History log of /frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
Revision Date Author Comments (<<< Hide modified files) (Show modified files >>>)
77b2d49abb38fafb91fb99ce603a92f189553cd7 11-Jun-2015 Craig Lafayette <craiglafa@google.com> Merge "Remove device initializer status messages" into mnc-dev
83881bdbdee14cc9726c89019490a0514686f314 10-Jun-2015 Robin Lee <rgl@google.com> Policy: make bulk CA uninstalls happen in service

Fewer round trips, only one point of contact for bugs to creep in.

Bug: 21650477
Change-Id: I1764faa753bd674ecb0d13149d778d99bd2ff4c4
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
cedd53adc3875fe1b4275afa35ec5c3ede7b6c39 09-Jun-2015 Julia Reynolds <juliacr@google.com> Remove the ability to set a preferred setup activity.

Bug: 21557327
Change-Id: I8c1809d25c5f5fcd186dfc0636d8ac47ed5fc903
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
240e64828f68064b2a1074a1dda1fc41fe19d711 02-Jun-2015 Craig Lafayette <craiglafa@google.com> Remove device initializer status messages

- Remove ManagedProvision Bluetooth extras from
DevicePolicyManager
- Remove ManagedProvisioning device initializer status
action and extras from DevicePolicyManager.
- Remove DIA status update protected-broadcast
and permission
- Remove DPM.sendDeviceInitializerStatus method

Bug: 21559093
Change-Id: Ibb651ebb2772ace6a16a5830f82f75465150e6e3
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
184b3753de54241c67799089f5bc59a1ede4438a 22-May-2015 Amith Yamasani <yamasani@google.com> Add getPermissionGrantState method in device policy

This is to have a way to query what permission state was set by
the profile owner.

Bug: 21356830
Change-Id: Ie396e946b4285267c1d95f82b9d9765b43697d3c
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
d8ecc5aee49874ac1f100f69be94906a3e99b951 20-May-2015 Svet Ganov <svetoslavganov@google.com> Allow DO/PO to go back to normal permission state.

We have APIs for a DO/PO to fix a permission in a granted or
denied state in which the user cannot manage this permission
through the UI. However, there is no way to go back to the
default state in which the user gets to choose the permission
grant state.

Change-Id: I2562a1d8b1385cd740b44812844ef14c895c2902
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
39087b1cec6a54e96ab9eafe8317952720790533 05-May-2015 Robin Lee <rgl@google.com> Replace String host:port/url args with Uri arg

Uri provides a stronger guarantee of well-formedness and lets apps do
nice extra things like specifying scheme etc. without twisting any
expectations.

Bug: 20820034
Change-Id: Ia6bbedb74765444920b667d643fb7e1eb6a7292b
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
396d944001f0b897b1689baa0bd7d3e04046b3ca 13-May-2015 Julia Reynolds <juliacr@google.com> Merge "Remove initiator name param." into mnc-dev
731051e36bb2d420a29cd889a38e02c88c930aad 11-May-2015 Julia Reynolds <juliacr@google.com> Remove initiator name param.

This won't be shown in the UI; it's not needed.
Bug: 20820224

Change-Id: I51ecd0a9151a49e26faf52e792a0b316a8facc8e
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
d86d58cd010b087d6d481062f84c894e0ced7bbc 05-May-2015 Rubin Xu <rubinxu@google.com> Tweak SystemUpdatePolicy according to API review.

Make SystemUpdatePolicy Parcelable; hide public constructor and
expose static builder methods.

Bug: 20820025
Change-Id: I594ba3c7e5514551134ba6c866b24498b66506bf
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
bece80645e2b2d84ea65aabfa7fc01d5ad633708 06-May-2015 Benjamin Franz <bfranz@google.com> Rename functions that disable status bar and keyguard

Rename the DevicePolicyManager functions setKeyguardEnabledState and
setStatusBarEnabledState to setKeyguardDisabled and
setStatusBarDisabled respectively.

Bug: 20820039
Change-Id: I06f6a19ac55b24e66e9f2cb340ead5d940cb2235
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
d49489b3af01c13d3b13af1cd04d53787185cc0a 28-Apr-2015 Amith Yamasani <yamasani@google.com> Permissions control via profile/device owner admin

Profile owners and Device owners can set policies for runtime
permissions. Blanket grant/deny policy can be set for a user.
They can also explicitly grant/revoke permissions for specific apps
which cannot be overridden by the user and will not be prompted.

[More implementation required in PackageManagerService and
PackageInstaller]

Bug: 20666663
Change-Id: I2c25c18c2a195db9023a17716d5896970848bb45
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
13c58bacc8f1ff35bb24ba19069bab8a41aabf68 20-Apr-2015 Julia Reynolds <juliacr@google.com> Allow device initializers to set a preferred setup activity.

This activity will launch by default on device reboot or user switch
during user initialization, even if there are higher priority 'home'
activities.

Bug: 20223050
Change-Id: I335aeb010a1ae5db07a4343d26e160c74bd299e1
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
dc105cc91c63c27479d73a21702cd4ba0304acc4 15-Apr-2015 Rubin Xu <rubinxu@google.com> Enable system service to notify device owners about pending update

Create a DevicePolicyManager API which can be used by OTA subsystem
to tell device owners about pending updates. Device owners will get
a callback from its DeviceAdminReceiver when the update service sends
out such notifications.

Bug: 20213644
Change-Id: Ifcc755655e4f441980cf77d76175a046112ca9ae
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
4eb6a36922f5e98fe181c0326cc5721f0e7589ca 02-Apr-2015 Andrei Kapishnikov <kapishnikov@google.com> Introduced DO_NOT_ASK_CREDENTIALS_ON_BOOT flag

A new flag for DPM.resetPassword() method that specifies that the
device should be decrypted without asking for the password or pattern.

Bug 19250601

Related CL in Settings App: https://googleplex-android-review.git.corp.google.com/#/c/670206

Change-Id: I9ca3472dc18e66e618ff772dee16ca4a450e9997
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
5faad8e4cdf04211239f076b5d073e26d0ae3207 20-Apr-2015 Rubin Xu <rubinxu@google.com> Rename public OTA policy APIs in DevicePolicyManager

Use the term "SystemUpdate" instead of "OTA", in public
DevicePolicyManager APIs that handle OTA policies.

Bug: 19650524
Change-Id: Iebdaea91337d617147cb411b6f47e0f3fae8671c
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
ea2ec97f37c649881f2be8a5cc40bf44080cc632 16-Mar-2015 Benjamin Franz <bfranz@google.com> Introduce device owner API to disable the status bar

Let the device owner disable the status bar to achieve multi-app single purpose
mode. When the status bar is disabled, quick settings, notifications and the
assist gesture are blocked.

Bug: 19533026
Change-Id: I72830798135136e5edc53e5e2221aebb9a7c7d57
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
e36087e5b6eeb92607f4ad5b3b1662bef9bafa4c 07-Apr-2015 Benjamin Franz <bfranz@google.com> Introduce device owner API to disable the keyguard

Let the device owner disable the keyguard to achieve undisturbed single
use mode with multiple apps. Calling this API has no effect if a
password
has been set for the calling user.

Bug: 19533026
Change-Id: I6b726b7f36efb669359e9da4b7e3db1f8031dad5
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
c9c9f7b40ec77217ce595fd152a505481326dc9a 14-Apr-2015 Rubin Xu <rubinxu@google.com> Merge "Add setOtaPolicy/getOtaPolicy API in DPMS"
0c606812c5102fd19eda4b3e1ffbc9e61fec6430 14-Apr-2015 Ricky Wai <rickywai@google.com> Merge "Add Bluetooth Contacts Sharing policy in DevicePolicyManager"
778ba135380cda90c4c9317c34e875c00e2743a3 31-Mar-2015 Ricky Wai <rickywai@google.com> Add Bluetooth Contacts Sharing policy in DevicePolicyManager

Bug: 19990979

Change-Id: Ide9adf66eec5721e50573c03956a1b63b7e8b18b
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
8027a4ffc285ba39df3a262abfff1cfdd6dd31db 10-Mar-2015 Rubin Xu <rubinxu@google.com> Add setOtaPolicy/getOtaPolicy API in DPMS

Allow device owners to set OTA policy for automatically accept/postpone
incoming OTA system updates. This class only provides the setting
and getting of OTA policy, the actual OTA subsystem should handle
and respect the policy stored here.

Bug: 19650524
Change-Id: I9b64949fab42097429b7da649039c13f42c10fd1
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
dbe31a6616f2e8cb8436ea235149d076302fb793 02-Apr-2015 Craig Lafayette <craiglafa@google.com> Send device initializer status.

- Create method in DevicePolicyManager to send device
provisioning status to ManagedProvisioning.
- Define status updates used by ManagedProvisioning.

Bug: 20001077
Change-Id: Ia98fc765d1ebb2ba9680636ca15c2c870d160261
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
eaafdf72a410b445cee9fea274a57f31aec2509f 02-Apr-2015 Julia Reynolds <juliacr@google.com> Store the device initializer componentname in addition to package.

This removes ambiguity about which component in the initializer
package handles device initialization when setting up secondary users.
Bug: 19992262

Change-Id: I2e48168907725a56cd05d0b51c9f28b34fa28d1a
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
1040da1d4eb99fd2588e4c4d5b08b2e3fc0c7777 19-Mar-2015 Makoto Onuki <omakoto@google.com> Enterprise quick contact 1/2

Now openQuickContact goes thorough DPM. When a lookup URI is build with
a lookup key returned by the enterprise lookup APIs for a corp contact, the
lookup key will have a special prefix. In that case we go through DPM
and have it launch QC on the managed profile, if the policy allows.

For now we use the same DPM policy as enterprise-caller-id to disable this.

Design doc: go/cp2-mnc-enterprise-dd

Bug 19546108

Change-Id: I831a8190ae902ae3b1248cce6df02e3a48f602d2
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
4fd8d4ab2aafe8ed73080408223e8b20a953cfc4 30-Mar-2015 Makoto Onuki <omakoto@google.com> Revert "Enterprise quick contact 1/2"

This reverts commit 75a0882b946df6de4775c9e54ca023ff54f3f678.

Change-Id: Ibe332885824b228bf1b1147d141c9395554ff67f
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
75a0882b946df6de4775c9e54ca023ff54f3f678 19-Mar-2015 Makoto Onuki <omakoto@google.com> Enterprise quick contact 1/2

Now openQuickContact goes thorough DPM. When a lookup URI is build with
a lookup key returned by the enterprise lookup APIs for a corp contact, the
lookup key will have a special prefix. In that case we go through DPM
and have it launch QC on the managed profile, if the policy allows.

For now we use the same DPM policy as enterprise-caller-id to disable this.

Design doc: go/cp2-mnc-enterprise-dd

Bug 19546108

Change-Id: I4840e7fad8a6a60249df07d993d26d03619650d4
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
ec32b56cc22658ecb549390fe0096fc6d7b5ac2a 03-Mar-2015 Rubin Xu <rubinxu@google.com> Add DelegatedCertInstaller API in DPMS

Allow device/profile owner to delegate certificate APIs to third-party
certificate installer apps.

Bug: 19551274
Change-Id: Iaf9abb5ecb1dc0975fa98ea14408fe392d52fbf4
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
2482100fed93eac82f7d4b759bd1ec418b55be58 06-Mar-2015 Julia Reynolds <juliacr@google.com> Merge "Allow device and profile owners to set a user icon."
1c3754a35c434e4102c7ac3dceb887fa137b153b 05-Mar-2015 Julia Reynolds <juliacr@google.com> Add security check for clearDeviceInitializer in the service.

Bug: 19230954
Change-Id: I5c648492bef0d2b579b6f59b91afc890e3092d36
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
fca04ca0965d5e04dacc025b77f2b4881ee1afd8 17-Feb-2015 Julia Reynolds <juliacr@google.com> Allow device and profile owners to set a user icon.

Change-Id: I7c2bafb85cff3fa063af7a2f27b76c69172f0525
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
20118f18c11c01c7743b5646cc1a0039c2e90037 11-Feb-2015 Julia Reynolds <juliacr@google.com> Allow the device initializer to perform user setup tasks.

A device initializer is an application that is allowed to run
during user provisioning on device owner devices. During
device provisioning (or, user provisioning of the first user
of the device), a device initializer is granted device owner
permissions. During secondary user provisioning, a device
initializer is granted profile owner permissions. Once
provisioning is complete for a user, all elevated permissions
are removed from the device initializer and the device admin
component of the app is disabled.

Bug: 19230954
Change-Id: Ib6725fb3b09bb21e4198a5dc0b445ccebb40b27e
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
abf3570f382b94d16cc8a06c4b7c434d7a7052aa 17-Feb-2015 Robin Lee <rgl@google.com> DevicePolicy: Make uid parameter an int

This should not have been a long to begin with.

Change-Id: Icbf6e2e97cb6301b968b3eb8b3f9a46331f7983e
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
3798ed5e0b56ab03e7022a9922b50a4a25474033 03-Feb-2015 Robin Lee <rgl@google.com> Device Policy API to choose a private key silently

Support for certificate chooser (keychain) to first query a profile
owner (if one exists) for a silent credentials grant which will be
passed back to the caller as an alias.

Bug: 15065444
Change-Id: I0729b435c218b7991e6cb5faedefb7900577afcc
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
bdc58c66af3440f963731cdcdf820d7108d9f98a 29-Jan-2015 Fyodor Kupolov <fkupolov@google.com> Removed userHandle from setXXX methods

User handle is now extracted from UID of the calling process.

Previously setXXX methods may not work properly, if userHandle parameter
was different from a user of the calling process. In practice, this wouldn't
have happened because setters were always called with a userHandle of the
caller process.

Bug:17202572
Change-Id: I1c08c54c975a04b8c54719a1e280ad3cfaff2e67
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
96fb932666539e2b3be26ef91eb248a9ace5678e 02-Dec-2014 Fyodor Kupolov <fkupolov@google.com> Added isRemovingAdmin method

Added isRemovingAdmin method, so that clients can query if device
admin is currently being removed.

Bug: 17609838
Change-Id: I82547a9eeb228fcf8ac2a6e639ca1a75fa41d161
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
3a3d212a51974ccec6100c1e117225291edc83cc 29-Oct-2014 Amith Yamasani <yamasani@google.com> Different messages when wiping user and not device

There are 3 types of users
1. Primary - device will be wiped
2. Managed profile - profile will be removed
3. Secondary user - user will be removed

Show different messages for almost wipe and wipe in each
of these 3 cases.

Bug: 16843155
Change-Id: Icecfe520622773da9e45465bf2217e8ed38b266e
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
e303bf443532c2ad756260133f00747bcff11e69 27-Aug-2014 Jim Miller <jaggies@google.com> Update TrustAgentService API after review

This change incorporates API council feedback and enables the
TrustAgent whitelisting API.

It also contains a minor cleanup of DPM's use of UserHandle
to eliminate unnecessary object creation.

Fixes bug 17008504

Change-Id: I63cc50169fde54b34406845818bcaf6aadc1a3db
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
26408ccd8e852d947e58021792bfc3b315e5948d 08-Sep-2014 Bernhard Bauer <bauerb@google.com> Add DevicePolicyManager PrivateKey mgmt

Additional device policy API to install keypairs to the keychain
silently.

Bug: 15065444
Change-Id: Idc25774c9ab1a61080290bebd6f5c4f24e6ee2e0
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
808f6ef2ac2127ea0ea14e71c9599355b631a617 28-Aug-2014 Esteban Talavera <etalavera@google.com> Pass ComponentName to probing certificate methods

Pass ComponentName and check whether that admin is a profile owner on DPM
get/has certificate methods (requested on the API review).

As per Change I55eec17e01489ab323f8a0e68b11592605a7b740, not keeping track of
which admins installed which certificates for now:

"Having per-admin CA certificates would be a fair bit of work. The only MDMs
we're opening this up to for now are Device and Profile Owners which 100%
manage the profile so will be the only admin.
It seems like if we keep track of "who installed which certs" it'll be a little
pointless because the answer will always be "the ProfileOwner" for every single
one."

Bug: 17005622
Change-Id: I45e9dac5236ab4ed235a341c208ac3cb6aba17da
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
729b2a6c2f330c10674bb3fc0c4f2eb57e3d0a43 27-Aug-2014 Esteban Talavera <etalavera@google.com> Renamed getUninstallBlocked to isUninstallBlocked

As per API review.

Bug: 17297103
Change-Id: Icb4ceded317b0df4deb0f5221512541a632e150b
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
0ced6272911f440843e9ff8e89b9fafdb49b243b 26-Aug-2014 Sander Alewijnse <salewijnse@google.com> Provide lockdown of date/time device owners.

Fixed two minor issues with the screencapture as well.
Updated documentation and added enforceCrossUserPermission.

Bug:16948504
Change-Id: I9a645dcf480a4a044879ba481bce964d06fe5153
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
d5c5c13c8505a27290a2540ff1f64c8753431cb1 20-Aug-2014 Esteban Talavera <etalavera@google.com> Rename get/setBlockUninstall() to get/setUninstallBlocked()

As requested in the API review

Bug: 17005622
Change-Id: I1332ad11e588ab3fa409f2a28222608936cb383e
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
8c5c37364776266d9d91bb35094a9755707833f7 21-Aug-2014 Esteban Talavera <etalavera@google.com> Merge "Remove setApplicationsHidden" into lmp-dev
115cd65d2a3417b506563e6b2d60c269d69efaef 21-Aug-2014 Esteban Talavera <etalavera@google.com> Remove setApplicationsHidden

As requested in the API review. This version (the one that takes an Intent) was used only in the DeviceAdminSample and some CTS tests.

Bug: 17005622
Change-Id: I9984b22836417ad4d025302f61bd91704e9345a4
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
fa80a4faa3ab32f61742b684e832126dae8468e7 20-Aug-2014 Kenny Guy <kennyguy@google.com> Add apis for whitelisting IMEs and accessibility services.

Adds apis for device / profile owners to white list
the accessibility and input methods a user can enable.

Bug: 14469005
Change-Id: I921888660d29a5370395db87adf75d4d106660c9
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
48aacba761527a529c2b668c8151c7f98ff70524 13-Aug-2014 Jason Monk <jmonk@google.com> Fixes to lock task API from API review

Adding ComponentNames and some splitting/renaming of broadcasts.

Bug: 17005622
Change-Id: I9ece3553310fb20b0c3c3e4032b408e86384363a
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
976e8bd2017d0263216c62111454438cc0f130e3 17-Jul-2014 Svetoslav <svetoslavganov@google.com> Allow adding widgets from user profiles.

The goal of this change is to enable support for appwidget from
user profiles to the user main profile. A user profile is a user
which is associated as a child of the main user profile. For example,
a user may have a personal (parent) and corporate (child) profile.
The device policy should be able to control whether adding a widget
from a child profile and given packages is allowed. This change
assumes that all packages from managed profiles are white listed.
Another change will add the device policy changes.

Change-Id: I267260b55d74c48b112a29979a9f59eef7a8194e
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
bf3a9465483976dcd5692b619b47132c2b95f73e 28-Jul-2014 Amith Yamasani <yamasani@google.com> Set profile owner via an intent

priv apps can request to become a profile owner after setup has
completed. This will pop up a consent dialog (in Settings).

Also, clean up profile owner concept to be a component name.

Change-Id: I5e8532866e8018f61836c4e84fbbadb6150218ae
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
604e7558ef32098644b2f9456d7743a07ae789dc 19-Jul-2014 Jim Miller <jaggies@google.com> Add new DevicePolicyManager API to allow fine-grained TrustAgent management

This adds a new feature that allows a device admin to specify a
whitelist of features that are allowed for the given admin.

Change-Id: I83f853318efbcf72308532d0a997374f73fa9c10
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
d2a1eec400128f39e1b223a720a88dbd395f3e6e 09-Jul-2014 Sander Alewijnse <salewijnse@google.com> Add Device Policy API to disable screen capture.

WindowManager will set secure flag on SurfaceControl for
all windows of a flagged user to prevent screen capture.
API is consistent with the camera disable API.

Change-Id: Ib180f67f1ad827b6f4aca2af615274256cce58f4
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
e5bcff624fb58b6f95be8ddff7f5b6b3bf5d19c7 20-Jul-2014 Amith Yamasani <yamasani@google.com> Rename setApplicationBlocked to setApplicationHidden

This corrects the expected behavior of the app state. Hidden apps
can be installed by the store to be brought out of hidden state.

Bug: 16191518
Change-Id: Id128ce971ceee99ba1dea14ba07ce03bd8d77335
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
c8fa3ae2ce238843496d7aa3f1c4042bb9bb98b4 17-Jul-2014 Adam Connors <adamconnors@google.com> Merge "Create DPM APIs for cross profile callerId" into lmp-dev
210fe21e95cfff98734f5b849b205cdcb0706948 17-Jul-2014 Adam Connors <adamconnors@google.com> Create DPM APIs for cross profile callerId

Contact information in the managed profile is shown
in the incoming call UI unless blocked using this API.

TODO: Actually plumb this into the caller-id logic.

Bug: 16301261
Change-Id: If03adc907d9558baa0a45a1833b857206b7bf96a
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
999d394adee533c55fce38bd632ffd4f1af91362 03-Jul-2014 Alexandra Gherghina <alexgherghina@google.com> Ads per-user APIs to manage accounts through the AccountManager

Bug: 16056552
Bug: 14642886
Change-Id: I17ff6c2515285e63c84cecf2f861d10666c393c5
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
655be2a98ea6285fc33aec4b223e90c2620927f1 14-Jul-2014 Adam Connors <adamconnors@google.com> Revert "Remove enableSystemApp methods."

We need to go back to uninstalling system apps so we can
re-install non-default system applications through Play.

This reverts commit e3dbcd138c07f2d32ac84229d0a49052cc18d424.

Change-Id: I0a7af094614c4a10800971c82e10571f7312e079
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
582d9111d76632027fed7af10d05d4b44df16c0c 10-Jul-2014 Jason Monk <jmonk@google.com> Add API for device owner to switch users

Once verified that caller is device owner just calls through to
the activity manager and acts like that call.

Change-Id: I34023313cd6742b73d2105655ec6b631879aa37a
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
c13053bf1c05b980421611487ce67677c08db299 29-May-2014 Kenny Guy <kennyguy@google.com> Add package state to block uninstall.

Add package state to allow profile or device
owners to block uninstall of packages.
Add API to DevicePolicyManager to set/get the
state.

Bug: 14127299
Change-Id: I03528819850b42df7bafa7747bb9e4558d20c4e6
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
1333ea1ed7a95eb9e1be43c20a0c48e901654cac 23-Jun-2014 Jessica Hummel <jhummel@google.com> Provide api to set the managed profile name.

Instead of sending the profile name in the provisioning intent
the mdm should set the profile name after provisioning has completed.
This allows us to simplify the provisioning flow and the mdm can
change the name of the profile later on if required.

Change-Id: I821ef2300eae74e89872152ae1c89ac3ecbb82e7
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
aab72f3b0ab740e12b4a2576a99852081529feb5 19-Jun-2014 Robin Lee <rgl@google.com> Merge "Revert "Revert "Publish DevicePolicyManager CA certificate APIs"""
306fe08ce2b06671336e67a87afaa0851f0105eb 19-Jun-2014 Robin Lee <rgl@google.com> Revert "Revert "Publish DevicePolicyManager CA certificate APIs""

This reverts commit 792b270dbdc980cfe04e8d461bf00a1f45b5e936.

Change-Id: I18c7e0eca39868230cd8e4f4bbeb3c44ff9e8b78
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
2b5e917026fe4e6dec8712ee24bdffee8d62ab33 18-Jun-2014 Robin Lee <rgl@google.com> Revert "Publish DevicePolicyManager CA certificate APIs"

This reverts commit 5260bf69946563dc47c17e7441b352adfce384c5.

Change-Id: I5e44fdac8a7375576b25171f58e31a1fa0e3c569
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
fbe6be4f653d73d5c51ee0a2fb40d2a34c2366fd 18-Jun-2014 Jason Monk <jmonk@google.com> Merge "Notify any profile/device owners of lock task"
35c62a4668a85aa4318c9ec564f2e06e8a2d2a30 17-Jun-2014 Jason Monk <jmonk@google.com> Notify any profile/device owners of lock task

Add a method for DeviceAdminReceivers of profile/device owners to
be notified that lock task mode has entered or exited for an app
they have whitelisted.

Change-Id: Id124287d41564bbfccdacccf1977b7acb3ddec3f
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
d7b8621bde44857ebb07130693a00f5f777887d4 16-Jun-2014 Jason Monk <jmonk@google.com> Change lock-task DPM authorization to packages

Switch the DPM lock-task authorization to be controlled by a package
rather than a component.

Change-Id: Ife9bed068f31ff2449b4451ab69d3586a3f09d89
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
837304f6f6ae37dc475fa6e0e620f1c2321f2e11 11-Jun-2014 Robin Lee <rgl@google.com> Publish DevicePolicyManager CA certificate APIs

Exposes these methods:
- hasCaCertInstalled
- hasAnyCaCertsInstalled
- installCaCert
- uninstallCaCert

Allows device and profile owners to perform some certificate management
including querying for and enabling/disabling specific CA certificates.

Change-Id: I4aa8a1a8601b234e30acde99dfa382e04cb62495
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
03978a40b3a4c268329ae733eff8dfffd92f6e09 10-Jun-2014 Jason Monk <jmonk@google.com> Allow device owner to configure secondary users

Currently the device owner can create secondary users, but unless
it is a system app it will not be installed and will not be able
to pass data easily from the code that creates the user and any
code running on that user.

This allows the device owner to install itself while creating a
user and start up a service to configure that user. createUser
takes an bundle so that the device owner can pass across any
initial setup data it needs to, this bundle will be sent to
the admin receiver in onEnable.

Change-Id: Ic1f8565dd2a7bd85363527cf68b0ecd4dc9c3636
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
4a21b25fad62e4f19d13ba814263841c931f56ef 04-Jun-2014 Julia Reynolds <juliacr@google.com> Allow profile and device owners to change and get the master volume mute state.

Also protect muting master volume with op code OP_AUDIO_MASTER_VOLUME.
Bug: 13585918
Change-Id: I91fe7ee60cd291cca15966b3127c0bb8a4828f6a
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
b0dced8173a9a930bc0ea2a7a669a907aaffd735 06-Jun-2014 Jason Monk <jmonk@google.com> Add an API to clear the device owner.

Only the device owner will be able to clear itself.

Change-Id: Ie3231467d92e8c5d22ec51256177793f34110432
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
03bc9918345a977e9c45796bf3bb5bf9a3b87d25 13-May-2014 Jason Monk <jmonk@google.com> Add device-owner based setting of global proxy.

Re-hide the setGlobalProxy on the ConnectivityManager as it requires
CONNECTIVITY_INTERNAL. Instead add a function to the DevicePolicyManager
to set the global proxy, that can only be called by the device owner.

Change-Id: I9ffb2cc4f30a6dc9b868d86f056e1fbd512d8dfc
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
1b8737ee18f5d80adda41eafca6143a046a47a13 04-Jun-2014 Sander Alewijnse <salewijnse@google.com> Merge "Remove enableSystemApp() and enableSystemAppWithInten()."
f20d640fa2b155a971ddfe0965fc803a73b5e53c 25-May-2014 Amith Yamasani <yamasani@google.com> Restrictions Manager

Mechanism to register a provider for requesting an
administrator to respond to permission requests.

Request format and response format constants.

Description of manifest template for static restrictions.
Int type introduced in RestrictionEntry.

Needs more javadoc and better description of manifest templates,
including specifying the XML attributes.

Change-Id: I5a654d364e98379fc60f73db2e06bf9a8310263d
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
866896df168d1382732c97e49617ab2f2995d376 27-May-2014 Sander Alewijnse <salewijnse@google.com> Remove enableSystemApp() and enableSystemAppWithInten().

Use setApplicationBlocked() and setApplicationsBlocked() instead.

Change-Id: I3d323d704db0a45e936f63675821707b4fddc48b
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
8194899071e0a84c95ef10614bd1b9485b48f589 16-May-2014 Nicolas Prevot <nprevot@google.com> Rename code related to cross-profile intents.

For example, replace ForwardingIntentFilter by CrossProfileIntentFilter

Bug: 15023443

Change-Id: Iee8cdf578817ef9956bcdece803a49b0d07b67f7
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
1e958398232cb11935f5341d71df52c5455c620f 16-May-2014 Julia Reynolds <juliacr@google.com> Create deviceowner gated APIs for creating and removing users in devicepolicymanager.

This will allow DMAgent to manage users for EDU's cart model user case.
Bug: 15015887

Change-Id: I1eadf1701cb75fc4b50eb1a0df1525eff818286e
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
37f4e44ae614987c5ed953a1829c7181bb775e1f 21-May-2014 Julia Reynolds <juliacr@google.com> Merge "Add Device/Profile Owner gated apis for setting/getting blocked packages."
966881e8951f9bb297689745dcaecfdc13432656 14-May-2014 Julia Reynolds <juliacr@google.com> Add Device/Profile Owner gated apis for setting/getting blocked packages.

DMAgent currently needs to live in /system/priv-app in order to
(among other things) set and get blocked packages. These APIs will
get us closer to being able to move DMAgent out of priv-app.
Bug: 14945334

Change-Id: I108e2013c67409dca554acf78e3a710745900706
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
da551653219092306fc7e1ce5743ab40683cee6f 14-May-2014 Julia Reynolds <juliacr@google.com> Allow device/profile owners to update settings.

Device owners can update Settings.Secure and Settings.Global settings.
Profile owners can update Settings.Secure settings.

DMAgent currently needs to live in /system/priv-app in order to
(among other things) update global and secure settings. This change will
get us closer to being able to move DMAgent out of priv-app.
Bug: 14965414

Change-Id: If2cc3a56de91bffde33b838ab8ecea2c32412803
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
511e0d8323d2d2ed341ba40b15bc646e134ac03b 24-Mar-2014 justinzhang <justinzhang@google.com> DevicePolicyManager Authentication for Lock Task

Here we let DevicePolicyManager keep a list of tasks that are
allowed to start the lock task mode. This list can only be set by
a device owner app. The ActivityManager will call
DevicePolicyManager to check whether a given task can start the
lock task mode or not.

Change-Id: I650fdae43fc35bf9fd63452283f4e2bbadd11551
Bug: 14611303
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
5c02db60be02cc0c4798ea6d9c2b0e6cf972c158 07-May-2014 Sander Alewijnse <salewijnse@google.com> Add API to disable account management for certain types
of accounts.

The account types with disabled account management are stored in a
blacklist in the active admin object, editable by profile owners.

Change-Id: I57dc5f709ad79674fa28dd006969283585daea24
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
010cfd458121034075c7439020ffef4eedbcc0fc 16-Apr-2014 Adam Connors <adamconnors@google.com> Add enableSystemApp methods to DevicePolicyManager

These methods allow profile or device owners to enable
systems apps pre-installed in the primary user in the
managed profile. Apps can be specified by either package
name or intent.

Bug: 13587051

Change-Id: Ifcbc68c139308506b6c18cf3c0ea62b8026ff75f
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
c79586ede6dcd6a167bc8360f058cb5cc655b33d 06-May-2014 Nicolas Prevot <nprevot@google.com> Cleaning code related to the forwarding intent filters.

Checking for INTERACT_ACROSS_USERS_FULL
Adding equivalent methods in the PackageManager

Change-Id: Iaa1328fa666613a78e67ca669ea045144275e895
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
3c4d9c56db5b24699956de0a5a841196185363cc 01-May-2014 Alexandra Gherghina <alexgherghina@google.com> Merge "Adds an enabled state in UserInfo instead of DevicePolicyManager"
df35d570ed25257c6782e632ab1bae5e1603855a 09-Apr-2014 Alexandra Gherghina <alexgherghina@google.com> Adds an enabled state in UserInfo instead of DevicePolicyManager

Bug: 14377459
Change-Id: Ib4ec43d87da96c3dddaf9b7ae1796f261863a182
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
10fa67c77e11699391e27975fc2d276a0b8c7cbb 24-Mar-2014 Nicolas Prevot <nprevot@google.com> Introduce forwarding intents across profiles.

The package manager service maintains, for some user ids, a list of forwarding intent filters.
A forwarding intent filter is an intent filter with a destination (a user id).
If an intent matches the forwarding intent filter, then activities in the destination can also respond to the intent.

When the package manager service is asked for components that resolve an intent:
If the intent matches the forwarding intent filter, and at least one activity in the destination user can respond to the intent:
The package manager service also returns the IntentForwarderActivity.
This activity will forward the intent to the destination.

Change-Id: Id8957de3e4a4fdbc1e0dea073eadb45e04ef985a
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
be46532c9fbebf3ab6498c1b78013a33f620cd31 24-Apr-2014 Amith Yamasani <yamasani@google.com> Allow profile owners to set user restrictions

Pass the setting along to UserManager.

Fixes a security exception when fetching the profile's enabled state.

Change-Id: If71698cf32c52cce1158cf2027443a339bc58488
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
385124d8cee38dee00d4fac31e8fbe46fb30565b 03-Apr-2014 Alexandra Gherghina <alexgherghina@google.com> Modify getUserProfiles to return only enabled profiles:

Add a new enabled state for a managed profile.
Expose that as a new API on DevicePolicyManager.
Set the new state when enabling the profile.
Return only enabled profiles from the user manager.

Bug: 13755441
Bug: 13755091
Change-Id: I2907b182e19b3562592da688b3f68ef5f4088557
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
66e5d96cf9e689148b202787bdc269519c4b6f8f 09-Apr-2014 Robin Lee <rgl@google.com> Allow ProfileOwner apps to manage app restrictions

Simple wrapper around the UserManager.{get|set}ApplicationRestrictions
APIs. Also added a new Intent to signal to running apps that the set
of restrictions has changed since startup.

Change-Id: Ifd108108a73f87325b499d9de2e1b2aacc59b264
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
512675b07d1643f018e84d66e4ee8b641d3e191c 02-Apr-2014 Alexandra Gherghina <alexgherghina@google.com> Add new call to DevicePolicyManager to enable a profile.

Bug: 13755091
Change-Id: Idb6975431f842ededf78966c578b0533e6f186af
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
f475ca33d9232785710aaa438f17915029dfa83b 17-Feb-2014 Sander Alewijnse <salewijnse@google.com> Enables a profile owner or device owner to set and clear default intent handler activities.

Those intent handlers are persistent preferences. They will remain the default intent
handler even if the set of potential event handlers for the intent filter changes
and if the intent preferences are reset.

Change-Id: Id0cfae46f93c10d89e441f272096a205ec518dd0
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
776c555d954d9494069f786785877c08add27327 09-Jan-2014 Adam Connors <adamconnors@google.com> Extend DeviceOwner concept to accommodate ProfileOwners

ProfileOwners, like DeviceOwners, are Device Admins that have
additional priviledges. ProfileOwners however are scoped per
user.

Change-Id: I1e22c85878e0672121e6ebbe97fca38591f992b2
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
da51e68e582ffa017543982297c831680d201a91 09-Aug-2013 Maggie Benthall <mbenthall@google.com> Add methods for managing CAs to DevicePolicyManager(Service)

Guard install/uninstall by enforcing that the caller have the new system-only permission MANAGE_CA_CERTIFICATES.
Also include API methods for asking whether there are any User CA certs
installed, or if one by a particular name is installed in the keystore.

CA certs will be installed via KeyChain into the TrustedCertificateStore.

Bug: 8232670

Change-Id: I17b47a452e72eb4fe556dc6db823a46c6e854be8
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
334c7e32d494baf3bf0ae371d6b5949c80368982 08-Aug-2013 Geoffrey Borggaard <geoffreyb@google.com> Add a name to the DeviceOwner

We will need to display the name of the device owner (the human
readable name of the institution) to the user.
"This device is managed by google.com"

Change-Id: Ic33b6530c19cb14a118245692697205de3911a58
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
71e6c697e54a43d357cc25d87a446d140f17396a 25-Mar-2013 Amith Yamasani <yamasani@google.com> Device Owner, a special kind of device admin

A Device Owner cannot be uninstalled and is available to all users. It must
be registered before the device_provisioned flag is set.

Device admins can be disabled until used, but visible to device policy
manager, so that users wont be bothered with update requests.

Opened up a few related APIs for use by a system-installed Device Owner.

Change-Id: I847b5fe68c0f724863f778a67602b5bddc79d8e5
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
48b9b0d068844af9eb37c215484831c4d6b831b0 20-Sep-2012 Jim Miller <jaggies@google.com> Make DPM API for disabling keyguard widgets more generic

This change renames the widget-specific API to be more generic
to allow further disabling of keyguard-specific customizations
in the future. Currently only allows disabling widgets and the
secure camera but can now easily be extended to disable other
features we add.

Fixes bug: 7021368

Change-Id: I3934cc2e7c64e0c6d511efb86980fc38a849708d
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
599dd7ce9adf8ca067cefb0b191a5ac20ec35a79 15-Sep-2012 Amith Yamasani <yamasani@google.com> DevicePolicyManager per user

Bug: 7136483

Store device policy information for each user and apply them when user switches.

Global proxy can only be controlled by owner.
Camera restriction applies to all users, if any one has an admin that disables it.
Storage encryption can only be controlled by owner, although other users can query the state.
Wipe data will only remove the user if non-zero, wipe the device, if zero.

Change-Id: I359be46c1bc3828fd13d4be3228f11495081c8f2
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
b8ec470617590fa2025db869e8e80dcce8eaec23 01-Sep-2012 Jim Miller <jaggies@google.com> Update DevicePolicyManager with ability to disable keyguard widgets

Change-Id: I5876e9e180b2a995aaa355fbbb2b67cebb86104d
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
2447edd85baac3225a12b868ef40f76cfdc6ec11 10-May-2011 Ben Komalo <benkomalo@google.com> New device policy to disable camera.

This introduces a new policy that a DeviceAdmin can use to disable _all_
cameras on the device. A separate CL will be made on the media side to
watch this policy bit and act accordingly.

Bug: 4185303
Change-Id: I700cfc4a8317bb74087ccae39346d74467fc58b2
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
22dbfda976aab9ae897eed0625e2e64ead32bbc4 17-Jan-2011 Andy Stadler <stadler@google.com> Add internal plumbing to DPM for encryption

* Add code to persist per-admin setting
* Add hooks for OS-level tie-in (is supported, get / set status)
* Add 3rd API call to get OS status (irrespective of admin settings)
* Remove "REQUESTED" status, no longer relevant with 3rd API
* Fixed bug that impacted global proxy settings
* Update api/11.xml to match current.xml

Bug: 3346770
Change-Id: I56bdf9a7894f6ca4842402c7b82ddb3caf4b37b9
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
7b0f8f08ac7b3ed5cf462b92283713b033d6a64a 12-Jan-2011 Andy Stadler <stadler@google.com> API changes to support encryption in DPM

* New uses-policies value
* Definitions for storage domain and encryption status
* API to get and set encryption status
* Intent to launch encryption changes
* Both new calls bottom out in the DPM service and are suitable for
a device that does not support encryption.

NOTE: Nobody should use ACTION_START_ENCRYPTION yet. It needs a receiver
to be built in Settings (different CL).

Change-Id: I2ae193bedbec59f6ba46c0ec7de12ecf321e5803
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
c25f70a440ef9468085b8d98c8416c7e8b116753 09-Dec-2010 Andy Stadler <stadler@google.com> API CHANGE - Add hasGrantedPolicy() API

* Allows an app to detect that it needs to have additional policies granted
* Add "refreshing" parameter to setActiveAdmin() to handle this case
* Minor cleanups to eliminate warnings (mostly for unused things)

Bug: 3253179
Change-Id: I4bf639bf560557130bf98e8cfb75f996fac416f1
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
a4e28d181942018ba8759989799a28fa88764ce3 09-Nov-2010 Jim Miller <jaggies@google.com> Add password expiration support to DevicePolicyManager.

Change-Id: Ib2629ec547c123ac489d7f4cbd4e0a1d4aa07620
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
69238c6a37ae43c748ad9cd7613f2209149ee7da 03-Aug-2010 Oscar Montemayor <oam@google.com> Device Policy Manager changes to enable Global Proxy.

Change-Id: I8489df7d28e4c5312e10d5cecc8e2a182413a034
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
c857740f242169f2ca7fd42f0d1268661b399ad6 05-Jun-2010 Konstantin Lopyrev <klopyrev@google.com> Adding support for minimum number of non letter characters.

Change-Id: If54cb7209d65eef826d474d7e0dbbef63d2f2b47
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97 25-May-2010 Konstantin Lopyrev <klopyrev@google.com> Fix 2677197: Adding minimum complex character support.

Change-Id: I520bc5f9aa924bf9b5585b2235a91cc96cb99c25
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
3255823de062e981f7bfc7994919207988697e45 21-May-2010 Konstantin Lopyrev <klopyrev@google.com> Fix 2673731: Adding support for password history to Device Admin.

Change-Id: If3240048813e32b2bae79fe5cb8a73aea20ec56c
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl
87bba1ee14279bb14a28d42e27c4ef66d9967bf8 27-Feb-2010 Dianne Hackborn <hackbod@google.com> Move DeviceAdmin APIs to android.app.admin.

Also add ability for admins to hide themselves when not in use,
a facility for admins to not allow other admins to reset
their password, and debug dumping.
/frameworks/base/core/java/android/app/admin/IDevicePolicyManager.aidl