DevicePolicyManager.java revision 87bba1ee14279bb14a28d42e27c4ef66d9967bf8
1d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn/* 2d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Copyright (C) 2010 The Android Open Source Project 3d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 4d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Licensed under the Apache License, Version 2.0 (the "License"); 5d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * you may not use this file except in compliance with the License. 6d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * You may obtain a copy of the License at 7d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 8d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * http://www.apache.org/licenses/LICENSE-2.0 9d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 10d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Unless required by applicable law or agreed to in writing, software 11d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * distributed under the License is distributed on an "AS IS" BASIS, 12d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * See the License for the specific language governing permissions and 14d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * limitations under the License. 15d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 16d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 1787bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackbornpackage android.app.admin; 18d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 19d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport org.xmlpull.v1.XmlPullParserException; 20d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 21d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.annotation.SdkConstant; 22d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.annotation.SdkConstant.SdkConstantType; 2387bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackbornimport android.app.admin.IDevicePolicyManager.Stub; 24d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.content.ComponentName; 25d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.content.Context; 26d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.content.pm.ActivityInfo; 27d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.content.pm.PackageManager; 28d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.content.pm.ResolveInfo; 29d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.os.Handler; 308ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackbornimport android.os.RemoteCallback; 31d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.os.RemoteException; 32d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.os.ServiceManager; 33d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.util.Log; 34d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 35d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport java.io.IOException; 36d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackbornimport java.util.List; 37d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 38d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn/** 39d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Public interface for managing policies enforced on a device. Most clients 40ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * of this class must have published a {@link DeviceAdminReceiver} that the user 41d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * has currently enabled. 42d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 43d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornpublic class DevicePolicyManager { 44d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn private static String TAG = "DevicePolicyManager"; 45d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn private static boolean DEBUG = false; 46d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn private static boolean localLOGV = DEBUG || android.util.Config.LOGV; 47d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 48d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn private final Context mContext; 49d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn private final IDevicePolicyManager mService; 508ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn 518ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn private final Handler mHandler; 52d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 5321f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn private DevicePolicyManager(Context context, Handler handler) { 54d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mContext = context; 55d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mHandler = handler; 56d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mService = IDevicePolicyManager.Stub.asInterface( 57d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn ServiceManager.getService(Context.DEVICE_POLICY_SERVICE)); 58d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 59d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 6087bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn /** @hide */ 6187bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn public static DevicePolicyManager create(Context context, Handler handler) { 6221f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn DevicePolicyManager me = new DevicePolicyManager(context, handler); 6321f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn return me.mService != null ? me : null; 6421f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn } 6521f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn 66d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 67d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Activity action: ask the user to add a new device administrator to the system. 68d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * The desired policy is the ComponentName of the policy in the 69d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * {@link #EXTRA_DEVICE_ADMIN} extra field. This will invoke a UI to 70d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * bring the user through adding the device administrator to the system (or 71d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * allowing them to reject it). 72d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 738ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * <p>You can optionally include the {@link #EXTRA_ADD_EXPLANATION} 748ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * field to provide the user with additional explanation (in addition 758ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * to your component's description) about what is being added. 76d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 77d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn @SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION) 78d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public static final String ACTION_ADD_DEVICE_ADMIN 79d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn = "android.app.action.ADD_DEVICE_ADMIN"; 80d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 81d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 82d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * The ComponentName of the administrator component. 83d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 84d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @see #ACTION_ADD_DEVICE_ADMIN 85d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 86d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public static final String EXTRA_DEVICE_ADMIN = "android.app.extra.DEVICE_ADMIN"; 87d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 88d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 898ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * An optional CharSequence providing additional explanation for why the 908ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * admin is being added. 918ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * 928ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * @see #ACTION_ADD_DEVICE_ADMIN 938ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn */ 948ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn public static final String EXTRA_ADD_EXPLANATION = "android.app.extra.ADD_EXPLANATION"; 958ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn 968ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn /** 97d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Activity action: have the user enter a new password. This activity 989327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * should be launched after using {@link #setPasswordQuality(ComponentName, int)} 99254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * or {@link #setPasswordMinimumLength(ComponentName, int)} to have the 100df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * user enter a new password that meets the current requirements. You can 101df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * use {@link #isActivePasswordSufficient()} to determine whether you need 102df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * to have the user select a new password in order to meet the current 103df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * constraints. Upon being resumed from this activity, 104d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * you can check the new password characteristics to see if they are 105d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * sufficient. 106d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 107d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn @SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION) 108d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public static final String ACTION_SET_NEW_PASSWORD 109d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn = "android.app.action.SET_NEW_PASSWORD"; 110d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 111d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 112d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Return true if the given administrator component is currently 113d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * active (enabled) in the system. 114d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 115d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public boolean isAdminActive(ComponentName who) { 116d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 117d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 118d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn return mService.isAdminActive(who); 119d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 120d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 121d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 122d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 123d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return false; 124d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 125d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 126d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 127d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn * Return a list of all currently active device administrator's component 128d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn * names. Note that if there are no administrators than null may be 129d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn * returned. 130d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn */ 131d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn public List<ComponentName> getActiveAdmins() { 132d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn if (mService != null) { 133d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn try { 134d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn return mService.getActiveAdmins(); 135d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn } catch (RemoteException e) { 136d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 137d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn } 138d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn } 139d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn return null; 140d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn } 141d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn 142d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn /** 14321f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn * @hide 14421f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn */ 14521f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn public boolean packageHasActiveAdmins(String packageName) { 14621f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn if (mService != null) { 14721f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn try { 14821f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn return mService.packageHasActiveAdmins(packageName); 14921f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn } catch (RemoteException e) { 15021f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 15121f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn } 15221f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn } 15321f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn return false; 15421f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn } 15521f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn 15621f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn /** 157d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Remove a current administration component. This can only be called 158d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * by the application that owns the administration component; if you 159d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * try to remove someone else's component, a security exception will be 160d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * thrown. 161d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 162d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public void removeActiveAdmin(ComponentName who) { 163d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 164d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 165d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mService.removeActiveAdmin(who); 166d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 167d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 168d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 169d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 170d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 171d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 172d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 1739327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * Constant for {@link #setPasswordQuality}: the policy has no requirements 1749327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * for the password. Note that quality constants are ordered so that higher 175df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * values are more restrictive. 176d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 1779327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public static final int PASSWORD_QUALITY_UNSPECIFIED = 0; 178d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 179d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 1809327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * Constant for {@link #setPasswordQuality}: the policy requires some kind 1819327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * of password, but doesn't care what it is. Note that quality constants 182df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * are ordered so that higher values are more restrictive. 183df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn */ 1849327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public static final int PASSWORD_QUALITY_SOMETHING = 0x10000; 185df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn 186df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn /** 1879327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * Constant for {@link #setPasswordQuality}: the user must have entered a 1889327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * password containing at least numeric characters. Note that quality 1899327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * constants are ordered so that higher values are more restrictive. 190d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 1919327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public static final int PASSWORD_QUALITY_NUMERIC = 0x20000; 192d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 193d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 1949327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * Constant for {@link #setPasswordQuality}: the user must have entered a 1959327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * password containing at least <em>both></em> numeric <em>and</em> 1969327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * alphabeter (or other symbol) characters. Note that quality constants are 1979327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * ordered so that higher values are more restrictive. 198d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 1999327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public static final int PASSWORD_QUALITY_ALPHANUMERIC = 0x30000; 200d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 201d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 202d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Called by an application that is administering the device to set the 203d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * password restrictions it is imposing. After setting this, the user 204d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * will not be able to enter a new password that is not at least as 205d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * restrictive as what has been set. Note that the current password 206d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * will remain until the user has set a new one, so the change does not 207d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * take place immediately. To prompt the user for a new password, use 208d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * {@link #ACTION_SET_NEW_PASSWORD} after setting this value. 209d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 2109327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * <p>Quality constants are ordered so that higher values are more restrictive; 2119327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * thus the highest requested quality constant (between the policy set here, 212df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * the user's preference, and any other considerations) is the one that 213df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * is in effect. 214df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * 2158aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 2168aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 2178aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 2188aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * 219ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 2209327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * @param quality The new desired quality. One of 2219327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * {@link #PASSWORD_QUALITY_UNSPECIFIED}, {@link #PASSWORD_QUALITY_SOMETHING}, 2229327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * {@link #PASSWORD_QUALITY_NUMERIC}, or {@link #PASSWORD_QUALITY_ALPHANUMERIC}. 223d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 2249327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public void setPasswordQuality(ComponentName admin, int quality) { 225d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 226d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 2279327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn mService.setPasswordQuality(admin, quality); 228d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 229d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 230d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 231d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 232d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 233d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 234d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 2359327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * Retrieve the current minimum password quality for all admins 236254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * or a particular one. 237254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * @param admin The name of the admin component to check, or null to aggregate 238254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * all admins. 239d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 2409327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public int getPasswordQuality(ComponentName admin) { 241d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 242d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 2439327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn return mService.getPasswordQuality(admin); 244d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 245d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 246d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 247d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 2489327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn return PASSWORD_QUALITY_UNSPECIFIED; 249d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 250d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 251d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 252d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Called by an application that is administering the device to set the 253d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * minimum allowed password length. After setting this, the user 254d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * will not be able to enter a new password that is not at least as 255d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * restrictive as what has been set. Note that the current password 256d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * will remain until the user has set a new one, so the change does not 257d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * take place immediately. To prompt the user for a new password, use 258d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * {@link #ACTION_SET_NEW_PASSWORD} after setting this value. This 259d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * constraint is only imposed if the administrator has also requested either 2609327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * {@link #PASSWORD_QUALITY_NUMERIC} or {@link #PASSWORD_QUALITY_ALPHANUMERIC} 2619327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * with {@link #setPasswordQuality}. 262d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 2638aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 2648aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 2658aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 2668aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * 267ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 268d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @param length The new desired minimum password length. A value of 0 269d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * means there is no restriction. 270d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 271254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn public void setPasswordMinimumLength(ComponentName admin, int length) { 272d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 273d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 274254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn mService.setPasswordMinimumLength(admin, length); 275d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 276d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 277d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 278d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 279d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 280d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 281d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 282254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * Retrieve the current minimum password length for all admins 283254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * or a particular one. 284254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * @param admin The name of the admin component to check, or null to aggregate 285254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * all admins. 286d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 287254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn public int getPasswordMinimumLength(ComponentName admin) { 288d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 289d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 290254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn return mService.getPasswordMinimumLength(admin); 291d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 292d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 293d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 294d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 295d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return 0; 296d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 297d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 298d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 299254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * Return the maximum password length that the device supports for a 3009327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * particular password quality. 301364f6e3d44c27cd17fe0f3fca844465e9a502636Dianne Hackborn * @param quality The quality being interrogated. 302254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * @return Returns the maximum length that the user can enter. 303254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn */ 3049327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public int getPasswordMaximumLength(int quality) { 305254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn // Kind-of arbitrary. 306254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn return 16; 307254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn } 308254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn 309254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn /** 310df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * Determine whether the current password the user has set is sufficient 3119327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * to meet the policy requirements (quality, minimum length) that have been 312df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * requested. 313df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * 3148aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 3158aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 3168aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 3178aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * 318df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * @return Returns true if the password meets the current requirements, 319df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * else false. 320d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 321df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn public boolean isActivePasswordSufficient() { 322d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 323d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 324df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn return mService.isActivePasswordSufficient(); 325d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 326d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 327d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 328d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 329df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn return false; 330d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 331d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 332d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 333d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Retrieve the number of times the user has failed at entering a 334d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * password since that last successful password entry. 3358aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * 3368aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 3378aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_WATCH_LOGIN} to be able to call 3388aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 339d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 340d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public int getCurrentFailedPasswordAttempts() { 341d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 342d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 343d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return mService.getCurrentFailedPasswordAttempts(); 344d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 345d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 346d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 347d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 348d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return -1; 349d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 350df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn 351df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn /** 35288209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * Setting this to a value greater than zero enables a built-in policy 35388209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * that will perform a device wipe after too many incorrect 35488209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * device-unlock passwords have been entered. This built-in policy combines 35588209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * watching for failed passwords and wiping the device, and requires 35688209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * that you request both {@link DeviceAdminInfo#USES_POLICY_WATCH_LOGIN} and 3578ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_WIPE_DATA}}. 3588ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * 35988209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * <p>To implement any other policy (e.g. wiping data for a particular 36088209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * application only, erasing or revoking credentials, or reporting the 36188209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * failure to a server), you should implement 362ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * {@link DeviceAdminReceiver#onPasswordFailed(Context, android.content.Intent)} 36388209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * instead. Do not use this API, because if the maximum count is reached, 36488209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * the device will be wiped immediately, and your callback will not be invoked. 36588209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * 366ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 3678ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * @param num The number of failed password attempts at which point the 3688ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * device will wipe its data. 3698ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn */ 3708ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn public void setMaximumFailedPasswordsForWipe(ComponentName admin, int num) { 3718ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn if (mService != null) { 3728ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn try { 3738ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn mService.setMaximumFailedPasswordsForWipe(admin, num); 3748ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } catch (RemoteException e) { 3758ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 3768ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 3778ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 3788ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 3798ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn 3808ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn /** 381254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * Retrieve the current maximum number of login attempts that are allowed 382254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * before the device wipes itself, for all admins 383254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * or a particular one. 384254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * @param admin The name of the admin component to check, or null to aggregate 385254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * all admins. 386254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn */ 387254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn public int getMaximumFailedPasswordsForWipe(ComponentName admin) { 388254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn if (mService != null) { 389254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn try { 390254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn return mService.getMaximumFailedPasswordsForWipe(admin); 391254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn } catch (RemoteException e) { 392254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 393254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn } 394254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn } 395254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn return 0; 396254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn } 397254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn 398254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn /** 39987bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn * Flag for {@link #resetPassword}: don't allow other admins to change 40087bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn * the password again until the user has entered it. 40187bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn */ 40287bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn public static final int RESET_PASSWORD_REQUIRE_ENTRY = 0x0001; 40387bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn 40487bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn /** 405ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * Force a new device unlock password (the password needed to access the 406ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * entire device, not for individual accounts) on the user. This takes 407ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * effect immediately. 4089327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * The given password must be sufficient for the 4099327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * current password quality and length constraints as returned by 4109327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * {@link #getPasswordQuality(ComponentName)} and 4119327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * {@link #getPasswordMinimumLength(ComponentName)}; if it does not meet 4129327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * these constraints, then it will be rejected and false returned. Note 4139327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * that the password may be a stronger quality (containing alphanumeric 4149327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * characters when the requested quality is only numeric), in which case 4159327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * the currently active quality will be increased to match. 416df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * 4178aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 4188aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_RESET_PASSWORD} to be able to call 4198aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 4208aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * 421df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * @param password The new password for the user. 42287bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn * @param flags May be 0 or {@link #RESET_PASSWORD_REQUIRE_ENTRY}. 423df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * @return Returns true if the password was applied, or false if it is 424df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * not acceptable for the current constraints. 425df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn */ 42687bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn public boolean resetPassword(String password, int flags) { 427df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn if (mService != null) { 428df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn try { 42987bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn return mService.resetPassword(password, flags); 430df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } catch (RemoteException e) { 431df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 432df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 433df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 434df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn return false; 435df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 436d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 437d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 438d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Called by an application that is administering the device to set the 439d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * maximum time for user activity until the device will lock. This limits 440d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * the length that the user can set. It takes effect immediately. 441d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 4428aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 443315ada7fbb9e967c22e87b4921bec720ceb2c73cDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_FORCE_LOCK} to be able to call 4448aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 4458aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * 446ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 447d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @param timeMs The new desired maximum time to lock in milliseconds. 448d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * A value of 0 means there is no restriction. 449d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 450d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public void setMaximumTimeToLock(ComponentName admin, long timeMs) { 451d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 452d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 453d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mService.setMaximumTimeToLock(admin, timeMs); 454d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 455d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 456d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 457d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 458d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 459d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 460d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 461254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * Retrieve the current maximum time to unlock for all admins 462254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * or a particular one. 463254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * @param admin The name of the admin component to check, or null to aggregate 464254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * all admins. 465d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 466254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn public long getMaximumTimeToLock(ComponentName admin) { 467d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 468d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 469254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn return mService.getMaximumTimeToLock(admin); 470d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 471d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 472d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 473d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 474d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return 0; 475d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 476d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 477d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 478df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * Make the device lock immediately, as if the lock screen timeout has 479df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * expired at the point of this call. 4808aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * 4818aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 4828aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_FORCE_LOCK} to be able to call 4838aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 484d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 485df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn public void lockNow() { 486df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn if (mService != null) { 487df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn try { 488df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn mService.lockNow(); 489df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } catch (RemoteException e) { 490df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 491df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 492df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 493df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 494d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 495d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 496d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Ask the user date be wiped. This will cause the device to reboot, 497df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * erasing all user data while next booting up. External storage such 498df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * as SD cards will not be erased. 499d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 5008aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 5018aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_WIPE_DATA} to be able to call 5028aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 5038aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * 504df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * @param flags Bit mask of additional options: currently must be 0. 505d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 506d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public void wipeData(int flags) { 507d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 508d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 509d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mService.wipeData(flags); 510d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 511d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 512d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 513d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 514d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 515d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 516d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 517d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @hide 518d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 519d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public void setActiveAdmin(ComponentName policyReceiver) { 520d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 521d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 522d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mService.setActiveAdmin(policyReceiver); 523d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 524d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 525d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 526d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 527d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 528d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 529d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 530d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @hide 531d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 532d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn public DeviceAdminInfo getAdminInfo(ComponentName cn) { 533d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn ActivityInfo ai; 534d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 535d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn ai = mContext.getPackageManager().getReceiverInfo(cn, 536d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn PackageManager.GET_META_DATA); 537d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (PackageManager.NameNotFoundException e) { 538d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Unable to retrieve device policy " + cn, e); 539d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return null; 540d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 541d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 542d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn ResolveInfo ri = new ResolveInfo(); 543d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn ri.activityInfo = ai; 544d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 545d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 546d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return new DeviceAdminInfo(mContext, ri); 547d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (XmlPullParserException e) { 548d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Unable to parse device policy " + cn, e); 549d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return null; 550d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (IOException e) { 551d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Unable to parse device policy " + cn, e); 552d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return null; 553d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 554d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 555d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 556d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 557d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @hide 5588ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn */ 5598ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn public void getRemoveWarning(ComponentName admin, RemoteCallback result) { 5608ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn if (mService != null) { 5618ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn try { 5628ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn mService.getRemoveWarning(admin, result); 5638ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } catch (RemoteException e) { 5648ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 5658ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 5668ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 5678ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 5688ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn 5698ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn /** 5708ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * @hide 571d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 5729327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public void setActivePasswordState(int quality, int length) { 573d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 574d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 5759327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn mService.setActivePasswordState(quality, length); 576d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 577d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 578d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 579d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 580d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 581d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 582d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 583d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @hide 584d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 585d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public void reportFailedPasswordAttempt() { 586d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 587d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 588d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mService.reportFailedPasswordAttempt(); 589d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 590d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 591d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 592d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 593d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 594d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 595d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 596d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @hide 597d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 598d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public void reportSuccessfulPasswordAttempt() { 599d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 600d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 601d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mService.reportSuccessfulPasswordAttempt(); 602d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 603d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 604d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 605d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 606d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 607d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn} 608