1 /* 2 * Copyright (C) 2014 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.app.admin; 18 19 import android.annotation.UserIdInt; 20 import android.content.Intent; 21 22 import java.util.List; 23 24 /** 25 * Device policy manager local system service interface. 26 * 27 * @hide Only for use within the system server. 28 */ 29 public abstract class DevicePolicyManagerInternal { 30 31 /** 32 * Listener for changes in the white-listed packages to show cross-profile 33 * widgets. 34 */ 35 public interface OnCrossProfileWidgetProvidersChangeListener { 36 37 /** 38 * Called when the white-listed packages to show cross-profile widgets 39 * have changed for a given user. 40 * 41 * @param profileId The profile for which the white-listed packages changed. 42 * @param packages The white-listed packages. 43 */ onCrossProfileWidgetProvidersChanged(int profileId, List<String> packages)44 public void onCrossProfileWidgetProvidersChanged(int profileId, List<String> packages); 45 } 46 47 /** 48 * Gets the packages whose widget providers are white-listed to be 49 * available in the parent user. 50 * 51 * <p>This takes the DPMS lock. DO NOT call from PM/UM/AM with their lock held. 52 * 53 * @param profileId The profile id. 54 * @return The list of packages if such or empty list if there are 55 * no white-listed packages or the profile id is not a managed 56 * profile. 57 */ getCrossProfileWidgetProviders(int profileId)58 public abstract List<String> getCrossProfileWidgetProviders(int profileId); 59 60 /** 61 * Adds a listener for changes in the white-listed packages to show 62 * cross-profile app widgets. 63 * 64 * <p>This takes the DPMS lock. DO NOT call from PM/UM/AM with their lock held. 65 * 66 * @param listener The listener to add. 67 */ addOnCrossProfileWidgetProvidersChangeListener( OnCrossProfileWidgetProvidersChangeListener listener)68 public abstract void addOnCrossProfileWidgetProvidersChangeListener( 69 OnCrossProfileWidgetProvidersChangeListener listener); 70 71 /** 72 * Checks if an app with given uid is an active device admin of its user and has the policy 73 * specified. 74 * 75 * <p>This takes the DPMS lock. DO NOT call from PM/UM/AM with their lock held. 76 * 77 * @param uid App uid. 78 * @param reqPolicy Required policy, for policies see {@link DevicePolicyManager}. 79 * @return true if the uid is an active admin with the given policy. 80 */ isActiveAdminWithPolicy(int uid, int reqPolicy)81 public abstract boolean isActiveAdminWithPolicy(int uid, int reqPolicy); 82 83 /** 84 * Creates an intent to show the admin support dialog to say that an action is disallowed by 85 * the device/profile owner. 86 * 87 * <p>This method does not take the DPMS lock. Safe to be called from anywhere. 88 * @param userId The user where the action is disallowed. 89 * @param useDefaultIfNoAdmin If true, a non-null intent will be returned, even if we couldn't 90 * find a profile/device owner. 91 * @return The intent to trigger the admin support dialog. 92 */ createShowAdminSupportIntent(int userId, boolean useDefaultIfNoAdmin)93 public abstract Intent createShowAdminSupportIntent(int userId, boolean useDefaultIfNoAdmin); 94 95 /** 96 * Creates an intent to show the admin support dialog showing the admin who has set a user 97 * restriction. 98 * 99 * <p>This method does not take the DPMS lock. Safe to be called from anywhere. 100 * @param userId The user where the user restriction is set. 101 * @return The intent to trigger the admin support dialog, or null if the user restriction is 102 * not enforced by the profile/device owner. 103 */ createUserRestrictionSupportIntent(int userId, String userRestriction)104 public abstract Intent createUserRestrictionSupportIntent(int userId, String userRestriction); 105 106 /** 107 * Returns whether this user/profile is affiliated with the device. 108 * 109 * <p> 110 * By definition, the user that the device owner runs on is always affiliated with the device. 111 * Any other user/profile is considered affiliated with the device if the set specified by its 112 * profile owner via {@link DevicePolicyManager#setAffiliationIds} intersects with the device 113 * owner's. 114 * <p> 115 * Profile owner on the primary user will never be considered as affiliated as there is no 116 * device owner to be affiliated with. 117 */ isUserAffiliatedWithDevice(int userId)118 public abstract boolean isUserAffiliatedWithDevice(int userId); 119 120 /** 121 * Reports that a profile has changed to use a unified or separate credential. 122 * 123 * @param userId User ID of the profile. 124 */ reportSeparateProfileChallengeChanged(@serIdInt int userId)125 public abstract void reportSeparateProfileChallengeChanged(@UserIdInt int userId); 126 127 /** 128 * Check whether the user could have their password reset in an untrusted manor due to there 129 * being an admin which can call {@link #resetPassword} to reset the password without knowledge 130 * of the previous password. 131 * 132 * @param userId The user in question 133 */ canUserHaveUntrustedCredentialReset(@serIdInt int userId)134 public abstract boolean canUserHaveUntrustedCredentialReset(@UserIdInt int userId); 135 136 /** 137 * Return text of error message if printing is disabled. 138 * Called by Print Service when printing is disabled by PO or DO when printing is attempted. 139 * 140 * @param userId The user in question 141 * @return localized error message 142 */ getPrintingDisabledReasonForUser(@serIdInt int userId)143 public abstract CharSequence getPrintingDisabledReasonForUser(@UserIdInt int userId); 144 145 /** 146 * @return cached version of DPM policies that can be accessed without risking deadlocks. 147 * Do not call it directly. Use {@link DevicePolicyCache#getInstance()} instead. 148 */ getDevicePolicyCache()149 protected abstract DevicePolicyCache getDevicePolicyCache(); 150 } 151