• Home
  • History
  • Annotate
  • only in /frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/
History log of /frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/
Revision Date Author Comments (<<< Hide modified files) (Show modified files >>>)
09c529a9bc85bfd0d50b65f447472ad064eac16c 01-May-2017 Makoto Onuki <omakoto@google.com> Reconnect to DAService after binding is dead

- When the DO/PO process crashes twice with a short interval, AM gives up
and the binding will be "died". Once binding is in this state it'll never
be re-connected.

(Still, DO/PO can disable and re-enable their DAS to force DPMS to bind again
though.)

- Detect this and re-connect after one hour.

- Back-off time will be exponentially increased and never reset until DPMS
explicitly re-connects, which happens when:
-- the device rebooted,
-- the user stopped and re-started, or
-- the DAS is disabled and re-enabled.

Test: adb shell am instrument -e class com.android.server.am.PersistentConnectionTest -w com.android.frameworks.servicestests
Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyConstantsTest -w com.android.frameworks.servicestests
Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest -w com.android.frameworks.servicestests
Test: cts-tradefed run cts-dev --skip-device-info --skip-preconditions --skip-system-status-check com.android.compatibility.common.tradefed.targetprep.NetworkConnectivityChecker -a armeabi-v7a -l VERBOSE -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceAdminServiceDeviceOwnerTest
Test: cts-tradefed run cts-dev --skip-device-info --skip-preconditions --skip-system-status-check com.android.compatibility.common.tradefed.targetprep.NetworkConnectivityChecker -a armeabi-v7a -l VERBOSE -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceAdminServiceProfileOwnerTest

Bug 37711907

Change-Id: Ie0b227a94e6ce85d72a969a4dea1020baf734e2f
evicePolicyConstantsTest.java
evicePolicyManagerServiceTestable.java
pmMockContext.java
5bb8294f926dcaf4a7288ba4457d84d57bb4ab53 29-Apr-2017 TreeHugger Robot <treehugger-gerrit@google.com> Merge "Add managed profile whitelist to control NotificationListenerServices" into oc-dev
83d139bd1b3e3b93a8c9a1f0572438c024bbe679 29-Apr-2017 TreeHugger Robot <treehugger-gerrit@google.com> Merge "Use List instead of array in network logging API." into oc-dev
f09a16628dd42fb3b45ec41c508543d42c8d98d6 28-Apr-2017 Pavel Grafov <pgrafov@google.com> Use List instead of array in network logging API.

Bug: 37625453
Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/NetworkEventTest.java
Test: ts-tradefed run cts -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testNetworkLoggingWithSingleUser
Change-Id: Icba7e3178202e0e650689d98c4010a9b40c6a53c
etworkEventTest.java
90357d62e9908730bb3c781a402db455bf473596 28-Apr-2017 Pavel Grafov <pgrafov@google.com> Merge "Introduce DISALLOW_BLUETOOTH_SHARING." into oc-dev
a6ea92097cf85b78958f25fb53e312be0399df35 27-Apr-2017 Pavel Grafov <pgrafov@google.com> Use InetAddress instead of String in network events.

This is a conservative change that converts strings to
InetAddress on the fly just before givint it to the client.

Also renamed getIpAddressesCount to getTotalResolvedAddressCount
to make it 1) harder to misuse it as getInetAddresses().length
2) more descriptive.

Bug: 37625453
Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/NetworkEventTest.java
Test: cts-tradefed run cts -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testNetworkLoggingWithSingleUser
Change-Id: I2a31dddd6874f1a629895e4dff105cf41984a775
etworkEventTest.java
4f4f6f83c20162814e95e9ca0654eee89a818bde 28-Mar-2017 Pavel Grafov <pgrafov@google.com> Introduce DISALLOW_BLUETOOTH_SHARING.

When this restriction is enforced Bluetooth sharing option should not be
present when the user tries to share something. Previously this was handled
by explicitly disabling bluetooth sharing activity during managed
provisioning, now this code is to be removed (see topic CLs) and the same
behavior should be achieved by setting this restriction for profile owners
by default.

In Bluetooth:
1) Don't check restrictions on boot, it is invoked anyway through the
listener during boot.
2) Ignore when the restriction is "changed" from true to true - i think
it was the initial intent in that condition.
3) Disable the component for a particular user and not always the
system user. This is something that has to be fixed in O I think since
currently in secondary user the bluetooth itself gets disabled but the
sharing thing still shows up.

In DPMS:
1) Now ActiveAdmin for PO also contains a set of restrictions applied by
default.
2) Now all ActiveAdmins for POs are loaded quite early. That shouldn't
have huge impact though.

Bug: 36249732
Test: run cts -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.ManagedProfileTest#testBluetoothSharingRestriction
Test: run cts -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testBluetoothRestriction
Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceMigrationTest.java
Change-Id: I78c4ffbd503c4a10138e8c0862a9f206f24c5631
Merged-in: I78c4ffbd503c4a10138e8c0862a9f206f24c5631
(cherry picked from commit 7f4ad75218bdd3f1bdf9022a146147eae032cc0c)
evicePolicyManagerServiceMigrationTest.java
evicePolicyManagerServiceTestable.java
pmMockContext.java
9c6458dd58106538e790bbc702dbc10798e1bd18 30-Mar-2017 Esteban Talavera <etalavera@google.com> Add managed profile whitelist to control NotificationListenerServices

Only let notification listeners installed in the primary profile
see work profile notification if allowed by policy

Bug: 36657192
Test: runtest systemui-notification
Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Change-Id: If719151644380e9162180a24d12f798e42867c0a
(cherry picked from commit 7e4cbadc6a561be62bf3b5e4c949bbb863018cc7)
evicePolicyManagerTest.java
3165743c5040fb47a32ef30ccb7ffe11275a547e 25-Apr-2017 Tony Mak <tonymak@google.com> setAffiliationIds and getAffiliationIds uses set instead of list

Didn't use @remove because java doesn't support two methods differs from
the return type only.

Test: cts-tradefed run cts-dev --module DevicePolicyManager --test com.android.cts.devicepolicy.DeviceOwnerTest#testLockTask_unaffiliatedUser
Test: runtest -x frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
Test: cts-tradefed run cts-dev --module DevicePolicyManager --test com.android.cts.devicepolicy.DeviceOwnerPlusProfileOwnerTest

Change-Id: Ic7c7221ef5e680a6765f028c2ab73d4c2f908c58
Fix: 37622682
evicePolicyManagerTest.java
a9b8253b38c3fcc6388f79bbc5c34ad540f6a6eb 07-Apr-2017 Eric Sandness <sandness@google.com> Fix mock of setApplicationRestrictions()

If any(Bundle.class) is used in the mock's when() clause instead of
nullable(Bundle.class), the mock is not called when the bundle argument
is null.

Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest
frameworks-services

Bug: 36808416
Change-Id: Iab96fe88837e8f27a1da5775494b4611a547f13a
evicePolicyManagerTest.java
088d7aa9c1e9b73ea9dce1616b4958f0c41ca05e 17-Mar-2017 Robin Lee <rgl@google.com> Exfiltrate cert code from DevicePolicyManager

The intent is for this not to cause any behaviour changes, just to
make it easier to see what is going on with the code.

Permissions are checked in DevicePolicyManagerService. All calls to
CertificateMonitor are privileged.

Test: runtest -x frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
Test: cts-tradefed run cts-dev --module CtsDevicePolicyManagerTestCases
Change-Id: I98224087315a62234732f08b53fe91884be86386
evicePolicyManagerServiceTestable.java
2c68dadb200a4a7113b2d5162fc9137eed944ddf 17-Mar-2017 Robin Lee <rgl@google.com> Better call emulation for DevicePolicyManagerTest

Let's have several separate contexts instead of doing strange things
with package names in one monolithic context representing every single
user on the device at once, sometimes multiple times in the same call.

Syntax looks like:

runAsCaller(callerContext, dpms, (dpm) -> {
assertSomething(dpm.doSomething(caller, param));
});

When a caller calls into DevicePolicyManager here's what happens:

PRE

- a new DevicePolicyManager is created with the caller context
- service context callingIdentity is saved
- the callingUid, callingPid, and callingPermissions are added to the service context

TEST

- client-side test code interacts with DevicePolicyManager using the caller context
- server-side coder under test runs as DevicePolicyManagerService using the service context

POST

- service context callingIdentity is restored to what it was before the test.

This should be easier to reason about.

Test: runtest -x frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
Test: cts-tradefed run cts-dev --module CtsDevicePolicyManagerTestCases
Change-Id: I148e3f298b0a958639ce261e9cf91f6eb49fae4d
evicePolicyManagerTest.java
pmMockContext.java
pmTestBase.java
192bb0bc54f6bb418f5778fe26eb2e68514290fb 09-Mar-2017 Paul Duffin <paulduffin@google.com> Refactor code incompatible with Mockito 2.7.13

(cherry picked from 76e319f015c2b43498ce3ce610a253d63e76cbf3)

Some additional internal only refactorings were done as well.

Bug: 32912773
Test: make checkbuild
Change-Id: I96e3da967fad731fc8f39bde9db95f50ab7353fb
evicePolicyManagerTest.java
ockUtils.java
172f7801c7376a33d7cfe07c8cb4525d14db0c8f 06-Mar-2017 Bartosz Fabianowski <bartfab@google.com> Rename DPM.isDefaultInputMethodSetByOwner()

Settings.Secure.DEFAULT_INPUT_METHOD is a misnomer. It does not really
record a permanent default of any sort - it just indicates the currently
chosen IME. Thus, isDefaultInputMethodSetByOwner() should more
appropriately be called isCurrentInputMethodSetByOwner().

Furthermore, it turns out that setting a different IME for a user and
the user's work profile is unsupported. Thus, it is sufficient for the
intended use case to just retrieve the calling user's default IME.
There is no need for a |user| parameter.

Bug: 32692748
Test: unit tests (see DevicePolicyManagerTest.java for invocation)
Test: cts-tradefed run cts-dev --module CtsDevicePolicyManagerTestCases

Change-Id: Ia0846d38a1361042429dae7430a8b055575ef2e0
evicePolicyManagerTest.java
05dc9f764c9d399add8b7495e680f66d098c55eb 22-Feb-2017 Bartosz Fabianowski <bartfab@google.com> Add API for checking which CA certs were installed by the DO/PO

With this API, the system can determine whether a CA cert was
installed by the user or the user's DO/PO.

Bug: 32692748
Test: unit tests (see DevicePolicyManagerTest.java for invocation)
Test: cts-tradefed run cts-dev --module CtsDevicePolicyManagerTestCases

Change-Id: I3bcae5ac18ec2b110154184fc515df804fd73da6
evicePolicyManagerTest.java
pmMockContext.java
abaa0695c5361b36a7a2cdbe87c77bf60be20af7 20-Feb-2017 Robin Lee <rgl@google.com> Delete ParcelableString, add StringParceledListSlice

Both inherit from package private BaseParceledListSlice.

This is still bad, but it's not as bad. The existing code that uses
this can just do Foo.bar().getList() now instead of having to marshal
to and from an oddball type at either end as well.

In the longer term ParceledListSlice<> should be eliminated, but it's
not clear how far into the future that is going to happen.

Test: runtest -x services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
Test: runtest -x core/tests/coretests/src/android/content/pm/ParceledListSliceTest.java
Change-Id: Ie69b96b5215d6e04990f6d31345772cdfee21d78
evicePolicyManagerTest.java
4f7e1fc9af698e08576c9beadef872f5c4ea04a8 17-Feb-2017 Bartosz Fabianowski <bartfab@google.com> Merge "Add API for checking whether the default IME was set by the DO/PO"
939ccc3854d841e4aa1fc33017d49a2446315ca6 16-Feb-2017 TreeHugger Robot <treehugger-gerrit@google.com> Merge "Clear DISALLOW_ADD_USER in clearDeviceOwner for all cases"
348f696d33ffc188459e6318c65c8f9058f8d974 30-Jan-2017 Victor Chang <vichang@google.com> Clear DISALLOW_ADD_USER in clearDeviceOwner for all cases

We are not moving the restriction from system to the DO in the end.
clearDeviceOwnerUserRestrictionLocked becomes the permanent solution
for DeviceOwner CTS. Looks like no one setting DISALLOW_ADD_USER
directly in UserManager except DO/PO, and so remove it when DO is
clear

Change-Id: I235bebebd02b5e0d9883eea6dd3a4e49b40fe043
Fix: 33476323
Test: runtest frameworks-services -c com.android.server.devicepolicy.DevicePolicyManagerTest
evicePolicyManagerTest.java
aff5e9c21c28f21f7a3688d84e747727cf17f382 25-Jan-2017 Bartosz Fabianowski <bartfab@google.com> Add API for checking whether the default IME was set by the DO/PO

With this API, the system can determine whether a user's default
IME was set by the user or the user's DO/PO.

Bug: 32692748
Test: DPMS unit tests and CTS CtsDevicePolicyManagerTestCases

Change-Id: Ibd703ff5c9e4c072599ad8d6023c94a97d728109
evicePolicyManagerServiceTestable.java
evicePolicyManagerTest.java
pmMockContext.java
aab7a4146ccd14f94ac87f4c52895f1bb5d37645 30-Dec-2016 Rubin Xu <rubinxu@google.com> Add escrow token API in DevicePolicyManager.

Take advantage of the new authentication flow in LockSettingsService
and allow PO or DO to provision escrow tokens on the device. The
escrow token grants them the ability to change device lockscreen
(if used by DO) or work profile challenge (if used by PO). The
new password reset mechanism is even usable before user unlocks,
and it preserves authentication-bound keys in keystore.

Test: runtest frameworks-services -c com.android.server.SyntheticPasswordTests
Test: runtest frameworks-services -c com.android.server.devicepolicy.DevicePolicyManagerTest
Test: cts-tradefed run cts-dev -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.MixedDeviceOwnerTest#testResetPasswordWithToken
Bug: 33126620
Change-Id: Iaa684c51946f726cbd909e9ac70ad3e9ca3de1ac
evicePolicyManagerTest.java
pmTestBase.java
7f5c91c6bce6a8ff2414549219a321a98a98ab31 08-Feb-2017 Robin Lee <rgl@google.com> MonitoringCertTask no longer relies on software.device_admin

Added a test to validate that it still works the way it should before
and after the change.

Bug: 33258404
Bug: 35196414
Fix: 35129745
Test: runtest -x services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
Test: also manual, instructions:
Test: (1) Disable software.device_admin from tablet_core_hardware, rebuild.
Test: (2) Install CA cert. Notification should appear.
Test: (3) Reboot. Notification should still be there.
Change-Id: Id992725c1844a2fffbde4d8acaba531e99f853ad
evicePolicyManagerServiceTestable.java
evicePolicyManagerTest.java
pmMockContext.java
4d600d150f60249995c2212cff5acc9d11cbfc80 06-Feb-2017 TreeHugger Robot <treehugger-gerrit@google.com> Merge "Clear affiliation ids and lock task packages when clearing DO/PO"
a7bd04e89271fe0bce7bb5136bc8df0466827c6c 02-Feb-2017 Esteban Talavera <etalavera@google.com> Clear affiliation ids and lock task packages when clearing DO/PO

Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Change-Id: I38eea34cff82766c7e3b8cd79dd9757a212bb451
evicePolicyManagerTest.java
bdcada976298716b9fb566fd6264e31098df4391 01-Feb-2017 Esteban Talavera <etalavera@google.com> Affiliated profile owners can set lock task packages

Mentioned that in the documentation, cleaned up the code
a bit and added unit tests

Bug: 34614754

Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Change-Id: I91232bbe494398015094ab977c6a2adce339811f
evicePolicyManagerTest.java
2dbf9ae67a972e83f248eab06c583ff988da7422 27-Jan-2017 Bartosz Fabianowski <bartfab@google.com> Fix DPM.getPermissionGrantState()

The recent addition of DPM API access delegation introduced a bug in
this method. When a system app (UID 1000) called the method, it would
crash.

Bug: 34760123
Test: DPM unit tests
Change-Id: I69390ca30270d64a4d28a74c13a7679f14a62959
evicePolicyManagerTest.java
73145f4e60b874a408d26842d1cfc9c9506bfd9a 17-Jan-2017 phweiss <phweiss@google.com> Create public API for policy transparency outside of Settings

The new DPM.createAdminSupportIntent() returns an intent that shows the
"This action was disabled by your admin"-dialog from settings.
This enables apps to inform the user about the cause of restricted
functionality.

A new extra for the intent allows to specialize the dialog for different
restricted features, instead of a generic message for all features.

Bug: 31215663
Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services

Change-Id: I3de7aeec0f88b8f013a63957aec803cd123fbedc
evicePolicyManagerTest.java
8f3b34338aca7276a45033e362776678c2adf984 25-Jan-2017 Esteban Talavera <etalavera@google.com> Merge "Wipe device or profile if max failed attempt reached"
b88f42b6b1414ae8107be13c0d2f3957549ecaaf 24-Jan-2017 Esteban Talavera <etalavera@google.com> Wipe device or profile if max failed attempt reached

If the device or profile owner have set a max password failed
attempts policy, the device or profile should be wiped even if
DISALLOW_FACTORY_RESET / DISALLOW_REMOVE_USER /
DISALLOW_REMOVE_MANAGED_PROFILE was set by that admin. However
it should still fail if another device admin set the policy - this
is in line with what wipeData() does at the moment.

Bug: 34450538

Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Test: cts-tradefed run cts --module DevicePolicyManager --test com.android.cts.devicepolicy.DeviceOwnerPlusManagedProfileTest#testWipeData
Test: cts-tradefed run cts --module DevicePolicyManager --test com.android.cts.devicepolicy.ManagedProfileTest#testWipeData
Test: cts-tradefed run cts --module DevicePolicyManager --test com.android.cts.devicepolicy.DeviceOwnerTest#testDisallowFactoryReset
Change-Id: Ifac240692ce74432f7b57f3dfbbbac2a7282297b
evicePolicyManagerServiceTestable.java
evicePolicyManagerTest.java
pmMockContext.java
f994677626a6babc5121647646f17a7de85065a7 28-Nov-2016 Edman Anjos <edmanp@google.com> Refactor DPMS Cert Installer and App Restrictions delegation.

The DevicePolicyManagerService currently supports delegation of
certificate installation and application restriction management, both
of which are individually handled by DPMS.

Upcoming framework features will add four more delegation types,
namely: block uninstall; app permission management; app access
management; and system app enabler. At this moment it makes sense to
refactor the underlying delegation system in DPMS so that current and
future delegates can be handled in a more generic way.

Bug: 33099995
Test: DPMS unit tests
Change-Id: I9e350143572c6690febdd59d1ed5149af8ee4388
evicePolicyManagerTest.java
d37c4a99b2602dd4483ca2985e63b5316e8f4f63 23-Jan-2017 Nicolas Prevot <nprevot@google.com> Allow DO to provision even if it has set disallow remove mp.

If the device owner has set DISALLOW_REMOVE_MANAGED_PROFILE,
and there is already a managed profile:
it should be allowed to provision a new managed profile by
deleting the old one.
Test: adb shell am instrument -e class
com.android.server.devicepolicy.DevicePolicyManagerTest
-w
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
BUG:34116228

Change-Id: I9e6f39924107aee40b57d22e638487a1ea3132de
evicePolicyManagerTest.java
45d29078635372e6c6b230d3de4e9d94c0d324b1 18-Jan-2017 Nicolas Prevot <nprevot@google.com> Update DPM unit tests checking isProvisioningAllowed for comp.

Two of the tests were actually checking the same thing. Removed one.
Refactore another test to make it easier to read.

Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest
-w com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
BUG:32629873

Change-Id: Id4ca9bd8c113a858b016fb02d04bf4c76bbcb027
evicePolicyManagerTest.java
pmMockContext.java
pmTestBase.java
e24743203591fde0f3b1fe7d5e250f2b21ec0b6a 18-Jan-2017 TreeHugger Robot <treehugger-gerrit@google.com> Merge "Fix test DevicePolicyManagerTest#testSetRequiredStrongAuthTimeout_DeviceOwner"
094119df3ebc49b7158aa448fe3cc24ad4267569 18-Jan-2017 Bartosz Fabianowski <bartfab@google.com> Merge "Allow system to retrieve permission grant state"
4b0624fee452138951de919bbe74003258e9bc19 16-Jan-2017 Bartosz Fabianowski <bartfab@google.com> Allow system to retrieve permission grant state

To inform the user which apps were granted permissions by the admin,
the Settings app needs to access this information without being a DO/PO.

Bug: 32692748
Test: FrameworksServicesTests unit test

Change-Id: I3770ec6343b85be9c6f7655675ed6db5cb50612c
evicePolicyManagerTest.java
d084ca5fad1cef70aac9eed8d5d79fc87d6e5397 18-Jan-2017 Michal Karpinski <mkarpinski@google.com> Fix test DevicePolicyManagerTest#testSetRequiredStrongAuthTimeout_DeviceOwner

1) Started returning the default value for getLong() on SystemProperties mock
2) Added a test that the minimum timeout cannot be changed using a system
property on non-debuggable builds
3) Added new within range test for completeness.
4) Started using TimeUnit instead of ms constants.

Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
Bug: 34317979
Change-Id: I0409451ae39e74ec3d96a098042302291ec3408f
evicePolicyManagerTest.java
eaed75d923c132f7bb7679d3246a89eff78e6811 18-Jan-2017 Pavel Grafov <pgrafov@google.com> Merge "Make ENSURE_VERIFY_APPS global even when set by PO."
92d053b459513dc15bc3cb349a6a11cf2798a4c1 17-Jan-2017 TreeHugger Robot <treehugger-gerrit@google.com> Merge "Unit tests for wipeData for a managed profile."
c9c1b2f03a67b1ff3fb743e612fe3ef0ba23eac1 12-Jan-2017 Nicolas Prevot <nprevot@google.com> Unit tests for wipeData for a managed profile.

BUG:31952368
Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest
-w com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: If3cf2fee3edf5b16fe169e65337f215544557815
evicePolicyManagerTest.java
6a40f09083fc52acc3309d0b04401fca02df6372 25-Oct-2016 Pavel Grafov <pgrafov@google.com> Make ENSURE_VERIFY_APPS global even when set by PO.

Currently only device owner can set global user restrictions.
With this CL ENSURE_VERIFY_APPS will be global no matter who
enforces it, DO or PO.

To make it possible for system apps to check who enforces a
particular restriction in this case a new API method is added
to UserManager: getUserRestrictionSources which returns a list
of users who enforce the restriction.

Bug:31000521
Test: cts-tradefed run cts -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.UserRestrictionsTest (ag/1732744)
Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/pm/UserRestrictionsUtilsTest.java
Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceMigrationTest.java
Test: installed M on a Nexus5x device, created a managed profile with some user restrictions, and checked that after upgrading M->O all restrictions are preserved and split correctly into base, global and local.
Change-Id: I543d3ec9ef0cf2b730da6f7406021c0bba43b785
evicePolicyManagerTest.java
ef99fb85f95a2cc17e5d41f452d4632f0ec12fb7 16-Jan-2017 TreeHugger Robot <treehugger-gerrit@google.com> Merge "Make device wide DO features available if all users affiliated"
d36dd15d9bf9f65270b9bee16d6419b96b18bd86 15-Dec-2016 Esteban Talavera <etalavera@google.com> Make device wide DO features available if all users affiliated

Currently, those features are available on single user devices only
(since they collect privacy sensitive data device wide). Now making
them available as long as all users are affiliated.

It'll take a certain amount of time between user creation and the DPC
of that new user setting the appropriate affiliation ids. The DO won't
be able to access the logs during that time (and won't get any "logs
ready" callback). Once the affiliation ids are set, if they match,
logs become available again - this includes logs collected while the
user was being setup. Some logs might be lost though if the amount of
data exceeds the internal limit.

Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services

Test: cts-tradefed run cts -a armeabi-v7a --module CtsDevicePolicyManagerTestCases --test com.android.cts.devicepolicy.DeviceOwnerTest

Bug: 32326223

Change-Id: Idfe881dd6497d3ad2bead10addfd37b98b8a6e2b
evicePolicyManagerTest.java
pmMockContext.java
18de051c986b0871848a77d2c2dd11659af365c9 14-Jan-2017 TreeHugger Robot <treehugger-gerrit@google.com> Merge "Send EXTRA_USER with DevicePolicy lock broadcasts"
feffb056e8d0f22db630f7d768bd78c349420cb6 11-Jan-2017 Pavel Grafov <pgrafov@google.com> Fix DevicePolicyManagerServiceMigrationTest.

DISALLOW_ADD_MANAGED_PROFILE is enabled for device owners by default
and should be expected for device owner after migration.

Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceMigrationTest.java
Change-Id: I8e1d8bcf84a242fa50985d4fed9c3c594e19451a
evicePolicyManagerServiceMigrationTest.java
c3bd7b78d80370f21102bae155b05f2567f2a31d 10-Jan-2017 Nicolas Prevot <nprevot@google.com> Additional unit tests for isProvisioningAllowed

Test it with disallow add / remove managed profile user restrictions.

BUG:32629873
Test: adb shell am instrument -e class
com.android.server.devicepolicy.DevicePolicyManagerTest -w com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner

Change-Id: Ic6b01c2b0ed9081204801a6c5719b0fd25eafbba
evicePolicyManagerTest.java
d2a73ed21152517097a603e03c08eafbce926c3d 19-Dec-2016 Robin Lee <rgl@google.com> Send EXTRA_USER with DevicePolicy lock broadcasts

DeviceAdmins inside profiles may receive broadcasts referring either
to the parent profile or to themselves.

We need a way to differentiate that.

Same commit fixes a bug in DevicePolicyManagerTest where USER_SYSTEM
is returned twice in getProfiles() when called for a managed profile of
USER_SYSTEM. This does not happen in the real API.

Bug: 30185351
Bug: 31001762
Test: runtest -x services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
Change-Id: Iea2735357f4019b2b81b6784e7ea6aead63f2636
evicePolicyManagerTest.java
pmMockContext.java
b4413f694fbb8b03737d3e7a3831896bd371bed5 05-Jan-2017 Nicolas Prévot <nprevot@google.com> Merge "Make disallow add/remove managed profile restriction not global."
2ea46fe658c5a977a11372d7180e8ed9abf261e8 05-Jan-2017 Nicolas Prevot <nprevot@google.com> Make disallow add/remove managed profile restriction not global.

Otherwise: if the DO sets remove managed profile user restriction:
the profile owner of a managed profile cannot remove this managed
profile.

BUG:33854430
Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest -w
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: I90b2028ea627a2073298bf9ef3c07b4fdf8d13a1
evicePolicyManagerTest.java
9bab1c4dd505903dbdd7403ea38d8b9d449e9be4 03-Jan-2017 Makoto Onuki <omakoto@google.com> Merge "Get account features before taking lock"
606da7778fffcb8251808ef53903eefebc2db9a7 15-Dec-2016 Makoto Onuki <omakoto@google.com> Get account features before taking lock

Test: cts-tradefed run cts --skip-device-info --skip-preconditions --skip-system-status-check com.android.compatibility.common.tradefed.targetprep.NetworkConnectivityChecker -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.AccountCheckHostSideTest
* without having Id49f2bd5dfa80ecf35b3a23c789100ade38c2656 *

Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest -w com.android.frameworks.servicestests

Bug: 33481725
Change-Id: I1e4dd9701a76ca366f86fdaf2fc6c282e9dbe5c1
pmMockContext.java
43769ddb2c348325c9d571626251a233c7ee9b7f 22-Dec-2016 TreeHugger Robot <treehugger-gerrit@google.com> Merge "Add DISALLOW_ADD_MANAGED_PROFILE to existing device owners"
548a04b8f894c55e0612790ee6bc222e4398f33e 20-Dec-2016 Esteban Talavera <etalavera@google.com> Add DISALLOW_ADD_MANAGED_PROFILE to existing device owners

For device owners set pre-O, that restriction will not
be set via setDeviceOwner(). Therefore set it during
first boot after O OTA.

Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services

Bug: 31952368

Change-Id: I7db9b14c49a75ae2760e6923a1f3f7cde0e2784b
evicePolicyManagerTest.java
01576869a3f46923d1d893866677e3bf9a00fc2b 15-Dec-2016 Esteban Talavera <etalavera@google.com> Enforce DISALLOW_ADD_MANAGED_PROFILE

Only the device owner should be able to create a managed
profile if that restriction is set

Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services

Bug: 31952368

Change-Id: Ia5170e54594ccba1e5bcedffaec98c2af42264c0
evicePolicyManagerTest.java
pmTestBase.java
1548d5c43b789b6d5b3ab0929dcb55a2f12c57a9 15-Dec-2016 Nicolas Prévot <nprevot@google.com> Merge "Use affiliation ids when checking bind target users."
d5b036014d632c7c28f8499f39bafd4b95ac49d1 06-Dec-2016 Nicolas Prevot <nprevot@google.com> Use affiliation ids when checking bind target users.

BUG:32764274
Test: adb shell am instrument -e class
com.android.server.devicepolicy.DevicePolicyManagerTest -w
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner

Change-Id: Ic79b58dcb583b1d9eb9e7af0d1501cf8cfd0ee86
evicePolicyManagerTest.java
6c9116a6430ca5cd55b1b926213a5e8de77e4fc6 24-Nov-2016 Esteban Talavera <etalavera@google.com> Create DISALLOW_{ADD,REMOVE}_MANAGED_PROFILE user restrictions

Bug: 31952368

Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Test: runtest -c com.android.server.pm.UserManagerTest frameworks-services
Test: cts-tradefed run cts --module DevicePolicyManager --test com.android.cts.devicepolicy.UserRestrictionsTest

Change-Id: I240ab99c2409bbabffbc574bef202f2457026905
evicePolicyManagerTest.java
38724a234d8d45b25fa8c38eba637a30c4212a9b 08-Dec-2016 Amin Shaikh <ashaikh@google.com> Merge "Support multiple caches in NetworkScoreService." am: 78f3f0049e am: a7c0b73971 am: b45a4a5d1b
am: 5456cdbc27

Change-Id: I421cff1c47959c40088a31f72556630a8acd007e
972e236e84fd4073f7ecc40f2de326b388203dfb 07-Dec-2016 Amin Shaikh <ashaikh@google.com> Support multiple caches in NetworkScoreService.

- Use RemoteCallbackList for managing multiple callbacks
- Add unregisterNetworkScoreCache to the service interface
- Added NetworkScoreServiceTest

Test: runtest frameworks-services

Bug: 32913019
Change-Id: I16ca1682acca9cbe403812e520394688a026414b
ockUtils.java
abf86385f8ba14d4f4789df59adec619a682b238 06-Dec-2016 Mahaver Chopra <mahaver@google.com> Merge "Return error code from isProvisioningAllowed"
849fd6f58e92476af3e3eeb802e71fddf372d6f2 03-Nov-2016 Mahaver Chopra <mahaver@google.com> Return error code from isProvisioningAllowed

Added hidden pre condition codes for PO and DO provsioning.
Added hidden api checkProvisioningPreCondition, which returns codes
instead of boolean. Managed provisioning can use this to show
useful debug information and user facing error dialogs.

Test: All DevicePolicyManagerTest pass

Bug: 27467633
Change-Id: I7d2a79921bc3ac2e12d506629a35563fc7ff62bf
evicePolicyManagerTest.java
365a3db47001c1298fd01146e866997a9cbc3c8c 30-Nov-2016 Bartosz Fabianowski <bartfab@google.com> Allow setting managing organization for the device

The Profile Owner of a managed profile can set a string that will be
shown in the UI to identify the organization managing the profile.
This CL extends the functionality to the Device Owner of a managed
device.

Bug: 32692748
Test: DevicePolicyManagerTest unit test + CTS test in separate CL

Change-Id: I47295da2fd6485ebf0e890da13990a044accaf17
evicePolicyManagerTest.java
dd7f8dafd862fa1a6132b37b47f1b160a4065a9e 30-Nov-2016 Bartosz Fabianowski <bartfab@google.com> Allow DO to access DevicePolicyManager.isDeviceManaged()

This CL makes DPM.isDeviceManaged() accessible to the DO so that it
can be CTS-tested.

Bug: 32692748
Test: Device policy manager unit test + CTS & GTS in separate CLs

Change-Id: I5326e86b0ffee81d04bd48f0267044463a899b78
evicePolicyManagerTest.java
9f9e453b649b3507e25049c94990717dc92b269e 30-Nov-2016 TreeHugger Robot <treehugger-gerrit@google.com> Merge "Unit test for getBindDeviceAdminTargetUsers"
b57bd791bf55215110839322ef7c0f72ed915a7b 29-Nov-2016 TreeHugger Robot <treehugger-gerrit@google.com> Merge "Add user affiliation APIs"
c9bb378a8b3633bc427dd2439ab4ae8e3b17771a 11-Nov-2016 Esteban Talavera <etalavera@google.com> Add user affiliation APIs

Make setAffiliationIds public so that it can be used for COMP.
That way we can allow network logging and other features to
work on devices that have a DO and a managed profile.
Those features are currently restricted to single user devices but we'll
open them up to devices where all users are affiliated.

Also create a getter for that API.

Bug: 32326223
Test: m FrameworksServicesTests &&
adb install \
-r ${ANDROID_PRODUCT_OUT}/data/app/FrameworksServicesTests/FrameworksServicesTests.apk &&
adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest \
-w com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner

Change-Id: Ie443be887a6ca61a7f7a07e137757dceab7eb3d3
evicePolicyManagerTest.java
2f26b79eea905f88c872804be01431020e4efb2e 28-Nov-2016 Tony Mak <tonymak@google.com> Unit test for getBindDeviceAdminTargetUsers

Was meant to write test for bindDeviceAdminServiceAsUser, but
it can't be done without having tests for
getBindDeviceAdminTargetUsers first as bindDeviceAdminService depends
on getBindDeviceAdminTargetUsers.

A bit shocked by we didn't have any managed profile tests in
DevicePolicyManagerTest. Added managed profile support in the CL.

Bug: 32764274

Test: runtest -x frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java

Change-Id: If412e4f44c3ae998f69e17411f2503a97f80149f
evicePolicyManagerTest.java
pmMockContext.java
pmTestBase.java
8d76e72251eb6f83580cd8b70000d6904fe24096 25-Nov-2016 Bartosz Fabianowski <bartfab@google.com> Allow DO to access bookkeeping information about its own actions

The getLastSecurityLogRetrievalTime(), getLastBugReportRequestTime()
and getLastNetworkLogRetrievalTime() methods are meant to be used by
system code. However, there is no harm in allowing the DO to access the
information they return - because it is information about actions that
the DO itself took.

The advantage of opening up these methods to the DO is that we can
CTS-test them.

Bug: 32692748
Test: DevicePolicyManager unit test + CTS test in separate CL

Change-Id: I1470fca2a82b9955f7aed5e8b50220bea8b56fc9
evicePolicyManagerTest.java
29993074b0708d71b9d752f562ed6aee2a360fa1 17-Nov-2016 TreeHugger Robot <treehugger-gerrit@google.com> Merge "Keep track of admin actions for DO disclosures"
b21b241f0f12377c115e9c4f5bae26814fdab3fb 17-Nov-2016 Bartosz Fabianowski <bartfab@google.com> Keep track of admin actions for DO disclosures

This CL adds bookkeeping to DPMS which will allow us to tell the user
in the Settings UI whether/when the admin requested a bug report or
retrieved logs from the device.

Bug: 32692748
Test: Full DevicePolicyManagerTest unit test coverage; end-to-end tests
will follow as Settings CTS verifier tests

Change-Id: I89728fce4b7e0ff061b354c73caf3742e95a3a3e
evicePolicyManagerServiceTestable.java
evicePolicyManagerTest.java
pmMockContext.java
56400a445fa29b0a90e92d15daf6246cfc3f310d 10-Nov-2016 Nicolas Prevot <nprevot@google.com> Check user restriction DISALLOW_REMOVE_USER in isProvisioningAllowed.

If DISALLOW_REMOVE_USER is set and there is already a managed profile:
isProvisioningAllowed() should return false

BUG:32629873
Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest -w
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: I093bed0a4a54f83decf11716ebfd50dd4f17c089
evicePolicyManagerTest.java
f77ee4f1b79929a77f603e5e879f3616ae464e3e 12-Oct-2016 Michal Karpinski <mkarpinski@google.com> [DPM] Management and retrieval of network logs

This CL follows up on ag/1530343 and adds:
1) Various network events.
2) Retrieval method in DPM and APIs in DeviceAdminReceiver.
3) Extension of NetworkLogger and it's NetworkLoggingHandler.

Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/NetworkEventTest.java
Bug: 29748723
Change-Id: I42a1a477e7c75c109a3982f809c22732b814e8b2
etworkEventTest.java
6dbf67fc4889c49151415e986be98f70816f81ec 06-Oct-2016 Michal Karpinski <mkarpinski@google.com> Don't expose default strong auth timeout as constant

The admin can instead use the value of 0 to reset to default.

Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java

Bug: 31430135
Change-Id: I0d6b29ca4eca65d7ca72a8975a0c28c9050a946c
(cherry picked from commit 943aabd11cce3ab453762d3912395363720e1f5d)
evicePolicyManagerTest.java
943aabd11cce3ab453762d3912395363720e1f5d 06-Oct-2016 Michal Karpinski <mkarpinski@google.com> Don't expose default strong auth timeout as constant

The admin can instead use the value of 0 to reset to default.

Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java

Bug: 31430135
Change-Id: I0d6b29ca4eca65d7ca72a8975a0c28c9050a946c
evicePolicyManagerTest.java
357ca56f8b3b419d6b05294adae1fefcf0e63d3a 25-Sep-2016 Makoto Onuki <omakoto@google.com> Fix DPM unit tests, also fix a log message. am: 6ad5f92512 am: 2f78ab5387
am: 4001a2b4c4

Change-Id: Ifc1735798074af6758da5cc3a40d9adada1376cb
6ad5f92512462f774a2ff7e59abdf5edbfd215b3 19-Sep-2016 Makoto Onuki <omakoto@google.com> Fix DPM unit tests, also fix a log message.

Bug 31446501

Change-Id: I37debbe2f4e983fb8bad026f8dd9bd91b7448dce
pmTestBase.java
1970f97e4758224132329a3e0dbe9c3946c4499b 30-Aug-2016 Tony Mak <tonymak@google.com> Send ACTION_DEVICE_OWNER_CHANGED broadcast after clearing device owner

Change-Id: Iaac182c69a30e941da3a017a923247d813881521
Fix: 27261692
evicePolicyManagerTest.java
3577ed2556f20f7ab09e58b6b286217c7e1560c9 25-Aug-2016 Victor Chang <vichang@google.com> forceUpdateUserSetupComplete should have no effect in user build

Bug:30031808
Change-Id: I908a495633e03ace770a8ec19196841d19dfd41d
evicePolicyManagerServiceTestable.java
evicePolicyManagerTest.java
pmMockContext.java
3cb2b49f443a31b1bb043d0450e350b95acecc8b 10-Aug-2016 Suprabh Shukla <suprabh@google.com> Fixing admins not being removed from DpmMockContext

We were not calling setActiveAdmin before calling setDeviceOwner or
setProfileOwner in these tests. They were passing because the admins
were not being properly removed in the first place. The admin is
actually removed from the admin list inside onReceive of the receiver
passed in sendOrderedBroadcastForUser, which was not overridden to call
onReceive in DpmMockContext.

Bug: 30726135
Change-Id: I08cab5821228738196b229a8f885f7488aaafa34
evicePolicyManagerTest.java
pmMockContext.java
c29f62c7388f550da2c7368c5dbc0aec7d1564fe 07-Jun-2016 Makoto Onuki <omakoto@google.com> Push DO/PO package names from DPMS to PM

Bug 29126573

Change-Id: I95ea1559f6acf5d2f0e1b0953568cdfc938e83b9
evicePolicyManagerServiceTestable.java
7f98aa4aa93497692f200c553d2d6fff402e3de2 07-Apr-2016 Fyodor Kupolov <fkupolov@google.com> Added getProfileIds method returning array of userIds

Previously many usages of UserManager.getProfiles and getEnabledProfiles
were only using ids of returned users. Given that the list of users needs
to be parceled and unparceled for Binder calls, returning array of ids
minimizes memory usage and serialization time.

A new method getProfileIds was introduced which returns an array of userIds.
Existing method calls were updated where appropriate.

Bug: 27705805
Change-Id: Ic5d5decd77567ba0f749e48837a2c6fa10e812c0
pmMockContext.java
3e794afb82228199c0a83bed5463dbeb3c48dd62 04-Mar-2016 Victor Chang <vichang@google.com> Unit test for isProvisioningAllowed

Note:
DevicePolicyManagerService is changed to inject ContentObserver notifier

Test: all test cases in DevicePolicyManagerTest pass

BUG: 25710621
Change-Id: I347cec71769d0e9dd6a334d7d6339d5ce6a3fa6a
evicePolicyManagerServiceTestable.java
evicePolicyManagerTest.java
pmMockContext.java
cd14c0a9daa42a7ccacef345b3b2ef255790f993 16-Mar-2016 Victor Chang <vichang@google.com> Api change of DPM.setApplicationRestrictionsManagingPackage()

Throws NameNotFoundException instead of IllegalArgumentException

Can't throw NameNotFoundException directly from DPMS as
aidl doesn't support checked exception

Bug: 27532565
Change-Id: I202721f41057f92ad2dd851d4769ba4502a8f9b3
evicePolicyManagerTest.java
1216ae5d023e8f6e4f158a447a5764288e4ccc3e 11-Mar-2016 Mahaver Chopra <mahaver@google.com> Update DPM.reboot with new restriction

DPM.reboot() should not be called when there is an ongoing call on the
device.

Bug:27531799
Change-Id: Idc1fa4c7aa79b20ec9c2afcccf855455ee316787
evicePolicyManagerServiceTestable.java
evicePolicyManagerTest.java
pmMockContext.java
d4c9e541ec7110d3c842d6f92c3ec6beb0b6d997 26-Feb-2016 Makoto Onuki <omakoto@google.com> Add ENCRYPTION_STATUS_ACTIVE_PER_USER to...

getStorageEncryptionStatus()
Use StorageManager APIs to get the encryption
state instead of from the system properties
directly.

Bug 26547262

Change-Id: Ic27baa9489d43a93873f8bb0428084f8886aed67
evicePolicyManagerServiceTestable.java
pmMockContext.java
97e89c624e19c0a0ebe3d76506a493cfe29c0558 08-Mar-2016 Sudheer Shanka <sudheersai@google.com> Merge "Update DPM.getWifiMacAddress to take admin component as argument." into nyc-dev
3cb4da16dcf07474acefb709d10b22cdfdefd81b 08-Mar-2016 Sudheer Shanka <sudheersai@google.com> Update DPM.getWifiMacAddress to take admin component as argument.

Bug: 27532280
Change-Id: I3a5e9557c3c6ac43c458c911a5309bdb2655fb66
evicePolicyManagerTest.java
e29cd4724ff41f1cd81c1493f02fb0ba2b2f8197 02-Mar-2016 Victor Chang <vichang@google.com> enforceCanSetDeviceOwnerLocked should enforce userId == USER_SYSTEM for non-split user mode

Bug: 27453111
Change-Id: I1acdfecdf4474696e904a6a4df189453be306aa4
evicePolicyManagerTest.java
889c0880661bda16e3759995e03766ddf0350732 17-Feb-2016 Makoto Onuki <omakoto@google.com> Support safe mode properly.

In safe mode, IPM.queryXxx() doesn't work. Use IPM.getReceiverInfo()
directly instead.

Bug 27108276

Change-Id: Ice8f882559b8f0596a19ddb3a16395a4dc538a25
pmTestBase.java
4ab36372fb7f2f8236d9fa308ec508582fc52607 19-Feb-2016 Makoto Onuki <omakoto@google.com> Merge "Clean up on UserManagerService and DPMS" into nyc-dev
2a3c3da0fc07ef37abc45cfb0166bdf5f7f202b6 18-Feb-2016 Makoto Onuki <omakoto@google.com> Clean up on UserManagerService and DPMS

- Avoid the ART warning about 4.1 compatibility
- Avoid integer overflow in DPMS

Bug 27243525
Bug 27242859

Change-Id: I92af323287e348fbd0eff31e6cf9823be8e41024
evicePolicyManagerTest.java
pmMockContext.java
60949288064460894bdd288f4865cdb180c0e501 18-Feb-2016 Makoto Onuki <omakoto@google.com> Fix bugs in user restriction migration

Originally I didn't know user-0 could have PO, so I excluded this case
from migration. Now we handle it properly.

Also make sure only restrictions that can actually be set by each
owner moves to the owner restriction. (Because of this, we no longer
have to have DISALLOW_WALLPAPER in the exception list, because
owners can't set DISALLOW_WALLPAPER.)

Bug 27225996

Change-Id: I6ad79d90e6c4400abbb1e4feba6ba59e3b650815
evicePolicyManagerServiceMigrationTest.java
184db600df42c2b27a2d34deecab57d591434b22 18-Feb-2016 Makoto Onuki <omakoto@google.com> Ensure DO/PO are also DA.

Bug 24503508

Change-Id: Ib957b84d5bee185501636c406d9aaf4985a79d8d
evicePolicyManagerTest.java
pmTestBase.java
dafec11e698daf054730cfb04db64f3e31a0c9ff 16-Feb-2016 Makoto Onuki <omakoto@google.com> Merge "Don't allow deactivating DAs when the user is not unlocked" into nyc-dev
1a5ee776ee51ae6fba30c8f3b33e26eb7f9dedc6 13-Feb-2016 Makoto Onuki <omakoto@google.com> Don't allow deactivating DAs when the user is not unlocked

Bug 27149570

Change-Id: I772d9cbd6edc822c8f7b1988905b702e05e674cd
evicePolicyManagerTest.java
ed1928a981cbff9a67b5c1786ded8cbdf848056b 11-Feb-2016 Rubin Xu <rubinxu@google.com> Fix testApplicationRestrictionsManagingApp unit test

The API now requires the app restriction manager app to exist
on the current user when it is called.

Change-Id: I809816d4f5d73378c23b18d7b74ebb282b7dc444
evicePolicyManagerTest.java
5eec76504ff2ac5a05c73951b7fe38cc6a560bb9 05-Feb-2016 Esteban Talavera <etalavera@google.com> Merge "Fix unit tests"
8375fcec625d482af894cfed7b608f10cacb0f5d 04-Feb-2016 Esteban Talavera <etalavera@google.com> Fix unit tests

http://ag/858485 added a new flag and the mockito didn't match
the call any more

Change-Id: I8f99b1b6063488aeced08513b11c79bf0162006e
pmTestBase.java
90b896533eb6a8867e7951bbbdbbacd9b520199c 28-Jan-2016 Makoto Onuki <omakoto@google.com> DO / PO Shouldn't be removed as active admin...

even if they asked.

Also clear(Device|Profile)Owner should remove them as the active admin
too.

Also add some more unit tests.

Bug 26858840

Change-Id: I7b3ed92e1b4cbe803381ed6e3f64d8de17b2ebb0
evicePolicyManagerTest.java
49caead1c2608f57ac6c260396c6bfd058b921ae 02-Feb-2016 Rubin Xu <rubinxu@google.com> Call SecurityLog methods via Injector

This is to make sure the unit test can mock them out.

Bug: 26911599
Change-Id: I07a1a8b43ad5716a4b667bc5266b3b03997268c5
evicePolicyManagerServiceTestable.java
pmMockContext.java
3f3657a61b54d495bf2e692289eb92a48fe5a0b2 28-Jan-2016 Makoto Onuki <omakoto@google.com> Fix DPM unit tests

Bug 26911599

Change-Id: I874c9cd4f63c79bc984777ef3b1b654a414c4911
evicePolicyManagerServiceTestable.java
pmMockContext.java
44a18081546345a0655748717862a89ae6dd7948 26-Jan-2016 Alan Treadway <alantreadway@google.com> Merge "Add explicit and persistent user provisioning state."
6d009037271b487b45716c3a1f72037b89de6d75 25-Jan-2016 Benjamin Franz <bfranz@google.com> Add SmallTest annotation to DevicePolicyManagerTest

Adding this annotation makes sure that the tests get picked up by
continuous integration tests.

Change-Id: Ia9166898803dd0037f6bb20cb6a12333ed347fd3
evicePolicyManagerTest.java
afad8783699b1ba6f3c7ee5961d6ddc2bd771dc1 19-Jan-2016 Alan Treadway <alantreadway@google.com> Add explicit and persistent user provisioning state.

Add explicit modelling of provisioning state so that integration
of management provisioning flows with packages such as setup-wizard
are cleaner, and can be more direct. Previously we relied upon
USER_SETUP_COMPLETE secure setting and HOME intents to signal intent,
but this is not very clear and can be fragile.

Bug: 25858670
Change-Id: Idc56a040f710c3aee281db420f21717da3960722
evicePolicyManagerTest.java
fe434a15d6bde9299b51dc284b336944e5cf8a1c 25-Jan-2016 Esteban Talavera <etalavera@google.com> Merge "Add additional APIs supported work on the parent DPM instance"
4c052f237a108457fca3d3864c5654ebd4505111 25-Jan-2016 Bartosz Fabianowski <bartfab@google.com> Implement user affiliation

A user/profile is considered affiliated if it is managed by the same
entity as the device. This is determined by having the device owner and
profile owners specify a set of opaque affiliation ids each. If the sets
intersect, they must have come from the same source, which means that the
device owner and profile owner are controlled by the same entity.

BUG=25599229

Change-Id: I393fe0de70272307ed3c811aaba4b48a5109c562
evicePolicyManagerTest.java
pmTestBase.java
623999185029a2c5baf29efe4ebdcbcdebcca294 11-Jan-2016 Esteban Talavera <etalavera@google.com> Add additional APIs supported work on the parent DPM instance

Bug: 22543972
Change-Id: I05061e34d120c64d5c49ca6b7b4014d7dadb68f4
evicePolicyManagerTestable.java
51f3908c6a788f82d8188762c0680594a54b17ae 06-Jan-2016 Jeff Sharkey <jsharkey@google.com> Merge "Consistent naming for PackageManager methods."
e06b4d1d9f718b9fe02980fea794a36831a16db2 06-Jan-2016 Jeff Sharkey <jsharkey@android.com> Consistent naming for PackageManager methods.

When hidden PackageManager methods take a userId argument, they
should be named explicitly with the "AsUser" suffix. This fixes
several lagging examples so that we can pave the way to safely
start passing flags to new methods without scary overloading.

Also fix spacing issues in various logging statements.

Change-Id: I1e42f7f66427410275df713bea04f6e0445fba28
evicePolicyManagerTest.java
pmTestBase.java
06de4e77c20be239384262b1508f0cf53bedb145 22-Dec-2015 Kenny Guy <kennyguy@google.com> Add support message for device admins

Allow admins to set a long and short support
message for settings to display.

Bug: 25659579
Change-Id: Ib645490785642e49c69d8dbc65455eb3398547ee
evicePolicyManagerTest.java
f8373b5afc6dd25350bbca7093178807f1cc9ed6 23-Dec-2015 Mahaver Chopra <mahaver@google.com> DPM Test: DA and PO cannot call DPM.reboot()

Bug: 25304994
Change-Id: Ifaccf3625314f4bfcd7f99413abc9067cc3dd2f9
evicePolicyManagerServiceTestable.java
evicePolicyManagerTest.java
pmMockContext.java
bf60f728cc7ed326fb8978afd9f589a685bb87b7 10-Dec-2015 Esteban Talavera <etalavera@google.com> Device or profile owner can let another app manage app restrictions

The device or profile owner can allow another
package to set app restrictions for any app in that user

Similar to the way it can give permission to access
CA certificate related APIs from M.

Bug: 22541936
Change-Id: I0c1b0804ad300dfa4fbdc1c7721c5d8653d77861
evicePolicyManagerTest.java
e7927da1b6dc4f96714aa9bc4fbb71b3659f8cea 25-Nov-2015 Makoto Onuki <omakoto@google.com> Don't call DPM from UserManager to avoid lock inversion

- Also make sure DPMS.mOwners is always guarded with DPMS.this.
(and remove synchronization from Owners.)

Bug 25796840

Change-Id: I83f7b78e7b437d9c2a2b1d6e714346cd15f95330
evicePolicyManagerServiceTestable.java
3ab6f2e219c167fd35f16b6cf233ae6a39d9de02 05-Nov-2015 Makoto Onuki <omakoto@google.com> DA receiver should be protected with BIND_DEVICE_ADMIN.

- DPM.setActiveAdmin() will not accept DAs without BIND_DEVICE_ADMIN
when it's targeting NYC or above.

- DAs without BIND_DEVICE_ADMIN targeting MNC or below will still be
accepted. (with a logcat warning)

- DAs that are already set on a device without BIND_DEVICE_ADMIN
will still be accepted regardless of the target API level, even when
it's upgraded to a version targeting NYC.

Bug 24168653

Change-Id: I1914c2ec99135d9dd8cbac3f6914f9e43bafacc8
evicePolicyManagerTest.java
pmTestBase.java
ummyDeviceAdmins.java
a31ebbc439364a4993e79fd385cf6373408a42fe 24-Nov-2015 Makoto Onuki <omakoto@google.com> Add DO API to get wifi mac address

Bug 25496044

Change-Id: Ib1f0ce4ca10951edcfaa0aa79ae5c2d142a74599
evicePolicyManagerTest.java
pmMockContext.java
c8a5a555f1482d0f45b538eb898d6ee7e26552a6 19-Nov-2015 Makoto Onuki <omakoto@google.com> DPM.isDeviceOwnerApp() and getDeviceOwner() now check calling user

- Previously on MNC, they would return the same result regardless who
the calling user is.

- Now they properly take DO user-id into account. Meaning, they'll
always return false and null respectively, if the calling user doesn't
run device owner.

- Note isDeviceOwnerApp() is a public API and getDeviceOwner() is
a system API. Meaning we're changing the behavior or non-private
APIs.

- Also cleaned up hidden APIs, and gave them explicit suffixes
to avoid confusion. Bundled code should prefer them for clarity.

Now we have:

* APIs that work cross-users: They all require MANAGE_USERS.
boolean isDeviceOwnerAppOnAnyUser(String packageName)
ComponentName getDeviceOwnerComponentOnAnyUser()

int getDeviceOwnerUserId()
boolean isDeviceOwnedByDeviceOwner()

String getDeviceOwnerNameOnAnyUser()

* APIs that work within user. No permissions are required.

boolean isDeviceOwnerAppOnCallingUser(String packageName)
ComponentName getDeviceOwnerComponentOnCallingUser()

Bug 24676413

Change-Id: I751a907c7aaf7b019335d67065d183236effaa80
evicePolicyManagerTest.java
ac65e1e1dba1cf0ea237a389220ec818ade07a16 21-Nov-2015 Makoto Onuki <omakoto@google.com> Remove UserManager.setSystemControlledUserRestriction()

Now that we don't have UM.setUserRestriction*s*() that could remove
all existing restrictions, there's almost no point handling
DISALLOW_RECORD_AUDIO differently.

Now DISALLOW_RECORD_AUDIO is handled just like other restrictions,
except we don't persist it.

Bug 24954662

Change-Id: I27875b4a74dd95a3ce6bb774081eeaf718eaec15
evicePolicyManagerServiceMigrationTest.java
cb6fd80721253ffa9dcab5cf8c2f4e9b9cd17ccc 05-Nov-2015 Fyodor Kupolov <fkupolov@google.com> Added keep-uninstalled-packages DO policy

This policy allows DO to specify a list of apps to cache even without being
installed on any user.

Bug: 23938464
Change-Id: I2eeab7f148409739fc23a5c44e955ad12b63fd04
evicePolicyManagerServiceTestable.java
pmMockContext.java
1a2cd74526113b45d9108b6997609122c4311fb1 16-Nov-2015 Makoto Onuki <omakoto@google.com> More work on layered user restrictions.

- Now when DO/PO sets a user restriction, DPMS pushes it to UMS and
then UMS persists it, in order for UserManager.hasUserRestriction()
to never have to talk with DPMS, which would cause lock inversion.

- Also apply user restrictions when a user start.

- This is an updated version of the abandoned CL -- the difference
is, ActivityManager no longer has to call DPMS.

- Also removed an unnecessary write to userlist.xml in UMS.
upgradeIfNecessaryLP().

Bug 23902097
Bug 25388912
Bug 25354031
Bug 25641040

Change-Id: I0948aea06ad7d0f45fe612a431d765faddfe3c58
evicePolicyManagerTest.java
pmMockContext.java
ockUtils.java
wnersTest.java
219bbafc3fa40dae163d652365cc4a97d613011f 12-Nov-2015 Makoto Onuki <omakoto@google.com> Revert "Do not call into ActivityManager from DPMS within DPMS lock"

Bug 25567963

This reverts commit 53de36f9c40c9a4ac1eb9cca8f458aa6c998c1fd.

Change-Id: I4faaa0b4c50d75e208f37b99bc1d6e2f0fff8127
evicePolicyManagerServiceTestable.java
evicePolicyManagerTest.java
53de36f9c40c9a4ac1eb9cca8f458aa6c998c1fd 07-Nov-2015 Makoto Onuki <omakoto@google.com> Do not call into ActivityManager from DPMS within DPMS lock

This will allow AMS to call into DPMS within the AMS lock instead,
which will help I1537bd57b34696768ee81a979d53bb396efbc12a.

- AM.clearApplicationUserData() will not be allowed for any DA
apps.

Bug 25567963

Change-Id: I9f0d071c815a011be4f4c85c502c39d0fe0fe5e8
evicePolicyManagerServiceTestable.java
evicePolicyManagerTest.java
6d2beef6a819aebed4119ca06cb2369bc56dd214 06-Nov-2015 Makoto Onuki <omakoto@google.com> Merge "Add DPM.getUserRestrictions()"
3a3092fab0ccb631bc70de64f3bbe5c076a1f94b 30-Oct-2015 Makoto Onuki <omakoto@google.com> Add DPM.getUserRestrictions()

This returns per-DO/PO restrictions.

Bug 23902097

Change-Id: I225c1b01444fe2f60e5a6674d327182cc9bb15dc
evicePolicyManagerTest.java
803d6757fd23096e437e6fecd51ea6dda918b536 30-Oct-2015 Makoto Onuki <omakoto@google.com> Do not allow DO and PO running on the same user.

Bug 25346603

Change-Id: Ic5fbed82466a538fbf64ef802fc2624dd67313bb
evicePolicyManagerTest.java
068c54a5be697c3df4657dcda33cd17c4b547710 13-Oct-2015 Makoto Onuki <omakoto@google.com> Layer user restrictions

- Now DPMS remembers user restrictions set by DO / PO in their ActiveAdmin.

- User restrictions set by DO/PO will no longer be saved by UserManger. Instead,
when needed, UMS will consult DPMS to build "effective" user restrictions.

- UM.getUserRestrictions() will now always return "effective" user restrictions.

- DPMS migrates existing user restrictions per the eng spec.

- Also now UM.setUserRestrictions() will crash. UMS.setUserRestrictions() has
been removed.
This was needed because UM.setUserRestrctions(UM.getUserRestrictions()) will no
longer be a valid use like it used to be.

- Also introduced a fined-grained lock for user restrictions in UM to avoid
deadlock between DPMS and also for better performance.

Bug 23902097

Change-Id: If0e1e49344e2f3e9226532d00777976d1eaa7df3
evicePolicyManagerServiceMigrationTest.java
evicePolicyManagerServiceTestable.java
evicePolicyManagerTest.java
pmMockContext.java
pmTestBase.java
pmTestUtils.java
wnersTest.java
a52562ca9a4144cf30e6d5c6ffe856cc8e284464 02-Oct-2015 Makoto Onuki <omakoto@google.com> setDeviceOwner() now requires a full component name.

Bug 20149907

Change-Id: I24e66159d1d966925aa3a494b1e2839b07cdafa2
evicePolicyManagerTest.java
pmMockContext.java
wnersTest.java
a4f119790e32fcce56586e7324d508e35cb30a2a 01-Oct-2015 Makoto Onuki <omakoto@google.com> First cut of user restriction layering.

- Start persisting restrictions set by DO/PO.

- Also dump user restrictions on dumpsys

- More changes will follow, including migration.

- Now System settings are mockable.

Bug 23902097
Bug 23902477

Change-Id: I0bda22f484e1a8e259a1feb2df83c5f4a29116da
evicePolicyManagerServiceTestable.java
evicePolicyManagerTest.java
pmMockContext.java
wnersTest.java
c3cdf1c614f92759f1505b7b61265e51232b8944 05-Oct-2015 Craig Lafayette <craiglafa@google.com> Merge "Remove device initializer agent"
e7ee54ee7f4985bc743053d38d21f33c70220f05 21-Sep-2015 Craig Lafayette <craiglafa@google.com> Remove device initializer agent

Bug: 23216982
Change-Id: I867c0b5f4165983d1ed2623a655f6a2a5e3770bb
wnersTest.java
d932f7689d799b07a6776bc7c59749f672528239 30-Sep-2015 Makoto Onuki <omakoto@google.com> Refactor DPMS tests to be able to test more different cases.

- DpmMockContext.addUser() allows to create more users. This will set up
UserManager properly and create a data directory.

- Updated DevicePolicyManagerTest so it can now easily emulate calls from
different secondary users.

Change-Id: Ic9d3e8d0d1e7f41e184c82e6dc323c244535b8d8
evicePolicyManagerServiceTestable.java
evicePolicyManagerTest.java
evicePolicyManagerTestable.java
pmMockContext.java
pmTestBase.java
pmTestUtils.java
wnersTest.java
72a3a0c7d24f629bca38ee2652491307e4e706da 26-Sep-2015 Makoto Onuki <omakoto@google.com> Fix OwnersTest when run with -e package

It was because UserManager.get() returns a static cached instance but
we should always be using the mock instance that's created for each test.

Bug 24378326

Change-Id: Id4663e7676d2d0130622055a97fbde0884714349
pmMockContext.java
b643fb0e67460344ade2e3db92738999f8168496 23-Sep-2015 Makoto Onuki <omakoto@google.com> Use a factory class for dependency injection, add more tests.

- Extracting into a factory allows us to use mocks in other classes.
(Such as Owners.)

- Also removed broken test ApplicationRestrictionsTest. Instead added a new
simplified test to DevicePolicyManagerTest.

- Also stop caching rarely used instances in DPMS.

Bug 24061108
Bug 24275172

Change-Id: Ice9e57204b18e7b5f6b115126dab2209041439c2
pplicationRestrictionsTest.java
evicePolicyManagerServiceTestable.java
evicePolicyManagerTest.java
pmMockContext.java
pmTestBase.java
ummyDeviceAdmins.java
f76b06a6b546f430cf85e561858ed12eedc32b81 23-Sep-2015 Makoto Onuki <omakoto@google.com> Test more DPM APIs.

Bug 24061108

Change-Id: Ia9da19f62c0f4edf53ca1f4c213f0368ec1983ba
evicePolicyManagerServiceTestable.java
evicePolicyManagerTest.java
pmMockContext.java
pmTestUtils.java
ummyDeviceAdmin.java
ummyDeviceAdmins.java
ockUtils.java
cc4bbeb76af92a8484fe05f37c4ff412b4c47ccc 17-Sep-2015 Makoto Onuki <omakoto@google.com> Make DPM/DPMS unit-testable

- Now all services that DPMS uses are injectable.
- Introduce some wrappers to make static methods and final class mockable.
(e.g. for Binder.getCallingUid())

- In unit tests we replace those with Mockito mocks, except we use a partial
mock for PackageManager, because we use way too many methods of this and
most of them are okay to use directly.

- To install a partial mock to PackageManager, I needed to make
ApplicationPackageManager @hide public non-final.

- For a starter, added tests for DPM.setAmin().

Bug 24061108

Change-Id: I2afd51d8bc0038992d5f9be38c686260be775b75
evicePolicyManagerServiceTestable.java
evicePolicyManagerTest.java
evicePolicyManagerTestable.java
pmMockContext.java
pmTestBase.java
pmTestUtils.java
ummyDeviceAdmin.java
ockUtils.java
wnersTest.java
58b684f1cdc52467b71c42cfae18433a19ce7d0b 04-Sep-2015 Makoto Onuki <omakoto@google.com> [split system] Tentatively support running DO on meat user

- setDeviceOwner() now takes a user ID. (We can infer it from Binder, but
we still need it for the dpm command.)

- Change broadcast target UID for DO to the DO user

- Start the DO user on boot complete.
TODO Investigate whether this is actually the good timing.

TODO Prevent the DO user from being killed

Bug 23827706

Change-Id: I227dbd444f1f4e94d98c317489d151554fe79d91
wnersTest.java
2714d448b12797a5050834f952fd1166246e558e 03-Sep-2015 Makoto Onuki <omakoto@google.com> Replace all occurrences of HashMap/HashSet with ArrayMap/ArraySet.

Also fix the command line for OwnersTest in javadoc.

Change-Id: I53c222aa13eee179c5abf7e6ba95c6cbe9a7f47f
wnersTest.java
c9754cf0dfa66d39ce9ea0d2eeab5f7c442a9686 31-Aug-2015 Makoto Onuki <omakoto@google.com> Add unit tests for file persisting in Onwers.

Bug 23432442

Change-Id: If10ed5a46084695b2aca1286713b8baea8c2a418
pmMockContext.java
pmTestBase.java
wnersTest.java
99aeac27ebc5ad54c0095122251cc0258713c263 31-Aug-2015 Makoto Onuki <omakoto@google.com> Rename DeviceOwner to Owners

Bug 23432442

Change-Id: Ic59c880d45126fbcf50b1bd31e37b2b64e2f3a6d
eviceOwnerTest.java
wnersTest.java
39e784dd46fe4c7257bf63d0a60167abb2b28f79 22-Aug-2015 Makoto Onuki <omakoto@google.com> Split device owner config files

DPMS.mDeviceOwner is now always non-null, so no null checks are needed.

Bug 22802261
Bug 23432442

Change-Id: Ia8e5f114ecfc0add44b0d1be7d043ef6e37019ef
eviceOwnerTest.java
8add57224ffcf73705e507f1b73954e5de15eb88 23-Dec-2014 Esteban Talavera <etalavera@google.com> Remove deprecated version of setProfileOwner that takes packageName

The ComponentName equivalent should be used instead.

Bug: 17654371
Change-Id: I7001e86ab1709b824944148a3c44af5243dacb83
pplicationRestrictionsTest.java
eviceOwnerTest.java
5b5aa4072fb58aea47f523c724878c579adae294 02-Jun-2014 Amith Yamasani <yamasani@google.com> Handle saving and restoring ints in application restrictions

Unit tests for restrictions types and proper escaping.

Change-Id: Iac35521faf5798398a89fecbad82fcdd256a4146
pplicationRestrictionsTest.java
776c555d954d9494069f786785877c08add27327 09-Jan-2014 Adam Connors <adamconnors@google.com> Extend DeviceOwner concept to accommodate ProfileOwners

ProfileOwners, like DeviceOwners, are Device Admins that have
additional priviledges. ProfileOwners however are scoped per
user.

Change-Id: I1e22c85878e0672121e6ebbe97fca38591f992b2
eviceOwnerTest.java