diff options
6 files changed, 62 insertions, 56 deletions
diff --git a/core/api/current.txt b/core/api/current.txt index 62aacac7f8dd..35129d5d00a3 100644 --- a/core/api/current.txt +++ b/core/api/current.txt @@ -7202,7 +7202,6 @@ package android.app.admin { method public boolean isComplianceAcknowledgementRequired(); method public boolean isDeviceIdAttestationSupported(); method public boolean isDeviceOwnerApp(String); - method public boolean isEnterpriseNetworkPreferenceEnabled(); method public boolean isEphemeralUser(@NonNull android.content.ComponentName); method public boolean isKeyPairGrantedToWifiAuth(@NonNull String); method public boolean isLockTaskPermitted(String); @@ -7213,6 +7212,7 @@ package android.app.admin { method public boolean isOrganizationOwnedDeviceWithManagedProfile(); method public boolean isOverrideApnEnabled(@NonNull android.content.ComponentName); method public boolean isPackageSuspended(@NonNull android.content.ComponentName, String) throws android.content.pm.PackageManager.NameNotFoundException; + method public boolean isPreferentialNetworkServiceEnabled(); method public boolean isProfileOwnerApp(String); method public boolean isProvisioningAllowed(@NonNull String); method public boolean isResetPasswordTokenActive(android.content.ComponentName); @@ -7264,7 +7264,6 @@ package android.app.admin { method public void setDelegatedScopes(@NonNull android.content.ComponentName, @NonNull String, @NonNull java.util.List<java.lang.String>); method public void setDeviceOwnerLockScreenInfo(@NonNull android.content.ComponentName, CharSequence); method public void setEndUserSessionMessage(@NonNull android.content.ComponentName, @Nullable CharSequence); - method public void setEnterpriseNetworkPreferenceEnabled(boolean); method public void setFactoryResetProtectionPolicy(@NonNull android.content.ComponentName, @Nullable android.app.admin.FactoryResetProtectionPolicy); method public int setGlobalPrivateDnsModeOpportunistic(@NonNull android.content.ComponentName); method @WorkerThread public int setGlobalPrivateDnsModeSpecifiedHost(@NonNull android.content.ComponentName, @NonNull String); @@ -7307,6 +7306,7 @@ package android.app.admin { method public boolean setPermittedCrossProfileNotificationListeners(@NonNull android.content.ComponentName, @Nullable java.util.List<java.lang.String>); method public boolean setPermittedInputMethods(@NonNull android.content.ComponentName, java.util.List<java.lang.String>); method public void setPersonalAppsSuspended(@NonNull android.content.ComponentName, boolean); + method public void setPreferentialNetworkServiceEnabled(boolean); method public void setProfileEnabled(@NonNull android.content.ComponentName); method public void setProfileName(@NonNull android.content.ComponentName, String); method public void setRecommendedGlobalProxy(@NonNull android.content.ComponentName, @Nullable android.net.ProxyInfo); diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java index 1594e705936e..fa3c7678f8ca 100644 --- a/core/java/android/app/admin/DevicePolicyManager.java +++ b/core/java/android/app/admin/DevicePolicyManager.java @@ -10121,45 +10121,51 @@ public class DevicePolicyManager { } /** - * Sets whether enterprise network preference is enabled on the work profile. + * Sets whether preferential network service is enabled on the work profile. + * For example, an organization can have a deal/agreement with a carrier that all of + * the work data from its employees’ devices will be sent via a network service dedicated + * for enterprise use. * - * For example, a corporation can have a deal/agreement with a carrier that all of its - * employees’ devices use data on a network preference dedicated for enterprise use. + * An example of a supported preferential network service is the Enterprise + * slice on 5G networks. * - * By default, enterprise network preference is enabled on the work profile on supported + * By default, preferential network service is enabled on the work profile on supported * carriers and devices. Admins can explicitly disable it with this API. + * On fully-managed devices this method is unsupported because all traffic is considered + * work traffic. * * <p>This method can only be called by the profile owner of a managed profile. - * - * @param enabled whether enterprise network preference should be enabled. + * @param enabled whether preferential network service should be enabled. * @throws SecurityException if the caller is not the profile owner. **/ - public void setEnterpriseNetworkPreferenceEnabled(boolean enabled) { - throwIfParentInstance("setEnterpriseNetworkPreferenceEnabled"); - if (mService != null) { - try { - mService.setEnterpriseNetworkPreferenceEnabled(enabled); - } catch (RemoteException e) { - throw e.rethrowFromSystemServer(); - } + public void setPreferentialNetworkServiceEnabled(boolean enabled) { + throwIfParentInstance("setPreferentialNetworkServiceEnabled"); + if (mService == null) { + return; + } + + try { + mService.setPreferentialNetworkServiceEnabled(enabled); + } catch (RemoteException e) { + throw e.rethrowFromSystemServer(); } } /** - * Indicates whether whether enterprise network preference is enabled. + * Indicates whether preferential network service is enabled. * * <p>This method can be called by the profile owner of a managed profile. * - * @return whether whether enterprise network preference is enabled. + * @return whether preferential network service is enabled. * @throws SecurityException if the caller is not the profile owner. */ - public boolean isEnterpriseNetworkPreferenceEnabled() { - throwIfParentInstance("isEnterpriseNetworkPreferenceEnabled"); + public boolean isPreferentialNetworkServiceEnabled() { + throwIfParentInstance("isPreferentialNetworkServiceEnabled"); if (mService == null) { return false; } try { - return mService.isEnterpriseNetworkPreferenceEnabled(myUserId()); + return mService.isPreferentialNetworkServiceEnabled(myUserId()); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } diff --git a/core/java/android/app/admin/IDevicePolicyManager.aidl b/core/java/android/app/admin/IDevicePolicyManager.aidl index 8a8c69c10379..05b0be4c5813 100644 --- a/core/java/android/app/admin/IDevicePolicyManager.aidl +++ b/core/java/android/app/admin/IDevicePolicyManager.aidl @@ -274,8 +274,8 @@ interface IDevicePolicyManager { void setSecondaryLockscreenEnabled(in ComponentName who, boolean enabled); boolean isSecondaryLockscreenEnabled(in UserHandle userHandle); - void setEnterpriseNetworkPreferenceEnabled(in boolean enabled); - boolean isEnterpriseNetworkPreferenceEnabled(int userHandle); + void setPreferentialNetworkServiceEnabled(in boolean enabled); + boolean isPreferentialNetworkServiceEnabled(int userHandle); void setLockTaskPackages(in ComponentName who, in String[] packages); String[] getLockTaskPackages(in ComponentName who); diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/ActiveAdmin.java b/services/devicepolicy/java/com/android/server/devicepolicy/ActiveAdmin.java index fb0265ed0b3a..ff7514a377e5 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/ActiveAdmin.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/ActiveAdmin.java @@ -144,13 +144,13 @@ class ActiveAdmin { private static final String TAG_ENROLLMENT_SPECIFIC_ID = "enrollment-specific-id"; private static final String TAG_ADMIN_CAN_GRANT_SENSORS_PERMISSIONS = "admin-can-grant-sensors-permissions"; - private static final String TAG_ENTERPRISE_NETWORK_PREFERENCE_ENABLED = - "enterprise-network-preference-enabled"; + private static final String TAG_PREFERENTIAL_NETWORK_SERVICE_ENABLED = + "preferential-network-service-enabled"; private static final String TAG_USB_DATA_SIGNALING = "usb-data-signaling"; private static final String ATTR_VALUE = "value"; private static final String ATTR_LAST_NETWORK_LOGGING_NOTIFICATION = "last-notification"; private static final String ATTR_NUM_NETWORK_LOGGING_NOTIFICATIONS = "num-notifications"; - private static final boolean ENTERPRISE_NETWORK_PREFERENCE_ENABLED_DEFAULT = true; + private static final boolean PREFERENTIAL_NETWORK_SERVICE_ENABLED_DEFAULT = true; DeviceAdminInfo info; @@ -296,8 +296,8 @@ class ActiveAdmin { public String mOrganizationId; public String mEnrollmentSpecificId; public boolean mAdminCanGrantSensorsPermissions; - public boolean mEnterpriseNetworkPreferenceEnabled = - ENTERPRISE_NETWORK_PREFERENCE_ENABLED_DEFAULT; + public boolean mPreferentialNetworkServiceEnabled = + PREFERENTIAL_NETWORK_SERVICE_ENABLED_DEFAULT; private static final boolean USB_DATA_SIGNALING_ENABLED_DEFAULT = true; boolean mUsbDataSignalingEnabled = USB_DATA_SIGNALING_ENABLED_DEFAULT; @@ -576,9 +576,9 @@ class ActiveAdmin { } writeAttributeValueToXml(out, TAG_ADMIN_CAN_GRANT_SENSORS_PERMISSIONS, mAdminCanGrantSensorsPermissions); - if (mEnterpriseNetworkPreferenceEnabled != ENTERPRISE_NETWORK_PREFERENCE_ENABLED_DEFAULT) { - writeAttributeValueToXml(out, TAG_ENTERPRISE_NETWORK_PREFERENCE_ENABLED, - mEnterpriseNetworkPreferenceEnabled); + if (mPreferentialNetworkServiceEnabled != PREFERENTIAL_NETWORK_SERVICE_ENABLED_DEFAULT) { + writeAttributeValueToXml(out, TAG_PREFERENTIAL_NETWORK_SERVICE_ENABLED, + mPreferentialNetworkServiceEnabled); } if (mUsbDataSignalingEnabled != USB_DATA_SIGNALING_ENABLED_DEFAULT) { writeAttributeValueToXml(out, TAG_USB_DATA_SIGNALING, mUsbDataSignalingEnabled); @@ -806,9 +806,9 @@ class ActiveAdmin { mAlwaysOnVpnPackage = parser.getAttributeValue(null, ATTR_VALUE); } else if (TAG_ALWAYS_ON_VPN_LOCKDOWN.equals(tag)) { mAlwaysOnVpnLockdown = parser.getAttributeBoolean(null, ATTR_VALUE, false); - } else if (TAG_ENTERPRISE_NETWORK_PREFERENCE_ENABLED.equals(tag)) { - mEnterpriseNetworkPreferenceEnabled = parser.getAttributeBoolean( - null, ATTR_VALUE, ENTERPRISE_NETWORK_PREFERENCE_ENABLED_DEFAULT); + } else if (TAG_PREFERENTIAL_NETWORK_SERVICE_ENABLED.equals(tag)) { + mPreferentialNetworkServiceEnabled = parser.getAttributeBoolean( + null, ATTR_VALUE, PREFERENTIAL_NETWORK_SERVICE_ENABLED_DEFAULT); } else if (TAG_COMMON_CRITERIA_MODE.equals(tag)) { mCommonCriteriaMode = parser.getAttributeBoolean(null, ATTR_VALUE, false); } else if (TAG_PASSWORD_COMPLEXITY.equals(tag)) { @@ -1168,8 +1168,8 @@ class ActiveAdmin { pw.print("mAlwaysOnVpnLockdown="); pw.println(mAlwaysOnVpnLockdown); - pw.print("mEnterpriseNetworkPreferenceEnabled="); - pw.println(mEnterpriseNetworkPreferenceEnabled); + pw.print("mPreferentialNetworkServiceEnabled="); + pw.println(mPreferentialNetworkServiceEnabled); pw.print("mCommonCriteriaMode="); pw.println(mCommonCriteriaMode); diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index 20a88af98300..66e640d666ed 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -3123,13 +3123,13 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { updatePermissionPolicyCache(userId); updateAdminCanGrantSensorsPermissionCache(userId); - boolean enableEnterpriseNetworkPreferenceEnabled = true; + boolean preferentialNetworkServiceEnabled = true; synchronized (getLockObject()) { ActiveAdmin owner = getDeviceOrProfileOwnerAdminLocked(userId); - enableEnterpriseNetworkPreferenceEnabled = owner != null - ? owner.mEnterpriseNetworkPreferenceEnabled : true; + preferentialNetworkServiceEnabled = owner != null + ? owner.mPreferentialNetworkServiceEnabled : true; } - updateNetworkPreferenceForUser(userId, enableEnterpriseNetworkPreferenceEnabled); + updateNetworkPreferenceForUser(userId, preferentialNetworkServiceEnabled); startOwnerService(userId, "start-user"); } @@ -11616,32 +11616,32 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } @Override - public void setEnterpriseNetworkPreferenceEnabled(boolean enabled) { + public void setPreferentialNetworkServiceEnabled(boolean enabled) { if (!mHasFeature) { return; } final CallerIdentity caller = getCallerIdentity(); Preconditions.checkCallAuthorization(isProfileOwner(caller), "Caller is not profile owner;" - + " only profile owner may control the enterprise network preference"); + + " only profile owner may control the preferntial network service"); synchronized (getLockObject()) { final ActiveAdmin requiredAdmin = getProfileOwnerAdminLocked( caller.getUserId()); if (requiredAdmin != null - && requiredAdmin.mEnterpriseNetworkPreferenceEnabled != enabled) { - requiredAdmin.mEnterpriseNetworkPreferenceEnabled = enabled; + && requiredAdmin.mPreferentialNetworkServiceEnabled != enabled) { + requiredAdmin.mPreferentialNetworkServiceEnabled = enabled; saveSettingsLocked(caller.getUserId()); } } updateNetworkPreferenceForUser(caller.getUserId(), enabled); DevicePolicyEventLogger - .createEvent(DevicePolicyEnums.SET_ENTERPRISE_NETWORK_PREFERENCE_ENABLED) + .createEvent(DevicePolicyEnums.SET_PREFERENTIAL_NETWORK_SERVICE_ENABLED) .setBoolean(enabled) .write(); } @Override - public boolean isEnterpriseNetworkPreferenceEnabled(int userHandle) { + public boolean isPreferentialNetworkServiceEnabled(int userHandle) { if (!mHasFeature) { return false; } @@ -11652,7 +11652,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { synchronized (getLockObject()) { final ActiveAdmin requiredAdmin = getProfileOwnerAdminLocked(userHandle); if (requiredAdmin != null) { - return requiredAdmin.mEnterpriseNetworkPreferenceEnabled; + return requiredAdmin.mPreferentialNetworkServiceEnabled; } else { return false; } @@ -17227,11 +17227,11 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { } private void updateNetworkPreferenceForUser(int userId, - boolean enableEnterpriseNetworkPreferenceEnabled) { + boolean preferentialNetworkServiceEnabled) { if (!isManagedProfile(userId)) { return; } - int networkPreference = enableEnterpriseNetworkPreferenceEnabled + int networkPreference = preferentialNetworkServiceEnabled ? PROFILE_NETWORK_PREFERENCE_ENTERPRISE : PROFILE_NETWORK_PREFERENCE_DEFAULT; mInjector.binderWithCleanCallingIdentity(() -> mInjector.getConnectivityManager().setProfileNetworkPreference( diff --git a/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java b/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java index 486d2b35f9f3..78e2dee7acf8 100644 --- a/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java +++ b/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java @@ -4032,20 +4032,20 @@ public class DevicePolicyManagerTest extends DpmTestBase { } @Test - public void testGetSetEnterpriseNetworkPreference() throws Exception { + public void testGetSetPreferentialNetworkService() throws Exception { assertExpectException(SecurityException.class, null, - () -> dpm.setEnterpriseNetworkPreferenceEnabled(false)); + () -> dpm.setPreferentialNetworkServiceEnabled(false)); assertExpectException(SecurityException.class, null, - () -> dpm.isEnterpriseNetworkPreferenceEnabled()); + () -> dpm.isPreferentialNetworkServiceEnabled()); final int managedProfileUserId = 15; final int managedProfileAdminUid = UserHandle.getUid(managedProfileUserId, 19436); addManagedProfile(admin1, managedProfileAdminUid, admin1); mContext.binder.callingUid = managedProfileAdminUid; - dpm.setEnterpriseNetworkPreferenceEnabled(false); - assertThat(dpm.isEnterpriseNetworkPreferenceEnabled()).isFalse(); + dpm.setPreferentialNetworkServiceEnabled(false); + assertThat(dpm.isPreferentialNetworkServiceEnabled()).isFalse(); verify(getServices().connectivityManager, times(1)).setProfileNetworkPreference( eq(UserHandle.of(managedProfileUserId)), eq(ConnectivityManager.PROFILE_NETWORK_PREFERENCE_DEFAULT), @@ -4053,8 +4053,8 @@ public class DevicePolicyManagerTest extends DpmTestBase { any() ); - dpm.setEnterpriseNetworkPreferenceEnabled(true); - assertThat(dpm.isEnterpriseNetworkPreferenceEnabled()).isTrue(); + dpm.setPreferentialNetworkServiceEnabled(true); + assertThat(dpm.isPreferentialNetworkServiceEnabled()).isTrue(); verify(getServices().connectivityManager, times(1)).setProfileNetworkPreference( eq(UserHandle.of(managedProfileUserId)), eq(ConnectivityManager.PROFILE_NETWORK_PREFERENCE_ENTERPRISE), |