• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# @ohos.enterprise.securityManager (Security Management)
2
3The **securityManager** module provides device security management capabilities, including obtaining the security patch status and file system encryption status.
4
5> **NOTE**
6>
7> - The initial APIs of this module are supported since API version 11. Newly added APIs will be marked with a superscript to indicate their earliest API version.
8>
9> - The APIs of this module can be used only in the stage model.
10>
11> - The APIs provided by this module can be called only by a [device administrator application](enterpriseDeviceManagement-overview.md#basic-concepts) that is [enabled](js-apis-enterprise-adminManager.md#adminmanagerenableadmin).
12
13## Modules to Import
14
15```ts
16import securityManager from '@ohos.enterprise.securityManager';
17```
18
19## securityManager.getSecurityPatchTag
20
21getSecurityPatchTag(admin: Want): string
22
23Obtains the device security patch tag through the specified device administrator application. This API returns the result synchronously. If the operation is successful, the security patch tag is returned. If the operation fails, an exception is thrown.
24
25**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_SECURITY
26
27**System capability**: SystemCapability.Customization.EnterpriseDeviceManager
28
29**System API**: This is a system API.
30
31**Parameters**
32
33| Name  | Type                                 | Mandatory  | Description     |
34| ----- | ----------------------------------- | ---- | ------- |
35| admin | [Want](js-apis-app-ability-want.md) | Yes   | Device administrator application.|
36
37**Return value**
38
39| Type                  | Description                     |
40| --------------------- | ------------------------- |
41| string | Patch tag obtained.|
42
43**Error codes**
44
45For details about the error codes, see [Enterprise Device Management Error Codes](../errorcodes/errorcode-enterpriseDeviceManager.md).
46
47| ID| Error Message                                                                    |
48| ------- | ---------------------------------------------------------------------------- |
49| 9200001 | the application is not an administrator of the device.                        |
50| 9200002 | the administrator application does not have permission to manage the device. |
51
52**Example**
53
54```ts
55import Want from '@ohos.app.ability.Want';
56
57let wantTemp: Want = {
58  bundleName: 'com.example.myapplication',
59  abilityName: 'EntryAbility',
60};
61
62try {
63    let res: string = securityManager.getSecurityPatchTag(wantTemp);
64    console.info(`Succeeded in getting security patch tag. tag: ${res}`);
65} catch(err) {
66    console.error(`Failed to get security patch tag. Code: ${err.code}, message: ${err.message}`);
67}
68```
69## securityManager.getDeviceEncryptionStatus
70
71getDeviceEncryptionStatus(admin: Want): DeviceEncryptionStatus
72
73Obtains the file system encryption status of the device. This API returns the result synchronously. If the operation is successful, the file encryption status is returned. If the operation fails, an exception is thrown.
74
75**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_SECURITY
76
77**System capability**: SystemCapability.Customization.EnterpriseDeviceManager
78
79**System API**: This is a system API.
80
81**Parameters**
82
83| Name     | Type                                      | Mandatory  | Description                      |
84| -------- | ---------------------------------------- | ---- | ------------------------------- |
85| admin    | [Want](js-apis-app-ability-want.md)     | Yes   | Device administrator application.                 |
86
87**Return value**
88
89| Type                  | Description                                                  |
90| ---------------------- | ------------------------------------------------------ |
91| DeviceEncryptionStatus | File system encryption status. Currently, only a boolean value indicating whether the file system is encrypted is returned.|
92
93**Error codes**
94
95For details about the error codes, see [Enterprise Device Management Error Codes](../errorcodes/errorcode-enterpriseDeviceManager.md).
96
97| ID| Error Message                                                                      |
98| ------- | ---------------------------------------------------------------------------- |
99| 9200001 | the application is not an administrator of the device.                        |
100| 9200002 | the administrator application does not have permission to manage the device. |
101
102**Example**
103
104```ts
105import Want from '@ohos.app.ability.Want';
106let wantTemp: Want = {
107  bundleName: 'com.example.myapplication',
108  abilityName: 'EntryAbility',
109};
110
111try {
112    let result: securityManager.DeviceEncryptionStatus = securityManager.getDeviceEncryptionStatus(wantTemp);
113    console.info(`Succeeded in getting device encryption status. isEncrypted: ${result.isEncrypted}`);
114} catch(err) {
115    console.error(`Failed to get device encryption status. Code: ${err.code}, message: ${err.message}`);
116}
117```
118
119## DeviceEncryptionStatus
120
121Represents the file system encryption status.
122
123**System capability**: SystemCapability.Customization.EnterpriseDeviceManager
124
125**System API**: This is a system API.
126
127| Name        | Type    | Mandatory| Description                           |
128| ----------- | --------| ---- | ------------------------------- |
129| isEncrypted | boolean | Yes  | Whether the file system of the device is encrypted. The value **true** means the file system is encrypted; the value **false** means the opposite.|
130