diff options
3 files changed, 42 insertions, 10 deletions
diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java index 8daaaaa2e05c..c9060c46e0a4 100644 --- a/core/java/android/app/admin/DevicePolicyManager.java +++ b/core/java/android/app/admin/DevicePolicyManager.java @@ -8484,14 +8484,16 @@ public class DevicePolicyManager { } /** - * Called by device owner to set the system wall clock time. This only takes effect if called - * when {@link android.provider.Settings.Global#AUTO_TIME} is 0, otherwise {@code false} will be - * returned. + * Called by a device owner or a profile owner of an organization-owned managed + * profile to set the system wall clock time. This only takes effect if called when + * {@link android.provider.Settings.Global#AUTO_TIME} is 0, otherwise {@code false} + * will be returned. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with * @param millis time in milliseconds since the Epoch * @return {@code true} if set time succeeded, {@code false} otherwise. - * @throws SecurityException if {@code admin} is not a device owner. + * @throws SecurityException if {@code admin} is not a device owner or a profile owner + * of an organization-owned managed profile. */ public boolean setTime(@NonNull ComponentName admin, long millis) { throwIfParentInstance("setTime"); @@ -8506,16 +8508,18 @@ public class DevicePolicyManager { } /** - * Called by device owner to set the system's persistent default time zone. This only takes - * effect if called when {@link android.provider.Settings.Global#AUTO_TIME_ZONE} is 0, otherwise - * {@code false} will be returned. + * Called by a device owner or a profile owner of an organization-owned managed + * profile to set the system's persistent default time zone. This only takes + * effect if called when {@link android.provider.Settings.Global#AUTO_TIME_ZONE} + * is 0, otherwise {@code false} will be returned. * * @see android.app.AlarmManager#setTimeZone(String) * @param admin Which {@link DeviceAdminReceiver} this request is associated with * @param timeZone one of the Olson ids from the list returned by * {@link java.util.TimeZone#getAvailableIDs} * @return {@code true} if set timezone succeeded, {@code false} otherwise. - * @throws SecurityException if {@code admin} is not a device owner. + * @throws SecurityException if {@code admin} is not a device owner or a profile owner + * of an organization-owned managed profile. */ public boolean setTimeZone(@NonNull ComponentName admin, String timeZone) { throwIfParentInstance("setTimeZone"); diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index 9163f164c30e..c275ccc17146 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -11060,7 +11060,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { @Override public boolean setTime(ComponentName who, long millis) { Objects.requireNonNull(who, "ComponentName is null in setTime"); - enforceDeviceOwner(who); + enforceDeviceOwnerOrProfileOwnerOnOrganizationOwnedDevice(who); // Don't allow set time when auto time is on. if (mInjector.settingsGlobalGetInt(Global.AUTO_TIME, 0) == 1) { return false; @@ -11075,7 +11075,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { @Override public boolean setTimeZone(ComponentName who, String timeZone) { Objects.requireNonNull(who, "ComponentName is null in setTimeZone"); - enforceDeviceOwner(who); + enforceDeviceOwnerOrProfileOwnerOnOrganizationOwnedDevice(who); // Don't allow set timezone when auto timezone is on. if (mInjector.settingsGlobalGetInt(Global.AUTO_TIME_ZONE, 0) == 1) { return false; diff --git a/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java b/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java index 4fcfa32c3c3b..133d35da51dc 100644 --- a/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java +++ b/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java @@ -3659,6 +3659,25 @@ public class DevicePolicyManagerTest extends DpmTestBase { assertExpectException(SecurityException.class, null, () -> dpm.setTime(admin1, 0)); } + public void testSetTimeWithPOOfOrganizationOwnedDevice() throws Exception { + setupProfileOwner(); + configureProfileOwnerOfOrgOwnedDevice(admin1, DpmMockContext.CALLER_USER_HANDLE); + dpm.setTime(admin1, 0); + + BaseMatcher<ManualTimeSuggestion> hasZeroTime = new BaseMatcher<ManualTimeSuggestion>() { + @Override + public boolean matches(Object item) { + final ManualTimeSuggestion suggestion = (ManualTimeSuggestion) item; + return suggestion.getUtcTime().getValue() == 0; + } + @Override + public void describeTo(Description description) { + description.appendText("ManualTimeSuggestion{utcTime.value=0}"); + } + }; + verify(getServices().timeDetector).suggestManualTime(argThat(hasZeroTime)); + } + public void testSetTimeWithAutoTimeOn() throws Exception { mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; setupDeviceOwner(); @@ -3682,6 +3701,15 @@ public class DevicePolicyManagerTest extends DpmTestBase { () -> dpm.setTimeZone(admin1, "Asia/Shanghai")); } + public void testSetTimeZoneWithPOOfOrganizationOwnedDevice() throws Exception { + setupProfileOwner(); + configureProfileOwnerOfOrgOwnedDevice(admin1, DpmMockContext.CALLER_USER_HANDLE); + dpm.setTimeZone(admin1, "Asia/Shanghai"); + ManualTimeZoneSuggestion suggestion = + TimeZoneDetector.createManualTimeZoneSuggestion("Asia/Shanghai", "Test debug info"); + verify(getServices().timeZoneDetector).suggestManualTimeZone(suggestion); + } + public void testSetTimeZoneWithAutoTimeZoneOn() throws Exception { mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; setupDeviceOwner(); |