Renaming isCredentialSharedWithParent to isCredentialSharableWithParent Renaming isCredentialSharedWithParent to isCredentialSharableWithParent, as for work profile there is possibility to enroll its own credential. Bug: 222108271 Test: atest android.multiuser.cts.UserManagerTest atest LockSettingsServiceTests Change-Id: If343342d0a5e996cbd430a4063b25fbc4874c5c0

commit: ece66c411622bfa418c7c8d5d302ac276b34c1dd [log] [tgz]
author: Sarup Dalwani <sarup@google.com> Wed Mar 02 19:02:43 2022 +0000
committer: Sarup Dalwani <sarup@google.com> Thu Mar 03 17:23:49 2022 +0000
tree: 732e1fd868a602b793d4d1b770e2fd489277d79b
parent: a83af165281cae17c30e776abb83df3bb2e524de [diff]
diff --git a/core/api/system-current.txt b/core/api/system-current.txt
index 8431ac6..9b04b23 100644
--- a/core/api/system-current.txt
+++ b/core/api/system-current.txt

@@ -9808,7 +9808,7 @@
     method @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.INTERACT_ACROSS_USERS}, conditional=true) public boolean hasUserRestrictionForUser(@NonNull String, @NonNull android.os.UserHandle);
     method @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.CREATE_USERS, android.Manifest.permission.QUERY_USERS}) public boolean isAdminUser();
     method public boolean isCloneProfile();
-    method public boolean isCredentialSharedWithParent();
+    method public boolean isCredentialSharableWithParent();
     method @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.CREATE_USERS, android.Manifest.permission.QUERY_USERS}) public boolean isGuestUser();
     method @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.QUERY_USERS, android.Manifest.permission.INTERACT_ACROSS_USERS}, conditional=true) public boolean isManagedProfile(int);
     method @RequiresPermission(anyOf={android.Manifest.permission.MANAGE_USERS, android.Manifest.permission.INTERACT_ACROSS_USERS}, conditional=true) public boolean isMediaSharedWithParent();

diff --git a/core/java/android/os/IUserManager.aidl b/core/java/android/os/IUserManager.aidl
index 39ca596..3cde031 100644
--- a/core/java/android/os/IUserManager.aidl
+++ b/core/java/android/os/IUserManager.aidl

@@ -109,7 +109,7 @@
     boolean someUserHasAccount(in String accountName, in String accountType);
     String getProfileType(int userId);
     boolean isMediaSharedWithParent(int userId);
-    boolean isCredentialSharedWithParent(int userId);
+    boolean isCredentialSharableWithParent(int userId);
     boolean isDemoUser(int userId);
     boolean isPreCreated(int userId);
     UserInfo createProfileForUserEvenWhenDisallowedWithThrow(in String name, in String userType, int flags,

diff --git a/core/java/android/os/UserManager.java b/core/java/android/os/UserManager.java
index e56f214..85eddcc 100644
--- a/core/java/android/os/UserManager.java
+++ b/core/java/android/os/UserManager.java

@@ -4759,7 +4759,7 @@
     }
 
     /**
-     * Returns {@code true} if the user shares lock settings credential with its parent user
+     * Returns whether the user can have shared lockscreen credential with its parent user.
      *
      * This API only works for {@link UserManager#isProfile() profiles}
      * and will always return false for any other user type.
@@ -4772,9 +4772,9 @@
                     Manifest.permission.MANAGE_USERS,
                     Manifest.permission.INTERACT_ACROSS_USERS})
     @SuppressAutoDoc
-    public boolean isCredentialSharedWithParent() {
+    public boolean isCredentialSharableWithParent() {
         try {
-            return mService.isCredentialSharedWithParent(mUserId);
+            return mService.isCredentialSharableWithParent(mUserId);
         } catch (RemoteException re) {
             throw re.rethrowFromSystemServer();
         }

diff --git a/core/java/com/android/internal/widget/LockPatternUtils.java b/core/java/com/android/internal/widget/LockPatternUtils.java
index adb0124..7acfa32 100644
--- a/core/java/com/android/internal/widget/LockPatternUtils.java
+++ b/core/java/com/android/internal/widget/LockPatternUtils.java

@@ -39,7 +39,6 @@
 import android.content.pm.UserInfo;
 import android.os.Build;
 import android.os.Handler;
-import android.os.IBinder;
 import android.os.Looper;
 import android.os.Message;
 import android.os.RemoteException;
@@ -47,7 +46,6 @@
 import android.os.SystemClock;
 import android.os.UserHandle;
 import android.os.UserManager;
-import android.os.storage.IStorageManager;
 import android.os.storage.StorageManager;
 import android.provider.Settings;
 import android.text.TextUtils;
@@ -794,7 +792,7 @@
      */
     public void setSeparateProfileChallengeEnabled(int userHandle, boolean enabled,
             LockscreenCredential profilePassword) {
-        if (!isCredentialSharedWithParent(userHandle)) {
+        if (!isCredentialSharableWithParent(userHandle)) {
             return;
         }
         try {
@@ -810,7 +808,7 @@
      * Returns true if {@code userHandle} is a managed profile with separate challenge.
      */
     public boolean isSeparateProfileChallengeEnabled(int userHandle) {
-        return isCredentialSharedWithParent(userHandle) && hasSeparateChallenge(userHandle);
+        return isCredentialSharableWithParent(userHandle) && hasSeparateChallenge(userHandle);
     }
 
     /**
@@ -835,8 +833,8 @@
         return info != null && info.isManagedProfile();
     }
 
-    private boolean isCredentialSharedWithParent(int userHandle) {
-        return getUserManager(userHandle).isCredentialSharedWithParent();
+    private boolean isCredentialSharableWithParent(int userHandle) {
+        return getUserManager(userHandle).isCredentialSharableWithParent();
     }
 
     /**

diff --git a/services/core/java/com/android/server/am/UserController.java b/services/core/java/com/android/server/am/UserController.java
index 1095cf0..6723e61 100644
--- a/services/core/java/com/android/server/am/UserController.java
+++ b/services/core/java/com/android/server/am/UserController.java

@@ -2613,7 +2613,7 @@
         if (getStartedUserState(userId) == null) {
             return false;
         }
-        if (!mInjector.getUserManager().isCredentialSharedWithParent(userId)) {
+        if (!mInjector.getUserManager().isCredentialSharableWithParent(userId)) {
             return false;
         }
         if (mLockPatternUtils.isSeparateProfileChallengeEnabled(userId)) {

diff --git a/services/core/java/com/android/server/locksettings/LockSettingsService.java b/services/core/java/com/android/server/locksettings/LockSettingsService.java
index 89c2be7..436cc69 100644
--- a/services/core/java/com/android/server/locksettings/LockSettingsService.java
+++ b/services/core/java/com/android/server/locksettings/LockSettingsService.java

@@ -371,7 +371,7 @@
             LockscreenCredential profileUserPassword) {
         if (DEBUG) Slog.v(TAG, "Check child profile lock for user: " + profileUserId);
         // Only for profiles that shares credential with parent
-        if (!isCredentialSharedWithParent(profileUserId)) {
+        if (!isCredentialSharableWithParent(profileUserId)) {
             return;
         }
         // Do not tie profile when work challenge is enabled
@@ -785,7 +785,7 @@
     private void ensureProfileKeystoreUnlocked(int userId) {
         final KeyStore ks = KeyStore.getInstance();
         if (ks.state(userId) == KeyStore.State.LOCKED
-                && isCredentialSharedWithParent(userId)
+                && isCredentialSharableWithParent(userId)
                 && hasUnifiedChallenge(userId)) {
             Slog.i(TAG, "Profile got unlocked, will unlock its keystore");
             // If boot took too long and the password in vold got expired, parent keystore will
@@ -806,7 +806,7 @@
                 // Hide notification first, as tie managed profile lock takes time
                 hideEncryptionNotification(new UserHandle(userId));
 
-                if (isCredentialSharedWithParent(userId)) {
+                if (isCredentialSharableWithParent(userId)) {
                     tieProfileLockIfNecessary(userId, LockscreenCredential.createNone());
                 }
 
@@ -1073,7 +1073,7 @@
         final int userCount = users.size();
         for (int i = 0; i < userCount; i++) {
             UserInfo user = users.get(i);
-            if (isCredentialSharedWithParent(user.id)
+            if (isCredentialSharableWithParent(user.id)
                     && !getSeparateProfileChallengeEnabledInternal(user.id)) {
                 success &= SyntheticPasswordCrypto.migrateLockSettingsKey(
                         PROFILE_KEY_NAME_ENCRYPT + user.id);
@@ -1467,7 +1467,7 @@
             Thread.currentThread().interrupt();
         }
 
-        if (isCredentialSharedWithParent(userId)) {
+        if (isCredentialSharableWithParent(userId)) {
             if (!hasUnifiedChallenge(userId)) {
                 mBiometricDeferredQueue.processPendingLockoutResets();
             }
@@ -1476,7 +1476,7 @@
 
         for (UserInfo profile : mUserManager.getProfiles(userId)) {
             if (profile.id == userId) continue;
-            if (!isCredentialSharedWithParent(profile.id)) continue;
+            if (!isCredentialSharableWithParent(profile.id)) continue;
 
             if (hasUnifiedChallenge(profile.id)) {
                 if (mUserManager.isUserRunning(profile.id)) {
@@ -1513,7 +1513,7 @@
     }
 
     private Map<Integer, LockscreenCredential> getDecryptedPasswordsForAllTiedProfiles(int userId) {
-        if (isCredentialSharedWithParent(userId)) {
+        if (isCredentialSharableWithParent(userId)) {
             return null;
         }
         Map<Integer, LockscreenCredential> result = new ArrayMap<>();
@@ -1521,7 +1521,7 @@
         final int size = profiles.size();
         for (int i = 0; i < size; i++) {
             final UserInfo profile = profiles.get(i);
-            if (!isCredentialSharedWithParent(profile.id)) {
+            if (!isCredentialSharableWithParent(profile.id)) {
                 continue;
             }
             final int profileUserId = profile.id;
@@ -1556,7 +1556,7 @@
      */
     private void synchronizeUnifiedWorkChallengeForProfiles(int userId,
             Map<Integer, LockscreenCredential> profilePasswordMap) {
-        if (isCredentialSharedWithParent(userId)) {
+        if (isCredentialSharableWithParent(userId)) {
             return;
         }
         final boolean isSecure = isUserSecure(userId);
@@ -1565,7 +1565,7 @@
         for (int i = 0; i < size; i++) {
             final UserInfo profile = profiles.get(i);
             final int profileUserId = profile.id;
-            if (isCredentialSharedWithParent(profileUserId)) {
+            if (isCredentialSharableWithParent(profileUserId)) {
                 if (getSeparateProfileChallengeEnabledInternal(profileUserId)) {
                     continue;
                 }
@@ -1592,12 +1592,12 @@
     }
 
     private boolean isProfileWithUnifiedLock(int userId) {
-        return isCredentialSharedWithParent(userId)
+        return isCredentialSharableWithParent(userId)
                 && !getSeparateProfileChallengeEnabledInternal(userId);
     }
 
     private boolean isProfileWithSeparatedLock(int userId) {
-        return isCredentialSharedWithParent(userId)
+        return isCredentialSharableWithParent(userId)
                 && getSeparateProfileChallengeEnabledInternal(userId);
     }
 
@@ -1715,7 +1715,7 @@
                 setSeparateProfileChallengeEnabledLocked(userId, true, /* unused */ null);
                 notifyPasswordChanged(credential, userId);
             }
-            if (isCredentialSharedWithParent(userId)) {
+            if (isCredentialSharableWithParent(userId)) {
                 // Make sure the profile doesn't get locked straight after setting work challenge.
                 setDeviceUnlockedForUser(userId);
             }
@@ -1730,7 +1730,7 @@
 
     /**
      * @param savedCredential if the user is a profile with
-     * {@link UserManager#isCredentialSharedWithParent()} with unified challenge and
+     * {@link UserManager#isCredentialSharableWithParent()} with unified challenge and
      *   savedCredential is empty, LSS will try to re-derive the profile password internally.
      *     TODO (b/80170828): Fix this so profile password is always passed in.
      * @param isLockTiedToParent is {@code true} if {@code userId} is a profile and its new
@@ -1906,8 +1906,8 @@
         }
     }
 
-    protected boolean isCredentialSharedWithParent(int userId) {
-        return getUserManagerFromCache(userId).isCredentialSharedWithParent();
+    protected boolean isCredentialSharableWithParent(int userId) {
+        return getUserManagerFromCache(userId).isCredentialSharableWithParent();
     }
 
     private VerifyCredentialResponse convertResponse(GateKeeperResponse gateKeeperResponse) {
@@ -2157,7 +2157,7 @@
         final List<UserInfo> profiles = mUserManager.getProfiles(userId);
         for (UserInfo pi : profiles) {
             // Unlock profile which shares credential with parent with unified lock
-            if (isCredentialSharedWithParent(pi.id)
+            if (isCredentialSharableWithParent(pi.id)
                     && !getSeparateProfileChallengeEnabledInternal(pi.id)
                     && mStorage.hasChildProfileLock(pi.id)) {
                 try {
@@ -2480,7 +2480,7 @@
         mManagedProfilePasswordCache.removePassword(userId);
 
         gateKeeperClearSecureUserId(userId);
-        if (unknownUser || isCredentialSharedWithParent(userId)) {
+        if (unknownUser || isCredentialSharableWithParent(userId)) {
             removeKeystoreProfileKey(userId);
         }
         // Clean up storage last, this is to ensure that cleanupDataForReusedUserIdIfNecessary()
@@ -3200,7 +3200,7 @@
      * Returns a fixed pseudorandom byte string derived from the user's synthetic password.
      * This is used to salt the password history hash to protect the hash against offline
      * bruteforcing, since rederiving this value requires a successful authentication.
-     * If user is a profile with {@link UserManager#isCredentialSharedWithParent()} true and with
+     * If user is a profile with {@link UserManager#isCredentialSharableWithParent()} true and with
      * unified challenge, currentCredential is ignored.
      */
     @Override

diff --git a/services/core/java/com/android/server/pm/UserManagerService.java b/services/core/java/com/android/server/pm/UserManagerService.java
index fed214f..a58fe76 100644
--- a/services/core/java/com/android/server/pm/UserManagerService.java
+++ b/services/core/java/com/android/server/pm/UserManagerService.java

@@ -1557,13 +1557,13 @@
     }
 
     @Override
-    public boolean isCredentialSharedWithParent(@UserIdInt int userId) {
+    public boolean isCredentialSharableWithParent(@UserIdInt int userId) {
         checkManageOrInteractPermissionIfCallerInOtherProfileGroup(userId,
-                "isCredentialSharedWithParent");
+                "isCredentialSharableWithParent");
         synchronized (mUsersLock) {
             UserTypeDetails userTypeDetails = getUserTypeDetailsNoChecks(userId);
             return userTypeDetails != null && userTypeDetails.isProfile()
-                    && userTypeDetails.isCredentialSharedWithParent();
+                    && userTypeDetails.isCredentialSharableWithParent();
         }
     }
 

diff --git a/services/core/java/com/android/server/pm/UserTypeDetails.java b/services/core/java/com/android/server/pm/UserTypeDetails.java
index 2f5e238..4aad1a7 100644
--- a/services/core/java/com/android/server/pm/UserTypeDetails.java
+++ b/services/core/java/com/android/server/pm/UserTypeDetails.java

@@ -161,7 +161,7 @@
      *
      * <p> Default value is false
      */
-    private final boolean mIsCredentialSharedWithParent;
+    private final boolean mIsCredentialSharableWithParent;
 
     private UserTypeDetails(@NonNull String name, boolean enabled, int maxAllowed,
             @UserInfoFlag int baseType, @UserInfoFlag int defaultUserInfoPropertyFlags, int label,
@@ -174,7 +174,7 @@
             @Nullable Bundle defaultSecureSettings,
             @Nullable List<DefaultCrossProfileIntentFilter> defaultCrossProfileIntentFilters,
             boolean isMediaSharedWithParent,
-            boolean isCredentialSharedWithParent) {
+            boolean isCredentialSharableWithParent) {
         this.mName = name;
         this.mEnabled = enabled;
         this.mMaxAllowed = maxAllowed;
@@ -194,7 +194,7 @@
         this.mBadgeColors = badgeColors;
         this.mDarkThemeBadgeColors = darkThemeBadgeColors;
         this.mIsMediaSharedWithParent = isMediaSharedWithParent;
-        this.mIsCredentialSharedWithParent = isCredentialSharedWithParent;
+        this.mIsCredentialSharableWithParent = isCredentialSharableWithParent;
     }
 
     /**
@@ -323,8 +323,8 @@
      * Returns true if the user has shared encryption credential with parent user or
      * false otherwise.
      */
-    public boolean isCredentialSharedWithParent() {
-        return mIsCredentialSharedWithParent;
+    public boolean isCredentialSharableWithParent() {
+        return mIsCredentialSharableWithParent;
     }
 
     /** Returns a {@link Bundle} representing the default user restrictions. */
@@ -419,7 +419,7 @@
         private @DrawableRes int mBadgePlain = Resources.ID_NULL;
         private @DrawableRes int mBadgeNoBackground = Resources.ID_NULL;
         private boolean mIsMediaSharedWithParent = false;
-        private boolean mIsCredentialSharedWithParent = false;
+        private boolean mIsCredentialSharableWithParent = false;
 
         public Builder setName(String name) {
             mName = name;
@@ -521,10 +521,10 @@
 
         /**
          * Sets shared media property for the user.
-         * @param isCredentialSharedWithParent  the value to be set, true or false
+         * @param isCredentialSharableWithParent  the value to be set, true or false
          */
-        public Builder setIsCredentialSharedWithParent(boolean isCredentialSharedWithParent) {
-            mIsCredentialSharedWithParent = isCredentialSharedWithParent;
+        public Builder setIsCredentialSharableWithParent(boolean isCredentialSharableWithParent) {
+            mIsCredentialSharableWithParent = isCredentialSharableWithParent;
             return this;
         }
 
@@ -571,7 +571,7 @@
                     mDefaultSecureSettings,
                     mDefaultCrossProfileIntentFilters,
                     mIsMediaSharedWithParent,
-                    mIsCredentialSharedWithParent);
+                    mIsCredentialSharableWithParent);
         }
 
         private boolean hasBadge() {

diff --git a/services/core/java/com/android/server/pm/UserTypeFactory.java b/services/core/java/com/android/server/pm/UserTypeFactory.java
index 1e3b67c..cb18c6d 100644
--- a/services/core/java/com/android/server/pm/UserTypeFactory.java
+++ b/services/core/java/com/android/server/pm/UserTypeFactory.java

@@ -122,7 +122,7 @@
                 .setLabel(0)
                 .setDefaultRestrictions(null)
                 .setIsMediaSharedWithParent(true)
-                .setIsCredentialSharedWithParent(true);
+                .setIsCredentialSharableWithParent(true);
     }
 
     /**
@@ -154,7 +154,7 @@
                 .setDefaultRestrictions(getDefaultManagedProfileRestrictions())
                 .setDefaultSecureSettings(getDefaultManagedProfileSecureSettings())
                 .setDefaultCrossProfileIntentFilters(getDefaultManagedCrossProfileIntentFilter())
-                .setIsCredentialSharedWithParent(true);
+                .setIsCredentialSharableWithParent(true);
     }
 
     /**

diff --git a/services/tests/servicestests/src/com/android/server/locksettings/LockSettingsServiceTestable.java b/services/tests/servicestests/src/com/android/server/locksettings/LockSettingsServiceTestable.java
index 21c09a0..1d10b8a 100644
--- a/services/tests/servicestests/src/com/android/server/locksettings/LockSettingsServiceTestable.java
+++ b/services/tests/servicestests/src/com/android/server/locksettings/LockSettingsServiceTestable.java

@@ -217,7 +217,7 @@
     }
 
     @Override
-    protected boolean isCredentialSharedWithParent(int userId) {
+    protected boolean isCredentialSharableWithParent(int userId) {
         UserInfo userInfo = mUserManager.getUserInfo(userId);
         return userInfo.isCloneProfile() || userInfo.isManagedProfile();
     }
commit	ece66c411622bfa418c7c8d5d302ac276b34c1dd	[log] [tgz]
author	Sarup Dalwani <sarup@google.com>	Wed Mar 02 19:02:43 2022 +0000
committer	Sarup Dalwani <sarup@google.com>	Thu Mar 03 17:23:49 2022 +0000
tree	732e1fd868a602b793d4d1b770e2fd489277d79b
parent	a83af165281cae17c30e776abb83df3bb2e524de [diff]