Fix a security exception when checking cross-profile caller-id cap.

No need to enforce that the caller is in the system process.
We're only checking if the device policy is allowing access.

Bug: 16301261
Change-Id: I87a7c808d116c86aa68cebb36631c46d0a54be96

diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index c218d38..2a11252 100644 (file)
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -4030,7 +4030,8 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
 
     @Override
     public boolean getCrossProfileCallerIdDisabledForUser(int userId) {
-        enforceSystemProcess("getCrossProfileCallerIdDisabled can only be called by system");
+        // TODO: Should there be a check to make sure this relationship is within a profile group?
+        //enforceSystemProcess("getCrossProfileCallerIdDisabled can only be called by system");
         synchronized (this) {
             ActiveAdmin admin = getProfileOwnerAdmin(userId);
             return (admin != null) ? admin.disableCallerId : false;