Merge "Add DevicePolicyManager.setBackupServiceEnabled as hidden API." into nyc-mr1-dev
diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java
index 688876c..d6a8dd0 100644
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -6493,4 +6493,35 @@
throw new SecurityException(functionName + " cannot be called on the parent instance");
}
}
+
+ /**
+ * @hide
+ * Enable backup service.
+ * <p>This includes all backup and restore mechanisms.
+ * Setting this to {@code false} will make backup service no-op or return empty results.
+ *
+ * <p>There must be only one user on the device, managed by the device owner.
+ * Otherwise a {@link SecurityException} will be thrown.
+ *
+ * <p>Backup service is off by default when device owner is present.
+ */
+ public void setBackupServiceEnabled(@NonNull ComponentName admin, boolean enabled) {
+ try {
+ mService.setBackupServiceEnabled(admin, enabled);
+ } catch (RemoteException re) {
+ throw re.rethrowFromSystemServer();
+ }
+ }
+
+ /**
+ * @hide
+ * @return {@code true} if backup service is enabled, {@code false} otherwise.
+ */
+ public boolean isBackupServiceEnabled(@NonNull ComponentName admin) {
+ try {
+ return mService.isBackupServiceEnabled(admin);
+ } catch (RemoteException re) {
+ throw re.rethrowFromSystemServer();
+ }
+ }
}
diff --git a/core/java/android/app/admin/IDevicePolicyManager.aidl b/core/java/android/app/admin/IDevicePolicyManager.aidl
index 1036f04..43c6230 100644
--- a/core/java/android/app/admin/IDevicePolicyManager.aidl
+++ b/core/java/android/app/admin/IDevicePolicyManager.aidl
@@ -305,4 +305,7 @@
boolean isDeviceProvisioned();
boolean isDeviceProvisioningConfigApplied();
void setDeviceProvisioningConfigApplied();
+
+ void setBackupServiceEnabled(in ComponentName admin, boolean enabled);
+ boolean isBackupServiceEnabled(in ComponentName admin);
}
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 777c0b3..5f431bc 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -497,9 +497,9 @@
new MonitoringCertNotificationTask().execute(userId);
}
if (Intent.ACTION_USER_ADDED.equals(action)) {
- disableSecurityLoggingIfNotCompliant();
+ disableDeviceOwnerManagedSingleUserFeaturesIfNeeded();
} else if (Intent.ACTION_USER_REMOVED.equals(action)) {
- disableSecurityLoggingIfNotCompliant();
+ disableDeviceOwnerManagedSingleUserFeaturesIfNeeded();
removeUserData(userHandle);
} else if (Intent.ACTION_USER_STARTED.equals(action)) {
synchronized (DevicePolicyManagerService.this) {
@@ -1712,7 +1712,7 @@
if (mOwners.hasDeviceOwner()) {
mInjector.systemPropertiesSet(PROPERTY_DEVICE_OWNER_PRESENT, "true");
Slog.i(LOG_TAG, "Set ro.device_owner property to true");
- disableSecurityLoggingIfNotCompliant();
+ disableDeviceOwnerManagedSingleUserFeaturesIfNeeded();
if (mInjector.securityLogGetLoggingEnabledProperty()) {
mSecurityLogMonitor.start();
}
@@ -5930,7 +5930,7 @@
mOwners.clearDeviceOwner();
mOwners.writeDeviceOwner();
updateDeviceOwnerLocked();
- disableSecurityLoggingIfNotCompliant();
+ disableDeviceOwnerManagedSingleUserFeaturesIfNeeded();
try {
// Reactivate backup service.
mInjector.getIBackupManager().setBackupServiceActive(UserHandle.USER_SYSTEM, true);
@@ -8904,10 +8904,12 @@
return false;
}
- private synchronized void disableSecurityLoggingIfNotCompliant() {
+ private synchronized void disableDeviceOwnerManagedSingleUserFeaturesIfNeeded() {
if (!isDeviceOwnerManagedSingleUserDevice()) {
mInjector.securityLogSetLoggingEnabledProperty(false);
Slog.w(LOG_TAG, "Security logging turned off as it's no longer a single user device.");
+ setBackupServiceEnabledInternal(false);
+ Slog.w(LOG_TAG, "Backup is off as it's a managed device that has more that one user.");
}
}
@@ -9208,4 +9210,46 @@
return false;
}
}
+
+ @Override
+ public void setBackupServiceEnabled(ComponentName admin, boolean enabled) {
+ Preconditions.checkNotNull(admin);
+ if (!mHasFeature) {
+ return;
+ }
+ ensureDeviceOwnerManagingSingleUser(admin);
+ setBackupServiceEnabledInternal(enabled);
+ }
+
+ private synchronized void setBackupServiceEnabledInternal(boolean enabled) {
+ long ident = mInjector.binderClearCallingIdentity();
+ try {
+ IBackupManager ibm = mInjector.getIBackupManager();
+ if (ibm != null) {
+ ibm.setBackupServiceActive(UserHandle.USER_SYSTEM, enabled);
+ }
+ } catch (RemoteException e) {
+ throw new IllegalStateException(
+ "Failed " + (enabled ? "" : "de") + "activating backup service.", e);
+ } finally {
+ mInjector.binderRestoreCallingIdentity(ident);
+ }
+ }
+
+ @Override
+ public boolean isBackupServiceEnabled(ComponentName admin) {
+ Preconditions.checkNotNull(admin);
+ if (!mHasFeature) {
+ return true;
+ }
+ synchronized (this) {
+ getActiveAdminForCallerLocked(admin, DeviceAdminInfo.USES_POLICY_DEVICE_OWNER);
+ try {
+ IBackupManager ibm = mInjector.getIBackupManager();
+ return ibm != null && ibm.isBackupServiceActive(UserHandle.USER_SYSTEM);
+ } catch (RemoteException e) {
+ throw new IllegalStateException("Failed requesting backup service state.", e);
+ }
+ }
+ }
}