Update to lock task features API
1. Throw if notifications is given without home feature, as this
configuration allows potential escape routes.
2. Default power button menu to be on in order to be consistent with
existing lock task behaviour before P.
Bug: 71790952
Bug: 74381063
Test: manual
Change-Id: I2383c087a18739a158d55edcd84d22d1abdb887a
diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java
index 4cb7f89..9da432a 100644
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -1612,8 +1612,6 @@
* <li>keyguard
* </ul>
*
- * This is the default configuration for LockTask.
- *
* @see #setLockTaskFeatures(ComponentName, int)
*/
public static final int LOCK_TASK_FEATURE_NONE = 0;
@@ -1631,7 +1629,10 @@
/**
* Enable notifications during LockTask mode. This includes notification icons on the status
* bar, heads-up notifications, and the expandable notification shade. Note that the Quick
- * Settings panel will still be disabled.
+ * Settings panel remains disabled. This feature flag can only be used in combination with
+ * {@link #LOCK_TASK_FEATURE_HOME}. {@link #setLockTaskFeatures(ComponentName, int)}
+ * throws an {@link IllegalArgumentException} if this feature flag is defined without
+ * {@link #LOCK_TASK_FEATURE_HOME}.
*
* @see #setLockTaskFeatures(ComponentName, int)
*/
@@ -1664,6 +1665,9 @@
* the user long-presses the power button, for example. Note that the user may not be able to
* power off the device if this flag is not set.
*
+ * <p>This flag is enabled by default until {@link #setLockTaskFeatures(ComponentName, int)} is
+ * called for the first time.
+ *
* @see #setLockTaskFeatures(ComponentName, int)
*/
public static final int LOCK_TASK_FEATURE_GLOBAL_ACTIONS = 1 << 4;
@@ -7167,30 +7171,24 @@
}
/**
- * Sets which system features to enable for LockTask mode.
- * <p>
- * Feature flags set through this method will only take effect for the duration when the device
- * is in LockTask mode. If this method is not called, none of the features listed here will be
- * enabled.
- * <p>
- * This function can only be called by the device owner, a profile owner of an affiliated user
- * or profile, or the profile owner when no device owner is set. See {@link #isAffiliatedUser}.
- * Any features set via this method will be cleared if the user becomes unaffiliated.
+ * Sets which system features are enabled when the device runs in lock task mode. This method
+ * doesn't affect the features when lock task mode is inactive. Any system features not included
+ * in {@code flags} are implicitly disabled when calling this method. By default, only
+ * {@link #LOCK_TASK_FEATURE_GLOBAL_ACTIONS} is enabled—all the other features are disabled. To
+ * disable the global actions dialog, call this method omitting
+ * {@link #LOCK_TASK_FEATURE_GLOBAL_ACTIONS}.
+ *
+ * <p>This method can only be called by the device owner, a profile owner of an affiliated
+ * user or profile, or the profile owner when no device owner is set. See
+ * {@link #isAffiliatedUser}.
+ * Any features set using this method are cleared if the user becomes unaffiliated.
*
* @param admin Which {@link DeviceAdminReceiver} this request is associated with.
- * @param flags Bitfield of feature flags:
- * {@link #LOCK_TASK_FEATURE_NONE} (default),
- * {@link #LOCK_TASK_FEATURE_SYSTEM_INFO},
- * {@link #LOCK_TASK_FEATURE_NOTIFICATIONS},
- * {@link #LOCK_TASK_FEATURE_HOME},
- * {@link #LOCK_TASK_FEATURE_OVERVIEW},
- * {@link #LOCK_TASK_FEATURE_GLOBAL_ACTIONS},
- * {@link #LOCK_TASK_FEATURE_KEYGUARD}
+ * @param flags The system features enabled during lock task mode.
* @throws SecurityException if {@code admin} is not the device owner, the profile owner of an
* affiliated user or profile, or the profile owner when no device owner is set.
* @see #isAffiliatedUser
- * @throws SecurityException if {@code admin} is not the device owner or the profile owner.
- */
+ **/
public void setLockTaskFeatures(@NonNull ComponentName admin, @LockTaskFeature int flags) {
throwIfParentInstance("setLockTaskFeatures");
if (mService != null) {
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 2e07703..6292ab8 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -51,6 +51,7 @@
import static android.app.admin.DevicePolicyManager.ID_TYPE_SERIAL;
import static android.app.admin.DevicePolicyManager.LEAVE_ALL_SYSTEM_APPS_ENABLED;
import static android.app.admin.DevicePolicyManager.LOCK_TASK_FEATURE_HOME;
+import static android.app.admin.DevicePolicyManager.LOCK_TASK_FEATURE_NOTIFICATIONS;
import static android.app.admin.DevicePolicyManager.LOCK_TASK_FEATURE_OVERVIEW;
import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_COMPLEX;
import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED;
@@ -592,7 +593,8 @@
List<String> mLockTaskPackages = new ArrayList<>();
// Bitfield of feature flags to be enabled during LockTask mode.
- int mLockTaskFeatures = DevicePolicyManager.LOCK_TASK_FEATURE_NONE;
+ // We default on the power button menu, in order to be consistent with pre-P behaviour.
+ int mLockTaskFeatures = DevicePolicyManager.LOCK_TASK_FEATURE_GLOBAL_ACTIONS;
boolean mStatusBarDisabled = false;
@@ -9882,6 +9884,9 @@
boolean hasOverview = (flags & LOCK_TASK_FEATURE_OVERVIEW) != 0;
Preconditions.checkArgument(hasHome || !hasOverview,
"Cannot use LOCK_TASK_FEATURE_OVERVIEW without LOCK_TASK_FEATURE_HOME");
+ boolean hasNotification = (flags & LOCK_TASK_FEATURE_NOTIFICATIONS) != 0;
+ Preconditions.checkArgument(hasHome || !hasNotification,
+ "Cannot use LOCK_TASK_FEATURE_NOTIFICATIONS without LOCK_TASK_FEATURE_HOME");
final int userHandle = mInjector.userHandleGetCallingUserId();
synchronized (this) {
diff --git a/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java b/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
index 43490d3..873fbff 100644
--- a/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
+++ b/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
@@ -3723,7 +3723,8 @@
}
private void verifyLockTaskState(int userId) throws Exception {
- verifyLockTaskState(userId, new String[0], DevicePolicyManager.LOCK_TASK_FEATURE_NONE);
+ verifyLockTaskState(userId, new String[0],
+ DevicePolicyManager.LOCK_TASK_FEATURE_GLOBAL_ACTIONS);
}
private void verifyLockTaskState(int userId, String[] packages, int flags) throws Exception {