diff options
| author | 2015-03-12 11:25:21 -0700 | |
|---|---|---|
| committer | 2015-03-12 15:59:00 -0700 | |
| commit | 0a32d35ce2c9de8025ab842f3bc929d5fe287d17 (patch) | |
| tree | d7119ff57e9fae7548668f082c41ff387618d0ee | |
| parent | c6ee744a90a4a84df93b6631ca7df8736ef320e1 (diff) | |
Changed the logic of calculating effective password limits
Admins without limit-password policy or passwordQuality below
PASSWORD_QUALITY_COMPLEX, should be excluded from the list when
calculating effective limits.
Bug: 19603660
Change-Id: I7b7d8498c8a072a4c050be48709ce34bddba39a5
| -rw-r--r-- | services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index 00d7971ce959..fd20b6454347 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -17,6 +17,7 @@ package com.android.server.devicepolicy; import static android.Manifest.permission.MANAGE_CA_CERTIFICATES; +import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_COMPLEX; import static android.app.admin.DevicePolicyManager.WIPE_EXTERNAL_STORAGE; import static android.app.admin.DevicePolicyManager.WIPE_RESET_PROTECTION_DATA; import static android.content.pm.PackageManager.GET_UNINSTALLED_PACKAGES; @@ -2351,6 +2352,9 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { final int N = policy.mAdminList.size(); for (int i=0; i<N; i++) { ActiveAdmin admin = policy.mAdminList.get(i); + if (!isLimitPasswordAllowed(admin, PASSWORD_QUALITY_COMPLEX)) { + continue; + } if (length < admin.minimumPasswordLetters) { length = admin.minimumPasswordLetters; } @@ -2396,6 +2400,9 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { final int N = policy.mAdminList.size(); for (int i = 0; i < N; i++) { ActiveAdmin admin = policy.mAdminList.get(i); + if (!isLimitPasswordAllowed(admin, PASSWORD_QUALITY_COMPLEX)) { + continue; + } if (length < admin.minimumPasswordNumeric) { length = admin.minimumPasswordNumeric; } @@ -2441,6 +2448,9 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { final int N = policy.mAdminList.size(); for (int i=0; i<N; i++) { ActiveAdmin admin = policy.mAdminList.get(i); + if (!isLimitPasswordAllowed(admin, PASSWORD_QUALITY_COMPLEX)) { + continue; + } if (length < admin.minimumPasswordSymbols) { length = admin.minimumPasswordSymbols; } @@ -2486,6 +2496,9 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { final int N = policy.mAdminList.size(); for (int i=0; i<N; i++) { ActiveAdmin admin = policy.mAdminList.get(i); + if (!isLimitPasswordAllowed(admin, PASSWORD_QUALITY_COMPLEX)) { + continue; + } if (length < admin.minimumPasswordNonLetter) { length = admin.minimumPasswordNonLetter; } @@ -5618,4 +5631,15 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } } } + + /** + * Returns true if specified admin is allowed to limit passwords and has a + * {@code passwordQuality} of at least {@code minPasswordQuality} + */ + private static boolean isLimitPasswordAllowed(ActiveAdmin admin, int minPasswordQuality) { + if (admin.passwordQuality < minPasswordQuality) { + return false; + } + return admin.info.usesPolicy(DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD); + } } |