1 /* 2 * Copyright (C) 2020 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.server.devicepolicy; 18 19 import static android.app.admin.DevicePolicyManager.NEARBY_STREAMING_SAME_MANAGED_ACCOUNT_ONLY; 20 import static android.app.admin.DevicePolicyManager.PASSWORD_COMPLEXITY_NONE; 21 import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED; 22 import static android.app.admin.WifiSsidPolicy.WIFI_SSID_POLICY_TYPE_ALLOWLIST; 23 import static android.app.admin.WifiSsidPolicy.WIFI_SSID_POLICY_TYPE_DENYLIST; 24 import static android.net.NetworkCapabilities.NET_ENTERPRISE_ID_1; 25 26 import static com.android.server.devicepolicy.DevicePolicyManagerService.LOG_TAG; 27 28 import static org.xmlpull.v1.XmlPullParser.END_DOCUMENT; 29 import static org.xmlpull.v1.XmlPullParser.END_TAG; 30 import static org.xmlpull.v1.XmlPullParser.TEXT; 31 32 import android.annotation.NonNull; 33 import android.annotation.Nullable; 34 import android.app.admin.DeviceAdminInfo; 35 import android.app.admin.DevicePolicyManager; 36 import android.app.admin.FactoryResetProtectionPolicy; 37 import android.app.admin.ManagedSubscriptionsPolicy; 38 import android.app.admin.PackagePolicy; 39 import android.app.admin.PasswordPolicy; 40 import android.app.admin.PreferentialNetworkServiceConfig; 41 import android.app.admin.WifiSsidPolicy; 42 import android.app.admin.flags.Flags; 43 import android.graphics.Color; 44 import android.net.wifi.WifiSsid; 45 import android.os.Bundle; 46 import android.os.PersistableBundle; 47 import android.os.UserHandle; 48 import android.os.UserManager; 49 import android.text.TextUtils; 50 import android.util.ArrayMap; 51 import android.util.ArraySet; 52 import android.util.IndentingPrintWriter; 53 54 import com.android.internal.util.Preconditions; 55 import com.android.internal.util.XmlUtils; 56 import com.android.modules.utils.TypedXmlPullParser; 57 import com.android.modules.utils.TypedXmlSerializer; 58 import com.android.server.pm.UserRestrictionsUtils; 59 import com.android.server.utils.Slogf; 60 61 import org.xmlpull.v1.XmlPullParserException; 62 63 import java.io.IOException; 64 import java.nio.charset.StandardCharsets; 65 import java.util.ArrayList; 66 import java.util.Collection; 67 import java.util.Collections; 68 import java.util.List; 69 import java.util.Map; 70 import java.util.Set; 71 import java.util.function.Predicate; 72 import java.util.stream.Collectors; 73 74 class ActiveAdmin { 75 76 private final int userId; 77 public final boolean isPermissionBased; 78 79 private static final String TAG_DISABLE_KEYGUARD_FEATURES = "disable-keyguard-features"; 80 private static final String TAG_TEST_ONLY_ADMIN = "test-only-admin"; 81 private static final String TAG_DISABLE_CAMERA = "disable-camera"; 82 private static final String TAG_DISABLE_CALLER_ID = "disable-caller-id"; 83 private static final String TAG_DISABLE_CONTACTS_SEARCH = "disable-contacts-search"; 84 private static final String TAG_DISABLE_BLUETOOTH_CONTACT_SHARING = 85 "disable-bt-contacts-sharing"; 86 private static final String TAG_DISABLE_SCREEN_CAPTURE = "disable-screen-capture"; 87 private static final String TAG_DISABLE_ACCOUNT_MANAGEMENT = "disable-account-management"; 88 private static final String TAG_NEARBY_NOTIFICATION_STREAMING_POLICY = 89 "nearby-notification-streaming-policy"; 90 private static final String TAG_NEARBY_APP_STREAMING_POLICY = 91 "nearby-app-streaming-policy"; 92 private static final String TAG_REQUIRE_AUTO_TIME = "require_auto_time"; 93 private static final String TAG_FORCE_EPHEMERAL_USERS = "force_ephemeral_users"; 94 private static final String TAG_IS_NETWORK_LOGGING_ENABLED = "is_network_logging_enabled"; 95 private static final String TAG_ACCOUNT_TYPE = "account-type"; 96 private static final String TAG_PERMITTED_ACCESSIBILITY_SERVICES = 97 "permitted-accessiblity-services"; 98 private static final String TAG_ENCRYPTION_REQUESTED = "encryption-requested"; 99 private static final String TAG_MANAGE_TRUST_AGENT_FEATURES = "manage-trust-agent-features"; 100 private static final String TAG_TRUST_AGENT_COMPONENT_OPTIONS = "trust-agent-component-options"; 101 private static final String TAG_TRUST_AGENT_COMPONENT = "component"; 102 private static final String TAG_PASSWORD_EXPIRATION_DATE = "password-expiration-date"; 103 private static final String TAG_PASSWORD_EXPIRATION_TIMEOUT = "password-expiration-timeout"; 104 private static final String TAG_GLOBAL_PROXY_EXCLUSION_LIST = "global-proxy-exclusion-list"; 105 private static final String TAG_GLOBAL_PROXY_SPEC = "global-proxy-spec"; 106 private static final String TAG_SPECIFIES_GLOBAL_PROXY = "specifies-global-proxy"; 107 private static final String TAG_PERMITTED_IMES = "permitted-imes"; 108 private static final String TAG_PERMITTED_NOTIFICATION_LISTENERS = 109 "permitted-notification-listeners"; 110 private static final String TAG_MAX_FAILED_PASSWORD_WIPE = "max-failed-password-wipe"; 111 private static final String TAG_MAX_TIME_TO_UNLOCK = "max-time-to-unlock"; 112 private static final String TAG_STRONG_AUTH_UNLOCK_TIMEOUT = "strong-auth-unlock-timeout"; 113 private static final String TAG_MIN_PASSWORD_NONLETTER = "min-password-nonletter"; 114 private static final String TAG_MIN_PASSWORD_SYMBOLS = "min-password-symbols"; 115 private static final String TAG_MIN_PASSWORD_NUMERIC = "min-password-numeric"; 116 private static final String TAG_MIN_PASSWORD_LETTERS = "min-password-letters"; 117 private static final String TAG_MIN_PASSWORD_LOWERCASE = "min-password-lowercase"; 118 private static final String TAG_MIN_PASSWORD_UPPERCASE = "min-password-uppercase"; 119 private static final String TAG_PASSWORD_HISTORY_LENGTH = "password-history-length"; 120 private static final String TAG_MIN_PASSWORD_LENGTH = "min-password-length"; 121 private static final String TAG_PASSWORD_QUALITY = "password-quality"; 122 private static final String TAG_POLICIES = "policies"; 123 private static final String TAG_CROSS_PROFILE_WIDGET_PROVIDERS = 124 "cross-profile-widget-providers"; 125 private static final String TAG_PROVIDER = "provider"; 126 private static final String TAG_PACKAGE_LIST_ITEM = "item"; 127 private static final String TAG_KEEP_UNINSTALLED_PACKAGES = "keep-uninstalled-packages"; 128 private static final String TAG_USER_RESTRICTIONS = "user-restrictions"; 129 private static final String TAG_DEFAULT_ENABLED_USER_RESTRICTIONS = 130 "default-enabled-user-restrictions"; 131 private static final String TAG_RESTRICTION = "restriction"; 132 private static final String TAG_SHORT_SUPPORT_MESSAGE = "short-support-message"; 133 private static final String TAG_LONG_SUPPORT_MESSAGE = "long-support-message"; 134 private static final String TAG_PARENT_ADMIN = "parent-admin"; 135 private static final String TAG_ORGANIZATION_COLOR = "organization-color"; 136 private static final String TAG_ORGANIZATION_NAME = "organization-name"; 137 private static final String TAG_IS_LOGOUT_ENABLED = "is_logout_enabled"; 138 private static final String TAG_START_USER_SESSION_MESSAGE = "start_user_session_message"; 139 private static final String TAG_END_USER_SESSION_MESSAGE = "end_user_session_message"; 140 private static final String TAG_METERED_DATA_DISABLED_PACKAGES = 141 "metered_data_disabled_packages"; 142 private static final String TAG_CROSS_PROFILE_CALENDAR_PACKAGES = 143 "cross-profile-calendar-packages"; 144 private static final String TAG_CROSS_PROFILE_CALENDAR_PACKAGES_NULL = 145 "cross-profile-calendar-packages-null"; 146 private static final String TAG_CROSS_PROFILE_PACKAGES = "cross-profile-packages"; 147 private static final String TAG_FACTORY_RESET_PROTECTION_POLICY = 148 "factory_reset_protection_policy"; 149 private static final String TAG_SUSPEND_PERSONAL_APPS = "suspend-personal-apps"; 150 private static final String TAG_PROFILE_MAXIMUM_TIME_OFF = "profile-max-time-off"; 151 private static final String TAG_PROFILE_OFF_DEADLINE = "profile-off-deadline"; 152 private static final String TAG_ALWAYS_ON_VPN_PACKAGE = "vpn-package"; 153 private static final String TAG_ALWAYS_ON_VPN_LOCKDOWN = "vpn-lockdown"; 154 private static final String TAG_COMMON_CRITERIA_MODE = "common-criteria-mode"; 155 private static final String TAG_PASSWORD_COMPLEXITY = "password-complexity"; 156 private static final String TAG_ORGANIZATION_ID = "organization-id"; 157 private static final String TAG_ENROLLMENT_SPECIFIC_ID = "enrollment-specific-id"; 158 private static final String TAG_ADMIN_CAN_GRANT_SENSORS_PERMISSIONS = 159 "admin-can-grant-sensors-permissions"; 160 private static final String TAG_PREFERENTIAL_NETWORK_SERVICE_ENABLED = 161 "preferential-network-service-enabled"; 162 private static final String TAG_USB_DATA_SIGNALING = "usb-data-signaling"; 163 private static final String TAG_WIFI_MIN_SECURITY = "wifi-min-security"; 164 private static final String TAG_SSID_ALLOWLIST = "ssid-allowlist"; 165 private static final String TAG_SSID_DENYLIST = "ssid-denylist"; 166 private static final String TAG_SSID = "ssid"; 167 private static final String TAG_CROSS_PROFILE_CALLER_ID_POLICY = "caller-id-policy"; 168 private static final String TAG_CROSS_PROFILE_CONTACTS_SEARCH_POLICY = "contacts-policy"; 169 private static final String TAG_PACKAGE_POLICY_PACKAGE_NAMES = "package-policy-packages"; 170 private static final String TAG_PREFERENTIAL_NETWORK_SERVICE_CONFIGS = 171 "preferential_network_service_configs"; 172 private static final String TAG_PREFERENTIAL_NETWORK_SERVICE_CONFIG = 173 "preferential_network_service_config"; 174 private static final String TAG_PROTECTED_PACKAGES = "protected_packages"; 175 private static final String TAG_SUSPENDED_PACKAGES = "suspended-packages"; 176 private static final String TAG_MTE_POLICY = "mte-policy"; 177 private static final String TAG_MANAGED_SUBSCRIPTIONS_POLICY = "managed_subscriptions_policy"; 178 private static final String ATTR_VALUE = "value"; 179 private static final String ATTR_LAST_NETWORK_LOGGING_NOTIFICATION = "last-notification"; 180 private static final String ATTR_NUM_NETWORK_LOGGING_NOTIFICATIONS = "num-notifications"; 181 private static final String ATTR_PACKAGE_POLICY_MODE = "package-policy-type"; 182 private static final String TAG_CREDENTIAL_MANAGER_POLICY = "credential-manager-policy"; 183 private static final String TAG_DIALER_PACKAGE = "dialer_package"; 184 private static final String TAG_SMS_PACKAGE = "sms_package"; 185 186 // If the ActiveAdmin is a permission-based admin, then info will be null because the 187 // permission-based admin is not mapped to a device administrator component. 188 DeviceAdminInfo info; 189 190 static final int DEF_PASSWORD_HISTORY_LENGTH = 0; 191 int passwordHistoryLength = DEF_PASSWORD_HISTORY_LENGTH; 192 193 @NonNull 194 PasswordPolicy mPasswordPolicy = new PasswordPolicy(); 195 196 @DevicePolicyManager.PasswordComplexity 197 int mPasswordComplexity = PASSWORD_COMPLEXITY_NONE; 198 199 @DevicePolicyManager.NearbyStreamingPolicy 200 int mNearbyNotificationStreamingPolicy = NEARBY_STREAMING_SAME_MANAGED_ACCOUNT_ONLY; 201 202 @DevicePolicyManager.NearbyStreamingPolicy 203 int mNearbyAppStreamingPolicy = NEARBY_STREAMING_SAME_MANAGED_ACCOUNT_ONLY; 204 205 @Nullable 206 FactoryResetProtectionPolicy mFactoryResetProtectionPolicy = null; 207 208 static final long DEF_MAXIMUM_TIME_TO_UNLOCK = 0; 209 long maximumTimeToUnlock = DEF_MAXIMUM_TIME_TO_UNLOCK; 210 211 long strongAuthUnlockTimeout = 0; // admin doesn't participate by default 212 213 static final int DEF_MAXIMUM_FAILED_PASSWORDS_FOR_WIPE = 0; 214 int maximumFailedPasswordsForWipe = DEF_MAXIMUM_FAILED_PASSWORDS_FOR_WIPE; 215 216 static final long DEF_PASSWORD_EXPIRATION_TIMEOUT = 0; 217 long passwordExpirationTimeout = DEF_PASSWORD_EXPIRATION_TIMEOUT; 218 219 static final long DEF_PASSWORD_EXPIRATION_DATE = 0; 220 long passwordExpirationDate = DEF_PASSWORD_EXPIRATION_DATE; 221 222 static final int DEF_KEYGUARD_FEATURES_DISABLED = 0; // none 223 224 int disabledKeyguardFeatures = DEF_KEYGUARD_FEATURES_DISABLED; 225 226 boolean encryptionRequested = false; 227 boolean testOnlyAdmin = false; 228 boolean disableCamera = false; 229 boolean disableCallerId = false; 230 boolean disableContactsSearch = false; 231 boolean disableBluetoothContactSharing = true; 232 boolean disableScreenCapture = false; 233 boolean requireAutoTime = false; 234 boolean forceEphemeralUsers = false; 235 boolean isNetworkLoggingEnabled = false; 236 boolean isLogoutEnabled = false; 237 238 // one notification after enabling + one more after reboots 239 static final int DEF_MAXIMUM_NETWORK_LOGGING_NOTIFICATIONS_SHOWN = 2; 240 int numNetworkLoggingNotifications = 0; 241 long lastNetworkLoggingNotificationTimeMs = 0; // Time in milliseconds since epoch 242 243 @DevicePolicyManager.MtePolicy int mtePolicy = DevicePolicyManager.MTE_NOT_CONTROLLED_BY_POLICY; 244 245 ActiveAdmin parentAdmin; 246 final boolean isParent; 247 248 static class TrustAgentInfo { 249 public PersistableBundle options; TrustAgentInfo(PersistableBundle bundle)250 TrustAgentInfo(PersistableBundle bundle) { 251 options = bundle; 252 } 253 } 254 255 // The list of packages which are not allowed to use metered data. 256 List<String> meteredDisabledPackages; 257 258 final Set<String> accountTypesWithManagementDisabled = new ArraySet<>(); 259 260 // The list of permitted accessibility services package namesas set by a profile 261 // or device owner. Null means all accessibility services are allowed, empty means 262 // none except system services are allowed. 263 List<String> permittedAccessiblityServices; 264 265 // The list of permitted input methods package names as set by a profile or device owner. 266 // Null means all input methods are allowed, empty means none except system imes are 267 // allowed. 268 List<String> permittedInputMethods; 269 270 // The list of packages allowed to use a NotificationListenerService to receive events for 271 // notifications from this user. Null means that all packages are allowed. Empty list means 272 // that only packages from the system are allowed. 273 List<String> permittedNotificationListeners; 274 275 // List of package names to keep cached. 276 List<String> keepUninstalledPackages; 277 278 // List of packages for which the user cannot invoke "clear data" or "force stop". 279 List<String> protectedPackages; 280 281 List<String> suspendedPackages; 282 283 // Wi-Fi SSID restriction policy. 284 WifiSsidPolicy mWifiSsidPolicy; 285 286 // Managed subscriptions policy. 287 ManagedSubscriptionsPolicy mManagedSubscriptionsPolicy; 288 289 // TODO: review implementation decisions with frameworks team 290 boolean specifiesGlobalProxy = false; 291 String globalProxySpec = null; 292 String globalProxyExclusionList = null; 293 294 @NonNull 295 ArrayMap<String, TrustAgentInfo> trustAgentInfos = new ArrayMap<>(); 296 297 List<String> crossProfileWidgetProviders; 298 299 Bundle userRestrictions; 300 301 // User restrictions that have already been enabled by default for this admin (either when 302 // setting the device or profile owner, or during a system update if one of those "enabled 303 // by default" restrictions is newly added). 304 final Set<String> defaultEnabledRestrictionsAlreadySet = new ArraySet<>(); 305 306 // Support text provided by the admin to display to the user. 307 CharSequence shortSupportMessage = null; 308 CharSequence longSupportMessage = null; 309 310 // Background color of confirm credentials screen. Default: teal. 311 static final int DEF_ORGANIZATION_COLOR = Color.parseColor("#00796B"); 312 int organizationColor = DEF_ORGANIZATION_COLOR; 313 314 // Default title of confirm credentials screen 315 String organizationName = null; 316 317 // Message for user switcher 318 String startUserSessionMessage = null; 319 String endUserSessionMessage = null; 320 321 // The allow list of packages that can access cross profile calendar APIs. 322 // This allow list should be in default an empty list, which indicates that no package 323 // is allow listed. 324 List<String> mCrossProfileCalendarPackages = Collections.emptyList(); 325 326 // The allow list of packages that the admin has enabled to be able to request consent from 327 // the user to communicate cross-profile. By default, no packages are allowed, which is 328 // represented as an empty list. 329 List<String> mCrossProfilePackages = Collections.emptyList(); 330 331 // Whether the admin explicitly requires personal apps to be suspended 332 boolean mSuspendPersonalApps = false; 333 // Maximum time the profile owned by this admin can be off. 334 long mProfileMaximumTimeOffMillis = 0; 335 // Time by which the profile should be turned on according to System.currentTimeMillis(). 336 long mProfileOffDeadline = 0; 337 338 // The package policy for Cross Profile Contacts Search 339 PackagePolicy mManagedProfileCallerIdAccess = null; 340 341 // The package policy for Cross Profile Contacts Search 342 PackagePolicy mManagedProfileContactsAccess = null; 343 344 // The package policy for Credential Manager 345 PackagePolicy mCredentialManagerPolicy = null; 346 347 public String mAlwaysOnVpnPackage; 348 public boolean mAlwaysOnVpnLockdown; 349 boolean mCommonCriteriaMode; 350 public String mOrganizationId; 351 public String mEnrollmentSpecificId; 352 public boolean mAdminCanGrantSensorsPermissions; 353 public List<PreferentialNetworkServiceConfig> mPreferentialNetworkServiceConfigs = 354 List.of(PreferentialNetworkServiceConfig.DEFAULT); 355 356 private static final boolean USB_DATA_SIGNALING_ENABLED_DEFAULT = true; 357 boolean mUsbDataSignalingEnabled = USB_DATA_SIGNALING_ENABLED_DEFAULT; 358 359 int mWifiMinimumSecurityLevel = DevicePolicyManager.WIFI_SECURITY_OPEN; 360 String mDialerPackage; 361 String mSmsPackage; 362 ActiveAdmin(DeviceAdminInfo info, boolean isParent)363 ActiveAdmin(DeviceAdminInfo info, boolean isParent) { 364 this.userId = -1; 365 this.info = info; 366 this.isParent = isParent; 367 this.isPermissionBased = false; 368 } 369 ActiveAdmin(int userId, boolean permissionBased)370 ActiveAdmin(int userId, boolean permissionBased) { 371 if (permissionBased == false) { 372 throw new IllegalArgumentException("Can only pass true for permissionBased admin"); 373 } 374 this.userId = userId; 375 this.isPermissionBased = permissionBased; 376 this.isParent = false; 377 this.info = null; 378 } 379 getParentActiveAdmin()380 ActiveAdmin getParentActiveAdmin() { 381 Preconditions.checkState(!isParent); 382 383 if (parentAdmin == null) { 384 parentAdmin = new ActiveAdmin(info, /* parent */ true); 385 } 386 return parentAdmin; 387 } 388 hasParentActiveAdmin()389 boolean hasParentActiveAdmin() { 390 return parentAdmin != null; 391 } 392 getUid()393 int getUid() { 394 if (isPermissionBased) { 395 return -1; 396 } 397 return info.getActivityInfo().applicationInfo.uid; 398 } 399 getUserHandle()400 public UserHandle getUserHandle() { 401 if (isPermissionBased) { 402 return UserHandle.of(userId); 403 } 404 return UserHandle.of(UserHandle.getUserId(info.getActivityInfo().applicationInfo.uid)); 405 } 406 writeToXml(TypedXmlSerializer out)407 void writeToXml(TypedXmlSerializer out) 408 throws IllegalArgumentException, IllegalStateException, IOException { 409 if (info != null) { 410 out.startTag(null, TAG_POLICIES); 411 info.writePoliciesToXml(out); 412 out.endTag(null, TAG_POLICIES); 413 } 414 if (mPasswordPolicy.quality != PASSWORD_QUALITY_UNSPECIFIED) { 415 writeAttributeValueToXml( 416 out, TAG_PASSWORD_QUALITY, mPasswordPolicy.quality); 417 if (mPasswordPolicy.length != PasswordPolicy.DEF_MINIMUM_LENGTH) { 418 writeAttributeValueToXml( 419 out, TAG_MIN_PASSWORD_LENGTH, mPasswordPolicy.length); 420 } 421 if (mPasswordPolicy.upperCase != PasswordPolicy.DEF_MINIMUM_UPPER_CASE) { 422 writeAttributeValueToXml( 423 out, TAG_MIN_PASSWORD_UPPERCASE, mPasswordPolicy.upperCase); 424 } 425 if (mPasswordPolicy.lowerCase != PasswordPolicy.DEF_MINIMUM_LOWER_CASE) { 426 writeAttributeValueToXml( 427 out, TAG_MIN_PASSWORD_LOWERCASE, mPasswordPolicy.lowerCase); 428 } 429 if (mPasswordPolicy.letters != PasswordPolicy.DEF_MINIMUM_LETTERS) { 430 writeAttributeValueToXml( 431 out, TAG_MIN_PASSWORD_LETTERS, mPasswordPolicy.letters); 432 } 433 if (mPasswordPolicy.numeric != PasswordPolicy.DEF_MINIMUM_NUMERIC) { 434 writeAttributeValueToXml( 435 out, TAG_MIN_PASSWORD_NUMERIC, mPasswordPolicy.numeric); 436 } 437 if (mPasswordPolicy.symbols != PasswordPolicy.DEF_MINIMUM_SYMBOLS) { 438 writeAttributeValueToXml( 439 out, TAG_MIN_PASSWORD_SYMBOLS, mPasswordPolicy.symbols); 440 } 441 if (mPasswordPolicy.nonLetter > PasswordPolicy.DEF_MINIMUM_NON_LETTER) { 442 writeAttributeValueToXml( 443 out, TAG_MIN_PASSWORD_NONLETTER, mPasswordPolicy.nonLetter); 444 } 445 } 446 if (passwordHistoryLength != DEF_PASSWORD_HISTORY_LENGTH) { 447 writeAttributeValueToXml( 448 out, TAG_PASSWORD_HISTORY_LENGTH, passwordHistoryLength); 449 } 450 if (maximumTimeToUnlock != DEF_MAXIMUM_TIME_TO_UNLOCK) { 451 writeAttributeValueToXml( 452 out, TAG_MAX_TIME_TO_UNLOCK, maximumTimeToUnlock); 453 } 454 if (strongAuthUnlockTimeout != DevicePolicyManager.DEFAULT_STRONG_AUTH_TIMEOUT_MS) { 455 writeAttributeValueToXml( 456 out, TAG_STRONG_AUTH_UNLOCK_TIMEOUT, strongAuthUnlockTimeout); 457 } 458 if (maximumFailedPasswordsForWipe != DEF_MAXIMUM_FAILED_PASSWORDS_FOR_WIPE) { 459 writeAttributeValueToXml( 460 out, TAG_MAX_FAILED_PASSWORD_WIPE, maximumFailedPasswordsForWipe); 461 } 462 if (specifiesGlobalProxy) { 463 writeAttributeValueToXml( 464 out, TAG_SPECIFIES_GLOBAL_PROXY, specifiesGlobalProxy); 465 if (globalProxySpec != null) { 466 writeAttributeValueToXml(out, TAG_GLOBAL_PROXY_SPEC, globalProxySpec); 467 } 468 if (globalProxyExclusionList != null) { 469 writeAttributeValueToXml( 470 out, TAG_GLOBAL_PROXY_EXCLUSION_LIST, globalProxyExclusionList); 471 } 472 } 473 if (passwordExpirationTimeout != DEF_PASSWORD_EXPIRATION_TIMEOUT) { 474 writeAttributeValueToXml( 475 out, TAG_PASSWORD_EXPIRATION_TIMEOUT, passwordExpirationTimeout); 476 } 477 if (passwordExpirationDate != DEF_PASSWORD_EXPIRATION_DATE) { 478 writeAttributeValueToXml( 479 out, TAG_PASSWORD_EXPIRATION_DATE, passwordExpirationDate); 480 } 481 if (encryptionRequested) { 482 writeAttributeValueToXml( 483 out, TAG_ENCRYPTION_REQUESTED, encryptionRequested); 484 } 485 if (testOnlyAdmin) { 486 writeAttributeValueToXml( 487 out, TAG_TEST_ONLY_ADMIN, testOnlyAdmin); 488 } 489 if (disableCamera) { 490 writeAttributeValueToXml( 491 out, TAG_DISABLE_CAMERA, disableCamera); 492 } 493 if (disableCallerId) { 494 writeAttributeValueToXml( 495 out, TAG_DISABLE_CALLER_ID, disableCallerId); 496 } 497 if (disableContactsSearch) { 498 writeAttributeValueToXml( 499 out, TAG_DISABLE_CONTACTS_SEARCH, disableContactsSearch); 500 } 501 if (!disableBluetoothContactSharing) { 502 writeAttributeValueToXml( 503 out, TAG_DISABLE_BLUETOOTH_CONTACT_SHARING, disableBluetoothContactSharing); 504 } 505 if (disableScreenCapture) { 506 writeAttributeValueToXml( 507 out, TAG_DISABLE_SCREEN_CAPTURE, disableScreenCapture); 508 } 509 if (requireAutoTime) { 510 writeAttributeValueToXml( 511 out, TAG_REQUIRE_AUTO_TIME, requireAutoTime); 512 } 513 if (forceEphemeralUsers) { 514 writeAttributeValueToXml( 515 out, TAG_FORCE_EPHEMERAL_USERS, forceEphemeralUsers); 516 } 517 if (isNetworkLoggingEnabled) { 518 out.startTag(null, TAG_IS_NETWORK_LOGGING_ENABLED); 519 out.attributeBoolean(null, ATTR_VALUE, isNetworkLoggingEnabled); 520 out.attributeInt(null, ATTR_NUM_NETWORK_LOGGING_NOTIFICATIONS, 521 numNetworkLoggingNotifications); 522 out.attributeLong(null, ATTR_LAST_NETWORK_LOGGING_NOTIFICATION, 523 lastNetworkLoggingNotificationTimeMs); 524 out.endTag(null, TAG_IS_NETWORK_LOGGING_ENABLED); 525 } 526 if (disabledKeyguardFeatures != DEF_KEYGUARD_FEATURES_DISABLED) { 527 writeAttributeValueToXml( 528 out, TAG_DISABLE_KEYGUARD_FEATURES, disabledKeyguardFeatures); 529 } 530 if (!accountTypesWithManagementDisabled.isEmpty()) { 531 writeAttributeValuesToXml( 532 out, TAG_DISABLE_ACCOUNT_MANAGEMENT, TAG_ACCOUNT_TYPE, 533 accountTypesWithManagementDisabled); 534 } 535 if (!trustAgentInfos.isEmpty()) { 536 Set<Map.Entry<String, TrustAgentInfo>> set = trustAgentInfos.entrySet(); 537 out.startTag(null, TAG_MANAGE_TRUST_AGENT_FEATURES); 538 for (Map.Entry<String, TrustAgentInfo> entry : set) { 539 TrustAgentInfo trustAgentInfo = entry.getValue(); 540 out.startTag(null, TAG_TRUST_AGENT_COMPONENT); 541 out.attribute(null, ATTR_VALUE, entry.getKey()); 542 if (trustAgentInfo.options != null) { 543 out.startTag(null, TAG_TRUST_AGENT_COMPONENT_OPTIONS); 544 try { 545 trustAgentInfo.options.saveToXml(out); 546 } catch (XmlPullParserException e) { 547 Slogf.e(LOG_TAG, e, "Failed to save TrustAgent options"); 548 } 549 out.endTag(null, TAG_TRUST_AGENT_COMPONENT_OPTIONS); 550 } 551 out.endTag(null, TAG_TRUST_AGENT_COMPONENT); 552 } 553 out.endTag(null, TAG_MANAGE_TRUST_AGENT_FEATURES); 554 } 555 if (crossProfileWidgetProviders != null && !crossProfileWidgetProviders.isEmpty()) { 556 writeAttributeValuesToXml( 557 out, TAG_CROSS_PROFILE_WIDGET_PROVIDERS, TAG_PROVIDER, 558 crossProfileWidgetProviders); 559 } 560 writePackageListToXml(out, TAG_PERMITTED_ACCESSIBILITY_SERVICES, 561 permittedAccessiblityServices); 562 writePackageListToXml(out, TAG_PERMITTED_IMES, permittedInputMethods); 563 writePackageListToXml(out, TAG_PERMITTED_NOTIFICATION_LISTENERS, 564 permittedNotificationListeners); 565 writePackageListToXml(out, TAG_KEEP_UNINSTALLED_PACKAGES, keepUninstalledPackages); 566 writePackageListToXml(out, TAG_METERED_DATA_DISABLED_PACKAGES, meteredDisabledPackages); 567 writePackageListToXml(out, TAG_PROTECTED_PACKAGES, protectedPackages); 568 writePackageListToXml(out, TAG_SUSPENDED_PACKAGES, suspendedPackages); 569 if (hasUserRestrictions()) { 570 UserRestrictionsUtils.writeRestrictions( 571 out, userRestrictions, TAG_USER_RESTRICTIONS); 572 } 573 if (!defaultEnabledRestrictionsAlreadySet.isEmpty()) { 574 writeAttributeValuesToXml(out, TAG_DEFAULT_ENABLED_USER_RESTRICTIONS, 575 TAG_RESTRICTION, 576 defaultEnabledRestrictionsAlreadySet); 577 } 578 if (!TextUtils.isEmpty(shortSupportMessage)) { 579 writeTextToXml(out, TAG_SHORT_SUPPORT_MESSAGE, shortSupportMessage.toString()); 580 } 581 if (!TextUtils.isEmpty(longSupportMessage)) { 582 writeTextToXml(out, TAG_LONG_SUPPORT_MESSAGE, longSupportMessage.toString()); 583 } 584 if (parentAdmin != null) { 585 out.startTag(null, TAG_PARENT_ADMIN); 586 parentAdmin.writeToXml(out); 587 out.endTag(null, TAG_PARENT_ADMIN); 588 } 589 if (organizationColor != DEF_ORGANIZATION_COLOR) { 590 writeAttributeValueToXml(out, TAG_ORGANIZATION_COLOR, organizationColor); 591 } 592 if (organizationName != null) { 593 writeTextToXml(out, TAG_ORGANIZATION_NAME, organizationName); 594 } 595 if (isLogoutEnabled) { 596 writeAttributeValueToXml(out, TAG_IS_LOGOUT_ENABLED, isLogoutEnabled); 597 } 598 if (startUserSessionMessage != null) { 599 writeTextToXml(out, TAG_START_USER_SESSION_MESSAGE, startUserSessionMessage); 600 } 601 if (endUserSessionMessage != null) { 602 writeTextToXml(out, TAG_END_USER_SESSION_MESSAGE, endUserSessionMessage); 603 } 604 if (mCrossProfileCalendarPackages == null) { 605 out.startTag(null, TAG_CROSS_PROFILE_CALENDAR_PACKAGES_NULL); 606 out.endTag(null, TAG_CROSS_PROFILE_CALENDAR_PACKAGES_NULL); 607 } else { 608 writePackageListToXml(out, TAG_CROSS_PROFILE_CALENDAR_PACKAGES, 609 mCrossProfileCalendarPackages); 610 } 611 writePackageListToXml(out, TAG_CROSS_PROFILE_PACKAGES, mCrossProfilePackages); 612 if (mFactoryResetProtectionPolicy != null) { 613 out.startTag(null, TAG_FACTORY_RESET_PROTECTION_POLICY); 614 mFactoryResetProtectionPolicy.writeToXml(out); 615 out.endTag(null, TAG_FACTORY_RESET_PROTECTION_POLICY); 616 } 617 if (mSuspendPersonalApps) { 618 writeAttributeValueToXml(out, TAG_SUSPEND_PERSONAL_APPS, mSuspendPersonalApps); 619 } 620 if (mProfileMaximumTimeOffMillis != 0) { 621 writeAttributeValueToXml(out, TAG_PROFILE_MAXIMUM_TIME_OFF, 622 mProfileMaximumTimeOffMillis); 623 } 624 if (mProfileMaximumTimeOffMillis != 0) { 625 writeAttributeValueToXml(out, TAG_PROFILE_OFF_DEADLINE, mProfileOffDeadline); 626 } 627 if (!TextUtils.isEmpty(mAlwaysOnVpnPackage)) { 628 writeAttributeValueToXml(out, TAG_ALWAYS_ON_VPN_PACKAGE, mAlwaysOnVpnPackage); 629 } 630 if (mAlwaysOnVpnLockdown) { 631 writeAttributeValueToXml(out, TAG_ALWAYS_ON_VPN_LOCKDOWN, mAlwaysOnVpnLockdown); 632 } 633 if (mCommonCriteriaMode) { 634 writeAttributeValueToXml(out, TAG_COMMON_CRITERIA_MODE, mCommonCriteriaMode); 635 } 636 637 if (mPasswordComplexity != PASSWORD_COMPLEXITY_NONE) { 638 writeAttributeValueToXml(out, TAG_PASSWORD_COMPLEXITY, mPasswordComplexity); 639 } 640 if (mNearbyNotificationStreamingPolicy != NEARBY_STREAMING_SAME_MANAGED_ACCOUNT_ONLY) { 641 writeAttributeValueToXml(out, TAG_NEARBY_NOTIFICATION_STREAMING_POLICY, 642 mNearbyNotificationStreamingPolicy); 643 } 644 if (mNearbyAppStreamingPolicy != NEARBY_STREAMING_SAME_MANAGED_ACCOUNT_ONLY) { 645 writeAttributeValueToXml(out, TAG_NEARBY_APP_STREAMING_POLICY, 646 mNearbyAppStreamingPolicy); 647 } 648 if (!TextUtils.isEmpty(mOrganizationId)) { 649 writeTextToXml(out, TAG_ORGANIZATION_ID, mOrganizationId); 650 } 651 if (!TextUtils.isEmpty(mEnrollmentSpecificId)) { 652 writeTextToXml(out, TAG_ENROLLMENT_SPECIFIC_ID, mEnrollmentSpecificId); 653 } 654 writeAttributeValueToXml(out, TAG_ADMIN_CAN_GRANT_SENSORS_PERMISSIONS, 655 mAdminCanGrantSensorsPermissions); 656 if (mUsbDataSignalingEnabled != USB_DATA_SIGNALING_ENABLED_DEFAULT) { 657 writeAttributeValueToXml(out, TAG_USB_DATA_SIGNALING, mUsbDataSignalingEnabled); 658 } 659 if (mWifiMinimumSecurityLevel != DevicePolicyManager.WIFI_SECURITY_OPEN) { 660 writeAttributeValueToXml(out, TAG_WIFI_MIN_SECURITY, mWifiMinimumSecurityLevel); 661 } 662 if (mWifiSsidPolicy != null) { 663 List<String> ssids = ssidsToStrings(mWifiSsidPolicy.getSsids()); 664 if (mWifiSsidPolicy.getPolicyType() == WIFI_SSID_POLICY_TYPE_ALLOWLIST) { 665 writeAttributeValuesToXml(out, TAG_SSID_ALLOWLIST, TAG_SSID, ssids); 666 } else if (mWifiSsidPolicy.getPolicyType() == WIFI_SSID_POLICY_TYPE_DENYLIST) { 667 writeAttributeValuesToXml(out, TAG_SSID_DENYLIST, TAG_SSID, ssids); 668 } 669 } 670 if (!mPreferentialNetworkServiceConfigs.isEmpty()) { 671 out.startTag(null, TAG_PREFERENTIAL_NETWORK_SERVICE_CONFIGS); 672 for (PreferentialNetworkServiceConfig config : mPreferentialNetworkServiceConfigs) { 673 config.writeToXml(out); 674 } 675 out.endTag(null, TAG_PREFERENTIAL_NETWORK_SERVICE_CONFIGS); 676 } 677 if (mtePolicy != DevicePolicyManager.MTE_NOT_CONTROLLED_BY_POLICY) { 678 writeAttributeValueToXml(out, TAG_MTE_POLICY, mtePolicy); 679 } 680 writePackagePolicy(out, TAG_CROSS_PROFILE_CALLER_ID_POLICY, 681 mManagedProfileCallerIdAccess); 682 writePackagePolicy(out, TAG_CROSS_PROFILE_CONTACTS_SEARCH_POLICY, 683 mManagedProfileContactsAccess); 684 writePackagePolicy(out, TAG_CREDENTIAL_MANAGER_POLICY, 685 mCredentialManagerPolicy); 686 if (mManagedSubscriptionsPolicy != null) { 687 out.startTag(null, TAG_MANAGED_SUBSCRIPTIONS_POLICY); 688 mManagedSubscriptionsPolicy.saveToXml(out); 689 out.endTag(null, TAG_MANAGED_SUBSCRIPTIONS_POLICY); 690 } 691 if (!TextUtils.isEmpty(mDialerPackage)) { 692 writeAttributeValueToXml(out, TAG_DIALER_PACKAGE, mDialerPackage); 693 } 694 if (!TextUtils.isEmpty(mSmsPackage)) { 695 writeAttributeValueToXml(out, TAG_SMS_PACKAGE, mSmsPackage); 696 } 697 } 698 writePackagePolicy(TypedXmlSerializer out, String tag, PackagePolicy packagePolicy)699 private void writePackagePolicy(TypedXmlSerializer out, String tag, 700 PackagePolicy packagePolicy) throws IOException { 701 if (packagePolicy == null) { 702 return; 703 } 704 out.startTag(null, tag); 705 out.attributeInt(null, ATTR_PACKAGE_POLICY_MODE, packagePolicy.getPolicyType()); 706 writePackageListToXml(out, TAG_PACKAGE_POLICY_PACKAGE_NAMES, 707 new ArrayList<>(packagePolicy.getPackageNames())); 708 out.endTag(null, tag); 709 } 710 ssidsToStrings(Set<WifiSsid> ssids)711 private List<String> ssidsToStrings(Set<WifiSsid> ssids) { 712 return ssids.stream() 713 .map(ssid -> new String(ssid.getBytes(), StandardCharsets.UTF_8)) 714 .collect(Collectors.toList()); 715 } 716 writeTextToXml(TypedXmlSerializer out, String tag, String text)717 void writeTextToXml(TypedXmlSerializer out, String tag, String text) throws IOException { 718 out.startTag(null, tag); 719 out.text(text); 720 out.endTag(null, tag); 721 } 722 writePackageListToXml(TypedXmlSerializer out, String outerTag, List<String> packageList)723 void writePackageListToXml(TypedXmlSerializer out, String outerTag, 724 List<String> packageList) 725 throws IllegalArgumentException, IllegalStateException, IOException { 726 if (packageList == null) { 727 return; 728 } 729 writeAttributeValuesToXml(out, outerTag, TAG_PACKAGE_LIST_ITEM, packageList); 730 } 731 writeAttributeValueToXml(TypedXmlSerializer out, String tag, String value)732 void writeAttributeValueToXml(TypedXmlSerializer out, String tag, String value) 733 throws IOException { 734 out.startTag(null, tag); 735 out.attribute(null, ATTR_VALUE, value); 736 out.endTag(null, tag); 737 } 738 writeAttributeValueToXml(TypedXmlSerializer out, String tag, int value)739 void writeAttributeValueToXml(TypedXmlSerializer out, String tag, int value) 740 throws IOException { 741 out.startTag(null, tag); 742 out.attributeInt(null, ATTR_VALUE, value); 743 out.endTag(null, tag); 744 } 745 writeAttributeValueToXml(TypedXmlSerializer out, String tag, long value)746 void writeAttributeValueToXml(TypedXmlSerializer out, String tag, long value) 747 throws IOException { 748 out.startTag(null, tag); 749 out.attributeLong(null, ATTR_VALUE, value); 750 out.endTag(null, tag); 751 } 752 writeAttributeValueToXml(TypedXmlSerializer out, String tag, boolean value)753 void writeAttributeValueToXml(TypedXmlSerializer out, String tag, boolean value) 754 throws IOException { 755 out.startTag(null, tag); 756 out.attributeBoolean(null, ATTR_VALUE, value); 757 out.endTag(null, tag); 758 } 759 writeAttributeValuesToXml(TypedXmlSerializer out, String outerTag, String innerTag, @NonNull Collection<String> values)760 void writeAttributeValuesToXml(TypedXmlSerializer out, String outerTag, String innerTag, 761 @NonNull Collection<String> values) throws IOException { 762 out.startTag(null, outerTag); 763 for (String value : values) { 764 out.startTag(null, innerTag); 765 out.attribute(null, ATTR_VALUE, value); 766 out.endTag(null, innerTag); 767 } 768 out.endTag(null, outerTag); 769 } 770 readFromXml(TypedXmlPullParser parser, boolean shouldOverridePolicies)771 void readFromXml(TypedXmlPullParser parser, boolean shouldOverridePolicies) 772 throws XmlPullParserException, IOException { 773 int outerDepth = parser.getDepth(); 774 int type; 775 while ((type = parser.next()) != END_DOCUMENT 776 && (type != END_TAG || parser.getDepth() > outerDepth)) { 777 if (type == END_TAG || type == TEXT) { 778 continue; 779 } 780 String tag = parser.getName(); 781 if (TAG_POLICIES.equals(tag)) { 782 if (shouldOverridePolicies) { 783 Slogf.d(LOG_TAG, "Overriding device admin policies from XML."); 784 info.readPoliciesFromXml(parser); 785 } 786 } else if (TAG_PASSWORD_QUALITY.equals(tag)) { 787 mPasswordPolicy.quality = parser.getAttributeInt(null, ATTR_VALUE); 788 } else if (TAG_MIN_PASSWORD_LENGTH.equals(tag)) { 789 mPasswordPolicy.length = parser.getAttributeInt(null, ATTR_VALUE); 790 } else if (TAG_PASSWORD_HISTORY_LENGTH.equals(tag)) { 791 passwordHistoryLength = parser.getAttributeInt(null, ATTR_VALUE); 792 } else if (TAG_MIN_PASSWORD_UPPERCASE.equals(tag)) { 793 mPasswordPolicy.upperCase = parser.getAttributeInt(null, ATTR_VALUE); 794 } else if (TAG_MIN_PASSWORD_LOWERCASE.equals(tag)) { 795 mPasswordPolicy.lowerCase = parser.getAttributeInt(null, ATTR_VALUE); 796 } else if (TAG_MIN_PASSWORD_LETTERS.equals(tag)) { 797 mPasswordPolicy.letters = parser.getAttributeInt(null, ATTR_VALUE); 798 } else if (TAG_MIN_PASSWORD_NUMERIC.equals(tag)) { 799 mPasswordPolicy.numeric = parser.getAttributeInt(null, ATTR_VALUE); 800 } else if (TAG_MIN_PASSWORD_SYMBOLS.equals(tag)) { 801 mPasswordPolicy.symbols = parser.getAttributeInt(null, ATTR_VALUE); 802 } else if (TAG_MIN_PASSWORD_NONLETTER.equals(tag)) { 803 mPasswordPolicy.nonLetter = parser.getAttributeInt(null, ATTR_VALUE); 804 } else if (TAG_MAX_TIME_TO_UNLOCK.equals(tag)) { 805 maximumTimeToUnlock = parser.getAttributeLong(null, ATTR_VALUE); 806 } else if (TAG_STRONG_AUTH_UNLOCK_TIMEOUT.equals(tag)) { 807 strongAuthUnlockTimeout = parser.getAttributeLong(null, ATTR_VALUE); 808 } else if (TAG_MAX_FAILED_PASSWORD_WIPE.equals(tag)) { 809 maximumFailedPasswordsForWipe = parser.getAttributeInt(null, ATTR_VALUE); 810 } else if (TAG_SPECIFIES_GLOBAL_PROXY.equals(tag)) { 811 specifiesGlobalProxy = parser.getAttributeBoolean(null, ATTR_VALUE, false); 812 } else if (TAG_GLOBAL_PROXY_SPEC.equals(tag)) { 813 globalProxySpec = 814 parser.getAttributeValue(null, ATTR_VALUE); 815 } else if (TAG_GLOBAL_PROXY_EXCLUSION_LIST.equals(tag)) { 816 globalProxyExclusionList = 817 parser.getAttributeValue(null, ATTR_VALUE); 818 } else if (TAG_PASSWORD_EXPIRATION_TIMEOUT.equals(tag)) { 819 passwordExpirationTimeout = parser.getAttributeLong(null, ATTR_VALUE); 820 } else if (TAG_PASSWORD_EXPIRATION_DATE.equals(tag)) { 821 passwordExpirationDate = parser.getAttributeLong(null, ATTR_VALUE); 822 } else if (TAG_ENCRYPTION_REQUESTED.equals(tag)) { 823 encryptionRequested = parser.getAttributeBoolean(null, ATTR_VALUE, false); 824 } else if (TAG_TEST_ONLY_ADMIN.equals(tag)) { 825 testOnlyAdmin = parser.getAttributeBoolean(null, ATTR_VALUE, false); 826 } else if (TAG_DISABLE_CAMERA.equals(tag)) { 827 disableCamera = parser.getAttributeBoolean(null, ATTR_VALUE, false); 828 } else if (TAG_DISABLE_CALLER_ID.equals(tag)) { 829 disableCallerId = parser.getAttributeBoolean(null, ATTR_VALUE, false); 830 } else if (TAG_DISABLE_CONTACTS_SEARCH.equals(tag)) { 831 disableContactsSearch = parser.getAttributeBoolean(null, ATTR_VALUE, false); 832 } else if (TAG_DISABLE_BLUETOOTH_CONTACT_SHARING.equals(tag)) { 833 disableBluetoothContactSharing = 834 parser.getAttributeBoolean(null, ATTR_VALUE, false); 835 } else if (TAG_DISABLE_SCREEN_CAPTURE.equals(tag)) { 836 disableScreenCapture = parser.getAttributeBoolean(null, ATTR_VALUE, false); 837 } else if (TAG_REQUIRE_AUTO_TIME.equals(tag)) { 838 requireAutoTime = parser.getAttributeBoolean(null, ATTR_VALUE, false); 839 } else if (TAG_FORCE_EPHEMERAL_USERS.equals(tag)) { 840 forceEphemeralUsers = parser.getAttributeBoolean(null, ATTR_VALUE, false); 841 } else if (TAG_IS_NETWORK_LOGGING_ENABLED.equals(tag)) { 842 isNetworkLoggingEnabled = parser.getAttributeBoolean(null, ATTR_VALUE, false); 843 lastNetworkLoggingNotificationTimeMs = parser.getAttributeLong(null, 844 ATTR_LAST_NETWORK_LOGGING_NOTIFICATION); 845 numNetworkLoggingNotifications = parser.getAttributeInt(null, 846 ATTR_NUM_NETWORK_LOGGING_NOTIFICATIONS); 847 } else if (TAG_DISABLE_KEYGUARD_FEATURES.equals(tag)) { 848 disabledKeyguardFeatures = parser.getAttributeInt(null, ATTR_VALUE); 849 } else if (TAG_DISABLE_ACCOUNT_MANAGEMENT.equals(tag)) { 850 readAttributeValues( 851 parser, TAG_ACCOUNT_TYPE, accountTypesWithManagementDisabled); 852 } else if (TAG_MANAGE_TRUST_AGENT_FEATURES.equals(tag)) { 853 trustAgentInfos = getAllTrustAgentInfos(parser, tag); 854 } else if (TAG_CROSS_PROFILE_WIDGET_PROVIDERS.equals(tag)) { 855 crossProfileWidgetProviders = new ArrayList<>(); 856 readAttributeValues(parser, TAG_PROVIDER, crossProfileWidgetProviders); 857 } else if (TAG_PERMITTED_ACCESSIBILITY_SERVICES.equals(tag)) { 858 permittedAccessiblityServices = readPackageList(parser, tag); 859 } else if (TAG_PERMITTED_IMES.equals(tag)) { 860 permittedInputMethods = readPackageList(parser, tag); 861 } else if (TAG_PERMITTED_NOTIFICATION_LISTENERS.equals(tag)) { 862 permittedNotificationListeners = readPackageList(parser, tag); 863 } else if (TAG_KEEP_UNINSTALLED_PACKAGES.equals(tag)) { 864 keepUninstalledPackages = readPackageList(parser, tag); 865 } else if (TAG_METERED_DATA_DISABLED_PACKAGES.equals(tag)) { 866 meteredDisabledPackages = readPackageList(parser, tag); 867 } else if (TAG_PROTECTED_PACKAGES.equals(tag)) { 868 protectedPackages = readPackageList(parser, tag); 869 } else if (TAG_SUSPENDED_PACKAGES.equals(tag)) { 870 suspendedPackages = readPackageList(parser, tag); 871 } else if (TAG_USER_RESTRICTIONS.equals(tag)) { 872 userRestrictions = UserRestrictionsUtils.readRestrictions(parser); 873 } else if (TAG_DEFAULT_ENABLED_USER_RESTRICTIONS.equals(tag)) { 874 readAttributeValues( 875 parser, TAG_RESTRICTION, defaultEnabledRestrictionsAlreadySet); 876 } else if (TAG_SHORT_SUPPORT_MESSAGE.equals(tag)) { 877 type = parser.next(); 878 if (type == TypedXmlPullParser.TEXT) { 879 shortSupportMessage = parser.getText(); 880 } else { 881 Slogf.w(LOG_TAG, "Missing text when loading short support message"); 882 } 883 } else if (TAG_LONG_SUPPORT_MESSAGE.equals(tag)) { 884 type = parser.next(); 885 if (type == TypedXmlPullParser.TEXT) { 886 longSupportMessage = parser.getText(); 887 } else { 888 Slogf.w(LOG_TAG, "Missing text when loading long support message"); 889 } 890 } else if (TAG_PARENT_ADMIN.equals(tag)) { 891 Preconditions.checkState(!isParent); 892 parentAdmin = new ActiveAdmin(info, /* parent */ true); 893 parentAdmin.readFromXml(parser, shouldOverridePolicies); 894 } else if (TAG_ORGANIZATION_COLOR.equals(tag)) { 895 organizationColor = parser.getAttributeInt(null, ATTR_VALUE); 896 } else if (TAG_ORGANIZATION_NAME.equals(tag)) { 897 type = parser.next(); 898 if (type == TypedXmlPullParser.TEXT) { 899 organizationName = parser.getText(); 900 } else { 901 Slogf.w(LOG_TAG, "Missing text when loading organization name"); 902 } 903 } else if (TAG_IS_LOGOUT_ENABLED.equals(tag)) { 904 isLogoutEnabled = parser.getAttributeBoolean(null, ATTR_VALUE, false); 905 } else if (TAG_START_USER_SESSION_MESSAGE.equals(tag)) { 906 type = parser.next(); 907 if (type == TypedXmlPullParser.TEXT) { 908 startUserSessionMessage = parser.getText(); 909 } else { 910 Slogf.w(LOG_TAG, "Missing text when loading start session message"); 911 } 912 } else if (TAG_END_USER_SESSION_MESSAGE.equals(tag)) { 913 type = parser.next(); 914 if (type == TypedXmlPullParser.TEXT) { 915 endUserSessionMessage = parser.getText(); 916 } else { 917 Slogf.w(LOG_TAG, "Missing text when loading end session message"); 918 } 919 } else if (TAG_CROSS_PROFILE_CALENDAR_PACKAGES.equals(tag)) { 920 mCrossProfileCalendarPackages = readPackageList(parser, tag); 921 } else if (TAG_CROSS_PROFILE_CALENDAR_PACKAGES_NULL.equals(tag)) { 922 mCrossProfileCalendarPackages = null; 923 } else if (TAG_CROSS_PROFILE_PACKAGES.equals(tag)) { 924 mCrossProfilePackages = readPackageList(parser, tag); 925 } else if (TAG_FACTORY_RESET_PROTECTION_POLICY.equals(tag)) { 926 mFactoryResetProtectionPolicy = FactoryResetProtectionPolicy.readFromXml( 927 parser); 928 } else if (TAG_SUSPEND_PERSONAL_APPS.equals(tag)) { 929 mSuspendPersonalApps = parser.getAttributeBoolean(null, ATTR_VALUE, false); 930 } else if (TAG_PROFILE_MAXIMUM_TIME_OFF.equals(tag)) { 931 mProfileMaximumTimeOffMillis = 932 parser.getAttributeLong(null, ATTR_VALUE); 933 } else if (TAG_PROFILE_OFF_DEADLINE.equals(tag)) { 934 mProfileOffDeadline = 935 parser.getAttributeLong(null, ATTR_VALUE); 936 } else if (TAG_ALWAYS_ON_VPN_PACKAGE.equals(tag)) { 937 mAlwaysOnVpnPackage = parser.getAttributeValue(null, ATTR_VALUE); 938 } else if (TAG_ALWAYS_ON_VPN_LOCKDOWN.equals(tag)) { 939 mAlwaysOnVpnLockdown = parser.getAttributeBoolean(null, ATTR_VALUE, false); 940 } else if (TAG_PREFERENTIAL_NETWORK_SERVICE_ENABLED.equals(tag)) { 941 boolean preferentialNetworkServiceEnabled = parser.getAttributeBoolean(null, 942 ATTR_VALUE, 943 DevicePolicyManager.PREFERENTIAL_NETWORK_SERVICE_ENABLED_DEFAULT); 944 if (preferentialNetworkServiceEnabled) { 945 PreferentialNetworkServiceConfig.Builder configBuilder = 946 new PreferentialNetworkServiceConfig.Builder(); 947 configBuilder.setEnabled(preferentialNetworkServiceEnabled); 948 configBuilder.setNetworkId(NET_ENTERPRISE_ID_1); 949 mPreferentialNetworkServiceConfigs = List.of(configBuilder.build()); 950 } 951 } else if (TAG_COMMON_CRITERIA_MODE.equals(tag)) { 952 mCommonCriteriaMode = parser.getAttributeBoolean(null, ATTR_VALUE, false); 953 } else if (TAG_PASSWORD_COMPLEXITY.equals(tag)) { 954 mPasswordComplexity = parser.getAttributeInt(null, ATTR_VALUE); 955 } else if (TAG_NEARBY_NOTIFICATION_STREAMING_POLICY.equals(tag)) { 956 mNearbyNotificationStreamingPolicy = parser.getAttributeInt(null, ATTR_VALUE); 957 } else if (TAG_NEARBY_APP_STREAMING_POLICY.equals(tag)) { 958 mNearbyAppStreamingPolicy = parser.getAttributeInt(null, ATTR_VALUE); 959 } else if (TAG_ORGANIZATION_ID.equals(tag)) { 960 type = parser.next(); 961 if (type == TypedXmlPullParser.TEXT) { 962 mOrganizationId = parser.getText(); 963 } else { 964 Slogf.w(LOG_TAG, "Missing Organization ID."); 965 } 966 } else if (TAG_ENROLLMENT_SPECIFIC_ID.equals(tag)) { 967 type = parser.next(); 968 if (type == TypedXmlPullParser.TEXT) { 969 mEnrollmentSpecificId = parser.getText(); 970 } else { 971 Slogf.w(LOG_TAG, "Missing Enrollment-specific ID."); 972 } 973 } else if (TAG_ADMIN_CAN_GRANT_SENSORS_PERMISSIONS.equals(tag)) { 974 mAdminCanGrantSensorsPermissions = parser.getAttributeBoolean(null, ATTR_VALUE, 975 false); 976 } else if (TAG_USB_DATA_SIGNALING.equals(tag)) { 977 mUsbDataSignalingEnabled = parser.getAttributeBoolean(null, ATTR_VALUE, 978 USB_DATA_SIGNALING_ENABLED_DEFAULT); 979 } else if (TAG_WIFI_MIN_SECURITY.equals(tag)) { 980 mWifiMinimumSecurityLevel = parser.getAttributeInt(null, ATTR_VALUE); 981 } else if (TAG_SSID_ALLOWLIST.equals(tag)) { 982 List<WifiSsid> ssids = readWifiSsids(parser, TAG_SSID); 983 mWifiSsidPolicy = new WifiSsidPolicy( 984 WIFI_SSID_POLICY_TYPE_ALLOWLIST, new ArraySet<>(ssids)); 985 } else if (TAG_SSID_DENYLIST.equals(tag)) { 986 List<WifiSsid> ssids = readWifiSsids(parser, TAG_SSID); 987 mWifiSsidPolicy = new WifiSsidPolicy( 988 WIFI_SSID_POLICY_TYPE_DENYLIST, new ArraySet<>(ssids)); 989 } else if (TAG_PREFERENTIAL_NETWORK_SERVICE_CONFIGS.equals(tag)) { 990 List<PreferentialNetworkServiceConfig> configs = 991 getPreferentialNetworkServiceConfigs(parser, tag); 992 if (!configs.isEmpty()) { 993 mPreferentialNetworkServiceConfigs = configs; 994 } 995 } else if (TAG_MTE_POLICY.equals(tag)) { 996 mtePolicy = parser.getAttributeInt(null, ATTR_VALUE); 997 } else if (TAG_CROSS_PROFILE_CALLER_ID_POLICY.equals(tag)) { 998 mManagedProfileCallerIdAccess = readPackagePolicy(parser); 999 } else if (TAG_CROSS_PROFILE_CONTACTS_SEARCH_POLICY.equals(tag)) { 1000 mManagedProfileContactsAccess = readPackagePolicy(parser); 1001 } else if (TAG_MANAGED_SUBSCRIPTIONS_POLICY.equals(tag)) { 1002 mManagedSubscriptionsPolicy = ManagedSubscriptionsPolicy.readFromXml(parser); 1003 } else if (TAG_CREDENTIAL_MANAGER_POLICY.equals(tag)) { 1004 mCredentialManagerPolicy = readPackagePolicy(parser); 1005 } else if (TAG_DIALER_PACKAGE.equals(tag)) { 1006 mDialerPackage = parser.getAttributeValue(null, ATTR_VALUE); 1007 } else if (TAG_SMS_PACKAGE.equals(tag)) { 1008 mSmsPackage = parser.getAttributeValue(null, ATTR_VALUE); 1009 } else { 1010 Slogf.w(LOG_TAG, "Unknown admin tag: %s", tag); 1011 XmlUtils.skipCurrentTag(parser); 1012 } 1013 } 1014 } 1015 readPackagePolicy(TypedXmlPullParser parser)1016 private PackagePolicy readPackagePolicy(TypedXmlPullParser parser) 1017 throws XmlPullParserException, IOException { 1018 int policy = parser.getAttributeInt(null, ATTR_PACKAGE_POLICY_MODE); 1019 Set<String> packageNames = new ArraySet<>( 1020 readPackageList(parser, TAG_PACKAGE_POLICY_PACKAGE_NAMES)); 1021 return new PackagePolicy(policy, packageNames); 1022 } 1023 readWifiSsids(TypedXmlPullParser parser, String tag)1024 private List<WifiSsid> readWifiSsids(TypedXmlPullParser parser, String tag) 1025 throws XmlPullParserException, IOException { 1026 List<String> ssidStrings = new ArrayList<>(); 1027 readAttributeValues(parser, tag, ssidStrings); 1028 List<WifiSsid> ssids = ssidStrings.stream() 1029 .map(ssid -> WifiSsid.fromBytes(ssid.getBytes(StandardCharsets.UTF_8))) 1030 .collect(Collectors.toList()); 1031 return ssids; 1032 } 1033 readPackageList(TypedXmlPullParser parser, String tag)1034 private List<String> readPackageList(TypedXmlPullParser parser, 1035 String tag) throws XmlPullParserException, IOException { 1036 List<String> result = new ArrayList<String>(); 1037 int outerDepth = parser.getDepth(); 1038 int outerType; 1039 while ((outerType = parser.next()) != TypedXmlPullParser.END_DOCUMENT 1040 && (outerType != TypedXmlPullParser.END_TAG || parser.getDepth() > outerDepth)) { 1041 if (outerType == TypedXmlPullParser.END_TAG || outerType == TypedXmlPullParser.TEXT) { 1042 continue; 1043 } 1044 String outerTag = parser.getName(); 1045 if (TAG_PACKAGE_LIST_ITEM.equals(outerTag)) { 1046 String packageName = parser.getAttributeValue(null, ATTR_VALUE); 1047 if (packageName != null) { 1048 result.add(packageName); 1049 } else { 1050 Slogf.w(LOG_TAG, "Package name missing under %s", outerTag); 1051 } 1052 } else { 1053 Slogf.w(LOG_TAG, "Unknown tag under %s: ", tag, outerTag); 1054 } 1055 } 1056 return result; 1057 } 1058 readAttributeValues( TypedXmlPullParser parser, String tag, Collection<String> result)1059 private void readAttributeValues( 1060 TypedXmlPullParser parser, String tag, Collection<String> result) 1061 throws XmlPullParserException, IOException { 1062 result.clear(); 1063 int outerDepthDAM = parser.getDepth(); 1064 int typeDAM; 1065 while ((typeDAM = parser.next()) != END_DOCUMENT 1066 && (typeDAM != END_TAG || parser.getDepth() > outerDepthDAM)) { 1067 if (typeDAM == END_TAG || typeDAM == TEXT) { 1068 continue; 1069 } 1070 String tagDAM = parser.getName(); 1071 if (tag.equals(tagDAM)) { 1072 result.add(parser.getAttributeValue(null, ATTR_VALUE)); 1073 } else { 1074 Slogf.e(LOG_TAG, "Expected tag %s but found %s", tag, tagDAM); 1075 } 1076 } 1077 } 1078 1079 @NonNull getAllTrustAgentInfos( TypedXmlPullParser parser, String tag)1080 private ArrayMap<String, TrustAgentInfo> getAllTrustAgentInfos( 1081 TypedXmlPullParser parser, String tag) throws XmlPullParserException, IOException { 1082 int outerDepthDAM = parser.getDepth(); 1083 int typeDAM; 1084 final ArrayMap<String, TrustAgentInfo> result = new ArrayMap<>(); 1085 while ((typeDAM = parser.next()) != END_DOCUMENT 1086 && (typeDAM != END_TAG || parser.getDepth() > outerDepthDAM)) { 1087 if (typeDAM == END_TAG || typeDAM == TEXT) { 1088 continue; 1089 } 1090 String tagDAM = parser.getName(); 1091 if (TAG_TRUST_AGENT_COMPONENT.equals(tagDAM)) { 1092 final String component = parser.getAttributeValue(null, ATTR_VALUE); 1093 final TrustAgentInfo trustAgentInfo = getTrustAgentInfo(parser, tag); 1094 result.put(component, trustAgentInfo); 1095 } else { 1096 Slogf.w(LOG_TAG, "Unknown tag under %s: %s", tag, tagDAM); 1097 } 1098 } 1099 return result; 1100 } 1101 getTrustAgentInfo(TypedXmlPullParser parser, String outerTag)1102 private TrustAgentInfo getTrustAgentInfo(TypedXmlPullParser parser, String outerTag) 1103 throws XmlPullParserException, IOException { 1104 int outerDepth = parser.getDepth(); 1105 int type; 1106 TrustAgentInfo result = new TrustAgentInfo(null); 1107 while ((type = parser.next()) != END_DOCUMENT 1108 && (type != END_TAG || parser.getDepth() > outerDepth)) { 1109 if (type == END_TAG || type == TEXT) { 1110 continue; 1111 } 1112 String tag = parser.getName(); 1113 if (TAG_TRUST_AGENT_COMPONENT_OPTIONS.equals(tag)) { 1114 result.options = PersistableBundle.restoreFromXml(parser); 1115 } else { 1116 Slogf.w(LOG_TAG, "Unknown tag under %s: %s", outerTag, tag); 1117 } 1118 } 1119 return result; 1120 } 1121 1122 @NonNull getPreferentialNetworkServiceConfigs( TypedXmlPullParser parser, String tag)1123 private List<PreferentialNetworkServiceConfig> getPreferentialNetworkServiceConfigs( 1124 TypedXmlPullParser parser, String tag) throws XmlPullParserException, IOException { 1125 int outerDepth = parser.getDepth(); 1126 int typeDAM; 1127 final List<PreferentialNetworkServiceConfig> result = new ArrayList<>(); 1128 while ((typeDAM = parser.next()) != END_DOCUMENT 1129 && (typeDAM != END_TAG || parser.getDepth() > outerDepth)) { 1130 if (typeDAM == END_TAG || typeDAM == TEXT) { 1131 continue; 1132 } 1133 String tagDAM = parser.getName(); 1134 if (TAG_PREFERENTIAL_NETWORK_SERVICE_CONFIG.equals(tagDAM)) { 1135 final PreferentialNetworkServiceConfig preferentialNetworkServiceConfig = 1136 PreferentialNetworkServiceConfig.getPreferentialNetworkServiceConfig( 1137 parser, tag); 1138 result.add(preferentialNetworkServiceConfig); 1139 } else { 1140 Slogf.w(LOG_TAG, "Unknown tag under %s: %s", tag, tagDAM); 1141 } 1142 } 1143 return result; 1144 } 1145 hasUserRestrictions()1146 boolean hasUserRestrictions() { 1147 return userRestrictions != null && userRestrictions.size() > 0; 1148 } 1149 ensureUserRestrictions()1150 Bundle ensureUserRestrictions() { 1151 if (userRestrictions == null) { 1152 userRestrictions = new Bundle(); 1153 } 1154 return userRestrictions; 1155 } 1156 transfer(DeviceAdminInfo deviceAdminInfo)1157 public void transfer(DeviceAdminInfo deviceAdminInfo) { 1158 if (hasParentActiveAdmin()) { 1159 parentAdmin.info = deviceAdminInfo; 1160 } 1161 info = deviceAdminInfo; 1162 } 1163 addSyntheticRestrictions(Bundle restrictions)1164 Bundle addSyntheticRestrictions(Bundle restrictions) { 1165 if (disableCamera) { 1166 restrictions.putBoolean(UserManager.DISALLOW_CAMERA, true); 1167 } 1168 if (requireAutoTime) { 1169 restrictions.putBoolean(UserManager.DISALLOW_CONFIG_DATE_TIME, true); 1170 } 1171 return restrictions; 1172 } 1173 removeDeprecatedRestrictions(Bundle restrictions)1174 static Bundle removeDeprecatedRestrictions(Bundle restrictions) { 1175 for (String deprecatedRestriction: UserRestrictionsUtils.DEPRECATED_USER_RESTRICTIONS) { 1176 restrictions.remove(deprecatedRestriction); 1177 } 1178 return restrictions; 1179 } 1180 filterRestrictions(Bundle restrictions, Predicate<String> filter)1181 static Bundle filterRestrictions(Bundle restrictions, Predicate<String> filter) { 1182 Bundle result = new Bundle(); 1183 for (String key : restrictions.keySet()) { 1184 if (!restrictions.getBoolean(key)) { 1185 continue; 1186 } 1187 if (filter.test(key)) { 1188 result.putBoolean(key, true); 1189 } 1190 } 1191 return result; 1192 } 1193 getEffectiveRestrictions()1194 Bundle getEffectiveRestrictions() { 1195 return addSyntheticRestrictions( 1196 removeDeprecatedRestrictions(new Bundle(ensureUserRestrictions()))); 1197 } 1198 getLocalUserRestrictions(int adminType)1199 Bundle getLocalUserRestrictions(int adminType) { 1200 return filterRestrictions(getEffectiveRestrictions(), 1201 key -> UserRestrictionsUtils.isLocal(adminType, key)); 1202 } 1203 getGlobalUserRestrictions(int adminType)1204 Bundle getGlobalUserRestrictions(int adminType) { 1205 return filterRestrictions(getEffectiveRestrictions(), 1206 key -> UserRestrictionsUtils.isGlobal(adminType, key)); 1207 } 1208 dumpPackagePolicy(IndentingPrintWriter pw, String name, PackagePolicy policy)1209 void dumpPackagePolicy(IndentingPrintWriter pw, String name, PackagePolicy policy) { 1210 pw.print(name); 1211 pw.println(":"); 1212 if (policy != null) { 1213 pw.increaseIndent(); 1214 pw.print("policyType="); 1215 pw.println(policy.getPolicyType()); 1216 pw.println("packageNames:"); 1217 pw.increaseIndent(); 1218 policy.getPackageNames().forEach(item -> pw.println(item)); 1219 pw.decreaseIndent(); 1220 pw.decreaseIndent(); 1221 } 1222 } 1223 dump(IndentingPrintWriter pw)1224 void dump(IndentingPrintWriter pw) { 1225 pw.print("uid="); 1226 pw.println(getUid()); 1227 1228 pw.print("testOnlyAdmin="); 1229 pw.println(testOnlyAdmin); 1230 1231 if (info != null) { 1232 pw.println("policies:"); 1233 ArrayList<DeviceAdminInfo.PolicyInfo> pols = info.getUsedPolicies(); 1234 if (pols != null) { 1235 pw.increaseIndent(); 1236 for (int i = 0; i < pols.size(); i++) { 1237 pw.println(pols.get(i).tag); 1238 } 1239 pw.decreaseIndent(); 1240 } 1241 } 1242 1243 pw.print("passwordQuality=0x"); 1244 pw.println(Integer.toHexString(mPasswordPolicy.quality)); 1245 1246 pw.print("minimumPasswordLength="); 1247 pw.println(mPasswordPolicy.length); 1248 1249 pw.print("passwordHistoryLength="); 1250 pw.println(passwordHistoryLength); 1251 1252 pw.print("minimumPasswordUpperCase="); 1253 pw.println(mPasswordPolicy.upperCase); 1254 1255 pw.print("minimumPasswordLowerCase="); 1256 pw.println(mPasswordPolicy.lowerCase); 1257 1258 pw.print("minimumPasswordLetters="); 1259 pw.println(mPasswordPolicy.letters); 1260 1261 pw.print("minimumPasswordNumeric="); 1262 pw.println(mPasswordPolicy.numeric); 1263 1264 pw.print("minimumPasswordSymbols="); 1265 pw.println(mPasswordPolicy.symbols); 1266 1267 pw.print("minimumPasswordNonLetter="); 1268 pw.println(mPasswordPolicy.nonLetter); 1269 1270 pw.print("maximumTimeToUnlock="); 1271 pw.println(maximumTimeToUnlock); 1272 1273 pw.print("strongAuthUnlockTimeout="); 1274 pw.println(strongAuthUnlockTimeout); 1275 1276 pw.print("maximumFailedPasswordsForWipe="); 1277 pw.println(maximumFailedPasswordsForWipe); 1278 1279 pw.print("specifiesGlobalProxy="); 1280 pw.println(specifiesGlobalProxy); 1281 1282 pw.print("passwordExpirationTimeout="); 1283 pw.println(passwordExpirationTimeout); 1284 1285 pw.print("passwordExpirationDate="); 1286 pw.println(passwordExpirationDate); 1287 1288 if (globalProxySpec != null) { 1289 pw.print("globalProxySpec="); 1290 pw.println(globalProxySpec); 1291 } 1292 if (globalProxyExclusionList != null) { 1293 pw.print("globalProxyEclusionList="); 1294 pw.println(globalProxyExclusionList); 1295 } 1296 pw.print("encryptionRequested="); 1297 pw.println(encryptionRequested); 1298 1299 if (!Flags.dumpsysPolicyEngineMigrationEnabled()) { 1300 pw.print("disableCamera="); 1301 pw.println(disableCamera); 1302 1303 pw.print("disableScreenCapture="); 1304 pw.println(disableScreenCapture); 1305 1306 pw.print("requireAutoTime="); 1307 pw.println(requireAutoTime); 1308 1309 if (permittedInputMethods != null) { 1310 pw.print("permittedInputMethods="); 1311 pw.println(permittedInputMethods); 1312 } 1313 1314 pw.println("userRestrictions:"); 1315 UserRestrictionsUtils.dumpRestrictions(pw, " ", userRestrictions); 1316 } 1317 1318 if (!Flags.policyEngineMigrationV2Enabled() 1319 || !Flags.dumpsysPolicyEngineMigrationEnabled()) { 1320 pw.print("mUsbDataSignaling="); 1321 pw.println(mUsbDataSignalingEnabled); 1322 } 1323 1324 pw.print("disableCallerId="); 1325 pw.println(disableCallerId); 1326 1327 pw.print("disableContactsSearch="); 1328 pw.println(disableContactsSearch); 1329 1330 pw.print("disableBluetoothContactSharing="); 1331 pw.println(disableBluetoothContactSharing); 1332 1333 pw.print("forceEphemeralUsers="); 1334 pw.println(forceEphemeralUsers); 1335 1336 pw.print("isNetworkLoggingEnabled="); 1337 pw.println(isNetworkLoggingEnabled); 1338 1339 pw.print("disabledKeyguardFeatures="); 1340 pw.println(disabledKeyguardFeatures); 1341 1342 pw.print("crossProfileWidgetProviders="); 1343 pw.println(crossProfileWidgetProviders); 1344 1345 if (permittedAccessiblityServices != null) { 1346 pw.print("permittedAccessibilityServices="); 1347 pw.println(permittedAccessiblityServices); 1348 } 1349 1350 if (permittedNotificationListeners != null) { 1351 pw.print("permittedNotificationListeners="); 1352 pw.println(permittedNotificationListeners); 1353 } 1354 1355 if (keepUninstalledPackages != null) { 1356 pw.print("keepUninstalledPackages="); 1357 pw.println(keepUninstalledPackages); 1358 } 1359 1360 if (meteredDisabledPackages != null) { 1361 pw.print("meteredDisabledPackages="); 1362 pw.println(meteredDisabledPackages); 1363 } 1364 1365 if (protectedPackages != null) { 1366 pw.print("protectedPackages="); 1367 pw.println(protectedPackages); 1368 } 1369 1370 if (suspendedPackages != null) { 1371 pw.print("suspendedPackages="); 1372 pw.println(suspendedPackages); 1373 } 1374 1375 pw.print("organizationColor="); 1376 pw.println(organizationColor); 1377 1378 if (organizationName != null) { 1379 pw.print("organizationName="); 1380 pw.println(organizationName); 1381 } 1382 1383 pw.print("defaultEnabledRestrictionsAlreadySet="); 1384 pw.println(defaultEnabledRestrictionsAlreadySet); 1385 1386 1387 dumpPackagePolicy(pw, "managedProfileCallerIdPolicy", 1388 mManagedProfileCallerIdAccess); 1389 1390 dumpPackagePolicy(pw, "managedProfileContactsPolicy", 1391 mManagedProfileContactsAccess); 1392 1393 dumpPackagePolicy(pw, "credentialManagerPolicy", 1394 mCredentialManagerPolicy); 1395 1396 pw.print("isParent="); 1397 pw.println(isParent); 1398 1399 if (parentAdmin != null) { 1400 pw.println("parentAdmin:"); 1401 pw.increaseIndent(); 1402 parentAdmin.dump(pw); 1403 pw.decreaseIndent(); 1404 } 1405 1406 if (mCrossProfileCalendarPackages != null) { 1407 pw.print("mCrossProfileCalendarPackages="); 1408 pw.println(mCrossProfileCalendarPackages); 1409 } 1410 1411 pw.print("mCrossProfilePackages="); 1412 pw.println(mCrossProfilePackages); 1413 1414 pw.print("mSuspendPersonalApps="); 1415 pw.println(mSuspendPersonalApps); 1416 1417 pw.print("mProfileMaximumTimeOffMillis="); 1418 pw.println(mProfileMaximumTimeOffMillis); 1419 1420 pw.print("mProfileOffDeadline="); 1421 pw.println(mProfileOffDeadline); 1422 1423 pw.print("mAlwaysOnVpnPackage="); 1424 pw.println(mAlwaysOnVpnPackage); 1425 1426 pw.print("mAlwaysOnVpnLockdown="); 1427 pw.println(mAlwaysOnVpnLockdown); 1428 1429 pw.print("mCommonCriteriaMode="); 1430 pw.println(mCommonCriteriaMode); 1431 1432 pw.print("mPasswordComplexity="); 1433 pw.println(mPasswordComplexity); 1434 1435 pw.print("mNearbyNotificationStreamingPolicy="); 1436 pw.println(mNearbyNotificationStreamingPolicy); 1437 1438 pw.print("mNearbyAppStreamingPolicy="); 1439 pw.println(mNearbyAppStreamingPolicy); 1440 1441 if (!TextUtils.isEmpty(mOrganizationId)) { 1442 pw.print("mOrganizationId="); 1443 pw.println(mOrganizationId); 1444 } 1445 1446 if (!TextUtils.isEmpty(mEnrollmentSpecificId)) { 1447 pw.print("mEnrollmentSpecificId="); 1448 pw.println(mEnrollmentSpecificId); 1449 } 1450 1451 pw.print("mAdminCanGrantSensorsPermissions="); 1452 pw.println(mAdminCanGrantSensorsPermissions); 1453 1454 pw.print("mWifiMinimumSecurityLevel="); 1455 pw.println(mWifiMinimumSecurityLevel); 1456 1457 if (mWifiSsidPolicy != null) { 1458 if (mWifiSsidPolicy.getPolicyType() == WIFI_SSID_POLICY_TYPE_ALLOWLIST) { 1459 pw.print("mSsidAllowlist="); 1460 } else { 1461 pw.print("mSsidDenylist="); 1462 } 1463 pw.println(ssidsToStrings(mWifiSsidPolicy.getSsids())); 1464 } 1465 1466 if (mFactoryResetProtectionPolicy != null) { 1467 pw.println("mFactoryResetProtectionPolicy:"); 1468 pw.increaseIndent(); 1469 mFactoryResetProtectionPolicy.dump(pw); 1470 pw.decreaseIndent(); 1471 } 1472 1473 if (mPreferentialNetworkServiceConfigs != null) { 1474 pw.println("mPreferentialNetworkServiceConfigs:"); 1475 pw.increaseIndent(); 1476 for (PreferentialNetworkServiceConfig config : mPreferentialNetworkServiceConfigs) { 1477 config.dump(pw); 1478 } 1479 pw.decreaseIndent(); 1480 } 1481 1482 pw.print("mtePolicy="); 1483 pw.println(mtePolicy); 1484 1485 pw.print("accountTypesWithManagementDisabled="); 1486 pw.println(accountTypesWithManagementDisabled); 1487 1488 if (mManagedSubscriptionsPolicy != null) { 1489 pw.println("mManagedSubscriptionsPolicy:"); 1490 pw.increaseIndent(); 1491 pw.println(mManagedSubscriptionsPolicy); 1492 pw.decreaseIndent(); 1493 } 1494 1495 pw.print("mDialerPackage="); 1496 pw.println(mDialerPackage); 1497 pw.print("mSmsPackage="); 1498 pw.println(mSmsPackage); 1499 } 1500 } 1501