Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 980a1b6f authored by Steven Ng's avatar Steven Ng
Browse files

Add new permission and action for managed provisioning (QR flow) 

+ Instead of reusing NFC provisioning action, new action and permission
  are introduced for QR code provisioning

Bug: 26240297
Change-Id: Id2632d6c6b9e62bf3cad5bc141430d49df4a2c5d
parent dd1f99da

api/system-current.txt

+2 −0
Original line number Diff line number Diff line
@@ -91,6 +91,7 @@ package android { 
    field public static final java.lang.String DEVICE_POWER = "android.permission.DEVICE_POWER";

    field public static final java.lang.String DIAGNOSTIC = "android.permission.DIAGNOSTIC";

    field public static final java.lang.String DISABLE_KEYGUARD = "android.permission.DISABLE_KEYGUARD";

    field public static final java.lang.String DISPATCH_PROVISIONING_MESSAGE = "android.permission.DISPATCH_PROVISIONING_MESSAGE";

    field public static final java.lang.String DUMP = "android.permission.DUMP";

    field public static final java.lang.String EXPAND_STATUS_BAR = "android.permission.EXPAND_STATUS_BAR";

    field public static final java.lang.String FACTORY_TEST = "android.permission.FACTORY_TEST";
@@ -6096,6 +6097,7 @@ package android.app.admin { 
    field public static final java.lang.String ACTION_DEVICE_OWNER_CHANGED = "android.app.action.DEVICE_OWNER_CHANGED";

    field public static final java.lang.String ACTION_MANAGED_PROFILE_PROVISIONED = "android.app.action.MANAGED_PROFILE_PROVISIONED";

    field public static final java.lang.String ACTION_PROVISION_MANAGED_DEVICE = "android.app.action.PROVISION_MANAGED_DEVICE";

    field public static final java.lang.String ACTION_PROVISION_MANAGED_DEVICE_FROM_TRUSTED_SOURCE = "android.app.action.PROVISION_MANAGED_DEVICE_FROM_TRUSTED_SOURCE";

    field public static final java.lang.String ACTION_PROVISION_MANAGED_PROFILE = "android.app.action.PROVISION_MANAGED_PROFILE";

    field public static final java.lang.String ACTION_SET_NEW_PARENT_PROFILE_PASSWORD = "android.app.action.SET_NEW_PARENT_PROFILE_PASSWORD";

    field public static final java.lang.String ACTION_SET_NEW_PASSWORD = "android.app.action.SET_NEW_PASSWORD";

core/java/android/app/admin/DevicePolicyManager.java

+42 −0
Original line number Diff line number Diff line
@@ -239,6 +239,48 @@ public class DevicePolicyManager { 
    public static final String ACTION_PROVISION_MANAGED_DEVICE

        = "android.app.action.PROVISION_MANAGED_DEVICE";



    /**

     * Activity action: Starts the provisioning flow which sets up a managed device.

     *

     * <p>During device owner provisioning, a device admin app is downloaded and set as the owner of

     * the device. A device owner has full control over the device. The device owner can not be

     * modified by the user and the only way of resetting the device is via factory reset.

     *

     * <p>A typical use case would be a device that is owned by a company, but used by either an

     * employee or client.

     *

     * <p>The provisioning message should be sent to an unprovisioned device.

     *

     * <p>Unlike {@link #ACTION_PROVISION_MANAGED_DEVICE}, the provisioning message can only be sent

     * by a privileged app with the permission

     * {@link android.Manifest.permission#DISPATCH_PROVISIONING_MESSAGE}.

     *

     * <p>The provisioning intent contains the following properties:

     * <ul>

     * <li>{@link #EXTRA_PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME}</li>

     * <li>{@link #EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION}, optional</li>

     * <li>{@link #EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_COOKIE_HEADER}, optional</li>

     * <li>{@link #EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_CHECKSUM}, optional</li>

     * <li>{@link #EXTRA_PROVISIONING_LOCAL_TIME} (convert to String), optional</li>

     * <li>{@link #EXTRA_PROVISIONING_TIME_ZONE}, optional</li>

     * <li>{@link #EXTRA_PROVISIONING_LOCALE}, optional</li>

     * <li>{@link #EXTRA_PROVISIONING_WIFI_SSID}, optional</li>

     * <li>{@link #EXTRA_PROVISIONING_WIFI_HIDDEN} (convert to String), optional</li>

     * <li>{@link #EXTRA_PROVISIONING_WIFI_SECURITY_TYPE}, optional</li>

     * <li>{@link #EXTRA_PROVISIONING_WIFI_PASSWORD}, optional</li>

     * <li>{@link #EXTRA_PROVISIONING_WIFI_PROXY_HOST}, optional</li>

     * <li>{@link #EXTRA_PROVISIONING_WIFI_PROXY_PORT} (convert to String), optional</li>

     * <li>{@link #EXTRA_PROVISIONING_WIFI_PROXY_BYPASS}, optional</li>

     * <li>{@link #EXTRA_PROVISIONING_WIFI_PAC_URL}, optional</li>

     * <li>{@link #EXTRA_PROVISIONING_ADMIN_EXTRAS_BUNDLE}, optional</li></ul>

     *

     * @hide

     */

    @SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION)

    @SystemApi

    public static final String ACTION_PROVISION_MANAGED_DEVICE_FROM_TRUSTED_SOURCE =

            "android.app.action.PROVISION_MANAGED_DEVICE_FROM_TRUSTED_SOURCE";



    /**

     * Activity action: Starts the provisioning flow which sets up a managed device.

     * Must be started with {@link android.app.Activity#startActivityForResult(Intent, int)}.

core/res/AndroidManifest.xml

+6 −0
Original line number Diff line number Diff line
@@ -2874,6 +2874,12 @@ 
    <permission android:name="android.permission.MANAGE_SOUND_TRIGGER"

        android:protectionLevel="signature|privileged" />



    <!-- @SystemApi Allows trusted applications to dispatch managed provisioning message to Managed

         Provisioning app. If requesting app does not have permission, it will be ignored.

         @hide -->

    <permission android:name="android.permission.DISPATCH_PROVISIONING_MESSAGE"

                android:protectionLevel="signature|privileged" />



    <application android:process="system"

                 android:persistent="true"

                 android:hasCode="false"