Lines Matching defs:admin
20 import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_COMPLEX;
21 import static android.app.admin.DevicePolicyManager.WIPE_EXTERNAL_STORAGE;
22 import static android.app.admin.DevicePolicyManager.WIPE_RESET_PROTECTION_DATA;
41 import android.app.admin.DeviceAdminInfo;
42 import android.app.admin.DeviceAdminReceiver;
43 import android.app.admin.DevicePolicyManager;
44 import android.app.admin.DevicePolicyManagerInternal;
45 import android.app.admin.IDevicePolicyManager;
46 import android.app.admin.SystemUpdatePolicy;
218 // The following user restrictions cannot be changed by any active admin, including device
287 * Whether or not device admin feature is supported. If it isn't return defaults for all
803 Slog.w(LOG_TAG, "Unknown admin tag: " + tag);
1204 ActiveAdmin admin = getUserData(userHandle).mAdminMap.get(who);
1205 if (admin != null
1206 && who.getPackageName().equals(admin.info.getActivityInfo().packageName)
1207 && who.getClassName().equals(admin.info.getActivityInfo().name)) {
1208 return admin;
1225 ActiveAdmin admin = policy.mAdminMap.get(who);
1227 throw new SecurityException("Admin " + admin.info.getComponent()
1231 throw new SecurityException("Admin " + admin.info.getComponent()
1234 throw new SecurityException("Admin " + admin.info.getComponent()
1236 + admin.info.getTagForPolicy(reqPolicy));
1238 throw new SecurityException("No active admin owned by uid "
1245 // Try to find an admin which can use reqPolicy
1249 ActiveAdmin admin = policy.mAdminMap.get(who);
1250 if (admin == null) {
1251 throw new SecurityException("No active admin " + who);
1253 if (admin.getUid() != uid) {
1257 if (isActiveAdminWithPolicyForUserLocked(admin, reqPolicy, userId)) {
1258 return admin;
1261 for (ActiveAdmin admin : policy.mAdminList) {
1262 if (admin.getUid() == uid && isActiveAdminWithPolicyForUserLocked(admin, reqPolicy,
1264 return admin;
1272 private boolean isActiveAdminWithPolicyForUserLocked(ActiveAdmin admin, int reqPolicy,
1274 boolean ownsDevice = isDeviceOwner(admin.info.getPackageName());
1277 .equals(admin.info.getPackageName()));
1278 boolean ownsInitialization = isDeviceInitializer(admin.info.getPackageName())
1292 if (admin.info.usesPolicy(reqPolicy)) {
1299 void sendAdminCommandLocked(ActiveAdmin admin, String action) {
1300 sendAdminCommandLocked(admin, action, null);
1303 void sendAdminCommandLocked(ActiveAdmin admin, String action, BroadcastReceiver result) {
1304 sendAdminCommandLocked(admin, action, null, result);
1308 * Send an update to one specific admin, get notified when that admin returns a result.
1310 void sendAdminCommandLocked(ActiveAdmin admin, String action, Bundle adminExtras,
1313 intent.setComponent(admin.info.getComponent());
1315 intent.putExtra("expiration", admin.passwordExpirationDate);
1321 mContext.sendOrderedBroadcastAsUser(intent, admin.getUserHandle(),
1324 mContext.sendBroadcastAsUser(intent, admin.getUserHandle());
1336 final ActiveAdmin admin = policy.mAdminList.get(i);
1337 if (admin.info.usesPolicy(reqPolicy)) {
1338 sendAdminCommandLocked(admin, action);
1358 final ActiveAdmin admin = getActiveAdminUncheckedLocked(adminReceiver, userHandle);
1359 if (admin != null) {
1363 sendAdminCommandLocked(admin,
1369 int userHandle = admin.getUserHandle().getIdentifier();
1371 boolean doProxyCleanup = admin.info.usesPolicy(
1373 policy.mAdminList.remove(admin);
1401 throw new IllegalArgumentException("Unknown admin: " + adminName);
1407 Slog.w(LOG_TAG, "Bad device admin requested for user=" + userHandle + ": " + adminName,
1411 Slog.w(LOG_TAG, "Bad device admin requested for user=" + userHandle + ": " + adminName,
1457 out.startTag(null, "admin");
1460 out.endTag(null, "admin");
1588 if ("admin".equals(tag)) {
1605 Slog.w(LOG_TAG, "Failed loading admin " + name, e);
1663 // Generate a list of admins from the admin map
1840 final ActiveAdmin admin = policy.mAdminList.get(i);
1841 if (admin.info.usesPolicy(DeviceAdminInfo.USES_POLICY_EXPIRE_PASSWORD)
1842 && admin.passwordExpirationTimeout > 0L
1843 && now >= admin.passwordExpirationDate - EXPIRATION_GRACE_PERIOD_MS
1844 && admin.passwordExpirationDate > 0L) {
1845 sendAdminCommandLocked(admin,
1945 * @param adminReceiver The admin to add
1946 * @param refreshing true = update an active admin, no error
1965 throw new IllegalArgumentException("Bad admin: " + adminReceiver);
2032 throw new SecurityException("No active admin " + adminReceiver);
2085 ActiveAdmin admin = getActiveAdminUncheckedLocked(adminReceiver, userHandle);
2086 if (admin == null) {
2089 if (admin.getUid() != Binder.getCallingUid()) {
2135 ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
2136 return admin != null ? admin.passwordQuality : mode;
2145 ActiveAdmin admin = policy.mAdminList.get(i);
2146 if (mode < admin.passwordQuality) {
2147 mode = admin.passwordQuality;
2182 ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
2183 return admin != null ? admin.minimumPasswordLength : length;
2192 ActiveAdmin admin = policy.mAdminList.get(i);
2193 if (length < admin.minimumPasswordLength) {
2194 length = admin.minimumPasswordLength;
2229 ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
2230 return admin != null ? admin.passwordHistoryLength : length;
2239 ActiveAdmin admin = policy.mAdminList.get(i);
2240 if (length < admin.passwordHistoryLength) {
2241 length = admin.passwordHistoryLength;
2276 * Return a single admin's expiration cycle time, or the min of all cycle times.
2289 ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
2290 return admin != null ? admin.passwordExpirationTimeout : timeout;
2298 ActiveAdmin admin = policy.mAdminList.get(i);
2299 if (timeout == 0L || (admin.passwordExpirationTimeout != 0L
2300 && timeout > admin.passwordExpirationTimeout)) {
2301 timeout = admin.passwordExpirationTimeout;
2310 public boolean addCrossProfileWidgetProvider(ComponentName admin, String packageName) {
2315 ActiveAdmin activeAdmin = getActiveAdminForCallerLocked(admin,
2337 public boolean removeCrossProfileWidgetProvider(ComponentName admin, String packageName) {
2342 ActiveAdmin activeAdmin = getActiveAdminForCallerLocked(admin,
2363 public List<String> getCrossProfileWidgetProviders(ComponentName admin) {
2365 ActiveAdmin activeAdmin = getActiveAdminForCallerLocked(admin,
2380 * Return a single admin's expiration date/time, or the min (soonest) for all admins.
2387 ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
2388 return admin != null ? admin.passwordExpirationDate : timeout;
2396 ActiveAdmin admin = policy.mAdminList.get(i);
2397 if (timeout == 0L || (admin.passwordExpirationDate != 0
2398 && timeout > admin.passwordExpirationDate)) {
2399 timeout = admin.passwordExpirationDate;
2444 ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
2445 return admin != null ? admin.minimumPasswordUpperCase : length;
2454 ActiveAdmin admin = policy.mAdminList.get(i);
2455 if (length < admin.minimumPasswordUpperCase) {
2456 length = admin.minimumPasswordUpperCase;
2488 ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
2489 return admin != null ? admin.minimumPasswordLowerCase : length;
2498 ActiveAdmin admin = policy.mAdminList.get(i);
2499 if (length < admin.minimumPasswordLowerCase) {
2500 length = admin.minimumPasswordLowerCase;
2535 ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
2536 return admin != null ? admin.minimumPasswordLetters : length;
2545 ActiveAdmin admin = policy.mAdminList.get(i);
2546 if (!isLimitPasswordAllowed(admin, PASSWORD_QUALITY_COMPLEX)) {
2549 if (length < admin.minimumPasswordLetters) {
2550 length = admin.minimumPasswordLetters;
2585 ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
2586 return admin != null ? admin.minimumPasswordNumeric : length;
2595 ActiveAdmin admin = policy.mAdminList.get(i);
2596 if (!isLimitPasswordAllowed(admin, PASSWORD_QUALITY_COMPLEX)) {
2599 if (length < admin.minimumPasswordNumeric) {
2600 length = admin.minimumPasswordNumeric;
2635 ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
2636 return admin != null ? admin.minimumPasswordSymbols : length;
2645 ActiveAdmin admin = policy.mAdminList.get(i);
2646 if (!isLimitPasswordAllowed(admin, PASSWORD_QUALITY_COMPLEX)) {
2649 if (length < admin.minimumPasswordSymbols) {
2650 length = admin.minimumPasswordSymbols;
2685 ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
2686 return admin != null ? admin.minimumPasswordNonLetter : length;
2695 ActiveAdmin admin = policy.mAdminList.get(i);
2696 if (!isLimitPasswordAllowed(admin, PASSWORD_QUALITY_COMPLEX)) {
2699 if (length < admin.minimumPasswordNonLetter) {
2700 length = admin.minimumPasswordNonLetter;
2724 // This API can only be called by an active device admin,
2746 // This API can only be called by an active device admin,
2768 // This API can only be called by an active device admin,
2788 ActiveAdmin admin = (who != null) ? getActiveAdminUncheckedLocked(who, userHandle)
2790 return admin != null ? admin.maximumFailedPasswordsForWipe : 0;
2801 ActiveAdmin admin = getAdminWithMinimumFailedPasswordsForWipeLocked(userHandle);
2802 return admin != null ? admin.getUserHandle().getIdentifier() : UserHandle.USER_NULL;
2807 * Returns the admin with the strictest policy on maximum failed passwords for this user and all
2809 * are equal, it returns the admin for the primary profile.
2817 for (ActiveAdmin admin : policy.mAdminList) {
2818 if (admin.maximumFailedPasswordsForWipe ==
2825 count > admin.maximumFailedPasswordsForWipe ||
2826 (userInfo.isPrimary() && count >= admin.maximumFailedPasswordsForWipe)) {
2827 count = admin.maximumFailedPasswordsForWipe;
2828 strictestAdmin = admin;
2847 // This api can only be called by an active device admin,
3051 ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
3052 return admin != null ? admin.maximumTimeToUnlock : time;
3061 ActiveAdmin admin = policy.mAdminList.get(i);
3063 time = admin.maximumTimeToUnlock;
3064 } else if (admin.maximumTimeToUnlock != 0
3065 && time > admin.maximumTimeToUnlock) {
3066 time = admin.maximumTimeToUnlock;
3080 // This API can only be called by an active device admin,
3142 public boolean installCaCert(ComponentName admin, byte[] certBuffer) throws RemoteException {
3143 enforceCanManageCaCerts(admin);
3185 public void uninstallCaCerts(ComponentName admin, String[] aliases) {
3186 enforceCanManageCaCerts(admin);
3344 // This API can only be called by an active device admin,
3346 final ActiveAdmin admin = getActiveAdminForCallerLocked(null,
3350 final ComponentName cname = admin.info.getComponent();
3354 source = admin.info.getPackageName();
3360 boolean ownsInitialization = isDeviceInitializer(admin.info.getPackageName())
3363 || !(isDeviceOwner(admin.info.getPackageName())
3436 ActiveAdmin admin = getActiveAdminUncheckedLocked(comp, userHandle);
3437 if (admin == null) {
3446 intent.setComponent(admin.info.getComponent());
3518 ActiveAdmin admin = policy.mAdminList.get(i);
3519 if (admin.info.usesPolicy(DeviceAdminInfo.USES_POLICY_EXPIRE_PASSWORD)) {
3520 long timeout = admin.passwordExpirationTimeout;
3522 admin.passwordExpirationDate = expiration;
3609 ActiveAdmin admin = getActiveAdminForCallerLocked(who,
3618 // Another admin already sets the global proxy
3631 admin.specifiesGlobalProxy = false;
3632 admin.globalProxySpec = null;
3633 admin.globalProxyExclusionList = null;
3636 admin.specifiesGlobalProxy = true;
3637 admin.globalProxySpec = proxySpec;
3638 admin.globalProxyExclusionList = exclusionList;
3667 // Device admin sets the global proxy
3673 // No device admin sets the global proxy.
3736 * Set the storage encryption request for a single admin. Returns the new total request
3764 // (1) Record the value for the admin so it's sticky
3789 * Get the current storage encryption request status for a given admin, or aggregate of all
3868 * Hook to low-levels: If needed, record the new admin setting for encryption.
3875 * Set whether the screen capture is disabled for the user managed by the specified admin.
3896 * Returns whether or not screen capture is disabled for a given admin, or disabled for any
3897 * active admin (if given admin is null).
3906 ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
3907 return (admin != null) ? admin.disableScreenCapture : false;
3913 ActiveAdmin admin = policy.mAdminList.get(i);
3914 if (admin.disableScreenCapture) {
3934 * Set whether auto time is required by the specified admin (must be device owner).
3944 ActiveAdmin admin = getActiveAdminForCallerLocked(who,
3946 if (admin.requireAutoTime != required) {
3947 admin.requireAutoTime = required;
3986 * Disables all device cameras according to the specified admin.
4007 * Gets whether or not all device cameras are disabled for a given admin, or disabled for any
4017 ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
4018 return (admin != null) ? admin.disableCamera : false;
4025 ActiveAdmin admin = policy.mAdminList.get(i);
4026 if (admin.disableCamera) {
4059 * Gets the disabled state for features in keyguard for the given admin,
4072 ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
4073 return (admin != null) ? admin.disabledKeyguardFeatures : 0;
4089 // Determine which keyguard features are disabled by any active admin.
4095 ActiveAdmin admin = policy.mAdminList.get(i);
4099 which |= admin.disabledKeyguardFeatures;
4103 which |= (admin.disabledKeyguardFeatures
4211 ActiveAdmin admin = policy.mAdminList.get(i);
4212 if (deviceOwnerPackageName.equals(admin.info.getPackageName())) {
4213 return admin;
4344 ActiveAdmin admin = getActiveAdminUncheckedLocked(who, UserHandle.getCallingUserId());
4346 if (admin.getUid() != Binder.getCallingUid()) {
4351 if (!isDeviceInitializer(admin.info.getPackageName())
4352 && !isDeviceOwner(admin.info.getPackageName())) {
4582 ActiveAdmin admin = policy.mAdminList.get(i);
4583 if (profileOwner.equals(admin.info.getComponent())) {
4584 return admin;
4860 public void setTrustAgentConfiguration(ComponentName admin, ComponentName agent,
4865 Preconditions.checkNotNull(admin, "admin is null");
4870 ActiveAdmin ap = getActiveAdminForCallerLocked(admin,
4879 public List<PersistableBundle> getTrustAgentConfiguration(ComponentName admin,
4889 if (admin != null) {
4890 final ActiveAdmin ap = getActiveAdminUncheckedLocked(admin, userHandle);
4904 // of the options. If any admin doesn't have options, discard options for the rest
4922 Log.w(LOG_TAG, "Ignoring admin " + active.info
5092 ActiveAdmin admin = getActiveAdminForCallerLocked(who,
5094 admin.permittedAccessiblityServices = packageList;
5108 ActiveAdmin admin = getActiveAdminForCallerLocked(who,
5110 return admin.permittedAccessiblityServices;
5132 ActiveAdmin admin = policy.mAdminList.get(j);
5133 List<String> fromAdmin = admin.permittedAccessiblityServices;
5240 ActiveAdmin admin = getActiveAdminForCallerLocked(who,
5242 admin.permittedInputMethods = packageList;
5256 ActiveAdmin admin = getActiveAdminForCallerLocked(who,
5258 return admin.permittedInputMethods;
5287 ActiveAdmin admin = policy.mAdminList.get(j);
5288 List<String> fromAdmin = admin.permittedInputMethods;
5578 // This API can only be called by an active device admin,
5620 // This API can only be called by an active device admin,
5715 ActiveAdmin admin = policy.mAdminList.get(i);
5716 resultSet.addAll(admin.accountTypesWithManagementDisabled);
5747 // when the package is a system app, or when it is an active device admin.
5776 ActiveAdmin admin = getActiveAdminForCallerLocked(who,
5778 if (admin.disableCallerId != disabled) {
5779 admin.disableCallerId = disabled;
5792 ActiveAdmin admin = getActiveAdminForCallerLocked(who,
5794 return admin.disableCallerId;
5803 ActiveAdmin admin = getProfileOwnerAdmin(userId);
5804 return (admin != null) ? admin.disableCallerId : false;
5868 ActiveAdmin admin = getActiveAdminForCallerLocked(who,
5870 if (admin.disableBluetoothContactSharing != disabled) {
5871 admin.disableBluetoothContactSharing = disabled;
5884 ActiveAdmin admin = getActiveAdminForCallerLocked(who,
5886 return admin.disableBluetoothContactSharing;
5896 ActiveAdmin admin = getProfileOwnerAdmin(userId);
5897 return (admin != null) ? admin.disableBluetoothContactSharing : false;
5981 for (ActiveAdmin admin : policy.mAdminList) {
5982 boolean ownsDevice = isDeviceOwner(admin.info.getPackageName());
5984 && getProfileOwner(userHandle).equals(admin.info.getPackageName()));
5987 sendAdminCommandLocked(admin, DeviceAdminReceiver.ACTION_LOCK_TASK_ENTERING,
5990 sendAdminCommandLocked(admin, DeviceAdminReceiver.ACTION_LOCK_TASK_EXITING);
6263 ActiveAdmin admin = policy.mAdminMap.get(ownerComponent);
6265 if (admin == null || admin.crossProfileWidgetProviders == null
6266 || admin.crossProfileWidgetProviders.isEmpty()) {
6270 return admin.crossProfileWidgetProviders;
6309 * Returns true if specified admin is allowed to limit passwords and has a
6312 private static boolean isLimitPasswordAllowed(ActiveAdmin admin, int minPasswordQuality) {
6313 if (admin.passwordQuality < minPasswordQuality) {
6316 return admin.info.usesPolicy(DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD);
6411 public void setPermissionPolicy(ComponentName admin, int policy) throws RemoteException {
6414 getActiveAdminForCallerLocked(admin, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
6424 public int getPermissionPolicy(ComponentName admin) throws RemoteException {
6433 public boolean setPermissionGrantState(ComponentName admin, String packageName,
6437 getActiveAdminForCallerLocked(admin, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);
6478 public int getPermissionGrantState(ComponentName admin, String packageName,
6484 getActiveAdminForCallerLocked(admin, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER);