commit e9b397ff554f3ecf638fc74c97320ffd3591aec7
author TreeHugger Robot <treehugger-gerrit@google.com> Sat Oct 08 16:34:45 2022 +0000
committer Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> Sat Oct 08 16:34:45 2022 +0000
tree 7842bd6d4d863553024cdc8103c9c0c425733594
parent 3e8a3d4f9ff07093b0d50cdba714b42c51d4a99c
parent f76ce81e856e973114c853df7c52181623c2fba1

Merge "Stop managed profile owner granting READ_SMS" into qt-dev am: 62044e5099 am: 676cefb0ee am: 539fea38c2 am: e13c6379fb am: e456e2f66e am: fe2c3c269b am: e7253363d2 am: 4e8fadf947 am: 45ee517849 am: f76ce81e85

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/15982545

Change-Id: I2a3893cb130c38f8145c6212a6cabaf0ef613283
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

core/java/android/app/admin/DevicePolicyManager.java

diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java
index 34c91c3..8e09939 100644
--- a/core/java/android/app/admin/DevicePolicyManager.java
+++ b/core/java/android/app/admin/DevicePolicyManager.java
@@ -12150,6 +12150,15 @@
      * Attempts by the admin to grant these permissions, when the admin is restricted from doing
      * so, will be silently ignored (no exception will be thrown).
      *
+     * Control over the following permissions are restricted for managed profile owners:
+     * <ul>
+     *  <li>Manifest.permission.READ_SMS</li>
+     * </ul>
+     * <p>
+     * A managed profile owner may not grant these permissions (i.e. call this method with any of
+     * the permissions listed above and {@code grantState} of
+     * {@code #PERMISSION_GRANT_STATE_GRANTED}), but may deny them.
+     *
      * @param admin Which profile or device owner this request is associated with.
      * @param packageName The application to grant or revoke a permission to.
      * @param permission The permission to grant or revoke.