diff options
Diffstat (limited to 'services/devicepolicy')
-rw-r--r-- | services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java | 73 |
1 files changed, 9 insertions, 64 deletions
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index 3d3aeb8..2753700 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -183,7 +183,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { private static final String ATTR_PERMISSION_PROVIDER = "permission-provider"; private static final String ATTR_SETUP_COMPLETE = "setup-complete"; - private static final String ATTR_PREFERRED_SETUP_ACTIVITY = "setup-activity"; private static final String ATTR_PERMISSION_POLICY = "permission-policy"; private static final String ATTR_DELEGATED_CERT_INSTALLER = "delegated-cert-installer"; @@ -335,8 +334,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { boolean doNotAskCredentialsOnBoot = false; - ComponentName mPreferredSetupActivity; - public DevicePolicyData(int userHandle) { mUserHandle = userHandle; } @@ -1436,12 +1433,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { out.attribute(null, ATTR_DELEGATED_CERT_INSTALLER, policy.mDelegatedCertInstallerPackage); } - if (policy.mPreferredSetupActivity != null) { - out.attribute(null, ATTR_PREFERRED_SETUP_ACTIVITY, - policy.mPreferredSetupActivity.flattenToString()); - } else { - out.attribute(null, ATTR_PREFERRED_SETUP_ACTIVITY, ""); - } final int N = policy.mAdminList.size(); for (int i=0; i<N; i++) { @@ -1566,12 +1557,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } policy.mDelegatedCertInstallerPackage = parser.getAttributeValue(null, ATTR_DELEGATED_CERT_INSTALLER); - String preferredSetupActivity = - parser.getAttributeValue(null, ATTR_PREFERRED_SETUP_ACTIVITY); - if (preferredSetupActivity != null) { - policy.mPreferredSetupActivity = - ComponentName.unflattenFromString(preferredSetupActivity); - } type = parser.next(); int outerDepth = parser.getDepth(); @@ -1695,7 +1680,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { if (policy.mStatusBarDisabled) { setStatusBarDisabledInternal(policy.mStatusBarDisabled, userHandle); } - updatePreferredSetupActivityLocked(userHandle); } private void updateLockTaskPackagesLocked(List<String> packages, int userId) { @@ -3145,7 +3129,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } @Override - public void uninstallCaCert(ComponentName admin, String alias) { + public void uninstallCaCerts(ComponentName admin, String[] aliases) { enforceCanManageCaCerts(admin); final UserHandle userHandle = new UserHandle(UserHandle.getCallingUserId()); @@ -3153,7 +3137,9 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { try { final KeyChainConnection keyChainConnection = KeyChain.bindAsUser(mContext, userHandle); try { - keyChainConnection.getService().deleteCaCertificate(alias); + for (int i = 0 ; i < aliases.length; i++) { + keyChainConnection.getService().deleteCaCertificate(aliases[i]); + } } catch (RemoteException e) { Log.e(LOG_TAG, "from CaCertUninstaller: ", e); } finally { @@ -4734,43 +4720,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } @Override - public void setPreferredSetupActivity(ComponentName who, ComponentName activity) { - if (!mHasFeature) { - return; - } - Preconditions.checkNotNull(who, "ComponentName is null"); - synchronized (this) { - ActiveAdmin activeAdmin = - getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER); - if (!isDeviceInitializer(activeAdmin.info.getPackageName())) { - throw new SecurityException( - "This method can only be called by device initializers"); - } - int userHandle = UserHandle.getCallingUserId(); - DevicePolicyData userData = getUserData(userHandle); - userData.mPreferredSetupActivity = activity; - saveSettingsLocked(userHandle); - updatePreferredSetupActivityLocked(userHandle); - } - } - - private void updatePreferredSetupActivityLocked(int userHandle) { - if (!mHasFeature) { - return; - } - IActivityManager am = ActivityManagerNative.getDefault(); - long ident = Binder.clearCallingIdentity(); - try { - am.updatePreferredSetupActivity( - getUserData(userHandle).mPreferredSetupActivity, userHandle); - } catch (RemoteException e) { - // Not gonna happen. - } finally { - Binder.restoreCallingIdentity(ident); - } - } - - @Override public void setApplicationRestrictions(ComponentName who, String packageName, Bundle settings) { Preconditions.checkNotNull(who, "ComponentName is null"); final UserHandle userHandle = new UserHandle(UserHandle.getCallingUserId()); @@ -6104,9 +6053,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { if (!policy.mUserSetupComplete) { policy.mUserSetupComplete = true; synchronized (this) { - // Clear the preferred setup activity. - policy.mPreferredSetupActivity = null; - updatePreferredSetupActivityLocked(userHandle); // The DeviceInitializer was whitelisted but now should be removed. removeDeviceInitializerFromLockTaskPackages(userHandle); saveSettingsLocked(userHandle); @@ -6361,18 +6307,18 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { PackageManager packageManager = mContext.getPackageManager(); switch (grantState) { case DevicePolicyManager.PERMISSION_GRANT_STATE_GRANTED: { - packageManager.grantRuntimePermission(packageName, permission, user); packageManager.updatePermissionFlags(permission, packageName, PackageManager.FLAG_PERMISSION_POLICY_FIXED, PackageManager.FLAG_PERMISSION_POLICY_FIXED, user); + packageManager.grantRuntimePermission(packageName, permission, user); } break; case DevicePolicyManager.PERMISSION_GRANT_STATE_DENIED: { - packageManager.revokeRuntimePermission(packageName, - permission, user); packageManager.updatePermissionFlags(permission, packageName, PackageManager.FLAG_PERMISSION_POLICY_FIXED, PackageManager.FLAG_PERMISSION_POLICY_FIXED, user); + packageManager.revokeRuntimePermission(packageName, + permission, user); } break; case DevicePolicyManager.PERMISSION_GRANT_STATE_DEFAULT: { @@ -6394,14 +6340,13 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { String permission) throws RemoteException { PackageManager packageManager = mContext.getPackageManager(); - // Do this before clearing the caller's identity - int granted = packageManager.checkPermission(permission, packageName); - UserHandle user = Binder.getCallingUserHandle(); synchronized (this) { getActiveAdminForCallerLocked(admin, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER); long ident = Binder.clearCallingIdentity(); try { + int granted = AppGlobals.getPackageManager().checkPermission(permission, + packageName, user.getIdentifier()); int permFlags = packageManager.getPermissionFlags(permission, packageName, user); if ((permFlags & PackageManager.FLAG_PERMISSION_POLICY_FIXED) != PackageManager.FLAG_PERMISSION_POLICY_FIXED) { |