Properly store device policy user restrictions.

Bug: 299302474 Bug: 311687929 Test: btest "android.devicepolicy.cts.UserRestrictionsTest" && atest UserManagerServiceUserInfoTest#testWriteReadDevicePolicyUserRestrictions (cherry picked from commit 24202a9b15c17739f211ede23d2afbd3be59365b) (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:c747c3fd1a0111eb699b950e645080470f0cead8) Merged-In: I66159f362b45d4c9e322754ff272c373b2557812 Change-Id: I66159f362b45d4c9e322754ff272c373b2557812
author: Jason Parks <jparks@google.com> 2023-09-06 17:10:55 +0000
committer: Android Build Coastguard Worker <android-build-coastguard-worker@google.com> 2024-01-23 10:40:22 +0000
commit: 886650d9e41aae3714d8511cb36f142aa76d6572 (patch)
tree: eb95405bbcb558752881f5c1c3379ad6a0e61238
parent: 003818d9ed4cd0cb4ead81833675a781cbd097f6 (diff)
download: base-886650d9e41aae3714d8511cb36f142aa76d6572.tar.gz
2 files changed, 40 insertions, 3 deletions
diff --git a/services/core/java/com/android/server/pm/UserManagerService.java b/services/core/java/com/android/server/pm/UserManagerService.java
index b03fb31fbb1e..cc2f679ea46a 100644
--- a/services/core/java/com/android/server/pm/UserManagerService.java
+++ b/services/core/java/com/android/server/pm/UserManagerService.java
@@ -2667,7 +2667,8 @@ public class UserManagerService extends IUserManager.Stub {
         }
     }
 
-    private void setUserRestrictionInner(int userId, @NonNull String key, boolean value) {
+    @VisibleForTesting
+    void setUserRestrictionInner(int userId, @NonNull String key, boolean value) {
         if (!UserRestrictionsUtils.isValidRestriction(key)) {
             Slog.e(LOG_TAG, "Setting invalid restriction " + key);
             return;
@@ -4277,11 +4278,11 @@ public class UserManagerService extends IUserManager.Stub {
 
             UserRestrictionsUtils.writeRestrictions(serializer,
                     mDevicePolicyUserRestrictions.getRestrictions(UserHandle.USER_ALL),
-                    TAG_DEVICE_POLICY_RESTRICTIONS);
+                    TAG_DEVICE_POLICY_GLOBAL_RESTRICTIONS);
 
             UserRestrictionsUtils.writeRestrictions(serializer,
                     mDevicePolicyUserRestrictions.getRestrictions(userInfo.id),
-                    TAG_DEVICE_POLICY_RESTRICTIONS);
+                    TAG_DEVICE_POLICY_LOCAL_RESTRICTIONS);
         }
 
         if (userData.account != null) {
diff --git a/services/tests/servicestests/src/com/android/server/pm/UserManagerServiceUserInfoTest.java b/services/tests/servicestests/src/com/android/server/pm/UserManagerServiceUserInfoTest.java
index 2273fcd22b38..9f75cf8d552e 100644
--- a/services/tests/servicestests/src/com/android/server/pm/UserManagerServiceUserInfoTest.java
+++ b/services/tests/servicestests/src/com/android/server/pm/UserManagerServiceUserInfoTest.java
@@ -113,6 +113,42 @@ public class UserManagerServiceUserInfoTest {
         assertUserInfoEquals(data.info, read.info, /* parcelCopy= */ false);
     }
 
+    /** Tests that device policy restrictions are written/read properly. */
+    @Test
+    public void testWriteReadDevicePolicyUserRestrictions() throws Exception {
+        final String globalRestriction = UserManager.DISALLOW_FACTORY_RESET;
+        final String localRestriction = UserManager.DISALLOW_CONFIG_DATE_TIME;
+
+        UserData data = new UserData();
+        data.info = createUser(100, FLAG_FULL, "A type");
+
+        mUserManagerService.putUserInfo(data.info);
+
+        // Set a global and user restriction so they get written out to the user file.
+        setUserRestrictions(data.info.id, globalRestriction, localRestriction, true);
+
+        ByteArrayOutputStream baos = new ByteArrayOutputStream();
+        DataOutputStream out = new DataOutputStream(baos);
+        mUserManagerService.writeUserLP(data, out);
+        byte[] bytes = baos.toByteArray();
+
+        // Clear the restrictions to see if they are properly read in from the user file.
+        setUserRestrictions(data.info.id, globalRestriction, localRestriction, false);
+
+        mUserManagerService.readUserLP(data.info.id, new ByteArrayInputStream(bytes));
+        assertTrue(mUserManagerService.hasUserRestrictionOnAnyUser(globalRestriction));
+        assertTrue(mUserManagerService.hasUserRestrictionOnAnyUser(localRestriction));
+    }
+
+    /** Sets a global and local restriction and verifies they were set properly **/
+    private void setUserRestrictions(int id, String global, String local, boolean enabled) {
+        mUserManagerService.setUserRestrictionInner(UserHandle.USER_ALL, global, enabled);
+        assertEquals(mUserManagerService.hasUserRestrictionOnAnyUser(global), enabled);
+
+        mUserManagerService.setUserRestrictionInner(id, local, enabled);
+        assertEquals(mUserManagerService.hasUserRestrictionOnAnyUser(local), enabled);
+    }
+
     @Test
     public void testParcelUnparcelUserInfo() throws Exception {
         UserInfo info = createUser();
author	Jason Parks <jparks@google.com>	2023-09-06 17:10:55 +0000
committer	Android Build Coastguard Worker <android-build-coastguard-worker@google.com>	2024-01-23 10:40:22 +0000
commit	886650d9e41aae3714d8511cb36f142aa76d6572 (patch)
tree	eb95405bbcb558752881f5c1c3379ad6a0e61238
parent	003818d9ed4cd0cb4ead81833675a781cbd097f6 (diff)
download	base-886650d9e41aae3714d8511cb36f142aa76d6572.tar.gz