Loading core/api/current.txt +16 −16 Original line number Diff line number Diff line Loading @@ -6940,14 +6940,14 @@ package android.app.admin { method public long getPasswordExpirationTimeout(@Nullable android.content.ComponentName); method public int getPasswordHistoryLength(@Nullable android.content.ComponentName); method public int getPasswordMaximumLength(int); method public int getPasswordMinimumLength(@Nullable android.content.ComponentName); method public int getPasswordMinimumLetters(@Nullable android.content.ComponentName); method public int getPasswordMinimumLowerCase(@Nullable android.content.ComponentName); method public int getPasswordMinimumNonLetter(@Nullable android.content.ComponentName); method public int getPasswordMinimumNumeric(@Nullable android.content.ComponentName); method public int getPasswordMinimumSymbols(@Nullable android.content.ComponentName); method public int getPasswordMinimumUpperCase(@Nullable android.content.ComponentName); method public int getPasswordQuality(@Nullable android.content.ComponentName); method @Deprecated public int getPasswordMinimumLength(@Nullable android.content.ComponentName); method @Deprecated public int getPasswordMinimumLetters(@Nullable android.content.ComponentName); method @Deprecated public int getPasswordMinimumLowerCase(@Nullable android.content.ComponentName); method @Deprecated public int getPasswordMinimumNonLetter(@Nullable android.content.ComponentName); method @Deprecated public int getPasswordMinimumNumeric(@Nullable android.content.ComponentName); method @Deprecated public int getPasswordMinimumSymbols(@Nullable android.content.ComponentName); method @Deprecated public int getPasswordMinimumUpperCase(@Nullable android.content.ComponentName); method @Deprecated public int getPasswordQuality(@Nullable android.content.ComponentName); method @Nullable public android.app.admin.SystemUpdateInfo getPendingSystemUpdate(@NonNull android.content.ComponentName); method public int getPermissionGrantState(@Nullable android.content.ComponentName, @NonNull String, @NonNull String); method public int getPermissionPolicy(android.content.ComponentName); Loading Loading @@ -7071,14 +7071,14 @@ package android.app.admin { method @NonNull public String[] setPackagesSuspended(@NonNull android.content.ComponentName, @NonNull String[], boolean); method public void setPasswordExpirationTimeout(@NonNull android.content.ComponentName, long); method public void setPasswordHistoryLength(@NonNull android.content.ComponentName, int); method public void setPasswordMinimumLength(@NonNull android.content.ComponentName, int); method public void setPasswordMinimumLetters(@NonNull android.content.ComponentName, int); method public void setPasswordMinimumLowerCase(@NonNull android.content.ComponentName, int); method public void setPasswordMinimumNonLetter(@NonNull android.content.ComponentName, int); method public void setPasswordMinimumNumeric(@NonNull android.content.ComponentName, int); method public void setPasswordMinimumSymbols(@NonNull android.content.ComponentName, int); method public void setPasswordMinimumUpperCase(@NonNull android.content.ComponentName, int); method public void setPasswordQuality(@NonNull android.content.ComponentName, int); method @Deprecated public void setPasswordMinimumLength(@NonNull android.content.ComponentName, int); method @Deprecated public void setPasswordMinimumLetters(@NonNull android.content.ComponentName, int); method @Deprecated public void setPasswordMinimumLowerCase(@NonNull android.content.ComponentName, int); method @Deprecated public void setPasswordMinimumNonLetter(@NonNull android.content.ComponentName, int); method @Deprecated public void setPasswordMinimumNumeric(@NonNull android.content.ComponentName, int); method @Deprecated public void setPasswordMinimumSymbols(@NonNull android.content.ComponentName, int); method @Deprecated public void setPasswordMinimumUpperCase(@NonNull android.content.ComponentName, int); method @Deprecated public void setPasswordQuality(@NonNull android.content.ComponentName, int); method public boolean setPermissionGrantState(@NonNull android.content.ComponentName, @NonNull String, @NonNull String, int); method public void setPermissionPolicy(@NonNull android.content.ComponentName, int); method public boolean setPermittedAccessibilityServices(@NonNull android.content.ComponentName, java.util.List<java.lang.String>); core/java/android/app/admin/DevicePolicyManager.java +84 −11 Original line number Diff line number Diff line Loading @@ -2919,22 +2919,36 @@ public class DevicePolicyManager { * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has * not, a security exception will be thrown. * <p> * This method can be called on the {@link DevicePolicyManager} instance returned by * Apps targeting {@link android.os.Build.VERSION_CODES#R} and below can call this method on the * {@link DevicePolicyManager} instance returned by * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent * profile. * profile. Apps targeting {@link android.os.Build.VERSION_CODES#S} and above will get a * {@code IllegalArgumentException} when calling this method on the parent * {@link DevicePolicyManager} instance. * * <p><strong>Note:</strong> Specifying password requirements using this method clears the * password complexity requirements set using {@link #setRequiredPasswordComplexity(int)}. * * @deprecated Prefer using {@link #setRequiredPasswordComplexity(int)}, to require a password * that satisfies a complexity level defined by the platform, rather than specifying custom * password requirement. * Setting custom, overly-complicated password requirements leads to passwords that are hard * for users to remember and may not provide any security benefits given as Android uses * hardware-backed throttling to thwart online and offline brute-forcing of the device's * screen lock. * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param quality The new desired quality. One of {@link #PASSWORD_QUALITY_UNSPECIFIED}, * {@link #PASSWORD_QUALITY_BIOMETRIC_WEAK}, * {@link #PASSWORD_QUALITY_SOMETHING}, {@link #PASSWORD_QUALITY_NUMERIC}, * {@link #PASSWORD_QUALITY_NUMERIC_COMPLEX}, {@link #PASSWORD_QUALITY_ALPHABETIC}, * {@link #PASSWORD_QUALITY_ALPHANUMERIC} or {@link #PASSWORD_QUALITY_COMPLEX}. * @throws SecurityException if {@code admin} is not an active administrator or if {@code admin} * does not use {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} * @throws SecurityException if {@code admin} is not an active administrator, if {@code admin} * does not use {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} or if the * calling app is targeting {@link android.os.Build.VERSION_CODES#S} and above, * and is calling the method the {@link DevicePolicyManager} instance returned by * {@link #getParentProfileInstance(ComponentName)}. */ @Deprecated public void setPasswordQuality(@NonNull ComponentName admin, int quality) { if (mService != null) { try { Loading @@ -2957,9 +2971,12 @@ public class DevicePolicyManager { * <p>Note: on devices not supporting {@link PackageManager#FEATURE_SECURE_LOCK_SCREEN} feature, * the password is always treated as empty. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin The name of the admin component to check, or {@code null} to aggregate * all admins. */ @Deprecated public int getPasswordQuality(@Nullable ComponentName admin) { return getPasswordQuality(admin, myUserId()); } Loading Loading @@ -2999,10 +3016,14 @@ public class DevicePolicyManager { * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has * not, a security exception will be thrown. * <p> * This method can be called on the {@link DevicePolicyManager} instance returned by * * Apps targeting {@link android.os.Build.VERSION_CODES#R} and below can call this method on the * {@link DevicePolicyManager} instance returned by * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent * profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param length The new desired minimum password length. A value of 0 means there is no * restriction. Loading @@ -3012,6 +3033,7 @@ public class DevicePolicyManager { * {@link android.os.Build.VERSION_CODES#R} and above and didn't set a sufficient password * quality requirement prior to calling this method. */ @Deprecated public void setPasswordMinimumLength(@NonNull ComponentName admin, int length) { if (mService != null) { try { Loading @@ -3034,9 +3056,12 @@ public class DevicePolicyManager { * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve * restrictions on the parent profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin The name of the admin component to check, or {@code null} to aggregate * all admins. */ @Deprecated public int getPasswordMinimumLength(@Nullable ComponentName admin) { return getPasswordMinimumLength(admin, myUserId()); } Loading Loading @@ -3074,10 +3099,14 @@ public class DevicePolicyManager { * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has * not, a security exception will be thrown. * <p> * This method can be called on the {@link DevicePolicyManager} instance returned by * * Apps targeting {@link android.os.Build.VERSION_CODES#R} and below can call this method on the * {@link DevicePolicyManager} instance returned by * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent * profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param length The new desired minimum number of upper case letters required in the password. * A value of 0 means there is no restriction. Loading @@ -3087,6 +3116,7 @@ public class DevicePolicyManager { * {@link android.os.Build.VERSION_CODES#R} and above and didn't set a sufficient password * quality requirement prior to calling this method. */ @Deprecated public void setPasswordMinimumUpperCase(@NonNull ComponentName admin, int length) { if (mService != null) { try { Loading Loading @@ -3114,11 +3144,14 @@ public class DevicePolicyManager { * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve * restrictions on the parent profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin The name of the admin component to check, or {@code null} to * aggregate all admins. * @return The minimum number of upper case letters required in the * password. */ @Deprecated public int getPasswordMinimumUpperCase(@Nullable ComponentName admin) { return getPasswordMinimumUpperCase(admin, myUserId()); } Loading Loading @@ -3156,10 +3189,14 @@ public class DevicePolicyManager { * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has * not, a security exception will be thrown. * <p> * This method can be called on the {@link DevicePolicyManager} instance returned by * * Apps targeting {@link android.os.Build.VERSION_CODES#R} and below can call this method on the * {@link DevicePolicyManager} instance returned by * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent * profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param length The new desired minimum number of lower case letters required in the password. * A value of 0 means there is no restriction. Loading @@ -3169,6 +3206,7 @@ public class DevicePolicyManager { * {@link android.os.Build.VERSION_CODES#R} and above and didn't set a sufficient password * quality requirement prior to calling this method. */ @Deprecated public void setPasswordMinimumLowerCase(@NonNull ComponentName admin, int length) { if (mService != null) { try { Loading Loading @@ -3196,11 +3234,14 @@ public class DevicePolicyManager { * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve * restrictions on the parent profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin The name of the admin component to check, or {@code null} to * aggregate all admins. * @return The minimum number of lower case letters required in the * password. */ @Deprecated public int getPasswordMinimumLowerCase(@Nullable ComponentName admin) { return getPasswordMinimumLowerCase(admin, myUserId()); } Loading Loading @@ -3238,10 +3279,14 @@ public class DevicePolicyManager { * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has * not, a security exception will be thrown. * <p> * This method can be called on the {@link DevicePolicyManager} instance returned by * * Apps targeting {@link android.os.Build.VERSION_CODES#R} and below can call this method on the * {@link DevicePolicyManager} instance returned by * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent * profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param length The new desired minimum number of letters required in the password. A value of * 0 means there is no restriction. Loading @@ -3251,6 +3296,7 @@ public class DevicePolicyManager { * {@link android.os.Build.VERSION_CODES#R} and above and didn't set a sufficient password * quality requirement prior to calling this method. */ @Deprecated public void setPasswordMinimumLetters(@NonNull ComponentName admin, int length) { if (mService != null) { try { Loading Loading @@ -3278,10 +3324,13 @@ public class DevicePolicyManager { * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve * restrictions on the parent profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin The name of the admin component to check, or {@code null} to * aggregate all admins. * @return The minimum number of letters required in the password. */ @Deprecated public int getPasswordMinimumLetters(@Nullable ComponentName admin) { return getPasswordMinimumLetters(admin, myUserId()); } Loading Loading @@ -3319,10 +3368,14 @@ public class DevicePolicyManager { * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has * not, a security exception will be thrown. * <p> * This method can be called on the {@link DevicePolicyManager} instance returned by * * Apps targeting {@link android.os.Build.VERSION_CODES#R} and below can call this method on the * {@link DevicePolicyManager} instance returned by * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent * profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param length The new desired minimum number of numerical digits required in the password. A * value of 0 means there is no restriction. Loading @@ -3332,6 +3385,7 @@ public class DevicePolicyManager { * {@link android.os.Build.VERSION_CODES#R} and above and didn't set a sufficient password * quality requirement prior to calling this method. */ @Deprecated public void setPasswordMinimumNumeric(@NonNull ComponentName admin, int length) { if (mService != null) { try { Loading Loading @@ -3359,10 +3413,13 @@ public class DevicePolicyManager { * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve * restrictions on the parent profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin The name of the admin component to check, or {@code null} to * aggregate all admins. * @return The minimum number of numerical digits required in the password. */ @Deprecated public int getPasswordMinimumNumeric(@Nullable ComponentName admin) { return getPasswordMinimumNumeric(admin, myUserId()); } Loading Loading @@ -3400,10 +3457,14 @@ public class DevicePolicyManager { * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has * not, a security exception will be thrown. * <p> * This method can be called on the {@link DevicePolicyManager} instance returned by * * Apps targeting {@link android.os.Build.VERSION_CODES#R} and below can call this method on the * {@link DevicePolicyManager} instance returned by * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent * profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param length The new desired minimum number of symbols required in the password. A value of * 0 means there is no restriction. Loading @@ -3413,6 +3474,7 @@ public class DevicePolicyManager { * {@link android.os.Build.VERSION_CODES#R} and above and didn't set a sufficient password * quality requirement prior to calling this method. */ @Deprecated public void setPasswordMinimumSymbols(@NonNull ComponentName admin, int length) { if (mService != null) { try { Loading @@ -3439,10 +3501,13 @@ public class DevicePolicyManager { * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve * restrictions on the parent profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin The name of the admin component to check, or {@code null} to * aggregate all admins. * @return The minimum number of symbols required in the password. */ @Deprecated public int getPasswordMinimumSymbols(@Nullable ComponentName admin) { return getPasswordMinimumSymbols(admin, myUserId()); } Loading Loading @@ -3480,10 +3545,14 @@ public class DevicePolicyManager { * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has * not, a security exception will be thrown. * <p> * This method can be called on the {@link DevicePolicyManager} instance returned by * * Apps targeting {@link android.os.Build.VERSION_CODES#R} and below can call this method on the * {@link DevicePolicyManager} instance returned by * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent * profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param length The new desired minimum number of letters required in the password. A value of * 0 means there is no restriction. Loading @@ -3493,6 +3562,7 @@ public class DevicePolicyManager { * {@link android.os.Build.VERSION_CODES#R} and above and didn't set a sufficient password * quality requirement prior to calling this method. */ @Deprecated public void setPasswordMinimumNonLetter(@NonNull ComponentName admin, int length) { if (mService != null) { try { Loading Loading @@ -3520,10 +3590,13 @@ public class DevicePolicyManager { * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve * restrictions on the parent profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin The name of the admin component to check, or {@code null} to * aggregate all admins. * @return The minimum number of letters required in the password. */ @Deprecated public int getPasswordMinimumNonLetter(@Nullable ComponentName admin) { return getPasswordMinimumNonLetter(admin, myUserId()); } Loading services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +1 −1 Original line number Diff line number Diff line Loading @@ -3368,7 +3368,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { final boolean qualityMayApplyToParent = canSetPasswordQualityOnParent(who.getPackageName(), caller.getUserId()); if (!qualityMayApplyToParent) { Preconditions.checkArgument(!parent, Preconditions.checkCallAuthorization(!parent, "Profile Owner may not apply password quality requirements device-wide"); } Loading services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java +1 −1 Original line number Diff line number Diff line Loading @@ -5127,7 +5127,7 @@ public class DevicePolicyManagerTest extends DpmTestBase { admin1.getPackageName(), managedProfileUserId); try { assertExpectException(IllegalArgumentException.class, null, () -> assertExpectException(SecurityException.class, null, () -> parentDpm.setPasswordQuality( admin1, DevicePolicyManager.PASSWORD_QUALITY_COMPLEX)); } finally { Loading Loading
core/api/current.txt +16 −16 Original line number Diff line number Diff line Loading @@ -6940,14 +6940,14 @@ package android.app.admin { method public long getPasswordExpirationTimeout(@Nullable android.content.ComponentName); method public int getPasswordHistoryLength(@Nullable android.content.ComponentName); method public int getPasswordMaximumLength(int); method public int getPasswordMinimumLength(@Nullable android.content.ComponentName); method public int getPasswordMinimumLetters(@Nullable android.content.ComponentName); method public int getPasswordMinimumLowerCase(@Nullable android.content.ComponentName); method public int getPasswordMinimumNonLetter(@Nullable android.content.ComponentName); method public int getPasswordMinimumNumeric(@Nullable android.content.ComponentName); method public int getPasswordMinimumSymbols(@Nullable android.content.ComponentName); method public int getPasswordMinimumUpperCase(@Nullable android.content.ComponentName); method public int getPasswordQuality(@Nullable android.content.ComponentName); method @Deprecated public int getPasswordMinimumLength(@Nullable android.content.ComponentName); method @Deprecated public int getPasswordMinimumLetters(@Nullable android.content.ComponentName); method @Deprecated public int getPasswordMinimumLowerCase(@Nullable android.content.ComponentName); method @Deprecated public int getPasswordMinimumNonLetter(@Nullable android.content.ComponentName); method @Deprecated public int getPasswordMinimumNumeric(@Nullable android.content.ComponentName); method @Deprecated public int getPasswordMinimumSymbols(@Nullable android.content.ComponentName); method @Deprecated public int getPasswordMinimumUpperCase(@Nullable android.content.ComponentName); method @Deprecated public int getPasswordQuality(@Nullable android.content.ComponentName); method @Nullable public android.app.admin.SystemUpdateInfo getPendingSystemUpdate(@NonNull android.content.ComponentName); method public int getPermissionGrantState(@Nullable android.content.ComponentName, @NonNull String, @NonNull String); method public int getPermissionPolicy(android.content.ComponentName); Loading Loading @@ -7071,14 +7071,14 @@ package android.app.admin { method @NonNull public String[] setPackagesSuspended(@NonNull android.content.ComponentName, @NonNull String[], boolean); method public void setPasswordExpirationTimeout(@NonNull android.content.ComponentName, long); method public void setPasswordHistoryLength(@NonNull android.content.ComponentName, int); method public void setPasswordMinimumLength(@NonNull android.content.ComponentName, int); method public void setPasswordMinimumLetters(@NonNull android.content.ComponentName, int); method public void setPasswordMinimumLowerCase(@NonNull android.content.ComponentName, int); method public void setPasswordMinimumNonLetter(@NonNull android.content.ComponentName, int); method public void setPasswordMinimumNumeric(@NonNull android.content.ComponentName, int); method public void setPasswordMinimumSymbols(@NonNull android.content.ComponentName, int); method public void setPasswordMinimumUpperCase(@NonNull android.content.ComponentName, int); method public void setPasswordQuality(@NonNull android.content.ComponentName, int); method @Deprecated public void setPasswordMinimumLength(@NonNull android.content.ComponentName, int); method @Deprecated public void setPasswordMinimumLetters(@NonNull android.content.ComponentName, int); method @Deprecated public void setPasswordMinimumLowerCase(@NonNull android.content.ComponentName, int); method @Deprecated public void setPasswordMinimumNonLetter(@NonNull android.content.ComponentName, int); method @Deprecated public void setPasswordMinimumNumeric(@NonNull android.content.ComponentName, int); method @Deprecated public void setPasswordMinimumSymbols(@NonNull android.content.ComponentName, int); method @Deprecated public void setPasswordMinimumUpperCase(@NonNull android.content.ComponentName, int); method @Deprecated public void setPasswordQuality(@NonNull android.content.ComponentName, int); method public boolean setPermissionGrantState(@NonNull android.content.ComponentName, @NonNull String, @NonNull String, int); method public void setPermissionPolicy(@NonNull android.content.ComponentName, int); method public boolean setPermittedAccessibilityServices(@NonNull android.content.ComponentName, java.util.List<java.lang.String>);
core/java/android/app/admin/DevicePolicyManager.java +84 −11 Original line number Diff line number Diff line Loading @@ -2919,22 +2919,36 @@ public class DevicePolicyManager { * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has * not, a security exception will be thrown. * <p> * This method can be called on the {@link DevicePolicyManager} instance returned by * Apps targeting {@link android.os.Build.VERSION_CODES#R} and below can call this method on the * {@link DevicePolicyManager} instance returned by * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent * profile. * profile. Apps targeting {@link android.os.Build.VERSION_CODES#S} and above will get a * {@code IllegalArgumentException} when calling this method on the parent * {@link DevicePolicyManager} instance. * * <p><strong>Note:</strong> Specifying password requirements using this method clears the * password complexity requirements set using {@link #setRequiredPasswordComplexity(int)}. * * @deprecated Prefer using {@link #setRequiredPasswordComplexity(int)}, to require a password * that satisfies a complexity level defined by the platform, rather than specifying custom * password requirement. * Setting custom, overly-complicated password requirements leads to passwords that are hard * for users to remember and may not provide any security benefits given as Android uses * hardware-backed throttling to thwart online and offline brute-forcing of the device's * screen lock. * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param quality The new desired quality. One of {@link #PASSWORD_QUALITY_UNSPECIFIED}, * {@link #PASSWORD_QUALITY_BIOMETRIC_WEAK}, * {@link #PASSWORD_QUALITY_SOMETHING}, {@link #PASSWORD_QUALITY_NUMERIC}, * {@link #PASSWORD_QUALITY_NUMERIC_COMPLEX}, {@link #PASSWORD_QUALITY_ALPHABETIC}, * {@link #PASSWORD_QUALITY_ALPHANUMERIC} or {@link #PASSWORD_QUALITY_COMPLEX}. * @throws SecurityException if {@code admin} is not an active administrator or if {@code admin} * does not use {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} * @throws SecurityException if {@code admin} is not an active administrator, if {@code admin} * does not use {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} or if the * calling app is targeting {@link android.os.Build.VERSION_CODES#S} and above, * and is calling the method the {@link DevicePolicyManager} instance returned by * {@link #getParentProfileInstance(ComponentName)}. */ @Deprecated public void setPasswordQuality(@NonNull ComponentName admin, int quality) { if (mService != null) { try { Loading @@ -2957,9 +2971,12 @@ public class DevicePolicyManager { * <p>Note: on devices not supporting {@link PackageManager#FEATURE_SECURE_LOCK_SCREEN} feature, * the password is always treated as empty. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin The name of the admin component to check, or {@code null} to aggregate * all admins. */ @Deprecated public int getPasswordQuality(@Nullable ComponentName admin) { return getPasswordQuality(admin, myUserId()); } Loading Loading @@ -2999,10 +3016,14 @@ public class DevicePolicyManager { * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has * not, a security exception will be thrown. * <p> * This method can be called on the {@link DevicePolicyManager} instance returned by * * Apps targeting {@link android.os.Build.VERSION_CODES#R} and below can call this method on the * {@link DevicePolicyManager} instance returned by * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent * profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param length The new desired minimum password length. A value of 0 means there is no * restriction. Loading @@ -3012,6 +3033,7 @@ public class DevicePolicyManager { * {@link android.os.Build.VERSION_CODES#R} and above and didn't set a sufficient password * quality requirement prior to calling this method. */ @Deprecated public void setPasswordMinimumLength(@NonNull ComponentName admin, int length) { if (mService != null) { try { Loading @@ -3034,9 +3056,12 @@ public class DevicePolicyManager { * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve * restrictions on the parent profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin The name of the admin component to check, or {@code null} to aggregate * all admins. */ @Deprecated public int getPasswordMinimumLength(@Nullable ComponentName admin) { return getPasswordMinimumLength(admin, myUserId()); } Loading Loading @@ -3074,10 +3099,14 @@ public class DevicePolicyManager { * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has * not, a security exception will be thrown. * <p> * This method can be called on the {@link DevicePolicyManager} instance returned by * * Apps targeting {@link android.os.Build.VERSION_CODES#R} and below can call this method on the * {@link DevicePolicyManager} instance returned by * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent * profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param length The new desired minimum number of upper case letters required in the password. * A value of 0 means there is no restriction. Loading @@ -3087,6 +3116,7 @@ public class DevicePolicyManager { * {@link android.os.Build.VERSION_CODES#R} and above and didn't set a sufficient password * quality requirement prior to calling this method. */ @Deprecated public void setPasswordMinimumUpperCase(@NonNull ComponentName admin, int length) { if (mService != null) { try { Loading Loading @@ -3114,11 +3144,14 @@ public class DevicePolicyManager { * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve * restrictions on the parent profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin The name of the admin component to check, or {@code null} to * aggregate all admins. * @return The minimum number of upper case letters required in the * password. */ @Deprecated public int getPasswordMinimumUpperCase(@Nullable ComponentName admin) { return getPasswordMinimumUpperCase(admin, myUserId()); } Loading Loading @@ -3156,10 +3189,14 @@ public class DevicePolicyManager { * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has * not, a security exception will be thrown. * <p> * This method can be called on the {@link DevicePolicyManager} instance returned by * * Apps targeting {@link android.os.Build.VERSION_CODES#R} and below can call this method on the * {@link DevicePolicyManager} instance returned by * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent * profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param length The new desired minimum number of lower case letters required in the password. * A value of 0 means there is no restriction. Loading @@ -3169,6 +3206,7 @@ public class DevicePolicyManager { * {@link android.os.Build.VERSION_CODES#R} and above and didn't set a sufficient password * quality requirement prior to calling this method. */ @Deprecated public void setPasswordMinimumLowerCase(@NonNull ComponentName admin, int length) { if (mService != null) { try { Loading Loading @@ -3196,11 +3234,14 @@ public class DevicePolicyManager { * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve * restrictions on the parent profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin The name of the admin component to check, or {@code null} to * aggregate all admins. * @return The minimum number of lower case letters required in the * password. */ @Deprecated public int getPasswordMinimumLowerCase(@Nullable ComponentName admin) { return getPasswordMinimumLowerCase(admin, myUserId()); } Loading Loading @@ -3238,10 +3279,14 @@ public class DevicePolicyManager { * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has * not, a security exception will be thrown. * <p> * This method can be called on the {@link DevicePolicyManager} instance returned by * * Apps targeting {@link android.os.Build.VERSION_CODES#R} and below can call this method on the * {@link DevicePolicyManager} instance returned by * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent * profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param length The new desired minimum number of letters required in the password. A value of * 0 means there is no restriction. Loading @@ -3251,6 +3296,7 @@ public class DevicePolicyManager { * {@link android.os.Build.VERSION_CODES#R} and above and didn't set a sufficient password * quality requirement prior to calling this method. */ @Deprecated public void setPasswordMinimumLetters(@NonNull ComponentName admin, int length) { if (mService != null) { try { Loading Loading @@ -3278,10 +3324,13 @@ public class DevicePolicyManager { * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve * restrictions on the parent profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin The name of the admin component to check, or {@code null} to * aggregate all admins. * @return The minimum number of letters required in the password. */ @Deprecated public int getPasswordMinimumLetters(@Nullable ComponentName admin) { return getPasswordMinimumLetters(admin, myUserId()); } Loading Loading @@ -3319,10 +3368,14 @@ public class DevicePolicyManager { * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has * not, a security exception will be thrown. * <p> * This method can be called on the {@link DevicePolicyManager} instance returned by * * Apps targeting {@link android.os.Build.VERSION_CODES#R} and below can call this method on the * {@link DevicePolicyManager} instance returned by * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent * profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param length The new desired minimum number of numerical digits required in the password. A * value of 0 means there is no restriction. Loading @@ -3332,6 +3385,7 @@ public class DevicePolicyManager { * {@link android.os.Build.VERSION_CODES#R} and above and didn't set a sufficient password * quality requirement prior to calling this method. */ @Deprecated public void setPasswordMinimumNumeric(@NonNull ComponentName admin, int length) { if (mService != null) { try { Loading Loading @@ -3359,10 +3413,13 @@ public class DevicePolicyManager { * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve * restrictions on the parent profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin The name of the admin component to check, or {@code null} to * aggregate all admins. * @return The minimum number of numerical digits required in the password. */ @Deprecated public int getPasswordMinimumNumeric(@Nullable ComponentName admin) { return getPasswordMinimumNumeric(admin, myUserId()); } Loading Loading @@ -3400,10 +3457,14 @@ public class DevicePolicyManager { * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has * not, a security exception will be thrown. * <p> * This method can be called on the {@link DevicePolicyManager} instance returned by * * Apps targeting {@link android.os.Build.VERSION_CODES#R} and below can call this method on the * {@link DevicePolicyManager} instance returned by * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent * profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param length The new desired minimum number of symbols required in the password. A value of * 0 means there is no restriction. Loading @@ -3413,6 +3474,7 @@ public class DevicePolicyManager { * {@link android.os.Build.VERSION_CODES#R} and above and didn't set a sufficient password * quality requirement prior to calling this method. */ @Deprecated public void setPasswordMinimumSymbols(@NonNull ComponentName admin, int length) { if (mService != null) { try { Loading @@ -3439,10 +3501,13 @@ public class DevicePolicyManager { * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve * restrictions on the parent profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin The name of the admin component to check, or {@code null} to * aggregate all admins. * @return The minimum number of symbols required in the password. */ @Deprecated public int getPasswordMinimumSymbols(@Nullable ComponentName admin) { return getPasswordMinimumSymbols(admin, myUserId()); } Loading Loading @@ -3480,10 +3545,14 @@ public class DevicePolicyManager { * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has * not, a security exception will be thrown. * <p> * This method can be called on the {@link DevicePolicyManager} instance returned by * * Apps targeting {@link android.os.Build.VERSION_CODES#R} and below can call this method on the * {@link DevicePolicyManager} instance returned by * {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the parent * profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param length The new desired minimum number of letters required in the password. A value of * 0 means there is no restriction. Loading @@ -3493,6 +3562,7 @@ public class DevicePolicyManager { * {@link android.os.Build.VERSION_CODES#R} and above and didn't set a sufficient password * quality requirement prior to calling this method. */ @Deprecated public void setPasswordMinimumNonLetter(@NonNull ComponentName admin, int length) { if (mService != null) { try { Loading Loading @@ -3520,10 +3590,13 @@ public class DevicePolicyManager { * returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve * restrictions on the parent profile. * * @deprecated see {@link #setPasswordQuality(ComponentName, int)} for details. * * @param admin The name of the admin component to check, or {@code null} to * aggregate all admins. * @return The minimum number of letters required in the password. */ @Deprecated public int getPasswordMinimumNonLetter(@Nullable ComponentName admin) { return getPasswordMinimumNonLetter(admin, myUserId()); } Loading
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +1 −1 Original line number Diff line number Diff line Loading @@ -3368,7 +3368,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { final boolean qualityMayApplyToParent = canSetPasswordQualityOnParent(who.getPackageName(), caller.getUserId()); if (!qualityMayApplyToParent) { Preconditions.checkArgument(!parent, Preconditions.checkCallAuthorization(!parent, "Profile Owner may not apply password quality requirements device-wide"); } Loading
services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java +1 −1 Original line number Diff line number Diff line Loading @@ -5127,7 +5127,7 @@ public class DevicePolicyManagerTest extends DpmTestBase { admin1.getPackageName(), managedProfileUserId); try { assertExpectException(IllegalArgumentException.class, null, () -> assertExpectException(SecurityException.class, null, () -> parentDpm.setPasswordQuality( admin1, DevicePolicyManager.PASSWORD_QUALITY_COMPLEX)); } finally { Loading
