Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / compatibility / cdd / 4fb8b88d7e5654f6daef3ca4f2e1fa886fe9aebe^1..4fb8b88d7e5654f6daef3ca4f2e1fa886fe9aebe / .
commit4fb8b88d7e5654f6daef3ca4f2e1fa886fe9aebe[log] [tgz]
authorSachiyo Sugimoto <sachiyo@google.com>Tue Jan 16 19:18:37 2018 +0000
committerandroid-build-merger <android-build-merger@google.com>Tue Jan 16 19:18:37 2018 +0000
tree9e3cabeefbab2dab15838746f47e3f7fcdfc8651
parent3840033f0802d38d11ef201a33e29bd8e201f351 [diff]
parent5e7bb42f51b0ad3b3db912a7b1dbf8b4acb364a1 [diff]
Merge "CDD: Relax CDD to allow device owner migration path for proprietary device admins." into nougat-dev am: ce7f9a307d
am: 5e7bb42f51

Change-Id: Ie09922f02db351699b2c39b812996f131e71f404

diff --git a/3_software/3_9_device-administration.md b/3_software/3_9_device-administration.md
index d1cfb00..08e4950 100644
--- a/3_software/3_9_device-administration.md
+++ b/3_software/3_9_device-administration.md

@@ -31,6 +31,22 @@
 *   When the device implementation has user data, it:
     *    MUST report `false` for the [`DevicePolicyManager.isProvisioningAllowed(ACTION_PROVISION_MANAGED_DEVICE)`](https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html\#isProvisioningAllowed\(java.lang.String\)).
     *    MUST not enroll any DPC application as the Device Owner App any more.
+    *    To assist with the migration from a proprietary to the standard Android
+         Device Owner management, device implementations shipping with a
+         proprietary Device Owner management solution MAY provide a mechanism to
+         promote an application configured in their solution as a "Device Owner
+         equivalent" to the standard "Device Owner" as recognized by
+         the
+         [DevicePolicyManager](http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html)
+         APIs. This can be done with user data on the device, but device implementations
+         MUST:
+         *   Have a process in place to verify that the specific app being
+             promoted belongs to a legitimate enterprise device management
+             solution and it has been already configured in the proprietary
+             solution to have the rights equivalent as a "Device Owner".
+         *   Show the same AOSP Device Owner consent disclosure as the flow initiated by
+             [`android.app.action.PROVISION_MANAGED_DEVICE`](http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#ACTION_PROVISION_MANAGED_DEVICE)
+             prior to enrolling the DPC application as "Device Owner".
 
 Device implementations MAY have a preinstalled application performing device
 administration functions but this application MUST NOT be set as the Device