1e41f4b71Sopenharmony_ci# @ohos.enterprise.securityManager(安全管理)(系统接口) 2e41f4b71Sopenharmony_ci 3e41f4b71Sopenharmony_ci本模块提供设备安全管理的能力,包括查询安全补丁状态、查询文件加密状态等。 4e41f4b71Sopenharmony_ci 5e41f4b71Sopenharmony_ci> **说明:** 6e41f4b71Sopenharmony_ci> 7e41f4b71Sopenharmony_ci> 本模块首批接口从API version 11开始支持。后续版本的新增接口,采用上角标单独标记接口的起始版本。 8e41f4b71Sopenharmony_ci> 9e41f4b71Sopenharmony_ci> 本模块接口仅可在Stage模型下使用。 10e41f4b71Sopenharmony_ci> 11e41f4b71Sopenharmony_ci> 本模块接口仅对[设备管理应用](../../mdm/mdm-kit-guide.md#功能介绍)开放,需将[设备管理应用激活](js-apis-enterprise-adminManager-sys.md#adminmanagerenableadmin)后调用,实现相应功能。 12e41f4b71Sopenharmony_ci> 13e41f4b71Sopenharmony_ci> 当前页面仅包含本模块的系统接口,其他公开接口参见。其他公开接口参见[@ohos.enterprise.securityManager](js-apis-enterprise-securityManager.md)。 14e41f4b71Sopenharmony_ci 15e41f4b71Sopenharmony_ci## 导入模块 16e41f4b71Sopenharmony_ci 17e41f4b71Sopenharmony_ci```ts 18e41f4b71Sopenharmony_ciimport { securityManager } from '@kit.MDMKit'; 19e41f4b71Sopenharmony_ci``` 20e41f4b71Sopenharmony_ci 21e41f4b71Sopenharmony_ci## securityManager.getSecurityPatchTag 22e41f4b71Sopenharmony_ci 23e41f4b71Sopenharmony_cigetSecurityPatchTag(admin: Want): string 24e41f4b71Sopenharmony_ci 25e41f4b71Sopenharmony_ci以同步方法查询设备安全补丁Tag。成功返回安全补丁Tag,失败抛出对应异常。 26e41f4b71Sopenharmony_ci 27e41f4b71Sopenharmony_ci**需要权限:** ohos.permission.ENTERPRISE_MANAGE_SECURITY 28e41f4b71Sopenharmony_ci 29e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Customization.EnterpriseDeviceManager 30e41f4b71Sopenharmony_ci 31e41f4b71Sopenharmony_ci**系统API:** 此接口为系统接口。 32e41f4b71Sopenharmony_ci 33e41f4b71Sopenharmony_ci**参数:** 34e41f4b71Sopenharmony_ci 35e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 36e41f4b71Sopenharmony_ci| ----- | ----------------------------------- | ---- | ------- | 37e41f4b71Sopenharmony_ci| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | 是 | 设备管理应用。 | 38e41f4b71Sopenharmony_ci 39e41f4b71Sopenharmony_ci**返回值:** 40e41f4b71Sopenharmony_ci 41e41f4b71Sopenharmony_ci| 类型 | 说明 | 42e41f4b71Sopenharmony_ci| --------------------- | ------------------------- | 43e41f4b71Sopenharmony_ci| string | 补丁Tag结果,返回补丁Tag字符串。 | 44e41f4b71Sopenharmony_ci 45e41f4b71Sopenharmony_ci**错误码**: 46e41f4b71Sopenharmony_ci 47e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[企业设备管理错误码](errorcode-enterpriseDeviceManager.md)和[通用错误码](../errorcode-universal.md)。 48e41f4b71Sopenharmony_ci 49e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 50e41f4b71Sopenharmony_ci| ------- | ---------------------------------------------------------------------------- | 51e41f4b71Sopenharmony_ci| 9200001 | The application is not an administrator application of the device. | 52e41f4b71Sopenharmony_ci| 9200002 | The administrator application does not have permission to manage the device. | 53e41f4b71Sopenharmony_ci| 201 | Permission verification failed. The application does not have the permission required to call the API. | 54e41f4b71Sopenharmony_ci| 202 | Permission verification failed. A non-system application calls a system API. | 55e41f4b71Sopenharmony_ci| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 56e41f4b71Sopenharmony_ci 57e41f4b71Sopenharmony_ci**示例:** 58e41f4b71Sopenharmony_ci 59e41f4b71Sopenharmony_ci```ts 60e41f4b71Sopenharmony_ciimport { Want } from '@kit.AbilityKit'; 61e41f4b71Sopenharmony_ci 62e41f4b71Sopenharmony_cilet wantTemp: Want = { 63e41f4b71Sopenharmony_ci bundleName: 'com.example.myapplication', 64e41f4b71Sopenharmony_ci abilityName: 'EntryAbility', 65e41f4b71Sopenharmony_ci}; 66e41f4b71Sopenharmony_ci 67e41f4b71Sopenharmony_citry { 68e41f4b71Sopenharmony_ci let res: string = securityManager.getSecurityPatchTag(wantTemp); 69e41f4b71Sopenharmony_ci console.info(`Succeeded in getting security patch tag. tag: ${res}`); 70e41f4b71Sopenharmony_ci} catch(err) { 71e41f4b71Sopenharmony_ci console.error(`Failed to get security patch tag. Code: ${err.code}, message: ${err.message}`); 72e41f4b71Sopenharmony_ci} 73e41f4b71Sopenharmony_ci``` 74e41f4b71Sopenharmony_ci## securityManager.getDeviceEncryptionStatus 75e41f4b71Sopenharmony_ci 76e41f4b71Sopenharmony_cigetDeviceEncryptionStatus(admin: Want): DeviceEncryptionStatus 77e41f4b71Sopenharmony_ci 78e41f4b71Sopenharmony_ci以同步方法查询设备文件系统加密状态。成功返回设备文件系统加密状态,失败抛出对应异常。 79e41f4b71Sopenharmony_ci 80e41f4b71Sopenharmony_ci**需要权限:** ohos.permission.ENTERPRISE_MANAGE_SECURITY 81e41f4b71Sopenharmony_ci 82e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Customization.EnterpriseDeviceManager 83e41f4b71Sopenharmony_ci 84e41f4b71Sopenharmony_ci**系统API:** 此接口为系统接口。 85e41f4b71Sopenharmony_ci 86e41f4b71Sopenharmony_ci**参数:** 87e41f4b71Sopenharmony_ci 88e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 89e41f4b71Sopenharmony_ci| -------- | ---------------------------------------- | ---- | ------------------------------- | 90e41f4b71Sopenharmony_ci| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | 是 | 设备管理应用。 | 91e41f4b71Sopenharmony_ci 92e41f4b71Sopenharmony_ci**返回值:** 93e41f4b71Sopenharmony_ci 94e41f4b71Sopenharmony_ci| 类型 | 说明 | 95e41f4b71Sopenharmony_ci| ---------------------- | ------------------------------------------------------ | 96e41f4b71Sopenharmony_ci| DeviceEncryptionStatus | 文件加密状态结构体,现只含有是否进行加密字段(bool)。 | 97e41f4b71Sopenharmony_ci 98e41f4b71Sopenharmony_ci**错误码**: 99e41f4b71Sopenharmony_ci 100e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[企业设备管理错误码](errorcode-enterpriseDeviceManager.md)和[通用错误码](../errorcode-universal.md)。 101e41f4b71Sopenharmony_ci 102e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 103e41f4b71Sopenharmony_ci| ------- | ---------------------------------------------------------------------------- | 104e41f4b71Sopenharmony_ci| 9200001 | The application is not an administrator application of the device. | 105e41f4b71Sopenharmony_ci| 9200002 | The administrator application does not have permission to manage the device. | 106e41f4b71Sopenharmony_ci| 201 | Permission verification failed. The application does not have the permission required to call the API. | 107e41f4b71Sopenharmony_ci| 202 | Permission verification failed. A non-system application calls a system API. | 108e41f4b71Sopenharmony_ci| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 109e41f4b71Sopenharmony_ci 110e41f4b71Sopenharmony_ci**示例:** 111e41f4b71Sopenharmony_ci 112e41f4b71Sopenharmony_ci```ts 113e41f4b71Sopenharmony_ciimport { Want } from '@kit.AbilityKit'; 114e41f4b71Sopenharmony_cilet wantTemp: Want = { 115e41f4b71Sopenharmony_ci bundleName: 'com.example.myapplication', 116e41f4b71Sopenharmony_ci abilityName: 'EntryAbility', 117e41f4b71Sopenharmony_ci}; 118e41f4b71Sopenharmony_ci 119e41f4b71Sopenharmony_citry { 120e41f4b71Sopenharmony_ci let result: securityManager.DeviceEncryptionStatus = securityManager.getDeviceEncryptionStatus(wantTemp); 121e41f4b71Sopenharmony_ci console.info(`Succeeded in getting device encryption status. isEncrypted: ${result.isEncrypted}`); 122e41f4b71Sopenharmony_ci} catch(err) { 123e41f4b71Sopenharmony_ci console.error(`Failed to get device encryption status. Code: ${err.code}, message: ${err.message}`); 124e41f4b71Sopenharmony_ci} 125e41f4b71Sopenharmony_ci``` 126e41f4b71Sopenharmony_ci 127e41f4b71Sopenharmony_ci## securityManager.getPasswordPolicy<sup>12+</sup> 128e41f4b71Sopenharmony_ci 129e41f4b71Sopenharmony_cigetPasswordPolicy(): PasswordPolicy 130e41f4b71Sopenharmony_ci 131e41f4b71Sopenharmony_ci获取设备口令策略。 132e41f4b71Sopenharmony_ci 133e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Customization.EnterpriseDeviceManager 134e41f4b71Sopenharmony_ci 135e41f4b71Sopenharmony_ci**系统API:** 此接口为系统接口。 136e41f4b71Sopenharmony_ci 137e41f4b71Sopenharmony_ci**返回值:** 138e41f4b71Sopenharmony_ci 139e41f4b71Sopenharmony_ci| 类型 | 说明 | 140e41f4b71Sopenharmony_ci| --------------------- | ------------------------- | 141e41f4b71Sopenharmony_ci| [PasswordPolicy](./js-apis-enterprise-securityManager.md#passwordpolicy) | 设备口令策略。 | 142e41f4b71Sopenharmony_ci 143e41f4b71Sopenharmony_ci**错误码**: 144e41f4b71Sopenharmony_ci 145e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[通用错误码](../errorcode-universal.md)。 146e41f4b71Sopenharmony_ci 147e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 148e41f4b71Sopenharmony_ci| ------- | ---------------------------------------------------------------------------- | 149e41f4b71Sopenharmony_ci| 202 | Permission verification failed. A non-system application calls a system API. | 150e41f4b71Sopenharmony_ci 151e41f4b71Sopenharmony_ci**示例:** 152e41f4b71Sopenharmony_ci 153e41f4b71Sopenharmony_ci```ts 154e41f4b71Sopenharmony_citry { 155e41f4b71Sopenharmony_ci let result: securityManager.PasswordPolicy = securityManager.getPasswordPolicy(); 156e41f4b71Sopenharmony_ci console.info(`Succeeded in getting password policy, result : ${JSON.stringify(result)}`); 157e41f4b71Sopenharmony_ci} catch(err) { 158e41f4b71Sopenharmony_ci console.error(`Failed to get password policy. Code: ${err.code}, message: ${err.message}`); 159e41f4b71Sopenharmony_ci} 160e41f4b71Sopenharmony_ci``` 161e41f4b71Sopenharmony_ci 162e41f4b71Sopenharmony_ci## DeviceEncryptionStatus 163e41f4b71Sopenharmony_ci 164e41f4b71Sopenharmony_ci设备管理应用的文件系统加密状态。 165e41f4b71Sopenharmony_ci 166e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Customization.EnterpriseDeviceManager 167e41f4b71Sopenharmony_ci 168e41f4b71Sopenharmony_ci**系统API**: 此接口为系统接口。 169e41f4b71Sopenharmony_ci 170e41f4b71Sopenharmony_ci| 名称 | 类型 | 必填 | 说明 | 171e41f4b71Sopenharmony_ci| ----------- | --------| ---- | ------------------------------- | 172e41f4b71Sopenharmony_ci| isEncrypted | boolean | 是 | 表示设备的文件系统是否加密。true:表示已加密 false:表示未加密 | 173