diff options
13 files changed, 221 insertions, 218 deletions
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index 0a426eb80c54..8a7134e24cf8 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -279,7 +279,6 @@ import android.net.wifi.WifiManager; import android.os.Binder; import android.os.Build; import android.os.Bundle; -import android.os.Environment; import android.os.Handler; import android.os.IBinder; import android.os.Looper; @@ -679,6 +678,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { final Context mContext; final Injector mInjector; + final PolicyPathProvider mPathProvider; final IPackageManager mIPackageManager; final IPermissionManager mIPermissionManager; final UserManager mUserManager; @@ -890,7 +890,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } @GuardedBy("getLockObject()") - final SparseArray<DevicePolicyData> mUserData = new SparseArray<>(); + final SparseArray<DevicePolicyData> mUserData; @GuardedBy("getLockObject()") @@ -1365,7 +1365,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { public final Context mContext; - private @Nullable DevicePolicySafetyChecker mSafetyChecker; + @Nullable private DevicePolicySafetyChecker mSafetyChecker; Injector(Context context) { mContext = context; @@ -1384,12 +1384,6 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { return mContext.getResources(); } - Owners newOwners() { - return new Owners(getUserManager(), getUserManagerInternal(), - getPackageManagerInternal(), getActivityTaskManagerInternal(), - getActivityManagerInternal()); - } - UserManager getUserManager() { return UserManager.get(mContext); } @@ -1595,10 +1589,6 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { return UserHandle.getUserId(binderGetCallingUid()); } - File environmentGetUserSystemDirectory(int userId) { - return Environment.getUserSystemDirectory(userId); - } - void powerManagerGoToSleep(long time, int reason, int flags) { mContext.getSystemService(PowerManager.class).goToSleep(time, reason, flags); } @@ -1641,10 +1631,6 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { return UserManager.isHeadlessSystemUserMode(); } - String getDevicePolicyFilePathForSystemUser() { - return "/data/system/"; - } - @SuppressWarnings("AndroidFrameworkPendingIntentMutability") PendingIntent pendingIntentGetActivityAsUser(Context context, int requestCode, @NonNull Intent intent, int flags, Bundle options, UserHandle user) { @@ -1777,14 +1763,16 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { * Instantiates the service. */ public DevicePolicyManagerService(Context context) { - this(new Injector(context.createAttributionContext(ATTRIBUTION_TAG))); + this(new Injector( + context.createAttributionContext(ATTRIBUTION_TAG)), new PolicyPathProvider() {}); } @VisibleForTesting - DevicePolicyManagerService(Injector injector) { + DevicePolicyManagerService(Injector injector, PolicyPathProvider pathProvider) { DevicePolicyManager.disableLocalCaches(); mInjector = injector; + mPathProvider = pathProvider; mContext = Objects.requireNonNull(injector.mContext); mHandler = new Handler(Objects.requireNonNull(injector.getMyLooper())); @@ -1792,8 +1780,6 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { mConstantsObserver.register(); mConstants = loadConstants(); - mOwners = Objects.requireNonNull(injector.newOwners()); - mUserManager = Objects.requireNonNull(injector.getUserManager()); mUserManagerInternal = Objects.requireNonNull(injector.getUserManagerInternal()); mUsageStatsManagerInternal = Objects.requireNonNull( @@ -1831,12 +1817,23 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { // "Lite" interface is available even when the device doesn't have the feature LocalServices.addService(DevicePolicyManagerLiteInternal.class, mLocalService); + + // Policy version upgrade must not depend on either mOwners or mUserData, so they are + // initialized only after performing the upgrade. + if (mHasFeature) { + performPolicyVersionUpgrade(); + } + mUserData = new SparseArray<>(); + mOwners = makeOwners(injector, pathProvider); + if (!mHasFeature) { // Skip the rest of the initialization mSetupContentObserver = null; return; } + loadOwners(); + IntentFilter filter = new IntentFilter(); filter.addAction(Intent.ACTION_BOOT_COMPLETED); filter.addAction(ACTION_EXPIRED_PASSWORD_NOTIFICATION); @@ -1872,16 +1869,19 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { new RestrictionsListener(mContext, mUserManagerInternal, this)); mUserManagerInternal.addUserLifecycleListener(new UserLifecycleListener()); - loadOwners(); - - performPolicyVersionUpgrade(); - mDeviceManagementResourcesProvider.load(); // The binder caches are not enabled until the first invalidation. invalidateBinderCaches(); } + private Owners makeOwners(Injector injector, PolicyPathProvider pathProvider) { + return new Owners(injector.getUserManager(), injector.getUserManagerInternal(), + injector.getPackageManagerInternal(), + injector.getActivityTaskManagerInternal(), + injector.getActivityManagerInternal(), pathProvider); + } + /** * Invalidate the binder API caches. The invalidation itself does not require any * locking, but this specific call should be protected by getLockObject() to ensure @@ -1975,8 +1975,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { mUserData.remove(userHandle); } - File policyFile = new File(mInjector.environmentGetUserSystemDirectory(userHandle), - DEVICE_POLICIES_XML); + File policyFile = + new File(mPathProvider.getUserSystemDirectory(userHandle), DEVICE_POLICIES_XML); policyFile.delete(); Slogf.i(LOG_TAG, "Removed device policy file " + policyFile.getAbsolutePath()); } @@ -2879,8 +2879,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { private File getPolicyFileDirectory(@UserIdInt int userId) { return userId == UserHandle.USER_SYSTEM - ? new File(mInjector.getDevicePolicyFilePathForSystemUser()) - : mInjector.environmentGetUserSystemDirectory(userId); + ? mPathProvider.getDataSystemDirectory() + : mPathProvider.getUserSystemDirectory(userId); } private JournaledFile makeJournaledFile(@UserIdInt int userId, String fileName) { @@ -3087,14 +3087,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { updateUsbDataSignal(); } + // TODO(b/230841522) Make it static. private class DpmsUpgradeDataProvider implements PolicyUpgraderDataProvider { @Override - public boolean isDeviceOwner(int userId, ComponentName who) { - return mOwners.isDeviceOwnerUserId(userId) - && mOwners.getDeviceOwnerComponent().equals(who); - } - - @Override public boolean storageManagerIsFileBasedEncryptionEnabled() { return mInjector.storageManagerIsFileBasedEncryptionEnabled(); } @@ -3110,14 +3105,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } @Override - public ComponentName getOwnerComponent(int userId) { - return DevicePolicyManagerService.this.getOwnerComponent(userId); - } - - @Override public Function<ComponentName, DeviceAdminInfo> getAdminInfoSupplier(int userId) { - return component -> findAdmin(component, userId, /* throwForMissingPermission= */ - false); + return component -> + findAdmin(component, userId, /* throwForMissingPermission= */ false); } @Override @@ -3128,7 +3118,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } private void performPolicyVersionUpgrade() { - PolicyVersionUpgrader upgrader = new PolicyVersionUpgrader(new DpmsUpgradeDataProvider()); + PolicyVersionUpgrader upgrader = new PolicyVersionUpgrader( + new DpmsUpgradeDataProvider(), mPathProvider); upgrader.upgradePolicy(DPMS_VERSION); } @@ -16280,7 +16271,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { synchronized (getLockObject()) { final int callingUserId = caller.getUserId(); final File bundleFile = new File( - mInjector.environmentGetUserSystemDirectory(callingUserId), + mPathProvider.getUserSystemDirectory(callingUserId), TRANSFER_OWNERSHIP_PARAMETERS_XML); if (!bundleFile.exists()) { return null; @@ -16474,7 +16465,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { @VisibleForTesting void saveTransferOwnershipBundleLocked(PersistableBundle bundle, int userId) { final File parametersFile = new File( - mInjector.environmentGetUserSystemDirectory(userId), + mPathProvider.getUserSystemDirectory(userId), TRANSFER_OWNERSHIP_PARAMETERS_XML); final AtomicFile atomicFile = new AtomicFile(parametersFile); FileOutputStream stream = null; @@ -16496,7 +16487,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } void deleteTransferOwnershipBundleLocked(int userId) { - final File parametersFile = new File(mInjector.environmentGetUserSystemDirectory(userId), + final File parametersFile = new File(mPathProvider.getUserSystemDirectory(userId), TRANSFER_OWNERSHIP_PARAMETERS_XML); parametersFile.delete(); } diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/Owners.java b/services/devicepolicy/java/com/android/server/devicepolicy/Owners.java index 09d5c4a60c82..d1c6b3411b20 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/Owners.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/Owners.java @@ -42,7 +42,6 @@ import android.util.SparseIntArray; import com.android.internal.annotations.GuardedBy; import com.android.internal.annotations.VisibleForTesting; import com.android.server.LocalServices; -import com.android.server.devicepolicy.OwnersData.Injector; import com.android.server.devicepolicy.OwnersData.OwnerInfo; import com.android.server.pm.UserManagerInternal; import com.android.server.wm.ActivityTaskManagerInternal; @@ -78,28 +77,19 @@ class Owners { private boolean mSystemReady; - public Owners(UserManager userManager, - UserManagerInternal userManagerInternal, - PackageManagerInternal packageManagerInternal, - ActivityTaskManagerInternal activityTaskManagerInternal, - ActivityManagerInternal activityManagerInternal) { - this(userManager, userManagerInternal, packageManagerInternal, - activityTaskManagerInternal, activityManagerInternal, new Injector()); - } - @VisibleForTesting Owners(UserManager userManager, UserManagerInternal userManagerInternal, PackageManagerInternal packageManagerInternal, ActivityTaskManagerInternal activityTaskManagerInternal, ActivityManagerInternal activityManagerInternal, - Injector injector) { + PolicyPathProvider pathProvider) { mUserManager = userManager; mUserManagerInternal = userManagerInternal; mPackageManagerInternal = packageManagerInternal; mActivityTaskManagerInternal = activityTaskManagerInternal; mActivityManagerInternal = activityManagerInternal; - mData = new OwnersData(injector); + mData = new OwnersData(pathProvider); } /** diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/OwnersData.java b/services/devicepolicy/java/com/android/server/devicepolicy/OwnersData.java index 06a5b9ea2d17..4fe4f0d83f1a 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/OwnersData.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/OwnersData.java @@ -21,7 +21,6 @@ import android.annotation.Nullable; import android.app.admin.SystemUpdateInfo; import android.app.admin.SystemUpdatePolicy; import android.content.ComponentName; -import android.os.Environment; import android.os.UserHandle; import android.util.ArrayMap; import android.util.AtomicFile; @@ -106,10 +105,10 @@ class OwnersData { // Pending OTA info if there is one. @Nullable SystemUpdateInfo mSystemUpdateInfo; - private final Injector mInjector; + private final PolicyPathProvider mPathProvider; - OwnersData(Injector injector) { - mInjector = injector; + OwnersData(PolicyPathProvider pathProvider) { + mPathProvider = pathProvider; } void load(int[] allUsers) { @@ -127,18 +126,24 @@ class OwnersData { } } - void writeDeviceOwner() { + /** + * @return true upon success, false otherwise. + */ + boolean writeDeviceOwner() { if (DEBUG) { Log.d(TAG, "Writing to device owner file"); } - new DeviceOwnerReadWriter().writeToFileLocked(); + return new DeviceOwnerReadWriter().writeToFileLocked(); } - void writeProfileOwner(int userId) { + /** + * @return true upon success, false otherwise. + */ + boolean writeProfileOwner(int userId) { if (DEBUG) { Log.d(TAG, "Writing to profile owner file for user " + userId); } - new ProfileOwnerReadWriter(userId).writeToFileLocked(); + return new ProfileOwnerReadWriter(userId).writeToFileLocked(); } void dump(IndentingPrintWriter pw) { @@ -206,12 +211,12 @@ class OwnersData { @VisibleForTesting File getDeviceOwnerFile() { - return new File(mInjector.environmentGetDataSystemDirectory(), DEVICE_OWNER_XML); + return new File(mPathProvider.getDataSystemDirectory(), DEVICE_OWNER_XML); } @VisibleForTesting File getProfileOwnerFile(int userId) { - return new File(mInjector.environmentGetUserSystemDirectory(userId), PROFILE_OWNER_XML); + return new File(mPathProvider.getUserSystemDirectory(userId), PROFILE_OWNER_XML); } private abstract static class FileReadWriter { @@ -223,7 +228,7 @@ class OwnersData { abstract boolean shouldWrite(); - void writeToFileLocked() { + boolean writeToFileLocked() { if (!shouldWrite()) { if (DEBUG) { Log.d(TAG, "No need to write to " + mFile); @@ -237,7 +242,7 @@ class OwnersData { Slog.e(TAG, "Failed to remove " + mFile.getPath()); } } - return; + return true; } if (DEBUG) { Log.d(TAG, "Writing to " + mFile); @@ -270,7 +275,9 @@ class OwnersData { if (outputStream != null) { f.failWrite(outputStream); } + return false; } + return true; } void readFromFileLocked() { @@ -569,15 +576,4 @@ class OwnersData { pw.println("isOrganizationOwnedDevice=" + isOrganizationOwnedDevice); } } - - @VisibleForTesting - static class Injector { - File environmentGetDataSystemDirectory() { - return Environment.getDataSystemDirectory(); - } - - File environmentGetUserSystemDirectory(int userId) { - return Environment.getUserSystemDirectory(userId); - } - } } diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/PolicyPathProvider.java b/services/devicepolicy/java/com/android/server/devicepolicy/PolicyPathProvider.java new file mode 100644 index 000000000000..96cc0e5323ef --- /dev/null +++ b/services/devicepolicy/java/com/android/server/devicepolicy/PolicyPathProvider.java @@ -0,0 +1,42 @@ +/* + * Copyright (C) 2022 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.android.server.devicepolicy; + +import android.os.Environment; + +import java.io.File; + +/** + * Interface providing directories for various DPMS files. + */ +public interface PolicyPathProvider { + /** + * Returns policy data directory for system user, typically /data/system + * Used for SYSTEM_USER policies, device owner file and policy version file. + */ + default File getDataSystemDirectory() { + return Environment.getDataSystemDirectory(); + } + + /** + * Returns policy data directory for a given user, typically /data/system/users/$userId + * Used for non-system user policies and profile owner files. + */ + default File getUserSystemDirectory(int userId) { + return Environment.getUserSystemDirectory(userId); + } +} diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/PolicyUpgraderDataProvider.java b/services/devicepolicy/java/com/android/server/devicepolicy/PolicyUpgraderDataProvider.java index 19a7659f4d60..7b7a454fc945 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/PolicyUpgraderDataProvider.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/PolicyUpgraderDataProvider.java @@ -16,7 +16,6 @@ package com.android.server.devicepolicy; -import android.annotation.Nullable; import android.app.admin.DeviceAdminInfo; import android.content.ComponentName; @@ -30,12 +29,6 @@ import java.util.function.Function; */ public interface PolicyUpgraderDataProvider { /** - * Returns true if the provided {@code userId} is a device owner. May affect some policy - * defaults. - */ - boolean isDeviceOwner(int userId, ComponentName who); - - /** * Returns true if the storage manager indicates file-based encryption is enabled. */ boolean storageManagerIsFileBasedEncryptionEnabled(); @@ -51,11 +44,6 @@ public interface PolicyUpgraderDataProvider { JournaledFile makePoliciesVersionJournaledFile(int userId); /** - * Returns the {@code ComponentName} of the owner component for a user. - */ - @Nullable ComponentName getOwnerComponent(int userId); - - /** * Returns a function which provides the component name and device admin info for a given * user. */ diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/PolicyVersionUpgrader.java b/services/devicepolicy/java/com/android/server/devicepolicy/PolicyVersionUpgrader.java index f0ceb311cd8b..7556d690f6fd 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/PolicyVersionUpgrader.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/PolicyVersionUpgrader.java @@ -16,10 +16,12 @@ package com.android.server.devicepolicy; +import android.content.ComponentName; import android.os.UserHandle; import android.util.Slog; import android.util.SparseArray; +import com.android.internal.annotations.VisibleForTesting; import com.android.internal.util.JournaledFile; import java.io.File; @@ -50,16 +52,16 @@ public class PolicyVersionUpgrader { private static final String LOG_TAG = "DevicePolicyManager"; private static final boolean VERBOSE_LOG = DevicePolicyManagerService.VERBOSE_LOG; private final PolicyUpgraderDataProvider mProvider; + private final PolicyPathProvider mPathProvider; - public PolicyVersionUpgrader(PolicyUpgraderDataProvider provider) { + @VisibleForTesting + PolicyVersionUpgrader(PolicyUpgraderDataProvider provider, PolicyPathProvider pathProvider) { mProvider = provider; + mPathProvider = pathProvider; } - /** * Performs the upgrade steps for all users on the system. * - * @param allUsers List of all user IDs on the system, including disabled users, as well as - * managed profile user IDs. * @param dpmsVersion The version to upgrade to. */ public void upgradePolicy(int dpmsVersion) { @@ -71,11 +73,13 @@ public class PolicyVersionUpgrader { } final int[] allUsers = mProvider.getUsersForUpgrade(); + final OwnersData ownersData = loadOwners(allUsers); - //NOTE: The current version is provided in case the XML file format changes in a + // NOTE: The current version is provided in case the XML file format changes in a // non-backwards-compatible way, so that DeviceAdminData could load it with // old tags, for example. - final SparseArray<DevicePolicyData> allUsersData = loadAllUsersData(allUsers, oldVersion); + final SparseArray<DevicePolicyData> allUsersData = + loadAllUsersData(allUsers, oldVersion, ownersData); int currentVersion = oldVersion; if (currentVersion == 0) { @@ -96,7 +100,9 @@ public class PolicyVersionUpgrader { continue; } for (ActiveAdmin admin : userData.mAdminList) { - if (mProvider.isDeviceOwner(userId, admin.info.getComponent())) { + if (ownersData.mDeviceOwnerUserId == userId + && ownersData.mDeviceOwner != null + && ownersData.mDeviceOwner.admin.equals(admin.info.getComponent())) { Slog.i(LOG_TAG, String.format( "Marking Device Owner in user %d for permission grant ", userId)); admin.mAdminCanGrantSensorsPermissions = true; @@ -106,15 +112,26 @@ public class PolicyVersionUpgrader { currentVersion = 2; } - writePoliciesAndVersion(allUsers, allUsersData, currentVersion); + writePoliciesAndVersion(allUsers, allUsersData, ownersData, currentVersion); + } + + private OwnersData loadOwners(int[] allUsers) { + OwnersData ownersData = new OwnersData(mPathProvider); + ownersData.load(allUsers); + return ownersData; } private void writePoliciesAndVersion(int[] allUsers, SparseArray<DevicePolicyData> allUsersData, - int currentVersion) { + OwnersData ownersData, int currentVersion) { boolean allWritesSuccessful = true; for (int user : allUsers) { - allWritesSuccessful = allWritesSuccessful && writeDataForUser(user, - allUsersData.get(user)); + allWritesSuccessful = + allWritesSuccessful && writeDataForUser(user, allUsersData.get(user)); + } + + allWritesSuccessful = allWritesSuccessful && ownersData.writeDeviceOwner(); + for (int user : allUsers) { + allWritesSuccessful = allWritesSuccessful && ownersData.writeProfileOwner(user); } if (allWritesSuccessful) { @@ -125,21 +142,29 @@ public class PolicyVersionUpgrader { } } - private SparseArray<DevicePolicyData> loadAllUsersData(int[] allUsers, int loadVersion) { + private SparseArray<DevicePolicyData> loadAllUsersData(int[] allUsers, int loadVersion, + OwnersData ownersData) { final SparseArray<DevicePolicyData> allUsersData = new SparseArray<>(); for (int user: allUsers) { - allUsersData.append(user, loadDataForUser(user, loadVersion)); + ComponentName owner = null; + if (ownersData.mDeviceOwnerUserId == user && ownersData.mDeviceOwner != null) { + owner = ownersData.mDeviceOwner.admin; + } else if (ownersData.mProfileOwners.containsKey(user)) { + owner = ownersData.mProfileOwners.get(user).admin; + } + allUsersData.append(user, loadDataForUser(user, loadVersion, owner)); } return allUsersData; } - private DevicePolicyData loadDataForUser(int userId, int loadVersion) { + private DevicePolicyData loadDataForUser( + int userId, int loadVersion, ComponentName ownerComponent) { DevicePolicyData policy = new DevicePolicyData(userId); DevicePolicyData.load(policy, !mProvider.storageManagerIsFileBasedEncryptionEnabled(), mProvider.makeDevicePoliciesJournaledFile(userId), mProvider.getAdminInfoSupplier(userId), - mProvider.getOwnerComponent(userId)); + ownerComponent); return policy; } diff --git a/services/tests/servicestests/assets/PolicyVersionUpgraderTest/device_owner_2.xml b/services/tests/servicestests/assets/PolicyVersionUpgraderTest/device_owner_2.xml new file mode 100644 index 000000000000..fb0b02e038fe --- /dev/null +++ b/services/tests/servicestests/assets/PolicyVersionUpgraderTest/device_owner_2.xml @@ -0,0 +1,6 @@ +<?xml version='1.0' encoding='UTF-8' standalone='yes' ?> +<root> + <device-owner name="" component="com.android.frameworks.servicestests/com.android.server.devicepolicy.DummyDeviceAdmins$Admin1" isPoOrganizationOwnedDevice="true" /> + <!-- userId is substituted by the test --> + <device-owner-context userId="0" /> +</root>
\ No newline at end of file diff --git a/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceMigrationTest.java b/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceMigrationTest.java index 8bb619f1976a..673b696a2f99 100644 --- a/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceMigrationTest.java +++ b/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceMigrationTest.java @@ -289,12 +289,11 @@ public class DevicePolicyManagerServiceMigrationTest extends DpmTestBase { private void prepareAdmin1AsDo() throws Exception { setUpPackageManagerForAdmin(admin1, UserHandle.getUid(USER_SYSTEM, COPE_ADMIN1_APP_ID)); final int xmlResource = R.raw.comp_policies_primary; + File dataSystemDirectory = getServices().pathProvider.getDataSystemDirectory(); writeInputStreamToFile(getRawStream(xmlResource), - (new File(getServices().systemUserDataDir, "device_policies.xml")) - .getAbsoluteFile()); + (new File(dataSystemDirectory, "device_policies.xml")).getAbsoluteFile()); writeInputStreamToFile(getRawStream(R.raw.comp_device_owner), - (new File(getServices().dataDir, "device_owner_2.xml")) - .getAbsoluteFile()); + (new File(dataSystemDirectory, "device_owner_2.xml")).getAbsoluteFile()); } private void prepareAdmin1AsPo(int profileUserId, int targetSdk) throws Exception { diff --git a/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceTestable.java b/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceTestable.java index bacef472bf99..c771998de862 100644 --- a/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceTestable.java +++ b/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceTestable.java @@ -55,8 +55,8 @@ import com.android.server.LocalServices; import com.android.server.PersistentDataBlockManagerInternal; import com.android.server.net.NetworkPolicyManagerInternal; import com.android.server.pm.UserManagerInternal; +import com.android.server.wm.ActivityTaskManagerInternal; -import java.io.File; import java.io.IOException; import java.util.Map; @@ -64,45 +64,16 @@ import java.util.Map; * Overrides {@link #DevicePolicyManagerService} for dependency injection. */ public class DevicePolicyManagerServiceTestable extends DevicePolicyManagerService { - /** - * Overrides {@link #Owners} for dependency injection. - */ - public static class OwnersTestable extends Owners { - - public OwnersTestable(MockSystemServices services) { - super(services.userManager, services.userManagerInternal, - services.packageManagerInternal, services.activityTaskManagerInternal, - services.activityManagerInternal, new MockInjector(services)); - } - - static class MockInjector extends OwnersData.Injector { - private final MockSystemServices mServices; - - private MockInjector(MockSystemServices services) { - mServices = services; - } - - @Override - File environmentGetDataSystemDirectory() { - return mServices.dataDir; - } - - @Override - File environmentGetUserSystemDirectory(int userId) { - return mServices.environment.getUserSystemDirectory(userId); - } - } - } - public final DpmMockContext context; - protected final MockInjector mMockInjector; + public final MockInjector mMockInjector; public DevicePolicyManagerServiceTestable(MockSystemServices services, DpmMockContext context) { - this(new MockInjector(services, context)); + this(new MockInjector(services, context), services.pathProvider); } - private DevicePolicyManagerServiceTestable(MockInjector injector) { - super(unregisterLocalServices(injector)); + private DevicePolicyManagerServiceTestable( + MockInjector injector, PolicyPathProvider pathProvider) { + super(unregisterLocalServices(injector), pathProvider); mMockInjector = injector; this.context = injector.context; } @@ -151,11 +122,6 @@ public class DevicePolicyManagerServiceTestable extends DevicePolicyManagerServi } @Override - Owners newOwners() { - return new OwnersTestable(services); - } - - @Override UserManager getUserManager() { return services.userManager; } @@ -216,6 +182,11 @@ public class DevicePolicyManagerServiceTestable extends DevicePolicyManagerServi } @Override + ActivityTaskManagerInternal getActivityTaskManagerInternal() { + return services.activityTaskManagerInternal; + } + + @Override IPackageManager getIPackageManager() { return services.ipackageManager; } @@ -269,11 +240,6 @@ public class DevicePolicyManagerServiceTestable extends DevicePolicyManagerServi } @Override - String getDevicePolicyFilePathForSystemUser() { - return services.systemUserDataDir.getAbsolutePath() + "/"; - } - - @Override long binderClearCallingIdentity() { return context.binder.clearCallingIdentity(); } @@ -309,11 +275,6 @@ public class DevicePolicyManagerServiceTestable extends DevicePolicyManagerServi } @Override - File environmentGetUserSystemDirectory(int userId) { - return services.environment.getUserSystemDirectory(userId); - } - - @Override void powerManagerGoToSleep(long time, int reason, int flags) { services.powerManager.goToSleep(time, reason, flags); } diff --git a/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java b/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java index 545361c934d2..0fc201eae3d4 100644 --- a/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java +++ b/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java @@ -8613,8 +8613,7 @@ public class DevicePolicyManagerTest extends DpmTestBase { } private File getProfileOwnerPoliciesFile() { - File parentDir = dpms.mMockInjector.environmentGetUserSystemDirectory( - CALLER_USER_HANDLE); + File parentDir = getServices().pathProvider.getUserSystemDirectory(CALLER_USER_HANDLE); return getPoliciesFile(parentDir); } diff --git a/services/tests/servicestests/src/com/android/server/devicepolicy/MockSystemServices.java b/services/tests/servicestests/src/com/android/server/devicepolicy/MockSystemServices.java index 884ffce155d7..46cc68ffb914 100644 --- a/services/tests/servicestests/src/com/android/server/devicepolicy/MockSystemServices.java +++ b/services/tests/servicestests/src/com/android/server/devicepolicy/MockSystemServices.java @@ -137,6 +137,7 @@ public class MockSystemServices { public final PackageManager packageManager; public final BuildMock buildMock = new BuildMock(); public final File dataDir; + public final PolicyPathProvider pathProvider; public MockSystemServices(Context realContext, String name) { dataDir = new File(realContext.getCacheDir(), name); @@ -217,6 +218,17 @@ public class MockSystemServices { // System user is always running. setUserRunning(UserHandle.USER_SYSTEM, true); + pathProvider = new PolicyPathProvider() { + @Override + public File getDataSystemDirectory() { + return new File(systemUserDataDir.getAbsolutePath()); + } + + @Override + public File getUserSystemDirectory(int userId) { + return environment.getUserSystemDirectory(userId); + } + }; } /** Optional mapping of other user contexts for {@link #createPackageContextAsUser} to return */ diff --git a/services/tests/servicestests/src/com/android/server/devicepolicy/OwnersTest.java b/services/tests/servicestests/src/com/android/server/devicepolicy/OwnersTest.java index 37ba8a42da86..f535fdac6cf6 100644 --- a/services/tests/servicestests/src/com/android/server/devicepolicy/OwnersTest.java +++ b/services/tests/servicestests/src/com/android/server/devicepolicy/OwnersTest.java @@ -28,8 +28,6 @@ import android.test.suitebuilder.annotation.SmallTest; import androidx.test.runner.AndroidJUnit4; -import com.android.server.devicepolicy.DevicePolicyManagerServiceTestable.OwnersTestable; - import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; @@ -58,7 +56,7 @@ public class OwnersTest extends DpmTestBase { public void loadProfileOwner() throws Exception { getServices().addUsers(10); - final OwnersTestable owners = new OwnersTestable(getServices()); + final Owners owners = makeOwners(); DpmTestUtils.writeToFile(owners.getProfileOwnerFile(10), DpmTestUtils.readAsset(mRealTestContext, "OwnersTest/profile_owner_1.xml")); @@ -76,7 +74,7 @@ public class OwnersTest extends DpmTestBase { @Test public void loadDeviceOwner() throws Exception { - final OwnersTestable owners = new OwnersTestable(getServices()); + final Owners owners = makeOwners(); DpmTestUtils.writeToFile(owners.getDeviceOwnerFile(), DpmTestUtils.readAsset(mRealTestContext, "OwnersTest/device_owner_1.xml")); @@ -95,7 +93,7 @@ public class OwnersTest extends DpmTestBase { @Test public void testDeviceOwnerType() throws Exception { - final OwnersTestable owners = new OwnersTestable(getServices()); + final Owners owners = makeOwners(); DpmTestUtils.writeToFile(owners.getDeviceOwnerFile(), DpmTestUtils.readAsset(mRealTestContext, "OwnersTest/device_owner_1.xml")); @@ -117,4 +115,11 @@ public class OwnersTest extends DpmTestBase { assertThat(owners.getDeviceOwnerType(TESTDPC_PACKAGE)) .isEqualTo(DEVICE_OWNER_TYPE_FINANCED); } + + private Owners makeOwners() { + final MockSystemServices services = getServices(); + return new Owners(services.userManager, services.userManagerInternal, + services.packageManagerInternal, services.activityTaskManagerInternal, + services.activityManagerInternal, services.pathProvider); + } } diff --git a/services/tests/servicestests/src/com/android/server/devicepolicy/PolicyVersionUpgraderTest.java b/services/tests/servicestests/src/com/android/server/devicepolicy/PolicyVersionUpgraderTest.java index 834a514b978a..9efc10cb55ec 100644 --- a/services/tests/servicestests/src/com/android/server/devicepolicy/PolicyVersionUpgraderTest.java +++ b/services/tests/servicestests/src/com/android/server/devicepolicy/PolicyVersionUpgraderTest.java @@ -16,10 +16,12 @@ package com.android.server.devicepolicy; -import static android.os.UserHandle.USER_SYSTEM; +import static android.content.pm.UserInfo.FLAG_PRIMARY; +import static android.os.UserManager.USER_TYPE_FULL_SYSTEM; +import static android.os.UserManager.USER_TYPE_PROFILE_MANAGED; +import static com.android.server.devicepolicy.DevicePolicyManagerService.DEVICE_POLICIES_XML; import static com.android.server.devicepolicy.DevicePolicyManagerService.POLICIES_VERSION_XML; -import static com.android.server.devicepolicy.DpmTestUtils.writeInputStreamToFile; import static com.google.common.truth.Truth.assertThat; @@ -36,7 +38,6 @@ import android.util.Xml; import androidx.test.InstrumentationRegistry; -import com.android.frameworks.servicestests.R; import com.android.internal.util.JournaledFile; import com.android.server.SystemService; @@ -51,7 +52,6 @@ import org.xmlpull.v1.XmlPullParserException; import java.io.File; import java.io.FileInputStream; -import java.io.FileReader; import java.io.IOException; import java.io.InputStream; import java.nio.charset.Charset; @@ -67,30 +67,18 @@ public class PolicyVersionUpgraderTest extends DpmTestBase { public static final String PERMISSIONS_TAG = "admin-can-grant-sensors-permissions"; private ComponentName mFakeAdmin; - private static class FakePolicyUpgraderDataProvider implements PolicyUpgraderDataProvider { - int mDeviceOwnerUserId; - ComponentName mDeviceOwnerComponent = new ComponentName("", ""); + private class FakePolicyUpgraderDataProvider implements PolicyUpgraderDataProvider { boolean mIsFileBasedEncryptionEnabled; - Map<Integer, ComponentName> mUserToComponent = new HashMap<>(); Map<ComponentName, DeviceAdminInfo> mComponentToDeviceAdminInfo = new HashMap<>(); - File mDataDir; int[] mUsers; @Override - public boolean isDeviceOwner(int userId, ComponentName who) { - return userId == mDeviceOwnerUserId && mDeviceOwnerComponent.equals(who); - } - - @Override public boolean storageManagerIsFileBasedEncryptionEnabled() { return mIsFileBasedEncryptionEnabled; } private JournaledFile makeJournaledFile(int userId, String fileName) { - File parentDir = new File(mDataDir, String.format("user%d", userId)); - if (!parentDir.exists()) { - parentDir.mkdirs(); - } + File parentDir = getServices().environment.getUserSystemDirectory(userId); final String base = new File(parentDir, fileName).getAbsolutePath(); return new JournaledFile(new File(base), new File(base + ".tmp")); @@ -98,17 +86,12 @@ public class PolicyVersionUpgraderTest extends DpmTestBase { @Override public JournaledFile makeDevicePoliciesJournaledFile(int userId) { - return makeJournaledFile(userId, DevicePolicyManagerService.DEVICE_POLICIES_XML); + return makeJournaledFile(userId, DEVICE_POLICIES_XML); } @Override public JournaledFile makePoliciesVersionJournaledFile(int userId) { - return makeJournaledFile(userId, DevicePolicyManagerService.POLICIES_VERSION_XML); - } - - @Override - public ComponentName getOwnerComponent(int userId) { - return mUserToComponent.get(userId); + return makeJournaledFile(userId, POLICIES_VERSION_XML); } @Override @@ -125,7 +108,6 @@ public class PolicyVersionUpgraderTest extends DpmTestBase { private final Context mRealTestContext = InstrumentationRegistry.getTargetContext(); private FakePolicyUpgraderDataProvider mProvider; private PolicyVersionUpgrader mUpgrader; - private File mDataDir; @Before public void setUp() { @@ -134,11 +116,7 @@ public class PolicyVersionUpgraderTest extends DpmTestBase { IpcDataCache.disableForTestMode(); mProvider = new FakePolicyUpgraderDataProvider(); - mUpgrader = new PolicyVersionUpgrader(mProvider); - mDataDir = new File(mRealTestContext.getCacheDir(), "test-data"); - mDataDir.getParentFile().mkdirs(); - // Prepare provider. - mProvider.mDataDir = mDataDir; + mUpgrader = new PolicyVersionUpgrader(mProvider, getServices().pathProvider); mFakeAdmin = new ComponentName( "com.android.frameworks.servicestests", "com.android.server.devicepolicy.DummyDeviceAdmins$Admin1"); @@ -165,6 +143,7 @@ public class PolicyVersionUpgraderTest extends DpmTestBase { public void testUpgrade0To1RemovesPasswordMetrics() throws IOException, XmlPullParserException { final String activePasswordTag = "active-password"; mProvider.mUsers = new int[] {0, 10}; + getServices().addUser(10, /* flags= */ 0, USER_TYPE_PROFILE_MANAGED); writeVersionToXml(0); for (int userId : mProvider.mUsers) { preparePoliciesFile(userId); @@ -185,13 +164,12 @@ public class PolicyVersionUpgraderTest extends DpmTestBase { throws IOException, XmlPullParserException { final int ownerUser = 10; mProvider.mUsers = new int[] {0, ownerUser}; + getServices().addUser(ownerUser, FLAG_PRIMARY, USER_TYPE_FULL_SYSTEM); writeVersionToXml(1); for (int userId : mProvider.mUsers) { preparePoliciesFile(userId); } - mProvider.mDeviceOwnerUserId = ownerUser; - mProvider.mDeviceOwnerComponent = mFakeAdmin; - mProvider.mUserToComponent.put(ownerUser, mFakeAdmin); + prepareDeviceOwnerFile(ownerUser); mUpgrader.upgradePolicy(2); @@ -204,19 +182,12 @@ public class PolicyVersionUpgraderTest extends DpmTestBase { @Test public void testNoStaleDataInCacheAfterUpgrade() throws Exception { - setUpPackageManagerForAdmin(admin1, UserHandle.getUid(USER_SYSTEM, 123 /* admin app ID */)); - // Reusing COPE migration policy files there, only DO on user 0 is needed. - writeInputStreamToFile(getRawStream(R.raw.comp_policies_primary), - new File(getServices().systemUserDataDir, "device_policies.xml") - .getAbsoluteFile()); - writeInputStreamToFile(getRawStream(R.raw.comp_device_owner), - new File(getServices().dataDir, "device_owner_2.xml") - .getAbsoluteFile()); - - // Write policy version 0 - File versionFilePath = - new File(getServices().systemUserDataDir, POLICIES_VERSION_XML).getAbsoluteFile(); - DpmTestUtils.writeToFile(versionFilePath, "0\n"); + final int ownerUser = 0; + getServices().addUser(ownerUser, FLAG_PRIMARY, USER_TYPE_FULL_SYSTEM); + setUpPackageManagerForAdmin(admin1, UserHandle.getUid(ownerUser, 123 /* admin app ID */)); + writeVersionToXml(0); + preparePoliciesFile(ownerUser); + prepareDeviceOwnerFile(ownerUser); DevicePolicyManagerServiceTestable dpms; final long ident = getContext().binder.clearCallingIdentity(); @@ -233,7 +204,7 @@ public class PolicyVersionUpgraderTest extends DpmTestBase { // DO should be marked as able to grant sensors permission during upgrade and should be // reported as such via the API. - assertThat(dpms.canAdminGrantSensorsPermissionsForUser(/* userId= */0)).isTrue(); + assertThat(dpms.canAdminGrantSensorsPermissionsForUser(ownerUser)).isTrue(); } @Test @@ -264,9 +235,27 @@ public class PolicyVersionUpgraderTest extends DpmTestBase { policiesFile.commit(); } + private void prepareDeviceOwnerFile(int userId) throws IOException { + File parentDir = getServices().pathProvider.getDataSystemDirectory(); + File doFilePath = (new File(parentDir, "device_owner_2.xml")).getAbsoluteFile(); + android.util.Log.i("YYYYYY", "DO paath: " + doFilePath); + String doFileContent = DpmTestUtils.readAsset(mRealTestContext, + "PolicyVersionUpgraderTest/device_owner_2.xml") + // Substitute the right DO userId, XML in resources has 0 + .replace("userId=\"0\"", "userId=\"" + userId + "\""); + DpmTestUtils.writeToFile(doFilePath, doFileContent); + } + + private void prepareProfileOwnerFile(int userId) throws IOException { + File parentDir = getServices().pathProvider.getUserSystemDirectory(userId); + DpmTestUtils.writeToFile( + (new File(parentDir, "profile_owner.xml")).getAbsoluteFile(), + DpmTestUtils.readAsset(mRealTestContext, + "PolicyVersionUpgraderTest/profile_owner.xml")); + } + private String readPoliciesFile(int userId) throws IOException { File policiesFile = mProvider.makeDevicePoliciesJournaledFile(userId).chooseForRead(); - FileReader reader = new FileReader(policiesFile); return new String(Files.asByteSource(policiesFile).read(), Charset.defaultCharset()); } |