summaryrefslogtreecommitdiffstats
path: root/services/devicepolicy
Commit message (Collapse)AuthorAgeFilesLines
...
* | Rename public OTA policy APIs in DevicePolicyManagerRubin Xu2015-04-202-23/+24
|/ | | | | | | | Use the term "SystemUpdate" instead of "OTA", in public DevicePolicyManager APIs that handle OTA policies. Bug: 19650524 Change-Id: Iebdaea91337d617147cb411b6f47e0f3fae8671c
* Introduce android:lockTaskModeCraig Mautner2015-04-151-0/+3
| | | | | | | | | | The ability for tasks to be started in locktask mode or pinned is dependent on the value of android:lockTaskMode for the root activity of the task. For bug 19995702 Change-Id: I514a144a3a0ff7dbdd4987da5361b94bdfe9a437
* Merge "Introduce device owner API to disable the status bar"Benjamin Franz2015-04-151-5/+67
|\
| * Introduce device owner API to disable the status barBenjamin Franz2015-04-151-5/+67
| | | | | | | | | | | | | | | | | | Let the device owner disable the status bar to achieve multi-app single purpose mode. When the status bar is disabled, quick settings, notifications and the assist gesture are blocked. Bug: 19533026 Change-Id: I72830798135136e5edc53e5e2221aebb9a7c7d57
* | Merge "Fix a SecurityException in setKeyguardEnabledState"Benjamin Franz2015-04-151-4/+4
|\ \
| * | Fix a SecurityException in setKeyguardEnabledStateBenjamin Franz2015-04-141-4/+4
| |/ | | | | | | | | | | | | | | | | A SecurityException is currently thrown when calling this API as LockPatternUtils.isSecure requires a permission that the DO does not have. Bug: 19533026 Change-Id: I28bebb647e46bb631cc4fa1a7c9571eadda69086
* | Merge changes from topic 'lss-update'Andres Morales2015-04-141-1/+1
|\ \ | |/ |/| | | | | | | * changes: Add challenge to IGateKeeperService Wire up GateKeeper to LockSettingsService
| * Wire up GateKeeper to LockSettingsServiceAndres Morales2015-04-131-1/+1
| | | | | | | | | | | | | | | | | | Adds: - Communication to GKService - password upgrade flow - enroll takes previous credential Change-Id: I0161b64642be3d0e34ff4a9e6e3ca8569f2d7c0a
* | Introduce device owner API to disable the keyguardBenjamin Franz2015-04-141-0/+22
| | | | | | | | | | | | | | | | | | | | Let the device owner disable the keyguard to achieve undisturbed single use mode with multiple apps. Calling this API has no effect if a password has been set for the calling user. Bug: 19533026 Change-Id: I6b726b7f36efb669359e9da4b7e3db1f8031dad5
* | Merge "Add setOtaPolicy/getOtaPolicy API in DPMS"Rubin Xu2015-04-142-0/+52
|\ \
| * | Add setOtaPolicy/getOtaPolicy API in DPMSRubin Xu2015-04-142-0/+52
| |/ | | | | | | | | | | | | | | | | | | Allow device owners to set OTA policy for automatically accept/postpone incoming OTA system updates. This class only provides the setting and getting of OTA policy, the actual OTA subsystem should handle and respect the policy stored here. Bug: 19650524 Change-Id: I9b64949fab42097429b7da649039c13f42c10fd1
* | Merge "Add Bluetooth Contacts Sharing policy in DevicePolicyManager"Ricky Wai2015-04-141-0/+54
|\ \ | |/ |/|
| * Add Bluetooth Contacts Sharing policy in DevicePolicyManagerRicky Wai2015-04-141-0/+54
| | | | | | | | | | | | Bug: 19990979 Change-Id: Ide9adf66eec5721e50573c03956a1b63b7e8b18b
* | Merge "Grant cert installer access to installKeyPair()"Rubin Xu2015-04-131-3/+8
|\ \
| * | Grant cert installer access to installKeyPair()Rubin Xu2015-04-021-3/+8
| | | | | | | | | | | | | | | Bug: 20041977 Change-Id: Id0dc0bce8461c71d7220c1802dcca82933805996
* | | Send device initializer status.Craig Lafayette2015-04-131-0/+34
| |/ |/| | | | | | | | | | | | | | | - Create method in DevicePolicyManager to send device provisioning status to ManagedProvisioning. - Define status updates used by ManagedProvisioning. Bug: 20001077 Change-Id: Ia98fc765d1ebb2ba9680636ca15c2c870d160261
* | Merge "No longer unlock activity manager to test whitelist"Craig Mautner2015-04-071-8/+16
|\ \
| * | No longer unlock activity manager to test whitelistCraig Mautner2015-04-071-8/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In order to check the DevicePolicyManagerService locktask whitelist the activity manager had to release its lock preserving internal state. That is undesirable and not scalable now that we need to check the whitelist at startup for bug 19995702. This change causes DPMS to update activity manager with the whitelist whenever it changes so that activity manager can check the whitelist without releasing the acitivty manager lock. Change-Id: I3ed6eb5ceae2cd7e7ae3280abd708d5ce43a2851
* | | Fix up ExternalStorageFormatter.Jeff Sharkey2015-04-041-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It's not going to be around for much longer, so just fix enough to work correctly. Also teach about new "unmountable" state from vold. Bug: 19993667 Change-Id: Ib72c3e134092b2a895389dd5b056f4bb8043709a
* | | Merge "Do not log an error when app restriction file does not exist"Fyodor Kupolov2015-04-031-1/+4
|\ \ \
| * | | Do not log an error when app restriction file does not existFyodor Kupolov2015-04-031-1/+4
| |/ / | | | | | | | | | | | | Bug: 20040207 Change-Id: Ibd257388a185020258e36bddf5b451dc24c0b7ee
* | | Store the device initializer componentname in addition to package.Julia Reynolds2015-04-032-7/+38
|/ / | | | | | | | | | | | | | | This removes ambiguity about which component in the initializer package handles device initialization when setting up secondary users. Bug: 19992262 Change-Id: I2e48168907725a56cd05d0b51c9f28b34fa28d1a
* | Enterprise quick contact 1/2Makoto Onuki2015-03-301-0/+57
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Now openQuickContact goes thorough DPM. When a lookup URI is build with a lookup key returned by the enterprise lookup APIs for a corp contact, the lookup key will have a special prefix. In that case we go through DPM and have it launch QC on the managed profile, if the policy allows. For now we use the same DPM policy as enterprise-caller-id to disable this. Design doc: go/cp2-mnc-enterprise-dd Bug 19546108 Change-Id: I831a8190ae902ae3b1248cce6df02e3a48f602d2
* | Revert "Enterprise quick contact 1/2"Makoto Onuki2015-03-301-57/+0
| | | | | | | | | | | | This reverts commit 75a0882b946df6de4775c9e54ca023ff54f3f678. Change-Id: Ibe332885824b228bf1b1147d141c9395554ff67f
* | Enterprise quick contact 1/2Makoto Onuki2015-03-271-0/+57
|/ | | | | | | | | | | | | | | Now openQuickContact goes thorough DPM. When a lookup URI is build with a lookup key returned by the enterprise lookup APIs for a corp contact, the lookup key will have a special prefix. In that case we go through DPM and have it launch QC on the managed profile, if the policy allows. For now we use the same DPM policy as enterprise-caller-id to disable this. Design doc: go/cp2-mnc-enterprise-dd Bug 19546108 Change-Id: I4840e7fad8a6a60249df07d993d26d03619650d4
* am 17b03239: am 8562a7a1: am eedf2fe0: am 0afd1905: Merge "Fix NPE if FPE ↵Amith Yamasani2015-03-251-1/+3
|\ | | | | | | | | | | | | service does not exist." into lmp-mr1-dev * commit '17b03239d3152cbcf450ec66f077f07e4c1870e1': Fix NPE if FPE service does not exist.
| * Fix NPE if FPE service does not exist.Paul Crowley2015-03-251-1/+3
| | | | | | | | | | Bug: 19846662 Change-Id: I44e014c66a524b282cce0cfc9b7513fc0f553576
* | Add isActiveAdminWithPolicy to DevicePolicyManagerInternalZoltan Szatmary-Ban2015-03-251-42/+65
| | | | | | | | | | | | | | This method will be used by other system services to decide whether an app is a profile owner or device owner. Change-Id: I9577700d03ce2c80c798a60c6c2f480fd1913f43
* | Add DelegatedCertInstaller API in DPMSRubin Xu2015-03-201-1/+70
| | | | | | | | | | | | | | | | Allow device/profile owner to delegate certificate APIs to third-party certificate installer apps. Bug: 19551274 Change-Id: Iaf9abb5ecb1dc0975fa98ea14408fe392d52fbf4
* | Add DO policy to disable safe boot mode.Benjamin Franz2015-03-191-0/+1
| | | | | | | | | | Bug: 19615843 Change-Id: I14dbe911995ec216c57bd285d6b7b04c9684591a
* | Replace usages of deprecated Resources.getColor() and getColorStateList()Alan Viverette2015-03-181-1/+1
| | | | | | | | Change-Id: I8f64fe6c4c44a92ff6d07250223ba590a1d691b0
* | Merge "Allow initializers to clear reset protection data during device setup."Julia Reynolds2015-03-171-1/+4
|\ \
| * | Allow initializers to clear reset protection data during device setup.Julia Reynolds2015-03-111-1/+4
| | | | | | | | | | | | | | | | | | | | | This allows initializers to recover from failures that occur after it has added an account on the primary user. Change-Id: I3444f16520eed4b315d6ea4761f598f55d1e6ddd
* | | Merge "Recognise insecure encryption with a new constant"Robin Lee2015-03-161-3/+4
|\ \ \
| * | | Recognise insecure encryption with a new constantRobin Lee2015-02-231-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is the default state on some devices which ship with encrypted key storage set up already but no initial password. Bug: 18048558 Change-Id: I055527fde21298bae2dbdca8c3a145f19b045aad
* | | | Merge "Remove the owner userid of cross-profile intent filters."Nicolas Prevot2015-03-161-7/+7
|\ \ \ \
| * | | | Remove the owner userid of cross-profile intent filters.Nicolas Prevot2015-03-051-7/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The owner user id was used to identify in which user an app had set a cross-profile intent filter. But it's not really necessary. BUG:19505190 Change-Id: Iacc49d31c95e34efee1895e5fbe7224277dbc493
* | | | | Merge "Changed the logic of calculating effective password limits"Fyodor Kupolov2015-03-131-0/+24
|\ \ \ \ \
| * | | | | Changed the logic of calculating effective password limitsFyodor Kupolov2015-03-121-0/+24
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Admins without limit-password policy or passwordQuality below PASSWORD_QUALITY_COMPLEX, should be excluded from the list when calculating effective limits. Bug: 19603660 Change-Id: I7b7d8498c8a072a4c050be48709ce34bddba39a5
* | | | | Allow DO to set Settings.Global.STAY_ON_WHILE_PLUGGED_INBenjamin Franz2015-03-131-0/+9
|/ / / / | | | | | | | | | | | | | | | | Bug: 19704419 Change-Id: I3fc970eae8ef947775b6b565916bb245dea1b43b
* | | | Block setting wallpapers from managed profiles.Benjamin Franz2015-03-091-0/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Silently fail when a managed profile app tries to change the wallpaper and return default values for getters in that case. This is implemented through a new AppOp that is controlled by a new user restriction that will be set during provisioning. Bug: 18725052 Change-Id: I1601852617e738be86560f054daf3435dd9f5a9f
* | | | Merge "Allow device and profile owners to set a user icon."Julia Reynolds2015-03-051-0/+17
|\ \ \ \
| * | | | Allow device and profile owners to set a user icon.Julia Reynolds2015-03-041-0/+17
| | | | | | | | | | | | | | | | | | | | Change-Id: I7c2bafb85cff3fa063af7a2f27b76c69172f0525
* | | | | Add security check for clearDeviceInitializer in the service.Julia Reynolds2015-03-051-4/+10
| | | | | | | | | | | | | | | | | | | | | | | | | Bug: 19230954 Change-Id: I5c648492bef0d2b579b6f59b91afc890e3092d36
* | | | | Merge "Audio: Remove the concept of master volume."John Spurlock2015-03-041-9/+5
|\ \ \ \ \
| * | | | | Audio: Remove the concept of master volume.John Spurlock2015-03-041-9/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Remove two config resources (use master volume, and volume ramp). - Remove master volume adjustments / getters / intents. - Retain @hidden setMasterMute, needed for device admin - Remove master volume logic in AudioService. - Remove master volume logic in VolumePanel. - Rename "getMasterStreamType" to "getUiSoundsStreamType" to avoid confusion. Bug: 19582978 Change-Id: Id02c8fa4898cff3b913147f5ac1b4038e2e7cc24
* | | | | | DOs can clear the DI; rehide hasUserSetupCompleted.Julia Reynolds2015-03-041-11/+3
| |/ / / / |/| | | | | | | | | | | | | | | | | | | Bug: 19230954 Change-Id: I97467229b23f3c9be1c3c4fff1c888a812f14a95
* | | | | Allow the device initializer to perform user setup tasks.Julia Reynolds2015-03-042-3/+203
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A device initializer is an application that is allowed to run during user provisioning on device owner devices. During device provisioning (or, user provisioning of the first user of the device), a device initializer is granted device owner permissions. During secondary user provisioning, a device initializer is granted profile owner permissions. Once provisioning is complete for a user, all elevated permissions are removed from the device initializer and the device admin component of the app is disabled. Bug: 19230954 Change-Id: Ib6725fb3b09bb21e4198a5dc0b445ccebb40b27e
* | | | Merge "Fail silently when changing BLUETOOTH_ON/WIFI_ON directly"Nicolas Prevot2015-02-261-4/+7
|\ \ \ \ | |/ / / |/| | |
| * | | Fail silently when changing BLUETOOTH_ON/WIFI_ON directlyNicolas Prevot2015-02-261-4/+7
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the device owner tries to change BLUETOOTH_ON or WIFI_ON via DevicePolicyManager.setGlobalSetting, fail silently. There was not much point for the device owner to do it since it can also change bluetooth/wifi state via normal bluetooth and wifi apis. BUG:19311992 Change-Id: Ifba163800aa413865b8a2877cb21aacfa5cfc6c8
generated by cgit v1.1 at 2025-02-15 18:25:47 +0000