1 /* 2 * Copyright (C) 2010 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.app.admin; 18 19 import android.annotation.ColorInt; 20 import android.annotation.IntDef; 21 import android.annotation.NonNull; 22 import android.annotation.Nullable; 23 import android.annotation.SdkConstant; 24 import android.annotation.SdkConstant.SdkConstantType; 25 import android.annotation.SystemApi; 26 import android.annotation.UserIdInt; 27 import android.app.Activity; 28 import android.app.admin.SecurityLog.SecurityEvent; 29 import android.content.ComponentName; 30 import android.content.Context; 31 import android.content.Intent; 32 import android.content.IntentFilter; 33 import android.content.pm.PackageManager; 34 import android.content.pm.PackageManager.NameNotFoundException; 35 import android.content.pm.ParceledListSlice; 36 import android.content.pm.UserInfo; 37 import android.graphics.Bitmap; 38 import android.net.ProxyInfo; 39 import android.net.Uri; 40 import android.os.Bundle; 41 import android.os.PersistableBundle; 42 import android.os.Process; 43 import android.os.RemoteCallback; 44 import android.os.RemoteException; 45 import android.os.ServiceManager; 46 import android.os.UserHandle; 47 import android.os.UserManager; 48 import android.provider.ContactsContract.Directory; 49 import android.provider.Settings; 50 import android.security.Credentials; 51 import android.service.restrictions.RestrictionsReceiver; 52 import android.telephony.TelephonyManager; 53 import android.util.Log; 54 55 import com.android.internal.annotations.VisibleForTesting; 56 import com.android.org.conscrypt.TrustedCertificateStore; 57 58 import java.io.ByteArrayInputStream; 59 import java.io.IOException; 60 import java.lang.annotation.Retention; 61 import java.lang.annotation.RetentionPolicy; 62 import java.net.InetSocketAddress; 63 import java.net.Proxy; 64 import java.security.KeyFactory; 65 import java.security.NoSuchAlgorithmException; 66 import java.security.PrivateKey; 67 import java.security.cert.Certificate; 68 import java.security.cert.CertificateException; 69 import java.security.cert.CertificateFactory; 70 import java.security.cert.X509Certificate; 71 import java.security.spec.InvalidKeySpecException; 72 import java.security.spec.PKCS8EncodedKeySpec; 73 import java.util.ArrayList; 74 import java.util.Arrays; 75 import java.util.Collections; 76 import java.util.List; 77 import java.util.Set; 78 79 /** 80 * Public interface for managing policies enforced on a device. Most clients of this class must be 81 * registered with the system as a <a href="{@docRoot}guide/topics/admin/device-admin.html">device 82 * administrator</a>. Additionally, a device administrator may be registered as either a profile or 83 * device owner. A given method is accessible to all device administrators unless the documentation 84 * for that method specifies that it is restricted to either device or profile owners. Any 85 * application calling an api may only pass as an argument a device administrator component it 86 * owns. Otherwise, a {@link SecurityException} will be thrown. 87 * <div class="special reference"> 88 * <h3>Developer Guides</h3> 89 * <p> 90 * For more information about managing policies for device administration, read the <a href= 91 * "{@docRoot}guide/topics/admin/device-admin.html">Device Administration</a> developer 92 * guide. </div> 93 */ 94 public class DevicePolicyManager { 95 private static String TAG = "DevicePolicyManager"; 96 97 private final Context mContext; 98 private final IDevicePolicyManager mService; 99 private final boolean mParentInstance; 100 DevicePolicyManager(Context context, boolean parentInstance)101 private DevicePolicyManager(Context context, boolean parentInstance) { 102 this(context, 103 IDevicePolicyManager.Stub.asInterface( 104 ServiceManager.getService(Context.DEVICE_POLICY_SERVICE)), 105 parentInstance); 106 } 107 108 /** @hide */ 109 @VisibleForTesting DevicePolicyManager( Context context, IDevicePolicyManager service, boolean parentInstance)110 protected DevicePolicyManager( 111 Context context, IDevicePolicyManager service, boolean parentInstance) { 112 mContext = context; 113 mService = service; 114 mParentInstance = parentInstance; 115 } 116 117 /** @hide */ create(Context context)118 public static DevicePolicyManager create(Context context) { 119 DevicePolicyManager me = new DevicePolicyManager(context, false); 120 return me.mService != null ? me : null; 121 } 122 123 /** @hide test will override it. */ 124 @VisibleForTesting myUserId()125 protected int myUserId() { 126 return UserHandle.myUserId(); 127 } 128 129 /** 130 * Activity action: Starts the provisioning flow which sets up a managed profile. 131 * 132 * <p>A managed profile allows data separation for example for the usage of a 133 * device as a personal and corporate device. The user which provisioning is started from and 134 * the managed profile share a launcher. 135 * 136 * <p>This intent will typically be sent by a mobile device management application (MDM). 137 * Provisioning adds a managed profile and sets the MDM as the profile owner who has full 138 * control over the profile. 139 * 140 * <p>It is possible to check if provisioning is allowed or not by querying the method 141 * {@link #isProvisioningAllowed(String)}. 142 * 143 * <p>In version {@link android.os.Build.VERSION_CODES#LOLLIPOP}, this intent must contain the 144 * extra {@link #EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_NAME}. 145 * As of {@link android.os.Build.VERSION_CODES#M}, it should contain the extra 146 * {@link #EXTRA_PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME} instead, although specifying only 147 * {@link #EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_NAME} is still supported. 148 * 149 * <p>The intent may also contain the following extras: 150 * <ul> 151 * <li>{@link #EXTRA_PROVISIONING_ACCOUNT_TO_MIGRATE}, optional </li> 152 * <li>{@link #EXTRA_PROVISIONING_SKIP_ENCRYPTION}, optional, supported from 153 * {@link android.os.Build.VERSION_CODES#N}</li> 154 * <li>{@link #EXTRA_PROVISIONING_ADMIN_EXTRAS_BUNDLE}, optional</li> 155 * <li>{@link #EXTRA_PROVISIONING_LOGO_URI}, optional</li> 156 * <li>{@link #EXTRA_PROVISIONING_MAIN_COLOR}, optional</li> 157 * </ul> 158 * 159 * <p>When managed provisioning has completed, broadcasts are sent to the application specified 160 * in the provisioning intent. The 161 * {@link DeviceAdminReceiver#ACTION_PROFILE_PROVISIONING_COMPLETE} broadcast is sent in the 162 * managed profile and the {@link #ACTION_MANAGED_PROFILE_PROVISIONED} broadcast is sent in 163 * the primary profile. 164 * 165 * <p>If provisioning fails, the managedProfile is removed so the device returns to its 166 * previous state. 167 * 168 * <p>If launched with {@link android.app.Activity#startActivityForResult(Intent, int)} a 169 * result code of {@link android.app.Activity#RESULT_OK} implies that the synchronous part of 170 * the provisioning flow was successful, although this doesn't guarantee the full flow will 171 * succeed. Conversely a result code of {@link android.app.Activity#RESULT_CANCELED} implies 172 * that the user backed-out of provisioning, or some precondition for provisioning wasn't met. 173 */ 174 @SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION) 175 public static final String ACTION_PROVISION_MANAGED_PROFILE 176 = "android.app.action.PROVISION_MANAGED_PROFILE"; 177 178 /** 179 * Activity action: Starts the provisioning flow which sets up a managed user. 180 * 181 * <p>This intent will typically be sent by a mobile device management application (MDM). 182 * Provisioning configures the user as managed user and sets the MDM as the profile 183 * owner who has full control over the user. Provisioning can only happen before user setup has 184 * been completed. Use {@link #isProvisioningAllowed(String)} to check if provisioning is 185 * allowed. 186 * 187 * <p>The intent contains the following extras: 188 * <ul> 189 * <li>{@link #EXTRA_PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME}</li> 190 * <li>{@link #EXTRA_PROVISIONING_SKIP_ENCRYPTION}, optional</li> 191 * <li>{@link #EXTRA_PROVISIONING_ADMIN_EXTRAS_BUNDLE}, optional</li> 192 * <li>{@link #EXTRA_PROVISIONING_LOGO_URI}, optional</li> 193 * <li>{@link #EXTRA_PROVISIONING_MAIN_COLOR}, optional</li> 194 * </ul> 195 * 196 * <p>If provisioning fails, the device returns to its previous state. 197 * 198 * <p>If launched with {@link android.app.Activity#startActivityForResult(Intent, int)} a 199 * result code of {@link android.app.Activity#RESULT_OK} implies that the synchronous part of 200 * the provisioning flow was successful, although this doesn't guarantee the full flow will 201 * succeed. Conversely a result code of {@link android.app.Activity#RESULT_CANCELED} implies 202 * that the user backed-out of provisioning, or some precondition for provisioning wasn't met. 203 * 204 * @hide 205 */ 206 @SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION) 207 public static final String ACTION_PROVISION_MANAGED_USER 208 = "android.app.action.PROVISION_MANAGED_USER"; 209 210 /** 211 * Activity action: Starts the provisioning flow which sets up a managed device. 212 * Must be started with {@link android.app.Activity#startActivityForResult(Intent, int)}. 213 * 214 * <p> During device owner provisioning a device admin app is set as the owner of the device. 215 * A device owner has full control over the device. The device owner can not be modified by the 216 * user. 217 * 218 * <p> A typical use case would be a device that is owned by a company, but used by either an 219 * employee or client. 220 * 221 * <p> An intent with this action can be sent only on an unprovisioned device. 222 * It is possible to check if provisioning is allowed or not by querying the method 223 * {@link #isProvisioningAllowed(String)}. 224 * 225 * <p>The intent contains the following extras: 226 * <ul> 227 * <li>{@link #EXTRA_PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME}</li> 228 * <li>{@link #EXTRA_PROVISIONING_SKIP_ENCRYPTION}, optional</li> 229 * <li>{@link #EXTRA_PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED}, optional</li> 230 * <li>{@link #EXTRA_PROVISIONING_ADMIN_EXTRAS_BUNDLE}, optional</li> 231 * <li>{@link #EXTRA_PROVISIONING_LOGO_URI}, optional</li> 232 * <li>{@link #EXTRA_PROVISIONING_MAIN_COLOR}, optional</li> 233 * </ul> 234 * 235 * <p>When device owner provisioning has completed, an intent of the type 236 * {@link DeviceAdminReceiver#ACTION_PROFILE_PROVISIONING_COMPLETE} is broadcast to the 237 * device owner. 238 * 239 * <p>If provisioning fails, the device is factory reset. 240 * 241 * <p>A result code of {@link android.app.Activity#RESULT_OK} implies that the synchronous part 242 * of the provisioning flow was successful, although this doesn't guarantee the full flow will 243 * succeed. Conversely a result code of {@link android.app.Activity#RESULT_CANCELED} implies 244 * that the user backed-out of provisioning, or some precondition for provisioning wasn't met. 245 */ 246 @SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION) 247 public static final String ACTION_PROVISION_MANAGED_DEVICE 248 = "android.app.action.PROVISION_MANAGED_DEVICE"; 249 250 /** 251 * Activity action: Starts the provisioning flow which sets up a managed device. 252 * 253 * <p>During device owner provisioning, a device admin app is downloaded and set as the owner of 254 * the device. A device owner has full control over the device. The device owner can not be 255 * modified by the user and the only way of resetting the device is via factory reset. 256 * 257 * <p>A typical use case would be a device that is owned by a company, but used by either an 258 * employee or client. 259 * 260 * <p>The provisioning message should be sent to an unprovisioned device. 261 * 262 * <p>Unlike {@link #ACTION_PROVISION_MANAGED_DEVICE}, the provisioning message can only be sent 263 * by a privileged app with the permission 264 * {@link android.Manifest.permission#DISPATCH_PROVISIONING_MESSAGE}. 265 * 266 * <p>The provisioning intent contains the following properties: 267 * <ul> 268 * <li>{@link #EXTRA_PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME}</li> 269 * <li>{@link #EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION}, optional</li> 270 * <li>{@link #EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_COOKIE_HEADER}, optional</li> 271 * <li>{@link #EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_CHECKSUM}, optional</li> 272 * <li>{@link #EXTRA_PROVISIONING_LOCAL_TIME} (convert to String), optional</li> 273 * <li>{@link #EXTRA_PROVISIONING_TIME_ZONE}, optional</li> 274 * <li>{@link #EXTRA_PROVISIONING_LOCALE}, optional</li> 275 * <li>{@link #EXTRA_PROVISIONING_WIFI_SSID}, optional</li> 276 * <li>{@link #EXTRA_PROVISIONING_WIFI_HIDDEN} (convert to String), optional</li> 277 * <li>{@link #EXTRA_PROVISIONING_WIFI_SECURITY_TYPE}, optional</li> 278 * <li>{@link #EXTRA_PROVISIONING_WIFI_PASSWORD}, optional</li> 279 * <li>{@link #EXTRA_PROVISIONING_WIFI_PROXY_HOST}, optional</li> 280 * <li>{@link #EXTRA_PROVISIONING_WIFI_PROXY_PORT} (convert to String), optional</li> 281 * <li>{@link #EXTRA_PROVISIONING_WIFI_PROXY_BYPASS}, optional</li> 282 * <li>{@link #EXTRA_PROVISIONING_WIFI_PAC_URL}, optional</li> 283 * <li>{@link #EXTRA_PROVISIONING_ADMIN_EXTRAS_BUNDLE}, optional</li></ul> 284 * 285 * @hide 286 */ 287 @SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION) 288 @SystemApi 289 public static final String ACTION_PROVISION_MANAGED_DEVICE_FROM_TRUSTED_SOURCE = 290 "android.app.action.PROVISION_MANAGED_DEVICE_FROM_TRUSTED_SOURCE"; 291 292 /** 293 * Activity action: Starts the provisioning flow which sets up a managed device. 294 * Must be started with {@link android.app.Activity#startActivityForResult(Intent, int)}. 295 * 296 * <p>NOTE: This is only supported on split system user devices, and puts the device into a 297 * management state that is distinct from that reached by 298 * {@link #ACTION_PROVISION_MANAGED_DEVICE} - specifically the device owner runs on the system 299 * user, and only has control over device-wide policies, not individual users and their data. 300 * The primary benefit is that multiple non-system users are supported when provisioning using 301 * this form of device management. 302 * 303 * <p>During device owner provisioning a device admin app is set as the owner of the device. 304 * A device owner has full control over the device. The device owner can not be modified by the 305 * user. 306 * 307 * <p>A typical use case would be a device that is owned by a company, but used by either an 308 * employee or client. 309 * 310 * <p>An intent with this action can be sent only on an unprovisioned device. 311 * It is possible to check if provisioning is allowed or not by querying the method 312 * {@link #isProvisioningAllowed(String)}. 313 * 314 * <p>The intent contains the following extras: 315 * <ul> 316 * <li>{@link #EXTRA_PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME}</li> 317 * <li>{@link #EXTRA_PROVISIONING_SKIP_ENCRYPTION}, optional</li> 318 * <li>{@link #EXTRA_PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED}, optional</li> 319 * <li>{@link #EXTRA_PROVISIONING_ADMIN_EXTRAS_BUNDLE}, optional</li> 320 * <li>{@link #EXTRA_PROVISIONING_LOGO_URI}, optional</li> 321 * <li>{@link #EXTRA_PROVISIONING_MAIN_COLOR}, optional</li> 322 * </ul> 323 * 324 * <p>When device owner provisioning has completed, an intent of the type 325 * {@link DeviceAdminReceiver#ACTION_PROFILE_PROVISIONING_COMPLETE} is broadcast to the 326 * device owner. 327 * 328 * <p>If provisioning fails, the device is factory reset. 329 * 330 * <p>A result code of {@link android.app.Activity#RESULT_OK} implies that the synchronous part 331 * of the provisioning flow was successful, although this doesn't guarantee the full flow will 332 * succeed. Conversely a result code of {@link android.app.Activity#RESULT_CANCELED} implies 333 * that the user backed-out of provisioning, or some precondition for provisioning wasn't met. 334 * 335 * @hide 336 */ 337 @SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION) 338 public static final String ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE 339 = "android.app.action.PROVISION_MANAGED_SHAREABLE_DEVICE"; 340 341 /** 342 * Activity action: Finalizes management provisioning, should be used after user-setup 343 * has been completed and {@link #getUserProvisioningState()} returns one of: 344 * <ul> 345 * <li>{@link #STATE_USER_SETUP_INCOMPLETE}</li> 346 * <li>{@link #STATE_USER_SETUP_COMPLETE}</li> 347 * <li>{@link #STATE_USER_PROFILE_COMPLETE}</li> 348 * </ul> 349 * 350 * @hide 351 */ 352 @SystemApi 353 @SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION) 354 public static final String ACTION_PROVISION_FINALIZATION 355 = "android.app.action.PROVISION_FINALIZATION"; 356 357 /** 358 * Action: Bugreport sharing with device owner has been accepted by the user. 359 * 360 * @hide 361 */ 362 public static final String ACTION_BUGREPORT_SHARING_ACCEPTED = 363 "com.android.server.action.BUGREPORT_SHARING_ACCEPTED"; 364 365 /** 366 * Action: Bugreport sharing with device owner has been declined by the user. 367 * 368 * @hide 369 */ 370 public static final String ACTION_BUGREPORT_SHARING_DECLINED = 371 "com.android.server.action.BUGREPORT_SHARING_DECLINED"; 372 373 /** 374 * Action: Bugreport has been collected and is dispatched to {@link DevicePolicyManagerService}. 375 * 376 * @hide 377 */ 378 public static final String ACTION_REMOTE_BUGREPORT_DISPATCH = 379 "android.intent.action.REMOTE_BUGREPORT_DISPATCH"; 380 381 /** 382 * Extra for shared bugreport's SHA-256 hash. 383 * 384 * @hide 385 */ 386 public static final String EXTRA_REMOTE_BUGREPORT_HASH = 387 "android.intent.extra.REMOTE_BUGREPORT_HASH"; 388 389 /** 390 * Extra for remote bugreport notification shown type. 391 * 392 * @hide 393 */ 394 public static final String EXTRA_BUGREPORT_NOTIFICATION_TYPE = 395 "android.app.extra.bugreport_notification_type"; 396 397 /** 398 * Notification type for a started remote bugreport flow. 399 * 400 * @hide 401 */ 402 public static final int NOTIFICATION_BUGREPORT_STARTED = 1; 403 404 /** 405 * Notification type for a bugreport that has already been accepted to be shared, but is still 406 * being taken. 407 * 408 * @hide 409 */ 410 public static final int NOTIFICATION_BUGREPORT_ACCEPTED_NOT_FINISHED = 2; 411 412 /** 413 * Notification type for a bugreport that has been taken and can be shared or declined. 414 * 415 * @hide 416 */ 417 public static final int NOTIFICATION_BUGREPORT_FINISHED_NOT_ACCEPTED = 3; 418 419 /** 420 * A {@link android.os.Parcelable} extra of type {@link android.os.PersistableBundle} that 421 * allows a mobile device management application or NFC programmer application which starts 422 * managed provisioning to pass data to the management application instance after provisioning. 423 * <p> 424 * If used with {@link #ACTION_PROVISION_MANAGED_PROFILE} it can be used by the application that 425 * sends the intent to pass data to itself on the newly created profile. 426 * If used with {@link #ACTION_PROVISION_MANAGED_DEVICE} it allows passing data to the same 427 * instance of the app on the primary user. 428 * Starting from {@link android.os.Build.VERSION_CODES#M}, if used with 429 * {@link #MIME_TYPE_PROVISIONING_NFC} as part of NFC managed device provisioning, the NFC 430 * message should contain a stringified {@link java.util.Properties} instance, whose string 431 * properties will be converted into a {@link android.os.PersistableBundle} and passed to the 432 * management application after provisioning. 433 * 434 * <p> 435 * In both cases the application receives the data in 436 * {@link DeviceAdminReceiver#onProfileProvisioningComplete} via an intent with the action 437 * {@link DeviceAdminReceiver#ACTION_PROFILE_PROVISIONING_COMPLETE}. The bundle is not changed 438 * during the managed provisioning. 439 */ 440 public static final String EXTRA_PROVISIONING_ADMIN_EXTRAS_BUNDLE = 441 "android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE"; 442 443 /** 444 * A String extra holding the package name of the mobile device management application that 445 * will be set as the profile owner or device owner. 446 * 447 * <p>If an application starts provisioning directly via an intent with action 448 * {@link #ACTION_PROVISION_MANAGED_PROFILE} this package has to match the package name of the 449 * application that started provisioning. The package will be set as profile owner in that case. 450 * 451 * <p>This package is set as device owner when device owner provisioning is started by an NFC 452 * message containing an NFC record with MIME type {@link #MIME_TYPE_PROVISIONING_NFC}. 453 * 454 * <p> When this extra is set, the application must have exactly one device admin receiver. 455 * This receiver will be set as the profile or device owner and active admin. 456 * 457 * @see DeviceAdminReceiver 458 * @deprecated Use {@link #EXTRA_PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME}. This extra is still 459 * supported, but only if there is only one device admin receiver in the package that requires 460 * the permission {@link android.Manifest.permission#BIND_DEVICE_ADMIN}. 461 */ 462 @Deprecated 463 public static final String EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_NAME 464 = "android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_NAME"; 465 466 /** 467 * A ComponentName extra indicating the device admin receiver of the mobile device management 468 * application that will be set as the profile owner or device owner and active admin. 469 * 470 * <p>If an application starts provisioning directly via an intent with action 471 * {@link #ACTION_PROVISION_MANAGED_PROFILE} or 472 * {@link #ACTION_PROVISION_MANAGED_DEVICE} the package name of this 473 * component has to match the package name of the application that started provisioning. 474 * 475 * <p>This component is set as device owner and active admin when device owner provisioning is 476 * started by an intent with action {@link #ACTION_PROVISION_MANAGED_DEVICE} or by an NFC 477 * message containing an NFC record with MIME type 478 * {@link #MIME_TYPE_PROVISIONING_NFC}. For the NFC record, the component name must be 479 * flattened to a string, via {@link ComponentName#flattenToShortString()}. 480 * 481 * @see DeviceAdminReceiver 482 */ 483 public static final String EXTRA_PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME 484 = "android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME"; 485 486 /** 487 * An {@link android.accounts.Account} extra holding the account to migrate during managed 488 * profile provisioning. If the account supplied is present in the primary user, it will be 489 * copied, along with its credentials to the managed profile and removed from the primary user. 490 * 491 * Use with {@link #ACTION_PROVISION_MANAGED_PROFILE}. 492 */ 493 494 public static final String EXTRA_PROVISIONING_ACCOUNT_TO_MIGRATE 495 = "android.app.extra.PROVISIONING_ACCOUNT_TO_MIGRATE"; 496 497 /** 498 * A String extra that, holds the email address of the account which a managed profile is 499 * created for. Used with {@link #ACTION_PROVISION_MANAGED_PROFILE} and 500 * {@link DeviceAdminReceiver#ACTION_PROFILE_PROVISIONING_COMPLETE}. 501 * 502 * <p> This extra is part of the {@link #EXTRA_PROVISIONING_ADMIN_EXTRAS_BUNDLE}. 503 * 504 * <p> If the {@link #ACTION_PROVISION_MANAGED_PROFILE} intent that starts managed provisioning 505 * contains this extra, it is forwarded in the 506 * {@link DeviceAdminReceiver#ACTION_PROFILE_PROVISIONING_COMPLETE} intent to the mobile 507 * device management application that was set as the profile owner during provisioning. 508 * It is usually used to avoid that the user has to enter their email address twice. 509 */ 510 public static final String EXTRA_PROVISIONING_EMAIL_ADDRESS 511 = "android.app.extra.PROVISIONING_EMAIL_ADDRESS"; 512 513 /** 514 * A integer extra indicating the predominant color to show during the provisioning. 515 * Refer to {@link android.graphics.Color} for how the color is represented. 516 * 517 * <p>Use with {@link #ACTION_PROVISION_MANAGED_PROFILE} or 518 * {@link #ACTION_PROVISION_MANAGED_DEVICE}. 519 */ 520 public static final String EXTRA_PROVISIONING_MAIN_COLOR = 521 "android.app.extra.PROVISIONING_MAIN_COLOR"; 522 523 /** 524 * A Boolean extra that can be used by the mobile device management application to skip the 525 * disabling of system apps during provisioning when set to {@code true}. 526 * 527 * <p>Use in an NFC record with {@link #MIME_TYPE_PROVISIONING_NFC} or an intent with action 528 * {@link #ACTION_PROVISION_MANAGED_DEVICE} that starts device owner provisioning. 529 */ 530 public static final String EXTRA_PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED = 531 "android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED"; 532 533 /** 534 * A String extra holding the time zone {@link android.app.AlarmManager} that the device 535 * will be set to. 536 * 537 * <p>Use in an NFC record with {@link #MIME_TYPE_PROVISIONING_NFC} that starts device owner 538 * provisioning via an NFC bump. 539 */ 540 public static final String EXTRA_PROVISIONING_TIME_ZONE 541 = "android.app.extra.PROVISIONING_TIME_ZONE"; 542 543 /** 544 * A Long extra holding the wall clock time (in milliseconds) to be set on the device's 545 * {@link android.app.AlarmManager}. 546 * 547 * <p>Use in an NFC record with {@link #MIME_TYPE_PROVISIONING_NFC} that starts device owner 548 * provisioning via an NFC bump. 549 */ 550 public static final String EXTRA_PROVISIONING_LOCAL_TIME 551 = "android.app.extra.PROVISIONING_LOCAL_TIME"; 552 553 /** 554 * A String extra holding the {@link java.util.Locale} that the device will be set to. 555 * Format: xx_yy, where xx is the language code, and yy the country code. 556 * 557 * <p>Use in an NFC record with {@link #MIME_TYPE_PROVISIONING_NFC} that starts device owner 558 * provisioning via an NFC bump. 559 */ 560 public static final String EXTRA_PROVISIONING_LOCALE 561 = "android.app.extra.PROVISIONING_LOCALE"; 562 563 /** 564 * A String extra holding the ssid of the wifi network that should be used during nfc device 565 * owner provisioning for downloading the mobile device management application. 566 * 567 * <p>Use in an NFC record with {@link #MIME_TYPE_PROVISIONING_NFC} that starts device owner 568 * provisioning via an NFC bump. 569 */ 570 public static final String EXTRA_PROVISIONING_WIFI_SSID 571 = "android.app.extra.PROVISIONING_WIFI_SSID"; 572 573 /** 574 * A boolean extra indicating whether the wifi network in {@link #EXTRA_PROVISIONING_WIFI_SSID} 575 * is hidden or not. 576 * 577 * <p>Use in an NFC record with {@link #MIME_TYPE_PROVISIONING_NFC} that starts device owner 578 * provisioning via an NFC bump. 579 */ 580 public static final String EXTRA_PROVISIONING_WIFI_HIDDEN 581 = "android.app.extra.PROVISIONING_WIFI_HIDDEN"; 582 583 /** 584 * A String extra indicating the security type of the wifi network in 585 * {@link #EXTRA_PROVISIONING_WIFI_SSID} and could be one of {@code NONE}, {@code WPA} or 586 * {@code WEP}. 587 * 588 * <p>Use in an NFC record with {@link #MIME_TYPE_PROVISIONING_NFC} that starts device owner 589 * provisioning via an NFC bump. 590 */ 591 public static final String EXTRA_PROVISIONING_WIFI_SECURITY_TYPE 592 = "android.app.extra.PROVISIONING_WIFI_SECURITY_TYPE"; 593 594 /** 595 * A String extra holding the password of the wifi network in 596 * {@link #EXTRA_PROVISIONING_WIFI_SSID}. 597 * 598 * <p>Use in an NFC record with {@link #MIME_TYPE_PROVISIONING_NFC} that starts device owner 599 * provisioning via an NFC bump. 600 */ 601 public static final String EXTRA_PROVISIONING_WIFI_PASSWORD 602 = "android.app.extra.PROVISIONING_WIFI_PASSWORD"; 603 604 /** 605 * A String extra holding the proxy host for the wifi network in 606 * {@link #EXTRA_PROVISIONING_WIFI_SSID}. 607 * 608 * <p>Use in an NFC record with {@link #MIME_TYPE_PROVISIONING_NFC} that starts device owner 609 * provisioning via an NFC bump. 610 */ 611 public static final String EXTRA_PROVISIONING_WIFI_PROXY_HOST 612 = "android.app.extra.PROVISIONING_WIFI_PROXY_HOST"; 613 614 /** 615 * An int extra holding the proxy port for the wifi network in 616 * {@link #EXTRA_PROVISIONING_WIFI_SSID}. 617 * 618 * <p>Use in an NFC record with {@link #MIME_TYPE_PROVISIONING_NFC} that starts device owner 619 * provisioning via an NFC bump. 620 */ 621 public static final String EXTRA_PROVISIONING_WIFI_PROXY_PORT 622 = "android.app.extra.PROVISIONING_WIFI_PROXY_PORT"; 623 624 /** 625 * A String extra holding the proxy bypass for the wifi network in 626 * {@link #EXTRA_PROVISIONING_WIFI_SSID}. 627 * 628 * <p>Use in an NFC record with {@link #MIME_TYPE_PROVISIONING_NFC} that starts device owner 629 * provisioning via an NFC bump. 630 */ 631 public static final String EXTRA_PROVISIONING_WIFI_PROXY_BYPASS 632 = "android.app.extra.PROVISIONING_WIFI_PROXY_BYPASS"; 633 634 /** 635 * A String extra holding the proxy auto-config (PAC) URL for the wifi network in 636 * {@link #EXTRA_PROVISIONING_WIFI_SSID}. 637 * 638 * <p>Use in an NFC record with {@link #MIME_TYPE_PROVISIONING_NFC} that starts device owner 639 * provisioning via an NFC bump. 640 */ 641 public static final String EXTRA_PROVISIONING_WIFI_PAC_URL 642 = "android.app.extra.PROVISIONING_WIFI_PAC_URL"; 643 644 /** 645 * A String extra holding a url that specifies the download location of the device admin 646 * package. When not provided it is assumed that the device admin package is already installed. 647 * 648 * <p>Use in an NFC record with {@link #MIME_TYPE_PROVISIONING_NFC} that starts device owner 649 * provisioning via an NFC bump. 650 */ 651 public static final String EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION 652 = "android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION"; 653 654 /** 655 * An int extra holding a minimum required version code for the device admin package. If the 656 * device admin is already installed on the device, it will only be re-downloaded from 657 * {@link #EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION} if the version of the 658 * installed package is less than this version code. 659 * 660 * <p>Use in an NFC record with {@link #MIME_TYPE_PROVISIONING_NFC} that starts device owner 661 * provisioning via an NFC bump. 662 */ 663 public static final String EXTRA_PROVISIONING_DEVICE_ADMIN_MINIMUM_VERSION_CODE 664 = "android.app.extra.PROVISIONING_DEVICE_ADMIN_MINIMUM_VERSION_CODE"; 665 666 /** 667 * A String extra holding a http cookie header which should be used in the http request to the 668 * url specified in {@link #EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION}. 669 * 670 * <p>Use in an NFC record with {@link #MIME_TYPE_PROVISIONING_NFC} that starts device owner 671 * provisioning via an NFC bump. 672 */ 673 public static final String EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_COOKIE_HEADER 674 = "android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_COOKIE_HEADER"; 675 676 /** 677 * A String extra holding the URL-safe base64 encoded SHA-256 or SHA-1 hash (see notes below) of 678 * the file at download location specified in 679 * {@link #EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION}. 680 * 681 * <p>Either this extra or {@link #EXTRA_PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM} must be 682 * present. The provided checksum must match the checksum of the file at the download 683 * location. If the checksum doesn't match an error will be shown to the user and the user will 684 * be asked to factory reset the device. 685 * 686 * <p>Use in an NFC record with {@link #MIME_TYPE_PROVISIONING_NFC} that starts device owner 687 * provisioning via an NFC bump. 688 * 689 * <p><strong>Note:</strong> for devices running {@link android.os.Build.VERSION_CODES#LOLLIPOP} 690 * and {@link android.os.Build.VERSION_CODES#LOLLIPOP_MR1} only SHA-1 hash is supported. 691 * Starting from {@link android.os.Build.VERSION_CODES#M}, this parameter accepts SHA-256 in 692 * addition to SHA-1. Support for SHA-1 is likely to be removed in future OS releases. 693 */ 694 public static final String EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_CHECKSUM 695 = "android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_CHECKSUM"; 696 697 /** 698 * A String extra holding the URL-safe base64 encoded SHA-256 checksum of any signature of the 699 * android package archive at the download location specified in {@link 700 * #EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION}. 701 * 702 * <p>The signatures of an android package archive can be obtained using 703 * {@link android.content.pm.PackageManager#getPackageArchiveInfo} with flag 704 * {@link android.content.pm.PackageManager#GET_SIGNATURES}. 705 * 706 * <p>Either this extra or {@link #EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_CHECKSUM} must be 707 * present. The provided checksum must match the checksum of any signature of the file at 708 * the download location. If the checksum does not match an error will be shown to the user and 709 * the user will be asked to factory reset the device. 710 * 711 * <p>Use in an NFC record with {@link #MIME_TYPE_PROVISIONING_NFC} that starts device owner 712 * provisioning via an NFC bump. 713 */ 714 public static final String EXTRA_PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM 715 = "android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM"; 716 717 /** 718 * Broadcast Action: This broadcast is sent to indicate that provisioning of a managed profile 719 * has completed successfully. 720 * 721 * <p>The broadcast is limited to the primary profile, to the app specified in the provisioning 722 * intent with action {@link #ACTION_PROVISION_MANAGED_PROFILE}. 723 * 724 * <p>This intent will contain the extra {@link #EXTRA_PROVISIONING_ACCOUNT_TO_MIGRATE} which 725 * corresponds to the account requested to be migrated at provisioning time, if any. 726 */ 727 @SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION) 728 public static final String ACTION_MANAGED_PROFILE_PROVISIONED 729 = "android.app.action.MANAGED_PROFILE_PROVISIONED"; 730 731 /** 732 * A boolean extra indicating whether device encryption can be skipped as part of device owner 733 * or managed profile provisioning. 734 * 735 * <p>Use in an NFC record with {@link #MIME_TYPE_PROVISIONING_NFC} or an intent with action 736 * {@link #ACTION_PROVISION_MANAGED_DEVICE} that starts device owner provisioning. 737 * 738 * <p>From {@link android.os.Build.VERSION_CODES#N} onwards, this is also supported for an 739 * intent with action {@link #ACTION_PROVISION_MANAGED_PROFILE}. 740 */ 741 public static final String EXTRA_PROVISIONING_SKIP_ENCRYPTION = 742 "android.app.extra.PROVISIONING_SKIP_ENCRYPTION"; 743 744 /** 745 * A {@link Uri} extra pointing to a logo image. This image will be shown during the 746 * provisioning. If this extra is not passed, a default image will be shown. 747 * <h5>The following URI schemes are accepted:</h5> 748 * <ul> 749 * <li>content ({@link android.content.ContentResolver#SCHEME_CONTENT})</li> 750 * <li>android.resource ({@link android.content.ContentResolver#SCHEME_ANDROID_RESOURCE})</li> 751 * </ul> 752 * 753 * <p> It is the responsability of the caller to provide an image with a reasonable 754 * pixed density for the device. 755 * 756 * <p> If a content: URI is passed, the intent should have the flag 757 * {@link Intent#FLAG_GRANT_READ_URI_PERMISSION} and the uri should be added to the 758 * {@link android.content.ClipData} of the intent too. 759 * 760 * <p>Use in an intent with action {@link #ACTION_PROVISION_MANAGED_PROFILE} or 761 * {@link #ACTION_PROVISION_MANAGED_DEVICE} 762 */ 763 public static final String EXTRA_PROVISIONING_LOGO_URI = 764 "android.app.extra.PROVISIONING_LOGO_URI"; 765 766 /** 767 * A boolean extra indicating if user setup should be skipped, for when provisioning is started 768 * during setup-wizard. 769 * 770 * <p>If unspecified, defaults to {@code true} to match the behavior in 771 * {@link android.os.Build.VERSION_CODES#M} and earlier. 772 * 773 * <p>Use in an intent with action {@link #ACTION_PROVISION_MANAGED_DEVICE} or 774 * {@link #ACTION_PROVISION_MANAGED_USER}. 775 * 776 * @hide 777 */ 778 public static final String EXTRA_PROVISIONING_SKIP_USER_SETUP = 779 "android.app.extra.PROVISIONING_SKIP_USER_SETUP"; 780 781 /** 782 * This MIME type is used for starting the device owner provisioning. 783 * 784 * <p>During device owner provisioning a device admin app is set as the owner of the device. 785 * A device owner has full control over the device. The device owner can not be modified by the 786 * user and the only way of resetting the device is if the device owner app calls a factory 787 * reset. 788 * 789 * <p> A typical use case would be a device that is owned by a company, but used by either an 790 * employee or client. 791 * 792 * <p> The NFC message must be sent to an unprovisioned device. 793 * 794 * <p>The NFC record must contain a serialized {@link java.util.Properties} object which 795 * contains the following properties: 796 * <ul> 797 * <li>{@link #EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_NAME}</li> 798 * <li>{@link #EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION}, optional</li> 799 * <li>{@link #EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_COOKIE_HEADER}, optional</li> 800 * <li>{@link #EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_CHECKSUM}, optional</li> 801 * <li>{@link #EXTRA_PROVISIONING_LOCAL_TIME} (convert to String), optional</li> 802 * <li>{@link #EXTRA_PROVISIONING_TIME_ZONE}, optional</li> 803 * <li>{@link #EXTRA_PROVISIONING_LOCALE}, optional</li> 804 * <li>{@link #EXTRA_PROVISIONING_WIFI_SSID}, optional</li> 805 * <li>{@link #EXTRA_PROVISIONING_WIFI_HIDDEN} (convert to String), optional</li> 806 * <li>{@link #EXTRA_PROVISIONING_WIFI_SECURITY_TYPE}, optional</li> 807 * <li>{@link #EXTRA_PROVISIONING_WIFI_PASSWORD}, optional</li> 808 * <li>{@link #EXTRA_PROVISIONING_WIFI_PROXY_HOST}, optional</li> 809 * <li>{@link #EXTRA_PROVISIONING_WIFI_PROXY_PORT} (convert to String), optional</li> 810 * <li>{@link #EXTRA_PROVISIONING_WIFI_PROXY_BYPASS}, optional</li> 811 * <li>{@link #EXTRA_PROVISIONING_WIFI_PAC_URL}, optional</li> 812 * <li>{@link #EXTRA_PROVISIONING_ADMIN_EXTRAS_BUNDLE}, optional, supported from 813 * {@link android.os.Build.VERSION_CODES#M} </li></ul> 814 * 815 * <p> 816 * As of {@link android.os.Build.VERSION_CODES#M}, the properties should contain 817 * {@link #EXTRA_PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME} instead of 818 * {@link #EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_NAME}, (although specifying only 819 * {@link #EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_NAME} is still supported). 820 */ 821 public static final String MIME_TYPE_PROVISIONING_NFC 822 = "application/com.android.managedprovisioning"; 823 824 /** 825 * Activity action: ask the user to add a new device administrator to the system. 826 * The desired policy is the ComponentName of the policy in the 827 * {@link #EXTRA_DEVICE_ADMIN} extra field. This will invoke a UI to 828 * bring the user through adding the device administrator to the system (or 829 * allowing them to reject it). 830 * 831 * <p>You can optionally include the {@link #EXTRA_ADD_EXPLANATION} 832 * field to provide the user with additional explanation (in addition 833 * to your component's description) about what is being added. 834 * 835 * <p>If your administrator is already active, this will ordinarily return immediately (without 836 * user intervention). However, if your administrator has been updated and is requesting 837 * additional uses-policy flags, the user will be presented with the new list. New policies 838 * will not be available to the updated administrator until the user has accepted the new list. 839 */ 840 @SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION) 841 public static final String ACTION_ADD_DEVICE_ADMIN 842 = "android.app.action.ADD_DEVICE_ADMIN"; 843 844 /** 845 * @hide 846 * Activity action: ask the user to add a new device administrator as the profile owner 847 * for this user. Only system apps can launch this intent. 848 * 849 * <p>The ComponentName of the profile owner admin is passed in the {@link #EXTRA_DEVICE_ADMIN} 850 * extra field. This will invoke a UI to bring the user through adding the profile owner admin 851 * to remotely control restrictions on the user. 852 * 853 * <p>The intent must be invoked via {@link Activity#startActivityForResult} to receive the 854 * result of whether or not the user approved the action. If approved, the result will 855 * be {@link Activity#RESULT_OK} and the component will be set as an active admin as well 856 * as a profile owner. 857 * 858 * <p>You can optionally include the {@link #EXTRA_ADD_EXPLANATION} 859 * field to provide the user with additional explanation (in addition 860 * to your component's description) about what is being added. 861 * 862 * <p>If there is already a profile owner active or the caller is not a system app, the 863 * operation will return a failure result. 864 */ 865 @SystemApi 866 public static final String ACTION_SET_PROFILE_OWNER 867 = "android.app.action.SET_PROFILE_OWNER"; 868 869 /** 870 * @hide 871 * Name of the profile owner admin that controls the user. 872 */ 873 @SystemApi 874 public static final String EXTRA_PROFILE_OWNER_NAME 875 = "android.app.extra.PROFILE_OWNER_NAME"; 876 877 /** 878 * Broadcast action: send when any policy admin changes a policy. 879 * This is generally used to find out when a new policy is in effect. 880 * 881 * @hide 882 */ 883 public static final String ACTION_DEVICE_POLICY_MANAGER_STATE_CHANGED 884 = "android.app.action.DEVICE_POLICY_MANAGER_STATE_CHANGED"; 885 886 /** 887 * Broadcast action: sent when the device owner is set or changed. 888 * 889 * This broadcast is sent only to the primary user. 890 * @see #ACTION_PROVISION_MANAGED_DEVICE 891 */ 892 @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION) 893 public static final String ACTION_DEVICE_OWNER_CHANGED 894 = "android.app.action.DEVICE_OWNER_CHANGED"; 895 896 /** 897 * The ComponentName of the administrator component. 898 * 899 * @see #ACTION_ADD_DEVICE_ADMIN 900 */ 901 public static final String EXTRA_DEVICE_ADMIN = "android.app.extra.DEVICE_ADMIN"; 902 903 /** 904 * An optional CharSequence providing additional explanation for why the 905 * admin is being added. 906 * 907 * @see #ACTION_ADD_DEVICE_ADMIN 908 */ 909 public static final String EXTRA_ADD_EXPLANATION = "android.app.extra.ADD_EXPLANATION"; 910 911 /** 912 * Activity action: have the user enter a new password. This activity should 913 * be launched after using {@link #setPasswordQuality(ComponentName, int)}, 914 * or {@link #setPasswordMinimumLength(ComponentName, int)} to have the user 915 * enter a new password that meets the current requirements. You can use 916 * {@link #isActivePasswordSufficient()} to determine whether you need to 917 * have the user select a new password in order to meet the current 918 * constraints. Upon being resumed from this activity, you can check the new 919 * password characteristics to see if they are sufficient. 920 * 921 * If the intent is launched from within a managed profile with a profile 922 * owner built against {@link android.os.Build.VERSION_CODES#M} or before, 923 * this will trigger entering a new password for the parent of the profile. 924 * For all other cases it will trigger entering a new password for the user 925 * or profile it is launched from. 926 * 927 * @see #ACTION_SET_NEW_PARENT_PROFILE_PASSWORD 928 */ 929 @SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION) 930 public static final String ACTION_SET_NEW_PASSWORD 931 = "android.app.action.SET_NEW_PASSWORD"; 932 933 /** 934 * Activity action: have the user enter a new password for the parent profile. 935 * If the intent is launched from within a managed profile, this will trigger 936 * entering a new password for the parent of the profile. In all other cases 937 * the behaviour is identical to {@link #ACTION_SET_NEW_PASSWORD}. 938 */ 939 @SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION) 940 public static final String ACTION_SET_NEW_PARENT_PROFILE_PASSWORD 941 = "android.app.action.SET_NEW_PARENT_PROFILE_PASSWORD"; 942 943 /** 944 * Flag used by {@link #addCrossProfileIntentFilter} to allow activities in 945 * the parent profile to access intents sent from the managed profile. 946 * That is, when an app in the managed profile calls 947 * {@link Activity#startActivity(Intent)}, the intent can be resolved by a 948 * matching activity in the parent profile. 949 */ 950 public static final int FLAG_PARENT_CAN_ACCESS_MANAGED = 0x0001; 951 952 /** 953 * Flag used by {@link #addCrossProfileIntentFilter} to allow activities in 954 * the managed profile to access intents sent from the parent profile. 955 * That is, when an app in the parent profile calls 956 * {@link Activity#startActivity(Intent)}, the intent can be resolved by a 957 * matching activity in the managed profile. 958 */ 959 public static final int FLAG_MANAGED_CAN_ACCESS_PARENT = 0x0002; 960 961 /** 962 * Broadcast action: notify that a new local system update policy has been set by the device 963 * owner. The new policy can be retrieved by {@link #getSystemUpdatePolicy()}. 964 */ 965 @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION) 966 public static final String ACTION_SYSTEM_UPDATE_POLICY_CHANGED 967 = "android.app.action.SYSTEM_UPDATE_POLICY_CHANGED"; 968 969 /** 970 * Permission policy to prompt user for new permission requests for runtime permissions. 971 * Already granted or denied permissions are not affected by this. 972 */ 973 public static final int PERMISSION_POLICY_PROMPT = 0; 974 975 /** 976 * Permission policy to always grant new permission requests for runtime permissions. 977 * Already granted or denied permissions are not affected by this. 978 */ 979 public static final int PERMISSION_POLICY_AUTO_GRANT = 1; 980 981 /** 982 * Permission policy to always deny new permission requests for runtime permissions. 983 * Already granted or denied permissions are not affected by this. 984 */ 985 public static final int PERMISSION_POLICY_AUTO_DENY = 2; 986 987 /** 988 * Runtime permission state: The user can manage the permission 989 * through the UI. 990 */ 991 public static final int PERMISSION_GRANT_STATE_DEFAULT = 0; 992 993 /** 994 * Runtime permission state: The permission is granted to the app 995 * and the user cannot manage the permission through the UI. 996 */ 997 public static final int PERMISSION_GRANT_STATE_GRANTED = 1; 998 999 /** 1000 * Runtime permission state: The permission is denied to the app 1001 * and the user cannot manage the permission through the UI. 1002 */ 1003 public static final int PERMISSION_GRANT_STATE_DENIED = 2; 1004 1005 /** 1006 * No management for current user in-effect. This is the default. 1007 * @hide 1008 */ 1009 @SystemApi 1010 public static final int STATE_USER_UNMANAGED = 0; 1011 1012 /** 1013 * Management partially setup, user setup needs to be completed. 1014 * @hide 1015 */ 1016 @SystemApi 1017 public static final int STATE_USER_SETUP_INCOMPLETE = 1; 1018 1019 /** 1020 * Management partially setup, user setup completed. 1021 * @hide 1022 */ 1023 @SystemApi 1024 public static final int STATE_USER_SETUP_COMPLETE = 2; 1025 1026 /** 1027 * Management setup and active on current user. 1028 * @hide 1029 */ 1030 @SystemApi 1031 public static final int STATE_USER_SETUP_FINALIZED = 3; 1032 1033 /** 1034 * Management partially setup on a managed profile. 1035 * @hide 1036 */ 1037 @SystemApi 1038 public static final int STATE_USER_PROFILE_COMPLETE = 4; 1039 1040 /** 1041 * @hide 1042 */ 1043 @IntDef({STATE_USER_UNMANAGED, STATE_USER_SETUP_INCOMPLETE, STATE_USER_SETUP_COMPLETE, 1044 STATE_USER_SETUP_FINALIZED, STATE_USER_PROFILE_COMPLETE}) 1045 @Retention(RetentionPolicy.SOURCE) 1046 public @interface UserProvisioningState {} 1047 1048 /** 1049 * Return true if the given administrator component is currently active (enabled) in the system. 1050 * 1051 * @param admin The administrator component to check for. 1052 * @return {@code true} if {@code admin} is currently enabled in the system, {@code false} 1053 * otherwise 1054 */ isAdminActive(@onNull ComponentName admin)1055 public boolean isAdminActive(@NonNull ComponentName admin) { 1056 return isAdminActiveAsUser(admin, myUserId()); 1057 } 1058 1059 /** 1060 * @see #isAdminActive(ComponentName) 1061 * @hide 1062 */ isAdminActiveAsUser(@onNull ComponentName admin, int userId)1063 public boolean isAdminActiveAsUser(@NonNull ComponentName admin, int userId) { 1064 if (mService != null) { 1065 try { 1066 return mService.isAdminActive(admin, userId); 1067 } catch (RemoteException e) { 1068 throw e.rethrowFromSystemServer(); 1069 } 1070 } 1071 return false; 1072 } 1073 /** 1074 * Return true if the given administrator component is currently being removed 1075 * for the user. 1076 * @hide 1077 */ isRemovingAdmin(@onNull ComponentName admin, int userId)1078 public boolean isRemovingAdmin(@NonNull ComponentName admin, int userId) { 1079 if (mService != null) { 1080 try { 1081 return mService.isRemovingAdmin(admin, userId); 1082 } catch (RemoteException e) { 1083 throw e.rethrowFromSystemServer(); 1084 } 1085 } 1086 return false; 1087 } 1088 1089 1090 /** 1091 * Return a list of all currently active device administrators' component 1092 * names. If there are no administrators {@code null} may be 1093 * returned. 1094 */ getActiveAdmins()1095 public List<ComponentName> getActiveAdmins() { 1096 throwIfParentInstance("getActiveAdmins"); 1097 return getActiveAdminsAsUser(myUserId()); 1098 } 1099 1100 /** 1101 * @see #getActiveAdmins() 1102 * @hide 1103 */ getActiveAdminsAsUser(int userId)1104 public List<ComponentName> getActiveAdminsAsUser(int userId) { 1105 if (mService != null) { 1106 try { 1107 return mService.getActiveAdmins(userId); 1108 } catch (RemoteException e) { 1109 throw e.rethrowFromSystemServer(); 1110 } 1111 } 1112 return null; 1113 } 1114 1115 /** 1116 * Used by package administration code to determine if a package can be stopped 1117 * or uninstalled. 1118 * @hide 1119 */ packageHasActiveAdmins(String packageName)1120 public boolean packageHasActiveAdmins(String packageName) { 1121 return packageHasActiveAdmins(packageName, myUserId()); 1122 } 1123 1124 /** 1125 * Used by package administration code to determine if a package can be stopped 1126 * or uninstalled. 1127 * @hide 1128 */ packageHasActiveAdmins(String packageName, int userId)1129 public boolean packageHasActiveAdmins(String packageName, int userId) { 1130 if (mService != null) { 1131 try { 1132 return mService.packageHasActiveAdmins(packageName, userId); 1133 } catch (RemoteException e) { 1134 throw e.rethrowFromSystemServer(); 1135 } 1136 } 1137 return false; 1138 } 1139 1140 /** 1141 * Remove a current administration component. This can only be called 1142 * by the application that owns the administration component; if you 1143 * try to remove someone else's component, a security exception will be 1144 * thrown. 1145 * 1146 * <p>Note that the operation is not synchronous and the admin might still be active (as 1147 * indicated by {@link #getActiveAdmins()}) by the time this method returns. 1148 * 1149 * @param admin The administration compononent to remove. 1150 * @throws SecurityException if the caller is not in the owner application of {@code admin}. 1151 */ removeActiveAdmin(@onNull ComponentName admin)1152 public void removeActiveAdmin(@NonNull ComponentName admin) { 1153 throwIfParentInstance("removeActiveAdmin"); 1154 if (mService != null) { 1155 try { 1156 mService.removeActiveAdmin(admin, myUserId()); 1157 } catch (RemoteException e) { 1158 throw e.rethrowFromSystemServer(); 1159 } 1160 } 1161 } 1162 1163 /** 1164 * Returns true if an administrator has been granted a particular device policy. This can be 1165 * used to check whether the administrator was activated under an earlier set of policies, but 1166 * requires additional policies after an upgrade. 1167 * 1168 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. Must be an 1169 * active administrator, or an exception will be thrown. 1170 * @param usesPolicy Which uses-policy to check, as defined in {@link DeviceAdminInfo}. 1171 * @throws SecurityException if {@code admin} is not an active administrator. 1172 */ hasGrantedPolicy(@onNull ComponentName admin, int usesPolicy)1173 public boolean hasGrantedPolicy(@NonNull ComponentName admin, int usesPolicy) { 1174 throwIfParentInstance("hasGrantedPolicy"); 1175 if (mService != null) { 1176 try { 1177 return mService.hasGrantedPolicy(admin, usesPolicy, myUserId()); 1178 } catch (RemoteException e) { 1179 throw e.rethrowFromSystemServer(); 1180 } 1181 } 1182 return false; 1183 } 1184 1185 /** 1186 * Returns true if the Profile Challenge is available to use for the given profile user. 1187 * 1188 * @hide 1189 */ isSeparateProfileChallengeAllowed(int userHandle)1190 public boolean isSeparateProfileChallengeAllowed(int userHandle) { 1191 if (mService != null) { 1192 try { 1193 return mService.isSeparateProfileChallengeAllowed(userHandle); 1194 } catch (RemoteException e) { 1195 throw e.rethrowFromSystemServer(); 1196 } 1197 } 1198 return false; 1199 } 1200 1201 /** 1202 * Constant for {@link #setPasswordQuality}: the policy has no requirements 1203 * for the password. Note that quality constants are ordered so that higher 1204 * values are more restrictive. 1205 */ 1206 public static final int PASSWORD_QUALITY_UNSPECIFIED = 0; 1207 1208 /** 1209 * Constant for {@link #setPasswordQuality}: the policy allows for low-security biometric 1210 * recognition technology. This implies technologies that can recognize the identity of 1211 * an individual to about a 3 digit PIN (false detection is less than 1 in 1,000). 1212 * Note that quality constants are ordered so that higher values are more restrictive. 1213 */ 1214 public static final int PASSWORD_QUALITY_BIOMETRIC_WEAK = 0x8000; 1215 1216 /** 1217 * Constant for {@link #setPasswordQuality}: the policy requires some kind 1218 * of password or pattern, but doesn't care what it is. Note that quality constants 1219 * are ordered so that higher values are more restrictive. 1220 */ 1221 public static final int PASSWORD_QUALITY_SOMETHING = 0x10000; 1222 1223 /** 1224 * Constant for {@link #setPasswordQuality}: the user must have entered a 1225 * password containing at least numeric characters. Note that quality 1226 * constants are ordered so that higher values are more restrictive. 1227 */ 1228 public static final int PASSWORD_QUALITY_NUMERIC = 0x20000; 1229 1230 /** 1231 * Constant for {@link #setPasswordQuality}: the user must have entered a 1232 * password containing at least numeric characters with no repeating (4444) 1233 * or ordered (1234, 4321, 2468) sequences. Note that quality 1234 * constants are ordered so that higher values are more restrictive. 1235 */ 1236 public static final int PASSWORD_QUALITY_NUMERIC_COMPLEX = 0x30000; 1237 1238 /** 1239 * Constant for {@link #setPasswordQuality}: the user must have entered a 1240 * password containing at least alphabetic (or other symbol) characters. 1241 * Note that quality constants are ordered so that higher values are more 1242 * restrictive. 1243 */ 1244 public static final int PASSWORD_QUALITY_ALPHABETIC = 0x40000; 1245 1246 /** 1247 * Constant for {@link #setPasswordQuality}: the user must have entered a 1248 * password containing at least <em>both></em> numeric <em>and</em> 1249 * alphabetic (or other symbol) characters. Note that quality constants are 1250 * ordered so that higher values are more restrictive. 1251 */ 1252 public static final int PASSWORD_QUALITY_ALPHANUMERIC = 0x50000; 1253 1254 /** 1255 * Constant for {@link #setPasswordQuality}: the user must have entered a 1256 * password containing at least a letter, a numerical digit and a special 1257 * symbol, by default. With this password quality, passwords can be 1258 * restricted to contain various sets of characters, like at least an 1259 * uppercase letter, etc. These are specified using various methods, 1260 * like {@link #setPasswordMinimumLowerCase(ComponentName, int)}. Note 1261 * that quality constants are ordered so that higher values are more 1262 * restrictive. 1263 */ 1264 public static final int PASSWORD_QUALITY_COMPLEX = 0x60000; 1265 1266 /** 1267 * Constant for {@link #setPasswordQuality}: the user is not allowed to 1268 * modify password. In case this password quality is set, the password is 1269 * managed by a profile owner. The profile owner can set any password, 1270 * as if {@link #PASSWORD_QUALITY_UNSPECIFIED} is used. Note 1271 * that quality constants are ordered so that higher values are more 1272 * restrictive. The value of {@link #PASSWORD_QUALITY_MANAGED} is 1273 * the highest. 1274 * @hide 1275 */ 1276 public static final int PASSWORD_QUALITY_MANAGED = 0x80000; 1277 1278 /** 1279 * Called by an application that is administering the device to set the password restrictions it 1280 * is imposing. After setting this, the user will not be able to enter a new password that is 1281 * not at least as restrictive as what has been set. Note that the current password will remain 1282 * until the user has set a new one, so the change does not take place immediately. To prompt 1283 * the user for a new password, use {@link #ACTION_SET_NEW_PASSWORD} or 1284 * {@link #ACTION_SET_NEW_PARENT_PROFILE_PASSWORD} after calling this method. 1285 * <p> 1286 * Quality constants are ordered so that higher values are more restrictive; thus the highest 1287 * requested quality constant (between the policy set here, the user's preference, and any other 1288 * considerations) is the one that is in effect. 1289 * <p> 1290 * The calling device admin must have requested 1291 * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has 1292 * not, a security exception will be thrown. 1293 * <p> 1294 * This method can be called on the {@link DevicePolicyManager} instance returned by 1295 * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent 1296 * profile. 1297 * 1298 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 1299 * @param quality The new desired quality. One of {@link #PASSWORD_QUALITY_UNSPECIFIED}, 1300 * {@link #PASSWORD_QUALITY_SOMETHING}, {@link #PASSWORD_QUALITY_NUMERIC}, 1301 * {@link #PASSWORD_QUALITY_NUMERIC_COMPLEX}, {@link #PASSWORD_QUALITY_ALPHABETIC}, 1302 * {@link #PASSWORD_QUALITY_ALPHANUMERIC} or {@link #PASSWORD_QUALITY_COMPLEX}. 1303 * @throws SecurityException if {@code admin} is not an active administrator or if {@code admin} 1304 * does not use {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} 1305 */ setPasswordQuality(@onNull ComponentName admin, int quality)1306 public void setPasswordQuality(@NonNull ComponentName admin, int quality) { 1307 if (mService != null) { 1308 try { 1309 mService.setPasswordQuality(admin, quality, mParentInstance); 1310 } catch (RemoteException e) { 1311 throw e.rethrowFromSystemServer(); 1312 } 1313 } 1314 } 1315 1316 /** 1317 * Retrieve the current minimum password quality for a particular admin or all admins that set 1318 * retrictions on this user and its participating profiles. Restrictions on profiles that have 1319 * a separate challenge are not taken into account. 1320 * 1321 * <p>This method can be called on the {@link DevicePolicyManager} instance 1322 * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve 1323 * restrictions on the parent profile. 1324 * 1325 * @param admin The name of the admin component to check, or {@code null} to aggregate 1326 * all admins. 1327 */ getPasswordQuality(@ullable ComponentName admin)1328 public int getPasswordQuality(@Nullable ComponentName admin) { 1329 return getPasswordQuality(admin, myUserId()); 1330 } 1331 1332 /** @hide per-user version */ getPasswordQuality(@ullable ComponentName admin, int userHandle)1333 public int getPasswordQuality(@Nullable ComponentName admin, int userHandle) { 1334 if (mService != null) { 1335 try { 1336 return mService.getPasswordQuality(admin, userHandle, mParentInstance); 1337 } catch (RemoteException e) { 1338 throw e.rethrowFromSystemServer(); 1339 } 1340 } 1341 return PASSWORD_QUALITY_UNSPECIFIED; 1342 } 1343 1344 /** 1345 * Called by an application that is administering the device to set the minimum allowed password 1346 * length. After setting this, the user will not be able to enter a new password that is not at 1347 * least as restrictive as what has been set. Note that the current password will remain until 1348 * the user has set a new one, so the change does not take place immediately. To prompt the user 1349 * for a new password, use {@link #ACTION_SET_NEW_PASSWORD} or 1350 * {@link #ACTION_SET_NEW_PARENT_PROFILE_PASSWORD} after setting this value. This constraint is 1351 * only imposed if the administrator has also requested either {@link #PASSWORD_QUALITY_NUMERIC} 1352 * , {@link #PASSWORD_QUALITY_NUMERIC_COMPLEX}, {@link #PASSWORD_QUALITY_ALPHABETIC}, 1353 * {@link #PASSWORD_QUALITY_ALPHANUMERIC}, or {@link #PASSWORD_QUALITY_COMPLEX} with 1354 * {@link #setPasswordQuality}. 1355 * <p> 1356 * The calling device admin must have requested 1357 * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has 1358 * not, a security exception will be thrown. 1359 * <p> 1360 * This method can be called on the {@link DevicePolicyManager} instance returned by 1361 * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent 1362 * profile. 1363 * 1364 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 1365 * @param length The new desired minimum password length. A value of 0 means there is no 1366 * restriction. 1367 * @throws SecurityException if {@code admin} is not an active administrator or {@code admin} 1368 * does not use {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} 1369 */ setPasswordMinimumLength(@onNull ComponentName admin, int length)1370 public void setPasswordMinimumLength(@NonNull ComponentName admin, int length) { 1371 if (mService != null) { 1372 try { 1373 mService.setPasswordMinimumLength(admin, length, mParentInstance); 1374 } catch (RemoteException e) { 1375 throw e.rethrowFromSystemServer(); 1376 } 1377 } 1378 } 1379 1380 /** 1381 * Retrieve the current minimum password length for a particular admin or all admins that set 1382 * retrictions on this user and its participating profiles. Restrictions on profiles that have 1383 * a separate challenge are not taken into account. 1384 * 1385 * <p>This method can be called on the {@link DevicePolicyManager} instance 1386 * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve 1387 * restrictions on the parent profile. 1388 * 1389 * user and its profiles or a particular one. 1390 * @param admin The name of the admin component to check, or {@code null} to aggregate 1391 * all admins. 1392 */ getPasswordMinimumLength(@ullable ComponentName admin)1393 public int getPasswordMinimumLength(@Nullable ComponentName admin) { 1394 return getPasswordMinimumLength(admin, myUserId()); 1395 } 1396 1397 /** @hide per-user version */ getPasswordMinimumLength(@ullable ComponentName admin, int userHandle)1398 public int getPasswordMinimumLength(@Nullable ComponentName admin, int userHandle) { 1399 if (mService != null) { 1400 try { 1401 return mService.getPasswordMinimumLength(admin, userHandle, mParentInstance); 1402 } catch (RemoteException e) { 1403 throw e.rethrowFromSystemServer(); 1404 } 1405 } 1406 return 0; 1407 } 1408 1409 /** 1410 * Called by an application that is administering the device to set the minimum number of upper 1411 * case letters required in the password. After setting this, the user will not be able to enter 1412 * a new password that is not at least as restrictive as what has been set. Note that the 1413 * current password will remain until the user has set a new one, so the change does not take 1414 * place immediately. To prompt the user for a new password, use 1415 * {@link #ACTION_SET_NEW_PASSWORD} or {@link #ACTION_SET_NEW_PARENT_PROFILE_PASSWORD} after 1416 * setting this value. This constraint is only imposed if the administrator has also requested 1417 * {@link #PASSWORD_QUALITY_COMPLEX} with {@link #setPasswordQuality}. The default value is 0. 1418 * <p> 1419 * The calling device admin must have requested 1420 * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has 1421 * not, a security exception will be thrown. 1422 * <p> 1423 * This method can be called on the {@link DevicePolicyManager} instance returned by 1424 * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent 1425 * profile. 1426 * 1427 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 1428 * @param length The new desired minimum number of upper case letters required in the password. 1429 * A value of 0 means there is no restriction. 1430 * @throws SecurityException if {@code admin} is not an active administrator or {@code admin} 1431 * does not use {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} 1432 */ setPasswordMinimumUpperCase(@onNull ComponentName admin, int length)1433 public void setPasswordMinimumUpperCase(@NonNull ComponentName admin, int length) { 1434 if (mService != null) { 1435 try { 1436 mService.setPasswordMinimumUpperCase(admin, length, mParentInstance); 1437 } catch (RemoteException e) { 1438 throw e.rethrowFromSystemServer(); 1439 } 1440 } 1441 } 1442 1443 /** 1444 * Retrieve the current number of upper case letters required in the password 1445 * for a particular admin or all admins that set retrictions on this user and 1446 * its participating profiles. Restrictions on profiles that have a separate challenge 1447 * are not taken into account. 1448 * This is the same value as set by 1449 * {@link #setPasswordMinimumUpperCase(ComponentName, int)} 1450 * and only applies when the password quality is 1451 * {@link #PASSWORD_QUALITY_COMPLEX}. 1452 * 1453 * <p>This method can be called on the {@link DevicePolicyManager} instance 1454 * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve 1455 * restrictions on the parent profile. 1456 * 1457 * @param admin The name of the admin component to check, or {@code null} to 1458 * aggregate all admins. 1459 * @return The minimum number of upper case letters required in the 1460 * password. 1461 */ getPasswordMinimumUpperCase(@ullable ComponentName admin)1462 public int getPasswordMinimumUpperCase(@Nullable ComponentName admin) { 1463 return getPasswordMinimumUpperCase(admin, myUserId()); 1464 } 1465 1466 /** @hide per-user version */ getPasswordMinimumUpperCase(@ullable ComponentName admin, int userHandle)1467 public int getPasswordMinimumUpperCase(@Nullable ComponentName admin, int userHandle) { 1468 if (mService != null) { 1469 try { 1470 return mService.getPasswordMinimumUpperCase(admin, userHandle, mParentInstance); 1471 } catch (RemoteException e) { 1472 throw e.rethrowFromSystemServer(); 1473 } 1474 } 1475 return 0; 1476 } 1477 1478 /** 1479 * Called by an application that is administering the device to set the minimum number of lower 1480 * case letters required in the password. After setting this, the user will not be able to enter 1481 * a new password that is not at least as restrictive as what has been set. Note that the 1482 * current password will remain until the user has set a new one, so the change does not take 1483 * place immediately. To prompt the user for a new password, use 1484 * {@link #ACTION_SET_NEW_PASSWORD} or {@link #ACTION_SET_NEW_PARENT_PROFILE_PASSWORD} after 1485 * setting this value. This constraint is only imposed if the administrator has also requested 1486 * {@link #PASSWORD_QUALITY_COMPLEX} with {@link #setPasswordQuality}. The default value is 0. 1487 * <p> 1488 * The calling device admin must have requested 1489 * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has 1490 * not, a security exception will be thrown. 1491 * <p> 1492 * This method can be called on the {@link DevicePolicyManager} instance returned by 1493 * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent 1494 * profile. 1495 * 1496 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 1497 * @param length The new desired minimum number of lower case letters required in the password. 1498 * A value of 0 means there is no restriction. 1499 * @throws SecurityException if {@code admin} is not an active administrator or {@code admin} 1500 * does not use {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} 1501 */ setPasswordMinimumLowerCase(@onNull ComponentName admin, int length)1502 public void setPasswordMinimumLowerCase(@NonNull ComponentName admin, int length) { 1503 if (mService != null) { 1504 try { 1505 mService.setPasswordMinimumLowerCase(admin, length, mParentInstance); 1506 } catch (RemoteException e) { 1507 throw e.rethrowFromSystemServer(); 1508 } 1509 } 1510 } 1511 1512 /** 1513 * Retrieve the current number of lower case letters required in the password 1514 * for a particular admin or all admins that set retrictions on this user 1515 * and its participating profiles. Restrictions on profiles that have 1516 * a separate challenge are not taken into account. 1517 * This is the same value as set by 1518 * {@link #setPasswordMinimumLowerCase(ComponentName, int)} 1519 * and only applies when the password quality is 1520 * {@link #PASSWORD_QUALITY_COMPLEX}. 1521 * 1522 * <p>This method can be called on the {@link DevicePolicyManager} instance 1523 * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve 1524 * restrictions on the parent profile. 1525 * 1526 * @param admin The name of the admin component to check, or {@code null} to 1527 * aggregate all admins. 1528 * @return The minimum number of lower case letters required in the 1529 * password. 1530 */ getPasswordMinimumLowerCase(@ullable ComponentName admin)1531 public int getPasswordMinimumLowerCase(@Nullable ComponentName admin) { 1532 return getPasswordMinimumLowerCase(admin, myUserId()); 1533 } 1534 1535 /** @hide per-user version */ getPasswordMinimumLowerCase(@ullable ComponentName admin, int userHandle)1536 public int getPasswordMinimumLowerCase(@Nullable ComponentName admin, int userHandle) { 1537 if (mService != null) { 1538 try { 1539 return mService.getPasswordMinimumLowerCase(admin, userHandle, mParentInstance); 1540 } catch (RemoteException e) { 1541 throw e.rethrowFromSystemServer(); 1542 } 1543 } 1544 return 0; 1545 } 1546 1547 /** 1548 * Called by an application that is administering the device to set the minimum number of 1549 * letters required in the password. After setting this, the user will not be able to enter a 1550 * new password that is not at least as restrictive as what has been set. Note that the current 1551 * password will remain until the user has set a new one, so the change does not take place 1552 * immediately. To prompt the user for a new password, use {@link #ACTION_SET_NEW_PASSWORD} or 1553 * {@link #ACTION_SET_NEW_PARENT_PROFILE_PASSWORD} after setting this value. This constraint is 1554 * only imposed if the administrator has also requested {@link #PASSWORD_QUALITY_COMPLEX} with 1555 * {@link #setPasswordQuality}. The default value is 1. 1556 * <p> 1557 * The calling device admin must have requested 1558 * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has 1559 * not, a security exception will be thrown. 1560 * <p> 1561 * This method can be called on the {@link DevicePolicyManager} instance returned by 1562 * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent 1563 * profile. 1564 * 1565 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 1566 * @param length The new desired minimum number of letters required in the password. A value of 1567 * 0 means there is no restriction. 1568 * @throws SecurityException if {@code admin} is not an active administrator or {@code admin} 1569 * does not use {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} 1570 */ setPasswordMinimumLetters(@onNull ComponentName admin, int length)1571 public void setPasswordMinimumLetters(@NonNull ComponentName admin, int length) { 1572 if (mService != null) { 1573 try { 1574 mService.setPasswordMinimumLetters(admin, length, mParentInstance); 1575 } catch (RemoteException e) { 1576 throw e.rethrowFromSystemServer(); 1577 } 1578 } 1579 } 1580 1581 /** 1582 * Retrieve the current number of letters required in the password 1583 * for a particular admin or all admins that set retrictions on this user 1584 * and its participating profiles. Restrictions on profiles that have 1585 * a separate challenge are not taken into account. 1586 * This is the same value as set by 1587 * {@link #setPasswordMinimumLetters(ComponentName, int)} 1588 * and only applies when the password quality is 1589 * {@link #PASSWORD_QUALITY_COMPLEX}. 1590 * 1591 * <p>This method can be called on the {@link DevicePolicyManager} instance 1592 * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve 1593 * restrictions on the parent profile. 1594 * 1595 * @param admin The name of the admin component to check, or {@code null} to 1596 * aggregate all admins. 1597 * @return The minimum number of letters required in the password. 1598 */ getPasswordMinimumLetters(@ullable ComponentName admin)1599 public int getPasswordMinimumLetters(@Nullable ComponentName admin) { 1600 return getPasswordMinimumLetters(admin, myUserId()); 1601 } 1602 1603 /** @hide per-user version */ getPasswordMinimumLetters(@ullable ComponentName admin, int userHandle)1604 public int getPasswordMinimumLetters(@Nullable ComponentName admin, int userHandle) { 1605 if (mService != null) { 1606 try { 1607 return mService.getPasswordMinimumLetters(admin, userHandle, mParentInstance); 1608 } catch (RemoteException e) { 1609 throw e.rethrowFromSystemServer(); 1610 } 1611 } 1612 return 0; 1613 } 1614 1615 /** 1616 * Called by an application that is administering the device to set the minimum number of 1617 * numerical digits required in the password. After setting this, the user will not be able to 1618 * enter a new password that is not at least as restrictive as what has been set. Note that the 1619 * current password will remain until the user has set a new one, so the change does not take 1620 * place immediately. To prompt the user for a new password, use 1621 * {@link #ACTION_SET_NEW_PASSWORD} or {@link #ACTION_SET_NEW_PARENT_PROFILE_PASSWORD} after 1622 * setting this value. This constraint is only imposed if the administrator has also requested 1623 * {@link #PASSWORD_QUALITY_COMPLEX} with {@link #setPasswordQuality}. The default value is 1. 1624 * <p> 1625 * The calling device admin must have requested 1626 * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has 1627 * not, a security exception will be thrown. 1628 * <p> 1629 * This method can be called on the {@link DevicePolicyManager} instance returned by 1630 * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent 1631 * profile. 1632 * 1633 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 1634 * @param length The new desired minimum number of numerical digits required in the password. A 1635 * value of 0 means there is no restriction. 1636 * @throws SecurityException if {@code admin} is not an active administrator or {@code admin} 1637 * does not use {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} 1638 */ setPasswordMinimumNumeric(@onNull ComponentName admin, int length)1639 public void setPasswordMinimumNumeric(@NonNull ComponentName admin, int length) { 1640 if (mService != null) { 1641 try { 1642 mService.setPasswordMinimumNumeric(admin, length, mParentInstance); 1643 } catch (RemoteException e) { 1644 throw e.rethrowFromSystemServer(); 1645 } 1646 } 1647 } 1648 1649 /** 1650 * Retrieve the current number of numerical digits required in the password 1651 * for a particular admin or all admins that set retrictions on this user 1652 * and its participating profiles. Restrictions on profiles that have 1653 * a separate challenge are not taken into account. 1654 * This is the same value as set by 1655 * {@link #setPasswordMinimumNumeric(ComponentName, int)} 1656 * and only applies when the password quality is 1657 * {@link #PASSWORD_QUALITY_COMPLEX}. 1658 * 1659 * <p>This method can be called on the {@link DevicePolicyManager} instance 1660 * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve 1661 * restrictions on the parent profile. 1662 * 1663 * @param admin The name of the admin component to check, or {@code null} to 1664 * aggregate all admins. 1665 * @return The minimum number of numerical digits required in the password. 1666 */ getPasswordMinimumNumeric(@ullable ComponentName admin)1667 public int getPasswordMinimumNumeric(@Nullable ComponentName admin) { 1668 return getPasswordMinimumNumeric(admin, myUserId()); 1669 } 1670 1671 /** @hide per-user version */ getPasswordMinimumNumeric(@ullable ComponentName admin, int userHandle)1672 public int getPasswordMinimumNumeric(@Nullable ComponentName admin, int userHandle) { 1673 if (mService != null) { 1674 try { 1675 return mService.getPasswordMinimumNumeric(admin, userHandle, mParentInstance); 1676 } catch (RemoteException e) { 1677 throw e.rethrowFromSystemServer(); 1678 } 1679 } 1680 return 0; 1681 } 1682 1683 /** 1684 * Called by an application that is administering the device to set the minimum number of 1685 * symbols required in the password. After setting this, the user will not be able to enter a 1686 * new password that is not at least as restrictive as what has been set. Note that the current 1687 * password will remain until the user has set a new one, so the change does not take place 1688 * immediately. To prompt the user for a new password, use {@link #ACTION_SET_NEW_PASSWORD} or 1689 * {@link #ACTION_SET_NEW_PARENT_PROFILE_PASSWORD} after setting this value. This constraint is 1690 * only imposed if the administrator has also requested {@link #PASSWORD_QUALITY_COMPLEX} with 1691 * {@link #setPasswordQuality}. The default value is 1. 1692 * <p> 1693 * The calling device admin must have requested 1694 * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has 1695 * not, a security exception will be thrown. 1696 * <p> 1697 * This method can be called on the {@link DevicePolicyManager} instance returned by 1698 * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent 1699 * profile. 1700 * 1701 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 1702 * @param length The new desired minimum number of symbols required in the password. A value of 1703 * 0 means there is no restriction. 1704 * @throws SecurityException if {@code admin} is not an active administrator or {@code admin} 1705 * does not use {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} 1706 */ setPasswordMinimumSymbols(@onNull ComponentName admin, int length)1707 public void setPasswordMinimumSymbols(@NonNull ComponentName admin, int length) { 1708 if (mService != null) { 1709 try { 1710 mService.setPasswordMinimumSymbols(admin, length, mParentInstance); 1711 } catch (RemoteException e) { 1712 throw e.rethrowFromSystemServer(); 1713 } 1714 } 1715 } 1716 1717 /** 1718 * Retrieve the current number of symbols required in the password 1719 * for a particular admin or all admins that set retrictions on this user 1720 * and its participating profiles. Restrictions on profiles that have 1721 * a separate challenge are not taken into account. This is the same value as 1722 * set by {@link #setPasswordMinimumSymbols(ComponentName, int)} 1723 * and only applies when the password quality is 1724 * {@link #PASSWORD_QUALITY_COMPLEX}. 1725 * 1726 * <p>This method can be called on the {@link DevicePolicyManager} instance 1727 * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve 1728 * restrictions on the parent profile. 1729 * 1730 * @param admin The name of the admin component to check, or {@code null} to 1731 * aggregate all admins. 1732 * @return The minimum number of symbols required in the password. 1733 */ getPasswordMinimumSymbols(@ullable ComponentName admin)1734 public int getPasswordMinimumSymbols(@Nullable ComponentName admin) { 1735 return getPasswordMinimumSymbols(admin, myUserId()); 1736 } 1737 1738 /** @hide per-user version */ getPasswordMinimumSymbols(@ullable ComponentName admin, int userHandle)1739 public int getPasswordMinimumSymbols(@Nullable ComponentName admin, int userHandle) { 1740 if (mService != null) { 1741 try { 1742 return mService.getPasswordMinimumSymbols(admin, userHandle, mParentInstance); 1743 } catch (RemoteException e) { 1744 throw e.rethrowFromSystemServer(); 1745 } 1746 } 1747 return 0; 1748 } 1749 1750 /** 1751 * Called by an application that is administering the device to set the minimum number of 1752 * non-letter characters (numerical digits or symbols) required in the password. After setting 1753 * this, the user will not be able to enter a new password that is not at least as restrictive 1754 * as what has been set. Note that the current password will remain until the user has set a new 1755 * one, so the change does not take place immediately. To prompt the user for a new password, 1756 * use {@link #ACTION_SET_NEW_PASSWORD} or {@link #ACTION_SET_NEW_PARENT_PROFILE_PASSWORD} after 1757 * setting this value. This constraint is only imposed if the administrator has also requested 1758 * {@link #PASSWORD_QUALITY_COMPLEX} with {@link #setPasswordQuality}. The default value is 0. 1759 * <p> 1760 * The calling device admin must have requested 1761 * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has 1762 * not, a security exception will be thrown. 1763 * <p> 1764 * This method can be called on the {@link DevicePolicyManager} instance returned by 1765 * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent 1766 * profile. 1767 * 1768 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 1769 * @param length The new desired minimum number of letters required in the password. A value of 1770 * 0 means there is no restriction. 1771 * @throws SecurityException if {@code admin} is not an active administrator or {@code admin} 1772 * does not use {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} 1773 */ setPasswordMinimumNonLetter(@onNull ComponentName admin, int length)1774 public void setPasswordMinimumNonLetter(@NonNull ComponentName admin, int length) { 1775 if (mService != null) { 1776 try { 1777 mService.setPasswordMinimumNonLetter(admin, length, mParentInstance); 1778 } catch (RemoteException e) { 1779 throw e.rethrowFromSystemServer(); 1780 } 1781 } 1782 } 1783 1784 /** 1785 * Retrieve the current number of non-letter characters required in the password 1786 * for a particular admin or all admins that set retrictions on this user 1787 * and its participating profiles. Restrictions on profiles that have 1788 * a separate challenge are not taken into account. 1789 * This is the same value as set by 1790 * {@link #setPasswordMinimumNonLetter(ComponentName, int)} 1791 * and only applies when the password quality is 1792 * {@link #PASSWORD_QUALITY_COMPLEX}. 1793 * 1794 * <p>This method can be called on the {@link DevicePolicyManager} instance 1795 * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve 1796 * restrictions on the parent profile. 1797 * 1798 * @param admin The name of the admin component to check, or {@code null} to 1799 * aggregate all admins. 1800 * @return The minimum number of letters required in the password. 1801 */ getPasswordMinimumNonLetter(@ullable ComponentName admin)1802 public int getPasswordMinimumNonLetter(@Nullable ComponentName admin) { 1803 return getPasswordMinimumNonLetter(admin, myUserId()); 1804 } 1805 1806 /** @hide per-user version */ getPasswordMinimumNonLetter(@ullable ComponentName admin, int userHandle)1807 public int getPasswordMinimumNonLetter(@Nullable ComponentName admin, int userHandle) { 1808 if (mService != null) { 1809 try { 1810 return mService.getPasswordMinimumNonLetter(admin, userHandle, mParentInstance); 1811 } catch (RemoteException e) { 1812 throw e.rethrowFromSystemServer(); 1813 } 1814 } 1815 return 0; 1816 } 1817 1818 /** 1819 * Called by an application that is administering the device to set the length of the password 1820 * history. After setting this, the user will not be able to enter a new password that is the 1821 * same as any password in the history. Note that the current password will remain until the 1822 * user has set a new one, so the change does not take place immediately. To prompt the user for 1823 * a new password, use {@link #ACTION_SET_NEW_PASSWORD} or 1824 * {@link #ACTION_SET_NEW_PARENT_PROFILE_PASSWORD} after setting this value. This constraint is 1825 * only imposed if the administrator has also requested either {@link #PASSWORD_QUALITY_NUMERIC} 1826 * , {@link #PASSWORD_QUALITY_NUMERIC_COMPLEX} {@link #PASSWORD_QUALITY_ALPHABETIC}, or 1827 * {@link #PASSWORD_QUALITY_ALPHANUMERIC} with {@link #setPasswordQuality}. 1828 * <p> 1829 * The calling device admin must have requested 1830 * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has 1831 * not, a security exception will be thrown. 1832 * <p> 1833 * This method can be called on the {@link DevicePolicyManager} instance returned by 1834 * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent 1835 * profile. 1836 * 1837 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 1838 * @param length The new desired length of password history. A value of 0 means there is no 1839 * restriction. 1840 * @throws SecurityException if {@code admin} is not an active administrator or {@code admin} 1841 * does not use {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} 1842 */ setPasswordHistoryLength(@onNull ComponentName admin, int length)1843 public void setPasswordHistoryLength(@NonNull ComponentName admin, int length) { 1844 if (mService != null) { 1845 try { 1846 mService.setPasswordHistoryLength(admin, length, mParentInstance); 1847 } catch (RemoteException e) { 1848 throw e.rethrowFromSystemServer(); 1849 } 1850 } 1851 } 1852 1853 /** 1854 * Called by a device admin to set the password expiration timeout. Calling this method will 1855 * restart the countdown for password expiration for the given admin, as will changing the 1856 * device password (for all admins). 1857 * <p> 1858 * The provided timeout is the time delta in ms and will be added to the current time. For 1859 * example, to have the password expire 5 days from now, timeout would be 5 * 86400 * 1000 = 1860 * 432000000 ms for timeout. 1861 * <p> 1862 * To disable password expiration, a value of 0 may be used for timeout. 1863 * <p> 1864 * The calling device admin must have requested 1865 * {@link DeviceAdminInfo#USES_POLICY_EXPIRE_PASSWORD} to be able to call this method; if it has 1866 * not, a security exception will be thrown. 1867 * <p> 1868 * Note that setting the password will automatically reset the expiration time for all active 1869 * admins. Active admins do not need to explicitly call this method in that case. 1870 * <p> 1871 * This method can be called on the {@link DevicePolicyManager} instance returned by 1872 * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent 1873 * profile. 1874 * 1875 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 1876 * @param timeout The limit (in ms) that a password can remain in effect. A value of 0 means 1877 * there is no restriction (unlimited). 1878 * @throws SecurityException if {@code admin} is not an active administrator or {@code admin} 1879 * does not use {@link DeviceAdminInfo#USES_POLICY_EXPIRE_PASSWORD} 1880 */ setPasswordExpirationTimeout(@onNull ComponentName admin, long timeout)1881 public void setPasswordExpirationTimeout(@NonNull ComponentName admin, long timeout) { 1882 if (mService != null) { 1883 try { 1884 mService.setPasswordExpirationTimeout(admin, timeout, mParentInstance); 1885 } catch (RemoteException e) { 1886 throw e.rethrowFromSystemServer(); 1887 } 1888 } 1889 } 1890 1891 /** 1892 * Get the password expiration timeout for the given admin. The expiration timeout is the 1893 * recurring expiration timeout provided in the call to 1894 * {@link #setPasswordExpirationTimeout(ComponentName, long)} for the given admin or the 1895 * aggregate of all participating policy administrators if {@code admin} is null. Admins that 1896 * have set restrictions on profiles that have a separate challenge are not taken into account. 1897 * 1898 * <p>This method can be called on the {@link DevicePolicyManager} instance 1899 * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve 1900 * restrictions on the parent profile. 1901 * 1902 * @param admin The name of the admin component to check, or {@code null} to aggregate all admins. 1903 * @return The timeout for the given admin or the minimum of all timeouts 1904 */ getPasswordExpirationTimeout(@ullable ComponentName admin)1905 public long getPasswordExpirationTimeout(@Nullable ComponentName admin) { 1906 if (mService != null) { 1907 try { 1908 return mService.getPasswordExpirationTimeout(admin, myUserId(), mParentInstance); 1909 } catch (RemoteException e) { 1910 throw e.rethrowFromSystemServer(); 1911 } 1912 } 1913 return 0; 1914 } 1915 1916 /** 1917 * Get the current password expiration time for a particular admin or all admins that set 1918 * retrictions on this user and its participating profiles. Restrictions on profiles that have 1919 * a separate challenge are not taken into account. If admin is {@code null}, then a composite 1920 * of all expiration times is returned - which will be the minimum of all of them. 1921 * 1922 * <p>This method can be called on the {@link DevicePolicyManager} instance 1923 * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve 1924 * the password expiration for the parent profile. 1925 * 1926 * @param admin The name of the admin component to check, or {@code null} to aggregate all admins. 1927 * @return The password expiration time, in milliseconds since epoch. 1928 */ getPasswordExpiration(@ullable ComponentName admin)1929 public long getPasswordExpiration(@Nullable ComponentName admin) { 1930 if (mService != null) { 1931 try { 1932 return mService.getPasswordExpiration(admin, myUserId(), mParentInstance); 1933 } catch (RemoteException e) { 1934 throw e.rethrowFromSystemServer(); 1935 } 1936 } 1937 return 0; 1938 } 1939 1940 /** 1941 * Retrieve the current password history length for a particular admin or all admins that 1942 * set retrictions on this user and its participating profiles. Restrictions on profiles that 1943 * have a separate challenge are not taken into account. 1944 * 1945 * <p>This method can be called on the {@link DevicePolicyManager} instance 1946 * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve 1947 * restrictions on the parent profile. 1948 * 1949 * @param admin The name of the admin component to check, or {@code null} to aggregate 1950 * all admins. 1951 * @return The length of the password history 1952 */ getPasswordHistoryLength(@ullable ComponentName admin)1953 public int getPasswordHistoryLength(@Nullable ComponentName admin) { 1954 return getPasswordHistoryLength(admin, myUserId()); 1955 } 1956 1957 /** @hide per-user version */ getPasswordHistoryLength(@ullable ComponentName admin, int userHandle)1958 public int getPasswordHistoryLength(@Nullable ComponentName admin, int userHandle) { 1959 if (mService != null) { 1960 try { 1961 return mService.getPasswordHistoryLength(admin, userHandle, mParentInstance); 1962 } catch (RemoteException e) { 1963 throw e.rethrowFromSystemServer(); 1964 } 1965 } 1966 return 0; 1967 } 1968 1969 /** 1970 * Return the maximum password length that the device supports for a 1971 * particular password quality. 1972 * @param quality The quality being interrogated. 1973 * @return Returns the maximum length that the user can enter. 1974 */ getPasswordMaximumLength(int quality)1975 public int getPasswordMaximumLength(int quality) { 1976 // Kind-of arbitrary. 1977 return 16; 1978 } 1979 1980 /** 1981 * Determine whether the current password the user has set is sufficient to meet the policy 1982 * requirements (e.g. quality, minimum length) that have been requested by the admins of this 1983 * user and its participating profiles. Restrictions on profiles that have a separate challenge 1984 * are not taken into account. 1985 * <p> 1986 * The calling device admin must have requested 1987 * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has 1988 * not, a security exception will be thrown. 1989 * <p> 1990 * This method can be called on the {@link DevicePolicyManager} instance returned by 1991 * {@link #getParentProfileInstance(ComponentName)} in order to determine if the password set on 1992 * the parent profile is sufficient. 1993 * 1994 * @return Returns true if the password meets the current requirements, else false. 1995 * @throws SecurityException if the calling application does not own an active administrator 1996 * that uses {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} 1997 */ isActivePasswordSufficient()1998 public boolean isActivePasswordSufficient() { 1999 if (mService != null) { 2000 try { 2001 return mService.isActivePasswordSufficient(myUserId(), mParentInstance); 2002 } catch (RemoteException e) { 2003 throw e.rethrowFromSystemServer(); 2004 } 2005 } 2006 return false; 2007 } 2008 2009 /** 2010 * Determine whether the current profile password the user has set is sufficient 2011 * to meet the policy requirements (e.g. quality, minimum length) that have been 2012 * requested by the admins of the parent user and its profiles. 2013 * 2014 * @param userHandle the userId of the profile to check the password for. 2015 * @return Returns true if the password would meet the current requirements, else false. 2016 * @throws SecurityException if {@code userHandle} is not a managed profile. 2017 * @hide 2018 */ isProfileActivePasswordSufficientForParent(int userHandle)2019 public boolean isProfileActivePasswordSufficientForParent(int userHandle) { 2020 if (mService != null) { 2021 try { 2022 return mService.isProfileActivePasswordSufficientForParent(userHandle); 2023 } catch (RemoteException e) { 2024 throw e.rethrowFromSystemServer(); 2025 } 2026 } 2027 return false; 2028 } 2029 2030 /** 2031 * Retrieve the number of times the user has failed at entering a password since that last 2032 * successful password entry. 2033 * <p> 2034 * This method can be called on the {@link DevicePolicyManager} instance returned by 2035 * {@link #getParentProfileInstance(ComponentName)} in order to retrieve the number of failed 2036 * password attemts for the parent user. 2037 * <p> 2038 * The calling device admin must have requested {@link DeviceAdminInfo#USES_POLICY_WATCH_LOGIN} 2039 * to be able to call this method; if it has not, a security exception will be thrown. 2040 * 2041 * @return The number of times user has entered an incorrect password since the last correct 2042 * password entry. 2043 * @throws SecurityException if the calling application does not own an active administrator 2044 * that uses {@link DeviceAdminInfo#USES_POLICY_WATCH_LOGIN} 2045 */ getCurrentFailedPasswordAttempts()2046 public int getCurrentFailedPasswordAttempts() { 2047 return getCurrentFailedPasswordAttempts(myUserId()); 2048 } 2049 2050 /** 2051 * Retrieve the number of times the given user has failed at entering a 2052 * password since that last successful password entry. 2053 * 2054 * <p>The calling device admin must have requested 2055 * {@link DeviceAdminInfo#USES_POLICY_WATCH_LOGIN} to be able to call this method; if it has 2056 * not and it is not the system uid, a security exception will be thrown. 2057 * 2058 * @hide 2059 */ getCurrentFailedPasswordAttempts(int userHandle)2060 public int getCurrentFailedPasswordAttempts(int userHandle) { 2061 if (mService != null) { 2062 try { 2063 return mService.getCurrentFailedPasswordAttempts(userHandle, mParentInstance); 2064 } catch (RemoteException e) { 2065 throw e.rethrowFromSystemServer(); 2066 } 2067 } 2068 return -1; 2069 } 2070 2071 /** 2072 * Queries whether {@link #RESET_PASSWORD_DO_NOT_ASK_CREDENTIALS_ON_BOOT} flag is set. 2073 * 2074 * @return true if RESET_PASSWORD_DO_NOT_ASK_CREDENTIALS_ON_BOOT flag is set. 2075 * @hide 2076 */ getDoNotAskCredentialsOnBoot()2077 public boolean getDoNotAskCredentialsOnBoot() { 2078 if (mService != null) { 2079 try { 2080 return mService.getDoNotAskCredentialsOnBoot(); 2081 } catch (RemoteException e) { 2082 throw e.rethrowFromSystemServer(); 2083 } 2084 } 2085 return false; 2086 } 2087 2088 /** 2089 * Setting this to a value greater than zero enables a built-in policy that will perform a 2090 * device or profile wipe after too many incorrect device-unlock passwords have been entered. 2091 * This built-in policy combines watching for failed passwords and wiping the device, and 2092 * requires that you request both {@link DeviceAdminInfo#USES_POLICY_WATCH_LOGIN} and 2093 * {@link DeviceAdminInfo#USES_POLICY_WIPE_DATA}}. 2094 * <p> 2095 * To implement any other policy (e.g. wiping data for a particular application only, erasing or 2096 * revoking credentials, or reporting the failure to a server), you should implement 2097 * {@link DeviceAdminReceiver#onPasswordFailed(Context, android.content.Intent)} instead. Do not 2098 * use this API, because if the maximum count is reached, the device or profile will be wiped 2099 * immediately, and your callback will not be invoked. 2100 * <p> 2101 * This method can be called on the {@link DevicePolicyManager} instance returned by 2102 * {@link #getParentProfileInstance(ComponentName)} in order to set a value on the parent 2103 * profile. 2104 * 2105 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 2106 * @param num The number of failed password attempts at which point the device or profile will 2107 * be wiped. 2108 * @throws SecurityException if {@code admin} is not an active administrator or does not use 2109 * both {@link DeviceAdminInfo#USES_POLICY_WATCH_LOGIN} and 2110 * {@link DeviceAdminInfo#USES_POLICY_WIPE_DATA}. 2111 */ setMaximumFailedPasswordsForWipe(@onNull ComponentName admin, int num)2112 public void setMaximumFailedPasswordsForWipe(@NonNull ComponentName admin, int num) { 2113 if (mService != null) { 2114 try { 2115 mService.setMaximumFailedPasswordsForWipe(admin, num, mParentInstance); 2116 } catch (RemoteException e) { 2117 throw e.rethrowFromSystemServer(); 2118 } 2119 } 2120 } 2121 2122 /** 2123 * Retrieve the current maximum number of login attempts that are allowed before the device 2124 * or profile is wiped, for a particular admin or all admins that set retrictions on this user 2125 * and its participating profiles. Restrictions on profiles that have a separate challenge are 2126 * not taken into account. 2127 * 2128 * <p>This method can be called on the {@link DevicePolicyManager} instance 2129 * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve 2130 * the value for the parent profile. 2131 * 2132 * @param admin The name of the admin component to check, or {@code null} to aggregate 2133 * all admins. 2134 */ getMaximumFailedPasswordsForWipe(@ullable ComponentName admin)2135 public int getMaximumFailedPasswordsForWipe(@Nullable ComponentName admin) { 2136 return getMaximumFailedPasswordsForWipe(admin, myUserId()); 2137 } 2138 2139 /** @hide per-user version */ getMaximumFailedPasswordsForWipe(@ullable ComponentName admin, int userHandle)2140 public int getMaximumFailedPasswordsForWipe(@Nullable ComponentName admin, int userHandle) { 2141 if (mService != null) { 2142 try { 2143 return mService.getMaximumFailedPasswordsForWipe( 2144 admin, userHandle, mParentInstance); 2145 } catch (RemoteException e) { 2146 throw e.rethrowFromSystemServer(); 2147 } 2148 } 2149 return 0; 2150 } 2151 2152 /** 2153 * Returns the profile with the smallest maximum failed passwords for wipe, 2154 * for the given user. So for primary user, it might return the primary or 2155 * a managed profile. For a secondary user, it would be the same as the 2156 * user passed in. 2157 * @hide Used only by Keyguard 2158 */ getProfileWithMinimumFailedPasswordsForWipe(int userHandle)2159 public int getProfileWithMinimumFailedPasswordsForWipe(int userHandle) { 2160 if (mService != null) { 2161 try { 2162 return mService.getProfileWithMinimumFailedPasswordsForWipe( 2163 userHandle, mParentInstance); 2164 } catch (RemoteException e) { 2165 throw e.rethrowFromSystemServer(); 2166 } 2167 } 2168 return UserHandle.USER_NULL; 2169 } 2170 2171 /** 2172 * Flag for {@link #resetPassword}: don't allow other admins to change 2173 * the password again until the user has entered it. 2174 */ 2175 public static final int RESET_PASSWORD_REQUIRE_ENTRY = 0x0001; 2176 2177 /** 2178 * Flag for {@link #resetPassword}: don't ask for user credentials on device boot. 2179 * If the flag is set, the device can be booted without asking for user password. 2180 * The absence of this flag does not change the current boot requirements. This flag 2181 * can be set by the device owner only. If the app is not the device owner, the flag 2182 * is ignored. Once the flag is set, it cannot be reverted back without resetting the 2183 * device to factory defaults. 2184 */ 2185 public static final int RESET_PASSWORD_DO_NOT_ASK_CREDENTIALS_ON_BOOT = 0x0002; 2186 2187 /** 2188 * Force a new device unlock password (the password needed to access the entire device, not for 2189 * individual accounts) on the user. This takes effect immediately. 2190 * <p> 2191 * <em>Note: This API has been limited as of {@link android.os.Build.VERSION_CODES#N} for 2192 * device admins that are not device owner and not profile owner. 2193 * The password can now only be changed if there is currently no password set. Device owner 2194 * and profile owner can still do this when user is unlocked and does not have a managed 2195 * profile.</em> 2196 * <p> 2197 * The given password must be sufficient for the current password quality and length constraints 2198 * as returned by {@link #getPasswordQuality(ComponentName)} and 2199 * {@link #getPasswordMinimumLength(ComponentName)}; if it does not meet these constraints, then 2200 * it will be rejected and false returned. Note that the password may be a stronger quality 2201 * (containing alphanumeric characters when the requested quality is only numeric), in which 2202 * case the currently active quality will be increased to match. 2203 * <p> 2204 * Calling with a null or empty password will clear any existing PIN, pattern or password if the 2205 * current password constraints allow it. <em>Note: This will not work in 2206 * {@link android.os.Build.VERSION_CODES#N} and later for managed profiles, or for device admins 2207 * that are not device owner or profile owner. Once set, the password cannot be changed to null 2208 * or empty except by these admins.</em> 2209 * <p> 2210 * The calling device admin must have requested 2211 * {@link DeviceAdminInfo#USES_POLICY_RESET_PASSWORD} to be able to call this method; if it has 2212 * not, a security exception will be thrown. 2213 * 2214 * @param password The new password for the user. Null or empty clears the password. 2215 * @param flags May be 0 or combination of {@link #RESET_PASSWORD_REQUIRE_ENTRY} and 2216 * {@link #RESET_PASSWORD_DO_NOT_ASK_CREDENTIALS_ON_BOOT}. 2217 * @return Returns true if the password was applied, or false if it is not acceptable for the 2218 * current constraints or if the user has not been decrypted yet. 2219 * @throws SecurityException if the calling application does not own an active administrator 2220 * that uses {@link DeviceAdminInfo#USES_POLICY_RESET_PASSWORD} 2221 * @throws IllegalStateException if the calling user is locked or has a managed profile. 2222 */ resetPassword(String password, int flags)2223 public boolean resetPassword(String password, int flags) { 2224 throwIfParentInstance("resetPassword"); 2225 if (mService != null) { 2226 try { 2227 return mService.resetPassword(password, flags); 2228 } catch (RemoteException e) { 2229 throw e.rethrowFromSystemServer(); 2230 } 2231 } 2232 return false; 2233 } 2234 2235 /** 2236 * Called by an application that is administering the device to set the maximum time for user 2237 * activity until the device will lock. This limits the length that the user can set. It takes 2238 * effect immediately. 2239 * <p> 2240 * The calling device admin must have requested {@link DeviceAdminInfo#USES_POLICY_FORCE_LOCK} 2241 * to be able to call this method; if it has not, a security exception will be thrown. 2242 * <p> 2243 * This method can be called on the {@link DevicePolicyManager} instance returned by 2244 * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent 2245 * profile. 2246 * 2247 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 2248 * @param timeMs The new desired maximum time to lock in milliseconds. A value of 0 means there 2249 * is no restriction. 2250 * @throws SecurityException if {@code admin} is not an active administrator or it does not use 2251 * {@link DeviceAdminInfo#USES_POLICY_FORCE_LOCK} 2252 */ setMaximumTimeToLock(@onNull ComponentName admin, long timeMs)2253 public void setMaximumTimeToLock(@NonNull ComponentName admin, long timeMs) { 2254 if (mService != null) { 2255 try { 2256 mService.setMaximumTimeToLock(admin, timeMs, mParentInstance); 2257 } catch (RemoteException e) { 2258 throw e.rethrowFromSystemServer(); 2259 } 2260 } 2261 } 2262 2263 /** 2264 * Retrieve the current maximum time to unlock for a particular admin or all admins that set 2265 * retrictions on this user and its participating profiles. Restrictions on profiles that have 2266 * a separate challenge are not taken into account. 2267 * 2268 * <p>This method can be called on the {@link DevicePolicyManager} instance 2269 * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve 2270 * restrictions on the parent profile. 2271 * 2272 * @param admin The name of the admin component to check, or {@code null} to aggregate 2273 * all admins. 2274 * @return time in milliseconds for the given admin or the minimum value (strictest) of 2275 * all admins if admin is null. Returns 0 if there are no restrictions. 2276 */ getMaximumTimeToLock(@ullable ComponentName admin)2277 public long getMaximumTimeToLock(@Nullable ComponentName admin) { 2278 return getMaximumTimeToLock(admin, myUserId()); 2279 } 2280 2281 /** @hide per-user version */ getMaximumTimeToLock(@ullable ComponentName admin, int userHandle)2282 public long getMaximumTimeToLock(@Nullable ComponentName admin, int userHandle) { 2283 if (mService != null) { 2284 try { 2285 return mService.getMaximumTimeToLock(admin, userHandle, mParentInstance); 2286 } catch (RemoteException e) { 2287 throw e.rethrowFromSystemServer(); 2288 } 2289 } 2290 return 0; 2291 } 2292 2293 /** 2294 * Returns maximum time to lock that applied by all profiles in this user. We do this because we 2295 * do not have a separate timeout to lock for work challenge only. 2296 * 2297 * @hide 2298 */ getMaximumTimeToLockForUserAndProfiles(int userHandle)2299 public long getMaximumTimeToLockForUserAndProfiles(int userHandle) { 2300 if (mService != null) { 2301 try { 2302 return mService.getMaximumTimeToLockForUserAndProfiles(userHandle); 2303 } catch (RemoteException e) { 2304 throw e.rethrowFromSystemServer(); 2305 } 2306 } 2307 return 0; 2308 } 2309 2310 /** 2311 * Make the device lock immediately, as if the lock screen timeout has expired at the point of 2312 * this call. 2313 * <p> 2314 * The calling device admin must have requested {@link DeviceAdminInfo#USES_POLICY_FORCE_LOCK} 2315 * to be able to call this method; if it has not, a security exception will be thrown. 2316 * <p> 2317 * This method can be called on the {@link DevicePolicyManager} instance returned by 2318 * {@link #getParentProfileInstance(ComponentName)} in order to lock the parent profile. 2319 * 2320 * @throws SecurityException if the calling application does not own an active administrator 2321 * that uses {@link DeviceAdminInfo#USES_POLICY_FORCE_LOCK} 2322 */ lockNow()2323 public void lockNow() { 2324 if (mService != null) { 2325 try { 2326 mService.lockNow(mParentInstance); 2327 } catch (RemoteException e) { 2328 throw e.rethrowFromSystemServer(); 2329 } 2330 } 2331 } 2332 2333 /** 2334 * Flag for {@link #wipeData(int)}: also erase the device's external 2335 * storage (such as SD cards). 2336 */ 2337 public static final int WIPE_EXTERNAL_STORAGE = 0x0001; 2338 2339 /** 2340 * Flag for {@link #wipeData(int)}: also erase the factory reset protection 2341 * data. 2342 * 2343 * <p>This flag may only be set by device owner admins; if it is set by 2344 * other admins a {@link SecurityException} will be thrown. 2345 */ 2346 public static final int WIPE_RESET_PROTECTION_DATA = 0x0002; 2347 2348 /** 2349 * Ask the user data be wiped. Wiping the primary user will cause the device to reboot, erasing 2350 * all user data while next booting up. 2351 * <p> 2352 * The calling device admin must have requested {@link DeviceAdminInfo#USES_POLICY_WIPE_DATA} to 2353 * be able to call this method; if it has not, a security exception will be thrown. 2354 * 2355 * @param flags Bit mask of additional options: currently supported flags are 2356 * {@link #WIPE_EXTERNAL_STORAGE} and {@link #WIPE_RESET_PROTECTION_DATA}. 2357 * @throws SecurityException if the calling application does not own an active administrator 2358 * that uses {@link DeviceAdminInfo#USES_POLICY_WIPE_DATA} 2359 */ wipeData(int flags)2360 public void wipeData(int flags) { 2361 throwIfParentInstance("wipeData"); 2362 if (mService != null) { 2363 try { 2364 mService.wipeData(flags); 2365 } catch (RemoteException e) { 2366 throw e.rethrowFromSystemServer(); 2367 } 2368 } 2369 } 2370 2371 /** 2372 * Called by an application that is administering the device to set the 2373 * global proxy and exclusion list. 2374 * <p> 2375 * The calling device admin must have requested 2376 * {@link DeviceAdminInfo#USES_POLICY_SETS_GLOBAL_PROXY} to be able to call 2377 * this method; if it has not, a security exception will be thrown. 2378 * Only the first device admin can set the proxy. If a second admin attempts 2379 * to set the proxy, the {@link ComponentName} of the admin originally setting the 2380 * proxy will be returned. If successful in setting the proxy, {@code null} will 2381 * be returned. 2382 * The method can be called repeatedly by the device admin alrady setting the 2383 * proxy to update the proxy and exclusion list. 2384 * 2385 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 2386 * @param proxySpec the global proxy desired. Must be an HTTP Proxy. 2387 * Pass Proxy.NO_PROXY to reset the proxy. 2388 * @param exclusionList a list of domains to be excluded from the global proxy. 2389 * @return {@code null} if the proxy was successfully set, or otherwise a {@link ComponentName} 2390 * of the device admin that sets the proxy. 2391 * @hide 2392 */ setGlobalProxy(@onNull ComponentName admin, Proxy proxySpec, List<String> exclusionList )2393 public ComponentName setGlobalProxy(@NonNull ComponentName admin, Proxy proxySpec, 2394 List<String> exclusionList ) { 2395 throwIfParentInstance("setGlobalProxy"); 2396 if (proxySpec == null) { 2397 throw new NullPointerException(); 2398 } 2399 if (mService != null) { 2400 try { 2401 String hostSpec; 2402 String exclSpec; 2403 if (proxySpec.equals(Proxy.NO_PROXY)) { 2404 hostSpec = null; 2405 exclSpec = null; 2406 } else { 2407 if (!proxySpec.type().equals(Proxy.Type.HTTP)) { 2408 throw new IllegalArgumentException(); 2409 } 2410 InetSocketAddress sa = (InetSocketAddress)proxySpec.address(); 2411 String hostName = sa.getHostName(); 2412 int port = sa.getPort(); 2413 StringBuilder hostBuilder = new StringBuilder(); 2414 hostSpec = hostBuilder.append(hostName) 2415 .append(":").append(Integer.toString(port)).toString(); 2416 if (exclusionList == null) { 2417 exclSpec = ""; 2418 } else { 2419 StringBuilder listBuilder = new StringBuilder(); 2420 boolean firstDomain = true; 2421 for (String exclDomain : exclusionList) { 2422 if (!firstDomain) { 2423 listBuilder = listBuilder.append(","); 2424 } else { 2425 firstDomain = false; 2426 } 2427 listBuilder = listBuilder.append(exclDomain.trim()); 2428 } 2429 exclSpec = listBuilder.toString(); 2430 } 2431 if (android.net.Proxy.validate(hostName, Integer.toString(port), exclSpec) 2432 != android.net.Proxy.PROXY_VALID) 2433 throw new IllegalArgumentException(); 2434 } 2435 return mService.setGlobalProxy(admin, hostSpec, exclSpec); 2436 } catch (RemoteException e) { 2437 throw e.rethrowFromSystemServer(); 2438 } 2439 } 2440 return null; 2441 } 2442 2443 /** 2444 * Set a network-independent global HTTP proxy. This is not normally what you want for typical 2445 * HTTP proxies - they are generally network dependent. However if you're doing something 2446 * unusual like general internal filtering this may be useful. On a private network where the 2447 * proxy is not accessible, you may break HTTP using this. 2448 * <p> 2449 * This method requires the caller to be the device owner. 2450 * <p> 2451 * This proxy is only a recommendation and it is possible that some apps will ignore it. 2452 * 2453 * @see ProxyInfo 2454 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 2455 * @param proxyInfo The a {@link ProxyInfo} object defining the new global HTTP proxy. A 2456 * {@code null} value will clear the global HTTP proxy. 2457 * @throws SecurityException if {@code admin} is not the device owner. 2458 */ setRecommendedGlobalProxy(@onNull ComponentName admin, @Nullable ProxyInfo proxyInfo)2459 public void setRecommendedGlobalProxy(@NonNull ComponentName admin, @Nullable ProxyInfo 2460 proxyInfo) { 2461 throwIfParentInstance("setRecommendedGlobalProxy"); 2462 if (mService != null) { 2463 try { 2464 mService.setRecommendedGlobalProxy(admin, proxyInfo); 2465 } catch (RemoteException e) { 2466 throw e.rethrowFromSystemServer(); 2467 } 2468 } 2469 } 2470 2471 /** 2472 * Returns the component name setting the global proxy. 2473 * @return ComponentName object of the device admin that set the global proxy, or {@code null} 2474 * if no admin has set the proxy. 2475 * @hide 2476 */ getGlobalProxyAdmin()2477 public ComponentName getGlobalProxyAdmin() { 2478 if (mService != null) { 2479 try { 2480 return mService.getGlobalProxyAdmin(myUserId()); 2481 } catch (RemoteException e) { 2482 throw e.rethrowFromSystemServer(); 2483 } 2484 } 2485 return null; 2486 } 2487 2488 /** 2489 * Result code for {@link #setStorageEncryption} and {@link #getStorageEncryptionStatus}: 2490 * indicating that encryption is not supported. 2491 */ 2492 public static final int ENCRYPTION_STATUS_UNSUPPORTED = 0; 2493 2494 /** 2495 * Result code for {@link #setStorageEncryption} and {@link #getStorageEncryptionStatus}: 2496 * indicating that encryption is supported, but is not currently active. 2497 */ 2498 public static final int ENCRYPTION_STATUS_INACTIVE = 1; 2499 2500 /** 2501 * Result code for {@link #getStorageEncryptionStatus}: 2502 * indicating that encryption is not currently active, but is currently 2503 * being activated. This is only reported by devices that support 2504 * encryption of data and only when the storage is currently 2505 * undergoing a process of becoming encrypted. A device that must reboot and/or wipe data 2506 * to become encrypted will never return this value. 2507 */ 2508 public static final int ENCRYPTION_STATUS_ACTIVATING = 2; 2509 2510 /** 2511 * Result code for {@link #setStorageEncryption} and {@link #getStorageEncryptionStatus}: 2512 * indicating that encryption is active. 2513 */ 2514 public static final int ENCRYPTION_STATUS_ACTIVE = 3; 2515 2516 /** 2517 * Result code for {@link #getStorageEncryptionStatus}: 2518 * indicating that encryption is active, but an encryption key has not 2519 * been set by the user. 2520 */ 2521 public static final int ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY = 4; 2522 2523 /** 2524 * Result code for {@link #getStorageEncryptionStatus}: 2525 * indicating that encryption is active and the encryption key is tied to the user. 2526 */ 2527 public static final int ENCRYPTION_STATUS_ACTIVE_PER_USER = 5; 2528 2529 /** 2530 * Activity action: begin the process of encrypting data on the device. This activity should 2531 * be launched after using {@link #setStorageEncryption} to request encryption be activated. 2532 * After resuming from this activity, use {@link #getStorageEncryption} 2533 * to check encryption status. However, on some devices this activity may never return, as 2534 * it may trigger a reboot and in some cases a complete data wipe of the device. 2535 */ 2536 @SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION) 2537 public static final String ACTION_START_ENCRYPTION 2538 = "android.app.action.START_ENCRYPTION"; 2539 /** 2540 * Widgets are enabled in keyguard 2541 */ 2542 public static final int KEYGUARD_DISABLE_FEATURES_NONE = 0; 2543 2544 /** 2545 * Disable all keyguard widgets. Has no effect. 2546 */ 2547 public static final int KEYGUARD_DISABLE_WIDGETS_ALL = 1 << 0; 2548 2549 /** 2550 * Disable the camera on secure keyguard screens (e.g. PIN/Pattern/Password) 2551 */ 2552 public static final int KEYGUARD_DISABLE_SECURE_CAMERA = 1 << 1; 2553 2554 /** 2555 * Disable showing all notifications on secure keyguard screens (e.g. PIN/Pattern/Password) 2556 */ 2557 public static final int KEYGUARD_DISABLE_SECURE_NOTIFICATIONS = 1 << 2; 2558 2559 /** 2560 * Only allow redacted notifications on secure keyguard screens (e.g. PIN/Pattern/Password) 2561 */ 2562 public static final int KEYGUARD_DISABLE_UNREDACTED_NOTIFICATIONS = 1 << 3; 2563 2564 /** 2565 * Ignore trust agent state on secure keyguard screens 2566 * (e.g. PIN/Pattern/Password). 2567 */ 2568 public static final int KEYGUARD_DISABLE_TRUST_AGENTS = 1 << 4; 2569 2570 /** 2571 * Disable fingerprint sensor on keyguard secure screens (e.g. PIN/Pattern/Password). 2572 */ 2573 public static final int KEYGUARD_DISABLE_FINGERPRINT = 1 << 5; 2574 2575 /** 2576 * Disable text entry into notifications on secure keyguard screens (e.g. PIN/Pattern/Password). 2577 */ 2578 public static final int KEYGUARD_DISABLE_REMOTE_INPUT = 1 << 6; 2579 2580 /** 2581 * Disable all current and future keyguard customizations. 2582 */ 2583 public static final int KEYGUARD_DISABLE_FEATURES_ALL = 0x7fffffff; 2584 2585 /** 2586 * Called by an application that is administering the device to request that the storage system 2587 * be encrypted. 2588 * <p> 2589 * When multiple device administrators attempt to control device encryption, the most secure, 2590 * supported setting will always be used. If any device administrator requests device 2591 * encryption, it will be enabled; Conversely, if a device administrator attempts to disable 2592 * device encryption while another device administrator has enabled it, the call to disable will 2593 * fail (most commonly returning {@link #ENCRYPTION_STATUS_ACTIVE}). 2594 * <p> 2595 * This policy controls encryption of the secure (application data) storage area. Data written 2596 * to other storage areas may or may not be encrypted, and this policy does not require or 2597 * control the encryption of any other storage areas. There is one exception: If 2598 * {@link android.os.Environment#isExternalStorageEmulated()} is {@code true}, then the 2599 * directory returned by {@link android.os.Environment#getExternalStorageDirectory()} must be 2600 * written to disk within the encrypted storage area. 2601 * <p> 2602 * Important Note: On some devices, it is possible to encrypt storage without requiring the user 2603 * to create a device PIN or Password. In this case, the storage is encrypted, but the 2604 * encryption key may not be fully secured. For maximum security, the administrator should also 2605 * require (and check for) a pattern, PIN, or password. 2606 * 2607 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 2608 * @param encrypt true to request encryption, false to release any previous request 2609 * @return the new request status (for all active admins) - will be one of 2610 * {@link #ENCRYPTION_STATUS_UNSUPPORTED}, {@link #ENCRYPTION_STATUS_INACTIVE}, or 2611 * {@link #ENCRYPTION_STATUS_ACTIVE}. This is the value of the requests; Use 2612 * {@link #getStorageEncryptionStatus()} to query the actual device state. 2613 * @throws SecurityException if {@code admin} is not an active administrator or does not use 2614 * {@link DeviceAdminInfo#USES_ENCRYPTED_STORAGE} 2615 */ setStorageEncryption(@onNull ComponentName admin, boolean encrypt)2616 public int setStorageEncryption(@NonNull ComponentName admin, boolean encrypt) { 2617 throwIfParentInstance("setStorageEncryption"); 2618 if (mService != null) { 2619 try { 2620 return mService.setStorageEncryption(admin, encrypt); 2621 } catch (RemoteException e) { 2622 throw e.rethrowFromSystemServer(); 2623 } 2624 } 2625 return ENCRYPTION_STATUS_UNSUPPORTED; 2626 } 2627 2628 /** 2629 * Called by an application that is administering the device to 2630 * determine the requested setting for secure storage. 2631 * 2632 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. If null, 2633 * this will return the requested encryption setting as an aggregate of all active 2634 * administrators. 2635 * @return true if the admin(s) are requesting encryption, false if not. 2636 */ getStorageEncryption(@ullable ComponentName admin)2637 public boolean getStorageEncryption(@Nullable ComponentName admin) { 2638 throwIfParentInstance("getStorageEncryption"); 2639 if (mService != null) { 2640 try { 2641 return mService.getStorageEncryption(admin, myUserId()); 2642 } catch (RemoteException e) { 2643 throw e.rethrowFromSystemServer(); 2644 } 2645 } 2646 return false; 2647 } 2648 2649 /** 2650 * Called by an application that is administering the device to 2651 * determine the current encryption status of the device. 2652 * 2653 * Depending on the returned status code, the caller may proceed in different 2654 * ways. If the result is {@link #ENCRYPTION_STATUS_UNSUPPORTED}, the 2655 * storage system does not support encryption. If the 2656 * result is {@link #ENCRYPTION_STATUS_INACTIVE}, use {@link 2657 * #ACTION_START_ENCRYPTION} to begin the process of encrypting or decrypting the 2658 * storage. If the result is {@link #ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY}, the 2659 * storage system has enabled encryption but no password is set so further action 2660 * may be required. If the result is {@link #ENCRYPTION_STATUS_ACTIVATING} or 2661 * {@link #ENCRYPTION_STATUS_ACTIVE}, no further action is required. 2662 * 2663 * @return current status of encryption. The value will be one of 2664 * {@link #ENCRYPTION_STATUS_UNSUPPORTED}, {@link #ENCRYPTION_STATUS_INACTIVE}, 2665 * {@link #ENCRYPTION_STATUS_ACTIVATING}, {@link #ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY}, 2666 * or {@link #ENCRYPTION_STATUS_ACTIVE}. 2667 */ getStorageEncryptionStatus()2668 public int getStorageEncryptionStatus() { 2669 throwIfParentInstance("getStorageEncryptionStatus"); 2670 return getStorageEncryptionStatus(myUserId()); 2671 } 2672 2673 /** @hide per-user version */ getStorageEncryptionStatus(int userHandle)2674 public int getStorageEncryptionStatus(int userHandle) { 2675 if (mService != null) { 2676 try { 2677 return mService.getStorageEncryptionStatus(mContext.getPackageName(), userHandle); 2678 } catch (RemoteException e) { 2679 throw e.rethrowFromSystemServer(); 2680 } 2681 } 2682 return ENCRYPTION_STATUS_UNSUPPORTED; 2683 } 2684 2685 /** 2686 * Mark a CA certificate as approved by the device user. This means that they have been notified 2687 * of the installation, were made aware of the risks, viewed the certificate and still wanted to 2688 * keep the certificate on the device. 2689 * 2690 * Calling with {@param approval} as {@code true} will cancel any ongoing warnings related to 2691 * this certificate. 2692 * 2693 * @hide 2694 */ approveCaCert(String alias, int userHandle, boolean approval)2695 public boolean approveCaCert(String alias, int userHandle, boolean approval) { 2696 if (mService != null) { 2697 try { 2698 return mService.approveCaCert(alias, userHandle, approval); 2699 } catch (RemoteException e) { 2700 throw e.rethrowFromSystemServer(); 2701 } 2702 } 2703 return false; 2704 } 2705 2706 /** 2707 * Check whether a CA certificate has been approved by the device user. 2708 * 2709 * @hide 2710 */ isCaCertApproved(String alias, int userHandle)2711 public boolean isCaCertApproved(String alias, int userHandle) { 2712 if (mService != null) { 2713 try { 2714 return mService.isCaCertApproved(alias, userHandle); 2715 } catch (RemoteException e) { 2716 throw e.rethrowFromSystemServer(); 2717 } 2718 } 2719 return false; 2720 } 2721 2722 /** 2723 * Installs the given certificate as a user CA. 2724 * 2725 * @param admin Which {@link DeviceAdminReceiver} this request is associated with, or 2726 * {@code null} if calling from a delegated certificate installer. 2727 * @param certBuffer encoded form of the certificate to install. 2728 * 2729 * @return false if the certBuffer cannot be parsed or installation is 2730 * interrupted, true otherwise. 2731 * @throws SecurityException if {@code admin} is not {@code null} and not a device or profile 2732 * owner. 2733 */ installCaCert(@ullable ComponentName admin, byte[] certBuffer)2734 public boolean installCaCert(@Nullable ComponentName admin, byte[] certBuffer) { 2735 throwIfParentInstance("installCaCert"); 2736 if (mService != null) { 2737 try { 2738 return mService.installCaCert(admin, certBuffer); 2739 } catch (RemoteException e) { 2740 throw e.rethrowFromSystemServer(); 2741 } 2742 } 2743 return false; 2744 } 2745 2746 /** 2747 * Uninstalls the given certificate from trusted user CAs, if present. 2748 * 2749 * @param admin Which {@link DeviceAdminReceiver} this request is associated with, or 2750 * {@code null} if calling from a delegated certificate installer. 2751 * @param certBuffer encoded form of the certificate to remove. 2752 * @throws SecurityException if {@code admin} is not {@code null} and not a device or profile 2753 * owner. 2754 */ uninstallCaCert(@ullable ComponentName admin, byte[] certBuffer)2755 public void uninstallCaCert(@Nullable ComponentName admin, byte[] certBuffer) { 2756 throwIfParentInstance("uninstallCaCert"); 2757 if (mService != null) { 2758 try { 2759 final String alias = getCaCertAlias(certBuffer); 2760 mService.uninstallCaCerts(admin, new String[] {alias}); 2761 } catch (CertificateException e) { 2762 Log.w(TAG, "Unable to parse certificate", e); 2763 } catch (RemoteException e) { 2764 throw e.rethrowFromSystemServer(); 2765 } 2766 } 2767 } 2768 2769 /** 2770 * Returns all CA certificates that are currently trusted, excluding system CA certificates. 2771 * If a user has installed any certificates by other means than device policy these will be 2772 * included too. 2773 * 2774 * @param admin Which {@link DeviceAdminReceiver} this request is associated with, or 2775 * {@code null} if calling from a delegated certificate installer. 2776 * @return a List of byte[] arrays, each encoding one user CA certificate. 2777 * @throws SecurityException if {@code admin} is not {@code null} and not a device or profile 2778 * owner. 2779 */ getInstalledCaCerts(@ullable ComponentName admin)2780 public List<byte[]> getInstalledCaCerts(@Nullable ComponentName admin) { 2781 List<byte[]> certs = new ArrayList<byte[]>(); 2782 throwIfParentInstance("getInstalledCaCerts"); 2783 if (mService != null) { 2784 try { 2785 mService.enforceCanManageCaCerts(admin); 2786 final TrustedCertificateStore certStore = new TrustedCertificateStore(); 2787 for (String alias : certStore.userAliases()) { 2788 try { 2789 certs.add(certStore.getCertificate(alias).getEncoded()); 2790 } catch (CertificateException ce) { 2791 Log.w(TAG, "Could not encode certificate: " + alias, ce); 2792 } 2793 } 2794 } catch (RemoteException re) { 2795 throw re.rethrowFromSystemServer(); 2796 } 2797 } 2798 return certs; 2799 } 2800 2801 /** 2802 * Uninstalls all custom trusted CA certificates from the profile. Certificates installed by 2803 * means other than device policy will also be removed, except for system CA certificates. 2804 * 2805 * @param admin Which {@link DeviceAdminReceiver} this request is associated with, or 2806 * {@code null} if calling from a delegated certificate installer. 2807 * @throws SecurityException if {@code admin} is not {@code null} and not a device or profile 2808 * owner. 2809 */ uninstallAllUserCaCerts(@ullable ComponentName admin)2810 public void uninstallAllUserCaCerts(@Nullable ComponentName admin) { 2811 throwIfParentInstance("uninstallAllUserCaCerts"); 2812 if (mService != null) { 2813 try { 2814 mService.uninstallCaCerts(admin, new TrustedCertificateStore().userAliases() 2815 .toArray(new String[0])); 2816 } catch (RemoteException re) { 2817 throw re.rethrowFromSystemServer(); 2818 } 2819 } 2820 } 2821 2822 /** 2823 * Returns whether this certificate is installed as a trusted CA. 2824 * 2825 * @param admin Which {@link DeviceAdminReceiver} this request is associated with, or 2826 * {@code null} if calling from a delegated certificate installer. 2827 * @param certBuffer encoded form of the certificate to look up. 2828 * @throws SecurityException if {@code admin} is not {@code null} and not a device or profile 2829 * owner. 2830 */ hasCaCertInstalled(@ullable ComponentName admin, byte[] certBuffer)2831 public boolean hasCaCertInstalled(@Nullable ComponentName admin, byte[] certBuffer) { 2832 throwIfParentInstance("hasCaCertInstalled"); 2833 if (mService != null) { 2834 try { 2835 mService.enforceCanManageCaCerts(admin); 2836 return getCaCertAlias(certBuffer) != null; 2837 } catch (RemoteException re) { 2838 throw re.rethrowFromSystemServer(); 2839 } catch (CertificateException ce) { 2840 Log.w(TAG, "Could not parse certificate", ce); 2841 } 2842 } 2843 return false; 2844 } 2845 2846 /** 2847 * Called by a device or profile owner, or delegated certificate installer, to install a 2848 * certificate and corresponding private key. All apps within the profile will be able to access 2849 * the certificate and use the private key, given direct user approval. 2850 * 2851 * <p>Access to the installed credentials will not be granted to the caller of this API without 2852 * direct user approval. This is for security - should a certificate installer become 2853 * compromised, certificates it had already installed will be protected. 2854 * 2855 * <p>If the installer must have access to the credentials, call 2856 * {@link #installKeyPair(ComponentName, PrivateKey, Certificate[], String, boolean)} instead. 2857 * 2858 * @param admin Which {@link DeviceAdminReceiver} this request is associated with, or 2859 * {@code null} if calling from a delegated certificate installer. 2860 * @param privKey The private key to install. 2861 * @param cert The certificate to install. 2862 * @param alias The private key alias under which to install the certificate. If a certificate 2863 * with that alias already exists, it will be overwritten. 2864 * @return {@code true} if the keys were installed, {@code false} otherwise. 2865 * @throws SecurityException if {@code admin} is not {@code null} and not a device or profile 2866 * owner. 2867 */ installKeyPair(@ullable ComponentName admin, @NonNull PrivateKey privKey, @NonNull Certificate cert, @NonNull String alias)2868 public boolean installKeyPair(@Nullable ComponentName admin, @NonNull PrivateKey privKey, 2869 @NonNull Certificate cert, @NonNull String alias) { 2870 return installKeyPair(admin, privKey, new Certificate[] {cert}, alias, false); 2871 } 2872 2873 /** 2874 * Called by a device or profile owner, or delegated certificate installer, to install a 2875 * certificate chain and corresponding private key for the leaf certificate. All apps within the 2876 * profile will be able to access the certificate chain and use the private key, given direct 2877 * user approval. 2878 * 2879 * <p>The caller of this API may grant itself access to the certificate and private key 2880 * immediately, without user approval. It is a best practice not to request this unless strictly 2881 * necessary since it opens up additional security vulnerabilities. 2882 * 2883 * @param admin Which {@link DeviceAdminReceiver} this request is associated with, or 2884 * {@code null} if calling from a delegated certificate installer. 2885 * @param privKey The private key to install. 2886 * @param certs The certificate chain to install. The chain should start with the leaf 2887 * certificate and include the chain of trust in order. This will be returned by 2888 * {@link android.security.KeyChain#getCertificateChain}. 2889 * @param alias The private key alias under which to install the certificate. If a certificate 2890 * with that alias already exists, it will be overwritten. 2891 * @param requestAccess {@code true} to request that the calling app be granted access to the 2892 * credentials immediately. Otherwise, access to the credentials will be gated by user 2893 * approval. 2894 * @return {@code true} if the keys were installed, {@code false} otherwise. 2895 * @throws SecurityException if {@code admin} is not {@code null} and not a device or profile 2896 * owner. 2897 * @see android.security.KeyChain#getCertificateChain 2898 */ installKeyPair(@ullable ComponentName admin, @NonNull PrivateKey privKey, @NonNull Certificate[] certs, @NonNull String alias, boolean requestAccess)2899 public boolean installKeyPair(@Nullable ComponentName admin, @NonNull PrivateKey privKey, 2900 @NonNull Certificate[] certs, @NonNull String alias, boolean requestAccess) { 2901 throwIfParentInstance("installKeyPair"); 2902 try { 2903 final byte[] pemCert = Credentials.convertToPem(certs[0]); 2904 byte[] pemChain = null; 2905 if (certs.length > 1) { 2906 pemChain = Credentials.convertToPem(Arrays.copyOfRange(certs, 1, certs.length)); 2907 } 2908 final byte[] pkcs8Key = KeyFactory.getInstance(privKey.getAlgorithm()) 2909 .getKeySpec(privKey, PKCS8EncodedKeySpec.class).getEncoded(); 2910 return mService.installKeyPair(admin, pkcs8Key, pemCert, pemChain, alias, 2911 requestAccess); 2912 } catch (RemoteException e) { 2913 throw e.rethrowFromSystemServer(); 2914 } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { 2915 Log.w(TAG, "Failed to obtain private key material", e); 2916 } catch (CertificateException | IOException e) { 2917 Log.w(TAG, "Could not pem-encode certificate", e); 2918 } 2919 return false; 2920 } 2921 2922 /** 2923 * Called by a device or profile owner, or delegated certificate installer, to remove a 2924 * certificate and private key pair installed under a given alias. 2925 * 2926 * @param admin Which {@link DeviceAdminReceiver} this request is associated with, or 2927 * {@code null} if calling from a delegated certificate installer. 2928 * @param alias The private key alias under which the certificate is installed. 2929 * @return {@code true} if the private key alias no longer exists, {@code false} otherwise. 2930 * @throws SecurityException if {@code admin} is not {@code null} and not a device or profile 2931 * owner. 2932 */ removeKeyPair(@ullable ComponentName admin, @NonNull String alias)2933 public boolean removeKeyPair(@Nullable ComponentName admin, @NonNull String alias) { 2934 throwIfParentInstance("removeKeyPair"); 2935 try { 2936 return mService.removeKeyPair(admin, alias); 2937 } catch (RemoteException e) { 2938 throw e.rethrowFromSystemServer(); 2939 } 2940 } 2941 2942 /** 2943 * @return the alias of a given CA certificate in the certificate store, or {@code null} if it 2944 * doesn't exist. 2945 */ getCaCertAlias(byte[] certBuffer)2946 private static String getCaCertAlias(byte[] certBuffer) throws CertificateException { 2947 final CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); 2948 final X509Certificate cert = (X509Certificate) certFactory.generateCertificate( 2949 new ByteArrayInputStream(certBuffer)); 2950 return new TrustedCertificateStore().getCertificateAlias(cert); 2951 } 2952 2953 /** 2954 * Called by a profile owner or device owner to grant access to privileged certificate 2955 * manipulation APIs to a third-party certificate installer app. Granted APIs include 2956 * {@link #getInstalledCaCerts}, {@link #hasCaCertInstalled}, {@link #installCaCert}, 2957 * {@link #uninstallCaCert}, {@link #uninstallAllUserCaCerts} and {@link #installKeyPair}. 2958 * <p> 2959 * Delegated certificate installer is a per-user state. The delegated access is persistent until 2960 * it is later cleared by calling this method with a null value or uninstallling the certificate 2961 * installer. 2962 * <p> 2963 * <b>Note:</b>Starting from {@link android.os.Build.VERSION_CODES#N}, if the caller 2964 * application's target SDK version is {@link android.os.Build.VERSION_CODES#N} or newer, the 2965 * supplied certificate installer package must be installed when calling this API, otherwise an 2966 * {@link IllegalArgumentException} will be thrown. 2967 * 2968 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 2969 * @param installerPackage The package name of the certificate installer which will be given 2970 * access. If {@code null} is given the current package will be cleared. 2971 * @throws SecurityException if {@code admin} is not a device or a profile owner. 2972 */ setCertInstallerPackage(@onNull ComponentName admin, @Nullable String installerPackage)2973 public void setCertInstallerPackage(@NonNull ComponentName admin, @Nullable String 2974 installerPackage) throws SecurityException { 2975 throwIfParentInstance("setCertInstallerPackage"); 2976 if (mService != null) { 2977 try { 2978 mService.setCertInstallerPackage(admin, installerPackage); 2979 } catch (RemoteException e) { 2980 throw e.rethrowFromSystemServer(); 2981 } 2982 } 2983 } 2984 2985 /** 2986 * Called by a profile owner or device owner to retrieve the certificate installer for the user. 2987 * null if none is set. 2988 * 2989 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 2990 * @return The package name of the current delegated certificate installer, or {@code null} if 2991 * none is set. 2992 * @throws SecurityException if {@code admin} is not a device or a profile owner. 2993 */ getCertInstallerPackage(@onNull ComponentName admin)2994 public String getCertInstallerPackage(@NonNull ComponentName admin) throws SecurityException { 2995 throwIfParentInstance("getCertInstallerPackage"); 2996 if (mService != null) { 2997 try { 2998 return mService.getCertInstallerPackage(admin); 2999 } catch (RemoteException e) { 3000 throw e.rethrowFromSystemServer(); 3001 } 3002 } 3003 return null; 3004 } 3005 3006 /** 3007 * Called by a device or profile owner to configure an always-on VPN connection through a 3008 * specific application for the current user. 3009 * 3010 * @deprecated this version only exists for compability with previous developer preview builds. 3011 * TODO: delete once there are no longer any live references. 3012 * @hide 3013 */ setAlwaysOnVpnPackage(@onNull ComponentName admin, @Nullable String vpnPackage)3014 public void setAlwaysOnVpnPackage(@NonNull ComponentName admin, @Nullable String vpnPackage) 3015 throws NameNotFoundException, UnsupportedOperationException { 3016 setAlwaysOnVpnPackage(admin, vpnPackage, /* lockdownEnabled */ true); 3017 } 3018 3019 /** 3020 * Called by a device or profile owner to configure an always-on VPN connection through a 3021 * specific application for the current user. This connection is automatically granted and 3022 * persisted after a reboot. 3023 * <p> 3024 * The designated package should declare a {@link android.net.VpnService} in its manifest 3025 * guarded by {@link android.Manifest.permission#BIND_VPN_SERVICE}, otherwise the call will 3026 * fail. 3027 * 3028 * @param vpnPackage The package name for an installed VPN app on the device, or {@code null} to 3029 * remove an existing always-on VPN configuration. 3030 * @param lockdownEnabled {@code true} to disallow networking when the VPN is not connected or 3031 * {@code false} otherwise. This carries the risk that any failure of the VPN provider 3032 * could break networking for all apps. This has no effect when clearing. 3033 * @throws SecurityException if {@code admin} is not a device or a profile owner. 3034 * @throws NameNotFoundException if {@code vpnPackage} is not installed. 3035 * @throws UnsupportedOperationException if {@code vpnPackage} exists but does not support being 3036 * set as always-on, or if always-on VPN is not available. 3037 */ setAlwaysOnVpnPackage(@onNull ComponentName admin, @Nullable String vpnPackage, boolean lockdownEnabled)3038 public void setAlwaysOnVpnPackage(@NonNull ComponentName admin, @Nullable String vpnPackage, 3039 boolean lockdownEnabled) 3040 throws NameNotFoundException, UnsupportedOperationException { 3041 throwIfParentInstance("setAlwaysOnVpnPackage"); 3042 if (mService != null) { 3043 try { 3044 if (!mService.setAlwaysOnVpnPackage(admin, vpnPackage, lockdownEnabled)) { 3045 throw new NameNotFoundException(vpnPackage); 3046 } 3047 } catch (RemoteException e) { 3048 throw e.rethrowFromSystemServer(); 3049 } 3050 } 3051 } 3052 3053 /** 3054 * Called by a device or profile owner to read the name of the package administering an 3055 * always-on VPN connection for the current user. If there is no such package, or the always-on 3056 * VPN is provided by the system instead of by an application, {@code null} will be returned. 3057 * 3058 * @return Package name of VPN controller responsible for always-on VPN, or {@code null} if none 3059 * is set. 3060 * @throws SecurityException if {@code admin} is not a device or a profile owner. 3061 */ getAlwaysOnVpnPackage(@onNull ComponentName admin)3062 public String getAlwaysOnVpnPackage(@NonNull ComponentName admin) { 3063 throwIfParentInstance("getAlwaysOnVpnPackage"); 3064 if (mService != null) { 3065 try { 3066 return mService.getAlwaysOnVpnPackage(admin); 3067 } catch (RemoteException e) { 3068 throw e.rethrowFromSystemServer(); 3069 } 3070 } 3071 return null; 3072 } 3073 3074 /** 3075 * Called by an application that is administering the device to disable all cameras on the 3076 * device, for this user. After setting this, no applications running as this user will be able 3077 * to access any cameras on the device. 3078 * <p> 3079 * If the caller is device owner, then the restriction will be applied to all users. 3080 * <p> 3081 * The calling device admin must have requested 3082 * {@link DeviceAdminInfo#USES_POLICY_DISABLE_CAMERA} to be able to call this method; if it has 3083 * not, a security exception will be thrown. 3084 * 3085 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 3086 * @param disabled Whether or not the camera should be disabled. 3087 * @throws SecurityException if {@code admin} is not an active administrator or does not use 3088 * {@link DeviceAdminInfo#USES_POLICY_DISABLE_CAMERA}. 3089 */ setCameraDisabled(@onNull ComponentName admin, boolean disabled)3090 public void setCameraDisabled(@NonNull ComponentName admin, boolean disabled) { 3091 throwIfParentInstance("setCameraDisabled"); 3092 if (mService != null) { 3093 try { 3094 mService.setCameraDisabled(admin, disabled); 3095 } catch (RemoteException e) { 3096 throw e.rethrowFromSystemServer(); 3097 } 3098 } 3099 } 3100 3101 /** 3102 * Determine whether or not the device's cameras have been disabled for this user, 3103 * either by the calling admin, if specified, or all admins. 3104 * @param admin The name of the admin component to check, or {@code null} to check whether any admins 3105 * have disabled the camera 3106 */ getCameraDisabled(@ullable ComponentName admin)3107 public boolean getCameraDisabled(@Nullable ComponentName admin) { 3108 throwIfParentInstance("getCameraDisabled"); 3109 return getCameraDisabled(admin, myUserId()); 3110 } 3111 3112 /** @hide per-user version */ getCameraDisabled(@ullable ComponentName admin, int userHandle)3113 public boolean getCameraDisabled(@Nullable ComponentName admin, int userHandle) { 3114 if (mService != null) { 3115 try { 3116 return mService.getCameraDisabled(admin, userHandle); 3117 } catch (RemoteException e) { 3118 throw e.rethrowFromSystemServer(); 3119 } 3120 } 3121 return false; 3122 } 3123 3124 /** 3125 * Called by a device owner to request a bugreport. 3126 * <p> 3127 * There must be only one user on the device, managed by the device owner. Otherwise a 3128 * {@link SecurityException} will be thrown. 3129 * 3130 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 3131 * @return {@code true} if the bugreport collection started successfully, or {@code false} if it 3132 * wasn't triggered because a previous bugreport operation is still active (either the 3133 * bugreport is still running or waiting for the user to share or decline) 3134 * @throws SecurityException if {@code admin} is not a device owner, or if there are users other 3135 * than the one managed by the device owner. 3136 */ requestBugreport(@onNull ComponentName admin)3137 public boolean requestBugreport(@NonNull ComponentName admin) { 3138 throwIfParentInstance("requestBugreport"); 3139 if (mService != null) { 3140 try { 3141 return mService.requestBugreport(admin); 3142 } catch (RemoteException e) { 3143 throw e.rethrowFromSystemServer(); 3144 } 3145 } 3146 return false; 3147 } 3148 3149 /** 3150 * Determine whether or not creating a guest user has been disabled for the device 3151 * 3152 * @hide 3153 */ getGuestUserDisabled(@ullable ComponentName admin)3154 public boolean getGuestUserDisabled(@Nullable ComponentName admin) { 3155 // Currently guest users can always be created if multi-user is enabled 3156 // TODO introduce a policy for guest user creation 3157 return false; 3158 } 3159 3160 /** 3161 * Called by a device/profile owner to set whether the screen capture is disabled. Disabling 3162 * screen capture also prevents the content from being shown on display devices that do not have 3163 * a secure video output. See {@link android.view.Display#FLAG_SECURE} for more details about 3164 * secure surfaces and secure displays. 3165 * <p> 3166 * The calling device admin must be a device or profile owner. If it is not, a security 3167 * exception will be thrown. 3168 * <p> 3169 * From version {@link android.os.Build.VERSION_CODES#M} disabling screen capture also blocks 3170 * assist requests for all activities of the relevant user. 3171 * 3172 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 3173 * @param disabled Whether screen capture is disabled or not. 3174 * @throws SecurityException if {@code admin} is not a device or profile owner. 3175 */ setScreenCaptureDisabled(@onNull ComponentName admin, boolean disabled)3176 public void setScreenCaptureDisabled(@NonNull ComponentName admin, boolean disabled) { 3177 throwIfParentInstance("setScreenCaptureDisabled"); 3178 if (mService != null) { 3179 try { 3180 mService.setScreenCaptureDisabled(admin, disabled); 3181 } catch (RemoteException e) { 3182 throw e.rethrowFromSystemServer(); 3183 } 3184 } 3185 } 3186 3187 /** 3188 * Determine whether or not screen capture has been disabled by the calling 3189 * admin, if specified, or all admins. 3190 * @param admin The name of the admin component to check, or {@code null} to check whether any admins 3191 * have disabled screen capture. 3192 */ getScreenCaptureDisabled(@ullable ComponentName admin)3193 public boolean getScreenCaptureDisabled(@Nullable ComponentName admin) { 3194 throwIfParentInstance("getScreenCaptureDisabled"); 3195 return getScreenCaptureDisabled(admin, myUserId()); 3196 } 3197 3198 /** @hide per-user version */ getScreenCaptureDisabled(@ullable ComponentName admin, int userHandle)3199 public boolean getScreenCaptureDisabled(@Nullable ComponentName admin, int userHandle) { 3200 if (mService != null) { 3201 try { 3202 return mService.getScreenCaptureDisabled(admin, userHandle); 3203 } catch (RemoteException e) { 3204 throw e.rethrowFromSystemServer(); 3205 } 3206 } 3207 return false; 3208 } 3209 3210 /** 3211 * Called by a device owner to set whether auto time is required. If auto time is required the 3212 * user cannot set the date and time, but has to use network date and time. 3213 * <p> 3214 * Note: if auto time is required the user can still manually set the time zone. 3215 * <p> 3216 * The calling device admin must be a device owner. If it is not, a security exception will be 3217 * thrown. 3218 * 3219 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 3220 * @param required Whether auto time is set required or not. 3221 * @throws SecurityException if {@code admin} is not a device owner. 3222 */ setAutoTimeRequired(@onNull ComponentName admin, boolean required)3223 public void setAutoTimeRequired(@NonNull ComponentName admin, boolean required) { 3224 throwIfParentInstance("setAutoTimeRequired"); 3225 if (mService != null) { 3226 try { 3227 mService.setAutoTimeRequired(admin, required); 3228 } catch (RemoteException e) { 3229 throw e.rethrowFromSystemServer(); 3230 } 3231 } 3232 } 3233 3234 /** 3235 * @return true if auto time is required. 3236 */ getAutoTimeRequired()3237 public boolean getAutoTimeRequired() { 3238 throwIfParentInstance("getAutoTimeRequired"); 3239 if (mService != null) { 3240 try { 3241 return mService.getAutoTimeRequired(); 3242 } catch (RemoteException e) { 3243 throw e.rethrowFromSystemServer(); 3244 } 3245 } 3246 return false; 3247 } 3248 3249 /** 3250 * Called by a device owner to set whether all users created on the device should be ephemeral. 3251 * <p> 3252 * The system user is exempt from this policy - it is never ephemeral. 3253 * <p> 3254 * The calling device admin must be the device owner. If it is not, a security exception will be 3255 * thrown. 3256 * 3257 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 3258 * @param forceEphemeralUsers If true, all the existing users will be deleted and all 3259 * subsequently created users will be ephemeral. 3260 * @throws SecurityException if {@code admin} is not a device owner. 3261 * @hide 3262 */ setForceEphemeralUsers( @onNull ComponentName admin, boolean forceEphemeralUsers)3263 public void setForceEphemeralUsers( 3264 @NonNull ComponentName admin, boolean forceEphemeralUsers) { 3265 throwIfParentInstance("setForceEphemeralUsers"); 3266 if (mService != null) { 3267 try { 3268 mService.setForceEphemeralUsers(admin, forceEphemeralUsers); 3269 } catch (RemoteException e) { 3270 throw e.rethrowFromSystemServer(); 3271 } 3272 } 3273 } 3274 3275 /** 3276 * @return true if all users are created ephemeral. 3277 * @throws SecurityException if {@code admin} is not a device owner. 3278 * @hide 3279 */ getForceEphemeralUsers(@onNull ComponentName admin)3280 public boolean getForceEphemeralUsers(@NonNull ComponentName admin) { 3281 throwIfParentInstance("getForceEphemeralUsers"); 3282 if (mService != null) { 3283 try { 3284 return mService.getForceEphemeralUsers(admin); 3285 } catch (RemoteException e) { 3286 throw e.rethrowFromSystemServer(); 3287 } 3288 } 3289 return false; 3290 } 3291 3292 /** 3293 * Called by an application that is administering the device to disable keyguard customizations, 3294 * such as widgets. After setting this, keyguard features will be disabled according to the 3295 * provided feature list. 3296 * <p> 3297 * The calling device admin must have requested 3298 * {@link DeviceAdminInfo#USES_POLICY_DISABLE_KEYGUARD_FEATURES} to be able to call this method; 3299 * if it has not, a security exception will be thrown. 3300 * <p> 3301 * Calling this from a managed profile before version {@link android.os.Build.VERSION_CODES#M} 3302 * will throw a security exception. From version {@link android.os.Build.VERSION_CODES#M} the 3303 * profile owner of a managed profile can set: 3304 * <ul> 3305 * <li>{@link #KEYGUARD_DISABLE_TRUST_AGENTS}, which affects the parent user, but only if there 3306 * is no separate challenge set on the managed profile. 3307 * <li>{@link #KEYGUARD_DISABLE_FINGERPRINT} which affects the managed profile challenge if 3308 * there is one, or the parent user otherwise. 3309 * <li>{@link #KEYGUARD_DISABLE_UNREDACTED_NOTIFICATIONS} which affects notifications generated 3310 * by applications in the managed profile. 3311 * </ul> 3312 * {@link #KEYGUARD_DISABLE_TRUST_AGENTS} and {@link #KEYGUARD_DISABLE_FINGERPRINT} can also be 3313 * set on the {@link DevicePolicyManager} instance returned by 3314 * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent 3315 * profile. 3316 * <p> 3317 * Requests to disable other features on a managed profile will be ignored. 3318 * <p> 3319 * The admin can check which features have been disabled by calling 3320 * {@link #getKeyguardDisabledFeatures(ComponentName)} 3321 * 3322 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 3323 * @param which {@link #KEYGUARD_DISABLE_FEATURES_NONE} (default), 3324 * {@link #KEYGUARD_DISABLE_WIDGETS_ALL}, {@link #KEYGUARD_DISABLE_SECURE_CAMERA}, 3325 * {@link #KEYGUARD_DISABLE_SECURE_NOTIFICATIONS}, 3326 * {@link #KEYGUARD_DISABLE_TRUST_AGENTS}, 3327 * {@link #KEYGUARD_DISABLE_UNREDACTED_NOTIFICATIONS}, 3328 * {@link #KEYGUARD_DISABLE_FINGERPRINT}, {@link #KEYGUARD_DISABLE_FEATURES_ALL} 3329 * @throws SecurityException if {@code admin} is not an active administrator or does not user 3330 * {@link DeviceAdminInfo#USES_POLICY_DISABLE_KEYGUARD_FEATURES} 3331 */ setKeyguardDisabledFeatures(@onNull ComponentName admin, int which)3332 public void setKeyguardDisabledFeatures(@NonNull ComponentName admin, int which) { 3333 if (mService != null) { 3334 try { 3335 mService.setKeyguardDisabledFeatures(admin, which, mParentInstance); 3336 } catch (RemoteException e) { 3337 throw e.rethrowFromSystemServer(); 3338 } 3339 } 3340 } 3341 3342 /** 3343 * Determine whether or not features have been disabled in keyguard either by the calling 3344 * admin, if specified, or all admins that set retrictions on this user and its participating 3345 * profiles. Restrictions on profiles that have a separate challenge are not taken into account. 3346 * 3347 * <p>This method can be called on the {@link DevicePolicyManager} instance 3348 * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve 3349 * restrictions on the parent profile. 3350 * 3351 * @param admin The name of the admin component to check, or {@code null} to check whether any 3352 * admins have disabled features in keyguard. 3353 * @return bitfield of flags. See {@link #setKeyguardDisabledFeatures(ComponentName, int)} 3354 * for a list. 3355 */ getKeyguardDisabledFeatures(@ullable ComponentName admin)3356 public int getKeyguardDisabledFeatures(@Nullable ComponentName admin) { 3357 return getKeyguardDisabledFeatures(admin, myUserId()); 3358 } 3359 3360 /** @hide per-user version */ getKeyguardDisabledFeatures(@ullable ComponentName admin, int userHandle)3361 public int getKeyguardDisabledFeatures(@Nullable ComponentName admin, int userHandle) { 3362 if (mService != null) { 3363 try { 3364 return mService.getKeyguardDisabledFeatures(admin, userHandle, mParentInstance); 3365 } catch (RemoteException e) { 3366 throw e.rethrowFromSystemServer(); 3367 } 3368 } 3369 return KEYGUARD_DISABLE_FEATURES_NONE; 3370 } 3371 3372 /** 3373 * @hide 3374 */ setActiveAdmin(@onNull ComponentName policyReceiver, boolean refreshing, int userHandle)3375 public void setActiveAdmin(@NonNull ComponentName policyReceiver, boolean refreshing, 3376 int userHandle) { 3377 if (mService != null) { 3378 try { 3379 mService.setActiveAdmin(policyReceiver, refreshing, userHandle); 3380 } catch (RemoteException e) { 3381 throw e.rethrowFromSystemServer(); 3382 } 3383 } 3384 } 3385 3386 /** 3387 * @hide 3388 */ setActiveAdmin(@onNull ComponentName policyReceiver, boolean refreshing)3389 public void setActiveAdmin(@NonNull ComponentName policyReceiver, boolean refreshing) { 3390 setActiveAdmin(policyReceiver, refreshing, myUserId()); 3391 } 3392 3393 /** 3394 * @hide 3395 */ getRemoveWarning(@ullable ComponentName admin, RemoteCallback result)3396 public void getRemoveWarning(@Nullable ComponentName admin, RemoteCallback result) { 3397 if (mService != null) { 3398 try { 3399 mService.getRemoveWarning(admin, result, myUserId()); 3400 } catch (RemoteException e) { 3401 throw e.rethrowFromSystemServer(); 3402 } 3403 } 3404 } 3405 3406 /** 3407 * @hide 3408 */ setActivePasswordState(int quality, int length, int letters, int uppercase, int lowercase, int numbers, int symbols, int nonletter, int userHandle)3409 public void setActivePasswordState(int quality, int length, int letters, int uppercase, 3410 int lowercase, int numbers, int symbols, int nonletter, int userHandle) { 3411 if (mService != null) { 3412 try { 3413 mService.setActivePasswordState(quality, length, letters, uppercase, lowercase, 3414 numbers, symbols, nonletter, userHandle); 3415 } catch (RemoteException e) { 3416 throw e.rethrowFromSystemServer(); 3417 } 3418 } 3419 } 3420 3421 /** 3422 * @hide 3423 */ reportFailedPasswordAttempt(int userHandle)3424 public void reportFailedPasswordAttempt(int userHandle) { 3425 if (mService != null) { 3426 try { 3427 mService.reportFailedPasswordAttempt(userHandle); 3428 } catch (RemoteException e) { 3429 throw e.rethrowFromSystemServer(); 3430 } 3431 } 3432 } 3433 3434 /** 3435 * @hide 3436 */ reportSuccessfulPasswordAttempt(int userHandle)3437 public void reportSuccessfulPasswordAttempt(int userHandle) { 3438 if (mService != null) { 3439 try { 3440 mService.reportSuccessfulPasswordAttempt(userHandle); 3441 } catch (RemoteException e) { 3442 throw e.rethrowFromSystemServer(); 3443 } 3444 } 3445 } 3446 3447 /** 3448 * @hide 3449 */ reportFailedFingerprintAttempt(int userHandle)3450 public void reportFailedFingerprintAttempt(int userHandle) { 3451 if (mService != null) { 3452 try { 3453 mService.reportFailedFingerprintAttempt(userHandle); 3454 } catch (RemoteException e) { 3455 throw e.rethrowFromSystemServer(); 3456 } 3457 } 3458 } 3459 3460 /** 3461 * @hide 3462 */ reportSuccessfulFingerprintAttempt(int userHandle)3463 public void reportSuccessfulFingerprintAttempt(int userHandle) { 3464 if (mService != null) { 3465 try { 3466 mService.reportSuccessfulFingerprintAttempt(userHandle); 3467 } catch (RemoteException e) { 3468 throw e.rethrowFromSystemServer(); 3469 } 3470 } 3471 } 3472 3473 /** 3474 * Should be called when keyguard has been dismissed. 3475 * @hide 3476 */ reportKeyguardDismissed(int userHandle)3477 public void reportKeyguardDismissed(int userHandle) { 3478 if (mService != null) { 3479 try { 3480 mService.reportKeyguardDismissed(userHandle); 3481 } catch (RemoteException e) { 3482 throw e.rethrowFromSystemServer(); 3483 } 3484 } 3485 } 3486 3487 /** 3488 * Should be called when keyguard view has been shown to the user. 3489 * @hide 3490 */ reportKeyguardSecured(int userHandle)3491 public void reportKeyguardSecured(int userHandle) { 3492 if (mService != null) { 3493 try { 3494 mService.reportKeyguardSecured(userHandle); 3495 } catch (RemoteException e) { 3496 throw e.rethrowFromSystemServer(); 3497 } 3498 } 3499 } 3500 3501 /** 3502 * @hide 3503 * Sets the given package as the device owner. 3504 * Same as {@link #setDeviceOwner(ComponentName, String)} but without setting a device owner name. 3505 * @param who the component name to be registered as device owner. 3506 * @return whether the package was successfully registered as the device owner. 3507 * @throws IllegalArgumentException if the package name is null or invalid 3508 * @throws IllegalStateException If the preconditions mentioned are not met. 3509 */ setDeviceOwner(ComponentName who)3510 public boolean setDeviceOwner(ComponentName who) { 3511 return setDeviceOwner(who, null); 3512 } 3513 3514 /** 3515 * @hide 3516 */ setDeviceOwner(ComponentName who, int userId)3517 public boolean setDeviceOwner(ComponentName who, int userId) { 3518 return setDeviceOwner(who, null, userId); 3519 } 3520 3521 /** 3522 * @hide 3523 */ setDeviceOwner(ComponentName who, String ownerName)3524 public boolean setDeviceOwner(ComponentName who, String ownerName) { 3525 return setDeviceOwner(who, ownerName, UserHandle.USER_SYSTEM); 3526 } 3527 3528 /** 3529 * @hide 3530 * Sets the given package as the device owner. The package must already be installed. There 3531 * must not already be a device owner. 3532 * Only apps with the MANAGE_PROFILE_AND_DEVICE_OWNERS permission and the shell uid can call 3533 * this method. 3534 * Calling this after the setup phase of the primary user has completed is allowed only if 3535 * the caller is the shell uid, and there are no additional users and no accounts. 3536 * @param who the component name to be registered as device owner. 3537 * @param ownerName the human readable name of the institution that owns this device. 3538 * @param userId ID of the user on which the device owner runs. 3539 * @return whether the package was successfully registered as the device owner. 3540 * @throws IllegalArgumentException if the package name is null or invalid 3541 * @throws IllegalStateException If the preconditions mentioned are not met. 3542 */ setDeviceOwner(ComponentName who, String ownerName, int userId)3543 public boolean setDeviceOwner(ComponentName who, String ownerName, int userId) 3544 throws IllegalArgumentException, IllegalStateException { 3545 if (mService != null) { 3546 try { 3547 return mService.setDeviceOwner(who, ownerName, userId); 3548 } catch (RemoteException re) { 3549 throw re.rethrowFromSystemServer(); 3550 } 3551 } 3552 return false; 3553 } 3554 3555 /** 3556 * Used to determine if a particular package has been registered as a Device Owner app. 3557 * A device owner app is a special device admin that cannot be deactivated by the user, once 3558 * activated as a device admin. It also cannot be uninstalled. To check whether a particular 3559 * package is currently registered as the device owner app, pass in the package name from 3560 * {@link Context#getPackageName()} to this method.<p/>This is useful for device 3561 * admin apps that want to check whether they are also registered as the device owner app. The 3562 * exact mechanism by which a device admin app is registered as a device owner app is defined by 3563 * the setup process. 3564 * @param packageName the package name of the app, to compare with the registered device owner 3565 * app, if any. 3566 * @return whether or not the package is registered as the device owner app. 3567 */ isDeviceOwnerApp(String packageName)3568 public boolean isDeviceOwnerApp(String packageName) { 3569 throwIfParentInstance("isDeviceOwnerApp"); 3570 return isDeviceOwnerAppOnCallingUser(packageName); 3571 } 3572 3573 /** 3574 * @return true if a package is registered as device owner, only when it's running on the 3575 * calling user. 3576 * 3577 * <p>Same as {@link #isDeviceOwnerApp}, but bundled code should use it for clarity. 3578 * @hide 3579 */ isDeviceOwnerAppOnCallingUser(String packageName)3580 public boolean isDeviceOwnerAppOnCallingUser(String packageName) { 3581 return isDeviceOwnerAppOnAnyUserInner(packageName, /* callingUserOnly =*/ true); 3582 } 3583 3584 /** 3585 * @return true if a package is registered as device owner, even if it's running on a different 3586 * user. 3587 * 3588 * <p>Requires the MANAGE_USERS permission. 3589 * 3590 * @hide 3591 */ isDeviceOwnerAppOnAnyUser(String packageName)3592 public boolean isDeviceOwnerAppOnAnyUser(String packageName) { 3593 return isDeviceOwnerAppOnAnyUserInner(packageName, /* callingUserOnly =*/ false); 3594 } 3595 3596 /** 3597 * @return device owner component name, only when it's running on the calling user. 3598 * 3599 * @hide 3600 */ getDeviceOwnerComponentOnCallingUser()3601 public ComponentName getDeviceOwnerComponentOnCallingUser() { 3602 return getDeviceOwnerComponentInner(/* callingUserOnly =*/ true); 3603 } 3604 3605 /** 3606 * @return device owner component name, even if it's running on a different user. 3607 * 3608 * <p>Requires the MANAGE_USERS permission. 3609 * 3610 * @hide 3611 */ getDeviceOwnerComponentOnAnyUser()3612 public ComponentName getDeviceOwnerComponentOnAnyUser() { 3613 return getDeviceOwnerComponentInner(/* callingUserOnly =*/ false); 3614 } 3615 isDeviceOwnerAppOnAnyUserInner(String packageName, boolean callingUserOnly)3616 private boolean isDeviceOwnerAppOnAnyUserInner(String packageName, boolean callingUserOnly) { 3617 if (packageName == null) { 3618 return false; 3619 } 3620 final ComponentName deviceOwner = getDeviceOwnerComponentInner(callingUserOnly); 3621 if (deviceOwner == null) { 3622 return false; 3623 } 3624 return packageName.equals(deviceOwner.getPackageName()); 3625 } 3626 getDeviceOwnerComponentInner(boolean callingUserOnly)3627 private ComponentName getDeviceOwnerComponentInner(boolean callingUserOnly) { 3628 if (mService != null) { 3629 try { 3630 return mService.getDeviceOwnerComponent(callingUserOnly); 3631 } catch (RemoteException re) { 3632 throw re.rethrowFromSystemServer(); 3633 } 3634 } 3635 return null; 3636 } 3637 3638 /** 3639 * @return ID of the user who runs device owner, or {@link UserHandle#USER_NULL} if there's 3640 * no device owner. 3641 * 3642 * <p>Requires the MANAGE_USERS permission. 3643 * 3644 * @hide 3645 */ getDeviceOwnerUserId()3646 public int getDeviceOwnerUserId() { 3647 if (mService != null) { 3648 try { 3649 return mService.getDeviceOwnerUserId(); 3650 } catch (RemoteException re) { 3651 throw re.rethrowFromSystemServer(); 3652 } 3653 } 3654 return UserHandle.USER_NULL; 3655 } 3656 3657 /** 3658 * Clears the current device owner. The caller must be the device owner. This function should be 3659 * used cautiously as once it is called it cannot be undone. The device owner can only be set as 3660 * a part of device setup before setup completes. 3661 * 3662 * @param packageName The package name of the device owner. 3663 * @throws SecurityException if the caller is not in {@code packageName} or {@code packageName} 3664 * does not own the current device owner component. 3665 */ clearDeviceOwnerApp(String packageName)3666 public void clearDeviceOwnerApp(String packageName) { 3667 throwIfParentInstance("clearDeviceOwnerApp"); 3668 if (mService != null) { 3669 try { 3670 mService.clearDeviceOwner(packageName); 3671 } catch (RemoteException re) { 3672 throw re.rethrowFromSystemServer(); 3673 } 3674 } 3675 } 3676 3677 /** 3678 * Returns the device owner package name, only if it's running on the calling user. 3679 * 3680 * <p>Bundled components should use {@code getDeviceOwnerComponentOnCallingUser()} for clarity. 3681 * 3682 * @hide 3683 */ 3684 @SystemApi getDeviceOwner()3685 public String getDeviceOwner() { 3686 throwIfParentInstance("getDeviceOwner"); 3687 final ComponentName name = getDeviceOwnerComponentOnCallingUser(); 3688 return name != null ? name.getPackageName() : null; 3689 } 3690 3691 /** 3692 * @return true if the device is managed by any device owner. 3693 * 3694 * <p>Requires the MANAGE_USERS permission. 3695 * 3696 * @hide 3697 */ isDeviceManaged()3698 public boolean isDeviceManaged() { 3699 return getDeviceOwnerComponentOnAnyUser() != null; 3700 } 3701 3702 /** 3703 * Returns the device owner name. Note this method *will* return the device owner 3704 * name when it's running on a different user. 3705 * 3706 * <p>Requires the MANAGE_USERS permission. 3707 * 3708 * @hide 3709 */ 3710 @SystemApi getDeviceOwnerNameOnAnyUser()3711 public String getDeviceOwnerNameOnAnyUser() { 3712 throwIfParentInstance("getDeviceOwnerNameOnAnyUser"); 3713 if (mService != null) { 3714 try { 3715 return mService.getDeviceOwnerName(); 3716 } catch (RemoteException re) { 3717 throw re.rethrowFromSystemServer(); 3718 } 3719 } 3720 return null; 3721 } 3722 3723 /** 3724 * @hide 3725 * @deprecated Do not use 3726 * @removed 3727 */ 3728 @Deprecated 3729 @SystemApi getDeviceInitializerApp()3730 public String getDeviceInitializerApp() { 3731 return null; 3732 } 3733 3734 /** 3735 * @hide 3736 * @deprecated Do not use 3737 * @removed 3738 */ 3739 @Deprecated 3740 @SystemApi getDeviceInitializerComponent()3741 public ComponentName getDeviceInitializerComponent() { 3742 return null; 3743 } 3744 3745 /** 3746 * @hide 3747 * @deprecated Use #ACTION_SET_PROFILE_OWNER 3748 * Sets the given component as an active admin and registers the package as the profile 3749 * owner for this user. The package must already be installed and there shouldn't be 3750 * an existing profile owner registered for this user. Also, this method must be called 3751 * before the user setup has been completed. 3752 * <p> 3753 * This method can only be called by system apps that hold MANAGE_USERS permission and 3754 * MANAGE_DEVICE_ADMINS permission. 3755 * @param admin The component to register as an active admin and profile owner. 3756 * @param ownerName The user-visible name of the entity that is managing this user. 3757 * @return whether the admin was successfully registered as the profile owner. 3758 * @throws IllegalArgumentException if packageName is null, the package isn't installed, or 3759 * the user has already been set up. 3760 */ 3761 @SystemApi setActiveProfileOwner(@onNull ComponentName admin, @Deprecated String ownerName)3762 public boolean setActiveProfileOwner(@NonNull ComponentName admin, @Deprecated String ownerName) 3763 throws IllegalArgumentException { 3764 throwIfParentInstance("setActiveProfileOwner"); 3765 if (mService != null) { 3766 try { 3767 final int myUserId = myUserId(); 3768 mService.setActiveAdmin(admin, false, myUserId); 3769 return mService.setProfileOwner(admin, ownerName, myUserId); 3770 } catch (RemoteException re) { 3771 throw re.rethrowFromSystemServer(); 3772 } 3773 } 3774 return false; 3775 } 3776 3777 /** 3778 * Clears the active profile owner and removes all user restrictions. The caller must be from 3779 * the same package as the active profile owner for this user, otherwise a SecurityException 3780 * will be thrown. 3781 * <p> 3782 * This doesn't work for managed profile owners. 3783 * 3784 * @param admin The component to remove as the profile owner. 3785 * @throws SecurityException if {@code admin} is not an active profile owner. 3786 */ clearProfileOwner(@onNull ComponentName admin)3787 public void clearProfileOwner(@NonNull ComponentName admin) { 3788 throwIfParentInstance("clearProfileOwner"); 3789 if (mService != null) { 3790 try { 3791 mService.clearProfileOwner(admin); 3792 } catch (RemoteException re) { 3793 throw re.rethrowFromSystemServer(); 3794 } 3795 } 3796 } 3797 3798 /** 3799 * @hide 3800 * Checks whether the user was already setup. 3801 */ hasUserSetupCompleted()3802 public boolean hasUserSetupCompleted() { 3803 if (mService != null) { 3804 try { 3805 return mService.hasUserSetupCompleted(); 3806 } catch (RemoteException re) { 3807 throw re.rethrowFromSystemServer(); 3808 } 3809 } 3810 return true; 3811 } 3812 3813 /** 3814 * @hide 3815 * Sets the given component as the profile owner of the given user profile. The package must 3816 * already be installed. There must not already be a profile owner for this user. 3817 * Only apps with the MANAGE_PROFILE_AND_DEVICE_OWNERS permission and the shell uid can call 3818 * this method. 3819 * Calling this after the setup phase of the specified user has completed is allowed only if: 3820 * - the caller is SYSTEM_UID. 3821 * - or the caller is the shell uid, and there are no accounts on the specified user. 3822 * @param admin the component name to be registered as profile owner. 3823 * @param ownerName the human readable name of the organisation associated with this DPM. 3824 * @param userHandle the userId to set the profile owner for. 3825 * @return whether the component was successfully registered as the profile owner. 3826 * @throws IllegalArgumentException if admin is null, the package isn't installed, or the 3827 * preconditions mentioned are not met. 3828 */ setProfileOwner(@onNull ComponentName admin, @Deprecated String ownerName, int userHandle)3829 public boolean setProfileOwner(@NonNull ComponentName admin, @Deprecated String ownerName, 3830 int userHandle) throws IllegalArgumentException { 3831 if (mService != null) { 3832 try { 3833 if (ownerName == null) { 3834 ownerName = ""; 3835 } 3836 return mService.setProfileOwner(admin, ownerName, userHandle); 3837 } catch (RemoteException re) { 3838 throw re.rethrowFromSystemServer(); 3839 } 3840 } 3841 return false; 3842 } 3843 3844 /** 3845 * Sets the device owner information to be shown on the lock screen. 3846 * <p> 3847 * If the device owner information is {@code null} or empty then the device owner info is 3848 * cleared and the user owner info is shown on the lock screen if it is set. 3849 * <p> 3850 * If the device owner information contains only whitespaces then the message on the lock screen 3851 * will be blank and the user will not be allowed to change it. 3852 * <p> 3853 * If the device owner information needs to be localized, it is the responsibility of the 3854 * {@link DeviceAdminReceiver} to listen to the {@link Intent#ACTION_LOCALE_CHANGED} broadcast 3855 * and set a new version of this string accordingly. 3856 * 3857 * @param admin The name of the admin component to check. 3858 * @param info Device owner information which will be displayed instead of the user owner info. 3859 * @throws SecurityException if {@code admin} is not a device owner. 3860 */ setDeviceOwnerLockScreenInfo(@onNull ComponentName admin, CharSequence info)3861 public void setDeviceOwnerLockScreenInfo(@NonNull ComponentName admin, CharSequence info) { 3862 throwIfParentInstance("setDeviceOwnerLockScreenInfo"); 3863 if (mService != null) { 3864 try { 3865 mService.setDeviceOwnerLockScreenInfo(admin, info); 3866 } catch (RemoteException re) { 3867 throw re.rethrowFromSystemServer(); 3868 } 3869 } 3870 } 3871 3872 /** 3873 * @return The device owner information. If it is not set returns {@code null}. 3874 */ getDeviceOwnerLockScreenInfo()3875 public CharSequence getDeviceOwnerLockScreenInfo() { 3876 throwIfParentInstance("getDeviceOwnerLockScreenInfo"); 3877 if (mService != null) { 3878 try { 3879 return mService.getDeviceOwnerLockScreenInfo(); 3880 } catch (RemoteException re) { 3881 throw re.rethrowFromSystemServer(); 3882 } 3883 } 3884 return null; 3885 } 3886 3887 /** 3888 * Called by device or profile owners to suspend packages for this user. 3889 * <p> 3890 * A suspended package will not be able to start activities. Its notifications will be hidden, 3891 * it will not show up in recents, will not be able to show toasts or dialogs or ring the 3892 * device. 3893 * <p> 3894 * The package must already be installed. If the package is uninstalled while suspended the 3895 * package will no longer be suspended. The admin can block this by using 3896 * {@link #setUninstallBlocked}. 3897 * 3898 * @param admin The name of the admin component to check. 3899 * @param packageNames The package names to suspend or unsuspend. 3900 * @param suspended If set to {@code true} than the packages will be suspended, if set to 3901 * {@code false} the packages will be unsuspended. 3902 * @return an array of package names for which the suspended status is not set as requested in 3903 * this method. 3904 * @throws SecurityException if {@code admin} is not a device or profile owner. 3905 */ setPackagesSuspended(@onNull ComponentName admin, String[] packageNames, boolean suspended)3906 public String[] setPackagesSuspended(@NonNull ComponentName admin, String[] packageNames, 3907 boolean suspended) { 3908 throwIfParentInstance("setPackagesSuspended"); 3909 if (mService != null) { 3910 try { 3911 return mService.setPackagesSuspended(admin, packageNames, suspended); 3912 } catch (RemoteException re) { 3913 throw re.rethrowFromSystemServer(); 3914 } 3915 } 3916 return packageNames; 3917 } 3918 3919 /** 3920 * Called by device or profile owners to determine if a package is suspended. 3921 * 3922 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 3923 * @param packageName The name of the package to retrieve the suspended status of. 3924 * @return {@code true} if the package is suspended or {@code false} if the package is not 3925 * suspended, could not be found or an error occurred. 3926 * @throws SecurityException if {@code admin} is not a device or profile owner. 3927 * @throws NameNotFoundException if the package could not be found. 3928 */ isPackageSuspended(@onNull ComponentName admin, String packageName)3929 public boolean isPackageSuspended(@NonNull ComponentName admin, String packageName) 3930 throws NameNotFoundException { 3931 throwIfParentInstance("isPackageSuspended"); 3932 if (mService != null) { 3933 try { 3934 return mService.isPackageSuspended(admin, packageName); 3935 } catch (RemoteException e) { 3936 throw e.rethrowFromSystemServer(); 3937 } catch (IllegalArgumentException ex) { 3938 throw new NameNotFoundException(packageName); 3939 } 3940 } 3941 return false; 3942 } 3943 3944 /** 3945 * Sets the enabled state of the profile. A profile should be enabled only once it is ready to 3946 * be used. Only the profile owner can call this. 3947 * 3948 * @see #isProfileOwnerApp 3949 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 3950 * @throws SecurityException if {@code admin} is not a profile owner. 3951 */ setProfileEnabled(@onNull ComponentName admin)3952 public void setProfileEnabled(@NonNull ComponentName admin) { 3953 throwIfParentInstance("setProfileEnabled"); 3954 if (mService != null) { 3955 try { 3956 mService.setProfileEnabled(admin); 3957 } catch (RemoteException e) { 3958 throw e.rethrowFromSystemServer(); 3959 } 3960 } 3961 } 3962 3963 /** 3964 * Sets the name of the profile. In the device owner case it sets the name of the user which it 3965 * is called from. Only a profile owner or device owner can call this. If this is never called 3966 * by the profile or device owner, the name will be set to default values. 3967 * 3968 * @see #isProfileOwnerApp 3969 * @see #isDeviceOwnerApp 3970 * @param admin Which {@link DeviceAdminReceiver} this request is associate with. 3971 * @param profileName The name of the profile. 3972 * @throws SecurityException if {@code admin} is not a device or profile owner. 3973 */ setProfileName(@onNull ComponentName admin, String profileName)3974 public void setProfileName(@NonNull ComponentName admin, String profileName) { 3975 throwIfParentInstance("setProfileName"); 3976 if (mService != null) { 3977 try { 3978 mService.setProfileName(admin, profileName); 3979 } catch (RemoteException e) { 3980 throw e.rethrowFromSystemServer(); 3981 } 3982 } 3983 } 3984 3985 /** 3986 * Used to determine if a particular package is registered as the profile owner for the 3987 * user. A profile owner is a special device admin that has additional privileges 3988 * within the profile. 3989 * 3990 * @param packageName The package name of the app to compare with the registered profile owner. 3991 * @return Whether or not the package is registered as the profile owner. 3992 */ isProfileOwnerApp(String packageName)3993 public boolean isProfileOwnerApp(String packageName) { 3994 throwIfParentInstance("isProfileOwnerApp"); 3995 if (mService != null) { 3996 try { 3997 ComponentName profileOwner = mService.getProfileOwner(myUserId()); 3998 return profileOwner != null 3999 && profileOwner.getPackageName().equals(packageName); 4000 } catch (RemoteException re) { 4001 throw re.rethrowFromSystemServer(); 4002 } 4003 } 4004 return false; 4005 } 4006 4007 /** 4008 * @hide 4009 * @return the packageName of the owner of the given user profile or {@code null} if no profile 4010 * owner has been set for that user. 4011 * @throws IllegalArgumentException if the userId is invalid. 4012 */ 4013 @SystemApi getProfileOwner()4014 public ComponentName getProfileOwner() throws IllegalArgumentException { 4015 throwIfParentInstance("getProfileOwner"); 4016 return getProfileOwnerAsUser(Process.myUserHandle().getIdentifier()); 4017 } 4018 4019 /** 4020 * @see #getProfileOwner() 4021 * @hide 4022 */ getProfileOwnerAsUser(final int userId)4023 public ComponentName getProfileOwnerAsUser(final int userId) throws IllegalArgumentException { 4024 if (mService != null) { 4025 try { 4026 return mService.getProfileOwner(userId); 4027 } catch (RemoteException re) { 4028 throw re.rethrowFromSystemServer(); 4029 } 4030 } 4031 return null; 4032 } 4033 4034 /** 4035 * @hide 4036 * @return the human readable name of the organisation associated with this DPM or {@code null} 4037 * if one is not set. 4038 * @throws IllegalArgumentException if the userId is invalid. 4039 */ getProfileOwnerName()4040 public String getProfileOwnerName() throws IllegalArgumentException { 4041 if (mService != null) { 4042 try { 4043 return mService.getProfileOwnerName(Process.myUserHandle().getIdentifier()); 4044 } catch (RemoteException re) { 4045 throw re.rethrowFromSystemServer(); 4046 } 4047 } 4048 return null; 4049 } 4050 4051 /** 4052 * @hide 4053 * @param userId The user for whom to fetch the profile owner name, if any. 4054 * @return the human readable name of the organisation associated with this profile owner or 4055 * null if one is not set. 4056 * @throws IllegalArgumentException if the userId is invalid. 4057 */ 4058 @SystemApi getProfileOwnerNameAsUser(int userId)4059 public String getProfileOwnerNameAsUser(int userId) throws IllegalArgumentException { 4060 throwIfParentInstance("getProfileOwnerNameAsUser"); 4061 if (mService != null) { 4062 try { 4063 return mService.getProfileOwnerName(userId); 4064 } catch (RemoteException re) { 4065 throw re.rethrowFromSystemServer(); 4066 } 4067 } 4068 return null; 4069 } 4070 4071 /** 4072 * Called by a profile owner or device owner to add a default intent handler activity for 4073 * intents that match a certain intent filter. This activity will remain the default intent 4074 * handler even if the set of potential event handlers for the intent filter changes and if the 4075 * intent preferences are reset. 4076 * <p> 4077 * The default disambiguation mechanism takes over if the activity is not installed (anymore). 4078 * When the activity is (re)installed, it is automatically reset as default intent handler for 4079 * the filter. 4080 * <p> 4081 * The calling device admin must be a profile owner or device owner. If it is not, a security 4082 * exception will be thrown. 4083 * 4084 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4085 * @param filter The IntentFilter for which a default handler is added. 4086 * @param activity The Activity that is added as default intent handler. 4087 * @throws SecurityException if {@code admin} is not a device or profile owner. 4088 */ addPersistentPreferredActivity(@onNull ComponentName admin, IntentFilter filter, @NonNull ComponentName activity)4089 public void addPersistentPreferredActivity(@NonNull ComponentName admin, IntentFilter filter, 4090 @NonNull ComponentName activity) { 4091 throwIfParentInstance("addPersistentPreferredActivity"); 4092 if (mService != null) { 4093 try { 4094 mService.addPersistentPreferredActivity(admin, filter, activity); 4095 } catch (RemoteException e) { 4096 throw e.rethrowFromSystemServer(); 4097 } 4098 } 4099 } 4100 4101 /** 4102 * Called by a profile owner or device owner to remove all persistent intent handler preferences 4103 * associated with the given package that were set by {@link #addPersistentPreferredActivity}. 4104 * <p> 4105 * The calling device admin must be a profile owner. If it is not, a security exception will be 4106 * thrown. 4107 * 4108 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4109 * @param packageName The name of the package for which preferences are removed. 4110 * @throws SecurityException if {@code admin} is not a device or profile owner. 4111 */ clearPackagePersistentPreferredActivities(@onNull ComponentName admin, String packageName)4112 public void clearPackagePersistentPreferredActivities(@NonNull ComponentName admin, 4113 String packageName) { 4114 throwIfParentInstance("clearPackagePersistentPreferredActivities"); 4115 if (mService != null) { 4116 try { 4117 mService.clearPackagePersistentPreferredActivities(admin, packageName); 4118 } catch (RemoteException e) { 4119 throw e.rethrowFromSystemServer(); 4120 } 4121 } 4122 } 4123 4124 /** 4125 * Called by a profile owner or device owner to grant permission to a package to manage 4126 * application restrictions for the calling user via {@link #setApplicationRestrictions} and 4127 * {@link #getApplicationRestrictions}. 4128 * <p> 4129 * This permission is persistent until it is later cleared by calling this method with a 4130 * {@code null} value or uninstalling the managing package. 4131 * <p> 4132 * The supplied application restriction managing package must be installed when calling this 4133 * API, otherwise an {@link NameNotFoundException} will be thrown. 4134 * 4135 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4136 * @param packageName The package name which will be given access to application restrictions 4137 * APIs. If {@code null} is given the current package will be cleared. 4138 * @throws SecurityException if {@code admin} is not a device or profile owner. 4139 * @throws NameNotFoundException if {@code packageName} is not found 4140 */ setApplicationRestrictionsManagingPackage(@onNull ComponentName admin, @Nullable String packageName)4141 public void setApplicationRestrictionsManagingPackage(@NonNull ComponentName admin, 4142 @Nullable String packageName) throws NameNotFoundException { 4143 throwIfParentInstance("setApplicationRestrictionsManagingPackage"); 4144 if (mService != null) { 4145 try { 4146 if (!mService.setApplicationRestrictionsManagingPackage(admin, packageName)) { 4147 throw new NameNotFoundException(packageName); 4148 } 4149 } catch (RemoteException e) { 4150 throw e.rethrowFromSystemServer(); 4151 } 4152 } 4153 } 4154 4155 /** 4156 * Called by a profile owner or device owner to retrieve the application restrictions managing 4157 * package for the current user, or {@code null} if none is set. 4158 * 4159 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4160 * @return The package name allowed to manage application restrictions on the current user, or 4161 * {@code null} if none is set. 4162 * @throws SecurityException if {@code admin} is not a device or profile owner. 4163 */ getApplicationRestrictionsManagingPackage(@onNull ComponentName admin)4164 public String getApplicationRestrictionsManagingPackage(@NonNull ComponentName admin) { 4165 throwIfParentInstance("getApplicationRestrictionsManagingPackage"); 4166 if (mService != null) { 4167 try { 4168 return mService.getApplicationRestrictionsManagingPackage(admin); 4169 } catch (RemoteException e) { 4170 throw e.rethrowFromSystemServer(); 4171 } 4172 } 4173 return null; 4174 } 4175 4176 /** 4177 * Called by any application to find out whether it has been granted permission via 4178 * {@link #setApplicationRestrictionsManagingPackage} to manage application restrictions 4179 * for the calling user. 4180 * 4181 * <p>This is done by comparing the calling Linux uid with the uid of the package specified by 4182 * that method. 4183 */ isCallerApplicationRestrictionsManagingPackage()4184 public boolean isCallerApplicationRestrictionsManagingPackage() { 4185 throwIfParentInstance("isCallerApplicationRestrictionsManagingPackage"); 4186 if (mService != null) { 4187 try { 4188 return mService.isCallerApplicationRestrictionsManagingPackage(); 4189 } catch (RemoteException e) { 4190 throw e.rethrowFromSystemServer(); 4191 } 4192 } 4193 return false; 4194 } 4195 4196 /** 4197 * Sets the application restrictions for a given target application running in the calling user. 4198 * <p> 4199 * The caller must be a profile or device owner on that user, or the package allowed to manage 4200 * application restrictions via {@link #setApplicationRestrictionsManagingPackage}; otherwise a 4201 * security exception will be thrown. 4202 * <p> 4203 * The provided {@link Bundle} consists of key-value pairs, where the types of values may be: 4204 * <ul> 4205 * <li>{@code boolean} 4206 * <li>{@code int} 4207 * <li>{@code String} or {@code String[]} 4208 * <li>From {@link android.os.Build.VERSION_CODES#M}, {@code Bundle} or {@code Bundle[]} 4209 * </ul> 4210 * <p> 4211 * If the restrictions are not available yet, but may be applied in the near future, the caller 4212 * can notify the target application of that by adding 4213 * {@link UserManager#KEY_RESTRICTIONS_PENDING} to the settings parameter. 4214 * <p> 4215 * The application restrictions are only made visible to the target application via 4216 * {@link UserManager#getApplicationRestrictions(String)}, in addition to the profile or device 4217 * owner, and the application restrictions managing package via 4218 * {@link #getApplicationRestrictions}. 4219 * 4220 * @param admin Which {@link DeviceAdminReceiver} this request is associated with, or 4221 * {@code null} if called by the application restrictions managing package. 4222 * @param packageName The name of the package to update restricted settings for. 4223 * @param settings A {@link Bundle} to be parsed by the receiving application, conveying a new 4224 * set of active restrictions. 4225 * @throws SecurityException if {@code admin} is not a device or profile owner. 4226 * @see #setApplicationRestrictionsManagingPackage 4227 * @see UserManager#KEY_RESTRICTIONS_PENDING 4228 */ setApplicationRestrictions(@ullable ComponentName admin, String packageName, Bundle settings)4229 public void setApplicationRestrictions(@Nullable ComponentName admin, String packageName, 4230 Bundle settings) { 4231 throwIfParentInstance("setApplicationRestrictions"); 4232 if (mService != null) { 4233 try { 4234 mService.setApplicationRestrictions(admin, packageName, settings); 4235 } catch (RemoteException e) { 4236 throw e.rethrowFromSystemServer(); 4237 } 4238 } 4239 } 4240 4241 /** 4242 * Sets a list of configuration features to enable for a TrustAgent component. This is meant to 4243 * be used in conjunction with {@link #KEYGUARD_DISABLE_TRUST_AGENTS}, which disables all trust 4244 * agents but those enabled by this function call. If flag 4245 * {@link #KEYGUARD_DISABLE_TRUST_AGENTS} is not set, then this call has no effect. 4246 * <p> 4247 * The calling device admin must have requested 4248 * {@link DeviceAdminInfo#USES_POLICY_DISABLE_KEYGUARD_FEATURES} to be able to call this method; 4249 * if not, a security exception will be thrown. 4250 * <p> 4251 * This method can be called on the {@link DevicePolicyManager} instance returned by 4252 * {@link #getParentProfileInstance(ComponentName)} in order to set the configuration for 4253 * the parent profile. 4254 * 4255 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4256 * @param target Component name of the agent to be enabled. 4257 * @param configuration TrustAgent-specific feature bundle. If null for any admin, agent will be 4258 * strictly disabled according to the state of the 4259 * {@link #KEYGUARD_DISABLE_TRUST_AGENTS} flag. 4260 * <p> 4261 * If {@link #KEYGUARD_DISABLE_TRUST_AGENTS} is set and options is not null for all 4262 * admins, then it's up to the TrustAgent itself to aggregate the values from all 4263 * device admins. 4264 * <p> 4265 * Consult documentation for the specific TrustAgent to determine legal options 4266 * parameters. 4267 * @throws SecurityException if {@code admin} is not an active administrator or does not use 4268 * {@link DeviceAdminInfo#USES_POLICY_DISABLE_KEYGUARD_FEATURES} 4269 */ setTrustAgentConfiguration(@onNull ComponentName admin, @NonNull ComponentName target, PersistableBundle configuration)4270 public void setTrustAgentConfiguration(@NonNull ComponentName admin, 4271 @NonNull ComponentName target, PersistableBundle configuration) { 4272 if (mService != null) { 4273 try { 4274 mService.setTrustAgentConfiguration(admin, target, configuration, mParentInstance); 4275 } catch (RemoteException e) { 4276 throw e.rethrowFromSystemServer(); 4277 } 4278 } 4279 } 4280 4281 /** 4282 * Gets configuration for the given trust agent based on aggregating all calls to 4283 * {@link #setTrustAgentConfiguration(ComponentName, ComponentName, PersistableBundle)} for 4284 * all device admins. 4285 * <p> 4286 * This method can be called on the {@link DevicePolicyManager} instance returned by 4287 * {@link #getParentProfileInstance(ComponentName)} in order to retrieve the configuration set 4288 * on the parent profile. 4289 * 4290 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. If null, 4291 * this function returns a list of configurations for all admins that declare 4292 * {@link #KEYGUARD_DISABLE_TRUST_AGENTS}. If any admin declares 4293 * {@link #KEYGUARD_DISABLE_TRUST_AGENTS} but doesn't call 4294 * {@link #setTrustAgentConfiguration(ComponentName, ComponentName, PersistableBundle)} 4295 * for this {@param agent} or calls it with a null configuration, null is returned. 4296 * @param agent Which component to get enabled features for. 4297 * @return configuration for the given trust agent. 4298 */ getTrustAgentConfiguration(@ullable ComponentName admin, @NonNull ComponentName agent)4299 public List<PersistableBundle> getTrustAgentConfiguration(@Nullable ComponentName admin, 4300 @NonNull ComponentName agent) { 4301 return getTrustAgentConfiguration(admin, agent, myUserId()); 4302 } 4303 4304 /** @hide per-user version */ getTrustAgentConfiguration(@ullable ComponentName admin, @NonNull ComponentName agent, int userHandle)4305 public List<PersistableBundle> getTrustAgentConfiguration(@Nullable ComponentName admin, 4306 @NonNull ComponentName agent, int userHandle) { 4307 if (mService != null) { 4308 try { 4309 return mService.getTrustAgentConfiguration(admin, agent, userHandle, 4310 mParentInstance); 4311 } catch (RemoteException e) { 4312 throw e.rethrowFromSystemServer(); 4313 } 4314 } 4315 return new ArrayList<PersistableBundle>(); // empty list 4316 } 4317 4318 /** 4319 * Called by a profile owner of a managed profile to set whether caller-Id information from the 4320 * managed profile will be shown in the parent profile, for incoming calls. 4321 * <p> 4322 * The calling device admin must be a profile owner. If it is not, a security exception will be 4323 * thrown. 4324 * 4325 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4326 * @param disabled If true caller-Id information in the managed profile is not displayed. 4327 * @throws SecurityException if {@code admin} is not a device or profile owner. 4328 */ setCrossProfileCallerIdDisabled(@onNull ComponentName admin, boolean disabled)4329 public void setCrossProfileCallerIdDisabled(@NonNull ComponentName admin, boolean disabled) { 4330 throwIfParentInstance("setCrossProfileCallerIdDisabled"); 4331 if (mService != null) { 4332 try { 4333 mService.setCrossProfileCallerIdDisabled(admin, disabled); 4334 } catch (RemoteException e) { 4335 throw e.rethrowFromSystemServer(); 4336 } 4337 } 4338 } 4339 4340 /** 4341 * Called by a profile owner of a managed profile to determine whether or not caller-Id 4342 * information has been disabled. 4343 * <p> 4344 * The calling device admin must be a profile owner. If it is not, a security exception will be 4345 * thrown. 4346 * 4347 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4348 * @throws SecurityException if {@code admin} is not a device or profile owner. 4349 */ getCrossProfileCallerIdDisabled(@onNull ComponentName admin)4350 public boolean getCrossProfileCallerIdDisabled(@NonNull ComponentName admin) { 4351 throwIfParentInstance("getCrossProfileCallerIdDisabled"); 4352 if (mService != null) { 4353 try { 4354 return mService.getCrossProfileCallerIdDisabled(admin); 4355 } catch (RemoteException e) { 4356 throw e.rethrowFromSystemServer(); 4357 } 4358 } 4359 return false; 4360 } 4361 4362 /** 4363 * Determine whether or not caller-Id information has been disabled. 4364 * 4365 * @param userHandle The user for whom to check the caller-id permission 4366 * @hide 4367 */ getCrossProfileCallerIdDisabled(UserHandle userHandle)4368 public boolean getCrossProfileCallerIdDisabled(UserHandle userHandle) { 4369 if (mService != null) { 4370 try { 4371 return mService.getCrossProfileCallerIdDisabledForUser(userHandle.getIdentifier()); 4372 } catch (RemoteException e) { 4373 throw e.rethrowFromSystemServer(); 4374 } 4375 } 4376 return false; 4377 } 4378 4379 /** 4380 * Called by a profile owner of a managed profile to set whether contacts search from the 4381 * managed profile will be shown in the parent profile, for incoming calls. 4382 * <p> 4383 * The calling device admin must be a profile owner. If it is not, a security exception will be 4384 * thrown. 4385 * 4386 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4387 * @param disabled If true contacts search in the managed profile is not displayed. 4388 * @throws SecurityException if {@code admin} is not a device or profile owner. 4389 */ setCrossProfileContactsSearchDisabled(@onNull ComponentName admin, boolean disabled)4390 public void setCrossProfileContactsSearchDisabled(@NonNull ComponentName admin, 4391 boolean disabled) { 4392 throwIfParentInstance("setCrossProfileContactsSearchDisabled"); 4393 if (mService != null) { 4394 try { 4395 mService.setCrossProfileContactsSearchDisabled(admin, disabled); 4396 } catch (RemoteException e) { 4397 throw e.rethrowFromSystemServer(); 4398 } 4399 } 4400 } 4401 4402 /** 4403 * Called by a profile owner of a managed profile to determine whether or not contacts search 4404 * has been disabled. 4405 * <p> 4406 * The calling device admin must be a profile owner. If it is not, a security exception will be 4407 * thrown. 4408 * 4409 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4410 * @throws SecurityException if {@code admin} is not a device or profile owner. 4411 */ getCrossProfileContactsSearchDisabled(@onNull ComponentName admin)4412 public boolean getCrossProfileContactsSearchDisabled(@NonNull ComponentName admin) { 4413 throwIfParentInstance("getCrossProfileContactsSearchDisabled"); 4414 if (mService != null) { 4415 try { 4416 return mService.getCrossProfileContactsSearchDisabled(admin); 4417 } catch (RemoteException e) { 4418 throw e.rethrowFromSystemServer(); 4419 } 4420 } 4421 return false; 4422 } 4423 4424 4425 /** 4426 * Determine whether or not contacts search has been disabled. 4427 * 4428 * @param userHandle The user for whom to check the contacts search permission 4429 * @hide 4430 */ getCrossProfileContactsSearchDisabled(@onNull UserHandle userHandle)4431 public boolean getCrossProfileContactsSearchDisabled(@NonNull UserHandle userHandle) { 4432 if (mService != null) { 4433 try { 4434 return mService 4435 .getCrossProfileContactsSearchDisabledForUser(userHandle.getIdentifier()); 4436 } catch (RemoteException e) { 4437 throw e.rethrowFromSystemServer(); 4438 } 4439 } 4440 return false; 4441 } 4442 4443 /** 4444 * Start Quick Contact on the managed profile for the user, if the policy allows. 4445 * 4446 * @hide 4447 */ startManagedQuickContact(String actualLookupKey, long actualContactId, boolean isContactIdIgnored, long directoryId, Intent originalIntent)4448 public void startManagedQuickContact(String actualLookupKey, long actualContactId, 4449 boolean isContactIdIgnored, long directoryId, Intent originalIntent) { 4450 if (mService != null) { 4451 try { 4452 mService.startManagedQuickContact(actualLookupKey, actualContactId, 4453 isContactIdIgnored, directoryId, originalIntent); 4454 } catch (RemoteException e) { 4455 throw e.rethrowFromSystemServer(); 4456 } 4457 } 4458 } 4459 4460 /** 4461 * Start Quick Contact on the managed profile for the user, if the policy allows. 4462 * @hide 4463 */ startManagedQuickContact(String actualLookupKey, long actualContactId, Intent originalIntent)4464 public void startManagedQuickContact(String actualLookupKey, long actualContactId, 4465 Intent originalIntent) { 4466 startManagedQuickContact(actualLookupKey, actualContactId, false, Directory.DEFAULT, 4467 originalIntent); 4468 } 4469 4470 /** 4471 * Called by a profile owner of a managed profile to set whether bluetooth devices can access 4472 * enterprise contacts. 4473 * <p> 4474 * The calling device admin must be a profile owner. If it is not, a security exception will be 4475 * thrown. 4476 * <p> 4477 * This API works on managed profile only. 4478 * 4479 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4480 * @param disabled If true, bluetooth devices cannot access enterprise contacts. 4481 * @throws SecurityException if {@code admin} is not a device or profile owner. 4482 */ setBluetoothContactSharingDisabled(@onNull ComponentName admin, boolean disabled)4483 public void setBluetoothContactSharingDisabled(@NonNull ComponentName admin, boolean disabled) { 4484 throwIfParentInstance("setBluetoothContactSharingDisabled"); 4485 if (mService != null) { 4486 try { 4487 mService.setBluetoothContactSharingDisabled(admin, disabled); 4488 } catch (RemoteException e) { 4489 throw e.rethrowFromSystemServer(); 4490 } 4491 } 4492 } 4493 4494 /** 4495 * Called by a profile owner of a managed profile to determine whether or not Bluetooth devices 4496 * cannot access enterprise contacts. 4497 * <p> 4498 * The calling device admin must be a profile owner. If it is not, a security exception will be 4499 * thrown. 4500 * <p> 4501 * This API works on managed profile only. 4502 * 4503 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4504 * @throws SecurityException if {@code admin} is not a device or profile owner. 4505 */ getBluetoothContactSharingDisabled(@onNull ComponentName admin)4506 public boolean getBluetoothContactSharingDisabled(@NonNull ComponentName admin) { 4507 throwIfParentInstance("getBluetoothContactSharingDisabled"); 4508 if (mService != null) { 4509 try { 4510 return mService.getBluetoothContactSharingDisabled(admin); 4511 } catch (RemoteException e) { 4512 throw e.rethrowFromSystemServer(); 4513 } 4514 } 4515 return true; 4516 } 4517 4518 /** 4519 * Determine whether or not Bluetooth devices cannot access contacts. 4520 * <p> 4521 * This API works on managed profile UserHandle only. 4522 * 4523 * @param userHandle The user for whom to check the caller-id permission 4524 * @hide 4525 */ getBluetoothContactSharingDisabled(UserHandle userHandle)4526 public boolean getBluetoothContactSharingDisabled(UserHandle userHandle) { 4527 if (mService != null) { 4528 try { 4529 return mService.getBluetoothContactSharingDisabledForUser(userHandle 4530 .getIdentifier()); 4531 } catch (RemoteException e) { 4532 throw e.rethrowFromSystemServer(); 4533 } 4534 } 4535 return true; 4536 } 4537 4538 /** 4539 * Called by the profile owner of a managed profile so that some intents sent in the managed 4540 * profile can also be resolved in the parent, or vice versa. Only activity intents are 4541 * supported. 4542 * 4543 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4544 * @param filter The {@link IntentFilter} the intent has to match to be also resolved in the 4545 * other profile 4546 * @param flags {@link DevicePolicyManager#FLAG_MANAGED_CAN_ACCESS_PARENT} and 4547 * {@link DevicePolicyManager#FLAG_PARENT_CAN_ACCESS_MANAGED} are supported. 4548 * @throws SecurityException if {@code admin} is not a device or profile owner. 4549 */ addCrossProfileIntentFilter(@onNull ComponentName admin, IntentFilter filter, int flags)4550 public void addCrossProfileIntentFilter(@NonNull ComponentName admin, IntentFilter filter, int flags) { 4551 throwIfParentInstance("addCrossProfileIntentFilter"); 4552 if (mService != null) { 4553 try { 4554 mService.addCrossProfileIntentFilter(admin, filter, flags); 4555 } catch (RemoteException e) { 4556 throw e.rethrowFromSystemServer(); 4557 } 4558 } 4559 } 4560 4561 /** 4562 * Called by a profile owner of a managed profile to remove the cross-profile intent filters 4563 * that go from the managed profile to the parent, or from the parent to the managed profile. 4564 * Only removes those that have been set by the profile owner. 4565 * 4566 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4567 * @throws SecurityException if {@code admin} is not a device or profile owner. 4568 */ clearCrossProfileIntentFilters(@onNull ComponentName admin)4569 public void clearCrossProfileIntentFilters(@NonNull ComponentName admin) { 4570 throwIfParentInstance("clearCrossProfileIntentFilters"); 4571 if (mService != null) { 4572 try { 4573 mService.clearCrossProfileIntentFilters(admin); 4574 } catch (RemoteException e) { 4575 throw e.rethrowFromSystemServer(); 4576 } 4577 } 4578 } 4579 4580 /** 4581 * Called by a profile or device owner to set the permitted accessibility services. When set by 4582 * a device owner or profile owner the restriction applies to all profiles of the user the 4583 * device owner or profile owner is an admin for. By default the user can use any accessiblity 4584 * service. When zero or more packages have been added, accessiblity services that are not in 4585 * the list and not part of the system can not be enabled by the user. 4586 * <p> 4587 * Calling with a null value for the list disables the restriction so that all services can be 4588 * used, calling with an empty list only allows the builtin system's services. 4589 * <p> 4590 * System accesibility services are always available to the user the list can't modify this. 4591 * 4592 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4593 * @param packageNames List of accessibility service package names. 4594 * @return true if setting the restriction succeeded. It fail if there is one or more non-system 4595 * accessibility services enabled, that are not in the list. 4596 * @throws SecurityException if {@code admin} is not a device or profile owner. 4597 */ setPermittedAccessibilityServices(@onNull ComponentName admin, List<String> packageNames)4598 public boolean setPermittedAccessibilityServices(@NonNull ComponentName admin, 4599 List<String> packageNames) { 4600 throwIfParentInstance("setPermittedAccessibilityServices"); 4601 if (mService != null) { 4602 try { 4603 return mService.setPermittedAccessibilityServices(admin, packageNames); 4604 } catch (RemoteException e) { 4605 throw e.rethrowFromSystemServer(); 4606 } 4607 } 4608 return false; 4609 } 4610 4611 /** 4612 * Returns the list of permitted accessibility services set by this device or profile owner. 4613 * <p> 4614 * An empty list means no accessibility services except system services are allowed. Null means 4615 * all accessibility services are allowed. 4616 * 4617 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4618 * @return List of accessiblity service package names. 4619 * @throws SecurityException if {@code admin} is not a device or profile owner. 4620 */ getPermittedAccessibilityServices(@onNull ComponentName admin)4621 public List<String> getPermittedAccessibilityServices(@NonNull ComponentName admin) { 4622 throwIfParentInstance("getPermittedAccessibilityServices"); 4623 if (mService != null) { 4624 try { 4625 return mService.getPermittedAccessibilityServices(admin); 4626 } catch (RemoteException e) { 4627 throw e.rethrowFromSystemServer(); 4628 } 4629 } 4630 return null; 4631 } 4632 4633 /** 4634 * Called by the system to check if a specific accessibility service is disabled by admin. 4635 * 4636 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4637 * @param packageName Accessibility service package name that needs to be checked. 4638 * @param userHandle user id the admin is running as. 4639 * @return true if the accessibility service is permitted, otherwise false. 4640 * 4641 * @hide 4642 */ isAccessibilityServicePermittedByAdmin(@onNull ComponentName admin, @NonNull String packageName, int userHandle)4643 public boolean isAccessibilityServicePermittedByAdmin(@NonNull ComponentName admin, 4644 @NonNull String packageName, int userHandle) { 4645 if (mService != null) { 4646 try { 4647 return mService.isAccessibilityServicePermittedByAdmin(admin, packageName, 4648 userHandle); 4649 } catch (RemoteException e) { 4650 throw e.rethrowFromSystemServer(); 4651 } 4652 } 4653 return false; 4654 } 4655 4656 /** 4657 * Returns the list of accessibility services permitted by the device or profiles 4658 * owners of this user. 4659 * 4660 * <p>Null means all accessibility services are allowed, if a non-null list is returned 4661 * it will contain the intersection of the permitted lists for any device or profile 4662 * owners that apply to this user. It will also include any system accessibility services. 4663 * 4664 * @param userId which user to check for. 4665 * @return List of accessiblity service package names. 4666 * @hide 4667 */ 4668 @SystemApi getPermittedAccessibilityServices(int userId)4669 public List<String> getPermittedAccessibilityServices(int userId) { 4670 throwIfParentInstance("getPermittedAccessibilityServices"); 4671 if (mService != null) { 4672 try { 4673 return mService.getPermittedAccessibilityServicesForUser(userId); 4674 } catch (RemoteException e) { 4675 throw e.rethrowFromSystemServer(); 4676 } 4677 } 4678 return null; 4679 } 4680 4681 /** 4682 * Called by a profile or device owner to set the permitted input methods services. When set by 4683 * a device owner or profile owner the restriction applies to all profiles of the user the 4684 * device owner or profile owner is an admin for. By default the user can use any input method. 4685 * When zero or more packages have been added, input method that are not in the list and not 4686 * part of the system can not be enabled by the user. This method will fail if it is called for 4687 * a admin that is not for the foreground user or a profile of the foreground user. 4688 * <p> 4689 * Calling with a null value for the list disables the restriction so that all input methods can 4690 * be used, calling with an empty list disables all but the system's own input methods. 4691 * <p> 4692 * System input methods are always available to the user this method can't modify this. 4693 * 4694 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4695 * @param packageNames List of input method package names. 4696 * @return true if setting the restriction succeeded. It will fail if there are one or more 4697 * non-system input methods currently enabled that are not in the packageNames list. 4698 * @throws SecurityException if {@code admin} is not a device or profile owner. 4699 */ setPermittedInputMethods(@onNull ComponentName admin, List<String> packageNames)4700 public boolean setPermittedInputMethods(@NonNull ComponentName admin, List<String> packageNames) { 4701 throwIfParentInstance("setPermittedInputMethods"); 4702 if (mService != null) { 4703 try { 4704 return mService.setPermittedInputMethods(admin, packageNames); 4705 } catch (RemoteException e) { 4706 throw e.rethrowFromSystemServer(); 4707 } 4708 } 4709 return false; 4710 } 4711 4712 4713 /** 4714 * Returns the list of permitted input methods set by this device or profile owner. 4715 * <p> 4716 * An empty list means no input methods except system input methods are allowed. Null means all 4717 * input methods are allowed. 4718 * 4719 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4720 * @return List of input method package names. 4721 * @throws SecurityException if {@code admin} is not a device or profile owner. 4722 */ getPermittedInputMethods(@onNull ComponentName admin)4723 public List<String> getPermittedInputMethods(@NonNull ComponentName admin) { 4724 throwIfParentInstance("getPermittedInputMethods"); 4725 if (mService != null) { 4726 try { 4727 return mService.getPermittedInputMethods(admin); 4728 } catch (RemoteException e) { 4729 throw e.rethrowFromSystemServer(); 4730 } 4731 } 4732 return null; 4733 } 4734 4735 /** 4736 * Called by the system to check if a specific input method is disabled by admin. 4737 * 4738 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4739 * @param packageName Input method package name that needs to be checked. 4740 * @param userHandle user id the admin is running as. 4741 * @return true if the input method is permitted, otherwise false. 4742 * 4743 * @hide 4744 */ isInputMethodPermittedByAdmin(@onNull ComponentName admin, @NonNull String packageName, int userHandle)4745 public boolean isInputMethodPermittedByAdmin(@NonNull ComponentName admin, 4746 @NonNull String packageName, int userHandle) { 4747 if (mService != null) { 4748 try { 4749 return mService.isInputMethodPermittedByAdmin(admin, packageName, userHandle); 4750 } catch (RemoteException e) { 4751 throw e.rethrowFromSystemServer(); 4752 } 4753 } 4754 return false; 4755 } 4756 4757 /** 4758 * Returns the list of input methods permitted by the device or profiles 4759 * owners of the current user. (*Not* calling user, due to a limitation in InputMethodManager.) 4760 * 4761 * <p>Null means all input methods are allowed, if a non-null list is returned 4762 * it will contain the intersection of the permitted lists for any device or profile 4763 * owners that apply to this user. It will also include any system input methods. 4764 * 4765 * @return List of input method package names. 4766 * @hide 4767 */ 4768 @SystemApi getPermittedInputMethodsForCurrentUser()4769 public List<String> getPermittedInputMethodsForCurrentUser() { 4770 throwIfParentInstance("getPermittedInputMethodsForCurrentUser"); 4771 if (mService != null) { 4772 try { 4773 return mService.getPermittedInputMethodsForCurrentUser(); 4774 } catch (RemoteException e) { 4775 throw e.rethrowFromSystemServer(); 4776 } 4777 } 4778 return null; 4779 } 4780 4781 /** 4782 * Called by a device owner to get the list of apps to keep around as APKs even if no user has 4783 * currently installed it. 4784 * 4785 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4786 * 4787 * @return List of package names to keep cached. 4788 * @hide 4789 */ getKeepUninstalledPackages(@onNull ComponentName admin)4790 public List<String> getKeepUninstalledPackages(@NonNull ComponentName admin) { 4791 throwIfParentInstance("getKeepUninstalledPackages"); 4792 if (mService != null) { 4793 try { 4794 return mService.getKeepUninstalledPackages(admin); 4795 } catch (RemoteException e) { 4796 throw e.rethrowFromSystemServer(); 4797 } 4798 } 4799 return null; 4800 } 4801 4802 /** 4803 * Called by a device owner to set a list of apps to keep around as APKs even if no user has 4804 * currently installed it. 4805 * 4806 * <p>Please note that setting this policy does not imply that specified apps will be 4807 * automatically pre-cached.</p> 4808 * 4809 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4810 * @param packageNames List of package names to keep cached. 4811 * @throws SecurityException if {@code admin} is not a device owner. 4812 * @hide 4813 */ setKeepUninstalledPackages(@onNull ComponentName admin, @NonNull List<String> packageNames)4814 public void setKeepUninstalledPackages(@NonNull ComponentName admin, 4815 @NonNull List<String> packageNames) { 4816 throwIfParentInstance("setKeepUninstalledPackages"); 4817 if (mService != null) { 4818 try { 4819 mService.setKeepUninstalledPackages(admin, packageNames); 4820 } catch (RemoteException e) { 4821 throw e.rethrowFromSystemServer(); 4822 } 4823 } 4824 } 4825 4826 /** 4827 * Called by a device owner to create a user with the specified name. The UserHandle returned 4828 * by this method should not be persisted as user handles are recycled as users are removed and 4829 * created. If you need to persist an identifier for this user, use 4830 * {@link UserManager#getSerialNumberForUser}. 4831 * 4832 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4833 * @param name the user's name 4834 * @see UserHandle 4835 * @return the {@link android.os.UserHandle} object for the created user, or {@code null} if the 4836 * user could not be created. 4837 * 4838 * @deprecated From {@link android.os.Build.VERSION_CODES#M} 4839 * @removed From {@link android.os.Build.VERSION_CODES#N} 4840 */ 4841 @Deprecated createUser(@onNull ComponentName admin, String name)4842 public UserHandle createUser(@NonNull ComponentName admin, String name) { 4843 return null; 4844 } 4845 4846 /** 4847 * Called by a device owner to create a user with the specified name. The UserHandle returned 4848 * by this method should not be persisted as user handles are recycled as users are removed and 4849 * created. If you need to persist an identifier for this user, use 4850 * {@link UserManager#getSerialNumberForUser}. The new user will be started in the background 4851 * immediately. 4852 * 4853 * <p> profileOwnerComponent is the {@link DeviceAdminReceiver} to be the profile owner as well 4854 * as registered as an active admin on the new user. The profile owner package will be 4855 * installed on the new user if it already is installed on the device. 4856 * 4857 * <p>If the optionalInitializeData is not null, then the extras will be passed to the 4858 * profileOwnerComponent when onEnable is called. 4859 * 4860 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4861 * @param name the user's name 4862 * @param ownerName the human readable name of the organisation associated with this DPM. 4863 * @param profileOwnerComponent The {@link DeviceAdminReceiver} that will be an active admin on 4864 * the user. 4865 * @param adminExtras Extras that will be passed to onEnable of the admin receiver 4866 * on the new user. 4867 * @see UserHandle 4868 * @return the {@link android.os.UserHandle} object for the created user, or {@code null} if the 4869 * user could not be created. 4870 * 4871 * @deprecated From {@link android.os.Build.VERSION_CODES#M} 4872 * @removed From {@link android.os.Build.VERSION_CODES#N} 4873 */ 4874 @Deprecated createAndInitializeUser(@onNull ComponentName admin, String name, String ownerName, @NonNull ComponentName profileOwnerComponent, Bundle adminExtras)4875 public UserHandle createAndInitializeUser(@NonNull ComponentName admin, String name, 4876 String ownerName, @NonNull ComponentName profileOwnerComponent, Bundle adminExtras) { 4877 return null; 4878 } 4879 4880 /** 4881 * Flag used by {@link #createAndManageUser} to skip setup wizard after creating a new user. 4882 */ 4883 public static final int SKIP_SETUP_WIZARD = 0x0001; 4884 4885 /** 4886 * Flag used by {@link #createAndManageUser} to specify that the user should be created 4887 * ephemeral. 4888 * @hide 4889 */ 4890 public static final int MAKE_USER_EPHEMERAL = 0x0002; 4891 4892 /** 4893 * Called by a device owner to create a user with the specified name and a given component of 4894 * the calling package as profile owner. The UserHandle returned by this method should not be 4895 * persisted as user handles are recycled as users are removed and created. If you need to 4896 * persist an identifier for this user, use {@link UserManager#getSerialNumberForUser}. The new 4897 * user will not be started in the background. 4898 * <p> 4899 * admin is the {@link DeviceAdminReceiver} which is the device owner. profileOwner is also a 4900 * DeviceAdminReceiver in the same package as admin, and will become the profile owner and will 4901 * be registered as an active admin on the new user. The profile owner package will be installed 4902 * on the new user. 4903 * <p> 4904 * If the adminExtras are not null, they will be stored on the device until the user is started 4905 * for the first time. Then the extras will be passed to the admin when onEnable is called. 4906 * 4907 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4908 * @param name The user's name. 4909 * @param profileOwner Which {@link DeviceAdminReceiver} will be profile owner. Has to be in the 4910 * same package as admin, otherwise no user is created and an 4911 * IllegalArgumentException is thrown. 4912 * @param adminExtras Extras that will be passed to onEnable of the admin receiver on the new 4913 * user. 4914 * @param flags {@link #SKIP_SETUP_WIZARD} is supported. 4915 * @see UserHandle 4916 * @return the {@link android.os.UserHandle} object for the created user, or {@code null} if the 4917 * user could not be created. 4918 * @throws SecurityException if {@code admin} is not a device owner. 4919 */ createAndManageUser(@onNull ComponentName admin, @NonNull String name, @NonNull ComponentName profileOwner, @Nullable PersistableBundle adminExtras, int flags)4920 public UserHandle createAndManageUser(@NonNull ComponentName admin, @NonNull String name, 4921 @NonNull ComponentName profileOwner, @Nullable PersistableBundle adminExtras, 4922 int flags) { 4923 throwIfParentInstance("createAndManageUser"); 4924 try { 4925 return mService.createAndManageUser(admin, name, profileOwner, adminExtras, flags); 4926 } catch (RemoteException re) { 4927 throw re.rethrowFromSystemServer(); 4928 } 4929 } 4930 4931 /** 4932 * Called by a device owner to remove a user and all associated data. The primary user can not 4933 * be removed. 4934 * 4935 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4936 * @param userHandle the user to remove. 4937 * @return {@code true} if the user was removed, {@code false} otherwise. 4938 * @throws SecurityException if {@code admin} is not a device owner. 4939 */ removeUser(@onNull ComponentName admin, UserHandle userHandle)4940 public boolean removeUser(@NonNull ComponentName admin, UserHandle userHandle) { 4941 throwIfParentInstance("removeUser"); 4942 try { 4943 return mService.removeUser(admin, userHandle); 4944 } catch (RemoteException re) { 4945 throw re.rethrowFromSystemServer(); 4946 } 4947 } 4948 4949 /** 4950 * Called by a device owner to switch the specified user to the foreground. 4951 * 4952 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 4953 * @param userHandle the user to switch to; null will switch to primary. 4954 * @return {@code true} if the switch was successful, {@code false} otherwise. 4955 * @throws SecurityException if {@code admin} is not a device owner. 4956 * @see Intent#ACTION_USER_FOREGROUND 4957 */ switchUser(@onNull ComponentName admin, @Nullable UserHandle userHandle)4958 public boolean switchUser(@NonNull ComponentName admin, @Nullable UserHandle userHandle) { 4959 throwIfParentInstance("switchUser"); 4960 try { 4961 return mService.switchUser(admin, userHandle); 4962 } catch (RemoteException re) { 4963 throw re.rethrowFromSystemServer(); 4964 } 4965 } 4966 4967 /** 4968 * Retrieves the application restrictions for a given target application running in the calling 4969 * user. 4970 * <p> 4971 * The caller must be a profile or device owner on that user, or the package allowed to manage 4972 * application restrictions via {@link #setApplicationRestrictionsManagingPackage}; otherwise a 4973 * security exception will be thrown. 4974 * 4975 * @param admin Which {@link DeviceAdminReceiver} this request is associated with, or 4976 * {@code null} if called by the application restrictions managing package. 4977 * @param packageName The name of the package to fetch restricted settings of. 4978 * @return {@link Bundle} of settings corresponding to what was set last time 4979 * {@link DevicePolicyManager#setApplicationRestrictions} was called, or an empty 4980 * {@link Bundle} if no restrictions have been set. 4981 * @throws SecurityException if {@code admin} is not a device or profile owner. 4982 * @see {@link #setApplicationRestrictionsManagingPackage} 4983 */ getApplicationRestrictions(@ullable ComponentName admin, String packageName)4984 public Bundle getApplicationRestrictions(@Nullable ComponentName admin, String packageName) { 4985 throwIfParentInstance("getApplicationRestrictions"); 4986 if (mService != null) { 4987 try { 4988 return mService.getApplicationRestrictions(admin, packageName); 4989 } catch (RemoteException e) { 4990 throw e.rethrowFromSystemServer(); 4991 } 4992 } 4993 return null; 4994 } 4995 4996 /** 4997 * Called by a profile or device owner to set a user restriction specified by the key. 4998 * <p> 4999 * The calling device admin must be a profile or device owner; if it is not, a security 5000 * exception will be thrown. 5001 * 5002 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5003 * @param key The key of the restriction. See the constants in {@link android.os.UserManager} 5004 * for the list of keys. 5005 * @throws SecurityException if {@code admin} is not a device or profile owner. 5006 */ addUserRestriction(@onNull ComponentName admin, String key)5007 public void addUserRestriction(@NonNull ComponentName admin, String key) { 5008 throwIfParentInstance("addUserRestriction"); 5009 if (mService != null) { 5010 try { 5011 mService.setUserRestriction(admin, key, true); 5012 } catch (RemoteException e) { 5013 throw e.rethrowFromSystemServer(); 5014 } 5015 } 5016 } 5017 5018 /** 5019 * Called by a profile or device owner to clear a user restriction specified by the key. 5020 * <p> 5021 * The calling device admin must be a profile or device owner; if it is not, a security 5022 * exception will be thrown. 5023 * 5024 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5025 * @param key The key of the restriction. See the constants in {@link android.os.UserManager} 5026 * for the list of keys. 5027 * @throws SecurityException if {@code admin} is not a device or profile owner. 5028 */ clearUserRestriction(@onNull ComponentName admin, String key)5029 public void clearUserRestriction(@NonNull ComponentName admin, String key) { 5030 throwIfParentInstance("clearUserRestriction"); 5031 if (mService != null) { 5032 try { 5033 mService.setUserRestriction(admin, key, false); 5034 } catch (RemoteException e) { 5035 throw e.rethrowFromSystemServer(); 5036 } 5037 } 5038 } 5039 5040 /** 5041 * Called by a profile or device owner to get user restrictions set with 5042 * {@link #addUserRestriction(ComponentName, String)}. 5043 * <p> 5044 * The target user may have more restrictions set by the system or other device owner / profile 5045 * owner. To get all the user restrictions currently set, use 5046 * {@link UserManager#getUserRestrictions()}. 5047 * 5048 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5049 * @throws SecurityException if {@code admin} is not a device or profile owner. 5050 */ getUserRestrictions(@onNull ComponentName admin)5051 public Bundle getUserRestrictions(@NonNull ComponentName admin) { 5052 throwIfParentInstance("getUserRestrictions"); 5053 Bundle ret = null; 5054 if (mService != null) { 5055 try { 5056 ret = mService.getUserRestrictions(admin); 5057 } catch (RemoteException e) { 5058 throw e.rethrowFromSystemServer(); 5059 } 5060 } 5061 return ret == null ? new Bundle() : ret; 5062 } 5063 5064 /** 5065 * Called by profile or device owners to hide or unhide packages. When a package is hidden it is 5066 * unavailable for use, but the data and actual package file remain. 5067 * 5068 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5069 * @param packageName The name of the package to hide or unhide. 5070 * @param hidden {@code true} if the package should be hidden, {@code false} if it should be 5071 * unhidden. 5072 * @return boolean Whether the hidden setting of the package was successfully updated. 5073 * @throws SecurityException if {@code admin} is not a device or profile owner. 5074 */ setApplicationHidden(@onNull ComponentName admin, String packageName, boolean hidden)5075 public boolean setApplicationHidden(@NonNull ComponentName admin, String packageName, 5076 boolean hidden) { 5077 throwIfParentInstance("setApplicationHidden"); 5078 if (mService != null) { 5079 try { 5080 return mService.setApplicationHidden(admin, packageName, hidden); 5081 } catch (RemoteException e) { 5082 throw e.rethrowFromSystemServer(); 5083 } 5084 } 5085 return false; 5086 } 5087 5088 /** 5089 * Called by profile or device owners to determine if a package is hidden. 5090 * 5091 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5092 * @param packageName The name of the package to retrieve the hidden status of. 5093 * @return boolean {@code true} if the package is hidden, {@code false} otherwise. 5094 * @throws SecurityException if {@code admin} is not a device or profile owner. 5095 */ isApplicationHidden(@onNull ComponentName admin, String packageName)5096 public boolean isApplicationHidden(@NonNull ComponentName admin, String packageName) { 5097 throwIfParentInstance("isApplicationHidden"); 5098 if (mService != null) { 5099 try { 5100 return mService.isApplicationHidden(admin, packageName); 5101 } catch (RemoteException e) { 5102 throw e.rethrowFromSystemServer(); 5103 } 5104 } 5105 return false; 5106 } 5107 5108 /** 5109 * Called by profile or device owners to re-enable a system app that was disabled by default 5110 * when the user was initialized. 5111 * 5112 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5113 * @param packageName The package to be re-enabled in the calling profile. 5114 * @throws SecurityException if {@code admin} is not a device or profile owner. 5115 */ enableSystemApp(@onNull ComponentName admin, String packageName)5116 public void enableSystemApp(@NonNull ComponentName admin, String packageName) { 5117 throwIfParentInstance("enableSystemApp"); 5118 if (mService != null) { 5119 try { 5120 mService.enableSystemApp(admin, packageName); 5121 } catch (RemoteException e) { 5122 throw e.rethrowFromSystemServer(); 5123 } 5124 } 5125 } 5126 5127 /** 5128 * Called by profile or device owners to re-enable system apps by intent that were disabled by 5129 * default when the user was initialized. 5130 * 5131 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5132 * @param intent An intent matching the app(s) to be installed. All apps that resolve for this 5133 * intent will be re-enabled in the calling profile. 5134 * @return int The number of activities that matched the intent and were installed. 5135 * @throws SecurityException if {@code admin} is not a device or profile owner. 5136 */ enableSystemApp(@onNull ComponentName admin, Intent intent)5137 public int enableSystemApp(@NonNull ComponentName admin, Intent intent) { 5138 throwIfParentInstance("enableSystemApp"); 5139 if (mService != null) { 5140 try { 5141 return mService.enableSystemAppWithIntent(admin, intent); 5142 } catch (RemoteException e) { 5143 throw e.rethrowFromSystemServer(); 5144 } 5145 } 5146 return 0; 5147 } 5148 5149 /** 5150 * Called by a device owner or profile owner to disable account management for a specific type 5151 * of account. 5152 * <p> 5153 * The calling device admin must be a device owner or profile owner. If it is not, a security 5154 * exception will be thrown. 5155 * <p> 5156 * When account management is disabled for an account type, adding or removing an account of 5157 * that type will not be possible. 5158 * <p> 5159 * From {@link android.os.Build.VERSION_CODES#N} the profile or device owner can still use 5160 * {@link android.accounts.AccountManager} APIs to add or remove accounts when account 5161 * management for a specific type is disabled. 5162 * 5163 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5164 * @param accountType For which account management is disabled or enabled. 5165 * @param disabled The boolean indicating that account management will be disabled (true) or 5166 * enabled (false). 5167 * @throws SecurityException if {@code admin} is not a device or profile owner. 5168 */ setAccountManagementDisabled(@onNull ComponentName admin, String accountType, boolean disabled)5169 public void setAccountManagementDisabled(@NonNull ComponentName admin, String accountType, 5170 boolean disabled) { 5171 throwIfParentInstance("setAccountManagementDisabled"); 5172 if (mService != null) { 5173 try { 5174 mService.setAccountManagementDisabled(admin, accountType, disabled); 5175 } catch (RemoteException e) { 5176 throw e.rethrowFromSystemServer(); 5177 } 5178 } 5179 } 5180 5181 /** 5182 * Gets the array of accounts for which account management is disabled by the profile owner. 5183 * 5184 * <p> Account management can be disabled/enabled by calling 5185 * {@link #setAccountManagementDisabled}. 5186 * 5187 * @return a list of account types for which account management has been disabled. 5188 * 5189 * @see #setAccountManagementDisabled 5190 */ getAccountTypesWithManagementDisabled()5191 public String[] getAccountTypesWithManagementDisabled() { 5192 throwIfParentInstance("getAccountTypesWithManagementDisabled"); 5193 return getAccountTypesWithManagementDisabledAsUser(myUserId()); 5194 } 5195 5196 /** 5197 * @see #getAccountTypesWithManagementDisabled() 5198 * @hide 5199 */ getAccountTypesWithManagementDisabledAsUser(int userId)5200 public String[] getAccountTypesWithManagementDisabledAsUser(int userId) { 5201 if (mService != null) { 5202 try { 5203 return mService.getAccountTypesWithManagementDisabledAsUser(userId); 5204 } catch (RemoteException e) { 5205 throw e.rethrowFromSystemServer(); 5206 } 5207 } 5208 5209 return null; 5210 } 5211 5212 /** 5213 * Sets which packages may enter lock task mode. 5214 * <p> 5215 * Any packages that shares uid with an allowed package will also be allowed to activate lock 5216 * task. From {@link android.os.Build.VERSION_CODES#M} removing packages from the lock task 5217 * package list results in locked tasks belonging to those packages to be finished. This 5218 * function can only be called by the device owner. 5219 * 5220 * @param packages The list of packages allowed to enter lock task mode 5221 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5222 * @throws SecurityException if {@code admin} is not a device owner. 5223 * @see Activity#startLockTask() 5224 * @see DeviceAdminReceiver#onLockTaskModeEntering(Context, Intent, String) 5225 * @see DeviceAdminReceiver#onLockTaskModeExiting(Context, Intent) 5226 * @see UserManager#DISALLOW_CREATE_WINDOWS 5227 */ setLockTaskPackages(@onNull ComponentName admin, String[] packages)5228 public void setLockTaskPackages(@NonNull ComponentName admin, String[] packages) 5229 throws SecurityException { 5230 throwIfParentInstance("setLockTaskPackages"); 5231 if (mService != null) { 5232 try { 5233 mService.setLockTaskPackages(admin, packages); 5234 } catch (RemoteException e) { 5235 throw e.rethrowFromSystemServer(); 5236 } 5237 } 5238 } 5239 5240 /** 5241 * This function returns the list of packages allowed to start the lock task mode. 5242 * 5243 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5244 * @hide 5245 */ getLockTaskPackages(@onNull ComponentName admin)5246 public String[] getLockTaskPackages(@NonNull ComponentName admin) { 5247 throwIfParentInstance("getLockTaskPackages"); 5248 if (mService != null) { 5249 try { 5250 return mService.getLockTaskPackages(admin); 5251 } catch (RemoteException e) { 5252 throw e.rethrowFromSystemServer(); 5253 } 5254 } 5255 return null; 5256 } 5257 5258 /** 5259 * This function lets the caller know whether the given component is allowed to start the 5260 * lock task mode. 5261 * @param pkg The package to check 5262 */ isLockTaskPermitted(String pkg)5263 public boolean isLockTaskPermitted(String pkg) { 5264 throwIfParentInstance("isLockTaskPermitted"); 5265 if (mService != null) { 5266 try { 5267 return mService.isLockTaskPermitted(pkg); 5268 } catch (RemoteException e) { 5269 throw e.rethrowFromSystemServer(); 5270 } 5271 } 5272 return false; 5273 } 5274 5275 /** 5276 * Called by device owners to update {@link Settings.Global} settings. Validation that the value 5277 * of the setting is in the correct form for the setting type should be performed by the caller. 5278 * <p> 5279 * The settings that can be updated with this method are: 5280 * <ul> 5281 * <li>{@link Settings.Global#ADB_ENABLED}</li> 5282 * <li>{@link Settings.Global#AUTO_TIME}</li> 5283 * <li>{@link Settings.Global#AUTO_TIME_ZONE}</li> 5284 * <li>{@link Settings.Global#DATA_ROAMING}</li> 5285 * <li>{@link Settings.Global#USB_MASS_STORAGE_ENABLED}</li> 5286 * <li>{@link Settings.Global#WIFI_SLEEP_POLICY}</li> 5287 * <li>{@link Settings.Global#STAY_ON_WHILE_PLUGGED_IN} This setting is only available from 5288 * {@link android.os.Build.VERSION_CODES#M} onwards and can only be set if 5289 * {@link #setMaximumTimeToLock} is not used to set a timeout.</li> 5290 * <li>{@link Settings.Global#WIFI_DEVICE_OWNER_CONFIGS_LOCKDOWN}</li> This setting is only 5291 * available from {@link android.os.Build.VERSION_CODES#M} onwards.</li> 5292 * </ul> 5293 * <p> 5294 * Changing the following settings has no effect as of {@link android.os.Build.VERSION_CODES#M}: 5295 * <ul> 5296 * <li>{@link Settings.Global#BLUETOOTH_ON}. Use 5297 * {@link android.bluetooth.BluetoothAdapter#enable()} and 5298 * {@link android.bluetooth.BluetoothAdapter#disable()} instead.</li> 5299 * <li>{@link Settings.Global#DEVELOPMENT_SETTINGS_ENABLED}</li> 5300 * <li>{@link Settings.Global#MODE_RINGER}. Use 5301 * {@link android.media.AudioManager#setRingerMode(int)} instead.</li> 5302 * <li>{@link Settings.Global#NETWORK_PREFERENCE}</li> 5303 * <li>{@link Settings.Global#WIFI_ON}. Use 5304 * {@link android.net.wifi.WifiManager#setWifiEnabled(boolean)} instead.</li> 5305 * </ul> 5306 * 5307 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5308 * @param setting The name of the setting to update. 5309 * @param value The value to update the setting to. 5310 * @throws SecurityException if {@code admin} is not a device owner. 5311 */ setGlobalSetting(@onNull ComponentName admin, String setting, String value)5312 public void setGlobalSetting(@NonNull ComponentName admin, String setting, String value) { 5313 throwIfParentInstance("setGlobalSetting"); 5314 if (mService != null) { 5315 try { 5316 mService.setGlobalSetting(admin, setting, value); 5317 } catch (RemoteException e) { 5318 throw e.rethrowFromSystemServer(); 5319 } 5320 } 5321 } 5322 5323 /** 5324 * Called by profile or device owners to update {@link Settings.Secure} settings. Validation 5325 * that the value of the setting is in the correct form for the setting type should be performed 5326 * by the caller. 5327 * <p> 5328 * The settings that can be updated by a profile or device owner with this method are: 5329 * <ul> 5330 * <li>{@link Settings.Secure#DEFAULT_INPUT_METHOD}</li> 5331 * <li>{@link Settings.Secure#INSTALL_NON_MARKET_APPS}</li> 5332 * <li>{@link Settings.Secure#SKIP_FIRST_USE_HINTS}</li> 5333 * </ul> 5334 * <p> 5335 * A device owner can additionally update the following settings: 5336 * <ul> 5337 * <li>{@link Settings.Secure#LOCATION_MODE}</li> 5338 * </ul> 5339 * 5340 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5341 * @param setting The name of the setting to update. 5342 * @param value The value to update the setting to. 5343 * @throws SecurityException if {@code admin} is not a device or profile owner. 5344 */ setSecureSetting(@onNull ComponentName admin, String setting, String value)5345 public void setSecureSetting(@NonNull ComponentName admin, String setting, String value) { 5346 throwIfParentInstance("setSecureSetting"); 5347 if (mService != null) { 5348 try { 5349 mService.setSecureSetting(admin, setting, value); 5350 } catch (RemoteException e) { 5351 throw e.rethrowFromSystemServer(); 5352 } 5353 } 5354 } 5355 5356 /** 5357 * Designates a specific service component as the provider for making permission requests of a 5358 * local or remote administrator of the user. 5359 * <p/> 5360 * Only a profile owner can designate the restrictions provider. 5361 * 5362 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5363 * @param provider The component name of the service that implements 5364 * {@link RestrictionsReceiver}. If this param is null, it removes the restrictions 5365 * provider previously assigned. 5366 * @throws SecurityException if {@code admin} is not a device or profile owner. 5367 */ setRestrictionsProvider(@onNull ComponentName admin, @Nullable ComponentName provider)5368 public void setRestrictionsProvider(@NonNull ComponentName admin, 5369 @Nullable ComponentName provider) { 5370 throwIfParentInstance("setRestrictionsProvider"); 5371 if (mService != null) { 5372 try { 5373 mService.setRestrictionsProvider(admin, provider); 5374 } catch (RemoteException re) { 5375 throw re.rethrowFromSystemServer(); 5376 } 5377 } 5378 } 5379 5380 /** 5381 * Called by profile or device owners to set the master volume mute on or off. 5382 * 5383 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5384 * @param on {@code true} to mute master volume, {@code false} to turn mute off. 5385 * @throws SecurityException if {@code admin} is not a device or profile owner. 5386 */ setMasterVolumeMuted(@onNull ComponentName admin, boolean on)5387 public void setMasterVolumeMuted(@NonNull ComponentName admin, boolean on) { 5388 throwIfParentInstance("setMasterVolumeMuted"); 5389 if (mService != null) { 5390 try { 5391 mService.setMasterVolumeMuted(admin, on); 5392 } catch (RemoteException re) { 5393 throw re.rethrowFromSystemServer(); 5394 } 5395 } 5396 } 5397 5398 /** 5399 * Called by profile or device owners to check whether the master volume mute is on or off. 5400 * 5401 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5402 * @return {@code true} if master volume is muted, {@code false} if it's not. 5403 * @throws SecurityException if {@code admin} is not a device or profile owner. 5404 */ isMasterVolumeMuted(@onNull ComponentName admin)5405 public boolean isMasterVolumeMuted(@NonNull ComponentName admin) { 5406 throwIfParentInstance("isMasterVolumeMuted"); 5407 if (mService != null) { 5408 try { 5409 return mService.isMasterVolumeMuted(admin); 5410 } catch (RemoteException re) { 5411 throw re.rethrowFromSystemServer(); 5412 } 5413 } 5414 return false; 5415 } 5416 5417 /** 5418 * Called by profile or device owners to change whether a user can uninstall a package. 5419 * 5420 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5421 * @param packageName package to change. 5422 * @param uninstallBlocked true if the user shouldn't be able to uninstall the package. 5423 * @throws SecurityException if {@code admin} is not a device or profile owner. 5424 */ setUninstallBlocked(@onNull ComponentName admin, String packageName, boolean uninstallBlocked)5425 public void setUninstallBlocked(@NonNull ComponentName admin, String packageName, 5426 boolean uninstallBlocked) { 5427 throwIfParentInstance("setUninstallBlocked"); 5428 if (mService != null) { 5429 try { 5430 mService.setUninstallBlocked(admin, packageName, uninstallBlocked); 5431 } catch (RemoteException re) { 5432 throw re.rethrowFromSystemServer(); 5433 } 5434 } 5435 } 5436 5437 /** 5438 * Check whether the user has been blocked by device policy from uninstalling a package. 5439 * Requires the caller to be the profile owner if checking a specific admin's policy. 5440 * <p> 5441 * <strong>Note:</strong> Starting from {@link android.os.Build.VERSION_CODES#LOLLIPOP_MR1}, the 5442 * behavior of this API is changed such that passing {@code null} as the {@code admin} parameter 5443 * will return if any admin has blocked the uninstallation. Before L MR1, passing {@code null} 5444 * will cause a NullPointerException to be raised. 5445 * 5446 * @param admin The name of the admin component whose blocking policy will be checked, or 5447 * {@code null} to check whether any admin has blocked the uninstallation. 5448 * @param packageName package to check. 5449 * @return true if uninstallation is blocked. 5450 * @throws SecurityException if {@code admin} is not a device or profile owner. 5451 */ isUninstallBlocked(@ullable ComponentName admin, String packageName)5452 public boolean isUninstallBlocked(@Nullable ComponentName admin, String packageName) { 5453 throwIfParentInstance("isUninstallBlocked"); 5454 if (mService != null) { 5455 try { 5456 return mService.isUninstallBlocked(admin, packageName); 5457 } catch (RemoteException re) { 5458 throw re.rethrowFromSystemServer(); 5459 } 5460 } 5461 return false; 5462 } 5463 5464 /** 5465 * Called by the profile owner of a managed profile to enable widget providers from a given 5466 * package to be available in the parent profile. As a result the user will be able to add 5467 * widgets from the white-listed package running under the profile to a widget host which runs 5468 * under the parent profile, for example the home screen. Note that a package may have zero or 5469 * more provider components, where each component provides a different widget type. 5470 * <p> 5471 * <strong>Note:</strong> By default no widget provider package is white-listed. 5472 * 5473 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5474 * @param packageName The package from which widget providers are white-listed. 5475 * @return Whether the package was added. 5476 * @throws SecurityException if {@code admin} is not a profile owner. 5477 * @see #removeCrossProfileWidgetProvider(android.content.ComponentName, String) 5478 * @see #getCrossProfileWidgetProviders(android.content.ComponentName) 5479 */ addCrossProfileWidgetProvider(@onNull ComponentName admin, String packageName)5480 public boolean addCrossProfileWidgetProvider(@NonNull ComponentName admin, String packageName) { 5481 throwIfParentInstance("addCrossProfileWidgetProvider"); 5482 if (mService != null) { 5483 try { 5484 return mService.addCrossProfileWidgetProvider(admin, packageName); 5485 } catch (RemoteException re) { 5486 throw re.rethrowFromSystemServer(); 5487 } 5488 } 5489 return false; 5490 } 5491 5492 /** 5493 * Called by the profile owner of a managed profile to disable widget providers from a given 5494 * package to be available in the parent profile. For this method to take effect the package 5495 * should have been added via 5496 * {@link #addCrossProfileWidgetProvider( android.content.ComponentName, String)}. 5497 * <p> 5498 * <strong>Note:</strong> By default no widget provider package is white-listed. 5499 * 5500 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5501 * @param packageName The package from which widget providers are no longer white-listed. 5502 * @return Whether the package was removed. 5503 * @throws SecurityException if {@code admin} is not a profile owner. 5504 * @see #addCrossProfileWidgetProvider(android.content.ComponentName, String) 5505 * @see #getCrossProfileWidgetProviders(android.content.ComponentName) 5506 */ removeCrossProfileWidgetProvider( @onNull ComponentName admin, String packageName)5507 public boolean removeCrossProfileWidgetProvider( 5508 @NonNull ComponentName admin, String packageName) { 5509 throwIfParentInstance("removeCrossProfileWidgetProvider"); 5510 if (mService != null) { 5511 try { 5512 return mService.removeCrossProfileWidgetProvider(admin, packageName); 5513 } catch (RemoteException re) { 5514 throw re.rethrowFromSystemServer(); 5515 } 5516 } 5517 return false; 5518 } 5519 5520 /** 5521 * Called by the profile owner of a managed profile to query providers from which packages are 5522 * available in the parent profile. 5523 * 5524 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5525 * @return The white-listed package list. 5526 * @see #addCrossProfileWidgetProvider(android.content.ComponentName, String) 5527 * @see #removeCrossProfileWidgetProvider(android.content.ComponentName, String) 5528 * @throws SecurityException if {@code admin} is not a profile owner. 5529 */ getCrossProfileWidgetProviders(@onNull ComponentName admin)5530 public List<String> getCrossProfileWidgetProviders(@NonNull ComponentName admin) { 5531 throwIfParentInstance("getCrossProfileWidgetProviders"); 5532 if (mService != null) { 5533 try { 5534 List<String> providers = mService.getCrossProfileWidgetProviders(admin); 5535 if (providers != null) { 5536 return providers; 5537 } 5538 } catch (RemoteException re) { 5539 throw re.rethrowFromSystemServer(); 5540 } 5541 } 5542 return Collections.emptyList(); 5543 } 5544 5545 /** 5546 * Called by profile or device owners to set the user's photo. 5547 * 5548 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5549 * @param icon the bitmap to set as the photo. 5550 * @throws SecurityException if {@code admin} is not a device or profile owner. 5551 */ setUserIcon(@onNull ComponentName admin, Bitmap icon)5552 public void setUserIcon(@NonNull ComponentName admin, Bitmap icon) { 5553 throwIfParentInstance("setUserIcon"); 5554 try { 5555 mService.setUserIcon(admin, icon); 5556 } catch (RemoteException re) { 5557 throw re.rethrowFromSystemServer(); 5558 } 5559 } 5560 5561 /** 5562 * Called by device owners to set a local system update policy. When a new policy is set, 5563 * {@link #ACTION_SYSTEM_UPDATE_POLICY_CHANGED} is broadcasted. 5564 * 5565 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. All 5566 * components in the device owner package can set system update policies and the most 5567 * recent policy takes effect. 5568 * @param policy the new policy, or {@code null} to clear the current policy. 5569 * @throws SecurityException if {@code admin} is not a device owner. 5570 * @see SystemUpdatePolicy 5571 */ setSystemUpdatePolicy(@onNull ComponentName admin, SystemUpdatePolicy policy)5572 public void setSystemUpdatePolicy(@NonNull ComponentName admin, SystemUpdatePolicy policy) { 5573 throwIfParentInstance("setSystemUpdatePolicy"); 5574 if (mService != null) { 5575 try { 5576 mService.setSystemUpdatePolicy(admin, policy); 5577 } catch (RemoteException re) { 5578 throw re.rethrowFromSystemServer(); 5579 } 5580 } 5581 } 5582 5583 /** 5584 * Retrieve a local system update policy set previously by {@link #setSystemUpdatePolicy}. 5585 * 5586 * @return The current policy object, or {@code null} if no policy is set. 5587 */ getSystemUpdatePolicy()5588 public SystemUpdatePolicy getSystemUpdatePolicy() { 5589 throwIfParentInstance("getSystemUpdatePolicy"); 5590 if (mService != null) { 5591 try { 5592 return mService.getSystemUpdatePolicy(); 5593 } catch (RemoteException re) { 5594 throw re.rethrowFromSystemServer(); 5595 } 5596 } 5597 return null; 5598 } 5599 5600 /** 5601 * Called by a device owner to disable the keyguard altogether. 5602 * <p> 5603 * Setting the keyguard to disabled has the same effect as choosing "None" as the screen lock 5604 * type. However, this call has no effect if a password, pin or pattern is currently set. If a 5605 * password, pin or pattern is set after the keyguard was disabled, the keyguard stops being 5606 * disabled. 5607 * 5608 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5609 * @param disabled {@code true} disables the keyguard, {@code false} reenables it. 5610 * @return {@code false} if attempting to disable the keyguard while a lock password was in 5611 * place. {@code true} otherwise. 5612 * @throws SecurityException if {@code admin} is not a device owner. 5613 */ setKeyguardDisabled(@onNull ComponentName admin, boolean disabled)5614 public boolean setKeyguardDisabled(@NonNull ComponentName admin, boolean disabled) { 5615 throwIfParentInstance("setKeyguardDisabled"); 5616 try { 5617 return mService.setKeyguardDisabled(admin, disabled); 5618 } catch (RemoteException re) { 5619 throw re.rethrowFromSystemServer(); 5620 } 5621 } 5622 5623 /** 5624 * Called by device owner to disable the status bar. Disabling the status bar blocks 5625 * notifications, quick settings and other screen overlays that allow escaping from a single use 5626 * device. 5627 * 5628 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5629 * @param disabled {@code true} disables the status bar, {@code false} reenables it. 5630 * @return {@code false} if attempting to disable the status bar failed. {@code true} otherwise. 5631 * @throws SecurityException if {@code admin} is not a device owner. 5632 */ setStatusBarDisabled(@onNull ComponentName admin, boolean disabled)5633 public boolean setStatusBarDisabled(@NonNull ComponentName admin, boolean disabled) { 5634 throwIfParentInstance("setStatusBarDisabled"); 5635 try { 5636 return mService.setStatusBarDisabled(admin, disabled); 5637 } catch (RemoteException re) { 5638 throw re.rethrowFromSystemServer(); 5639 } 5640 } 5641 5642 /** 5643 * Callable by the system update service to notify device owners about pending updates. 5644 * The caller must hold {@link android.Manifest.permission#NOTIFY_PENDING_SYSTEM_UPDATE} 5645 * permission. 5646 * 5647 * @param updateReceivedTime The time as given by {@link System#currentTimeMillis()} indicating 5648 * when the current pending update was first available. -1 if no update is available. 5649 * @hide 5650 */ 5651 @SystemApi notifyPendingSystemUpdate(long updateReceivedTime)5652 public void notifyPendingSystemUpdate(long updateReceivedTime) { 5653 throwIfParentInstance("notifyPendingSystemUpdate"); 5654 if (mService != null) { 5655 try { 5656 mService.notifyPendingSystemUpdate(updateReceivedTime); 5657 } catch (RemoteException re) { 5658 throw re.rethrowFromSystemServer(); 5659 } 5660 } 5661 } 5662 5663 /** 5664 * Called by profile or device owners to set the default response for future runtime permission 5665 * requests by applications. The policy can allow for normal operation which prompts the user to 5666 * grant a permission, or can allow automatic granting or denying of runtime permission requests 5667 * by an application. This also applies to new permissions declared by app updates. When a 5668 * permission is denied or granted this way, the effect is equivalent to setting the permission 5669 * grant state via {@link #setPermissionGrantState}. 5670 * <p/> 5671 * As this policy only acts on runtime permission requests, it only applies to applications 5672 * built with a {@code targetSdkVersion} of {@link android.os.Build.VERSION_CODES#M} or later. 5673 * 5674 * @param admin Which profile or device owner this request is associated with. 5675 * @param policy One of the policy constants {@link #PERMISSION_POLICY_PROMPT}, 5676 * {@link #PERMISSION_POLICY_AUTO_GRANT} and {@link #PERMISSION_POLICY_AUTO_DENY}. 5677 * @throws SecurityException if {@code admin} is not a device or profile owner. 5678 * @see #setPermissionGrantState 5679 */ setPermissionPolicy(@onNull ComponentName admin, int policy)5680 public void setPermissionPolicy(@NonNull ComponentName admin, int policy) { 5681 throwIfParentInstance("setPermissionPolicy"); 5682 try { 5683 mService.setPermissionPolicy(admin, policy); 5684 } catch (RemoteException re) { 5685 throw re.rethrowFromSystemServer(); 5686 } 5687 } 5688 5689 /** 5690 * Returns the current runtime permission policy set by the device or profile owner. The 5691 * default is {@link #PERMISSION_POLICY_PROMPT}. 5692 * @param admin Which profile or device owner this request is associated with. 5693 * @return the current policy for future permission requests. 5694 */ getPermissionPolicy(ComponentName admin)5695 public int getPermissionPolicy(ComponentName admin) { 5696 throwIfParentInstance("getPermissionPolicy"); 5697 try { 5698 return mService.getPermissionPolicy(admin); 5699 } catch (RemoteException re) { 5700 throw re.rethrowFromSystemServer(); 5701 } 5702 } 5703 5704 /** 5705 * Sets the grant state of a runtime permission for a specific application. The state can be 5706 * {@link #PERMISSION_GRANT_STATE_DEFAULT default} in which a user can manage it through the UI, 5707 * {@link #PERMISSION_GRANT_STATE_DENIED denied}, in which the permission is denied and the user 5708 * cannot manage it through the UI, and {@link #PERMISSION_GRANT_STATE_GRANTED granted} in which 5709 * the permission is granted and the user cannot manage it through the UI. This might affect all 5710 * permissions in a group that the runtime permission belongs to. This method can only be called 5711 * by a profile or device owner. 5712 * <p/> 5713 * Setting the grant state to {@link #PERMISSION_GRANT_STATE_DEFAULT default} does not revoke 5714 * the permission. It retains the previous grant, if any. 5715 * <p/> 5716 * Permissions can be granted or revoked only for applications built with a 5717 * {@code targetSdkVersion} of {@link android.os.Build.VERSION_CODES#M} or later. 5718 * 5719 * @param admin Which profile or device owner this request is associated with. 5720 * @param packageName The application to grant or revoke a permission to. 5721 * @param permission The permission to grant or revoke. 5722 * @param grantState The permission grant state which is one of 5723 * {@link #PERMISSION_GRANT_STATE_DENIED}, {@link #PERMISSION_GRANT_STATE_DEFAULT}, 5724 * {@link #PERMISSION_GRANT_STATE_GRANTED}, 5725 * @return whether the permission was successfully granted or revoked. 5726 * @throws SecurityException if {@code admin} is not a device or profile owner. 5727 * @see #PERMISSION_GRANT_STATE_DENIED 5728 * @see #PERMISSION_GRANT_STATE_DEFAULT 5729 * @see #PERMISSION_GRANT_STATE_GRANTED 5730 */ setPermissionGrantState(@onNull ComponentName admin, String packageName, String permission, int grantState)5731 public boolean setPermissionGrantState(@NonNull ComponentName admin, String packageName, 5732 String permission, int grantState) { 5733 throwIfParentInstance("setPermissionGrantState"); 5734 try { 5735 return mService.setPermissionGrantState(admin, packageName, permission, grantState); 5736 } catch (RemoteException re) { 5737 throw re.rethrowFromSystemServer(); 5738 } 5739 } 5740 5741 /** 5742 * Returns the current grant state of a runtime permission for a specific application. 5743 * 5744 * @param admin Which profile or device owner this request is associated with. 5745 * @param packageName The application to check the grant state for. 5746 * @param permission The permission to check for. 5747 * @return the current grant state specified by device policy. If the profile or device owner 5748 * has not set a grant state, the return value is 5749 * {@link #PERMISSION_GRANT_STATE_DEFAULT}. This does not indicate whether or not the 5750 * permission is currently granted for the package. 5751 * <p/> 5752 * If a grant state was set by the profile or device owner, then the return value will 5753 * be one of {@link #PERMISSION_GRANT_STATE_DENIED} or 5754 * {@link #PERMISSION_GRANT_STATE_GRANTED}, which indicates if the permission is 5755 * currently denied or granted. 5756 * @throws SecurityException if {@code admin} is not a device or profile owner. 5757 * @see #setPermissionGrantState(ComponentName, String, String, int) 5758 * @see PackageManager#checkPermission(String, String) 5759 */ getPermissionGrantState(@onNull ComponentName admin, String packageName, String permission)5760 public int getPermissionGrantState(@NonNull ComponentName admin, String packageName, 5761 String permission) { 5762 throwIfParentInstance("getPermissionGrantState"); 5763 try { 5764 return mService.getPermissionGrantState(admin, packageName, permission); 5765 } catch (RemoteException re) { 5766 throw re.rethrowFromSystemServer(); 5767 } 5768 } 5769 5770 /** 5771 * Returns if provisioning a managed profile or device is possible or not. 5772 * @param action One of {@link #ACTION_PROVISION_MANAGED_DEVICE}, 5773 * {@link #ACTION_PROVISION_MANAGED_PROFILE}. 5774 * @return if provisioning a managed profile or device is possible or not. 5775 * @throws IllegalArgumentException if the supplied action is not valid. 5776 */ isProvisioningAllowed(String action)5777 public boolean isProvisioningAllowed(String action) { 5778 throwIfParentInstance("isProvisioningAllowed"); 5779 try { 5780 return mService.isProvisioningAllowed(action); 5781 } catch (RemoteException re) { 5782 throw re.rethrowFromSystemServer(); 5783 } 5784 } 5785 5786 /** 5787 * Return if this user is a managed profile of another user. An admin can become the profile 5788 * owner of a managed profile with {@link #ACTION_PROVISION_MANAGED_PROFILE} and of a managed 5789 * user with {@link #createAndManageUser} 5790 * @param admin Which profile owner this request is associated with. 5791 * @return if this user is a managed profile of another user. 5792 */ isManagedProfile(@onNull ComponentName admin)5793 public boolean isManagedProfile(@NonNull ComponentName admin) { 5794 throwIfParentInstance("isManagedProfile"); 5795 try { 5796 return mService.isManagedProfile(admin); 5797 } catch (RemoteException re) { 5798 throw re.rethrowFromSystemServer(); 5799 } 5800 } 5801 5802 /** 5803 * @hide 5804 * Return if this user is a system-only user. An admin can manage a device from a system only 5805 * user by calling {@link #ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE}. 5806 * @param admin Which device owner this request is associated with. 5807 * @return if this user is a system-only user. 5808 */ isSystemOnlyUser(@onNull ComponentName admin)5809 public boolean isSystemOnlyUser(@NonNull ComponentName admin) { 5810 try { 5811 return mService.isSystemOnlyUser(admin); 5812 } catch (RemoteException re) { 5813 throw re.rethrowFromSystemServer(); 5814 } 5815 } 5816 5817 /** 5818 * Called by device owner to get the MAC address of the Wi-Fi device. 5819 * 5820 * @param admin Which device owner this request is associated with. 5821 * @return the MAC address of the Wi-Fi device, or null when the information is not available. 5822 * (For example, Wi-Fi hasn't been enabled, or the device doesn't support Wi-Fi.) 5823 * <p> 5824 * The address will be in the {@code XX:XX:XX:XX:XX:XX} format. 5825 * @throws SecurityException if {@code admin} is not a device owner. 5826 */ getWifiMacAddress(@onNull ComponentName admin)5827 public String getWifiMacAddress(@NonNull ComponentName admin) { 5828 throwIfParentInstance("getWifiMacAddress"); 5829 try { 5830 return mService.getWifiMacAddress(admin); 5831 } catch (RemoteException re) { 5832 throw re.rethrowFromSystemServer(); 5833 } 5834 } 5835 5836 /** 5837 * Called by device owner to reboot the device. If there is an ongoing call on the device, 5838 * throws an {@link IllegalStateException}. 5839 * @param admin Which device owner the request is associated with. 5840 * @throws IllegalStateException if device has an ongoing call. 5841 * @throws SecurityException if {@code admin} is not a device owner. 5842 * @see TelephonyManager#CALL_STATE_IDLE 5843 */ reboot(@onNull ComponentName admin)5844 public void reboot(@NonNull ComponentName admin) { 5845 throwIfParentInstance("reboot"); 5846 try { 5847 mService.reboot(admin); 5848 } catch (RemoteException re) { 5849 throw re.rethrowFromSystemServer(); 5850 } 5851 } 5852 5853 /** 5854 * Called by a device admin to set the short support message. This will be displayed to the user 5855 * in settings screens where funtionality has been disabled by the admin. The message should be 5856 * limited to a short statement such as "This setting is disabled by your administrator. Contact 5857 * someone@example.com for support." If the message is longer than 200 characters it may be 5858 * truncated. 5859 * <p> 5860 * If the short support message needs to be localized, it is the responsibility of the 5861 * {@link DeviceAdminReceiver} to listen to the {@link Intent#ACTION_LOCALE_CHANGED} broadcast 5862 * and set a new version of this string accordingly. 5863 * 5864 * @see #setLongSupportMessage 5865 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5866 * @param message Short message to be displayed to the user in settings or null to clear the 5867 * existing message. 5868 * @throws SecurityException if {@code admin} is not an active administrator. 5869 */ setShortSupportMessage(@onNull ComponentName admin, @Nullable CharSequence message)5870 public void setShortSupportMessage(@NonNull ComponentName admin, 5871 @Nullable CharSequence message) { 5872 throwIfParentInstance("setShortSupportMessage"); 5873 if (mService != null) { 5874 try { 5875 mService.setShortSupportMessage(admin, message); 5876 } catch (RemoteException e) { 5877 throw e.rethrowFromSystemServer(); 5878 } 5879 } 5880 } 5881 5882 /** 5883 * Called by a device admin to get the short support message. 5884 * 5885 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5886 * @return The message set by {@link #setShortSupportMessage(ComponentName, CharSequence)} or 5887 * null if no message has been set. 5888 * @throws SecurityException if {@code admin} is not an active administrator. 5889 */ getShortSupportMessage(@onNull ComponentName admin)5890 public CharSequence getShortSupportMessage(@NonNull ComponentName admin) { 5891 throwIfParentInstance("getShortSupportMessage"); 5892 if (mService != null) { 5893 try { 5894 return mService.getShortSupportMessage(admin); 5895 } catch (RemoteException e) { 5896 throw e.rethrowFromSystemServer(); 5897 } 5898 } 5899 return null; 5900 } 5901 5902 /** 5903 * Called by a device admin to set the long support message. This will be displayed to the user 5904 * in the device administators settings screen. 5905 * <p> 5906 * If the long support message needs to be localized, it is the responsibility of the 5907 * {@link DeviceAdminReceiver} to listen to the {@link Intent#ACTION_LOCALE_CHANGED} broadcast 5908 * and set a new version of this string accordingly. 5909 * 5910 * @see #setShortSupportMessage 5911 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5912 * @param message Long message to be displayed to the user in settings or null to clear the 5913 * existing message. 5914 * @throws SecurityException if {@code admin} is not an active administrator. 5915 */ setLongSupportMessage(@onNull ComponentName admin, @Nullable CharSequence message)5916 public void setLongSupportMessage(@NonNull ComponentName admin, 5917 @Nullable CharSequence message) { 5918 throwIfParentInstance("setLongSupportMessage"); 5919 if (mService != null) { 5920 try { 5921 mService.setLongSupportMessage(admin, message); 5922 } catch (RemoteException e) { 5923 throw e.rethrowFromSystemServer(); 5924 } 5925 } 5926 } 5927 5928 /** 5929 * Called by a device admin to get the long support message. 5930 * 5931 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5932 * @return The message set by {@link #setLongSupportMessage(ComponentName, CharSequence)} or 5933 * null if no message has been set. 5934 * @throws SecurityException if {@code admin} is not an active administrator. 5935 */ getLongSupportMessage(@onNull ComponentName admin)5936 public CharSequence getLongSupportMessage(@NonNull ComponentName admin) { 5937 throwIfParentInstance("getLongSupportMessage"); 5938 if (mService != null) { 5939 try { 5940 return mService.getLongSupportMessage(admin); 5941 } catch (RemoteException e) { 5942 throw e.rethrowFromSystemServer(); 5943 } 5944 } 5945 return null; 5946 } 5947 5948 /** 5949 * Called by the system to get the short support message. 5950 * 5951 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5952 * @param userHandle user id the admin is running as. 5953 * @return The message set by {@link #setShortSupportMessage(ComponentName, CharSequence)} 5954 * 5955 * @hide 5956 */ getShortSupportMessageForUser(@onNull ComponentName admin, int userHandle)5957 public CharSequence getShortSupportMessageForUser(@NonNull ComponentName admin, 5958 int userHandle) { 5959 if (mService != null) { 5960 try { 5961 return mService.getShortSupportMessageForUser(admin, userHandle); 5962 } catch (RemoteException e) { 5963 throw e.rethrowFromSystemServer(); 5964 } 5965 } 5966 return null; 5967 } 5968 5969 5970 /** 5971 * Called by the system to get the long support message. 5972 * 5973 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 5974 * @param userHandle user id the admin is running as. 5975 * @return The message set by {@link #setLongSupportMessage(ComponentName, CharSequence)} 5976 * 5977 * @hide 5978 */ getLongSupportMessageForUser(@onNull ComponentName admin, int userHandle)5979 public CharSequence getLongSupportMessageForUser(@NonNull ComponentName admin, int userHandle) { 5980 if (mService != null) { 5981 try { 5982 return mService.getLongSupportMessageForUser(admin, userHandle); 5983 } catch (RemoteException e) { 5984 throw e.rethrowFromSystemServer(); 5985 } 5986 } 5987 return null; 5988 } 5989 5990 /** 5991 * Called by the profile owner of a managed profile to obtain a {@link DevicePolicyManager} 5992 * whose calls act on the parent profile. 5993 * 5994 * <p>The following methods are supported for the parent instance, all other methods will 5995 * throw a SecurityException when called on the parent instance: 5996 * <ul> 5997 * <li>{@link #getPasswordQuality}</li> 5998 * <li>{@link #setPasswordQuality}</li> 5999 * <li>{@link #getPasswordMinimumLength}</li> 6000 * <li>{@link #setPasswordMinimumLength}</li> 6001 * <li>{@link #getPasswordMinimumUpperCase}</li> 6002 * <li>{@link #setPasswordMinimumUpperCase}</li> 6003 * <li>{@link #getPasswordMinimumLowerCase}</li> 6004 * <li>{@link #setPasswordMinimumLowerCase}</li> 6005 * <li>{@link #getPasswordMinimumLetters}</li> 6006 * <li>{@link #setPasswordMinimumLetters}</li> 6007 * <li>{@link #getPasswordMinimumNumeric}</li> 6008 * <li>{@link #setPasswordMinimumNumeric}</li> 6009 * <li>{@link #getPasswordMinimumSymbols}</li> 6010 * <li>{@link #setPasswordMinimumSymbols}</li> 6011 * <li>{@link #getPasswordMinimumNonLetter}</li> 6012 * <li>{@link #setPasswordMinimumNonLetter}</li> 6013 * <li>{@link #getPasswordHistoryLength}</li> 6014 * <li>{@link #setPasswordHistoryLength}</li> 6015 * <li>{@link #getPasswordExpirationTimeout}</li> 6016 * <li>{@link #setPasswordExpirationTimeout}</li> 6017 * <li>{@link #getPasswordExpiration}</li> 6018 * <li>{@link #isActivePasswordSufficient}</li> 6019 * <li>{@link #getCurrentFailedPasswordAttempts}</li> 6020 * <li>{@link #getMaximumFailedPasswordsForWipe}</li> 6021 * <li>{@link #setMaximumFailedPasswordsForWipe}</li> 6022 * <li>{@link #getMaximumTimeToLock}</li> 6023 * <li>{@link #setMaximumTimeToLock}</li> 6024 * <li>{@link #lockNow}</li> 6025 * <li>{@link #getKeyguardDisabledFeatures}</li> 6026 * <li>{@link #setKeyguardDisabledFeatures}</li> 6027 * <li>{@link #getTrustAgentConfiguration}</li> 6028 * <li>{@link #setTrustAgentConfiguration}</li> 6029 * </ul> 6030 * 6031 * @return a new instance of {@link DevicePolicyManager} that acts on the parent profile. 6032 * @throws SecurityException if {@code admin} is not a profile owner. 6033 */ getParentProfileInstance(@onNull ComponentName admin)6034 public DevicePolicyManager getParentProfileInstance(@NonNull ComponentName admin) { 6035 throwIfParentInstance("getParentProfileInstance"); 6036 try { 6037 if (!mService.isManagedProfile(admin)) { 6038 throw new SecurityException("The current user does not have a parent profile."); 6039 } 6040 return new DevicePolicyManager(mContext, true); 6041 } catch (RemoteException e) { 6042 throw e.rethrowFromSystemServer(); 6043 } 6044 } 6045 6046 /** 6047 * Called by device owner to control the security logging feature. Logging can only be 6048 * enabled on single user devices where the sole user is managed by the device owner. 6049 * 6050 * <p> Security logs contain various information intended for security auditing purposes. 6051 * See {@link SecurityEvent} for details. 6052 * 6053 * <p>There must be only one user on the device, managed by the device owner. 6054 * Otherwise a {@link SecurityException} will be thrown. 6055 * 6056 * @param admin Which device owner this request is associated with. 6057 * @param enabled whether security logging should be enabled or not. 6058 * @throws SecurityException if {@code admin} is not a device owner. 6059 * @see #retrieveSecurityLogs 6060 */ setSecurityLoggingEnabled(@onNull ComponentName admin, boolean enabled)6061 public void setSecurityLoggingEnabled(@NonNull ComponentName admin, boolean enabled) { 6062 throwIfParentInstance("setSecurityLoggingEnabled"); 6063 try { 6064 mService.setSecurityLoggingEnabled(admin, enabled); 6065 } catch (RemoteException re) { 6066 throw re.rethrowFromSystemServer(); 6067 } 6068 } 6069 6070 /** 6071 * Return whether security logging is enabled or not by the device owner. 6072 * 6073 * <p>Can only be called by the device owner, otherwise a {@link SecurityException} will be 6074 * thrown. 6075 * 6076 * @param admin Which device owner this request is associated with. 6077 * @return {@code true} if security logging is enabled by device owner, {@code false} otherwise. 6078 * @throws SecurityException if {@code admin} is not a device owner. 6079 */ isSecurityLoggingEnabled(@onNull ComponentName admin)6080 public boolean isSecurityLoggingEnabled(@NonNull ComponentName admin) { 6081 throwIfParentInstance("isSecurityLoggingEnabled"); 6082 try { 6083 return mService.isSecurityLoggingEnabled(admin); 6084 } catch (RemoteException re) { 6085 throw re.rethrowFromSystemServer(); 6086 } 6087 } 6088 6089 /** 6090 * Called by device owner to retrieve all new security logging entries since the last call to 6091 * this API after device boots. 6092 * 6093 * <p> Access to the logs is rate limited and it will only return new logs after the device 6094 * owner has been notified via {@link DeviceAdminReceiver#onSecurityLogsAvailable}. 6095 * 6096 * <p>There must be only one user on the device, managed by the device owner. 6097 * Otherwise a {@link SecurityException} will be thrown. 6098 * 6099 * @param admin Which device owner this request is associated with. 6100 * @return the new batch of security logs which is a list of {@link SecurityEvent}, 6101 * or {@code null} if rate limitation is exceeded or if logging is currently disabled. 6102 * @throws SecurityException if {@code admin} is not a device owner. 6103 */ retrieveSecurityLogs(@onNull ComponentName admin)6104 public List<SecurityEvent> retrieveSecurityLogs(@NonNull ComponentName admin) { 6105 throwIfParentInstance("retrieveSecurityLogs"); 6106 try { 6107 ParceledListSlice<SecurityEvent> list = mService.retrieveSecurityLogs(admin); 6108 if (list != null) { 6109 return list.getList(); 6110 } else { 6111 // Rate limit exceeded. 6112 return null; 6113 } 6114 } catch (RemoteException re) { 6115 throw re.rethrowFromSystemServer(); 6116 } 6117 } 6118 6119 /** 6120 * Called by the system to obtain a {@link DevicePolicyManager} whose calls act on the parent 6121 * profile. 6122 * 6123 * @hide 6124 */ getParentProfileInstance(UserInfo uInfo)6125 public DevicePolicyManager getParentProfileInstance(UserInfo uInfo) { 6126 mContext.checkSelfPermission( 6127 android.Manifest.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 6128 if (!uInfo.isManagedProfile()) { 6129 throw new SecurityException("The user " + uInfo.id 6130 + " does not have a parent profile."); 6131 } 6132 return new DevicePolicyManager(mContext, true); 6133 } 6134 6135 /** 6136 * Called by device owners to retrieve device logs from before the device's last reboot. 6137 * <p> 6138 * <strong> This API is not supported on all devices. Calling this API on unsupported devices 6139 * will result in {@code null} being returned. The device logs are retrieved from a RAM region 6140 * which is not guaranteed to be corruption-free during power cycles, as a result be cautious 6141 * about data corruption when parsing. </strong> 6142 * <p> 6143 * There must be only one user on the device, managed by the device owner. Otherwise a 6144 * {@link SecurityException} will be thrown. 6145 * 6146 * @param admin Which device owner this request is associated with. 6147 * @return Device logs from before the latest reboot of the system, or {@code null} if this API 6148 * is not supported on the device. 6149 * @throws SecurityException if {@code admin} is not a device owner. 6150 */ retrievePreRebootSecurityLogs(@onNull ComponentName admin)6151 public List<SecurityEvent> retrievePreRebootSecurityLogs(@NonNull ComponentName admin) { 6152 throwIfParentInstance("retrievePreRebootSecurityLogs"); 6153 try { 6154 ParceledListSlice<SecurityEvent> list = mService.retrievePreRebootSecurityLogs(admin); 6155 if (list != null) { 6156 return list.getList(); 6157 } else { 6158 return null; 6159 } 6160 } catch (RemoteException re) { 6161 throw re.rethrowFromSystemServer(); 6162 } 6163 } 6164 6165 /** 6166 * Called by a profile owner of a managed profile to set the color used for customization. This 6167 * color is used as background color of the confirm credentials screen for that user. The 6168 * default color is teal (#00796B). 6169 * <p> 6170 * The confirm credentials screen can be created using 6171 * {@link android.app.KeyguardManager#createConfirmDeviceCredentialIntent}. 6172 * 6173 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 6174 * @param color The 24bit (0xRRGGBB) representation of the color to be used. 6175 * @throws SecurityException if {@code admin} is not a profile owner. 6176 */ setOrganizationColor(@onNull ComponentName admin, int color)6177 public void setOrganizationColor(@NonNull ComponentName admin, int color) { 6178 throwIfParentInstance("setOrganizationColor"); 6179 try { 6180 // always enforce alpha channel to have 100% opacity 6181 color |= 0xFF000000; 6182 mService.setOrganizationColor(admin, color); 6183 } catch (RemoteException re) { 6184 throw re.rethrowFromSystemServer(); 6185 } 6186 } 6187 6188 /** 6189 * @hide 6190 * 6191 * Sets the color used for customization. 6192 * 6193 * @param color The 24bit (0xRRGGBB) representation of the color to be used. 6194 * @param userId which user to set the color to. 6195 * @RequiresPermission(allOf = { 6196 * Manifest.permission.MANAGE_USERS, 6197 * Manifest.permission.INTERACT_ACROSS_USERS_FULL}) 6198 */ setOrganizationColorForUser(@olorInt int color, @UserIdInt int userId)6199 public void setOrganizationColorForUser(@ColorInt int color, @UserIdInt int userId) { 6200 try { 6201 // always enforce alpha channel to have 100% opacity 6202 color |= 0xFF000000; 6203 mService.setOrganizationColorForUser(color, userId); 6204 } catch (RemoteException re) { 6205 throw re.rethrowFromSystemServer(); 6206 } 6207 } 6208 6209 /** 6210 * Called by a profile owner of a managed profile to retrieve the color used for customization. 6211 * This color is used as background color of the confirm credentials screen for that user. 6212 * 6213 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 6214 * @return The 24bit (0xRRGGBB) representation of the color to be used. 6215 * @throws SecurityException if {@code admin} is not a profile owner. 6216 */ getOrganizationColor(@onNull ComponentName admin)6217 public @ColorInt int getOrganizationColor(@NonNull ComponentName admin) { 6218 throwIfParentInstance("getOrganizationColor"); 6219 try { 6220 return mService.getOrganizationColor(admin); 6221 } catch (RemoteException re) { 6222 throw re.rethrowFromSystemServer(); 6223 } 6224 } 6225 6226 /** 6227 * @hide 6228 * Retrieve the customization color for a given user. 6229 * 6230 * @param userHandle The user id of the user we're interested in. 6231 * @return The 24bit (0xRRGGBB) representation of the color to be used. 6232 */ getOrganizationColorForUser(int userHandle)6233 public @ColorInt int getOrganizationColorForUser(int userHandle) { 6234 try { 6235 return mService.getOrganizationColorForUser(userHandle); 6236 } catch (RemoteException re) { 6237 throw re.rethrowFromSystemServer(); 6238 } 6239 } 6240 6241 /** 6242 * Called by a profile owner of a managed profile to set the name of the organization under 6243 * management. 6244 * <p> 6245 * If the organization name needs to be localized, it is the responsibility of the 6246 * {@link DeviceAdminReceiver} to listen to the {@link Intent#ACTION_LOCALE_CHANGED} broadcast 6247 * and set a new version of this string accordingly. 6248 * 6249 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 6250 * @param title The organization name or {@code null} to clear a previously set name. 6251 * @throws SecurityException if {@code admin} is not a profile owner. 6252 */ setOrganizationName(@onNull ComponentName admin, @Nullable CharSequence title)6253 public void setOrganizationName(@NonNull ComponentName admin, @Nullable CharSequence title) { 6254 throwIfParentInstance("setOrganizationName"); 6255 try { 6256 mService.setOrganizationName(admin, title); 6257 } catch (RemoteException re) { 6258 throw re.rethrowFromSystemServer(); 6259 } 6260 } 6261 6262 /** 6263 * Called by a profile owner of a managed profile to retrieve the name of the organization under 6264 * management. 6265 * 6266 * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 6267 * @return The organization name or {@code null} if none is set. 6268 * @throws SecurityException if {@code admin} is not a profile owner. 6269 */ getOrganizationName(@onNull ComponentName admin)6270 public CharSequence getOrganizationName(@NonNull ComponentName admin) { 6271 throwIfParentInstance("getOrganizationName"); 6272 try { 6273 return mService.getOrganizationName(admin); 6274 } catch (RemoteException re) { 6275 throw re.rethrowFromSystemServer(); 6276 } 6277 } 6278 6279 /** 6280 * Retrieve the default title message used in the confirm credentials screen for a given user. 6281 * 6282 * @param userHandle The user id of the user we're interested in. 6283 * @return The organization name or {@code null} if none is set. 6284 * 6285 * @hide 6286 */ getOrganizationNameForUser(int userHandle)6287 public CharSequence getOrganizationNameForUser(int userHandle) { 6288 try { 6289 return mService.getOrganizationNameForUser(userHandle); 6290 } catch (RemoteException re) { 6291 throw re.rethrowFromSystemServer(); 6292 } 6293 } 6294 6295 /** 6296 * @return the {@link UserProvisioningState} for the current user - for unmanaged users will 6297 * return {@link #STATE_USER_UNMANAGED} 6298 * @hide 6299 */ 6300 @SystemApi 6301 @UserProvisioningState getUserProvisioningState()6302 public int getUserProvisioningState() { 6303 throwIfParentInstance("getUserProvisioningState"); 6304 if (mService != null) { 6305 try { 6306 return mService.getUserProvisioningState(); 6307 } catch (RemoteException e) { 6308 throw e.rethrowFromSystemServer(); 6309 } 6310 } 6311 return STATE_USER_UNMANAGED; 6312 } 6313 6314 /** 6315 * Set the {@link UserProvisioningState} for the supplied user, if they are managed. 6316 * 6317 * @param state to store 6318 * @param userHandle for user 6319 * @hide 6320 */ setUserProvisioningState(@serProvisioningState int state, int userHandle)6321 public void setUserProvisioningState(@UserProvisioningState int state, int userHandle) { 6322 if (mService != null) { 6323 try { 6324 mService.setUserProvisioningState(state, userHandle); 6325 } catch (RemoteException e) { 6326 throw e.rethrowFromSystemServer(); 6327 } 6328 } 6329 } 6330 6331 /** 6332 * @hide 6333 * Indicates the entity that controls the device or profile owner. A user/profile is considered 6334 * affiliated if it is managed by the same entity as the device. 6335 * 6336 * <p> By definition, the user that the device owner runs on is always affiliated. Any other 6337 * user/profile is considered affiliated if the following conditions are both met: 6338 * <ul> 6339 * <li>The device owner and the user's/profile's profile owner have called this method, 6340 * specifying a set of opaque affiliation ids each. If the sets specified by the device owner 6341 * and a profile owner intersect, they must have come from the same source, which means that 6342 * the device owner and profile owner are controlled by the same entity.</li> 6343 * <li>The device owner's and profile owner's package names are the same.</li> 6344 * </ul> 6345 * 6346 * @param admin Which profile or device owner this request is associated with. 6347 * @param ids A set of opaque affiliation ids. 6348 */ setAffiliationIds(@onNull ComponentName admin, Set<String> ids)6349 public void setAffiliationIds(@NonNull ComponentName admin, Set<String> ids) { 6350 throwIfParentInstance("setAffiliationIds"); 6351 try { 6352 mService.setAffiliationIds(admin, new ArrayList<String>(ids)); 6353 } catch (RemoteException e) { 6354 throw e.rethrowFromSystemServer(); 6355 } 6356 } 6357 6358 /** 6359 * @hide 6360 * Returns whether this user/profile is affiliated with the device. See 6361 * {@link #setAffiliationIds} for the definition of affiliation. 6362 * 6363 * @return whether this user/profile is affiliated with the device. 6364 */ isAffiliatedUser()6365 public boolean isAffiliatedUser() { 6366 throwIfParentInstance("isAffiliatedUser"); 6367 try { 6368 return mService != null && mService.isAffiliatedUser(); 6369 } catch (RemoteException e) { 6370 throw e.rethrowFromSystemServer(); 6371 } 6372 } 6373 6374 /** 6375 * @hide 6376 * Returns whether the uninstall for {@code packageName} for the current user is in queue 6377 * to be started 6378 * @param packageName the package to check for 6379 * @return whether the uninstall intent for {@code packageName} is pending 6380 */ isUninstallInQueue(String packageName)6381 public boolean isUninstallInQueue(String packageName) { 6382 try { 6383 return mService.isUninstallInQueue(packageName); 6384 } catch (RemoteException re) { 6385 throw re.rethrowFromSystemServer(); 6386 } 6387 } 6388 6389 /** 6390 * @hide 6391 * @param packageName the package containing active DAs to be uninstalled 6392 */ uninstallPackageWithActiveAdmins(String packageName)6393 public void uninstallPackageWithActiveAdmins(String packageName) { 6394 try { 6395 mService.uninstallPackageWithActiveAdmins(packageName); 6396 } catch (RemoteException re) { 6397 throw re.rethrowFromSystemServer(); 6398 } 6399 } 6400 6401 /** 6402 * @hide 6403 * Remove a test admin synchronously without sending it a broadcast about being removed. 6404 * If the admin is a profile owner or device owner it will still be removed. 6405 * 6406 * @param userHandle user id to remove the admin for. 6407 * @param admin The administration compononent to remove. 6408 * @throws SecurityException if the caller is not shell / root or the admin package 6409 * isn't a test application see {@link ApplicationInfo#FLAG_TEST_APP}. 6410 */ forceRemoveActiveAdmin(ComponentName adminReceiver, int userHandle)6411 public void forceRemoveActiveAdmin(ComponentName adminReceiver, int userHandle) { 6412 try { 6413 mService.forceRemoveActiveAdmin(adminReceiver, userHandle); 6414 } catch (RemoteException re) { 6415 throw re.rethrowFromSystemServer(); 6416 } 6417 } 6418 throwIfParentInstance(String functionName)6419 private void throwIfParentInstance(String functionName) { 6420 if (mParentInstance) { 6421 throw new SecurityException(functionName + " cannot be called on the parent instance"); 6422 } 6423 } 6424 } 6425