Disable strong auth for all profiles after successful unlock

The change generalizes the workflow to disable strong auth requirements
for all profiles that require authentication to disable quiet mode,
once a successful unlock has happened through CDCA.
Currently, the call to disable the strong auth requirements is only
being done for work-profile.

Test: Tested locally on device with private space setup with a separate
challenge and tested the strong auth tracker values post this change.
Bug: 312184187

Change-Id: Ib41c51d1df78eea9415d72724b8cc693344e2c26

src/com/android/settings/password/ConfirmDeviceCredentialUtils.java

@@ -23,6 +23,8 @@ import android.app.IActivityManager;
 import android.app.admin.DevicePolicyManager;
 import android.content.Intent;
 import android.content.IntentSender;
+import android.content.pm.UserInfo;
+import android.content.pm.UserProperties;
 import android.os.RemoteException;
 import android.os.UserManager;
 import android.view.View;
@@ -68,16 +70,44 @@ public class ConfirmDeviceCredentialUtils {
             DevicePolicyManager dpm, int userId, boolean isStrongAuth) {
         if (isStrongAuth) {
             utils.reportSuccessfulPasswordAttempt(userId);
+            if (isBiometricUnlockEnabledForPrivateSpace()) {
+                final UserInfo userInfo = userManager.getUserInfo(userId);
+                if (userInfo != null) {
+                    if (isProfileThatAlwaysRequiresAuthToDisableQuietMode(userManager, userInfo)
+                            || userInfo.isManagedProfile()) {
+                        // Keyguard is responsible to disable StrongAuth for primary user. Disable
+                        // StrongAuth for profile challenges only here.
+                        utils.userPresent(userId);
+                    }
+                }
+            }
         } else {
             dpm.reportSuccessfulBiometricAttempt(userId);
         }
-        if (userManager.isManagedProfile(userId)) {
+        if (!isBiometricUnlockEnabledForPrivateSpace()) {
-            // Keyguard is responsible to disable StrongAuth for primary user. Disable StrongAuth
+            if (userManager.isManagedProfile(userId)) {
-            // for work challenge only here.
+                // Disable StrongAuth for work challenge only here.
-            utils.userPresent(userId);
+                utils.userPresent(userId);
+            }
         }
     }
 
+    /**
+     * Returns true if the userInfo passed as the parameter corresponds to a profile that always
+     * requires auth to disable quiet mode and false otherwise
+     */
+    private static boolean isProfileThatAlwaysRequiresAuthToDisableQuietMode(
+            UserManager userManager, @NonNull UserInfo userInfo) {
+        final UserProperties userProperties =
+                    userManager.getUserProperties(userInfo.getUserHandle());
+        return userProperties.isAuthAlwaysRequiredToDisableQuietMode() && userInfo.isProfile();
+    }
+
+    private static boolean isBiometricUnlockEnabledForPrivateSpace() {
+        return android.os.Flags.allowPrivateProfile()
+                && android.multiuser.Flags.enableBiometricsToUnlockPrivateSpace();
+    }
+
     /**
      * Request hiding soft-keyboard before animating away credential UI, in case IME
      * insets animation get delayed by dismissing animation.