Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 7ad4889e authored by Nino Jagar's avatar Nino Jagar Committed by Android (Google) Code Review
Browse files

Merge "Add permission, flag and constants for content protection device policy" into main

parents 49a7890a 8d985b52

core/api/current.txt

+4 −0
Original line number Diff line number Diff line
@@ -147,6 +147,7 @@ package android { 
    field public static final String MANAGE_DEVICE_POLICY_CAMERA = "android.permission.MANAGE_DEVICE_POLICY_CAMERA";

    field public static final String MANAGE_DEVICE_POLICY_CERTIFICATES = "android.permission.MANAGE_DEVICE_POLICY_CERTIFICATES";

    field public static final String MANAGE_DEVICE_POLICY_COMMON_CRITERIA_MODE = "android.permission.MANAGE_DEVICE_POLICY_COMMON_CRITERIA_MODE";

    field @FlaggedApi("android.view.contentprotection.flags.manage_device_policy_enabled") public static final String MANAGE_DEVICE_POLICY_CONTENT_PROTECTION = "android.permission.MANAGE_DEVICE_POLICY_CONTENT_PROTECTION";

    field public static final String MANAGE_DEVICE_POLICY_DEBUGGING_FEATURES = "android.permission.MANAGE_DEVICE_POLICY_DEBUGGING_FEATURES";

    field public static final String MANAGE_DEVICE_POLICY_DEFAULT_SMS = "android.permission.MANAGE_DEVICE_POLICY_DEFAULT_SMS";

    field public static final String MANAGE_DEVICE_POLICY_DEVICE_IDENTIFIERS = "android.permission.MANAGE_DEVICE_POLICY_DEVICE_IDENTIFIERS";
@@ -8194,6 +8195,9 @@ package android.app.admin { 
    field public static final String ACTION_SET_NEW_PASSWORD = "android.app.action.SET_NEW_PASSWORD";

    field public static final String ACTION_START_ENCRYPTION = "android.app.action.START_ENCRYPTION";

    field public static final String ACTION_SYSTEM_UPDATE_POLICY_CHANGED = "android.app.action.SYSTEM_UPDATE_POLICY_CHANGED";

    field @FlaggedApi("android.view.contentprotection.flags.manage_device_policy_enabled") public static final int CONTENT_PROTECTION_DISABLED = 1; // 0x1

    field @FlaggedApi("android.view.contentprotection.flags.manage_device_policy_enabled") public static final int CONTENT_PROTECTION_ENABLED = 2; // 0x2

    field @FlaggedApi("android.view.contentprotection.flags.manage_device_policy_enabled") public static final int CONTENT_PROTECTION_NOT_CONTROLLED_BY_POLICY = 0; // 0x0

    field public static final String DELEGATION_APP_RESTRICTIONS = "delegation-app-restrictions";

    field public static final String DELEGATION_BLOCK_UNINSTALL = "delegation-block-uninstall";

    field public static final String DELEGATION_CERT_INSTALL = "delegation-cert-install";

core/java/android/app/admin/DevicePolicyManager.java

+25 −0
Original line number Diff line number Diff line
@@ -53,6 +53,7 @@ import static android.app.admin.flags.Flags.onboardingBugreportV2Enabled; 
import static android.content.Intent.LOCAL_FLAG_FROM_SYSTEM;

import static android.net.NetworkCapabilities.NET_ENTERPRISE_ID_1;

import static android.os.Build.VERSION_CODES.UPSIDE_DOWN_CAKE;

import static android.view.contentprotection.flags.Flags.FLAG_MANAGE_DEVICE_POLICY_ENABLED;















import static com.android.internal.util.function.pooled.PooledLambda.obtainMessage;























@@ -61,6 +62,7 @@ import android.accounts.Account;













import android.annotation.BroadcastBehavior;















import android.annotation.CallbackExecutor;















import android.annotation.ColorInt;













import android.annotation.FlaggedApi;















import android.annotation.IntDef;















import android.annotation.NonNull;















import android.annotation.Nullable;










@@ -4092,6 +4094,29 @@ public class DevicePolicyManager {













        return MTE_NOT_CONTROLLED_BY_POLICY;















    }



























    /** Indicates that content protection is not controlled by policy, allowing user to choose. */













    @FlaggedApi(FLAG_MANAGE_DEVICE_POLICY_ENABLED)













    public static final int CONTENT_PROTECTION_NOT_CONTROLLED_BY_POLICY = 0;

























    /** Indicates that content protection is controlled and disabled by a policy. */













    @FlaggedApi(FLAG_MANAGE_DEVICE_POLICY_ENABLED)













    public static final int CONTENT_PROTECTION_DISABLED = 1;

























    /** Indicates that content protection is controlled and enabled by a policy. */













    @FlaggedApi(FLAG_MANAGE_DEVICE_POLICY_ENABLED)













    public static final int CONTENT_PROTECTION_ENABLED = 2;

























    /** @hide */













    @IntDef(













            prefix = {"CONTENT_PROTECTION_"},













            value = {













                CONTENT_PROTECTION_NOT_CONTROLLED_BY_POLICY,













                CONTENT_PROTECTION_DISABLED,













                CONTENT_PROTECTION_ENABLED,













            })













    @Retention(RetentionPolicy.SOURCE)













    public @interface ContentProtectionPolicy {}



























    /**















     * This object is a single place to tack on invalidation and disable calls.  All















     * binder caches in this class derive from this Config, so all can be invalidated or

































core/java/android/view/contentprotection/flags/content_protection_flags.aconfig



+7
−0




























Original line number
Diff line number
Diff line








@@ -34,3 +34,10 @@ flag {













    description: "If true, an appop is logged when a notification is rapidly cleared by a notification listener."















    bug: "289080543"















}



























flag {













    name: "manage_device_policy_enabled"













    namespace: "content_protection"













    description: "If true, the APIs to manage content protection device policy will be enabled."













    bug: "319477846"













}
























core/res/AndroidManifest.xml



+7
−0




























Original line number
Diff line number
Diff line








@@ -3751,6 +3751,13 @@













    <permission android:name="android.permission.MANAGE_DEVICE_POLICY_DEVICE_IDENTIFIERS"















                android:protectionLevel="internal|role" />





























    <!-- Allows an application to manage policy related to content protection.













        <p>Protection level: internal|role













        @FlaggedApi("android.view.contentprotection.flags.manage_device_policy_enabled")













    -->













    <permission android:name="android.permission.MANAGE_DEVICE_POLICY_CONTENT_PROTECTION"













                android:protectionLevel="internal|role" />





























    <!-- Allows an application to set device policies outside the current user















        that are critical for securing data within the current user.















        <p>Holding this permission allows the use of other held MANAGE_DEVICE_POLICY_*