[SPA] Add biometric authentication for package modification

Add an extra step of Lock Screen for disabling, force-stopping or
uninstalling updates for protected packages

UI Change Details : https://drive.google.com/drive/folders/1w7gKTmCxQ_j-9GQnIpEfF5_gmQ27b8l_?resourcekey=0-brLdN8VfqVPGm2FMwfrmkQ&usp=drive_link
Bug: 352504490, 344865740
Test: atest AppButtonsPreferenceControllerTest PackageInfoPresenterTest
Flag: EXEMPT High Security Bug
Change-Id: I0c494e307b02229d751de118abcc89e4e61a6861

src/com/android/settings/Utils.java

@@ -131,6 +131,7 @@ import com.android.settings.password.ConfirmDeviceCredentialActivity;
 import com.android.settingslib.widget.ActionBarShadowController;
 import com.android.settingslib.widget.AdaptiveIcon;
 
+import java.util.Arrays;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Locale;
@@ -1600,4 +1601,19 @@ public final class Utils extends com.android.settingslib.Utils {
         pm.setComponentEnabledSetting(componentName,
                 PackageManager.COMPONENT_ENABLED_STATE_DISABLED, PackageManager.DONT_KILL_APP);
     }
+
+    /**
+     * Returns {@code true} if the supplied package is a protected package. Otherwise, returns
+     * {@code false}.
+     *
+     * @param context the context
+     * @param packageName the package name
+     */
+    public static boolean isProtectedPackage(
+            @NonNull Context context, @NonNull String packageName) {
+        final List<String> protectedPackageNames = Arrays.asList(context.getResources()
+                .getStringArray(com.android.internal.R.array
+                        .config_biometric_protected_package_names));
+        return protectedPackageNames != null && protectedPackageNames.contains(packageName);
+    }
 }

src/com/android/settings/applications/appinfo/AppButtonsPreferenceController.java

@@ -53,6 +53,7 @@ import com.android.settings.R;
 import com.android.settings.SettingsActivity;
 import com.android.settings.Utils;
 import com.android.settings.applications.ApplicationFeatureProvider;
+import com.android.settings.applications.appinfo.AppInfoDashboardFragment;
 import com.android.settings.applications.specialaccess.deviceadmin.DeviceAdminAdd;
 import com.android.settings.core.BasePreferenceController;
 import com.android.settings.core.InstrumentedPreferenceFragment;
@@ -240,12 +241,20 @@ public class AppButtonsPreferenceController extends BasePreferenceController imp
             } else if ((mAppEntry.info.flags & ApplicationInfo.FLAG_SYSTEM) != 0) {
                 if (mAppEntry.info.enabled && !isDisabledUntilUsed()) {
                     showDialogInner(ButtonActionDialogFragment.DialogType.DISABLE);
+                } else if (mAppEntry.info.enabled) {
+                    requireAuthAndExecute(() -> {
+                        mMetricsFeatureProvider.action(
+                                mActivity,
+                                SettingsEnums.ACTION_SETTINGS_DISABLE_APP,
+                                getPackageNameForMetric());
+                        AsyncTask.execute(new DisableChangerRunnable(mPm,
+                                mAppEntry.info.packageName,
+                                PackageManager.COMPONENT_ENABLED_STATE_DEFAULT));
+                    });
                 } else {
                     mMetricsFeatureProvider.action(
                             mActivity,
-                            mAppEntry.info.enabled
+                            SettingsEnums.ACTION_SETTINGS_ENABLE_APP,
-                                    ? SettingsEnums.ACTION_SETTINGS_DISABLE_APP
-                                    : SettingsEnums.ACTION_SETTINGS_ENABLE_APP,
                             getPackageNameForMetric());
                     AsyncTask.execute(new DisableChangerRunnable(mPm, mAppEntry.info.packageName,
                             PackageManager.COMPONENT_ENABLED_STATE_DEFAULT));
@@ -289,17 +298,34 @@ public class AppButtonsPreferenceController extends BasePreferenceController imp
         }
     }
 
+    /**
+     * Runs the given action with restricted lock authentication if it is a protected package.
+     *
+     * @param action The action to run.
+     */
+    private void requireAuthAndExecute(Runnable action) {
+        if (Utils.isProtectedPackage(mContext, mAppEntry.info.packageName)) {
+            AppInfoDashboardFragment.showLockScreen(mContext, () -> action.run());
+        } else {
+            action.run();
+        }
+    }
+
     public void handleDialogClick(int id) {
         switch (id) {
             case ButtonActionDialogFragment.DialogType.DISABLE:
+                requireAuthAndExecute(() -> {
                     mMetricsFeatureProvider.action(mActivity,
                             SettingsEnums.ACTION_SETTINGS_DISABLE_APP,
                             getPackageNameForMetric());
                     AsyncTask.execute(new DisableChangerRunnable(mPm, mAppEntry.info.packageName,
                             PackageManager.COMPONENT_ENABLED_STATE_DISABLED_USER));
+                });
                 break;
             case ButtonActionDialogFragment.DialogType.FORCE_STOP:
+                requireAuthAndExecute(() -> {
                     forceStopPackage(mAppEntry.info.packageName);
+                });
                 break;
         }
     }
@@ -535,6 +561,7 @@ public class AppButtonsPreferenceController extends BasePreferenceController imp
 
     @VisibleForTesting
     void uninstallPkg(String packageName, boolean allUsers) {
+        requireAuthAndExecute(() -> {
             stopListeningToPackageRemove();
             // Create new intent to launch Uninstaller activity
             Uri packageUri = Uri.parse("package:" + packageName);
@@ -543,6 +570,7 @@ public class AppButtonsPreferenceController extends BasePreferenceController imp
 
             mMetricsFeatureProvider.action(mActivity, SettingsEnums.ACTION_SETTINGS_UNINSTALL_APP);
             mFragment.startActivityForResult(uninstallIntent, mRequestUninstall);
+        });
     }
 
     @VisibleForTesting

src/com/android/settings/spa/app/appinfo/PackageInfoPresenter.kt

@@ -29,6 +29,8 @@ import android.os.UserHandle
 import android.util.Log
 import androidx.annotation.VisibleForTesting
 import androidx.compose.runtime.Composable
+import com.android.settings.Utils
+import com.android.settings.applications.appinfo.AppInfoDashboardFragment
 import com.android.settings.flags.FeatureFlags
 import com.android.settings.flags.FeatureFlagsImpl
 import com.android.settings.overlay.FeatureFactory.Companion.featureFactory
@@ -116,6 +118,16 @@ class PackageInfoPresenter(
 
     private fun isForThisApp(intent: Intent) = packageName == intent.data?.schemeSpecificPart
 
+    private fun requireAuthAndExecute(action: () -> Unit) {
+        if (Utils.isProtectedPackage(context, packageName)) {
+            AppInfoDashboardFragment.showLockScreen(context) {
+                action()
+            }
+        } else {
+            action()
+        }
+    }
+
     /** Enables this package. */
     fun enable() {
         logAction(SettingsEnums.ACTION_SETTINGS_ENABLE_APP)
@@ -129,18 +141,22 @@ class PackageInfoPresenter(
     /** Disables this package. */
     fun disable() {
         logAction(SettingsEnums.ACTION_SETTINGS_DISABLE_APP)
+        requireAuthAndExecute {
             coroutineScope.launch(Dispatchers.IO) {
                 userPackageManager.setApplicationEnabledSetting(
                     packageName, PackageManager.COMPONENT_ENABLED_STATE_DISABLED_USER, 0
                 )
             }
         }
+    }
 
     /** Starts the uninstallation activity. */
     fun startUninstallActivity(forAllUsers: Boolean = false) {
         logAction(SettingsEnums.ACTION_SETTINGS_UNINSTALL_APP)
+        requireAuthAndExecute {
             context.startUninstallActivity(packageName, userHandle, forAllUsers)
         }
+    }
 
     /** Clears this instant app. */
     fun clearInstantApp() {
@@ -153,6 +169,7 @@ class PackageInfoPresenter(
     /** Force stops this package. */
     fun forceStop() {
         logAction(SettingsEnums.ACTION_APP_FORCE_STOP)
+        requireAuthAndExecute {
             coroutineScope.launch(Dispatchers.Default) {
                 Log.d(TAG, "Stopping package $packageName")
                 if (android.app.Flags.appRestrictionsApi()) {
@@ -166,6 +183,7 @@ class PackageInfoPresenter(
                 context.activityManager.forceStopPackageAsUser(packageName, userId)
             }
         }
+    }
 
     fun logAction(category: Int) {
         metricsFeatureProvider.action(context, category, packageName)

tests/robotests/src/com/android/settings/applications/appinfo/AppButtonsPreferenceControllerTest.java

@@ -60,6 +60,7 @@ import com.android.settings.R;
 import com.android.settings.SettingsActivity;
 import com.android.settings.core.InstrumentedPreferenceFragment;
 import com.android.settings.testutils.FakeFeatureFactory;
+import com.android.settings.testutils.shadow.ShadowUtils;
 import com.android.settingslib.applications.AppUtils;
 import com.android.settingslib.applications.ApplicationsState;
 import com.android.settingslib.applications.instantapps.InstantAppDataProvider;
@@ -85,6 +86,7 @@ import org.robolectric.util.ReflectionHelpers;
 
 import java.util.Set;
 
+@Config(shadows = {ShadowUtils.class})
 @RunWith(RobolectricTestRunner.class)
 public class AppButtonsPreferenceControllerTest {
 
@@ -168,6 +170,7 @@ public class AppButtonsPreferenceControllerTest {
     @After
     public void tearDown() {
         ShadowAppUtils.reset();
+        ShadowUtils.reset();
     }
 
     @Test

tests/robotests/testutils/com/android/settings/testutils/shadow/ShadowUtils.java

@@ -51,6 +51,7 @@ public class ShadowUtils {
     private static boolean sIsBatteryPresent;
     private static boolean sIsMultipleBiometricsSupported;
     private static boolean sIsPrivateProfile;
+    private static boolean sIsProtectedPackage;
 
     @Implementation
     protected static int enforceSameOwner(Context context, int userId) {
@@ -84,6 +85,7 @@ public class ShadowUtils {
         sIsBatteryPresent = true;
         sIsMultipleBiometricsSupported = false;
         sIsPrivateProfile = false;
+        sIsProtectedPackage = false;
     }
 
     public static void setIsDemoUser(boolean isDemoUser) {
@@ -199,4 +201,13 @@ public class ShadowUtils {
     public static void setIsPrivateProfile(boolean isPrivateProfile) {
         sIsPrivateProfile = isPrivateProfile;
     }
+
+    @Implementation
+    protected static boolean isProtectedPackage(Context context, String packageName) {
+        return sIsProtectedPackage;
+    }
+
+    public static void setIsProtectedPackage(boolean isProtectedPackage) {
+        sIsProtectedPackage = isProtectedPackage;
+    }
 }

tests/spa_unit/src/com/android/settings/spa/app/appinfo/PackageInfoPresenterTest.kt

@@ -17,6 +17,7 @@
 package com.android.settings.spa.app.appinfo
 
 import android.app.ActivityManager
+import android.app.KeyguardManager
 import android.app.settings.SettingsEnums
 import android.content.Context
 import android.content.Intent
@@ -25,6 +26,8 @@ import android.content.pm.PackageManager
 import android.net.Uri
 import androidx.test.core.app.ApplicationProvider
 import androidx.test.ext.junit.runners.AndroidJUnit4
+import com.android.dx.mockito.inline.extended.ExtendedMockito
+import com.android.settings.Utils
 import com.android.settings.testutils.FakeFeatureFactory
 import com.android.settings.testutils.mockAsUser
 import com.android.settingslib.spaprivileged.framework.common.activityManager
@@ -33,8 +36,11 @@ import com.google.common.truth.Truth.assertThat
 import kotlinx.coroutines.delay
 import kotlinx.coroutines.runBlocking
 import kotlinx.coroutines.test.TestScope
+import org.junit.After
+import org.junit.Before
 import org.junit.Test
 import org.junit.runner.RunWith
+import org.mockito.MockitoSession
 import org.mockito.kotlin.any
 import org.mockito.kotlin.argumentCaptor
 import org.mockito.kotlin.doNothing
@@ -43,6 +49,7 @@ import org.mockito.kotlin.mock
 import org.mockito.kotlin.spy
 import org.mockito.kotlin.verify
 import org.mockito.kotlin.whenever
+import org.mockito.quality.Strictness
 
 @RunWith(AndroidJUnit4::class)
 class PackageInfoPresenterTest {
@@ -51,9 +58,14 @@ class PackageInfoPresenterTest {
 
     private val mockActivityManager = mock<ActivityManager>()
 
+    private val mockKeyguardManager = mock<KeyguardManager>()
+
+    private lateinit var mockSession: MockitoSession
+
     private val context: Context = spy(ApplicationProvider.getApplicationContext()) {
         on { packageManager } doReturn mockPackageManager
         on { activityManager } doReturn mockActivityManager
+        on { getSystemService(Context.KEYGUARD_SERVICE) } doReturn mockKeyguardManager
         doNothing().whenever(mock).startActivityAsUser(any(), any())
         mock.mockAsUser()
     }
@@ -66,6 +78,24 @@ class PackageInfoPresenterTest {
     private val packageInfoPresenter =
         PackageInfoPresenter(context, PACKAGE_NAME, USER_ID, TestScope(), packageManagers)
 
+    private var isUserAuthenticated: Boolean = false
+
+    @Before
+    fun setUp() {
+        mockSession = ExtendedMockito.mockitoSession()
+            .initMocks(this)
+            .mockStatic(Utils::class.java)
+            .strictness(Strictness.LENIENT)
+            .startMocking()
+        whenever(Utils.isProtectedPackage(context, PACKAGE_NAME)).thenReturn(false)
+    }
+
+    @After
+    fun tearDown() {
+        mockSession.finishMocking()
+        isUserAuthenticated = false
+    }
+
     @Test
     fun isInterestedAppChange_packageChanged_isInterested() {
         val intent = Intent(Intent.ACTION_PACKAGE_CHANGED).apply {
@@ -129,25 +159,37 @@ class PackageInfoPresenterTest {
         packageInfoPresenter.disable()
         delay(100)
 
-        verifyAction(SettingsEnums.ACTION_SETTINGS_DISABLE_APP)
+        verifyDisablePackage()
-        verify(mockPackageManager).setApplicationEnabledSetting(
+    }
-            PACKAGE_NAME, PackageManager.COMPONENT_ENABLED_STATE_DISABLED_USER, 0
+
-        )
+    @Test
+    fun disable_protectedPackage() = runBlocking {
+        mockProtectedPackage()
+        setAuthPassesAutomatically()
+
+        packageInfoPresenter.disable()
+        delay(100)
+
+        verifyUserAuthenticated()
+        verifyDisablePackage()
     }
 
     @Test
     fun startUninstallActivity() = runBlocking {
         packageInfoPresenter.startUninstallActivity()
 
-        verifyAction(SettingsEnums.ACTION_SETTINGS_UNINSTALL_APP)
+        verifyUninstallPackage()
-        val intent = argumentCaptor<Intent> {
-            verify(context).startActivityAsUser(capture(), any())
-        }.firstValue
-        with(intent) {
-            assertThat(action).isEqualTo(Intent.ACTION_UNINSTALL_PACKAGE)
-            assertThat(data?.schemeSpecificPart).isEqualTo(PACKAGE_NAME)
-            assertThat(getBooleanExtra(Intent.EXTRA_UNINSTALL_ALL_USERS, true)).isEqualTo(false)
     }
+
+    @Test
+    fun startUninstallActivity_protectedPackage() = runBlocking {
+        mockProtectedPackage()
+        setAuthPassesAutomatically()
+
+        packageInfoPresenter.startUninstallActivity()
+
+        verifyUserAuthenticated()
+        verifyUninstallPackage()
     }
 
     @Test
@@ -164,8 +206,19 @@ class PackageInfoPresenterTest {
         packageInfoPresenter.forceStop()
         delay(100)
 
-        verifyAction(SettingsEnums.ACTION_APP_FORCE_STOP)
+        verifyForceStop()
-        verify(mockActivityManager).forceStopPackageAsUser(PACKAGE_NAME, USER_ID)
+    }
+
+    @Test
+    fun forceStop_protectedPackage() = runBlocking {
+        mockProtectedPackage()
+        setAuthPassesAutomatically()
+
+        packageInfoPresenter.forceStop()
+        delay(100)
+
+        verifyUserAuthenticated()
+        verifyForceStop()
     }
 
     @Test
@@ -179,6 +232,48 @@ class PackageInfoPresenterTest {
         verify(metricsFeatureProvider).action(context, category, PACKAGE_NAME)
     }
 
+    private fun verifyDisablePackage() {
+        verifyAction(SettingsEnums.ACTION_SETTINGS_DISABLE_APP)
+        verify(mockPackageManager).setApplicationEnabledSetting(
+            PACKAGE_NAME, PackageManager.COMPONENT_ENABLED_STATE_DISABLED_USER, 0
+        )
+    }
+
+    private fun verifyUninstallPackage() {
+        verifyAction(SettingsEnums.ACTION_SETTINGS_UNINSTALL_APP)
+
+        val intent = argumentCaptor<Intent> {
+            verify(context).startActivityAsUser(capture(), any())
+        }.firstValue
+        with(intent) {
+            assertThat(action).isEqualTo(Intent.ACTION_UNINSTALL_PACKAGE)
+            assertThat(data?.schemeSpecificPart).isEqualTo(PACKAGE_NAME)
+            assertThat(getBooleanExtra(Intent.EXTRA_UNINSTALL_ALL_USERS, true)).isEqualTo(false)
+        }
+    }
+
+    private fun verifyForceStop() {
+        verifyAction(SettingsEnums.ACTION_APP_FORCE_STOP)
+        verify(mockActivityManager).forceStopPackageAsUser(PACKAGE_NAME, USER_ID)
+    }
+
+    private fun setAuthPassesAutomatically() {
+        whenever(mockKeyguardManager.isKeyguardSecure).thenReturn(mockUserAuthentication())
+    }
+
+    private fun mockUserAuthentication() : Boolean {
+        isUserAuthenticated = true
+        return false
+    }
+
+    private fun mockProtectedPackage() {
+        whenever(Utils.isProtectedPackage(context, PACKAGE_NAME)).thenReturn(true)
+    }
+
+    private fun verifyUserAuthenticated() {
+        assertThat(isUserAuthenticated).isTrue()
+    }
+
     private companion object {
         const val PACKAGE_NAME = "package.name"
         const val USER_ID = 0