1 /* 2 * Copyright (C) 2014 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.app.admin; 18 19 import android.annotation.NonNull; 20 import android.annotation.Nullable; 21 import android.annotation.UserIdInt; 22 import android.content.ComponentName; 23 import android.content.Intent; 24 import android.os.Bundle; 25 import android.os.UserHandle; 26 import android.os.UserManager.EnforcingUser; 27 28 import java.util.List; 29 import java.util.Set; 30 31 /** 32 * Device policy manager local system service interface. 33 * 34 * Maintenance note: if you need to expose information from DPMS to lower level services such as 35 * PM/UM/AM/etc, then exposing it from DevicePolicyManagerInternal is not safe because it may cause 36 * lock order inversion. Consider using {@link DevicePolicyCache} instead. 37 * 38 * @hide Only for use within the system server. 39 */ 40 public abstract class DevicePolicyManagerInternal { 41 42 /** 43 * Listener for changes in the allowlisted packages to show cross-profile 44 * widgets. 45 */ 46 public interface OnCrossProfileWidgetProvidersChangeListener { 47 48 /** 49 * Called when the allowlisted packages to show cross-profile widgets 50 * have changed for a given user. 51 * 52 * @param profileId The profile for which the allowlisted packages changed. 53 * @param packages The allowlisted packages. 54 */ onCrossProfileWidgetProvidersChanged(int profileId, List<String> packages)55 public void onCrossProfileWidgetProvidersChanged(int profileId, List<String> packages); 56 } 57 58 /** 59 * Gets the packages whose widget providers are allowlisted to be 60 * available in the parent user. 61 * 62 * <p>This takes the DPMS lock. DO NOT call from PM/UM/AM with their lock held. 63 * 64 * @param profileId The profile id. 65 * @return The list of packages if such or empty list if there are 66 * no allowlisted packages or the profile id is not a managed 67 * profile. 68 */ getCrossProfileWidgetProviders(int profileId)69 public abstract List<String> getCrossProfileWidgetProviders(int profileId); 70 71 /** 72 * Adds a listener for changes in the allowlisted packages to show 73 * cross-profile app widgets. 74 * 75 * <p>This takes the DPMS lock. DO NOT call from PM/UM/AM with their lock held. 76 * 77 * @param listener The listener to add. 78 */ addOnCrossProfileWidgetProvidersChangeListener( OnCrossProfileWidgetProvidersChangeListener listener)79 public abstract void addOnCrossProfileWidgetProvidersChangeListener( 80 OnCrossProfileWidgetProvidersChangeListener listener); 81 82 /** 83 * @param userHandle the handle of the user whose profile owner is being fetched. 84 * @return the configured supervision app if it exists and is the device owner or policy owner. 85 */ getProfileOwnerOrDeviceOwnerSupervisionComponent( @onNull UserHandle userHandle)86 public abstract @Nullable ComponentName getProfileOwnerOrDeviceOwnerSupervisionComponent( 87 @NonNull UserHandle userHandle); 88 89 /** 90 * Checks if an app with given uid is an active device owner of its user. 91 * 92 * <p>This takes the DPMS lock. DO NOT call from PM/UM/AM with their lock held. 93 * 94 * @param uid App uid. 95 * @return true if the uid is an active device owner. 96 */ isActiveDeviceOwner(int uid)97 public abstract boolean isActiveDeviceOwner(int uid); 98 99 /** 100 * Checks if an app with given uid is an active profile owner of its user. 101 * 102 * <p>This takes the DPMS lock. DO NOT call from PM/UM/AM with their lock held. 103 * 104 * @param uid App uid. 105 * @return true if the uid is an active profile owner. 106 */ isActiveProfileOwner(int uid)107 public abstract boolean isActiveProfileOwner(int uid); 108 109 /** 110 * Checks if an app with given uid is the active supervision admin. 111 * 112 * <p>This takes the DPMS lock. DO NOT call from PM/UM/AM with their lock held. 113 * 114 * @param uid App uid. 115 * @return true if the uid is the active supervision app. 116 */ isActiveSupervisionApp(int uid)117 public abstract boolean isActiveSupervisionApp(int uid); 118 119 /** 120 * Creates an intent to show the admin support dialog to say that an action is disallowed by 121 * the device/profile owner. 122 * 123 * <p>This method does not take the DPMS lock. Safe to be called from anywhere. 124 * @param userId The user where the action is disallowed. 125 * @param useDefaultIfNoAdmin If true, a non-null intent will be returned, even if we couldn't 126 * find a profile/device owner. 127 * @return The intent to trigger the admin support dialog. 128 */ createShowAdminSupportIntent(int userId, boolean useDefaultIfNoAdmin)129 public abstract Intent createShowAdminSupportIntent(int userId, boolean useDefaultIfNoAdmin); 130 131 /** 132 * Creates an intent to show the admin support dialog showing the admin who has set a user 133 * restriction. 134 * 135 * <p>This method does not take the DPMS lock. Safe to be called from anywhere. 136 * @param userId The user where the user restriction is set. 137 * @return The intent to trigger the admin support dialog, or null if the user restriction is 138 * not enforced by the profile/device owner. 139 */ createUserRestrictionSupportIntent(int userId, String userRestriction)140 public abstract Intent createUserRestrictionSupportIntent(int userId, String userRestriction); 141 142 /** 143 * Returns whether this user/profile is affiliated with the device. 144 * 145 * <p> 146 * By definition, the user that the device owner runs on is always affiliated with the device. 147 * Any other user/profile is considered affiliated with the device if the set specified by its 148 * profile owner via {@link DevicePolicyManager#setAffiliationIds} intersects with the device 149 * owner's. 150 * <p> 151 * Profile owner on the primary user will never be considered as affiliated as there is no 152 * device owner to be affiliated with. 153 */ isUserAffiliatedWithDevice(int userId)154 public abstract boolean isUserAffiliatedWithDevice(int userId); 155 156 /** 157 * Returns whether the calling package can install or uninstall packages without user 158 * interaction. 159 */ canSilentlyInstallPackage(String callerPackage, int callerUid)160 public abstract boolean canSilentlyInstallPackage(String callerPackage, int callerUid); 161 162 /** 163 * Reports that a profile has changed to use a unified or separate credential. 164 * 165 * @param userId User ID of the profile. 166 */ reportSeparateProfileChallengeChanged(@serIdInt int userId)167 public abstract void reportSeparateProfileChallengeChanged(@UserIdInt int userId); 168 169 /** 170 * Return text of error message if printing is disabled. 171 * Called by Print Service when printing is disabled by PO or DO when printing is attempted. 172 * 173 * @param userId The user in question 174 * @return localized error message 175 */ getPrintingDisabledReasonForUser(@serIdInt int userId)176 public abstract CharSequence getPrintingDisabledReasonForUser(@UserIdInt int userId); 177 178 /** 179 * @return cached version of DPM policies that can be accessed without risking deadlocks. 180 * Do not call it directly. Use {@link DevicePolicyCache#getInstance()} instead. 181 */ getDevicePolicyCache()182 protected abstract DevicePolicyCache getDevicePolicyCache(); 183 184 /** 185 * @return cached version of device state related to DPM that can be accessed without risking 186 * deadlocks. 187 * Do not call it directly. Use {@link DevicePolicyCache#getInstance()} instead. 188 */ getDeviceStateCache()189 protected abstract DeviceStateCache getDeviceStateCache(); 190 191 /** 192 * Returns the combined set of the following: 193 * <ul> 194 * <li>The package names that the admin has previously set as allowed to request user consent 195 * for cross-profile communication, via {@link 196 * DevicePolicyManager#setCrossProfilePackages(ComponentName, Set)}.</li> 197 * <li>The default package names that are allowed to request user consent for cross-profile 198 * communication without being explicitly enabled by the admin, via 199 * {@link com.android.internal.R.array#cross_profile_apps} and 200 * {@link com.android.internal.R.array#vendor_cross_profile_apps}.</li> 201 * </ul> 202 * 203 * @return the combined set of allowlisted package names set via 204 * {@link DevicePolicyManager#setCrossProfilePackages(ComponentName, Set)} and 205 * {@link com.android.internal.R.array#cross_profile_apps} and 206 * {@link com.android.internal.R.array#vendor_cross_profile_apps} 207 * 208 * @hide 209 */ getAllCrossProfilePackages(int userId)210 public abstract List<String> getAllCrossProfilePackages(int userId); 211 212 /** 213 * Returns the default package names set by the OEM that are allowed to communicate 214 * cross-profile without being explicitly enabled by the admin, via {@link 215 * com.android.internal.R.array#cross_profile_apps} and {@link 216 * com.android.internal.R.array#vendor_cross_profile_apps}. 217 * 218 * @hide 219 */ getDefaultCrossProfilePackages()220 public abstract List<String> getDefaultCrossProfilePackages(); 221 222 /** 223 * Sends the {@code intent} to the package holding the 224 * {@link android.app.role.RoleManager#ROLE_DEVICE_MANAGER} role and packages with cross 225 * profile capabilities, meaning the application must have the {@code crossProfile} 226 * property and at least one of the following permissions: 227 * 228 * <ul> 229 * <li>{@link android.Manifest.permission.INTERACT_ACROSS_PROFILES} 230 * <li>{@link android.Manifest.permission.INTERACT_ACROSS_USERS} 231 * <li>{@link android.Manifest.permission.INTERACT_ACROSS_USERS_FULL} 232 * <li>{@link AppOpsManager.OP_INTERACT_ACROSS_PROFILES} appop 233 * </ul> 234 * 235 * <p>Note: The intent itself is not modified but copied before use. 236 *` 237 * @param intent Template for the intent sent to the packages. 238 * @param parentHandle Handle of the user that will receive the intents. 239 * @param requiresPermission If false, all packages with the {@code crossProfile} property 240 * will receive the intent without requiring the additional 241 * permissions. 242 */ broadcastIntentToManifestReceivers(Intent intent, UserHandle parentHandle, boolean requiresPermission)243 public abstract void broadcastIntentToManifestReceivers(Intent intent, 244 UserHandle parentHandle, boolean requiresPermission); 245 246 /** 247 * Returns the profile owner component for the given user, or {@code null} if there is not one. 248 */ 249 @Nullable getProfileOwnerAsUser(@serIdInt int userId)250 public abstract ComponentName getProfileOwnerAsUser(@UserIdInt int userId); 251 252 /** 253 * Returns the device owner component for the device, or {@code null} if there is not one. 254 * 255 * @deprecated added temporarily to support Android Role permission granting. 256 * Please contact Android Enterprise Device Policy team before calling this function. 257 */ 258 @Deprecated 259 @Nullable getDeviceOwnerComponent(boolean callingUserOnly)260 public abstract ComponentName getDeviceOwnerComponent(boolean callingUserOnly); 261 262 /** 263 * Returns the user id of the device owner, or {@link UserHandle#USER_NULL} if there is not one. 264 */ 265 @UserIdInt getDeviceOwnerUserId()266 public abstract int getDeviceOwnerUserId(); 267 268 /** 269 * Returns whether the given package is a device owner or a profile owner in the calling user. 270 */ isDeviceOrProfileOwnerInCallingUser(String packageName)271 public abstract boolean isDeviceOrProfileOwnerInCallingUser(String packageName); 272 273 /** 274 * Returns whether this class supports being deferred the responsibility for resetting the given 275 * op. 276 */ supportsResetOp(int op)277 public abstract boolean supportsResetOp(int op); 278 279 /** 280 * Resets the given op across the profile group of the given user for the given package. Assumes 281 * {@link #supportsResetOp(int)} is true. 282 */ resetOp(int op, String packageName, @UserIdInt int userId)283 public abstract void resetOp(int op, String packageName, @UserIdInt int userId); 284 285 /** 286 * Checks if the calling process has been granted permission to apply a device policy on a 287 * specific user. 288 * 289 * The given permission will be checked along with its associated cross-user permission, if it 290 * exists and the target user is different to the calling user. 291 * 292 * @param callerPackage the package of the calling application. 293 * @param permission The name of the permission being checked. 294 * @param targetUserId The userId of the user which the caller needs permission to act on. 295 * @throws SecurityException If the calling process has not been granted the permission. 296 */ enforcePermission(String callerPackage, String permission, int targetUserId)297 public abstract void enforcePermission(String callerPackage, String permission, 298 int targetUserId); 299 300 /** 301 * Return whether the calling process has been granted permission to apply a device policy on 302 * a specific user. 303 * 304 * The given permission will be checked along with its associated cross-user 305 * permission, if it exists and the target user is different to the calling user. 306 * 307 * @param callerPackage the package of the calling application. 308 * @param permission The name of the permission being checked. 309 * @param targetUserId The userId of the user which the caller needs permission to act on. 310 */ hasPermission(String callerPackage, String permission, int targetUserId)311 public abstract boolean hasPermission(String callerPackage, String permission, 312 int targetUserId); 313 314 /** 315 * True if either the entire device or the user is organization managed. 316 */ isUserOrganizationManaged(@serIdInt int userId)317 public abstract boolean isUserOrganizationManaged(@UserIdInt int userId); 318 319 /** 320 * Returns a map of admin to {@link Bundle} map of restrictions set by the admins for the 321 * provided {@code packageName} in the provided {@code userId} 322 */ getApplicationRestrictionsPerAdminForUser( String packageName, @UserIdInt int userId)323 public abstract List<Bundle> getApplicationRestrictionsPerAdminForUser( 324 String packageName, @UserIdInt int userId); 325 326 /** 327 * Returns a list of users who set a user restriction on a given user. 328 */ getUserRestrictionSources(String restriction, @UserIdInt int userId)329 public abstract List<EnforcingUser> getUserRestrictionSources(String restriction, 330 @UserIdInt int userId); 331 332 /** 333 * Enforces resolved security logging policy, should only be invoked from device policy engine. 334 */ enforceSecurityLoggingPolicy(boolean enabled)335 public abstract void enforceSecurityLoggingPolicy(boolean enabled); 336 337 /** 338 * Enforces resolved audit logging policy, should only be invoked from device policy engine. 339 */ enforceAuditLoggingPolicy(boolean enabled)340 public abstract void enforceAuditLoggingPolicy(boolean enabled); 341 } 342