1e41f4b71Sopenharmony_ci 2e41f4b71Sopenharmony_ci 3e41f4b71Sopenharmony_ci# @ohos.enterprise.securityManager(安全管理) 4e41f4b71Sopenharmony_ci 5e41f4b71Sopenharmony_ci本模块提供设备安全管理的能力,包括查询安全补丁状态、查询文件加密状态等。 6e41f4b71Sopenharmony_ci 7e41f4b71Sopenharmony_ci> **说明:** 8e41f4b71Sopenharmony_ci> 9e41f4b71Sopenharmony_ci> 本模块首批接口从API version 12开始支持。后续版本的新增接口,采用上角标单独标记接口的起始版本。 10e41f4b71Sopenharmony_ci> 11e41f4b71Sopenharmony_ci> 本模块接口仅可在Stage模型下使用。 12e41f4b71Sopenharmony_ci> 13e41f4b71Sopenharmony_ci> 本模块接口仅对[设备管理应用](../../mdm/mdm-kit-guide.md#功能介绍)开放,需将设备管理应用激活后调用,实现相应功能。 14e41f4b71Sopenharmony_ci 15e41f4b71Sopenharmony_ci## 导入模块 16e41f4b71Sopenharmony_ci 17e41f4b71Sopenharmony_ci```ts 18e41f4b71Sopenharmony_ciimport { securityManager } from '@kit.MDMKit'; 19e41f4b71Sopenharmony_ci``` 20e41f4b71Sopenharmony_ci 21e41f4b71Sopenharmony_ci## securityManager.uninstallUserCertificate 22e41f4b71Sopenharmony_ci 23e41f4b71Sopenharmony_ciuninstallUserCertificate(admin: Want, certUri: string): Promise<void> 24e41f4b71Sopenharmony_ci 25e41f4b71Sopenharmony_ci指定设备管理应用卸载用户证书,使用Promise异步回调。 26e41f4b71Sopenharmony_ci 27e41f4b71Sopenharmony_ci**需要权限:** ohos.permission.ENTERPRISE_MANAGE_CERTIFICATE 28e41f4b71Sopenharmony_ci 29e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Customization.EnterpriseDeviceManager 30e41f4b71Sopenharmony_ci 31e41f4b71Sopenharmony_ci**参数:** 32e41f4b71Sopenharmony_ci 33e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 34e41f4b71Sopenharmony_ci| ------- | ------------------------------------------------------- | ---- | --------------------------------- | 35e41f4b71Sopenharmony_ci| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | 是 | 设备管理应用。 | 36e41f4b71Sopenharmony_ci| certUri | string | 是 | 证书uri,由安装用户证书接口返回。 | 37e41f4b71Sopenharmony_ci 38e41f4b71Sopenharmony_ci**返回值:** 39e41f4b71Sopenharmony_ci 40e41f4b71Sopenharmony_ci| 类型 | 说明 | 41e41f4b71Sopenharmony_ci| ------------------- | ------------------------------------------------------------ | 42e41f4b71Sopenharmony_ci| Promise<void> | 无返回结果的Promise对象。当指定设备管理应用卸载用户证书失败时会抛出错误对象。 | 43e41f4b71Sopenharmony_ci 44e41f4b71Sopenharmony_ci**错误码**: 45e41f4b71Sopenharmony_ci 46e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[企业设备管理错误码](errorcode-enterpriseDeviceManager.md)和[通用错误码](../errorcode-universal.md)。 47e41f4b71Sopenharmony_ci 48e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 49e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------------------ | 50e41f4b71Sopenharmony_ci| 9200001 | The application is not an administrator application of the device. | 51e41f4b71Sopenharmony_ci| 9200002 | The administrator application does not have permission to manage the device. | 52e41f4b71Sopenharmony_ci| 9201001 | Failed to manage the certificate. | 53e41f4b71Sopenharmony_ci| 201 | Permission verification failed. The application does not have the permission required to call the API. | 54e41f4b71Sopenharmony_ci| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 55e41f4b71Sopenharmony_ci 56e41f4b71Sopenharmony_ci**示例:** 57e41f4b71Sopenharmony_ci 58e41f4b71Sopenharmony_ci```ts 59e41f4b71Sopenharmony_ciimport { Want } from '@kit.AbilityKit'; 60e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 61e41f4b71Sopenharmony_cilet wantTemp: Want = { 62e41f4b71Sopenharmony_ci bundleName: 'com.example.myapplication', 63e41f4b71Sopenharmony_ci abilityName: 'EntryAbility', 64e41f4b71Sopenharmony_ci}; 65e41f4b71Sopenharmony_cilet aliasStr = "certName" 66e41f4b71Sopenharmony_cisecurityManager.uninstallUserCertificate(wantTemp, aliasStr).then(() => { 67e41f4b71Sopenharmony_ci console.info(`Succeeded in uninstalling user certificate.`); 68e41f4b71Sopenharmony_ci}).catch((err: BusinessError) => { 69e41f4b71Sopenharmony_ci console.error(`Failed to uninstall user certificate. Code is ${err.code}, message is ${err.message}`); 70e41f4b71Sopenharmony_ci}); 71e41f4b71Sopenharmony_ci``` 72e41f4b71Sopenharmony_ci 73e41f4b71Sopenharmony_ci## securityManager.installUserCertificate 74e41f4b71Sopenharmony_ci 75e41f4b71Sopenharmony_ciinstallUserCertificate(admin: Want, certificate: CertBlob): Promise<string> 76e41f4b71Sopenharmony_ci 77e41f4b71Sopenharmony_ci指定设备管理应用安装用户证书,使用Promise异步回调。 78e41f4b71Sopenharmony_ci 79e41f4b71Sopenharmony_ci**需要权限:** ohos.permission.ENTERPRISE_MANAGE_CERTIFICATE 80e41f4b71Sopenharmony_ci 81e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Customization.EnterpriseDeviceManager 82e41f4b71Sopenharmony_ci 83e41f4b71Sopenharmony_ci**参数:** 84e41f4b71Sopenharmony_ci 85e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 86e41f4b71Sopenharmony_ci| ----------- | ------------------------------------------------------- | ---- | -------------- | 87e41f4b71Sopenharmony_ci| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | 是 | 设备管理应用。 | 88e41f4b71Sopenharmony_ci| certificate | [CertBlob](#certblob) | 是 | 证书信息。 | 89e41f4b71Sopenharmony_ci 90e41f4b71Sopenharmony_ci**返回值:** 91e41f4b71Sopenharmony_ci 92e41f4b71Sopenharmony_ci| 类型 | 说明 | 93e41f4b71Sopenharmony_ci| --------------------- | ---------------------------------------------------- | 94e41f4b71Sopenharmony_ci| Promise<string> | Promise对象,返回当前证书安装后的uri,用于卸载证书。 | 95e41f4b71Sopenharmony_ci 96e41f4b71Sopenharmony_ci**错误码**: 97e41f4b71Sopenharmony_ci 98e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[企业设备管理错误码](errorcode-enterpriseDeviceManager.md)和[通用错误码](../errorcode-universal.md)。 99e41f4b71Sopenharmony_ci 100e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 101e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------------------ | 102e41f4b71Sopenharmony_ci| 9200001 | The application is not an administrator application of the device. | 103e41f4b71Sopenharmony_ci| 9200002 | The administrator application does not have permission to manage the device. | 104e41f4b71Sopenharmony_ci| 9201001 | Failed to manage the certificate. | 105e41f4b71Sopenharmony_ci| 201 | Permission verification failed. The application does not have the permission required to call the API. | 106e41f4b71Sopenharmony_ci| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 107e41f4b71Sopenharmony_ci 108e41f4b71Sopenharmony_ci**示例:** 109e41f4b71Sopenharmony_ci 110e41f4b71Sopenharmony_ci```ts 111e41f4b71Sopenharmony_ciimport { Want } from '@kit.AbilityKit'; 112e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 113e41f4b71Sopenharmony_cilet wantTemp: Want = { 114e41f4b71Sopenharmony_ci bundleName: 'com.example.myapplication', 115e41f4b71Sopenharmony_ci abilityName: 'EntryAbility', 116e41f4b71Sopenharmony_ci}; 117e41f4b71Sopenharmony_cilet certFileArray: Uint8Array = new Uint8Array(); 118e41f4b71Sopenharmony_ci// The variable context needs to be initialized in MainAbility's onCreate callback function 119e41f4b71Sopenharmony_ci// test.cer needs to be placed in the rawfile directory 120e41f4b71Sopenharmony_cigetContext().resourceManager.getRawFileContent("test.cer").then((value) => { 121e41f4b71Sopenharmony_ci certFileArray = value 122e41f4b71Sopenharmony_ci securityManager.installUserCertificate(wantTemp, { inData: certFileArray, alias: "cert_alias_xts" }) 123e41f4b71Sopenharmony_ci .then((result) => { 124e41f4b71Sopenharmony_ci console.info(`Succeeded in installing user certificate, result : ${JSON.stringify(result)}`); 125e41f4b71Sopenharmony_ci }).catch((err: BusinessError) => { 126e41f4b71Sopenharmony_ci console.error(`Failed to install user certificate. Code: ${err.code}, message: ${err.message}`); 127e41f4b71Sopenharmony_ci }) 128e41f4b71Sopenharmony_ci}).catch((err: BusinessError) => { 129e41f4b71Sopenharmony_ci console.error(`Failed to get row file content. message: ${err.message}`); 130e41f4b71Sopenharmony_ci return 131e41f4b71Sopenharmony_ci}); 132e41f4b71Sopenharmony_ci``` 133e41f4b71Sopenharmony_ci 134e41f4b71Sopenharmony_ci## securityManager.getSecurityStatus 135e41f4b71Sopenharmony_ci 136e41f4b71Sopenharmony_cigetSecurityStatus(admin: Want, item: string): string 137e41f4b71Sopenharmony_ci 138e41f4b71Sopenharmony_ci获取安全策略信息。 139e41f4b71Sopenharmony_ci 140e41f4b71Sopenharmony_ci**需要权限:** ohos.permission.ENTERPRISE_MANAGE_SECURITY 141e41f4b71Sopenharmony_ci 142e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Customization.EnterpriseDeviceManager 143e41f4b71Sopenharmony_ci 144e41f4b71Sopenharmony_ci**参数:** 145e41f4b71Sopenharmony_ci 146e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 147e41f4b71Sopenharmony_ci| ------ | ------------------------------------------------------- | ---- | ------------------------------------------------------------ | 148e41f4b71Sopenharmony_ci| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | 是 | 设备管理应用。 | 149e41f4b71Sopenharmony_ci| item | string | 是 | 安全策略名称。<br/>- patch:设备安全补丁。<br/>- encryption:设备文件系统加密。 <!--RP1--><!--RP1End-->| 150e41f4b71Sopenharmony_ci 151e41f4b71Sopenharmony_ci**返回值:** 152e41f4b71Sopenharmony_ci 153e41f4b71Sopenharmony_ci| 类型 | 说明 | 154e41f4b71Sopenharmony_ci| ------ | -------------------- | 155e41f4b71Sopenharmony_ci| string | 返回安全策略状态值。 | 156e41f4b71Sopenharmony_ci 157e41f4b71Sopenharmony_ci**错误码**: 158e41f4b71Sopenharmony_ci 159e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[企业设备管理错误码](errorcode-enterpriseDeviceManager.md)和[通用错误码](../errorcode-universal.md)。 160e41f4b71Sopenharmony_ci 161e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 162e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------------------ | 163e41f4b71Sopenharmony_ci| 9200001 | The application is not an administrator application of the device. | 164e41f4b71Sopenharmony_ci| 9200002 | The administrator application does not have permission to manage the device. | 165e41f4b71Sopenharmony_ci| 201 | Permission verification failed. The application does not have the permission required to call the API. | 166e41f4b71Sopenharmony_ci| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 167e41f4b71Sopenharmony_ci 168e41f4b71Sopenharmony_ci**示例:** 169e41f4b71Sopenharmony_ci 170e41f4b71Sopenharmony_ci```ts 171e41f4b71Sopenharmony_ciimport { Want } from '@kit.AbilityKit'; 172e41f4b71Sopenharmony_cilet wantTemp: Want = { 173e41f4b71Sopenharmony_ci bundleName: 'com.example.myapplication', 174e41f4b71Sopenharmony_ci abilityName: 'EntryAbility', 175e41f4b71Sopenharmony_ci}; 176e41f4b71Sopenharmony_ci 177e41f4b71Sopenharmony_citry { 178e41f4b71Sopenharmony_ci let result: string = securityManager.getSecurityStatus(wantTemp, 'patch'); 179e41f4b71Sopenharmony_ci console.info(`Succeeded in getting security patch tag. tag: ${result}`); 180e41f4b71Sopenharmony_ci} catch (err) { 181e41f4b71Sopenharmony_ci console.error(`Failed to get security patch tag. Code: ${err.code}, message: ${err.message}`); 182e41f4b71Sopenharmony_ci} 183e41f4b71Sopenharmony_ci``` 184e41f4b71Sopenharmony_ci 185e41f4b71Sopenharmony_ci## securityManager.setPasswordPolicy<sup>12+</sup> 186e41f4b71Sopenharmony_ci 187e41f4b71Sopenharmony_cisetPasswordPolicy(admin: Want, policy: PasswordPolicy): void 188e41f4b71Sopenharmony_ci 189e41f4b71Sopenharmony_ci指定设备管理应用设置设备口令策略。 190e41f4b71Sopenharmony_ci 191e41f4b71Sopenharmony_ci**需要权限:** ohos.permission.ENTERPRISE_MANAGE_SECURITY 192e41f4b71Sopenharmony_ci 193e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Customization.EnterpriseDeviceManager 194e41f4b71Sopenharmony_ci 195e41f4b71Sopenharmony_ci**参数:** 196e41f4b71Sopenharmony_ci 197e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 198e41f4b71Sopenharmony_ci| -------- | ---------------------------------------- | ---- | ------------------------------- | 199e41f4b71Sopenharmony_ci| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | 是 | 设备管理应用。 | 200e41f4b71Sopenharmony_ci| policy | [PasswordPolicy](#passwordpolicy) | 是 | 设备口令策略。 | 201e41f4b71Sopenharmony_ci 202e41f4b71Sopenharmony_ci**错误码**: 203e41f4b71Sopenharmony_ci 204e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[企业设备管理错误码](errorcode-enterpriseDeviceManager.md)和[通用错误码](../errorcode-universal.md)。 205e41f4b71Sopenharmony_ci 206e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 207e41f4b71Sopenharmony_ci| ------- | ---------------------------------------------------------------------------- | 208e41f4b71Sopenharmony_ci| 9200001 | The application is not an administrator application of the device. | 209e41f4b71Sopenharmony_ci| 9200002 | The administrator application does not have permission to manage the device. | 210e41f4b71Sopenharmony_ci| 201 | Permission verification failed. The application does not have the permission required to call the API. | 211e41f4b71Sopenharmony_ci| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 212e41f4b71Sopenharmony_ci 213e41f4b71Sopenharmony_ci**示例:** 214e41f4b71Sopenharmony_ci 215e41f4b71Sopenharmony_ci```ts 216e41f4b71Sopenharmony_ciimport { Want } from '@kit.AbilityKit'; 217e41f4b71Sopenharmony_cilet wantTemp: Want = { 218e41f4b71Sopenharmony_ci bundleName: 'com.example.myapplication', 219e41f4b71Sopenharmony_ci abilityName: 'EntryAbility', 220e41f4b71Sopenharmony_ci}; 221e41f4b71Sopenharmony_ci 222e41f4b71Sopenharmony_cilet policy: securityManager.PasswordPolicy = { 223e41f4b71Sopenharmony_ci complexityRegex: '^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)[a-zA-Z\d]{8,}$', 224e41f4b71Sopenharmony_ci validityPeriod: 1, 225e41f4b71Sopenharmony_ci additionalDescription: '至少八个字符,至少一个大写字母,一个小写字母,一个数字和一个特殊字符', 226e41f4b71Sopenharmony_ci} 227e41f4b71Sopenharmony_citry { 228e41f4b71Sopenharmony_ci securityManager.setPasswordPolicy(wantTemp, policy); 229e41f4b71Sopenharmony_ci console.info(`Succeeded in setting password policy.`); 230e41f4b71Sopenharmony_ci} catch(err) { 231e41f4b71Sopenharmony_ci console.error(`Failed to set password policy. Code: ${err.code}, message: ${err.message}`); 232e41f4b71Sopenharmony_ci} 233e41f4b71Sopenharmony_ci``` 234e41f4b71Sopenharmony_ci 235e41f4b71Sopenharmony_ci## securityManager.getPasswordPolicy<sup>12+</sup> 236e41f4b71Sopenharmony_ci 237e41f4b71Sopenharmony_cigetPasswordPolicy(admin: Want): PasswordPolicy 238e41f4b71Sopenharmony_ci 239e41f4b71Sopenharmony_ci指定设备管理应用获取设备口令策略。 240e41f4b71Sopenharmony_ci 241e41f4b71Sopenharmony_ci**需要权限:** ohos.permission.ENTERPRISE_MANAGE_SECURITY 242e41f4b71Sopenharmony_ci 243e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Customization.EnterpriseDeviceManager 244e41f4b71Sopenharmony_ci 245e41f4b71Sopenharmony_ci**参数:** 246e41f4b71Sopenharmony_ci 247e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 248e41f4b71Sopenharmony_ci| -------- | ---------------------------------------- | ---- | ------------------------------- | 249e41f4b71Sopenharmony_ci| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | 是 | 设备管理应用。 | 250e41f4b71Sopenharmony_ci 251e41f4b71Sopenharmony_ci**返回值:** 252e41f4b71Sopenharmony_ci 253e41f4b71Sopenharmony_ci| 类型 | 说明 | 254e41f4b71Sopenharmony_ci| --------------------- | ------------------------- | 255e41f4b71Sopenharmony_ci| [PasswordPolicy](#passwordpolicy) | 设备口令策略。 | 256e41f4b71Sopenharmony_ci 257e41f4b71Sopenharmony_ci**错误码**: 258e41f4b71Sopenharmony_ci 259e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[企业设备管理错误码](errorcode-enterpriseDeviceManager.md)和[通用错误码](../errorcode-universal.md)。 260e41f4b71Sopenharmony_ci 261e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 262e41f4b71Sopenharmony_ci| ------- | ---------------------------------------------------------------------------- | 263e41f4b71Sopenharmony_ci| 9200001 | The application is not an administrator application of the device. | 264e41f4b71Sopenharmony_ci| 9200002 | The administrator application does not have permission to manage the device. | 265e41f4b71Sopenharmony_ci| 201 | Permission verification failed. The application does not have the permission required to call the API. | 266e41f4b71Sopenharmony_ci| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 267e41f4b71Sopenharmony_ci 268e41f4b71Sopenharmony_ci**示例:** 269e41f4b71Sopenharmony_ci 270e41f4b71Sopenharmony_ci```ts 271e41f4b71Sopenharmony_ciimport { Want } from '@kit.AbilityKit'; 272e41f4b71Sopenharmony_cilet wantTemp: Want = { 273e41f4b71Sopenharmony_ci bundleName: 'com.example.myapplication', 274e41f4b71Sopenharmony_ci abilityName: 'EntryAbility', 275e41f4b71Sopenharmony_ci}; 276e41f4b71Sopenharmony_ci 277e41f4b71Sopenharmony_citry { 278e41f4b71Sopenharmony_ci let result: securityManager.PasswordPolicy = securityManager.getPasswordPolicy(wantTemp); 279e41f4b71Sopenharmony_ci console.info(`Succeeded in getting password policy, result : ${JSON.stringify(result)}`); 280e41f4b71Sopenharmony_ci} catch(err) { 281e41f4b71Sopenharmony_ci console.error(`Failed to get password policy. Code: ${err.code}, message: ${err.message}`); 282e41f4b71Sopenharmony_ci} 283e41f4b71Sopenharmony_ci``` 284e41f4b71Sopenharmony_ci 285e41f4b71Sopenharmony_ci## securityManager.setAppClipboardPolicy<sup>12+</sup> 286e41f4b71Sopenharmony_ci 287e41f4b71Sopenharmony_cisetAppClipboardPolicy(admin: Want, tokenId: number, policy: ClipboardPolicy): void 288e41f4b71Sopenharmony_ci 289e41f4b71Sopenharmony_ci指定设备管理应用设置设备剪贴板策略。 290e41f4b71Sopenharmony_ci 291e41f4b71Sopenharmony_ci**需要权限:** ohos.permission.ENTERPRISE_MANAGE_SECURITY 292e41f4b71Sopenharmony_ci 293e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Customization.EnterpriseDeviceManager 294e41f4b71Sopenharmony_ci 295e41f4b71Sopenharmony_ci**参数:** 296e41f4b71Sopenharmony_ci 297e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 298e41f4b71Sopenharmony_ci| -------- | ---------------------------------------- | ---- | ------------------------------- | 299e41f4b71Sopenharmony_ci| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | 是 | 设备管理应用。 | 300e41f4b71Sopenharmony_ci| tokenId | number | 是 | 目标应用的身份标识。可通过应用的[ApplicationInfo](../apis-ability-kit/js-apis-bundleManager-applicationInfo.md)获得。当前只支持最多100个tokenId被保存策略。 | 301e41f4b71Sopenharmony_ci| policy | [ClipboardPolicy](#clipboardpolicy) | 是 | 剪贴板策略。 | 302e41f4b71Sopenharmony_ci 303e41f4b71Sopenharmony_ci**错误码**: 304e41f4b71Sopenharmony_ci 305e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[企业设备管理错误码](errorcode-enterpriseDeviceManager.md)和[通用错误码](../errorcode-universal.md)。 306e41f4b71Sopenharmony_ci 307e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 308e41f4b71Sopenharmony_ci| ------- | ---------------------------------------------------------------------------- | 309e41f4b71Sopenharmony_ci| 9200001 | The application is not an administrator application of the device. | 310e41f4b71Sopenharmony_ci| 9200002 | The administrator application does not have permission to manage the device. | 311e41f4b71Sopenharmony_ci| 201 | Permission verification failed. The application does not have the permission required to call the API. | 312e41f4b71Sopenharmony_ci| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 313e41f4b71Sopenharmony_ci 314e41f4b71Sopenharmony_ci**示例:** 315e41f4b71Sopenharmony_ci 316e41f4b71Sopenharmony_ci```ts 317e41f4b71Sopenharmony_ciimport { Want } from '@kit.AbilityKit'; 318e41f4b71Sopenharmony_cilet wantTemp: Want = { 319e41f4b71Sopenharmony_ci bundleName: 'com.example.myapplication', 320e41f4b71Sopenharmony_ci abilityName: 'EntryAbility', 321e41f4b71Sopenharmony_ci}; 322e41f4b71Sopenharmony_cilet tokenId: number = 586874394; 323e41f4b71Sopenharmony_citry { 324e41f4b71Sopenharmony_ci securityManager.setAppClipboardPolicy(wantTemp, tokenId, securityManager.ClipboardPolicy.IN_APP); 325e41f4b71Sopenharmony_ci console.info(`Succeeded in setting clipboard policy.`); 326e41f4b71Sopenharmony_ci} catch(err) { 327e41f4b71Sopenharmony_ci console.error(`Failed to set clipboard policy. Code: ${err.code}, message: ${err.message}`); 328e41f4b71Sopenharmony_ci} 329e41f4b71Sopenharmony_ci``` 330e41f4b71Sopenharmony_ci 331e41f4b71Sopenharmony_ci## securityManager.getAppClipboardPolicy<sup>12+</sup> 332e41f4b71Sopenharmony_ci 333e41f4b71Sopenharmony_cigetAppClipboardPolicy(admin: Want, tokenId?: number): string 334e41f4b71Sopenharmony_ci 335e41f4b71Sopenharmony_ci指定设备管理应用获取设备剪贴板策略。 336e41f4b71Sopenharmony_ci 337e41f4b71Sopenharmony_ci**需要权限:** ohos.permission.ENTERPRISE_MANAGE_SECURITY 338e41f4b71Sopenharmony_ci 339e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Customization.EnterpriseDeviceManager 340e41f4b71Sopenharmony_ci 341e41f4b71Sopenharmony_ci**参数:** 342e41f4b71Sopenharmony_ci 343e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 344e41f4b71Sopenharmony_ci| -------- | ---------------------------------------- | ---- | ------------------------------- | 345e41f4b71Sopenharmony_ci| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | 是 | 设备管理应用。 | 346e41f4b71Sopenharmony_ci| tokenId | number | 否 | 目标应用的身份标识。可通过应用的[ApplicationInfo](../apis-ability-kit/js-apis-bundleManager-applicationInfo.md)获得。 | 347e41f4b71Sopenharmony_ci 348e41f4b71Sopenharmony_ci**返回值:** 349e41f4b71Sopenharmony_ci 350e41f4b71Sopenharmony_ci| 类型 | 说明 | 351e41f4b71Sopenharmony_ci| --------------------- | ------------------------- | 352e41f4b71Sopenharmony_ci| ClipboardPolicy | 设备剪贴板策略。| 353e41f4b71Sopenharmony_ci 354e41f4b71Sopenharmony_ci**错误码**: 355e41f4b71Sopenharmony_ci 356e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[企业设备管理错误码](errorcode-enterpriseDeviceManager.md)和[通用错误码](../errorcode-universal.md)。 357e41f4b71Sopenharmony_ci 358e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 359e41f4b71Sopenharmony_ci| ------- | ---------------------------------------------------------------------------- | 360e41f4b71Sopenharmony_ci| 9200001 | The application is not an administrator application of the device. | 361e41f4b71Sopenharmony_ci| 9200002 | The administrator application does not have permission to manage the device. | 362e41f4b71Sopenharmony_ci| 201 | Permission verification failed. The application does not have the permission required to call the API. | 363e41f4b71Sopenharmony_ci| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 364e41f4b71Sopenharmony_ci 365e41f4b71Sopenharmony_ci**示例:** 366e41f4b71Sopenharmony_ci 367e41f4b71Sopenharmony_ci```ts 368e41f4b71Sopenharmony_ciimport { Want } from '@kit.AbilityKit'; 369e41f4b71Sopenharmony_cilet wantTemp: Want = { 370e41f4b71Sopenharmony_ci bundleName: 'com.example.myapplication', 371e41f4b71Sopenharmony_ci abilityName: 'EntryAbility', 372e41f4b71Sopenharmony_ci}; 373e41f4b71Sopenharmony_cilet tokenId: number = 586874394; 374e41f4b71Sopenharmony_citry { 375e41f4b71Sopenharmony_ci let result: string = securityManager.getAppClipboardPolicy(wantTemp, tokenId); 376e41f4b71Sopenharmony_ci console.info(`Succeeded in getting password policy, result : ${result}`); 377e41f4b71Sopenharmony_ci} catch(err) { 378e41f4b71Sopenharmony_ci console.error(`Failed to set clipboard policy. Code: ${err.code}, message: ${err.message}`); 379e41f4b71Sopenharmony_ci} 380e41f4b71Sopenharmony_ci``` 381e41f4b71Sopenharmony_ci 382e41f4b71Sopenharmony_ci## CertBlob 383e41f4b71Sopenharmony_ci 384e41f4b71Sopenharmony_ci证书信息。 385e41f4b71Sopenharmony_ci 386e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Customization.EnterpriseDeviceManager 387e41f4b71Sopenharmony_ci 388e41f4b71Sopenharmony_ci| 名称 | 类型 | 必填 | 说明 | 389e41f4b71Sopenharmony_ci| ------ | ---------- | ---- | ------------------ | 390e41f4b71Sopenharmony_ci| inData | Uint8Array | 是 | 证书的二进制内容。 | 391e41f4b71Sopenharmony_ci| alias | string | 是 | 证书别名。 | 392e41f4b71Sopenharmony_ci 393e41f4b71Sopenharmony_ci## PasswordPolicy 394e41f4b71Sopenharmony_ci 395e41f4b71Sopenharmony_ci设备口令策略。 396e41f4b71Sopenharmony_ci 397e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Customization.EnterpriseDeviceManager 398e41f4b71Sopenharmony_ci 399e41f4b71Sopenharmony_ci| 名称 | 类型 | 必填 | 说明 | 400e41f4b71Sopenharmony_ci| ----------- | --------| ---- | ------------------------------- | 401e41f4b71Sopenharmony_ci| complexityRegex | string | 否 | 口令复杂度正则表达式。 | 402e41f4b71Sopenharmony_ci| validityPeriod | number | 否 | 密码有效期(单位:毫秒)。 | 403e41f4b71Sopenharmony_ci| additionalDescription | string | 否 | 描述文本。 | 404e41f4b71Sopenharmony_ci 405e41f4b71Sopenharmony_ci## ClipboardPolicy 406e41f4b71Sopenharmony_ci 407e41f4b71Sopenharmony_ci设备剪贴板策略。 408e41f4b71Sopenharmony_ci 409e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Customization.EnterpriseDeviceManager 410e41f4b71Sopenharmony_ci 411e41f4b71Sopenharmony_ci| 名称 | 值 | 说明 | 412e41f4b71Sopenharmony_ci| ----------- | -------- | ------------------------------- | 413e41f4b71Sopenharmony_ci| DEFAULT | 0 | 默认。 | 414e41f4b71Sopenharmony_ci| IN_APP | 1 | 剪贴板可在同一应用使用。 | 415e41f4b71Sopenharmony_ci| LOCAL_DEVICE | 2 | 剪贴板可在同一设备使用。 | 416e41f4b71Sopenharmony_ci| CROSS_DEVICE | 3 | 剪贴板可跨设备使用。 |