summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
author Rubin Xu <rubinxu@google.com> 2025-01-03 20:26:28 +0000
committer Rubin Xu <rubinxu@google.com> 2025-01-03 20:26:28 +0000
commitedab0461fd458d810550dcf69df919d241e5eb93 (patch)
tree71de7ab2067dbd799104bb923ba4b93c1c417eb3
parent8bd6ab3a84e4db6cdb8429759be8c57a11ea9a80 (diff)
Fix DPM.getScreenCaptureDisabled on parent user
Bug: 265431659 Test: ScreenCaptureDisabledTest Flag: EXEMPT bugfix Change-Id: I522e00ce48d5e80f7237e990b7cb2ee3fe4c4111
Diffstat
-rw-r--r--services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java8
1 files changed, 6 insertions, 2 deletions
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 2627895b8c63..e9eafd3c32ae 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -8909,11 +8909,15 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
if (parent) {
Preconditions.checkCallAuthorization(
- isProfileOwnerOfOrganizationOwnedDevice(getCallerIdentity().getUserId()));
+ isProfileOwnerOfOrganizationOwnedDevice(caller.getUserId()));
+ // If a DPC is querying on the parent instance, make sure it's only querying the parent
+ // user of itself. Querying any other user is not allowed.
+ Preconditions.checkArgument(caller.getUserId() == userHandle);
}
+ int affectedUserId = parent ? getProfileParentId(userHandle) : userHandle;
Boolean disallowed = mDevicePolicyEngine.getResolvedPolicy(
PolicyDefinition.SCREEN_CAPTURE_DISABLED,
- userHandle);
+ affectedUserId);
return disallowed != null && disallowed;
}
generated by cgit v1.2.3-59-g8ed1b (git 2.39.0) at 2025-11-01 21:17:15 +0000