Merge "Add new API createAndProvisionManagedProfile in DPM"

package android.app.admin {

  public class DevicePolicyManager {

    method @Nullable public android.os.UserHandle createAndProvisionManagedProfile(@NonNull android.app.admin.ManagedProfileProvisioningParams) throws android.app.admin.ProvisioningException;

    method public void forceUpdateUserSetupComplete();

    method public long getLastBugReportRequestTime();

    method public long getLastNetworkLogRetrievalTime();

    method @NonNull public static String operationToString(int);

    method @RequiresPermission("android.permission.MANAGE_DEVICE_ADMINS") public void setNextOperationSafety(int, boolean);

    field public static final String ACTION_DATA_SHARING_RESTRICTION_APPLIED = "android.app.action.DATA_SHARING_RESTRICTION_APPLIED";

    field public static final String ACTION_MANAGED_PROFILE_CREATED = "android.app.action.MANAGED_PROFILE_CREATED";

    field public static final int OPERATION_CLEAR_APPLICATION_USER_DATA = 23; // 0x17

    field public static final int OPERATION_CREATE_AND_MANAGE_USER = 5; // 0x5

    field public static final int OPERATION_INSTALL_CA_CERT = 24; // 0x18

    field public static final int OPERATION_SWITCH_USER = 2; // 0x2

    field public static final int OPERATION_UNINSTALL_CA_CERT = 40; // 0x28

    field public static final int OPERATION_WIPE_DATA = 8; // 0x8

    field public static final int PROVISIONING_RESULT_ADMIN_PACKAGE_INSTALLATION_FAILED = 3; // 0x3

    field public static final int PROVISIONING_RESULT_PRE_CONDITION_FAILED = 1; // 0x1

    field public static final int PROVISIONING_RESULT_PROFILE_CREATION_FAILED = 2; // 0x2

    field public static final int PROVISIONING_RESULT_SETTING_PROFILE_OWNER_FAILED = 4; // 0x4

    field public static final int PROVISIONING_RESULT_STARTING_PROFILE_FAILED = 5; // 0x5

  }

  public final class ManagedProfileProvisioningParams implements android.os.Parcelable {

    method public int describeContents();

    method @Nullable public android.accounts.Account getAccountToMigrate();

    method @NonNull public String getOwnerName();

    method @NonNull public android.content.ComponentName getProfileAdminComponentName();

    method @Nullable public String getProfileName();

    method public boolean isKeepAccountMigrated();

    method public boolean isLeaveAllSystemAppsEnabled();

    method public boolean isOrganizationOwnedProvisioning();

    method public void writeToParcel(@NonNull android.os.Parcel, @Nullable int);

    field @NonNull public static final android.os.Parcelable.Creator<android.app.admin.ManagedProfileProvisioningParams> CREATOR;

  }

  public static final class ManagedProfileProvisioningParams.Builder {

    ctor public ManagedProfileProvisioningParams.Builder(@NonNull android.content.ComponentName, @NonNull String);

    method @NonNull public android.app.admin.ManagedProfileProvisioningParams build();

    method @NonNull public android.app.admin.ManagedProfileProvisioningParams.Builder setAccountToMigrate(@Nullable android.accounts.Account);

    method @NonNull public android.app.admin.ManagedProfileProvisioningParams.Builder setKeepAccountMigrated(boolean);

    method @NonNull public android.app.admin.ManagedProfileProvisioningParams.Builder setLeaveAllSystemAppsEnabled(boolean);

    method @NonNull public android.app.admin.ManagedProfileProvisioningParams.Builder setOrganizationOwnedProvisioning(boolean);

    method @NonNull public android.app.admin.ManagedProfileProvisioningParams.Builder setProfileName(@Nullable String);

  }

  public class ProvisioningException extends android.util.AndroidException {

    ctor public ProvisioningException(@NonNull Exception, int);

    method public int getProvisioningResult();

  }

  public static final class SecurityLog.SecurityEvent implements android.os.Parcelable {

    })

    public @interface ProvisioningPreCondition {}

    /**

     * Service-specific error code for {@link #createAndProvisionManagedProfile}:

     * Indicates the call to {@link #checkProvisioningPreCondition} returned an error code.

     *

     * @hide

     */

    @TestApi

    public static final int PROVISIONING_RESULT_PRE_CONDITION_FAILED = 1;

    /**

     * Service-specific error code for {@link #createAndProvisionManagedProfile}:

     * Indicates the call to {@link UserManager#createProfileForUserEvenWhenDisallowed}

     * returned {@code null}.

     *

     * @hide

     */

    @TestApi

    public static final int PROVISIONING_RESULT_PROFILE_CREATION_FAILED = 2;

    /**

     * Service-specific error code for {@link #createAndProvisionManagedProfile}:

     * Indicates the call to {@link PackageManager#installExistingPackageAsUser} has failed.

     *

     * @hide

     */

    @TestApi

    public static final int PROVISIONING_RESULT_ADMIN_PACKAGE_INSTALLATION_FAILED = 3;

    /**

     * Service-specific error code for {@link #createAndProvisionManagedProfile}:

     * Indicates the call to {@link #setProfileOwner} returned {@code false}.

     *

     * @hide

     */

    @TestApi

    public static final int PROVISIONING_RESULT_SETTING_PROFILE_OWNER_FAILED = 4;

    /**

     * Service-specific error code for {@link #createAndProvisionManagedProfile}:

     * Indicates that starting the newly created profile has failed.

     *

     * @hide

     */

    @TestApi

    public static final int PROVISIONING_RESULT_STARTING_PROFILE_FAILED = 5;

    /**

     * Service-specific error codes for {@link #createAndProvisionManagedProfile} indicating

     * all the errors during provisioning.

     *

     * @hide

     */

    @Retention(RetentionPolicy.SOURCE)

    @IntDef(prefix = { "PROVISIONING_RESULT_" }, value = {

            PROVISIONING_RESULT_PRE_CONDITION_FAILED, PROVISIONING_RESULT_PROFILE_CREATION_FAILED,

            PROVISIONING_RESULT_ADMIN_PACKAGE_INSTALLATION_FAILED,

            PROVISIONING_RESULT_SETTING_PROFILE_OWNER_FAILED,

            PROVISIONING_RESULT_STARTING_PROFILE_FAILED

    })

    public @interface ProvisioningResult {}

    /**

     * Disable all configurable SystemUI features during LockTask mode. This includes,

     * <ul>

    public static final String ACTION_SHOW_NEW_USER_DISCLAIMER =

            "android.app.action.ACTION_SHOW_NEW_USER_DISCLAIMER";

    /**

     * Broadcast action: notify managed provisioning that a new managed profile is created.

     *

     * @hide

     */

    @TestApi

    @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION)

    public static final String ACTION_MANAGED_PROFILE_CREATED =

            "android.app.action.MANAGED_PROFILE_CREATED";

    /**

     * Widgets are enabled in keyguard

     */

            throw re.rethrowFromSystemServer();

        }

    }

    /**

     * Creates and provisions a managed profile and sets the

     * {@link ManagedProfileProvisioningParams#getProfileAdminComponentName()} as the profile

     * owner.

     *

     * <p>The method {@link #checkProvisioningPreCondition} must be returning {@link #CODE_OK}

     * before calling this method.

     *

     * @param provisioningParams Params required to provision a managed profile,

     * see {@link ManagedProfileProvisioningParams}.

     * @return The {@link UserHandle} of the created profile or {@code null} if the service is

     * not available.

     * @throws SecurityException if the caller does not hold

     * {@link android.Manifest.permission#MANAGE_PROFILE_AND_DEVICE_OWNERS}.

     * @throws ProvisioningException if an error occurred during provisioning.

     * @hide

     */

    @Nullable

    @TestApi

    public UserHandle createAndProvisionManagedProfile(

            @NonNull ManagedProfileProvisioningParams provisioningParams)

            throws ProvisioningException {

        if (mService == null) {

            return null;

        }

        try {

            return mService.createAndProvisionManagedProfile(provisioningParams);

        } catch (ServiceSpecificException e) {

            throw new ProvisioningException(e, e.errorCode);

        } catch (RemoteException e) {

            throw e.rethrowFromSystemServer();

        }

    }

}

import android.app.admin.SystemUpdatePolicy;

import android.app.admin.PasswordMetrics;

import android.app.admin.FactoryResetProtectionPolicy;

import android.app.admin.ManagedProfileProvisioningParams;

import android.content.ComponentName;

import android.content.Intent;

import android.content.IntentFilter;

    String getEnrollmentSpecificId(String callerPackage);

    void setOrganizationIdForUser(in String callerPackage, in String enterpriseId, int userId);

    UserHandle createAndProvisionManagedProfile(in ManagedProfileProvisioningParams provisioningParams);

}

/*

 * Copyright (C) 2021 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package android.app.admin;

parcelable ManagedProfileProvisioningParams;

/*

 * Copyright (C) 2021 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package android.app.admin;

import static java.util.Objects.requireNonNull;

import android.accounts.Account;

import android.annotation.NonNull;

import android.annotation.Nullable;

import android.annotation.TestApi;

import android.content.ComponentName;

import android.os.Parcel;

import android.os.Parcelable;

/**

 * Params required to provision a managed profile, see

 * {@link DevicePolicyManager#createAndProvisionManagedProfile}.

 *

 * @hide

 */

@TestApi

public final class ManagedProfileProvisioningParams implements Parcelable {

    @NonNull private final ComponentName mProfileAdminComponentName;

    @NonNull private final String mOwnerName;

    @Nullable private final String mProfileName;

    @Nullable private final Account mAccountToMigrate;

    private final boolean mLeaveAllSystemAppsEnabled;

    private final boolean mOrganizationOwnedProvisioning;

    private final boolean mKeepAccountMigrated;

    private ManagedProfileProvisioningParams(

            @NonNull ComponentName profileAdminComponentName,

            @NonNull String ownerName,

            @Nullable String profileName,

            @Nullable Account accountToMigrate,

            boolean leaveAllSystemAppsEnabled,

            boolean organizationOwnedProvisioning,

            boolean keepAccountMigrated) {

        this.mProfileAdminComponentName = requireNonNull(profileAdminComponentName);

        this.mOwnerName = requireNonNull(ownerName);

        this.mProfileName = profileName;

        this.mAccountToMigrate = accountToMigrate;

        this.mLeaveAllSystemAppsEnabled = leaveAllSystemAppsEnabled;

        this.mOrganizationOwnedProvisioning = organizationOwnedProvisioning;

        this.mKeepAccountMigrated = keepAccountMigrated;

    }

    @NonNull

    public ComponentName getProfileAdminComponentName() {

        return mProfileAdminComponentName;

    }

    @NonNull

    public String getOwnerName() {

        return mOwnerName;

    }

    @Nullable

    public String getProfileName() {

        return mProfileName;

    }

    @Nullable

    public Account getAccountToMigrate() {

        return mAccountToMigrate;

    }

    public boolean isLeaveAllSystemAppsEnabled() {

        return mLeaveAllSystemAppsEnabled;

    }

    public boolean isOrganizationOwnedProvisioning() {

        return mOrganizationOwnedProvisioning;

    }

    public boolean isKeepAccountMigrated() {

        return mKeepAccountMigrated;

    }

    /**

     * Builder class for {@link ManagedProfileProvisioningParams} objects.

     */

    public static final class Builder {

        @NonNull private final ComponentName mProfileAdminComponentName;

        @NonNull private final String mOwnerName;

        @Nullable private String mProfileName;

        @Nullable private Account mAccountToMigrate;

        private boolean mLeaveAllSystemAppsEnabled;

        private boolean mOrganizationOwnedProvisioning;

        private boolean mKeepAccountMigrated;

        /**

         * Initialize a new {@link Builder) to construct a {@link ManagedProfileProvisioningParams}.

         * <p>

         * See {@link DevicePolicyManager#createAndProvisionManagedProfile}

         *

         * @param profileAdminComponentName The admin {@link ComponentName} to be set as the profile

         * owner.

         * @param ownerName The name of the profile owner.

         *

         * @throws NullPointerException if {@code profileAdminComponentName} or

         * {@code ownerName} are null.

         */

        public Builder(

                @NonNull ComponentName profileAdminComponentName, @NonNull String ownerName) {

            requireNonNull(profileAdminComponentName);

            requireNonNull(ownerName);

            this.mProfileAdminComponentName = profileAdminComponentName;

            this.mOwnerName = ownerName;

        }

        /**

         * Sets the profile name of the created profile when

         * {@link DevicePolicyManager#createAndProvisionManagedProfile} is called. Defaults to

         * {@code null} if not set.

         */

        @NonNull

        public Builder setProfileName(@Nullable String profileName) {

            this.mProfileName = profileName;

            return this;

        }

        /**

         * Sets the {@link Account} to migrate from the parent profile to the created profile when

         * {@link DevicePolicyManager#createAndProvisionManagedProfile} is called. If not set, or

         * set to {@code null}, no accounts will be migrated.

         */

        @NonNull

        public Builder setAccountToMigrate(@Nullable Account accountToMigrate) {

            this.mAccountToMigrate = accountToMigrate;

            return this;

        }

        /**

         * Sets whether non-required system apps should be installed on

         * the created profile when {@link DevicePolicyManager#createAndProvisionManagedProfile}

         * is called. Defaults to {@code false} if not set.

         */

        @NonNull

        public Builder setLeaveAllSystemAppsEnabled(boolean leaveAllSystemAppsEnabled) {

            this.mLeaveAllSystemAppsEnabled = leaveAllSystemAppsEnabled;

            return this;

        }

        /**

         * Sets if this device is owned by an organization. Defaults to {@code false}

         * if not set.

         */

        @NonNull

        public Builder setOrganizationOwnedProvisioning(boolean organizationOwnedProvisioning) {

            this.mOrganizationOwnedProvisioning = organizationOwnedProvisioning;

            return this;

        }

        /**

         * Sets whether to keep the account on the parent profile during account migration.

         * Defaults to {@code false}.

         */

        @NonNull

        public Builder setKeepAccountMigrated(boolean keepAccountMigrated) {

            this.mKeepAccountMigrated = keepAccountMigrated;

            return this;

        }

        /**

         * Combines all of the attributes that have been set on this {@code Builder}.

         *

         * @return a new {@link ManagedProfileProvisioningParams} object.

         */

        @NonNull

        public ManagedProfileProvisioningParams build() {

            return new ManagedProfileProvisioningParams(

                    mProfileAdminComponentName,

                    mOwnerName,

                    mProfileName,

                    mAccountToMigrate,

                    mLeaveAllSystemAppsEnabled,

                    mOrganizationOwnedProvisioning,

                    mKeepAccountMigrated);

        }

    }

    @Override

    public int describeContents() {

        return 0;

    }

    @Override

    public String toString() {

        return "ManagedProfileProvisioningParams{"

                + "mProfileAdminComponentName=" + mProfileAdminComponentName

                + ", mOwnerName=" + mOwnerName

                + ", mProfileName=" + (mProfileName == null ? "null" : mProfileName)

                + ", mAccountToMigrate=" + (mAccountToMigrate == null ? "null" : mAccountToMigrate)

                + ", mLeaveAllSystemAppsEnabled=" + mLeaveAllSystemAppsEnabled

                + ", mOrganizationOwnedProvisioning=" + mOrganizationOwnedProvisioning

                + ", mKeepAccountMigrated=" + mKeepAccountMigrated

                + '}';

    }

    @Override

    public void writeToParcel(@NonNull Parcel dest, @Nullable int flags) {

        dest.writeTypedObject(mProfileAdminComponentName, flags);

        dest.writeString(mOwnerName);

        dest.writeString(mProfileName);

        dest.writeTypedObject(mAccountToMigrate, flags);

        dest.writeBoolean(mLeaveAllSystemAppsEnabled);

        dest.writeBoolean(mOrganizationOwnedProvisioning);

        dest.writeBoolean(mKeepAccountMigrated);

    }

    public static final @NonNull Creator<ManagedProfileProvisioningParams> CREATOR =

            new Creator<ManagedProfileProvisioningParams>() {

                @Override

                public ManagedProfileProvisioningParams createFromParcel(Parcel in) {

                    ComponentName componentName = in.readTypedObject(ComponentName.CREATOR);

                    String ownerName = in.readString();

                    String profileName = in.readString();

                    Account account = in.readTypedObject(Account.CREATOR);

                    boolean leaveAllSystemAppsEnabled = in.readBoolean();

                    boolean organizationOwnedProvisioning = in.readBoolean();

                    boolean keepAccountMigrated = in.readBoolean();

                    return new ManagedProfileProvisioningParams(

                            componentName,

                            ownerName,

                            profileName,

                            account,

                            leaveAllSystemAppsEnabled,

                            organizationOwnedProvisioning,

                            keepAccountMigrated);

                }

                @Override

                public ManagedProfileProvisioningParams[] newArray(int size) {

                    return new ManagedProfileProvisioningParams[size];

                }

            };

}