Fix Javadoc of DevicePolicyManager#setStorageEncryption to reflect that
it's a no-op (and silent fail) when called from a non-system user.
DevicePolicyManagerService#setStorageEncryption also has its Javadoc
fixed.
Bug: 74591983
Change-Id: Ie191ad255cbfcade921d172641f134d6c49a17b1
Fixes: 74591983
Test: N/A - just javadoc changed
diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java
index 6511f21..02e77df 100644
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -3769,7 +3769,7 @@
/**
* Called by an application that is administering the device to request that the storage system
- * be encrypted.
+ * be encrypted. Does nothing if the caller is on a secondary user or a managed profile.
* <p>
* When multiple device administrators attempt to control device encryption, the most secure,
* supported setting will always be used. If any device administrator requests device
@@ -3791,10 +3791,13 @@
*
* @param admin Which {@link DeviceAdminReceiver} this request is associated with.
* @param encrypt true to request encryption, false to release any previous request
- * @return the new request status (for all active admins) - will be one of
- * {@link #ENCRYPTION_STATUS_UNSUPPORTED}, {@link #ENCRYPTION_STATUS_INACTIVE}, or
- * {@link #ENCRYPTION_STATUS_ACTIVE}. This is the value of the requests; Use
- * {@link #getStorageEncryptionStatus()} to query the actual device state.
+ * @return the new total request status (for all active admins), or {@link
+ * DevicePolicyManager#ENCRYPTION_STATUS_UNSUPPORTED} if called for a non-system user.
+ * Will be one of {@link #ENCRYPTION_STATUS_UNSUPPORTED}, {@link
+ * #ENCRYPTION_STATUS_INACTIVE}, or {@link #ENCRYPTION_STATUS_ACTIVE}. This is the value
+ * of the requests; use {@link #getStorageEncryptionStatus()} to query the actual device
+ * state.
+ *
* @throws SecurityException if {@code admin} is not an active administrator or does not use
* {@link DeviceAdminInfo#USES_ENCRYPTED_STORAGE}
*/
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index c7ae570..3dc9141 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -6466,8 +6466,11 @@
}
/**
- * Set the storage encryption request for a single admin. Returns the new total request
- * status (for all admins).
+ * Called by an application that is administering the device to request that the storage system
+ * be encrypted. Does nothing if the caller is on a secondary user or a managed profile.
+ *
+ * @return the new total request status (for all admins), or {@link
+ * DevicePolicyManager#ENCRYPTION_STATUS_UNSUPPORTED} if called for a non-system user
*/
@Override
public int setStorageEncryption(ComponentName who, boolean encrypt) {
@@ -6482,7 +6485,7 @@
if (userHandle != UserHandle.USER_SYSTEM) {
Slog.w(LOG_TAG, "Only owner/system user is allowed to set storage encryption. User "
+ UserHandle.getCallingUserId() + " is not permitted.");
- return 0;
+ return DevicePolicyManager.ENCRYPTION_STATUS_UNSUPPORTED;
}
ActiveAdmin ap = getActiveAdminForCallerLocked(who,