Adding new uses-policies to existing device administrator on Android

问题

I have a device admin app that uses the following device-admin.xml

<device-admin xmlns:android="http://schemas.android.com/apk/res/android">
 <uses-policies>
     <watch-login />
     <reset-password />
     <force-lock />
     <wipe-data />
 </uses-policies>
</device-admin>

Some users has already activated the device admin permissions. Now, in an update of the app, I want to add a new uses-policy

 <limit-password />

I am wondering how to detect that new use policies have been added programmatically so that we push the reactivation of the device admin permissions?

回答1:

AFAIK the only way is read your device-admin.xml from your apk, and you can do it in this way (from an Activity):

    PackageManager packageManager = getPackageManager();
    List <PackageInfo> packageInfoList = packageManager.getInstalledPackages(0);
    for (PackageInfo packageInfo : packageInfoList) {
        String publicSourceDir = packageInfo.applicationInfo.publicSourceDir;
        if (publicSourceDir.contains("your/app/path")) { // or equals, which you prefer
            File apkFile = new File(publicSourceDir);
            if (apkFile.exists()) {
                try {
                    JarFile jarFile = new JarFile(apkFile);
                    JarEntry jarEntry = jarFile.getJarEntry("xml/device-admin.xml");
                    InputStream is = jarFile.getInputStream(jarEntry);
                    BufferedReader br = new BufferedReader(new InputStreamReader(is));
                    String str;
                    while ((str = br.readLine()) != null) {
                        Log.d("entry: ", str); // your entries in the device-admin.xml
                    }
                } catch (IOException e) {
                    e.printStackTrace();
                }
            }
            break;
        }
    }

回答2:

To check if your active admin has granted policy, you can use https://developer.android.com/reference/android/app/admin/DevicePolicyManager#hasGrantedPolicy(android.content.ComponentName,%20int)

To verify uses policies from device-admin.xml I prefer to use https://developer.android.google.cn/reference/android/app/admin/DeviceAdminInfo.html?hl=zh-cn#usesPolicy(int) but when usesPolicy return true it doesn't mean that the active admin can use it.

ComponentName componentName = new ComponentName(context, MyDeviceAdminReceiver.class);
ResolveInfo resolveInfo = new ResolveInfo();
resolveInfo.activityInfo = context.getPackageManager().getReceiverInfo(componentName, PackageManager.GET_META_DATA);
DeviceAdminInfo info = new DeviceAdminInfo(context, resolveInfo);

if (info.usesPolicy(DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD)) {
    //your application declared <limit-password/> in device_admin.xml
}

DevicePolicyManager dpm = (DevicePolicyManager) context.getSystemService(Context.DEVICE_POLICY_SERVICE);
if (dpm.hasGrantedPolicy(componentName, DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD)) {
    //active device admin has granted <limit-password/> policy
}

来源：https://stackoverflow.com/questions/31318890/adding-new-uses-policies-to-existing-device-administrator-on-android

标签

android

android-manifest

android-permissions

android-securityexception