PawletOS/app_Settings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Simplify user flow for setting default supervisor as PO

Browse Source 
A follow up CL will clean up and separate the DeviceAdminAdd and
ProfileOwnerAdd logic (see b/131713071)

Bug: 124066840
Test: manual (overlay config_defaultSupervisionProfileOwnerComponent and
confirm only that component can be set as profile owner after setup is
complete)
Test: manual (install CtsVerifier, adb shell am start -n "com.android.cts.verifier/.admin.tapjacking.OverlayingActivity", user should not be able to click the "Allow" button)

Change-Id: Iccd931801145719110ce75421c35db80ea651779
This commit is contained in:
Michael Wachenschwanz
2019-04-25 16:07:39 -07:00
parent 0ea58e740d
commit 35eef604a3
5 changed files with 141 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
AndroidManifest.xml
View File

@@ -1333,22 +1333,23 @@
</activity-alias>
<activity android:name=".applications.specialaccess.deviceadmin.DeviceAdminAdd"
android:label="@string/device_admin_add_title"
android:clearTaskOnLaunch="true">
android:label="@string/device_admin_add_title"
android:clearTaskOnLaunch="true">
<intent-filter>
<action android:name="android.app.action.ADD_DEVICE_ADMIN" />
<category android:name="android.intent.category.DEFAULT" />
</intent-filter>
</activity>
<activity-alias android:name="SetProfileOwner"
android:label="@string/profile_owner_add_title"
android:targetActivity=".applications.specialaccess.deviceadmin.DeviceAdminAdd">
<activity android:name=".applications.specialaccess.deviceadmin.ProfileOwnerAdd"
android:excludeFromRecents="true"
android:theme="@style/Transparent"
android:clearTaskOnLaunch="true">
<intent-filter android:priority="1000">
<action android:name="android.app.action.SET_PROFILE_OWNER" />
<category android:name="android.intent.category.DEFAULT" />
</intent-filter>
</activity-alias>
</activity>
<activity
android:name="Settings$UsageAccessSettingsActivity"

38
res/layout/profile_owner_add.xml Normal file
View File

@@ -0,0 +1,38 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
~ Copyright (C) 2019 The Android Open Source Project
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License
-->
<LinearLayout
xmlns:android="http://schemas.android.com/apk/res/android"
android:id="@+id/active_layout"
android:layout_width="match_parent"
android:layout_height="match_parent"
android:orientation="vertical">
<TextView android:id="@+id/add_msg_simplified"
android:layout_width="match_parent"
android:layout_height="0dp"
android:layout_weight="1"
android:scrollbars = "vertical"
android:padding="?dialogPreferredPadding"
android:gravity="center_vertical"/>
<TextView android:id="@+id/admin_warning_simplified"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:paddingStart="?dialogPreferredPadding"
android:paddingEnd="?dialogPreferredPadding"/>
</LinearLayout>

5
res/values/strings.xml
View File

@@ -6019,6 +6019,9 @@
<string name="device_admin_warning">Activating this admin app will allow
the app <xliff:g id="app_name">%1$s</xliff:g> to perform the
following operations:</string>
<!-- Simplified device admin warning message [CHAR LIMIT=NONE]-->
<string name="device_admin_warning_simplified">This device will be managed and monitored by
<xliff:g id="app_name" example="Example Supervisor">%1$s</xliff:g>.</string>
<!-- Device admin warning message about policies an admin can use -->
<string name="device_admin_status">This admin app is active and allows
the app <xliff:g id="app_name">%1$s</xliff:g> to perform the
@@ -6026,6 +6029,8 @@
<!-- Title for screen to set a profile owner [CHAR LIMIT=40] -->
<string name="profile_owner_add_title">Activate Profile Manager?</string>
<!-- Simplified title for dialog to set a profile owner [CHAR LIMIT=40] -->
<string name="profile_owner_add_title_simplified">Allow supervision?</string>
<!-- Warning when trying to add a profile owner admin after setup has completed. [CHAR LIMIT=none] -->
<string name="adding_profile_owner_warning">By proceeding, your user will be managed by your
admin which may also be able to store associated data, in addition to your personal

76
src/com/android/settings/applications/specialaccess/deviceadmin/DeviceAdminAdd.java
View File

@@ -46,6 +46,7 @@ import android.os.UserHandle;
import android.os.UserManager;
import android.text.TextUtils;
import android.text.TextUtils.TruncateAt;
import android.text.method.ScrollingMovementMethod;
import android.util.EventLog;
import android.util.Log;
import android.view.Display;
@@ -273,15 +274,63 @@ public class DeviceAdminAdd extends Activity {
}
}
// If we're trying to add a profile owner and user setup hasn't completed yet, no
// need to prompt for permission. Just add and finish.
if (mAddingProfileOwner && !mDPM.hasUserSetupCompleted()) {
addAndFinish();
return;
}
mAddMsgText = getIntent().getCharSequenceExtra(DevicePolicyManager.EXTRA_ADD_EXPLANATION);
if (mAddingProfileOwner) {
// If we're trying to add a profile owner and user setup hasn't completed yet, no
// need to prompt for permission. Just add and finish
if (!mDPM.hasUserSetupCompleted()) {
addAndFinish();
return;
}
// othewise, only the defined default supervision profile owner can be set after user
// setup.
final String supervisor = getString(
com.android.internal.R.string.config_defaultSupervisionProfileOwnerComponent);
if (supervisor == null) {
Log.w(TAG, "Unable to set profile owner post-setup, no default supervisor"
+ "profile owner defined");
finish();
return;
}
final ComponentName supervisorComponent = ComponentName.unflattenFromString(
supervisor);
if (who.compareTo(supervisorComponent) != 0) {
Log.w(TAG, "Unable to set non-default profile owner post-setup " + who);
finish();
return;
}
// Build and show the simplified dialog
final Dialog dialog = new AlertDialog.Builder(this)
.setTitle(getText(R.string.profile_owner_add_title_simplified))
.setView(R.layout.profile_owner_add)
.setPositiveButton(R.string.allow, new DialogInterface.OnClickListener() {
public void onClick(DialogInterface dialog, int which) {
addAndFinish();
}
})
.setNeutralButton(R.string.cancel, null)
.setOnDismissListener(new DialogInterface.OnDismissListener() {
public void onDismiss(DialogInterface dialogInterface) {
finish();
}
})
.create();
dialog.show();
mActionButton = ((AlertDialog) dialog).getButton(DialogInterface.BUTTON_POSITIVE);
mActionButton.setFilterTouchesWhenObscured(true);
mAddMsg = dialog.findViewById(R.id.add_msg_simplified);
mAddMsg.setMovementMethod(new ScrollingMovementMethod());
mAddMsg.setText(mAddMsgText);
mAdminWarning = dialog.findViewById(R.id.admin_warning_simplified);
mAdminWarning.setText(getString(R.string.device_admin_warning_simplified,
mProfileOwnerName));
return;
}
setContentView(R.layout.device_admin_add);
mAdminIcon = (ImageView)findViewById(R.id.admin_icon);
@@ -501,7 +550,9 @@ public class DeviceAdminAdd extends Activity {
protected void onResume() {
super.onResume();
mActionButton.setEnabled(true);
updateInterface();
if (!mAddingProfileOwner) {
updateInterface();
}
// As long as we are running, don't let anyone overlay stuff on top of the screen.
mAppOps.setUserRestriction(AppOpsManager.OP_SYSTEM_ALERT_WINDOW, true, mToken);
mAppOps.setUserRestriction(AppOpsManager.OP_TOAST_WINDOW, true, mToken);
@@ -571,9 +622,6 @@ public class DeviceAdminAdd extends Activity {
} catch (Resources.NotFoundException e) {
mAdminDescription.setVisibility(View.GONE);
}
if (mAddingProfileOwner) {
mProfileOwnerWarning.setVisibility(View.VISIBLE);
}
if (mAddMsgText != null) {
mAddMsg.setText(mAddMsgText);
mAddMsg.setVisibility(View.VISIBLE);
@@ -634,11 +682,7 @@ public class DeviceAdminAdd extends Activity {
addDeviceAdminPolicies(true /* showDescription */);
mAdminWarning.setText(getString(R.string.device_admin_warning,
mDeviceAdmin.getActivityInfo().applicationInfo.loadLabel(getPackageManager())));
if (mAddingProfileOwner) {
setTitle(getText(R.string.profile_owner_add_title));
} else {
setTitle(getText(R.string.add_device_admin_msg));
}
setTitle(getText(R.string.add_device_admin_msg));
mActionButton.setText(getText(R.string.add_device_admin));
if (isAdminUninstallable()) {
mUninstallButton.setVisibility(View.VISIBLE);

31
src/com/android/settings/applications/specialaccess/deviceadmin/ProfileOwnerAdd.java Normal file
View File

@@ -0,0 +1,31 @@
/*
* Copyright (C) 2019 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License
*/
package com.android.settings.applications.specialaccess.deviceadmin;
import android.os.Bundle;
/**
* ProfileOwnerAdd uses the DeviceAdminAdd logic to handle SET_PROFILE_OWNER intents
*
* TODO(b/131713071): Move profile owner add logic from DeviceAdminAdd to here
*/
public class ProfileOwnerAdd extends DeviceAdminAdd {
@Override
protected void onCreate(Bundle icicle) {
super.onCreate(icicle);
}
}