1# @ohos.enterprise.accountManager(账户管理)(系统接口) 2 3本模块提供设备帐户管理能力,包括禁止创建本地用户等。 4 5> **说明:** 6> 7> 本模块首批接口从API version 10开始支持。后续版本的新增接口,采用上角标单独标记接口的起始版本。 8> 9> 本模块接口仅可在Stage模型下使用。 10> 11> 本模块接口仅对[设备管理应用](../../mdm/mdm-kit-guide.md#功能介绍)开放,需将[设备管理应用激活](js-apis-enterprise-adminManager-sys.md#adminmanagerenableadmin)后调用,实现相应功能。 12> 13> 当前页面仅包含本模块的系统接口,其他公开接口参见。其他公开接口参见[@ohos.enterprise.accountManager](js-apis-enterprise-accountManager.md)。 14 15## 导入模块 16 17```ts 18import { accountManager } from '@kit.MDMKit'; 19``` 20 21## accountManager.disallowAddLocalAccount 22 23disallowAddLocalAccount(admin: Want, disallow: boolean, callback: AsyncCallback<void>): void 24 25指定设备管理应用禁止设备创建本地用户。使用callback异步回调。 26 27**需要权限:** ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 28 29**系统能力:** SystemCapability.Customization.EnterpriseDeviceManager 30 31 32 33**参数:** 34 35| 参数名 | 类型 | 必填 | 说明 | 36| -------- | ---------------------------------------- | ---- | ------------------------------- | 37| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | 是 | 设备管理应用。 | 38| disallow | boolean | 是 | 是否禁止创建本地用户,true表示禁止创建,false表示允许创建。 | 39| callback | AsyncCallback<void> | 是 | 回调函数。当接口调用成功,err为null,否则为错误对象。 | 40 41**错误码**: 42 43以下错误码的详细介绍请参见[企业设备管理错误码](errorcode-enterpriseDeviceManager.md)和[通用错误码](../errorcode-universal.md)。 44 45| 错误码ID | 错误信息 | 46| ------- | ---------------------------------------------------------------------------- | 47| 9200001 | The application is not an administrator application of the device. | 48| 9200002 | The administrator application does not have permission to manage the device. | 49| 201 | Permission verification failed. The application does not have the permission required to call the API. | 50| 202 | Permission verification failed. A non-system application calls a system API. | 51| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 52 53**示例:** 54 55```ts 56import { Want } from '@kit.AbilityKit'; 57let wantTemp: Want = { 58 bundleName: 'com.example.myapplication', 59 abilityName: 'EntryAbility', 60}; 61 62accountManager.disallowAddLocalAccount(wantTemp, true, (err) => { 63 if (err) { 64 console.error(`Failed to disallow add local account. Code: ${err.code}, message: ${err.message}`); 65 return; 66 } 67 console.info('Succeeded in disallowing add local account'); 68}); 69``` 70 71## accountManager.disallowAddLocalAccount 72 73disallowAddLocalAccount(admin: Want, disallow: boolean): Promise<void> 74 75指定设备管理应用禁止设备创建本地用户。使用promise异步回调。 76 77**需要权限:** ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 78 79**系统能力:** SystemCapability.Customization.EnterpriseDeviceManager 80 81 82 83**参数:** 84 85| 参数名 | 类型 | 必填 | 说明 | 86| ----- | ----------------------------------- | ---- | ------- | 87| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | 是 | 设备管理应用。 | 88| disallow | boolean | 是 | 是否禁止创建本地用户,true表示禁止创建,false表示允许创建。 | 89 90**返回值:** 91 92| 类型 | 说明 | 93| --------------------- | ------------------------- | 94| Promise<void> | 无返回结果的Promise对象。当禁止创建本地用户失败时,抛出错误对象。 | 95 96**错误码**: 97 98以下错误码的详细介绍请参见[企业设备管理错误码](errorcode-enterpriseDeviceManager.md)和[通用错误码](../errorcode-universal.md)。 99 100| 错误码ID | 错误信息 | 101| ------- | ---------------------------------------------------------------------------- | 102| 9200001 | The application is not an administrator application of the device. | 103| 9200002 | The administrator application does not have permission to manage the device. | 104| 201 | Permission verification failed. The application does not have the permission required to call the API. | 105| 202 | Permission verification failed. A non-system application calls a system API. | 106| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 107 108**示例:** 109 110```ts 111import { Want } from '@kit.AbilityKit'; 112import { BusinessError } from '@kit.BasicServicesKit'; 113let wantTemp: Want = { 114 bundleName: 'com.example.myapplication', 115 abilityName: 'EntryAbility', 116}; 117 118accountManager.disallowAddLocalAccount(wantTemp, true).then(() => { 119 console.info('Succeeded in disallowing add local account'); 120}).catch((err: BusinessError) => { 121 console.error(`Failed to disallow add local account. Code: ${err.code}, message: ${err.message}`); 122}); 123``` 124 125## accountManager.disallowAddOsAccountByUser<sup>11+</sup> 126 127disallowAddOsAccountByUser(admin: Want, userId: number, disallow: boolean): void 128 129指定设备管理应用禁止用户添加账号。 130 131**需要权限:** ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 132 133**系统能力:** SystemCapability.Customization.EnterpriseDeviceManager 134 135 136 137**参数:** 138 139| 参数名 | 类型 | 必填 | 说明 | 140| -------- | ----------------------------------- | ---- | ----------------------------------------------------------- | 141| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | 是 | 设备管理应用。 | 142| userId | number | 是 | 用户ID,指定具体用户,取值范围:大于等于0。 | 143| disallow | boolean | 是 | 是否禁止用户添加账号,true表示禁止添加,false表示允许添加。 | 144 145**错误码**: 146 147以下错误码的详细介绍请参见[企业设备管理错误码](errorcode-enterpriseDeviceManager.md)和[通用错误码](../errorcode-universal.md)。 148 149| 错误码ID | 错误信息 | 150| -------- | ------------------------------------------------------------ | 151| 9200001 | The application is not an administrator application of the device. | 152| 9200002 | The administrator application does not have permission to manage the device. | 153| 201 | Permission verification failed. The application does not have the permission required to call the API. | 154| 202 | Permission verification failed. A non-system application calls a system API. | 155| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 156 157**示例:** 158 159```ts 160import { Want } from '@kit.AbilityKit'; 161let wantTemp: Want = { 162 bundleName: 'com.example.myapplication', 163 abilityName: 'EntryAbility', 164}; 165 166try { 167 accountManager.disallowAddOsAccountByUser(wantTemp, 100, true); 168 console.info(`Succeeded in disallowing user add os account`); 169} catch (err) { 170 console.error(`Failed to disallow user add os account. Code: ${err.code}, message: ${err.message}`); 171} 172``` 173 174## accountManager.isAddOsAccountByUserDisallowed<sup>11+</sup> 175 176isAddOsAccountByUserDisallowed(admin: Want, userId: number): boolean 177 178指定设备管理应用查询是否禁止某用户添加账号。 179 180**需要权限:** ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 181 182**系统能力:** SystemCapability.Customization.EnterpriseDeviceManager 183 184 185 186**参数:** 187 188| 参数名 | 类型 | 必填 | 说明 | 189| ------ | ----------------------------------- | ---- | ------------------------------------------- | 190| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | 是 | 设备管理应用。 | 191| userId | number | 是 | 用户ID,指定具体用户,取值范围:大于等于0。 | 192 193**返回值:** 194 195| 类型 | 说明 | 196| ------- | ------------------------------------------------------------ | 197| boolean | 返回true表示该用户禁止添加账号,<br/>返回false表示该用户允许添加账号。 | 198 199**错误码**: 200 201以下错误码的详细介绍请参见[企业设备管理错误码](errorcode-enterpriseDeviceManager.md)和[通用错误码](../errorcode-universal.md)。 202 203| 错误码ID | 错误信息 | 204| -------- | ------------------------------------------------------------ | 205| 9200001 | The application is not an administrator application of the device. | 206| 9200002 | The administrator application does not have permission to manage the device. | 207| 201 | Permission verification failed. The application does not have the permission required to call the API. | 208| 202 | Permission verification failed. A non-system application calls a system API. | 209| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 210 211**示例:** 212 213```ts 214import { Want } from '@kit.AbilityKit'; 215let wantTemp: Want = { 216 bundleName: 'com.example.myapplication', 217 abilityName: 'EntryAbility', 218}; 219 220try { 221 let isDisallowed: boolean = accountManager.isAddOsAccountByUserDisallowed(wantTemp, 100); 222 console.info(`Succeeded in querying the user can add os account or not: ${isDisallowed}`); 223} catch (err) { 224 console.error(`Failed to query the user can add os account or not. Code: ${err.code}, message: ${err.message}`); 225} 226``` 227 228## accountManager.addOsAccount<sup>11+</sup> 229 230addOsAccount(admin: Want, name: string, type: osAccount.OsAccountType): osAccount.OsAccountInfo 231 232指定设备管理应用后台添加账号。 233 234**需要权限:** ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 235 236**系统能力:** SystemCapability.Customization.EnterpriseDeviceManager 237 238 239 240**参数:** 241 242| 参数名 | 类型 | 必填 | 说明 | 243| ------ | ------------------------------------------------------------ | ---- | ------------------------------------------------------------ | 244| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | 是 | 设备管理应用。 | 245| name | string | 是 | 用户ID,指定具体用户,取值范围:大于等于0。 | 246| type | [osAccount.OsAccountType](../apis-basic-services-kit/js-apis-osAccount.md#osaccounttype) | 是 | 要添加的账号的类型。<br/>取值范围:ADMIN、NORMAL、GUEST。<br/>· ADMIN:管理员帐号。<br/>· NORMAL:普通账号。<br/>· GUEST:访客账号。 | 247 248**返回值:** 249 250| 类型 | 说明 | 251| ------------------------------------------------------------ | -------------------- | 252| [osAccount.OsAccountInfo](../apis-basic-services-kit/js-apis-osAccount.md#osaccounttype) | 返回添加的账号信息。 | 253 254**错误码**: 255 256以下错误码的详细介绍请参见[企业设备管理错误码](errorcode-enterpriseDeviceManager.md)和[通用错误码](../errorcode-universal.md)。 257 258| 错误码ID | 错误信息 | 259| -------- | ------------------------------------------------------------ | 260| 9200001 | The application is not an administrator application of the device. | 261| 9200002 | The administrator application does not have permission to manage the device. | 262| 9201003 | Failed to add an OS account. | 263| 201 | Permission verification failed. The application does not have the permission required to call the API. | 264| 202 | Permission verification failed. A non-system application calls a system API. | 265| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 266 267**示例:** 268 269```ts 270import { Want } from '@kit.AbilityKit'; 271import { osAccount } from '@kit.BasicServicesKit'; 272let wantTemp: Want = { 273 bundleName: 'com.example.myapplication', 274 abilityName: 'EntryAbility', 275}; 276 277try { 278 let info: osAccount.OsAccountInfo = accountManager.addOsAccount(wantTemp, "TestAccountName", osAccount.OsAccountType.NORMAL); 279 console.info(`Succeeded in creating os account: ${JSON.stringify(info)}`); 280} catch (err) { 281 console.error(`Failed to creating os account. Code: ${err.code}, message: ${err.message}`); 282} 283``` 284 285