From 284b62e1b8c3419bfd02c6fea5ba0a68146c06f8 Mon Sep 17 00:00:00 2001
From: Jim Miller <jaggies@google.com>
Date: Tue, 8 Jun 2010 14:27:42 -0700
Subject: Fix 2737842: Disable KeguardManager API if device policy is enabled

This change adds notification to find out when the device policy
has changed.  When an admin adds or changes a policy, we get notified
and reset the state of keyguard to be enabled.

It also moves disabling keyguard into the TokenWatcher.acquired()
method to avoid disabling keyguard when a policy doesn't permit it.
This avoids reference counting issues in TokenWatcher and hence relieves
the ordering issue.

There is one remaining caveat. An application that uses KeyguardManager
to disable keyguard will need to disable keyguard again after any
policy change.

Tested:

Install and run app that disables keyguard with no admin. Result: keyguard is enabled/disabled as expected.
Enable admin and set quality = "something" after installing & running app. Result: keyguard is enabled.
Change admin password quality to "unspecified" and re-run app (per caveat). Result: keyguard is disabled.
Change admin password quality to "something" again. Result: keyguard is enabled.
Disable admin : Result: keyguard is enabled until app runs again (per caveat).

Added minor cosmetic changes after review.

Change-Id: I302f2b01446bf031f746b0f3e8b5fd7a6cc0e648
---
 core/java/android/app/admin/DevicePolicyManager.java | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'core')

diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java
index 35e7ee6..296d70a4 100644
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -78,6 +78,15 @@ public class DevicePolicyManager {
             = "android.app.action.ADD_DEVICE_ADMIN";
     
     /**
+     * Activity action: send when any policy admin changes a policy.
+     * This is generally used to find out when a new policy is in effect.
+     * 
+     * @hide
+     */
+    public static final String ACTION_DEVICE_POLICY_MANAGER_STATE_CHANGED
+            = "android.app.action.DEVICE_POLICY_MANAGER_STATE_CHANGED";
+
+    /**
      * The ComponentName of the administrator component.
      *
      * @see #ACTION_ADD_DEVICE_ADMIN
-- 
cgit v1.1