mdm: update MDMSettings (and syspolicy) when application restrictions change (#571)

In this PR, we update the Android app to register a broadcast receiver that listens
for android.content.Intent.ACTION_APPLICATION_RESTRICTIONS_CHANGED
and updates MDMSettings whenever a change occurs. This, in turn, notifies the
Go backend and causes it to reload syspolicy, ensuring it reflects the updated
MDM settings.

Updates tailscale/tailscale#12687

Signed-off-by: Nick Khyl <nickk@tailscale.com>
pull/572/head
Nick Khyl 5 days ago committed by GitHub
parent 463c70df2a
commit d512aeffd1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

@ -26,6 +26,7 @@ import androidx.lifecycle.ViewModelStoreOwner
import androidx.security.crypto.EncryptedSharedPreferences
import androidx.security.crypto.MasterKey
import com.tailscale.ipn.mdm.MDMSettings
import com.tailscale.ipn.mdm.MDMSettingsChangedReceiver
import com.tailscale.ipn.ui.localapi.Client
import com.tailscale.ipn.ui.localapi.Request
import com.tailscale.ipn.ui.model.Ipn
@ -71,6 +72,7 @@ class App : UninitializedApp(), libtailscale.AppContext, ViewModelStoreOwner {
val dns = DnsConfig()
private lateinit var connectivityManager: ConnectivityManager
private lateinit var mdmChangeReceiver: MDMSettingsChangedReceiver
private lateinit var app: libtailscale.Application
override val viewModelStore: ViewModelStore
@ -101,6 +103,11 @@ class App : UninitializedApp(), libtailscale.AppContext, ViewModelStoreOwner {
super.onCreate()
appInstance = this
setUnprotectedInstance(this)
mdmChangeReceiver = MDMSettingsChangedReceiver()
val filter = IntentFilter(Intent.ACTION_APPLICATION_RESTRICTIONS_CHANGED)
registerReceiver(mdmChangeReceiver, filter)
createNotificationChannel(
STATUS_CHANNEL_ID,
getString(R.string.vpn_status),
@ -124,6 +131,7 @@ class App : UninitializedApp(), libtailscale.AppContext, ViewModelStoreOwner {
notificationManager.cancelAll()
applicationScope.cancel()
viewModelStore.clear()
unregisterReceiver(mdmChangeReceiver)
}
@Volatile private var isInitialized = false

@ -0,0 +1,21 @@
// Copyright (c) Tailscale Inc & AUTHORS
// SPDX-License-Identifier: BSD-3-Clause
package com.tailscale.ipn.mdm
import android.content.BroadcastReceiver
import android.content.Context
import android.content.Intent
import android.content.RestrictionsManager
import com.tailscale.ipn.App
import com.tailscale.ipn.util.TSLog
class MDMSettingsChangedReceiver : BroadcastReceiver() {
override fun onReceive(context: Context?, intent: Intent?) {
if (intent?.action == android.content.Intent.ACTION_APPLICATION_RESTRICTIONS_CHANGED) {
TSLog.d("syspolicy", "MDM settings changed")
val restrictionsManager = context?.getSystemService(Context.RESTRICTIONS_SERVICE) as RestrictionsManager
MDMSettings.update(App.get(), restrictionsManager)
}
}
}
Loading…
Cancel
Save