summaryrefslogtreecommitdiffstats
path: root/services/devicepolicy
diff options
context:
space:
mode:
Diffstat (limited to 'services/devicepolicy')
-rw-r--r--services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java73
1 files changed, 9 insertions, 64 deletions
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 3d3aeb8..2753700 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -183,7 +183,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
private static final String ATTR_PERMISSION_PROVIDER = "permission-provider";
private static final String ATTR_SETUP_COMPLETE = "setup-complete";
- private static final String ATTR_PREFERRED_SETUP_ACTIVITY = "setup-activity";
private static final String ATTR_PERMISSION_POLICY = "permission-policy";
private static final String ATTR_DELEGATED_CERT_INSTALLER = "delegated-cert-installer";
@@ -335,8 +334,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
boolean doNotAskCredentialsOnBoot = false;
- ComponentName mPreferredSetupActivity;
-
public DevicePolicyData(int userHandle) {
mUserHandle = userHandle;
}
@@ -1436,12 +1433,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
out.attribute(null, ATTR_DELEGATED_CERT_INSTALLER,
policy.mDelegatedCertInstallerPackage);
}
- if (policy.mPreferredSetupActivity != null) {
- out.attribute(null, ATTR_PREFERRED_SETUP_ACTIVITY,
- policy.mPreferredSetupActivity.flattenToString());
- } else {
- out.attribute(null, ATTR_PREFERRED_SETUP_ACTIVITY, "");
- }
final int N = policy.mAdminList.size();
for (int i=0; i<N; i++) {
@@ -1566,12 +1557,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
}
policy.mDelegatedCertInstallerPackage = parser.getAttributeValue(null,
ATTR_DELEGATED_CERT_INSTALLER);
- String preferredSetupActivity =
- parser.getAttributeValue(null, ATTR_PREFERRED_SETUP_ACTIVITY);
- if (preferredSetupActivity != null) {
- policy.mPreferredSetupActivity =
- ComponentName.unflattenFromString(preferredSetupActivity);
- }
type = parser.next();
int outerDepth = parser.getDepth();
@@ -1695,7 +1680,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
if (policy.mStatusBarDisabled) {
setStatusBarDisabledInternal(policy.mStatusBarDisabled, userHandle);
}
- updatePreferredSetupActivityLocked(userHandle);
}
private void updateLockTaskPackagesLocked(List<String> packages, int userId) {
@@ -3145,7 +3129,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
}
@Override
- public void uninstallCaCert(ComponentName admin, String alias) {
+ public void uninstallCaCerts(ComponentName admin, String[] aliases) {
enforceCanManageCaCerts(admin);
final UserHandle userHandle = new UserHandle(UserHandle.getCallingUserId());
@@ -3153,7 +3137,9 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
try {
final KeyChainConnection keyChainConnection = KeyChain.bindAsUser(mContext, userHandle);
try {
- keyChainConnection.getService().deleteCaCertificate(alias);
+ for (int i = 0 ; i < aliases.length; i++) {
+ keyChainConnection.getService().deleteCaCertificate(aliases[i]);
+ }
} catch (RemoteException e) {
Log.e(LOG_TAG, "from CaCertUninstaller: ", e);
} finally {
@@ -4734,43 +4720,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
}
@Override
- public void setPreferredSetupActivity(ComponentName who, ComponentName activity) {
- if (!mHasFeature) {
- return;
- }
- Preconditions.checkNotNull(who, "ComponentName is null");
- synchronized (this) {
- ActiveAdmin activeAdmin =
- getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
- if (!isDeviceInitializer(activeAdmin.info.getPackageName())) {
- throw new SecurityException(
- "This method can only be called by device initializers");
- }
- int userHandle = UserHandle.getCallingUserId();
- DevicePolicyData userData = getUserData(userHandle);
- userData.mPreferredSetupActivity = activity;
- saveSettingsLocked(userHandle);
- updatePreferredSetupActivityLocked(userHandle);
- }
- }
-
- private void updatePreferredSetupActivityLocked(int userHandle) {
- if (!mHasFeature) {
- return;
- }
- IActivityManager am = ActivityManagerNative.getDefault();
- long ident = Binder.clearCallingIdentity();
- try {
- am.updatePreferredSetupActivity(
- getUserData(userHandle).mPreferredSetupActivity, userHandle);
- } catch (RemoteException e) {
- // Not gonna happen.
- } finally {
- Binder.restoreCallingIdentity(ident);
- }
- }
-
- @Override
public void setApplicationRestrictions(ComponentName who, String packageName, Bundle settings) {
Preconditions.checkNotNull(who, "ComponentName is null");
final UserHandle userHandle = new UserHandle(UserHandle.getCallingUserId());
@@ -6104,9 +6053,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
if (!policy.mUserSetupComplete) {
policy.mUserSetupComplete = true;
synchronized (this) {
- // Clear the preferred setup activity.
- policy.mPreferredSetupActivity = null;
- updatePreferredSetupActivityLocked(userHandle);
// The DeviceInitializer was whitelisted but now should be removed.
removeDeviceInitializerFromLockTaskPackages(userHandle);
saveSettingsLocked(userHandle);
@@ -6361,18 +6307,18 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
PackageManager packageManager = mContext.getPackageManager();
switch (grantState) {
case DevicePolicyManager.PERMISSION_GRANT_STATE_GRANTED: {
- packageManager.grantRuntimePermission(packageName, permission, user);
packageManager.updatePermissionFlags(permission, packageName,
PackageManager.FLAG_PERMISSION_POLICY_FIXED,
PackageManager.FLAG_PERMISSION_POLICY_FIXED, user);
+ packageManager.grantRuntimePermission(packageName, permission, user);
} break;
case DevicePolicyManager.PERMISSION_GRANT_STATE_DENIED: {
- packageManager.revokeRuntimePermission(packageName,
- permission, user);
packageManager.updatePermissionFlags(permission, packageName,
PackageManager.FLAG_PERMISSION_POLICY_FIXED,
PackageManager.FLAG_PERMISSION_POLICY_FIXED, user);
+ packageManager.revokeRuntimePermission(packageName,
+ permission, user);
} break;
case DevicePolicyManager.PERMISSION_GRANT_STATE_DEFAULT: {
@@ -6394,14 +6340,13 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
String permission) throws RemoteException {
PackageManager packageManager = mContext.getPackageManager();
- // Do this before clearing the caller's identity
- int granted = packageManager.checkPermission(permission, packageName);
-
UserHandle user = Binder.getCallingUserHandle();
synchronized (this) {
getActiveAdminForCallerLocked(admin, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
long ident = Binder.clearCallingIdentity();
try {
+ int granted = AppGlobals.getPackageManager().checkPermission(permission,
+ packageName, user.getIdentifier());
int permFlags = packageManager.getPermissionFlags(permission, packageName, user);
if ((permFlags & PackageManager.FLAG_PERMISSION_POLICY_FIXED)
!= PackageManager.FLAG_PERMISSION_POLICY_FIXED) {
generated by cgit v1.1 at 2024-06-08 07:21:33 +0000