diff options
4 files changed, 77 insertions, 2 deletions
diff --git a/core/api/test-current.txt b/core/api/test-current.txt index e39b2b856661..661379bad1fe 100644 --- a/core/api/test-current.txt +++ b/core/api/test-current.txt @@ -472,6 +472,7 @@ package android.app.admin { method @NonNull public String getOwnerName(); method @Nullable public String getTimeZone(); method public boolean isLeaveAllSystemAppsEnabled(); + method public void logParams(@NonNull String); method public void writeToParcel(@NonNull android.os.Parcel, @Nullable int); field @NonNull public static final android.os.Parcelable.Creator<android.app.admin.FullyManagedDeviceProvisioningParams> CREATOR; } @@ -495,6 +496,7 @@ package android.app.admin { method public boolean isKeepAccountMigrated(); method public boolean isLeaveAllSystemAppsEnabled(); method public boolean isOrganizationOwnedProvisioning(); + method public void logParams(@NonNull String); method public void writeToParcel(@NonNull android.os.Parcel, @Nullable int); field @NonNull public static final android.os.Parcelable.Creator<android.app.admin.ManagedProfileProvisioningParams> CREATOR; } diff --git a/core/java/android/app/admin/FullyManagedDeviceProvisioningParams.java b/core/java/android/app/admin/FullyManagedDeviceProvisioningParams.java index 5e1cbadb458e..9eb9a7bdad07 100644 --- a/core/java/android/app/admin/FullyManagedDeviceProvisioningParams.java +++ b/core/java/android/app/admin/FullyManagedDeviceProvisioningParams.java @@ -25,6 +25,7 @@ import android.annotation.TestApi; import android.content.ComponentName; import android.os.Parcel; import android.os.Parcelable; +import android.stats.devicepolicy.DevicePolicyEnums; import java.util.Locale; @@ -35,6 +36,13 @@ import java.util.Locale; */ @TestApi public final class FullyManagedDeviceProvisioningParams implements Parcelable { + private static final String LEAVE_ALL_SYSTEM_APPS_ENABLED_PARAM = + "LEAVE_ALL_SYSTEM_APPS_ENABLED"; + private static final String CAN_DEVICE_OWNER_GRANT_SENSOR_PERMISSIONS_PARAM = + "CAN_DEVICE_OWNER_GRANT_SENSOR_PERMISSIONS"; + private static final String TIME_ZONE_PROVIDED_PARAM = "TIME_ZONE_PROVIDED"; + private static final String LOCALE_PROVIDED_PARAM = "LOCALE_PROVIDED"; + @NonNull private final ComponentName mDeviceAdminComponentName; @NonNull private final String mOwnerName; private final boolean mLeaveAllSystemAppsEnabled; @@ -121,6 +129,29 @@ public final class FullyManagedDeviceProvisioningParams implements Parcelable { } /** + * Logs the provisioning params using {@link DevicePolicyEventLogger}. + */ + public void logParams(@NonNull String callerPackage) { + requireNonNull(callerPackage); + + logParam(callerPackage, LEAVE_ALL_SYSTEM_APPS_ENABLED_PARAM, mLeaveAllSystemAppsEnabled); + logParam(callerPackage, CAN_DEVICE_OWNER_GRANT_SENSOR_PERMISSIONS_PARAM, + mDeviceOwnerCanGrantSensorsPermissions); + logParam(callerPackage, TIME_ZONE_PROVIDED_PARAM, /* value= */ mTimeZone != null); + logParam(callerPackage, LOCALE_PROVIDED_PARAM, /* value= */ mLocale != null); + } + + private void logParam(String callerPackage, String param, boolean value) { + DevicePolicyEventLogger + .createEvent(DevicePolicyEnums.PLATFORM_PROVISIONING_PARAM) + .setStrings(callerPackage) + .setAdmin(mDeviceAdminComponentName) + .setStrings(param) + .setBoolean(value) + .write(); + } + + /** * Builder class for {@link FullyManagedDeviceProvisioningParams} objects. */ public static final class Builder { diff --git a/core/java/android/app/admin/ManagedProfileProvisioningParams.java b/core/java/android/app/admin/ManagedProfileProvisioningParams.java index 5fe63d142021..1a6099a7f570 100644 --- a/core/java/android/app/admin/ManagedProfileProvisioningParams.java +++ b/core/java/android/app/admin/ManagedProfileProvisioningParams.java @@ -25,6 +25,7 @@ import android.annotation.TestApi; import android.content.ComponentName; import android.os.Parcel; import android.os.Parcelable; +import android.stats.devicepolicy.DevicePolicyEnums; /** * Params required to provision a managed profile, see @@ -34,6 +35,13 @@ import android.os.Parcelable; */ @TestApi public final class ManagedProfileProvisioningParams implements Parcelable { + private static final String LEAVE_ALL_SYSTEM_APPS_ENABLED_PARAM = + "LEAVE_ALL_SYSTEM_APPS_ENABLED"; + private static final String ORGANIZATION_OWNED_PROVISIONING_PARAM = + "ORGANIZATION_OWNED_PROVISIONING"; + private static final String ACCOUNT_TO_MIGRATE_PROVIDED_PARAM = "ACCOUNT_TO_MIGRATE_PROVIDED"; + private static final String KEEP_MIGRATED_ACCOUNT_PARAM = "KEEP_MIGRATED_ACCOUNT"; + @NonNull private final ComponentName mProfileAdminComponentName; @NonNull private final String mOwnerName; @Nullable private final String mProfileName; @@ -93,6 +101,30 @@ public final class ManagedProfileProvisioningParams implements Parcelable { } /** + * Logs the provisioning params using {@link DevicePolicyEventLogger}. + */ + public void logParams(@NonNull String callerPackage) { + requireNonNull(callerPackage); + + logParam(callerPackage, LEAVE_ALL_SYSTEM_APPS_ENABLED_PARAM, mLeaveAllSystemAppsEnabled); + logParam(callerPackage, ORGANIZATION_OWNED_PROVISIONING_PARAM, + mOrganizationOwnedProvisioning); + logParam(callerPackage, KEEP_MIGRATED_ACCOUNT_PARAM, mKeepAccountMigrated); + logParam(callerPackage, ACCOUNT_TO_MIGRATE_PROVIDED_PARAM, + /* value= */ mAccountToMigrate != null); + } + + private void logParam(String callerPackage, String param, boolean value) { + DevicePolicyEventLogger + .createEvent(DevicePolicyEnums.PLATFORM_PROVISIONING_PARAM) + .setStrings(callerPackage) + .setAdmin(mProfileAdminComponentName) + .setStrings(param) + .setBoolean(value) + .write(); + } + + /** * Builder class for {@link ManagedProfileProvisioningParams} objects. */ public static final class Builder { diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index 404b0cf8c7b8..bd109922cb42 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -15985,6 +15985,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { public UserHandle createAndProvisionManagedProfile( @NonNull ManagedProfileProvisioningParams provisioningParams, @NonNull String callerPackage) { + Objects.requireNonNull(provisioningParams, "provisioningParams is null"); + Objects.requireNonNull(callerPackage, "callerPackage is null"); + final ComponentName admin = provisioningParams.getProfileAdminComponentName(); Objects.requireNonNull(admin, "admin is null"); @@ -15992,6 +15995,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkCallAuthorization( hasCallingOrSelfPermission(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS)); + provisioningParams.logParams(callerPackage); + UserInfo userInfo = null; final long identity = Binder.clearCallingIdentity(); try { @@ -16291,9 +16296,12 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { @Override public void provisionFullyManagedDevice( - FullyManagedDeviceProvisioningParams provisioningParams, String callerPackage) { - ComponentName deviceAdmin = provisioningParams.getDeviceAdminComponentName(); + @NonNull FullyManagedDeviceProvisioningParams provisioningParams, + @NonNull String callerPackage) { + Objects.requireNonNull(provisioningParams, "provisioningParams is null."); + Objects.requireNonNull(callerPackage, "callerPackage is null."); + ComponentName deviceAdmin = provisioningParams.getDeviceAdminComponentName(); Objects.requireNonNull(deviceAdmin, "admin is null."); Objects.requireNonNull(provisioningParams.getOwnerName(), "owner name is null."); @@ -16301,6 +16309,8 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkCallAuthorization( hasCallingOrSelfPermission(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS)); + provisioningParams.logParams(callerPackage); + final long identity = Binder.clearCallingIdentity(); try { // TODO(b/178187130): This check fails silent provisioning, uncomment once silent |