diff options
4 files changed, 42 insertions, 22 deletions
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index 1590ef1c4cb9..6e63454385c5 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -2969,7 +2969,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { private class DpmsUpgradeDataProvider implements PolicyUpgraderDataProvider { @Override - public boolean isUserDeviceOwner(int userId, ComponentName who) { + public boolean isDeviceOwner(int userId, ComponentName who) { return mOwners.isDeviceOwnerUserId(userId) && mOwners.getDeviceOwnerComponent().equals(who); } @@ -2999,14 +2999,19 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { return component -> findAdmin(component, userId, /* throwForMissingPermission= */ false); } + + @Override + public int[] getUsersForUpgrade() { + List<UserInfo> allUsers = mUserManager.getUsers(); + return allUsers.stream().mapToInt(u -> u.id).toArray(); + } } private void performPolicyVersionUpgrade() { - List<UserInfo> allUsers = mUserManager.getUsers(); PolicyVersionUpgrader upgrader = new PolicyVersionUpgrader( new DpmsUpgradeDataProvider()); - upgrader.upgradePolicy(allUsers.stream().mapToInt(u -> u.id).toArray(), DPMS_VERSION); + upgrader.upgradePolicy(DPMS_VERSION); } private void revertTransferOwnershipIfNecessaryLocked() { diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/PolicyUpgraderDataProvider.java b/services/devicepolicy/java/com/android/server/devicepolicy/PolicyUpgraderDataProvider.java index c20d0f5f5f5f..19a7659f4d60 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/PolicyUpgraderDataProvider.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/PolicyUpgraderDataProvider.java @@ -33,7 +33,7 @@ public interface PolicyUpgraderDataProvider { * Returns true if the provided {@code userId} is a device owner. May affect some policy * defaults. */ - boolean isUserDeviceOwner(int userId, ComponentName who); + boolean isDeviceOwner(int userId, ComponentName who); /** * Returns true if the storage manager indicates file-based encryption is enabled. @@ -60,4 +60,9 @@ public interface PolicyUpgraderDataProvider { * user. */ Function<ComponentName, DeviceAdminInfo> getAdminInfoSupplier(int userId); + + /** + * Returns the users to upgrade. + */ + int[] getUsersForUpgrade(); } diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/PolicyVersionUpgrader.java b/services/devicepolicy/java/com/android/server/devicepolicy/PolicyVersionUpgrader.java index 2ab4b66a6831..6bc7ba6499ac 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/PolicyVersionUpgrader.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/PolicyVersionUpgrader.java @@ -62,7 +62,7 @@ public class PolicyVersionUpgrader { * managed profile user IDs. * @param dpmsVersion The version to upgrade to. */ - public void upgradePolicy(int[] allUsers, int dpmsVersion) { + public void upgradePolicy(int dpmsVersion) { int oldVersion = readVersion(); if (oldVersion >= dpmsVersion) { Slog.i(LOG_TAG, String.format("Current version %d, latest version %d, not upgrading.", @@ -70,6 +70,8 @@ public class PolicyVersionUpgrader { return; } + final int[] allUsers = mProvider.getUsersForUpgrade(); + //NOTE: The current version is provided in case the XML file format changes in a // non-backwards-compatible way, so that DeviceAdminData could load it with // old tags, for example. @@ -94,7 +96,7 @@ public class PolicyVersionUpgrader { continue; } for (ActiveAdmin admin : userData.mAdminList) { - if (mProvider.isUserDeviceOwner(userId, admin.info.getComponent())) { + if (mProvider.isDeviceOwner(userId, admin.info.getComponent())) { Slog.i(LOG_TAG, String.format( "Marking Device Owner in user %d for permission grant ", userId)); admin.mAdminCanGrantSensorsPermissions = true; diff --git a/services/tests/servicestests/src/com/android/server/devicepolicy/PolicyVersionUpgraderTest.java b/services/tests/servicestests/src/com/android/server/devicepolicy/PolicyVersionUpgraderTest.java index 2fe47d3ff184..2fe2f40f34be 100644 --- a/services/tests/servicestests/src/com/android/server/devicepolicy/PolicyVersionUpgraderTest.java +++ b/services/tests/servicestests/src/com/android/server/devicepolicy/PolicyVersionUpgraderTest.java @@ -65,9 +65,10 @@ public class PolicyVersionUpgraderTest { Map<Integer, ComponentName> mUserToComponent = new HashMap<>(); Map<ComponentName, DeviceAdminInfo> mComponentToDeviceAdminInfo = new HashMap<>(); File mDataDir; + int[] mUsers; @Override - public boolean isUserDeviceOwner(int userId, ComponentName who) { + public boolean isDeviceOwner(int userId, ComponentName who) { return userId == mDeviceOwnerUserId && mDeviceOwnerComponent.equals(who); } @@ -105,6 +106,11 @@ public class PolicyVersionUpgraderTest { public Function<ComponentName, DeviceAdminInfo> getAdminInfoSupplier(int userId) { return componentName -> mComponentToDeviceAdminInfo.get(componentName); } + + @Override + public int[] getUsersForUpgrade() { + return mUsers; + } } private final Context mRealTestContext = InstrumentationRegistry.getTargetContext(); @@ -126,16 +132,17 @@ public class PolicyVersionUpgraderTest { ActivityInfo activityInfo = createActivityInfo(mFakeAdmin); DeviceAdminInfo dai = createDeviceAdminInfo(activityInfo); mProvider.mComponentToDeviceAdminInfo.put(mFakeAdmin, dai); + mProvider.mUsers = new int[] {0}; } @Test public void testSameVersionDoesNothing() throws IOException { - int[] users = new int[] {0}; writeVersionToXml(DevicePolicyManagerService.DPMS_VERSION); - preparePoliciesFile(users[0]); - String oldContents = readPoliciesFile(0); + final int userId = mProvider.mUsers[0]; + preparePoliciesFile(userId); + String oldContents = readPoliciesFile(userId); - mUpgrader.upgradePolicy(users, DevicePolicyManagerService.DPMS_VERSION); + mUpgrader.upgradePolicy(DevicePolicyManagerService.DPMS_VERSION); String newContents = readPoliciesFile(0); assertThat(newContents).isEqualTo(oldContents); @@ -144,18 +151,18 @@ public class PolicyVersionUpgraderTest { @Test public void testUpgrade0To1RemovesPasswordMetrics() throws IOException, XmlPullParserException { final String activePasswordTag = "active-password"; - int[] users = new int[] {0, 10}; + mProvider.mUsers = new int[] {0, 10}; writeVersionToXml(0); - for (int userId : users) { + for (int userId : mProvider.mUsers) { preparePoliciesFile(userId); } // Validate test set-up. assertThat(isTagPresent(readPoliciesFileToStream(0), activePasswordTag)).isTrue(); - mUpgrader.upgradePolicy(users, 1); + mUpgrader.upgradePolicy(1); assertThat(readVersionFromXml()).isGreaterThan(1); - for (int user: users) { + for (int user: mProvider.mUsers) { assertThat(isTagPresent(readPoliciesFileToStream(user), activePasswordTag)).isFalse(); } } @@ -163,21 +170,22 @@ public class PolicyVersionUpgraderTest { @Test public void testUpgrade1To2MarksDoForPermissionControl() throws IOException, XmlPullParserException { - int[] users = new int[] {0, 10}; + final int ownerUser = 10; + mProvider.mUsers = new int[] {0, ownerUser}; writeVersionToXml(1); - for (int userId : users) { + for (int userId : mProvider.mUsers) { preparePoliciesFile(userId); } - mProvider.mDeviceOwnerUserId = 10; + mProvider.mDeviceOwnerUserId = ownerUser; mProvider.mDeviceOwnerComponent = mFakeAdmin; - mProvider.mUserToComponent.put(10, mFakeAdmin); + mProvider.mUserToComponent.put(ownerUser, mFakeAdmin); - mUpgrader.upgradePolicy(users, 2); + mUpgrader.upgradePolicy(2); assertThat(readVersionFromXml()).isEqualTo(2); - assertThat(getBooleanValueTag(readPoliciesFileToStream(users[0]), + assertThat(getBooleanValueTag(readPoliciesFileToStream(mProvider.mUsers[0]), PERMISSIONS_TAG)).isFalse(); - assertThat(getBooleanValueTag(readPoliciesFileToStream(users[1]), + assertThat(getBooleanValueTag(readPoliciesFileToStream(ownerUser), PERMISSIONS_TAG)).isTrue(); } |