Merge "Add wipe on login failure to Privacy Settings page"

src/com/android/settings/enterprise/AdminActionPreferenceControllerBase.java

@@ -26,12 +26,10 @@ import java.util.Date;
 
 public abstract class AdminActionPreferenceControllerBase extends PreferenceController {
 
-    private final Context mContext;
     protected final EnterprisePrivacyFeatureProvider mFeatureProvider;
 
     public AdminActionPreferenceControllerBase(Context context) {
         super(context);
-        mContext = context;
         mFeatureProvider = FeatureFactory.getFactory(context)
                 .getEnterprisePrivacyFeatureProvider(context);
     }

src/com/android/settings/enterprise/DevicePolicyManagerWrapper.java

@@ -26,6 +26,13 @@ import android.support.annotation.Nullable;
  * newer than the API version supported by Robolectric.
  */
 public interface DevicePolicyManagerWrapper {
+    /**
+     * Calls {@code DevicePolicyManager.getMaximumFailedPasswordsForWipe()}.
+     *
+     * @see android.app.admin.DevicePolicyManager#getMaximumFailedPasswordsForWipe
+     */
+    int getMaximumFailedPasswordsForWipe(@Nullable ComponentName admin, int userHandle);
+
     /**
      * Calls {@code DevicePolicyManager.getDeviceOwnerComponentOnAnyUser()}.
      *
@@ -33,12 +40,26 @@ public interface DevicePolicyManagerWrapper {
      */
     ComponentName getDeviceOwnerComponentOnAnyUser();
 
+    /**
+     * Calls {@code DevicePolicyManager.getDeviceOwnerUserId()}.
+     *
+     * @see android.app.admin.DevicePolicyManager#getDeviceOwnerUserId
+     */
+    int getDeviceOwnerUserId();
+
+    /**
+     * Calls {@code DevicePolicyManager.getProfileOwnerAsUser()}.
+     *
+     * @see android.app.admin.DevicePolicyManager#getProfileOwnerAsUser
+     */
+    @Nullable ComponentName getProfileOwnerAsUser(final int userId);
+
     /**
      * Calls {@code DevicePolicyManager.getDeviceOwnerNameOnAnyUser()}.
      *
      * @see android.app.admin.DevicePolicyManager#getDeviceOwnerNameOnAnyUser
      */
-    public CharSequence getDeviceOwnerOrganizationName();
+    CharSequence getDeviceOwnerOrganizationName();
 
     /**
      * Calls {@code DevicePolicyManager.getPermissionGrantState()}.
@@ -53,19 +74,19 @@ public interface DevicePolicyManagerWrapper {
      *
      * @see android.app.admin.DevicePolicyManager#getLastSecurityLogRetrievalTime
      */
-    public long getLastSecurityLogRetrievalTime();
+    long getLastSecurityLogRetrievalTime();
 
     /**
      * Calls {@code DevicePolicyManager.getLastBugReportRequestTime()}.
      *
      * @see android.app.admin.DevicePolicyManager#getLastBugReportRequestTime
      */
-    public long getLastBugReportRequestTime();
+    long getLastBugReportRequestTime();
 
     /**
      * Calls {@code DevicePolicyManager.getLastNetworkLogRetrievalTime()}.
      *
      * @see android.app.admin.DevicePolicyManager#getLastNetworkLogRetrievalTime
      */
-    public long getLastNetworkLogRetrievalTime();
+    long getLastNetworkLogRetrievalTime();
 }

src/com/android/settings/enterprise/DevicePolicyManagerWrapperImpl.java

@@ -27,11 +27,26 @@ public class DevicePolicyManagerWrapperImpl implements DevicePolicyManagerWrappe
         mDpm = dpm;
     }
 
+    @Override
+    public int getMaximumFailedPasswordsForWipe(@Nullable ComponentName admin, int userHandle) {
+        return mDpm.getMaximumFailedPasswordsForWipe(admin, userHandle);
+    }
+
     @Override
     public ComponentName getDeviceOwnerComponentOnAnyUser() {
         return mDpm.getDeviceOwnerComponentOnAnyUser();
     }
 
+    @Override
+    public int getDeviceOwnerUserId() {
+        return mDpm.getDeviceOwnerUserId();
+    }
+
+    @Override
+    public @Nullable ComponentName getProfileOwnerAsUser(final int userId) {
+        return mDpm.getProfileOwnerAsUser(userId);
+    }
+
     @Override
     public CharSequence getDeviceOwnerOrganizationName() {
         return mDpm.getDeviceOwnerOrganizationName();

src/com/android/settings/enterprise/EnterprisePrivacyFeatureProvider.java

@@ -74,4 +74,16 @@ public interface EnterprisePrivacyFeatureProvider {
      * Returns whether the Device Owner set a recommended global HTTP proxy.
      */
     boolean isGlobalHttpProxySet();
+
+    /**
+     * Returns the number of failed login attempts that the Device Owner allows before the entire
+     * device is wiped, or zero if no such limit is set.
+     */
+    int getMaximumFailedPasswordsBeforeWipeInPrimaryUser();
+
+    /**
+     * Returns the number of failed login attempts that the Profile Owner allows before the current
+     * user's managed profile (if any) is wiped, or zero if no such limit is set.
+     */
+    int getMaximumFailedPasswordsBeforeWipeInManagedProfile();
 }

src/com/android/settings/enterprise/EnterprisePrivacyFeatureProviderImpl.java

@@ -16,6 +16,7 @@
 
 package com.android.settings.enterprise;
 
+import android.content.ComponentName;
 import android.content.Context;
 import android.content.Intent;
 import android.content.pm.PackageManager;
@@ -70,12 +71,12 @@ public class EnterprisePrivacyFeatureProviderImpl implements EnterprisePrivacyFe
                 return userInfo.id;
             }
         }
-        return -1;
+        return UserHandle.USER_NULL;
     }
 
     @Override
     public boolean isInCompMode() {
-        return hasDeviceOwner() && getManagedProfileUserId() != -1;
+        return hasDeviceOwner() && getManagedProfileUserId() != UserHandle.USER_NULL;
     }
 
     @Override
@@ -124,7 +125,7 @@ public class EnterprisePrivacyFeatureProviderImpl implements EnterprisePrivacyFe
     @Override
     public boolean isAlwaysOnVpnSetInManagedProfile() {
         final int managedProfileUserId = getManagedProfileUserId();
-        return managedProfileUserId != -1 &&
+        return managedProfileUserId != UserHandle.USER_NULL &&
                 VpnUtils.isAlwaysOnVpnSet(mCm, managedProfileUserId);
     }
 
@@ -133,6 +134,28 @@ public class EnterprisePrivacyFeatureProviderImpl implements EnterprisePrivacyFe
         return mCm.getGlobalProxy() != null;
     }
 
+    @Override
+    public int getMaximumFailedPasswordsBeforeWipeInPrimaryUser() {
+        final ComponentName deviceOwner = mDpm.getDeviceOwnerComponentOnAnyUser();
+        if (deviceOwner == null) {
+            return 0;
+        }
+        return mDpm.getMaximumFailedPasswordsForWipe(deviceOwner, mDpm.getDeviceOwnerUserId());
+    }
+
+    @Override
+    public int getMaximumFailedPasswordsBeforeWipeInManagedProfile() {
+        final int userId = getManagedProfileUserId();
+        if (userId == UserHandle.USER_NULL) {
+            return 0;
+        }
+        final ComponentName profileOwner = mDpm.getProfileOwnerAsUser(userId);
+        if (profileOwner == null) {
+            return 0;
+        }
+        return mDpm.getMaximumFailedPasswordsForWipe(profileOwner, userId);
+    }
+
     protected static class EnterprisePrivacySpan extends ClickableSpan {
         private final Context mContext;
 

src/com/android/settings/enterprise/EnterprisePrivacySettings.java

@@ -63,6 +63,8 @@ public class EnterprisePrivacySettings extends DashboardFragment {
         controllers.add(new AlwaysOnVpnPrimaryUserPreferenceController(context));
         controllers.add(new AlwaysOnVpnManagedProfilePreferenceController(context));
         controllers.add(new GlobalHttpProxyPreferenceController(context));
+        controllers.add(new FailedPasswordWipePrimaryUserPreferenceController(context));
+        controllers.add(new FailedPasswordWipeManagedProfilePreferenceController(context));
         return controllers;
     }
 

src/com/android/settings/enterprise/FailedPasswordWipeManagedProfilePreferenceController.java

@@ -0,0 +1,39 @@
+/*
+ * Copyright (C) 2017 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+package com.android.settings.enterprise;
+
+import android.content.Context;
+
+import com.android.settings.R;
+
+public class FailedPasswordWipeManagedProfilePreferenceController
+        extends FailedPasswordWipePreferenceControllerBase {
+
+    private static final String KEY_FAILED_PASSWORD_WIPE_MANAGED_PROFILE
+            = "failed_password_wipe_managed_profile";
+
+    public FailedPasswordWipeManagedProfilePreferenceController(Context context) {
+        super(context, R.plurals.enterprise_privacy_failed_password_wipe_work);
+    }
+
+    @Override
+    protected int getMaximumFailedPasswordsBeforeWipe() {
+        return mFeatureProvider.getMaximumFailedPasswordsBeforeWipeInManagedProfile();
+    }
+
+    @Override
+    public String getPreferenceKey() {
+        return KEY_FAILED_PASSWORD_WIPE_MANAGED_PROFILE;
+    }
+}

src/com/android/settings/enterprise/FailedPasswordWipePreferenceControllerBase.java

@@ -0,0 +1,54 @@
+/*
+ * Copyright (C) 2017 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+
+package com.android.settings.enterprise;
+
+import android.content.Context;
+import android.content.res.Resources;
+import android.support.v7.preference.Preference;
+
+import com.android.settings.core.PreferenceController;
+import com.android.settings.overlay.FeatureFactory;
+
+public abstract class FailedPasswordWipePreferenceControllerBase extends PreferenceController {
+
+    private final int mStringResourceId;
+    protected final EnterprisePrivacyFeatureProvider mFeatureProvider;
+
+    public FailedPasswordWipePreferenceControllerBase(Context context, int stringResourceId) {
+        super(context);
+        mStringResourceId = stringResourceId;
+        mFeatureProvider = FeatureFactory.getFactory(context)
+                .getEnterprisePrivacyFeatureProvider(context);
+    }
+
+    protected abstract int getMaximumFailedPasswordsBeforeWipe();
+
+    @Override
+    public void updateState(Preference preference) {
+        final int failedPasswordsBeforeWipe = getMaximumFailedPasswordsBeforeWipe();
+        if (failedPasswordsBeforeWipe == 0) {
+            preference.setVisible(false);
+        } else {
+            preference.setVisible(true);
+            preference.setTitle(mContext.getResources().getQuantityString(
+                    mStringResourceId, failedPasswordsBeforeWipe, failedPasswordsBeforeWipe));
+        }
+    }
+
+    @Override
+    public boolean isAvailable() {
+        return true;
+    }
+}

src/com/android/settings/enterprise/FailedPasswordWipePrimaryUserPreferenceController.java

@@ -0,0 +1,39 @@
+/*
+ * Copyright (C) 2017 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+package com.android.settings.enterprise;
+
+import android.content.Context;
+
+import com.android.settings.R;
+
+public class FailedPasswordWipePrimaryUserPreferenceController
+        extends FailedPasswordWipePreferenceControllerBase {
+
+    private static final String KEY_FAILED_PASSWORD_WIPE_PRIMARY_USER
+            = "failed_password_wipe_primary_user";
+
+    public FailedPasswordWipePrimaryUserPreferenceController(Context context) {
+        super(context, R.plurals.enterprise_privacy_failed_password_wipe_device);
+    }
+
+    @Override
+    protected int getMaximumFailedPasswordsBeforeWipe() {
+        return mFeatureProvider.getMaximumFailedPasswordsBeforeWipeInPrimaryUser();
+    }
+
+    @Override
+    public String getPreferenceKey() {
+        return KEY_FAILED_PASSWORD_WIPE_PRIMARY_USER;
+    }
+}