Merge "Add permission and constants for appfunctions device policy" into main

    field public static final String MANAGE_DEVICE_POLICY_ACROSS_USERS_SECURITY_CRITICAL = "android.permission.MANAGE_DEVICE_POLICY_ACROSS_USERS_SECURITY_CRITICAL";

    field public static final String MANAGE_DEVICE_POLICY_AIRPLANE_MODE = "android.permission.MANAGE_DEVICE_POLICY_AIRPLANE_MODE";

    field public static final String MANAGE_DEVICE_POLICY_APPS_CONTROL = "android.permission.MANAGE_DEVICE_POLICY_APPS_CONTROL";

    field @FlaggedApi("android.app.appfunctions.flags.enable_app_function_manager") public static final String MANAGE_DEVICE_POLICY_APP_FUNCTIONS = "android.permission.MANAGE_DEVICE_POLICY_APP_FUNCTIONS";

    field public static final String MANAGE_DEVICE_POLICY_APP_RESTRICTIONS = "android.permission.MANAGE_DEVICE_POLICY_APP_RESTRICTIONS";

    field public static final String MANAGE_DEVICE_POLICY_APP_USER_DATA = "android.permission.MANAGE_DEVICE_POLICY_APP_USER_DATA";

    field public static final String MANAGE_DEVICE_POLICY_ASSIST_CONTENT = "android.permission.MANAGE_DEVICE_POLICY_ASSIST_CONTENT";

    field public static final String ACTION_SET_NEW_PASSWORD = "android.app.action.SET_NEW_PASSWORD";

    field public static final String ACTION_START_ENCRYPTION = "android.app.action.START_ENCRYPTION";

    field public static final String ACTION_SYSTEM_UPDATE_POLICY_CHANGED = "android.app.action.SYSTEM_UPDATE_POLICY_CHANGED";

    field @FlaggedApi("android.app.appfunctions.flags.enable_app_function_manager") public static final int APP_FUNCTIONS_DISABLED = 1; // 0x1

    field @FlaggedApi("android.app.appfunctions.flags.enable_app_function_manager") public static final int APP_FUNCTIONS_DISABLED_CROSS_PROFILE = 2; // 0x2

    field @FlaggedApi("android.app.appfunctions.flags.enable_app_function_manager") public static final int APP_FUNCTIONS_NOT_CONTROLLED_BY_POLICY = 0; // 0x0

    field @FlaggedApi("android.app.admin.flags.set_auto_time_enabled_coexistence") public static final int AUTO_TIME_DISABLED = 1; // 0x1

    field @FlaggedApi("android.app.admin.flags.set_auto_time_enabled_coexistence") public static final int AUTO_TIME_ENABLED = 2; // 0x2

    field @FlaggedApi("android.app.admin.flags.set_auto_time_enabled_coexistence") public static final int AUTO_TIME_NOT_CONTROLLED_BY_POLICY = 0; // 0x0

        return CONTENT_PROTECTION_DISABLED;

    }

    /**

     * Indicates that app functions are not controlled by policy.

     *

     * <p>If no admin set this policy, it means appfunctions are enabled.

     */

    @FlaggedApi(android.app.appfunctions.flags.Flags.FLAG_ENABLE_APP_FUNCTION_MANAGER)

    public static final int APP_FUNCTIONS_NOT_CONTROLLED_BY_POLICY = 0;

    /** Indicates that app functions are controlled and disabled by a policy. */

    @FlaggedApi(android.app.appfunctions.flags.Flags.FLAG_ENABLE_APP_FUNCTION_MANAGER)

    public static final int APP_FUNCTIONS_DISABLED = 1;

    /**

     * Indicates that app functions are controlled and disabled by a policy for cross profile

     * interactions only.

     *

     * <p>This is different from {@link #APP_FUNCTIONS_DISABLED} in that it only disables cross

     * profile interactions (even if the caller has permissions required to interact across users).

     * appfunctions can still be used within the a user profile boundary.

     */

    @FlaggedApi(android.app.appfunctions.flags.Flags.FLAG_ENABLE_APP_FUNCTION_MANAGER)

    public static final int APP_FUNCTIONS_DISABLED_CROSS_PROFILE = 2;

    /** @hide */

    @IntDef(

            prefix = {"APP_FUNCTIONS_"},

            value = {

                    APP_FUNCTIONS_NOT_CONTROLLED_BY_POLICY,

                    APP_FUNCTIONS_DISABLED,

                    APP_FUNCTIONS_DISABLED_CROSS_PROFILE

            })

    @Retention(RetentionPolicy.SOURCE)

    public @interface AppFunctionsPolicy {}

    /**

     * This object is a single place to tack on invalidation and disable calls.  All

     * binder caches in this class derive from this Config, so all can be invalidated or

    <permission android:name="android.permission.MANAGE_DEVICE_POLICY_CONTENT_PROTECTION"

                android:protectionLevel="internal|role" />

    <!-- Allows an application to manage policy related to AppFunctions.

        <p>Protection level: internal|role

        @FlaggedApi(android.app.appfunctions.flags.Flags.FLAG_ENABLE_APP_FUNCTION_MANAGER)

    -->

    <permission android:name="android.permission.MANAGE_DEVICE_POLICY_APP_FUNCTIONS"

        android:featureFlag="android.app.appfunctions.flags.enable_app_function_manager"

        android:protectionLevel="internal|role" />

    <!-- Allows an application to set policy related to subscriptions downloaded by an admin.

        <p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call

        APIs protected by this permission on users different to the calling user.