Mark clearDeviceOwnerApp/clearProfileOwner as deprecated
Bug: 33175679
Test: runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services
Change-Id: I05e10638d838ccf8dc67b7a01b3ffeb7cbea8500
diff --git a/api/current.txt b/api/current.txt
index ad4ca3d..767471a 100644
--- a/api/current.txt
+++ b/api/current.txt
@@ -6199,9 +6199,9 @@
method public void addUserRestriction(android.content.ComponentName, java.lang.String);
method public boolean bindDeviceAdminServiceAsUser(android.content.ComponentName, android.content.Intent, android.content.ServiceConnection, int, android.os.UserHandle);
method public void clearCrossProfileIntentFilters(android.content.ComponentName);
- method public void clearDeviceOwnerApp(java.lang.String);
+ method public deprecated void clearDeviceOwnerApp(java.lang.String);
method public void clearPackagePersistentPreferredActivities(android.content.ComponentName, java.lang.String);
- method public void clearProfileOwner(android.content.ComponentName);
+ method public deprecated void clearProfileOwner(android.content.ComponentName);
method public boolean clearResetPasswordToken(android.content.ComponentName);
method public void clearUserRestriction(android.content.ComponentName, java.lang.String);
method public android.content.Intent createAdminSupportIntent(java.lang.String);
diff --git a/api/system-current.txt b/api/system-current.txt
index 02a5fa6..b4501fe 100644
--- a/api/system-current.txt
+++ b/api/system-current.txt
@@ -6404,9 +6404,9 @@
method public void addUserRestriction(android.content.ComponentName, java.lang.String);
method public boolean bindDeviceAdminServiceAsUser(android.content.ComponentName, android.content.Intent, android.content.ServiceConnection, int, android.os.UserHandle);
method public void clearCrossProfileIntentFilters(android.content.ComponentName);
- method public void clearDeviceOwnerApp(java.lang.String);
+ method public deprecated void clearDeviceOwnerApp(java.lang.String);
method public void clearPackagePersistentPreferredActivities(android.content.ComponentName, java.lang.String);
- method public void clearProfileOwner(android.content.ComponentName);
+ method public deprecated void clearProfileOwner(android.content.ComponentName);
method public boolean clearResetPasswordToken(android.content.ComponentName);
method public void clearUserRestriction(android.content.ComponentName, java.lang.String);
method public android.content.Intent createAdminSupportIntent(java.lang.String);
diff --git a/api/test-current.txt b/api/test-current.txt
index 2fd0d57..6bf6175 100644
--- a/api/test-current.txt
+++ b/api/test-current.txt
@@ -6216,9 +6216,9 @@
method public void addUserRestriction(android.content.ComponentName, java.lang.String);
method public boolean bindDeviceAdminServiceAsUser(android.content.ComponentName, android.content.Intent, android.content.ServiceConnection, int, android.os.UserHandle);
method public void clearCrossProfileIntentFilters(android.content.ComponentName);
- method public void clearDeviceOwnerApp(java.lang.String);
+ method public deprecated void clearDeviceOwnerApp(java.lang.String);
method public void clearPackagePersistentPreferredActivities(android.content.ComponentName, java.lang.String);
- method public void clearProfileOwner(android.content.ComponentName);
+ method public deprecated void clearProfileOwner(android.content.ComponentName);
method public boolean clearResetPasswordToken(android.content.ComponentName);
method public void clearUserRestriction(android.content.ComponentName, java.lang.String);
method public android.content.Intent createAdminSupportIntent(java.lang.String);
diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java
index 3b2562d..c9463d8 100644
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -4545,12 +4545,22 @@
/**
* Clears the current device owner. The caller must be the device owner. This function should be
* used cautiously as once it is called it cannot be undone. The device owner can only be set as
- * a part of device setup before setup completes.
+ * a part of device setup, before it completes.
+ * <p>
+ * While some policies previously set by the device owner will be cleared by this method, it is
+ * a best-effort process and some other policies will still remain in place after the device
+ * owner is cleared.
*
* @param packageName The package name of the device owner.
* @throws SecurityException if the caller is not in {@code packageName} or {@code packageName}
* does not own the current device owner component.
+ *
+ * @deprecated This method is expected to be used for testing purposes only. The device owner
+ * will lose control of the device and its data after calling it. In order to protect any
+ * sensitive data that remains on the device, it is advised that the device owner factory resets
+ * the device instead of calling this method. See {@link #wipeData(int)}.
*/
+ @Deprecated
public void clearDeviceOwnerApp(String packageName) {
throwIfParentInstance("clearDeviceOwnerApp");
if (mService != null) {
@@ -4672,15 +4682,23 @@
}
/**
- * Clears the active profile owner and removes all user restrictions. The caller must be from
- * the same package as the active profile owner for this user, otherwise a SecurityException
- * will be thrown.
+ * Clears the active profile owner. The caller must be the profile owner of this user, otherwise
+ * a SecurityException will be thrown. This method is not available to managed profile owners.
* <p>
- * This doesn't work for managed profile owners.
+ * While some policies previously set by the profile owner will be cleared by this method, it is
+ * a best-effort process and some other policies will still remain in place after the profile
+ * owner is cleared.
*
* @param admin The component to remove as the profile owner.
- * @throws SecurityException if {@code admin} is not an active profile owner.
+ * @throws SecurityException if {@code admin} is not an active profile owner, or the method is
+ * being called from a managed profile.
+ *
+ * @deprecated This method is expected to be used for testing purposes only. The profile owner
+ * will lose control of the user and its data after calling it. In order to protect any
+ * sensitive data that remains on this user, it is advised that the profile owner deletes it
+ * instead of calling this method. See {@link #wipeData(int)}.
*/
+ @Deprecated
public void clearProfileOwner(@NonNull ComponentName admin) {
throwIfParentInstance("clearProfileOwner");
if (mService != null) {
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index dd44aa0..0c68a80 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -6625,14 +6625,16 @@
if (!mHasFeature) {
return;
}
- final UserHandle callingUser = mInjector.binderGetCallingUserHandle();
- final int userId = callingUser.getIdentifier();
+ Preconditions.checkNotNull(who, "ComponentName is null");
+
+ final int userId = mInjector.userHandleGetCallingUserId();
enforceNotManagedProfile(userId, "clear profile owner");
enforceUserUnlocked(userId);
- // Check if this is the profile owner who is calling
- final ActiveAdmin admin =
- getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
synchronized (this) {
+ // Check if this is the profile owner who is calling
+ final ActiveAdmin admin =
+ getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
+
final long ident = mInjector.binderClearCallingIdentity();
try {
clearProfileOwnerLocked(admin, userId);