Merge "Indicator for admin control over sensor permission grants" into sc-dev am: 1b15e79c

    method public void addPersistentPreferredActivity(@NonNull android.content.ComponentName, android.content.IntentFilter, @NonNull android.content.ComponentName);

    method public void addUserRestriction(@NonNull android.content.ComponentName, String);

    method public boolean bindDeviceAdminServiceAsUser(@NonNull android.content.ComponentName, android.content.Intent, @NonNull android.content.ServiceConnection, int, @NonNull android.os.UserHandle);

    method public boolean canAdminGrantSensorsPermissions();

    method public void clearApplicationUserData(@NonNull android.content.ComponentName, @NonNull String, @NonNull java.util.concurrent.Executor, @NonNull android.app.admin.DevicePolicyManager.OnClearApplicationUserDataListener);

    method public void clearCrossProfileIntentFilters(@NonNull android.content.ComponentName);

    method @Deprecated public void clearDeviceOwnerApp(String);

    field public static final String EXTRA_PROVISIONING_LOGO_URI = "android.app.extra.PROVISIONING_LOGO_URI";

    field public static final String EXTRA_PROVISIONING_MAIN_COLOR = "android.app.extra.PROVISIONING_MAIN_COLOR";

    field public static final String EXTRA_PROVISIONING_MODE = "android.app.extra.PROVISIONING_MODE";

    field public static final String EXTRA_PROVISIONING_PERMISSION_GRANT_OPT_OUT = "android.app.extra.PROVISIONING_PERMISSION_GRANT_OPT_OUT";

    field public static final String EXTRA_PROVISIONING_SERIAL_NUMBER = "android.app.extra.PROVISIONING_SERIAL_NUMBER";

    field public static final String EXTRA_PROVISIONING_SKIP_EDUCATION_SCREENS = "android.app.extra.PROVISIONING_SKIP_EDUCATION_SCREENS";

    field public static final String EXTRA_PROVISIONING_SKIP_ENCRYPTION = "android.app.extra.PROVISIONING_SKIP_ENCRYPTION";

  }

  public class DevicePolicyManager {

    method public boolean canAdminGrantSensorsPermissionsForUser(int);

    method @RequiresPermission(android.Manifest.permission.INTERACT_ACROSS_USERS) public boolean getBluetoothContactSharingDisabled(@NonNull android.os.UserHandle);

    method @Nullable @RequiresPermission(android.Manifest.permission.MANAGE_USERS) public String getDeviceOwner();

    method @RequiresPermission(android.Manifest.permission.MANAGE_USERS) public android.content.ComponentName getDeviceOwnerComponentOnAnyUser();

  }

  public final class FullyManagedDeviceProvisioningParams implements android.os.Parcelable {

    method public boolean canDeviceOwnerGrantSensorsPermissions();

    method public int describeContents();

    method @NonNull public android.content.ComponentName getDeviceAdminComponentName();

    method public long getLocalTime();

  public static final class FullyManagedDeviceProvisioningParams.Builder {

    ctor public FullyManagedDeviceProvisioningParams.Builder(@NonNull android.content.ComponentName, @NonNull String);

    method @NonNull public android.app.admin.FullyManagedDeviceProvisioningParams build();

    method @NonNull public android.app.admin.FullyManagedDeviceProvisioningParams.Builder setDeviceOwnerCanGrantSensorsPermissions(boolean);

    method @NonNull public android.app.admin.FullyManagedDeviceProvisioningParams.Builder setLeaveAllSystemAppsEnabled(boolean);

    method @NonNull public android.app.admin.FullyManagedDeviceProvisioningParams.Builder setLocalTime(long);

    method @NonNull public android.app.admin.FullyManagedDeviceProvisioningParams.Builder setLocale(@Nullable java.util.Locale);

     */

    public abstract int getPermissionPolicy(@UserIdInt int userHandle);

    /**

     * Caches {@link DevicePolicyManager#canAdminGrantSensorsPermissionsForUser(int)} for the

     * given user.

     */

    public abstract boolean canAdminGrantSensorsPermissionsForUser(@UserIdInt int userHandle);

    /**

     * Empty implementation.

     */

        public int getPermissionPolicy(int userHandle) {

            return DevicePolicyManager.PERMISSION_POLICY_PROMPT;

        }

        @Override

        public boolean canAdminGrantSensorsPermissionsForUser(int userHandle) {

            return false;

        }

    }

}

    public static final String EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_CHECKSUM

        = "android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_CHECKSUM";

    /**

     * A boolean extra indicating the admin of a fully-managed device opts out of controlling

     * permission grants for sensor-related permissions,

     * see {@link #setPermissionGrantState(ComponentName, String, String, int)}.

     *

     * The default for this extra is {@code false} - by default, the admin of a fully-managed

     * device has the ability to grant sensors-related permissions.

     *

     * <p>Use with {@link #ACTION_PROVISION_MANAGED_DEVICE} only.

     */

    public static final String EXTRA_PROVISIONING_PERMISSION_GRANT_OPT_OUT =

            "android.app.extra.PROVISIONING_PERMISSION_GRANT_OPT_OUT";

    /**

     * A String extra holding the URL-safe base64 encoded SHA-256 checksum of any signature of the

     * android package archive at the download location specified in {@link

     * As this policy only acts on runtime permission requests, it only applies to applications

     * built with a {@code targetSdkVersion} of {@link android.os.Build.VERSION_CODES#M} or later.

     *

     * <p>

     * NOTE: On devices running {@link android.os.Build.VERSION_CODES#S} and above, an auto-grant

     * policy will not apply to certain sensors-related permissions on some configurations.

     * See {@link #setPermissionGrantState(ComponentName, String, String, int)} for the list of

     * permissions affected, and the behavior change for managed profiles and fully-managed

     * devices.

     *

     * @param admin Which profile or device owner this request is associated with.

     * @param policy One of the policy constants {@link #PERMISSION_POLICY_PROMPT},

     *            {@link #PERMISSION_POLICY_AUTO_GRANT} and {@link #PERMISSION_POLICY_AUTO_DENY}.

     * application built with a {@code targetSdkVersion} <

     * {@link android.os.Build.VERSION_CODES#M} the app-op matching the permission is set to

     * {@link android.app.AppOpsManager#MODE_IGNORED}, but the permission stays granted.

     * <p>

     * NOTE: On devices running {@link android.os.Build.VERSION_CODES#S} and above, control over

     * the following, sensors-related, permissions is restricted:

     * <ul>

     *    <li>Manifest.permission.ACCESS_FINE_LOCATION</li>

     *    <li>Manifest.permission.ACCESS_BACKGROUND_LOCATION</li>

     *    <li>Manifest.permission.ACCESS_COARSE_LOCATION</li>

     *    <li>Manifest.permission.CAMERA</li>

     *    <li>Manifest.permission.RECORD_AUDIO</li>

     *    <li>Manifest.permission.RECORD_BACKGROUND_AUDIO</li>

     *    <li>Manifest.permission.ACTIVITY_RECOGNITION</li>

     *    <li>Manifest.permission.BODY_SENSORS</li>

     * </ul>

     * <p>

     * A profile owner may not grant these permissions (i.e. call this method with any of the

     * permissions listed above and {@code grantState} of {@code #PERMISSION_GRANT_STATE_GRANTED}),

     * but may deny them.

     * <p>

     * A device owner, by default, may continue granting these permissions. However, for increased

     * user control, the admin may opt out of controlling grants for these permissions by including

     * {@link #EXTRA_PROVISIONING_PERMISSION_GRANT_OPT_OUT} in the provisioning parameters. In that

     * case the device owner's control will be limited do denying these permissions.

     * <p>

     * Attempts by the admin to grant these permissions, when the admin is restricted from doing

     * so, will be silently ignored (no exception will be thrown).

     *

     * @param admin Which profile or device owner this request is associated with.

     * @param packageName The application to grant or revoke a permission to.

            }

        }

    }

    /**

     * Returns true if the caller is running on a device where the admin can grant

     * permissions related to device sensors.

     * This is a signal that the device is a fully-managed device where personal usage is

     * discouraged.

     * The list of permissions is listed in

     * {@link #setPermissionGrantState(ComponentName, String, String, int)}.

     *

     * May be called by any app.

     * @return true if the app can grant device sensors-related permissions, false otherwise.

     */

    public boolean canAdminGrantSensorsPermissions() {

        return canAdminGrantSensorsPermissionsForUser(myUserId());

    }

    /**

     * Returns true if the admin can control grants of sensors-related permissions, for

     * a given user.

     *

     * @hide

     * @param userId The ID of the user to check.

     * @return if the admin may grant these permissions, false otherwise.

     */

    @SystemApi

    public boolean canAdminGrantSensorsPermissionsForUser(int userId) {

        if (mService == null) {

            return false;

        }

        try {

            return mService.canAdminGrantSensorsPermissionsForUser(userId);

        } catch (RemoteException re) {

            throw re.rethrowFromSystemServer();

        }

    }

}