1/* 2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16/** 17 * @file 18 * @kit MDMKit 19 */ 20 21import type { AsyncCallback } from './@ohos.base'; 22import type Want from './@ohos.app.ability.Want'; 23import type osAccount from './@ohos.account.osAccount'; 24 25/** 26 * This module provides the capability to manage the accounts of the enterprise devices. 27 * 28 * @namespace accountManager 29 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 30 * @since 10 31 */ 32declare namespace accountManager { 33 /** 34 * Disallow the user of device add local account. 35 * This function can be called by a super administrator. 36 * 37 * @permission ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 38 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 39 * The admin must have the corresponding permission. 40 * @param { boolean } disallow - true if the user is not allowed to add local account. 41 * @param { AsyncCallback<void> } callback - the callback of disallowAddLocalAccount. 42 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 43 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 44 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 45 * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 46 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 47 * 2. Incorrect parameter types; 3. Parameter verification failed. 48 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 49 * @systemapi 50 * @StageModelOnly 51 * @since 10 52 */ 53 function disallowAddLocalAccount(admin: Want, disallow: boolean, callback: AsyncCallback<void>): void; 54 55 /** 56 * Disallow the user of device add local account. 57 * This function can be called by a super administrator. 58 * 59 * @permission ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 60 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 61 * The admin must have the corresponding permission. 62 * @param { boolean } disallow - true if the user is not allowed to add local account. 63 * @returns { Promise<void> } the promise returned by the disallowAddLocalAccount. 64 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 65 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 66 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 67 * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 68 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 69 * 2. Incorrect parameter types; 3. Parameter verification failed. 70 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 71 * @systemapi 72 * @StageModelOnly 73 * @since 10 74 */ 75 function disallowAddLocalAccount(admin: Want, disallow: boolean): Promise<void>; 76 77 /** 78 * Disallows the user to add an OS account. 79 * This function can be called by a super administrator. 80 * 81 * @permission ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 82 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 83 * The admin must have the corresponding permission. 84 * @param { number } userId - indicates the user ID. It cannot be the ID of a user that does not exist. 85 * @param { boolean } disallow - true if the specific user is not allowed to add an OS account. 86 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 87 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 88 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 89 * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 90 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 91 * 2. Incorrect parameter types; 3. Parameter verification failed. 92 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 93 * @systemapi 94 * @stagemodelonly 95 * @since 11 96 */ 97 function disallowAddOsAccountByUser(admin: Want, userId: number, disallow: boolean): void; 98 99 /** 100 * Queries whether the user is disallowed to add an OS account. 101 * This function can be called by a super administrator. 102 * 103 * @permission ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 104 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 105 * If the admin is not empty, it must have the corresponding permission. 106 * @param { number } userId - indicates the user ID. It cannot be the ID of a user that does not exist. 107 * @returns { boolean } true if the specific user is not allowed to add an OS account. 108 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 109 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 110 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 111 * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 112 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 113 * 2. Incorrect parameter types; 3. Parameter verification failed. 114 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 115 * @systemapi 116 * @stagemodelonly 117 * @since 11 118 */ 119 function isAddOsAccountByUserDisallowed(admin: Want, userId: number): boolean; 120 121 /** 122 * Adds an OS account using the name and account type. 123 * This function can be called by a super administrator. 124 * 125 * @permission ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 126 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 127 * The admin must have the corresponding permission. 128 * @param { string } name - the OS account name. It cannot be empty. 129 * @param { osAccount.OsAccountType } type - the OS account type. It can only be one of specified types. 130 * @returns { osAccount.OsAccountInfo } information about the OS account added. 131 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 132 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 133 * @throws { BusinessError } 9201003 - Failed to add an OS account. 134 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 135 * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 136 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 137 * 2. Incorrect parameter types; 3. Parameter verification failed. 138 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 139 * @systemapi 140 * @stagemodelonly 141 * @since 11 142 */ 143 function addOsAccount(admin: Want, name: string, type: osAccount.OsAccountType): osAccount.OsAccountInfo; 144 145 /** 146 * Disallows the account or all accounts to add an OS account. 147 * This function can be called by a super administrator. 148 * 149 * @permission ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 150 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 151 * The admin must have the corresponding permission. 152 * @param { boolean } disallow - true if the specific account or all accounts are not allowed to add an OS account. 153 * @param { number } [accountId] - indicates the account ID. It cannot be the ID of an account that does not exist. 154 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 155 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 156 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 157 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 158 * 2. Incorrect parameter types; 3. Parameter verification failed. 159 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 160 * @stagemodelonly 161 * @since 12 162 */ 163 function disallowOsAccountAddition(admin: Want, disallow: boolean, accountId?: number): void; 164 165 /** 166 * Queries whether the account or all accounts is disallowed to add an OS account. 167 * This function can be called by a super administrator. 168 * 169 * @permission ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 170 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 171 * If the admin is not empty, it must have the corresponding permission. 172 * @param { number } [accountId] - indicates the account ID. It cannot be the ID of an account that does not exist. 173 * @returns { boolean } true if the specific account or all accounts are not allowed to add an OS account. 174 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 175 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 176 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 177 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 178 * 2. Incorrect parameter types; 3. Parameter verification failed. 179 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 180 * @stagemodelonly 181 * @since 12 182 */ 183 function isOsAccountAdditionDisallowed(admin: Want, accountId?: number): boolean; 184 185 /** 186 * Adds an OS account using the name and account type. 187 * This function can be called by a super administrator. 188 * 189 * @permission ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 190 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 191 * The admin must have the corresponding permission. 192 * @param { string } name - the OS account name. It cannot be empty. 193 * @param { osAccount.OsAccountType } type - the OS account type. It can only be one of correct types. 194 * @returns { Promise<osAccount.OsAccountInfo> } information about the OS account added. 195 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 196 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 197 * @throws { BusinessError } 9201003 - Failed to add an OS account. 198 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 199 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 200 * 2. Incorrect parameter types; 3. Parameter verification failed. 201 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 202 * @stagemodelonly 203 * @since 12 204 */ 205 function addOsAccountAsync(admin: Want, name: string, type: osAccount.OsAccountType): Promise<osAccount.OsAccountInfo>; 206} 207 208export default accountManager; 209