Fix admin policies in managed profiles
Some of the admin policies are throwing security exceptions in
a managed profile without being documented correctly and others
shouldn't be throwing security exceptions.
Changed setCameraDisabled() to not throw an exception. It now just
prevents work profile apps from using the camera.
Changed wipeData() to allow passing in ERASE_EXTERNAL_STORAGE. In
secondary users/profiles, this is just going to remove the user, so
the flag is harmless.
Updated documentation for setKeyguardDisabledFeatures() and resetPassword()
to indicate that they cannot be called in a managed profile.
Bug: 17987913
Change-Id: I8060be4c2d32bdd4edb46ce543551fabb9c8c983
diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java
index 2eba29a..a9d16bc 100644
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -1335,7 +1335,7 @@
* {@link DeviceAdminInfo#USES_POLICY_RESET_PASSWORD} to be able to call
* this method; if it has not, a security exception will be thrown.
*
- * Can not be called from a managed profile.
+ * <p>Calling this from a managed profile will throw a security exception.
*
* @param password The new password for the user.
* @param flags May be 0 or {@link #RESET_PASSWORD_REQUIRE_ENTRY}.
@@ -1881,8 +1881,8 @@
/**
* Called by an application that is administering the device to disable all cameras
- * on the device. After setting this, no applications will be able to access any cameras
- * on the device.
+ * on the device, for this user. After setting this, no applications running as this user
+ * will be able to access any cameras on the device.
*
* <p>The calling device admin must have requested
* {@link DeviceAdminInfo#USES_POLICY_DISABLE_CAMERA} to be able to call
@@ -1902,8 +1902,8 @@
}
/**
- * Determine whether or not the device's cameras have been disabled either by the current
- * admin, if specified, or all admins.
+ * Determine whether or not the device's cameras have been disabled for this user,
+ * either by the current admin, if specified, or all admins.
* @param admin The name of the admin component to check, or null to check if any admins
* have disabled the camera
*/
@@ -2012,6 +2012,8 @@
* {@link DeviceAdminInfo#USES_POLICY_DISABLE_KEYGUARD_FEATURES} to be able to call
* this method; if it has not, a security exception will be thrown.
*
+ * <p>Calling this from a managed profile will throw a security exception.
+ *
* @param admin Which {@link DeviceAdminReceiver} this request is associated with.
* @param which {@link #KEYGUARD_DISABLE_FEATURES_NONE} (default),
* {@link #KEYGUARD_DISABLE_WIDGETS_ALL}, {@link #KEYGUARD_DISABLE_SECURE_CAMERA},
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index f8f20dc..7dc2de2 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -2924,9 +2924,6 @@
return;
}
enforceCrossUserPermission(userHandle);
- if ((flags & DevicePolicyManager.WIPE_EXTERNAL_STORAGE) != 0) {
- enforceNotManagedProfile(userHandle, "wipe external storage");
- }
synchronized (this) {
// This API can only be called by an active device admin,
// so try to retrieve it to check that the caller is one.
@@ -3526,7 +3523,6 @@
return;
}
enforceCrossUserPermission(userHandle);
- enforceNotManagedProfile(userHandle, "enable/disable cameras");
synchronized (this) {
if (who == null) {
throw new NullPointerException("ComponentName is null");