AndroidM源碼學(xué)習(xí)——DPM(DevicePolicyManager)系統(tǒng)

Device Administration

從清單文件device_admin.xml說起

<?xml version="1.0" encoding="utf-8"?>
<device-admin xmlns:android="http://schemas.android.com/apk/res/android">
  <uses-policies>
    <limit-password />
    <watch-login />
    <reset-password />
    <force-lock />
    <wipe-data />
    <expire-password />
    <encrypted-storage />
    <disable-camera />
  </uses-policies>
</device-admin>

AndroidManifest.xml中用法如下

<receiver android:name=".DPMTestReceiver"
          android:description="@string/app_name"
          android:label="@string/app_name"
          android:permission="android.permission.BIND_DEVICE_ADMIN">
    <meta-data android:name="android.app.device_admin"
            android:resource="@xml/device_admin" />
    <intent-filter>
        <action android:name="android.app.action.DEVICE_ADMIN_ENABLED" />
    </intent-filter>
</receiver>

DPMTestReceiver重寫DeviceAdminReceiver后

dpm=(DevicePolicyManager) getSystemService(DEVICE_POLICY_SERVICE);
admin=new ComponentName(this,DPMTestReceiver.class);

那么一個(gè)處于active狀態(tài)的admin有什么用呢?或者說我們可以用它來做什么?

  • 清除所有數(shù)據(jù)
    恢復(fù)出廠設(shè)置時(shí),系統(tǒng)會(huì)在不發(fā)出警告的情況下清除手機(jī)上的數(shù)據(jù)
    public void wipeData(int flags) {
        if (mService != null) {
            try {
                mService.wipeData(flags, UserHandle.myUserId());
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }

它有兩個(gè)flags可選擇

//雙清存儲(chǔ)數(shù)據(jù)(包括外置sd卡),wipeData后重啟
 public static final int WIPE_EXTERNAL_STORAGE = 0x0001;
//恢復(fù)出廠設(shè)置,使用此flag必須是device owner,否則將拋出SecurityException異常,而setDeviceOwner為隱藏API
 public static final int WIPE_RESET_PROTECTION_DATA = 0x0002;
  • 更改鎖屏密碼
    //password為空時(shí)可清除密碼
    public boolean resetPassword(String password, int flags) {
        if (mService != null) {
            try {
                return mService.resetPassword(password, flags);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
        return false;
    }

它有三個(gè)flags可選擇

//當(dāng)設(shè)置此flag時(shí),resetPassword在鎖屏狀態(tài)下失去重置作用,即任何admin用戶都必須先進(jìn)入系統(tǒng)才能重置密碼
public static final int RESET_PASSWORD_REQUIRE_ENTRY = 0x0001;
//使用此flag必須是device owner,可在不需要密碼的情況下啟動(dòng)設(shè)備,暫不清楚用法
public static final int RESET_PASSWORD_DO_NOT_ASK_CREDENTIALS_ON_BOOT = 0x0002;
//設(shè)為0表示可任意重置密碼(無論是否解鎖)
public static final int PASSWORD_QUALITY_UNSPECIFIED = 0;
  • 設(shè)置密碼規(guī)則
    控制鎖屏密碼和PIN碼所允許的長(zhǎng)度和字符
    //設(shè)置密碼最小長(zhǎng)度
    public void setPasswordMinimumLength(@NonNull ComponentName admin, int length) {
        if (mService != null) {
            try {
                mService.setPasswordMinimumLength(admin, length);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
    //密碼最少需要的字母
    public void setPasswordMinimumLetters(@NonNull ComponentName admin, int length) {
        if (mService != null) {
            try {
                mService.setPasswordMinimumLetters(admin, length);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
    //密碼最少需要的小寫字母
    public void setPasswordMinimumLowerCase(@NonNull ComponentName admin, int length) {
        if (mService != null) {
            try {
                mService.setPasswordMinimumLowerCase(admin, length);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
    //混合密碼最少需要的數(shù)字
    public void setPasswordMinimumNonLetter(@NonNull ComponentName admin, int length) {
        if (mService != null) {
            try {
                mService.setPasswordMinimumNonLetter(admin, length);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
    //密碼最少需要的數(shù)字
    public void setPasswordMinimumNumeric(@NonNull ComponentName admin, int length) {
        if (mService != null) {
            try {
                mService.setPasswordMinimumNumeric(admin, length);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
    //密碼最少需要的符號(hào)
    public void setPasswordMinimumSymbols(@NonNull ComponentName admin, int length) {
        if (mService != null) {
            try {
                mService.setPasswordMinimumSymbols(admin, length);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
    //密碼最少需要的大寫字母
    public void setPasswordMinimumUpperCase(@NonNull ComponentName admin, int length) {
        if (mService != null) {
            try {
                mService.setPasswordMinimumUpperCase(admin, length);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
    //設(shè)置密碼策略(與上述方法相比比較粗略)
    public void setPasswordQuality(@NonNull ComponentName admin, int quality) {
        if (mService != null) {
            try {
                mService.setPasswordQuality(admin, quality);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }

可使用如下flags

    //沒有什么特殊規(guī)則,但字符串長(zhǎng)度不能小于4
    public static final int PASSWORD_QUALITY_UNSPECIFIED = 0;
    //只能使用PIN碼、密碼與圖案鎖,其它不能使用
    public static final int PASSWORD_QUALITY_BIOMETRIC_WEAK = 0x8000;
    //mtk添加,可以使用PIN碼、密碼、圖案鎖與語音解鎖
    public static final int PASSWORD_QUALITY_VOICE_WEAK = 0x4000;
    //只能使用PIN碼、密碼與圖案鎖,其它不能使用
    public static final int PASSWORD_QUALITY_SOMETHING = 0x10000;
    //只能使用PIN碼與密碼
    public static final int PASSWORD_QUALITY_NUMERIC = 0x20000;
    //只能使用PIN碼與密碼,并且PIN碼禁止以順序排列且禁止重復(fù)
    public static final int PASSWORD_QUALITY_NUMERIC_COMPLEX = 0x30000;
    //只能使用密碼
    public static final int PASSWORD_QUALITY_ALPHABETIC = 0x40000;
    //只能使用密碼,并且密碼至少要包含一個(gè)數(shù)字
    public static final int PASSWORD_QUALITY_ALPHANUMERIC = 0x50000;
     //只能使用密碼,并且密碼至少要包含一個(gè)數(shù)字和一個(gè)特殊字符
    public static final int PASSWORD_QUALITY_COMPLEX = 0x60000;
  • 監(jiān)視屏幕解鎖嘗試次數(shù)
    監(jiān)視在解鎖屏幕時(shí)輸錯(cuò)密碼的次數(shù),如果輸錯(cuò)次數(shù)過多,則鎖定手機(jī)或清除其所有數(shù)據(jù)
    public void setMaximumFailedPasswordsForWipe(@NonNull ComponentName admin, int num) {
        if (mService != null) {
            try {
                mService.setMaximumFailedPasswordsForWipe(admin, num);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
    public int getCurrentFailedPasswordAttempts() {
        if (mService != null) {
            try {
                return mService.getCurrentFailedPasswordAttempts(UserHandle.myUserId());
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
        return -1;
    }
  • 鎖定屏幕
    控制屏幕鎖定的方式和時(shí)間
    public void lockNow() {
        if (mService != null) {
            try {
                mService.lockNow();
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
    //固定指定應(yīng)用的屏幕,需要device owner調(diào)用,然后調(diào)用Activity的startLockTask()方法
    public void setLockTaskPackages(@NonNull ComponentName admin, String[] packages)
            throws SecurityException {
        if (mService != null) {
            try {
                mService.setLockTaskPackages(admin, packages);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
    public void setMaximumTimeToLock(@NonNull ComponentName admin, long timeMs) {
        if (mService != null) {
            try {
                mService.setMaximumTimeToLock(admin, timeMs);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
  • 設(shè)置鎖屏密碼的有效期
    調(diào)整系統(tǒng)強(qiáng)制用戶更改鎖屏密碼、PIN碼或解鎖圖案的頻率
    //設(shè)定密碼保存的時(shí)間
    public void setPasswordExpirationTimeout(@NonNull ComponentName admin, long timeout) {
        if (mService != null) {
            try {
                mService.setPasswordExpirationTimeout(admin, timeout);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
    //在上述的指定時(shí)間內(nèi)保存多少個(gè)密碼
    public void setPasswordHistoryLength(@NonNull ComponentName admin, int length) {
        if (mService != null) {
            try {
                mService.setPasswordHistoryLength(admin, length);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
  • 設(shè)置存儲(chǔ)設(shè)備加密
    要求對(duì)存儲(chǔ)的應(yīng)用數(shù)據(jù)進(jìn)行加密
    public int setStorageEncryption(@NonNull ComponentName admin, boolean encrypt) {
        if (mService != null) {
            try {
                return mService.setStorageEncryption(admin, encrypt);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
        return ENCRYPTION_STATUS_UNSUPPORTED;
    }
  • 停用相機(jī)
    禁止使用所有設(shè)備攝像頭
    public void setCameraDisabled(@NonNull ComponentName admin, boolean disabled) {
        if (mService != null) {
            try {
                mService.setCameraDisabled(admin, disabled);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
  • 管理CA證書
    非System級(jí)別的用戶證書
    public boolean installCaCert(@Nullable ComponentName admin, byte[] certBuffer) {
        if (mService != null) {
            try {
                return mService.installCaCert(admin, certBuffer);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
        return false;
    }
    public void uninstallCaCert(@Nullable ComponentName admin, byte[] certBuffer) {
        if (mService != null) {
            try {
                final String alias = getCaCertAlias(certBuffer);
                mService.uninstallCaCerts(admin, new String[] {alias});
            } catch (CertificateException e) {
                Log.w(TAG, "Unable to parse certificate", e);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
    public List<byte[]> getInstalledCaCerts(@Nullable ComponentName admin) {
        List<byte[]> certs = new ArrayList<byte[]>();
        if (mService != null) {
            try {
                mService.enforceCanManageCaCerts(admin);
                final TrustedCertificateStore certStore = new TrustedCertificateStore();
                for (String alias : certStore.userAliases()) {
                    try {
                        certs.add(certStore.getCertificate(alias).getEncoded());
                    } catch (CertificateException ce) {
                        Log.w(TAG, "Could not encode certificate: " + alias, ce);
                    }
                }
            } catch (RemoteException re) {
                Log.w(TAG, "Failed talking with device policy service", re);
            }
        }
        return certs;
    }
    public void uninstallAllUserCaCerts(@Nullable ComponentName admin) {
        if (mService != null) {
            try {
                mService.uninstallCaCerts(admin, new TrustedCertificateStore().userAliases()
                        .toArray(new String[0]));
            } catch (RemoteException re) {
                Log.w(TAG, "Failed talking with device policy service", re);
            }
        }
    }

Device Owner

同一時(shí)間只能有一個(gè)Device Owner,需要權(quán)限MANAGE_PROFILE_AND_DEVICE_OWNERS,shell uid可以調(diào)用

  • 設(shè)置網(wǎng)絡(luò)時(shí)間同步
    //設(shè)置后無法從settings取消
    public void setAutoTimeRequired(@NonNull ComponentName admin, boolean required) {
        if (mService != null) {
            try {
                mService.setAutoTimeRequired(admin, required);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
  • 用戶管理
    //@deprecated From {@link android.os.Build.VERSION_CODES#M
    public UserHandle createUser(@NonNull ComponentName admin, String name) {
        try {
            return mService.createUser(admin, name);
        } catch (RemoteException re) {
            Log.w(TAG, "Could not create a user", re);
        }
        return null;
    }
     //@deprecated From {@link android.os.Build.VERSION_CODES#M
    public UserHandle createAndInitializeUser(@NonNull ComponentName admin, String name,
            String ownerName, @NonNull ComponentName profileOwnerComponent, Bundle adminExtras) {
        try {
            return mService.createAndInitializeUser(admin, name, ownerName, profileOwnerComponent,
                    adminExtras);
        } catch (RemoteException re) {
            Log.w(TAG, "Could not create a user", re);
        }
        return null;
    }
    //@deprecated From {@link android.os.Build.VERSION_CODES#M
    public boolean removeUser(@NonNull ComponentName admin, UserHandle userHandle) {
        try {
            return mService.removeUser(admin, userHandle);
        } catch (RemoteException re) {
            Log.w(TAG, "Could not remove user ", re);
            return false;
        }
    }
    //@deprecated From {@link android.os.Build.VERSION_CODES#M
    public boolean switchUser(@NonNull ComponentName admin, @Nullable UserHandle userHandle) {
        try {
            return mService.switchUser(admin, userHandle);
        } catch (RemoteException re) {
            Log.w(TAG, "Could not switch user ", re);
            return false;
        }
    }
  • 管理賬號(hào)系統(tǒng)
    我們可以將自己的賬號(hào)體系注冊(cè)到系統(tǒng)服務(wù)AccountManagerService中,這時(shí)就需要對(duì)此進(jìn)行管理
    //Called by a device owner or profile owner 
    public void setAccountManagementDisabled(@NonNull ComponentName admin, String accountType,
            boolean disabled) {
        if (mService != null) {
            try {
                mService.setAccountManagementDisabled(admin, accountType, disabled);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
  • 清除鎖屏
    將鎖屏方式置為無,如果當(dāng)前鎖屏狀態(tài)為安全鎖狀態(tài)(密碼、PIN碼、圖案等),則此設(shè)置無效
    public boolean setKeyguardDisabled(@NonNull ComponentName admin, boolean disabled) {
        try {
            return mService.setKeyguardDisabled(admin, disabled);
        } catch (RemoteException re) {
            Log.w(TAG, "Failed talking with device policy service", re);
            return false;
        }
    }
  • 設(shè)置Http代理
    只是推薦,部分APP可能忽略這個(gè)設(shè)置
    public void setRecommendedGlobalProxy(@NonNull ComponentName admin, @Nullable ProxyInfo
            proxyInfo) {
        if (mService != null) {
            try {
                mService.setRecommendedGlobalProxy(admin, proxyInfo);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
  • 禁止?fàn)顟B(tài)欄
    public boolean setStatusBarDisabled(@NonNull ComponentName admin, boolean disabled) {
        try {
            return mService.setStatusBarDisabled(admin, disabled);
        } catch (RemoteException re) {
            Log.w(TAG, "Failed talking with device policy service", re);
            return false;
        }
    }
  • 通知等待更新
    /**
     * Callable by the system update service to notify device owners about pending updates.
     * The caller must hold {@link android.Manifest.permission#NOTIFY_PENDING_SYSTEM_UPDATE}
     * permission.
     *
     * @param updateReceivedTime The time as given by {@link System#currentTimeMillis()} indicating
     *        when the current pending update was first available. -1 if no update is available.
     * @hide
     */
    @SystemApi
    public void notifyPendingSystemUpdate(long updateReceivedTime) {
        if (mService != null) {
            try {
                mService.notifyPendingSystemUpdate(updateReceivedTime);
            } catch (RemoteException re) {
                Log.w(TAG, "Could not notify device owner about pending system update", re);
            }
        }
    }

Profile Owner

    //需要System UID或者shell uid調(diào)用
    public boolean setProfileOwner(@NonNull ComponentName admin, @Deprecated String ownerName,
            int userHandle) throws IllegalArgumentException {
        if (admin == null) {
            throw new NullPointerException("admin cannot be null");
        }
        if (mService != null) {
            try {
                if (ownerName == null) {
                    ownerName = "";
                }
                return mService.setProfileOwner(admin, ownerName, userHandle);
            } catch (RemoteException re) {
                Log.w(TAG, "Failed to set profile owner", re);
                throw new IllegalArgumentException("Couldn't set profile owner.", re);
            }
        }
        return false;
    }
  • 隱藏應(yīng)用
    //Called by profile or device owners
    public boolean setApplicationHidden(@NonNull ComponentName admin, String packageName,
            boolean hidden) {
        if (mService != null) {
            try {
                return mService.setApplicationHidden(admin, packageName, hidden);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
        return false;
    }
    public boolean isApplicationHidden(@NonNull ComponentName admin, String packageName) {
        if (mService != null) {
            try {
                return mService.isApplicationHidden(admin, packageName);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
        return false;
    }
  • 復(fù)用系統(tǒng)APP
    /**
     * Called by profile or device owners to re-enable a system app that was disabled by default
     * when the user was initialized.
     */
    public void enableSystemApp(@NonNull ComponentName admin, String packageName) {
        if (mService != null) {
            try {
                mService.enableSystemApp(admin, packageName);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed to install package: " + packageName);
            }
        }
    }
    public int enableSystemApp(@NonNull ComponentName admin, Intent intent) {
        if (mService != null) {
            try {
                return mService.enableSystemAppWithIntent(admin, intent);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed to install packages matching filter: " + intent);
            }
        }
        return 0;
    }
  • 修改系統(tǒng)設(shè)置
    //Called by profile or device owners to update {@link Settings.Secure} settings.
    public void setSecureSetting(@NonNull ComponentName admin, String setting, String value) {
        if (mService != null) {
            try {
                mService.setSecureSetting(admin, setting, value);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
  • 調(diào)節(jié)靜音
    使用此方法不影響音量鍵的顯示(panel顯示有音量,實(shí)際沒有)
    //Called by profile or device owners to set the master volume mute on or off.
    public void setMasterVolumeMuted(@NonNull ComponentName admin, boolean on) {
        if (mService != null) {
            try {
                mService.setMasterVolumeMuted(admin, on);
            } catch (RemoteException re) {
                Log.w(TAG, "Failed to setMasterMute on device policy service");
            }
        }
    }
    public boolean isMasterVolumeMuted(@NonNull ComponentName admin) {
        if (mService != null) {
            try {
                return mService.isMasterVolumeMuted(admin);
            } catch (RemoteException re) {
                Log.w(TAG, "Failed to get isMasterMute on device policy service");
            }
        }
        return false;
    }
  • 禁止卸載應(yīng)用
    //Called by profile or device owners to change whether a user can uninstall
    public void setUninstallBlocked(@NonNull ComponentName admin, String packageName,
            boolean uninstallBlocked) {
        if (mService != null) {
            try {
                mService.setUninstallBlocked(admin, packageName, uninstallBlocked);
            } catch (RemoteException re) {
                Log.w(TAG, "Failed to call block uninstall on device policy service");
            }
        }
    }
    public boolean isUninstallBlocked(@Nullable ComponentName admin, String packageName) {
        if (mService != null) {
            try {
                return mService.isUninstallBlocked(admin, packageName);
            } catch (RemoteException re) {
                Log.w(TAG, "Failed to call block uninstall on device policy service");
            }
        }
        return false;
    }
  • 修改用戶圖標(biāo)
    // Called by profile or device owners to set the current user's photo.
    public void setUserIcon(@NonNull ComponentName admin, Bitmap icon) {
        try {
            mService.setUserIcon(admin, icon);
        } catch (RemoteException re) {
            Log.w(TAG, "Could not set the user icon ", re);
        }
    }
  • 修改權(quán)限申請(qǐng)的策略
    //Called by profile or device owners, it only applies to applications
    // built with a {@code targetSdkVersion} of {@link android.os.Build.VERSION_CODES#M} or later.
    public void setPermissionPolicy(@NonNull ComponentName admin, int policy) {
        try {
            mService.setPermissionPolicy(admin, policy);
        } catch (RemoteException re) {
            Log.w(TAG, "Failed talking with device policy service", re);
        }
    }

它可以使用如下三種策略,這些策略都不影響已經(jīng)允許過拒絕的權(quán)限

    //每次都提醒是否允許
    public static final int PERMISSION_POLICY_PROMPT = 0;
    //自動(dòng)允許
    public static final int PERMISSION_POLICY_AUTO_GRANT = 1;
    //自動(dòng)拒絕
    public static final int PERMISSION_POLICY_AUTO_DENY = 2;

還可以修改指定權(quán)限的策略

    //Sets the grant state of a runtime permission for a specific application. 
    public boolean setPermissionGrantState(@NonNull ComponentName admin, String packageName,
            String permission, int grantState) {
        try {
            return mService.setPermissionGrantState(admin, packageName, permission, grantState);
        } catch (RemoteException re) {
            Log.w(TAG, "Failed talking with device policy service", re);
            return false;
        }
    }

它有如下三種策略可以選擇

    /**
     * Runtime permission state: The user can manage the permission
     * through the UI.
     */
    public static final int PERMISSION_GRANT_STATE_DEFAULT = 0;

    /**
     * Runtime permission state: The permission is granted to the app
     * and the user cannot manage the permission through the UI.
     */
    public static final int PERMISSION_GRANT_STATE_GRANTED = 1;

    /**
     * Runtime permission state: The permission is denied to the app
     * and the user cannot manage the permission through the UI.
     */
    public static final int PERMISSION_GRANT_STATE_DENIED = 2;
  • 修改鎖屏狀態(tài)特征
    是否允許相機(jī)、通知等內(nèi)容
    //From version {@link android.os.Build.VERSION_CODES#M} a profile owner can set:
    public void setKeyguardDisabledFeatures(@NonNull ComponentName admin, int which) {
        if (mService != null) {
            try {
                mService.setKeyguardDisabledFeatures(admin, which);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }

which可選如下參數(shù)

 /**
     * Disable all keyguard widgets. Has no effect.
     */
    public static final int KEYGUARD_DISABLE_WIDGETS_ALL = 1 << 0;

    /**
     * Disable the camera on secure keyguard screens (e.g. PIN/Pattern/Password)
     */
    public static final int KEYGUARD_DISABLE_SECURE_CAMERA = 1 << 1;

    /**
     * Disable showing all notifications on secure keyguard screens (e.g. PIN/Pattern/Password)
     */
    public static final int KEYGUARD_DISABLE_SECURE_NOTIFICATIONS = 1 << 2;

    /**
     * Only allow redacted notifications on secure keyguard screens (e.g. PIN/Pattern/Password)
     */
    public static final int KEYGUARD_DISABLE_UNREDACTED_NOTIFICATIONS = 1 << 3;

    /**
     * Ignore trust agent state on secure keyguard screens
     * (e.g. PIN/Pattern/Password).
     */
    public static final int KEYGUARD_DISABLE_TRUST_AGENTS = 1 << 4;

    /**
     * Disable fingerprint sensor on keyguard secure screens (e.g. PIN/Pattern/Password).
     */
    public static final int KEYGUARD_DISABLE_FINGERPRINT = 1 << 5;

    /**
     * Disable all current and future keyguard customizations.
     */
    public static final int KEYGUARD_DISABLE_FEATURES_ALL = 0x7fffffff;


    /**
     * Called by a profile or device owner to set the application restrictions for a given target
     * application running in the profile.
     */
    public void setApplicationRestrictions(@NonNull ComponentName admin, String packageName,
            Bundle settings) {
        if (mService != null) {
            try {
                mService.setApplicationRestrictions(admin, packageName, settings);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
    //Called by a profile or device owner to set a user restriction specified by the key.
    //增加指定的限制
    public void addUserRestriction(@NonNull ComponentName admin, String key) {
        if (mService != null) {
            try {
                mService.setUserRestriction(admin, key, true);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
    //Called by a profile or device owner to clear a user restriction specified by the key.
    //刪除指定的限制
    public void clearUserRestriction(@NonNull ComponentName admin, String key) {
        if (mService != null) {
            try {
                mService.setUserRestriction(admin, key, false);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
  • 由管理員審核權(quán)限申請(qǐng)
    而非系統(tǒng)審核
    //Only a profile owner can designate the restrictions provider.
    public void setRestrictionsProvider(@NonNull ComponentName admin,
            @Nullable ComponentName provider) {
        if (mService != null) {
            try {
                mService.setRestrictionsProvider(admin, provider);
            } catch (RemoteException re) {
                Log.w(TAG, "Failed to set permission provider on device policy service");
            }
        }
    }
  • 允許輔助服務(wù)
    //AccessibilityServices可以體現(xiàn)出界面顯示上的一切元素變化,可用于輔助盲人使用設(shè)備
    //Called by a profile or device owner to set the permitted accessibility services.
    public boolean setPermittedAccessibilityServices(@NonNull ComponentName admin,
            List<String> packageNames) {
        if (mService != null) {
            try {
                return mService.setPermittedAccessibilityServices(admin, packageNames);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
        return false;
    }
  • 允許輸入法服務(wù)
    //Called by a profile or device owner to set the permitted input methods services.
    public boolean setPermittedInputMethods(@NonNull ComponentName admin, List<String> packageNames) {
        if (mService != null) {
            try {
                return mService.setPermittedInputMethods(admin, packageNames);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
        return false;
    }
  • 禁止截圖
    //The calling device admin must be a device or profile owner
    public void setScreenCaptureDisabled(@NonNull ComponentName admin, boolean disabled) {
        if (mService != null) {
            try {
                mService.setScreenCaptureDisabled(admin, disabled);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
  • 禁止藍(lán)牙訪問聯(lián)系人
    //Called by a profile owner
    public void setBluetoothContactSharingDisabled(@NonNull ComponentName admin, boolean disabled) {
        if (mService != null) {
            try {
                mService.setBluetoothContactSharingDisabled(admin, disabled);
            } catch (RemoteException e) {
                Log.w(TAG, "Failed talking with device policy service", e);
            }
        }
    }
最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容