Split DPM API to check current Wi-Fi network
Change validateCurrentWifiMeetsAdminRequirements to separate APIs for
SSID restriction and minimum security level restriction
Bug: 216628415
Test: atest DevicePolicyManagerTest
Change-Id: Ib0764d2d31a91934aa2acdc92ca2a5f61938139e
diff --git a/core/java/android/app/admin/WifiSsidPolicy.aidl b/core/java/android/app/admin/WifiSsidPolicy.aidl
new file mode 100644
index 0000000..150705d
--- /dev/null
+++ b/core/java/android/app/admin/WifiSsidPolicy.aidl
@@ -0,0 +1,20 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.app.admin;
+
+parcelable WifiSsidPolicy;
\ No newline at end of file
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 33e97aa..72c8515 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -213,6 +213,7 @@
import android.app.admin.SystemUpdateInfo;
import android.app.admin.SystemUpdatePolicy;
import android.app.admin.UnsafeStateException;
+import android.app.admin.WifiSsidPolicy;
import android.app.backup.IBackupManager;
import android.app.compat.CompatChanges;
import android.app.role.RoleManager;
@@ -268,6 +269,7 @@
import android.net.VpnManager;
import android.net.metrics.IpConnectivityLog;
import android.net.wifi.WifiManager;
+import android.net.wifi.WifiSsid;
import android.os.Binder;
import android.os.Build;
import android.os.Bundle;
@@ -388,6 +390,7 @@
import java.io.IOException;
import java.io.PrintWriter;
import java.lang.reflect.Constructor;
+import java.nio.charset.StandardCharsets;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
@@ -18524,9 +18527,21 @@
);
}
- private void validateCurrentWifiMeetsAdminRequirements() {
+ private void notifyMinimumRequiredWifiSecurityLevelChanged(int level) {
mInjector.binderWithCleanCallingIdentity(
- () -> mInjector.getWifiManager().validateCurrentWifiMeetsAdminRequirements());
+ () -> mInjector.getWifiManager()
+ .notifyMinimumRequiredWifiSecurityLevelChanged(level));
+ }
+
+ private void notifyWifiSsidPolicyChanged(int policyType, List<String> ssids) {
+ List<WifiSsid> wifiSsidList = new ArrayList<>();
+ for (String ssid : ssids) {
+ wifiSsidList.add(
+ WifiSsid.fromBytes(ssid.getBytes(StandardCharsets.UTF_8)));
+ }
+ WifiSsidPolicy policy = new WifiSsidPolicy(policyType, new ArraySet<>(wifiSsidList));
+ mInjector.binderWithCleanCallingIdentity(
+ () -> mInjector.getWifiManager().notifyWifiSsidPolicyChanged(policy));
}
@Override
@@ -18546,7 +18561,7 @@
valueChanged = true;
}
}
- if (valueChanged) validateCurrentWifiMeetsAdminRequirements();
+ if (valueChanged) notifyMinimumRequiredWifiSecurityLevelChanged(level);
}
@Override
@@ -18578,7 +18593,9 @@
}
if (changed) saveSettingsLocked(caller.getUserId());
}
- if (changed) validateCurrentWifiMeetsAdminRequirements();
+ if (changed && !ssids.isEmpty()) {
+ notifyWifiSsidPolicyChanged(WifiSsidPolicy.WIFI_SSID_POLICY_TYPE_ALLOWLIST, ssids);
+ }
}
@Override
@@ -18617,7 +18634,9 @@
}
if (changed) saveSettingsLocked(caller.getUserId());
}
- if (changed) validateCurrentWifiMeetsAdminRequirements();
+ if (changed) {
+ notifyWifiSsidPolicyChanged(WifiSsidPolicy.WIFI_SSID_POLICY_TYPE_DENYLIST, ssids);
+ }
}
@Override