Interface AppPolicy

    • Constructor Detail

    • Method Detail

      • getIsSaveToLocationAllowed

         abstract boolean getIsSaveToLocationAllowed(@NonNull() Uri location)

        Check if policy prohibits saving to a content provider location.

        Parameters:
        location - a content URI to check
        Returns:

        True if location is not a content URI or if policy does not prohibit saving to the content location.

      • getIsSaveToLocationAllowed

        @Deprecated() abstract boolean getIsSaveToLocationAllowed(@NonNull() SaveLocation service, @Nullable() String username)

        Determines if the SaveLocation passed in can be saved to by the username associated with the cloud service.

        Parameters:
        service - see SaveLocation.
        username - the username/email associated with the cloud service being saved to.
        Returns:

        true if the location can be saved to by the identity, false if otherwise.

      • getIsSaveToLocationAllowedForOID

         abstract boolean getIsSaveToLocationAllowedForOID(@NonNull() SaveLocation service, @Nullable() String oid)

        Determines if the SaveLocation passed in can be saved to by the account associated with the cloud service.

        Parameters:
        service - see SaveLocation.
        oid - the AAD User Id of the account for the cloud service being saved to.
        Returns:

        true if the location can be saved to by the identity, false if otherwise.

      • diagnosticHasSaveRestriction

         abstract boolean diagnosticHasSaveRestriction()

        Test whether there are any SaveLocation restrictions. This may be used for diagnostic purposes or UX purposes, for example when deciding to show text warning users that policy may restrict their actions. When a specific open action is being performed, your app must call getIsSaveToLocationAllowed to test it -- do not use this method for policy enforcement decisions. For example, if this AppPolicy object represents policy for an unmanaged user, this method will return false, but getIsSaveToLocationAllowed(SaveLocation.SHAREPOINT, managedUserUpn) could still return false (disallowed). See also {@see diagnosticHasOpenRestriction}

        Returns:

        whether any SaveLocation restrictions exist

      • getIsOpenFromLocationAllowed

        @Deprecated() abstract boolean getIsOpenFromLocationAllowed(@NonNull() OpenLocation location, @Nullable() String username)

        Determines if data from the OpenLocation can be opened for the username associated with the data.

        Parameters:
        location - see OpenLocation.
        username - the username/email associated with the location the data is being opened from.
        Returns:

        true if the data can be opened from the location for the identity, false if otherwise.

      • getIsOpenFromLocationAllowedForOID

         abstract boolean getIsOpenFromLocationAllowedForOID(@NonNull() OpenLocation location, @Nullable() String oid)

        Determines if data from the OpenLocation can be opened for the account associated with the data.

        Parameters:
        location - see OpenLocation.
        oid - the AAD User Id of the account associated with the location the data is being opened from.
        Returns:

        true if the data can be opened from the location for the identity, false if otherwise.

      • getIsOpenFromContentUriAllowed

         abstract boolean getIsOpenFromContentUriAllowed(@NonNull() Uri location)

        Check if policy prohibits opening from a content provider location.

        Parameters:
        location - a content URI to check
        Returns:

        True if location is not a content URI or if policy does not prohibit opening from the content location.

      • getIsOpenFromLocalStorageAllowed

         abstract boolean getIsOpenFromLocalStorageAllowed(@NonNull() File file)

        Determines if the provided File in local storage can be opened.

        Parameters:
        file - the file being opened.
        Returns:

        true if the data can be opened from the location for the current identity, false if otherwise.

      • diagnosticHasOpenRestriction

         abstract boolean diagnosticHasOpenRestriction()

        Test whether there are any OpenLocation restrictions. This may be used for diagnostic purposes or UX purposes, for example when deciding to show text warning users that policy may restrict their actions. When a specific open action is being performed, your app must call getIsOpenFromLocationAllowed to test it -- do not use this method for policy enforcement decisions. For example, if this AppPolicy object represents policy for an unmanaged user, this method will return false, but getIsOpenFromLocationAllowed(OpenLocation.SHAREPOINT, managedUserUpn) could still return false (disallowed).

        Returns:

        whether any OpenLocation restrictions exist

      • areIntentActivitiesAllowed

         abstract boolean areIntentActivitiesAllowed(@NonNull() Intent intent)

        Checks whether any activities which could handle the given intent are allowed by policy. Returns false only if all activities which could otherwise handle the intent are blocked. If there are no activities which could handle the intent regardless of policy, returns true. If some activities are allowed and others blocked, returns true. Note that it is not necessary to use this method for policy enforcement. If your app attempts to launch an intent for which there are no allowed activities, MAM will display a dialog explaining the situation to the user.

        Parameters:
        intent - intent to check
        Returns:

        whether any activities which could handle this intent are allowed.

      • getIsPinRequired

         abstract boolean getIsPinRequired()

        Whether the SDK PIN prompt is enabled for the app.

        Returns:

        True if the PIN is enabled. False otherwise.

      • getIsManagedBrowserRequired

         abstract boolean getIsManagedBrowserRequired()

        Whether a policy-managed browser is required to open web links.

        Returns:

        True if a managed browser is required, false otherwise

      • getIsScreenCaptureAllowed

         abstract boolean getIsScreenCaptureAllowed()

        Check if policy allows taking screenshots.

        Returns:

        True if screenshots are allowed, false otherwise

      • getIsContactSyncAllowed

         abstract boolean getIsContactSyncAllowed()

        Check if policy allows Contact sync to local contact list.

        Returns:

        True if Contact sync is allowed to save to local contact list; false otherwise.

      • getNotificationRestriction

        @NonNull() abstract NotificationRestriction getNotificationRestriction()

        Get the notification restriction. If BLOCKED, the app must not show any notifications for the user associated with this policy. If BLOCK_ORG_DATA, the app must show a modified notification that does not contain organization data. If UNRESTRICTED, all notifications are allowed. Note that under certain policies this call may be slow -- it should be called on a background thread when showing notifications and not on the main thread.

        Returns:

        The notification restriction.

      • diagnosticIsFileEncryptionInUse

         abstract boolean diagnosticIsFileEncryptionInUse()

        This method is intended for diagnostic/telemetry purposes only. It can be used to discover whether file encryption is in use. File encryption is transparent to the app and the app should not need to make any business logic decisions based on this.

        Returns:

        True if file encryption is in use.

      • toString

         abstract String toString()

        Return the policy in string format to the app.

        Returns:

        The string representing the policy.