1 /* 2 * Copyright (C) 2016 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.cts.verifier.managedprovisioning; 18 19 import static android.app.admin.DevicePolicyManager.LOCK_TASK_FEATURE_HOME; 20 import static android.app.admin.DevicePolicyManager.MAKE_USER_EPHEMERAL; 21 import static android.app.admin.DevicePolicyManager.SKIP_SETUP_WIZARD; 22 23 import static com.android.cts.verifier.Utils.flattenToShortString; 24 25 import android.Manifest; 26 import android.app.Activity; 27 import android.app.ActivityManager; 28 import android.app.KeyguardManager; 29 import android.app.PendingIntent; 30 import android.app.admin.DevicePolicyManager; 31 import android.app.admin.WifiSsidPolicy; 32 import android.content.ComponentName; 33 import android.content.Context; 34 import android.content.Intent; 35 import android.content.IntentFilter; 36 import android.content.pm.ApplicationInfo; 37 import android.content.pm.PackageInstaller; 38 import android.content.pm.PackageManager; 39 import android.content.pm.ResolveInfo; 40 import android.graphics.BitmapFactory; 41 import android.net.ProxyInfo; 42 import android.net.wifi.WifiSsid; 43 import android.os.Bundle; 44 import android.os.PersistableBundle; 45 import android.os.UserHandle; 46 import android.os.UserManager; 47 import android.provider.ContactsContract; 48 import android.provider.MediaStore; 49 import android.provider.Settings; 50 import android.util.ArraySet; 51 import android.util.Log; 52 import android.view.inputmethod.InputMethodInfo; 53 import android.view.inputmethod.InputMethodManager; 54 import android.widget.Toast; 55 56 import com.android.bedstead.dpmwrapper.TestAppSystemServiceFactory; 57 import com.android.cts.verifier.R; 58 59 import java.io.File; 60 import java.io.FileInputStream; 61 import java.io.InputStream; 62 import java.io.OutputStream; 63 import java.nio.charset.StandardCharsets; 64 import java.util.ArrayList; 65 import java.util.Arrays; 66 import java.util.Collections; 67 import java.util.List; 68 import java.util.Set; 69 import java.util.concurrent.TimeUnit; 70 import java.util.stream.Collectors; 71 72 public class CommandReceiverActivity extends Activity { 73 private static final String TAG = "CommandReceiverActivity"; 74 75 public static final String ACTION_EXECUTE_COMMAND = 76 "com.android.cts.verifier.managedprovisioning.action.EXECUTE_COMMAND"; 77 public static final String EXTRA_COMMAND = 78 "com.android.cts.verifier.managedprovisioning.extra.COMMAND"; 79 80 public static final String COMMAND_SET_USER_RESTRICTION = "set-user_restriction"; 81 public static final String COMMAND_DISALLOW_KEYGUARD_UNREDACTED_NOTIFICATIONS = 82 "disallow-keyguard-unredacted-notifications"; 83 public static final String COMMAND_SET_AUTO_TIME_REQUIRED = "set-auto-time-required"; 84 public static final String COMMAND_SET_GLOBAL_SETTING = 85 "set-global-setting"; 86 public static final String COMMAND_SET_MAXIMUM_TO_LOCK = "set-maximum-time-to-lock"; 87 public static final String COMMAND_SET_KEYGUARD_DISABLED = "set-keyguard-disabled"; 88 public static final String COMMAND_SET_LOCK_SCREEN_INFO = "set-lock-screen-info"; 89 public static final String COMMAND_SET_STATUSBAR_DISABLED = "set-statusbar-disabled"; 90 public static final String COMMAND_SET_LOCK_TASK_FEATURES = "set-lock-task-features"; 91 public static final String COMMAND_ALLOW_ONLY_SYSTEM_INPUT_METHODS = 92 "allow-only-system-input-methods"; 93 public static final String COMMAND_ALLOW_ONLY_SYSTEM_ACCESSIBILITY_SERVICES = 94 "allow-only-system-accessibility-services"; 95 public static final String COMMAND_CLEAR_POLICIES = "clear-policies"; 96 public static final String COMMAND_REMOVE_DEVICE_OWNER = "remove-device-owner"; 97 public static final String COMMAND_REQUEST_BUGREPORT = "request-bugreport"; 98 public static final String COMMAND_SET_USER_ICON = "set-user-icon"; 99 public static final String COMMAND_RETRIEVE_NETWORK_LOGS = "retrieve-network-logs"; 100 public static final String COMMAND_RETRIEVE_SECURITY_LOGS = "retrieve-security-logs"; 101 public static final String COMMAND_SET_ORGANIZATION_NAME = "set-organization-name"; 102 public static final String COMMAND_ENABLE_NETWORK_LOGGING = "enable-network-logging"; 103 public static final String COMMAND_DISABLE_NETWORK_LOGGING = "disable-network-logging"; 104 public static final String COMMAND_INSTALL_HELPER_PACKAGE = "install-helper-package"; 105 public static final String COMMAND_UNINSTALL_HELPER_PACKAGE = "uninstall-helper-package"; 106 public static final String COMMAND_SET_PERMISSION_GRANT_STATE = "set-permission-grant-state"; 107 public static final String COMMAND_ADD_PERSISTENT_PREFERRED_ACTIVITIES = 108 "add-persistent-preferred-activities"; 109 public static final String COMMAND_CLEAR_PERSISTENT_PREFERRED_ACTIVITIES = 110 "clear-persistent-preferred-activities"; 111 public static final String COMMAND_CREATE_MANAGED_PROFILE = "create-managed-profile"; 112 public static final String COMMAND_REMOVE_MANAGED_PROFILE = "remove-managed-profile"; 113 public static final String COMMAND_SET_ALWAYS_ON_VPN = "set-always-on-vpn"; 114 public static final String COMMAND_CLEAR_ALWAYS_ON_VPN = "clear-always-on-vpn"; 115 public static final String COMMAND_SET_GLOBAL_HTTP_PROXY = "set-global-http-proxy"; 116 public static final String COMMAND_CLEAR_GLOBAL_HTTP_PROXY = "clear-global-http-proxy"; 117 public static final String COMMAND_INSTALL_CA_CERT = "install-ca-cert"; 118 public static final String COMMAND_CLEAR_CA_CERT = "clear-ca-cert"; 119 public static final String COMMAND_SET_MAXIMUM_PASSWORD_ATTEMPTS = 120 "set-maximum-password-attempts"; 121 public static final String COMMAND_CLEAR_MAXIMUM_PASSWORD_ATTEMPTS = 122 "clear-maximum-password-attempts"; 123 public static final String COMMAND_SET_DEFAULT_IME = "set-default-ime"; 124 public static final String COMMAND_CLEAR_DEFAULT_IME = "clear-default-ime"; 125 public static final String COMMAND_CREATE_MANAGED_USER = "create-managed-user"; 126 public static final String COMMAND_CREATE_MANAGED_USER_WITHOUT_SETUP = 127 "create-managed-user-without-setup"; 128 public static final String COMMAND_REMOVE_SECONDARY_USERS = "remove-secondary-users"; 129 public static final String COMMAND_WITH_USER_SWITCHER_MESSAGE = "with-user-switcher-message"; 130 public static final String COMMAND_WITHOUT_USER_SWITCHER_MESSAGE = 131 "without-user-switcher-message"; 132 public static final String COMMAND_ENABLE_LOGOUT = "enable-logout"; 133 public static final String COMMAND_DISABLE_USB_DATA_SIGNALING = "disable-usb-data-signaling"; 134 public static final String COMMAND_ENABLE_USB_DATA_SIGNALING = "enable-usb-data-signaling"; 135 public static final String COMMAND_SET_REQUIRED_PASSWORD_COMPLEXITY = 136 "set-required-password-complexity"; 137 public static final String COMMAND_SET_WIFI_SECURITY_LEVEL = "set-wifi-security-level"; 138 public static final String COMMAND_SET_SSID_ALLOWLIST = "set-ssid-allowlist"; 139 public static final String COMMAND_SET_SSID_DENYLIST = "set-ssid-denylist"; 140 public static final String COMMAND_CHECK_NEW_USER_DISCLAIMER = "check-new-user-disclaimer"; 141 142 public static final String EXTRA_USER_RESTRICTION = 143 "com.android.cts.verifier.managedprovisioning.extra.USER_RESTRICTION"; 144 public static final String EXTRA_USE_CURRENT_USER_DPM = 145 "com.android.cts.verifier.managedprovisioning.extra.USE_CURRENT_USER_DPM"; 146 public static final String EXTRA_SETTING = 147 "com.android.cts.verifier.managedprovisioning.extra.SETTING"; 148 // This extra can be used along with a command extra to set policy to 149 // specify if that policy is enforced or not. 150 public static final String EXTRA_ENFORCED = 151 "com.android.cts.verifier.managedprovisioning.extra.ENFORCED"; 152 public static final String EXTRA_VALUE = 153 "com.android.cts.verifier.managedprovisioning.extra.VALUE"; 154 public static final String EXTRA_ORGANIZATION_NAME = 155 "com.android.cts.verifier.managedprovisioning.extra.ORGANIZATION_NAME"; 156 public static final String EXTRA_PERMISSION = 157 "com.android.cts.verifier.managedprovisioning.extra.PERMISSION"; 158 public static final String EXTRA_GRANT_STATE = 159 "com.android.cts.verifier.managedprovisioning.extra.GRANT_STATE"; 160 161 // We care about installing and uninstalling only. It does not matter what apk is used. 162 // NotificationBot.apk is a good choice because it comes bundled with the CTS verifier. 163 protected static final String HELPER_APP_LOCATION = "/sdcard/NotificationBot.apk"; 164 protected static final String HELPER_APP_PKG = "com.android.cts.robot"; 165 166 public static final String ACTION_INSTALL_COMPLETE = 167 "com.android.cts.verifier.managedprovisioning.action.ACTION_INSTALL_COMPLETE"; 168 public static final String ACTION_UNINSTALL_COMPLETE = 169 "com.android.cts.verifier.managedprovisioning.action.ACTION_UNINSTALL_COMPLETE"; 170 171 /* 172 * The CA cert below is the content of cacert.pem as generated by: 173 * 174 * openssl req -new -x509 -days 3650 -extensions v3_ca -keyout cakey.pem -out cacert.pem 175 */ 176 private static final String TEST_CA = 177 "-----BEGIN CERTIFICATE-----\n" + 178 "MIIDXTCCAkWgAwIBAgIJAK9Tl/F9V8kSMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\n" + 179 "BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX\n" + 180 "aWRnaXRzIFB0eSBMdGQwHhcNMTUwMzA2MTczMjExWhcNMjUwMzAzMTczMjExWjBF\n" + 181 "MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50\n" + 182 "ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n" + 183 "CgKCAQEAvItOutsE75WBTgTyNAHt4JXQ3JoseaGqcC3WQij6vhrleWi5KJ0jh1/M\n" + 184 "Rpry7Fajtwwb4t8VZa0NuM2h2YALv52w1xivql88zce/HU1y7XzbXhxis9o6SCI+\n" + 185 "oVQSbPeXRgBPppFzBEh3ZqYTVhAqw451XhwdA4Aqs3wts7ddjwlUzyMdU44osCUg\n" + 186 "kVg7lfPf9sTm5IoHVcfLSCWH5n6Nr9sH3o2ksyTwxuOAvsN11F/a0mmUoPciYPp+\n" + 187 "q7DzQzdi7akRG601DZ4YVOwo6UITGvDyuAAdxl5isovUXqe6Jmz2/myTSpAKxGFs\n" + 188 "jk9oRoG6WXWB1kni490GIPjJ1OceyQIDAQABo1AwTjAdBgNVHQ4EFgQUH1QIlPKL\n" + 189 "p2OQ/AoLOjKvBW4zK3AwHwYDVR0jBBgwFoAUH1QIlPKLp2OQ/AoLOjKvBW4zK3Aw\n" + 190 "DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAcMi4voMMJHeQLjtq8Oky\n" + 191 "Azpyk8moDwgCd4llcGj7izOkIIFqq/lyqKdtykVKUWz2bSHO5cLrtaOCiBWVlaCV\n" + 192 "DYAnnVLM8aqaA6hJDIfaGs4zmwz0dY8hVMFCuCBiLWuPfiYtbEmjHGSmpQTG6Qxn\n" + 193 "ZJlaK5CZyt5pgh5EdNdvQmDEbKGmu0wpCq9qjZImwdyAul1t/B0DrsWApZMgZpeI\n" + 194 "d2od0VBrCICB1K4p+C51D93xyQiva7xQcCne+TAnGNy9+gjQ/MyR8MRpwRLv5ikD\n" + 195 "u0anJCN8pXo6IMglfMAsoton1J6o5/ae5uhC6caQU8bNUsCK570gpNfjkzo6rbP0\n" + 196 "wQ==\n" + 197 "-----END CERTIFICATE-----"; 198 199 private ComponentName mAdmin; 200 private DevicePolicyManager mDpm; 201 private UserManager mUm; 202 private ActivityManager mAm; 203 204 @Override onCreate(Bundle savedInstanceState)205 public void onCreate(Bundle savedInstanceState) { 206 super.onCreate(savedInstanceState); 207 final Intent intent = getIntent(); 208 try { 209 // On phones, the test runs on user 0, which is the Device Owner, but on headless system 210 // user mode it runs in a different user. 211 // Most DPM operations must be set on device owner user, but a few - like adding user 212 // restrictions - must be set in the current user. 213 boolean forDeviceOwner = !intent.getBooleanExtra(EXTRA_USE_CURRENT_USER_DPM, false); 214 mDpm = TestAppSystemServiceFactory.getDevicePolicyManager(this, 215 DeviceAdminTestReceiver.class, forDeviceOwner); 216 217 mUm = getSystemService(UserManager.class); 218 mAm = getSystemService(ActivityManager.class); 219 mAdmin = DeviceAdminTestReceiver.getReceiverComponentName(); 220 final String command = intent.getStringExtra(EXTRA_COMMAND); 221 Log.i(TAG, "Command: " + command + " forDeviceOwner: " + forDeviceOwner); 222 switch (command) { 223 case COMMAND_SET_USER_RESTRICTION: { 224 String restrictionKey = intent.getStringExtra(EXTRA_USER_RESTRICTION); 225 boolean enforced = intent.getBooleanExtra(EXTRA_ENFORCED, false); 226 Log.i(TAG, "Setting '" + restrictionKey + "'=" + enforced 227 + " using " + mDpm + " for user " 228 + (forDeviceOwner ? UserHandle.SYSTEM : UserHandle.myUserId())); 229 if (enforced) { 230 mDpm.addUserRestriction(mAdmin, restrictionKey); 231 } else { 232 mDpm.clearUserRestriction(mAdmin, restrictionKey); 233 } 234 } break; 235 case COMMAND_DISALLOW_KEYGUARD_UNREDACTED_NOTIFICATIONS: { 236 boolean enforced = intent.getBooleanExtra(EXTRA_ENFORCED, false); 237 mDpm.setKeyguardDisabledFeatures(mAdmin, enforced 238 ? DevicePolicyManager.KEYGUARD_DISABLE_UNREDACTED_NOTIFICATIONS 239 : 0); 240 } break; 241 case COMMAND_SET_AUTO_TIME_REQUIRED: { 242 mDpm.setAutoTimeRequired(mAdmin, 243 intent.getBooleanExtra(EXTRA_ENFORCED, false)); 244 break; 245 } 246 case COMMAND_SET_LOCK_SCREEN_INFO: { 247 mDpm.setDeviceOwnerLockScreenInfo(mAdmin, intent.getStringExtra(EXTRA_VALUE)); 248 break; 249 } 250 case COMMAND_SET_MAXIMUM_TO_LOCK: { 251 final long timeInSeconds = Long.parseLong(intent.getStringExtra(EXTRA_VALUE)); 252 mDpm.setMaximumTimeToLock(mAdmin, 253 TimeUnit.SECONDS.toMillis(timeInSeconds) /* in milliseconds */); 254 } break; 255 case COMMAND_SET_KEYGUARD_DISABLED: { 256 boolean enforced = intent.getBooleanExtra(EXTRA_ENFORCED, false); 257 KeyguardManager km = this.getSystemService(KeyguardManager.class); 258 if (km.isKeyguardSecure()) { 259 Toast.makeText(this, getString(R.string.device_owner_lockscreen_secure), 260 Toast.LENGTH_SHORT).show(); 261 } else { 262 mDpm.setKeyguardDisabled(mAdmin, enforced); 263 } 264 } break; 265 case COMMAND_SET_STATUSBAR_DISABLED: { 266 boolean enforced = intent.getBooleanExtra(EXTRA_ENFORCED, false); 267 Log.d(TAG, "calling setStatusBarDisabled(" + flattenToShortString(mAdmin) 268 + ", " + enforced + ") using " + mDpm + " on user " 269 + UserHandle.myUserId()); 270 mDpm.setStatusBarDisabled(mAdmin, enforced); 271 } break; 272 case COMMAND_SET_LOCK_TASK_FEATURES: { 273 int flags = intent.getIntExtra(EXTRA_VALUE, 274 DevicePolicyManager.LOCK_TASK_FEATURE_NONE); 275 mDpm.setLockTaskFeatures(mAdmin, flags); 276 // If feature HOME is used, we need to allow the current launcher 277 if ((flags & LOCK_TASK_FEATURE_HOME) != 0) { 278 mDpm.setLockTaskPackages(mAdmin, 279 new String[] {getPackageName(), getCurrentLauncherPackage()}); 280 } else { 281 mDpm.setLockTaskPackages(mAdmin, new String[] {getPackageName()}); 282 } 283 } break; 284 case COMMAND_ALLOW_ONLY_SYSTEM_INPUT_METHODS: { 285 boolean enforced = intent.getBooleanExtra(EXTRA_ENFORCED, false); 286 mDpm.setPermittedInputMethods(mAdmin, 287 enforced ? getEnabledNonSystemImes() : null); 288 } break; 289 case COMMAND_ALLOW_ONLY_SYSTEM_ACCESSIBILITY_SERVICES: { 290 boolean enforced = intent.getBooleanExtra(EXTRA_ENFORCED, false); 291 mDpm.setPermittedAccessibilityServices(mAdmin, 292 enforced ? new ArrayList() : null); 293 } break; 294 case COMMAND_SET_GLOBAL_SETTING: { 295 final String setting = intent.getStringExtra(EXTRA_SETTING); 296 final String value = intent.getStringExtra(EXTRA_VALUE); 297 Log.d(TAG, "Setting global property '" + setting + "' to '" + value 298 + "' using " + mDpm); 299 mDpm.setGlobalSetting(mAdmin, setting, value); 300 } break; 301 case COMMAND_REMOVE_DEVICE_OWNER: { 302 if (!mDpm.isDeviceOwnerApp(getPackageName())) { 303 Log.e(TAG, COMMAND_REMOVE_DEVICE_OWNER + ": " + getPackageName() 304 + " is not DO for user " + UserHandle.myUserId()); 305 return; 306 } 307 clearAllPoliciesAndRestrictions(); 308 Log.i(TAG, "Clearing device owner app " + getPackageName()); 309 mDpm.clearDeviceOwnerApp(getPackageName()); 310 311 if (UserManager.isHeadlessSystemUserMode()) { 312 Log.i(TAG, "Clearing profile owner app (" + mAdmin.flattenToString() 313 + " on user " + UserHandle.myUserId()); 314 DevicePolicyManager localDpm = getSystemService(DevicePolicyManager.class); 315 localDpm.clearProfileOwner(mAdmin); 316 } 317 318 } break; 319 case COMMAND_REQUEST_BUGREPORT: { 320 if (!mDpm.isDeviceOwnerApp(getPackageName())) { 321 Log.i(TAG, "Not requesting bugreport as " + getPackageName() + " is not a " 322 + "DO when asked to " + mDpm); 323 return; 324 } 325 Log.i(TAG, "Requesting a bugreport using " + mDpm); 326 final boolean bugreportStarted = mDpm.requestBugreport(mAdmin); 327 Log.i(TAG, "Bug report started: " + bugreportStarted); 328 if (!bugreportStarted) { 329 Utils.showBugreportNotification(this, getString( 330 R.string.bugreport_already_in_progress), 331 Utils.BUGREPORT_NOTIFICATION_ID); 332 } 333 } break; 334 case COMMAND_CLEAR_POLICIES: { 335 int mode = intent.getIntExtra(PolicyTransparencyTestListActivity.EXTRA_MODE, 336 PolicyTransparencyTestListActivity.MODE_DEVICE_OWNER); 337 if (mode == PolicyTransparencyTestListActivity.MODE_DEVICE_OWNER) { 338 if (!mDpm.isDeviceOwnerApp(getPackageName())) { 339 return; 340 } 341 clearAllPoliciesAndRestrictions(); 342 } else if (mode == PolicyTransparencyTestListActivity.MODE_MANAGED_PROFILE 343 || mode == PolicyTransparencyTestListActivity.MODE_MANAGED_USER) { 344 if (!mDpm.isProfileOwnerApp(getPackageName())) { 345 return; 346 } 347 clearProfileOwnerRelatedPoliciesAndRestrictions(mode); 348 } 349 // No policies need to be cleared for COMP at the moment. 350 } break; 351 case COMMAND_SET_USER_ICON: { 352 if (!mDpm.isDeviceOwnerApp(getPackageName())) { 353 return; 354 } 355 int iconRes = intent.getIntExtra(EXTRA_VALUE, 356 com.android.cts.verifier.R.drawable.icon); 357 mDpm.setUserIcon(mAdmin, BitmapFactory.decodeResource(getResources(), iconRes)); 358 } break; 359 case COMMAND_RETRIEVE_NETWORK_LOGS: { 360 if (!mDpm.isDeviceOwnerApp(getPackageName())) { 361 return; 362 } 363 mDpm.setNetworkLoggingEnabled(mAdmin, true); 364 mDpm.retrieveNetworkLogs(mAdmin, 0 /* batchToken */); 365 mDpm.setNetworkLoggingEnabled(mAdmin, false); 366 } break; 367 case COMMAND_RETRIEVE_SECURITY_LOGS: { 368 if (!mDpm.isDeviceOwnerApp(getPackageName())) { 369 return; 370 } 371 mDpm.setSecurityLoggingEnabled(mAdmin, true); 372 mDpm.retrieveSecurityLogs(mAdmin); 373 mDpm.setSecurityLoggingEnabled(mAdmin, false); 374 } break; 375 case COMMAND_SET_ORGANIZATION_NAME: { 376 if (!mDpm.isDeviceOwnerApp(getPackageName())) { 377 return; 378 } 379 mDpm.setOrganizationName(mAdmin, 380 intent.getStringExtra(EXTRA_ORGANIZATION_NAME)); 381 } break; 382 case COMMAND_ENABLE_NETWORK_LOGGING: { 383 if (!mDpm.isDeviceOwnerApp(getPackageName())) { 384 return; 385 } 386 mDpm.setNetworkLoggingEnabled(mAdmin, true); 387 } break; 388 case COMMAND_DISABLE_NETWORK_LOGGING: { 389 if (!mDpm.isDeviceOwnerApp(getPackageName())) { 390 return; 391 } 392 mDpm.setNetworkLoggingEnabled(mAdmin, false); 393 } break; 394 case COMMAND_INSTALL_HELPER_PACKAGE: { 395 installHelperPackage(); 396 } break; 397 case COMMAND_UNINSTALL_HELPER_PACKAGE: { 398 uninstallHelperPackage(); 399 } break; 400 case COMMAND_SET_PERMISSION_GRANT_STATE: { 401 String pkgName = getPackageName(); 402 String permission = intent.getStringExtra(EXTRA_PERMISSION); 403 int grantState = intent.getIntExtra(EXTRA_GRANT_STATE, 404 DevicePolicyManager.PERMISSION_GRANT_STATE_DEFAULT); 405 String action; 406 switch (grantState) { 407 case DevicePolicyManager.PERMISSION_GRANT_STATE_GRANTED: 408 action = "Granting " + permission; 409 break; 410 case DevicePolicyManager.PERMISSION_GRANT_STATE_DENIED: 411 action = "Denying " + permission; 412 break; 413 case DevicePolicyManager.PERMISSION_GRANT_STATE_DEFAULT: 414 action = "Setting " + permission + " to default state"; 415 break; 416 default: 417 action = "Setting grantState of " + permission + " to " + grantState; 418 } 419 Log.d(TAG, action + " to " + pkgName + " using " + mDpm); 420 int stateBefore = mDpm.getPermissionGrantState(mAdmin, pkgName, permission); 421 mDpm.setPermissionGrantState(mAdmin, pkgName, permission, grantState); 422 int stateAfter = mDpm.getPermissionGrantState(mAdmin, pkgName, permission); 423 Log.d(TAG, "Grant state: before=" + stateBefore + ", after=" + stateAfter); 424 } break; 425 case COMMAND_ADD_PERSISTENT_PREFERRED_ACTIVITIES: { 426 final ComponentName componentName = 427 EnterprisePrivacyTestDefaultAppActivity.COMPONENT_NAME; 428 IntentFilter filter; 429 // Camera 430 filter = new IntentFilter(); 431 filter.addAction(MediaStore.ACTION_IMAGE_CAPTURE); 432 filter.addAction(MediaStore.ACTION_VIDEO_CAPTURE); 433 mDpm.addPersistentPreferredActivity(mAdmin, filter, componentName); 434 // Map 435 filter = new IntentFilter(); 436 filter.addAction(Intent.ACTION_VIEW); 437 filter.addDataScheme("geo"); 438 mDpm.addPersistentPreferredActivity(mAdmin, filter, componentName); 439 // E-mail 440 filter = new IntentFilter(); 441 filter.addAction(Intent.ACTION_SENDTO); 442 filter.addAction(Intent.ACTION_SEND); 443 filter.addAction(Intent.ACTION_SEND_MULTIPLE); 444 mDpm.addPersistentPreferredActivity(mAdmin, filter, componentName); 445 // Calendar 446 filter = new IntentFilter(); 447 filter.addAction(Intent.ACTION_INSERT); 448 filter.addDataType("vnd.android.cursor.dir/event"); 449 mDpm.addPersistentPreferredActivity(mAdmin, filter, componentName); 450 // Contacts 451 filter = new IntentFilter(); 452 filter.addAction(Intent.ACTION_PICK); 453 filter.addDataType(ContactsContract.Contacts.CONTENT_TYPE); 454 mDpm.addPersistentPreferredActivity(mAdmin, filter, componentName); 455 // Dialer 456 filter = new IntentFilter(); 457 filter.addAction(Intent.ACTION_DIAL); 458 filter.addAction(Intent.ACTION_CALL); 459 mDpm.addPersistentPreferredActivity(mAdmin, filter, componentName); 460 getPackageManager().setComponentEnabledSetting(componentName, 461 PackageManager.COMPONENT_ENABLED_STATE_ENABLED, 462 PackageManager.DONT_KILL_APP); 463 } break; 464 case COMMAND_CLEAR_PERSISTENT_PREFERRED_ACTIVITIES: { 465 mDpm.clearPackagePersistentPreferredActivities(mAdmin, getPackageName()); 466 getPackageManager().setComponentEnabledSetting( 467 EnterprisePrivacyTestDefaultAppActivity.COMPONENT_NAME, 468 PackageManager.COMPONENT_ENABLED_STATE_DEFAULT, 469 PackageManager.DONT_KILL_APP); 470 } break; 471 case COMMAND_SET_ALWAYS_ON_VPN: { 472 if (!isDeviceOwnerAppOrEquivalent(getPackageName())) { 473 return; 474 } 475 mDpm.setAlwaysOnVpnPackage(mAdmin, getPackageName(), 476 false /* lockdownEnabled */); 477 } break; 478 case COMMAND_CLEAR_ALWAYS_ON_VPN: { 479 if (!isDeviceOwnerAppOrEquivalent(getPackageName())) { 480 return; 481 } 482 mDpm.setAlwaysOnVpnPackage(mAdmin, null /* vpnPackage */, 483 false /* lockdownEnabled */); 484 } break; 485 case COMMAND_SET_GLOBAL_HTTP_PROXY: { 486 if (!mDpm.isDeviceOwnerApp(getPackageName())) { 487 return; 488 } 489 mDpm.setRecommendedGlobalProxy(mAdmin, 490 ProxyInfo.buildDirectProxy("example.com", 123)); 491 } break; 492 case COMMAND_CLEAR_GLOBAL_HTTP_PROXY: { 493 if (!mDpm.isDeviceOwnerApp(getPackageName())) { 494 return; 495 } 496 mDpm.setRecommendedGlobalProxy(mAdmin, null); 497 } break; 498 case COMMAND_INSTALL_CA_CERT: { 499 if (!isDeviceOwnerAppOrEquivalent(getPackageName())) { 500 return; 501 } 502 mDpm.installCaCert(mAdmin, TEST_CA.getBytes()); 503 } break; 504 case COMMAND_CLEAR_CA_CERT: { 505 if (!isDeviceOwnerAppOrEquivalent(getPackageName())) { 506 return; 507 } 508 mDpm.uninstallCaCert(mAdmin, TEST_CA.getBytes()); 509 } break; 510 case COMMAND_SET_MAXIMUM_PASSWORD_ATTEMPTS: { 511 if (!isDeviceOwner()) return; 512 int max = 100; 513 Log.d(TAG, "Setting maximum password attempts to " + max + " using" + mDpm); 514 mDpm.setMaximumFailedPasswordsForWipe(mAdmin, max); 515 } break; 516 case COMMAND_CLEAR_MAXIMUM_PASSWORD_ATTEMPTS: { 517 if (!isDeviceOwner()) return; 518 Log.d(TAG, "Clearing maximum password attempts using" + mDpm); 519 mDpm.setMaximumFailedPasswordsForWipe(mAdmin, 0); 520 } break; 521 case COMMAND_SET_DEFAULT_IME: { 522 if (!isDeviceOwner()) return; 523 Log.d(TAG, "Setting " + Settings.Secure.DEFAULT_INPUT_METHOD + " using " 524 + mDpm); 525 mDpm.setSecureSetting(mAdmin, Settings.Secure.DEFAULT_INPUT_METHOD, 526 getPackageName()); 527 } break; 528 case COMMAND_CLEAR_DEFAULT_IME: { 529 if (!isDeviceOwner()) return; 530 Log.d(TAG, "Clearing " + Settings.Secure.DEFAULT_INPUT_METHOD + " using " 531 + mDpm); 532 mDpm.setSecureSetting(mAdmin, Settings.Secure.DEFAULT_INPUT_METHOD, null); 533 } break; 534 case COMMAND_CREATE_MANAGED_USER:{ 535 if (!mDpm.isDeviceOwnerApp(getPackageName())) { 536 return; 537 } 538 PersistableBundle extras = new PersistableBundle(); 539 extras.putBoolean(DeviceAdminTestReceiver.EXTRA_MANAGED_USER_TEST, true); 540 UserHandle userHandle = mDpm.createAndManageUser(mAdmin, "managed user", mAdmin, 541 extras, 542 SKIP_SETUP_WIZARD | MAKE_USER_EPHEMERAL); 543 Log.i(TAG, "Created user " + userHandle + "; setting affiliation ids to " 544 + DeviceAdminTestReceiver.AFFILIATION_ID); 545 mDpm.setAffiliationIds(mAdmin, 546 Collections.singleton(DeviceAdminTestReceiver.AFFILIATION_ID)); 547 // TODO(b/204483021): move to helper class / restore after user is logged out 548 if (UserManager.isHeadlessSystemUserMode()) { 549 mAm.setStopUserOnSwitch(ActivityManager.STOP_USER_ON_SWITCH_FALSE); 550 } 551 Log.d(TAG, "Starting user " + userHandle); 552 mDpm.startUserInBackground(mAdmin, userHandle); 553 } break; 554 case COMMAND_CREATE_MANAGED_USER_WITHOUT_SETUP:{ 555 if (!mDpm.isDeviceOwnerApp(getPackageName())) { 556 return; 557 } 558 PersistableBundle extras = new PersistableBundle(); 559 extras.putBoolean(DeviceAdminTestReceiver.EXTRA_MANAGED_USER_TEST, true); 560 mDpm.createAndManageUser(mAdmin, "managed user", mAdmin, extras, /* flags */ 0); 561 } break; 562 case COMMAND_REMOVE_SECONDARY_USERS: { 563 if (!mDpm.isDeviceOwnerApp(getPackageName())) { 564 return; 565 } 566 for (UserHandle secondaryUser : mDpm.getSecondaryUsers(mAdmin)) { 567 mDpm.removeUser(mAdmin, secondaryUser); 568 } 569 } break; 570 case COMMAND_WITH_USER_SWITCHER_MESSAGE: { 571 createAndSwitchUserWithMessage("Start user session", "End user session"); 572 } break; 573 case COMMAND_WITHOUT_USER_SWITCHER_MESSAGE: { 574 createAndSwitchUserWithMessage(null, null); 575 } break; 576 case COMMAND_ENABLE_LOGOUT: { 577 if (!mDpm.isDeviceOwnerApp(getPackageName())) { 578 return; 579 } 580 mDpm.addUserRestriction(mAdmin, UserManager.DISALLOW_USER_SWITCH); 581 mDpm.setLogoutEnabled(mAdmin, true); 582 UserHandle userHandle = mDpm.createAndManageUser(mAdmin, "managed user", mAdmin, 583 null, SKIP_SETUP_WIZARD | MAKE_USER_EPHEMERAL); 584 mDpm.switchUser(mAdmin, userHandle); 585 } break; 586 case COMMAND_DISABLE_USB_DATA_SIGNALING: { 587 mDpm.setUsbDataSignalingEnabled(false); 588 break; 589 } 590 case COMMAND_ENABLE_USB_DATA_SIGNALING: { 591 mDpm.setUsbDataSignalingEnabled(true); 592 break; 593 } 594 case COMMAND_SET_REQUIRED_PASSWORD_COMPLEXITY: { 595 int complexity = intent.getIntExtra(EXTRA_VALUE, 596 DevicePolicyManager.PASSWORD_COMPLEXITY_NONE); 597 Log.d(TAG, "calling setRequiredPasswordComplexity(" + complexity + ")"); 598 mDpm.setRequiredPasswordComplexity(complexity); 599 } break; 600 case COMMAND_SET_WIFI_SECURITY_LEVEL: { 601 int level = intent.getIntExtra(EXTRA_VALUE, 602 DevicePolicyManager.WIFI_SECURITY_OPEN); 603 Log.d(TAG, "calling setWifiSecurityLevel(" + level + ")"); 604 mDpm.setMinimumRequiredWifiSecurityLevel(level); 605 } break; 606 case COMMAND_SET_SSID_ALLOWLIST: { 607 String ssid = intent.getStringExtra(EXTRA_VALUE); 608 WifiSsidPolicy policy; 609 if (ssid.isEmpty()) { 610 policy = null; 611 } else { 612 Set<WifiSsid> ssids = new ArraySet<>(Arrays.asList( 613 WifiSsid.fromBytes(ssid.getBytes(StandardCharsets.UTF_8)))); 614 policy = new WifiSsidPolicy( 615 WifiSsidPolicy.WIFI_SSID_POLICY_TYPE_ALLOWLIST, ssids); 616 } 617 mDpm.setWifiSsidPolicy(policy); 618 } break; 619 case COMMAND_SET_SSID_DENYLIST: { 620 String ssid = intent.getStringExtra(EXTRA_VALUE); 621 WifiSsidPolicy policy; 622 if (ssid.isEmpty()) { 623 policy = null; 624 } else { 625 Set<WifiSsid> ssids = new ArraySet<>(Arrays.asList( 626 WifiSsid.fromBytes(ssid.getBytes(StandardCharsets.UTF_8)))); 627 policy = new WifiSsidPolicy( 628 WifiSsidPolicy.WIFI_SSID_POLICY_TYPE_DENYLIST, ssids); 629 } 630 mDpm.setWifiSsidPolicy(policy); 631 } break; 632 } 633 } catch (Exception e) { 634 Log.e(TAG, "Failed to execute command: " + intent, e); 635 } finally { 636 finish(); 637 } 638 } 639 640 /** 641 * Checks if {@code CtsVerifier} is the device owner. 642 */ isDeviceOwner()643 private boolean isDeviceOwner() { 644 // Cannot use mDpm as it would be the DPM of the current user on headless system user mode, 645 // which would return false 646 DevicePolicyManager dpm = TestAppSystemServiceFactory.getDevicePolicyManager(this, 647 DeviceAdminTestReceiver.class, /* forDeviceOwner= */ true); 648 boolean isIt = dpm.isDeviceOwnerApp(getPackageName()); 649 Log.v(TAG, "is " + getPackageName() + " DO, using " + dpm + "? " + isIt); 650 return isIt; 651 } 652 653 /** 654 * Checks if the {@code packageName} is a device owner app, or a profile owner app in the 655 * headless system user mode. 656 */ isDeviceOwnerAppOrEquivalent(String packageName)657 private boolean isDeviceOwnerAppOrEquivalent(String packageName) { 658 return mDpm.isDeviceOwnerApp(packageName) 659 || (UserManager.isHeadlessSystemUserMode() && mDpm.isProfileOwnerApp(packageName)); 660 } 661 installHelperPackage()662 private void installHelperPackage() throws Exception { 663 if (UserManager.isHeadlessSystemUserMode()) { 664 // App was already installed on user 0 (as instructed), so we just install it for the 665 // current user - installing directly to current user would be harder as it would 666 // require a custom ContentProvider to push the APK into a secondary user using adb 667 Log.i(TAG, "installing existing helper app (" + HELPER_APP_PKG + ") using " + mDpm); 668 mDpm.installExistingPackage(mAdmin, HELPER_APP_PKG); 669 return; 670 } 671 LogAndSelfUnregisterBroadcastReceiver.register(this, ACTION_INSTALL_COMPLETE); 672 final PackageInstaller packageInstaller = getPackageManager().getPackageInstaller(); 673 final PackageInstaller.Session session = packageInstaller.openSession( 674 packageInstaller.createSession(new PackageInstaller.SessionParams( 675 PackageInstaller.SessionParams.MODE_FULL_INSTALL))); 676 final File file = new File(HELPER_APP_LOCATION); 677 Log.i(TAG, "installing helper package from " + file); 678 final InputStream in = new FileInputStream(file); 679 final OutputStream out = session.openWrite("CommandReceiverActivity", 0, file.length()); 680 final byte[] buffer = new byte[65536]; 681 int count; 682 while ((count = in.read(buffer)) != -1) { 683 out.write(buffer, 0, count); 684 } 685 session.fsync(out); 686 in.close(); 687 out.close(); 688 session.commit(PendingIntent 689 .getBroadcast(this, 0, 690 new Intent(ACTION_INSTALL_COMPLETE).setPackage(getPackageName()), 691 PendingIntent.FLAG_MUTABLE) 692 .getIntentSender()); 693 } 694 uninstallHelperPackage()695 private void uninstallHelperPackage() { 696 LogAndSelfUnregisterBroadcastReceiver.register(this, ACTION_UNINSTALL_COMPLETE); 697 PackageInstaller packageInstaller = getPackageManager().getPackageInstaller(); 698 Log.i(TAG, "Uninstalling package " + HELPER_APP_PKG + " using " + packageInstaller); 699 try { 700 packageInstaller.uninstall(HELPER_APP_PKG, PendingIntent.getBroadcast(this, 701 /* requestCode= */ 0, 702 new Intent(ACTION_UNINSTALL_COMPLETE).setPackage(getPackageName()), 703 PendingIntent.FLAG_MUTABLE).getIntentSender()); 704 } catch (IllegalArgumentException e) { 705 // The package is not installed: that's fine 706 } 707 } 708 clearAllPoliciesAndRestrictions()709 private void clearAllPoliciesAndRestrictions() throws Exception { 710 Log.d(TAG, "clearAllPoliciesAndRestrictions() started"); 711 clearProfileOwnerRelatedPolicies(); 712 clearPolicyTransparencyUserRestriction( 713 PolicyTransparencyTestListActivity.MODE_DEVICE_OWNER); 714 715 // There are a few user restrictions that are used, but not for policy transparency 716 mDpm.clearUserRestriction(mAdmin, UserManager.DISALLOW_CONFIG_BLUETOOTH); 717 mDpm.clearUserRestriction(mAdmin, UserManager.DISALLOW_CONFIG_VPN); 718 mDpm.clearUserRestriction(mAdmin, UserManager.DISALLOW_DATA_ROAMING); 719 mDpm.clearUserRestriction(mAdmin, UserManager.DISALLOW_USER_SWITCH); 720 721 mDpm.setDeviceOwnerLockScreenInfo(mAdmin, null); 722 mDpm.setKeyguardDisabled(mAdmin, false); 723 mDpm.setAutoTimeRequired(mAdmin, false); 724 mDpm.setStatusBarDisabled(mAdmin, false); 725 mDpm.setOrganizationName(mAdmin, null); 726 mDpm.setNetworkLoggingEnabled(mAdmin, false); 727 mDpm.setSecurityLoggingEnabled(mAdmin, false); 728 mDpm.setPermissionGrantState(mAdmin, getPackageName(), 729 Manifest.permission.ACCESS_FINE_LOCATION, 730 DevicePolicyManager.PERMISSION_GRANT_STATE_DEFAULT); 731 mDpm.setPermissionGrantState(mAdmin, getPackageName(), Manifest.permission.RECORD_AUDIO, 732 DevicePolicyManager.PERMISSION_GRANT_STATE_DEFAULT); 733 mDpm.setPermissionGrantState(mAdmin, getPackageName(), Manifest.permission.CAMERA, 734 DevicePolicyManager.PERMISSION_GRANT_STATE_DEFAULT); 735 mDpm.clearPackagePersistentPreferredActivities(mAdmin, getPackageName()); 736 mDpm.setAlwaysOnVpnPackage(mAdmin, null, false); 737 mDpm.setRecommendedGlobalProxy(mAdmin, null); 738 mDpm.uninstallCaCert(mAdmin, TEST_CA.getBytes()); 739 mDpm.setMaximumFailedPasswordsForWipe(mAdmin, 0); 740 mDpm.setSecureSetting(mAdmin, Settings.Secure.DEFAULT_INPUT_METHOD, null); 741 mDpm.setStartUserSessionMessage(mAdmin, null); 742 mDpm.setEndUserSessionMessage(mAdmin, null); 743 mDpm.setLogoutEnabled(mAdmin, false); 744 745 uninstallHelperPackage(); 746 747 // Must wait until package is uninstalled to reset affiliation ids, otherwise the package 748 // cannot be removed on headless system user mode (as caller must be an affiliated PO) 749 Log.d(TAG, "resetting affiliation ids"); 750 mDpm.setAffiliationIds(mAdmin, Collections.emptySet()); 751 752 removeManagedProfile(); 753 getPackageManager().setComponentEnabledSetting( 754 EnterprisePrivacyTestDefaultAppActivity.COMPONENT_NAME, 755 PackageManager.COMPONENT_ENABLED_STATE_DEFAULT, 756 PackageManager.DONT_KILL_APP); 757 Log.d(TAG, "clearAllPoliciesAndRestrictions() finished"); 758 } 759 clearProfileOwnerRelatedPoliciesAndRestrictions(int mode)760 private void clearProfileOwnerRelatedPoliciesAndRestrictions(int mode) { 761 clearPolicyTransparencyUserRestriction(mode); 762 clearProfileOwnerRelatedPolicies(); 763 } 764 clearProfileOwnerRelatedPolicies()765 private void clearProfileOwnerRelatedPolicies() { 766 Log.d(TAG, "clearProfileOwnerRelatedPolicies() started"); 767 mDpm.setKeyguardDisabledFeatures(mAdmin, 0); 768 mDpm.setPasswordQuality(mAdmin, 0); 769 mDpm.setMaximumTimeToLock(mAdmin, 0); 770 mDpm.setPermittedAccessibilityServices(mAdmin, null); 771 mDpm.setPermittedInputMethods(mAdmin, null); 772 Log.d(TAG, "clearProfileOwnerRelatedPolicies() finished"); 773 } 774 clearPolicyTransparencyUserRestriction(int mode)775 private void clearPolicyTransparencyUserRestriction(int mode) { 776 for (String userRestriction : UserRestrictions.getUserRestrictionsForPolicyTransparency( 777 mode)) { 778 mDpm.clearUserRestriction(mAdmin, userRestriction); 779 } 780 } 781 removeManagedProfile()782 private void removeManagedProfile() { 783 for (UserHandle userHandle : mUm.getUserProfiles()) { 784 Log.d(TAG, "removing managed profile for " + userHandle); 785 mDpm.removeUser(mAdmin, userHandle); 786 } 787 } 788 789 /** 790 * Creates an intent to set the given user restriction using the device owner's {@code dpm}. 791 */ createSetDeviceOwnerUserRestrictionIntent(String restriction, boolean enforced)792 public static Intent createSetDeviceOwnerUserRestrictionIntent(String restriction, 793 boolean enforced) { 794 return createSetUserRestrictionIntent(restriction, enforced, /* currentUserDpm= */ false); 795 } 796 797 /** 798 * Creates an intent to set the given user restriction using the current user's {@code dpm}. 799 */ createSetCurrentUserRestrictionIntent(String restriction, boolean enforced)800 public static Intent createSetCurrentUserRestrictionIntent(String restriction, 801 boolean enforced) { 802 return createSetUserRestrictionIntent(restriction, enforced, /* currentUserDpm= */ true); 803 } 804 createSetUserRestrictionIntent(String restriction, boolean enforced, boolean forceCurrentUserDpm)805 private static Intent createSetUserRestrictionIntent(String restriction, boolean enforced, 806 boolean forceCurrentUserDpm) { 807 Log.d(TAG, "createSetUserRestrictionIntent(): restriction=" + restriction 808 + ", enforced=" + enforced + ", forceCurrentUserDpm=" + forceCurrentUserDpm); 809 Intent intent = new Intent(ACTION_EXECUTE_COMMAND); 810 if (forceCurrentUserDpm) { 811 intent.putExtra(EXTRA_USE_CURRENT_USER_DPM, true); 812 } 813 return intent 814 .putExtra(EXTRA_COMMAND, COMMAND_SET_USER_RESTRICTION) 815 .putExtra(EXTRA_USER_RESTRICTION, restriction) 816 .putExtra(EXTRA_ENFORCED, enforced); 817 } 818 getEnabledNonSystemImes()819 private List<String> getEnabledNonSystemImes() { 820 InputMethodManager inputMethodManager = getSystemService(InputMethodManager.class); 821 final List<InputMethodInfo> inputMethods = inputMethodManager.getEnabledInputMethodList(); 822 return inputMethods.stream() 823 .filter(inputMethodInfo -> !isSystemInputMethodInfo(inputMethodInfo)) 824 .map(inputMethodInfo -> inputMethodInfo.getPackageName()) 825 .filter(packageName -> !packageName.equals(getPackageName())) 826 .distinct() 827 .collect(Collectors.toList()); 828 } 829 isSystemInputMethodInfo(InputMethodInfo inputMethodInfo)830 private boolean isSystemInputMethodInfo(InputMethodInfo inputMethodInfo) { 831 final ApplicationInfo applicationInfo = inputMethodInfo.getServiceInfo().applicationInfo; 832 return (applicationInfo.flags & ApplicationInfo.FLAG_SYSTEM) != 0; 833 } 834 createAndSwitchUserWithMessage(String startUserSessionMessage, String endUserSessionMessage)835 private void createAndSwitchUserWithMessage(String startUserSessionMessage, 836 String endUserSessionMessage) { 837 if (!mDpm.isDeviceOwnerApp(getPackageName())) { 838 return; 839 } 840 mDpm.setStartUserSessionMessage(mAdmin, startUserSessionMessage); 841 mDpm.setEndUserSessionMessage(mAdmin, endUserSessionMessage); 842 mDpm.setAffiliationIds(mAdmin, 843 Collections.singleton(DeviceAdminTestReceiver.AFFILIATION_ID)); 844 845 PersistableBundle extras = new PersistableBundle(); 846 extras.putBoolean(DeviceAdminTestReceiver.EXTRA_LOGOUT_ON_START, true); 847 UserHandle userHandle = mDpm.createAndManageUser(mAdmin, "managed user", mAdmin, 848 extras, 849 SKIP_SETUP_WIZARD | MAKE_USER_EPHEMERAL); 850 // TODO(b/204483021): move to helper class / restore after user is logged out 851 if (UserManager.isHeadlessSystemUserMode()) { 852 mAm.setStopUserOnSwitch(ActivityManager.STOP_USER_ON_SWITCH_FALSE); 853 } 854 Log.d(TAG, "Switching to user " + userHandle); 855 mDpm.switchUser(mAdmin, userHandle); 856 } 857 getCurrentLauncherPackage()858 private String getCurrentLauncherPackage() { 859 ResolveInfo resolveInfo = getPackageManager() 860 .resolveActivity(new Intent(Intent.ACTION_MAIN) 861 .addCategory(Intent.CATEGORY_HOME), PackageManager.MATCH_DEFAULT_ONLY); 862 if (resolveInfo == null || resolveInfo.activityInfo == null) { 863 return null; 864 } 865 866 return resolveInfo.activityInfo.packageName; 867 } 868 createIntentForDisablingKeyguardOrStatusBar(Context context, String command, boolean disabled)869 static Intent createIntentForDisablingKeyguardOrStatusBar(Context context, String command, 870 boolean disabled) { 871 return new Intent(context, CommandReceiverActivity.class) 872 .putExtra(CommandReceiverActivity.EXTRA_USE_CURRENT_USER_DPM, true) 873 .putExtra(CommandReceiverActivity.EXTRA_COMMAND, command) 874 .putExtra(CommandReceiverActivity.EXTRA_ENFORCED, disabled); 875 } 876 } 877