The ability for tasks to be started in locktask mode or pinned is
dependent on the value of android:lockTaskMode for the root activity
of the task.
For bug 19995702
Change-Id: I514a144a3a0ff7dbdd4987da5361b94bdfe9a437
Let the device owner disable the status bar to achieve multi-app single purpose
mode. When the status bar is disabled, quick settings, notifications and the
assist gesture are blocked.
Bug: 19533026
Change-Id: I72830798135136e5edc53e5e2221aebb9a7c7d57
A SecurityException is currently thrown when calling this API as
LockPatternUtils.isSecure requires a permission that the DO does not
have.
Bug: 19533026
Change-Id: I28bebb647e46bb631cc4fa1a7c9571eadda69086
Let the device owner disable the keyguard to achieve undisturbed single
use mode with multiple apps. Calling this API has no effect if a
password
has been set for the calling user.
Bug: 19533026
Change-Id: I6b726b7f36efb669359e9da4b7e3db1f8031dad5
Allow device owners to set OTA policy for automatically accept/postpone
incoming OTA system updates. This class only provides the setting
and getting of OTA policy, the actual OTA subsystem should handle
and respect the policy stored here.
Bug: 19650524
Change-Id: I9b64949fab42097429b7da649039c13f42c10fd1
- Create method in DevicePolicyManager to send device
provisioning status to ManagedProvisioning.
- Define status updates used by ManagedProvisioning.
Bug: 20001077
Change-Id: Ia98fc765d1ebb2ba9680636ca15c2c870d160261
In order to check the DevicePolicyManagerService locktask whitelist
the activity manager had to release its lock preserving internal
state. That is undesirable and not scalable now that we need to check
the whitelist at startup for bug 19995702.
This change causes DPMS to update activity manager with the whitelist
whenever it changes so that activity manager can check the whitelist
without releasing the acitivty manager lock.
Change-Id: I3ed6eb5ceae2cd7e7ae3280abd708d5ce43a2851
It's not going to be around for much longer, so just fix enough to
work correctly.
Also teach about new "unmountable" state from vold.
Bug: 19993667
Change-Id: Ib72c3e134092b2a895389dd5b056f4bb8043709a
This removes ambiguity about which component in the initializer
package handles device initialization when setting up secondary users.
Bug: 19992262
Change-Id: I2e48168907725a56cd05d0b51c9f28b34fa28d1a
Now openQuickContact goes thorough DPM. When a lookup URI is build with
a lookup key returned by the enterprise lookup APIs for a corp contact, the
lookup key will have a special prefix. In that case we go through DPM
and have it launch QC on the managed profile, if the policy allows.
For now we use the same DPM policy as enterprise-caller-id to disable this.
Design doc: go/cp2-mnc-enterprise-dd
Bug 19546108
Change-Id: I831a8190ae902ae3b1248cce6df02e3a48f602d2
Now openQuickContact goes thorough DPM. When a lookup URI is build with
a lookup key returned by the enterprise lookup APIs for a corp contact, the
lookup key will have a special prefix. In that case we go through DPM
and have it launch QC on the managed profile, if the policy allows.
For now we use the same DPM policy as enterprise-caller-id to disable this.
Design doc: go/cp2-mnc-enterprise-dd
Bug 19546108
Change-Id: I4840e7fad8a6a60249df07d993d26d03619650d4
This method will be used by other system services to decide whether an
app is a profile owner or device owner.
Change-Id: I9577700d03ce2c80c798a60c6c2f480fd1913f43
Admins without limit-password policy or passwordQuality below
PASSWORD_QUALITY_COMPLEX, should be excluded from the list when
calculating effective limits.
Bug: 19603660
Change-Id: I7b7d8498c8a072a4c050be48709ce34bddba39a5
This allows initializers to recover from failures that occur after
it has added an account on the primary user.
Change-Id: I3444f16520eed4b315d6ea4761f598f55d1e6ddd
Silently fail when a managed profile app tries to change the
wallpaper and return default values for getters in that case.
This is implemented through a new AppOp that is controlled by
a new user restriction that will be set during provisioning.
Bug: 18725052
Change-Id: I1601852617e738be86560f054daf3435dd9f5a9f
The owner user id was used to identify in which user an app had set
a cross-profile intent filter. But it's not really necessary.
BUG:19505190
Change-Id: Iacc49d31c95e34efee1895e5fbe7224277dbc493
A device initializer is an application that is allowed to run
during user provisioning on device owner devices. During
device provisioning (or, user provisioning of the first user
of the device), a device initializer is granted device owner
permissions. During secondary user provisioning, a device
initializer is granted profile owner permissions. Once
provisioning is complete for a user, all elevated permissions
are removed from the device initializer and the device admin
component of the app is disabled.
Bug: 19230954
Change-Id: Ib6725fb3b09bb21e4198a5dc0b445ccebb40b27e
If the device owner tries to change BLUETOOTH_ON or WIFI_ON via
DevicePolicyManager.setGlobalSetting, fail silently.
There was not much point for the device owner to do it since it can
also change bluetooth/wifi state via normal bluetooth and wifi apis.
BUG:19311992
Change-Id: Ifba163800aa413865b8a2877cb21aacfa5cfc6c8
Some devices come from carriers with a preinstalled account. This
means that we couldn't set a device owner via "adb shell dpm"
commands, while the regular device owner flow worked (as the
latter just checked whether the device was provisioned).
Bug: 18354022
Change-Id: I9a677de9d34d073e218b9179ec4b0f5b4b82adc9
This is the default state on some devices which ship with encrypted key
storage set up already but no initial password.
Bug: 18048558
Change-Id: I055527fde21298bae2dbdca8c3a145f19b045aad
