Disable PS entry point and Activity when PS is not allowed.

In this change we disable: 1. Security Center Entry point 2. PrivateSpaceAuthenticationActivity when private profile is not present and cannot be added. Additionally, the intent exposing PrivateSpaceAuthenticationActivity is also non-exported and changed to a better name. Bug: 328578044 Test: Manual build and flash Change-Id: I13d298316c6d719d0b06e4969989ea1da83dd4c6
2024-03-21 14:14:02 +00:00
parent 9c50f2c61d
commit 5e451db395
5 changed files with 87 additions and 8 deletions
--- a/AndroidManifest.xml
+++ b/AndroidManifest.xml
@@ -5103,9 +5103,9 @@
        <activity
            android:name=".privatespace.PrivateSpaceAuthenticationActivity"
            android:theme="@*android:style/Theme.DeviceDefault.Settings.Dialog.NoActionBar"
-            android:exported="true">
+            android:exported="false">
            <intent-filter>
-                <action android:name="com.android.settings.action.PRIVATE_SPACE_SETUP_FLOW" />
+                <action android:name="com.android.settings.action.OPEN_PRIVATE_SPACE_SETTINGS" />
                <category android:name="android.intent.category.DEFAULT"/>
            </intent-filter>
        </activity>
@@ -5117,6 +5117,14 @@
                  android:exported="false">
        </activity>

+        <receiver android:name=".privatespace.PrivateSpaceBroadcastReceiver"
+            android:exported="true">
+            <intent-filter>
+                <action android:name="android.intent.action.PRE_BOOT_COMPLETED"/>
+                <action android:name="android.intent.action.BOOT_COMPLETED"/>
+            </intent-filter>
+        </receiver>
+
        <activity-alias android:name="UsageStatsActivity"
                        android:exported="true"
                        android:label="@string/testing_usage_stats"
--- a/src/com/android/settings/privatespace/PrivateSpaceAuthenticationActivity.java
+++ b/src/com/android/settings/privatespace/PrivateSpaceAuthenticationActivity.java
@@ -50,7 +50,7 @@ import com.google.android.setupdesign.util.ThemeHelper;
 * This class represents an activity responsible for user authentication before starting the private
 * space setup flow or accessing the private space settings page if already created. Also prompts
 * user to set a device lock if not set with an alert dialog. This can be launched using the intent
- * com.android.settings.action.PRIVATE_SPACE_SETUP_FLOW.
+ * com.android.settings.action.OPEN_PRIVATE_SPACE_SETTINGS.
 */
 public class PrivateSpaceAuthenticationActivity extends FragmentActivity {
    private static final String TAG = "PrivateSpaceAuthCheck";
--- a/src/com/android/settings/privatespace/PrivateSpaceBroadcastReceiver.java
+++ b/src/com/android/settings/privatespace/PrivateSpaceBroadcastReceiver.java
@@ -0,0 +1,55 @@
+/*
+ * Copyright (C) 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.settings.privatespace;
+
+import android.content.BroadcastReceiver;
+import android.content.ComponentName;
+import android.content.Context;
+import android.content.Intent;
+import android.content.pm.PackageManager;
+import android.os.UserManager;
+import android.util.Log;
+
+/** Broadcast receiver for enabling/disabling Private Space Root Activity. */
+public class PrivateSpaceBroadcastReceiver extends BroadcastReceiver {
+
+    private static final String TAG = "PrivateSpaceBroadcastReceiver";
+
+    @Override
+    public void onReceive(Context context, Intent intent) {
+        if (android.multiuser.Flags.enablePrivateSpaceFeatures()
+                && android.multiuser.Flags.blockPrivateSpaceCreation()) {
+            Log.d("Here", "Intent: " + intent.getAction());
+            PrivateSpaceMaintainer privateSpaceMaintainer =
+                    PrivateSpaceMaintainer.getInstance(context);
+            // Disable the PrivateSpaceAuthenticationActivity when
+            // -Private Profile is not present and
+            // -Private Profile cannot be added.
+            final int enableState = privateSpaceMaintainer.doesPrivateSpaceExist()
+                    || context.getSystemService(UserManager.class).canAddPrivateProfile()
+                    ? PackageManager.COMPONENT_ENABLED_STATE_ENABLED
+                    : PackageManager.COMPONENT_ENABLED_STATE_DISABLED;
+            ComponentName privateSpaceAuth = new ComponentName(context,
+                    PrivateSpaceAuthenticationActivity.class);
+            Log.d(TAG, "Setting component " + privateSpaceAuth + " state: " + enableState);
+            context.getPackageManager().setComponentEnabledSetting(
+                    privateSpaceAuth,
+                    enableState,
+                    PackageManager.DONT_KILL_APP);
+        }
+    }
+}
--- a/src/com/android/settings/privatespace/PrivateSpaceMaintainer.java
+++ b/src/com/android/settings/privatespace/PrivateSpaceMaintainer.java
@@ -155,7 +155,7 @@ public class PrivateSpaceMaintainer {
            return true;
        }

-        List<UserInfo> users = mUserManager.getProfiles(0);
+        List<UserInfo> users = mUserManager.getProfiles(mContext.getUserId());
        for (UserInfo user : users) {
            if (user.isPrivateProfile()) {
                mUserHandle = user.getUserHandle();
--- a/src/com/android/settings/privatespace/PrivateSpaceSafetySource.java
+++ b/src/com/android/settings/privatespace/PrivateSpaceSafetySource.java
@@ -44,12 +44,28 @@ public final class PrivateSpaceSafetySource {
            return;
        }

-        // Check the profile type - we don't want to show this for anything other than primary user.
        UserManager userManager = context.getSystemService(UserManager.class);
+        PrivateSpaceMaintainer privateSpaceMaintainer =
+                PrivateSpaceMaintainer.getInstance(context);
+        if (android.multiuser.Flags.enablePrivateSpaceFeatures()
+                && android.multiuser.Flags.blockPrivateSpaceCreation()) {
+            // Do not add the entry point when
+            // -Private Profile is not present and
+            // -Private Profile cannot be added.
+            if (!privateSpaceMaintainer.doesPrivateSpaceExist()
+                    && userManager != null
+                    && !userManager.canAddPrivateProfile()) {
+                Log.i(TAG, "Private Space not allowed for user " + context.getUser());
+                return;
+            }
+        } else {
+            // Check the profile type - we don't want to show this for anything other than primary
+            // user.
            if (userManager != null && !userManager.isMainUser()) {
                Log.i(TAG, "setSafetySourceData not main user");
                return;
            }
+        }

        if (!Flags.allowPrivateProfile()
                || !android.multiuser.Flags.enablePrivateSpaceFeatures()) {