DPMS: Fix Device Admin-related caller identity checks
When there's a Device Admin on a device with a work profile, two operations will fail: * Calling isActivePasswordSufficient from the work profile. * Trying to remove the Device Admin. isActivePasswordSufficient would fail because it uses an incorrect variant to check whether an admin is a Profile Owner. That variant fails when checking admins from the primary profile. getRemoveWarning fails because it incorrectly does not let the system (UID 1000) to call it. This CL fixes both issues. Bug: 173578428 Bug: 173481459 Test: Manual, with TestDPC: Create a work profile, add a Devide Admin on the primary profile, check that TestDPC can start and report password sufficiently correctly, then the Device Admin can be removed. Test: atest com.android.cts.devicepolicy.ManagedProfileTest Test: atest com.android.cts.devicepolicy.MixedManagedProfileOwnerTest#testResetPasswordWithToken Change-Id: Ie4665fc86fc17d116ffadde3e4e5732c71da13f7
Loading
Please register or sign in to comment