Merge "Remove the profile/device owner user restriction bypass." into lmp-dev

author: Julia Reynolds <juliacr@google.com> 2014-07-28 14:03:41 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2014-07-24 15:36:21 +0000
commit: ea4f01070a9c8f5147eb228c413a84de78d98973 (patch)
tree: 4bd17f77bd7f4baa199d4f1f7a5e8eed58d0207a /services
parent: 14f2abff289e4a13d0a096cd73744c6366106f52 (diff)
parent: 401de1785eccc946ed6c35e9b7fccab92b2022af (diff)
download: frameworks_base-ea4f01070a9c8f5147eb228c413a84de78d98973.zip
frameworks_base-ea4f01070a9c8f5147eb228c413a84de78d98973.tar.gz
frameworks_base-ea4f01070a9c8f5147eb228c413a84de78d98973.tar.bz2
2 files changed, 2 insertions, 80 deletions
diff --git a/services/core/java/com/android/server/AppOpsService.java b/services/core/java/com/android/server/AppOpsService.java
index 5a510a9..13e1b37 100644
--- a/services/core/java/com/android/server/AppOpsService.java
+++ b/services/core/java/com/android/server/AppOpsService.java
@@ -96,8 +96,6 @@ public class AppOpsService extends IAppOpsService.Stub {
     final SparseArray<HashMap<String, Ops>> mUidOps
             = new SparseArray<HashMap<String, Ops>>();
 
-    private int mDeviceOwnerUid;
-    private final SparseIntArray mProfileOwnerUids = new SparseIntArray();
     private final SparseArray<boolean[]> mOpRestrictions = new SparseArray<boolean[]>();
 
     public final static class Ops extends SparseArray<Op> {
@@ -873,15 +871,7 @@ public class AppOpsService extends IAppOpsService.Stub {
                     }
                 }
             }
-            if (userHandle == UserHandle.USER_OWNER) {
-                if (uid != mDeviceOwnerUid) {
-                    return true;
-                }
-            } else {
-                if (uid != mProfileOwnerUids.get(userHandle, -1)) {
-                    return true;
-                }
-            }
+            return true;
         }
         return false;
     }
@@ -1256,35 +1246,6 @@ public class AppOpsService extends IAppOpsService.Stub {
     }
 
     @Override
-    public void setDeviceOwner(String packageName) throws RemoteException {
-        checkSystemUid("setDeviceOwner");
-        try {
-            mDeviceOwnerUid = mContext.getPackageManager().getPackageUid(packageName,
-                    UserHandle.USER_OWNER);
-        } catch (NameNotFoundException e) {
-            Log.e(TAG, "Could not find Device Owner UID");
-            mDeviceOwnerUid = -1;
-            throw new IllegalArgumentException("Could not find device owner package "
-                    + packageName);
-        }
-    }
-
-    @Override
-    public void setProfileOwner(String packageName, int userHandle) throws RemoteException {
-        checkSystemUid("setProfileOwner");
-        try {
-            int uid = mContext.getPackageManager().getPackageUid(packageName,
-                    userHandle);
-            mProfileOwnerUids.put(userHandle, uid);
-        } catch (NameNotFoundException e) {
-            Log.e(TAG, "Could not find Profile Owner UID");
-            mProfileOwnerUids.put(userHandle, -1);
-            throw new IllegalArgumentException("Could not find profile owner package "
-                    + packageName);
-        }
-    }
-
-    @Override
     public void setUserRestrictions(Bundle restrictions, int userHandle) throws RemoteException {
         checkSystemUid("setUserRestrictions");
         boolean[] opRestrictions = mOpRestrictions.get(userHandle);
@@ -1306,10 +1267,6 @@ public class AppOpsService extends IAppOpsService.Stub {
     public void removeUser(int userHandle) throws RemoteException {
         checkSystemUid("removeUser");
         mOpRestrictions.remove(userHandle);
-        final int index = mProfileOwnerUids.indexOfKey(userHandle);
-        if (index >= 0) {
-            mProfileOwnerUids.removeAt(index);
-        }
     }
 
     private void checkSystemUid(String function) {
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index c54c4fb..25f9e9b 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -252,8 +252,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
         }
     };
 
-    private IAppOpsService mAppOpsService;
-
     static class ActiveAdmin {
         private static final String TAG_DISABLE_KEYGUARD_FEATURES = "disable-keyguard-features";
         private static final String TAG_DISABLE_CAMERA = "disable-camera";
@@ -1288,24 +1286,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
         getUserData(UserHandle.USER_OWNER);
         loadDeviceOwner();
         cleanUpOldUsers();
-        mAppOpsService = IAppOpsService.Stub.asInterface(
-                ServiceManager.getService(Context.APP_OPS_SERVICE));
-        if (mDeviceOwner != null) {
-            if (mDeviceOwner.hasDeviceOwner()) {
-                try {
-                    mAppOpsService.setDeviceOwner(mDeviceOwner.getDeviceOwnerPackageName());
-                } catch (RemoteException e) {
-                    Log.w(LOG_TAG, "Unable to notify AppOpsService of DeviceOwner", e);
-                }
-            }
-            for (Integer i : mDeviceOwner.getProfileOwnerKeys()) {
-                try {
-                    mAppOpsService.setProfileOwner(mDeviceOwner.getProfileOwnerPackageName(i), i);
-                } catch (RemoteException e) {
-                    Log.w(LOG_TAG, "Unable to notify AppOpsService of ProfileOwner", e);
-                }
-            }
-        }
         // Register an observer for watching for user setup complete.
         new SetupContentObserver(mHandler).register(mContext.getContentResolver());
         // Initialize the user setup state, to handle the upgrade case.
@@ -3169,14 +3149,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
                         "Trying to set device owner but device owner is already set.");
             }
 
-            long token = Binder.clearCallingIdentity();
-            try {
-                mAppOpsService.setDeviceOwner(packageName);
-            } catch (RemoteException e) {
-                Log.w(LOG_TAG, "Unable to notify AppOpsService of DeviceOwner", e);
-            } finally {
-                Binder.restoreCallingIdentity(token);
-            }
             if (mDeviceOwner == null) {
                 // Device owner is not set and does not exist, set it.
                 mDeviceOwner = DeviceOwner.createWithDeviceOwner(packageName, ownerName);
@@ -3284,14 +3256,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
                 throw new IllegalStateException(
                         "Trying to set profile owner but user is already set-up.");
             }
-            long token = Binder.clearCallingIdentity();
-            try {
-                mAppOpsService.setProfileOwner(packageName, userHandle);
-            } catch (RemoteException e) {
-                Log.w(LOG_TAG, "Unable to notify AppOpsService of ProfileOwner", e);
-            } finally {
-                Binder.restoreCallingIdentity(token);
-            }
+
             if (mDeviceOwner == null) {
                 // Device owner state does not exist, create it.
                 mDeviceOwner = DeviceOwner.createWithProfileOwner(packageName, ownerName,
author	Julia Reynolds <juliacr@google.com>	2014-07-28 14:03:41 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2014-07-24 15:36:21 +0000
commit	ea4f01070a9c8f5147eb228c413a84de78d98973 (patch)
tree	4bd17f77bd7f4baa199d4f1f7a5e8eed58d0207a /services
parent	14f2abff289e4a13d0a096cd73744c6366106f52 (diff)
parent	401de1785eccc946ed6c35e9b7fccab92b2022af (diff)
download	frameworks_base-ea4f01070a9c8f5147eb228c413a84de78d98973.zip frameworks_base-ea4f01070a9c8f5147eb228c413a84de78d98973.tar.gz frameworks_base-ea4f01070a9c8f5147eb228c413a84de78d98973.tar.bz2