb9849f1ae58 |
|
12-Nov-2015 |
Makoto Onuki <omakoto@google.com> |
Merge "Revert "Do not call into ActivityManager from DPMS within DPMS lock""
|
| 219bbafc3fa40dae163d652365cc4a97d613011f |
|
12-Nov-2015 |
Makoto Onuki <omakoto@google.com> |
Revert "Do not call into ActivityManager from DPMS within DPMS lock"
Bug 25567963
This reverts commit 53de36f9c40c9a4ac1eb9cca8f458aa6c998c1fd.
Change-Id: I4faaa0b4c50d75e208f37b99bc1d6e2f0fff8127
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 6644cd9630be363a25af5e1327f41e16ca868556 |
|
10-Nov-2015 |
Andrei Stingaceanu <stg@google.com> |
Introduce APIs in DPM for setting/getting the device owner info
This information, if set, will be shown in the lock screen instead
of the user owner information and the settings tile will be made readonly
(implementation in following CLs).
Bug: 22547309
Change-Id: Ic826d8049bc67f5e8fcfa6a91aa2017247c93b11
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 246b5a0993978202b19a7c02d355fddfd9506798 |
|
10-Nov-2015 |
Makoto Onuki <omakoto@google.com> |
Merge "Do not call into ActivityManager from DPMS within DPMS lock"
|
| 53de36f9c40c9a4ac1eb9cca8f458aa6c998c1fd |
|
07-Nov-2015 |
Makoto Onuki <omakoto@google.com> |
Do not call into ActivityManager from DPMS within DPMS lock
This will allow AMS to call into DPMS within the AMS lock instead,
which will help I1537bd57b34696768ee81a979d53bb396efbc12a.
- AM.clearApplicationUserData() will not be allowed for any DA
apps.
Bug 25567963
Change-Id: I9f0d071c815a011be4f4c85c502c39d0fe0fe5e8
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 5e73256a48cdb10fc72779ce1644d2e13b6669b7 |
|
05-Nov-2015 |
Mahaver Chopra <mahaver@google.com> |
Add ACTION_PROVISION_MANAGED_USER
Adding ACTION_PROVISION_MANAGED_USER to DevicePolicyManager.
Bug: 25462684
Change-Id: Ic90c3471f3a9c431d728197a19ab25b9946f090a
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d59262667cbcdfedd9b03dccaa26a9a000486350 |
|
09-Nov-2015 |
Nicolas Prévot <nprevot@google.com> |
Merge "Add method to tell the dpc if provisioning is allowed."
|
| 6d2beef6a819aebed4119ca06cb2369bc56dd214 |
|
06-Nov-2015 |
Makoto Onuki <omakoto@google.com> |
Merge "Add DPM.getUserRestrictions()"
|
| 3a3092fab0ccb631bc70de64f3bbe5c076a1f94b |
|
30-Oct-2015 |
Makoto Onuki <omakoto@google.com> |
Add DPM.getUserRestrictions()
This returns per-DO/PO restrictions.
Bug 23902097
Change-Id: I225c1b01444fe2f60e5a6674d327182cc9bb15dc
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 86cd001e364d0d0a8253cf4ee14acd13915cbd9a |
|
06-Nov-2015 |
Makoto Onuki <omakoto@google.com> |
Merge "Have AudioService listen to DISALLOW_UNMUTE_MICROPHONE and"
|
| 0953033842333532eaa529c53cbf7a94c79a7a97 |
|
06-Nov-2015 |
Makoto Onuki <omakoto@google.com> |
Merge "Do not allow DO and PO running on the same user."
|
| 803d6757fd23096e437e6fecd51ea6dda918b536 |
|
30-Oct-2015 |
Makoto Onuki <omakoto@google.com> |
Do not allow DO and PO running on the same user.
Bug 25346603
Change-Id: Ic5fbed82466a538fbf64ef802fc2624dd67313bb
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d45a4a2ecb18701b4cfadcb4a26663f2eab642fe |
|
03-Nov-2015 |
Makoto Onuki <omakoto@google.com> |
Have AudioService listen to DISALLOW_UNMUTE_MICROPHONE and
... DISALLOW_ADJUST_VOLUME, instead of UserManager pushing
new settings to AudioService.
Also:
- Allow PO to set these two restrictions.
- Now AS.setMasterMuteInternal() respects mUseFixedVolume to make
it consistent with readPersistedSettings().
- When a user switches and restores the mute state in
AS.readPersistedSettings(), also check the current user restrictions
in addition to system settings. Because of the delay in AudioService
before persisting the mute settings in setMasterMuteInternal() and
setMicrophoneMute(), there's was an edge case
DISALLOW_UNMUTE_MICROPHONE and DISALLOW_ADJUST_VOLUME would be ignored
when the user switches right after they are set.
Bug 24981972
Change-Id: I4d9b709a0a0e6812319204568c6e44d6664bdeb4
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 07387fedfafa72bcb68defd801eef82f1f494d7c |
|
30-Oct-2015 |
Nicolas Prevot <nprevot@google.com> |
Add method to tell the dpc if provisioning is allowed.
The DPC can use it to tell if provisioning a managed profile or for
device owner would work or not.
BUG:25338478
Change-Id: I09ea6a9f23a8e88e4ed37c048170b2a68213086e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 965da39942f9a8736f785f7c57a6c351a8c89d6b |
|
28-Oct-2015 |
Clara Bayarri <clarabayarri@google.com> |
Create a File Based Encryption check API
Change-Id: Ibf41f98818ea801b9f690200c340be80c3b9bf31
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 82402753815ff4633cc572713ae490a17d9129e5 |
|
28-Oct-2015 |
Fyodor Kupolov <fkupolov@google.com> |
Introduced short-term lock for UMS internal state
Added mUsersLock - short-term lock for internal state, when interaction and
synchronization with PM is not required. Modifications to mUsers and
mRemovingUserIds must be guarded by 3 locks: mInstallLock, mPackagesLock and
mUsersLock. While reads can use mUsersLock.
Testing revealed that the following methods in UMS often cause contention:
- exists
- getUserInfo
- getProfileParent
They all now use a short-term lock mUsersLock for reads.
Bug: 24979571
Change-Id: Ie3a22ea7cbb450c7969800fe2a4a2b2516165e5b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 4f16073556f7978708fb71c87628cfe1692412d5 |
|
28-Oct-2015 |
Makoto Onuki <omakoto@google.com> |
Make UserManager enforce user restrictions, not DPM.
- Now even if a user restriction is set via UserManager, it'll be correctly
enforced.
- Changed the way AudioService enforces the OP_MUTE_MICROPHONE and
OP_AUDIO_MASTER_VOLUME app ops -- previously, when they're set, even a muting
call would be rejected. This was why DPMS.setUserRestriction() used different
calling orders for DISALLOW_UNMUTE_MICROPHONE/DISALLOW_ADJUST_VOLUME depending
on setting them or clearing them.
Now, even when the app ops are set, we still allow muting calls.
Bug 23902097
Bug 24981972
Change-Id: I865b5de43e15f5955f94006475a5ec6254904d31
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 759a763f5f03fda86b96d238faedb870fbee24ec |
|
29-Oct-2015 |
Makoto Onuki <omakoto@google.com> |
Allow DO to disable camera device-wise.
Bug 24538855
Change-Id: I421690f14ee57fa818d2b233fe48a90a0a575a9e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 068c54a5be697c3df4657dcda33cd17c4b547710 |
|
13-Oct-2015 |
Makoto Onuki <omakoto@google.com> |
Layer user restrictions
- Now DPMS remembers user restrictions set by DO / PO in their ActiveAdmin.
- User restrictions set by DO/PO will no longer be saved by UserManger. Instead,
when needed, UMS will consult DPMS to build "effective" user restrictions.
- UM.getUserRestrictions() will now always return "effective" user restrictions.
- DPMS migrates existing user restrictions per the eng spec.
- Also now UM.setUserRestrictions() will crash. UMS.setUserRestrictions() has
been removed.
This was needed because UM.setUserRestrctions(UM.getUserRestrictions()) will no
longer be a valid use like it used to be.
- Also introduced a fined-grained lock for user restrictions in UM to avoid
deadlock between DPMS and also for better performance.
Bug 23902097
Change-Id: If0e1e49344e2f3e9226532d00777976d1eaa7df3
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 6655630c962c68e5ca510f4d3249d00e819336f8 |
|
21-Oct-2015 |
Xiaohui Chen <xiaohuic@google.com> |
Clean up UserHandle.isOwner() in frameworks
Bug: 24869636
Change-Id: Ibebd7d0762f5375ee93ec101e7ab5578769bd9f6
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 07b668e3abbc752028e92759b9b55ecf63fc91c3 |
|
13-Oct-2015 |
Clara Bayarri <clarabayarri@google.com> |
Enable Work Profile passphrase verify/write with FBE
When File Based Encryption is present, allow the verify/write of
passphrases to be per-user (it used to always bubble up to the parent
user assuming it is a per-device passphrase).
This is part of the work for the Separate Work Challenge.
Change-Id: I5ae6b7b6ed1dd25aed0843d495b6f5f36e01c4eb
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a52562ca9a4144cf30e6d5c6ffe856cc8e284464 |
|
02-Oct-2015 |
Makoto Onuki <omakoto@google.com> |
setDeviceOwner() now requires a full component name.
Bug 20149907
Change-Id: I24e66159d1d966925aa3a494b1e2839b07cdafa2
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a4f119790e32fcce56586e7324d508e35cb30a2a |
|
01-Oct-2015 |
Makoto Onuki <omakoto@google.com> |
First cut of user restriction layering.
- Start persisting restrictions set by DO/PO.
- Also dump user restrictions on dumpsys
- More changes will follow, including migration.
- Now System settings are mockable.
Bug 23902097
Bug 23902477
Change-Id: I0bda22f484e1a8e259a1feb2df83c5f4a29116da
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| e7ee54ee7f4985bc743053d38d21f33c70220f05 |
|
21-Sep-2015 |
Craig Lafayette <craiglafa@google.com> |
Remove device initializer agent
Bug: 23216982
Change-Id: I867c0b5f4165983d1ed2623a655f6a2a5e3770bb
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| b643fb0e67460344ade2e3db92738999f8168496 |
|
23-Sep-2015 |
Makoto Onuki <omakoto@google.com> |
Use a factory class for dependency injection, add more tests.
- Extracting into a factory allows us to use mocks in other classes.
(Such as Owners.)
- Also removed broken test ApplicationRestrictionsTest. Instead added a new
simplified test to DevicePolicyManagerTest.
- Also stop caching rarely used instances in DPMS.
Bug 24061108
Bug 24275172
Change-Id: Ice9e57204b18e7b5f6b115126dab2209041439c2
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f76b06a6b546f430cf85e561858ed12eedc32b81 |
|
23-Sep-2015 |
Makoto Onuki <omakoto@google.com> |
Test more DPM APIs.
Bug 24061108
Change-Id: Ia9da19f62c0f4edf53ca1f4c213f0368ec1983ba
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f85c97741485a53c1cca5d9d6192a9436d91a044 |
|
23-Sep-2015 |
Xiaohui Chen <xiaohuic@google.com> |
Cleanup USER_OWNER in DPMS
This cl assumes device owner will continue running under user 0.
Bug: 19913735
Change-Id: I65c97f6f14fb362acbdcb6588b73787291100698
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| cc4bbeb76af92a8484fe05f37c4ff412b4c47ccc |
|
17-Sep-2015 |
Makoto Onuki <omakoto@google.com> |
Make DPM/DPMS unit-testable
- Now all services that DPMS uses are injectable.
- Introduce some wrappers to make static methods and final class mockable.
(e.g. for Binder.getCallingUid())
- In unit tests we replace those with Mockito mocks, except we use a partial
mock for PackageManager, because we use way too many methods of this and
most of them are okay to use directly.
- To install a partial mock to PackageManager, I needed to make
ApplicationPackageManager @hide public non-final.
- For a starter, added tests for DPM.setAmin().
Bug 24061108
Change-Id: I2afd51d8bc0038992d5f9be38c686260be775b75
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 287971d613b647c0990f8680945ef4ba64f290ca |
|
11-Sep-2015 |
Makoto Onuki <omakoto@google.com> |
Make sure DO user is running even if caller is shell/root.
Bug 23827706
Bug 23994401
Change-Id: Ie2fbc3ab07901e3d0a9898c910c69d993583084e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| cb150cd81a66d2b59fc2ba05d788c307cad22207 |
|
11-Sep-2015 |
Makoto Onuki <omakoto@google.com> |
Merge "Fix the "User not running: 0" issue"
|
| 299878c9cf9bafdee4b0715de3202bd633162d03 |
|
11-Sep-2015 |
Makoto Onuki <omakoto@google.com> |
Fix the "User not running: 0" issue
Bug 23994401
Change-Id: I580730e7c895f00adf278a2d6709284fff0fc28b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 688b5f4f29f623258fe12c99166c978db0bf128b |
|
11-Sep-2015 |
Makoto Onuki <omakoto@google.com> |
Merge "Cleanup: rename loadDeviceOwner() to loadOwners()"
|
| 58b684f1cdc52467b71c42cfae18433a19ce7d0b |
|
04-Sep-2015 |
Makoto Onuki <omakoto@google.com> |
[split system] Tentatively support running DO on meat user
- setDeviceOwner() now takes a user ID. (We can infer it from Binder, but
we still need it for the dpm command.)
- Change broadcast target UID for DO to the DO user
- Start the DO user on boot complete.
TODO Investigate whether this is actually the good timing.
TODO Prevent the DO user from being killed
Bug 23827706
Change-Id: I227dbd444f1f4e94d98c317489d151554fe79d91
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f024f048dee270252bcc728350f0ac1ad3a8e420 |
|
04-Sep-2015 |
Makoto Onuki <omakoto@google.com> |
Cleanup: rename loadDeviceOwner() to loadOwners()
Change-Id: I68e3367b1e70022f9501cf998e1860a6ce7d496b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 2714d448b12797a5050834f952fd1166246e558e |
|
03-Sep-2015 |
Makoto Onuki <omakoto@google.com> |
Replace all occurrences of HashMap/HashSet with ArrayMap/ArraySet.
Also fix the command line for OwnersTest in javadoc.
Change-Id: I53c222aa13eee179c5abf7e6ba95c6cbe9a7f47f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 99aeac27ebc5ad54c0095122251cc0258713c263 |
|
31-Aug-2015 |
Makoto Onuki <omakoto@google.com> |
Rename DeviceOwner to Owners
Bug 23432442
Change-Id: Ic59c880d45126fbcf50b1bd31e37b2b64e2f3a6d
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 39e784dd46fe4c7257bf63d0a60167abb2b28f79 |
|
22-Aug-2015 |
Makoto Onuki <omakoto@google.com> |
Split device owner config files
DPMS.mDeviceOwner is now always non-null, so no null checks are needed.
Bug 22802261
Bug 23432442
Change-Id: Ia8e5f114ecfc0add44b0d1be7d043ef6e37019ef
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| ed969e18f8e9a0d9ec9a7dc423a1105899a1fb57 |
|
24-Aug-2015 |
Rubin Xu <rubinxu@google.com> |
Reactivate backup service after device owner is cleared.
Bug: 23474411
Change-Id: I99da846493eb749828517d27f4384ab3fe647df5
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| e3b07451c3ca7064cb70f1829cf35963cba74bd8 |
|
22-Aug-2015 |
Adrian Roos <roosa@google.com> |
resolved conflicts for merge of bcc26c02 to master
Change-Id: I4260ff0d090cfa9741fd3adcfcadcbbff6839388
|
| b5e4722891e7bbf2fffcd995af02838667a3abab |
|
15-Aug-2015 |
Adrian Roos <roosa@google.com> |
Add StrongAuthTracker
Bug: 22846469
Bug: 22115393
Change-Id: I6ef5322d02e540fc043e7f20d3aabf595ce7c224
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 4afb83e912fc46db64297a1734f1d5959e3caff4 |
|
21-Aug-2015 |
Nicolas Prevot <nprevot@google.com> |
Clear cross-profile intent filters in the right user.
Clear them in the parent, who is not always the owner.
BUG:23105562
Change-Id: Iae2adbfa6b4d6e982f6f2a4075dd8bd55b11c37e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 741abfc12074623d24297ebb67d98cb2d9126add |
|
11-Aug-2015 |
Nicolas Prevot <nprevot@google.com> |
Fix cross-profile intent filters with system-user split.
Don't assume that the parent is always the user owner.
BUG:23105562
Change-Id: Ia98ed608e2b6d1d82d95a73110134d85274c6abf
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 2af03d2a7ac0eff78d1646b66e242b17e12165cd |
|
10-Aug-2015 |
Nicolas Prevot <nprevot@google.com> |
Send the MANAGE_PROFILE_ADDED broadcast to the correct user.
Send it to the parent, who is not always the user owner.
BUG:22753960
Change-Id: Ibd0edb78be4b3bdfc9fc31fd05e50fe3bf8bb493
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| c1836bb0f1bf3e5ef0911719525da0bab3e53507 |
|
31-Jul-2015 |
Dianne Hackborn <hackbod@google.com> |
Merge "Change MNC codename to just M." into mnc-dev
|
| 9a81a182df634ab7a087752c9a10db67c5d0f256 |
|
31-Jul-2015 |
Rubin Xu <rubinxu@google.com> |
Merge "Don't always transfer device owner status to other users." into mnc-dev
|
| e2a4a6ff8a83a4216824b2d40a323e56814d0463 |
|
28-Jul-2015 |
Nicolas Prevot <nprevot@google.com> |
Don't always transfer device owner status to other users.
A device owner cannot use device or profile owner policies on
other users unless it is profile owner there. Also limit device
initializer to system apps only.
Bug: 21800830
Change-Id: Ie1abbd891945b91b17ecdf7f73ba93aaa19819be
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 0e3de6cacaffcfeda4d6353be61e2f1f9ed80705 |
|
30-Jul-2015 |
Dianne Hackborn <hackbod@google.com> |
Change MNC codename to just M.
Change-Id: I4281d200ff6560791c47cf9073ceea1cb509361e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 00799008832e11f06f9ddc0bf721799edee99f28 |
|
27-Jul-2015 |
Nicolas Prevot <nprevot@google.com> |
Send a public broadcast when the device owner is set.
Make it a protected broadcast.
BUG: 22623518
Change-Id: Ia36e8f0b80a6301d7d8e0461476842c78762b5e8
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| c1aebfa02c393471fb344c3a94ee2ae62bb78f93 |
|
09-Jul-2015 |
Jeff Brown <jeffbrown@google.com> |
Merge "Clean up USB Manager and fix ADB." into mnc-dev
|
| 460a146eb8f827e4e70f2dd93d1ba852d0feb06b |
|
01-Jul-2015 |
Jeff Brown <jeffbrown@google.com> |
Clean up USB Manager and fix ADB.
Moved functions which parse the USB functions list into one common
place on UsbManager.
Deleted the no longer supported USB_FUNCTION_MASS_STORAGE.
Ensured that the UserManager.DISALLOW_USB_FILE_TRANSFER rule is
consistently applied during user switch and when changing the
current USB functions and make sure it only affects MTP and PTP.
Collapsed the boot completed and user switched receivers to
ensure consistent ordering of side-effects.
Validate the list of functions passed to setCurrentFunction() so
that the separation of concerns is clearer. It was somewhat
ambiguous as to whether functions such as ADB could / should be
enabled through that interface. Improved the docs for clarity.
Fixed a bunch of broken stuff related to the USB config
persistent property (list of default functions) that could cause
ADB and other functions to not work at all. Added new failsafes
to ensure that we reliably get back into a happy state.
Bug: 22206076
Change-Id: I02915ddfce7193a8f67a14f0d76bab22fc575dfa
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 70e0c58c2269cd29dfd6420d690da13dc03fd457 |
|
30-Jun-2015 |
Kenny Guy <kennyguy@google.com> |
Mute correct user from device policy manager.
Add per user versions of mute methods so
device policy manager can mute the correct
user.
Just persist change if the calling user
isn't the current user.
Treat calls to audio manager coming from uid
1000 as if they were coming from current user
rather than user 0 so that the correct user's
user restriction is checked.
Bug: 21782066
Bug: 21778905
Change-Id: I51469b741096d8a2ffdc520eaf5b3fd754f2c819
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 7ce2bd2161405cef9740a6f14d586a8964dad3e0 |
|
30-Jun-2015 |
Alex Chau <alexchau@google.com> |
Clear "profile wiped" notification when a new porfile is created
Make use of ACTION_MANAGED_PROFILE_ADDED to clear the notification.
Bug: 22186884
Change-Id: I08514ebc308f2e2fb61f837500e2ba712ccf8703
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| fef8cbd6a643a621a97f8e5616977e1fb65d9a5f |
|
30-Jun-2015 |
Esteban Talavera <etalavera@google.com> |
Merge "Marking some globals from setGlobalSetting as not supported" into mnc-dev
|
| 656fa7f5d1ce9299cb63043de80f2b4db9bff497 |
|
29-Jun-2015 |
Esteban Talavera <etalavera@google.com> |
Marking some globals from setGlobalSetting as not supported
Those globals don't have the intended behaviour any more.
Bug: 19967818
Change-Id: I8c7891e59280f9deb88b1f0ffead3de07f4eca56
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| e8490f1d78a62826742ddf4af8943e6666a1a8d0 |
|
25-Jun-2015 |
Rubin Xu <rubinxu@google.com> |
Use StorageManager.wipeAdoptableDisks to wipe external disks
Retire FORMAT_AND_FACTORY_RESET which is more fragile.
Bug: 9433509
Change-Id: I158ee987274bb4db41d466de9f1e3c60ffc1d140
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 28b9570d0235eca305dc76c006a54c8a85cf5db8 |
|
24-Jun-2015 |
Esteban Talavera <etalavera@google.com> |
Reset permission policy to default when device owner goes away
Otherwise after the Device Owner is gone, runtime
permissions might still be auto granted/denied.
I understand that there are many other policies that
we don't reset after the device/profile owner goes
away (e.g. keyguard enabled/disabled). At least now
we have a single method when we could clear the
ones that we care about.
Bug: 21889278
Change-Id: I6997655e6ef6d474bd25ae1c323eca5b17944b16
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 0bf8f7cc3982164a9e11ea4a25ed930e466f1dd8 |
|
22-Jun-2015 |
Amith Yamasani <yamasani@google.com> |
Runtime permissions cannot be set on legacy apps by device policy
Clarify docs that runtime permissions can be granted or revoked by
a profile owner/device owner only for MNC apps and not legacy apps.
Check the targetSdkVersion and return false if legacy app.
Remove all policy flags from permissions when cleaning up
a device or profile owner.
Bug: 21835304
Bug: 21889278
Change-Id: I4271394737990983449048d112a1830f9d0f2d78
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 2c3c66a2cf06b4d081f539a1fa01b44780cc65dc |
|
23-Jun-2015 |
Zoltan Szatmary-Ban <szatmz@google.com> |
Merge "Introduce Settings.Global.WIFI_DEVICE_OWNER_CONFIGS_LOCKDOWN" into mnc-dev
|
| 58e706d754adaeb59ccea9b8d496d54240c37caf |
|
23-Jun-2015 |
Robin Lee <rgl@google.com> |
Merge "Let device owners handle onChoosePrivateKey" into mnc-dev
|
| deee7735d81107380e8af5e35d4339e85530ee98 |
|
20-Jun-2015 |
Robin Lee <rgl@google.com> |
Let device owners handle onChoosePrivateKey
Bug: 21959745
Change-Id: Ifad3901015937d2ea700124bb5f61982cd580ad8
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 1046ba518b07e42eb5d3474f1ff9ca1181c331d5 |
|
17-Jun-2015 |
Benjamin Franz <bfranz@google.com> |
Add DISALLOW_CREATE_WINDOWS to Device Owner only user restrictions
Even though the documentation of DISALLOW_CREATE_WINDOWS says it is for
Device Owners and Profile Owners on User 0 only, it was previously not
part of DEVICE_OWNER_USER_RESTRICTIONS and was therefore callable from
a profile owner on a managed profile or secondary user.
Bug: 19726884
Change-Id: If6443eacbc28b7ee6c0845754923573a79f8bde3
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 2cc03e5606ad7cd473283898400506d5ac2237ba |
|
20-Mar-2015 |
Jeff Sharkey <jsharkey@android.com> |
Yet another user restriction.
Change-Id: Ia2952da19cb974a6a9ba0271a298a10df58b8d18
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| b24f01f473b98e98f0c80b1a937a18921cf0521a |
|
12-Jun-2015 |
Alex Chau <alexchau@google.com> |
Merge "Notification shown upon work profile deletion" into mnc-dev
|
| 77b2d49abb38fafb91fb99ce603a92f189553cd7 |
|
11-Jun-2015 |
Craig Lafayette <craiglafa@google.com> |
Merge "Remove device initializer status messages" into mnc-dev
|
| c51b72acc064ec5f62b2e468f2e7c5e0c96cfc8a |
|
09-Jun-2015 |
Alex Chau <alexchau@google.com> |
Notification shown upon work profile deletion
Bug: 18543323
Change-Id: Ibd9bd20637a7bd019e080da306a19c94d9e82576
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 83881bdbdee14cc9726c89019490a0514686f314 |
|
10-Jun-2015 |
Robin Lee <rgl@google.com> |
Policy: make bulk CA uninstalls happen in service
Fewer round trips, only one point of contact for bugs to creep in.
Bug: 21650477
Change-Id: I1764faa753bd674ecb0d13149d778d99bd2ff4c4
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| cedd53adc3875fe1b4275afa35ec5c3ede7b6c39 |
|
09-Jun-2015 |
Julia Reynolds <juliacr@google.com> |
Remove the ability to set a preferred setup activity.
Bug: 21557327
Change-Id: I8c1809d25c5f5fcd186dfc0636d8ac47ed5fc903
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 4045d24971fea4f1506ac8f16d4deeb76ac415fe |
|
27-May-2015 |
Zoltan Szatmary-Ban <szatmz@google.com> |
Introduce Settings.Global.WIFI_DEVICE_OWNER_CONFIGS_LOCKDOWN
This setting controls whether WiFi configurations created by a Device Owner app
should be locked down (that is, editable or removable only by the Device Owner).
Bug: 21427528
Change-Id: I0f8fb72bf9da1597e08d3dfc631d37b6b4178ff5
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 369d65653399f01e83a6cbb6dfa4eb7b356af648 |
|
05-Jun-2015 |
Amith Yamasani <yamasani@google.com> |
Fix permission check in DPM.getPermissionGrantState
It was querying for permission of user 0 instead of the calling user.
Switched to passing in the explicity userId.
Also set the flags before granting/revoking permission from DPM.
Bug: 21430988
Change-Id: Id0d2dc65e20108cefa3eeb4363f866d49c791cc4
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 240e64828f68064b2a1074a1dda1fc41fe19d711 |
|
02-Jun-2015 |
Craig Lafayette <craiglafa@google.com> |
Remove device initializer status messages
- Remove ManagedProvision Bluetooth extras from
DevicePolicyManager
- Remove ManagedProvisioning device initializer status
action and extras from DevicePolicyManager.
- Remove DIA status update protected-broadcast
and permission
- Remove DPM.sendDeviceInitializerStatus method
Bug: 21559093
Change-Id: Ibb651ebb2772ace6a16a5830f82f75465150e6e3
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| e3e314df4d52881225326d426a76e3e7f1bc40d3 |
|
20-Apr-2015 |
Stuart Scott <stuartscott@google.com> |
Network Reset should have a lockdown like Factory Reset.
bug:20332322
Change-Id: I7c61a011d11e89513757f112abf320bb2a785edb
(cherry picked from commit 94b038bbb291431a7b39611d72f206b07e839891)
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 81c73e121ef2ff44a3916628d9ff11385db85bd6 |
|
27-May-2015 |
Sudheer Shanka <sudheersai@google.com> |
Merge "Clear caller identity before setting all the user restrictions." into mnc-dev
|
| 184b3753de54241c67799089f5bc59a1ede4438a |
|
22-May-2015 |
Amith Yamasani <yamasani@google.com> |
Add getPermissionGrantState method in device policy
This is to have a way to query what permission state was set by
the profile owner.
Bug: 21356830
Change-Id: Ie396e946b4285267c1d95f82b9d9765b43697d3c
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d8ecc5aee49874ac1f100f69be94906a3e99b951 |
|
20-May-2015 |
Svet Ganov <svetoslavganov@google.com> |
Allow DO/PO to go back to normal permission state.
We have APIs for a DO/PO to fix a permission in a granted or
denied state in which the user cannot manage this permission
through the UI. However, there is no way to go back to the
default state in which the user gets to choose the permission
grant state.
Change-Id: I2562a1d8b1385cd740b44812844ef14c895c2902
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 21d9ef6dc71886209965f70728b563fd7d78d6c8 |
|
20-May-2015 |
Sudheer Shanka <sudheersai@google.com> |
Clear caller identity before setting all the user restrictions.
Bug: 19687895
Change-Id: Ieaa1f4e5a39395f11bf4cf797332a2d9d495bc0a
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 6e1c17a3dfd62f3ae2a16ac64b8575fc3aa4a7a2 |
|
14-May-2015 |
Rubin Xu <rubinxu@google.com> |
Merge "clear caller identify before sending system update notification" into mnc-dev
|
| 2c84cc2ea2ffa1fcd3dbd9a1b5e3880571fba1b8 |
|
14-May-2015 |
Rubin Xu <rubinxu@google.com> |
clear caller identify before sending system update notification
Because DeviceAdminReceiver is protected by BIND_DEVICE_ADMIN permission,
in order to send broadcast to it, we need to clear the caller's identity
and call sendBroadcastAsUser() as system.
Bug: 20213644
Change-Id: Icc7b239b9005e286012ade6580ec92a0a57198e0
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 9e9e2e73c6ec7bece20268196dc89ad0c8bafad4 |
|
08-May-2015 |
Wojciech Staszkiewicz <staszkiewicz@google.com> |
Pass charset to XmlPullParser.setInput instead of null
Passing null to XmlPullParser.setInput forces it to do additional
work, which can be easily avoided if we know the charset beforehand.
bug: b/20849543
Change-Id: Iaff97be9df2d0f99d7af8f19f65934439c9658e2
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 39087b1cec6a54e96ab9eafe8317952720790533 |
|
05-May-2015 |
Robin Lee <rgl@google.com> |
Replace String host:port/url args with Uri arg
Uri provides a stronger guarantee of well-formedness and lets apps do
nice extra things like specifying scheme etc. without twisting any
expectations.
Bug: 20820034
Change-Id: Ia6bbedb74765444920b667d643fb7e1eb6a7292b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 9831fad6768135dbd982d6dca78d7f6de81bb320 |
|
14-May-2015 |
Nick Kralevich <nnk@google.com> |
Merge "Modify how USB connections are handled." into mnc-dev
|
| fcf10f7c12cb3107bdfedce6f76a8c866d154f3c |
|
13-May-2015 |
Nick Kralevich <nnk@google.com> |
Modify how USB connections are handled.
* Introduce a new "charger only" mode. In this mode, MTP is disabled,
and no file transfers can occur.
* Make charger only mode the default.
* Modify "persist.sys.usb.config" so it now only holds the adb status.
* Make the USB settings non-persistent. Unplugging the USB connection will
reset the device back to "charger only" mode.
* Fixup wording per UI guidelines.
TODO: Re-implement MDM restrictions for USB / MTP access controls.
Bug: 18905620
Change-Id: I99a50d9132a81e98187f431166fd9fef4d437e4f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 467eb0566ff1df320c9a9be3da0f44ee3d6bc9fa |
|
13-May-2015 |
Kenny Guy <kennyguy@google.com> |
Merge "Allowing profile to set a subset of keyguard restrictions." into mnc-dev
|
| 396d944001f0b897b1689baa0bd7d3e04046b3ca |
|
13-May-2015 |
Julia Reynolds <juliacr@google.com> |
Merge "Remove initiator name param." into mnc-dev
|
| 9fc8bb63d8c15ecfcd3a72a685eaec6c8ec0aa6e |
|
12-May-2015 |
Rubin Xu <rubinxu@google.com> |
Merge "Tweak SystemUpdatePolicy according to API review." into mnc-dev
|
| 8c7f700a59ad26e75c9791335d78f14322cad49a |
|
07-May-2015 |
Svet Ganov <svetoslavganov@google.com> |
Add permission meta-state flags to support grant/revoke permission policy.
We now maintain a mata-state with each permission in the form of flags
specyfying the policy for this permission. This enables support of the
following use cases:
1. The user denies a permission with prejudice in which case an app cannot
request the permission at runtime. If an app requests such a permssion
it gets a denial unless the user grants the permission from settings.
2. A legacy app with disabled app-ops being upgraded to support runtime
permissions. The disabled app ops are converted to permission revocations.
The app ops manager is a part of the activity manger which sits on top
of the package manager, hence the latter cannot have a dependency on the
former. To avoid this the package installer which is the global
permission managment authority marks the permission as revoked on
upgrade and the package manager revokes it on upgrade.
3. A device policy fixing a permission in a granted or revoked state. This
additional information is folded in the meta-state flags and neither
apps can request such permissions if revoked not the user can change
the permission state in the UI.
Change-Id: I443e8a7bb94bfcb4ff6003d158e1408c26149811
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 731051e36bb2d420a29cd889a38e02c88c930aad |
|
11-May-2015 |
Julia Reynolds <juliacr@google.com> |
Remove initiator name param.
This won't be shown in the UI; it's not needed.
Bug: 20820224
Change-Id: I51ecd0a9151a49e26faf52e792a0b316a8facc8e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 0b7dd1e6c8422da0a21c1631244bec7a2af5085a |
|
12-Mar-2015 |
Kenny Guy <kennyguy@google.com> |
Allowing profile to set a subset of keyguard restrictions.
Allow admins in managed profiles disable trust related
keyguard features (trust agents and finger prints) for the
parent user.
Allow admins in managed profiles to control whether notifications
from the profile are redacted on the keyguard.
Bug: 18581512
Change-Id: Ic2323671f63781630206cc2efcc8e27ee58c38e6
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d86d58cd010b087d6d481062f84c894e0ced7bbc |
|
05-May-2015 |
Rubin Xu <rubinxu@google.com> |
Tweak SystemUpdatePolicy according to API review.
Make SystemUpdatePolicy Parcelable; hide public constructor and
expose static builder methods.
Bug: 20820025
Change-Id: I594ba3c7e5514551134ba6c866b24498b66506bf
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 4e401fa49875e083d18b46e0250be37ad565071c |
|
07-May-2015 |
Craig Lafayette <craiglafa@google.com> |
DevicePolicyManager API review changes
Renamed DO_NOT_ASK_CREDENTIALS_ON_BOOT to
RESET_PASSWORD_DO_NOT_ASK_CREDENTIALS_ON_BOOT.
Bug: 20820907
Change-Id: I6455f9a6d370afbd5154505f402b409dba3b7918
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 94fb2024b013522e95a880e02b73886fa7d01222 |
|
06-May-2015 |
Benjamin Franz <bfranz@google.com> |
Merge "Rename functions that disable status bar and keyguard" into mnc-dev
|
| bece80645e2b2d84ea65aabfa7fc01d5ad633708 |
|
06-May-2015 |
Benjamin Franz <bfranz@google.com> |
Rename functions that disable status bar and keyguard
Rename the DevicePolicyManager functions setKeyguardEnabledState and
setStatusBarEnabledState to setKeyguardDisabled and
setStatusBarDisabled respectively.
Bug: 20820039
Change-Id: I06f6a19ac55b24e66e9f2cb340ead5d940cb2235
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 6f36d42dcc46eae3a0388828b13314a823e3ce57 |
|
06-May-2015 |
Amith Yamasani <yamasani@google.com> |
Permission policies are for profile and device owners
Not just device owners
Change-Id: I78ad815651e9bdc4bd78e61d634a5067935fa33f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| ddd553f2aee4f3821a2f17636bb86d9fa5af9bd7 |
|
30-Apr-2015 |
Robin Lee <rgl@google.com> |
Device policy: use owner label instead of name
Managed provisioning does not currently set a meaningful profile owner
name. This changes to use the application label as returned by
PackageManager.getApplicationLabel which should be more descriptive.
Bug: 20679292
Change-Id: I5a0e87ef05b62879a73814e6d338e8b984b81c94
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| c4aa3c781a0ddce64853cd5d88bf97f8a9faf98b |
|
29-Apr-2015 |
Benjamin Franz <bfranz@google.com> |
Merge "Add status bar flag to disable quick settings" into mnc-dev
|
| d49489b3af01c13d3b13af1cd04d53787185cc0a |
|
28-Apr-2015 |
Amith Yamasani <yamasani@google.com> |
Permissions control via profile/device owner admin
Profile owners and Device owners can set policies for runtime
permissions. Blanket grant/deny policy can be set for a user.
They can also explicitly grant/revoke permissions for specific apps
which cannot be overridden by the user and will not be prompted.
[More implementation required in PackageManagerService and
PackageInstaller]
Bug: 20666663
Change-Id: I2c25c18c2a195db9023a17716d5896970848bb45
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 27cf146361125d1233c487ec215d5d794f5dde17 |
|
23-Apr-2015 |
Benjamin Franz <bfranz@google.com> |
Add status bar flag to disable quick settings
Bug: 20331928
Change-Id: I79dc7f2c9e64245bdeeea3916d339985a8b17f92
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 13c58bacc8f1ff35bb24ba19069bab8a41aabf68 |
|
20-Apr-2015 |
Julia Reynolds <juliacr@google.com> |
Allow device initializers to set a preferred setup activity.
This activity will launch by default on device reboot or user switch
during user initialization, even if there are higher priority 'home'
activities.
Bug: 20223050
Change-Id: I335aeb010a1ae5db07a4343d26e160c74bd299e1
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f7d3a766f0cd8a9efb51a62a27db78a3bb04d41f |
|
25-Apr-2015 |
Julia Reynolds <juliacr@google.com> |
Merge "Only skip unrecognized tags."
|
| 6afa666c9f9c8d1e9eff85464230585dfef060bb |
|
23-Apr-2015 |
Julia Reynolds <juliacr@google.com> |
Only skip unrecognized tags.
This fixes policy loss seen on device reboot when device admins
applied certain policies.
Bug: 20516960
Change-Id: I6e2a3b8de610c00ea1a2edbb026523bfdc365775
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 2806374f9531490296547d4e884ce9163f4ac867 |
|
08-Jan-2015 |
Nicolas Prevot <nprevot@google.com> |
Restrict setting the profile/device owner with a signature-level permission.
Create the new permission MANAGE_PROFILE_OWNERS to restrict setting
the profile/device owner.
BUG:19838376
Change-Id: Ib55a2db85fcb6f34e3b88c398683bddb0ad66868
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 917c4e4d453f9f36fb6945cf1e3e11f45314d602 |
|
24-Apr-2015 |
Svetoslav <svetoslavganov@google.com> |
Merge "Clear binder identity before reaching into keyguard settings"
|
| 5bd5d4c2b0b12fcd76b58dfb3d834f1159ff054e |
|
24-Apr-2015 |
Svetoslav <svetoslavganov@google.com> |
Clear binder identity before reaching into keyguard settings
Change-Id: I80eeaed235acc165ddd4799ba46700afea2dff55
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 1513ff171ae43d141295a235e42d99071e144cdb |
|
23-Apr-2015 |
Craig Mautner <cmautner@google.com> |
Fix NPE when load() returns nulls.
Fixes bug 20528625.
Change-Id: I825c95fd212a1928a34e9ed0e20d2f7563939cbb
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 015c5e57b58d26ae53849c02d3aebfcd52d85c3d |
|
23-Apr-2015 |
Craig Mautner <cmautner@google.com> |
Disallow data clearing of DeviceOwner.
There are OEM provided apps that are able to clear the data of the
device owner. That creates a security hole that this fixes.
Fixes bug 20107015.
Change-Id: I4ef313b394bd8059d19d20aa6533396305d1357d
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 5173dc28f341fee92705b07543cf9d2c9694ee3c |
|
16-Apr-2015 |
Craig Mautner <cmautner@google.com> |
Add and remove DeviceInitializer from whitelist
Add the DeviceInitializer to the locktask whitelist when set or when a
new user is created. Remove DeviceInitializer from whitelist when
user setup complete.
Fixes bug 20267837.
Change-Id: I8a33bceb6e6f3d0316a1227b2ed2b713f4ca3a9e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| dc105cc91c63c27479d73a21702cd4ba0304acc4 |
|
15-Apr-2015 |
Rubin Xu <rubinxu@google.com> |
Enable system service to notify device owners about pending update
Create a DevicePolicyManager API which can be used by OTA subsystem
to tell device owners about pending updates. Device owners will get
a callback from its DeviceAdminReceiver when the update service sends
out such notifications.
Bug: 20213644
Change-Id: Ifcc755655e4f441980cf77d76175a046112ca9ae
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 07ba37a713212e603be3098f1035f2b736fae679 |
|
22-Apr-2015 |
Benjamin Franz <bfranz@google.com> |
Merge "Recover status bar enabled state for all users"
|
| 6d6290d2821c6b1e497e4990c5d42aee1dbc8a29 |
|
22-Apr-2015 |
Benjamin Franz <bfranz@google.com> |
Merge "Check for null packages in setLockTaskPackages"
|
| 837f1035a608d2d36aef5fb448ec1fbd1d927f5f |
|
21-Apr-2015 |
Benjamin Franz <bfranz@google.com> |
Recover status bar enabled state for all users
Move the update of status bar enabled setting to loadSettingsLocked and
thereby recovering the enabled state for all users, not only the user
owner.
Bug: 20416833
Change-Id: Iee3d6e0f3ea8ebc5d72c0ed165bea4595ed073ba
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 4eb6a36922f5e98fe181c0326cc5721f0e7589ca |
|
02-Apr-2015 |
Andrei Kapishnikov <kapishnikov@google.com> |
Introduced DO_NOT_ASK_CREDENTIALS_ON_BOOT flag
A new flag for DPM.resetPassword() method that specifies that the
device should be decrypted without asking for the password or pattern.
Bug 19250601
Related CL in Settings App: https://googleplex-android-review.git.corp.google.com/#/c/670206
Change-Id: I9ca3472dc18e66e618ff772dee16ca4a450e9997
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 78c05f97426e941b1a398e0d00b53603603f292b |
|
21-Apr-2015 |
Benjamin Franz <bfranz@google.com> |
Check for null packages in setLockTaskPackages
Bug: 20416611
Change-Id: Ibbadc952da29a34de0cf02408093b7bfc01f8779
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 5faad8e4cdf04211239f076b5d073e26d0ae3207 |
|
20-Apr-2015 |
Rubin Xu <rubinxu@google.com> |
Rename public OTA policy APIs in DevicePolicyManager
Use the term "SystemUpdate" instead of "OTA", in public
DevicePolicyManager APIs that handle OTA policies.
Bug: 19650524
Change-Id: Iebdaea91337d617147cb411b6f47e0f3fae8671c
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 15df08abd8190353e1430f88c2ed6462d72a5b25 |
|
01-Apr-2015 |
Craig Mautner <cmautner@google.com> |
Introduce android:lockTaskMode
The ability for tasks to be started in locktask mode or pinned is
dependent on the value of android:lockTaskMode for the root activity
of the task.
For bug 19995702
Change-Id: I514a144a3a0ff7dbdd4987da5361b94bdfe9a437
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 47af53ed95070063f5ec299b957420a91fcd5292 |
|
15-Apr-2015 |
Benjamin Franz <bfranz@google.com> |
Merge "Introduce device owner API to disable the status bar"
|
| ea2ec97f37c649881f2be8a5cc40bf44080cc632 |
|
16-Mar-2015 |
Benjamin Franz <bfranz@google.com> |
Introduce device owner API to disable the status bar
Let the device owner disable the status bar to achieve multi-app single purpose
mode. When the status bar is disabled, quick settings, notifications and the
assist gesture are blocked.
Bug: 19533026
Change-Id: I72830798135136e5edc53e5e2221aebb9a7c7d57
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| b4e218832173229ca2cb25e420c557f919a8ef09 |
|
15-Apr-2015 |
Benjamin Franz <bfranz@google.com> |
Merge "Fix a SecurityException in setKeyguardEnabledState"
|
| 3223106dab67ba38027590a600edaa02efb6e461 |
|
14-Apr-2015 |
Benjamin Franz <bfranz@google.com> |
Fix a SecurityException in setKeyguardEnabledState
A SecurityException is currently thrown when calling this API as
LockPatternUtils.isSecure requires a permission that the DO does not
have.
Bug: 19533026
Change-Id: I28bebb647e46bb631cc4fa1a7c9571eadda69086
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 317918e206b89f4a49bfa35af57607764f322347 |
|
14-Apr-2015 |
Andres Morales <anmorales@google.com> |
Merge changes from topic 'lss-update'
* changes:
Add challenge to IGateKeeperService
Wire up GateKeeper to LockSettingsService
|
| e36087e5b6eeb92607f4ad5b3b1662bef9bafa4c |
|
07-Apr-2015 |
Benjamin Franz <bfranz@google.com> |
Introduce device owner API to disable the keyguard
Let the device owner disable the keyguard to achieve undisturbed single
use mode with multiple apps. Calling this API has no effect if a
password
has been set for the calling user.
Bug: 19533026
Change-Id: I6b726b7f36efb669359e9da4b7e3db1f8031dad5
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| c9c9f7b40ec77217ce595fd152a505481326dc9a |
|
14-Apr-2015 |
Rubin Xu <rubinxu@google.com> |
Merge "Add setOtaPolicy/getOtaPolicy API in DPMS"
|
| 0c606812c5102fd19eda4b3e1ffbc9e61fec6430 |
|
14-Apr-2015 |
Ricky Wai <rickywai@google.com> |
Merge "Add Bluetooth Contacts Sharing policy in DevicePolicyManager"
|
| 778ba135380cda90c4c9317c34e875c00e2743a3 |
|
31-Mar-2015 |
Ricky Wai <rickywai@google.com> |
Add Bluetooth Contacts Sharing policy in DevicePolicyManager
Bug: 19990979
Change-Id: Ide9adf66eec5721e50573c03956a1b63b7e8b18b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 8027a4ffc285ba39df3a262abfff1cfdd6dd31db |
|
10-Mar-2015 |
Rubin Xu <rubinxu@google.com> |
Add setOtaPolicy/getOtaPolicy API in DPMS
Allow device owners to set OTA policy for automatically accept/postpone
incoming OTA system updates. This class only provides the setting
and getting of OTA policy, the actual OTA subsystem should handle
and respect the policy stored here.
Bug: 19650524
Change-Id: I9b64949fab42097429b7da649039c13f42c10fd1
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 8fa5665f0e757cec0063fb4cf1354f1596f93a91 |
|
31-Mar-2015 |
Andres Morales <anmorales@google.com> |
Wire up GateKeeper to LockSettingsService
Adds:
- Communication to GKService
- password upgrade flow
- enroll takes previous credential
Change-Id: I0161b64642be3d0e34ff4a9e6e3ca8569f2d7c0a
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| c06bbbfe7ac3c848384cb667b23c42ce26cc5d95 |
|
14-Apr-2015 |
Rubin Xu <rubinxu@google.com> |
Merge "Grant cert installer access to installKeyPair()"
|
| dbe31a6616f2e8cb8436ea235149d076302fb793 |
|
02-Apr-2015 |
Craig Lafayette <craiglafa@google.com> |
Send device initializer status.
- Create method in DevicePolicyManager to send device
provisioning status to ManagedProvisioning.
- Define status updates used by ManagedProvisioning.
Bug: 20001077
Change-Id: Ia98fc765d1ebb2ba9680636ca15c2c870d160261
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 30b89849032eb57d1da93de40a6a9bd2a5f55a2e |
|
07-Apr-2015 |
Craig Mautner <cmautner@google.com> |
Merge "No longer unlock activity manager to test whitelist"
|
| e56007786ace2fe0615197d95317ccd7be4d1ca6 |
|
04-Apr-2015 |
Craig Mautner <cmautner@google.com> |
No longer unlock activity manager to test whitelist
In order to check the DevicePolicyManagerService locktask whitelist
the activity manager had to release its lock preserving internal
state. That is undesirable and not scalable now that we need to check
the whitelist at startup for bug 19995702.
This change causes DPMS to update activity manager with the whitelist
whenever it changes so that activity manager can check the whitelist
without releasing the acitivty manager lock.
Change-Id: I3ed6eb5ceae2cd7e7ae3280abd708d5ce43a2851
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 16c9c249d5f06014442aa5c78254b702f6a034c5 |
|
05-Apr-2015 |
Jeff Sharkey <jsharkey@android.com> |
Fix up ExternalStorageFormatter.
It's not going to be around for much longer, so just fix enough to
work correctly.
Also teach about new "unmountable" state from vold.
Bug: 19993667
Change-Id: Ib72c3e134092b2a895389dd5b056f4bb8043709a
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 25da6b65b0e3be610e1223758b1910f4e7ad1ed2 |
|
03-Apr-2015 |
Fyodor Kupolov <fkupolov@google.com> |
Merge "Do not log an error when app restriction file does not exist"
|
| 6f34d363c32ec3295fd77257648d1291ea31c33f |
|
02-Apr-2015 |
Fyodor Kupolov <fkupolov@google.com> |
Do not log an error when app restriction file does not exist
Bug: 20040207
Change-Id: Ibd257388a185020258e36bddf5b451dc24c0b7ee
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| eaafdf72a410b445cee9fea274a57f31aec2509f |
|
02-Apr-2015 |
Julia Reynolds <juliacr@google.com> |
Store the device initializer componentname in addition to package.
This removes ambiguity about which component in the initializer
package handles device initialization when setting up secondary users.
Bug: 19992262
Change-Id: I2e48168907725a56cd05d0b51c9f28b34fa28d1a
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| acdc1839cf73c5ee1672f19f7098b81abdd4f0bc |
|
02-Apr-2015 |
Rubin Xu <rubinxu@google.com> |
Grant cert installer access to installKeyPair()
Bug: 20041977
Change-Id: Id0dc0bce8461c71d7220c1802dcca82933805996
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 1040da1d4eb99fd2588e4c4d5b08b2e3fc0c7777 |
|
19-Mar-2015 |
Makoto Onuki <omakoto@google.com> |
Enterprise quick contact 1/2
Now openQuickContact goes thorough DPM. When a lookup URI is build with
a lookup key returned by the enterprise lookup APIs for a corp contact, the
lookup key will have a special prefix. In that case we go through DPM
and have it launch QC on the managed profile, if the policy allows.
For now we use the same DPM policy as enterprise-caller-id to disable this.
Design doc: go/cp2-mnc-enterprise-dd
Bug 19546108
Change-Id: I831a8190ae902ae3b1248cce6df02e3a48f602d2
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 4fd8d4ab2aafe8ed73080408223e8b20a953cfc4 |
|
30-Mar-2015 |
Makoto Onuki <omakoto@google.com> |
Revert "Enterprise quick contact 1/2"
This reverts commit 75a0882b946df6de4775c9e54ca023ff54f3f678.
Change-Id: Ibe332885824b228bf1b1147d141c9395554ff67f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 75a0882b946df6de4775c9e54ca023ff54f3f678 |
|
19-Mar-2015 |
Makoto Onuki <omakoto@google.com> |
Enterprise quick contact 1/2
Now openQuickContact goes thorough DPM. When a lookup URI is build with
a lookup key returned by the enterprise lookup APIs for a corp contact, the
lookup key will have a special prefix. In that case we go through DPM
and have it launch QC on the managed profile, if the policy allows.
For now we use the same DPM policy as enterprise-caller-id to disable this.
Design doc: go/cp2-mnc-enterprise-dd
Bug 19546108
Change-Id: I4840e7fad8a6a60249df07d993d26d03619650d4
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| dfb1c2f2053d233cb1bed17b77bbebceb246f3f5 |
|
26-Mar-2015 |
Amith Yamasani <yamasani@google.com> |
am 17b03239: am 8562a7a1: am eedf2fe0: am 0afd1905: Merge "Fix NPE if FPE service does not exist." into lmp-mr1-dev
* commit '17b03239d3152cbcf450ec66f077f07e4c1870e1':
Fix NPE if FPE service does not exist.
|
| 1181ed8a43c8364b19f4877ec58c4e2640d7dca8 |
|
23-Feb-2015 |
Zoltan Szatmary-Ban <szatmz@google.com> |
Add isActiveAdminWithPolicy to DevicePolicyManagerInternal
This method will be used by other system services to decide whether an
app is a profile owner or device owner.
Change-Id: I9577700d03ce2c80c798a60c6c2f480fd1913f43
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a23995c233b3c336d0f405523902606f2583caea |
|
25-Mar-2015 |
Paul Crowley <paulcrowley@google.com> |
Fix NPE if FPE service does not exist.
Bug: 19846662
Change-Id: I44e014c66a524b282cce0cfc9b7513fc0f553576
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| ec32b56cc22658ecb549390fe0096fc6d7b5ac2a |
|
03-Mar-2015 |
Rubin Xu <rubinxu@google.com> |
Add DelegatedCertInstaller API in DPMS
Allow device/profile owner to delegate certificate APIs to third-party
certificate installer apps.
Bug: 19551274
Change-Id: Iaf9abb5ecb1dc0975fa98ea14408fe392d52fbf4
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| bff46bac807ae8a9ebdc22c449a8d4f78711b4d2 |
|
05-Mar-2015 |
Benjamin Franz <bfranz@google.com> |
Add DO policy to disable safe boot mode.
Bug: 19615843
Change-Id: I14dbe911995ec216c57bd285d6b7b04c9684591a
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 4a357cd2e55293402d7172766f7f9419815fc1e8 |
|
19-Mar-2015 |
Alan Viverette <alanv@google.com> |
Replace usages of deprecated Resources.getColor() and getColorStateList()
Change-Id: I8f64fe6c4c44a92ff6d07250223ba590a1d691b0
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 1cc84c992cacdfbe005f29fbaaa1d85e22e4459b |
|
17-Mar-2015 |
Julia Reynolds <juliacr@google.com> |
Merge "Allow initializers to clear reset protection data during device setup."
|
| ee1f24ff2985a32b473244cc464b3ca7854de189 |
|
16-Mar-2015 |
Robin Lee <rgl@google.com> |
Merge "Recognise insecure encryption with a new constant"
|
| 8458e531bfc681ebb0de98476d782ca4d052a145 |
|
16-Mar-2015 |
Nicolas Prevot <nprevot@google.com> |
Merge "Remove the owner userid of cross-profile intent filters."
|
| 916b1e503d50b87bcf724e975a4bc3d32bf31431 |
|
13-Mar-2015 |
Fyodor Kupolov <fkupolov@google.com> |
Merge "Changed the logic of calculating effective password limits"
|
| 68cc42009e656b785420c531e39c131bbe6729cf |
|
11-Mar-2015 |
Benjamin Franz <bfranz@google.com> |
Allow DO to set Settings.Global.STAY_ON_WHILE_PLUGGED_IN
Bug: 19704419
Change-Id: I3fc970eae8ef947775b6b565916bb245dea1b43b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 0a32d35ce2c9de8025ab842f3bc929d5fe287d17 |
|
12-Mar-2015 |
Fyodor Kupolov <fkupolov@google.com> |
Changed the logic of calculating effective password limits
Admins without limit-password policy or passwordQuality below
PASSWORD_QUALITY_COMPLEX, should be excluded from the list when
calculating effective limits.
Bug: 19603660
Change-Id: I7b7d8498c8a072a4c050be48709ce34bddba39a5
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 85865d55f06bade582313c83f27496e3180569a9 |
|
06-Mar-2015 |
Julia Reynolds <juliacr@google.com> |
Allow initializers to clear reset protection data during device setup.
This allows initializers to recover from failures that occur after
it has added an account on the primary user.
Change-Id: I3444f16520eed4b315d6ea4761f598f55d1e6ddd
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f3ece36535d4999cf2bfd2175a33da6c3cdf298e |
|
11-Feb-2015 |
Benjamin Franz <bfranz@google.com> |
Block setting wallpapers from managed profiles.
Silently fail when a managed profile app tries to change the
wallpaper and return default values for getters in that case.
This is implemented through a new AppOp that is controlled by
a new user restriction that will be set during provisioning.
Bug: 18725052
Change-Id: I1601852617e738be86560f054daf3435dd9f5a9f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 2482100fed93eac82f7d4b759bd1ec418b55be58 |
|
06-Mar-2015 |
Julia Reynolds <juliacr@google.com> |
Merge "Allow device and profile owners to set a user icon."
|
| 1c3754a35c434e4102c7ac3dceb887fa137b153b |
|
05-Mar-2015 |
Julia Reynolds <juliacr@google.com> |
Add security check for clearDeviceInitializer in the service.
Bug: 19230954
Change-Id: I5c648492bef0d2b579b6f59b91afc890e3092d36
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 4b8d5821512c6a4fdaf442f6d48e1dc412539136 |
|
05-Mar-2015 |
Nicolas Prevot <nprevot@google.com> |
Remove the owner userid of cross-profile intent filters.
The owner user id was used to identify in which user an app had set
a cross-profile intent filter. But it's not really necessary.
BUG:19505190
Change-Id: Iacc49d31c95e34efee1895e5fbe7224277dbc493
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 75328b703f8f83fdd62f11105ecd61df2ebe4420 |
|
04-Mar-2015 |
John Spurlock <jspurlock@google.com> |
Merge "Audio: Remove the concept of master volume."
|
| ee5ad729b90deff435f9875337cbc434be4f8fe7 |
|
03-Mar-2015 |
John Spurlock <jspurlock@google.com> |
Audio: Remove the concept of master volume.
- Remove two config resources (use master volume, and volume ramp).
- Remove master volume adjustments / getters / intents.
- Retain @hidden setMasterMute, needed for device admin
- Remove master volume logic in AudioService.
- Remove master volume logic in VolumePanel.
- Rename "getMasterStreamType" to "getUiSoundsStreamType" to avoid confusion.
Bug: 19582978
Change-Id: Id02c8fa4898cff3b913147f5ac1b4038e2e7cc24
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| e925440a551b66a3d3121ec8badaf948d71d66a1 |
|
11-Feb-2015 |
Julia Reynolds <juliacr@google.com> |
DOs can clear the DI; rehide hasUserSetupCompleted.
Bug: 19230954
Change-Id: I97467229b23f3c9be1c3c4fff1c888a812f14a95
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| fca04ca0965d5e04dacc025b77f2b4881ee1afd8 |
|
17-Feb-2015 |
Julia Reynolds <juliacr@google.com> |
Allow device and profile owners to set a user icon.
Change-Id: I7c2bafb85cff3fa063af7a2f27b76c69172f0525
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 20118f18c11c01c7743b5646cc1a0039c2e90037 |
|
11-Feb-2015 |
Julia Reynolds <juliacr@google.com> |
Allow the device initializer to perform user setup tasks.
A device initializer is an application that is allowed to run
during user provisioning on device owner devices. During
device provisioning (or, user provisioning of the first user
of the device), a device initializer is granted device owner
permissions. During secondary user provisioning, a device
initializer is granted profile owner permissions. Once
provisioning is complete for a user, all elevated permissions
are removed from the device initializer and the device admin
component of the app is disabled.
Bug: 19230954
Change-Id: Ib6725fb3b09bb21e4198a5dc0b445ccebb40b27e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| abc03c7ae8c9c628de319819a10ce2cbaedf1c86 |
|
26-Feb-2015 |
Nicolas Prevot <nprevot@google.com> |
Merge "Fail silently when changing BLUETOOTH_ON/WIFI_ON directly"
|
| 41916d492c38055928ae5ad1e0b815ff79dc4f5c |
|
24-Feb-2015 |
Nicolas Prevot <nprevot@google.com> |
Fail silently when changing BLUETOOTH_ON/WIFI_ON directly
If the device owner tries to change BLUETOOTH_ON or WIFI_ON via
DevicePolicyManager.setGlobalSetting, fail silently.
There was not much point for the device owner to do it since it can
also change bluetooth/wifi state via normal bluetooth and wifi apis.
BUG:19311992
Change-Id: Ifba163800aa413865b8a2877cb21aacfa5cfc6c8
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 4b7656f18370d1dd73aeca5ec7a45449ca4f00a0 |
|
24-Feb-2015 |
Esteban Talavera <etalavera@google.com> |
Allow setting a Device Owner via ADB on unprovisioned device with preinstalled account
Some devices come from carriers with a preinstalled account. This
means that we couldn't set a device owner via "adb shell dpm"
commands, while the regular device owner flow worked (as the
latter just checked whether the device was provisioned).
Bug: 18354022
Change-Id: I9a677de9d34d073e218b9179ec4b0f5b4b82adc9
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 3795fb0a13bfa3c76113b1ecec383e8767824ee3 |
|
16-Feb-2015 |
Robin Lee <rgl@google.com> |
Recognise insecure encryption with a new constant
This is the default state on some devices which ship with encrypted key
storage set up already but no initial password.
Bug: 18048558
Change-Id: I055527fde21298bae2dbdca8c3a145f19b045aad
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f580c91618fa5d5f783f33db8136734cde6d6862 |
|
20-Feb-2015 |
Nicolas Prevot <nprevot@google.com> |
Merge "Dump the profile/device owner when dumping device policy state."
|
| fcc87275e3f6e6e84ca0677e3422c602686eef36 |
|
19-Feb-2015 |
Fyodor Kupolov <fkupolov@google.com> |
Merge "Code cleanup"
|
| 22029f0a50f8bb08902054123153a215906483d5 |
|
19-Feb-2015 |
Fyodor Kupolov <fkupolov@google.com> |
Code cleanup
Use preconditions for argument checking.
Change-Id: I2e9dcd8da1e0bdac917393376d1a7442ab63a638
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 397999f084467e068eab357c4b47323e3cde0685 |
|
18-Feb-2015 |
Amith Yamasani <yamasani@google.com> |
Merge "Save per-user camera policy in different system properties"
|
| abf3570f382b94d16cc8a06c4b7c434d7a7052aa |
|
17-Feb-2015 |
Robin Lee <rgl@google.com> |
DevicePolicy: Make uid parameter an int
This should not have been a long to begin with.
Change-Id: Icbf6e2e97cb6301b968b3eb8b3f9a46331f7983e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 7a7f0c9756150b0b429fce41c9ce7c520e94f275 |
|
16-Feb-2015 |
Nicolas Prevot <nprevot@google.com> |
Dump the profile/device owner when dumping device policy state.
BUG:19363615
Change-Id: Icf04b39ce8c592544e69c52f229a2c1bdab661e2
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f6901eb9e277491c9b3dc1fcc5b1f18b1a569ae3 |
|
16-Feb-2015 |
Robin Lee <rgl@google.com> |
Merge "Device Policy API to choose a private key silently"
|
| 509569807452e6d96b0c90abb092d5e8258afe66 |
|
13-Feb-2015 |
Amith Yamasani <yamasani@google.com> |
Save per-user camera policy in different system properties
If a device admin for a user disables the device cameras,
only apply that policy to that user and not globally.
Corresponding change in CameraService looks into the
per-user system property.
This also fixes the bug that managed profile owner is
able to disable camera for the personal profile.
Bug: 19345698
Change-Id: Ibd5e438544a0409f26087ced247d50c706fcf843
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 5cfd3d8b51b0e21c37d80e3cf5570bae8efe1bc1 |
|
11-Feb-2015 |
Nicolas Prevot <nprevot@google.com> |
Merge "Avoid NullPointerException in enableSystemApp if the app is absent."
|
| 0413046f12316f36d12e91ba6dbafc53a7c20408 |
|
11-Feb-2015 |
Nicolas Prevot <nprevot@google.com> |
Dont throw an exception for non-system apps when enabling system apps.
In EnableSystemAppWithIntent: if a non-system app matches the intent:
ignore it instead of throwing an exception.
Change-Id: I64dc9a0bbc1a6bc5e2159a33b7273464ed2518c5
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 637baaf0db76f9e1e51eeab077ffb85da0ff9308 |
|
10-Feb-2015 |
Nicolas Prevot <nprevot@google.com> |
Avoid NullPointerException in enableSystemApp if the app is absent.
In enableSystemApp: if the app is absent, throw a IllegalArgumentException
instead of failing with a NullPointerException.
BUG:19321306
Change-Id: I4ec09a0a77d29ca04e8d52f5546c1e4d0f8641e5
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 3775a3f8861304073c2b2079f0b9a315a58c1d1a |
|
05-Feb-2015 |
Kenny Guy <kennyguy@google.com> |
am a2ced3e8: am 8d12d3da: Merge "Only switch user if current user is being wiped" into lmp-mr1-dev automerge: eeb43fb
* commit 'a2ced3e879458786edf715a0016293791db7fd65':
Only switch user if current user is being wiped
|
| 3798ed5e0b56ab03e7022a9922b50a4a25474033 |
|
03-Feb-2015 |
Robin Lee <rgl@google.com> |
Device Policy API to choose a private key silently
Support for certificate chooser (keychain) to first query a profile
owner (if one exists) for a silent credentials grant which will be
passed back to the caller as an alias.
Bug: 15065444
Change-Id: I0729b435c218b7991e6cb5faedefb7900577afcc
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| e9acb59a91f46c962151a58142448fd9f4101814 |
|
04-Feb-2015 |
Kenny Guy <kennyguy@google.com> |
Only switch user if current user is being wiped
Only try and switch to owner if the current user
is being removed.
Bug: 19252449
Change-Id: I0143d87360db0834876821cbf52fec4933ecbd35
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| babdb0dc36290ba3a9dd040a38f9a3649fb6d510 |
|
30-Jan-2015 |
Fyodor Kupolov <fkupolov@google.com> |
Merge "Removed userHandle from setXXX methods"
|
| bdc58c66af3440f963731cdcdf820d7108d9f98a |
|
29-Jan-2015 |
Fyodor Kupolov <fkupolov@google.com> |
Removed userHandle from setXXX methods
User handle is now extracted from UID of the calling process.
Previously setXXX methods may not work properly, if userHandle parameter
was different from a user of the calling process. In practice, this wouldn't
have happened because setters were always called with a userHandle of the
caller process.
Bug:17202572
Change-Id: I1c08c54c975a04b8c54719a1e280ad3cfaff2e67
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 4197cb60bc74629fe4c04ab10cb3b1c9a7427d24 |
|
22-Jan-2015 |
RoboErik <epastern@google.com> |
Move mute/unmute handling to adjust volume paths
This deprecates the setStreamMute and setStreamSolo APIs. Soloing is no
longer supported and muting is redirected through the adjust volume APIs.
Also updates the hidden master versions of these APIs.
Change-Id: I65d2a5d5fc15b386bd497abf8ca6869fec75a26a
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 8e1b6d949be6d71cfb137f22d0b36bcf511568e2 |
|
26-Jan-2015 |
Benjamin Franz <bfranz@google.com> |
am ad664808: am 6d16b861: Merge "Avoid NullPointerException if createUser returns null" into lmp-mr1-dev automerge: 2805669
* commit 'ad66480838189332b82cd2861bca4357aa2b93da':
Avoid NullPointerException if createUser returns null
|
| 43daa008f3e5287b6bec27289c96440e71b5fbf7 |
|
26-Jan-2015 |
Zoltan Szatmary-Ban <szatmz@google.com> |
am 20bd0c23: am 059b8ab6: am 414ea81e: Merge "Ensure notifications are sent when locking/unlocking location share" into lmp-mr1-dev
* commit '20bd0c232cd4421affc871ccd01492ecd04316d0':
Ensure notifications are sent when locking/unlocking location share
|
| 6d16b8614ac4c5aa44304e6fdcb9ed8aeec675fd |
|
26-Jan-2015 |
Benjamin Franz <bfranz@google.com> |
Merge "Avoid NullPointerException if createUser returns null" into lmp-mr1-dev
|
| 414ea81ea364d7b961cbfb885c30729595e3a7b2 |
|
26-Jan-2015 |
Zoltan Szatmary-Ban <szatmz@google.com> |
Merge "Ensure notifications are sent when locking/unlocking location share" into lmp-mr1-dev
|
| f87b174dac87ed9e95e8522bfb836707f4a2239d |
|
23-Jan-2015 |
Benjamin Franz <bfranz@google.com> |
Avoid NullPointerException if createUser returns null
If createUser returns null, we run into a NullPointerException
in createAndInitializeUser. This can happen when the policy
DISALLOW_ADD_USER is set.
Bug: 19121141
Change-Id: Id4bda832a243fa42c31eb5a176ecaa248aee68f5
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| cd7b506c19dff4a68b46631fcede73f55547f985 |
|
23-Jan-2015 |
Benjamin Franz <bfranz@google.com> |
am bfca5f40: am 266303fd: Merge "Avoid SecurityException when calling getUserData" into lmp-mr1-dev
automerge: 07b87e5
* commit '07b87e537da3ec658235fe1d874c7dba5b4d696d':
Avoid SecurityException when calling getUserData
|
| 266303fdb02ca1cf6df348e1af6830675476fd78 |
|
23-Jan-2015 |
Benjamin Franz <bfranz@google.com> |
Merge "Avoid SecurityException when calling getUserData" into lmp-mr1-dev
|
| 871fa7343a2ff8de837a721eacfc576b19438e54 |
|
16-Jan-2015 |
Zoltan Szatmary-Ban <szatmz@google.com> |
Ensure notifications are sent when locking/unlocking location share
When the restriction 'DISALLOW_SHARE_LOCATION' is applied or removed on a user
it is important to send out notifications to content observers of
LOCATION_PROVIDERS_ALLOWED.
Bug: 18995405
Change-Id: I8b3910a423a012ea9d15470eec101723c9f0eaf7
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| fadb2b3a27e4c23f5c566e6f7eadfaed9e23e68c |
|
14-Jan-2015 |
Benjamin Franz <bfranz@google.com> |
Avoid SecurityException when calling getUserData
Currently we risk getting a SecurityException in a number of places,
where getUserData is called for a different user than the calling user.
To avoid this, the caller is cleared in a helper function.
Bug: 18662452
Change-Id: Ibc131c602e52d9f013fe739a9c18e693181ded67
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 2dc53c560bcba5d423eb4f87533897ac34047eee |
|
16-Jan-2015 |
Kenny Guy <kennyguy@google.com> |
am 4be433dc: am 10dd6eef: am fd846dfb: Merge "Sync file before using JournaledFile commit." into lmp-mr1-dev
* commit '4be433dc0b817fd4129e2bd99edb4c484f980600':
Sync file before using JournaledFile commit.
|
| 212037f7cdbf3ac3712ab16f885d62da7f850fe0 |
|
15-Jan-2015 |
Kenny Guy <kennyguy@google.com> |
Sync file before using JournaledFile commit.
Ext4 doesn't guarantee that write file.new / close file.new
rename file.new to file will mean data in file.new makes it
to file atomically. The rename may happen with previous contents
of file.new and then later update to new contents
See docs for noauto_da_alloc
So rebooting the device during JournaledFile.commit may
mean we are left with an empty file.
Bug: 18590558
Change-Id: I35322c82871bed30c2c6ebbd1388338f0471f3ba
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 7f7ea82c28f01798b15686aa45733885beebcc6e |
|
08-Jan-2015 |
Robin Lee <rgl@google.com> |
Profile owner hint in warning for extra CAs
The version of the warning with a named installer should be shown in
the case of a managed profile, not only a managed device.
Bug: 18224038
Change-Id: I27865f77e963b9b15416f2e4a4ffc38fed8f5532
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| e53b7dd0667208f956e20b932f85ba670eb074f9 |
|
08-Jan-2015 |
Robin Lee <rgl@google.com> |
Revert "Profile owner hint in warning for extra CAs"
This reverts commit e1d8dcd9e170c1ed8a13b6e1256ea1fb22c26c49.
Something funny happened in the process of submitting this,
swathes of strings.xml became mis-encoded.
Bug: 18224038
Change-Id: I0276ff3f880fe749546e8cc7e3e2f41c22c27705
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| dce0122ea2d27474890d5e18ba4b7e4d06303e53 |
|
07-Jan-2015 |
Adrian Roos <roosa@google.com> |
Explicitly specify user on LPU's private methods
Also fixes a bug in DevicePolicyManagerService where
the wrong user was used.
Bug: 18931518
Change-Id: I7ae8ecfdb1c835cdee7eafa2b96e1ec8b712977b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 230635efe7ffb09d6dc56bfd9193aa1d89c8a898 |
|
07-Jan-2015 |
Adrian Roos <roosa@google.com> |
Purge biometric weak and keyguard widgets
Bug: 18931518
Change-Id: I5da41908b1d6895a69f981e139f2d268327fafcd
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 8e99586830640796209b935421868754f3ebf1d7 |
|
07-Jan-2015 |
Robin Lee <rgl@google.com> |
am 26e2da8f: am 374c358d: Merge "Profile owner hint in warning for extra CAs" into lmp-mr1-dev
automerge: 23bb3f1
* commit '23bb3f11cbe4ca64337b5b75c333ea891760213f':
Profile owner hint in warning for extra CAs
|
| e1d8dcd9e170c1ed8a13b6e1256ea1fb22c26c49 |
|
05-Jan-2015 |
Robin Lee <rgl@google.com> |
Profile owner hint in warning for extra CAs
The version of the warning with a named installer should be shown in
the case of a managed profile, not only a managed device.
Bug: 18224038
Change-Id: I58bddb162799481d5e8feb169b0c0bff17cbeeb7
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 77f9a44adb07640762873ef0f80d32570771f154 |
|
28-Dec-2014 |
Robin Lee <rgl@google.com> |
am b4b14e39: Merge "Revert "DevicePolicy: Don\'t warn about managed profile CAs"" into lmp-mr1-dev automerge: c9db16c
automerge: b6b7d42
* commit 'b6b7d4251cdab1843ae9b2ae167ac9276ada241e':
Revert "DevicePolicy: Don't warn about managed profile CAs"
|
| b4b14e391dbcde537350ccf649b3603cafba1e6c |
|
23-Dec-2014 |
Robin Lee <rgl@google.com> |
Merge "Revert "DevicePolicy: Don't warn about managed profile CAs"" into lmp-mr1-dev
|
| 853964927c12926321911081217c5f0742e7e82a |
|
22-Dec-2014 |
Robin Lee <rgl@google.com> |
Revert "DevicePolicy: Don't warn about managed profile CAs"
This reverts commit 80559f4aadb3419eecdf6bf61945af584cd2aa8a.
Bug: 18224038
Change-Id: I108a4e8cf185401fef4806e1ad8c2cc78992e843
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 77779aa3a5eea2d275c82035b025df85b7702f07 |
|
09-Dec-2014 |
Fyodor Kupolov <fkupolov@google.com> |
am d483a85e: am fed2812d: am 22afe626: Merge "Added isRemovingAdmin method" into lmp-mr1-dev
* commit 'd483a85e69c3bb83b25473b93806e063b72c9315':
Added isRemovingAdmin method
|
| f66a43e398cc0be60aaf1a16a7b77f1cf0ff8f11 |
|
09-Dec-2014 |
Amith Yamasani <yamasani@google.com> |
am 81b27f4c: am b2905092: am 0702752c: Merge "Potential fix for accidental deactivation of profile owner" into lmp-mr1-dev
* commit '81b27f4c9fcdb1e3379152d08a3abc0fb5e62c53':
Potential fix for accidental deactivation of profile owner
|
| 22afe6261aab343070b63c60a1f4c7ce6f4383f9 |
|
05-Dec-2014 |
Fyodor Kupolov <fkupolov@google.com> |
Merge "Added isRemovingAdmin method" into lmp-mr1-dev
|
| 96fb932666539e2b3be26ef91eb248a9ace5678e |
|
02-Dec-2014 |
Fyodor Kupolov <fkupolov@google.com> |
Added isRemovingAdmin method
Added isRemovingAdmin method, so that clients can query if device
admin is currently being removed.
Bug: 17609838
Change-Id: I82547a9eeb228fcf8ac2a6e639ca1a75fa41d161
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a0116afeaf9363c5a662624dda77b550aa9172a8 |
|
04-Dec-2014 |
Amith Yamasani <yamasani@google.com> |
Potential fix for accidental deactivation of profile owner
This is a safeguard to only check for changing packages when
re-validating active admins.
1. If package is being removed, only check if it's not being
replaced.
2. If package is changing, only check the changing package that
matches one of the active admins.
3. If package is being added and is a replacement (update), then
check if it affects any matching active admins and verify the
validity of the receivers.
If by any chance some package broadcast was occuring at a time when
an admin was being updated, or the package removed broadcast was
coming in much before the update was registered with package manager
then this will help in avoiding accidental deactivation.
Bug: 18590558
Change-Id: I7f4897e8836f81aa037b8be87d399942ce78b1a2
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 5ff0e5fb6b339a7dea0cbc344e88673b7a99e593 |
|
26-Nov-2014 |
Paul Crowley <paulcrowley@google.com> |
am 0d122e26: am ba94fd5e: am 77e25331: Merge "Add flag for wiping factory reset protection data." into lmp-mr1-dev
* commit '0d122e265c52ef25dbad652378b3a5e51a86f041':
Add flag for wiping factory reset protection data.
|
| e07f2c01afbc2d38ce7252a9bbc55fae4b5ea1e6 |
|
26-Nov-2014 |
Robin Lee <rgl@google.com> |
am a7ffed86: am cc19e8b8: am 692e4933: Merge "DevicePolicy: Don\'t warn about managed profile CAs" into lmp-mr1-dev
* commit 'a7ffed86fce0a0cab8915bd6a727605959f08bb7':
DevicePolicy: Don't warn about managed profile CAs
|
| 77e25331ca7ad1fb69fbe7fbec69179824e46e59 |
|
25-Nov-2014 |
Paul Crowley <paulcrowley@google.com> |
Merge "Add flag for wiping factory reset protection data." into lmp-mr1-dev
|
| a7e87acb2416d4212c84fb9c45353dbf6ee15e6a |
|
18-Nov-2014 |
Paul Crowley <paulcrowley@google.com> |
Add flag for wiping factory reset protection data.
Bug: 18366448
Change-Id: If8904888a6bf8611d34647e6d65d2347d824dbb3
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 80559f4aadb3419eecdf6bf61945af584cd2aa8a |
|
25-Nov-2014 |
Robin Lee <rgl@google.com> |
DevicePolicy: Don't warn about managed profile CAs
Setting up a managed profile should have included a step to warn about
this sort of thing already. As the user should trust the profile owner
anyway it's hard to argue this warning is needed.
Bug: 18224038
Change-Id: Ie86ba26851af726c0dec30eb9c32894ed6bb4a00
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| e1d84dd914ffe29fe821b814924b0a56506dc238 |
|
25-Nov-2014 |
Adrian Roos <roosa@google.com> |
am 9a4d0257: am 520d20c1: am 702d9e31: Merge "Fix DPM.resetPassword("")" into lmp-mr1-dev
* commit '9a4d0257beadf53c706afbcb4abc76c17a44ff00':
Fix DPM.resetPassword("")
|
| 702d9e31b1bcacff975a2b8e0d04160bbd6811ed |
|
24-Nov-2014 |
Adrian Roos <roosa@google.com> |
Merge "Fix DPM.resetPassword("")" into lmp-mr1-dev
|
| 9d4e6a83553b2d8cc8c6d4fcce6c2af2bf52c874 |
|
22-Nov-2014 |
Amith Yamasani <yamasani@google.com> |
am 1f26bf6b: am 108bdbc9: am efb2df69: Merge "Different messages when wiping user and not device" into lmp-mr1-dev
* commit '1f26bf6bfd683b840f688b41d285fd9c942e6ed5':
Different messages when wiping user and not device
|
| 3a3d212a51974ccec6100c1e117225291edc83cc |
|
29-Oct-2014 |
Amith Yamasani <yamasani@google.com> |
Different messages when wiping user and not device
There are 3 types of users
1. Primary - device will be wiped
2. Managed profile - profile will be removed
3. Secondary user - user will be removed
Show different messages for almost wipe and wipe in each
of these 3 cases.
Bug: 16843155
Change-Id: Icecfe520622773da9e45465bf2217e8ed38b266e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| ffba290a33b2b7a8c1bd393e0286686f99b2dbb8 |
|
21-Nov-2014 |
Zoltan Szatmary-Ban <szatmz@google.com> |
am 5c374a58: am b3d0580f: am 08229e81: Merge "Shutdown backup manager service when device owner is set" into lmp-mr1-dev
* commit '5c374a582ceff913e420d21d63e1d7b087d6fc56':
Shutdown backup manager service when device owner is set
|
| 08229e817ecb67b0c7ebbd6b5b9ce4aef1b38cc2 |
|
21-Nov-2014 |
Zoltan Szatmary-Ban <szatmz@google.com> |
Merge "Shutdown backup manager service when device owner is set" into lmp-mr1-dev
|
| f8f56bce428bb2b89d1d572ccd2d604761dbbce8 |
|
20-Nov-2014 |
Adrian Roos <roosa@google.com> |
Fix DPM.resetPassword("")
While we're at it, also fix some multi-user issues in
LockPatternUtils.
Bug: 17496766
Change-Id: I8e557ea640fa589817c8f8f818c91463585d5ea7
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 4221126b95db7fc81e4735a18a92aa40621bd2af |
|
19-Nov-2014 |
Rubin Xu <rubinxu@google.com> |
am 3c1d5e2f: am 40603baa: am 735f2285: Merge "Remove permission check in DevicePolicyManager.isUninstallBlocked()" into lmp-mr1-dev
* commit '3c1d5e2f9d0724f0a10313244d0ef47957d855f2':
Remove permission check in DevicePolicyManager.isUninstallBlocked()
|
| dbf32fe93a4fa59961a83dfdc30c281978d22121 |
|
19-Nov-2014 |
Rubin Xu <rubinxu@google.com> |
am f978e667: am 0122db0a: am 3a7d3fc6: Merge "Fix equality test in getProfileOwnerAdmin()" into lmp-mr1-dev
* commit 'f978e667a6395902be09f3dd6c5c6b8d17ce58da':
Fix equality test in getProfileOwnerAdmin()
|
| 735f22850edcb5c2447c37cb96f048de8a742907 |
|
19-Nov-2014 |
Rubin Xu <rubinxu@google.com> |
Merge "Remove permission check in DevicePolicyManager.isUninstallBlocked()" into lmp-mr1-dev
|
| 3a7d3fc60e1347ff9bdddb8040237e2818d67a0e |
|
19-Nov-2014 |
Rubin Xu <rubinxu@google.com> |
Merge "Fix equality test in getProfileOwnerAdmin()" into lmp-mr1-dev
|
| a97855b784243c00b99dfcb6595164ab4a88d05c |
|
07-Nov-2014 |
Rubin Xu <rubinxu@google.com> |
Remove permission check in DevicePolicyManager.isUninstallBlocked()
This is to allow Play to use this API to find out whether a package
is uninstallable due to profile or device owner policy's restriction.
Bug: 17914630
Change-Id: I4ce2963884ecdf3306805f36db80ed1ebf04d88f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 0477f716311ab03ef89ce9ecb288182c0aa25d4a |
|
14-Nov-2014 |
Fyodor Kupolov <fkupolov@google.com> |
am 70b2de7c: am 6dd9f86f: Merge "Added synchronization to handlePackagesChanged method" into lmp-mr1-dev automerge: a07bdda
* commit '70b2de7c25a083a44042ddd0cb8b2a24dde53e6e':
Added synchronization to handlePackagesChanged method
|
| 26ac6a6fd0ef43803c6edd786c8f1fa715ae3cca |
|
13-Nov-2014 |
Zoltan Szatmary-Ban <szatmz@google.com> |
Shutdown backup manager service when device owner is set
Bug: 16641441
Change-Id: I3fe54e43324c15dabd56834a923e8e8cb4eea98d
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d01ff6d4c35edecd3d250d65ca1ab63699e0d642 |
|
12-Nov-2014 |
Fyodor Kupolov <fkupolov@google.com> |
Added synchronization to handlePackagesChanged method
Method handlePackagesChanged modifies the policy data without holding the
lock. It also calls methods which expect a lock to be held -
validatePasswordOwnerLocked, syncDeviceCapabilitiesLocked, saveSettingsLocked.
Bug: 18262633
Change-Id: Ia4bdc6edc66bccf8a4288e048171ff20858ae2f6
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 7c2f2422301f0fb84cbcccca353ecf291bb7f1e0 |
|
12-Nov-2014 |
Amith Yamasani <yamasani@google.com> |
am e73cab5f: Merge "Allow profile owners to set the unknown source setting" into lmp-mr1-dev automerge: 93ffd5d automerge: 15de62d
* commit 'e73cab5f1226f7434fa8bbf341e91891916683c5':
Allow profile owners to set the unknown source setting
|
| 70170261cbd966501a673ba5548dcab823037cfb |
|
12-Nov-2014 |
Jeff Brown <jeffbrown@google.com> |
am 32f7a6d8: Merge "Move device admin max screen off timeout to internal interface." into lmp-mr1-dev automerge: c1275e7
automerge: a473878
* commit 'a4738781584d58e133fc4d0f55d9b7ebcb246ff6':
Move device admin max screen off timeout to internal interface.
|
| 52c39a16db077f5017ab20214e60a205e075f2d7 |
|
21-Oct-2014 |
Amith Yamasani <yamasani@google.com> |
Allow profile owners to set the unknown source setting
This allows work profile MDM to enable unknown sources
even if the user doesn't have UI for it. Installing an
app from an unknown source will still prompt the user
with the package installer dialog, so it's not like the
MDM can now quietly install apps from non-market sources.
Bug: 18316350
Change-Id: Ia8f4fe36f12a258aa888e085acc0b358925f4817
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 5ce1cb240b13db98fbdc21e1ef069b5f9cec8d72 |
|
07-Nov-2014 |
Jeff Brown <jeffbrown@google.com> |
Move device admin max screen off timeout to internal interface.
The setting was previously exposed in IPowerManager but it
doesn't need to be there.
Bug: 17656076
Change-Id: If3ed0cbe89f67c60aa00376be0c54b1bd9656144
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| cc56956025c8e562513f63a3457a3fc0ee052405 |
|
06-Nov-2014 |
Jim Miller <jaggies@google.com> |
am 767ae175: am 6230cdf5: am 262dc4da: Merge "Update TrustAgentService API after review" into lmp-mr1-dev
* commit '767ae175fab5a93f4948b3722549448eb4b55e41':
Update TrustAgentService API after review
|
| e303bf443532c2ad756260133f00747bcff11e69 |
|
27-Aug-2014 |
Jim Miller <jaggies@google.com> |
Update TrustAgentService API after review
This change incorporates API council feedback and enables the
TrustAgent whitelisting API.
It also contains a minor cleanup of DPM's use of UserHandle
to eliminate unnecessary object creation.
Fixes bug 17008504
Change-Id: I63cc50169fde54b34406845818bcaf6aadc1a3db
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d7892e71a85989a3afc6388d917ab9961a607f24 |
|
30-Oct-2014 |
Rubin Xu <rubinxu@google.com> |
Fix equality test in getProfileOwnerAdmin()
The equality test should compare a ComponentName, which admin.info is not.
Bug: 18186447
Change-Id: If984ae2e0da958889564ba30716d65245a78d60f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 7e351fdae8e9f40a095fa16d9cf39ce9a463a652 |
|
27-Oct-2014 |
Yohei Yukawa <yukawa@google.com> |
Stop querying package names unnecessarily
This is just a code clean-up. No behavior change is intended.
BUG: 18131340
Change-Id: Ia88374cde7845553530ddd1176f983101e4ec13f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f5c00c1c1136c9752b9c0157f9eca6385d7b9448 |
|
28-Oct-2014 |
Benjamin Franz <bfranz@google.com> |
Merge "Send ACTION_DEVICE_POLICY_MANAGER_STATE_CHANGED Broadcast when a user restriction has been changed." into lmp-mr1-dev
|
| 05720542613ec79c4b87453845231c838dbe0d03 |
|
15-Oct-2014 |
Benjamin Franz <bfranz@google.com> |
Send ACTION_DEVICE_POLICY_MANAGER_STATE_CHANGED Broadcast when a user restriction has been changed.
Bug: 17916693
Change-Id: I6bca83ad6224ab6f1e4bdf41a10f514823c66755
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| e69bdca44bbbd16b990b9be0eba24e88cbb7f8f8 |
|
20-Oct-2014 |
Robin Lee <rgl@google.com> |
DevicePolicy: Restore CA warning to K behaviour
Some tests rely on this being dismissible. Additionally it turns out
some users don't like having a hulking great notification follow them
around everywhere.
Bug: 17985258
Change-Id: If05a07b9eaa402a48f9a14647effc1df32c796e1
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| cd410ba4e816b657020cafb23e69206734726b42 |
|
17-Oct-2014 |
Amith Yamasani <yamasani@google.com> |
Use the correct method to check if device is encrypted
DPM's method will return false if encrypted by default password,
preventing the changing of encryption password to lockscreen password.
Check if the device is encrypted by some means, instead.
Also fix a SecurityException when Device Admin queries encryption state
(recent regression)
Bug: 17881324
Change-Id: Id897e61c5e254ab3f8dc569285428a73005303ea
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 3836c9a4c145cd683151bd627a22958303a418c2 |
|
15-Oct-2014 |
Jim Miller <jaggies@google.com> |
Fix getStorageEncryptionStatus() in DevicePolicyManager
This fixes a bug introduced by a change where the function
ignores systems with default encryption where it's disabled.
The fix also checks to see if vold thinks the device is secure.
Fixes bug 17881324
Change-Id: I2c40f76cf990d90d1a825955aa3b080b21684426
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 2c3886cb3463ff39c1986c5b85eba79748dd8c24 |
|
15-Oct-2014 |
Amith Yamasani <yamasani@google.com> |
Merge "Fix admin policies in managed profiles" into lmp-dev
|
| 242f4b125939276be866bb0a637b89bfbc5aa880 |
|
15-Oct-2014 |
Amith Yamasani <yamasani@google.com> |
Fix admin policies in managed profiles
Some of the admin policies are throwing security exceptions in
a managed profile without being documented correctly and others
shouldn't be throwing security exceptions.
Changed setCameraDisabled() to not throw an exception. It now just
prevents work profile apps from using the camera.
Changed wipeData() to allow passing in ERASE_EXTERNAL_STORAGE. In
secondary users/profiles, this is just going to remove the user, so
the flag is harmless.
Updated documentation for setKeyguardDisabledFeatures() and resetPassword()
to indicate that they cannot be called in a managed profile.
Bug: 17987913
Change-Id: I8060be4c2d32bdd4edb46ce543551fabb9c8c983
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 28433dbdabd3f60224131039911a8f1def3fe670 |
|
15-Oct-2014 |
Svetoslav <svetoslavganov@google.com> |
Fix a NPE in device policy manager service.
It is possible that the device does not have an owner. If there
is no owner we get a NPE when asking the device policy manager
for cross-profile widget providers.
bug:17989189
Change-Id: I5759f2dec160ed8076ab47fdf09134f78c57458d
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d0130e85398aea84151765a8706109beedb20c37 |
|
06-Oct-2014 |
Robin Lee <rgl@google.com> |
DevicePolicy: One cert tracker warning per profile
Shows one notification per profile instead of one notification per
user or (previously) one notification per device.
Bug: 17794425
Change-Id: I6f0d34a16fa2a45082941387ac765dd99eefa131
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 004a4b20f8d3116e6a711525960d433fcfea4ee4 |
|
24-Sep-2014 |
Jeff Sharkey <jsharkey@android.com> |
Include reason when wiping data.
This will help us track down who requested a data wipe.
Bug: 17412160
Change-Id: If8413e5d6377773f37e8b34ae3d26347226a027c
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 8d9f12161823f267179f46825734c188b6c75b09 |
|
19-Sep-2014 |
Amith Yamasani <yamasani@google.com> |
Merge "Allow primary user profile owner to set device restrictions" into lmp-dev
|
| dd31a10c7f194d70411c8fb8ca8c0ab6751dccb2 |
|
16-Sep-2014 |
Jessica Hummel <jhummel@google.com> |
bug fix: Allow enableSystemApps to be called by profile and device owner.
We had an additional check for managed profile in there, so it wasn't working for device owners. Also needed to look at uninstalled packages.
Change-Id: I4813f23b00d7905e92ade582ce082a6f295a322d
Bug: 17384318
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| c34dc7cdeb5cae8ca4c731838aafe90ed4c9a2b8 |
|
18-Sep-2014 |
Amith Yamasani <yamasani@google.com> |
Allow primary user profile owner to set device restrictions
In addition to device owners, profile owners on the primary user
can also set user restrictions that are necessary to lock down the
user.
This is to enable the case of a profile owner registered after setup
wizard is completed, on the primary user.
Also make managed profile vs. profile wording consistent in the
DevicePolicyManager docs.
Bug: 17555025
Change-Id: Ib9d08b8af34a99b25e11757fa7dc83673a7deb32
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d616a3357872ca0142611576884df4495e7ccbd6 |
|
12-Sep-2014 |
Amith Yamasani <yamasani@google.com> |
Prevent device owner registration after setup is complete
This change prevents adding a device owner after setupwizard
has finished provisioning. Only the new dpm shell command
can set a device owner.
Bug: 17316711
Change-Id: I98bdfd9b8c8da3042111c45e2e7fd2b559fac510
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d09fbafa9242e67450c2f85807a159152d4761c8 |
|
12-Sep-2014 |
Esteban Talavera <etalavera@google.com> |
Merge "Add new adb dpm (= DevicePolicyManager) command" into lmp-dev
|
| b5ef162129ced7e9636052af6b7f08d677a01f13 |
|
08-Sep-2014 |
Esteban Talavera <etalavera@google.com> |
Add new adb dpm (= DevicePolicyManager) command
Adds new adb command to execute DevicePolicyManager tasks. First subcommand
allows us to set a device owner on a provisioned device (provided no accounts
are associated with the device). This is required as GTS tests run on provisioned
devices. We plan to add more subcomands required for new GTS tests, such as the
ability to create a managed profile.
Bug: 17312478, 17316711
Change-Id: I2613178ea82a6c6268e7f8012e74c4a852fea0d4
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 26408ccd8e852d947e58021792bfc3b315e5948d |
|
08-Sep-2014 |
Bernhard Bauer <bauerb@google.com> |
Add DevicePolicyManager PrivateKey mgmt
Additional device policy API to install keypairs to the keychain
silently.
Bug: 15065444
Change-Id: Idc25774c9ab1a61080290bebd6f5c4f24e6ee2e0
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f58e532e015ef31d879ee51aeeb251349784717c |
|
11-Sep-2014 |
Amith Yamasani <yamasani@google.com> |
Merge "Apply cross-user restrictions to Shell" into lmp-dev
|
| d86734b4695a92359ed38d6053ed1ce16a470634 |
|
11-Sep-2014 |
Julia Reynolds <juliacr@google.com> |
Merge "Allow device owners to update LOCATION_MODE." into lmp-dev
|
| 8cd28b57ed732656d002d97879e15c5695b54fff |
|
09-Jun-2014 |
Amith Yamasani <yamasani@google.com> |
Apply cross-user restrictions to Shell
Even though Shell user is allowed to perform cross-user actions,
lock that path down if the target user has restrictions imposed by
the profile owner device admin that prevents access via adb.
If the profile owner has imposed DISALLOW_DEBUGGING_FEATURES, don't
allow the shell user to make the following types of calls:
start activities, make service calls, access content providers,
send broadcasts, block/unblock packages, clear user data, etc.
Bug: 15086577
Change-Id: I9669fc165953076f786ed51cbc17d20d6fa995c3
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a240d8377a3a45ddd4daccdb6b34f51644296486 |
|
05-Sep-2014 |
Amith Yamasani <yamasani@google.com> |
Merge "Don't allow guests to install from unknown sources" into lmp-dev
|
| 82735bcb1400cb5ab2da763a236a55927d87ab00 |
|
04-Sep-2014 |
Julia Reynolds <juliacr@google.com> |
Allow device owners to update LOCATION_MODE.
Bug: 17388933
Change-Id: If3267aa52c2611cf764a19bee019c312f6ebf5d1
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 127343cb460c8d23f9fb59bcf4bcea6e9b9cea03 |
|
04-Sep-2014 |
Craig Mautner <cmautner@google.com> |
Merge "Eliminate deadlock by deferring wipe data call" into lmp-dev
|
| 66eb5218335886fed1978891bd0f2d04d2109563 |
|
04-Sep-2014 |
Craig Mautner <cmautner@google.com> |
Eliminate deadlock by deferring wipe data call
The call to RecoverySystem.rebootWipeUserData() was made while
holding the lock to DevicePolicyManagerService. But it blocks
waiting for system_process' main thread to receive the ordered
broadcast complete callback. It won't receive that callback
because Keyguard is running on the main thread and is concurrently
blocked on DevicePolicyManagerService.
By moving the call to rebootWipeUserData() out of the synchronized
block the deadlock is eliminated.
Fixes bug 16870054.
Change-Id: I3eb587211e5484859cc9dab7e80e5a1f6c85225d
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 29ce85bab94a2d0dc98d9075ae86c8a282367117 |
|
04-Sep-2014 |
Amith Yamasani <yamasani@google.com> |
Don't allow guests to install from unknown sources
Added a user restriction when creating a guest.
Made sure that guests can't install profile owners that
could undo the restriction.
Bug: 17359648
Change-Id: Icdd919e8b1cbd79a69aacb76e573ec3449f18e4c
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 808f6ef2ac2127ea0ea14e71c9599355b631a617 |
|
28-Aug-2014 |
Esteban Talavera <etalavera@google.com> |
Pass ComponentName to probing certificate methods
Pass ComponentName and check whether that admin is a profile owner on DPM
get/has certificate methods (requested on the API review).
As per Change I55eec17e01489ab323f8a0e68b11592605a7b740, not keeping track of
which admins installed which certificates for now:
"Having per-admin CA certificates would be a fair bit of work. The only MDMs
we're opening this up to for now are Device and Profile Owners which 100%
manage the profile so will be the only admin.
It seems like if we keep track of "who installed which certs" it'll be a little
pointless because the answer will always be "the ProfileOwner" for every single
one."
Bug: 17005622
Change-Id: I45e9dac5236ab4ed235a341c208ac3cb6aba17da
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a8528c642090525f0e5f3c35dc3ba5a50ff17093 |
|
28-Aug-2014 |
Julia Reynolds <juliacr@google.com> |
Merge "Audio/Micrphone user restriction/multiuser updates." into lmp-dev
|
| 65c27970821f022d5c256eba8b764f584210e683 |
|
28-Aug-2014 |
Robin Lee <rgl@google.com> |
Relocate broken getCallingUserId() calls
This should not be invoked while the calling identity is cleared
because it will return the current user rather than the calling user.
Bug: 17314802
Change-Id: I587daa420b0976d41928ab7c34eeda2329c1341e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 729b2a6c2f330c10674bb3fc0c4f2eb57e3d0a43 |
|
27-Aug-2014 |
Esteban Talavera <etalavera@google.com> |
Renamed getUninstallBlocked to isUninstallBlocked
As per API review.
Bug: 17297103
Change-Id: Icb4ceded317b0df4deb0f5221512541a632e150b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| b53453fae037d67e421011936c8fdffe7ba43922 |
|
22-Aug-2014 |
Julia Reynolds <juliacr@google.com> |
Audio/Micrphone user restriction/multiuser updates.
1. Persist microphone mute state.
2. Set mute state for correct user.
3. Check for settings restrictions as the correct user.
Bug: 17177502
Bug: 16701642
Change-Id: Id8b6cd90c5caceb67fbec862f90aac7ec7a00b3c
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 19d431f330bf1d89c92c0971dad5fa8f5950b16d |
|
27-Aug-2014 |
Julia Reynolds <juliacr@google.com> |
Merge "Limit the settings profile/device owners can update." into lmp-dev
|
| 9ed66da8dfd15001cebe8f7ef453718f41f9904d |
|
26-Aug-2014 |
Julia Reynolds <juliacr@google.com> |
Limit the settings profile/device owners can update.
Bug: 16351901
Change-Id: Id33a57ad651b5b7b58de0549eb90d5a1fe5c19c5
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 0ced6272911f440843e9ff8e89b9fafdb49b243b |
|
26-Aug-2014 |
Sander Alewijnse <salewijnse@google.com> |
Provide lockdown of date/time device owners.
Fixed two minor issues with the screencapture as well.
Updated documentation and added enforceCrossUserPermission.
Bug:16948504
Change-Id: I9a645dcf480a4a044879ba481bce964d06fe5153
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d5c5c13c8505a27290a2540ff1f64c8753431cb1 |
|
20-Aug-2014 |
Esteban Talavera <etalavera@google.com> |
Rename get/setBlockUninstall() to get/setUninstallBlocked()
As requested in the API review
Bug: 17005622
Change-Id: I1332ad11e588ab3fa409f2a28222608936cb383e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 8c5c37364776266d9d91bb35094a9755707833f7 |
|
21-Aug-2014 |
Esteban Talavera <etalavera@google.com> |
Merge "Remove setApplicationsHidden" into lmp-dev
|
| b9e468cb9d77abf57473436e29042e1b27d9f70b |
|
21-Aug-2014 |
Kenny Guy <kennyguy@google.com> |
Merge "Add apis for whitelisting IMEs and accessibility services." into lmp-dev
|
| 115cd65d2a3417b506563e6b2d60c269d69efaef |
|
21-Aug-2014 |
Esteban Talavera <etalavera@google.com> |
Remove setApplicationsHidden
As requested in the API review. This version (the one that takes an Intent) was used only in the DeviceAdminSample and some CTS tests.
Bug: 17005622
Change-Id: I9984b22836417ad4d025302f61bd91704e9345a4
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| fa80a4faa3ab32f61742b684e832126dae8468e7 |
|
20-Aug-2014 |
Kenny Guy <kennyguy@google.com> |
Add apis for whitelisting IMEs and accessibility services.
Adds apis for device / profile owners to white list
the accessibility and input methods a user can enable.
Bug: 14469005
Change-Id: I921888660d29a5370395db87adf75d4d106660c9
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 6bd702538d90005add1cfc33746da19404090dc1 |
|
20-Aug-2014 |
Svet Ganov <svetoslavganov@google.com> |
Notify app widget hosts when cross-profile providers change.
1. Notify the hosts in the group if a package gets white-listed or
un-white-listed for providing widgets across profiles.
2. Notify hosts in the group for provider changes when a profile
is deleted.
bug:17126070
Change-Id: Ic719c1c68e45842d50decc95603f1d61583b8f02
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| afe7a2c9c30393c83304ad0d30a6a32072ba1845 |
|
20-Aug-2014 |
Julia Reynolds <juliacr@google.com> |
Merge "Prevent profile owners from setting certain user restrictions." into lmp-dev
|
| 2cb384f42569f36e19ecee60da259d69048fdd85 |
|
13-Aug-2014 |
Julia Reynolds <juliacr@google.com> |
Prevent profile owners from setting certain user restrictions.
Bug: 16351901
Bug: 16701492
Change-Id: Ie866bc24d2d7cc15f86c5b50062a730e099612a1
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 255dd04271088590fedc46c8e22b2fd4ab142d39 |
|
19-Aug-2014 |
Selim Cinek <cinek@google.com> |
Added notification color to all system notifications
Bug: 17128331
Change-Id: I81a94510ef51b99916f314c0dd65852426a1fbeb
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 95d9ad0f79c900db9bca1745100f14d0ec9cc133 |
|
18-Aug-2014 |
Jason Monk <jmonk@google.com> |
Merge "Fixes to lock task API from API review" into lmp-dev
|
| 3d9eb78fe91ab2479eb38443aed588e10421e31b |
|
11-Aug-2014 |
Julia Reynolds <juliacr@google.com> |
Apply lockdowns when user restrictions are set.
Previously DMAgent would apply these lockdowns before/
after setting the matching user restrictions.
Bug: 16701642
Bug: 16945830
Bug: 16944983
Change-Id: Ib4f7145055687f12408d6ccacd8e6380406a32b2
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 48aacba761527a529c2b668c8151c7f98ff70524 |
|
13-Aug-2014 |
Jason Monk <jmonk@google.com> |
Fixes to lock task API from API review
Adding ComponentNames and some splitting/renaming of broadcasts.
Bug: 17005622
Change-Id: I9ece3553310fb20b0c3c3e4032b408e86384363a
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| b8b4774e6185058b179a31f8c1a2dd806413e31b |
|
07-Aug-2014 |
Adrian Roos <roosa@google.com> |
Fix NPE in DevicePolicyManagerService that crashed SystemUI
Bug: 16857795
Change-Id: I6234f03c4ee31311af9f9c556b790594ee1a8b2f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 00f201e41b5b496327b9578e6fb00fad8b4d9da9 |
|
07-Aug-2014 |
Esteban Talavera <etalavera@google.com> |
Merge "Wipe only managed profile when max number of incorrect passwords exceeded" into lmp-dev
|
| fe0f24cc92b04e03cac3f807859721f1ce7ef54a |
|
06-Aug-2014 |
Esteban Talavera <etalavera@google.com> |
Wipe only managed profile when max number of incorrect passwords exceeded
When the maximum number of retries that has been exceeded is not for the primary profile of the user, wipe only the profile that set that policy (e.g. the managed profile) rather than the entire user. At the moment the whole device is wiped if the max number of incorrect passwords for a managed profile is reached, as the password is shared with the USER_OWNER.
Bug: 14453697
Change-Id: I5746de104133c0ea0a51d75b9c92e1516d365d8c
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 318f91b784e8f71b25e6de2f22d8e24412477ae2 |
|
07-Aug-2014 |
Svetoslav <svetoslavganov@google.com> |
Fix NPE in device policy manager service.
Change-Id: I796359f903077eb0ef825ed926557f1a13b2e4c4
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 976e8bd2017d0263216c62111454438cc0f130e3 |
|
17-Jul-2014 |
Svetoslav <svetoslavganov@google.com> |
Allow adding widgets from user profiles.
The goal of this change is to enable support for appwidget from
user profiles to the user main profile. A user profile is a user
which is associated as a child of the main user profile. For example,
a user may have a personal (parent) and corporate (child) profile.
The device policy should be able to control whether adding a widget
from a child profile and given packages is allowed. This change
assumes that all packages from managed profiles are white listed.
Another change will add the device policy changes.
Change-Id: I267260b55d74c48b112a29979a9f59eef7a8194e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a87863a8bddb033ca9ace11e7d78932d70d08ce3 |
|
29-Jul-2014 |
Sander Alewijnse <salewijnse@google.com> |
Fix deadlock window manager and device policy manager.
Removed all communication from wm to device policy manager.
Added initialization of cache in wm by dpms.
Change-Id: Ifa0b8bfcd625464b156d5cc0fb66d342deda1c27
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 50c360790ca4c061aa6a1d94e06bd7e25b0f0436 |
|
30-Jul-2014 |
Robin Lee <rgl@google.com> |
Don't turn off screen after wiping user profiles
The activity manager should know when to lock the screen. If an admin
does want this to happen then they should be able to run both commands
in succession.
Also rectifies some creative code styling in the same DPM method.
@bug 15558805
Change-Id: I8918184a4585aa8b061eb4a68edc2ec6805d8127
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| bf3a9465483976dcd5692b619b47132c2b95f73e |
|
28-Jul-2014 |
Amith Yamasani <yamasani@google.com> |
Set profile owner via an intent
priv apps can request to become a profile owner after setup has
completed. This will pop up a consent dialog (in Settings).
Also, clean up profile owner concept to be a component name.
Change-Id: I5e8532866e8018f61836c4e84fbbadb6150218ae
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 604e7558ef32098644b2f9456d7743a07ae789dc |
|
19-Jul-2014 |
Jim Miller <jaggies@google.com> |
Add new DevicePolicyManager API to allow fine-grained TrustAgent management
This adds a new feature that allows a device admin to specify a
whitelist of features that are allowed for the given admin.
Change-Id: I83f853318efbcf72308532d0a997374f73fa9c10
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| ea4f01070a9c8f5147eb228c413a84de78d98973 |
|
28-Jul-2014 |
Julia Reynolds <juliacr@google.com> |
Merge "Remove the profile/device owner user restriction bypass." into lmp-dev
|
| 401de1785eccc946ed6c35e9b7fccab92b2022af |
|
25-Jul-2014 |
Julia Reynolds <juliacr@google.com> |
Remove the profile/device owner user restriction bypass.
Bug: 16566096
Change-Id: I4a56046df44d36d82edc64fc727e8cad5dc75382
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 0da218be00d37a20866059c54a3dd5e8bf17e20b |
|
25-Jul-2014 |
Amith Yamasani <yamasani@google.com> |
Don't update user's setup state unless it changed
Eliminates an extra write on every boot.
Bug: 16416936
Change-Id: I9ca16676c1b39dafeed3fc744a69c5bde819990c
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 3f7777fa4f1d392e18bad39edcd4539880c52ff9 |
|
24-Jul-2014 |
Nicolas Prevot <nprevot@google.com> |
Storing the app who sets a CrossProfileIntentFilter.
When we add a CrossProfileIntentFilter, we store the package and userId of the calling app
inside the CrossProfileIntentFilter.
When an app calls clearCrossProfileIntentFilters, we only remove the filters that the calling app
has set itself.
BUG: 16537557
Change-Id: I6e7bc859383ea66553d9f4230365df8ba27525f3
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d2a1eec400128f39e1b223a720a88dbd395f3e6e |
|
09-Jul-2014 |
Sander Alewijnse <salewijnse@google.com> |
Add Device Policy API to disable screen capture.
WindowManager will set secure flag on SurfaceControl for
all windows of a flagged user to prevent screen capture.
API is consistent with the camera disable API.
Change-Id: Ib180f67f1ad827b6f4aca2af615274256cce58f4
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 8ddeee98b8b3d8b7379d9044b1ad0ad12ead004b |
|
23-Jul-2014 |
Dianne Hackborn <hackbod@google.com> |
Use foreground broadcast to get device admin msg.
Using a background broadcast is bad, it can take a long
time to get the message back, either accidentally (backed up
behind other broadcasts) or from a deliberately malicious
admin.
Change-Id: Ib7491f8e27dacdc002562aef027ee4664e78e97b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 9c2be6c7ba3d7dce58e8f4ec1617698c54ae808e |
|
22-Jul-2014 |
Robin Lee <rgl@google.com> |
Stop double-loading device admins
loadSettingsLocked() was being called twice for USER_OWNER at
systemReady(), doubling the number of admin entries at every boot.
Also guards against double-adding admins which appear twice in the
same XML file, favouring more recently-refreshed entries for
backward compatibility.
Previously an application calling in with 'refreshing = true' would
double-insert whatever admin was being refreshed into its user's list
of device admins. This is fixed too.
@bug 16416936
Change-Id: Idd147aa130e6bce7bcc40532f0a7fb07117b3151
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| eee5094f96c630661ca563d70de244ccbbd53579 |
|
22-Jul-2014 |
Amith Yamasani <yamasani@google.com> |
Fix a security exception when checking cross-profile caller-id cap.
No need to enforce that the caller is in the system process.
We're only checking if the device policy is allowing access.
Bug: 16301261
Change-Id: I87a7c808d116c86aa68cebb36631c46d0a54be96
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| e5bcff624fb58b6f95be8ddff7f5b6b3bf5d19c7 |
|
20-Jul-2014 |
Amith Yamasani <yamasani@google.com> |
Rename setApplicationBlocked to setApplicationHidden
This corrects the expected behavior of the app state. Hidden apps
can be installed by the store to be brought out of hidden state.
Bug: 16191518
Change-Id: Id128ce971ceee99ba1dea14ba07ce03bd8d77335
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| c8fa3ae2ce238843496d7aa3f1c4042bb9bb98b4 |
|
17-Jul-2014 |
Adam Connors <adamconnors@google.com> |
Merge "Create DPM APIs for cross profile callerId" into lmp-dev
|
| 210fe21e95cfff98734f5b849b205cdcb0706948 |
|
17-Jul-2014 |
Adam Connors <adamconnors@google.com> |
Create DPM APIs for cross profile callerId
Contact information in the managed profile is shown
in the incoming call UI unless blocked using this API.
TODO: Actually plumb this into the caller-id logic.
Bug: 16301261
Change-Id: If03adc907d9558baa0a45a1833b857206b7bf96a
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 999d394adee533c55fce38bd632ffd4f1af91362 |
|
03-Jul-2014 |
Alexandra Gherghina <alexgherghina@google.com> |
Ads per-user APIs to manage accounts through the AccountManager
Bug: 16056552
Bug: 14642886
Change-Id: I17ff6c2515285e63c84cecf2f861d10666c393c5
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 3f4f2fbcd0557e32464e393cb9acc28c2328614e |
|
17-Jul-2014 |
Amith Yamasani <yamasani@google.com> |
Merge "Keep track of user_setup_complete in DPMS" into lmp-dev
|
| ed239cb950d05ae794999ca75cef0c5371016800 |
|
17-Jul-2014 |
Amith Yamasani <yamasani@google.com> |
Keep track of user_setup_complete in DPMS
This is to ensure that some system app can't modify that
state for purposes of changing the profile owner without
user consent.
Bug: 16207721
Change-Id: Ic5f454d7568cd824b83456eed0e2611779a9adf8
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 655be2a98ea6285fc33aec4b223e90c2620927f1 |
|
14-Jul-2014 |
Adam Connors <adamconnors@google.com> |
Revert "Remove enableSystemApp methods."
We need to go back to uninstalling system apps so we can
re-install non-default system applications through Play.
This reverts commit e3dbcd138c07f2d32ac84229d0a49052cc18d424.
Change-Id: I0a7af094614c4a10800971c82e10571f7312e079
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 582d9111d76632027fed7af10d05d4b44df16c0c |
|
10-Jul-2014 |
Jason Monk <jmonk@google.com> |
Add API for device owner to switch users
Once verified that caller is device owner just calls through to
the activity manager and acts like that call.
Change-Id: I34023313cd6742b73d2105655ec6b631879aa37a
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 85516d028b2dcc7ebc09f4a68085836aa26191d5 |
|
01-Feb-2014 |
Jim Miller <jaggies@google.com> |
Add new "pin complex" type to supported keyguard PINs
This adds a feature to allow DevicePolicyAdmins to prevent using
simple PINs, which are defined as those containing more than 3
repeated values. Examples include '1234', '2468', '1111', '9876', etc.
Bug 12081139
Change-Id: I4ebe1c76a48087dcd7c878e9bd79a4e3ee2a27fe
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| fe0538098403b49ebd9219bf77236471bb5ca63b |
|
30-Jun-2014 |
Julia Reynolds <juliacr@google.com> |
Restrict factory reset with user restrictions.
Bug: 15985879
Change-Id: I524bd8a790798a85a679aa195e634f6e0227d09f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| c13053bf1c05b980421611487ce67677c08db299 |
|
29-May-2014 |
Kenny Guy <kennyguy@google.com> |
Add package state to block uninstall.
Add package state to allow profile or device
owners to block uninstall of packages.
Add API to DevicePolicyManager to set/get the
state.
Bug: 14127299
Change-Id: I03528819850b42df7bafa7747bb9e4558d20c4e6
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 1333ea1ed7a95eb9e1be43c20a0c48e901654cac |
|
23-Jun-2014 |
Jessica Hummel <jhummel@google.com> |
Provide api to set the managed profile name.
Instead of sending the profile name in the provisioning intent
the mdm should set the profile name after provisioning has completed.
This allows us to simplify the provisioning flow and the mdm can
change the name of the profile later on if required.
Change-Id: I821ef2300eae74e89872152ae1c89ac3ecbb82e7
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| ef1de65117e8361cbeb188309dbb1a7953350c2a |
|
25-Jun-2014 |
Adrian Roos <roosa@google.com> |
Trust Agents: Disable until next unlock if device is locked by DPM
Bug: 15871777
Change-Id: I1a6e43848e600ffa2092282081b18ddf92419d4a
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| c5185f2bf1bf15ea0cfd72d30167fcbb1d61d437 |
|
24-Jun-2014 |
Jason Monk <jmonk@google.com> |
The profile owner shouldn't control lock task
Since managed profiles are started on bootup, the managed profile
would be allowed to set an app (possibly itself) as a lock task
app and then run itself on bootup and constantly control the
device. This privelege should be restricted to device owners.
Change-Id: I4a93aabd6054cbe75076ef0517fce03ffa74dc93
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| aab72f3b0ab740e12b4a2576a99852081529feb5 |
|
19-Jun-2014 |
Robin Lee <rgl@google.com> |
Merge "Revert "Revert "Publish DevicePolicyManager CA certificate APIs"""
|
| 306fe08ce2b06671336e67a87afaa0851f0105eb |
|
19-Jun-2014 |
Robin Lee <rgl@google.com> |
Revert "Revert "Publish DevicePolicyManager CA certificate APIs""
This reverts commit 792b270dbdc980cfe04e8d461bf00a1f45b5e936.
Change-Id: I18c7e0eca39868230cd8e4f4bbeb3c44ff9e8b78
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 2b5e917026fe4e6dec8712ee24bdffee8d62ab33 |
|
18-Jun-2014 |
Robin Lee <rgl@google.com> |
Revert "Publish DevicePolicyManager CA certificate APIs"
This reverts commit 5260bf69946563dc47c17e7441b352adfce384c5.
Change-Id: I5e44fdac8a7375576b25171f58e31a1fa0e3c569
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| e7cd37e6138c5e769cc6cb398e632bca24d2d1ab |
|
19-Jun-2014 |
Nicolas Prevot <nprevot@google.com> |
Merge "Introducing crossProfileIntentFilters that skip the current profile."
|
| 63798c596dc757135950313eb4bb44ca58696c68 |
|
27-May-2014 |
Nicolas Prevot <nprevot@google.com> |
Introducing crossProfileIntentFilters that skip the current profile.
For these crossProfileIntentFilters, the activities in the current profile cannot
respond to the intent.
Only activities in the target profile can respond to the intent.
BUG: 14936725
Change-Id: I5e2704c2b56ff50a8339dd49284956391d7fad7e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| fbe6be4f653d73d5c51ee0a2fb40d2a34c2366fd |
|
18-Jun-2014 |
Jason Monk <jmonk@google.com> |
Merge "Notify any profile/device owners of lock task"
|
| 35c62a4668a85aa4318c9ec564f2e06e8a2d2a30 |
|
17-Jun-2014 |
Jason Monk <jmonk@google.com> |
Notify any profile/device owners of lock task
Add a method for DeviceAdminReceivers of profile/device owners to
be notified that lock task mode has entered or exited for an app
they have whitelisted.
Change-Id: Id124287d41564bbfccdacccf1977b7acb3ddec3f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 6d3912e2ef75a7794ac44839eef2569086cae104 |
|
18-Jun-2014 |
Robin Lee <rgl@google.com> |
Merge "Revert "Publish DevicePolicyManager CA certificate APIs""
|
| d7b8621bde44857ebb07130693a00f5f777887d4 |
|
16-Jun-2014 |
Jason Monk <jmonk@google.com> |
Change lock-task DPM authorization to packages
Switch the DPM lock-task authorization to be controlled by a package
rather than a component.
Change-Id: Ife9bed068f31ff2449b4451ab69d3586a3f09d89
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| b12f1778d612a53e6b40e6d5873be1ccff2e52a5 |
|
17-Jun-2014 |
Robin Lee <rgl@google.com> |
Merge "Publish DevicePolicyManager CA certificate APIs"
|
| 837304f6f6ae37dc475fa6e0e620f1c2321f2e11 |
|
11-Jun-2014 |
Robin Lee <rgl@google.com> |
Publish DevicePolicyManager CA certificate APIs
Exposes these methods:
- hasCaCertInstalled
- hasAnyCaCertsInstalled
- installCaCert
- uninstallCaCert
Allows device and profile owners to perform some certificate management
including querying for and enabling/disabling specific CA certificates.
Change-Id: I4aa8a1a8601b234e30acde99dfa382e04cb62495
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 4e81913a66c98bfd9939376640b89015a23580a1 |
|
12-Jun-2014 |
Jason Monk <jmonk@google.com> |
Merge "Allow device owner to configure secondary users"
|
| 03978a40b3a4c268329ae733eff8dfffd92f6e09 |
|
10-Jun-2014 |
Jason Monk <jmonk@google.com> |
Allow device owner to configure secondary users
Currently the device owner can create secondary users, but unless
it is a system app it will not be installed and will not be able
to pass data easily from the code that creates the user and any
code running on that user.
This allows the device owner to install itself while creating a
user and start up a service to configure that user. createUser
takes an bundle so that the device owner can pass across any
initial setup data it needs to, this bundle will be sent to
the admin receiver in onEnable.
Change-Id: Ic1f8565dd2a7bd85363527cf68b0ecd4dc9c3636
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 122c595cd9ca00435b7265444e181f8cc78335e5 |
|
11-Jun-2014 |
Robin Lee <rgl@google.com> |
More meaningful errors for DPM calls by non-owners
Now throws an exception titled something like "Admin X does not own the
profile" instead of the rather unhelpful NullPointerException that was
thrown previously.
Change-Id: I33f6da5ea5eb70d8ea3939cfa280c794b01c3382
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 4a21b25fad62e4f19d13ba814263841c931f56ef |
|
04-Jun-2014 |
Julia Reynolds <juliacr@google.com> |
Allow profile and device owners to change and get the master volume mute state.
Also protect muting master volume with op code OP_AUDIO_MASTER_VOLUME.
Bug: 13585918
Change-Id: I91fe7ee60cd291cca15966b3127c0bb8a4828f6a
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| b0dced8173a9a930bc0ea2a7a669a907aaffd735 |
|
06-Jun-2014 |
Jason Monk <jmonk@google.com> |
Add an API to clear the device owner.
Only the device owner will be able to clear itself.
Change-Id: Ie3231467d92e8c5d22ec51256177793f34110432
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| f10606a9a4193cb5ba56dd26db9983845855e8c3 |
|
06-Jun-2014 |
Jason Monk <jmonk@google.com> |
Merge "Add device-owner based setting of global proxy."
|
| 03bc9918345a977e9c45796bf3bb5bf9a3b87d25 |
|
13-May-2014 |
Jason Monk <jmonk@google.com> |
Add device-owner based setting of global proxy.
Re-hide the setGlobalProxy on the ConnectivityManager as it requires
CONNECTIVITY_INTERNAL. Instead add a function to the DevicePolicyManager
to set the global proxy, that can only be called by the device owner.
Change-Id: I9ffb2cc4f30a6dc9b868d86f056e1fbd512d8dfc
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 56e0d8003bdeeddb8b5d355cea219d3d54e87bff |
|
06-Jun-2014 |
Alexandra Gherghina <alexgherghina@google.com> |
Merge "Clean up deleted users in DevicePolicyManagerService"
|
| 73a41d2c4e4184504959628ae5536a7e862e0f67 |
|
05-Jun-2014 |
Kenny Guy <kennyguy@google.com> |
Fix bug with sending intents to correct user for device admin.
Password change intents etc. were always being sent to
owner rather than user the device admin was installed for.
Also add TODO to not assume profile parent is OWNER.
Bug: 15442331
Change-Id: I7e58069bc4a6ab94f038ae1b80c044d666986318
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 22745f4c9ad0e5abc58fe9ff93e9952a601cc6c9 |
|
04-Jun-2014 |
Alexandra Gherghina <alexgherghina@google.com> |
Clean up deleted users in DevicePolicyManagerService
Bug: 15405715
Change-Id: Icd958fe9378deb92f25622b341e0502d865b742f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 1b8737ee18f5d80adda41eafca6143a046a47a13 |
|
04-Jun-2014 |
Sander Alewijnse <salewijnse@google.com> |
Merge "Remove enableSystemApp() and enableSystemAppWithInten()."
|
| f20d640fa2b155a971ddfe0965fc803a73b5e53c |
|
25-May-2014 |
Amith Yamasani <yamasani@google.com> |
Restrictions Manager
Mechanism to register a provider for requesting an
administrator to respond to permission requests.
Request format and response format constants.
Description of manifest template for static restrictions.
Int type introduced in RestrictionEntry.
Needs more javadoc and better description of manifest templates,
including specifying the XML attributes.
Change-Id: I5a654d364e98379fc60f73db2e06bf9a8310263d
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 866896df168d1382732c97e49617ab2f2995d376 |
|
27-May-2014 |
Sander Alewijnse <salewijnse@google.com> |
Remove enableSystemApp() and enableSystemAppWithInten().
Use setApplicationBlocked() and setApplicationsBlocked() instead.
Change-Id: I3d323d704db0a45e936f63675821707b4fddc48b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 8194899071e0a84c95ef10614bd1b9485b48f589 |
|
16-May-2014 |
Nicolas Prevot <nprevot@google.com> |
Rename code related to cross-profile intents.
For example, replace ForwardingIntentFilter by CrossProfileIntentFilter
Bug: 15023443
Change-Id: Iee8cdf578817ef9956bcdece803a49b0d07b67f7
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 1e958398232cb11935f5341d71df52c5455c620f |
|
16-May-2014 |
Julia Reynolds <juliacr@google.com> |
Create deviceowner gated APIs for creating and removing users in devicepolicymanager.
This will allow DMAgent to manage users for EDU's cart model user case.
Bug: 15015887
Change-Id: I1eadf1701cb75fc4b50eb1a0df1525eff818286e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a9e460aefcf3891af5acc7d8ae74da9eed49bfbd |
|
21-May-2014 |
Robin Lee <rgl@google.com> |
Remove enforceManagedProfile for listing keyguard features
Change-Id: Ic89f09ada046f64b089b977868b6f37bc0a6de91
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d862ebb6036a769cb3be371b396e9e33f89ee365 |
|
21-May-2014 |
Narayan Kamath <narayan@google.com> |
resolved conflicts for merge of fcc4fed3 to master
Change-Id: Icebca982b01debd67a1470c02651ef8936f6e5b0
|
| c8e4b8107a21c5a782f959aa77fbf066d6e131be |
|
21-May-2014 |
Robin Lee <rgl@google.com> |
Merge "DPM: Disallow some DeviceAdmin policies for ProfileOwners"
|
| a9ee6729538941a2b866d83ecbd891645f0ccc16 |
|
20-May-2014 |
Robin Lee <rgl@google.com> |
DPM: Disallow some DeviceAdmin policies for ProfileOwners
A profile owner should only have control over the profile. All of the
following device admin APIs that affect the device beyond the profile
that they are called from are now disallowed:
- Camera enable/disable
- Keyguard
- Wipe external storage
@bug 14434826
Change-Id: I69acfdf6f654f48b5db91aeb3ea86662d7857075
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 6d8fd27e51d799cf7418b14092b5e806d9792812 |
|
21-May-2014 |
Jeff Brown <jeffbrown@google.com> |
Make power button behavior configurable.
Allow power button to be used to either go to sleep as usual,
which may doze, or skip that completely and really go to sleep.
May also really go to sleep and go home all at once.
Bug: 14406056
Change-Id: Ia19e2551b9c2a72271bb2eddd5c0d1749761e019
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 37f4e44ae614987c5ed953a1829c7181bb775e1f |
|
21-May-2014 |
Julia Reynolds <juliacr@google.com> |
Merge "Add Device/Profile Owner gated apis for setting/getting blocked packages."
|
| 966881e8951f9bb297689745dcaecfdc13432656 |
|
14-May-2014 |
Julia Reynolds <juliacr@google.com> |
Add Device/Profile Owner gated apis for setting/getting blocked packages.
DMAgent currently needs to live in /system/priv-app in order to
(among other things) set and get blocked packages. These APIs will
get us closer to being able to move DMAgent out of priv-app.
Bug: 14945334
Change-Id: I108e2013c67409dca554acf78e3a710745900706
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| da551653219092306fc7e1ce5743ab40683cee6f |
|
14-May-2014 |
Julia Reynolds <juliacr@google.com> |
Allow device/profile owners to update settings.
Device owners can update Settings.Secure and Settings.Global settings.
Profile owners can update Settings.Secure settings.
DMAgent currently needs to live in /system/priv-app in order to
(among other things) update global and secure settings. This change will
get us closer to being able to move DMAgent out of priv-app.
Bug: 14965414
Change-Id: If2cc3a56de91bffde33b838ab8ecea2c32412803
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 3a483594436cc477529b3f7c31b3242ee4707705 |
|
17-May-2014 |
Amith Yamasani <yamasani@google.com> |
Use correct package name for profile owner
Fixes reboot loop when you have a managed profile on your device.
Change-Id: I935ded447f226ee0507d3dcf22a730a7fb61a0c0
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 9fcff5aadd48206235d205c30cbdae47fc586e3b |
|
16-May-2014 |
Jason Monk <jmonk@google.com> |
Fix NPE in DevicePolicyManagerService
Bug: 15015897
Change-Id: Id9f6ae8b5abf96d35f799b150210813fb52da54c
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 62062996dd256df8b575b2ba1f0bf97109c4e0ba |
|
06-May-2014 |
Jason Monk <jmonk@google.com> |
Notify AppOpsService of UserRestrictions and Owners
This makes the DevicePolicyManagerService and UserManagerService
push the DeviceOwner/ProfileOwners and user restrictions on boot
as well as on any change.
This also adds a list of restrictions that allow any op to connected with
a user restriction such that it will return MODE_IGNORED when the user
restriction is present (except for the device/profile owner).
Change-Id: Id8a9591d8f04fe5ecebd95750d9010afc0cd786c
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 91da58ded2e7c0dd3d045244cc78eb0d788736a7 |
|
10-Apr-2014 |
Jessica Hummel <jhummel@google.com> |
Allow setting password restrictions from a managed profile.
A managed profile will now share password settings with its parent.
- the current password is always stored in the parent
- admins of profiles are notified if that password changes
- checks for password quality now take the requirements of admins on
the parent and its profiles into account
Todo:
- Currently KeyguardSecurityContainer wipes the whole device when
the maximum fails has been reached on any profile.
We need to limit the wipe to the profile for which the fails exceeded
the maximum number.
- Intents with ACTION_SET_NEW_PASSWORD need to be forwarded to the parent
of the profile when sent from a managed profile
Change-Id: I8532c59f753f8d9c61200f553f275214ad90276e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 511e0d8323d2d2ed341ba40b15bc646e134ac03b |
|
24-Mar-2014 |
justinzhang <justinzhang@google.com> |
DevicePolicyManager Authentication for Lock Task
Here we let DevicePolicyManager keep a list of tasks that are
allowed to start the lock task mode. This list can only be set by
a device owner app. The ActivityManager will call
DevicePolicyManager to check whether a given task can start the
lock task mode or not.
Change-Id: I650fdae43fc35bf9fd63452283f4e2bbadd11551
Bug: 14611303
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 5c02db60be02cc0c4798ea6d9c2b0e6cf972c158 |
|
07-May-2014 |
Sander Alewijnse <salewijnse@google.com> |
Add API to disable account management for certain types
of accounts.
The account types with disabled account management are stored in a
blacklist in the active admin object, editable by profile owners.
Change-Id: I57dc5f709ad79674fa28dd006969283585daea24
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 54a9ebb50946cd647843dbcc3d9714644926f0fc |
|
07-May-2014 |
Jason Monk <jmonk@google.com> |
Fix build
Change-Id: I87c037faee19b434be741104cdddb9c467f20606
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 010cfd458121034075c7439020ffef4eedbcc0fc |
|
16-Apr-2014 |
Adam Connors <adamconnors@google.com> |
Add enableSystemApp methods to DevicePolicyManager
These methods allow profile or device owners to enable
systems apps pre-installed in the primary user in the
managed profile. Apps can be specified by either package
name or intent.
Bug: 13587051
Change-Id: Ifcbc68c139308506b6c18cf3c0ea62b8026ff75f
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| c79586ede6dcd6a167bc8360f058cb5cc655b33d |
|
06-May-2014 |
Nicolas Prevot <nprevot@google.com> |
Cleaning code related to the forwarding intent filters.
Checking for INTERACT_ACROSS_USERS_FULL
Adding equivalent methods in the PackageManager
Change-Id: Iaa1328fa666613a78e67ca669ea045144275e895
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 6fee7d4cf991a8d39bdefb782937250c87f60f25 |
|
01-May-2014 |
Nicolas Prevot <nprevot@google.com> |
Introducing removable and non-removable ForwardingIntentFilters.
clearForwardingIntentFilters removes only non-removable IntentFilters.
The ForwardingIntentFilters set by the profile owner are always removable.
Change-Id: If950ccd7e69261b86360ea647fdb501c92f5440b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| d83a096f299abd9c7fe5e441ef1bb169c314b575 |
|
03-May-2014 |
Dianne Hackborn <hackbod@google.com> |
Bump up priority of system receiving BOOT_COMPLETED.
Change-Id: I5166f88f11f781914312e867cb653c8ecbefa705
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 3c4d9c56db5b24699956de0a5a841196185363cc |
|
01-May-2014 |
Alexandra Gherghina <alexgherghina@google.com> |
Merge "Adds an enabled state in UserInfo instead of DevicePolicyManager"
|
| df35d570ed25257c6782e632ab1bae5e1603855a |
|
09-Apr-2014 |
Alexandra Gherghina <alexgherghina@google.com> |
Adds an enabled state in UserInfo instead of DevicePolicyManager
Bug: 14377459
Change-Id: Ib4ec43d87da96c3dddaf9b7ae1796f261863a182
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 10fa67c77e11699391e27975fc2d276a0b8c7cbb |
|
24-Mar-2014 |
Nicolas Prevot <nprevot@google.com> |
Introduce forwarding intents across profiles.
The package manager service maintains, for some user ids, a list of forwarding intent filters.
A forwarding intent filter is an intent filter with a destination (a user id).
If an intent matches the forwarding intent filter, then activities in the destination can also respond to the intent.
When the package manager service is asked for components that resolve an intent:
If the intent matches the forwarding intent filter, and at least one activity in the destination user can respond to the intent:
The package manager service also returns the IntentForwarderActivity.
This activity will forward the intent to the destination.
Change-Id: Id8957de3e4a4fdbc1e0dea073eadb45e04ef985a
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| be46532c9fbebf3ab6498c1b78013a33f620cd31 |
|
24-Apr-2014 |
Amith Yamasani <yamasani@google.com> |
Allow profile owners to set user restrictions
Pass the setting along to UserManager.
Fixes a security exception when fetching the profile's enabled state.
Change-Id: If71698cf32c52cce1158cf2027443a339bc58488
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| a4fcb4403304192e2a4889c43c4d089d76cd1252 |
|
24-Apr-2014 |
Alexandra Gherghina <alexgherghina@google.com> |
Fix two potential NPEs in DeviceInfo
Change-Id: Ic4b5b203af25cda9ae65b477c92c1fb5f31ab093
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 385124d8cee38dee00d4fac31e8fbe46fb30565b |
|
03-Apr-2014 |
Alexandra Gherghina <alexgherghina@google.com> |
Modify getUserProfiles to return only enabled profiles:
Add a new enabled state for a managed profile.
Expose that as a new API on DevicePolicyManager.
Set the new state when enabling the profile.
Return only enabled profiles from the user manager.
Bug: 13755441
Bug: 13755091
Change-Id: I2907b182e19b3562592da688b3f68ef5f4088557
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 66e5d96cf9e689148b202787bdc269519c4b6f8f |
|
09-Apr-2014 |
Robin Lee <rgl@google.com> |
Allow ProfileOwner apps to manage app restrictions
Simple wrapper around the UserManager.{get|set}ApplicationRestrictions
APIs. Also added a new Intent to signal to running apps that the set
of restrictions has changed since startup.
Change-Id: Ifd108108a73f87325b499d9de2e1b2aacc59b264
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 9944c2f85c9ec3fd634d8337afa54a065df51825 |
|
15-Apr-2014 |
Alexandra Gherghina <alexgherghina@google.com> |
Sends ACTION_MANAGED_PROFILE_ADDED intent at foreground priority to speedup the new profile ui.
Bug: 14073989
Change-Id: I06b57a4cb1b9975f28a5e1e676c76c9e6c5befe7
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 512675b07d1643f018e84d66e4ee8b641d3e191c |
|
02-Apr-2014 |
Alexandra Gherghina <alexgherghina@google.com> |
Add new call to DevicePolicyManager to enable a profile.
Bug: 13755091
Change-Id: Idb6975431f842ededf78966c578b0533e6f186af
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 5c921daa72c6915d036a03b3bda91725a3e30539 |
|
24-Mar-2014 |
Robin Lee <rgl@google.com> |
Fix privilege escalation for preferred activities
Passing in the name of an actual admin should be enough to pass the
security check as it was. This is now fixed as the caller is not
given the opportunity to spoof its own name any more.
Change-Id: Id8be4ca4c8bf3751a1ee8125cf119fa100c81d22
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 627de95925b58e7602374a66ceba76200592ec11 |
|
24-Feb-2014 |
Sander Alewijnse <salewijnse@google.com> |
Merge "Enables a profile owner or device owner to set and clear default intent handler activities."
|
| f475ca33d9232785710aaa438f17915029dfa83b |
|
17-Feb-2014 |
Sander Alewijnse <salewijnse@google.com> |
Enables a profile owner or device owner to set and clear default intent handler activities.
Those intent handlers are persistent preferences. They will remain the default intent
handler even if the set of potential event handlers for the intent filter changes
and if the intent preferences are reset.
Change-Id: Id0cfae46f93c10d89e441f272096a205ec518dd0
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 08fc72d0317fd39a6fa0b2d47c6a5b1529309629 |
|
20-Feb-2014 |
Robin Lee <rgl@google.com> |
Check DeviceOwner exists before using packageName
Creating a profile owner when there is no device owner present also
creates a new DeviceOwner object without packageName set -- this
situation can lead to a null pointer access when calling isDeviceOwner.
Change-Id: I31eab498d78cadc67a1aedd205b458dee2d27705
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 661ec4710b30516a2c7a1101ba65ecac109af619 |
|
11-Feb-2014 |
Adam Connors <adamconnors@google.com> |
Change API for setProfileOwner to require userId
Previously the userId of the current process used but it
makes the provisioning process cleaner to be able to pass
it in explicitly.
Change-Id: I670c4cf3638f1340f6d0bf856c3e01045df8c29e
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| cab8617b8ccea3a99b1ee15e15915c512a10c738 |
|
11-Feb-2014 |
Jeff Brown <jeffbrown@google.com> |
am 25df673b: am 1b51c9cb: Merge "Make SystemService constructor take a Context." into klp-modular-dev
* commit '25df673b849de374cf1de40250dfd8a48b7ac28b':
Make SystemService constructor take a Context.
|
| b880d880c6cd989eacc28c365fc9a41d31900da1 |
|
11-Feb-2014 |
Jeff Brown <jeffbrown@google.com> |
Make SystemService constructor take a Context.
This change simplifies the process of initializing a SystemService
by folding the onCreate() step back into the constructor. It removes
some ambuiguity about what work should happen in the constructor and
should make it possible for services to retain most of their final
fields after refactoring into the new pattern.
Change-Id: I25f41af0321bc01898658ab44b369f9c5d16800b
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 9348ac8249d2ef8d935e98053e5d135a2ff1ebcc |
|
10-Feb-2014 |
Amith Yamasani <yamasani@google.com> |
Fix NPE on removing a user
Bug: 12957232
Check for null mDeviceOwner.
Change-Id: I107dc24d1a8de121ebd2c1bb56e1af40bb1c55ac
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 776c555d954d9494069f786785877c08add27327 |
|
09-Jan-2014 |
Adam Connors <adamconnors@google.com> |
Extend DeviceOwner concept to accommodate ProfileOwners
ProfileOwners, like DeviceOwners, are Device Admins that have
additional priviledges. ProfileOwners however are scoped per
user.
Change-Id: I1e22c85878e0672121e6ebbe97fca38591f992b2
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|
| 49782e46c0eb85a25ae2abcf80880c48dbab5aea |
|
20-Dec-2013 |
Amith Yamasani <yamasani@google.com> |
am 9158825f: Move some system services to separate directories
* commit '9158825f9c41869689d6b1786d7c7aa8bdd524ce':
Move some system services to separate directories
|
| 9158825f9c41869689d6b1786d7c7aa8bdd524ce |
|
22-Nov-2013 |
Amith Yamasani <yamasani@google.com> |
Move some system services to separate directories
Refactored the directory structure so that services can be optionally
excluded. This is step 1. Will be followed by another change that makes
it possible to remove services from the build.
Change-Id: Ideacedfd34b5e213217ad3ff4ebb21c4a8e73f85
/frameworks/base/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
|