Merge "Disable DO single user features when clearDeviceOwner() is called regardless of the amount of users"
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index c497cb1..29c9019 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -6092,7 +6092,6 @@
}
private void clearDeviceOwnerLocked(ActiveAdmin admin, int userId) {
- disableDeviceOwnerManagedSingleUserFeaturesIfNeeded();
if (admin != null) {
admin.disableCamera = false;
admin.userRestrictions = null;
@@ -6104,6 +6103,7 @@
mOwners.clearDeviceOwner();
mOwners.writeDeviceOwner();
updateDeviceOwnerLocked();
+ disableDeviceOwnerManagedSingleUserFeaturesIfNeeded();
try {
if (mInjector.getIBackupManager() != null) {
// Reactivate backup service.
@@ -9185,19 +9185,34 @@
}
private synchronized void disableDeviceOwnerManagedSingleUserFeaturesIfNeeded() {
- if (!mOwners.hasDeviceOwner()) {
- return;
- }
- if (!isDeviceOwnerManagedSingleUserDevice()) {
+ final boolean isSingleUserManagedDevice = isDeviceOwnerManagedSingleUserDevice();
+
+ // disable security logging if needed
+ if (!isSingleUserManagedDevice) {
mInjector.securityLogSetLoggingEnabledProperty(false);
+ Slog.w(LOG_TAG, "Security logging turned off as it's no longer a single user managed"
+ + " device.");
+ }
- getDeviceOwnerAdminLocked().isNetworkLoggingEnabled = false;
- saveSettingsLocked(mInjector.userHandleGetCallingUserId());
- setNetworkLoggingActiveInternal(false);
-
+ // disable backup service if needed
+ // note: when clearing DO, the backup service shouldn't be disabled if it was enabled by
+ // the device owner
+ if (mOwners.hasDeviceOwner() && !isSingleUserManagedDevice) {
setBackupServiceEnabledInternal(false);
- Slog.w(LOG_TAG, "Security logging, network logging and backup service turned off as"
- + " it's not a single user device.");
+ Slog.w(LOG_TAG, "Backup is off as it's a managed device that has more that one user.");
+ }
+
+ // disable network logging if needed
+ if (!isSingleUserManagedDevice) {
+ setNetworkLoggingActiveInternal(false);
+ Slog.w(LOG_TAG, "Network logging turned off as it's no longer a single user managed"
+ + " device.");
+ // if there still is a device owner, disable logging policy, otherwise the admin
+ // has been nuked
+ if (mOwners.hasDeviceOwner()) {
+ getDeviceOwnerAdminLocked().isNetworkLoggingEnabled = false;
+ saveSettingsLocked(mOwners.getDeviceOwnerUserId());
+ }
}
}