Create Work Challenge per-user condition
Change the current static condition to a per-user condition so we
can check and enable/disable the work challenge properly. Also add
an isAllowed API, as the Work Challenge can only be used when the
user's DPC targets N or above to maintain backwards compatibility.
Change-Id: I0cb8b475838816801868ffb24726407aa257b4de
diff --git a/services/core/java/com/android/server/trust/TrustManagerService.java b/services/core/java/com/android/server/trust/TrustManagerService.java
index d888c56..78e3f7f 100644
--- a/services/core/java/com/android/server/trust/TrustManagerService.java
+++ b/services/core/java/com/android/server/trust/TrustManagerService.java
@@ -290,14 +290,9 @@
}
public void setDeviceLockedForUser(int userId, boolean locked) {
- if (LockPatternUtils.isSeparateWorkChallengeEnabled()) {
- UserInfo info = mUserManager.getUserInfo(userId);
- if (info.isManagedProfile()) {
- synchronized (mDeviceLockedForUser) {
- mDeviceLockedForUser.put(userId, locked);
- }
- } else {
- Log.wtf(TAG, "Requested to change lock state for non-profile user " + userId);
+ if (mLockPatternUtils.isSeparateProfileChallengeEnabled(userId)) {
+ synchronized (mDeviceLockedForUser) {
+ mDeviceLockedForUser.put(userId, locked);
}
}
}
@@ -669,7 +664,7 @@
public boolean isDeviceLocked(int userId) throws RemoteException {
userId = ActivityManager.handleIncomingUser(getCallingPid(), getCallingUid(), userId,
false /* allowAll */, true /* requireFull */, "isDeviceLocked", null);
- if (!LockPatternUtils.isSeparateWorkChallengeEnabled()) {
+ if (!mLockPatternUtils.isSeparateProfileChallengeEnabled(userId)) {
userId = resolveProfileParent(userId);
}
@@ -680,13 +675,13 @@
public boolean isDeviceSecure(int userId) throws RemoteException {
userId = ActivityManager.handleIncomingUser(getCallingPid(), getCallingUid(), userId,
false /* allowAll */, true /* requireFull */, "isDeviceSecure", null);
- if (!LockPatternUtils.isSeparateWorkChallengeEnabled()) {
+ if (!mLockPatternUtils.isSeparateProfileChallengeEnabled(userId)) {
userId = resolveProfileParent(userId);
}
long token = Binder.clearCallingIdentity();
try {
- return new LockPatternUtils(mContext).isSecure(userId);
+ return mLockPatternUtils.isSecure(userId);
} finally {
Binder.restoreCallingIdentity(token);
}