From d512aeffd12d1d41458d5451e221066a2acb3104 Mon Sep 17 00:00:00 2001 From: Nick Khyl <1761190+nickkhyl@users.noreply.github.com> Date: Fri, 22 Nov 2024 12:56:29 -0600 Subject: [PATCH] mdm: update MDMSettings (and syspolicy) when application restrictions change (#571) In this PR, we update the Android app to register a broadcast receiver that listens for android.content.Intent.ACTION_APPLICATION_RESTRICTIONS_CHANGED and updates MDMSettings whenever a change occurs. This, in turn, notifies the Go backend and causes it to reload syspolicy, ensuring it reflects the updated MDM settings. Updates tailscale/tailscale#12687 Signed-off-by: Nick Khyl --- .../src/main/java/com/tailscale/ipn/App.kt | 8 +++++++ .../ipn/mdm/MDMSettingsChangedReceiver.kt | 21 +++++++++++++++++++ 2 files changed, 29 insertions(+) create mode 100644 android/src/main/java/com/tailscale/ipn/mdm/MDMSettingsChangedReceiver.kt diff --git a/android/src/main/java/com/tailscale/ipn/App.kt b/android/src/main/java/com/tailscale/ipn/App.kt index 6427e91..fde6541 100644 --- a/android/src/main/java/com/tailscale/ipn/App.kt +++ b/android/src/main/java/com/tailscale/ipn/App.kt @@ -26,6 +26,7 @@ import androidx.lifecycle.ViewModelStoreOwner import androidx.security.crypto.EncryptedSharedPreferences import androidx.security.crypto.MasterKey import com.tailscale.ipn.mdm.MDMSettings +import com.tailscale.ipn.mdm.MDMSettingsChangedReceiver import com.tailscale.ipn.ui.localapi.Client import com.tailscale.ipn.ui.localapi.Request import com.tailscale.ipn.ui.model.Ipn @@ -71,6 +72,7 @@ class App : UninitializedApp(), libtailscale.AppContext, ViewModelStoreOwner { val dns = DnsConfig() private lateinit var connectivityManager: ConnectivityManager + private lateinit var mdmChangeReceiver: MDMSettingsChangedReceiver private lateinit var app: libtailscale.Application override val viewModelStore: ViewModelStore @@ -101,6 +103,11 @@ class App : UninitializedApp(), libtailscale.AppContext, ViewModelStoreOwner { super.onCreate() appInstance = this setUnprotectedInstance(this) + + mdmChangeReceiver = MDMSettingsChangedReceiver() + val filter = IntentFilter(Intent.ACTION_APPLICATION_RESTRICTIONS_CHANGED) + registerReceiver(mdmChangeReceiver, filter) + createNotificationChannel( STATUS_CHANNEL_ID, getString(R.string.vpn_status), @@ -124,6 +131,7 @@ class App : UninitializedApp(), libtailscale.AppContext, ViewModelStoreOwner { notificationManager.cancelAll() applicationScope.cancel() viewModelStore.clear() + unregisterReceiver(mdmChangeReceiver) } @Volatile private var isInitialized = false diff --git a/android/src/main/java/com/tailscale/ipn/mdm/MDMSettingsChangedReceiver.kt b/android/src/main/java/com/tailscale/ipn/mdm/MDMSettingsChangedReceiver.kt new file mode 100644 index 0000000..b4d17b8 --- /dev/null +++ b/android/src/main/java/com/tailscale/ipn/mdm/MDMSettingsChangedReceiver.kt @@ -0,0 +1,21 @@ +// Copyright (c) Tailscale Inc & AUTHORS +// SPDX-License-Identifier: BSD-3-Clause + +package com.tailscale.ipn.mdm + +import android.content.BroadcastReceiver +import android.content.Context +import android.content.Intent +import android.content.RestrictionsManager +import com.tailscale.ipn.App +import com.tailscale.ipn.util.TSLog + +class MDMSettingsChangedReceiver : BroadcastReceiver() { + override fun onReceive(context: Context?, intent: Intent?) { + if (intent?.action == android.content.Intent.ACTION_APPLICATION_RESTRICTIONS_CHANGED) { + TSLog.d("syspolicy", "MDM settings changed") + val restrictionsManager = context?.getSystemService(Context.RESTRICTIONS_SERVICE) as RestrictionsManager + MDMSettings.update(App.get(), restrictionsManager) + } + } +} \ No newline at end of file