Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 0bb962c1 authored by Srinivas Paladugu's avatar Srinivas Paladugu
Browse files

Add new dpm api to disable user control over apps 

Setting a package as protected prevents user from clearing app data and
force stopping apps from Settings and Launcher. Added two apis
* setProtectedPackages()
* getProtectedPackages()

Bug: 135486391
Test: atest DevicePolicyManagerTest
Change-Id: I28858aca89a52ba06af033a24da43f394ed79a0e
parent 0c6d9b48

api/current.txt

+2 −0
Original line number Diff line number Diff line
@@ -6781,6 +6781,7 @@ package android.app.admin { 
    method @Nullable public java.util.List<java.lang.String> getPermittedAccessibilityServices(@NonNull android.content.ComponentName);

    method @Nullable public java.util.List<java.lang.String> getPermittedCrossProfileNotificationListeners(@NonNull android.content.ComponentName);

    method @Nullable public java.util.List<java.lang.String> getPermittedInputMethods(@NonNull android.content.ComponentName);

    method @NonNull public java.util.List<java.lang.String> getProtectedPackages(@NonNull android.content.ComponentName);

    method public long getRequiredStrongAuthTimeout(@Nullable android.content.ComponentName);

    method public boolean getScreenCaptureDisabled(@Nullable android.content.ComponentName);

    method public java.util.List<android.os.UserHandle> getSecondaryUsers(@NonNull android.content.ComponentName);
@@ -6902,6 +6903,7 @@ package android.app.admin { 
    method public boolean setPermittedInputMethods(@NonNull android.content.ComponentName, java.util.List<java.lang.String>);

    method public void setProfileEnabled(@NonNull android.content.ComponentName);

    method public void setProfileName(@NonNull android.content.ComponentName, String);

    method public void setProtectedPackages(@NonNull android.content.ComponentName, @NonNull java.util.List<java.lang.String>);

    method public void setRecommendedGlobalProxy(@NonNull android.content.ComponentName, @Nullable android.net.ProxyInfo);

    method public void setRequiredStrongAuthTimeout(@NonNull android.content.ComponentName, long);

    method public boolean setResetPasswordToken(android.content.ComponentName, byte[]);

core/java/android/app/admin/DevicePolicyManager.java

+35 −0
Original line number Diff line number Diff line
@@ -11276,4 +11276,39 @@ public class DevicePolicyManager { 
        }

        return false;

    }



    /**

     * Called by Device owner to set packages as protected. User will not be able to clear app

     * data or force-stop protected packages.

     *

     * @param admin which {@link DeviceAdminReceiver} this request is associated with

     * @param packages The package names to protect.

     * @throws SecurityException if {@code admin} is not a device owner.

     */

    public void setProtectedPackages(@NonNull ComponentName admin, @NonNull List<String> packages) {

        if (mService != null) {

            try {

                mService.setProtectedPackages(admin, packages);

            } catch (RemoteException re) {

                throw re.rethrowFromSystemServer();

            }

        }

    }



    /**

     * Returns the list of packages protected by the device owner.

     *

     * @param admin which {@link DeviceAdminReceiver} this request is associated with

     * @throws SecurityException if {@code admin} is not a device owner.

     */

    public @NonNull List<String> getProtectedPackages(@NonNull ComponentName admin) {

        if (mService != null) {

            try {

                return mService.getProtectedPackages(admin);

            } catch (RemoteException re) {

                throw re.rethrowFromSystemServer();

            }

        }

        return Collections.emptyList();

    }

}

core/java/android/app/admin/IDevicePolicyManager.aidl

+4 −0
Original line number Diff line number Diff line
@@ -450,4 +450,8 @@ interface IDevicePolicyManager { 
    boolean startViewCalendarEventInManagedProfile(String packageName, long eventId, long start, long end, boolean allDay, int flags);



    boolean setKeyGrantForApp(in ComponentName admin, String callerPackage, String alias, String packageName, boolean hasGrant);



    void setProtectedPackages(in ComponentName admin, in List<String> packages);



    List<String> getProtectedPackages(in ComponentName admin);

}

core/proto/android/stats/devicepolicy/device_policy_enums.proto

+1 −0
Original line number Diff line number Diff line
@@ -153,4 +153,5 @@ enum EventId { 
  CROSS_PROFILE_APPS_START_ACTIVITY_AS_USER = 126;

  SET_AUTO_TIME = 127;

  SET_AUTO_TIME_ZONE = 128;

  SET_PACKAGES_PROTECTED = 129;

}

services/core/java/android/content/pm/PackageManagerInternal.java

+6 −0
Original line number Diff line number Diff line
@@ -281,6 +281,12 @@ public abstract class PackageManagerInternal { 
    public abstract void setDeviceAndProfileOwnerPackages(

            int deviceOwnerUserId, String deviceOwner, SparseArray<String> profileOwners);



    /**

     * Called by DevicePolicyManagerService to set the package names protected by the device

     * owner.

     */

    public abstract void setDeviceOwnerProtectedPackages(List<String> packageNames);



    /**

     * Returns {@code true} if a given package can't be wiped. Otherwise, returns {@code false}.

     */