If the current device is a watch, fix DeviceOwner/ProfileOwner logic.
In this case, don't require the device to have gone through the
Setup Wizard before disqualifying DO/PO if there's an incompatible
account on the device.
BUG: 32438704,32438210
Change-Id: I6858db13c8df6e95d01d18a903f4343f70370e8b
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 3714495..96331e8 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -6144,6 +6144,9 @@
return hasUserSetupCompleted(UserHandle.getCallingUserId());
}
+ // This checks only if the Setup Wizard has run. Since Wear devices pair before
+ // completing Setup Wizard, and pairing involves transferring user data, calling
+ // logic may want to check mIsWatch or mPaired in addition to hasUserSetupCompleted().
private boolean hasUserSetupCompleted(int userHandle) {
if (!mHasFeature) {
return true;
@@ -6388,7 +6391,7 @@
}
int callingUid = mInjector.binderGetCallingUid();
if (callingUid == Process.SHELL_UID || callingUid == Process.ROOT_UID) {
- if (hasUserSetupCompleted(userHandle)
+ if ((mIsWatch || hasUserSetupCompleted(userHandle))
&& hasIncompatibleAccountsLocked(userHandle, owner)) {
throw new IllegalStateException("Not allowed to set the profile owner because "
+ "there are already some accounts on the profile");
@@ -6396,7 +6399,7 @@
return;
}
enforceCanManageProfileAndDeviceOwners();
- if (hasUserSetupCompleted(userHandle) && !isCallerWithSystemUid()) {
+ if ((mIsWatch || hasUserSetupCompleted(userHandle)) && !isCallerWithSystemUid()) {
throw new IllegalStateException("Cannot set the profile owner on a user which is "
+ "already set-up");
}
@@ -8633,6 +8636,9 @@
if (hasUserSetupCompleted(callingUserId)) {
return false;
}
+ if (mIsWatch && hasPaired(UserHandle.USER_SYSTEM)) {
+ return false;
+ }
return true;
} else if (DevicePolicyManager.ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE.equals(action)) {
if (!mInjector.userManagerIsSplitSystemUser()) {
@@ -8664,7 +8670,7 @@
}
if (isAdb) {
// if shell command runs after user setup completed check device status. Otherwise, OK.
- if (hasUserSetupCompleted(UserHandle.USER_SYSTEM)) {
+ if (mIsWatch || hasUserSetupCompleted(UserHandle.USER_SYSTEM)) {
if (!mInjector.userManagerIsSplitSystemUser()) {
if (mUserManager.getUserCount() > 1) {
return CODE_NONSYSTEM_USER_EXISTS;