summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
author TreeHugger Robot <treehugger-gerrit@google.com> 2021-01-14 11:42:37 +0000
committer Android (Google) Code Review <android-gerrit@google.com> 2021-01-14 11:42:37 +0000
commitd03ee56a05a316a8a4b96901f0eb418b64697308 (patch)
tree774689b221ef7c71632e215e4672d2b075be1141
parent76f6a644f24f2d1320968d7f7a7c2caefb261256 (diff)
parenta1485a6980cfdbe17be2c640d9754a47f893a387 (diff)
Merge "ESID access for Delegated Cert Installer"
Diffstat
-rw-r--r--core/java/android/app/admin/DevicePolicyManager.java2
-rw-r--r--core/java/android/app/admin/IDevicePolicyManager.aidl2
-rw-r--r--services/devicepolicy/java/com/android/server/devicepolicy/BaseIDevicePolicyManager.java2
-rw-r--r--services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java7
4 files changed, 7 insertions, 6 deletions
diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java
index f6d18109a7d9..ecb96e120e47 100644
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -12875,7 +12875,7 @@ public class DevicePolicyManager {
}
try {
- return mService.getEnrollmentSpecificId();
+ return mService.getEnrollmentSpecificId(mContext.getPackageName());
} catch (RemoteException re) {
throw re.rethrowFromSystemServer();
}
diff --git a/core/java/android/app/admin/IDevicePolicyManager.aidl b/core/java/android/app/admin/IDevicePolicyManager.aidl
index aaa5f7ce4cb0..e855a1cb71ef 100644
--- a/core/java/android/app/admin/IDevicePolicyManager.aidl
+++ b/core/java/android/app/admin/IDevicePolicyManager.aidl
@@ -491,6 +491,6 @@ interface IDevicePolicyManager {
void setNextOperationSafety(int operation, boolean safe);
- String getEnrollmentSpecificId();
+ String getEnrollmentSpecificId(String callerPackage);
void setOrganizationIdForUser(in String callerPackage, in String enterpriseId, int userId);
}
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/BaseIDevicePolicyManager.java b/services/devicepolicy/java/com/android/server/devicepolicy/BaseIDevicePolicyManager.java
index 8b7f83f4edb5..55ba6c902e47 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/BaseIDevicePolicyManager.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/BaseIDevicePolicyManager.java
@@ -109,7 +109,7 @@ abstract class BaseIDevicePolicyManager extends IDevicePolicyManager.Stub {
return false;
}
- public String getEnrollmentSpecificId() {
+ public String getEnrollmentSpecificId(String callerPackage) {
return "";
}
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 422704fad876..0f1fab509728 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -15699,14 +15699,15 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
}
@Override
- public String getEnrollmentSpecificId() {
+ public String getEnrollmentSpecificId(String callerPackage) {
if (!mHasFeature) {
return "";
}
- final CallerIdentity caller = getCallerIdentity();
+ final CallerIdentity caller = getCallerIdentity(callerPackage);
Preconditions.checkCallAuthorization(
- isDeviceOwner(caller) || isProfileOwner(caller));
+ isDeviceOwner(caller) || isProfileOwner(caller)
+ || isCallerDelegate(caller, DELEGATION_CERT_INSTALL));
synchronized (getLockObject()) {
final ActiveAdmin requiredAdmin = getDeviceOrProfileOwnerAdminLocked(
generated by cgit v1.2.3-59-g8ed1b (git 2.39.0) at 2025-12-06 14:18:34 +0000