161847f8eSopenharmony_ci/* 261847f8eSopenharmony_ci * Copyright (c) 2023-2024 Huawei Device Co., Ltd. 361847f8eSopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License"); 461847f8eSopenharmony_ci * you may not use this file except in compliance with the License. 561847f8eSopenharmony_ci * You may obtain a copy of the License at 661847f8eSopenharmony_ci * 761847f8eSopenharmony_ci * http://www.apache.org/licenses/LICENSE-2.0 861847f8eSopenharmony_ci * 961847f8eSopenharmony_ci * Unless required by applicable law or agreed to in writing, software 1061847f8eSopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS, 1161847f8eSopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 1261847f8eSopenharmony_ci * See the License for the specific language governing permissions and 1361847f8eSopenharmony_ci * limitations under the License. 1461847f8eSopenharmony_ci */ 1561847f8eSopenharmony_ci 1661847f8eSopenharmony_ci/** 1761847f8eSopenharmony_ci * @file 1861847f8eSopenharmony_ci * @kit MDMKit 1961847f8eSopenharmony_ci */ 2061847f8eSopenharmony_ci 2161847f8eSopenharmony_ciimport type { AsyncCallback } from './@ohos.base'; 2261847f8eSopenharmony_ciimport type Want from './@ohos.app.ability.Want'; 2361847f8eSopenharmony_ciimport type osAccount from './@ohos.account.osAccount'; 2461847f8eSopenharmony_ci 2561847f8eSopenharmony_ci/** 2661847f8eSopenharmony_ci * This module provides the capability to manage the accounts of the enterprise devices. 2761847f8eSopenharmony_ci * 2861847f8eSopenharmony_ci * @namespace accountManager 2961847f8eSopenharmony_ci * @syscap SystemCapability.Customization.EnterpriseDeviceManager 3061847f8eSopenharmony_ci * @since 10 3161847f8eSopenharmony_ci */ 3261847f8eSopenharmony_cideclare namespace accountManager { 3361847f8eSopenharmony_ci /** 3461847f8eSopenharmony_ci * Disallow the user of device add local account. 3561847f8eSopenharmony_ci * This function can be called by a super administrator. 3661847f8eSopenharmony_ci * 3761847f8eSopenharmony_ci * @permission ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 3861847f8eSopenharmony_ci * @param { Want } admin - admin indicates the enterprise admin extension ability information. 3961847f8eSopenharmony_ci * The admin must have the corresponding permission. 4061847f8eSopenharmony_ci * @param { boolean } disallow - true if the user is not allowed to add local account. 4161847f8eSopenharmony_ci * @param { AsyncCallback<void> } callback - the callback of disallowAddLocalAccount. 4261847f8eSopenharmony_ci * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 4361847f8eSopenharmony_ci * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 4461847f8eSopenharmony_ci * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 4561847f8eSopenharmony_ci * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 4661847f8eSopenharmony_ci * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 4761847f8eSopenharmony_ci * 2. Incorrect parameter types; 3. Parameter verification failed. 4861847f8eSopenharmony_ci * @syscap SystemCapability.Customization.EnterpriseDeviceManager 4961847f8eSopenharmony_ci * @systemapi 5061847f8eSopenharmony_ci * @StageModelOnly 5161847f8eSopenharmony_ci * @since 10 5261847f8eSopenharmony_ci */ 5361847f8eSopenharmony_ci function disallowAddLocalAccount(admin: Want, disallow: boolean, callback: AsyncCallback<void>): void; 5461847f8eSopenharmony_ci 5561847f8eSopenharmony_ci /** 5661847f8eSopenharmony_ci * Disallow the user of device add local account. 5761847f8eSopenharmony_ci * This function can be called by a super administrator. 5861847f8eSopenharmony_ci * 5961847f8eSopenharmony_ci * @permission ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 6061847f8eSopenharmony_ci * @param { Want } admin - admin indicates the enterprise admin extension ability information. 6161847f8eSopenharmony_ci * The admin must have the corresponding permission. 6261847f8eSopenharmony_ci * @param { boolean } disallow - true if the user is not allowed to add local account. 6361847f8eSopenharmony_ci * @returns { Promise<void> } the promise returned by the disallowAddLocalAccount. 6461847f8eSopenharmony_ci * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 6561847f8eSopenharmony_ci * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 6661847f8eSopenharmony_ci * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 6761847f8eSopenharmony_ci * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 6861847f8eSopenharmony_ci * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 6961847f8eSopenharmony_ci * 2. Incorrect parameter types; 3. Parameter verification failed. 7061847f8eSopenharmony_ci * @syscap SystemCapability.Customization.EnterpriseDeviceManager 7161847f8eSopenharmony_ci * @systemapi 7261847f8eSopenharmony_ci * @StageModelOnly 7361847f8eSopenharmony_ci * @since 10 7461847f8eSopenharmony_ci */ 7561847f8eSopenharmony_ci function disallowAddLocalAccount(admin: Want, disallow: boolean): Promise<void>; 7661847f8eSopenharmony_ci 7761847f8eSopenharmony_ci /** 7861847f8eSopenharmony_ci * Disallows the user to add an OS account. 7961847f8eSopenharmony_ci * This function can be called by a super administrator. 8061847f8eSopenharmony_ci * 8161847f8eSopenharmony_ci * @permission ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 8261847f8eSopenharmony_ci * @param { Want } admin - admin indicates the enterprise admin extension ability information. 8361847f8eSopenharmony_ci * The admin must have the corresponding permission. 8461847f8eSopenharmony_ci * @param { number } userId - indicates the user ID. It cannot be the ID of a user that does not exist. 8561847f8eSopenharmony_ci * @param { boolean } disallow - true if the specific user is not allowed to add an OS account. 8661847f8eSopenharmony_ci * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 8761847f8eSopenharmony_ci * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 8861847f8eSopenharmony_ci * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 8961847f8eSopenharmony_ci * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 9061847f8eSopenharmony_ci * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 9161847f8eSopenharmony_ci * 2. Incorrect parameter types; 3. Parameter verification failed. 9261847f8eSopenharmony_ci * @syscap SystemCapability.Customization.EnterpriseDeviceManager 9361847f8eSopenharmony_ci * @systemapi 9461847f8eSopenharmony_ci * @stagemodelonly 9561847f8eSopenharmony_ci * @since 11 9661847f8eSopenharmony_ci */ 9761847f8eSopenharmony_ci function disallowAddOsAccountByUser(admin: Want, userId: number, disallow: boolean): void; 9861847f8eSopenharmony_ci 9961847f8eSopenharmony_ci /** 10061847f8eSopenharmony_ci * Queries whether the user is disallowed to add an OS account. 10161847f8eSopenharmony_ci * This function can be called by a super administrator. 10261847f8eSopenharmony_ci * 10361847f8eSopenharmony_ci * @permission ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 10461847f8eSopenharmony_ci * @param { Want } admin - admin indicates the enterprise admin extension ability information. 10561847f8eSopenharmony_ci * If the admin is not empty, it must have the corresponding permission. 10661847f8eSopenharmony_ci * @param { number } userId - indicates the user ID. It cannot be the ID of a user that does not exist. 10761847f8eSopenharmony_ci * @returns { boolean } true if the specific user is not allowed to add an OS account. 10861847f8eSopenharmony_ci * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 10961847f8eSopenharmony_ci * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 11061847f8eSopenharmony_ci * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 11161847f8eSopenharmony_ci * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 11261847f8eSopenharmony_ci * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 11361847f8eSopenharmony_ci * 2. Incorrect parameter types; 3. Parameter verification failed. 11461847f8eSopenharmony_ci * @syscap SystemCapability.Customization.EnterpriseDeviceManager 11561847f8eSopenharmony_ci * @systemapi 11661847f8eSopenharmony_ci * @stagemodelonly 11761847f8eSopenharmony_ci * @since 11 11861847f8eSopenharmony_ci */ 11961847f8eSopenharmony_ci function isAddOsAccountByUserDisallowed(admin: Want, userId: number): boolean; 12061847f8eSopenharmony_ci 12161847f8eSopenharmony_ci /** 12261847f8eSopenharmony_ci * Adds an OS account using the name and account type. 12361847f8eSopenharmony_ci * This function can be called by a super administrator. 12461847f8eSopenharmony_ci * 12561847f8eSopenharmony_ci * @permission ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 12661847f8eSopenharmony_ci * @param { Want } admin - admin indicates the enterprise admin extension ability information. 12761847f8eSopenharmony_ci * The admin must have the corresponding permission. 12861847f8eSopenharmony_ci * @param { string } name - the OS account name. It cannot be empty. 12961847f8eSopenharmony_ci * @param { osAccount.OsAccountType } type - the OS account type. It can only be one of specified types. 13061847f8eSopenharmony_ci * @returns { osAccount.OsAccountInfo } information about the OS account added. 13161847f8eSopenharmony_ci * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 13261847f8eSopenharmony_ci * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 13361847f8eSopenharmony_ci * @throws { BusinessError } 9201003 - Failed to add an OS account. 13461847f8eSopenharmony_ci * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 13561847f8eSopenharmony_ci * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 13661847f8eSopenharmony_ci * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 13761847f8eSopenharmony_ci * 2. Incorrect parameter types; 3. Parameter verification failed. 13861847f8eSopenharmony_ci * @syscap SystemCapability.Customization.EnterpriseDeviceManager 13961847f8eSopenharmony_ci * @systemapi 14061847f8eSopenharmony_ci * @stagemodelonly 14161847f8eSopenharmony_ci * @since 11 14261847f8eSopenharmony_ci */ 14361847f8eSopenharmony_ci function addOsAccount(admin: Want, name: string, type: osAccount.OsAccountType): osAccount.OsAccountInfo; 14461847f8eSopenharmony_ci 14561847f8eSopenharmony_ci /** 14661847f8eSopenharmony_ci * Disallows the account or all accounts to add an OS account. 14761847f8eSopenharmony_ci * This function can be called by a super administrator. 14861847f8eSopenharmony_ci * 14961847f8eSopenharmony_ci * @permission ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 15061847f8eSopenharmony_ci * @param { Want } admin - admin indicates the enterprise admin extension ability information. 15161847f8eSopenharmony_ci * The admin must have the corresponding permission. 15261847f8eSopenharmony_ci * @param { boolean } disallow - true if the specific account or all accounts are not allowed to add an OS account. 15361847f8eSopenharmony_ci * @param { number } [accountId] - indicates the account ID. It cannot be the ID of an account that does not exist. 15461847f8eSopenharmony_ci * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 15561847f8eSopenharmony_ci * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 15661847f8eSopenharmony_ci * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 15761847f8eSopenharmony_ci * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 15861847f8eSopenharmony_ci * 2. Incorrect parameter types; 3. Parameter verification failed. 15961847f8eSopenharmony_ci * @syscap SystemCapability.Customization.EnterpriseDeviceManager 16061847f8eSopenharmony_ci * @stagemodelonly 16161847f8eSopenharmony_ci * @since 12 16261847f8eSopenharmony_ci */ 16361847f8eSopenharmony_ci function disallowOsAccountAddition(admin: Want, disallow: boolean, accountId?: number): void; 16461847f8eSopenharmony_ci 16561847f8eSopenharmony_ci /** 16661847f8eSopenharmony_ci * Queries whether the account or all accounts is disallowed to add an OS account. 16761847f8eSopenharmony_ci * This function can be called by a super administrator. 16861847f8eSopenharmony_ci * 16961847f8eSopenharmony_ci * @permission ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 17061847f8eSopenharmony_ci * @param { Want } admin - admin indicates the enterprise admin extension ability information. 17161847f8eSopenharmony_ci * If the admin is not empty, it must have the corresponding permission. 17261847f8eSopenharmony_ci * @param { number } [accountId] - indicates the account ID. It cannot be the ID of an account that does not exist. 17361847f8eSopenharmony_ci * @returns { boolean } true if the specific account or all accounts are not allowed to add an OS account. 17461847f8eSopenharmony_ci * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 17561847f8eSopenharmony_ci * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 17661847f8eSopenharmony_ci * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 17761847f8eSopenharmony_ci * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 17861847f8eSopenharmony_ci * 2. Incorrect parameter types; 3. Parameter verification failed. 17961847f8eSopenharmony_ci * @syscap SystemCapability.Customization.EnterpriseDeviceManager 18061847f8eSopenharmony_ci * @stagemodelonly 18161847f8eSopenharmony_ci * @since 12 18261847f8eSopenharmony_ci */ 18361847f8eSopenharmony_ci function isOsAccountAdditionDisallowed(admin: Want, accountId?: number): boolean; 18461847f8eSopenharmony_ci 18561847f8eSopenharmony_ci /** 18661847f8eSopenharmony_ci * Adds an OS account using the name and account type. 18761847f8eSopenharmony_ci * This function can be called by a super administrator. 18861847f8eSopenharmony_ci * 18961847f8eSopenharmony_ci * @permission ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 19061847f8eSopenharmony_ci * @param { Want } admin - admin indicates the enterprise admin extension ability information. 19161847f8eSopenharmony_ci * The admin must have the corresponding permission. 19261847f8eSopenharmony_ci * @param { string } name - the OS account name. It cannot be empty. 19361847f8eSopenharmony_ci * @param { osAccount.OsAccountType } type - the OS account type. It can only be one of correct types. 19461847f8eSopenharmony_ci * @returns { Promise<osAccount.OsAccountInfo> } information about the OS account added. 19561847f8eSopenharmony_ci * @throws { BusinessError } 9200001 - The application is not an administrator application of the device. 19661847f8eSopenharmony_ci * @throws { BusinessError } 9200002 - The administrator application does not have permission to manage the device. 19761847f8eSopenharmony_ci * @throws { BusinessError } 9201003 - Failed to add an OS account. 19861847f8eSopenharmony_ci * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 19961847f8eSopenharmony_ci * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 20061847f8eSopenharmony_ci * 2. Incorrect parameter types; 3. Parameter verification failed. 20161847f8eSopenharmony_ci * @syscap SystemCapability.Customization.EnterpriseDeviceManager 20261847f8eSopenharmony_ci * @stagemodelonly 20361847f8eSopenharmony_ci * @since 12 20461847f8eSopenharmony_ci */ 20561847f8eSopenharmony_ci function addOsAccountAsync(admin: Want, name: string, type: osAccount.OsAccountType): Promise<osAccount.OsAccountInfo>; 20661847f8eSopenharmony_ci} 20761847f8eSopenharmony_ci 20861847f8eSopenharmony_ciexport default accountManager; 209