diff options
| author | Ricky Wai <rickywai@google.com> | 2016-05-26 13:46:11 +0000 |
|---|---|---|
| committer | Android (Google) Code Review <android-gerrit@google.com> | 2016-05-26 13:46:12 +0000 |
| commit | 610fb8a3f2dcdc66dbc4e31d92a08cc249b5ca7b (patch) | |
| tree | c83f019b6b54c2569f0c7eadb8dc5061cd7aa6d2 | |
| parent | 19d34821b9c0a74d4269fff0bee87a7f486e1603 (diff) | |
| parent | 7b9eb419e35f12963eeea119b51a241146029b74 (diff) | |
Merge "Store work lock type even it uses unified lock" into nyc-dev
| -rw-r--r-- | services/core/java/com/android/server/LockSettingsService.java | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/services/core/java/com/android/server/LockSettingsService.java b/services/core/java/com/android/server/LockSettingsService.java index 1d8bb6b4d48c..bc5401215b03 100644 --- a/services/core/java/com/android/server/LockSettingsService.java +++ b/services/core/java/com/android/server/LockSettingsService.java @@ -235,6 +235,11 @@ public class LockSettingsService extends ILockSettings.Stub { randomLockSeed = SecureRandom.getInstance("SHA1PRNG").generateSeed(40); String newPassword = String.valueOf(HexEncoding.encode(randomLockSeed)); setLockPasswordInternal(newPassword, managedUserPassword, managedUserId); + // We store a private credential for the managed user that's unlocked by the primary + // account holder's credential. As such, the user will never be prompted to enter this + // password directly, so we always store a password. + setLong(LockPatternUtils.PASSWORD_TYPE_KEY, + DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC, managedUserId); tieProfileLockToParent(managedUserId, newPassword); } catch (NoSuchAlgorithmException | RemoteException e) { Slog.e(TAG, "Fail to tie managed profile", e); @@ -535,6 +540,30 @@ public class LockSettingsService extends ILockSettings.Stub { setString("migrated_lockscreen_disabled", "true", 0); Slog.i(TAG, "Migrated lockscreen disabled flag"); } + + final List<UserInfo> users = mUserManager.getUsers(); + for (int i = 0; i < users.size(); i++) { + final UserInfo userInfo = users.get(i); + if (userInfo.isManagedProfile() && mStorage.hasChildProfileLock(userInfo.id)) { + // When managed profile has a unified lock, the password quality stored has 2 + // possibilities only. + // 1). PASSWORD_QUALITY_UNSPECIFIED, which is upgraded from dp2, and we are + // going to set it back to PASSWORD_QUALITY_ALPHANUMERIC. + // 2). PASSWORD_QUALITY_ALPHANUMERIC, which is the actual password quality for + // unified lock. + final long quality = getLong(LockPatternUtils.PASSWORD_TYPE_KEY, + DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, userInfo.id); + if (quality == DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) { + // Only possible when it's upgraded from nyc dp3 + Slog.i(TAG, "Migrated tied profile lock type"); + setLong(LockPatternUtils.PASSWORD_TYPE_KEY, + DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC, userInfo.id); + } else if (quality != DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC) { + // It should not happen + Slog.e(TAG, "Invalid tied profile lock type: " + quality); + } + } + } } catch (RemoteException re) { Slog.e(TAG, "Unable to migrate old data", re); } |