Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 639001ec authored by arangelov's avatar arangelov
Browse files

Add new constants for managed account provisioning 

This is part of the feature to make managed account
provisioning use the admin-integrated flow.

We introduce EXTRA_PROVISIONING_SUPPORTED_MODES
which can be set to one of
SUPPORTED_MODES_ORGANIZATION_OWNED,
SUPPORTED_MODES_PERSONALLY_OWNED or
SUPPORTED_MODES_ORGANIZATION_AND_PERSONALLY_OWNED.
These allow the admin app to
choose between fully-managed device/
organization-owned work profile, personally-
owned work profile or all three respectively.

PROVISIONING_TRIGGER_MANAGED_ACCOUNT will be used
only for logging purposes and determining whether
to respect EXTRA_PROVISIONING_SKIP_EDUCATION_SCREENS.

PROVISIONING_MODE_MANAGED_PROFILE_ON_PERSONAL_DEVICE
is a new provisioning mode choice which the admin app
can choose, if allowed.

EXTRA_PROVISIONING_ALLOWED_PROVISIONING_MODES is an
ArrayList<Integer> extra which will be sent to the
admin app. It will contain a list of the provisioning
modes from which the admin app can choose. If it chooses
a mode that is not part of that list, provisioning
will fail.

This CL also updates the javadoc for
EXTRA_PROVISIONING_SKIP_EDUCATION_SCREENS to state
more correctly the cases when the extra is respected.

This CL also deprecates
PROVISIONING_TRIGGER_PERSISTENT_DEVICE_OWNER as it is now
covered by the broader PROVISIONING_TRIGGER_MANAGED_ACCOUNT.

Bug: 167955145
Test: tests to be added in ManagedProvisioning
Test: compiled - only defining new constants
Change-Id: I6cc8581ce5e609155480bc6aeb04af0c800267cd
parent cbf9c158

core/api/current.txt

+2 −0
Original line number Diff line number Diff line
@@ -7149,6 +7149,7 @@ package android.app.admin { 
    field @RequiresPermission(android.Manifest.permission.REQUEST_PASSWORD_COMPLEXITY) public static final String EXTRA_PASSWORD_COMPLEXITY = "android.app.extra.PASSWORD_COMPLEXITY";

    field public static final String EXTRA_PROVISIONING_ACCOUNT_TO_MIGRATE = "android.app.extra.PROVISIONING_ACCOUNT_TO_MIGRATE";

    field public static final String EXTRA_PROVISIONING_ADMIN_EXTRAS_BUNDLE = "android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE";

    field public static final String EXTRA_PROVISIONING_ALLOWED_PROVISIONING_MODES = "android.app.extra.PROVISIONING_ALLOWED_PROVISIONING_MODES";

    field public static final String EXTRA_PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME = "android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME";

    field public static final String EXTRA_PROVISIONING_DEVICE_ADMIN_MINIMUM_VERSION_CODE = "android.app.extra.PROVISIONING_DEVICE_ADMIN_MINIMUM_VERSION_CODE";

    field public static final String EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_CHECKSUM = "android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_CHECKSUM";
@@ -7253,6 +7254,7 @@ package android.app.admin { 
    field public static final int PRIVATE_DNS_SET_NO_ERROR = 0; // 0x0

    field public static final int PROVISIONING_MODE_FULLY_MANAGED_DEVICE = 1; // 0x1

    field public static final int PROVISIONING_MODE_MANAGED_PROFILE = 2; // 0x2

    field public static final int PROVISIONING_MODE_MANAGED_PROFILE_ON_PERSONAL_DEVICE = 3; // 0x3

    field public static final int RESET_PASSWORD_DO_NOT_ASK_CREDENTIALS_ON_BOOT = 2; // 0x2

    field public static final int RESET_PASSWORD_REQUIRE_ENTRY = 1; // 0x1

    field public static final int SKIP_SETUP_WIZARD = 1; // 0x1

core/api/system-current.txt

+6 −1
Original line number Diff line number Diff line
@@ -876,11 +876,13 @@ package android.app.admin { 
    field public static final String EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_ICON_URI = "android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_ICON_URI";

    field public static final String EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_LABEL = "android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_LABEL";

    field public static final String EXTRA_PROVISIONING_ORGANIZATION_NAME = "android.app.extra.PROVISIONING_ORGANIZATION_NAME";

    field public static final String EXTRA_PROVISIONING_SUPPORTED_MODES = "android.app.extra.PROVISIONING_SUPPORTED_MODES";

    field public static final String EXTRA_PROVISIONING_SUPPORT_URL = "android.app.extra.PROVISIONING_SUPPORT_URL";

    field public static final String EXTRA_PROVISIONING_TRIGGER = "android.app.extra.PROVISIONING_TRIGGER";

    field public static final String EXTRA_RESTRICTION = "android.app.extra.RESTRICTION";

    field public static final int PROVISIONING_TRIGGER_CLOUD_ENROLLMENT = 1; // 0x1

    field public static final int PROVISIONING_TRIGGER_PERSISTENT_DEVICE_OWNER = 3; // 0x3

    field public static final int PROVISIONING_TRIGGER_MANAGED_ACCOUNT = 4; // 0x4

    field @Deprecated public static final int PROVISIONING_TRIGGER_PERSISTENT_DEVICE_OWNER = 3; // 0x3

    field public static final int PROVISIONING_TRIGGER_QR_CODE = 2; // 0x2

    field public static final int PROVISIONING_TRIGGER_UNSPECIFIED = 0; // 0x0

    field public static final int STATE_USER_PROFILE_COMPLETE = 4; // 0x4
@@ -889,6 +891,9 @@ package android.app.admin { 
    field public static final int STATE_USER_SETUP_FINALIZED = 3; // 0x3

    field public static final int STATE_USER_SETUP_INCOMPLETE = 1; // 0x1

    field public static final int STATE_USER_UNMANAGED = 0; // 0x0

    field public static final int SUPPORTED_MODES_ORGANIZATION_AND_PERSONALLY_OWNED = 3; // 0x3

    field public static final int SUPPORTED_MODES_ORGANIZATION_OWNED = 1; // 0x1

    field public static final int SUPPORTED_MODES_PERSONALLY_OWNED = 2; // 0x2

  }















  public final class SystemUpdatePolicy implements android.os.Parcelable {

































core/java/android/app/admin/DevicePolicyManager.java



+147
−10




























Original line number
Diff line number
Diff line








@@ -1205,7 +1205,7 @@ public class DevicePolicyManager {













     * <ul>















     * <li>By the admin app when performing the admin-integrated















     * provisioning flow as a result of the {@link #ACTION_GET_PROVISIONING_MODE} activity</li>













     * <li>With intent action {@link #ACTION_PROVISION_MANAGED_DEVICE}</li>













     * <li>For managed account enrollment</li>















     * </ul>















     *















     * <p>If the education screens are skipped, it is the admin application's responsibility









@@ -1227,10 +1227,38 @@ public class DevicePolicyManager {













    public static final String EXTRA_PROVISIONING_USE_MOBILE_DATA =















            "android.app.extra.PROVISIONING_USE_MOBILE_DATA";



























    /**













     * Possible values for {@link #EXTRA_PROVISIONING_TRIGGER}.













     *













     * @hide













     */













    @IntDef(prefix = { "PROVISIONING_TRIGGER_" }, value = {













            PROVISIONING_TRIGGER_UNSPECIFIED,













            PROVISIONING_TRIGGER_CLOUD_ENROLLMENT,













            PROVISIONING_TRIGGER_QR_CODE,













            PROVISIONING_TRIGGER_PERSISTENT_DEVICE_OWNER,













            PROVISIONING_TRIGGER_MANAGED_ACCOUNT













    })













    @Retention(RetentionPolicy.SOURCE)













    public @interface ProvisioningTrigger {}

























    /**













     * Possible values for {@link #EXTRA_PROVISIONING_SUPPORTED_MODES}.













     *













     * @hide













     */













    @IntDef(prefix = { "SUPPORTED_MODES_" }, value = {













            SUPPORTED_MODES_ORGANIZATION_OWNED,













            SUPPORTED_MODES_PERSONALLY_OWNED,













            SUPPORTED_MODES_ORGANIZATION_AND_PERSONALLY_OWNED













    })













    @Retention(RetentionPolicy.SOURCE)













    public @interface ProvisioningConfiguration {}



























    /**















     * A String extra holding the provisioning trigger. It could be one of















     * {@link #PROVISIONING_TRIGGER_CLOUD_ENROLLMENT}, {@link #PROVISIONING_TRIGGER_QR_CODE},













     * {@link #PROVISIONING_TRIGGER_PERSISTENT_DEVICE_OWNER} or {@link













     * {@link #PROVISIONING_TRIGGER_MANAGED_ACCOUNT} or {@link















     * #PROVISIONING_TRIGGER_UNSPECIFIED}.















     *















     * <p>Use in an intent with action {@link









@@ -1246,7 +1274,7 @@ public class DevicePolicyManager {













     * trigger has not been specified.















     * @see #PROVISIONING_TRIGGER_CLOUD_ENROLLMENT















     * @see #PROVISIONING_TRIGGER_QR_CODE













     * @see #PROVISIONING_TRIGGER_PERSISTENT_DEVICE_OWNER













     * @see #PROVISIONING_TRIGGER_MANAGED_ACCOUNT















     * @hide















     */















    @SystemApi









@@ -1256,7 +1284,7 @@ public class DevicePolicyManager {













     * A value for {@link #EXTRA_PROVISIONING_TRIGGER} indicating that the provisioning















     * trigger is cloud enrollment.















     * @see #PROVISIONING_TRIGGER_QR_CODE













     * @see #PROVISIONING_TRIGGER_PERSISTENT_DEVICE_OWNER













     * @see #PROVISIONING_TRIGGER_MANAGED_ACCOUNT















     * @see #PROVISIONING_TRIGGER_UNSPECIFIED















     * @hide















     */









@@ -1267,7 +1295,7 @@ public class DevicePolicyManager {













     * A value for {@link #EXTRA_PROVISIONING_TRIGGER} indicating that the provisioning















     * trigger is the QR code scanner.















     * @see #PROVISIONING_TRIGGER_CLOUD_ENROLLMENT













     * @see #PROVISIONING_TRIGGER_PERSISTENT_DEVICE_OWNER













     * @see #PROVISIONING_TRIGGER_MANAGED_ACCOUNT















     * @see #PROVISIONING_TRIGGER_UNSPECIFIED















     * @hide















     */









@@ -1277,14 +1305,77 @@ public class DevicePolicyManager {













    /**















     * A value for {@link #EXTRA_PROVISIONING_TRIGGER} indicating that the provisioning















     * trigger is persistent device owner enrollment.













     * @deprecated Use the broader {@link #PROVISIONING_TRIGGER_MANAGED_ACCOUNT} instead















     * @see #PROVISIONING_TRIGGER_CLOUD_ENROLLMENT















     * @see #PROVISIONING_TRIGGER_QR_CODE















     * @see #PROVISIONING_TRIGGER_UNSPECIFIED















     * @hide















     */















    @SystemApi













    @Deprecated















    public static final int PROVISIONING_TRIGGER_PERSISTENT_DEVICE_OWNER = 3;



























    /**













     * A value for {@link #EXTRA_PROVISIONING_TRIGGER} indicating that the provisioning













     * trigger is managed account enrollment.













     * @see #PROVISIONING_TRIGGER_CLOUD_ENROLLMENT













     * @see #PROVISIONING_TRIGGER_QR_CODE













     * @see #PROVISIONING_TRIGGER_UNSPECIFIED













     * @hide













     */













    @SystemApi













    public static final int PROVISIONING_TRIGGER_MANAGED_ACCOUNT = 4;

























    /**













     * A value for {@link #EXTRA_PROVISIONING_SUPPORTED_MODES} indicating that provisioning is













     * organization-owned.













     *













     * <p>Using this value will cause the admin app's {@link #ACTION_GET_PROVISIONING_MODE}













     * activity to have the {@link #EXTRA_PROVISIONING_ALLOWED_PROVISIONING_MODES} array extra













     * contain {@link #PROVISIONING_MODE_MANAGED_PROFILE} and {@link













     * #PROVISIONING_MODE_FULLY_MANAGED_DEVICE}.













     *













     * <p>Also, if this value is set, the admin app's {@link #ACTION_GET_PROVISIONING_MODE} activity













     * will not receive the {@link #EXTRA_PROVISIONING_IMEI} and {@link













     * #EXTRA_PROVISIONING_SERIAL_NUMBER} extras.













     *













     * @hide













     */













    @SystemApi













    public static final int SUPPORTED_MODES_ORGANIZATION_OWNED = 1;

























    /**













     * A value for {@link #EXTRA_PROVISIONING_SUPPORTED_MODES} indicating that provisioning is













     * personally-owned.













     *













     * <p>Using this value will cause the admin app's {@link #ACTION_GET_PROVISIONING_MODE}













     * activity to have the {@link #EXTRA_PROVISIONING_ALLOWED_PROVISIONING_MODES} array extra













     * contain only {@link #PROVISIONING_MODE_MANAGED_PROFILE}.













     *













     * @hide













     */













    @SystemApi













    public static final int SUPPORTED_MODES_PERSONALLY_OWNED = 2;

























    /**













     * A value for {@link #EXTRA_PROVISIONING_SUPPORTED_MODES} indicating that provisioning could













     * be organization-owned or personally-owned.













     *













     * <p>Using this value will cause the admin app's {@link #ACTION_GET_PROVISIONING_MODE}













     * activity to have the {@link #EXTRA_PROVISIONING_ALLOWED_PROVISIONING_MODES} array extra













     * contain {@link













     * #PROVISIONING_MODE_MANAGED_PROFILE}, {@link #PROVISIONING_MODE_FULLY_MANAGED_DEVICE} and













     * {@link #PROVISIONING_MODE_MANAGED_PROFILE_ON_PERSONAL_DEVICE}.













     *













     * <p>Also, if this value is set, the admin app's {@link #ACTION_GET_PROVISIONING_MODE} activity













     * will not receive the {@link #EXTRA_PROVISIONING_IMEI} and {@link













     * #EXTRA_PROVISIONING_SERIAL_NUMBER} extras.













     *













     * @hide













     */













    @SystemApi













    public static final int SUPPORTED_MODES_ORGANIZATION_AND_PERSONALLY_OWNED = 3;



























    /**















     * This MIME type is used for starting the device owner provisioning.















     *










@@ -2378,15 +2469,56 @@ public class DevicePolicyManager {



























    /**















     * An intent extra holding the provisioning mode returned by the administrator.













     * The value for this extra should be one of the following:













     * <ul>













     *     <li>{@link #PROVISIONING_MODE_FULLY_MANAGED_DEVICE}</li>













     *     <li>{@link #PROVISIONING_MODE_MANAGED_PROFILE}</li>













     * </ul>













     * The value of this extra must be one of the values provided in {@link













     * #EXTRA_PROVISIONING_ALLOWED_PROVISIONING_MODES}, which is provided as an intent extra to













     * the admin app's {@link #ACTION_GET_PROVISIONING_MODE} activity.













     *













     * @see #PROVISIONING_MODE_FULLY_MANAGED_DEVICE













     * @see #PROVISIONING_MODE_MANAGED_PROFILE















     */















    public static final String EXTRA_PROVISIONING_MODE =















            "android.app.extra.PROVISIONING_MODE";



























    /**













     * An integer extra indication what provisioning modes should be available for the admin app













     * to pick.













     *













     * <p>The default value is {@link #SUPPORTED_MODES_ORGANIZATION_OWNED}.













     *













     * <p>The value of this extra will determine the contents of the {@link













     * #EXTRA_PROVISIONING_ALLOWED_PROVISIONING_MODES} array that is passed to the admin app as an













     * extra to its {@link #ACTION_GET_PROVISIONING_MODE} activity.













     *













     * <p>If one of the possible admin app choices is a personally-owned work profile, then the













     * IMEI and serial number will not be passed to the admin app's {@link













     * #ACTION_GET_PROVISIONING_MODE} activity via the {@link #EXTRA_PROVISIONING_IMEI} and {@link













     * #EXTRA_PROVISIONING_SERIAL_NUMBER} respectively.













     *













     * <p>This extra is only respected when provided alongside the {@link













     * #ACTION_PROVISION_MANAGED_DEVICE_FROM_TRUSTED_SOURCE} intent action.













     *













     * @see #SUPPORTED_MODES_ORGANIZATION_OWNED













     * @see #SUPPORTED_MODES_PERSONALLY_OWNED













     * @see #SUPPORTED_MODES_ORGANIZATION_AND_PERSONALLY_OWNED













     * @hide













     */













    @SystemApi













    public static final String EXTRA_PROVISIONING_SUPPORTED_MODES =













            "android.app.extra.PROVISIONING_SUPPORTED_MODES";

























    /**













     * An {@link ArrayList} of {@link Integer} extra specifying the allowed provisioning modes.













     * <p>This extra will be passed to the admin app's {@link #ACTION_GET_PROVISIONING_MODE}













     * activity, whose result intent must contain {@link #EXTRA_PROVISIONING_MODE} set to one of













     * the values in this array.













     * <p>If the value set to {@link #EXTRA_PROVISIONING_MODE} is not in the array,













     * provisioning will fail.













     * @see #PROVISIONING_MODE_MANAGED_PROFILE













     * @see #PROVISIONING_MODE_FULLY_MANAGED_DEVICE













     */













    public static final String EXTRA_PROVISIONING_ALLOWED_PROVISIONING_MODES =













            "android.app.extra.PROVISIONING_ALLOWED_PROVISIONING_MODES";



























    /**















     * The provisioning mode for fully managed device.















     */









@@ -2397,6 +2529,11 @@ public class DevicePolicyManager {













     */















    public static final int PROVISIONING_MODE_MANAGED_PROFILE = 2;



























    /**













     * The provisioning mode for a work profile on a personal device.













     */













    public static final int PROVISIONING_MODE_MANAGED_PROFILE_ON_PERSONAL_DEVICE = 3;



























    /**















     * Activity action: Starts the administrator to show policy compliance for the provisioning.















     * This action is used any time that the administrator has an opportunity to show policy