Loading api/current.txt +2 −0 Original line number Diff line number Diff line Loading @@ -5030,6 +5030,7 @@ package android.app.admin { method public void clearUserRestriction(android.content.ComponentName, java.lang.String); method public void enableSystemApp(android.content.ComponentName, java.lang.String); method public int enableSystemApp(android.content.ComponentName, android.content.Intent); method public java.lang.String[] getAccountTypesWithManagementDisabled(); method public java.util.List<android.content.ComponentName> getActiveAdmins(); method public android.os.Bundle getApplicationRestrictions(android.content.ComponentName, java.lang.String); method public boolean getCameraDisabled(android.content.ComponentName); Loading Loading @@ -5059,6 +5060,7 @@ package android.app.admin { method public void lockNow(); method public void removeActiveAdmin(android.content.ComponentName); method public boolean resetPassword(java.lang.String, int); method public void setAccountManagementDisabled(android.content.ComponentName, java.lang.String, boolean); method public void setApplicationRestrictions(android.content.ComponentName, java.lang.String, android.os.Bundle); method public void setCameraDisabled(android.content.ComponentName, boolean); method public void setKeyguardDisabledFeatures(android.content.ComponentName, int); core/java/android/app/admin/DevicePolicyManager.java +44 −0 Original line number Diff line number Diff line Loading @@ -2061,6 +2061,28 @@ public class DevicePolicyManager { } } /** * Called by a profile owner to disable account management for a specific type of account. * * <p>The calling device admin must be a profile owner. If it is not, a * security exception will be thrown. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param accountType For which account management is disabled or enabled. * @param disabled The boolean indicating that account management will be disabled (true) or * enabled (false). */ public void setAccountManagementDisabled(ComponentName admin, String accountType, boolean disabled) { if (mService != null) { try { mService.setAccountManagementDisabled(admin, accountType, disabled); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } } /** * Called by profile or device owner to re-enable system apps by intent that were disabled * by default when the managed profile was created. This should only be called from a profile Loading @@ -2081,4 +2103,26 @@ public class DevicePolicyManager { } return 0; } /** * Gets the array of accounts for which account management is disabled by the profile owner. * * <p> Account management can be disabled/enabled by calling * {@link #setAccountManagementDisabled}. * * @return a list of account types for which account management has been disabled. * * @see #setAccountManagementDisabled */ public String[] getAccountTypesWithManagementDisabled() { if (mService != null) { try { return mService.getAccountTypesWithManagementDisabled(); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } return null; } } core/java/android/app/admin/IDevicePolicyManager.aidl +3 −0 Original line number Diff line number Diff line Loading @@ -126,4 +126,7 @@ interface IDevicePolicyManager { void enableSystemApp(in ComponentName admin, in String packageName); int enableSystemAppWithIntent(in ComponentName admin, in Intent intent); void setAccountManagementDisabled(in ComponentName who, in String accountType, in boolean disabled); String[] getAccountTypesWithManagementDisabled(); } services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +68 −1 Original line number Diff line number Diff line Loading @@ -100,6 +100,7 @@ import java.util.ArrayList; import java.util.Collections; import java.util.Date; import java.util.HashMap; import java.util.HashSet; import java.util.List; import java.util.Set; Loading Loading @@ -232,6 +233,8 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { static class ActiveAdmin { private static final String TAG_DISABLE_KEYGUARD_FEATURES = "disable-keyguard-features"; private static final String TAG_DISABLE_CAMERA = "disable-camera"; private static final String TAG_DISABLE_ACCOUNT_MANAGEMENT = "disable-account-management"; private static final String TAG_ACCOUNT_TYPE = "account-type"; private static final String TAG_ENCRYPTION_REQUESTED = "encryption-requested"; private static final String TAG_PASSWORD_EXPIRATION_DATE = "password-expiration-date"; private static final String TAG_PASSWORD_EXPIRATION_TIMEOUT = "password-expiration-timeout"; Loading Loading @@ -297,6 +300,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { boolean encryptionRequested = false; boolean disableCamera = false; Set<String> accountTypesWithManagementDisabled = new HashSet<String>(); // TODO: review implementation decisions with frameworks team boolean specifiesGlobalProxy = false; Loading Loading @@ -413,6 +417,15 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { out.attribute(null, ATTR_VALUE, Integer.toString(disabledKeyguardFeatures)); out.endTag(null, TAG_DISABLE_KEYGUARD_FEATURES); } if (!accountTypesWithManagementDisabled.isEmpty()) { out.startTag(null, TAG_DISABLE_ACCOUNT_MANAGEMENT); for (String ac : accountTypesWithManagementDisabled) { out.startTag(null, TAG_ACCOUNT_TYPE); out.attribute(null, ATTR_VALUE, ac); out.endTag(null, TAG_ACCOUNT_TYPE); } out.endTag(null, TAG_DISABLE_ACCOUNT_MANAGEMENT); } } void readFromXml(XmlPullParser parser) Loading Loading @@ -484,6 +497,23 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } else if (TAG_DISABLE_KEYGUARD_FEATURES.equals(tag)) { disabledKeyguardFeatures = Integer.parseInt( parser.getAttributeValue(null, ATTR_VALUE)); } else if (TAG_DISABLE_ACCOUNT_MANAGEMENT.equals(tag)) { int outerDepthDAM = parser.getDepth(); int typeDAM; while ((typeDAM=parser.next()) != XmlPullParser.END_DOCUMENT && (typeDAM != XmlPullParser.END_TAG || parser.getDepth() > outerDepthDAM)) { if (typeDAM == XmlPullParser.END_TAG || typeDAM == XmlPullParser.TEXT) { continue; } String tagDAM = parser.getName(); if (TAG_ACCOUNT_TYPE.equals(tagDAM)) { accountTypesWithManagementDisabled.add( parser.getAttributeValue(null, ATTR_VALUE)); } else { Slog.w(LOG_TAG, "Unknown tag under " + tag + ": " + tagDAM); } } } else { Slog.w(LOG_TAG, "Unknown admin tag: " + tag); } Loading Loading @@ -3178,7 +3208,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { if (who == null) { throw new NullPointerException("ComponentName is null"); } getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER); int userId = UserHandle.getCallingUserId(); Loading Loading @@ -3277,4 +3306,42 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { ApplicationInfo appInfo = pm.getApplicationInfo(packageName, 0, userId); return (appInfo.flags & ApplicationInfo.FLAG_SYSTEM) > 0; } @Override public void setAccountManagementDisabled(ComponentName who, String accountType, boolean disabled) { if (!mHasFeature) { return; } synchronized (this) { if (who == null) { throw new NullPointerException("ComponentName is null"); } ActiveAdmin ap = getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER); if (disabled) { ap.accountTypesWithManagementDisabled.add(accountType); } else { ap.accountTypesWithManagementDisabled.remove(accountType); } saveSettingsLocked(UserHandle.getCallingUserId()); } } @Override public String[] getAccountTypesWithManagementDisabled() { if (!mHasFeature) { return null; } synchronized (this) { DevicePolicyData policy = getUserData(UserHandle.getCallingUserId()); final int N = policy.mAdminList.size(); HashSet<String> resultSet = new HashSet<String>(); for (int i = 0; i < N; i++) { ActiveAdmin admin = policy.mAdminList.get(i); resultSet.addAll(admin.accountTypesWithManagementDisabled); } return resultSet.toArray(new String[resultSet.size()]); } } } Loading
api/current.txt +2 −0 Original line number Diff line number Diff line Loading @@ -5030,6 +5030,7 @@ package android.app.admin { method public void clearUserRestriction(android.content.ComponentName, java.lang.String); method public void enableSystemApp(android.content.ComponentName, java.lang.String); method public int enableSystemApp(android.content.ComponentName, android.content.Intent); method public java.lang.String[] getAccountTypesWithManagementDisabled(); method public java.util.List<android.content.ComponentName> getActiveAdmins(); method public android.os.Bundle getApplicationRestrictions(android.content.ComponentName, java.lang.String); method public boolean getCameraDisabled(android.content.ComponentName); Loading Loading @@ -5059,6 +5060,7 @@ package android.app.admin { method public void lockNow(); method public void removeActiveAdmin(android.content.ComponentName); method public boolean resetPassword(java.lang.String, int); method public void setAccountManagementDisabled(android.content.ComponentName, java.lang.String, boolean); method public void setApplicationRestrictions(android.content.ComponentName, java.lang.String, android.os.Bundle); method public void setCameraDisabled(android.content.ComponentName, boolean); method public void setKeyguardDisabledFeatures(android.content.ComponentName, int);
core/java/android/app/admin/DevicePolicyManager.java +44 −0 Original line number Diff line number Diff line Loading @@ -2061,6 +2061,28 @@ public class DevicePolicyManager { } } /** * Called by a profile owner to disable account management for a specific type of account. * * <p>The calling device admin must be a profile owner. If it is not, a * security exception will be thrown. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param accountType For which account management is disabled or enabled. * @param disabled The boolean indicating that account management will be disabled (true) or * enabled (false). */ public void setAccountManagementDisabled(ComponentName admin, String accountType, boolean disabled) { if (mService != null) { try { mService.setAccountManagementDisabled(admin, accountType, disabled); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } } /** * Called by profile or device owner to re-enable system apps by intent that were disabled * by default when the managed profile was created. This should only be called from a profile Loading @@ -2081,4 +2103,26 @@ public class DevicePolicyManager { } return 0; } /** * Gets the array of accounts for which account management is disabled by the profile owner. * * <p> Account management can be disabled/enabled by calling * {@link #setAccountManagementDisabled}. * * @return a list of account types for which account management has been disabled. * * @see #setAccountManagementDisabled */ public String[] getAccountTypesWithManagementDisabled() { if (mService != null) { try { return mService.getAccountTypesWithManagementDisabled(); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } return null; } }
core/java/android/app/admin/IDevicePolicyManager.aidl +3 −0 Original line number Diff line number Diff line Loading @@ -126,4 +126,7 @@ interface IDevicePolicyManager { void enableSystemApp(in ComponentName admin, in String packageName); int enableSystemAppWithIntent(in ComponentName admin, in Intent intent); void setAccountManagementDisabled(in ComponentName who, in String accountType, in boolean disabled); String[] getAccountTypesWithManagementDisabled(); }
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +68 −1 Original line number Diff line number Diff line Loading @@ -100,6 +100,7 @@ import java.util.ArrayList; import java.util.Collections; import java.util.Date; import java.util.HashMap; import java.util.HashSet; import java.util.List; import java.util.Set; Loading Loading @@ -232,6 +233,8 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { static class ActiveAdmin { private static final String TAG_DISABLE_KEYGUARD_FEATURES = "disable-keyguard-features"; private static final String TAG_DISABLE_CAMERA = "disable-camera"; private static final String TAG_DISABLE_ACCOUNT_MANAGEMENT = "disable-account-management"; private static final String TAG_ACCOUNT_TYPE = "account-type"; private static final String TAG_ENCRYPTION_REQUESTED = "encryption-requested"; private static final String TAG_PASSWORD_EXPIRATION_DATE = "password-expiration-date"; private static final String TAG_PASSWORD_EXPIRATION_TIMEOUT = "password-expiration-timeout"; Loading Loading @@ -297,6 +300,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { boolean encryptionRequested = false; boolean disableCamera = false; Set<String> accountTypesWithManagementDisabled = new HashSet<String>(); // TODO: review implementation decisions with frameworks team boolean specifiesGlobalProxy = false; Loading Loading @@ -413,6 +417,15 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { out.attribute(null, ATTR_VALUE, Integer.toString(disabledKeyguardFeatures)); out.endTag(null, TAG_DISABLE_KEYGUARD_FEATURES); } if (!accountTypesWithManagementDisabled.isEmpty()) { out.startTag(null, TAG_DISABLE_ACCOUNT_MANAGEMENT); for (String ac : accountTypesWithManagementDisabled) { out.startTag(null, TAG_ACCOUNT_TYPE); out.attribute(null, ATTR_VALUE, ac); out.endTag(null, TAG_ACCOUNT_TYPE); } out.endTag(null, TAG_DISABLE_ACCOUNT_MANAGEMENT); } } void readFromXml(XmlPullParser parser) Loading Loading @@ -484,6 +497,23 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } else if (TAG_DISABLE_KEYGUARD_FEATURES.equals(tag)) { disabledKeyguardFeatures = Integer.parseInt( parser.getAttributeValue(null, ATTR_VALUE)); } else if (TAG_DISABLE_ACCOUNT_MANAGEMENT.equals(tag)) { int outerDepthDAM = parser.getDepth(); int typeDAM; while ((typeDAM=parser.next()) != XmlPullParser.END_DOCUMENT && (typeDAM != XmlPullParser.END_TAG || parser.getDepth() > outerDepthDAM)) { if (typeDAM == XmlPullParser.END_TAG || typeDAM == XmlPullParser.TEXT) { continue; } String tagDAM = parser.getName(); if (TAG_ACCOUNT_TYPE.equals(tagDAM)) { accountTypesWithManagementDisabled.add( parser.getAttributeValue(null, ATTR_VALUE)); } else { Slog.w(LOG_TAG, "Unknown tag under " + tag + ": " + tagDAM); } } } else { Slog.w(LOG_TAG, "Unknown admin tag: " + tag); } Loading Loading @@ -3178,7 +3208,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { if (who == null) { throw new NullPointerException("ComponentName is null"); } getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER); int userId = UserHandle.getCallingUserId(); Loading Loading @@ -3277,4 +3306,42 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { ApplicationInfo appInfo = pm.getApplicationInfo(packageName, 0, userId); return (appInfo.flags & ApplicationInfo.FLAG_SYSTEM) > 0; } @Override public void setAccountManagementDisabled(ComponentName who, String accountType, boolean disabled) { if (!mHasFeature) { return; } synchronized (this) { if (who == null) { throw new NullPointerException("ComponentName is null"); } ActiveAdmin ap = getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER); if (disabled) { ap.accountTypesWithManagementDisabled.add(accountType); } else { ap.accountTypesWithManagementDisabled.remove(accountType); } saveSettingsLocked(UserHandle.getCallingUserId()); } } @Override public String[] getAccountTypesWithManagementDisabled() { if (!mHasFeature) { return null; } synchronized (this) { DevicePolicyData policy = getUserData(UserHandle.getCallingUserId()); final int N = policy.mAdminList.size(); HashSet<String> resultSet = new HashSet<String>(); for (int i = 0; i < N; i++) { ActiveAdmin admin = policy.mAdminList.get(i); resultSet.addAll(admin.accountTypesWithManagementDisabled); } return resultSet.toArray(new String[resultSet.size()]); } } }
