Merge "Return null value if getActiveAdminUncheckedLocked returns null." into nyc-dev
diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java
index 36c82e5..6b4771c 100644
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -4889,15 +4889,30 @@
* @throws SecurityException if {@code admin} is not a device or profile owner.
*/
public Bundle getUserRestrictions(@NonNull ComponentName admin) {
- return getUserRestrictions(admin, myUserId());
- }
-
- /** @hide per-user version */
- public Bundle getUserRestrictions(@NonNull ComponentName admin, int userHandle) {
Bundle ret = null;
if (mService != null) {
try {
- ret = mService.getUserRestrictions(admin, userHandle);
+ ret = mService.getUserRestrictions(admin);
+ } catch (RemoteException e) {
+ throw e.rethrowFromSystemServer();
+ }
+ }
+ return ret == null ? new Bundle() : ret;
+ }
+
+ /**
+ * Called by the system to get the user restrictions for a user.
+ *
+ * @param admin Which {@link DeviceAdminReceiver} this request is associated with.
+ * @param userHandle user id the admin is running as.
+ *
+ * @hide
+ */
+ public Bundle getUserRestrictionsForUser(@NonNull ComponentName admin, int userHandle) {
+ Bundle ret = null;
+ if (mService != null) {
+ try {
+ ret = mService.getUserRestrictionsForUser(admin, userHandle);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
diff --git a/core/java/android/app/admin/IDevicePolicyManager.aidl b/core/java/android/app/admin/IDevicePolicyManager.aidl
index 8be52d8..c3d5ed9 100644
--- a/core/java/android/app/admin/IDevicePolicyManager.aidl
+++ b/core/java/android/app/admin/IDevicePolicyManager.aidl
@@ -169,7 +169,8 @@
ComponentName getRestrictionsProvider(int userHandle);
void setUserRestriction(in ComponentName who, in String key, boolean enable);
- Bundle getUserRestrictions(in ComponentName who, int userId);
+ Bundle getUserRestrictions(in ComponentName who);
+ Bundle getUserRestrictionsForUser(in ComponentName who, int userId);
void addCrossProfileIntentFilter(in ComponentName admin, in IntentFilter filter, int flags);
void clearCrossProfileIntentFilters(in ComponentName admin);
diff --git a/packages/SettingsLib/src/com/android/settingslib/RestrictedLockUtils.java b/packages/SettingsLib/src/com/android/settingslib/RestrictedLockUtils.java
index 1f1a9b8..1135200 100644
--- a/packages/SettingsLib/src/com/android/settingslib/RestrictedLockUtils.java
+++ b/packages/SettingsLib/src/com/android/settingslib/RestrictedLockUtils.java
@@ -78,7 +78,8 @@
int deviceOwnerUserId = dpm.getDeviceOwnerUserId();
boolean enforcedByDeviceOwner = false;
if (deviceOwner != null && deviceOwnerUserId != UserHandle.USER_NULL) {
- Bundle enforcedRestrictions = dpm.getUserRestrictions(deviceOwner, deviceOwnerUserId);
+ Bundle enforcedRestrictions =
+ dpm.getUserRestrictionsForUser(deviceOwner, deviceOwnerUserId);
if (enforcedRestrictions != null
&& enforcedRestrictions.getBoolean(userRestriction, false)) {
enforcedByDeviceOwner = true;
@@ -90,7 +91,8 @@
if (userId != UserHandle.USER_NULL) {
profileOwner = dpm.getProfileOwnerAsUser(userId);
if (profileOwner != null) {
- Bundle enforcedRestrictions = dpm.getUserRestrictions(profileOwner, userId);
+ Bundle enforcedRestrictions =
+ dpm.getUserRestrictionsForUser(profileOwner, userId);
if (enforcedRestrictions != null
&& enforcedRestrictions.getBoolean(userRestriction, false)) {
enforcedByProfileOwner = true;
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 3e368f5..96ec02a 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -5796,8 +5796,7 @@
transitionCheckNeeded = false;
} else {
// For all other cases, caller must have MANAGE_PROFILE_AND_DEVICE_OWNERS.
- mContext.enforceCallingOrSelfPermission(
- android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS, null);
+ enforceCanManageProfileAndDeviceOwners();
}
final DevicePolicyData policyData = getUserData(userHandle);
@@ -5990,8 +5989,7 @@
}
return;
}
- mContext.enforceCallingOrSelfPermission(
- android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS, null);
+ enforceCanManageProfileAndDeviceOwners();
if (hasUserSetupCompleted(userHandle) && !isCallerWithSystemUid()) {
throw new IllegalStateException("Cannot set the profile owner on a user which is "
+ "already set-up");
@@ -6006,8 +6004,7 @@
int callingUid = mInjector.binderGetCallingUid();
boolean isAdb = callingUid == Process.SHELL_UID || callingUid == Process.ROOT_UID;
if (!isAdb) {
- mContext.enforceCallingOrSelfPermission(
- android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS, null);
+ enforceCanManageProfileAndDeviceOwners();
}
final int code = checkSetDeviceOwnerPreCondition(userId, isAdb);
@@ -6663,6 +6660,9 @@
}
synchronized (this) {
ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
+ if (admin == null) {
+ return false;
+ }
if (admin.permittedAccessiblityServices == null) {
return true;
}
@@ -6833,6 +6833,9 @@
}
synchronized (this) {
ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
+ if (admin == null) {
+ return false;
+ }
if (admin.permittedInputMethods == null) {
return true;
}
@@ -7103,19 +7106,30 @@
}
@Override
- public Bundle getUserRestrictions(ComponentName who, int userHandle) {
+ public Bundle getUserRestrictions(ComponentName who) {
+ if (!mHasFeature) {
+ return null;
+ }
+ Preconditions.checkNotNull(who, "ComponentName is null");
+ synchronized (this) {
+ final ActiveAdmin activeAdmin = getActiveAdminForCallerLocked(who,
+ DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
+ return activeAdmin.userRestrictions;
+ }
+ }
+
+ @Override
+ public Bundle getUserRestrictionsForUser(ComponentName who, int userHandle) {
+ if (!mHasFeature) {
+ return null;
+ }
Preconditions.checkNotNull(who, "ComponentName is null");
enforceFullCrossUsersPermission(userHandle);
+ enforceCanManageProfileAndDeviceOwners();
synchronized (this) {
ActiveAdmin activeAdmin = getActiveAdminUncheckedLocked(who, userHandle);
if (activeAdmin == null) {
- throw new SecurityException("No active admin: " + activeAdmin);
- }
- if (activeAdmin.getUid() != mInjector.binderGetCallingUid()) {
- mContext.enforceCallingOrSelfPermission(
- android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS,
- "Calling uid " + mInjector.binderGetCallingUid() + " neither owns the admin"
- + " " + who + " nor has MANAGE_PROFILE_AND_DEVICE_OWNERS permission");
+ return null;
}
return activeAdmin.userRestrictions;
}
@@ -8689,6 +8703,11 @@
null);
}
+ private void enforceCanManageProfileAndDeviceOwners() {
+ mContext.enforceCallingOrSelfPermission(
+ android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS, null);
+ }
+
@Override
public boolean isUninstallInQueue(final String packageName) {
enforceCanManageDeviceAdmin();