1 /* 2 * Copyright (C) 2020 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.server.devicepolicy; 18 19 import static android.app.admin.DevicePolicyManager.NEARBY_STREAMING_SAME_MANAGED_ACCOUNT_ONLY; 20 import static android.app.admin.DevicePolicyManager.PASSWORD_COMPLEXITY_NONE; 21 import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED; 22 import static android.app.admin.WifiSsidPolicy.WIFI_SSID_POLICY_TYPE_ALLOWLIST; 23 import static android.app.admin.WifiSsidPolicy.WIFI_SSID_POLICY_TYPE_DENYLIST; 24 import static android.net.NetworkCapabilities.NET_ENTERPRISE_ID_1; 25 26 import static com.android.server.devicepolicy.DevicePolicyManagerService.LOG_TAG; 27 28 import static org.xmlpull.v1.XmlPullParser.END_DOCUMENT; 29 import static org.xmlpull.v1.XmlPullParser.END_TAG; 30 import static org.xmlpull.v1.XmlPullParser.TEXT; 31 32 import android.annotation.NonNull; 33 import android.annotation.Nullable; 34 import android.app.admin.DeviceAdminInfo; 35 import android.app.admin.DevicePolicyManager; 36 import android.app.admin.FactoryResetProtectionPolicy; 37 import android.app.admin.ManagedSubscriptionsPolicy; 38 import android.app.admin.PackagePolicy; 39 import android.app.admin.PasswordPolicy; 40 import android.app.admin.PreferentialNetworkServiceConfig; 41 import android.app.admin.WifiSsidPolicy; 42 import android.app.admin.flags.Flags; 43 import android.graphics.Color; 44 import android.net.wifi.WifiSsid; 45 import android.os.Bundle; 46 import android.os.PersistableBundle; 47 import android.os.UserHandle; 48 import android.os.UserManager; 49 import android.text.TextUtils; 50 import android.util.ArrayMap; 51 import android.util.ArraySet; 52 import android.util.IndentingPrintWriter; 53 import android.util.PrintWriterPrinter; 54 55 import com.android.internal.util.Preconditions; 56 import com.android.internal.util.XmlUtils; 57 import com.android.modules.utils.TypedXmlPullParser; 58 import com.android.modules.utils.TypedXmlSerializer; 59 import com.android.server.pm.UserRestrictionsUtils; 60 import com.android.server.utils.Slogf; 61 62 import org.xmlpull.v1.XmlPullParserException; 63 64 import java.io.IOException; 65 import java.nio.charset.StandardCharsets; 66 import java.util.ArrayList; 67 import java.util.Collection; 68 import java.util.Collections; 69 import java.util.List; 70 import java.util.Map; 71 import java.util.Set; 72 import java.util.function.Predicate; 73 import java.util.stream.Collectors; 74 75 class ActiveAdmin { 76 77 private static final String TAG_DISABLE_KEYGUARD_FEATURES = "disable-keyguard-features"; 78 private static final String TAG_TEST_ONLY_ADMIN = "test-only-admin"; 79 private static final String TAG_DISABLE_CAMERA = "disable-camera"; 80 private static final String TAG_DISABLE_CALLER_ID = "disable-caller-id"; 81 private static final String TAG_DISABLE_CONTACTS_SEARCH = "disable-contacts-search"; 82 private static final String TAG_DISABLE_BLUETOOTH_CONTACT_SHARING = 83 "disable-bt-contacts-sharing"; 84 private static final String TAG_DISABLE_SCREEN_CAPTURE = "disable-screen-capture"; 85 private static final String TAG_DISABLE_ACCOUNT_MANAGEMENT = "disable-account-management"; 86 private static final String TAG_NEARBY_NOTIFICATION_STREAMING_POLICY = 87 "nearby-notification-streaming-policy"; 88 private static final String TAG_NEARBY_APP_STREAMING_POLICY = 89 "nearby-app-streaming-policy"; 90 private static final String TAG_REQUIRE_AUTO_TIME = "require_auto_time"; 91 private static final String TAG_FORCE_EPHEMERAL_USERS = "force_ephemeral_users"; 92 private static final String TAG_IS_NETWORK_LOGGING_ENABLED = "is_network_logging_enabled"; 93 private static final String TAG_ACCOUNT_TYPE = "account-type"; 94 private static final String TAG_PERMITTED_ACCESSIBILITY_SERVICES = 95 "permitted-accessiblity-services"; 96 private static final String TAG_ENCRYPTION_REQUESTED = "encryption-requested"; 97 private static final String TAG_MANAGE_TRUST_AGENT_FEATURES = "manage-trust-agent-features"; 98 private static final String TAG_TRUST_AGENT_COMPONENT_OPTIONS = "trust-agent-component-options"; 99 private static final String TAG_TRUST_AGENT_COMPONENT = "component"; 100 private static final String TAG_PASSWORD_EXPIRATION_DATE = "password-expiration-date"; 101 private static final String TAG_PASSWORD_EXPIRATION_TIMEOUT = "password-expiration-timeout"; 102 private static final String TAG_GLOBAL_PROXY_EXCLUSION_LIST = "global-proxy-exclusion-list"; 103 private static final String TAG_GLOBAL_PROXY_SPEC = "global-proxy-spec"; 104 private static final String TAG_SPECIFIES_GLOBAL_PROXY = "specifies-global-proxy"; 105 private static final String TAG_PERMITTED_IMES = "permitted-imes"; 106 private static final String TAG_PERMITTED_NOTIFICATION_LISTENERS = 107 "permitted-notification-listeners"; 108 private static final String TAG_MAX_FAILED_PASSWORD_WIPE = "max-failed-password-wipe"; 109 private static final String TAG_MAX_TIME_TO_UNLOCK = "max-time-to-unlock"; 110 private static final String TAG_STRONG_AUTH_UNLOCK_TIMEOUT = "strong-auth-unlock-timeout"; 111 private static final String TAG_MIN_PASSWORD_NONLETTER = "min-password-nonletter"; 112 private static final String TAG_MIN_PASSWORD_SYMBOLS = "min-password-symbols"; 113 private static final String TAG_MIN_PASSWORD_NUMERIC = "min-password-numeric"; 114 private static final String TAG_MIN_PASSWORD_LETTERS = "min-password-letters"; 115 private static final String TAG_MIN_PASSWORD_LOWERCASE = "min-password-lowercase"; 116 private static final String TAG_MIN_PASSWORD_UPPERCASE = "min-password-uppercase"; 117 private static final String TAG_PASSWORD_HISTORY_LENGTH = "password-history-length"; 118 private static final String TAG_MIN_PASSWORD_LENGTH = "min-password-length"; 119 private static final String TAG_PASSWORD_QUALITY = "password-quality"; 120 private static final String TAG_POLICIES = "policies"; 121 private static final String TAG_CROSS_PROFILE_WIDGET_PROVIDERS = 122 "cross-profile-widget-providers"; 123 private static final String TAG_PROVIDER = "provider"; 124 private static final String TAG_PACKAGE_LIST_ITEM = "item"; 125 private static final String TAG_KEEP_UNINSTALLED_PACKAGES = "keep-uninstalled-packages"; 126 private static final String TAG_USER_RESTRICTIONS = "user-restrictions"; 127 private static final String TAG_DEFAULT_ENABLED_USER_RESTRICTIONS = 128 "default-enabled-user-restrictions"; 129 private static final String TAG_RESTRICTION = "restriction"; 130 private static final String TAG_SHORT_SUPPORT_MESSAGE = "short-support-message"; 131 private static final String TAG_LONG_SUPPORT_MESSAGE = "long-support-message"; 132 private static final String TAG_PARENT_ADMIN = "parent-admin"; 133 private static final String TAG_ORGANIZATION_COLOR = "organization-color"; 134 private static final String TAG_ORGANIZATION_NAME = "organization-name"; 135 private static final String TAG_IS_LOGOUT_ENABLED = "is_logout_enabled"; 136 private static final String TAG_START_USER_SESSION_MESSAGE = "start_user_session_message"; 137 private static final String TAG_END_USER_SESSION_MESSAGE = "end_user_session_message"; 138 private static final String TAG_METERED_DATA_DISABLED_PACKAGES = 139 "metered_data_disabled_packages"; 140 private static final String TAG_CROSS_PROFILE_CALENDAR_PACKAGES = 141 "cross-profile-calendar-packages"; 142 private static final String TAG_CROSS_PROFILE_CALENDAR_PACKAGES_NULL = 143 "cross-profile-calendar-packages-null"; 144 private static final String TAG_CROSS_PROFILE_PACKAGES = "cross-profile-packages"; 145 private static final String TAG_FACTORY_RESET_PROTECTION_POLICY = 146 "factory_reset_protection_policy"; 147 private static final String TAG_SUSPEND_PERSONAL_APPS = "suspend-personal-apps"; 148 private static final String TAG_PROFILE_MAXIMUM_TIME_OFF = "profile-max-time-off"; 149 private static final String TAG_PROFILE_OFF_DEADLINE = "profile-off-deadline"; 150 private static final String TAG_ALWAYS_ON_VPN_PACKAGE = "vpn-package"; 151 private static final String TAG_ALWAYS_ON_VPN_LOCKDOWN = "vpn-lockdown"; 152 private static final String TAG_COMMON_CRITERIA_MODE = "common-criteria-mode"; 153 private static final String TAG_PASSWORD_COMPLEXITY = "password-complexity"; 154 private static final String TAG_ORGANIZATION_ID = "organization-id"; 155 private static final String TAG_ENROLLMENT_SPECIFIC_ID = "enrollment-specific-id"; 156 private static final String TAG_ADMIN_CAN_GRANT_SENSORS_PERMISSIONS = 157 "admin-can-grant-sensors-permissions"; 158 private static final String TAG_PREFERENTIAL_NETWORK_SERVICE_ENABLED = 159 "preferential-network-service-enabled"; 160 private static final String TAG_USB_DATA_SIGNALING = "usb-data-signaling"; 161 private static final String TAG_WIFI_MIN_SECURITY = "wifi-min-security"; 162 private static final String TAG_SSID_ALLOWLIST = "ssid-allowlist"; 163 private static final String TAG_SSID_DENYLIST = "ssid-denylist"; 164 private static final String TAG_SSID = "ssid"; 165 private static final String TAG_CROSS_PROFILE_CALLER_ID_POLICY = "caller-id-policy"; 166 private static final String TAG_CROSS_PROFILE_CONTACTS_SEARCH_POLICY = "contacts-policy"; 167 private static final String TAG_PACKAGE_POLICY_PACKAGE_NAMES = "package-policy-packages"; 168 private static final String TAG_PREFERENTIAL_NETWORK_SERVICE_CONFIGS = 169 "preferential_network_service_configs"; 170 private static final String TAG_PREFERENTIAL_NETWORK_SERVICE_CONFIG = 171 "preferential_network_service_config"; 172 private static final String TAG_PROTECTED_PACKAGES = "protected_packages"; 173 private static final String TAG_SUSPENDED_PACKAGES = "suspended-packages"; 174 private static final String TAG_MTE_POLICY = "mte-policy"; 175 private static final String TAG_MANAGED_SUBSCRIPTIONS_POLICY = "managed_subscriptions_policy"; 176 private static final String ATTR_VALUE = "value"; 177 private static final String ATTR_LAST_NETWORK_LOGGING_NOTIFICATION = "last-notification"; 178 private static final String ATTR_NUM_NETWORK_LOGGING_NOTIFICATIONS = "num-notifications"; 179 private static final String ATTR_PACKAGE_POLICY_MODE = "package-policy-type"; 180 private static final String TAG_CREDENTIAL_MANAGER_POLICY = "credential-manager-policy"; 181 private static final String TAG_DIALER_PACKAGE = "dialer_package"; 182 private static final String TAG_SMS_PACKAGE = "sms_package"; 183 private static final String TAG_PROVISIONING_CONTEXT = "provisioning-context"; 184 185 // If the ActiveAdmin is a permission-based admin, then info will be null because the 186 // permission-based admin is not mapped to a device administrator component. 187 DeviceAdminInfo info; 188 189 static final int DEF_PASSWORD_HISTORY_LENGTH = 0; 190 int passwordHistoryLength = DEF_PASSWORD_HISTORY_LENGTH; 191 192 @NonNull 193 PasswordPolicy mPasswordPolicy = new PasswordPolicy(); 194 195 @DevicePolicyManager.PasswordComplexity 196 int mPasswordComplexity = PASSWORD_COMPLEXITY_NONE; 197 198 @DevicePolicyManager.NearbyStreamingPolicy 199 int mNearbyNotificationStreamingPolicy = NEARBY_STREAMING_SAME_MANAGED_ACCOUNT_ONLY; 200 201 @DevicePolicyManager.NearbyStreamingPolicy 202 int mNearbyAppStreamingPolicy = NEARBY_STREAMING_SAME_MANAGED_ACCOUNT_ONLY; 203 204 @Nullable 205 FactoryResetProtectionPolicy mFactoryResetProtectionPolicy = null; 206 207 static final long DEF_MAXIMUM_TIME_TO_UNLOCK = 0; 208 long maximumTimeToUnlock = DEF_MAXIMUM_TIME_TO_UNLOCK; 209 210 long strongAuthUnlockTimeout = 0; // admin doesn't participate by default 211 212 static final int DEF_MAXIMUM_FAILED_PASSWORDS_FOR_WIPE = 0; 213 int maximumFailedPasswordsForWipe = DEF_MAXIMUM_FAILED_PASSWORDS_FOR_WIPE; 214 215 static final long DEF_PASSWORD_EXPIRATION_TIMEOUT = 0; 216 long passwordExpirationTimeout = DEF_PASSWORD_EXPIRATION_TIMEOUT; 217 218 static final long DEF_PASSWORD_EXPIRATION_DATE = 0; 219 long passwordExpirationDate = DEF_PASSWORD_EXPIRATION_DATE; 220 221 static final int DEF_KEYGUARD_FEATURES_DISABLED = 0; // none 222 223 int disabledKeyguardFeatures = DEF_KEYGUARD_FEATURES_DISABLED; 224 225 boolean encryptionRequested = false; 226 boolean testOnlyAdmin = false; 227 boolean disableCamera = false; 228 boolean disableCallerId = false; 229 boolean disableContactsSearch = false; 230 boolean disableBluetoothContactSharing = true; 231 boolean disableScreenCapture = false; 232 boolean requireAutoTime = false; 233 boolean forceEphemeralUsers = false; 234 boolean isNetworkLoggingEnabled = false; 235 boolean isLogoutEnabled = false; 236 237 // one notification after enabling + one more after reboots 238 static final int DEF_MAXIMUM_NETWORK_LOGGING_NOTIFICATIONS_SHOWN = 2; 239 int numNetworkLoggingNotifications = 0; 240 long lastNetworkLoggingNotificationTimeMs = 0; // Time in milliseconds since epoch 241 242 @DevicePolicyManager.MtePolicy int mtePolicy = DevicePolicyManager.MTE_NOT_CONTROLLED_BY_POLICY; 243 244 ActiveAdmin parentAdmin; 245 final boolean isParent; 246 247 static class TrustAgentInfo { 248 public PersistableBundle options; TrustAgentInfo(PersistableBundle bundle)249 TrustAgentInfo(PersistableBundle bundle) { 250 options = bundle; 251 } 252 } 253 254 // The list of packages which are not allowed to use metered data. 255 List<String> meteredDisabledPackages; 256 257 final Set<String> accountTypesWithManagementDisabled = new ArraySet<>(); 258 259 // The list of permitted accessibility services package namesas set by a profile 260 // or device owner. Null means all accessibility services are allowed, empty means 261 // none except system services are allowed. 262 List<String> permittedAccessiblityServices; 263 264 // The list of permitted input methods package names as set by a profile or device owner. 265 // Null means all input methods are allowed, empty means none except system imes are 266 // allowed. 267 List<String> permittedInputMethods; 268 269 // The list of packages allowed to use a NotificationListenerService to receive events for 270 // notifications from this user. Null means that all packages are allowed. Empty list means 271 // that only packages from the system are allowed. 272 List<String> permittedNotificationListeners; 273 274 // List of package names to keep cached. 275 List<String> keepUninstalledPackages; 276 277 // List of packages for which the user cannot invoke "clear data" or "force stop". 278 List<String> protectedPackages; 279 280 List<String> suspendedPackages; 281 282 // Wi-Fi SSID restriction policy. 283 WifiSsidPolicy mWifiSsidPolicy; 284 285 // Managed subscriptions policy. 286 ManagedSubscriptionsPolicy mManagedSubscriptionsPolicy; 287 288 // TODO: review implementation decisions with frameworks team 289 boolean specifiesGlobalProxy = false; 290 String globalProxySpec = null; 291 String globalProxyExclusionList = null; 292 293 @NonNull 294 ArrayMap<String, TrustAgentInfo> trustAgentInfos = new ArrayMap<>(); 295 296 List<String> crossProfileWidgetProviders; 297 298 Bundle userRestrictions; 299 300 // User restrictions that have already been enabled by default for this admin (either when 301 // setting the device or profile owner, or during a system update if one of those "enabled 302 // by default" restrictions is newly added). 303 final Set<String> defaultEnabledRestrictionsAlreadySet = new ArraySet<>(); 304 305 // Support text provided by the admin to display to the user. 306 CharSequence shortSupportMessage = null; 307 CharSequence longSupportMessage = null; 308 309 // Background color of confirm credentials screen. Default: teal. 310 static final int DEF_ORGANIZATION_COLOR = Color.parseColor("#00796B"); 311 int organizationColor = DEF_ORGANIZATION_COLOR; 312 313 // Default title of confirm credentials screen 314 String organizationName = null; 315 316 // Message for user switcher 317 String startUserSessionMessage = null; 318 String endUserSessionMessage = null; 319 320 // The allow list of packages that can access cross profile calendar APIs. 321 // This allow list should be in default an empty list, which indicates that no package 322 // is allow listed. 323 List<String> mCrossProfileCalendarPackages = Collections.emptyList(); 324 325 // The allow list of packages that the admin has enabled to be able to request consent from 326 // the user to communicate cross-profile. By default, no packages are allowed, which is 327 // represented as an empty list. 328 List<String> mCrossProfilePackages = Collections.emptyList(); 329 330 // Whether the admin explicitly requires personal apps to be suspended 331 boolean mSuspendPersonalApps = false; 332 // Maximum time the profile owned by this admin can be off. 333 long mProfileMaximumTimeOffMillis = 0; 334 // Time by which the profile should be turned on according to System.currentTimeMillis(). 335 long mProfileOffDeadline = 0; 336 337 // The package policy for Cross Profile Contacts Search 338 PackagePolicy mManagedProfileCallerIdAccess = null; 339 340 // The package policy for Cross Profile Contacts Search 341 PackagePolicy mManagedProfileContactsAccess = null; 342 343 // The package policy for Credential Manager 344 PackagePolicy mCredentialManagerPolicy = null; 345 346 public String mAlwaysOnVpnPackage; 347 public boolean mAlwaysOnVpnLockdown; 348 boolean mCommonCriteriaMode; 349 public String mOrganizationId; 350 public String mEnrollmentSpecificId; 351 public boolean mAdminCanGrantSensorsPermissions; 352 public List<PreferentialNetworkServiceConfig> mPreferentialNetworkServiceConfigs = 353 List.of(PreferentialNetworkServiceConfig.DEFAULT); 354 355 private static final boolean USB_DATA_SIGNALING_ENABLED_DEFAULT = true; 356 boolean mUsbDataSignalingEnabled = USB_DATA_SIGNALING_ENABLED_DEFAULT; 357 358 int mWifiMinimumSecurityLevel = DevicePolicyManager.WIFI_SECURITY_OPEN; 359 String mDialerPackage; 360 String mSmsPackage; 361 private String mProvisioningContext; 362 private static final int PROVISIONING_CONTEXT_LENGTH_LIMIT = 1000; 363 ActiveAdmin(DeviceAdminInfo info, boolean isParent)364 ActiveAdmin(DeviceAdminInfo info, boolean isParent) { 365 this.info = info; 366 this.isParent = isParent; 367 } 368 getParentActiveAdmin()369 ActiveAdmin getParentActiveAdmin() { 370 Preconditions.checkState(!isParent); 371 372 if (parentAdmin == null) { 373 parentAdmin = new ActiveAdmin(info, /* parent */ true); 374 } 375 return parentAdmin; 376 } 377 hasParentActiveAdmin()378 boolean hasParentActiveAdmin() { 379 return parentAdmin != null; 380 } 381 getUid()382 int getUid() { 383 return info.getActivityInfo().applicationInfo.uid; 384 } 385 getUserHandle()386 public UserHandle getUserHandle() { 387 return UserHandle.of(UserHandle.getUserId(info.getActivityInfo().applicationInfo.uid)); 388 } 389 390 /** 391 * Stores metadata about context of setting an active admin 392 * @param provisioningContext some metadata, for example test method name 393 */ setProvisioningContext(@ullable String provisioningContext)394 public void setProvisioningContext(@Nullable String provisioningContext) { 395 if (Flags.provisioningContextParameter() 396 && !TextUtils.isEmpty(provisioningContext) 397 && !provisioningContext.isBlank()) { 398 if (provisioningContext.length() > PROVISIONING_CONTEXT_LENGTH_LIMIT) { 399 mProvisioningContext = provisioningContext.substring( 400 0, PROVISIONING_CONTEXT_LENGTH_LIMIT); 401 } else { 402 mProvisioningContext = provisioningContext; 403 } 404 } 405 } 406 writeToXml(TypedXmlSerializer out)407 void writeToXml(TypedXmlSerializer out) 408 throws IllegalArgumentException, IllegalStateException, IOException { 409 if (info != null) { 410 out.startTag(null, TAG_POLICIES); 411 info.writePoliciesToXml(out); 412 out.endTag(null, TAG_POLICIES); 413 } 414 if (mPasswordPolicy.quality != PASSWORD_QUALITY_UNSPECIFIED) { 415 writeAttributeValueToXml( 416 out, TAG_PASSWORD_QUALITY, mPasswordPolicy.quality); 417 if (mPasswordPolicy.length != PasswordPolicy.DEF_MINIMUM_LENGTH) { 418 writeAttributeValueToXml( 419 out, TAG_MIN_PASSWORD_LENGTH, mPasswordPolicy.length); 420 } 421 if (mPasswordPolicy.upperCase != PasswordPolicy.DEF_MINIMUM_UPPER_CASE) { 422 writeAttributeValueToXml( 423 out, TAG_MIN_PASSWORD_UPPERCASE, mPasswordPolicy.upperCase); 424 } 425 if (mPasswordPolicy.lowerCase != PasswordPolicy.DEF_MINIMUM_LOWER_CASE) { 426 writeAttributeValueToXml( 427 out, TAG_MIN_PASSWORD_LOWERCASE, mPasswordPolicy.lowerCase); 428 } 429 if (mPasswordPolicy.letters != PasswordPolicy.DEF_MINIMUM_LETTERS) { 430 writeAttributeValueToXml( 431 out, TAG_MIN_PASSWORD_LETTERS, mPasswordPolicy.letters); 432 } 433 if (mPasswordPolicy.numeric != PasswordPolicy.DEF_MINIMUM_NUMERIC) { 434 writeAttributeValueToXml( 435 out, TAG_MIN_PASSWORD_NUMERIC, mPasswordPolicy.numeric); 436 } 437 if (mPasswordPolicy.symbols != PasswordPolicy.DEF_MINIMUM_SYMBOLS) { 438 writeAttributeValueToXml( 439 out, TAG_MIN_PASSWORD_SYMBOLS, mPasswordPolicy.symbols); 440 } 441 if (mPasswordPolicy.nonLetter > PasswordPolicy.DEF_MINIMUM_NON_LETTER) { 442 writeAttributeValueToXml( 443 out, TAG_MIN_PASSWORD_NONLETTER, mPasswordPolicy.nonLetter); 444 } 445 } 446 if (passwordHistoryLength != DEF_PASSWORD_HISTORY_LENGTH) { 447 writeAttributeValueToXml( 448 out, TAG_PASSWORD_HISTORY_LENGTH, passwordHistoryLength); 449 } 450 if (maximumTimeToUnlock != DEF_MAXIMUM_TIME_TO_UNLOCK) { 451 writeAttributeValueToXml( 452 out, TAG_MAX_TIME_TO_UNLOCK, maximumTimeToUnlock); 453 } 454 if (strongAuthUnlockTimeout != DevicePolicyManager.DEFAULT_STRONG_AUTH_TIMEOUT_MS) { 455 writeAttributeValueToXml( 456 out, TAG_STRONG_AUTH_UNLOCK_TIMEOUT, strongAuthUnlockTimeout); 457 } 458 if (maximumFailedPasswordsForWipe != DEF_MAXIMUM_FAILED_PASSWORDS_FOR_WIPE) { 459 writeAttributeValueToXml( 460 out, TAG_MAX_FAILED_PASSWORD_WIPE, maximumFailedPasswordsForWipe); 461 } 462 if (specifiesGlobalProxy) { 463 writeAttributeValueToXml( 464 out, TAG_SPECIFIES_GLOBAL_PROXY, specifiesGlobalProxy); 465 if (globalProxySpec != null) { 466 writeAttributeValueToXml(out, TAG_GLOBAL_PROXY_SPEC, globalProxySpec); 467 } 468 if (globalProxyExclusionList != null) { 469 writeAttributeValueToXml( 470 out, TAG_GLOBAL_PROXY_EXCLUSION_LIST, globalProxyExclusionList); 471 } 472 } 473 if (passwordExpirationTimeout != DEF_PASSWORD_EXPIRATION_TIMEOUT) { 474 writeAttributeValueToXml( 475 out, TAG_PASSWORD_EXPIRATION_TIMEOUT, passwordExpirationTimeout); 476 } 477 if (passwordExpirationDate != DEF_PASSWORD_EXPIRATION_DATE) { 478 writeAttributeValueToXml( 479 out, TAG_PASSWORD_EXPIRATION_DATE, passwordExpirationDate); 480 } 481 if (encryptionRequested) { 482 writeAttributeValueToXml( 483 out, TAG_ENCRYPTION_REQUESTED, encryptionRequested); 484 } 485 if (testOnlyAdmin) { 486 writeAttributeValueToXml( 487 out, TAG_TEST_ONLY_ADMIN, testOnlyAdmin); 488 } 489 if (disableCamera) { 490 writeAttributeValueToXml( 491 out, TAG_DISABLE_CAMERA, disableCamera); 492 } 493 if (disableCallerId) { 494 writeAttributeValueToXml( 495 out, TAG_DISABLE_CALLER_ID, disableCallerId); 496 } 497 if (disableContactsSearch) { 498 writeAttributeValueToXml( 499 out, TAG_DISABLE_CONTACTS_SEARCH, disableContactsSearch); 500 } 501 if (!disableBluetoothContactSharing) { 502 writeAttributeValueToXml( 503 out, TAG_DISABLE_BLUETOOTH_CONTACT_SHARING, disableBluetoothContactSharing); 504 } 505 if (disableScreenCapture) { 506 writeAttributeValueToXml( 507 out, TAG_DISABLE_SCREEN_CAPTURE, disableScreenCapture); 508 } 509 if (requireAutoTime) { 510 writeAttributeValueToXml( 511 out, TAG_REQUIRE_AUTO_TIME, requireAutoTime); 512 } 513 if (forceEphemeralUsers) { 514 writeAttributeValueToXml( 515 out, TAG_FORCE_EPHEMERAL_USERS, forceEphemeralUsers); 516 } 517 if (isNetworkLoggingEnabled) { 518 out.startTag(null, TAG_IS_NETWORK_LOGGING_ENABLED); 519 out.attributeBoolean(null, ATTR_VALUE, isNetworkLoggingEnabled); 520 out.attributeInt(null, ATTR_NUM_NETWORK_LOGGING_NOTIFICATIONS, 521 numNetworkLoggingNotifications); 522 out.attributeLong(null, ATTR_LAST_NETWORK_LOGGING_NOTIFICATION, 523 lastNetworkLoggingNotificationTimeMs); 524 out.endTag(null, TAG_IS_NETWORK_LOGGING_ENABLED); 525 } 526 if (disabledKeyguardFeatures != DEF_KEYGUARD_FEATURES_DISABLED) { 527 writeAttributeValueToXml( 528 out, TAG_DISABLE_KEYGUARD_FEATURES, disabledKeyguardFeatures); 529 } 530 if (!accountTypesWithManagementDisabled.isEmpty()) { 531 writeAttributeValuesToXml( 532 out, TAG_DISABLE_ACCOUNT_MANAGEMENT, TAG_ACCOUNT_TYPE, 533 accountTypesWithManagementDisabled); 534 } 535 if (!trustAgentInfos.isEmpty()) { 536 Set<Map.Entry<String, TrustAgentInfo>> set = trustAgentInfos.entrySet(); 537 out.startTag(null, TAG_MANAGE_TRUST_AGENT_FEATURES); 538 for (Map.Entry<String, TrustAgentInfo> entry : set) { 539 TrustAgentInfo trustAgentInfo = entry.getValue(); 540 out.startTag(null, TAG_TRUST_AGENT_COMPONENT); 541 out.attribute(null, ATTR_VALUE, entry.getKey()); 542 if (trustAgentInfo.options != null) { 543 out.startTag(null, TAG_TRUST_AGENT_COMPONENT_OPTIONS); 544 try { 545 trustAgentInfo.options.saveToXml(out); 546 } catch (XmlPullParserException e) { 547 Slogf.e(LOG_TAG, e, "Failed to save TrustAgent options"); 548 } 549 out.endTag(null, TAG_TRUST_AGENT_COMPONENT_OPTIONS); 550 } 551 out.endTag(null, TAG_TRUST_AGENT_COMPONENT); 552 } 553 out.endTag(null, TAG_MANAGE_TRUST_AGENT_FEATURES); 554 } 555 if (crossProfileWidgetProviders != null && !crossProfileWidgetProviders.isEmpty()) { 556 writeAttributeValuesToXml( 557 out, TAG_CROSS_PROFILE_WIDGET_PROVIDERS, TAG_PROVIDER, 558 crossProfileWidgetProviders); 559 } 560 writePackageListToXml(out, TAG_PERMITTED_ACCESSIBILITY_SERVICES, 561 permittedAccessiblityServices); 562 writePackageListToXml(out, TAG_PERMITTED_IMES, permittedInputMethods); 563 writePackageListToXml(out, TAG_PERMITTED_NOTIFICATION_LISTENERS, 564 permittedNotificationListeners); 565 writePackageListToXml(out, TAG_KEEP_UNINSTALLED_PACKAGES, keepUninstalledPackages); 566 writePackageListToXml(out, TAG_METERED_DATA_DISABLED_PACKAGES, meteredDisabledPackages); 567 writePackageListToXml(out, TAG_PROTECTED_PACKAGES, protectedPackages); 568 writePackageListToXml(out, TAG_SUSPENDED_PACKAGES, suspendedPackages); 569 if (hasUserRestrictions()) { 570 UserRestrictionsUtils.writeRestrictions( 571 out, userRestrictions, TAG_USER_RESTRICTIONS); 572 } 573 if (!defaultEnabledRestrictionsAlreadySet.isEmpty()) { 574 writeAttributeValuesToXml(out, TAG_DEFAULT_ENABLED_USER_RESTRICTIONS, 575 TAG_RESTRICTION, 576 defaultEnabledRestrictionsAlreadySet); 577 } 578 if (!TextUtils.isEmpty(shortSupportMessage)) { 579 writeTextToXml(out, TAG_SHORT_SUPPORT_MESSAGE, shortSupportMessage.toString()); 580 } 581 if (!TextUtils.isEmpty(longSupportMessage)) { 582 writeTextToXml(out, TAG_LONG_SUPPORT_MESSAGE, longSupportMessage.toString()); 583 } 584 if (parentAdmin != null) { 585 out.startTag(null, TAG_PARENT_ADMIN); 586 parentAdmin.writeToXml(out); 587 out.endTag(null, TAG_PARENT_ADMIN); 588 } 589 if (organizationColor != DEF_ORGANIZATION_COLOR) { 590 writeAttributeValueToXml(out, TAG_ORGANIZATION_COLOR, organizationColor); 591 } 592 if (organizationName != null) { 593 writeTextToXml(out, TAG_ORGANIZATION_NAME, organizationName); 594 } 595 if (isLogoutEnabled) { 596 writeAttributeValueToXml(out, TAG_IS_LOGOUT_ENABLED, isLogoutEnabled); 597 } 598 if (startUserSessionMessage != null) { 599 writeTextToXml(out, TAG_START_USER_SESSION_MESSAGE, startUserSessionMessage); 600 } 601 if (endUserSessionMessage != null) { 602 writeTextToXml(out, TAG_END_USER_SESSION_MESSAGE, endUserSessionMessage); 603 } 604 if (mCrossProfileCalendarPackages == null) { 605 out.startTag(null, TAG_CROSS_PROFILE_CALENDAR_PACKAGES_NULL); 606 out.endTag(null, TAG_CROSS_PROFILE_CALENDAR_PACKAGES_NULL); 607 } else { 608 writePackageListToXml(out, TAG_CROSS_PROFILE_CALENDAR_PACKAGES, 609 mCrossProfileCalendarPackages); 610 } 611 writePackageListToXml(out, TAG_CROSS_PROFILE_PACKAGES, mCrossProfilePackages); 612 if (mFactoryResetProtectionPolicy != null) { 613 out.startTag(null, TAG_FACTORY_RESET_PROTECTION_POLICY); 614 mFactoryResetProtectionPolicy.writeToXml(out); 615 out.endTag(null, TAG_FACTORY_RESET_PROTECTION_POLICY); 616 } 617 if (mSuspendPersonalApps) { 618 writeAttributeValueToXml(out, TAG_SUSPEND_PERSONAL_APPS, mSuspendPersonalApps); 619 } 620 if (mProfileMaximumTimeOffMillis != 0) { 621 writeAttributeValueToXml(out, TAG_PROFILE_MAXIMUM_TIME_OFF, 622 mProfileMaximumTimeOffMillis); 623 } 624 if (mProfileMaximumTimeOffMillis != 0) { 625 writeAttributeValueToXml(out, TAG_PROFILE_OFF_DEADLINE, mProfileOffDeadline); 626 } 627 if (!TextUtils.isEmpty(mAlwaysOnVpnPackage)) { 628 writeAttributeValueToXml(out, TAG_ALWAYS_ON_VPN_PACKAGE, mAlwaysOnVpnPackage); 629 } 630 if (mAlwaysOnVpnLockdown) { 631 writeAttributeValueToXml(out, TAG_ALWAYS_ON_VPN_LOCKDOWN, mAlwaysOnVpnLockdown); 632 } 633 if (mCommonCriteriaMode) { 634 writeAttributeValueToXml(out, TAG_COMMON_CRITERIA_MODE, mCommonCriteriaMode); 635 } 636 637 if (mPasswordComplexity != PASSWORD_COMPLEXITY_NONE) { 638 writeAttributeValueToXml(out, TAG_PASSWORD_COMPLEXITY, mPasswordComplexity); 639 } 640 if (mNearbyNotificationStreamingPolicy != NEARBY_STREAMING_SAME_MANAGED_ACCOUNT_ONLY) { 641 writeAttributeValueToXml(out, TAG_NEARBY_NOTIFICATION_STREAMING_POLICY, 642 mNearbyNotificationStreamingPolicy); 643 } 644 if (mNearbyAppStreamingPolicy != NEARBY_STREAMING_SAME_MANAGED_ACCOUNT_ONLY) { 645 writeAttributeValueToXml(out, TAG_NEARBY_APP_STREAMING_POLICY, 646 mNearbyAppStreamingPolicy); 647 } 648 if (!TextUtils.isEmpty(mOrganizationId)) { 649 writeTextToXml(out, TAG_ORGANIZATION_ID, mOrganizationId); 650 } 651 if (!TextUtils.isEmpty(mEnrollmentSpecificId)) { 652 writeTextToXml(out, TAG_ENROLLMENT_SPECIFIC_ID, mEnrollmentSpecificId); 653 } 654 writeAttributeValueToXml(out, TAG_ADMIN_CAN_GRANT_SENSORS_PERMISSIONS, 655 mAdminCanGrantSensorsPermissions); 656 if (mUsbDataSignalingEnabled != USB_DATA_SIGNALING_ENABLED_DEFAULT) { 657 writeAttributeValueToXml(out, TAG_USB_DATA_SIGNALING, mUsbDataSignalingEnabled); 658 } 659 if (mWifiMinimumSecurityLevel != DevicePolicyManager.WIFI_SECURITY_OPEN) { 660 writeAttributeValueToXml(out, TAG_WIFI_MIN_SECURITY, mWifiMinimumSecurityLevel); 661 } 662 if (mWifiSsidPolicy != null) { 663 List<String> ssids = ssidsToStrings(mWifiSsidPolicy.getSsids()); 664 if (mWifiSsidPolicy.getPolicyType() == WIFI_SSID_POLICY_TYPE_ALLOWLIST) { 665 writeAttributeValuesToXml(out, TAG_SSID_ALLOWLIST, TAG_SSID, ssids); 666 } else if (mWifiSsidPolicy.getPolicyType() == WIFI_SSID_POLICY_TYPE_DENYLIST) { 667 writeAttributeValuesToXml(out, TAG_SSID_DENYLIST, TAG_SSID, ssids); 668 } 669 } 670 if (!mPreferentialNetworkServiceConfigs.isEmpty()) { 671 out.startTag(null, TAG_PREFERENTIAL_NETWORK_SERVICE_CONFIGS); 672 for (PreferentialNetworkServiceConfig config : mPreferentialNetworkServiceConfigs) { 673 config.writeToXml(out); 674 } 675 out.endTag(null, TAG_PREFERENTIAL_NETWORK_SERVICE_CONFIGS); 676 } 677 if (mtePolicy != DevicePolicyManager.MTE_NOT_CONTROLLED_BY_POLICY) { 678 writeAttributeValueToXml(out, TAG_MTE_POLICY, mtePolicy); 679 } 680 writePackagePolicy(out, TAG_CROSS_PROFILE_CALLER_ID_POLICY, 681 mManagedProfileCallerIdAccess); 682 writePackagePolicy(out, TAG_CROSS_PROFILE_CONTACTS_SEARCH_POLICY, 683 mManagedProfileContactsAccess); 684 writePackagePolicy(out, TAG_CREDENTIAL_MANAGER_POLICY, 685 mCredentialManagerPolicy); 686 if (mManagedSubscriptionsPolicy != null) { 687 out.startTag(null, TAG_MANAGED_SUBSCRIPTIONS_POLICY); 688 mManagedSubscriptionsPolicy.saveToXml(out); 689 out.endTag(null, TAG_MANAGED_SUBSCRIPTIONS_POLICY); 690 } 691 if (!TextUtils.isEmpty(mDialerPackage)) { 692 writeAttributeValueToXml(out, TAG_DIALER_PACKAGE, mDialerPackage); 693 } 694 if (!TextUtils.isEmpty(mSmsPackage)) { 695 writeAttributeValueToXml(out, TAG_SMS_PACKAGE, mSmsPackage); 696 } 697 698 if (Flags.provisioningContextParameter() && !TextUtils.isEmpty(mProvisioningContext)) { 699 out.startTag(null, TAG_PROVISIONING_CONTEXT); 700 out.attribute(null, ATTR_VALUE, mProvisioningContext); 701 out.endTag(null, TAG_PROVISIONING_CONTEXT); 702 } 703 } 704 writePackagePolicy(TypedXmlSerializer out, String tag, PackagePolicy packagePolicy)705 private void writePackagePolicy(TypedXmlSerializer out, String tag, 706 PackagePolicy packagePolicy) throws IOException { 707 if (packagePolicy == null) { 708 return; 709 } 710 out.startTag(null, tag); 711 out.attributeInt(null, ATTR_PACKAGE_POLICY_MODE, packagePolicy.getPolicyType()); 712 writePackageListToXml(out, TAG_PACKAGE_POLICY_PACKAGE_NAMES, 713 new ArrayList<>(packagePolicy.getPackageNames())); 714 out.endTag(null, tag); 715 } 716 ssidsToStrings(Set<WifiSsid> ssids)717 private List<String> ssidsToStrings(Set<WifiSsid> ssids) { 718 return ssids.stream() 719 .map(ssid -> new String(ssid.getBytes(), StandardCharsets.UTF_8)) 720 .collect(Collectors.toList()); 721 } 722 writeTextToXml(TypedXmlSerializer out, String tag, String text)723 void writeTextToXml(TypedXmlSerializer out, String tag, String text) throws IOException { 724 out.startTag(null, tag); 725 out.text(text); 726 out.endTag(null, tag); 727 } 728 writePackageListToXml(TypedXmlSerializer out, String outerTag, List<String> packageList)729 void writePackageListToXml(TypedXmlSerializer out, String outerTag, 730 List<String> packageList) 731 throws IllegalArgumentException, IllegalStateException, IOException { 732 if (packageList == null) { 733 return; 734 } 735 writeAttributeValuesToXml(out, outerTag, TAG_PACKAGE_LIST_ITEM, packageList); 736 } 737 writeAttributeValueToXml(TypedXmlSerializer out, String tag, String value)738 void writeAttributeValueToXml(TypedXmlSerializer out, String tag, String value) 739 throws IOException { 740 out.startTag(null, tag); 741 out.attribute(null, ATTR_VALUE, value); 742 out.endTag(null, tag); 743 } 744 writeAttributeValueToXml(TypedXmlSerializer out, String tag, int value)745 void writeAttributeValueToXml(TypedXmlSerializer out, String tag, int value) 746 throws IOException { 747 out.startTag(null, tag); 748 out.attributeInt(null, ATTR_VALUE, value); 749 out.endTag(null, tag); 750 } 751 writeAttributeValueToXml(TypedXmlSerializer out, String tag, long value)752 void writeAttributeValueToXml(TypedXmlSerializer out, String tag, long value) 753 throws IOException { 754 out.startTag(null, tag); 755 out.attributeLong(null, ATTR_VALUE, value); 756 out.endTag(null, tag); 757 } 758 writeAttributeValueToXml(TypedXmlSerializer out, String tag, boolean value)759 void writeAttributeValueToXml(TypedXmlSerializer out, String tag, boolean value) 760 throws IOException { 761 out.startTag(null, tag); 762 out.attributeBoolean(null, ATTR_VALUE, value); 763 out.endTag(null, tag); 764 } 765 writeAttributeValuesToXml(TypedXmlSerializer out, String outerTag, String innerTag, @NonNull Collection<String> values)766 void writeAttributeValuesToXml(TypedXmlSerializer out, String outerTag, String innerTag, 767 @NonNull Collection<String> values) throws IOException { 768 out.startTag(null, outerTag); 769 for (String value : values) { 770 out.startTag(null, innerTag); 771 out.attribute(null, ATTR_VALUE, value); 772 out.endTag(null, innerTag); 773 } 774 out.endTag(null, outerTag); 775 } 776 readFromXml(TypedXmlPullParser parser, boolean shouldOverridePolicies)777 void readFromXml(TypedXmlPullParser parser, boolean shouldOverridePolicies) 778 throws XmlPullParserException, IOException { 779 int outerDepth = parser.getDepth(); 780 int type; 781 while ((type = parser.next()) != END_DOCUMENT 782 && (type != END_TAG || parser.getDepth() > outerDepth)) { 783 if (type == END_TAG || type == TEXT) { 784 continue; 785 } 786 String tag = parser.getName(); 787 if (TAG_POLICIES.equals(tag)) { 788 if (shouldOverridePolicies) { 789 Slogf.d(LOG_TAG, "Overriding device admin policies from XML."); 790 info.readPoliciesFromXml(parser); 791 } 792 } else if (TAG_PASSWORD_QUALITY.equals(tag)) { 793 mPasswordPolicy.quality = parser.getAttributeInt(null, ATTR_VALUE); 794 } else if (TAG_MIN_PASSWORD_LENGTH.equals(tag)) { 795 mPasswordPolicy.length = parser.getAttributeInt(null, ATTR_VALUE); 796 } else if (TAG_PASSWORD_HISTORY_LENGTH.equals(tag)) { 797 passwordHistoryLength = parser.getAttributeInt(null, ATTR_VALUE); 798 } else if (TAG_MIN_PASSWORD_UPPERCASE.equals(tag)) { 799 mPasswordPolicy.upperCase = parser.getAttributeInt(null, ATTR_VALUE); 800 } else if (TAG_MIN_PASSWORD_LOWERCASE.equals(tag)) { 801 mPasswordPolicy.lowerCase = parser.getAttributeInt(null, ATTR_VALUE); 802 } else if (TAG_MIN_PASSWORD_LETTERS.equals(tag)) { 803 mPasswordPolicy.letters = parser.getAttributeInt(null, ATTR_VALUE); 804 } else if (TAG_MIN_PASSWORD_NUMERIC.equals(tag)) { 805 mPasswordPolicy.numeric = parser.getAttributeInt(null, ATTR_VALUE); 806 } else if (TAG_MIN_PASSWORD_SYMBOLS.equals(tag)) { 807 mPasswordPolicy.symbols = parser.getAttributeInt(null, ATTR_VALUE); 808 } else if (TAG_MIN_PASSWORD_NONLETTER.equals(tag)) { 809 mPasswordPolicy.nonLetter = parser.getAttributeInt(null, ATTR_VALUE); 810 } else if (TAG_MAX_TIME_TO_UNLOCK.equals(tag)) { 811 maximumTimeToUnlock = parser.getAttributeLong(null, ATTR_VALUE); 812 } else if (TAG_STRONG_AUTH_UNLOCK_TIMEOUT.equals(tag)) { 813 strongAuthUnlockTimeout = parser.getAttributeLong(null, ATTR_VALUE); 814 } else if (TAG_MAX_FAILED_PASSWORD_WIPE.equals(tag)) { 815 maximumFailedPasswordsForWipe = parser.getAttributeInt(null, ATTR_VALUE); 816 } else if (TAG_SPECIFIES_GLOBAL_PROXY.equals(tag)) { 817 specifiesGlobalProxy = parser.getAttributeBoolean(null, ATTR_VALUE, false); 818 } else if (TAG_GLOBAL_PROXY_SPEC.equals(tag)) { 819 globalProxySpec = 820 parser.getAttributeValue(null, ATTR_VALUE); 821 } else if (TAG_GLOBAL_PROXY_EXCLUSION_LIST.equals(tag)) { 822 globalProxyExclusionList = 823 parser.getAttributeValue(null, ATTR_VALUE); 824 } else if (TAG_PASSWORD_EXPIRATION_TIMEOUT.equals(tag)) { 825 passwordExpirationTimeout = parser.getAttributeLong(null, ATTR_VALUE); 826 } else if (TAG_PASSWORD_EXPIRATION_DATE.equals(tag)) { 827 passwordExpirationDate = parser.getAttributeLong(null, ATTR_VALUE); 828 } else if (TAG_ENCRYPTION_REQUESTED.equals(tag)) { 829 encryptionRequested = parser.getAttributeBoolean(null, ATTR_VALUE, false); 830 } else if (TAG_TEST_ONLY_ADMIN.equals(tag)) { 831 testOnlyAdmin = parser.getAttributeBoolean(null, ATTR_VALUE, false); 832 } else if (TAG_DISABLE_CAMERA.equals(tag)) { 833 disableCamera = parser.getAttributeBoolean(null, ATTR_VALUE, false); 834 } else if (TAG_DISABLE_CALLER_ID.equals(tag)) { 835 disableCallerId = parser.getAttributeBoolean(null, ATTR_VALUE, false); 836 } else if (TAG_DISABLE_CONTACTS_SEARCH.equals(tag)) { 837 disableContactsSearch = parser.getAttributeBoolean(null, ATTR_VALUE, false); 838 } else if (TAG_DISABLE_BLUETOOTH_CONTACT_SHARING.equals(tag)) { 839 disableBluetoothContactSharing = 840 parser.getAttributeBoolean(null, ATTR_VALUE, false); 841 } else if (TAG_DISABLE_SCREEN_CAPTURE.equals(tag)) { 842 disableScreenCapture = parser.getAttributeBoolean(null, ATTR_VALUE, false); 843 } else if (TAG_REQUIRE_AUTO_TIME.equals(tag)) { 844 requireAutoTime = parser.getAttributeBoolean(null, ATTR_VALUE, false); 845 } else if (TAG_FORCE_EPHEMERAL_USERS.equals(tag)) { 846 forceEphemeralUsers = parser.getAttributeBoolean(null, ATTR_VALUE, false); 847 } else if (TAG_IS_NETWORK_LOGGING_ENABLED.equals(tag)) { 848 isNetworkLoggingEnabled = parser.getAttributeBoolean(null, ATTR_VALUE, false); 849 lastNetworkLoggingNotificationTimeMs = parser.getAttributeLong(null, 850 ATTR_LAST_NETWORK_LOGGING_NOTIFICATION); 851 numNetworkLoggingNotifications = parser.getAttributeInt(null, 852 ATTR_NUM_NETWORK_LOGGING_NOTIFICATIONS); 853 } else if (TAG_DISABLE_KEYGUARD_FEATURES.equals(tag)) { 854 disabledKeyguardFeatures = parser.getAttributeInt(null, ATTR_VALUE); 855 } else if (TAG_DISABLE_ACCOUNT_MANAGEMENT.equals(tag)) { 856 readAttributeValues( 857 parser, TAG_ACCOUNT_TYPE, accountTypesWithManagementDisabled); 858 } else if (TAG_MANAGE_TRUST_AGENT_FEATURES.equals(tag)) { 859 trustAgentInfos = getAllTrustAgentInfos(parser, tag); 860 } else if (TAG_CROSS_PROFILE_WIDGET_PROVIDERS.equals(tag)) { 861 crossProfileWidgetProviders = new ArrayList<>(); 862 readAttributeValues(parser, TAG_PROVIDER, crossProfileWidgetProviders); 863 } else if (TAG_PERMITTED_ACCESSIBILITY_SERVICES.equals(tag)) { 864 permittedAccessiblityServices = readPackageList(parser, tag); 865 } else if (TAG_PERMITTED_IMES.equals(tag)) { 866 permittedInputMethods = readPackageList(parser, tag); 867 } else if (TAG_PERMITTED_NOTIFICATION_LISTENERS.equals(tag)) { 868 permittedNotificationListeners = readPackageList(parser, tag); 869 } else if (TAG_KEEP_UNINSTALLED_PACKAGES.equals(tag)) { 870 keepUninstalledPackages = readPackageList(parser, tag); 871 } else if (TAG_METERED_DATA_DISABLED_PACKAGES.equals(tag)) { 872 meteredDisabledPackages = readPackageList(parser, tag); 873 } else if (TAG_PROTECTED_PACKAGES.equals(tag)) { 874 protectedPackages = readPackageList(parser, tag); 875 } else if (TAG_SUSPENDED_PACKAGES.equals(tag)) { 876 suspendedPackages = readPackageList(parser, tag); 877 } else if (TAG_USER_RESTRICTIONS.equals(tag)) { 878 userRestrictions = UserRestrictionsUtils.readRestrictions(parser); 879 } else if (TAG_DEFAULT_ENABLED_USER_RESTRICTIONS.equals(tag)) { 880 readAttributeValues( 881 parser, TAG_RESTRICTION, defaultEnabledRestrictionsAlreadySet); 882 } else if (TAG_SHORT_SUPPORT_MESSAGE.equals(tag)) { 883 type = parser.next(); 884 if (type == TypedXmlPullParser.TEXT) { 885 shortSupportMessage = parser.getText(); 886 } else { 887 Slogf.w(LOG_TAG, "Missing text when loading short support message"); 888 } 889 } else if (TAG_LONG_SUPPORT_MESSAGE.equals(tag)) { 890 type = parser.next(); 891 if (type == TypedXmlPullParser.TEXT) { 892 longSupportMessage = parser.getText(); 893 } else { 894 Slogf.w(LOG_TAG, "Missing text when loading long support message"); 895 } 896 } else if (TAG_PARENT_ADMIN.equals(tag)) { 897 Preconditions.checkState(!isParent); 898 parentAdmin = new ActiveAdmin(info, /* parent */ true); 899 parentAdmin.readFromXml(parser, shouldOverridePolicies); 900 } else if (TAG_ORGANIZATION_COLOR.equals(tag)) { 901 organizationColor = parser.getAttributeInt(null, ATTR_VALUE); 902 } else if (TAG_ORGANIZATION_NAME.equals(tag)) { 903 type = parser.next(); 904 if (type == TypedXmlPullParser.TEXT) { 905 organizationName = parser.getText(); 906 } else { 907 Slogf.w(LOG_TAG, "Missing text when loading organization name"); 908 } 909 } else if (TAG_IS_LOGOUT_ENABLED.equals(tag)) { 910 isLogoutEnabled = parser.getAttributeBoolean(null, ATTR_VALUE, false); 911 } else if (TAG_START_USER_SESSION_MESSAGE.equals(tag)) { 912 type = parser.next(); 913 if (type == TypedXmlPullParser.TEXT) { 914 startUserSessionMessage = parser.getText(); 915 } else { 916 Slogf.w(LOG_TAG, "Missing text when loading start session message"); 917 } 918 } else if (TAG_END_USER_SESSION_MESSAGE.equals(tag)) { 919 type = parser.next(); 920 if (type == TypedXmlPullParser.TEXT) { 921 endUserSessionMessage = parser.getText(); 922 } else { 923 Slogf.w(LOG_TAG, "Missing text when loading end session message"); 924 } 925 } else if (TAG_CROSS_PROFILE_CALENDAR_PACKAGES.equals(tag)) { 926 mCrossProfileCalendarPackages = readPackageList(parser, tag); 927 } else if (TAG_CROSS_PROFILE_CALENDAR_PACKAGES_NULL.equals(tag)) { 928 mCrossProfileCalendarPackages = null; 929 } else if (TAG_CROSS_PROFILE_PACKAGES.equals(tag)) { 930 mCrossProfilePackages = readPackageList(parser, tag); 931 } else if (TAG_FACTORY_RESET_PROTECTION_POLICY.equals(tag)) { 932 mFactoryResetProtectionPolicy = FactoryResetProtectionPolicy.readFromXml( 933 parser); 934 } else if (TAG_SUSPEND_PERSONAL_APPS.equals(tag)) { 935 mSuspendPersonalApps = parser.getAttributeBoolean(null, ATTR_VALUE, false); 936 } else if (TAG_PROFILE_MAXIMUM_TIME_OFF.equals(tag)) { 937 mProfileMaximumTimeOffMillis = 938 parser.getAttributeLong(null, ATTR_VALUE); 939 } else if (TAG_PROFILE_OFF_DEADLINE.equals(tag)) { 940 mProfileOffDeadline = 941 parser.getAttributeLong(null, ATTR_VALUE); 942 } else if (TAG_ALWAYS_ON_VPN_PACKAGE.equals(tag)) { 943 mAlwaysOnVpnPackage = parser.getAttributeValue(null, ATTR_VALUE); 944 } else if (TAG_ALWAYS_ON_VPN_LOCKDOWN.equals(tag)) { 945 mAlwaysOnVpnLockdown = parser.getAttributeBoolean(null, ATTR_VALUE, false); 946 } else if (TAG_PREFERENTIAL_NETWORK_SERVICE_ENABLED.equals(tag)) { 947 boolean preferentialNetworkServiceEnabled = parser.getAttributeBoolean(null, 948 ATTR_VALUE, 949 DevicePolicyManager.PREFERENTIAL_NETWORK_SERVICE_ENABLED_DEFAULT); 950 if (preferentialNetworkServiceEnabled) { 951 PreferentialNetworkServiceConfig.Builder configBuilder = 952 new PreferentialNetworkServiceConfig.Builder(); 953 configBuilder.setEnabled(preferentialNetworkServiceEnabled); 954 configBuilder.setNetworkId(NET_ENTERPRISE_ID_1); 955 mPreferentialNetworkServiceConfigs = List.of(configBuilder.build()); 956 } 957 } else if (TAG_COMMON_CRITERIA_MODE.equals(tag)) { 958 mCommonCriteriaMode = parser.getAttributeBoolean(null, ATTR_VALUE, false); 959 } else if (TAG_PASSWORD_COMPLEXITY.equals(tag)) { 960 mPasswordComplexity = parser.getAttributeInt(null, ATTR_VALUE); 961 } else if (TAG_NEARBY_NOTIFICATION_STREAMING_POLICY.equals(tag)) { 962 mNearbyNotificationStreamingPolicy = parser.getAttributeInt(null, ATTR_VALUE); 963 } else if (TAG_NEARBY_APP_STREAMING_POLICY.equals(tag)) { 964 mNearbyAppStreamingPolicy = parser.getAttributeInt(null, ATTR_VALUE); 965 } else if (TAG_ORGANIZATION_ID.equals(tag)) { 966 type = parser.next(); 967 if (type == TypedXmlPullParser.TEXT) { 968 mOrganizationId = parser.getText(); 969 } else { 970 Slogf.w(LOG_TAG, "Missing Organization ID."); 971 } 972 } else if (TAG_ENROLLMENT_SPECIFIC_ID.equals(tag)) { 973 type = parser.next(); 974 if (type == TypedXmlPullParser.TEXT) { 975 mEnrollmentSpecificId = parser.getText(); 976 } else { 977 Slogf.w(LOG_TAG, "Missing Enrollment-specific ID."); 978 } 979 } else if (TAG_ADMIN_CAN_GRANT_SENSORS_PERMISSIONS.equals(tag)) { 980 mAdminCanGrantSensorsPermissions = parser.getAttributeBoolean(null, ATTR_VALUE, 981 false); 982 } else if (TAG_USB_DATA_SIGNALING.equals(tag)) { 983 mUsbDataSignalingEnabled = parser.getAttributeBoolean(null, ATTR_VALUE, 984 USB_DATA_SIGNALING_ENABLED_DEFAULT); 985 } else if (TAG_WIFI_MIN_SECURITY.equals(tag)) { 986 mWifiMinimumSecurityLevel = parser.getAttributeInt(null, ATTR_VALUE); 987 } else if (TAG_SSID_ALLOWLIST.equals(tag)) { 988 List<WifiSsid> ssids = readWifiSsids(parser, TAG_SSID); 989 mWifiSsidPolicy = new WifiSsidPolicy( 990 WIFI_SSID_POLICY_TYPE_ALLOWLIST, new ArraySet<>(ssids)); 991 } else if (TAG_SSID_DENYLIST.equals(tag)) { 992 List<WifiSsid> ssids = readWifiSsids(parser, TAG_SSID); 993 mWifiSsidPolicy = new WifiSsidPolicy( 994 WIFI_SSID_POLICY_TYPE_DENYLIST, new ArraySet<>(ssids)); 995 } else if (TAG_PREFERENTIAL_NETWORK_SERVICE_CONFIGS.equals(tag)) { 996 List<PreferentialNetworkServiceConfig> configs = 997 getPreferentialNetworkServiceConfigs(parser, tag); 998 if (!configs.isEmpty()) { 999 mPreferentialNetworkServiceConfigs = configs; 1000 } 1001 } else if (TAG_MTE_POLICY.equals(tag)) { 1002 mtePolicy = parser.getAttributeInt(null, ATTR_VALUE); 1003 } else if (TAG_CROSS_PROFILE_CALLER_ID_POLICY.equals(tag)) { 1004 mManagedProfileCallerIdAccess = readPackagePolicy(parser); 1005 } else if (TAG_CROSS_PROFILE_CONTACTS_SEARCH_POLICY.equals(tag)) { 1006 mManagedProfileContactsAccess = readPackagePolicy(parser); 1007 } else if (TAG_MANAGED_SUBSCRIPTIONS_POLICY.equals(tag)) { 1008 mManagedSubscriptionsPolicy = ManagedSubscriptionsPolicy.readFromXml(parser); 1009 } else if (TAG_CREDENTIAL_MANAGER_POLICY.equals(tag)) { 1010 mCredentialManagerPolicy = readPackagePolicy(parser); 1011 } else if (TAG_DIALER_PACKAGE.equals(tag)) { 1012 mDialerPackage = parser.getAttributeValue(null, ATTR_VALUE); 1013 } else if (TAG_SMS_PACKAGE.equals(tag)) { 1014 mSmsPackage = parser.getAttributeValue(null, ATTR_VALUE); 1015 } else if (Flags.provisioningContextParameter() 1016 && TAG_PROVISIONING_CONTEXT.equals(tag)) { 1017 mProvisioningContext = parser.getAttributeValue(null, ATTR_VALUE); 1018 } else { 1019 Slogf.w(LOG_TAG, "Unknown admin tag: %s", tag); 1020 XmlUtils.skipCurrentTag(parser); 1021 } 1022 } 1023 } 1024 readPackagePolicy(TypedXmlPullParser parser)1025 private PackagePolicy readPackagePolicy(TypedXmlPullParser parser) 1026 throws XmlPullParserException, IOException { 1027 int policy = parser.getAttributeInt(null, ATTR_PACKAGE_POLICY_MODE); 1028 Set<String> packageNames = new ArraySet<>( 1029 readPackageList(parser, TAG_PACKAGE_POLICY_PACKAGE_NAMES)); 1030 return new PackagePolicy(policy, packageNames); 1031 } 1032 readWifiSsids(TypedXmlPullParser parser, String tag)1033 private List<WifiSsid> readWifiSsids(TypedXmlPullParser parser, String tag) 1034 throws XmlPullParserException, IOException { 1035 List<String> ssidStrings = new ArrayList<>(); 1036 readAttributeValues(parser, tag, ssidStrings); 1037 List<WifiSsid> ssids = ssidStrings.stream() 1038 .map(ssid -> WifiSsid.fromBytes(ssid.getBytes(StandardCharsets.UTF_8))) 1039 .collect(Collectors.toList()); 1040 return ssids; 1041 } 1042 readPackageList(TypedXmlPullParser parser, String tag)1043 private List<String> readPackageList(TypedXmlPullParser parser, 1044 String tag) throws XmlPullParserException, IOException { 1045 List<String> result = new ArrayList<String>(); 1046 int outerDepth = parser.getDepth(); 1047 int outerType; 1048 while ((outerType = parser.next()) != TypedXmlPullParser.END_DOCUMENT 1049 && (outerType != TypedXmlPullParser.END_TAG || parser.getDepth() > outerDepth)) { 1050 if (outerType == TypedXmlPullParser.END_TAG || outerType == TypedXmlPullParser.TEXT) { 1051 continue; 1052 } 1053 String outerTag = parser.getName(); 1054 if (TAG_PACKAGE_LIST_ITEM.equals(outerTag)) { 1055 String packageName = parser.getAttributeValue(null, ATTR_VALUE); 1056 if (packageName != null) { 1057 result.add(packageName); 1058 } else { 1059 Slogf.w(LOG_TAG, "Package name missing under %s", outerTag); 1060 } 1061 } else { 1062 Slogf.w(LOG_TAG, "Unknown tag under %s: ", tag, outerTag); 1063 } 1064 } 1065 return result; 1066 } 1067 readAttributeValues( TypedXmlPullParser parser, String tag, Collection<String> result)1068 private void readAttributeValues( 1069 TypedXmlPullParser parser, String tag, Collection<String> result) 1070 throws XmlPullParserException, IOException { 1071 result.clear(); 1072 int outerDepthDAM = parser.getDepth(); 1073 int typeDAM; 1074 while ((typeDAM = parser.next()) != END_DOCUMENT 1075 && (typeDAM != END_TAG || parser.getDepth() > outerDepthDAM)) { 1076 if (typeDAM == END_TAG || typeDAM == TEXT) { 1077 continue; 1078 } 1079 String tagDAM = parser.getName(); 1080 if (tag.equals(tagDAM)) { 1081 result.add(parser.getAttributeValue(null, ATTR_VALUE)); 1082 } else { 1083 Slogf.e(LOG_TAG, "Expected tag %s but found %s", tag, tagDAM); 1084 } 1085 } 1086 } 1087 1088 @NonNull getAllTrustAgentInfos( TypedXmlPullParser parser, String tag)1089 private ArrayMap<String, TrustAgentInfo> getAllTrustAgentInfos( 1090 TypedXmlPullParser parser, String tag) throws XmlPullParserException, IOException { 1091 int outerDepthDAM = parser.getDepth(); 1092 int typeDAM; 1093 final ArrayMap<String, TrustAgentInfo> result = new ArrayMap<>(); 1094 while ((typeDAM = parser.next()) != END_DOCUMENT 1095 && (typeDAM != END_TAG || parser.getDepth() > outerDepthDAM)) { 1096 if (typeDAM == END_TAG || typeDAM == TEXT) { 1097 continue; 1098 } 1099 String tagDAM = parser.getName(); 1100 if (TAG_TRUST_AGENT_COMPONENT.equals(tagDAM)) { 1101 final String component = parser.getAttributeValue(null, ATTR_VALUE); 1102 final TrustAgentInfo trustAgentInfo = getTrustAgentInfo(parser, tag); 1103 result.put(component, trustAgentInfo); 1104 } else { 1105 Slogf.w(LOG_TAG, "Unknown tag under %s: %s", tag, tagDAM); 1106 } 1107 } 1108 return result; 1109 } 1110 getTrustAgentInfo(TypedXmlPullParser parser, String outerTag)1111 private TrustAgentInfo getTrustAgentInfo(TypedXmlPullParser parser, String outerTag) 1112 throws XmlPullParserException, IOException { 1113 int outerDepth = parser.getDepth(); 1114 int type; 1115 TrustAgentInfo result = new TrustAgentInfo(null); 1116 while ((type = parser.next()) != END_DOCUMENT 1117 && (type != END_TAG || parser.getDepth() > outerDepth)) { 1118 if (type == END_TAG || type == TEXT) { 1119 continue; 1120 } 1121 String tag = parser.getName(); 1122 if (TAG_TRUST_AGENT_COMPONENT_OPTIONS.equals(tag)) { 1123 result.options = PersistableBundle.restoreFromXml(parser); 1124 } else { 1125 Slogf.w(LOG_TAG, "Unknown tag under %s: %s", outerTag, tag); 1126 } 1127 } 1128 return result; 1129 } 1130 1131 @NonNull getPreferentialNetworkServiceConfigs( TypedXmlPullParser parser, String tag)1132 private List<PreferentialNetworkServiceConfig> getPreferentialNetworkServiceConfigs( 1133 TypedXmlPullParser parser, String tag) throws XmlPullParserException, IOException { 1134 int outerDepth = parser.getDepth(); 1135 int typeDAM; 1136 final List<PreferentialNetworkServiceConfig> result = new ArrayList<>(); 1137 while ((typeDAM = parser.next()) != END_DOCUMENT 1138 && (typeDAM != END_TAG || parser.getDepth() > outerDepth)) { 1139 if (typeDAM == END_TAG || typeDAM == TEXT) { 1140 continue; 1141 } 1142 String tagDAM = parser.getName(); 1143 if (TAG_PREFERENTIAL_NETWORK_SERVICE_CONFIG.equals(tagDAM)) { 1144 final PreferentialNetworkServiceConfig preferentialNetworkServiceConfig = 1145 PreferentialNetworkServiceConfig.getPreferentialNetworkServiceConfig( 1146 parser, tag); 1147 result.add(preferentialNetworkServiceConfig); 1148 } else { 1149 Slogf.w(LOG_TAG, "Unknown tag under %s: %s", tag, tagDAM); 1150 } 1151 } 1152 return result; 1153 } 1154 hasUserRestrictions()1155 boolean hasUserRestrictions() { 1156 return userRestrictions != null && userRestrictions.size() > 0; 1157 } 1158 ensureUserRestrictions()1159 Bundle ensureUserRestrictions() { 1160 if (userRestrictions == null) { 1161 userRestrictions = new Bundle(); 1162 } 1163 return userRestrictions; 1164 } 1165 transfer(DeviceAdminInfo deviceAdminInfo)1166 public void transfer(DeviceAdminInfo deviceAdminInfo) { 1167 if (hasParentActiveAdmin()) { 1168 parentAdmin.info = deviceAdminInfo; 1169 } 1170 info = deviceAdminInfo; 1171 } 1172 addSyntheticRestrictions(Bundle restrictions)1173 Bundle addSyntheticRestrictions(Bundle restrictions) { 1174 if (disableCamera) { 1175 restrictions.putBoolean(UserManager.DISALLOW_CAMERA, true); 1176 } 1177 if (requireAutoTime) { 1178 restrictions.putBoolean(UserManager.DISALLOW_CONFIG_DATE_TIME, true); 1179 } 1180 return restrictions; 1181 } 1182 removeDeprecatedRestrictions(Bundle restrictions)1183 static Bundle removeDeprecatedRestrictions(Bundle restrictions) { 1184 for (String deprecatedRestriction: UserRestrictionsUtils.DEPRECATED_USER_RESTRICTIONS) { 1185 restrictions.remove(deprecatedRestriction); 1186 } 1187 return restrictions; 1188 } 1189 filterRestrictions(Bundle restrictions, Predicate<String> filter)1190 static Bundle filterRestrictions(Bundle restrictions, Predicate<String> filter) { 1191 Bundle result = new Bundle(); 1192 for (String key : restrictions.keySet()) { 1193 if (!restrictions.getBoolean(key)) { 1194 continue; 1195 } 1196 if (filter.test(key)) { 1197 result.putBoolean(key, true); 1198 } 1199 } 1200 return result; 1201 } 1202 getEffectiveRestrictions()1203 Bundle getEffectiveRestrictions() { 1204 return addSyntheticRestrictions( 1205 removeDeprecatedRestrictions(new Bundle(ensureUserRestrictions()))); 1206 } 1207 getLocalUserRestrictions(int adminType)1208 Bundle getLocalUserRestrictions(int adminType) { 1209 return filterRestrictions(getEffectiveRestrictions(), 1210 key -> UserRestrictionsUtils.isLocal(adminType, key)); 1211 } 1212 getGlobalUserRestrictions(int adminType)1213 Bundle getGlobalUserRestrictions(int adminType) { 1214 return filterRestrictions(getEffectiveRestrictions(), 1215 key -> UserRestrictionsUtils.isGlobal(adminType, key)); 1216 } 1217 dumpPackagePolicy(IndentingPrintWriter pw, String name, PackagePolicy policy)1218 void dumpPackagePolicy(IndentingPrintWriter pw, String name, PackagePolicy policy) { 1219 pw.print(name); 1220 pw.println(":"); 1221 if (policy != null) { 1222 pw.increaseIndent(); 1223 pw.print("policyType="); 1224 pw.println(policy.getPolicyType()); 1225 pw.println("packageNames:"); 1226 pw.increaseIndent(); 1227 policy.getPackageNames().forEach(item -> pw.println(item)); 1228 pw.decreaseIndent(); 1229 pw.decreaseIndent(); 1230 } 1231 } 1232 dump(IndentingPrintWriter pw)1233 void dump(IndentingPrintWriter pw) { 1234 pw.print("uid="); 1235 pw.println(getUid()); 1236 1237 pw.print("testOnlyAdmin="); 1238 pw.println(testOnlyAdmin); 1239 1240 if (info != null) { 1241 pw.println("policies:"); 1242 ArrayList<DeviceAdminInfo.PolicyInfo> pols = info.getUsedPolicies(); 1243 if (pols != null) { 1244 pw.increaseIndent(); 1245 for (int i = 0; i < pols.size(); i++) { 1246 pw.println(pols.get(i).tag); 1247 } 1248 pw.decreaseIndent(); 1249 } 1250 } 1251 1252 pw.print("passwordQuality=0x"); 1253 pw.println(Integer.toHexString(mPasswordPolicy.quality)); 1254 1255 pw.print("minimumPasswordLength="); 1256 pw.println(mPasswordPolicy.length); 1257 1258 pw.print("passwordHistoryLength="); 1259 pw.println(passwordHistoryLength); 1260 1261 pw.print("minimumPasswordUpperCase="); 1262 pw.println(mPasswordPolicy.upperCase); 1263 1264 pw.print("minimumPasswordLowerCase="); 1265 pw.println(mPasswordPolicy.lowerCase); 1266 1267 pw.print("minimumPasswordLetters="); 1268 pw.println(mPasswordPolicy.letters); 1269 1270 pw.print("minimumPasswordNumeric="); 1271 pw.println(mPasswordPolicy.numeric); 1272 1273 pw.print("minimumPasswordSymbols="); 1274 pw.println(mPasswordPolicy.symbols); 1275 1276 pw.print("minimumPasswordNonLetter="); 1277 pw.println(mPasswordPolicy.nonLetter); 1278 1279 pw.print("maximumTimeToUnlock="); 1280 pw.println(maximumTimeToUnlock); 1281 1282 pw.print("strongAuthUnlockTimeout="); 1283 pw.println(strongAuthUnlockTimeout); 1284 1285 pw.print("maximumFailedPasswordsForWipe="); 1286 pw.println(maximumFailedPasswordsForWipe); 1287 1288 pw.print("specifiesGlobalProxy="); 1289 pw.println(specifiesGlobalProxy); 1290 1291 pw.print("passwordExpirationTimeout="); 1292 pw.println(passwordExpirationTimeout); 1293 1294 pw.print("passwordExpirationDate="); 1295 pw.println(passwordExpirationDate); 1296 1297 if (globalProxySpec != null) { 1298 pw.print("globalProxySpec="); 1299 pw.println(globalProxySpec); 1300 } 1301 if (globalProxyExclusionList != null) { 1302 pw.print("globalProxyEclusionList="); 1303 pw.println(globalProxyExclusionList); 1304 } 1305 pw.print("encryptionRequested="); 1306 pw.println(encryptionRequested); 1307 1308 pw.print("disableCallerId="); 1309 pw.println(disableCallerId); 1310 1311 pw.print("disableContactsSearch="); 1312 pw.println(disableContactsSearch); 1313 1314 pw.print("disableBluetoothContactSharing="); 1315 pw.println(disableBluetoothContactSharing); 1316 1317 pw.print("forceEphemeralUsers="); 1318 pw.println(forceEphemeralUsers); 1319 1320 pw.print("isNetworkLoggingEnabled="); 1321 pw.println(isNetworkLoggingEnabled); 1322 1323 pw.print("disabledKeyguardFeatures="); 1324 pw.println(disabledKeyguardFeatures); 1325 1326 pw.print("crossProfileWidgetProviders="); 1327 pw.println(crossProfileWidgetProviders); 1328 1329 if (permittedAccessiblityServices != null) { 1330 pw.print("permittedAccessibilityServices="); 1331 pw.println(permittedAccessiblityServices); 1332 } 1333 1334 if (permittedNotificationListeners != null) { 1335 pw.print("permittedNotificationListeners="); 1336 pw.println(permittedNotificationListeners); 1337 } 1338 1339 if (keepUninstalledPackages != null) { 1340 pw.print("keepUninstalledPackages="); 1341 pw.println(keepUninstalledPackages); 1342 } 1343 1344 if (meteredDisabledPackages != null) { 1345 pw.print("meteredDisabledPackages="); 1346 pw.println(meteredDisabledPackages); 1347 } 1348 1349 if (protectedPackages != null) { 1350 pw.print("protectedPackages="); 1351 pw.println(protectedPackages); 1352 } 1353 1354 if (suspendedPackages != null) { 1355 pw.print("suspendedPackages="); 1356 pw.println(suspendedPackages); 1357 } 1358 1359 pw.print("organizationColor="); 1360 pw.println(organizationColor); 1361 1362 if (organizationName != null) { 1363 pw.print("organizationName="); 1364 pw.println(organizationName); 1365 } 1366 1367 pw.print("defaultEnabledRestrictionsAlreadySet="); 1368 pw.println(defaultEnabledRestrictionsAlreadySet); 1369 1370 1371 dumpPackagePolicy(pw, "managedProfileCallerIdPolicy", 1372 mManagedProfileCallerIdAccess); 1373 1374 dumpPackagePolicy(pw, "managedProfileContactsPolicy", 1375 mManagedProfileContactsAccess); 1376 1377 dumpPackagePolicy(pw, "credentialManagerPolicy", 1378 mCredentialManagerPolicy); 1379 1380 pw.print("isParent="); 1381 pw.println(isParent); 1382 1383 if (parentAdmin != null) { 1384 pw.println("parentAdmin:"); 1385 pw.increaseIndent(); 1386 parentAdmin.dump(pw); 1387 pw.decreaseIndent(); 1388 } 1389 1390 if (mCrossProfileCalendarPackages != null) { 1391 pw.print("mCrossProfileCalendarPackages="); 1392 pw.println(mCrossProfileCalendarPackages); 1393 } 1394 1395 pw.print("mCrossProfilePackages="); 1396 pw.println(mCrossProfilePackages); 1397 1398 pw.print("mSuspendPersonalApps="); 1399 pw.println(mSuspendPersonalApps); 1400 1401 pw.print("mProfileMaximumTimeOffMillis="); 1402 pw.println(mProfileMaximumTimeOffMillis); 1403 1404 pw.print("mProfileOffDeadline="); 1405 pw.println(mProfileOffDeadline); 1406 1407 pw.print("mAlwaysOnVpnPackage="); 1408 pw.println(mAlwaysOnVpnPackage); 1409 1410 pw.print("mAlwaysOnVpnLockdown="); 1411 pw.println(mAlwaysOnVpnLockdown); 1412 1413 pw.print("mCommonCriteriaMode="); 1414 pw.println(mCommonCriteriaMode); 1415 1416 pw.print("mPasswordComplexity="); 1417 pw.println(mPasswordComplexity); 1418 1419 pw.print("mNearbyNotificationStreamingPolicy="); 1420 pw.println(mNearbyNotificationStreamingPolicy); 1421 1422 pw.print("mNearbyAppStreamingPolicy="); 1423 pw.println(mNearbyAppStreamingPolicy); 1424 1425 if (!TextUtils.isEmpty(mOrganizationId)) { 1426 pw.print("mOrganizationId="); 1427 pw.println(mOrganizationId); 1428 } 1429 1430 if (!TextUtils.isEmpty(mEnrollmentSpecificId)) { 1431 pw.print("mEnrollmentSpecificId="); 1432 pw.println(mEnrollmentSpecificId); 1433 } 1434 1435 pw.print("mAdminCanGrantSensorsPermissions="); 1436 pw.println(mAdminCanGrantSensorsPermissions); 1437 1438 pw.print("mWifiMinimumSecurityLevel="); 1439 pw.println(mWifiMinimumSecurityLevel); 1440 1441 if (mWifiSsidPolicy != null) { 1442 if (mWifiSsidPolicy.getPolicyType() == WIFI_SSID_POLICY_TYPE_ALLOWLIST) { 1443 pw.print("mSsidAllowlist="); 1444 } else { 1445 pw.print("mSsidDenylist="); 1446 } 1447 pw.println(ssidsToStrings(mWifiSsidPolicy.getSsids())); 1448 } 1449 1450 if (mFactoryResetProtectionPolicy != null) { 1451 pw.println("mFactoryResetProtectionPolicy:"); 1452 pw.increaseIndent(); 1453 mFactoryResetProtectionPolicy.dump(pw); 1454 pw.decreaseIndent(); 1455 } 1456 1457 if (mPreferentialNetworkServiceConfigs != null) { 1458 pw.println("mPreferentialNetworkServiceConfigs:"); 1459 pw.increaseIndent(); 1460 for (PreferentialNetworkServiceConfig config : mPreferentialNetworkServiceConfigs) { 1461 config.dump(pw); 1462 } 1463 pw.decreaseIndent(); 1464 } 1465 1466 pw.print("mtePolicy="); 1467 pw.println(mtePolicy); 1468 1469 pw.print("accountTypesWithManagementDisabled="); 1470 pw.println(accountTypesWithManagementDisabled); 1471 1472 if (mManagedSubscriptionsPolicy != null) { 1473 pw.println("mManagedSubscriptionsPolicy:"); 1474 pw.increaseIndent(); 1475 pw.println(mManagedSubscriptionsPolicy); 1476 pw.decreaseIndent(); 1477 } 1478 1479 pw.print("mDialerPackage="); 1480 pw.println(mDialerPackage); 1481 pw.print("mSmsPackage="); 1482 pw.println(mSmsPackage); 1483 1484 if (Flags.provisioningContextParameter()) { 1485 pw.print("mProvisioningContext="); 1486 pw.println(mProvisioningContext); 1487 } 1488 1489 if (info != null) { 1490 pw.println("DeviceAdminInfo:"); 1491 pw.increaseIndent(); 1492 info.dump(new PrintWriterPrinter(pw), ""); 1493 pw.decreaseIndent(); 1494 } 1495 } 1496 } 1497