Merge "Allow COPE DPC to confirm compliance explicitly" into sc-dev

    method public void onBugreportShared(@NonNull android.content.Context, @NonNull android.content.Intent, @NonNull String);

    method public void onBugreportSharingDeclined(@NonNull android.content.Context, @NonNull android.content.Intent);

    method @Nullable public String onChoosePrivateKeyAlias(@NonNull android.content.Context, @NonNull android.content.Intent, int, @Nullable android.net.Uri, @Nullable String);

    method public void onComplianceAcknowledgementRequired(@NonNull android.content.Context, @NonNull android.content.Intent);

    method @Nullable public CharSequence onDisableRequested(@NonNull android.content.Context, @NonNull android.content.Intent);

    method public void onDisabled(@NonNull android.content.Context, @NonNull android.content.Intent);

    method public void onEnabled(@NonNull android.content.Context, @NonNull android.content.Intent);

  }

  public class DevicePolicyManager {

    method public void acknowledgeDeviceCompliant();

    method public void addCrossProfileIntentFilter(@NonNull android.content.ComponentName, android.content.IntentFilter, int);

    method public boolean addCrossProfileWidgetProvider(@NonNull android.content.ComponentName, String);

    method public int addOverrideApn(@NonNull android.content.ComponentName, @NonNull android.telephony.data.ApnSetting);

    method public boolean isBackupServiceEnabled(@NonNull android.content.ComponentName);

    method @Deprecated public boolean isCallerApplicationRestrictionsManagingPackage();

    method public boolean isCommonCriteriaModeEnabled(@Nullable android.content.ComponentName);

    method public boolean isComplianceAcknowledgementRequired();

    method public boolean isDeviceIdAttestationSupported();

    method public boolean isDeviceOwnerApp(String);

    method public boolean isEnterpriseNetworkPreferenceEnabled();

    public static final String ACTION_OPERATION_SAFETY_STATE_CHANGED =

            "android.app.action.OPERATION_SAFETY_STATE_CHANGED";

    /**

     * Broadcast action: notify the profile owner on an organization-owned device that it needs to

     * acknowledge device compliance.

     *

     * @hide

     */

    @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION)

    public static final String ACTION_COMPLIANCE_ACKNOWLEDGEMENT_REQUIRED =

            "android.app.action.COMPLIANCE_ACKNOWLEDGEMENT_REQUIRED";

    /**

     * An {@code int} extra specifying an {@link OperationSafetyReason}.

     *

        onOperationSafetyStateChanged(context, reason, isSafe);

    }

    /**

     * Called to notify a profile owner of an organization-owned device that it needs to acknowledge

     * device compliance to allow the user to turn the profile off if needed according to the

     * maximum profile time off policy.

     *

     * Default implementation acknowledges compliance immediately. DPC may prefer to override this

     * implementation to delay acknowledgement until a successful policy sync. Until compliance is

     * acknowledged the user is still free to turn the profile off, but the timer won't be reset,

     * so personal apps will be suspended sooner. This callback is delivered using a foreground

     * broadcast and should be handled quickly.

     *

     * @param context the running context as per {@link #onReceive}

     * @param intent The received intent as per {@link #onReceive}.

     *

     * @see DevicePolicyManager#acknowledgeDeviceCompliant()

     * @see DevicePolicyManager#isComplianceAcknowledgementRequired()

     * @see DevicePolicyManager#setManagedProfileMaximumTimeOff(ComponentName, long)

     */

    public void onComplianceAcknowledgementRequired(

            @NonNull Context context, @NonNull Intent intent) {

        getManager(context).acknowledgeDeviceCompliant();

    }

    private boolean hasRequiredExtra(Intent intent, String extra) {

        if (intent.hasExtra(extra)) return true;

                    intent.getParcelableExtra(Intent.EXTRA_USER));

        } else if (ACTION_OPERATION_SAFETY_STATE_CHANGED.equals(action)) {

            onOperationSafetyStateChanged(context, intent);

        } else if (ACTION_COMPLIANCE_ACKNOWLEDGEMENT_REQUIRED.equals(action)) {

            onComplianceAcknowledgementRequired(context, intent);

        }

    }

}

        return 0;

    }

    /**

     * Called by a profile owner of an organization-owned managed profile to acknowledge that the

     * device is compliant and the user can turn the profile off if needed according to the maximum

     * time off policy.

     *

     * This method should be called when the device is deemed compliant after getting

     * {@link DeviceAdminReceiver#onComplianceAcknowledgementRequired(Context, Intent)} callback in

     * case it is overridden. Before this method is called the user is still free to turn the

     * profile off, but the timer won't be reset, so personal apps will be suspended sooner.

     *

     * DPCs only need acknowledging device compliance if they override

     * {@link DeviceAdminReceiver#onComplianceAcknowledgementRequired(Context, Intent)}, otherwise

     * compliance is acknowledged automatically.

     *

     * @throws IllegalStateException if the user isn't unlocked

     * @see #isComplianceAcknowledgementRequired()

     * @see #setManagedProfileMaximumTimeOff(ComponentName, long)

     * @see DeviceAdminReceiver#onComplianceAcknowledgementRequired(Context, Intent)

     */

    public void acknowledgeDeviceCompliant() {

        throwIfParentInstance("acknowledgeDeviceCompliant");

        if (mService != null) {

            try {

                mService.acknowledgeDeviceCompliant();

            } catch (RemoteException re) {

                throw re.rethrowFromSystemServer();

            }

        }

    }

    /**

     * Called by a profile owner of an organization-owned managed profile to query whether it needs

     * to acknowledge device compliance to allow the user to turn the profile off if needed

     * according to the maximum profile time off policy.

     *

     * Normally when acknowledgement is needed the DPC gets a

     * {@link DeviceAdminReceiver#onComplianceAcknowledgementRequired(Context, Intent)} callback.

     * But if the callback was not delivered or handled for some reason, this method can be used to

     * verify if acknowledgement is needed.

     *

     * @throws IllegalStateException if the user isn't unlocked

     * @see #acknowledgeDeviceCompliant()

     * @see #setManagedProfileMaximumTimeOff(ComponentName, long)

     * @see DeviceAdminReceiver#onComplianceAcknowledgementRequired(Context, Intent)

     */

    public boolean isComplianceAcknowledgementRequired() {

        throwIfParentInstance("isComplianceAcknowledgementRequired");

        if (mService != null) {

            try {

                return mService.isComplianceAcknowledgementRequired();

            } catch (RemoteException re) {

                throw re.rethrowFromSystemServer();

            }

        }

        return false;

    }

    /**

     * Returns {@code true} when {@code userId} has a profile owner that is capable of resetting

     * password in RUNNING_LOCKED state. For that it should have at least one direct boot aware

    long getManagedProfileMaximumTimeOff(in ComponentName admin);

    void setManagedProfileMaximumTimeOff(in ComponentName admin, long timeoutMs);

    void acknowledgeDeviceCompliant();

    boolean isComplianceAcknowledgementRequired();

    boolean canProfileOwnerResetPasswordWhenLocked(int userId);

    void setNextOperationSafety(int operation, int reason);

        return 0;

    }

    @Override

    public void acknowledgeDeviceCompliant() {}

    @Override

    public boolean isComplianceAcknowledgementRequired() {

        return false;

    }

    public boolean canProfileOwnerResetPasswordWhenLocked(int userId) {

        return false;

    }