PawletOS/app_Settings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Simplify user flow for setting default supervisor as PO

Browse Source 
A follow up CL will clean up and separate the DeviceAdminAdd and
ProfileOwnerAdd logic (see b/131713071)

Bug: 124066840
Test: manual (overlay config_defaultSupervisionProfileOwnerComponent and
confirm only that component can be set as profile owner after setup is
complete)
Test: manual (install CtsVerifier, adb shell am start -n "com.android.cts.verifier/.admin.tapjacking.OverlayingActivity", user should not be able to click the "Allow" button)

Change-Id: Iccd931801145719110ce75421c35db80ea651779
This commit is contained in:
Michael Wachenschwanz
2019-04-25 16:07:39 -07:00
parent 0ea58e740d
commit 35eef604a3
5 changed files with 141 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
AndroidManifest.xml
View File

@@ -1341,14 +1341,15 @@
</intent-filter> </intent-filter>
</activity> </activity>
<activity-alias android:name="SetProfileOwner" <activity android:name=".applications.specialaccess.deviceadmin.ProfileOwnerAdd"
android:label="@string/profile_owner_add_title" android:excludeFromRecents="true"
android:targetActivity=".applications.specialaccess.deviceadmin.DeviceAdminAdd"> android:theme="@style/Transparent"
android:clearTaskOnLaunch="true">
<intent-filter android:priority="1000"> <intent-filter android:priority="1000">
<action android:name="android.app.action.SET_PROFILE_OWNER" /> <action android:name="android.app.action.SET_PROFILE_OWNER" />
<category android:name="android.intent.category.DEFAULT" /> <category android:name="android.intent.category.DEFAULT" />
</intent-filter> </intent-filter>
</activity-alias> </activity>
<activity <activity
android:name="Settings$UsageAccessSettingsActivity" android:name="Settings$UsageAccessSettingsActivity"

38
res/layout/profile_owner_add.xml Normal file
View File

@@ -0,0 +1,38 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
~ Copyright (C) 2019 The Android Open Source Project
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License
-->
<LinearLayout
xmlns:android="http://schemas.android.com/apk/res/android"
android:id="@+id/active_layout"
android:layout_width="match_parent"
android:layout_height="match_parent"
android:orientation="vertical">
<TextView android:id="@+id/add_msg_simplified"
android:layout_width="match_parent"
android:layout_height="0dp"
android:layout_weight="1"
android:scrollbars = "vertical"
android:padding="?dialogPreferredPadding"
android:gravity="center_vertical"/>
<TextView android:id="@+id/admin_warning_simplified"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:paddingStart="?dialogPreferredPadding"
android:paddingEnd="?dialogPreferredPadding"/>
</LinearLayout>

5
res/values/strings.xml
View File

@@ -6019,6 +6019,9 @@
<string name="device_admin_warning">Activating this admin app will allow <string name="device_admin_warning">Activating this admin app will allow
the app <xliff:g id="app_name">%1$s</xliff:g> to perform the the app <xliff:g id="app_name">%1$s</xliff:g> to perform the
following operations:</string> following operations:</string>
<!-- Simplified device admin warning message [CHAR LIMIT=NONE]-->
<string name="device_admin_warning_simplified">This device will be managed and monitored by
<xliff:g id="app_name" example="Example Supervisor">%1$s</xliff:g>.</string>
<!-- Device admin warning message about policies an admin can use --> <!-- Device admin warning message about policies an admin can use -->
<string name="device_admin_status">This admin app is active and allows <string name="device_admin_status">This admin app is active and allows
the app <xliff:g id="app_name">%1$s</xliff:g> to perform the the app <xliff:g id="app_name">%1$s</xliff:g> to perform the
@@ -6026,6 +6029,8 @@
<!-- Title for screen to set a profile owner [CHAR LIMIT=40] --> <!-- Title for screen to set a profile owner [CHAR LIMIT=40] -->
<string name="profile_owner_add_title">Activate Profile Manager?</string> <string name="profile_owner_add_title">Activate Profile Manager?</string>
<!-- Simplified title for dialog to set a profile owner [CHAR LIMIT=40] -->
<string name="profile_owner_add_title_simplified">Allow supervision?</string>
<!-- Warning when trying to add a profile owner admin after setup has completed. [CHAR LIMIT=none] --> <!-- Warning when trying to add a profile owner admin after setup has completed. [CHAR LIMIT=none] -->
<string name="adding_profile_owner_warning">By proceeding, your user will be managed by your <string name="adding_profile_owner_warning">By proceeding, your user will be managed by your
admin which may also be able to store associated data, in addition to your personal admin which may also be able to store associated data, in addition to your personal

64
src/com/android/settings/applications/specialaccess/deviceadmin/DeviceAdminAdd.java
View File

@@ -46,6 +46,7 @@ import android.os.UserHandle;
import android.os.UserManager; import android.os.UserManager;
import android.text.TextUtils; import android.text.TextUtils;
import android.text.TextUtils.TruncateAt; import android.text.TextUtils.TruncateAt;
import android.text.method.ScrollingMovementMethod;
import android.util.EventLog; import android.util.EventLog;
import android.util.Log; import android.util.Log;
import android.view.Display; import android.view.Display;
@@ -273,15 +274,63 @@ public class DeviceAdminAdd extends Activity {
} }
} }
mAddMsgText = getIntent().getCharSequenceExtra(DevicePolicyManager.EXTRA_ADD_EXPLANATION);
if (mAddingProfileOwner) {
// If we're trying to add a profile owner and user setup hasn't completed yet, no // If we're trying to add a profile owner and user setup hasn't completed yet, no
// need to prompt for permission. Just add and finish. // need to prompt for permission. Just add and finish
if (mAddingProfileOwner && !mDPM.hasUserSetupCompleted()) { if (!mDPM.hasUserSetupCompleted()) {
addAndFinish(); addAndFinish();
return; return;
} }
mAddMsgText = getIntent().getCharSequenceExtra(DevicePolicyManager.EXTRA_ADD_EXPLANATION); // othewise, only the defined default supervision profile owner can be set after user
// setup.
final String supervisor = getString(
com.android.internal.R.string.config_defaultSupervisionProfileOwnerComponent);
if (supervisor == null) {
Log.w(TAG, "Unable to set profile owner post-setup, no default supervisor"
+ "profile owner defined");
finish();
return;
}
final ComponentName supervisorComponent = ComponentName.unflattenFromString(
supervisor);
if (who.compareTo(supervisorComponent) != 0) {
Log.w(TAG, "Unable to set non-default profile owner post-setup " + who);
finish();
return;
}
// Build and show the simplified dialog
final Dialog dialog = new AlertDialog.Builder(this)
.setTitle(getText(R.string.profile_owner_add_title_simplified))
.setView(R.layout.profile_owner_add)
.setPositiveButton(R.string.allow, new DialogInterface.OnClickListener() {
public void onClick(DialogInterface dialog, int which) {
addAndFinish();
}
})
.setNeutralButton(R.string.cancel, null)
.setOnDismissListener(new DialogInterface.OnDismissListener() {
public void onDismiss(DialogInterface dialogInterface) {
finish();
}
})
.create();
dialog.show();
mActionButton = ((AlertDialog) dialog).getButton(DialogInterface.BUTTON_POSITIVE);
mActionButton.setFilterTouchesWhenObscured(true);
mAddMsg = dialog.findViewById(R.id.add_msg_simplified);
mAddMsg.setMovementMethod(new ScrollingMovementMethod());
mAddMsg.setText(mAddMsgText);
mAdminWarning = dialog.findViewById(R.id.admin_warning_simplified);
mAdminWarning.setText(getString(R.string.device_admin_warning_simplified,
mProfileOwnerName));
return;
}
setContentView(R.layout.device_admin_add); setContentView(R.layout.device_admin_add);
mAdminIcon = (ImageView)findViewById(R.id.admin_icon); mAdminIcon = (ImageView)findViewById(R.id.admin_icon);
@@ -501,7 +550,9 @@ public class DeviceAdminAdd extends Activity {
protected void onResume() { protected void onResume() {
super.onResume(); super.onResume();
mActionButton.setEnabled(true); mActionButton.setEnabled(true);
if (!mAddingProfileOwner) {
updateInterface(); updateInterface();
}
// As long as we are running, don't let anyone overlay stuff on top of the screen. // As long as we are running, don't let anyone overlay stuff on top of the screen.
mAppOps.setUserRestriction(AppOpsManager.OP_SYSTEM_ALERT_WINDOW, true, mToken); mAppOps.setUserRestriction(AppOpsManager.OP_SYSTEM_ALERT_WINDOW, true, mToken);
mAppOps.setUserRestriction(AppOpsManager.OP_TOAST_WINDOW, true, mToken); mAppOps.setUserRestriction(AppOpsManager.OP_TOAST_WINDOW, true, mToken);
@@ -571,9 +622,6 @@ public class DeviceAdminAdd extends Activity {
} catch (Resources.NotFoundException e) { } catch (Resources.NotFoundException e) {
mAdminDescription.setVisibility(View.GONE); mAdminDescription.setVisibility(View.GONE);
} }
if (mAddingProfileOwner) {
mProfileOwnerWarning.setVisibility(View.VISIBLE);
}
if (mAddMsgText != null) { if (mAddMsgText != null) {
mAddMsg.setText(mAddMsgText); mAddMsg.setText(mAddMsgText);
mAddMsg.setVisibility(View.VISIBLE); mAddMsg.setVisibility(View.VISIBLE);
@@ -634,11 +682,7 @@ public class DeviceAdminAdd extends Activity {
addDeviceAdminPolicies(true /* showDescription */); addDeviceAdminPolicies(true /* showDescription */);
mAdminWarning.setText(getString(R.string.device_admin_warning, mAdminWarning.setText(getString(R.string.device_admin_warning,
mDeviceAdmin.getActivityInfo().applicationInfo.loadLabel(getPackageManager()))); mDeviceAdmin.getActivityInfo().applicationInfo.loadLabel(getPackageManager())));
if (mAddingProfileOwner) {
setTitle(getText(R.string.profile_owner_add_title));
} else {
setTitle(getText(R.string.add_device_admin_msg)); setTitle(getText(R.string.add_device_admin_msg));
}
mActionButton.setText(getText(R.string.add_device_admin)); mActionButton.setText(getText(R.string.add_device_admin));
if (isAdminUninstallable()) { if (isAdminUninstallable()) {
mUninstallButton.setVisibility(View.VISIBLE); mUninstallButton.setVisibility(View.VISIBLE);

31
src/com/android/settings/applications/specialaccess/deviceadmin/ProfileOwnerAdd.java Normal file
View File

@@ -0,0 +1,31 @@
/*
* Copyright (C) 2019 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License
*/
package com.android.settings.applications.specialaccess.deviceadmin;
import android.os.Bundle;
/**
* ProfileOwnerAdd uses the DeviceAdminAdd logic to handle SET_PROFILE_OWNER intents
*
* TODO(b/131713071): Move profile owner add logic from DeviceAdminAdd to here
*/
public class ProfileOwnerAdd extends DeviceAdminAdd {
@Override
protected void onCreate(Bundle icicle) {
super.onCreate(icicle);
}
}