B4A Library Device Administrator library

Discussion in 'Additional libraries, classes and official updates' started by Erel, Jul 2, 2012.

  1. Erel

    Erel Administrator Staff Member Licensed User

    Starting from Android 2.2 (api level 8), Android allows application to be registered as administrators.
    Administrator apps have the following special features:
    - Manually lock the screen
    - Set the minimum password length and quality
    - Wipe the entire device
    - Set the maximum allowed time before the device locks
    - Request the user to change password
    - Manually set a new password
    - Disable the camera
    - Track password changes
    - Some other security features as described here.

    Note that the password is the screen lock password (other passwords are not affected).

    The user needs to enable the admin app before it can have any special privileges.
    This is done either by calling Manager.Enable or from the Security settings page.
    The user will see a message with the policies that this app requests:

    [​IMG]

    The user can always disable an administrator app from the Security settings page. The idea is that in your app you should check whether the admin is enabled and the password meets the requirements. If they don't then you do not give access to some resource such as the company's server.

    How to
    A working example is attached to this project. It is recommended to start with it.
    Add the following code to the manifest editor:

    Code:
    AddApplicationText(<receiver android:name="anywheresoftware.b4a.objects.AdminReceiver2"
      android:permission=
    "android.permission.BIND_DEVICE_ADMIN">
      <meta-data android:name=
    "android.app.device_admin"
      android:resource=
    "@xml/device_admin" />
      <
    intent-filter>
      <action android:name=
    "android.app.action.DEVICE_ADMIN_ENABLED" />
      </
    intent-filter>
    </receiver>)

    CreateResource(xml, device_admin.xml,
    <device-admin xmlns:android=
    "http://schemas.android.com/apk/res/android">
      <uses-policies>
      <limit-password />
      <reset-password />
      <force-
    lock />
      </uses-policies>
    </device-admin>
    )
    3. Declare an AdminManager object. With this object you can ask the user to enable the admin app and access the special privileges.

    4. (optional) Add a service named ManagerService. This service will allow you to track password changes and changes to the admin app enabled status. See the attached example.


    The latest version of this library is included in the IDE.

    Upgrading from v1.00

    The receiver name has changed. You need to update the manifest editor code.
    The user will probably need to re-enable the admin app. V1.00 library is attached to allow developers to keep the previous version if prefered.
     

    Attached Files:

    Last edited: Sep 11, 2017
  2. vb1992

    vb1992 Well-Known Member Licensed User

    nice :)
     
  3. PFlores81

    PFlores81 Active Member Licensed User

    Erel, You are the man.. Thank you very much. I appreciate this!

    Edit: Erel, is it possible to use the reset password and have it read from a file to choose a randomized passcode?
     
    Last edited: Jul 5, 2012
  4. Erel

    Erel Administrator Staff Member Licensed User

    Yes. The password value (the string) can come from anywhere you want.
     
  5. fpdianzen

    fpdianzen Member Licensed User

    is this the same with keyguard manager, or is it a differnt one?
     
  6. Erel

    Erel Administrator Staff Member Licensed User

    This library is not related to keyguard manager.
     
  7. newSteve

    newSteve Member Licensed User

    Clear Password

    Can it be used to remove the password?
     
  8. Erel

    Erel Administrator Staff Member Licensed User

    You can try passing an empty string to ResetPassword method. I haven't tested whether it will clear the password or not.
     
  9. fransvlaarhoven

    fransvlaarhoven Active Member Licensed User

    Question

    Hallo,

    I’ve a question:
    The administrator is supposed to be able to
    - Manually lock the screen
    - Set the minimum password length and quality
    - Wipe the entire device
    - Set the maximum allowed time before the device locks
    - Request the user to change password
    - Manually set a new password
    - Disable the camera
    - Track password changes
    - Some other security features as described here.

    I’ve downloaded the example and now I start wondering how to:
    - Wipe the entire device
    - Disable the camera

    Can you tell me how to do that?

    Thanks
     
  10. Erel

    Erel Administrator Staff Member Licensed User

    It can be done with Reflection. Disabling the camera is only supported by Android 4+.

    Code:
    'wipe data
    Dim r As Reflector
    r.Target = admin
    r.Target = r.GetField(
    "dm")
    r.RunMethod2(
    "wipeData"0"java.lang.int"'this will wipe your device. Be careful!

    'Disable the camera
    Dim r As Reflector
    r.Target = Admin
    Dim cm As Object
    cm = r.GetField(
    "rec")
    r.Target = r.GetField(
    "dm")
    r.RunMethod4(
    "setCameraDisabled"Array As Object(cm, True), _
     
    Array As String("android.content.ComponentName""java.lang.boolean"'change to False to enable camera
     
    Jmu5667 likes this.
  11. fransvlaarhoven

    fransvlaarhoven Active Member Licensed User

    Thanks for your repply. I will try that out.
     
  12. Neojoy

    Neojoy Member Licensed User

    Is it possible deny uninstalling procedures?
     
  13. Erel

    Erel Administrator Staff Member Licensed User

    No. You can however check whether a package is installed and if not deny access to something else.
     
  14. driesvp

    driesvp Member Licensed User

    Hello,

    Is it possible that an user cannot disable the administrator? I would like to prevent that an user can use their smartphone to surf on the net.
     
  15. Erel

    Erel Administrator Staff Member Licensed User

    No. This is how Android is designed. The user can always disable an administrator app.
     
  16. driesvp

    driesvp Member Licensed User

    Thanks!
     
  17. hursta

    hursta Member Licensed User

    Why do I not get an event when password is succeeded or failed?

    Sub Service_Start (StartingIntent As Intent)
    If StartingIntent.HasExtra("admin") Then
    Select StartingIntent.GetExtra("admin")
    Case "Enabled"
    Log("admin enabled")
    AdminEnabled
    Case "Disabled"
    Log("admin disabled")
    Case "PasswordChanged"
    Log("Password changed")
    Case "PasswordFailed"
    Log("Password failed")
    Case "PasswordSucceeded"
    Log("Password succeeded")
    End Select
    End If
    End Sub
     
  18. Erel

    Erel Administrator Staff Member Licensed User

    Please use [ code ] [ /code ] tags (without spaces) when posting code.

    Are you running the example code?

    Did you activate the app as an admin app?
     
  19. hursta

    hursta Member Licensed User

    Hi Erel,
    yes, it its the example code and app is activated as admin app.
    In log I can see "Password changed" but not Password failed and Password succeeded.
     
  20. hursta

    hursta Member Licensed User

    I would like create an admin app that wipes the mobile device when password failed more than 3 times.
     
Loading...