diff --git a/api/current.txt b/api/current.txt index fbda3c6f44d44..bc48ac7c4a096 100644 --- a/api/current.txt +++ b/api/current.txt @@ -4179,6 +4179,7 @@ package android.app.admin { field public static final android.os.Parcelable.Creator CREATOR; field public static final int USES_ENCRYPTED_STORAGE = 7; // 0x7 field public static final int USES_POLICY_DISABLE_CAMERA = 8; // 0x8 + field public static final int USES_POLICY_DISABLE_KEYGUARD_WIDGETS = 9; // 0x9 field public static final int USES_POLICY_EXPIRE_PASSWORD = 6; // 0x6 field public static final int USES_POLICY_FORCE_LOCK = 3; // 0x3 field public static final int USES_POLICY_LIMIT_PASSWORD = 0; // 0x0 @@ -4214,6 +4215,7 @@ package android.app.admin { method public java.util.List getActiveAdmins(); method public boolean getCameraDisabled(android.content.ComponentName); method public int getCurrentFailedPasswordAttempts(); + method public int getKeyguardWidgetsDisabled(android.content.ComponentName); method public int getMaximumFailedPasswordsForWipe(android.content.ComponentName); method public long getMaximumTimeToLock(android.content.ComponentName); method public long getPasswordExpiration(android.content.ComponentName); @@ -4237,6 +4239,7 @@ package android.app.admin { method public void removeActiveAdmin(android.content.ComponentName); method public boolean resetPassword(java.lang.String, int); method public void setCameraDisabled(android.content.ComponentName, boolean); + method public void setKeyguardWidgetsDisabled(android.content.ComponentName, int); method public void setMaximumFailedPasswordsForWipe(android.content.ComponentName, int); method public void setMaximumTimeToLock(android.content.ComponentName, long); method public void setPasswordExpirationTimeout(android.content.ComponentName, long); @@ -4260,6 +4263,8 @@ package android.app.admin { field public static final int ENCRYPTION_STATUS_UNSUPPORTED = 0; // 0x0 field public static final java.lang.String EXTRA_ADD_EXPLANATION = "android.app.extra.ADD_EXPLANATION"; field public static final java.lang.String EXTRA_DEVICE_ADMIN = "android.app.extra.DEVICE_ADMIN"; + field public static final int KEYGUARD_DISABLE_WIDGETS_ALL = 2147483647; // 0x7fffffff + field public static final int KEYGUARD_DISABLE_WIDGETS_NONE = 0; // 0x0 field public static final int PASSWORD_QUALITY_ALPHABETIC = 262144; // 0x40000 field public static final int PASSWORD_QUALITY_ALPHANUMERIC = 327680; // 0x50000 field public static final int PASSWORD_QUALITY_BIOMETRIC_WEAK = 32768; // 0x8000 diff --git a/core/java/android/app/admin/DeviceAdminInfo.java b/core/java/android/app/admin/DeviceAdminInfo.java index 1c37414032a2e..c8062caf888ef 100644 --- a/core/java/android/app/admin/DeviceAdminInfo.java +++ b/core/java/android/app/admin/DeviceAdminInfo.java @@ -50,23 +50,23 @@ import java.util.HashMap; */ public final class DeviceAdminInfo implements Parcelable { static final String TAG = "DeviceAdminInfo"; - + /** * A type of policy that this device admin can use: limit the passwords * that the user can select, via {@link DevicePolicyManager#setPasswordQuality} * and {@link DevicePolicyManager#setPasswordMinimumLength}. - * + * *

To control this policy, the device admin must have a "limit-password" * tag in the "uses-policies" section of its meta-data. */ public static final int USES_POLICY_LIMIT_PASSWORD = 0; - + /** * A type of policy that this device admin can use: able to watch login * attempts from the user, via {@link DeviceAdminReceiver#ACTION_PASSWORD_FAILED}, * {@link DeviceAdminReceiver#ACTION_PASSWORD_SUCCEEDED}, and * {@link DevicePolicyManager#getCurrentFailedPasswordAttempts}. - * + * *

To control this policy, the device admin must have a "watch-login" * tag in the "uses-policies" section of its meta-data. */ @@ -76,7 +76,7 @@ public final class DeviceAdminInfo implements Parcelable { * A type of policy that this device admin can use: able to reset the * user's password via * {@link DevicePolicyManager#resetPassword}. - * + * *

To control this policy, the device admin must have a "reset-password" * tag in the "uses-policies" section of its meta-data. */ @@ -87,7 +87,7 @@ public final class DeviceAdminInfo implements Parcelable { * to lock via{@link DevicePolicyManager#lockNow} or limit the * maximum lock timeout for the device via * {@link DevicePolicyManager#setMaximumTimeToLock}. - * + * *

To control this policy, the device admin must have a "force-lock" * tag in the "uses-policies" section of its meta-data. */ @@ -97,7 +97,7 @@ public final class DeviceAdminInfo implements Parcelable { * A type of policy that this device admin can use: able to factory * reset the device, erasing all of the user's data, via * {@link DevicePolicyManager#wipeData}. - * + * *

To control this policy, the device admin must have a "wipe-data" * tag in the "uses-policies" section of its meta-data. */ @@ -138,13 +138,21 @@ public final class DeviceAdminInfo implements Parcelable { */ public static final int USES_POLICY_DISABLE_CAMERA = 8; + /** + * A type of policy that this device admin can use: disables use of keyguard widgets. + * + *

To control this policy, the device admin must have a "disable-keyguard-widgets" + * tag in the "uses-policies" section of its meta-data. + */ + public static final int USES_POLICY_DISABLE_KEYGUARD_WIDGETS = 9; + /** @hide */ public static class PolicyInfo { public final int ident; final public String tag; final public int label; final public int description; - + public PolicyInfo(int identIn, String tagIn, int labelIn, int descriptionIn) { ident = identIn; tag = tagIn; @@ -152,11 +160,11 @@ public final class DeviceAdminInfo implements Parcelable { description = descriptionIn; } } - + static ArrayList sPoliciesDisplayOrder = new ArrayList(); static HashMap sKnownPolicies = new HashMap(); static SparseArray sRevKnownPolicies = new SparseArray(); - + static { sPoliciesDisplayOrder.add(new PolicyInfo(USES_POLICY_WIPE_DATA, "wipe-data", com.android.internal.R.string.policylab_wipeData, @@ -185,6 +193,10 @@ public final class DeviceAdminInfo implements Parcelable { sPoliciesDisplayOrder.add(new PolicyInfo(USES_POLICY_DISABLE_CAMERA, "disable-camera", com.android.internal.R.string.policylab_disableCamera, com.android.internal.R.string.policydesc_disableCamera)); + sPoliciesDisplayOrder.add(new PolicyInfo( + USES_POLICY_DISABLE_KEYGUARD_WIDGETS, "disable-keyguard-widgets", + com.android.internal.R.string.policylab_disableKeyguardWidgets, + com.android.internal.R.string.policydesc_disableKeyguardWidgets)); for (int i=0; i outerDepth)) { @@ -290,14 +302,14 @@ public final class DeviceAdminInfo implements Parcelable { mReceiver = ResolveInfo.CREATOR.createFromParcel(source); mUsesPolicies = source.readInt(); } - + /** * Return the .apk package that implements this device admin. */ public String getPackageName() { return mReceiver.activityInfo.packageName; } - + /** * Return the class name of the receiver component that implements * this device admin. @@ -321,20 +333,20 @@ public final class DeviceAdminInfo implements Parcelable { return new ComponentName(mReceiver.activityInfo.packageName, mReceiver.activityInfo.name); } - + /** * Load the user-displayed label for this device admin. - * + * * @param pm Supply a PackageManager used to load the device admin's * resources. */ public CharSequence loadLabel(PackageManager pm) { return mReceiver.loadLabel(pm); } - + /** * Load user-visible description associated with this device admin. - * + * * @param pm Supply a PackageManager used to load the device admin's * resources. */ @@ -351,17 +363,17 @@ public final class DeviceAdminInfo implements Parcelable { } throw new NotFoundException(); } - + /** * Load the user-displayed icon for this device admin. - * + * * @param pm Supply a PackageManager used to load the device admin's * resources. */ public Drawable loadIcon(PackageManager pm) { return mReceiver.loadIcon(pm); } - + /** * Returns whether this device admin would like to be visible to the * user, even when it is not enabled. @@ -369,7 +381,7 @@ public final class DeviceAdminInfo implements Parcelable { public boolean isVisible() { return mVisible; } - + /** * Return true if the device admin has requested that it be able to use * the given policy control. The possible policy identifier inputs are: @@ -382,7 +394,7 @@ public final class DeviceAdminInfo implements Parcelable { public boolean usesPolicy(int policyIdent) { return (mUsesPolicies & (1< getUsedPolicies() { ArrayList res = new ArrayList(); @@ -403,25 +415,25 @@ public final class DeviceAdminInfo implements Parcelable { } return res; } - + /** @hide */ public void writePoliciesToXml(XmlSerializer out) throws IllegalArgumentException, IllegalStateException, IOException { out.attribute(null, "flags", Integer.toString(mUsesPolicies)); } - + /** @hide */ public void readPoliciesFromXml(XmlPullParser parser) throws XmlPullParserException, IOException { mUsesPolicies = Integer.parseInt( parser.getAttributeValue(null, "flags")); } - + public void dump(Printer pw, String prefix) { pw.println(prefix + "Receiver:"); mReceiver.dump(pw, prefix + " "); } - + @Override public String toString() { return "DeviceAdminInfo{" + mReceiver.activityInfo.name + "}"; @@ -429,7 +441,7 @@ public final class DeviceAdminInfo implements Parcelable { /** * Used to package this object into a {@link Parcel}. - * + * * @param dest The {@link Parcel} to be written. * @param flags The flags used for parceling. */ diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java index 0b583960e6c3a..4c55bb3be9498 100755 --- a/core/java/android/app/admin/DevicePolicyManager.java +++ b/core/java/android/app/admin/DevicePolicyManager.java @@ -1154,6 +1154,16 @@ public class DevicePolicyManager { public static final String ACTION_START_ENCRYPTION = "android.app.action.START_ENCRYPTION"; + /** + * Widgets are enabled in keyguard + */ + public static final int KEYGUARD_DISABLE_WIDGETS_NONE = 0; + + /** + * Disable all keyguard widgets + */ + public static final int KEYGUARD_DISABLE_WIDGETS_ALL = 0x7fffffff; + /** * Called by an application that is administering the device to * request that the storage system be encrypted. @@ -1283,6 +1293,46 @@ public class DevicePolicyManager { return false; } + /** + * Called by an application that is administering the device to disable adding widgets to + * keyguard. After setting this, keyguard widgets will be disabled according to the state + * provided. + * + *

The calling device admin must have requested + * {@link DeviceAdminInfo#USES_POLICY_DISABLE_KEYGUARD_WIDGETS} to be able to call + * this method; if it has not, a security exception will be thrown. + * + * @param admin Which {@link DeviceAdminReceiver} this request is associated with. + * @param which {@link DevicePolicyManager#KEYGUARD_DISABLE_WIDGETS_ALL} or + * {@link DevicePolicyManager#KEYGUARD_DISABLE_WIDGETS_NONE} (the default). + */ + public void setKeyguardWidgetsDisabled(ComponentName admin, int which) { + if (mService != null) { + try { + mService.setKeyguardWidgetsDisabled(admin, which); + } catch (RemoteException e) { + Log.w(TAG, "Failed talking with device policy service", e); + } + } + } + + /** + * Determine whether or not widgets have been disabled in keyguard either by the current + * admin, if specified, or all admins. + * @param admin The name of the admin component to check, or null to check if any admins + * have disabled widgets in keyguard. + */ + public int getKeyguardWidgetsDisabled(ComponentName admin) { + if (mService != null) { + try { + return mService.getKeyguardWidgetsDisabled(admin); + } catch (RemoteException e) { + Log.w(TAG, "Failed talking with device policy service", e); + } + } + return KEYGUARD_DISABLE_WIDGETS_NONE; + } + /** * @hide */ diff --git a/core/java/android/app/admin/IDevicePolicyManager.aidl b/core/java/android/app/admin/IDevicePolicyManager.aidl index 9419a62b7de88..0b7ec1229e187 100644 --- a/core/java/android/app/admin/IDevicePolicyManager.aidl +++ b/core/java/android/app/admin/IDevicePolicyManager.aidl @@ -48,7 +48,7 @@ interface IDevicePolicyManager { void setPasswordMinimumNonLetter(in ComponentName who, int length); int getPasswordMinimumNonLetter(in ComponentName who); - + void setPasswordHistoryLength(in ComponentName who, int length); int getPasswordHistoryLength(in ComponentName who); @@ -59,17 +59,17 @@ interface IDevicePolicyManager { boolean isActivePasswordSufficient(); int getCurrentFailedPasswordAttempts(); - + void setMaximumFailedPasswordsForWipe(in ComponentName admin, int num); int getMaximumFailedPasswordsForWipe(in ComponentName admin); - + boolean resetPassword(String password, int flags); - + void setMaximumTimeToLock(in ComponentName who, long timeMs); long getMaximumTimeToLock(in ComponentName who); - + void lockNow(); - + void wipeData(int flags); ComponentName setGlobalProxy(in ComponentName admin, String proxySpec, String exclusionList); @@ -82,6 +82,9 @@ interface IDevicePolicyManager { void setCameraDisabled(in ComponentName who, boolean disabled); boolean getCameraDisabled(in ComponentName who); + void setKeyguardWidgetsDisabled(in ComponentName who, int which); + int getKeyguardWidgetsDisabled(in ComponentName who); + void setActiveAdmin(in ComponentName policyReceiver, boolean refreshing); boolean isAdminActive(in ComponentName policyReceiver); List getActiveAdmins(); @@ -89,7 +92,7 @@ interface IDevicePolicyManager { void getRemoveWarning(in ComponentName policyReceiver, in RemoteCallback result); void removeActiveAdmin(in ComponentName policyReceiver); boolean hasGrantedPolicy(in ComponentName policyReceiver, int usesPolicy); - + void setActivePasswordState(int quality, int length, int letters, int uppercase, int lowercase, int numbers, int symbols, int nonletter); void reportFailedPasswordAttempt(); diff --git a/core/res/res/values/public.xml b/core/res/res/values/public.xml index 8e0eb155056fb..80930b5eed0b9 100644 --- a/core/res/res/values/public.xml +++ b/core/res/res/values/public.xml @@ -710,6 +710,7 @@ + @@ -719,6 +720,7 @@ + diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml index 381055fb4bc00..d2951bf6cd602 100755 --- a/core/res/res/values/strings.xml +++ b/core/res/res/values/strings.xml @@ -1693,6 +1693,10 @@ Disable cameras Prevent use of all device cameras. + + Disable widgets on keyguard + + Prevent use of some or all widgets on keyguard. diff --git a/policy/src/com/android/internal/policy/impl/keyguard/KeyguardHostView.java b/policy/src/com/android/internal/policy/impl/keyguard/KeyguardHostView.java index 2551c04e271fc..e0ba211c2e252 100644 --- a/policy/src/com/android/internal/policy/impl/keyguard/KeyguardHostView.java +++ b/policy/src/com/android/internal/policy/impl/keyguard/KeyguardHostView.java @@ -172,7 +172,7 @@ public class KeyguardHostView extends KeyguardViewBase { protected void onAttachedToWindow() { super.onAttachedToWindow(); mAppWidgetHost.startListening(); - populateWidgets(); + maybePopulateWidgets(); } @Override @@ -581,7 +581,12 @@ public class KeyguardHostView extends KeyguardViewBase { addWidget(view); } - private void populateWidgets() { + private void maybePopulateWidgets() { + if (mLockPatternUtils.getDevicePolicyManager().getKeyguardWidgetsDisabled(null) + != DevicePolicyManager.KEYGUARD_DISABLE_WIDGETS_NONE) { + Log.v(TAG, "Keyguard widgets disabled because of device policy admin"); + return; + } SharedPreferences prefs = mContext.getSharedPreferences( KEYGUARD_WIDGET_PREFS, Context.MODE_PRIVATE); for (String key : prefs.getAll().keySet()) { diff --git a/services/java/com/android/server/DevicePolicyManagerService.java b/services/java/com/android/server/DevicePolicyManagerService.java index 77b062c2d389c..61517b11fac82 100644 --- a/services/java/com/android/server/DevicePolicyManagerService.java +++ b/services/java/com/android/server/DevicePolicyManagerService.java @@ -177,6 +177,9 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { static final long DEF_PASSWORD_EXPIRATION_DATE = 0; long passwordExpirationDate = DEF_PASSWORD_EXPIRATION_DATE; + static final int DEF_KEYGUARD_WIDGET_DISABLED = 0; // none + int disableKeyguardWidgets = DEF_KEYGUARD_WIDGET_DISABLED; + boolean encryptionRequested = false; boolean disableCamera = false; @@ -286,6 +289,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { out.attribute(null, "value", Boolean.toString(disableCamera)); out.endTag(null, "disable-camera"); } + if (disableKeyguardWidgets != DEF_KEYGUARD_WIDGET_DISABLED) { + out.startTag(null, "disable-keyguard-widgets"); + out.attribute(null, "value", Integer.toString(disableKeyguardWidgets)); + out.endTag(null, "disable-keyguard-widgets"); + } } void readFromXml(XmlPullParser parser) @@ -2093,6 +2101,46 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } } + /** + * Selectively disable keyguard widgets. + */ + public void setKeyguardWidgetsDisabled(ComponentName who, int which) { + synchronized (this) { + if (who == null) { + throw new NullPointerException("ComponentName is null"); + } + ActiveAdmin ap = getActiveAdminForCallerLocked(who, + DeviceAdminInfo.USES_POLICY_DISABLE_KEYGUARD_WIDGETS); + if ((ap.disableKeyguardWidgets & which) != which) { + ap.disableKeyguardWidgets |= which; + saveSettingsLocked(); + } + syncDeviceCapabilitiesLocked(); + } + } + + /** + * Gets the disabled state for widgets in keyguard for the given admin, + * or the aggregate of all active admins if who is null. + */ + public int getKeyguardWidgetsDisabled(ComponentName who) { + synchronized (this) { + if (who != null) { + ActiveAdmin admin = getActiveAdminUncheckedLocked(who); + return (admin != null) ? admin.disableKeyguardWidgets : 0; + } + + // Determine whether or not keyguard widgets are disabled for any active admins. + final int N = mAdminList.size(); + int which = 0; + for (int i = 0; i < N; i++) { + ActiveAdmin admin = mAdminList.get(i); + which |= admin.disableKeyguardWidgets; + } + return which; + } + } + @Override protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) { if (mContext.checkCallingOrSelfPermission(android.Manifest.permission.DUMP)