Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit fa80a4fa authored by Kenny Guy's avatar Kenny Guy
Browse files

Add apis for whitelisting IMEs and accessibility services. 

Adds apis for device / profile owners to white list
the accessibility and input methods a user can enable.

Bug: 14469005
Change-Id: I921888660d29a5370395db87adf75d4d106660c9
parent 833dcd4b

api/current.txt

+4 −0
Original line number Original line Diff line number Diff line
@@ -5431,6 +5431,8 @@ package android.app.admin { 
    method public int getPasswordMinimumSymbols(android.content.ComponentName);

    method public int getPasswordMinimumSymbols(android.content.ComponentName);

    method public int getPasswordMinimumUpperCase(android.content.ComponentName);

    method public int getPasswordMinimumUpperCase(android.content.ComponentName);

    method public int getPasswordQuality(android.content.ComponentName);

    method public int getPasswordQuality(android.content.ComponentName);

    method public java.util.List<java.lang.String> getPermittedAccessibilityServices(android.content.ComponentName);

    method public java.util.List<java.lang.String> getPermittedInputMethods(android.content.ComponentName);

    method public boolean getScreenCaptureDisabled(android.content.ComponentName);

    method public boolean getScreenCaptureDisabled(android.content.ComponentName);

    method public boolean getStorageEncryption(android.content.ComponentName);

    method public boolean getStorageEncryption(android.content.ComponentName);

    method public int getStorageEncryptionStatus();

    method public int getStorageEncryptionStatus();
@@ -5473,6 +5475,8 @@ package android.app.admin { 
    method public void setPasswordMinimumSymbols(android.content.ComponentName, int);

    method public void setPasswordMinimumSymbols(android.content.ComponentName, int);

    method public void setPasswordMinimumUpperCase(android.content.ComponentName, int);

    method public void setPasswordMinimumUpperCase(android.content.ComponentName, int);

    method public void setPasswordQuality(android.content.ComponentName, int);

    method public void setPasswordQuality(android.content.ComponentName, int);

    method public boolean setPermittedAccessibilityServices(android.content.ComponentName, java.util.List<java.lang.String>);

    method public boolean setPermittedInputMethods(android.content.ComponentName, java.util.List<java.lang.String>);

    method public void setProfileEnabled(android.content.ComponentName);

    method public void setProfileEnabled(android.content.ComponentName);

    method public void setProfileName(android.content.ComponentName, java.lang.String);

    method public void setProfileName(android.content.ComponentName, java.lang.String);

    method public void setRecommendedGlobalProxy(android.content.ComponentName, android.net.ProxyInfo);

    method public void setRecommendedGlobalProxy(android.content.ComponentName, android.net.ProxyInfo);

core/java/android/app/admin/DevicePolicyManager.java

+155 −0
Original line number Original line Diff line number Diff line
@@ -2621,6 +2621,161 @@ public class DevicePolicyManager { 
        }

        }

    }

    }





    /**

     * Called by a profile or device owner to set the permitted accessibility services. When

     * set by a device owner or profile owner the restriction applies to all profiles of the

     * user the device owner or profile owner is an admin for.

     * 

     * By default the user can use any accessiblity service. When zero or more packages have

     * been added, accessiblity services that are not in the list and not part of the system

     * can not be enabled by the user. 

     *

     * <p> Calling with a null value for the list disables the restriction so that all services

     * can be used, calling with an empty list only allows the builtin system's services.

     *

     * <p> System accesibility services are always available to the user the list can't modify

     * this.

     *

     * @param admin Which {@link DeviceAdminReceiver} this request is associated with.

     * @param packageNames List of accessibility service package names.

     *

     * @return true if setting the restriction succeeded. It fail if there is

     * one or more non-system accessibility services enabled, that are not in the list.

     */

    public boolean setPermittedAccessibilityServices(ComponentName admin,

            List<String> packageNames) {

        if (mService != null) {

            try {

                return mService.setPermittedAccessibilityServices(admin, packageNames);

            } catch (RemoteException e) {

                Log.w(TAG, "Failed talking with device policy service", e);

            }

        }

        return false;

    }



    /**

     * Returns the list of permitted accessibility services set by this device or profile owner.

     *

     * <p>An empty list means no accessibility services except system services are allowed.

     * Null means all accessibility services are allowed.

     *

     * @param admin Which {@link DeviceAdminReceiver} this request is associated with.

     * @return List of accessiblity service package names.

     */

    public List<String> getPermittedAccessibilityServices(ComponentName admin) {

        if (mService != null) {

            try {

                return mService.getPermittedAccessibilityServices(admin);

            } catch (RemoteException e) {

                Log.w(TAG, "Failed talking with device policy service", e);

            }

        }

        return null;

    }



    /**

     * Returns the list of accessibility services permitted by the device or profiles

     * owners of this user.

     *

     * <p>Null means all accessibility services are allowed, if a non-null list is returned

     * it will contain the intersection of the permitted lists for any device or profile

     * owners that apply to this user. It will also include any system accessibility services.

     *

     * @param userId which user to check for.

     * @return List of accessiblity service package names.

     * @hide

     */

     @SystemApi

     public List<String> getPermittedAccessibilityServices(int userId) {

        if (mService != null) {

            try {

                return mService.getPermittedAccessibilityServicesForUser(userId);

            } catch (RemoteException e) {

                Log.w(TAG, "Failed talking with device policy service", e);

            }

        }

        return null;

     }



    /**

     * Called by a profile or device owner to set the permitted input methods services. When

     * set by a device owner or profile owner the restriction applies to all profiles of the

     * user the device owner or profile owner is an admin for.

     *

     * By default the user can use any input method. When zero or more packages have

     * been added, input method that are not in the list and not part of the system

     * can not be enabled by the user.

     *

     * This method will fail if it is called for a admin that is not for the foreground user

     * or a profile of the foreground user.

     *

     * <p> Calling with a null value for the list disables the restriction so that all input methods

     * can be used, calling with an empty list disables all but the system's own input methods.

     *

     * <p> System input methods are always available to the user this method can't modify this.

     *

     * @param admin Which {@link DeviceAdminReceiver} this request is associated with.

     * @param packageNames List of input method package names.

     * @return true if setting the restriction succeeded. It will fail if there is

     *     one or more input method enabled, that are not in the list or user if the foreground

     *     user.

     */

    public boolean setPermittedInputMethods(ComponentName admin, List<String> packageNames) {

        if (mService != null) {

            try {

                return mService.setPermittedInputMethods(admin, packageNames);

            } catch (RemoteException e) {

                Log.w(TAG, "Failed talking with device policy service", e);

            }

        }

        return false;

    }





    /**

     * Returns the list of permitted input methods set by this device or profile owner.

     *

     * <p>An empty list means no input methods except system input methods are allowed.

     * Null means all input methods are allowed.

     *

     * @param admin Which {@link DeviceAdminReceiver} this request is associated with.

     * @return List of input method package names.

     */

    public List<String> getPermittedInputMethods(ComponentName admin) {

        if (mService != null) {

            try {

                return mService.getPermittedInputMethods(admin);

            } catch (RemoteException e) {

                Log.w(TAG, "Failed talking with device policy service", e);

            }

        }

        return null;

    }



    /**

     * Returns the list of input methods permitted by the device or profiles

     * owners of the current user.

     *

     * <p>Null means all input methods are allowed, if a non-null list is returned

     * it will contain the intersection of the permitted lists for any device or profile

     * owners that apply to this user. It will also include any system input methods.

     *

     * @return List of input method package names.

     * @hide

     */

    @SystemApi

    public List<String> getPermittedInputMethodsForCurrentUser() {

        if (mService != null) {

            try {

                return mService.getPermittedInputMethodsForCurrentUser();

            } catch (RemoteException e) {

                Log.w(TAG, "Failed talking with device policy service", e);

            }

        }

        return null;

    }



    /**

    /**

     * Called by a device owner to create a user with the specified name. The UserHandle returned

     * Called by a device owner to create a user with the specified name. The UserHandle returned

     * by this method should not be persisted as user handles are recycled as users are removed and

     * by this method should not be persisted as user handles are recycled as users are removed and

core/java/android/app/admin/IDevicePolicyManager.aidl

+9 −0
Original line number Original line Diff line number Diff line
@@ -24,6 +24,7 @@ import android.net.ProxyInfo; 
import android.os.Bundle;

import android.os.Bundle;

import android.os.RemoteCallback;

import android.os.RemoteCallback;

import android.os.UserHandle;

import android.os.UserHandle;

import java.util.List;





/**

/**

 * Internal IPC interface to the device policy service.

 * Internal IPC interface to the device policy service.
@@ -137,6 +138,14 @@ interface IDevicePolicyManager { 
    void addCrossProfileIntentFilter(in ComponentName admin, in IntentFilter filter, int flags);

    void addCrossProfileIntentFilter(in ComponentName admin, in IntentFilter filter, int flags);

    void clearCrossProfileIntentFilters(in ComponentName admin);

    void clearCrossProfileIntentFilters(in ComponentName admin);





    boolean setPermittedAccessibilityServices(in ComponentName admin,in List packageList);

    List getPermittedAccessibilityServices(in ComponentName admin);

    List getPermittedAccessibilityServicesForUser(int userId);



    boolean setPermittedInputMethods(in ComponentName admin,in List packageList);

    List getPermittedInputMethods(in ComponentName admin);

    List getPermittedInputMethodsForCurrentUser();



    boolean setApplicationHidden(in ComponentName admin, in String packageName, boolean hidden);

    boolean setApplicationHidden(in ComponentName admin, in String packageName, boolean hidden);

    int setApplicationsHidden(in ComponentName admin, in Intent intent, boolean hidden);

    int setApplicationsHidden(in ComponentName admin, in Intent intent, boolean hidden);

    boolean isApplicationHidden(in ComponentName admin, in String packageName);

    boolean isApplicationHidden(in ComponentName admin, in String packageName);

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+414 −1

File changed.

Preview size limit exceeded, changes collapsed.