1/* 2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16/** 17 * @file 18 * @kit MDMKit 19 */ 20 21import type { AsyncCallback } from '@ohos.base'; 22import type Want from '@ohos.app.ability.Want'; 23 24/** 25 * This module provides the capability to manage restriction policy of the enterprise devices. 26 * 27 * @namespace restrictions 28 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 29 * @since 10 30 */ 31declare namespace restrictions { 32 /** 33 * Disable or enable the printing function of the device 34 * This function can be called by a super administrator. 35 * 36 * @permission ohos.permission.ENTERPRISE_RESTRICT_POLICY 37 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 38 * The admin must have the corresponding permission. 39 * @param { boolean } disabled - true if the user disables the printing function. 40 * @param { AsyncCallback<void> } callback - the callback of setPrinterDisabled. 41 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 42 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 43 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 44 * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 45 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 46 * 2. Incorrect parameter types; 3. Parameter verification failed. 47 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 48 * @systemapi 49 * @stagemodelonly 50 * @since 10 51 */ 52 function setPrinterDisabled(admin: Want, disabled: boolean, callback: AsyncCallback<void>): void; 53 54 /** 55 * Disable or enable the printing function of the device 56 * This function can be called by a super administrator. 57 * 58 * @permission ohos.permission.ENTERPRISE_RESTRICT_POLICY 59 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 60 * The admin must have the corresponding permission. 61 * @param { boolean } disabled - true if the user disables the printing function. 62 * @returns { Promise<void> } the promise returned by the setPrinterDisabled. 63 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 64 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 65 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 66 * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 67 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 68 * 2. Incorrect parameter types; 3. Parameter verification failed. 69 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 70 * @systemapi 71 * @stagemodelonly 72 * @since 10 73 */ 74 function setPrinterDisabled(admin: Want, disabled: boolean): Promise<void>; 75 76 /** 77 * Is the printing function of the device disabled 78 * This function can be called by a super administrator. 79 * 80 * @permission ohos.permission.ENTERPRISE_RESTRICT_POLICY 81 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 82 * If the admin is not empty, it must have the corresponding permission. 83 * @param { AsyncCallback<boolean> } callback - the callback of isPrinterDisabled. 84 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 85 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 86 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 87 * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 88 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 89 * 2. Incorrect parameter types; 3. Parameter verification failed. 90 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 91 * @systemapi 92 * @stagemodelonly 93 * @since 10 94 */ 95 function isPrinterDisabled(admin: Want, callback: AsyncCallback<boolean>): void; 96 97 /** 98 * Is the printing function of the device disabled 99 * This function can be called by a super administrator. 100 * 101 * @permission ohos.permission.ENTERPRISE_RESTRICT_POLICY 102 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 103 * If the admin is not empty, it must have the corresponding permission. 104 * @returns { Promise<boolean> } the promise returned by the isPrinterDisabled. 105 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 106 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 107 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 108 * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 109 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 110 * 2. Incorrect parameter types; 3. Parameter verification failed. 111 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 112 * @systemapi 113 * @stagemodelonly 114 * @since 10 115 */ 116 function isPrinterDisabled(admin: Want): Promise<boolean>; 117 118 /** 119 * Disable or enable the HDC function of the device 120 * This function can be called by a super administrator. 121 * 122 * @permission ohos.permission.ENTERPRISE_RESTRICT_POLICY 123 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 124 * The admin must have the corresponding permission. 125 * @param { boolean } disabled - true if the user disables the HDC function. 126 * @param { AsyncCallback<void> } callback - the callback of setHdcDisabled. 127 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 128 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 129 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 130 * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 131 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 132 * 2. Incorrect parameter types; 3. Parameter verification failed. 133 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 134 * @systemapi 135 * @stagemodelonly 136 * @since 10 137 */ 138 function setHdcDisabled(admin: Want, disabled: boolean, callback: AsyncCallback<void>): void; 139 140 /** 141 * Disable or enable the HDC function of the device 142 * This function can be called by a super administrator. 143 * 144 * @permission ohos.permission.ENTERPRISE_RESTRICT_POLICY 145 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 146 * The admin must have the corresponding permission. 147 * @param { boolean } disabled - true if the user disables the HDC function. 148 * @returns { Promise<void> } the promise returned by the setHdcDisabled. 149 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 150 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 151 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 152 * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 153 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 154 * 2. Incorrect parameter types; 3. Parameter verification failed. 155 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 156 * @systemapi 157 * @stagemodelonly 158 * @since 10 159 */ 160 function setHdcDisabled(admin: Want, disabled: boolean): Promise<void>; 161 162 /** 163 * Is the HDC function of the device disabled 164 * This function can be called by a super administrator. 165 * 166 * @permission ohos.permission.ENTERPRISE_RESTRICT_POLICY 167 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 168 * If the admin is not empty, it must have the corresponding permission. 169 * @param { AsyncCallback<boolean> } callback - the callback of isHdcDisabled. 170 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 171 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 172 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 173 * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 174 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 175 * 2. Incorrect parameter types; 3. Parameter verification failed. 176 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 177 * @systemapi 178 * @stagemodelonly 179 * @since 10 180 */ 181 function isHdcDisabled(admin: Want, callback: AsyncCallback<boolean>): void; 182 183 /** 184 * Is the HDC function of the device disabled 185 * This function can be called by a super administrator. 186 * 187 * @permission ohos.permission.ENTERPRISE_RESTRICT_POLICY 188 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 189 * If the admin is not empty, it must have the corresponding permission. 190 * @returns { Promise<boolean> } the promise returned by the isHdcDisabled. 191 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 192 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 193 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 194 * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 195 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 196 * 2. Incorrect parameter types; 3. Parameter verification failed. 197 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 198 * @systemapi 199 * @stagemodelonly 200 * @since 10 201 */ 202 function isHdcDisabled(admin: Want): Promise<boolean>; 203 204 /** 205 * Disables the microphone of device. 206 * 207 * @permission ohos.permission.ENTERPRISE_MANAGE_RESTRICTIONS 208 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 209 * The admin must have the corresponding permission. 210 * @param { boolean } disable - true if disable the microphone of device, otherwise false. 211 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 212 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 213 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 214 * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 215 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 216 * 2. Incorrect parameter types; 3. Parameter verification failed. 217 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 218 * @systemapi 219 * @stagemodelonly 220 * @since 11 221 */ 222 function disableMicrophone(admin: Want, disable: boolean): void; 223 224 /** 225 * Queries whether the microphone of device is disabled. 226 * 227 * @permission ohos.permission.ENTERPRISE_MANAGE_RESTRICTIONS 228 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 229 * If the admin is not empty, it must have the corresponding permission. 230 * @returns { boolean } true if the microphone of device is disabled, otherwise false. 231 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 232 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 233 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 234 * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 235 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 236 * 2. Incorrect parameter types; 3. Parameter verification failed. 237 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 238 * @systemapi 239 * @stagemodelonly 240 * @since 11 241 */ 242 function isMicrophoneDisabled(admin: Want): boolean; 243 244 /** 245 * Sets the device fingerprint authorization capability disabled. 246 * 247 * @permission ohos.permission.ENTERPRISE_MANAGE_RESTRICTIONS 248 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 249 * The admin must have the corresponding permission. 250 * @param { boolean } disabled - true if set the fingerprint authorization capability disabled. 251 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 252 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 253 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 254 * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 255 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 256 * 2. Incorrect parameter types; 3. Parameter verification failed. 257 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 258 * @systemapi 259 * @stagemodelonly 260 * @since 11 261 */ 262 function setFingerprintAuthDisabled(admin: Want, disabled: boolean): void; 263 264 /** 265 * Queries device fingerprint authorization capability is disabled or enabled. 266 * 267 * @permission ohos.permission.ENTERPRISE_MANAGE_RESTRICTIONS 268 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 269 * If the admin is not empty, it must have the corresponding permission. 270 * @returns { boolean } true if the fingerprint authorization capability is disabled. 271 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 272 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 273 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 274 * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 275 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 276 * 2. Incorrect parameter types; 3. Parameter verification failed. 277 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 278 * @systemapi 279 * @stagemodelonly 280 * @since 11 281 */ 282 function isFingerprintAuthDisabled(admin: Want): boolean; 283 284 /** 285 * Disallows the specific feature of the device. 286 * 287 * @permission ohos.permission.ENTERPRISE_MANAGE_RESTRICTIONS 288 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 289 * The admin must have the corresponding permission. 290 * @param { string } feature - feature indicates the specific feature to be disallowed or allowed, 291 * the supported device features include modifyDateTime, bluetooth, printer, hdc, microphone, fingerprint, usb and wifi. 292 * @param { boolean } disallow - true if disallow the specific feature of device, otherwise false. 293 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 294 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 295 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 296 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 297 * 2. Incorrect parameter types; 3. Parameter verification failed. 298 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 299 * @stagemodelonly 300 * @since 12 301 */ 302 /** 303 * Disallows the specific feature of the device. 304 * 305 * @permission ohos.permission.ENTERPRISE_MANAGE_RESTRICTIONS or ohos.permission.PERSONAL_MANAGE_RESTRICTIONS 306 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 307 * The admin must have the corresponding permission. 308 * @param { string } feature - feature indicates the specific feature to be disallowed or allowed, 309 * the supported device features include modifyDateTime, bluetooth, printer, hdc, microphone, fingerprint, usb and wifi. 310 * @param { boolean } disallow - true if disallow the specific feature of device, otherwise false. 311 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 312 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 313 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 314 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 315 * 2. Incorrect parameter types; 3. Parameter verification failed. 316 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 317 * @stagemodelonly 318 * @since 15 319 */ 320 /** 321 * Disallows the specific feature of the device. 322 * 323 * @permission ohos.permission.ENTERPRISE_MANAGE_RESTRICTIONS or ohos.permission.PERSONAL_MANAGE_RESTRICTIONS 324 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 325 * The admin must have the corresponding permission. 326 * @param { string } feature - feature indicates the specific feature to be disallowed or allowed, 327 * the supported device features are as follows: 328 * modifyDateTime, bluetooth, printer, hdc, microphone, fingerprint, usb, wifi, tethering, inactiveUserFreeze, camera, mtpClient, mtpServer, 329 * globalDrag, externalSdCard, backupAndRestore, notification, mms, sms, remoteDiagnosis, remoteDesk, nfc, privateSpace, vpn, airplaneMode, 330 * mobileData, maintenanceMode, sambaClient, sambaServer. 331 * @param { boolean } disallow - true if disallow the specific feature of device, otherwise false. 332 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 333 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 334 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 335 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 336 * @stagemodelonly 337 * @since 20 338 */ 339 function setDisallowedPolicy(admin: Want, feature: string, disallow: boolean): void; 340 341 /** 342 * Queries whether the specific feature of the device is disallowed. 343 * 344 * @permission ohos.permission.ENTERPRISE_MANAGE_RESTRICTIONS 345 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 346 * If the admin is not empty, it must have the corresponding permission. 347 * @param { string } feature - feature indicates the specific feature to be queried, 348 * the supported device features include modifyDateTime, bluetooth, printer, hdc, microphone, fingerprint, usb and wifi. 349 * @returns { boolean } true if the specific feature of device is disallowed, otherwise false. 350 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 351 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 352 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 353 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 354 * 2. Incorrect parameter types; 3. Parameter verification failed. 355 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 356 * @stagemodelonly 357 * @since 12 358 */ 359 /** 360 * Queries whether the specific feature of the device is disallowed. 361 * 362 * @permission ohos.permission.ENTERPRISE_MANAGE_RESTRICTIONS or ohos.permission.PERSONAL_MANAGE_RESTRICTIONS 363 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 364 * If the admin is not empty, it must have the corresponding permission. 365 * @param { string } feature - feature indicates the specific feature to be queried, 366 * the supported device features include modifyDateTime, bluetooth, printer, hdc, microphone, fingerprint, usb and wifi. 367 * @returns { boolean } true if the specific feature of device is disallowed, otherwise false. 368 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 369 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 370 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 371 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 372 * 2. Incorrect parameter types; 3. Parameter verification failed. 373 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 374 * @stagemodelonly 375 * @since 15 376 */ 377 /** 378 * Queries whether the specific feature of the device is disallowed. 379 * 380 * @permission ohos.permission.ENTERPRISE_MANAGE_RESTRICTIONS or ohos.permission.PERSONAL_MANAGE_RESTRICTIONS 381 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 382 * If the admin is not empty, it must have the corresponding permission. 383 * @param { string } feature - feature indicates the specific feature to be queried, 384 * the supported device features are as follows: 385 * modifyDateTime, bluetooth, printer, hdc, microphone, fingerprint, usb, wifi, tethering, inactiveUserFreeze, camera, mtpClient, mtpServer, 386 * globalDrag, externalSdCard, backupAndRestore, notification, mms, sms, remoteDiagnosis, remoteDesk, nfc, privateSpace, vpn, airplaneMode, 387 * mobileData, maintenanceMode, sambaClient, sambaServer. 388 * @returns { boolean } true if the specific feature of device is disallowed, otherwise false. 389 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 390 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 391 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 392 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 393 * @stagemodelonly 394 * @since 20 395 */ 396 function getDisallowedPolicy(admin: Want, feature: string): boolean; 397 398 /** 399 * Disallows the specific feature of the device for the specified account. 400 * 401 * @permission ohos.permission.ENTERPRISE_MANAGE_RESTRICTIONS 402 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 403 * @param { string } feature - feature indicates the specific feature to be disallowed or allowed. 404 * @param { boolean } disallow - true if disallow the specific feature of device, otherwise false. 405 * @param { number } accountId - accountId indicates the account ID to be queried. 406 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 407 * @throws { BusinessError } 9200002 - the administrator application does not have permission to manage the device. 408 * @throws { BusinessError } 9200010 - A conflict policy has been configured. 409 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 410 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 411 * 2. Incorrect parameter types; 3. Parameter verification failed. 412 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 413 * @stagemodelonly 414 * @since 14 415 */ 416 /** 417 * Disallows the specific feature of the device for the specified account. 418 * 419 * @permission ohos.permission.ENTERPRISE_MANAGE_RESTRICTIONS 420 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 421 * @param { string } feature - feature indicates the specific feature to be disallowed or allowed, 422 * the supported device features are as follows: 423 * fingerprint, print, mtpClient, usbStorageDeviceWrite, diskRecoveryKey, sudo, distributedTransmissionOutgoing. 424 * @param { boolean } disallow - true if disallow the specific feature of device, otherwise false. 425 * @param { number } accountId - accountId indicates the account ID to be queried. 426 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 427 * @throws { BusinessError } 9200002 - the administrator application does not have permission to manage the device. 428 * @throws { BusinessError } 9200010 - A conflict policy has been configured. 429 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 430 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 431 * @stagemodelonly 432 * @since 20 433 */ 434 function setDisallowedPolicyForAccount(admin: Want, feature: string, disallow: boolean, accountId: number): void; 435 436 /** 437 * Queries whether the specific feature of the device is disallowed for the specified account. 438 * 439 * @permission ohos.permission.ENTERPRISE_MANAGE_RESTRICTIONS 440 * @param { Want } admin - admin indicates the enterprise admin extension ability information. 441 * @param { string } feature - feature indicates the specific feature to be queried. 442 * @param { number } accountId - accountId indicates the account ID to be queried. 443 * @returns { boolean } true if the specific feature of device is disallowed, otherwise false. 444 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 445 * @throws { BusinessError } 9200002 - the administrator application does not have permission to manage the device. 446 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 447 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 448 * 2. Incorrect parameter types; 3. Parameter verification failed. 449 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 450 * @stagemodelonly 451 * @since 14 452 */ 453 /** 454 * Queries whether the specific feature of the device is disallowed for the specified account. 455 * 456 * @permission ohos.permission.ENTERPRISE_MANAGE_RESTRICTIONS 457 * @param { Want | null } admin - admin indicates the enterprise admin extension ability information. 458 * @param { string } feature - feature indicates the specific feature to be queried. 459 * the supported device features are as follows: 460 * fingerprint, print, mtpClient, usbStorageDeviceWrite, diskRecoveryKey, sudo, distributedTransmissionOutgoing. 461 * @param { number } accountId - accountId indicates the account ID to be queried. 462 * @returns { boolean } true if the specific feature of device is disallowed, otherwise false. 463 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 464 * @throws { BusinessError } 9200002 - the administrator application does not have permission to manage the device. 465 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 466 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 467 * @stagemodelonly 468 * @since 20 469 */ 470 function getDisallowedPolicyForAccount(admin: Want | null, feature: string, accountId: number): boolean; 471 472 /** 473 * Adds applications or bundles or other contents to the list to restrict them from using a specific feature. 474 * 475 * @permission ohos.permission.ENTERPRISE_MANAGE_RESTRICTIONS 476 * @param { Want } admin - admin indicates the administrator ability information. 477 * @param { string } feature - feature indicates the specific feature to be disallowed. 478 * @param { Array<string> } list - list of restricted applications or bundles or other contents. 479 * @param { number } accountId - indicates the account ID. 480 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 481 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 482 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 483 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 484 * 2. Incorrect parameter types; 3. Parameter verification failed. 485 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 486 * @stagemodelonly 487 * @since 14 488 */ 489 function addDisallowedListForAccount(admin: Want, feature: string, list: Array<string>, accountId: number): void; 490 491 /** 492 * Removes applications or bundles or other contents from the list to unblock them from using a specific feature. 493 * 494 * @permission ohos.permission.ENTERPRISE_MANAGE_RESTRICTIONS 495 * @param { Want } admin - admin indicates the administrator ability information. 496 * @param { string } feature - feature indicates the specific feature to be disallowed. 497 * @param { Array<string> } list - list of unblock applications or bundles or other contents. 498 * @param { number } accountId - indicates the account ID. 499 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 500 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 501 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 502 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 503 * 2. Incorrect parameter types; 3. Parameter verification failed. 504 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 505 * @stagemodelonly 506 * @since 14 507 */ 508 function removeDisallowedListForAccount(admin: Want, feature: string, list: Array<string>, accountId: number): void; 509 510 /** 511 * Gets the list of applications or bundles or other contents that are restrict from using a specific feature. 512 * 513 * @permission ohos.permission.ENTERPRISE_MANAGE_RESTRICTIONS 514 * @param { Want } admin - admin indicates the administrator ability information. 515 * @param { string } feature - feature indicates the specific feature to be disallowed. 516 * @param { number } accountId - indicates the account ID. 517 * @returns { Array<string> } list - list of applications or bundles or other contents. 518 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 519 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 520 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 521 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 522 * 2. Incorrect parameter types; 3. Parameter verification failed. 523 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 524 * @stagemodelonly 525 * @since 14 526 */ 527 function getDisallowedListForAccount(admin: Want, feature: string, accountId: number): Array<string>; 528 529 /** 530 * Restricting users from changing specified settings item on the device. 531 * 532 * @permission ohos.permission.ENTERPRISE_SET_USER_RESTRICTION 533 * @param { Want } admin - admin indicates the administrator ability information. 534 * @param { string } settingsItem - settingsItem indicates the specific settings item to be disallowed. 535 * the supported settingsItems are as follows: 536 * setEthernetIp, setApn, powerKeyShutdown, setDeviceName, 537 * setBiometricsAndScreenLock. 538 * @param { boolean } restricted - true if restrict the specific settings item of device, otherwise false. 539 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 540 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 541 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 542 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 543 * @stagemodelonly 544 * @since 20 545 */ 546 function setUserRestriction(admin: Want, settingsItem: string, restricted: boolean): void; 547 548 /** 549 * Gets whether users are restricted from changing specified settings items on the device. 550 * 551 * @permission ohos.permission.ENTERPRISE_SET_USER_RESTRICTION 552 * @param { Want } admin - admin indicates the administrator ability information. 553 * @param { string } settingsItem - settingsItem indicates the specific settings item to be disallowed. 554 * @returns { boolean } true if restrict the specific settings item of device, otherwise false. 555 * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 556 * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 557 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 558 * @syscap SystemCapability.Customization.EnterpriseDeviceManager 559 * @stagemodelonly 560 * @since 20 561 */ 562 function getUserRestricted(admin: Want, settingsItem: string): boolean; 563} 564 565export default restrictions; 566