# @ohos.enterprise.securityManager(安全管ç†ï¼‰(系统接å£)
本模å—æ供设备安全管ç†çš„能力,包括查询安全补ä¸çŠ¶æ€ã€æŸ¥è¯¢æ–‡ä»¶åŠ 密状æ€ç‰ã€‚
> **说明:**
>
> 本模å—首批接å£ä»ŽAPI version 11开始支æŒã€‚åŽç»ç‰ˆæœ¬çš„新增接å£ï¼Œé‡‡ç”¨ä¸Šè§’æ ‡å•ç‹¬æ ‡è®°æŽ¥å£çš„起始版本。
>
> 本模å—接å£ä»…å¯åœ¨Stage模型下使用。
>
> 本模å—接å£ä»…对[设备管ç†åº”用](../../mdm/mdm-kit-guide.md#功能介ç»)开放,需将[设备管ç†åº”用激活](js-apis-enterprise-adminManager-sys.md#adminmanagerenableadmin)åŽè°ƒç”¨ï¼Œå®žçŽ°ç›¸åº”功能。
>
> 当å‰é¡µé¢ä»…包å«æœ¬æ¨¡å—的系统接å£ï¼Œå…¶ä»–公开接å£å‚è§ã€‚其他公开接å£å‚è§[@ohos.enterprise.securityManager](js-apis-enterprise-securityManager.md)。
## 导入模å—
```ts
import { securityManager } from '@kit.MDMKit';
```
## securityManager.getSecurityPatchTag
getSecurityPatchTag(admin: Want): string
以åŒæ¥æ–¹æ³•æŸ¥è¯¢è®¾å¤‡å®‰å…¨è¡¥ä¸Tag。æˆåŠŸè¿”回安全补ä¸Tag,失败抛出对应异常。
**需è¦æƒé™ï¼š** ohos.permission.ENTERPRISE_MANAGE_SECURITY
**系统能力:** SystemCapability.Customization.EnterpriseDeviceManager
**系统API:** æ¤æŽ¥å£ä¸ºç³»ç»ŸæŽ¥å£ã€‚
**å‚数:**
| å‚æ•°å | 类型 | å¿…å¡« | 说明 |
| ----- | ----------------------------------- | ---- | ------- |
| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | 是 | 设备管ç†åº”用。 |
**返回值:**
| 类型 | 说明 |
| --------------------- | ------------------------- |
| string | è¡¥ä¸Tag结果,返回补ä¸Tagå—符串。 |
**错误ç **:
以下错误ç 的详细介ç»è¯·å‚è§[ä¼ä¸šè®¾å¤‡ç®¡ç†é”™è¯¯ç ](errorcode-enterpriseDeviceManager.md)å’Œ[通用错误ç ](../errorcode-universal.md)。
| 错误ç ID | é”™è¯¯ä¿¡æ¯ |
| ------- | ---------------------------------------------------------------------------- |
| 9200001 | The application is not an administrator application of the device. |
| 9200002 | The administrator application does not have permission to manage the device. |
| 201 | Permission verification failed. The application does not have the permission required to call the API. |
| 202 | Permission verification failed. A non-system application calls a system API. |
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. |
**示例:**
```ts
import { Want } from '@kit.AbilityKit';
let wantTemp: Want = {
bundleName: 'com.example.myapplication',
abilityName: 'EntryAbility',
};
try {
let res: string = securityManager.getSecurityPatchTag(wantTemp);
console.info(`Succeeded in getting security patch tag. tag: ${res}`);
} catch(err) {
console.error(`Failed to get security patch tag. Code: ${err.code}, message: ${err.message}`);
}
```
## securityManager.getDeviceEncryptionStatus
getDeviceEncryptionStatus(admin: Want): DeviceEncryptionStatus
以åŒæ¥æ–¹æ³•æŸ¥è¯¢è®¾å¤‡æ–‡ä»¶ç³»ç»ŸåŠ 密状æ€ã€‚æˆåŠŸè¿”å›žè®¾å¤‡æ–‡ä»¶ç³»ç»ŸåŠ å¯†çŠ¶æ€ï¼Œå¤±è´¥æŠ›å‡ºå¯¹åº”异常。
**需è¦æƒé™ï¼š** ohos.permission.ENTERPRISE_MANAGE_SECURITY
**系统能力:** SystemCapability.Customization.EnterpriseDeviceManager
**系统API:** æ¤æŽ¥å£ä¸ºç³»ç»ŸæŽ¥å£ã€‚
**å‚数:**
| å‚æ•°å | 类型 | å¿…å¡« | 说明 |
| -------- | ---------------------------------------- | ---- | ------------------------------- |
| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | 是 | 设备管ç†åº”用。 |
**返回值:**
| 类型 | 说明 |
| ---------------------- | ------------------------------------------------------ |
| DeviceEncryptionStatus | æ–‡ä»¶åŠ å¯†çŠ¶æ€ç»“构体,现åªå«æœ‰æ˜¯å¦è¿›è¡ŒåŠ 密å—段(bool)。 |
**错误ç **:
以下错误ç 的详细介ç»è¯·å‚è§[ä¼ä¸šè®¾å¤‡ç®¡ç†é”™è¯¯ç ](errorcode-enterpriseDeviceManager.md)å’Œ[通用错误ç ](../errorcode-universal.md)。
| 错误ç ID | é”™è¯¯ä¿¡æ¯ |
| ------- | ---------------------------------------------------------------------------- |
| 9200001 | The application is not an administrator application of the device. |
| 9200002 | The administrator application does not have permission to manage the device. |
| 201 | Permission verification failed. The application does not have the permission required to call the API. |
| 202 | Permission verification failed. A non-system application calls a system API. |
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. |
**示例:**
```ts
import { Want } from '@kit.AbilityKit';
let wantTemp: Want = {
bundleName: 'com.example.myapplication',
abilityName: 'EntryAbility',
};
try {
let result: securityManager.DeviceEncryptionStatus = securityManager.getDeviceEncryptionStatus(wantTemp);
console.info(`Succeeded in getting device encryption status. isEncrypted: ${result.isEncrypted}`);
} catch(err) {
console.error(`Failed to get device encryption status. Code: ${err.code}, message: ${err.message}`);
}
```
## securityManager.getPasswordPolicy<sup>12+</sup>
getPasswordPolicy(): PasswordPolicy
获å–设备å£ä»¤ç–略。
**系统能力:** SystemCapability.Customization.EnterpriseDeviceManager
**系统API:** æ¤æŽ¥å£ä¸ºç³»ç»ŸæŽ¥å£ã€‚
**返回值:**
| 类型 | 说明 |
| --------------------- | ------------------------- |
| [PasswordPolicy](./js-apis-enterprise-securityManager.md#passwordpolicy) | 设备å£ä»¤ç–略。 |
**错误ç **:
以下错误ç 的详细介ç»è¯·å‚è§[通用错误ç ](../errorcode-universal.md)。
| 错误ç ID | é”™è¯¯ä¿¡æ¯ |
| ------- | ---------------------------------------------------------------------------- |
| 202 | Permission verification failed. A non-system application calls a system API. |
**示例:**
```ts
try {
let result: securityManager.PasswordPolicy = securityManager.getPasswordPolicy();
console.info(`Succeeded in getting password policy, result : ${JSON.stringify(result)}`);
} catch(err) {
console.error(`Failed to get password policy. Code: ${err.code}, message: ${err.message}`);
}
```
## DeviceEncryptionStatus
设备管ç†åº”ç”¨çš„æ–‡ä»¶ç³»ç»ŸåŠ å¯†çŠ¶æ€ã€‚
**系统能力:** SystemCapability.Customization.EnterpriseDeviceManager
**系统API**: æ¤æŽ¥å£ä¸ºç³»ç»ŸæŽ¥å£ã€‚
| å称 | 类型 | å¿…å¡« | 说明 |
| ----------- | --------| ---- | ------------------------------- |
| isEncrypted | boolean | 是 | 表示设备的文件系统是å¦åŠ 密。true:è¡¨ç¤ºå·²åŠ å¯† false:è¡¨ç¤ºæœªåŠ å¯† |