Update Wi-Fi configs restrictions

* Update isNetworkLockedDown in WifiUtils
  to check the profile owner if the device
  is an organization-owned managed profile
  device.
* Update the logic to check if a Wi-Fi
  network can be forgotten (for both the
  device owner and profile owner of an
  organization-owned device).

Bug: 150197944
Bug: 153605361
Test: manual testing
      make RunSettingsRoboTests -j ROBOTEST_FILTER=WifiDetailPreferenceController2Test
      make RunSettingsRoboTests -j ROBOTEST_FILTER=WifiUtilsTest

Manual Testing Steps
A. Provision TestDPC in 'Device Owner' mode.
   - Create a Wi-Fi config in TestDPC.
   - Enable 'DO created Wi-Fi configs are
     modifiable only by DO'.
   - Go to Settings and verify that the network
     created cannot be modified and the 'Forget'
     button is not displayed.
B. Provision TestDPC in 'Profile Owner of an
   organization-owned managed profile' mode.
   - Create a Wi-Fi config in the work profile
     instance of TestDPC.
   - Enable 'DO created Wi-Fi configs are
     modifiable only by DO'.
   - Go to Settings and verify that the network
     created cannot be modified and the 'Forget'
     button is not displayed.
C. Provision CtsVerifier in 'Device Owner' mode.
   - Go to 'Device owner tests' > 'Wifi
     configuration lockdown'.
   - Create a Wi-Fi config then follow the
     instructions.

Change-Id: Ie3c71113441a3aca62563310ad0e53d89fa04226

src/com/android/settings/wifi/WifiUtils.java

@@ -24,9 +24,12 @@ import android.content.pm.PackageManager;
 import android.net.NetworkCapabilities;
 import android.net.wifi.ScanResult;
 import android.net.wifi.WifiConfiguration;
+import android.os.UserHandle;
+import android.os.UserManager;
 import android.provider.Settings;
 import android.text.TextUtils;
 
+import com.android.settings.Utils;
 import com.android.settingslib.wifi.AccessPoint;
 
 import java.nio.charset.StandardCharsets;
@@ -77,6 +80,7 @@ public class WifiUtils {
         final DevicePolicyManager dpm =
                 (DevicePolicyManager) context.getSystemService(Context.DEVICE_POLICY_SERVICE);
         final PackageManager pm = context.getPackageManager();
+        final UserManager um = (UserManager) context.getSystemService(Context.USER_SERVICE);
 
         // Check if device has DPM capability. If it has and dpm is still null, then we
         // treat this case with suspicion and bail out.
@@ -96,6 +100,18 @@ public class WifiUtils {
                 } catch (PackageManager.NameNotFoundException e) {
                     // don't care
                 }
+            } else if (dpm.isOrganizationOwnedDeviceWithManagedProfile()) {
+                int profileOwnerUserId = Utils.getManagedProfileId(um, UserHandle.myUserId());
+                final ComponentName profileOwner = dpm.getProfileOwnerAsUser(profileOwnerUserId);
+                if (profileOwner != null) {
+                    try {
+                        final int profileOwnerUid = pm.getPackageUidAsUser(
+                                profileOwner.getPackageName(), profileOwnerUserId);
+                        isConfigEligibleForLockdown = profileOwnerUid == config.creatorUid;
+                    } catch (PackageManager.NameNotFoundException e) {
+                        // don't care
+                    }
+                }
             }
         }
         if (!isConfigEligibleForLockdown) {