Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d528f81e authored by TreeHugger Robot's avatar TreeHugger Robot Committed by Android (Google) Code Review
Browse files

Merge "Add new DPM permissions required by DeviceLock role."

parents 5af50b53 c2971374
Loading
Loading
Loading
Loading
+12 −0
Original line number Diff line number Diff line
@@ -125,6 +125,18 @@ package android {
    field public static final String MANAGE_DEVICE_POLICY_ACROSS_USERS = "android.permission.MANAGE_DEVICE_POLICY_ACROSS_USERS";
    field public static final String MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL = "android.permission.MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL";
    field public static final String MANAGE_DEVICE_POLICY_ACROSS_USERS_SECURITY_CRITICAL = "android.permission.MANAGE_DEVICE_POLICY_ACROSS_USERS_SECURITY_CRITICAL";
    field public static final String MANAGE_DEVICE_POLICY_APPS_CONTROL = "android.permission.MANAGE_DEVICE_POLICY_APPS_CONTROL";
    field public static final String MANAGE_DEVICE_POLICY_APP_RESTRICTIONS = "android.permission.MANAGE_DEVICE_POLICY_APP_RESTRICTIONS";
    field public static final String MANAGE_DEVICE_POLICY_BACKUP_SERVICE = "android.permission.MANAGE_DEVICE_POLICY_BACKUP_SERVICE";
    field public static final String MANAGE_DEVICE_POLICY_CALLS = "android.permission.MANAGE_DEVICE_POLICY_CALLS";
    field public static final String MANAGE_DEVICE_POLICY_DEBUGGING_FEATURES = "android.permission.MANAGE_DEVICE_POLICY_DEBUGGING_FEATURES";
    field public static final String MANAGE_DEVICE_POLICY_INSTALL_UNKNOWN_SOURCES = "android.permission.MANAGE_DEVICE_POLICY_INSTALL_UNKNOWN_SOURCES";
    field public static final String MANAGE_DEVICE_POLICY_LOCK_TASK = "android.permission.MANAGE_DEVICE_POLICY_LOCK_TASK";
    field public static final String MANAGE_DEVICE_POLICY_MODIFY_USERS = "android.permission.MANAGE_DEVICE_POLICY_MODIFY_USERS";
    field public static final String MANAGE_DEVICE_POLICY_ORGANIZATION_IDENTITY = "android.permission.MANAGE_DEVICE_POLICY_ORGANIZATION_IDENTITY";
    field public static final String MANAGE_DEVICE_POLICY_RUNTIME_PERMISSIONS = "android.permission.MANAGE_DEVICE_POLICY_RUNTIME_PERMISSIONS";
    field public static final String MANAGE_DEVICE_POLICY_SAFE_BOOT = "android.permission.MANAGE_DEVICE_POLICY_SAFE_BOOT";
    field public static final String MANAGE_DEVICE_POLICY_SUPPORT_MESSAGE = "android.permission.MANAGE_DEVICE_POLICY_SUPPORT_MESSAGE";
    field public static final String MANAGE_DEVICE_POLICY_TIME = "android.permission.MANAGE_DEVICE_POLICY_TIME";
    field public static final String MANAGE_DOCUMENTS = "android.permission.MANAGE_DOCUMENTS";
    field public static final String MANAGE_EXTERNAL_STORAGE = "android.permission.MANAGE_EXTERNAL_STORAGE";
+89 −2
Original line number Diff line number Diff line
@@ -3119,12 +3119,99 @@

    <!-- @SystemApi @hide Allows an application to exempt apps from platform restrictions.-->
    <permission android:name="android.permission.MANAGE_DEVICE_POLICY_APP_EXEMPTIONS"
                android:protectionLevel="signature|role" />
                android:protectionLevel="internal|role" />

    <!-- Allows an application to manage date and time device policy. -->
    <!-- Allows an application to manage device policy relating to time.
        <p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
        APIs protected by this permission on users different to the calling user.-->
    <permission android:name="android.permission.MANAGE_DEVICE_POLICY_TIME"
                android:protectionLevel="internal|role" />

    <!-- Allows an application to set the grant state of runtime permissions on packages.
        <p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
        APIs protected by this permission on users different to the calling user.
    -->
    <permission android:name="android.permission.MANAGE_DEVICE_POLICY_RUNTIME_PERMISSIONS"
                android:protectionLevel="internal|role" />

    <!-- Allows an application to manage the identity of the managing organization.
        <p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
        APIs protected by this permission on users different to the calling user.
    -->
    <permission android:name="android.permission.MANAGE_DEVICE_POLICY_ORGANIZATION_IDENTITY"
                android:protectionLevel="internal|role" />

    <!-- Allows an application to set support messages for when a user action is affected by an
        active policy.
        <p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
        APIs protected by this permission on users different to the calling user.
    -->
    <permission android:name="android.permission.MANAGE_DEVICE_POLICY_SUPPORT_MESSAGE"
                android:protectionLevel="internal|role" />

    <!-- Allows an application to manage backup service policy.
        <p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
        APIs protected by this permission on users different to the calling user.
    -->
    <permission android:name="android.permission.MANAGE_DEVICE_POLICY_BACKUP_SERVICE"
                android:protectionLevel="internal|role" />

    <!-- Allows an application to manage lock task policy.
        <p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
        APIs protected by this permission on users different to the calling user.
    -->
    <permission android:name="android.permission.MANAGE_DEVICE_POLICY_LOCK_TASK"
                android:protectionLevel="internal|role" />

    <!-- Allows an application to manage policy regarding modifying applications.
        <p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
        APIs protected by this permission on users different to the calling user.
    -->
    <permission android:name="android.permission.MANAGE_DEVICE_POLICY_APPS_CONTROL"
                android:protectionLevel="internal|role" />

    <!-- Allows an application to manage installing from unknown sources policy.
        <p>MANAGE_SECURITY_CRITICAL_DEVICE_POLICY_ACROSS_USERS is required to call APIs protected
        by this permission on users different to the calling user.
    -->
    <permission android:name="android.permission.MANAGE_DEVICE_POLICY_INSTALL_UNKNOWN_SOURCES"
                android:protectionLevel="internal|role" />

    <!-- Allows an application to manage application restrictions.
        <p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
        APIs protected by this permission on users different to the calling user.
    -->
    <permission android:name="android.permission.MANAGE_DEVICE_POLICY_APP_RESTRICTIONS"
                android:protectionLevel="internal|role" />

    <!-- Allows an application to manage calling policy.
        <p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
        APIs protected by this permission on users different to the calling user.
    -->
    <permission android:name="android.permission.MANAGE_DEVICE_POLICY_CALLS"
                android:protectionLevel="internal|role" />

    <!-- Allows an application to manage debugging features policy.
        <p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
        APIs protected by this permission on users different to the calling user.
    -->
    <permission android:name="android.permission.MANAGE_DEVICE_POLICY_DEBUGGING_FEATURES"
                android:protectionLevel="internal|role" />

    <!-- Allows an application to manage policy preventing users from modifying users.
        <p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
        APIs protected by this permission on users different to the calling user
    -->
    <permission android:name="android.permission.MANAGE_DEVICE_POLICY_MODIFY_USERS"
                android:protectionLevel="internal|role" />

    <!-- Allows an application to manage safe boot policy.
        <p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
        APIs protected by this permission on users different to the calling user.
    -->
    <permission android:name="android.permission.MANAGE_DEVICE_POLICY_SAFE_BOOT"
                android:protectionLevel="internal|role" />

    <!-- Allows an application to set device policies outside the current user
        that are critical for securing data within the current user.
        <p>Holding this permission allows the use of other held MANAGE_DEVICE_POLICY_*