Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8d985b52 authored by Nino Jagar's avatar Nino Jagar
Browse files

Add permission, flag and constants for content protection device policy 

Bug: 319477846
Test: N/A
Change-Id: I1fb579e8452a4621bd4d66a4eda4fab0db623c79
parent 861fcd5a

core/api/current.txt

+4 −0
Original line number Diff line number Diff line
@@ -147,6 +147,7 @@ package android { 
    field public static final String MANAGE_DEVICE_POLICY_CAMERA = "android.permission.MANAGE_DEVICE_POLICY_CAMERA";

    field public static final String MANAGE_DEVICE_POLICY_CERTIFICATES = "android.permission.MANAGE_DEVICE_POLICY_CERTIFICATES";

    field public static final String MANAGE_DEVICE_POLICY_COMMON_CRITERIA_MODE = "android.permission.MANAGE_DEVICE_POLICY_COMMON_CRITERIA_MODE";

    field @FlaggedApi("android.view.contentprotection.flags.manage_device_policy_enabled") public static final String MANAGE_DEVICE_POLICY_CONTENT_PROTECTION = "android.permission.MANAGE_DEVICE_POLICY_CONTENT_PROTECTION";

    field public static final String MANAGE_DEVICE_POLICY_DEBUGGING_FEATURES = "android.permission.MANAGE_DEVICE_POLICY_DEBUGGING_FEATURES";

    field public static final String MANAGE_DEVICE_POLICY_DEFAULT_SMS = "android.permission.MANAGE_DEVICE_POLICY_DEFAULT_SMS";

    field public static final String MANAGE_DEVICE_POLICY_DEVICE_IDENTIFIERS = "android.permission.MANAGE_DEVICE_POLICY_DEVICE_IDENTIFIERS";
@@ -8194,6 +8195,9 @@ package android.app.admin { 
    field public static final String ACTION_SET_NEW_PASSWORD = "android.app.action.SET_NEW_PASSWORD";

    field public static final String ACTION_START_ENCRYPTION = "android.app.action.START_ENCRYPTION";

    field public static final String ACTION_SYSTEM_UPDATE_POLICY_CHANGED = "android.app.action.SYSTEM_UPDATE_POLICY_CHANGED";

    field @FlaggedApi("android.view.contentprotection.flags.manage_device_policy_enabled") public static final int CONTENT_PROTECTION_DISABLED = 1; // 0x1

    field @FlaggedApi("android.view.contentprotection.flags.manage_device_policy_enabled") public static final int CONTENT_PROTECTION_ENABLED = 2; // 0x2

    field @FlaggedApi("android.view.contentprotection.flags.manage_device_policy_enabled") public static final int CONTENT_PROTECTION_NOT_CONTROLLED_BY_POLICY = 0; // 0x0

    field public static final String DELEGATION_APP_RESTRICTIONS = "delegation-app-restrictions";

    field public static final String DELEGATION_BLOCK_UNINSTALL = "delegation-block-uninstall";

    field public static final String DELEGATION_CERT_INSTALL = "delegation-cert-install";

core/java/android/app/admin/DevicePolicyManager.java

+25 −0
Original line number Diff line number Diff line
@@ -53,6 +53,7 @@ import static android.app.admin.flags.Flags.onboardingBugreportV2Enabled; 
import static android.content.Intent.LOCAL_FLAG_FROM_SYSTEM;

import static android.net.NetworkCapabilities.NET_ENTERPRISE_ID_1;

import static android.os.Build.VERSION_CODES.UPSIDE_DOWN_CAKE;

import static android.view.contentprotection.flags.Flags.FLAG_MANAGE_DEVICE_POLICY_ENABLED;















import static com.android.internal.util.function.pooled.PooledLambda.obtainMessage;























@@ -61,6 +62,7 @@ import android.accounts.Account;













import android.annotation.BroadcastBehavior;















import android.annotation.CallbackExecutor;















import android.annotation.ColorInt;













import android.annotation.FlaggedApi;















import android.annotation.IntDef;















import android.annotation.NonNull;















import android.annotation.Nullable;










@@ -4092,6 +4094,29 @@ public class DevicePolicyManager {













        return MTE_NOT_CONTROLLED_BY_POLICY;















    }



























    /** Indicates that content protection is not controlled by policy, allowing user to choose. */













    @FlaggedApi(FLAG_MANAGE_DEVICE_POLICY_ENABLED)













    public static final int CONTENT_PROTECTION_NOT_CONTROLLED_BY_POLICY = 0;

























    /** Indicates that content protection is controlled and disabled by a policy. */













    @FlaggedApi(FLAG_MANAGE_DEVICE_POLICY_ENABLED)













    public static final int CONTENT_PROTECTION_DISABLED = 1;

























    /** Indicates that content protection is controlled and enabled by a policy. */













    @FlaggedApi(FLAG_MANAGE_DEVICE_POLICY_ENABLED)













    public static final int CONTENT_PROTECTION_ENABLED = 2;

























    /** @hide */













    @IntDef(













            prefix = {"CONTENT_PROTECTION_"},













            value = {













                CONTENT_PROTECTION_NOT_CONTROLLED_BY_POLICY,













                CONTENT_PROTECTION_DISABLED,













                CONTENT_PROTECTION_ENABLED,













            })













    @Retention(RetentionPolicy.SOURCE)













    public @interface ContentProtectionPolicy {}



























    /**















     * This object is a single place to tack on invalidation and disable calls.  All















     * binder caches in this class derive from this Config, so all can be invalidated or

































core/java/android/view/contentprotection/flags/content_protection_flags.aconfig



+7
−0




























Original line number
Diff line number
Diff line








@@ -34,3 +34,10 @@ flag {













    description: "If true, an appop is logged when a notification is rapidly cleared by a notification listener."















    bug: "289080543"















}



























flag {













    name: "manage_device_policy_enabled"













    namespace: "content_protection"













    description: "If true, the APIs to manage content protection device policy will be enabled."













    bug: "319477846"













}
























core/res/AndroidManifest.xml



+7
−0




























Original line number
Diff line number
Diff line








@@ -3751,6 +3751,13 @@













    <permission android:name="android.permission.MANAGE_DEVICE_POLICY_DEVICE_IDENTIFIERS"















                android:protectionLevel="internal|role" />





























    <!-- Allows an application to manage policy related to content protection.













        <p>Protection level: internal|role













        @FlaggedApi("android.view.contentprotection.flags.manage_device_policy_enabled")













    -->













    <permission android:name="android.permission.MANAGE_DEVICE_POLICY_CONTENT_PROTECTION"













                android:protectionLevel="internal|role" />





























    <!-- Allows an application to set device policies outside the current user















        that are critical for securing data within the current user.















        <p>Holding this permission allows the use of other held MANAGE_DEVICE_POLICY_*