replicant-packages_apps_Email/provider_src/com/android/email/service/PolicyService.java
Martin Hibdon ce6916b32a Don't allow disabling of the camera with managed profiles
Change-Id: I2e6085084682b04ef7973bc433214b5b3ab2da79
2014-09-25 13:48:11 -07:00

124 lines
5.0 KiB
Java

/*
* Copyright (C) 2011 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.android.email.service;
import android.app.Service;
import android.app.admin.DevicePolicyManager;
import android.content.ComponentName;
import android.content.Context;
import android.content.Intent;
import android.os.IBinder;
import android.os.RemoteException;
import com.android.email.SecurityPolicy;
import com.android.emailcommon.provider.Policy;
import com.android.emailcommon.service.IPolicyService;
import com.android.mail.utils.LogTag;
import com.android.mail.utils.LogUtils;
public class PolicyService extends Service {
private static final String LOG_TAG = LogTag.getLogTag();
private SecurityPolicy mSecurityPolicy;
private Context mContext;
private final IPolicyService.Stub mBinder = new IPolicyService.Stub() {
@Override
public boolean isActive(Policy policy) {
try {
return mSecurityPolicy.isActive(policy);
} catch (RuntimeException e) {
// Catch, log and rethrow the exception, as otherwise when the exception is
// ultimately handled, the complete stack trace is losk
LogUtils.e(LOG_TAG, e, "Exception thrown during call to SecurityPolicy#isActive");
throw e;
}
}
@Override
public void setAccountHoldFlag(long accountId, boolean newState) {
SecurityPolicy.setAccountHoldFlag(mContext, accountId, newState);
}
@Override
public void remoteWipe() {
try {
mSecurityPolicy.remoteWipe();
} catch (RuntimeException e) {
// Catch, log and rethrow the exception, as otherwise when the exception is
// ultimately handled, the complete stack trace is losk
LogUtils.e(LOG_TAG, e, "Exception thrown during call to SecurityPolicy#remoteWipe");
throw e;
}
}
@Override
public void setAccountPolicy(long accountId, Policy policy, String securityKey) {
setAccountPolicy2(accountId, policy, securityKey, true /* notify */);
}
@Override
public void setAccountPolicy2(long accountId, Policy policy, String securityKey,
boolean notify) {
try {
mSecurityPolicy.setAccountPolicy(accountId, policy, securityKey, notify);
} catch (RuntimeException e) {
// Catch, log and rethrow the exception, as otherwise when the exception is
// ultimately handled, the complete stack trace is losk
LogUtils.e(LOG_TAG, e,
"Exception thrown from call to SecurityPolicy#setAccountPolicy");
throw e;
}
}
public boolean canDisableCamera() {
// TODO: This is not a clean way to do this, but there is not currently
// any api that can answer the question "will disabling the camera work?"
// We need to answer this question here so that we can tell the server what
// policies we are able to support, and only apply them after it confirms that
// our partial support is acceptable.
DevicePolicyManager dpm =
(DevicePolicyManager) mContext.getSystemService(Context.DEVICE_POLICY_SERVICE);
final ComponentName adminName = new ComponentName(mContext, SecurityPolicy.PolicyAdmin.class);
final boolean cameraDisabled = dpm.getCameraDisabled(adminName);
if (cameraDisabled) {
// The camera is already disabled, by this admin.
// Apparently we can support disabling the camera.
return true;
} else {
try {
dpm.setCameraDisabled(adminName, true);
dpm.setCameraDisabled(adminName, false);
} catch (SecurityException e) {
// Apparently we cannot support disabling the camera.
LogUtils.w(LOG_TAG, "SecurityException checking camera disabling.");
return false;
}
}
return true;
}
};
@Override
public IBinder onBind(Intent intent) {
// When we bind this service, save the context and SecurityPolicy singleton
mContext = this;
mSecurityPolicy = SecurityPolicy.getInstance(this);
return mBinder;
}
}