1 /* 2 * Copyright (C) 2020 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.server.devicepolicy; 18 19 import static android.app.admin.DevicePolicyManager.NEARBY_STREAMING_SAME_MANAGED_ACCOUNT_ONLY; 20 import static android.app.admin.DevicePolicyManager.PASSWORD_COMPLEXITY_NONE; 21 import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED; 22 import static android.app.admin.WifiSsidPolicy.WIFI_SSID_POLICY_TYPE_ALLOWLIST; 23 import static android.app.admin.WifiSsidPolicy.WIFI_SSID_POLICY_TYPE_DENYLIST; 24 import static android.net.NetworkCapabilities.NET_ENTERPRISE_ID_1; 25 26 import static com.android.server.devicepolicy.DevicePolicyManagerService.LOG_TAG; 27 28 import static org.xmlpull.v1.XmlPullParser.END_DOCUMENT; 29 import static org.xmlpull.v1.XmlPullParser.END_TAG; 30 import static org.xmlpull.v1.XmlPullParser.TEXT; 31 32 import android.annotation.NonNull; 33 import android.annotation.Nullable; 34 import android.app.admin.DeviceAdminInfo; 35 import android.app.admin.DevicePolicyManager; 36 import android.app.admin.FactoryResetProtectionPolicy; 37 import android.app.admin.ManagedSubscriptionsPolicy; 38 import android.app.admin.PackagePolicy; 39 import android.app.admin.PasswordPolicy; 40 import android.app.admin.PreferentialNetworkServiceConfig; 41 import android.app.admin.WifiSsidPolicy; 42 import android.graphics.Color; 43 import android.net.wifi.WifiSsid; 44 import android.os.Bundle; 45 import android.os.PersistableBundle; 46 import android.os.UserHandle; 47 import android.os.UserManager; 48 import android.text.TextUtils; 49 import android.util.ArrayMap; 50 import android.util.ArraySet; 51 import android.util.IndentingPrintWriter; 52 53 import com.android.internal.util.Preconditions; 54 import com.android.internal.util.XmlUtils; 55 import com.android.modules.utils.TypedXmlPullParser; 56 import com.android.modules.utils.TypedXmlSerializer; 57 import com.android.server.pm.UserRestrictionsUtils; 58 import com.android.server.utils.Slogf; 59 60 import org.xmlpull.v1.XmlPullParserException; 61 62 import java.io.IOException; 63 import java.nio.charset.StandardCharsets; 64 import java.util.ArrayList; 65 import java.util.Collection; 66 import java.util.Collections; 67 import java.util.List; 68 import java.util.Map; 69 import java.util.Set; 70 import java.util.function.Predicate; 71 import java.util.stream.Collectors; 72 73 class ActiveAdmin { 74 75 private final int userId; 76 public final boolean isPermissionBased; 77 78 private static final String TAG_DISABLE_KEYGUARD_FEATURES = "disable-keyguard-features"; 79 private static final String TAG_TEST_ONLY_ADMIN = "test-only-admin"; 80 private static final String TAG_DISABLE_CAMERA = "disable-camera"; 81 private static final String TAG_DISABLE_CALLER_ID = "disable-caller-id"; 82 private static final String TAG_DISABLE_CONTACTS_SEARCH = "disable-contacts-search"; 83 private static final String TAG_DISABLE_BLUETOOTH_CONTACT_SHARING = 84 "disable-bt-contacts-sharing"; 85 private static final String TAG_DISABLE_SCREEN_CAPTURE = "disable-screen-capture"; 86 private static final String TAG_DISABLE_ACCOUNT_MANAGEMENT = "disable-account-management"; 87 private static final String TAG_NEARBY_NOTIFICATION_STREAMING_POLICY = 88 "nearby-notification-streaming-policy"; 89 private static final String TAG_NEARBY_APP_STREAMING_POLICY = 90 "nearby-app-streaming-policy"; 91 private static final String TAG_REQUIRE_AUTO_TIME = "require_auto_time"; 92 private static final String TAG_FORCE_EPHEMERAL_USERS = "force_ephemeral_users"; 93 private static final String TAG_IS_NETWORK_LOGGING_ENABLED = "is_network_logging_enabled"; 94 private static final String TAG_ACCOUNT_TYPE = "account-type"; 95 private static final String TAG_PERMITTED_ACCESSIBILITY_SERVICES = 96 "permitted-accessiblity-services"; 97 private static final String TAG_ENCRYPTION_REQUESTED = "encryption-requested"; 98 private static final String TAG_MANAGE_TRUST_AGENT_FEATURES = "manage-trust-agent-features"; 99 private static final String TAG_TRUST_AGENT_COMPONENT_OPTIONS = "trust-agent-component-options"; 100 private static final String TAG_TRUST_AGENT_COMPONENT = "component"; 101 private static final String TAG_PASSWORD_EXPIRATION_DATE = "password-expiration-date"; 102 private static final String TAG_PASSWORD_EXPIRATION_TIMEOUT = "password-expiration-timeout"; 103 private static final String TAG_GLOBAL_PROXY_EXCLUSION_LIST = "global-proxy-exclusion-list"; 104 private static final String TAG_GLOBAL_PROXY_SPEC = "global-proxy-spec"; 105 private static final String TAG_SPECIFIES_GLOBAL_PROXY = "specifies-global-proxy"; 106 private static final String TAG_PERMITTED_IMES = "permitted-imes"; 107 private static final String TAG_PERMITTED_NOTIFICATION_LISTENERS = 108 "permitted-notification-listeners"; 109 private static final String TAG_MAX_FAILED_PASSWORD_WIPE = "max-failed-password-wipe"; 110 private static final String TAG_MAX_TIME_TO_UNLOCK = "max-time-to-unlock"; 111 private static final String TAG_STRONG_AUTH_UNLOCK_TIMEOUT = "strong-auth-unlock-timeout"; 112 private static final String TAG_MIN_PASSWORD_NONLETTER = "min-password-nonletter"; 113 private static final String TAG_MIN_PASSWORD_SYMBOLS = "min-password-symbols"; 114 private static final String TAG_MIN_PASSWORD_NUMERIC = "min-password-numeric"; 115 private static final String TAG_MIN_PASSWORD_LETTERS = "min-password-letters"; 116 private static final String TAG_MIN_PASSWORD_LOWERCASE = "min-password-lowercase"; 117 private static final String TAG_MIN_PASSWORD_UPPERCASE = "min-password-uppercase"; 118 private static final String TAG_PASSWORD_HISTORY_LENGTH = "password-history-length"; 119 private static final String TAG_MIN_PASSWORD_LENGTH = "min-password-length"; 120 private static final String TAG_PASSWORD_QUALITY = "password-quality"; 121 private static final String TAG_POLICIES = "policies"; 122 private static final String TAG_CROSS_PROFILE_WIDGET_PROVIDERS = 123 "cross-profile-widget-providers"; 124 private static final String TAG_PROVIDER = "provider"; 125 private static final String TAG_PACKAGE_LIST_ITEM = "item"; 126 private static final String TAG_KEEP_UNINSTALLED_PACKAGES = "keep-uninstalled-packages"; 127 private static final String TAG_USER_RESTRICTIONS = "user-restrictions"; 128 private static final String TAG_DEFAULT_ENABLED_USER_RESTRICTIONS = 129 "default-enabled-user-restrictions"; 130 private static final String TAG_RESTRICTION = "restriction"; 131 private static final String TAG_SHORT_SUPPORT_MESSAGE = "short-support-message"; 132 private static final String TAG_LONG_SUPPORT_MESSAGE = "long-support-message"; 133 private static final String TAG_PARENT_ADMIN = "parent-admin"; 134 private static final String TAG_ORGANIZATION_COLOR = "organization-color"; 135 private static final String TAG_ORGANIZATION_NAME = "organization-name"; 136 private static final String TAG_IS_LOGOUT_ENABLED = "is_logout_enabled"; 137 private static final String TAG_START_USER_SESSION_MESSAGE = "start_user_session_message"; 138 private static final String TAG_END_USER_SESSION_MESSAGE = "end_user_session_message"; 139 private static final String TAG_METERED_DATA_DISABLED_PACKAGES = 140 "metered_data_disabled_packages"; 141 private static final String TAG_CROSS_PROFILE_CALENDAR_PACKAGES = 142 "cross-profile-calendar-packages"; 143 private static final String TAG_CROSS_PROFILE_CALENDAR_PACKAGES_NULL = 144 "cross-profile-calendar-packages-null"; 145 private static final String TAG_CROSS_PROFILE_PACKAGES = "cross-profile-packages"; 146 private static final String TAG_FACTORY_RESET_PROTECTION_POLICY = 147 "factory_reset_protection_policy"; 148 private static final String TAG_SUSPEND_PERSONAL_APPS = "suspend-personal-apps"; 149 private static final String TAG_PROFILE_MAXIMUM_TIME_OFF = "profile-max-time-off"; 150 private static final String TAG_PROFILE_OFF_DEADLINE = "profile-off-deadline"; 151 private static final String TAG_ALWAYS_ON_VPN_PACKAGE = "vpn-package"; 152 private static final String TAG_ALWAYS_ON_VPN_LOCKDOWN = "vpn-lockdown"; 153 private static final String TAG_COMMON_CRITERIA_MODE = "common-criteria-mode"; 154 private static final String TAG_PASSWORD_COMPLEXITY = "password-complexity"; 155 private static final String TAG_ORGANIZATION_ID = "organization-id"; 156 private static final String TAG_ENROLLMENT_SPECIFIC_ID = "enrollment-specific-id"; 157 private static final String TAG_ADMIN_CAN_GRANT_SENSORS_PERMISSIONS = 158 "admin-can-grant-sensors-permissions"; 159 private static final String TAG_PREFERENTIAL_NETWORK_SERVICE_ENABLED = 160 "preferential-network-service-enabled"; 161 private static final String TAG_USB_DATA_SIGNALING = "usb-data-signaling"; 162 private static final String TAG_WIFI_MIN_SECURITY = "wifi-min-security"; 163 private static final String TAG_SSID_ALLOWLIST = "ssid-allowlist"; 164 private static final String TAG_SSID_DENYLIST = "ssid-denylist"; 165 private static final String TAG_SSID = "ssid"; 166 private static final String TAG_CROSS_PROFILE_CALLER_ID_POLICY = "caller-id-policy"; 167 private static final String TAG_CROSS_PROFILE_CONTACTS_SEARCH_POLICY = "contacts-policy"; 168 private static final String TAG_PACKAGE_POLICY_PACKAGE_NAMES = "package-policy-packages"; 169 private static final String TAG_PREFERENTIAL_NETWORK_SERVICE_CONFIGS = 170 "preferential_network_service_configs"; 171 private static final String TAG_PREFERENTIAL_NETWORK_SERVICE_CONFIG = 172 "preferential_network_service_config"; 173 private static final String TAG_PROTECTED_PACKAGES = "protected_packages"; 174 private static final String TAG_SUSPENDED_PACKAGES = "suspended-packages"; 175 private static final String TAG_MTE_POLICY = "mte-policy"; 176 private static final String TAG_MANAGED_SUBSCRIPTIONS_POLICY = "managed_subscriptions_policy"; 177 private static final String ATTR_VALUE = "value"; 178 private static final String ATTR_LAST_NETWORK_LOGGING_NOTIFICATION = "last-notification"; 179 private static final String ATTR_NUM_NETWORK_LOGGING_NOTIFICATIONS = "num-notifications"; 180 private static final String ATTR_PACKAGE_POLICY_MODE = "package-policy-type"; 181 private static final String TAG_CREDENTIAL_MANAGER_POLICY = "credential-manager-policy"; 182 private static final String TAG_DIALER_PACKAGE = "dialer_package"; 183 private static final String TAG_SMS_PACKAGE = "sms_package"; 184 185 // If the ActiveAdmin is a permission-based admin, then info will be null because the 186 // permission-based admin is not mapped to a device administrator component. 187 DeviceAdminInfo info; 188 189 static final int DEF_PASSWORD_HISTORY_LENGTH = 0; 190 int passwordHistoryLength = DEF_PASSWORD_HISTORY_LENGTH; 191 192 @NonNull 193 PasswordPolicy mPasswordPolicy = new PasswordPolicy(); 194 195 @DevicePolicyManager.PasswordComplexity 196 int mPasswordComplexity = PASSWORD_COMPLEXITY_NONE; 197 198 @DevicePolicyManager.NearbyStreamingPolicy 199 int mNearbyNotificationStreamingPolicy = NEARBY_STREAMING_SAME_MANAGED_ACCOUNT_ONLY; 200 201 @DevicePolicyManager.NearbyStreamingPolicy 202 int mNearbyAppStreamingPolicy = NEARBY_STREAMING_SAME_MANAGED_ACCOUNT_ONLY; 203 204 @Nullable 205 FactoryResetProtectionPolicy mFactoryResetProtectionPolicy = null; 206 207 static final long DEF_MAXIMUM_TIME_TO_UNLOCK = 0; 208 long maximumTimeToUnlock = DEF_MAXIMUM_TIME_TO_UNLOCK; 209 210 long strongAuthUnlockTimeout = 0; // admin doesn't participate by default 211 212 static final int DEF_MAXIMUM_FAILED_PASSWORDS_FOR_WIPE = 0; 213 int maximumFailedPasswordsForWipe = DEF_MAXIMUM_FAILED_PASSWORDS_FOR_WIPE; 214 215 static final long DEF_PASSWORD_EXPIRATION_TIMEOUT = 0; 216 long passwordExpirationTimeout = DEF_PASSWORD_EXPIRATION_TIMEOUT; 217 218 static final long DEF_PASSWORD_EXPIRATION_DATE = 0; 219 long passwordExpirationDate = DEF_PASSWORD_EXPIRATION_DATE; 220 221 static final int DEF_KEYGUARD_FEATURES_DISABLED = 0; // none 222 223 int disabledKeyguardFeatures = DEF_KEYGUARD_FEATURES_DISABLED; 224 225 boolean encryptionRequested = false; 226 boolean testOnlyAdmin = false; 227 boolean disableCamera = false; 228 boolean disableCallerId = false; 229 boolean disableContactsSearch = false; 230 boolean disableBluetoothContactSharing = true; 231 boolean disableScreenCapture = false; 232 boolean requireAutoTime = false; 233 boolean forceEphemeralUsers = false; 234 boolean isNetworkLoggingEnabled = false; 235 boolean isLogoutEnabled = false; 236 237 // one notification after enabling + one more after reboots 238 static final int DEF_MAXIMUM_NETWORK_LOGGING_NOTIFICATIONS_SHOWN = 2; 239 int numNetworkLoggingNotifications = 0; 240 long lastNetworkLoggingNotificationTimeMs = 0; // Time in milliseconds since epoch 241 242 @DevicePolicyManager.MtePolicy int mtePolicy = DevicePolicyManager.MTE_NOT_CONTROLLED_BY_POLICY; 243 244 ActiveAdmin parentAdmin; 245 final boolean isParent; 246 247 static class TrustAgentInfo { 248 public PersistableBundle options; TrustAgentInfo(PersistableBundle bundle)249 TrustAgentInfo(PersistableBundle bundle) { 250 options = bundle; 251 } 252 } 253 254 // The list of packages which are not allowed to use metered data. 255 List<String> meteredDisabledPackages; 256 257 final Set<String> accountTypesWithManagementDisabled = new ArraySet<>(); 258 259 // The list of permitted accessibility services package namesas set by a profile 260 // or device owner. Null means all accessibility services are allowed, empty means 261 // none except system services are allowed. 262 List<String> permittedAccessiblityServices; 263 264 // The list of permitted input methods package names as set by a profile or device owner. 265 // Null means all input methods are allowed, empty means none except system imes are 266 // allowed. 267 List<String> permittedInputMethods; 268 269 // The list of packages allowed to use a NotificationListenerService to receive events for 270 // notifications from this user. Null means that all packages are allowed. Empty list means 271 // that only packages from the system are allowed. 272 List<String> permittedNotificationListeners; 273 274 // List of package names to keep cached. 275 List<String> keepUninstalledPackages; 276 277 // List of packages for which the user cannot invoke "clear data" or "force stop". 278 List<String> protectedPackages; 279 280 List<String> suspendedPackages; 281 282 // Wi-Fi SSID restriction policy. 283 WifiSsidPolicy mWifiSsidPolicy; 284 285 // Managed subscriptions policy. 286 ManagedSubscriptionsPolicy mManagedSubscriptionsPolicy; 287 288 // TODO: review implementation decisions with frameworks team 289 boolean specifiesGlobalProxy = false; 290 String globalProxySpec = null; 291 String globalProxyExclusionList = null; 292 293 @NonNull 294 ArrayMap<String, TrustAgentInfo> trustAgentInfos = new ArrayMap<>(); 295 296 List<String> crossProfileWidgetProviders; 297 298 Bundle userRestrictions; 299 300 // User restrictions that have already been enabled by default for this admin (either when 301 // setting the device or profile owner, or during a system update if one of those "enabled 302 // by default" restrictions is newly added). 303 final Set<String> defaultEnabledRestrictionsAlreadySet = new ArraySet<>(); 304 305 // Support text provided by the admin to display to the user. 306 CharSequence shortSupportMessage = null; 307 CharSequence longSupportMessage = null; 308 309 // Background color of confirm credentials screen. Default: teal. 310 static final int DEF_ORGANIZATION_COLOR = Color.parseColor("#00796B"); 311 int organizationColor = DEF_ORGANIZATION_COLOR; 312 313 // Default title of confirm credentials screen 314 String organizationName = null; 315 316 // Message for user switcher 317 String startUserSessionMessage = null; 318 String endUserSessionMessage = null; 319 320 // The allow list of packages that can access cross profile calendar APIs. 321 // This allow list should be in default an empty list, which indicates that no package 322 // is allow listed. 323 List<String> mCrossProfileCalendarPackages = Collections.emptyList(); 324 325 // The allow list of packages that the admin has enabled to be able to request consent from 326 // the user to communicate cross-profile. By default, no packages are allowed, which is 327 // represented as an empty list. 328 List<String> mCrossProfilePackages = Collections.emptyList(); 329 330 // Whether the admin explicitly requires personal apps to be suspended 331 boolean mSuspendPersonalApps = false; 332 // Maximum time the profile owned by this admin can be off. 333 long mProfileMaximumTimeOffMillis = 0; 334 // Time by which the profile should be turned on according to System.currentTimeMillis(). 335 long mProfileOffDeadline = 0; 336 337 // The package policy for Cross Profile Contacts Search 338 PackagePolicy mManagedProfileCallerIdAccess = null; 339 340 // The package policy for Cross Profile Contacts Search 341 PackagePolicy mManagedProfileContactsAccess = null; 342 343 // The package policy for Credential Manager 344 PackagePolicy mCredentialManagerPolicy = null; 345 346 public String mAlwaysOnVpnPackage; 347 public boolean mAlwaysOnVpnLockdown; 348 boolean mCommonCriteriaMode; 349 public String mOrganizationId; 350 public String mEnrollmentSpecificId; 351 public boolean mAdminCanGrantSensorsPermissions; 352 public List<PreferentialNetworkServiceConfig> mPreferentialNetworkServiceConfigs = 353 List.of(PreferentialNetworkServiceConfig.DEFAULT); 354 355 private static final boolean USB_DATA_SIGNALING_ENABLED_DEFAULT = true; 356 boolean mUsbDataSignalingEnabled = USB_DATA_SIGNALING_ENABLED_DEFAULT; 357 358 int mWifiMinimumSecurityLevel = DevicePolicyManager.WIFI_SECURITY_OPEN; 359 String mDialerPackage; 360 String mSmsPackage; 361 ActiveAdmin(DeviceAdminInfo info, boolean isParent)362 ActiveAdmin(DeviceAdminInfo info, boolean isParent) { 363 this.userId = -1; 364 this.info = info; 365 this.isParent = isParent; 366 this.isPermissionBased = false; 367 } 368 ActiveAdmin(int userId, boolean permissionBased)369 ActiveAdmin(int userId, boolean permissionBased) { 370 if (permissionBased == false) { 371 throw new IllegalArgumentException("Can only pass true for permissionBased admin"); 372 } 373 this.userId = userId; 374 this.isPermissionBased = permissionBased; 375 this.isParent = false; 376 this.info = null; 377 } 378 getParentActiveAdmin()379 ActiveAdmin getParentActiveAdmin() { 380 Preconditions.checkState(!isParent); 381 382 if (parentAdmin == null) { 383 parentAdmin = new ActiveAdmin(info, /* parent */ true); 384 } 385 return parentAdmin; 386 } 387 hasParentActiveAdmin()388 boolean hasParentActiveAdmin() { 389 return parentAdmin != null; 390 } 391 getUid()392 int getUid() { 393 if (isPermissionBased) { 394 return -1; 395 } 396 return info.getActivityInfo().applicationInfo.uid; 397 } 398 getUserHandle()399 public UserHandle getUserHandle() { 400 if (isPermissionBased) { 401 return UserHandle.of(userId); 402 } 403 return UserHandle.of(UserHandle.getUserId(info.getActivityInfo().applicationInfo.uid)); 404 } 405 writeToXml(TypedXmlSerializer out)406 void writeToXml(TypedXmlSerializer out) 407 throws IllegalArgumentException, IllegalStateException, IOException { 408 if (info != null) { 409 out.startTag(null, TAG_POLICIES); 410 info.writePoliciesToXml(out); 411 out.endTag(null, TAG_POLICIES); 412 } 413 if (mPasswordPolicy.quality != PASSWORD_QUALITY_UNSPECIFIED) { 414 writeAttributeValueToXml( 415 out, TAG_PASSWORD_QUALITY, mPasswordPolicy.quality); 416 if (mPasswordPolicy.length != PasswordPolicy.DEF_MINIMUM_LENGTH) { 417 writeAttributeValueToXml( 418 out, TAG_MIN_PASSWORD_LENGTH, mPasswordPolicy.length); 419 } 420 if (mPasswordPolicy.upperCase != PasswordPolicy.DEF_MINIMUM_UPPER_CASE) { 421 writeAttributeValueToXml( 422 out, TAG_MIN_PASSWORD_UPPERCASE, mPasswordPolicy.upperCase); 423 } 424 if (mPasswordPolicy.lowerCase != PasswordPolicy.DEF_MINIMUM_LOWER_CASE) { 425 writeAttributeValueToXml( 426 out, TAG_MIN_PASSWORD_LOWERCASE, mPasswordPolicy.lowerCase); 427 } 428 if (mPasswordPolicy.letters != PasswordPolicy.DEF_MINIMUM_LETTERS) { 429 writeAttributeValueToXml( 430 out, TAG_MIN_PASSWORD_LETTERS, mPasswordPolicy.letters); 431 } 432 if (mPasswordPolicy.numeric != PasswordPolicy.DEF_MINIMUM_NUMERIC) { 433 writeAttributeValueToXml( 434 out, TAG_MIN_PASSWORD_NUMERIC, mPasswordPolicy.numeric); 435 } 436 if (mPasswordPolicy.symbols != PasswordPolicy.DEF_MINIMUM_SYMBOLS) { 437 writeAttributeValueToXml( 438 out, TAG_MIN_PASSWORD_SYMBOLS, mPasswordPolicy.symbols); 439 } 440 if (mPasswordPolicy.nonLetter > PasswordPolicy.DEF_MINIMUM_NON_LETTER) { 441 writeAttributeValueToXml( 442 out, TAG_MIN_PASSWORD_NONLETTER, mPasswordPolicy.nonLetter); 443 } 444 } 445 if (passwordHistoryLength != DEF_PASSWORD_HISTORY_LENGTH) { 446 writeAttributeValueToXml( 447 out, TAG_PASSWORD_HISTORY_LENGTH, passwordHistoryLength); 448 } 449 if (maximumTimeToUnlock != DEF_MAXIMUM_TIME_TO_UNLOCK) { 450 writeAttributeValueToXml( 451 out, TAG_MAX_TIME_TO_UNLOCK, maximumTimeToUnlock); 452 } 453 if (strongAuthUnlockTimeout != DevicePolicyManager.DEFAULT_STRONG_AUTH_TIMEOUT_MS) { 454 writeAttributeValueToXml( 455 out, TAG_STRONG_AUTH_UNLOCK_TIMEOUT, strongAuthUnlockTimeout); 456 } 457 if (maximumFailedPasswordsForWipe != DEF_MAXIMUM_FAILED_PASSWORDS_FOR_WIPE) { 458 writeAttributeValueToXml( 459 out, TAG_MAX_FAILED_PASSWORD_WIPE, maximumFailedPasswordsForWipe); 460 } 461 if (specifiesGlobalProxy) { 462 writeAttributeValueToXml( 463 out, TAG_SPECIFIES_GLOBAL_PROXY, specifiesGlobalProxy); 464 if (globalProxySpec != null) { 465 writeAttributeValueToXml(out, TAG_GLOBAL_PROXY_SPEC, globalProxySpec); 466 } 467 if (globalProxyExclusionList != null) { 468 writeAttributeValueToXml( 469 out, TAG_GLOBAL_PROXY_EXCLUSION_LIST, globalProxyExclusionList); 470 } 471 } 472 if (passwordExpirationTimeout != DEF_PASSWORD_EXPIRATION_TIMEOUT) { 473 writeAttributeValueToXml( 474 out, TAG_PASSWORD_EXPIRATION_TIMEOUT, passwordExpirationTimeout); 475 } 476 if (passwordExpirationDate != DEF_PASSWORD_EXPIRATION_DATE) { 477 writeAttributeValueToXml( 478 out, TAG_PASSWORD_EXPIRATION_DATE, passwordExpirationDate); 479 } 480 if (encryptionRequested) { 481 writeAttributeValueToXml( 482 out, TAG_ENCRYPTION_REQUESTED, encryptionRequested); 483 } 484 if (testOnlyAdmin) { 485 writeAttributeValueToXml( 486 out, TAG_TEST_ONLY_ADMIN, testOnlyAdmin); 487 } 488 if (disableCamera) { 489 writeAttributeValueToXml( 490 out, TAG_DISABLE_CAMERA, disableCamera); 491 } 492 if (disableCallerId) { 493 writeAttributeValueToXml( 494 out, TAG_DISABLE_CALLER_ID, disableCallerId); 495 } 496 if (disableContactsSearch) { 497 writeAttributeValueToXml( 498 out, TAG_DISABLE_CONTACTS_SEARCH, disableContactsSearch); 499 } 500 if (!disableBluetoothContactSharing) { 501 writeAttributeValueToXml( 502 out, TAG_DISABLE_BLUETOOTH_CONTACT_SHARING, disableBluetoothContactSharing); 503 } 504 if (disableScreenCapture) { 505 writeAttributeValueToXml( 506 out, TAG_DISABLE_SCREEN_CAPTURE, disableScreenCapture); 507 } 508 if (requireAutoTime) { 509 writeAttributeValueToXml( 510 out, TAG_REQUIRE_AUTO_TIME, requireAutoTime); 511 } 512 if (forceEphemeralUsers) { 513 writeAttributeValueToXml( 514 out, TAG_FORCE_EPHEMERAL_USERS, forceEphemeralUsers); 515 } 516 if (isNetworkLoggingEnabled) { 517 out.startTag(null, TAG_IS_NETWORK_LOGGING_ENABLED); 518 out.attributeBoolean(null, ATTR_VALUE, isNetworkLoggingEnabled); 519 out.attributeInt(null, ATTR_NUM_NETWORK_LOGGING_NOTIFICATIONS, 520 numNetworkLoggingNotifications); 521 out.attributeLong(null, ATTR_LAST_NETWORK_LOGGING_NOTIFICATION, 522 lastNetworkLoggingNotificationTimeMs); 523 out.endTag(null, TAG_IS_NETWORK_LOGGING_ENABLED); 524 } 525 if (disabledKeyguardFeatures != DEF_KEYGUARD_FEATURES_DISABLED) { 526 writeAttributeValueToXml( 527 out, TAG_DISABLE_KEYGUARD_FEATURES, disabledKeyguardFeatures); 528 } 529 if (!accountTypesWithManagementDisabled.isEmpty()) { 530 writeAttributeValuesToXml( 531 out, TAG_DISABLE_ACCOUNT_MANAGEMENT, TAG_ACCOUNT_TYPE, 532 accountTypesWithManagementDisabled); 533 } 534 if (!trustAgentInfos.isEmpty()) { 535 Set<Map.Entry<String, TrustAgentInfo>> set = trustAgentInfos.entrySet(); 536 out.startTag(null, TAG_MANAGE_TRUST_AGENT_FEATURES); 537 for (Map.Entry<String, TrustAgentInfo> entry : set) { 538 TrustAgentInfo trustAgentInfo = entry.getValue(); 539 out.startTag(null, TAG_TRUST_AGENT_COMPONENT); 540 out.attribute(null, ATTR_VALUE, entry.getKey()); 541 if (trustAgentInfo.options != null) { 542 out.startTag(null, TAG_TRUST_AGENT_COMPONENT_OPTIONS); 543 try { 544 trustAgentInfo.options.saveToXml(out); 545 } catch (XmlPullParserException e) { 546 Slogf.e(LOG_TAG, e, "Failed to save TrustAgent options"); 547 } 548 out.endTag(null, TAG_TRUST_AGENT_COMPONENT_OPTIONS); 549 } 550 out.endTag(null, TAG_TRUST_AGENT_COMPONENT); 551 } 552 out.endTag(null, TAG_MANAGE_TRUST_AGENT_FEATURES); 553 } 554 if (crossProfileWidgetProviders != null && !crossProfileWidgetProviders.isEmpty()) { 555 writeAttributeValuesToXml( 556 out, TAG_CROSS_PROFILE_WIDGET_PROVIDERS, TAG_PROVIDER, 557 crossProfileWidgetProviders); 558 } 559 writePackageListToXml(out, TAG_PERMITTED_ACCESSIBILITY_SERVICES, 560 permittedAccessiblityServices); 561 writePackageListToXml(out, TAG_PERMITTED_IMES, permittedInputMethods); 562 writePackageListToXml(out, TAG_PERMITTED_NOTIFICATION_LISTENERS, 563 permittedNotificationListeners); 564 writePackageListToXml(out, TAG_KEEP_UNINSTALLED_PACKAGES, keepUninstalledPackages); 565 writePackageListToXml(out, TAG_METERED_DATA_DISABLED_PACKAGES, meteredDisabledPackages); 566 writePackageListToXml(out, TAG_PROTECTED_PACKAGES, protectedPackages); 567 writePackageListToXml(out, TAG_SUSPENDED_PACKAGES, suspendedPackages); 568 if (hasUserRestrictions()) { 569 UserRestrictionsUtils.writeRestrictions( 570 out, userRestrictions, TAG_USER_RESTRICTIONS); 571 } 572 if (!defaultEnabledRestrictionsAlreadySet.isEmpty()) { 573 writeAttributeValuesToXml(out, TAG_DEFAULT_ENABLED_USER_RESTRICTIONS, 574 TAG_RESTRICTION, 575 defaultEnabledRestrictionsAlreadySet); 576 } 577 if (!TextUtils.isEmpty(shortSupportMessage)) { 578 writeTextToXml(out, TAG_SHORT_SUPPORT_MESSAGE, shortSupportMessage.toString()); 579 } 580 if (!TextUtils.isEmpty(longSupportMessage)) { 581 writeTextToXml(out, TAG_LONG_SUPPORT_MESSAGE, longSupportMessage.toString()); 582 } 583 if (parentAdmin != null) { 584 out.startTag(null, TAG_PARENT_ADMIN); 585 parentAdmin.writeToXml(out); 586 out.endTag(null, TAG_PARENT_ADMIN); 587 } 588 if (organizationColor != DEF_ORGANIZATION_COLOR) { 589 writeAttributeValueToXml(out, TAG_ORGANIZATION_COLOR, organizationColor); 590 } 591 if (organizationName != null) { 592 writeTextToXml(out, TAG_ORGANIZATION_NAME, organizationName); 593 } 594 if (isLogoutEnabled) { 595 writeAttributeValueToXml(out, TAG_IS_LOGOUT_ENABLED, isLogoutEnabled); 596 } 597 if (startUserSessionMessage != null) { 598 writeTextToXml(out, TAG_START_USER_SESSION_MESSAGE, startUserSessionMessage); 599 } 600 if (endUserSessionMessage != null) { 601 writeTextToXml(out, TAG_END_USER_SESSION_MESSAGE, endUserSessionMessage); 602 } 603 if (mCrossProfileCalendarPackages == null) { 604 out.startTag(null, TAG_CROSS_PROFILE_CALENDAR_PACKAGES_NULL); 605 out.endTag(null, TAG_CROSS_PROFILE_CALENDAR_PACKAGES_NULL); 606 } else { 607 writePackageListToXml(out, TAG_CROSS_PROFILE_CALENDAR_PACKAGES, 608 mCrossProfileCalendarPackages); 609 } 610 writePackageListToXml(out, TAG_CROSS_PROFILE_PACKAGES, mCrossProfilePackages); 611 if (mFactoryResetProtectionPolicy != null) { 612 out.startTag(null, TAG_FACTORY_RESET_PROTECTION_POLICY); 613 mFactoryResetProtectionPolicy.writeToXml(out); 614 out.endTag(null, TAG_FACTORY_RESET_PROTECTION_POLICY); 615 } 616 if (mSuspendPersonalApps) { 617 writeAttributeValueToXml(out, TAG_SUSPEND_PERSONAL_APPS, mSuspendPersonalApps); 618 } 619 if (mProfileMaximumTimeOffMillis != 0) { 620 writeAttributeValueToXml(out, TAG_PROFILE_MAXIMUM_TIME_OFF, 621 mProfileMaximumTimeOffMillis); 622 } 623 if (mProfileMaximumTimeOffMillis != 0) { 624 writeAttributeValueToXml(out, TAG_PROFILE_OFF_DEADLINE, mProfileOffDeadline); 625 } 626 if (!TextUtils.isEmpty(mAlwaysOnVpnPackage)) { 627 writeAttributeValueToXml(out, TAG_ALWAYS_ON_VPN_PACKAGE, mAlwaysOnVpnPackage); 628 } 629 if (mAlwaysOnVpnLockdown) { 630 writeAttributeValueToXml(out, TAG_ALWAYS_ON_VPN_LOCKDOWN, mAlwaysOnVpnLockdown); 631 } 632 if (mCommonCriteriaMode) { 633 writeAttributeValueToXml(out, TAG_COMMON_CRITERIA_MODE, mCommonCriteriaMode); 634 } 635 636 if (mPasswordComplexity != PASSWORD_COMPLEXITY_NONE) { 637 writeAttributeValueToXml(out, TAG_PASSWORD_COMPLEXITY, mPasswordComplexity); 638 } 639 if (mNearbyNotificationStreamingPolicy != NEARBY_STREAMING_SAME_MANAGED_ACCOUNT_ONLY) { 640 writeAttributeValueToXml(out, TAG_NEARBY_NOTIFICATION_STREAMING_POLICY, 641 mNearbyNotificationStreamingPolicy); 642 } 643 if (mNearbyAppStreamingPolicy != NEARBY_STREAMING_SAME_MANAGED_ACCOUNT_ONLY) { 644 writeAttributeValueToXml(out, TAG_NEARBY_APP_STREAMING_POLICY, 645 mNearbyAppStreamingPolicy); 646 } 647 if (!TextUtils.isEmpty(mOrganizationId)) { 648 writeTextToXml(out, TAG_ORGANIZATION_ID, mOrganizationId); 649 } 650 if (!TextUtils.isEmpty(mEnrollmentSpecificId)) { 651 writeTextToXml(out, TAG_ENROLLMENT_SPECIFIC_ID, mEnrollmentSpecificId); 652 } 653 writeAttributeValueToXml(out, TAG_ADMIN_CAN_GRANT_SENSORS_PERMISSIONS, 654 mAdminCanGrantSensorsPermissions); 655 if (mUsbDataSignalingEnabled != USB_DATA_SIGNALING_ENABLED_DEFAULT) { 656 writeAttributeValueToXml(out, TAG_USB_DATA_SIGNALING, mUsbDataSignalingEnabled); 657 } 658 if (mWifiMinimumSecurityLevel != DevicePolicyManager.WIFI_SECURITY_OPEN) { 659 writeAttributeValueToXml(out, TAG_WIFI_MIN_SECURITY, mWifiMinimumSecurityLevel); 660 } 661 if (mWifiSsidPolicy != null) { 662 List<String> ssids = ssidsToStrings(mWifiSsidPolicy.getSsids()); 663 if (mWifiSsidPolicy.getPolicyType() == WIFI_SSID_POLICY_TYPE_ALLOWLIST) { 664 writeAttributeValuesToXml(out, TAG_SSID_ALLOWLIST, TAG_SSID, ssids); 665 } else if (mWifiSsidPolicy.getPolicyType() == WIFI_SSID_POLICY_TYPE_DENYLIST) { 666 writeAttributeValuesToXml(out, TAG_SSID_DENYLIST, TAG_SSID, ssids); 667 } 668 } 669 if (!mPreferentialNetworkServiceConfigs.isEmpty()) { 670 out.startTag(null, TAG_PREFERENTIAL_NETWORK_SERVICE_CONFIGS); 671 for (PreferentialNetworkServiceConfig config : mPreferentialNetworkServiceConfigs) { 672 config.writeToXml(out); 673 } 674 out.endTag(null, TAG_PREFERENTIAL_NETWORK_SERVICE_CONFIGS); 675 } 676 if (mtePolicy != DevicePolicyManager.MTE_NOT_CONTROLLED_BY_POLICY) { 677 writeAttributeValueToXml(out, TAG_MTE_POLICY, mtePolicy); 678 } 679 writePackagePolicy(out, TAG_CROSS_PROFILE_CALLER_ID_POLICY, 680 mManagedProfileCallerIdAccess); 681 writePackagePolicy(out, TAG_CROSS_PROFILE_CONTACTS_SEARCH_POLICY, 682 mManagedProfileContactsAccess); 683 writePackagePolicy(out, TAG_CREDENTIAL_MANAGER_POLICY, 684 mCredentialManagerPolicy); 685 if (mManagedSubscriptionsPolicy != null) { 686 out.startTag(null, TAG_MANAGED_SUBSCRIPTIONS_POLICY); 687 mManagedSubscriptionsPolicy.saveToXml(out); 688 out.endTag(null, TAG_MANAGED_SUBSCRIPTIONS_POLICY); 689 } 690 if (!TextUtils.isEmpty(mDialerPackage)) { 691 writeAttributeValueToXml(out, TAG_DIALER_PACKAGE, mDialerPackage); 692 } 693 if (!TextUtils.isEmpty(mSmsPackage)) { 694 writeAttributeValueToXml(out, TAG_SMS_PACKAGE, mSmsPackage); 695 } 696 } 697 writePackagePolicy(TypedXmlSerializer out, String tag, PackagePolicy packagePolicy)698 private void writePackagePolicy(TypedXmlSerializer out, String tag, 699 PackagePolicy packagePolicy) throws IOException { 700 if (packagePolicy == null) { 701 return; 702 } 703 out.startTag(null, tag); 704 out.attributeInt(null, ATTR_PACKAGE_POLICY_MODE, packagePolicy.getPolicyType()); 705 writePackageListToXml(out, TAG_PACKAGE_POLICY_PACKAGE_NAMES, 706 new ArrayList<>(packagePolicy.getPackageNames())); 707 out.endTag(null, tag); 708 } 709 ssidsToStrings(Set<WifiSsid> ssids)710 private List<String> ssidsToStrings(Set<WifiSsid> ssids) { 711 return ssids.stream() 712 .map(ssid -> new String(ssid.getBytes(), StandardCharsets.UTF_8)) 713 .collect(Collectors.toList()); 714 } 715 writeTextToXml(TypedXmlSerializer out, String tag, String text)716 void writeTextToXml(TypedXmlSerializer out, String tag, String text) throws IOException { 717 out.startTag(null, tag); 718 out.text(text); 719 out.endTag(null, tag); 720 } 721 writePackageListToXml(TypedXmlSerializer out, String outerTag, List<String> packageList)722 void writePackageListToXml(TypedXmlSerializer out, String outerTag, 723 List<String> packageList) 724 throws IllegalArgumentException, IllegalStateException, IOException { 725 if (packageList == null) { 726 return; 727 } 728 writeAttributeValuesToXml(out, outerTag, TAG_PACKAGE_LIST_ITEM, packageList); 729 } 730 writeAttributeValueToXml(TypedXmlSerializer out, String tag, String value)731 void writeAttributeValueToXml(TypedXmlSerializer out, String tag, String value) 732 throws IOException { 733 out.startTag(null, tag); 734 out.attribute(null, ATTR_VALUE, value); 735 out.endTag(null, tag); 736 } 737 writeAttributeValueToXml(TypedXmlSerializer out, String tag, int value)738 void writeAttributeValueToXml(TypedXmlSerializer out, String tag, int value) 739 throws IOException { 740 out.startTag(null, tag); 741 out.attributeInt(null, ATTR_VALUE, value); 742 out.endTag(null, tag); 743 } 744 writeAttributeValueToXml(TypedXmlSerializer out, String tag, long value)745 void writeAttributeValueToXml(TypedXmlSerializer out, String tag, long value) 746 throws IOException { 747 out.startTag(null, tag); 748 out.attributeLong(null, ATTR_VALUE, value); 749 out.endTag(null, tag); 750 } 751 writeAttributeValueToXml(TypedXmlSerializer out, String tag, boolean value)752 void writeAttributeValueToXml(TypedXmlSerializer out, String tag, boolean value) 753 throws IOException { 754 out.startTag(null, tag); 755 out.attributeBoolean(null, ATTR_VALUE, value); 756 out.endTag(null, tag); 757 } 758 writeAttributeValuesToXml(TypedXmlSerializer out, String outerTag, String innerTag, @NonNull Collection<String> values)759 void writeAttributeValuesToXml(TypedXmlSerializer out, String outerTag, String innerTag, 760 @NonNull Collection<String> values) throws IOException { 761 out.startTag(null, outerTag); 762 for (String value : values) { 763 out.startTag(null, innerTag); 764 out.attribute(null, ATTR_VALUE, value); 765 out.endTag(null, innerTag); 766 } 767 out.endTag(null, outerTag); 768 } 769 readFromXml(TypedXmlPullParser parser, boolean shouldOverridePolicies)770 void readFromXml(TypedXmlPullParser parser, boolean shouldOverridePolicies) 771 throws XmlPullParserException, IOException { 772 int outerDepth = parser.getDepth(); 773 int type; 774 while ((type = parser.next()) != END_DOCUMENT 775 && (type != END_TAG || parser.getDepth() > outerDepth)) { 776 if (type == END_TAG || type == TEXT) { 777 continue; 778 } 779 String tag = parser.getName(); 780 if (TAG_POLICIES.equals(tag)) { 781 if (shouldOverridePolicies) { 782 Slogf.d(LOG_TAG, "Overriding device admin policies from XML."); 783 info.readPoliciesFromXml(parser); 784 } 785 } else if (TAG_PASSWORD_QUALITY.equals(tag)) { 786 mPasswordPolicy.quality = parser.getAttributeInt(null, ATTR_VALUE); 787 } else if (TAG_MIN_PASSWORD_LENGTH.equals(tag)) { 788 mPasswordPolicy.length = parser.getAttributeInt(null, ATTR_VALUE); 789 } else if (TAG_PASSWORD_HISTORY_LENGTH.equals(tag)) { 790 passwordHistoryLength = parser.getAttributeInt(null, ATTR_VALUE); 791 } else if (TAG_MIN_PASSWORD_UPPERCASE.equals(tag)) { 792 mPasswordPolicy.upperCase = parser.getAttributeInt(null, ATTR_VALUE); 793 } else if (TAG_MIN_PASSWORD_LOWERCASE.equals(tag)) { 794 mPasswordPolicy.lowerCase = parser.getAttributeInt(null, ATTR_VALUE); 795 } else if (TAG_MIN_PASSWORD_LETTERS.equals(tag)) { 796 mPasswordPolicy.letters = parser.getAttributeInt(null, ATTR_VALUE); 797 } else if (TAG_MIN_PASSWORD_NUMERIC.equals(tag)) { 798 mPasswordPolicy.numeric = parser.getAttributeInt(null, ATTR_VALUE); 799 } else if (TAG_MIN_PASSWORD_SYMBOLS.equals(tag)) { 800 mPasswordPolicy.symbols = parser.getAttributeInt(null, ATTR_VALUE); 801 } else if (TAG_MIN_PASSWORD_NONLETTER.equals(tag)) { 802 mPasswordPolicy.nonLetter = parser.getAttributeInt(null, ATTR_VALUE); 803 } else if (TAG_MAX_TIME_TO_UNLOCK.equals(tag)) { 804 maximumTimeToUnlock = parser.getAttributeLong(null, ATTR_VALUE); 805 } else if (TAG_STRONG_AUTH_UNLOCK_TIMEOUT.equals(tag)) { 806 strongAuthUnlockTimeout = parser.getAttributeLong(null, ATTR_VALUE); 807 } else if (TAG_MAX_FAILED_PASSWORD_WIPE.equals(tag)) { 808 maximumFailedPasswordsForWipe = parser.getAttributeInt(null, ATTR_VALUE); 809 } else if (TAG_SPECIFIES_GLOBAL_PROXY.equals(tag)) { 810 specifiesGlobalProxy = parser.getAttributeBoolean(null, ATTR_VALUE, false); 811 } else if (TAG_GLOBAL_PROXY_SPEC.equals(tag)) { 812 globalProxySpec = 813 parser.getAttributeValue(null, ATTR_VALUE); 814 } else if (TAG_GLOBAL_PROXY_EXCLUSION_LIST.equals(tag)) { 815 globalProxyExclusionList = 816 parser.getAttributeValue(null, ATTR_VALUE); 817 } else if (TAG_PASSWORD_EXPIRATION_TIMEOUT.equals(tag)) { 818 passwordExpirationTimeout = parser.getAttributeLong(null, ATTR_VALUE); 819 } else if (TAG_PASSWORD_EXPIRATION_DATE.equals(tag)) { 820 passwordExpirationDate = parser.getAttributeLong(null, ATTR_VALUE); 821 } else if (TAG_ENCRYPTION_REQUESTED.equals(tag)) { 822 encryptionRequested = parser.getAttributeBoolean(null, ATTR_VALUE, false); 823 } else if (TAG_TEST_ONLY_ADMIN.equals(tag)) { 824 testOnlyAdmin = parser.getAttributeBoolean(null, ATTR_VALUE, false); 825 } else if (TAG_DISABLE_CAMERA.equals(tag)) { 826 disableCamera = parser.getAttributeBoolean(null, ATTR_VALUE, false); 827 } else if (TAG_DISABLE_CALLER_ID.equals(tag)) { 828 disableCallerId = parser.getAttributeBoolean(null, ATTR_VALUE, false); 829 } else if (TAG_DISABLE_CONTACTS_SEARCH.equals(tag)) { 830 disableContactsSearch = parser.getAttributeBoolean(null, ATTR_VALUE, false); 831 } else if (TAG_DISABLE_BLUETOOTH_CONTACT_SHARING.equals(tag)) { 832 disableBluetoothContactSharing = 833 parser.getAttributeBoolean(null, ATTR_VALUE, false); 834 } else if (TAG_DISABLE_SCREEN_CAPTURE.equals(tag)) { 835 disableScreenCapture = parser.getAttributeBoolean(null, ATTR_VALUE, false); 836 } else if (TAG_REQUIRE_AUTO_TIME.equals(tag)) { 837 requireAutoTime = parser.getAttributeBoolean(null, ATTR_VALUE, false); 838 } else if (TAG_FORCE_EPHEMERAL_USERS.equals(tag)) { 839 forceEphemeralUsers = parser.getAttributeBoolean(null, ATTR_VALUE, false); 840 } else if (TAG_IS_NETWORK_LOGGING_ENABLED.equals(tag)) { 841 isNetworkLoggingEnabled = parser.getAttributeBoolean(null, ATTR_VALUE, false); 842 lastNetworkLoggingNotificationTimeMs = parser.getAttributeLong(null, 843 ATTR_LAST_NETWORK_LOGGING_NOTIFICATION); 844 numNetworkLoggingNotifications = parser.getAttributeInt(null, 845 ATTR_NUM_NETWORK_LOGGING_NOTIFICATIONS); 846 } else if (TAG_DISABLE_KEYGUARD_FEATURES.equals(tag)) { 847 disabledKeyguardFeatures = parser.getAttributeInt(null, ATTR_VALUE); 848 } else if (TAG_DISABLE_ACCOUNT_MANAGEMENT.equals(tag)) { 849 readAttributeValues( 850 parser, TAG_ACCOUNT_TYPE, accountTypesWithManagementDisabled); 851 } else if (TAG_MANAGE_TRUST_AGENT_FEATURES.equals(tag)) { 852 trustAgentInfos = getAllTrustAgentInfos(parser, tag); 853 } else if (TAG_CROSS_PROFILE_WIDGET_PROVIDERS.equals(tag)) { 854 crossProfileWidgetProviders = new ArrayList<>(); 855 readAttributeValues(parser, TAG_PROVIDER, crossProfileWidgetProviders); 856 } else if (TAG_PERMITTED_ACCESSIBILITY_SERVICES.equals(tag)) { 857 permittedAccessiblityServices = readPackageList(parser, tag); 858 } else if (TAG_PERMITTED_IMES.equals(tag)) { 859 permittedInputMethods = readPackageList(parser, tag); 860 } else if (TAG_PERMITTED_NOTIFICATION_LISTENERS.equals(tag)) { 861 permittedNotificationListeners = readPackageList(parser, tag); 862 } else if (TAG_KEEP_UNINSTALLED_PACKAGES.equals(tag)) { 863 keepUninstalledPackages = readPackageList(parser, tag); 864 } else if (TAG_METERED_DATA_DISABLED_PACKAGES.equals(tag)) { 865 meteredDisabledPackages = readPackageList(parser, tag); 866 } else if (TAG_PROTECTED_PACKAGES.equals(tag)) { 867 protectedPackages = readPackageList(parser, tag); 868 } else if (TAG_SUSPENDED_PACKAGES.equals(tag)) { 869 suspendedPackages = readPackageList(parser, tag); 870 } else if (TAG_USER_RESTRICTIONS.equals(tag)) { 871 userRestrictions = UserRestrictionsUtils.readRestrictions(parser); 872 } else if (TAG_DEFAULT_ENABLED_USER_RESTRICTIONS.equals(tag)) { 873 readAttributeValues( 874 parser, TAG_RESTRICTION, defaultEnabledRestrictionsAlreadySet); 875 } else if (TAG_SHORT_SUPPORT_MESSAGE.equals(tag)) { 876 type = parser.next(); 877 if (type == TypedXmlPullParser.TEXT) { 878 shortSupportMessage = parser.getText(); 879 } else { 880 Slogf.w(LOG_TAG, "Missing text when loading short support message"); 881 } 882 } else if (TAG_LONG_SUPPORT_MESSAGE.equals(tag)) { 883 type = parser.next(); 884 if (type == TypedXmlPullParser.TEXT) { 885 longSupportMessage = parser.getText(); 886 } else { 887 Slogf.w(LOG_TAG, "Missing text when loading long support message"); 888 } 889 } else if (TAG_PARENT_ADMIN.equals(tag)) { 890 Preconditions.checkState(!isParent); 891 parentAdmin = new ActiveAdmin(info, /* parent */ true); 892 parentAdmin.readFromXml(parser, shouldOverridePolicies); 893 } else if (TAG_ORGANIZATION_COLOR.equals(tag)) { 894 organizationColor = parser.getAttributeInt(null, ATTR_VALUE); 895 } else if (TAG_ORGANIZATION_NAME.equals(tag)) { 896 type = parser.next(); 897 if (type == TypedXmlPullParser.TEXT) { 898 organizationName = parser.getText(); 899 } else { 900 Slogf.w(LOG_TAG, "Missing text when loading organization name"); 901 } 902 } else if (TAG_IS_LOGOUT_ENABLED.equals(tag)) { 903 isLogoutEnabled = parser.getAttributeBoolean(null, ATTR_VALUE, false); 904 } else if (TAG_START_USER_SESSION_MESSAGE.equals(tag)) { 905 type = parser.next(); 906 if (type == TypedXmlPullParser.TEXT) { 907 startUserSessionMessage = parser.getText(); 908 } else { 909 Slogf.w(LOG_TAG, "Missing text when loading start session message"); 910 } 911 } else if (TAG_END_USER_SESSION_MESSAGE.equals(tag)) { 912 type = parser.next(); 913 if (type == TypedXmlPullParser.TEXT) { 914 endUserSessionMessage = parser.getText(); 915 } else { 916 Slogf.w(LOG_TAG, "Missing text when loading end session message"); 917 } 918 } else if (TAG_CROSS_PROFILE_CALENDAR_PACKAGES.equals(tag)) { 919 mCrossProfileCalendarPackages = readPackageList(parser, tag); 920 } else if (TAG_CROSS_PROFILE_CALENDAR_PACKAGES_NULL.equals(tag)) { 921 mCrossProfileCalendarPackages = null; 922 } else if (TAG_CROSS_PROFILE_PACKAGES.equals(tag)) { 923 mCrossProfilePackages = readPackageList(parser, tag); 924 } else if (TAG_FACTORY_RESET_PROTECTION_POLICY.equals(tag)) { 925 mFactoryResetProtectionPolicy = FactoryResetProtectionPolicy.readFromXml( 926 parser); 927 } else if (TAG_SUSPEND_PERSONAL_APPS.equals(tag)) { 928 mSuspendPersonalApps = parser.getAttributeBoolean(null, ATTR_VALUE, false); 929 } else if (TAG_PROFILE_MAXIMUM_TIME_OFF.equals(tag)) { 930 mProfileMaximumTimeOffMillis = 931 parser.getAttributeLong(null, ATTR_VALUE); 932 } else if (TAG_PROFILE_OFF_DEADLINE.equals(tag)) { 933 mProfileOffDeadline = 934 parser.getAttributeLong(null, ATTR_VALUE); 935 } else if (TAG_ALWAYS_ON_VPN_PACKAGE.equals(tag)) { 936 mAlwaysOnVpnPackage = parser.getAttributeValue(null, ATTR_VALUE); 937 } else if (TAG_ALWAYS_ON_VPN_LOCKDOWN.equals(tag)) { 938 mAlwaysOnVpnLockdown = parser.getAttributeBoolean(null, ATTR_VALUE, false); 939 } else if (TAG_PREFERENTIAL_NETWORK_SERVICE_ENABLED.equals(tag)) { 940 boolean preferentialNetworkServiceEnabled = parser.getAttributeBoolean(null, 941 ATTR_VALUE, 942 DevicePolicyManager.PREFERENTIAL_NETWORK_SERVICE_ENABLED_DEFAULT); 943 if (preferentialNetworkServiceEnabled) { 944 PreferentialNetworkServiceConfig.Builder configBuilder = 945 new PreferentialNetworkServiceConfig.Builder(); 946 configBuilder.setEnabled(preferentialNetworkServiceEnabled); 947 configBuilder.setNetworkId(NET_ENTERPRISE_ID_1); 948 mPreferentialNetworkServiceConfigs = List.of(configBuilder.build()); 949 } 950 } else if (TAG_COMMON_CRITERIA_MODE.equals(tag)) { 951 mCommonCriteriaMode = parser.getAttributeBoolean(null, ATTR_VALUE, false); 952 } else if (TAG_PASSWORD_COMPLEXITY.equals(tag)) { 953 mPasswordComplexity = parser.getAttributeInt(null, ATTR_VALUE); 954 } else if (TAG_NEARBY_NOTIFICATION_STREAMING_POLICY.equals(tag)) { 955 mNearbyNotificationStreamingPolicy = parser.getAttributeInt(null, ATTR_VALUE); 956 } else if (TAG_NEARBY_APP_STREAMING_POLICY.equals(tag)) { 957 mNearbyAppStreamingPolicy = parser.getAttributeInt(null, ATTR_VALUE); 958 } else if (TAG_ORGANIZATION_ID.equals(tag)) { 959 type = parser.next(); 960 if (type == TypedXmlPullParser.TEXT) { 961 mOrganizationId = parser.getText(); 962 } else { 963 Slogf.w(LOG_TAG, "Missing Organization ID."); 964 } 965 } else if (TAG_ENROLLMENT_SPECIFIC_ID.equals(tag)) { 966 type = parser.next(); 967 if (type == TypedXmlPullParser.TEXT) { 968 mEnrollmentSpecificId = parser.getText(); 969 } else { 970 Slogf.w(LOG_TAG, "Missing Enrollment-specific ID."); 971 } 972 } else if (TAG_ADMIN_CAN_GRANT_SENSORS_PERMISSIONS.equals(tag)) { 973 mAdminCanGrantSensorsPermissions = parser.getAttributeBoolean(null, ATTR_VALUE, 974 false); 975 } else if (TAG_USB_DATA_SIGNALING.equals(tag)) { 976 mUsbDataSignalingEnabled = parser.getAttributeBoolean(null, ATTR_VALUE, 977 USB_DATA_SIGNALING_ENABLED_DEFAULT); 978 } else if (TAG_WIFI_MIN_SECURITY.equals(tag)) { 979 mWifiMinimumSecurityLevel = parser.getAttributeInt(null, ATTR_VALUE); 980 } else if (TAG_SSID_ALLOWLIST.equals(tag)) { 981 List<WifiSsid> ssids = readWifiSsids(parser, TAG_SSID); 982 mWifiSsidPolicy = new WifiSsidPolicy( 983 WIFI_SSID_POLICY_TYPE_ALLOWLIST, new ArraySet<>(ssids)); 984 } else if (TAG_SSID_DENYLIST.equals(tag)) { 985 List<WifiSsid> ssids = readWifiSsids(parser, TAG_SSID); 986 mWifiSsidPolicy = new WifiSsidPolicy( 987 WIFI_SSID_POLICY_TYPE_DENYLIST, new ArraySet<>(ssids)); 988 } else if (TAG_PREFERENTIAL_NETWORK_SERVICE_CONFIGS.equals(tag)) { 989 List<PreferentialNetworkServiceConfig> configs = 990 getPreferentialNetworkServiceConfigs(parser, tag); 991 if (!configs.isEmpty()) { 992 mPreferentialNetworkServiceConfigs = configs; 993 } 994 } else if (TAG_MTE_POLICY.equals(tag)) { 995 mtePolicy = parser.getAttributeInt(null, ATTR_VALUE); 996 } else if (TAG_CROSS_PROFILE_CALLER_ID_POLICY.equals(tag)) { 997 mManagedProfileCallerIdAccess = readPackagePolicy(parser); 998 } else if (TAG_CROSS_PROFILE_CONTACTS_SEARCH_POLICY.equals(tag)) { 999 mManagedProfileContactsAccess = readPackagePolicy(parser); 1000 } else if (TAG_MANAGED_SUBSCRIPTIONS_POLICY.equals(tag)) { 1001 mManagedSubscriptionsPolicy = ManagedSubscriptionsPolicy.readFromXml(parser); 1002 } else if (TAG_CREDENTIAL_MANAGER_POLICY.equals(tag)) { 1003 mCredentialManagerPolicy = readPackagePolicy(parser); 1004 } else if (TAG_DIALER_PACKAGE.equals(tag)) { 1005 mDialerPackage = parser.getAttributeValue(null, ATTR_VALUE); 1006 } else if (TAG_SMS_PACKAGE.equals(tag)) { 1007 mSmsPackage = parser.getAttributeValue(null, ATTR_VALUE); 1008 } else { 1009 Slogf.w(LOG_TAG, "Unknown admin tag: %s", tag); 1010 XmlUtils.skipCurrentTag(parser); 1011 } 1012 } 1013 } 1014 readPackagePolicy(TypedXmlPullParser parser)1015 private PackagePolicy readPackagePolicy(TypedXmlPullParser parser) 1016 throws XmlPullParserException, IOException { 1017 int policy = parser.getAttributeInt(null, ATTR_PACKAGE_POLICY_MODE); 1018 Set<String> packageNames = new ArraySet<>( 1019 readPackageList(parser, TAG_PACKAGE_POLICY_PACKAGE_NAMES)); 1020 return new PackagePolicy(policy, packageNames); 1021 } 1022 readWifiSsids(TypedXmlPullParser parser, String tag)1023 private List<WifiSsid> readWifiSsids(TypedXmlPullParser parser, String tag) 1024 throws XmlPullParserException, IOException { 1025 List<String> ssidStrings = new ArrayList<>(); 1026 readAttributeValues(parser, tag, ssidStrings); 1027 List<WifiSsid> ssids = ssidStrings.stream() 1028 .map(ssid -> WifiSsid.fromBytes(ssid.getBytes(StandardCharsets.UTF_8))) 1029 .collect(Collectors.toList()); 1030 return ssids; 1031 } 1032 readPackageList(TypedXmlPullParser parser, String tag)1033 private List<String> readPackageList(TypedXmlPullParser parser, 1034 String tag) throws XmlPullParserException, IOException { 1035 List<String> result = new ArrayList<String>(); 1036 int outerDepth = parser.getDepth(); 1037 int outerType; 1038 while ((outerType = parser.next()) != TypedXmlPullParser.END_DOCUMENT 1039 && (outerType != TypedXmlPullParser.END_TAG || parser.getDepth() > outerDepth)) { 1040 if (outerType == TypedXmlPullParser.END_TAG || outerType == TypedXmlPullParser.TEXT) { 1041 continue; 1042 } 1043 String outerTag = parser.getName(); 1044 if (TAG_PACKAGE_LIST_ITEM.equals(outerTag)) { 1045 String packageName = parser.getAttributeValue(null, ATTR_VALUE); 1046 if (packageName != null) { 1047 result.add(packageName); 1048 } else { 1049 Slogf.w(LOG_TAG, "Package name missing under %s", outerTag); 1050 } 1051 } else { 1052 Slogf.w(LOG_TAG, "Unknown tag under %s: ", tag, outerTag); 1053 } 1054 } 1055 return result; 1056 } 1057 readAttributeValues( TypedXmlPullParser parser, String tag, Collection<String> result)1058 private void readAttributeValues( 1059 TypedXmlPullParser parser, String tag, Collection<String> result) 1060 throws XmlPullParserException, IOException { 1061 result.clear(); 1062 int outerDepthDAM = parser.getDepth(); 1063 int typeDAM; 1064 while ((typeDAM = parser.next()) != END_DOCUMENT 1065 && (typeDAM != END_TAG || parser.getDepth() > outerDepthDAM)) { 1066 if (typeDAM == END_TAG || typeDAM == TEXT) { 1067 continue; 1068 } 1069 String tagDAM = parser.getName(); 1070 if (tag.equals(tagDAM)) { 1071 result.add(parser.getAttributeValue(null, ATTR_VALUE)); 1072 } else { 1073 Slogf.e(LOG_TAG, "Expected tag %s but found %s", tag, tagDAM); 1074 } 1075 } 1076 } 1077 1078 @NonNull getAllTrustAgentInfos( TypedXmlPullParser parser, String tag)1079 private ArrayMap<String, TrustAgentInfo> getAllTrustAgentInfos( 1080 TypedXmlPullParser parser, String tag) throws XmlPullParserException, IOException { 1081 int outerDepthDAM = parser.getDepth(); 1082 int typeDAM; 1083 final ArrayMap<String, TrustAgentInfo> result = new ArrayMap<>(); 1084 while ((typeDAM = parser.next()) != END_DOCUMENT 1085 && (typeDAM != END_TAG || parser.getDepth() > outerDepthDAM)) { 1086 if (typeDAM == END_TAG || typeDAM == TEXT) { 1087 continue; 1088 } 1089 String tagDAM = parser.getName(); 1090 if (TAG_TRUST_AGENT_COMPONENT.equals(tagDAM)) { 1091 final String component = parser.getAttributeValue(null, ATTR_VALUE); 1092 final TrustAgentInfo trustAgentInfo = getTrustAgentInfo(parser, tag); 1093 result.put(component, trustAgentInfo); 1094 } else { 1095 Slogf.w(LOG_TAG, "Unknown tag under %s: %s", tag, tagDAM); 1096 } 1097 } 1098 return result; 1099 } 1100 getTrustAgentInfo(TypedXmlPullParser parser, String outerTag)1101 private TrustAgentInfo getTrustAgentInfo(TypedXmlPullParser parser, String outerTag) 1102 throws XmlPullParserException, IOException { 1103 int outerDepth = parser.getDepth(); 1104 int type; 1105 TrustAgentInfo result = new TrustAgentInfo(null); 1106 while ((type = parser.next()) != END_DOCUMENT 1107 && (type != END_TAG || parser.getDepth() > outerDepth)) { 1108 if (type == END_TAG || type == TEXT) { 1109 continue; 1110 } 1111 String tag = parser.getName(); 1112 if (TAG_TRUST_AGENT_COMPONENT_OPTIONS.equals(tag)) { 1113 result.options = PersistableBundle.restoreFromXml(parser); 1114 } else { 1115 Slogf.w(LOG_TAG, "Unknown tag under %s: %s", outerTag, tag); 1116 } 1117 } 1118 return result; 1119 } 1120 1121 @NonNull getPreferentialNetworkServiceConfigs( TypedXmlPullParser parser, String tag)1122 private List<PreferentialNetworkServiceConfig> getPreferentialNetworkServiceConfigs( 1123 TypedXmlPullParser parser, String tag) throws XmlPullParserException, IOException { 1124 int outerDepth = parser.getDepth(); 1125 int typeDAM; 1126 final List<PreferentialNetworkServiceConfig> result = new ArrayList<>(); 1127 while ((typeDAM = parser.next()) != END_DOCUMENT 1128 && (typeDAM != END_TAG || parser.getDepth() > outerDepth)) { 1129 if (typeDAM == END_TAG || typeDAM == TEXT) { 1130 continue; 1131 } 1132 String tagDAM = parser.getName(); 1133 if (TAG_PREFERENTIAL_NETWORK_SERVICE_CONFIG.equals(tagDAM)) { 1134 final PreferentialNetworkServiceConfig preferentialNetworkServiceConfig = 1135 PreferentialNetworkServiceConfig.getPreferentialNetworkServiceConfig( 1136 parser, tag); 1137 result.add(preferentialNetworkServiceConfig); 1138 } else { 1139 Slogf.w(LOG_TAG, "Unknown tag under %s: %s", tag, tagDAM); 1140 } 1141 } 1142 return result; 1143 } 1144 hasUserRestrictions()1145 boolean hasUserRestrictions() { 1146 return userRestrictions != null && userRestrictions.size() > 0; 1147 } 1148 ensureUserRestrictions()1149 Bundle ensureUserRestrictions() { 1150 if (userRestrictions == null) { 1151 userRestrictions = new Bundle(); 1152 } 1153 return userRestrictions; 1154 } 1155 transfer(DeviceAdminInfo deviceAdminInfo)1156 public void transfer(DeviceAdminInfo deviceAdminInfo) { 1157 if (hasParentActiveAdmin()) { 1158 parentAdmin.info = deviceAdminInfo; 1159 } 1160 info = deviceAdminInfo; 1161 } 1162 addSyntheticRestrictions(Bundle restrictions)1163 Bundle addSyntheticRestrictions(Bundle restrictions) { 1164 if (disableCamera) { 1165 restrictions.putBoolean(UserManager.DISALLOW_CAMERA, true); 1166 } 1167 if (requireAutoTime) { 1168 restrictions.putBoolean(UserManager.DISALLOW_CONFIG_DATE_TIME, true); 1169 } 1170 return restrictions; 1171 } 1172 removeDeprecatedRestrictions(Bundle restrictions)1173 static Bundle removeDeprecatedRestrictions(Bundle restrictions) { 1174 for (String deprecatedRestriction: UserRestrictionsUtils.DEPRECATED_USER_RESTRICTIONS) { 1175 restrictions.remove(deprecatedRestriction); 1176 } 1177 return restrictions; 1178 } 1179 filterRestrictions(Bundle restrictions, Predicate<String> filter)1180 static Bundle filterRestrictions(Bundle restrictions, Predicate<String> filter) { 1181 Bundle result = new Bundle(); 1182 for (String key : restrictions.keySet()) { 1183 if (!restrictions.getBoolean(key)) { 1184 continue; 1185 } 1186 if (filter.test(key)) { 1187 result.putBoolean(key, true); 1188 } 1189 } 1190 return result; 1191 } 1192 getEffectiveRestrictions()1193 Bundle getEffectiveRestrictions() { 1194 return addSyntheticRestrictions( 1195 removeDeprecatedRestrictions(new Bundle(ensureUserRestrictions()))); 1196 } 1197 getLocalUserRestrictions(int adminType)1198 Bundle getLocalUserRestrictions(int adminType) { 1199 return filterRestrictions(getEffectiveRestrictions(), 1200 key -> UserRestrictionsUtils.isLocal(adminType, key)); 1201 } 1202 getGlobalUserRestrictions(int adminType)1203 Bundle getGlobalUserRestrictions(int adminType) { 1204 return filterRestrictions(getEffectiveRestrictions(), 1205 key -> UserRestrictionsUtils.isGlobal(adminType, key)); 1206 } 1207 dumpPackagePolicy(IndentingPrintWriter pw, String name, PackagePolicy policy)1208 void dumpPackagePolicy(IndentingPrintWriter pw, String name, PackagePolicy policy) { 1209 pw.print(name); 1210 pw.println(":"); 1211 if (policy != null) { 1212 pw.increaseIndent(); 1213 pw.print("policyType="); 1214 pw.println(policy.getPolicyType()); 1215 pw.println("packageNames:"); 1216 pw.increaseIndent(); 1217 policy.getPackageNames().forEach(item -> pw.println(item)); 1218 pw.decreaseIndent(); 1219 pw.decreaseIndent(); 1220 } 1221 } 1222 dump(IndentingPrintWriter pw)1223 void dump(IndentingPrintWriter pw) { 1224 pw.print("uid="); 1225 pw.println(getUid()); 1226 1227 pw.print("testOnlyAdmin="); 1228 pw.println(testOnlyAdmin); 1229 1230 if (info != null) { 1231 pw.println("policies:"); 1232 ArrayList<DeviceAdminInfo.PolicyInfo> pols = info.getUsedPolicies(); 1233 if (pols != null) { 1234 pw.increaseIndent(); 1235 for (int i = 0; i < pols.size(); i++) { 1236 pw.println(pols.get(i).tag); 1237 } 1238 pw.decreaseIndent(); 1239 } 1240 } 1241 1242 pw.print("passwordQuality=0x"); 1243 pw.println(Integer.toHexString(mPasswordPolicy.quality)); 1244 1245 pw.print("minimumPasswordLength="); 1246 pw.println(mPasswordPolicy.length); 1247 1248 pw.print("passwordHistoryLength="); 1249 pw.println(passwordHistoryLength); 1250 1251 pw.print("minimumPasswordUpperCase="); 1252 pw.println(mPasswordPolicy.upperCase); 1253 1254 pw.print("minimumPasswordLowerCase="); 1255 pw.println(mPasswordPolicy.lowerCase); 1256 1257 pw.print("minimumPasswordLetters="); 1258 pw.println(mPasswordPolicy.letters); 1259 1260 pw.print("minimumPasswordNumeric="); 1261 pw.println(mPasswordPolicy.numeric); 1262 1263 pw.print("minimumPasswordSymbols="); 1264 pw.println(mPasswordPolicy.symbols); 1265 1266 pw.print("minimumPasswordNonLetter="); 1267 pw.println(mPasswordPolicy.nonLetter); 1268 1269 pw.print("maximumTimeToUnlock="); 1270 pw.println(maximumTimeToUnlock); 1271 1272 pw.print("strongAuthUnlockTimeout="); 1273 pw.println(strongAuthUnlockTimeout); 1274 1275 pw.print("maximumFailedPasswordsForWipe="); 1276 pw.println(maximumFailedPasswordsForWipe); 1277 1278 pw.print("specifiesGlobalProxy="); 1279 pw.println(specifiesGlobalProxy); 1280 1281 pw.print("passwordExpirationTimeout="); 1282 pw.println(passwordExpirationTimeout); 1283 1284 pw.print("passwordExpirationDate="); 1285 pw.println(passwordExpirationDate); 1286 1287 if (globalProxySpec != null) { 1288 pw.print("globalProxySpec="); 1289 pw.println(globalProxySpec); 1290 } 1291 if (globalProxyExclusionList != null) { 1292 pw.print("globalProxyEclusionList="); 1293 pw.println(globalProxyExclusionList); 1294 } 1295 pw.print("encryptionRequested="); 1296 pw.println(encryptionRequested); 1297 1298 pw.print("disableCamera="); 1299 pw.println(disableCamera); 1300 1301 pw.print("disableCallerId="); 1302 pw.println(disableCallerId); 1303 1304 pw.print("disableContactsSearch="); 1305 pw.println(disableContactsSearch); 1306 1307 pw.print("disableBluetoothContactSharing="); 1308 pw.println(disableBluetoothContactSharing); 1309 1310 pw.print("disableScreenCapture="); 1311 pw.println(disableScreenCapture); 1312 1313 pw.print("requireAutoTime="); 1314 pw.println(requireAutoTime); 1315 1316 pw.print("forceEphemeralUsers="); 1317 pw.println(forceEphemeralUsers); 1318 1319 pw.print("isNetworkLoggingEnabled="); 1320 pw.println(isNetworkLoggingEnabled); 1321 1322 pw.print("disabledKeyguardFeatures="); 1323 pw.println(disabledKeyguardFeatures); 1324 1325 pw.print("crossProfileWidgetProviders="); 1326 pw.println(crossProfileWidgetProviders); 1327 1328 if (permittedAccessiblityServices != null) { 1329 pw.print("permittedAccessibilityServices="); 1330 pw.println(permittedAccessiblityServices); 1331 } 1332 1333 if (permittedInputMethods != null) { 1334 pw.print("permittedInputMethods="); 1335 pw.println(permittedInputMethods); 1336 } 1337 1338 if (permittedNotificationListeners != null) { 1339 pw.print("permittedNotificationListeners="); 1340 pw.println(permittedNotificationListeners); 1341 } 1342 1343 if (keepUninstalledPackages != null) { 1344 pw.print("keepUninstalledPackages="); 1345 pw.println(keepUninstalledPackages); 1346 } 1347 1348 if (meteredDisabledPackages != null) { 1349 pw.print("meteredDisabledPackages="); 1350 pw.println(meteredDisabledPackages); 1351 } 1352 1353 if (protectedPackages != null) { 1354 pw.print("protectedPackages="); 1355 pw.println(protectedPackages); 1356 } 1357 1358 if (suspendedPackages != null) { 1359 pw.print("suspendedPackages="); 1360 pw.println(suspendedPackages); 1361 } 1362 1363 pw.print("organizationColor="); 1364 pw.println(organizationColor); 1365 1366 if (organizationName != null) { 1367 pw.print("organizationName="); 1368 pw.println(organizationName); 1369 } 1370 1371 pw.println("userRestrictions:"); 1372 UserRestrictionsUtils.dumpRestrictions(pw, " ", userRestrictions); 1373 1374 pw.print("defaultEnabledRestrictionsAlreadySet="); 1375 pw.println(defaultEnabledRestrictionsAlreadySet); 1376 1377 1378 dumpPackagePolicy(pw, "managedProfileCallerIdPolicy", 1379 mManagedProfileCallerIdAccess); 1380 1381 dumpPackagePolicy(pw, "managedProfileContactsPolicy", 1382 mManagedProfileContactsAccess); 1383 1384 dumpPackagePolicy(pw, "credentialManagerPolicy", 1385 mCredentialManagerPolicy); 1386 1387 pw.print("isParent="); 1388 pw.println(isParent); 1389 1390 if (parentAdmin != null) { 1391 pw.println("parentAdmin:"); 1392 pw.increaseIndent(); 1393 parentAdmin.dump(pw); 1394 pw.decreaseIndent(); 1395 } 1396 1397 if (mCrossProfileCalendarPackages != null) { 1398 pw.print("mCrossProfileCalendarPackages="); 1399 pw.println(mCrossProfileCalendarPackages); 1400 } 1401 1402 pw.print("mCrossProfilePackages="); 1403 pw.println(mCrossProfilePackages); 1404 1405 pw.print("mSuspendPersonalApps="); 1406 pw.println(mSuspendPersonalApps); 1407 1408 pw.print("mProfileMaximumTimeOffMillis="); 1409 pw.println(mProfileMaximumTimeOffMillis); 1410 1411 pw.print("mProfileOffDeadline="); 1412 pw.println(mProfileOffDeadline); 1413 1414 pw.print("mAlwaysOnVpnPackage="); 1415 pw.println(mAlwaysOnVpnPackage); 1416 1417 pw.print("mAlwaysOnVpnLockdown="); 1418 pw.println(mAlwaysOnVpnLockdown); 1419 1420 pw.print("mCommonCriteriaMode="); 1421 pw.println(mCommonCriteriaMode); 1422 1423 pw.print("mPasswordComplexity="); 1424 pw.println(mPasswordComplexity); 1425 1426 pw.print("mNearbyNotificationStreamingPolicy="); 1427 pw.println(mNearbyNotificationStreamingPolicy); 1428 1429 pw.print("mNearbyAppStreamingPolicy="); 1430 pw.println(mNearbyAppStreamingPolicy); 1431 1432 if (!TextUtils.isEmpty(mOrganizationId)) { 1433 pw.print("mOrganizationId="); 1434 pw.println(mOrganizationId); 1435 } 1436 1437 if (!TextUtils.isEmpty(mEnrollmentSpecificId)) { 1438 pw.print("mEnrollmentSpecificId="); 1439 pw.println(mEnrollmentSpecificId); 1440 } 1441 1442 pw.print("mAdminCanGrantSensorsPermissions="); 1443 pw.println(mAdminCanGrantSensorsPermissions); 1444 1445 pw.print("mUsbDataSignaling="); 1446 pw.println(mUsbDataSignalingEnabled); 1447 1448 pw.print("mWifiMinimumSecurityLevel="); 1449 pw.println(mWifiMinimumSecurityLevel); 1450 1451 if (mWifiSsidPolicy != null) { 1452 if (mWifiSsidPolicy.getPolicyType() == WIFI_SSID_POLICY_TYPE_ALLOWLIST) { 1453 pw.print("mSsidAllowlist="); 1454 } else { 1455 pw.print("mSsidDenylist="); 1456 } 1457 pw.println(ssidsToStrings(mWifiSsidPolicy.getSsids())); 1458 } 1459 1460 if (mFactoryResetProtectionPolicy != null) { 1461 pw.println("mFactoryResetProtectionPolicy:"); 1462 pw.increaseIndent(); 1463 mFactoryResetProtectionPolicy.dump(pw); 1464 pw.decreaseIndent(); 1465 } 1466 1467 if (mPreferentialNetworkServiceConfigs != null) { 1468 pw.println("mPreferentialNetworkServiceConfigs:"); 1469 pw.increaseIndent(); 1470 for (PreferentialNetworkServiceConfig config : mPreferentialNetworkServiceConfigs) { 1471 config.dump(pw); 1472 } 1473 pw.decreaseIndent(); 1474 } 1475 1476 pw.print("mtePolicy="); 1477 pw.println(mtePolicy); 1478 1479 pw.print("accountTypesWithManagementDisabled="); 1480 pw.println(accountTypesWithManagementDisabled); 1481 1482 if (mManagedSubscriptionsPolicy != null) { 1483 pw.println("mManagedSubscriptionsPolicy:"); 1484 pw.increaseIndent(); 1485 pw.println(mManagedSubscriptionsPolicy); 1486 pw.decreaseIndent(); 1487 } 1488 1489 pw.print("mDialerPackage="); 1490 pw.println(mDialerPackage); 1491 pw.print("mSmsPackage="); 1492 pw.println(mSmsPackage); 1493 } 1494 } 1495