1d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn/* 2d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Copyright (C) 2010 The Android Open Source Project 3d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 4d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Licensed under the Apache License, Version 2.0 (the "License"); 5d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * you may not use this file except in compliance with the License. 6d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * You may obtain a copy of the License at 7d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 8d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * http://www.apache.org/licenses/LICENSE-2.0 9d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 10d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Unless required by applicable law or agreed to in writing, software 11d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * distributed under the License is distributed on an "AS IS" BASIS, 12d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * See the License for the specific language governing permissions and 14d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * limitations under the License. 15d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 16d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 1787bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackbornpackage android.app.admin; 18d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 19d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport org.xmlpull.v1.XmlPullParserException; 20d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 21d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.annotation.SdkConstant; 22d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.annotation.SdkConstant.SdkConstantType; 23d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.content.ComponentName; 24d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.content.Context; 25d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.content.pm.ActivityInfo; 26d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.content.pm.PackageManager; 27d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.content.pm.ResolveInfo; 28d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.os.Handler; 298ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackbornimport android.os.RemoteCallback; 30d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.os.RemoteException; 31d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.os.ServiceManager; 32d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.util.Log; 33d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 34d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport java.io.IOException; 35d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackbornimport java.util.List; 36d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 37d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn/** 38d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Public interface for managing policies enforced on a device. Most clients 39ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * of this class must have published a {@link DeviceAdminReceiver} that the user 40d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * has currently enabled. 41d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 42d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornpublic class DevicePolicyManager { 43d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn private static String TAG = "DevicePolicyManager"; 44d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn private static boolean DEBUG = false; 45d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn private static boolean localLOGV = DEBUG || android.util.Config.LOGV; 46d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 47d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn private final Context mContext; 48d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn private final IDevicePolicyManager mService; 498ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn 508ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn private final Handler mHandler; 51d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 5221f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn private DevicePolicyManager(Context context, Handler handler) { 53d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mContext = context; 54d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mHandler = handler; 55d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mService = IDevicePolicyManager.Stub.asInterface( 56d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn ServiceManager.getService(Context.DEVICE_POLICY_SERVICE)); 57d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 58d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 5987bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn /** @hide */ 6087bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn public static DevicePolicyManager create(Context context, Handler handler) { 6121f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn DevicePolicyManager me = new DevicePolicyManager(context, handler); 6221f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn return me.mService != null ? me : null; 6321f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn } 6421f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn 65d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 66d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Activity action: ask the user to add a new device administrator to the system. 67d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * The desired policy is the ComponentName of the policy in the 68d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * {@link #EXTRA_DEVICE_ADMIN} extra field. This will invoke a UI to 69d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * bring the user through adding the device administrator to the system (or 70d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * allowing them to reject it). 71d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 728ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * <p>You can optionally include the {@link #EXTRA_ADD_EXPLANATION} 738ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * field to provide the user with additional explanation (in addition 748ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * to your component's description) about what is being added. 75d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 76d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn @SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION) 77d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public static final String ACTION_ADD_DEVICE_ADMIN 78d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn = "android.app.action.ADD_DEVICE_ADMIN"; 79d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 80d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 81284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller * Activity action: send when any policy admin changes a policy. 82284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller * This is generally used to find out when a new policy is in effect. 83284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller * 84284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller * @hide 85284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller */ 86284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller public static final String ACTION_DEVICE_POLICY_MANAGER_STATE_CHANGED 87284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller = "android.app.action.DEVICE_POLICY_MANAGER_STATE_CHANGED"; 88284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller 89284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller /** 90d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * The ComponentName of the administrator component. 91d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 92d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @see #ACTION_ADD_DEVICE_ADMIN 93d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 94d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public static final String EXTRA_DEVICE_ADMIN = "android.app.extra.DEVICE_ADMIN"; 95d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 96d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 978ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * An optional CharSequence providing additional explanation for why the 988ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * admin is being added. 998ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * 1008ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * @see #ACTION_ADD_DEVICE_ADMIN 1018ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn */ 1028ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn public static final String EXTRA_ADD_EXPLANATION = "android.app.extra.ADD_EXPLANATION"; 1038ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn 1048ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn /** 105d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Activity action: have the user enter a new password. This activity 1069327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * should be launched after using {@link #setPasswordQuality(ComponentName, int)} 107254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * or {@link #setPasswordMinimumLength(ComponentName, int)} to have the 108df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * user enter a new password that meets the current requirements. You can 109df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * use {@link #isActivePasswordSufficient()} to determine whether you need 110df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * to have the user select a new password in order to meet the current 111df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * constraints. Upon being resumed from this activity, 112d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * you can check the new password characteristics to see if they are 113d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * sufficient. 114d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 115d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn @SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION) 116d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public static final String ACTION_SET_NEW_PASSWORD 117d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn = "android.app.action.SET_NEW_PASSWORD"; 118d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 119d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 120d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Return true if the given administrator component is currently 121d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * active (enabled) in the system. 122d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 123d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public boolean isAdminActive(ComponentName who) { 124d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 125d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 126d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn return mService.isAdminActive(who); 127d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 128d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 129d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 130d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 131d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return false; 132d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 133d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 134d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 135d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn * Return a list of all currently active device administrator's component 136d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn * names. Note that if there are no administrators than null may be 137d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn * returned. 138d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn */ 139d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn public List<ComponentName> getActiveAdmins() { 140d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn if (mService != null) { 141d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn try { 142d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn return mService.getActiveAdmins(); 143d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn } catch (RemoteException e) { 144d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 145d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn } 146d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn } 147d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn return null; 148d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn } 149d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn 150d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn /** 15121f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn * @hide 15221f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn */ 15321f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn public boolean packageHasActiveAdmins(String packageName) { 15421f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn if (mService != null) { 15521f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn try { 15621f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn return mService.packageHasActiveAdmins(packageName); 15721f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn } catch (RemoteException e) { 15821f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 15921f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn } 16021f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn } 16121f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn return false; 16221f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn } 16321f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn 16421f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn /** 165d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Remove a current administration component. This can only be called 166d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * by the application that owns the administration component; if you 167d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * try to remove someone else's component, a security exception will be 168d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * thrown. 169d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 170d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public void removeActiveAdmin(ComponentName who) { 171d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 172d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 173d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mService.removeActiveAdmin(who); 174d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 175d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 176d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 177d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 178d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 179d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 180d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 1819327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * Constant for {@link #setPasswordQuality}: the policy has no requirements 1829327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * for the password. Note that quality constants are ordered so that higher 183df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * values are more restrictive. 184d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 1859327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public static final int PASSWORD_QUALITY_UNSPECIFIED = 0; 186d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 187d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 1889327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * Constant for {@link #setPasswordQuality}: the policy requires some kind 1899327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * of password, but doesn't care what it is. Note that quality constants 190df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * are ordered so that higher values are more restrictive. 191df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn */ 1929327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public static final int PASSWORD_QUALITY_SOMETHING = 0x10000; 193df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn 194df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn /** 1959327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * Constant for {@link #setPasswordQuality}: the user must have entered a 1969327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * password containing at least numeric characters. Note that quality 1979327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * constants are ordered so that higher values are more restrictive. 198d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 1999327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public static final int PASSWORD_QUALITY_NUMERIC = 0x20000; 200d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 201d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 2029327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * Constant for {@link #setPasswordQuality}: the user must have entered a 20385f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn * password containing at least alphabetic (or other symbol) characters. 20485f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn * Note that quality constants are ordered so that higher values are more 20585f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn * restrictive. 20685f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn */ 20785f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn public static final int PASSWORD_QUALITY_ALPHABETIC = 0x40000; 20885f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn 20985f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn /** 21085f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn * Constant for {@link #setPasswordQuality}: the user must have entered a 2119327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * password containing at least <em>both></em> numeric <em>and</em> 21285f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn * alphabetic (or other symbol) characters. Note that quality constants are 2139327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * ordered so that higher values are more restrictive. 214d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 21585f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn public static final int PASSWORD_QUALITY_ALPHANUMERIC = 0x50000; 216d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 217d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 218d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Called by an application that is administering the device to set the 219d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * password restrictions it is imposing. After setting this, the user 220d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * will not be able to enter a new password that is not at least as 221d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * restrictive as what has been set. Note that the current password 222d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * will remain until the user has set a new one, so the change does not 223d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * take place immediately. To prompt the user for a new password, use 224d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * {@link #ACTION_SET_NEW_PASSWORD} after setting this value. 225d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 2269327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * <p>Quality constants are ordered so that higher values are more restrictive; 2279327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * thus the highest requested quality constant (between the policy set here, 228df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * the user's preference, and any other considerations) is the one that 229df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * is in effect. 230df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * 2318aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 2328aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 2338aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 2348aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * 235ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 2369327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * @param quality The new desired quality. One of 2379327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * {@link #PASSWORD_QUALITY_UNSPECIFIED}, {@link #PASSWORD_QUALITY_SOMETHING}, 23885f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn * {@link #PASSWORD_QUALITY_NUMERIC}, {@link #PASSWORD_QUALITY_ALPHABETIC}, 23985f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn * or {@link #PASSWORD_QUALITY_ALPHANUMERIC}. 240d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 2419327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public void setPasswordQuality(ComponentName admin, int quality) { 242d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 243d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 2449327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn mService.setPasswordQuality(admin, quality); 245d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 246d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 247d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 248d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 249d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 250d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 251d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 2529327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * Retrieve the current minimum password quality for all admins 253254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * or a particular one. 254254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * @param admin The name of the admin component to check, or null to aggregate 255254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * all admins. 256d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 2579327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public int getPasswordQuality(ComponentName admin) { 258d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 259d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 2609327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn return mService.getPasswordQuality(admin); 261d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 262d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 263d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 264d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 2659327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn return PASSWORD_QUALITY_UNSPECIFIED; 266d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 267d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 268d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 269d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Called by an application that is administering the device to set the 270d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * minimum allowed password length. After setting this, the user 271d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * will not be able to enter a new password that is not at least as 272d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * restrictive as what has been set. Note that the current password 273d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * will remain until the user has set a new one, so the change does not 274d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * take place immediately. To prompt the user for a new password, use 275d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * {@link #ACTION_SET_NEW_PASSWORD} after setting this value. This 276d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * constraint is only imposed if the administrator has also requested either 27785f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn * {@link #PASSWORD_QUALITY_NUMERIC}, {@link #PASSWORD_QUALITY_ALPHABETIC}, 27885f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn * or {@link #PASSWORD_QUALITY_ALPHANUMERIC} 2799327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * with {@link #setPasswordQuality}. 280d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 2818aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 2828aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 2838aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 2848aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * 285ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 286d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @param length The new desired minimum password length. A value of 0 287d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * means there is no restriction. 288d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 289254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn public void setPasswordMinimumLength(ComponentName admin, int length) { 290d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 291d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 292254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn mService.setPasswordMinimumLength(admin, length); 293d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 294d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 295d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 296d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 297d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 298d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 299d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 300254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * Retrieve the current minimum password length for all admins 301254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * or a particular one. 302254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * @param admin The name of the admin component to check, or null to aggregate 303254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * all admins. 304d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 305254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn public int getPasswordMinimumLength(ComponentName admin) { 306d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 307d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 308254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn return mService.getPasswordMinimumLength(admin); 309d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 310d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 311d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 312d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 313d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return 0; 314d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 315d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 316d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 317254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * Return the maximum password length that the device supports for a 3189327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * particular password quality. 319364f6e3d44c27cd17fe0f3fca844465e9a502636Dianne Hackborn * @param quality The quality being interrogated. 320254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * @return Returns the maximum length that the user can enter. 321254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn */ 3229327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public int getPasswordMaximumLength(int quality) { 323254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn // Kind-of arbitrary. 324254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn return 16; 325254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn } 326254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn 327254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn /** 328df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * Determine whether the current password the user has set is sufficient 3299327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * to meet the policy requirements (quality, minimum length) that have been 330df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * requested. 331df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * 3328aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 3338aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 3348aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 3358aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * 336df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * @return Returns true if the password meets the current requirements, 337df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * else false. 338d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 339df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn public boolean isActivePasswordSufficient() { 340d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 341d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 342df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn return mService.isActivePasswordSufficient(); 343d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 344d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 345d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 346d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 347df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn return false; 348d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 349d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 350d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 351d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Retrieve the number of times the user has failed at entering a 352d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * password since that last successful password entry. 3538aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * 3548aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 3558aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_WATCH_LOGIN} to be able to call 3568aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 357d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 358d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public int getCurrentFailedPasswordAttempts() { 359d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 360d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 361d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return mService.getCurrentFailedPasswordAttempts(); 362d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 363d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 364d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 365d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 366d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return -1; 367d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 368df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn 369df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn /** 37088209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * Setting this to a value greater than zero enables a built-in policy 37188209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * that will perform a device wipe after too many incorrect 37288209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * device-unlock passwords have been entered. This built-in policy combines 37388209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * watching for failed passwords and wiping the device, and requires 37488209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * that you request both {@link DeviceAdminInfo#USES_POLICY_WATCH_LOGIN} and 3758ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_WIPE_DATA}}. 3768ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * 37788209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * <p>To implement any other policy (e.g. wiping data for a particular 37888209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * application only, erasing or revoking credentials, or reporting the 37988209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * failure to a server), you should implement 380ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * {@link DeviceAdminReceiver#onPasswordFailed(Context, android.content.Intent)} 38188209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * instead. Do not use this API, because if the maximum count is reached, 38288209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * the device will be wiped immediately, and your callback will not be invoked. 38388209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * 384ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 3858ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * @param num The number of failed password attempts at which point the 3868ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * device will wipe its data. 3878ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn */ 3888ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn public void setMaximumFailedPasswordsForWipe(ComponentName admin, int num) { 3898ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn if (mService != null) { 3908ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn try { 3918ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn mService.setMaximumFailedPasswordsForWipe(admin, num); 3928ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } catch (RemoteException e) { 3938ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 3948ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 3958ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 3968ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 3978ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn 3988ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn /** 399254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * Retrieve the current maximum number of login attempts that are allowed 400254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * before the device wipes itself, for all admins 401254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * or a particular one. 402254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * @param admin The name of the admin component to check, or null to aggregate 403254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * all admins. 404254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn */ 405254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn public int getMaximumFailedPasswordsForWipe(ComponentName admin) { 406254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn if (mService != null) { 407254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn try { 408254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn return mService.getMaximumFailedPasswordsForWipe(admin); 409254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn } catch (RemoteException e) { 410254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 411254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn } 412254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn } 413254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn return 0; 414254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn } 415254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn 416254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn /** 41787bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn * Flag for {@link #resetPassword}: don't allow other admins to change 41887bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn * the password again until the user has entered it. 41987bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn */ 42087bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn public static final int RESET_PASSWORD_REQUIRE_ENTRY = 0x0001; 42187bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn 42287bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn /** 423ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * Force a new device unlock password (the password needed to access the 424ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * entire device, not for individual accounts) on the user. This takes 425ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * effect immediately. 4269327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * The given password must be sufficient for the 4279327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * current password quality and length constraints as returned by 4289327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * {@link #getPasswordQuality(ComponentName)} and 4299327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * {@link #getPasswordMinimumLength(ComponentName)}; if it does not meet 4309327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * these constraints, then it will be rejected and false returned. Note 4319327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * that the password may be a stronger quality (containing alphanumeric 4329327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * characters when the requested quality is only numeric), in which case 4339327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * the currently active quality will be increased to match. 434df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * 4358aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 4368aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_RESET_PASSWORD} to be able to call 4378aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 4388aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * 439df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * @param password The new password for the user. 44087bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn * @param flags May be 0 or {@link #RESET_PASSWORD_REQUIRE_ENTRY}. 441df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * @return Returns true if the password was applied, or false if it is 442df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * not acceptable for the current constraints. 443df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn */ 44487bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn public boolean resetPassword(String password, int flags) { 445df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn if (mService != null) { 446df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn try { 44787bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn return mService.resetPassword(password, flags); 448df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } catch (RemoteException e) { 449df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 450df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 451df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 452df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn return false; 453df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 454d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 455d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 456d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Called by an application that is administering the device to set the 457d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * maximum time for user activity until the device will lock. This limits 458d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * the length that the user can set. It takes effect immediately. 459d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 4608aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 461315ada7fbb9e967c22e87b4921bec720ceb2c73cDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_FORCE_LOCK} to be able to call 4628aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 4638aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * 464ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 465d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @param timeMs The new desired maximum time to lock in milliseconds. 466d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * A value of 0 means there is no restriction. 467d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 468d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public void setMaximumTimeToLock(ComponentName admin, long timeMs) { 469d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 470d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 471d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mService.setMaximumTimeToLock(admin, timeMs); 472d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 473d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 474d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 475d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 476d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 477d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 478d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 479254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * Retrieve the current maximum time to unlock for all admins 480254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * or a particular one. 481254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * @param admin The name of the admin component to check, or null to aggregate 482254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * all admins. 483d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 484254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn public long getMaximumTimeToLock(ComponentName admin) { 485d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 486d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 487254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn return mService.getMaximumTimeToLock(admin); 488d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 489d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 490d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 491d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 492d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return 0; 493d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 494d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 495d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 496df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * Make the device lock immediately, as if the lock screen timeout has 497df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * expired at the point of this call. 4988aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * 4998aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 5008aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_FORCE_LOCK} to be able to call 5018aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 502d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 503df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn public void lockNow() { 504df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn if (mService != null) { 505df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn try { 506df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn mService.lockNow(); 507df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } catch (RemoteException e) { 508df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 509df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 510df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 511df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 512d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 513d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 514d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Ask the user date be wiped. This will cause the device to reboot, 515df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * erasing all user data while next booting up. External storage such 516df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * as SD cards will not be erased. 517d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 5188aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 5198aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_WIPE_DATA} to be able to call 5208aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 5218aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * 522df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * @param flags Bit mask of additional options: currently must be 0. 523d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 524d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public void wipeData(int flags) { 525d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 526d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 527d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mService.wipeData(flags); 528d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 529d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 530d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 531d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 532d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 533d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 534d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 535d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @hide 536d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 537d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public void setActiveAdmin(ComponentName policyReceiver) { 538d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 539d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 540d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mService.setActiveAdmin(policyReceiver); 541d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 542d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 543d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 544d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 545d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 546d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 547d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 548d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @hide 549d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 550d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn public DeviceAdminInfo getAdminInfo(ComponentName cn) { 551d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn ActivityInfo ai; 552d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 553d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn ai = mContext.getPackageManager().getReceiverInfo(cn, 554d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn PackageManager.GET_META_DATA); 555d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (PackageManager.NameNotFoundException e) { 556d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Unable to retrieve device policy " + cn, e); 557d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return null; 558d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 559d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 560d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn ResolveInfo ri = new ResolveInfo(); 561d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn ri.activityInfo = ai; 562d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 563d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 564d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return new DeviceAdminInfo(mContext, ri); 565d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (XmlPullParserException e) { 566d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Unable to parse device policy " + cn, e); 567d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return null; 568d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (IOException e) { 569d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Unable to parse device policy " + cn, e); 570d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return null; 571d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 572d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 573d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 574d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 575d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @hide 5768ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn */ 5778ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn public void getRemoveWarning(ComponentName admin, RemoteCallback result) { 5788ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn if (mService != null) { 5798ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn try { 5808ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn mService.getRemoveWarning(admin, result); 5818ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } catch (RemoteException e) { 5828ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 5838ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 5848ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 5858ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 5868ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn 5878ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn /** 5888ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * @hide 589d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 5909327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public void setActivePasswordState(int quality, int length) { 591d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 592d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 5939327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn mService.setActivePasswordState(quality, length); 594d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 595d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 596d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 597d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 598d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 599d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 600d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 601d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @hide 602d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 603d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public void reportFailedPasswordAttempt() { 604d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 605d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 606d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mService.reportFailedPasswordAttempt(); 607d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 608d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 609d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 610d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 611d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 612d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 613d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 614d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @hide 615d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 616d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public void reportSuccessfulPasswordAttempt() { 617d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 618d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 619d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mService.reportSuccessfulPasswordAttempt(); 620d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 621d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 622d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 623d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 624d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 625d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn} 626