From 69bb632cb8b093129db0d0022bdb5f5b5747a921 Mon Sep 17 00:00:00 2001
From: arangelov <arangelov@google.com>
Date: Wed, 16 Mar 2022 13:51:16 +0000
Subject: Add DevicePolicyManager#getPolicyManagedProfiles system api

That way the logic to get a managed profile can be
customizable by OEMs.

Fixes: 214473624
Test: manual
Test: CTS tests to be added in a follow-up CL
Change-Id: Id183e987d2cb04040db028b9913188267d1a9a84
---
 core/api/system-current.txt                        |  1 +
 .../android/app/admin/DevicePolicyManager.java     | 23 ++++++++++++++++++++++
 .../android/app/admin/IDevicePolicyManager.aidl    |  2 ++
 .../devicepolicy/BaseIDevicePolicyManager.java     |  6 ++++++
 .../devicepolicy/DevicePolicyManagerService.java   | 18 +++++++++++++++++
 5 files changed, 50 insertions(+)

diff --git a/core/api/system-current.txt b/core/api/system-current.txt
index c723fb757aee..390e9903a888 100644
--- a/core/api/system-current.txt
+++ b/core/api/system-current.txt
@@ -1088,6 +1088,7 @@ package android.app.admin {
     method @Nullable @RequiresPermission(android.Manifest.permission.MANAGE_USERS) public android.os.UserHandle getDeviceOwnerUser();
     method @Nullable @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.QUERY_ADMIN_POLICY}) public java.util.List<java.lang.String> getPermittedAccessibilityServices(int);
     method @Nullable @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.QUERY_ADMIN_POLICY}) public java.util.List<java.lang.String> getPermittedInputMethodsForCurrentUser();
+    method @NonNull @RequiresPermission(android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS) public java.util.List<android.os.UserHandle> getPolicyManagedProfiles(@NonNull android.os.UserHandle);
     method @Nullable public android.content.ComponentName getProfileOwner() throws java.lang.IllegalArgumentException;
     method @Nullable @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS}) public String getProfileOwnerNameAsUser(int) throws java.lang.IllegalArgumentException;
     method @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS}) public int getUserProvisioningState();
diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java
index 0f9b4e381145..26d023514aca 100644
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -15841,6 +15841,29 @@ public class DevicePolicyManager {
         return devicePolicyManagementUpdaterConfig;
     }
 
+    /**
+     * Returns a {@link List} of managed profiles managed by some profile owner within the profile
+     * group of the given user, or an empty {@link List} if there is not one.
+     *
+     * @param user the user whose profile group to look within to return managed profiles
+     *
+     * @hide
+     */
+    @SystemApi
+    @RequiresPermission(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS)
+    @NonNull
+    public List<UserHandle> getPolicyManagedProfiles(@NonNull UserHandle user) {
+        Objects.requireNonNull(user);
+        if (mService != null) {
+            try {
+                return mService.getPolicyManagedProfiles(user);
+            } catch (RemoteException e) {
+                throw e.rethrowFromSystemServer();
+            }
+        }
+        return Collections.emptyList();
+    }
+
     /**
      * Retrieves the package name for a given {@code deviceManagerConfig}.
      *
diff --git a/core/java/android/app/admin/IDevicePolicyManager.aidl b/core/java/android/app/admin/IDevicePolicyManager.aidl
index 471c2a8630c1..900c5a5b0593 100644
--- a/core/java/android/app/admin/IDevicePolicyManager.aidl
+++ b/core/java/android/app/admin/IDevicePolicyManager.aidl
@@ -563,4 +563,6 @@ interface IDevicePolicyManager {
     ParcelableResource getString(String stringId);
 
     boolean shouldAllowBypassingDevicePolicyManagementRoleQualification();
+
+    List<UserHandle> getPolicyManagedProfiles(in UserHandle userHandle);
 }
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/BaseIDevicePolicyManager.java b/services/devicepolicy/java/com/android/server/devicepolicy/BaseIDevicePolicyManager.java
index edfd6ed5f63d..834f65fa9e97 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/BaseIDevicePolicyManager.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/BaseIDevicePolicyManager.java
@@ -31,6 +31,7 @@ import android.util.Slog;
 
 import com.android.server.SystemService;
 
+import java.util.Collections;
 import java.util.List;
 
 /**
@@ -200,4 +201,9 @@ abstract class BaseIDevicePolicyManager extends IDevicePolicyManager.Stub {
     public boolean shouldAllowBypassingDevicePolicyManagementRoleQualification() {
         return false;
     }
+
+    @Override
+    public List<UserHandle> getPolicyManagedProfiles(UserHandle userHandle) {
+        return Collections.emptyList();
+    }
 }
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 3b82660b75a4..d78c01587aa9 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -18830,4 +18830,22 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
             return accounts.length == 0;
         });
     }
+
+    @Override
+    public List<UserHandle> getPolicyManagedProfiles(@NonNull UserHandle user) {
+        Preconditions.checkCallAuthorization(hasCallingOrSelfPermission(
+                android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS));
+
+        int userId = user.getIdentifier();
+        return mInjector.binderWithCleanCallingIdentity(() -> {
+            List<UserInfo> userProfiles = mUserManager.getProfiles(userId);
+            List<UserHandle> result = new ArrayList<>();
+            for (int i = 0; i < userProfiles.size(); i++) {
+                if (userProfiles.get(i).isManagedProfile() && hasProfileOwner(userId)) {
+                    result.add(new UserHandle(userProfiles.get(i).id));
+                }
+            }
+            return result;
+        });
+    }
 }
-- 
cgit v1.2.3-59-g8ed1b