Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 939ccc3854d841e4aa1fc33017d49a2446315ca6^1..939ccc3854d841e4aa1fc33017d49a2446315ca6 / .
commit939ccc3854d841e4aa1fc33017d49a2446315ca6[log] [tgz]
authorTreeHugger Robot <treehugger-gerrit@google.com>Thu Feb 16 22:08:16 2017 +0000
committerAndroid (Google) Code Review <android-gerrit@google.com>Thu Feb 16 22:08:20 2017 +0000
tree68e66cd90ddf8d90bc81a0d948a0b672fd44b35c
parent6f57065bd42ee0621ec6e683071ddb60f5a32d54 [diff]
parent348f696d33ffc188459e6318c65c8f9058f8d974 [diff]
Merge "Clear DISALLOW_ADD_USER in clearDeviceOwner for all cases"
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index dd44aa0..2b5a06d 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

@@ -3192,7 +3192,6 @@
                 // If admin is a device or profile owner tidy that up first.
                 if (isDeviceOwner(adminReceiver, userHandle)) {
                     clearDeviceOwnerLocked(getDeviceOwnerAdminLocked(), userHandle);
-                    clearDeviceOwnerUserRestrictionLocked(UserHandle.of(userHandle));
                 }
                 if (isProfileOwner(adminReceiver, userHandle)) {
                     final ActiveAdmin admin = getActiveAdminUncheckedLocked(adminReceiver,
@@ -3208,10 +3207,8 @@
         }
     }
 
-    // It's temporary solution to clear DISALLOW_ADD_USER after CTS
-    // STOPSHIP(b/31952368) when the restriction is moved from system to the device owner,
-    // it can be removed.
     private void clearDeviceOwnerUserRestrictionLocked(UserHandle userHandle) {
+        // ManagedProvisioning/DPC sets DISALLOW_ADD_USER. Clear to recover to the original state
         if (mUserManager.hasUserRestriction(UserManager.DISALLOW_ADD_USER, userHandle)) {
             mUserManager.setUserRestriction(UserManager.DISALLOW_ADD_USER, false, userHandle);
         }
@@ -6573,6 +6570,7 @@
         mOwners.writeDeviceOwner();
         updateDeviceOwnerLocked();
 
+        clearDeviceOwnerUserRestrictionLocked(UserHandle.of(userId));
         mInjector.securityLogSetLoggingEnabledProperty(false);
         mSecurityLogMonitor.stop();
         setNetworkLoggingActiveInternal(false);

diff --git a/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java b/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
index 23a1bb4..d0e5159 100644
--- a/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
+++ b/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java

@@ -918,6 +918,8 @@
         assertEquals(admin1, dpm.getDeviceOwnerComponentOnAnyUser());
 
         dpm.addUserRestriction(admin1, UserManager.DISALLOW_ADD_USER);
+        when(mContext.userManager.hasUserRestriction(eq(UserManager.DISALLOW_ADD_USER),
+                MockUtils.checkUserHandle(UserHandle.USER_SYSTEM))).thenReturn(true);
 
         assertTrue(dpm.isAdminActive(admin1));
         assertFalse(dpm.isRemovingAdmin(admin1, UserHandle.USER_SYSTEM));
@@ -947,6 +949,10 @@
         // Now DO shouldn't be set.
         assertNull(dpm.getDeviceOwnerComponentOnAnyUser());
 
+        verify(mContext.userManager).setUserRestriction(eq(UserManager.DISALLOW_ADD_USER),
+                eq(false),
+                MockUtils.checkUserHandle(UserHandle.USER_SYSTEM));
+
         verify(mContext.userManagerInternal).setDevicePolicyUserRestrictions(
                 eq(UserHandle.USER_SYSTEM),
                 eq(null),