/** * Disable/Enable device camera. * * @param code - Operation code. * @param data - Data required(Camera enable/disable switch). * @param requestMode - Request mode(Normal mode or policy bundle mode). */ public void disableCamera(String code, String data) { boolean camFunc = false; try { JSONObject inputData = new JSONObject(data); if (!inputData.isNull(resources.getString(R.string.intent_extra_function)) && inputData .get(resources.getString(R.string.intent_extra_function)) .toString() .equalsIgnoreCase(resources.getString(R.string.intent_extra_enable))) { camFunc = false; } else if (!inputData.isNull(resources.getString(R.string.intent_extra_function)) && inputData .get(resources.getString(R.string.intent_extra_function)) .toString() .equalsIgnoreCase(resources.getString(R.string.intent_extra_disable))) { camFunc = true; } else if (!inputData.isNull(resources.getString(R.string.intent_extra_function))) { camFunc = Boolean.parseBoolean( inputData.get(resources.getString(R.string.intent_extra_function)).toString()); } ComponentName cameraAdmin = new ComponentName(context, AgentDeviceAdminReceiver.class); resultBuilder.build(code); devicePolicyManager.setCameraDisabled(cameraAdmin, camFunc); } catch (JSONException e) { Log.e(TAG, "Invalid JSON format." + e); } }
/** * Set the requested security level based on the aggregate set of requests. If the set is empty, * we release our device administration. If the set is non-empty, we only proceed if we are * already active as an admin. */ public void setActivePolicies() { DevicePolicyManager dpm = getDPM(); // compute aggregate set of policies Policy aggregatePolicy = getAggregatePolicy(); // if empty set, detach from policy manager if (aggregatePolicy == Policy.NO_POLICY) { if (DebugUtils.DEBUG) { LogUtils.d(TAG, "setActivePolicies: none, remove admin"); } dpm.removeActiveAdmin(mAdminName); } else if (isActiveAdmin()) { if (DebugUtils.DEBUG) { LogUtils.d(TAG, "setActivePolicies: " + aggregatePolicy); } // set each policy in the policy manager // password mode & length dpm.setPasswordQuality(mAdminName, aggregatePolicy.getDPManagerPasswordQuality()); dpm.setPasswordMinimumLength(mAdminName, aggregatePolicy.mPasswordMinLength); // screen lock time dpm.setMaximumTimeToLock(mAdminName, aggregatePolicy.mMaxScreenLockTime * 1000); // local wipe (failed passwords limit) dpm.setMaximumFailedPasswordsForWipe(mAdminName, aggregatePolicy.mPasswordMaxFails); // password expiration (days until a password expires). API takes mSec. dpm.setPasswordExpirationTimeout( mAdminName, aggregatePolicy.getDPManagerPasswordExpirationTimeout()); // password history length (number of previous passwords that may not be reused) dpm.setPasswordHistoryLength(mAdminName, aggregatePolicy.mPasswordHistory); // password minimum complex characters. // Note, in Exchange, "complex chars" simply means "non alpha", but in the DPM, // setting the quality to complex also defaults min symbols=1 and min numeric=1. // We always / safely clear minSymbols & minNumeric to zero (there is no policy // configuration in which we explicitly require a minimum number of digits or symbols.) dpm.setPasswordMinimumSymbols(mAdminName, 0); dpm.setPasswordMinimumNumeric(mAdminName, 0); dpm.setPasswordMinimumNonLetter(mAdminName, aggregatePolicy.mPasswordComplexChars); // Device capabilities try { // If we are running in a managed policy, it is a securityException to even // call setCameraDisabled(), if is disabled is false. We have to swallow // the exception here. dpm.setCameraDisabled(mAdminName, aggregatePolicy.mDontAllowCamera); } catch (SecurityException e) { LogUtils.d(TAG, "SecurityException in setCameraDisabled, nothing changed"); } // encryption required dpm.setStorageEncryption(mAdminName, aggregatePolicy.mRequireEncryption); } }
/** * Revokes camera policy on the device. * * @param operation - Operation object. */ private void revokeCameraPolicy(org.wso2.emm.agent.beans.Operation operation) { if (!operation.isEnabled()) { devicePolicyManager.setCameraDisabled(deviceAdmin, false); } }