Retain FRP data when FR is invoked in Settings
* If the device is an organization-owned managed
profile device and a FRP policy is set, the
factory reset protection data is no longer
erased from factory reset in Settings.
Bug: 148847767
Test: manual testing
Change-Id: Iebaf2446f23626b24db37f5173dc77f9dee25ba9
diff --git a/src/com/android/settings/MasterClearConfirm.java b/src/com/android/settings/MasterClearConfirm.java
index 679f18f..cac18f7 100644
--- a/src/com/android/settings/MasterClearConfirm.java
+++ b/src/com/android/settings/MasterClearConfirm.java
@@ -22,6 +22,8 @@
import android.app.ActionBar;
import android.app.Activity;
import android.app.ProgressDialog;
+import android.app.admin.DevicePolicyManager;
+import android.app.admin.FactoryResetProtectionPolicy;
import android.app.settings.SettingsEnums;
import android.content.Context;
import android.content.Intent;
@@ -83,14 +85,9 @@
final PersistentDataBlockManager pdbManager = (PersistentDataBlockManager)
getActivity().getSystemService(Context.PERSISTENT_DATA_BLOCK_SERVICE);
- final OemLockManager oemLockManager = (OemLockManager)
- getActivity().getSystemService(Context.OEM_LOCK_SERVICE);
- if (pdbManager != null && !oemLockManager.isOemUnlockAllowed() &&
- WizardManagerHelper.isDeviceProvisioned(getActivity())) {
- // if OEM unlock is allowed, the persistent data block will be wiped during FR
- // process. If disabled, it will be wiped here, unless the device is still being
- // provisioned, in which case the persistent data block will be preserved.
+ if (shouldWipePersistentDataBlock(pdbManager)) {
+
new AsyncTask<Void, Void, Void>() {
int mOldOrientation;
ProgressDialog mProgressDialog;
@@ -140,6 +137,44 @@
}
};
+ @VisibleForTesting
+ boolean shouldWipePersistentDataBlock(PersistentDataBlockManager pdbManager) {
+ if (pdbManager == null) {
+ return false;
+ }
+ // The persistent data block will persist if the device is still being provisioned.
+ if (isDeviceStillBeingProvisioned()) {
+ return false;
+ }
+ // If OEM unlock is allowed, the persistent data block will be wiped during FR
+ // process. If disabled, it will be wiped here instead.
+ if (isOemUnlockedAllowed()) {
+ return false;
+ }
+ // Do not erase the factory reset protection data (from Settings) if the
+ // device is an organization-owned managed profile device and a factory
+ // reset protection policy has been set.
+ final DevicePolicyManager dpm = (DevicePolicyManager) getActivity()
+ .getSystemService(Context.DEVICE_POLICY_SERVICE);
+ FactoryResetProtectionPolicy frpPolicy = dpm.getFactoryResetProtectionPolicy(null);
+ if (dpm.isOrganizationOwnedDeviceWithManagedProfile() && frpPolicy != null
+ && frpPolicy.isNotEmpty()) {
+ return false;
+ }
+ return true;
+ }
+
+ @VisibleForTesting
+ boolean isOemUnlockedAllowed() {
+ return ((OemLockManager) getActivity().getSystemService(
+ Context.OEM_LOCK_SERVICE)).isOemUnlockAllowed();
+ }
+
+ @VisibleForTesting
+ boolean isDeviceStillBeingProvisioned() {
+ return !WizardManagerHelper.isDeviceProvisioned(getActivity());
+ }
+
private void doMasterClear() {
Intent intent = new Intent(Intent.ACTION_FACTORY_RESET);
intent.setPackage("android");