PawletOS/app_Settings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix ConfirmCredential is not presented before trusting cert installed by PO/DO

Browse Source 
- Show ConfirmCredential in TrustedCredentialsSettings when Trust button is clicked
  for the very first time since the activity launched
- Warning activity (work mode off, crpyto-aware) should not be shown when the activity is started. Also fixed it here.

Bug: 28619980
Change-Id: I084b70883c087376e437a9ad3238d7c3313a0a17
This commit is contained in:
Victor Chang
2016-05-09 16:13:10 +01:00
parent 04b25af149
commit 01f4dbcc1c
3 changed files with 81 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/com/android/settings/MonitoringCertInfoActivity.java
View File

@@ -29,15 +29,20 @@ import android.provider.Settings;
/**
* Activity that shows a dialog explaining that a CA cert is allowing someone to monitor network
* traffic. This activity should be launched for the user into which the CA cert is installed.
* traffic. This activity should be launched for the user into which the CA cert is installed
* unless Intent.EXTRA_USER_ID is provided.
*/
public class MonitoringCertInfoActivity extends Activity implements OnClickListener,
OnDismissListener {
private int mUserId;
@Override
protected void onCreate(Bundle savedStates) {
super.onCreate(savedStates);
mUserId = getIntent().getIntExtra(Intent.EXTRA_USER_ID, UserHandle.myUserId());
DevicePolicyManager dpm = getSystemService(DevicePolicyManager.class);
final int numberOfCertificates = getIntent().getIntExtra(
Settings.EXTRA_NUMBER_OF_CERTIFICATES, 1);
@@ -53,7 +58,7 @@ public class MonitoringCertInfoActivity extends Activity implements OnClickListe
builder.setNeutralButton(R.string.cancel, null);
builder.setOnDismissListener(this);
if (dpm.getProfileOwner() != null) {
if (dpm.getProfileOwnerAsUser(mUserId) != null) {
builder.setMessage(getResources().getQuantityString(R.plurals.ssl_ca_cert_info_message,
numberOfCertificates, dpm.getProfileOwnerName()));
} else if (dpm.getDeviceOwnerComponentOnCallingUser() != null) {
@@ -72,7 +77,7 @@ public class MonitoringCertInfoActivity extends Activity implements OnClickListe
public void onClick(DialogInterface dialog, int which) {
Intent intent = new Intent(android.provider.Settings.ACTION_TRUSTED_CREDENTIALS_USER);
intent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK | Intent.FLAG_ACTIVITY_CLEAR_TOP);
intent.putExtra(TrustedCredentialsSettings.ARG_SHOW_NEW_FOR_USER, UserHandle.myUserId());
intent.putExtra(TrustedCredentialsSettings.ARG_SHOW_NEW_FOR_USER, mUserId);
startActivity(intent);
finish();
}

7
src/com/android/settings/TrustedCredentialsDialogBuilder.java
View File

@@ -43,6 +43,7 @@ class TrustedCredentialsDialogBuilder extends AlertDialog.Builder {
public interface DelegateInterface {
List<X509Certificate> getX509CertsFromCertHolder(CertHolder certHolder);
void removeOrInstallCert(CertHolder certHolder);
boolean startConfirmCredentialIfNotConfirmed(int userId);
}
private final DialogEventHandler mDialogEventHandler;
@@ -144,8 +145,10 @@ class TrustedCredentialsDialogBuilder extends AlertDialog.Builder {
private void onClickTrust() {
CertHolder certHolder = getCurrentCertInfo();
mDpm.approveCaCert(certHolder.getAlias(), certHolder.getUserId(), true);
nextOrDismiss();
if (!mDelegate.startConfirmCredentialIfNotConfirmed(certHolder.getUserId())) {
mDpm.approveCaCert(certHolder.getAlias(), certHolder.getUserId(), true);
nextOrDismiss();
}
}
private void onClickRemove() {

78
src/com/android/settings/TrustedCredentialsSettings.java
View File

@@ -17,6 +17,7 @@
package com.android.settings;
import android.annotation.UiThread;
import android.app.Activity;
import android.app.KeyguardManager;
import android.app.admin.DevicePolicyManager;
import android.content.BroadcastReceiver;
@@ -79,8 +80,10 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment
private KeyguardManager mKeyguardManager;
private int mTrustAllCaUserId;
private static final String SAVED_CONFIRMED_CREDENTIAL_USERS = "ConfirmedCredentialUsers";
private static final String SAVED_CONFIRMING_CREDENTIAL_USER = "ConfirmingCredentialUser";
private static final String USER_ACTION = "com.android.settings.TRUSTED_CREDENTIALS_USER";
private static final int REQUEST_CONFIRM_CREDENTIALS = 1;
@Override
protected int getMetricsCategory() {
@@ -154,6 +157,8 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment
private TabHost mTabHost;
private ArrayList<GroupAdapter> mGroupAdapters = new ArrayList<>(2);
private AliasOperation mAliasOperation;
private ArraySet<Integer> mConfirmedCredentialUsers;
private int mConfirmingCredentialUser;
private Set<AdapterData.AliasLoader> mAliasLoaders = new ArraySet<AdapterData.AliasLoader>(2);
private final SparseArray<KeyChainConnection>
mKeyChainConnectionByProfileId = new SparseArray<KeyChainConnection>();
@@ -182,6 +187,17 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment
.getSystemService(Context.KEYGUARD_SERVICE);
mTrustAllCaUserId = getActivity().getIntent().getIntExtra(ARG_SHOW_NEW_FOR_USER,
UserHandle.USER_NULL);
mConfirmedCredentialUsers = new ArraySet<>(2);
mConfirmingCredentialUser = UserHandle.USER_NULL;
if (savedInstanceState != null) {
mConfirmingCredentialUser = savedInstanceState.getInt(SAVED_CONFIRMING_CREDENTIAL_USER,
UserHandle.USER_NULL);
ArrayList<Integer> users = savedInstanceState.getIntegerArrayList(
SAVED_CONFIRMED_CREDENTIAL_USERS);
if (users != null) {
mConfirmedCredentialUsers.addAll(users);
}
}
IntentFilter filter = new IntentFilter();
filter.addAction(Intent.ACTION_MANAGED_PROFILE_AVAILABLE);
@@ -190,6 +206,14 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment
getActivity().registerReceiver(mWorkProfileChangedReceiver, filter);
}
@Override
public void onSaveInstanceState(Bundle outState) {
super.onSaveInstanceState(outState);
outState.putIntegerArrayList(SAVED_CONFIRMED_CREDENTIAL_USERS, new ArrayList<>(
mConfirmedCredentialUsers));
outState.putInt(SAVED_CONFIRMING_CREDENTIAL_USER, mConfirmingCredentialUser);
}
@Override public View onCreateView(
LayoutInflater inflater, ViewGroup parent, Bundle savedInstanceState) {
mTabHost = (TabHost) inflater.inflate(R.layout.trusted_credentials, parent, false);
@@ -219,6 +243,16 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment
super.onDestroy();
}
@Override
public void onActivityResult(int requestCode, int resultCode, Intent data) {
if (requestCode == REQUEST_CONFIRM_CREDENTIALS) {
if (resultCode == Activity.RESULT_OK) {
mConfirmedCredentialUsers.add(mConfirmingCredentialUser);
}
mConfirmingCredentialUser = UserHandle.USER_NULL;
}
}
private void closeKeyChainConnections() {
final int n = mKeyChainConnectionByProfileId.size();
for (int i = 0; i < n; ++i) {
@@ -262,14 +296,18 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment
}
/**
* Start work challenge activity. TODO: Move and refactor this method as a util function.
* Start work challenge activity.
* @return true if screenlock exists
*/
private void startWorkChallenge(int userId) {
private boolean startConfirmCredential(int userId) {
final Intent newIntent = mKeyguardManager.createConfirmDeviceCredentialIntent(null, null,
userId);
newIntent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK
| Intent.FLAG_ACTIVITY_EXCLUDE_FROM_RECENTS | Intent.FLAG_ACTIVITY_CLEAR_TASK);
getActivity().startActivity(newIntent);
if (newIntent == null) {
return false;
}
mConfirmingCredentialUser = userId;
startActivityForResult(newIntent, REQUEST_CONFIRM_CREDENTIALS);
return true;
}
/**
@@ -303,7 +341,8 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment
}
@Override
public CertHolder getChild(int groupPosition, int childPosition) {
return mData.mCertHoldersByUserId.get(getUserIdByGroup(groupPosition)).get(childPosition);
return mData.mCertHoldersByUserId.get(getUserIdByGroup(groupPosition)).get(
childPosition);
}
@Override
public long getGroupId(int groupPosition) {
@@ -386,18 +425,27 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment
}
public boolean checkGroupExpandableAndStartWarningActivity(int groupPosition) {
return checkGroupExpandableAndStartWarningActivity(groupPosition, true);
}
public boolean checkGroupExpandableAndStartWarningActivity(int groupPosition,
boolean startActivity) {
final UserHandle groupUser = getGroup(groupPosition);
final int groupUserId = groupUser.getIdentifier();
if (mUserManager.isQuietModeEnabled(groupUser)) {
final Intent intent = UnlaunchableAppActivity.createInQuietModeDialogIntent(
groupUserId);
getActivity().startActivity(intent);
if (startActivity) {
getActivity().startActivity(intent);
}
return false;
} else if (!mUserManager.isUserUnlocked(groupUser)) {
final LockPatternUtils lockPatternUtils = new LockPatternUtils(
getActivity());
if (lockPatternUtils.isSeparateProfileChallengeEnabled(groupUserId)) {
startWorkChallenge(groupUserId);
if (startActivity) {
startConfirmCredential(groupUserId);
}
return false;
}
}
@@ -548,7 +596,8 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment
}
public void prepare() {
mIsListExpanded = checkGroupExpandableAndStartWarningActivity();
mIsListExpanded = mParent.checkGroupExpandableAndStartWarningActivity(mGroupPosition,
false /* startActivity */);
refreshViews();
}
@@ -890,6 +939,15 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment
new AliasOperation(certHolder).execute();
}
@Override
public boolean startConfirmCredentialIfNotConfirmed(int userId) {
if (mConfirmedCredentialUsers.contains(userId)) {
// Credential has been confirmed. Don't start activity.
return false;
}
return startConfirmCredential(userId);
}
private class AliasOperation extends AsyncTask<Void, Void, Boolean> {
private final CertHolder mCertHolder;