diff options
| -rw-r--r-- | core/api/current.txt | 4 | ||||
| -rw-r--r-- | core/java/android/app/admin/DevicePolicyManager.java | 34 | ||||
| -rw-r--r-- | core/res/AndroidManifest.xml | 8 |
3 files changed, 46 insertions, 0 deletions
diff --git a/core/api/current.txt b/core/api/current.txt index f3d19ca3f21c..1cf78295d574 100644 --- a/core/api/current.txt +++ b/core/api/current.txt @@ -140,6 +140,7 @@ package android { field public static final String MANAGE_DEVICE_POLICY_ACROSS_USERS_SECURITY_CRITICAL = "android.permission.MANAGE_DEVICE_POLICY_ACROSS_USERS_SECURITY_CRITICAL"; field public static final String MANAGE_DEVICE_POLICY_AIRPLANE_MODE = "android.permission.MANAGE_DEVICE_POLICY_AIRPLANE_MODE"; field public static final String MANAGE_DEVICE_POLICY_APPS_CONTROL = "android.permission.MANAGE_DEVICE_POLICY_APPS_CONTROL"; + field @FlaggedApi("android.app.appfunctions.flags.enable_app_function_manager") public static final String MANAGE_DEVICE_POLICY_APP_FUNCTIONS = "android.permission.MANAGE_DEVICE_POLICY_APP_FUNCTIONS"; field public static final String MANAGE_DEVICE_POLICY_APP_RESTRICTIONS = "android.permission.MANAGE_DEVICE_POLICY_APP_RESTRICTIONS"; field public static final String MANAGE_DEVICE_POLICY_APP_USER_DATA = "android.permission.MANAGE_DEVICE_POLICY_APP_USER_DATA"; field public static final String MANAGE_DEVICE_POLICY_ASSIST_CONTENT = "android.permission.MANAGE_DEVICE_POLICY_ASSIST_CONTENT"; @@ -8407,6 +8408,9 @@ package android.app.admin { field public static final String ACTION_SET_NEW_PASSWORD = "android.app.action.SET_NEW_PASSWORD"; field public static final String ACTION_START_ENCRYPTION = "android.app.action.START_ENCRYPTION"; field public static final String ACTION_SYSTEM_UPDATE_POLICY_CHANGED = "android.app.action.SYSTEM_UPDATE_POLICY_CHANGED"; + field @FlaggedApi("android.app.appfunctions.flags.enable_app_function_manager") public static final int APP_FUNCTIONS_DISABLED = 1; // 0x1 + field @FlaggedApi("android.app.appfunctions.flags.enable_app_function_manager") public static final int APP_FUNCTIONS_DISABLED_CROSS_PROFILE = 2; // 0x2 + field @FlaggedApi("android.app.appfunctions.flags.enable_app_function_manager") public static final int APP_FUNCTIONS_NOT_CONTROLLED_BY_POLICY = 0; // 0x0 field @FlaggedApi("android.app.admin.flags.set_auto_time_enabled_coexistence") public static final int AUTO_TIME_DISABLED = 1; // 0x1 field @FlaggedApi("android.app.admin.flags.set_auto_time_enabled_coexistence") public static final int AUTO_TIME_ENABLED = 2; // 0x2 field @FlaggedApi("android.app.admin.flags.set_auto_time_enabled_coexistence") public static final int AUTO_TIME_NOT_CONTROLLED_BY_POLICY = 0; // 0x0 diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java index 8372078b46a5..81d420ddb6ac 100644 --- a/core/java/android/app/admin/DevicePolicyManager.java +++ b/core/java/android/app/admin/DevicePolicyManager.java @@ -4347,6 +4347,40 @@ public class DevicePolicyManager { } /** + * Indicates that app functions are not controlled by policy. + * + * <p>If no admin set this policy, it means appfunctions are enabled. + */ + @FlaggedApi(android.app.appfunctions.flags.Flags.FLAG_ENABLE_APP_FUNCTION_MANAGER) + public static final int APP_FUNCTIONS_NOT_CONTROLLED_BY_POLICY = 0; + + /** Indicates that app functions are controlled and disabled by a policy. */ + @FlaggedApi(android.app.appfunctions.flags.Flags.FLAG_ENABLE_APP_FUNCTION_MANAGER) + public static final int APP_FUNCTIONS_DISABLED = 1; + + /** + * Indicates that app functions are controlled and disabled by a policy for cross profile + * interactions only. + * + * <p>This is different from {@link #APP_FUNCTIONS_DISABLED} in that it only disables cross + * profile interactions (even if the caller has permissions required to interact across users). + * appfunctions can still be used within the a user profile boundary. + */ + @FlaggedApi(android.app.appfunctions.flags.Flags.FLAG_ENABLE_APP_FUNCTION_MANAGER) + public static final int APP_FUNCTIONS_DISABLED_CROSS_PROFILE = 2; + + /** @hide */ + @IntDef( + prefix = {"APP_FUNCTIONS_"}, + value = { + APP_FUNCTIONS_NOT_CONTROLLED_BY_POLICY, + APP_FUNCTIONS_DISABLED, + APP_FUNCTIONS_DISABLED_CROSS_PROFILE + }) + @Retention(RetentionPolicy.SOURCE) + public @interface AppFunctionsPolicy {} + + /** * This object is a single place to tack on invalidation and disable calls. All * binder caches in this class derive from this Config, so all can be invalidated or * disabled through this Config. diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml index a86d55125887..d0a5318be72c 100644 --- a/core/res/AndroidManifest.xml +++ b/core/res/AndroidManifest.xml @@ -4149,6 +4149,14 @@ <permission android:name="android.permission.MANAGE_DEVICE_POLICY_CONTENT_PROTECTION" android:protectionLevel="internal|role" /> + <!-- Allows an application to manage policy related to AppFunctions. + <p>Protection level: internal|role + @FlaggedApi(android.app.appfunctions.flags.Flags.FLAG_ENABLE_APP_FUNCTION_MANAGER) + --> + <permission android:name="android.permission.MANAGE_DEVICE_POLICY_APP_FUNCTIONS" + android:featureFlag="android.app.appfunctions.flags.enable_app_function_manager" + android:protectionLevel="internal|role" /> + <!-- Allows an application to set policy related to subscriptions downloaded by an admin. <p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call APIs protected by this permission on users different to the calling user. |