DOs can clear the DI; rehide hasUserSetupCompleted.
Bug: 19230954
Change-Id: I97467229b23f3c9be1c3c4fff1c888a812f14a95
diff --git a/api/current.txt b/api/current.txt
index 163e9d0..ef400ea 100644
--- a/api/current.txt
+++ b/api/current.txt
@@ -5492,7 +5492,6 @@
method public int getStorageEncryptionStatus();
method public boolean hasCaCertInstalled(android.content.ComponentName, byte[]);
method public boolean hasGrantedPolicy(android.content.ComponentName, int);
- method public boolean hasUserSetupCompleted();
method public boolean installCaCert(android.content.ComponentName, byte[]);
method public boolean installKeyPair(android.content.ComponentName, java.security.PrivateKey, java.security.cert.Certificate, java.lang.String);
method public boolean isActivePasswordSufficient();
diff --git a/api/system-current.txt b/api/system-current.txt
index 8a9259f..8d76673 100644
--- a/api/system-current.txt
+++ b/api/system-current.txt
@@ -5593,7 +5593,6 @@
method public int getStorageEncryptionStatus();
method public boolean hasCaCertInstalled(android.content.ComponentName, byte[]);
method public boolean hasGrantedPolicy(android.content.ComponentName, int);
- method public boolean hasUserSetupCompleted();
method public boolean installCaCert(android.content.ComponentName, byte[]);
method public boolean installKeyPair(android.content.ComponentName, java.security.PrivateKey, java.security.cert.Certificate, java.lang.String);
method public boolean isActivePasswordSufficient();
@@ -30906,8 +30905,8 @@
method public void unregisterPhoneAccount(android.telecom.PhoneAccountHandle);
field public static final java.lang.String ACTION_CHANGE_PHONE_ACCOUNTS = "android.telecom.action.CHANGE_PHONE_ACCOUNTS";
field public static final java.lang.String ACTION_CONNECTION_SERVICE_CONFIGURE = "android.telecom.action.CONNECTION_SERVICE_CONFIGURE";
- field public static final java.lang.String ACTION_SHOW_CALL_ACCESSIBILITY_SETTINGS = "android.telecom.action.SHOW_CALL_ACCESSIBILITY_SETTINGS";
field public static final java.lang.String ACTION_PHONE_ACCOUNT_REGISTERED = "android.telecom.action.PHONE_ACCOUNT_REGISTERED";
+ field public static final java.lang.String ACTION_SHOW_CALL_ACCESSIBILITY_SETTINGS = "android.telecom.action.SHOW_CALL_ACCESSIBILITY_SETTINGS";
field public static final java.lang.String ACTION_SHOW_CALL_SETTINGS = "android.telecom.action.SHOW_CALL_SETTINGS";
field public static final java.lang.String ACTION_SHOW_RESPOND_VIA_SMS_SETTINGS = "android.telecom.action.SHOW_RESPOND_VIA_SMS_SETTINGS";
field public static final char DTMF_CHARACTER_PAUSE = 44; // 0x002c ','
diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java
index cee8e8d..add7130 100644
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -2474,10 +2474,9 @@
}
/**
- * Clears the current device initializer. The caller must be the device initializer.
- *
- * This function should be used cautiously as once it is called it cannot
- * be undone.
+ * Removes the device initializer, so that it will not be invoked on user initialization for any
+ * subsequently created users. This method can be called by either the device owner or device
+ * initializer itself.
*/
public void clearDeviceInitializerApp() {
if (mService != null) {
@@ -2586,6 +2585,7 @@
}
/**
+ * @hide
* Checks if the user was already setup.
*/
public boolean hasUserSetupCompleted() {
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 6270212..7e7eb2d 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -3947,18 +3947,10 @@
if (packageName == null) {
throw new NullPointerException("packageName is null");
}
- try {
- int uid = mContext.getPackageManager().getPackageUid(packageName, 0);
- if (uid != Binder.getCallingUid()) {
- throw new SecurityException(
- "clearDeviceInitializer can only be called by the device initializer");
- }
- } catch (NameNotFoundException e) {
- throw new SecurityException(e);
- }
- if (!isDeviceInitializer(packageName)) {
+
+ if (!isDeviceInitializer(packageName) && !isDeviceOwner(packageName)) {
throw new SecurityException(
- "clearDeviceInitializer can only be called by the device initializer");
+ "clearDeviceInitializer can only be called by the device initializer/owner");
}
synchronized (this) {
long ident = Binder.clearCallingIdentity();