[RESTRICT AUTOMERGE] Revert "[RESTRICT AUTOMERGE] Remove DPMS#getProfileOwner in favor of getProfileOwnerAsUser"

This reverts commit 10f79644fc7db512daa6dcf71685dc4f71f8f11b. Reason for revert: Explained in b/153995973#comment40 Bug: 153995973 Change-Id: I437400528cb98e9ce665ebc308bfe05f4f24ca13
author: Antoan Angelov <arangelov@google.com> 2021-02-02 19:46:24 +0000
committer: Antoan Angelov <arangelov@google.com> 2021-02-05 11:59:48 +0000
commit: c6bda518dae6ae473cc73d2487e4ac0e0838c6ad (patch)
tree: 448019907f8688e23c62f6cdcc250d3850430db1
parent: 10f79644fc7db512daa6dcf71685dc4f71f8f11b (diff)
5 files changed, 21 insertions, 24 deletions
diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java
index d6056d23699e..322cac81d58b 100644
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -6994,7 +6994,7 @@ public class DevicePolicyManager {
         throwIfParentInstance("isProfileOwnerApp");
         if (mService != null) {
             try {
-                ComponentName profileOwner = mService.getProfileOwnerAsUser(myUserId());
+                ComponentName profileOwner = mService.getProfileOwner(myUserId());
                 return profileOwner != null
                         && profileOwner.getPackageName().equals(packageName);
             } catch (RemoteException re) {
diff --git a/core/java/android/app/admin/IDevicePolicyManager.aidl b/core/java/android/app/admin/IDevicePolicyManager.aidl
index 86058d9933df..9c6a274ccf8c 100644
--- a/core/java/android/app/admin/IDevicePolicyManager.aidl
+++ b/core/java/android/app/admin/IDevicePolicyManager.aidl
@@ -156,6 +156,7 @@ interface IDevicePolicyManager {
 
     boolean setProfileOwner(in ComponentName who, String ownerName, int userHandle);
     ComponentName getProfileOwnerAsUser(int userHandle);
+    ComponentName getProfileOwner(int userHandle);
     ComponentName getProfileOwnerOrDeviceOwnerSupervisionComponent(in UserHandle userHandle);
     String getProfileOwnerName(int userHandle);
     void setProfileEnabled(in ComponentName who);
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/CertificateMonitor.java b/services/devicepolicy/java/com/android/server/devicepolicy/CertificateMonitor.java
index a33a512b3be0..aa38880d6d7d 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/CertificateMonitor.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/CertificateMonitor.java
@@ -177,7 +177,7 @@ public class CertificateMonitor {
 
         int parentUserId = userHandle.getIdentifier();
 
-        if (mService.getProfileOwnerAsUser(userHandle.getIdentifier()) != null) {
+        if (mService.getProfileOwner(userHandle.getIdentifier()) != null) {
             contentText = resources.getString(R.string.ssl_ca_cert_noti_managed,
                     mService.getProfileOwnerName(userHandle.getIdentifier()));
             smallIconId = R.drawable.stat_sys_certificate_info;
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 15cb5bff01d9..c6b93d6ca4f4 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -4714,7 +4714,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
     public boolean isSeparateProfileChallengeAllowed(int userHandle) {
         enforceSystemCaller("query separate challenge support");
 
-        ComponentName profileOwner = getProfileOwnerAsUser(userHandle);
+        ComponentName profileOwner = getProfileOwner(userHandle);
         // Profile challenge is supported on N or newer release.
         return profileOwner != null &&
                 getTargetSdk(profileOwner.getPackageName(), userHandle) > Build.VERSION_CODES.M;
@@ -6622,7 +6622,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
 
         final UserHandle caller = mInjector.binderGetCallingUserHandle();
         // If there is a profile owner, redirect to that; otherwise query the device owner.
-        ComponentName aliasChooser = getProfileOwnerAsUser(caller.getIdentifier());
+        ComponentName aliasChooser = getProfileOwner(caller.getIdentifier());
         if (aliasChooser == null && caller.isSystem()) {
             synchronized (getLockObject()) {
                 final ActiveAdmin deviceOwnerAdmin = getDeviceOwnerAdminLocked();
@@ -8744,7 +8744,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
     }
 
     public boolean isProfileOwner(ComponentName who, int userId) {
-        final ComponentName profileOwner = getProfileOwnerAsUser(userId);
+        final ComponentName profileOwner = getProfileOwner(userId);
         return who != null && who.equals(profileOwner);
     }
 
@@ -9302,10 +9302,16 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
 
     @Override
     public ComponentName getProfileOwnerAsUser(int userHandle) {
+        enforceCrossUsersPermission(userHandle);
+
+        return getProfileOwner(userHandle);
+    }
+
+    @Override
+    public ComponentName getProfileOwner(int userHandle) {
         if (!mHasFeature) {
             return null;
         }
-        enforceCrossUsersPermission(userHandle);
         synchronized (getLockObject()) {
             return mOwners.getProfileOwnerComponent(userHandle);
         }
@@ -9348,9 +9354,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
         return mInjector.binderWithCleanCallingIdentity(() -> {
             for (UserInfo userInfo : mUserManager.getProfiles(userHandle)) {
                 if (userInfo.isManagedProfile()) {
-                    if (getProfileOwnerAsUser(userInfo.id) != null
+                    if (getProfileOwner(userInfo.id) != null
                             && isProfileOwnerOfOrganizationOwnedDevice(userInfo.id)) {
-                        ComponentName who = getProfileOwnerAsUser(userInfo.id);
+                        ComponentName who = getProfileOwner(userInfo.id);
                         return getActiveAdminUncheckedLocked(who, userInfo.id);
                     }
                 }
@@ -9390,7 +9396,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
             return null;
         }
         enforceManageUsers();
-        ComponentName profileOwner = getProfileOwnerAsUser(userHandle);
+        ComponentName profileOwner = getProfileOwner(userHandle);
         if (profileOwner == null) {
             return null;
         }
@@ -9787,7 +9793,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
             return false;
         }
 
-        final ComponentName profileOwner = getProfileOwnerAsUser(userId);
+        final ComponentName profileOwner = getProfileOwner(userId);
         if (profileOwner == null) {
             return false;
         }
@@ -13362,7 +13368,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
             // Managed-profiles cannot be setup on the system user.
             return CODE_SPLIT_SYSTEM_USER_DEVICE_SYSTEM_USER;
         }
-        if (getProfileOwnerAsUser(callingUserId) != null) {
+        if (getProfileOwner(callingUserId) != null) {
             // Managed user cannot have a managed profile.
             return CODE_USER_HAS_PROFILE_OWNER;
         }
@@ -14016,7 +14022,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
             return true;
         }
 
-        final ComponentName profileOwner = getProfileOwnerAsUser(userId);
+        final ComponentName profileOwner = getProfileOwner(userId);
         if (profileOwner == null) {
             return false;
         }
@@ -14226,7 +14232,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
 
         enforceUserUnlocked(userId);
 
-        final ComponentName profileOwner = getProfileOwnerAsUser(userId);
+        final ComponentName profileOwner = getProfileOwner(userId);
         if (profileOwner != null && packageName.equals(profileOwner.getPackageName())) {
             throw new IllegalArgumentException("Cannot uninstall a package with a profile owner");
         }
@@ -15762,7 +15768,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
             final List<ActiveAdmin> admins = new ArrayList<>();
             int[] users = mUserManager.getProfileIdsWithDisabled(UserHandle.getCallingUserId());
             for (int i = 0; i < users.length; i++) {
-                final ComponentName componentName = getProfileOwnerAsUser(users[i]);
+                final ComponentName componentName = getProfileOwner(users[i]);
                 if (componentName != null) {
                     ActiveAdmin admin = getActiveAdminUncheckedLocked(componentName, users[i]);
                     if (admin != null) {
diff --git a/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java b/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
index 82c23e5051c9..daaabf8141ff 100644
--- a/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
+++ b/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
@@ -666,7 +666,6 @@ public class DevicePolicyManagerTest extends DpmTestBase {
      */
     public void testRemoveActiveAdmin_fromDifferentUserWithINTERACT_ACROSS_USERS_FULL() {
         mContext.callerPermissions.add(android.Manifest.permission.MANAGE_DEVICE_ADMINS);
-        mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS);
 
         // Add admin1.
 
@@ -2685,7 +2684,6 @@ public class DevicePolicyManagerTest extends DpmTestBase {
         mContext.callerPermissions.add(permission.MANAGE_DEVICE_ADMINS);
         mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS);
         mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS_FULL);
-        mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS);
 
         // Check that the system user is unaffiliated.
         mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID;
@@ -4222,8 +4220,6 @@ public class DevicePolicyManagerTest extends DpmTestBase {
     }
 
     public void testGetBindDeviceAdminTargetUsers() throws Exception {
-        mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS);
-
         // Setup device owner.
         mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID;
         setupDeviceOwner();
@@ -6055,7 +6051,6 @@ public class DevicePolicyManagerTest extends DpmTestBase {
     }
 
     public void testGetAllCrossProfilePackages_notSet_returnsEmpty() throws Exception {
-        mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS);
         addManagedProfile(admin1, mServiceContext.binder.callingUid, admin1);
         mContext.packageName = admin1.getPackageName();
 
@@ -6067,7 +6062,6 @@ public class DevicePolicyManagerTest extends DpmTestBase {
 
     public void testGetAllCrossProfilePackages_notSet_dpmsReinitialized_returnsEmpty()
             throws Exception {
-        mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS);
         addManagedProfile(admin1, mServiceContext.binder.callingUid, admin1);
         mContext.packageName = admin1.getPackageName();
 
@@ -6079,7 +6073,6 @@ public class DevicePolicyManagerTest extends DpmTestBase {
     }
 
     public void testGetAllCrossProfilePackages_whenSet_returnsCombinedSet() throws Exception {
-        mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS);
         addManagedProfile(admin1, mServiceContext.binder.callingUid, admin1);
         final Set<String> packages = Sets.newSet("TEST_PACKAGE", "TEST_COMMON_PACKAGE");
         mContext.packageName = admin1.getPackageName();
@@ -6097,7 +6090,6 @@ public class DevicePolicyManagerTest extends DpmTestBase {
 
     public void testGetAllCrossProfilePackages_whenSet_dpmsReinitialized_returnsCombinedSet()
             throws Exception {
-        mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS);
         addManagedProfile(admin1, mServiceContext.binder.callingUid, admin1);
         final Set<String> packages = Sets.newSet("TEST_PACKAGE", "TEST_COMMON_PACKAGE");
         mContext.packageName = admin1.getPackageName();
@@ -6269,8 +6261,6 @@ public class DevicePolicyManagerTest extends DpmTestBase {
 
     public void testSetAccountTypesWithManagementDisabledOnOrgOwnedManagedProfile()
             throws Exception {
-        mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS);
-
         final int managedProfileUserId = 15;
         final int managedProfileAdminUid = UserHandle.getUid(managedProfileUserId, 19436);
author	Antoan Angelov <arangelov@google.com>	2021-02-02 19:46:24 +0000
committer	Antoan Angelov <arangelov@google.com>	2021-02-05 11:59:48 +0000
commit	c6bda518dae6ae473cc73d2487e4ac0e0838c6ad (patch)
tree	448019907f8688e23c62f6cdcc250d3850430db1
parent	10f79644fc7db512daa6dcf71685dc4f71f8f11b (diff)