/** * Setting this to a value greater than zero enables a built-in policy that will perform a device * wipe after too many incorrect device-unlock passwords have been entered. This built-in policy * combines watching for failed passwords and wiping the device, and requires that you request * both {@link DeviceAdminInfo#USES_POLICY_WATCH_LOGIN} and {@link * DeviceAdminInfo#USES_POLICY_WIPE_DATA}}. * * <p>To implement any other policy (e.g. wiping data for a particular application only, erasing * or revoking credentials, or reporting the failure to a server), you should implement {@link * DeviceAdminReceiver#onPasswordFailed(Context, android.content.Intent)} instead. Do not use this * API, because if the maximum count is reached, the device will be wiped immediately, and your * callback will not be invoked. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param num The number of failed password attempts at which point the device will wipe its data. */ public void setMaximumFailedPasswordsForWipe(ComponentName admin, int num) { if (mService != null) { try { mService.setMaximumFailedPasswordsForWipe(admin, num); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } }
/** @hide */ public void getRemoveWarning(ComponentName admin, RemoteCallback result) { if (mService != null) { try { mService.getRemoveWarning(admin, result); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } }
/** @hide */ public void reportSuccessfulPasswordAttempt() { if (mService != null) { try { mService.reportSuccessfulPasswordAttempt(); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } }
/** * Ask the user date be wiped. This will cause the device to reboot, erasing all user data while * next booting up. External storage such as SD cards will not be erased. * * <p>The calling device admin must have requested {@link DeviceAdminInfo#USES_POLICY_WIPE_DATA} * to be able to call this method; if it has not, a security exception will be thrown. * * @param flags Bit mask of additional options: currently must be 0. */ public void wipeData(int flags) { if (mService != null) { try { mService.wipeData(flags); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } }
/** @hide */ public void setActiveAdmin(ComponentName policyReceiver) { if (mService != null) { try { mService.setActiveAdmin(policyReceiver); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } }
/** @hide */ public void setActivePasswordState(int quality, int length) { if (mService != null) { try { mService.setActivePasswordState(quality, length); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } }
/** * Make the device lock immediately, as if the lock screen timeout has expired at the point of * this call. * * <p>The calling device admin must have requested {@link DeviceAdminInfo#USES_POLICY_FORCE_LOCK} * to be able to call this method; if it has not, a security exception will be thrown. */ public void lockNow() { if (mService != null) { try { mService.lockNow(); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } }
/** * Called by an application that is administering the device to set the maximum time for user * activity until the device will lock. This limits the length that the user can set. It takes * effect immediately. * * <p>The calling device admin must have requested {@link DeviceAdminInfo#USES_POLICY_FORCE_LOCK} * to be able to call this method; if it has not, a security exception will be thrown. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param timeMs The new desired maximum time to lock in milliseconds. A value of 0 means there is * no restriction. */ public void setMaximumTimeToLock(ComponentName admin, long timeMs) { if (mService != null) { try { mService.setMaximumTimeToLock(admin, timeMs); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } }
/** * Called by an application that is administering the device to set the minimum allowed password * length. After setting this, the user will not be able to enter a new password that is not at * least as restrictive as what has been set. Note that the current password will remain until the * user has set a new one, so the change does not take place immediately. To prompt the user for a * new password, use {@link #ACTION_SET_NEW_PASSWORD} after setting this value. This constraint is * only imposed if the administrator has also requested either {@link #PASSWORD_QUALITY_NUMERIC}, * {@link #PASSWORD_QUALITY_ALPHABETIC}, or {@link #PASSWORD_QUALITY_ALPHANUMERIC} with {@link * #setPasswordQuality}. * * <p>The calling device admin must have requested {@link * DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has not, a * security exception will be thrown. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param length The new desired minimum password length. A value of 0 means there is no * restriction. */ public void setPasswordMinimumLength(ComponentName admin, int length) { if (mService != null) { try { mService.setPasswordMinimumLength(admin, length); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } }
/** * Called by an application that is administering the device to set the password restrictions it * is imposing. After setting this, the user will not be able to enter a new password that is not * at least as restrictive as what has been set. Note that the current password will remain until * the user has set a new one, so the change does not take place immediately. To prompt the user * for a new password, use {@link #ACTION_SET_NEW_PASSWORD} after setting this value. * * <p>Quality constants are ordered so that higher values are more restrictive; thus the highest * requested quality constant (between the policy set here, the user's preference, and any other * considerations) is the one that is in effect. * * <p>The calling device admin must have requested {@link * DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has not, a * security exception will be thrown. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param quality The new desired quality. One of {@link #PASSWORD_QUALITY_UNSPECIFIED}, {@link * #PASSWORD_QUALITY_SOMETHING}, {@link #PASSWORD_QUALITY_NUMERIC}, {@link * #PASSWORD_QUALITY_ALPHABETIC}, or {@link #PASSWORD_QUALITY_ALPHANUMERIC}. */ public void setPasswordQuality(ComponentName admin, int quality) { if (mService != null) { try { mService.setPasswordQuality(admin, quality); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } }
/** * Remove a current administration component. This can only be called by the application that owns * the administration component; if you try to remove someone else's component, a security * exception will be thrown. */ public void removeActiveAdmin(ComponentName who) { if (mService != null) { try { mService.removeActiveAdmin(who); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } }
/** * Retrieve the current maximum time to unlock for all admins or a particular one. * * @param admin The name of the admin component to check, or null to aggregate all admins. */ public long getMaximumTimeToLock(ComponentName admin) { if (mService != null) { try { return mService.getMaximumTimeToLock(admin); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } return 0; }
/** * Force a new device unlock password (the password needed to access the entire device, not for * individual accounts) on the user. This takes effect immediately. The given password must be * sufficient for the current password quality and length constraints as returned by {@link * #getPasswordQuality(ComponentName)} and {@link #getPasswordMinimumLength(ComponentName)}; if it * does not meet these constraints, then it will be rejected and false returned. Note that the * password may be a stronger quality (containing alphanumeric characters when the requested * quality is only numeric), in which case the currently active quality will be increased to * match. * * <p>The calling device admin must have requested {@link * DeviceAdminInfo#USES_POLICY_RESET_PASSWORD} to be able to call this method; if it has not, a * security exception will be thrown. * * @param password The new password for the user. * @param flags May be 0 or {@link #RESET_PASSWORD_REQUIRE_ENTRY}. * @return Returns true if the password was applied, or false if it is not acceptable for the * current constraints. */ public boolean resetPassword(String password, int flags) { if (mService != null) { try { return mService.resetPassword(password, flags); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } return false; }
/** * Return a list of all currently active device administrator's component names. Note that if * there are no administrators than null may be returned. */ public List<ComponentName> getActiveAdmins() { if (mService != null) { try { return mService.getActiveAdmins(); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } return null; }
/** * Retrieve the number of times the user has failed at entering a password since that last * successful password entry. * * <p>The calling device admin must have requested {@link DeviceAdminInfo#USES_POLICY_WATCH_LOGIN} * to be able to call this method; if it has not, a security exception will be thrown. */ public int getCurrentFailedPasswordAttempts() { if (mService != null) { try { return mService.getCurrentFailedPasswordAttempts(); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } return -1; }
/** * Determine whether the current password the user has set is sufficient to meet the policy * requirements (quality, minimum length) that have been requested. * * <p>The calling device admin must have requested {@link * DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this method; if it has not, a * security exception will be thrown. * * @return Returns true if the password meets the current requirements, else false. */ public boolean isActivePasswordSufficient() { if (mService != null) { try { return mService.isActivePasswordSufficient(); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } return false; }
/** * Retrieve the current minimum password quality for all admins or a particular one. * * @param admin The name of the admin component to check, or null to aggregate all admins. */ public int getPasswordQuality(ComponentName admin) { if (mService != null) { try { return mService.getPasswordQuality(admin); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } return PASSWORD_QUALITY_UNSPECIFIED; }
/** @hide */ public boolean packageHasActiveAdmins(String packageName) { if (mService != null) { try { return mService.packageHasActiveAdmins(packageName); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } return false; }
/** * Retrieve the current maximum number of login attempts that are allowed before the device wipes * itself, for all admins or a particular one. * * @param admin The name of the admin component to check, or null to aggregate all admins. */ public int getMaximumFailedPasswordsForWipe(ComponentName admin) { if (mService != null) { try { return mService.getMaximumFailedPasswordsForWipe(admin); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } return 0; }
/** * Return true if the given administrator component is currently active (enabled) in the system. */ public boolean isAdminActive(ComponentName who) { if (mService != null) { try { return mService.isAdminActive(who); } catch (RemoteException e) { Log.w(TAG, "Failed talking with device policy service", e); } } return false; }