Menu

Set up Device Admin

Android's Device Administration API provides system-level device administration capabilities that enable the creation of security-aware apps. Android’s Device Administration provides an in-depth explanation on how to use the Device Administration API to create device admin apps.

Register the Device Admin Receiver

First, register the Device admin receiver in your app’s manifest. Your receiver must be a subclass of DeviceAdminReceiver that has both the BIND_DEVICE_ADMIN permission and the ability to respond to the ACTION_DEVICE_ADMIN_ENABLED intent.

In AndroidManifest.xml, insert the following XML anywhere inside the <application> tag.

<receiver
	android:name=".SampleAdminReceiver"
	android:description="@string/enterprise_device_admin_description"
	android:label="@string/enterprise_device_admin"
	android:permission="android.permission.BIND_DEVICE_ADMIN" >
	<meta-data
	android:name="android.app.device_admin"
	android:resource="@xml/device_admin_receiver" />
	<intent-filter>
		<action android:name="android.app.action.DEVICE_ADMIN_ENABLED" />
	</intent-filter>
</receiver>			

The Android Device Manager states that you must identify the security policies in use by the app in a <meta-data> entry. Since the app uses Samsung Knox policies, you don't have to specify any native Android (DevicePolicyManager) policies. However, Android still requires you to create an empty device_admin_receiver file.

In your project, navigate to app > src > res. Create a directory named xml. Inside this directory, create a XML resource file named device_admin_receiver.xml, and replace the auto-generated code with the following:

<device-admin xmlns:android="http://schemas.android.com/apk/res/android">
    <uses-policies>
    </uses-policies>
</device-admin>

Paste the following code in MainActivity() to update the state of mToggleAdminBtn.

private void refreshButtons() {
        boolean adminActive = mDevicePolicyManager.isAdminActive(mDeviceAdmin);

        if (!adminActive) {
            mToggleAdminBtn.setText(getString(R.string.activate_admin));

        } else {
            mToggleAdminBtn.setText(getString(R.string.deactivate_admin));
        }
    }

You must also declare this method in the onResume() method in MainActivity().

@Override
protected void onResume() {
	super.onResume();
	refreshButtons();
}

Paste the following code in MainActivity() to handle the result from the device administrator activation request.

@Override
protected void onActivityResult(int requestCode, int resultCode, Intent data) {
	if (requestCode == DEVICE_ADMIN_ADD_RESULT_ENABLE) {
		switch (resultCode) {
			// End user cancels the request
			case Activity.RESULT_CANCELED:
			mUtils.log(getResources().getString(R.string.admin_cancelled));
			break;
			// End user accepts the request
			case Activity.RESULT_OK:
			mUtils.log(getResources().getString(R.string.admin_activated));
			refreshButtons();
			break;
		}
	}
}

Create the Device Admin Receiver class

Create a Device Admin Receiver Java class named SampleAdminReceiver.java. The Device Admin Receiver should be located in: app > src > main >java> [your package name]

import android.app.admin.DeviceAdminReceiver;
import android.content.Context;
import android.content.Intent;
import android.widget.Toast;
public class SampleAdminReceiver extends DeviceAdminReceiver {
	void showToast(Context context, CharSequence msg) {	
		Toast.makeText(context, msg, Toast.LENGTH_SHORT).show();
	}
	@Override
	public void onEnabled(Context context, Intent intent) {
		showToast(context, "Device admin enabled");
	}
	@Override
	public void onDisabled(Context context, Intent intent) {
		showToast(context, "Device admin disabled");
	}
}

Create the Device Admin methods

Now, let's create the toggleAdmin() method. This method is invoked when the user taps ACTIVATE ADMIN. The DevicePolicyManager.ACTION_ADD_DEVICE_ADMIN intent is then started to add the app as a device administrator.

Paste the following methods into MainActivity():

   private void toggleAdmin() {
        boolean adminActive = mDevicePolicyManager.isAdminActive(mDeviceAdmin);

        if (adminActive) {
            mUtils.log(getResources().getString(R.string.deactivating_admin));
            // Deactivate this application as device administrator
            mDevicePolicyManager.removeActiveAdmin(new ComponentName(this, SampleAdminReceiver.class));
        } else {
            mUtils.log(getResources().getString(R.string.activating_admin));
            // Ask the user to add a new device administrator to the system
            Intent intent = new Intent(DevicePolicyManager.ACTION_ADD_DEVICE_ADMIN);
            intent.putExtra(DevicePolicyManager.EXTRA_DEVICE_ADMIN, mDeviceAdmin);
            // Start the add device admin activity
            startActivityForResult(intent, DEVICE_ADMIN_ADD_RESULT_ENABLE);
        }
    }

Tutorial Progress

You are 3/7 done! Go to the next step.

Share it: