Class: Google::Apis::AndroidmanagementV1::ApplicationPolicy

Inherits:

Object

• Object
• Google::Apis::AndroidmanagementV1::ApplicationPolicy

Includes:

Core::Hashable, Core::JsonObjectSupport

Defined in:

lib/google/apis/androidmanagement_v1/classes.rb,
lib/google/apis/androidmanagement_v1/representations.rb,
lib/google/apis/androidmanagement_v1/representations.rb

Overview

Policy for an individual app. Note: Application availability on a given device cannot be changed using this policy if installAppsDisabled is enabled. The maximum number of applications that you can specify per policy is 3,000.

Instance Attribute Summary

• #accessible_track_ids ⇒ Array<String>

  List of the app’s track IDs that a device belonging to the enterprise can access.

• #always_on_vpn_lockdown_exemption ⇒ String

  Specifies whether the app is allowed networking when the VPN is not connected and alwaysOnVpnPackage.lockdownEnabled is enabled.

• #auto_update_mode ⇒ String

  Controls the auto-update mode for the app.

• #connected_work_and_personal_app ⇒ String

  Controls whether the app can communicate with itself across a device’s work and personal profiles, subject to user consent.

• #credential_provider_policy ⇒ String

  Optional.

• #custom_app_config ⇒ Google::Apis::AndroidmanagementV1::CustomAppConfig

  Configuration for a custom app.

• #default_permission_policy ⇒ String

  The default policy for all permissions requested by the app.

• #delegated_scopes ⇒ Array<String>

  The scopes delegated to the app from Android Device Policy.

• #disabled ⇒ Boolean (also: #disabled?)

  Whether the app is disabled.

• #extension_config ⇒ Google::Apis::AndroidmanagementV1::ExtensionConfig

  Configuration to enable an app as an extension app, with the capability of interacting with Android Device Policy offline.

• #install_constraint ⇒ Array<Google::Apis::AndroidmanagementV1::InstallConstraint>

  Optional.

• #install_priority ⇒ Fixnum

  Optional.

• #install_type ⇒ String

  The type of installation to perform.

• #lock_task_allowed ⇒ Boolean (also: #lock_task_allowed?)

  Whether the app is allowed to lock itself in full-screen mode.

• #managed_configuration ⇒ Hash<String,Object>

  Managed configuration applied to the app.

• #managed_configuration_template ⇒ Google::Apis::AndroidmanagementV1::ManagedConfigurationTemplate

  The managed configurations template for the app, saved from the managed configurations iframe.

• #minimum_version_code ⇒ Fixnum

  The minimum version of the app that runs on the device.

• #package_name ⇒ String

  The package name of the app.

• #permission_grants ⇒ Array<Google::Apis::AndroidmanagementV1::PermissionGrant>

  Explicit permission grants or denials for the app.

• #preferential_network_id ⇒ String

  Optional.

• #roles ⇒ Array<Google::Apis::AndroidmanagementV1::Role>

  Optional.

• #signing_key_certs ⇒ Array<Google::Apis::AndroidmanagementV1::ApplicationSigningKeyCert>

  Optional.

• #user_control_settings ⇒ String

  Optional.

• #work_profile_widgets ⇒ String

  Specifies whether the app installed in the work profile is allowed to add widgets to the home screen.

Instance Method Summary

• #initialize(**args) ⇒ ApplicationPolicy constructor

  A new instance of ApplicationPolicy.

• #update!(**args) ⇒ Object

  Update properties of this object.

Constructor Details

#initialize(**args) ⇒ ApplicationPolicy

Returns a new instance of ApplicationPolicy.

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 986

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#accessible_track_ids ⇒ Array<String>

List of the app’s track IDs that a device belonging to the enterprise can access. If the list contains multiple track IDs, devices receive the latest version among all accessible tracks. If the list contains no track IDs, devices only have access to the app’s production track. More details about each track are available in AppTrackInfo. Corresponds to the JSON property accessibleTrackIds

Returns:

• (Array<String>)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 784

def accessible_track_ids
  @accessible_track_ids
end

#always_on_vpn_lockdown_exemption ⇒ String

Specifies whether the app is allowed networking when the VPN is not connected and alwaysOnVpnPackage.lockdownEnabled is enabled. If set to VPN_LOCKDOWN_ENFORCED, the app is not allowed networking, and if set to VPN_LOCKDOWN_EXEMPTION, the app is allowed networking. Only supported on devices running Android 10 and above. If this is not supported by the device, the device will contain a NonComplianceDetail with non_compliance_reason set to API_LEVEL and a fieldPath. If this is not applicable to the app, the device will contain a NonComplianceDetail with non_compliance_reason set to UNSUPPORTED and a fieldPath. The fieldPath is set to applications[i]. alwaysOnVpnLockdownExemption, where i is the index of the package in the applications policy. Corresponds to the JSON property alwaysOnVpnLockdownExemption

Returns:

• (String)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 799

def always_on_vpn_lockdown_exemption
  @always_on_vpn_lockdown_exemption
end

#auto_update_mode ⇒ String

Controls the auto-update mode for the app. Corresponds to the JSON property autoUpdateMode

Returns:

• (String)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 804

def auto_update_mode
  @auto_update_mode
end

#connected_work_and_personal_app ⇒ String

Controls whether the app can communicate with itself across a device’s work and personal profiles, subject to user consent. Corresponds to the JSON property connectedWorkAndPersonalApp

Returns:

• (String)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 810

def connected_work_and_personal_app
  @connected_work_and_personal_app
end

#credential_provider_policy ⇒ String

Optional. Whether the app is allowed to act as a credential provider on Android 14 and above. Corresponds to the JSON property credentialProviderPolicy

Returns:

• (String)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 816

def credential_provider_policy
  @credential_provider_policy
end

#custom_app_config ⇒ Google::Apis::AndroidmanagementV1::CustomAppConfig

Configuration for a custom app. Corresponds to the JSON property customAppConfig

Returns:

• (Google::Apis::AndroidmanagementV1::CustomAppConfig)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 821

def custom_app_config
  @custom_app_config
end

#default_permission_policy ⇒ String

The default policy for all permissions requested by the app. If specified, this overrides the policy-level default_permission_policy which applies to all apps. It does not override the permission_grants which applies to all apps. Corresponds to the JSON property defaultPermissionPolicy

Returns:

• (String)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 828

def default_permission_policy
  @default_permission_policy
end

#delegated_scopes ⇒ Array<String>

The scopes delegated to the app from Android Device Policy. These provide additional privileges for the applications they are applied to. Corresponds to the JSON property delegatedScopes

Returns:

• (Array<String>)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 834

def delegated_scopes
  @delegated_scopes
end

#disabled ⇒ Boolean Also known as: disabled?

Whether the app is disabled. When disabled, the app data is still preserved. Corresponds to the JSON property disabled

Returns:

• (Boolean)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 839

def disabled
  @disabled
end

#extension_config ⇒ Google::Apis::AndroidmanagementV1::ExtensionConfig

Configuration to enable an app as an extension app, with the capability of interacting with Android Device Policy offline. For Android versions 11 and above, extension apps are exempt from battery restrictions so will not be placed into the restricted App Standby Bucket (https://developer.android.com/ topic/performance/appstandby#restricted-bucket). Extensions apps are also protected against users clearing their data or force-closing the application, although admins can continue to use the clear app data command on extension apps if needed for Android 11 and above. Corresponds to the JSON property extensionConfig

Returns:

• (Google::Apis::AndroidmanagementV1::ExtensionConfig)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 852

def extension_config
  @extension_config
end

#install_constraint ⇒ Array<Google::Apis::AndroidmanagementV1::InstallConstraint>

Optional. The constraints for installing the app. You can specify a maximum of one InstallConstraint. Multiple constraints are rejected. Corresponds to the JSON property installConstraint

Returns:

• (Array<Google::Apis::AndroidmanagementV1::InstallConstraint>)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 858

def install_constraint
  @install_constraint
end

#install_priority ⇒ Fixnum

Optional. Amongst apps with installType set to: FORCE_INSTALLED PREINSTALLEDthis controls the relative priority of installation. A value of 0 ( default) means this app has no priority over other apps. For values between 1 and 10,000, a lower value means a higher priority. Values outside of the range 0 to 10,000 inclusive are rejected. Corresponds to the JSON property installPriority

Returns:

• (Fixnum)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 867

def install_priority
  @install_priority
end

#install_type ⇒ String

The type of installation to perform. Corresponds to the JSON property installType

Returns:

• (String)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 872

def install_type
  @install_type
end

#lock_task_allowed ⇒ Boolean Also known as: lock_task_allowed?

Whether the app is allowed to lock itself in full-screen mode. DEPRECATED. Use InstallType KIOSK or kioskCustomLauncherEnabled to configure a dedicated device. Corresponds to the JSON property lockTaskAllowed

Returns:

• (Boolean)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 879

def lock_task_allowed
  @lock_task_allowed
end

#managed_configuration ⇒ Hash<String,Object>

Managed configuration applied to the app. The format for the configuration is dictated by the ManagedProperty values supported by the app. Each field name in the managed configuration must match the key field of the ManagedProperty. The field value must be compatible with the type of the ManagedProperty: type JSON value BOOL true or false STRING string INTEGER number CHOICE string MULTISELECT array of strings HIDDEN string BUNDLE_ARRAY array of objects Note: string values cannot be longer than 65535 characters. Corresponds to the JSON property managedConfiguration

Returns:

• (Hash<String,Object>)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 891

def managed_configuration
  @managed_configuration
end

#managed_configuration_template ⇒ Google::Apis::AndroidmanagementV1::ManagedConfigurationTemplate

The managed configurations template for the app, saved from the managed configurations iframe. Corresponds to the JSON property managedConfigurationTemplate

Returns:

• (Google::Apis::AndroidmanagementV1::ManagedConfigurationTemplate)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 897

def managed_configuration_template
  @managed_configuration_template
end

#minimum_version_code ⇒ Fixnum

The minimum version of the app that runs on the device. If set, the device attempts to update the app to at least this version code. If the app is not up- to-date, the device will contain a NonComplianceDetail with non_compliance_reason set to APP_NOT_UPDATED. The app must already be published to Google Play with a version code greater than or equal to this value. At most 20 apps may specify a minimum version code per policy. Corresponds to the JSON property minimumVersionCode

Returns:

• (Fixnum)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 907

def minimum_version_code
  @minimum_version_code
end

#package_name ⇒ String

The package name of the app. For example, com.google.android.youtube for the YouTube app. Corresponds to the JSON property packageName

Returns:

• (String)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 913

def package_name
  @package_name
end

#permission_grants ⇒ Array<Google::Apis::AndroidmanagementV1::PermissionGrant>

Explicit permission grants or denials for the app. These values override the default_permission_policy and permission_grants which apply to all apps. Corresponds to the JSON property permissionGrants

Returns:

• (Array<Google::Apis::AndroidmanagementV1::PermissionGrant>)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 919

def permission_grants
  @permission_grants
end

#preferential_network_id ⇒ String

Optional. ID of the preferential network the application uses. There must be a configuration for the specified network ID in preferentialNetworkServiceConfigs. If set to PREFERENTIAL_NETWORK_ID_UNSPECIFIED, the application will use the default network ID specified in defaultPreferentialNetworkId. See the documentation of defaultPreferentialNetworkId for the list of apps excluded from this defaulting. This applies on both work profiles and fully managed devices on Android 13 and above. Corresponds to the JSON property preferentialNetworkId

Returns:

• (String)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 931

def preferential_network_id
  @preferential_network_id
end

#roles ⇒ Array<Google::Apis::AndroidmanagementV1::Role>

Optional. Roles the app has.Apps having certain roles can be exempted from power and background execution restrictions, suspension and hibernation on Android 14 and above. The user control can also be disallowed for apps with certain roles on Android 11 and above. Refer to the documentation of each RoleType for more details.The app is notified about the roles that are set for it if the app has a notification receiver service with . The app is notified whenever its roles are updated or after the app is installed when it has nonempty list of roles. The app can use this notification to bootstrap itself after the installation. See Integrate with the AMAPI SDK (https://developers. google.com/android/management/sdk-integration) and Manage app roles (https:// developers.google.com/android/management/app-roles) guides for more details on the requirements for the service.For the exemptions to be applied and the app to be notified about the roles, the signing key certificate fingerprint of the app on the device must match one of the signing key certificate fingerprints obtained from Play Store or one of the entries in ApplicationPolicy. signingKeyCerts. Otherwise, a NonComplianceDetail with APP_SIGNING_CERT_MISMATCH is reported.There must not be duplicate roles with the same roleType. Multiple apps cannot hold a role with the same roleType. A role with type ROLE_TYPE_UNSPECIFIED is not allowed. Corresponds to the JSON property roles

Returns:

• (Array<Google::Apis::AndroidmanagementV1::Role>)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 954

def roles
  @roles
end

#signing_key_certs ⇒ Array<Google::Apis::AndroidmanagementV1::ApplicationSigningKeyCert>

Optional. Signing key certificates of the app.This field is required in the following cases: The app has installType set to CUSTOM (i.e. a custom app). The app has roles set to a nonempty list and the app does not exist on the Play Store. The app has extensionConfig set (i.e. an extension app) but ExtensionConfig.signingKeyFingerprintsSha256 (deprecated) is not set and the app does not exist on the Play Store.If this field is not set for a custom app, the policy is rejected. If it is not set when required for a non-custom app, a NonComplianceDetail with INVALID_VALUE is reported.For other cases, this field is optional and the signing key certificates obtained from Play Store are used.See following policy settings to see how this field is used: choosePrivateKeyRules ApplicationPolicy.InstallType.CUSTOM ApplicationPolicy. extensionConfig ApplicationPolicy.roles Corresponds to the JSON property signingKeyCerts

Returns:

• (Array<Google::Apis::AndroidmanagementV1::ApplicationSigningKeyCert>)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 970

def signing_key_certs
  @signing_key_certs
end

#user_control_settings ⇒ String

Optional. Specifies whether user control is permitted for the app. User control includes user actions like force-stopping and clearing app data. Certain types of apps have special treatment, see USER_CONTROL_SETTINGS_UNSPECIFIED and USER_CONTROL_ALLOWED for more details. Corresponds to the JSON property userControlSettings

Returns:

• (String)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 978

def user_control_settings
  @user_control_settings
end

#work_profile_widgets ⇒ String

Specifies whether the app installed in the work profile is allowed to add widgets to the home screen. Corresponds to the JSON property workProfileWidgets

Returns:

• (String)

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 984

def work_profile_widgets
  @work_profile_widgets
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object

# File 'lib/google/apis/androidmanagement_v1/classes.rb', line 991

def update!(**args)
  @accessible_track_ids = args[:accessible_track_ids] if args.key?(:accessible_track_ids)
  @always_on_vpn_lockdown_exemption = args[:always_on_vpn_lockdown_exemption] if args.key?(:always_on_vpn_lockdown_exemption)
  @auto_update_mode = args[:auto_update_mode] if args.key?(:auto_update_mode)
  @connected_work_and_personal_app = args[:connected_work_and_personal_app] if args.key?(:connected_work_and_personal_app)
  @credential_provider_policy = args[:credential_provider_policy] if args.key?(:credential_provider_policy)
  @custom_app_config = args[:custom_app_config] if args.key?(:custom_app_config)
  @default_permission_policy = args[:default_permission_policy] if args.key?(:default_permission_policy)
  @delegated_scopes = args[:delegated_scopes] if args.key?(:delegated_scopes)
  @disabled = args[:disabled] if args.key?(:disabled)
  @extension_config = args[:extension_config] if args.key?(:extension_config)
  @install_constraint = args[:install_constraint] if args.key?(:install_constraint)
  @install_priority = args[:install_priority] if args.key?(:install_priority)
  @install_type = args[:install_type] if args.key?(:install_type)
  @lock_task_allowed = args[:lock_task_allowed] if args.key?(:lock_task_allowed)
  @managed_configuration = args[:managed_configuration] if args.key?(:managed_configuration)
  @managed_configuration_template = args[:managed_configuration_template] if args.key?(:managed_configuration_template)
  @minimum_version_code = args[:minimum_version_code] if args.key?(:minimum_version_code)
  @package_name = args[:package_name] if args.key?(:package_name)
  @permission_grants = args[:permission_grants] if args.key?(:permission_grants)
  @preferential_network_id = args[:preferential_network_id] if args.key?(:preferential_network_id)
  @roles = args[:roles] if args.key?(:roles)
  @signing_key_certs = args[:signing_key_certs] if args.key?(:signing_key_certs)
  @user_control_settings = args[:user_control_settings] if args.key?(:user_control_settings)
  @work_profile_widgets = args[:work_profile_widgets] if args.key?(:work_profile_widgets)
end