IT. Expert System.

Android Reference

DevicePolicyManager


android.app.admin

Class DevicePolicyManager



  • public class DevicePolicyManager
    extends Object
    Public interface for managing policies enforced on a device. Most clients of this class must have published a DeviceAdminReceiver that the user has currently enabled.

    Developer Guides

    For more information about managing policies for device adminstration, read the Device Administration developer guide.

    • Method Detail

      • isAdminActive

        public boolean isAdminActive(ComponentName who)
        Return true if the given administrator component is currently active (enabled) in the system.
      • getActiveAdmins

        public List<ComponentName> getActiveAdmins()
        Return a list of all currently active device administrator's component names. Note that if there are no administrators than null may be returned.
      • packageHasActiveAdmins

        public boolean packageHasActiveAdmins(String packageName)
        Used by package administration code to determine if a package can be stopped or uninstalled.
      • removeActiveAdmin

        public void removeActiveAdmin(ComponentName who)
        Remove a current administration component. This can only be called by the application that owns the administration component; if you try to remove someone else's component, a security exception will be thrown.
      • hasGrantedPolicy

        public boolean hasGrantedPolicy(ComponentName admin,
                               int usesPolicy)
        Returns true if an administrator has been granted a particular device policy. This can be used to check if the administrator was activated under an earlier set of policies, but requires additional policies after an upgrade.
        Parameters:
        admin - Which DeviceAdminReceiver this request is associated with. Must be an active administrator, or an exception will be thrown.
        usesPolicy - Which uses-policy to check, as defined in DeviceAdminInfo.
      • getPasswordQuality

        public int getPasswordQuality(ComponentName admin)
        Retrieve the current minimum password quality for all admins or a particular one.
        Parameters:
        admin - The name of the admin component to check, or null to aggregate all admins.
      • getPasswordQuality

        public int getPasswordQuality(ComponentName admin,
                             int userHandle)
      • getPasswordMinimumLength

        public int getPasswordMinimumLength(ComponentName admin)
        Retrieve the current minimum password length for all admins or a particular one.
        Parameters:
        admin - The name of the admin component to check, or null to aggregate all admins.
      • getPasswordMinimumLength

        public int getPasswordMinimumLength(ComponentName admin,
                                   int userHandle)
      • setPasswordMinimumUpperCase

        public void setPasswordMinimumUpperCase(ComponentName admin,
                                       int length)
        Called by an application that is administering the device to set the minimum number of upper case letters required in the password. After setting this, the user will not be able to enter a new password that is not at least as restrictive as what has been set. Note that the current password will remain until the user has set a new one, so the change does not take place immediately. To prompt the user for a new password, use ACTION_SET_NEW_PASSWORD after setting this value. This constraint is only imposed if the administrator has also requested PASSWORD_QUALITY_COMPLEX with setPasswordQuality(android.content.ComponentName, int). The default value is 0.

        The calling device admin must have requested DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD to be able to call this method; if it has not, a security exception will be thrown.

        Parameters:
        admin - Which DeviceAdminReceiver this request is associated with.
        length - The new desired minimum number of upper case letters required in the password. A value of 0 means there is no restriction.
      • getPasswordMinimumUpperCase

        public int getPasswordMinimumUpperCase(ComponentName admin)
        Retrieve the current number of upper case letters required in the password for all admins or a particular one. This is the same value as set by {#link setPasswordMinimumUpperCase(ComponentName, int) and only applies when the password quality is PASSWORD_QUALITY_COMPLEX.
        Parameters:
        admin - The name of the admin component to check, or null to aggregate all admins.
        Returns:
        The minimum number of upper case letters required in the password.
      • getPasswordMinimumUpperCase

        public int getPasswordMinimumUpperCase(ComponentName admin,
                                      int userHandle)
      • setPasswordMinimumLowerCase

        public void setPasswordMinimumLowerCase(ComponentName admin,
                                       int length)
        Called by an application that is administering the device to set the minimum number of lower case letters required in the password. After setting this, the user will not be able to enter a new password that is not at least as restrictive as what has been set. Note that the current password will remain until the user has set a new one, so the change does not take place immediately. To prompt the user for a new password, use ACTION_SET_NEW_PASSWORD after setting this value. This constraint is only imposed if the administrator has also requested PASSWORD_QUALITY_COMPLEX with setPasswordQuality(android.content.ComponentName, int). The default value is 0.

        The calling device admin must have requested DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD to be able to call this method; if it has not, a security exception will be thrown.

        Parameters:
        admin - Which DeviceAdminReceiver this request is associated with.
        length - The new desired minimum number of lower case letters required in the password. A value of 0 means there is no restriction.
      • getPasswordMinimumLowerCase

        public int getPasswordMinimumLowerCase(ComponentName admin)
        Retrieve the current number of lower case letters required in the password for all admins or a particular one. This is the same value as set by {#link setPasswordMinimumLowerCase(ComponentName, int) and only applies when the password quality is PASSWORD_QUALITY_COMPLEX.
        Parameters:
        admin - The name of the admin component to check, or null to aggregate all admins.
        Returns:
        The minimum number of lower case letters required in the password.
      • getPasswordMinimumLowerCase

        public int getPasswordMinimumLowerCase(ComponentName admin,
                                      int userHandle)
      • setPasswordMinimumLetters

        public void setPasswordMinimumLetters(ComponentName admin,
                                     int length)
        Called by an application that is administering the device to set the minimum number of letters required in the password. After setting this, the user will not be able to enter a new password that is not at least as restrictive as what has been set. Note that the current password will remain until the user has set a new one, so the change does not take place immediately. To prompt the user for a new password, use ACTION_SET_NEW_PASSWORD after setting this value. This constraint is only imposed if the administrator has also requested PASSWORD_QUALITY_COMPLEX with setPasswordQuality(android.content.ComponentName, int). The default value is 1.

        The calling device admin must have requested DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD to be able to call this method; if it has not, a security exception will be thrown.

        Parameters:
        admin - Which DeviceAdminReceiver this request is associated with.
        length - The new desired minimum number of letters required in the password. A value of 0 means there is no restriction.
      • getPasswordMinimumLetters

        public int getPasswordMinimumLetters(ComponentName admin)
        Retrieve the current number of letters required in the password for all admins or a particular one. This is the same value as set by {#link setPasswordMinimumLetters(ComponentName, int) and only applies when the password quality is PASSWORD_QUALITY_COMPLEX.
        Parameters:
        admin - The name of the admin component to check, or null to aggregate all admins.
        Returns:
        The minimum number of letters required in the password.
      • getPasswordMinimumLetters

        public int getPasswordMinimumLetters(ComponentName admin,
                                    int userHandle)
      • setPasswordMinimumNumeric

        public void setPasswordMinimumNumeric(ComponentName admin,
                                     int length)
        Called by an application that is administering the device to set the minimum number of numerical digits required in the password. After setting this, the user will not be able to enter a new password that is not at least as restrictive as what has been set. Note that the current password will remain until the user has set a new one, so the change does not take place immediately. To prompt the user for a new password, use ACTION_SET_NEW_PASSWORD after setting this value. This constraint is only imposed if the administrator has also requested PASSWORD_QUALITY_COMPLEX with setPasswordQuality(android.content.ComponentName, int). The default value is 1.

        The calling device admin must have requested DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD to be able to call this method; if it has not, a security exception will be thrown.

        Parameters:
        admin - Which DeviceAdminReceiver this request is associated with.
        length - The new desired minimum number of numerical digits required in the password. A value of 0 means there is no restriction.
      • getPasswordMinimumNumeric

        public int getPasswordMinimumNumeric(ComponentName admin)
        Retrieve the current number of numerical digits required in the password for all admins or a particular one. This is the same value as set by {#link setPasswordMinimumNumeric(ComponentName, int) and only applies when the password quality is PASSWORD_QUALITY_COMPLEX.
        Parameters:
        admin - The name of the admin component to check, or null to aggregate all admins.
        Returns:
        The minimum number of numerical digits required in the password.
      • getPasswordMinimumNumeric

        public int getPasswordMinimumNumeric(ComponentName admin,
                                    int userHandle)
      • setPasswordMinimumSymbols

        public void setPasswordMinimumSymbols(ComponentName admin,
                                     int length)
        Called by an application that is administering the device to set the minimum number of symbols required in the password. After setting this, the user will not be able to enter a new password that is not at least as restrictive as what has been set. Note that the current password will remain until the user has set a new one, so the change does not take place immediately. To prompt the user for a new password, use ACTION_SET_NEW_PASSWORD after setting this value. This constraint is only imposed if the administrator has also requested PASSWORD_QUALITY_COMPLEX with setPasswordQuality(android.content.ComponentName, int). The default value is 1.

        The calling device admin must have requested DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD to be able to call this method; if it has not, a security exception will be thrown.

        Parameters:
        admin - Which DeviceAdminReceiver this request is associated with.
        length - The new desired minimum number of symbols required in the password. A value of 0 means there is no restriction.
      • getPasswordMinimumSymbols

        public int getPasswordMinimumSymbols(ComponentName admin)
        Retrieve the current number of symbols required in the password for all admins or a particular one. This is the same value as set by {#link setPasswordMinimumSymbols(ComponentName, int) and only applies when the password quality is PASSWORD_QUALITY_COMPLEX.
        Parameters:
        admin - The name of the admin component to check, or null to aggregate all admins.
        Returns:
        The minimum number of symbols required in the password.
      • getPasswordMinimumSymbols

        public int getPasswordMinimumSymbols(ComponentName admin,
                                    int userHandle)
      • setPasswordMinimumNonLetter

        public void setPasswordMinimumNonLetter(ComponentName admin,
                                       int length)
        Called by an application that is administering the device to set the minimum number of non-letter characters (numerical digits or symbols) required in the password. After setting this, the user will not be able to enter a new password that is not at least as restrictive as what has been set. Note that the current password will remain until the user has set a new one, so the change does not take place immediately. To prompt the user for a new password, use ACTION_SET_NEW_PASSWORD after setting this value. This constraint is only imposed if the administrator has also requested PASSWORD_QUALITY_COMPLEX with setPasswordQuality(android.content.ComponentName, int). The default value is 0.

        The calling device admin must have requested DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD to be able to call this method; if it has not, a security exception will be thrown.

        Parameters:
        admin - Which DeviceAdminReceiver this request is associated with.
        length - The new desired minimum number of letters required in the password. A value of 0 means there is no restriction.
      • getPasswordMinimumNonLetter

        public int getPasswordMinimumNonLetter(ComponentName admin)
        Retrieve the current number of non-letter characters required in the password for all admins or a particular one. This is the same value as set by {#link setPasswordMinimumNonLetter(ComponentName, int) and only applies when the password quality is PASSWORD_QUALITY_COMPLEX.
        Parameters:
        admin - The name of the admin component to check, or null to aggregate all admins.
        Returns:
        The minimum number of letters required in the password.
      • getPasswordMinimumNonLetter

        public int getPasswordMinimumNonLetter(ComponentName admin,
                                      int userHandle)
      • setPasswordExpirationTimeout

        public void setPasswordExpirationTimeout(ComponentName admin,
                                        long timeout)
        Called by a device admin to set the password expiration timeout. Calling this method will restart the countdown for password expiration for the given admin, as will changing the device password (for all admins).

        The provided timeout is the time delta in ms and will be added to the current time. For example, to have the password expire 5 days from now, timeout would be 5 * 86400 * 1000 = 432000000 ms for timeout.

        To disable password expiration, a value of 0 may be used for timeout.

        The calling device admin must have requested DeviceAdminInfo.USES_POLICY_EXPIRE_PASSWORD to be able to call this method; if it has not, a security exception will be thrown.

        Parameters:
        admin - Which DeviceAdminReceiver this request is associated with.
        timeout - The limit (in ms) that a password can remain in effect. A value of 0 means there is no restriction (unlimited).
      • getPasswordExpirationTimeout

        public long getPasswordExpirationTimeout(ComponentName admin)
        Get the password expiration timeout for the given admin. The expiration timeout is the recurring expiration timeout provided in the call to setPasswordExpirationTimeout(ComponentName, long) for the given admin or the aggregate of all policy administrators if admin is null.
        Parameters:
        admin - The name of the admin component to check, or null to aggregate all admins.
        Returns:
        The timeout for the given admin or the minimum of all timeouts
      • getPasswordExpiration

        public long getPasswordExpiration(ComponentName admin)
        Get the current password expiration time for the given admin or an aggregate of all admins if admin is null. If the password is expired, this will return the time since the password expired as a negative number. If admin is null, then a composite of all expiration timeouts is returned - which will be the minimum of all timeouts.
        Parameters:
        admin - The name of the admin component to check, or null to aggregate all admins.
        Returns:
        The password expiration time, in ms.
      • getPasswordHistoryLength

        public int getPasswordHistoryLength(ComponentName admin)
        Retrieve the current password history length for all admins or a particular one.
        Parameters:
        admin - The name of the admin component to check, or null to aggregate all admins.
        Returns:
        The length of the password history
      • getPasswordHistoryLength

        public int getPasswordHistoryLength(ComponentName admin,
                                   int userHandle)
      • getPasswordMaximumLength

        public int getPasswordMaximumLength(int quality)
        Return the maximum password length that the device supports for a particular password quality.
        Parameters:
        quality - The quality being interrogated.
        Returns:
        Returns the maximum length that the user can enter.
      • isActivePasswordSufficient

        public boolean isActivePasswordSufficient()
        Determine whether the current password the user has set is sufficient to meet the policy requirements (quality, minimum length) that have been requested.

        The calling device admin must have requested DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD to be able to call this method; if it has not, a security exception will be thrown.

        Returns:
        Returns true if the password meets the current requirements, else false.
      • getCurrentFailedPasswordAttempts

        public int getCurrentFailedPasswordAttempts()
        Retrieve the number of times the user has failed at entering a password since that last successful password entry.

        The calling device admin must have requested DeviceAdminInfo.USES_POLICY_WATCH_LOGIN to be able to call this method; if it has not, a security exception will be thrown.

      • setMaximumFailedPasswordsForWipe

        public void setMaximumFailedPasswordsForWipe(ComponentName admin,
                                            int num)
        Setting this to a value greater than zero enables a built-in policy that will perform a device wipe after too many incorrect device-unlock passwords have been entered. This built-in policy combines watching for failed passwords and wiping the device, and requires that you request both DeviceAdminInfo.USES_POLICY_WATCH_LOGIN and DeviceAdminInfo.USES_POLICY_WIPE_DATA}.

        To implement any other policy (e.g. wiping data for a particular application only, erasing or revoking credentials, or reporting the failure to a server), you should implement DeviceAdminReceiver.onPasswordFailed(Context, android.content.Intent) instead. Do not use this API, because if the maximum count is reached, the device will be wiped immediately, and your callback will not be invoked.

        Parameters:
        admin - Which DeviceAdminReceiver this request is associated with.
        num - The number of failed password attempts at which point the device will wipe its data.
      • getMaximumFailedPasswordsForWipe

        public int getMaximumFailedPasswordsForWipe(ComponentName admin)
        Retrieve the current maximum number of login attempts that are allowed before the device wipes itself, for all admins or a particular one.
        Parameters:
        admin - The name of the admin component to check, or null to aggregate all admins.
      • getMaximumFailedPasswordsForWipe

        public int getMaximumFailedPasswordsForWipe(ComponentName admin,
                                           int userHandle)
      • resetPassword

        public boolean resetPassword(String password,
                            int flags)
        Force a new device unlock password (the password needed to access the entire device, not for individual accounts) on the user. This takes effect immediately. The given password must be sufficient for the current password quality and length constraints as returned by getPasswordQuality(ComponentName) and getPasswordMinimumLength(ComponentName); if it does not meet these constraints, then it will be rejected and false returned. Note that the password may be a stronger quality (containing alphanumeric characters when the requested quality is only numeric), in which case the currently active quality will be increased to match.

        The calling device admin must have requested DeviceAdminInfo.USES_POLICY_RESET_PASSWORD to be able to call this method; if it has not, a security exception will be thrown.

        Parameters:
        password - The new password for the user.
        flags - May be 0 or RESET_PASSWORD_REQUIRE_ENTRY.
        Returns:
        Returns true if the password was applied, or false if it is not acceptable for the current constraints.
      • setMaximumTimeToLock

        public void setMaximumTimeToLock(ComponentName admin,
                                long timeMs)
        Called by an application that is administering the device to set the maximum time for user activity until the device will lock. This limits the length that the user can set. It takes effect immediately.

        The calling device admin must have requested DeviceAdminInfo.USES_POLICY_FORCE_LOCK to be able to call this method; if it has not, a security exception will be thrown.

        Parameters:
        admin - Which DeviceAdminReceiver this request is associated with.
        timeMs - The new desired maximum time to lock in milliseconds. A value of 0 means there is no restriction.
      • getMaximumTimeToLock

        public long getMaximumTimeToLock(ComponentName admin)
        Retrieve the current maximum time to unlock for all admins or a particular one.
        Parameters:
        admin - The name of the admin component to check, or null to aggregate all admins.
      • getMaximumTimeToLock

        public long getMaximumTimeToLock(ComponentName admin,
                                int userHandle)
      • lockNow

        public void lockNow()
        Make the device lock immediately, as if the lock screen timeout has expired at the point of this call.

        The calling device admin must have requested DeviceAdminInfo.USES_POLICY_FORCE_LOCK to be able to call this method; if it has not, a security exception will be thrown.

      • wipeData

        public void wipeData(int flags)
        Ask the user date be wiped. This will cause the device to reboot, erasing all user data while next booting up. External storage such as SD cards will be also erased if the flag WIPE_EXTERNAL_STORAGE is set.

        The calling device admin must have requested DeviceAdminInfo.USES_POLICY_WIPE_DATA to be able to call this method; if it has not, a security exception will be thrown.

        Parameters:
        flags - Bit mask of additional options: currently 0 and WIPE_EXTERNAL_STORAGE are supported.
      • setGlobalProxy

        public ComponentName setGlobalProxy(ComponentName admin,
                                   Proxy proxySpec,
                                   List<String> exclusionList)
        Called by an application that is administering the device to set the global proxy and exclusion list.

        The calling device admin must have requested DeviceAdminInfo.USES_POLICY_SETS_GLOBAL_PROXY to be able to call this method; if it has not, a security exception will be thrown. Only the first device admin can set the proxy. If a second admin attempts to set the proxy, the ComponentName of the admin originally setting the proxy will be returned. If successful in setting the proxy, null will be returned. The method can be called repeatedly by the device admin alrady setting the proxy to update the proxy and exclusion list.

        Parameters:
        admin - Which DeviceAdminReceiver this request is associated with.
        proxySpec - the global proxy desired. Must be an HTTP Proxy. Pass Proxy.NO_PROXY to reset the proxy.
        exclusionList - a list of domains to be excluded from the global proxy.
        Returns:
        returns null if the proxy was successfully set, or a ComponentName of the device admin that sets thew proxy otherwise.
      • getGlobalProxyAdmin

        public ComponentName getGlobalProxyAdmin()
        Returns the component name setting the global proxy.
        Returns:
        ComponentName object of the device admin that set the global proxy, or null if no admin has set the proxy.
      • setStorageEncryption

        public int setStorageEncryption(ComponentName admin,
                               boolean encrypt)
        Called by an application that is administering the device to request that the storage system be encrypted.

        When multiple device administrators attempt to control device encryption, the most secure, supported setting will always be used. If any device administrator requests device encryption, it will be enabled; Conversely, if a device administrator attempts to disable device encryption while another device administrator has enabled it, the call to disable will fail (most commonly returning ENCRYPTION_STATUS_ACTIVE).

        This policy controls encryption of the secure (application data) storage area. Data written to other storage areas may or may not be encrypted, and this policy does not require or control the encryption of any other storage areas. There is one exception: If Environment.isExternalStorageEmulated() is true, then the directory returned by Environment.getExternalStorageDirectory() must be written to disk within the encrypted storage area.

        Important Note: On some devices, it is possible to encrypt storage without requiring the user to create a device PIN or Password. In this case, the storage is encrypted, but the encryption key may not be fully secured. For maximum security, the administrator should also require (and check for) a pattern, PIN, or password.

        Parameters:
        admin - Which DeviceAdminReceiver this request is associated with.
        encrypt - true to request encryption, false to release any previous request
        Returns:
        the new request status (for all active admins) - will be one of ENCRYPTION_STATUS_UNSUPPORTED, ENCRYPTION_STATUS_INACTIVE, or ENCRYPTION_STATUS_ACTIVE. This is the value of the requests; Use getStorageEncryptionStatus() to query the actual device state.
      • getStorageEncryption

        public boolean getStorageEncryption(ComponentName admin)
        Called by an application that is administering the device to determine the requested setting for secure storage.
        Parameters:
        admin - Which DeviceAdminReceiver this request is associated with. If null, this will return the requested encryption setting as an aggregate of all active administrators.
        Returns:
        true if the admin(s) are requesting encryption, false if not.
      • getStorageEncryptionStatus

        public int getStorageEncryptionStatus(int userHandle)
      • setCameraDisabled

        public void setCameraDisabled(ComponentName admin,
                             boolean disabled)
        Called by an application that is administering the device to disable all cameras on the device. After setting this, no applications will be able to access any cameras on the device.

        The calling device admin must have requested DeviceAdminInfo.USES_POLICY_DISABLE_CAMERA to be able to call this method; if it has not, a security exception will be thrown.

        Parameters:
        admin - Which DeviceAdminReceiver this request is associated with.
        disabled - Whether or not the camera should be disabled.
      • getCameraDisabled

        public boolean getCameraDisabled(ComponentName admin)
        Determine whether or not the device's cameras have been disabled either by the current admin, if specified, or all admins.
        Parameters:
        admin - The name of the admin component to check, or null to check if any admins have disabled the camera
      • getCameraDisabled

        public boolean getCameraDisabled(ComponentName admin,
                                int userHandle)
      • getKeyguardDisabledFeatures

        public int getKeyguardDisabledFeatures(ComponentName admin)
        Determine whether or not features have been disabled in keyguard either by the current admin, if specified, or all admins.
        Parameters:
        admin - The name of the admin component to check, or null to check if any admins have disabled features in keyguard.
        Returns:
        bitfield of flags. See setKeyguardDisabledFeatures(ComponentName, int) for a list.
      • getKeyguardDisabledFeatures

        public int getKeyguardDisabledFeatures(ComponentName admin,
                                      int userHandle)
      • setActiveAdmin

        public void setActiveAdmin(ComponentName policyReceiver,
                          boolean refreshing)
      • getAdminInfo

        public DeviceAdminInfo getAdminInfo(ComponentName cn)
        Returns the DeviceAdminInfo as defined by the administrator's package info & meta-data
      • setActivePasswordState

        public void setActivePasswordState(int quality,
                                  int length,
                                  int letters,
                                  int uppercase,
                                  int lowercase,
                                  int numbers,
                                  int symbols,
                                  int nonletter,
                                  int userHandle)
      • reportFailedPasswordAttempt

        public void reportFailedPasswordAttempt(int userHandle)
      • reportSuccessfulPasswordAttempt

        public void reportSuccessfulPasswordAttempt(int userHandle)


Content

Android Reference

Java basics

Java Enterprise Edition (EE)

Java Standard Edition (SE)

SQL

HTML

PHP

CSS

Java Script

MYSQL

JQUERY

VBS

REGEX

C

C++

C#

Design patterns

RFC (standard status)

RFC (proposed standard status)

RFC (draft standard status)

RFC (informational status)

RFC (experimental status)

RFC (best current practice status)

RFC (historic status)

RFC (unknown status)

IT dictionary

License.
All information of this service is derived from the free sources and is provided solely in the form of quotations. This service provides information and interfaces solely for the familiarization (not ownership) and under the "as is" condition.
Copyright 2016 © ELTASK.COM. All rights reserved.
Site is optimized for mobile devices.
Downloads: 1171 / . Delta: 0.08080 с