Add new Factory reset protection policy APIs
Historically, FRP behaviour was built on top of the application restrictions
infrastructure. This CL introduces new behaviour, as the profile owner of an
organization-owned device needs to be able to control FRP behaviour and
cannot set application restrictions on user 0.
- Introduced a new FactoryResetProtectionPolicy object
- Added it as a field to ActiveAdmin
- Created a default value
- Added setFactoryResetProtectionPolicy to DPM which is used to set a
factory reset protection policy. If the policy is null, the current
policy is cleared and set back to the default value.
- Added getFactoryResetProtectionPolicy to DPM to retrieve the current
factory reset protection policy. If this is the default value, then
no policy is set.
- Both these APIs are callable by the device owner or profile owner of
an organization-owned device.
Bug: 143517230
Test: atest com.android.server.devicepolicy.DevicePolicyManagerTest
atest com.android.server.devicepolicy.FactoryResetProtectionPolicyTest
atest com.android.cts.devicepolicy.MixedDeviceOwnerTest#testFactoryResetProtectionPolicy
atest com.android.cts.devicepolicy.OrgOwnedProfileOwnerTest#testFactoryResetProtectionPolicy
Change-Id: I72c4d06ec8a27741a1956d082969573077937726
15 files changed