Google Git
Sign in
android / platform / packages / apps / Email / d3c7c06^! / .
commitd3c7c06f0edb649d11ff9a39cc8aa390286f1a5f[log] [tgz]
authorMarc Blank <mblank@google.com>Fri Jul 13 14:20:49 2012 -0700
committerThe Android Automerger <android-build@android.com>Tue Jul 24 18:40:40 2012 -0700
tree19d623f046cc0d0205ed92bcb4debf77f827d3f4
parentc687ab7263146754db80be13d22fa3a9230848bc [diff]
Don't set DPM password expiration unless it has changed

* Because we push the expiration value frequently (not only when
  policies change, but also after alerting the user to change his
  settings), we're pushing this value further and further into
  the future.
* In the referenced bug, the data IS being deleted, but then the
  expiration is pushed out, putting us back into compliance with
  policies (wrongly), which leads to the data syncing right back
  again
* The fix is to only push the expiration when it has changed; the
  fix is trivial

Bug: 6813598
Change-Id: Ibd238813e3f2f25e7f1f176c31cb31d00874dba6

diff --git a/src/com/android/email/SecurityPolicy.java b/src/com/android/email/SecurityPolicy.java
index 82358b5..941b435 100644
--- a/src/com/android/email/SecurityPolicy.java
+++ b/src/com/android/email/SecurityPolicy.java

@@ -28,11 +28,9 @@
 import android.content.Intent;
 import android.content.OperationApplicationException;
 import android.database.Cursor;
-import android.net.Uri;
 import android.os.RemoteException;
 import android.util.Log;
 
-import com.android.email.provider.EmailProvider;
 import com.android.email.service.EmailBroadcastProcessorService;
 import com.android.emailcommon.Logging;
 import com.android.emailcommon.provider.Account;
@@ -462,8 +460,13 @@
             // local wipe (failed passwords limit)
             dpm.setMaximumFailedPasswordsForWipe(mAdminName, aggregatePolicy.mPasswordMaxFails);
             // password expiration (days until a password expires).  API takes mSec.
-            dpm.setPasswordExpirationTimeout(mAdminName,
-                    aggregatePolicy.getDPManagerPasswordExpirationTimeout());
+            long oldExpiration = dpm.getPasswordExpirationTimeout(mAdminName);
+            long newExpiration = aggregatePolicy.getDPManagerPasswordExpirationTimeout();
+            // we only set this if it has changed; otherwise, we're pushing out the existing
+            // expiration time!
+            if (oldExpiration != newExpiration) {
+                dpm.setPasswordExpirationTimeout(mAdminName, newExpiration);
+            }
             // password history length (number of previous passwords that may not be reused)
             dpm.setPasswordHistoryLength(mAdminName, aggregatePolicy.mPasswordHistory);
             // password minimum complex characters.