Move trustagent to security package.

Bug: 32953042 Fixes: 34461256 Test: robotests Change-Id: I341076ff320ad60081542a96eb588614230cb13e
2017-11-02 17:48:56 -07:00
parent b2aae6cd57
commit 933188d6f9
10 changed files with 82 additions and 134 deletions
--- a/src/com/android/settings/security/SecurityFeatureProvider.java
+++ b/src/com/android/settings/security/SecurityFeatureProvider.java
@@ -19,7 +19,7 @@ package com.android.settings.security;
 import android.content.Context;
 import android.support.v7.preference.PreferenceScreen;

-import com.android.settings.trustagent.TrustAgentManager;
+import com.android.settings.security.trustagent.TrustAgentManager;
 import com.android.settingslib.drawer.DashboardCategory;


--- a/src/com/android/settings/security/SecurityFeatureProviderImpl.java
+++ b/src/com/android/settings/security/SecurityFeatureProviderImpl.java
@@ -30,8 +30,7 @@ import android.util.ArrayMap;
 import android.util.Pair;

 import com.android.settings.R;
-import com.android.settings.trustagent.TrustAgentManager;
-import com.android.settings.trustagent.TrustAgentManagerImpl;
+import com.android.settings.security.trustagent.TrustAgentManager;
 import com.android.settingslib.drawer.DashboardCategory;
 import com.android.settingslib.drawer.Tile;
 import com.android.settingslib.drawer.TileUtils;
@@ -192,7 +191,7 @@ public class SecurityFeatureProviderImpl implements SecurityFeatureProvider {
    @Override
    public TrustAgentManager getTrustAgentManager() {
        if (mTrustAgentManager == null) {
-            mTrustAgentManager = new TrustAgentManagerImpl();
+            mTrustAgentManager = new TrustAgentManager();
        }
        return mTrustAgentManager;
    }
--- a/src/com/android/settings/security/trustagent/TrustAgentManager.java
+++ b/src/com/android/settings/security/trustagent/TrustAgentManager.java
@@ -0,0 +1,137 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.settings.security.trustagent;
+
+import static android.service.trust.TrustAgentService.TRUST_AGENT_META_DATA;
+
+import android.content.ComponentName;
+import android.content.pm.PackageManager;
+import android.content.pm.ResolveInfo;
+import android.content.res.Resources;
+import android.content.res.TypedArray;
+import android.content.res.XmlResourceParser;
+import android.support.annotation.VisibleForTesting;
+import android.util.AttributeSet;
+import android.util.Log;
+import android.util.Slog;
+import android.util.Xml;
+
+import com.android.settingslib.RestrictedLockUtils;
+
+import org.xmlpull.v1.XmlPullParser;
+import org.xmlpull.v1.XmlPullParserException;
+
+import java.io.IOException;
+
+
+/** A manager for trust agent state. */
+public class TrustAgentManager {
+
+    public static class TrustAgentComponentInfo {
+        public ComponentName componentName;
+        public String title;
+        public String summary;
+        public RestrictedLockUtils.EnforcedAdmin admin = null;
+    }
+
+    private static final String TAG = "TrustAgentManager";
+
+    @VisibleForTesting
+    static final String PERMISSION_PROVIDE_AGENT =
+            android.Manifest.permission.PROVIDE_TRUST_AGENT;
+
+    /**
+     * Determines if the service associated with a resolved trust agent intent is allowed to provide
+     * trust on this device.
+     *
+     * @param resolveInfo The entry corresponding to the matched trust agent intent.
+     * @param pm          The package manager to be used to check for permissions.
+     * @return {@code true} if the associated service is allowed to provide a trust agent, and
+     * {@code false} if otherwise.
+     */
+    public boolean shouldProvideTrust(ResolveInfo resolveInfo, PackageManager pm) {
+        final String packageName = resolveInfo.serviceInfo.packageName;
+        if (pm.checkPermission(PERMISSION_PROVIDE_AGENT, packageName)
+                != PackageManager.PERMISSION_GRANTED) {
+            Log.w(TAG, "Skipping agent because package " + packageName
+                    + " does not have permission " + PERMISSION_PROVIDE_AGENT + ".");
+            return false;
+        }
+        return true;
+    }
+
+    public ComponentName getComponentName(ResolveInfo resolveInfo) {
+        if (resolveInfo == null || resolveInfo.serviceInfo == null) return null;
+        return new ComponentName(resolveInfo.serviceInfo.packageName, resolveInfo.serviceInfo.name);
+    }
+
+    public TrustAgentComponentInfo getSettingsComponent(
+            PackageManager pm, ResolveInfo resolveInfo) {
+        if (resolveInfo == null || resolveInfo.serviceInfo == null
+                || resolveInfo.serviceInfo.metaData == null) {
+            return null;
+        }
+        String cn = null;
+        TrustAgentComponentInfo trustAgentComponentInfo = new TrustAgentComponentInfo();
+        XmlResourceParser parser = null;
+        Exception caughtException = null;
+        try {
+            parser = resolveInfo.serviceInfo.loadXmlMetaData(pm, TRUST_AGENT_META_DATA);
+            if (parser == null) {
+                Slog.w(TAG, "Can't find " + TRUST_AGENT_META_DATA + " meta-data");
+                return null;
+            }
+            Resources res = pm.getResourcesForApplication(resolveInfo.serviceInfo.applicationInfo);
+            AttributeSet attrs = Xml.asAttributeSet(parser);
+            int type;
+            while ((type = parser.next()) != XmlPullParser.END_DOCUMENT
+                    && type != XmlPullParser.START_TAG) {
+            }
+            String nodeName = parser.getName();
+            if (!"trust-agent".equals(nodeName)) {
+                Slog.w(TAG, "Meta-data does not start with trust-agent tag");
+                return null;
+            }
+            TypedArray sa =
+                    res.obtainAttributes(attrs, com.android.internal.R.styleable.TrustAgent);
+            trustAgentComponentInfo.summary =
+                    sa.getString(com.android.internal.R.styleable.TrustAgent_summary);
+            trustAgentComponentInfo.title =
+                    sa.getString(com.android.internal.R.styleable.TrustAgent_title);
+            cn = sa.getString(com.android.internal.R.styleable.TrustAgent_settingsActivity);
+            sa.recycle();
+        } catch (PackageManager.NameNotFoundException e) {
+            caughtException = e;
+        } catch (IOException e) {
+            caughtException = e;
+        } catch (XmlPullParserException e) {
+            caughtException = e;
+        } finally {
+            if (parser != null) parser.close();
+        }
+        if (caughtException != null) {
+            Slog.w(TAG, "Error parsing : " + resolveInfo.serviceInfo.packageName, caughtException);
+            return null;
+        }
+        if (cn != null && cn.indexOf('/') < 0) {
+            cn = resolveInfo.serviceInfo.packageName + "/" + cn;
+        }
+        trustAgentComponentInfo.componentName =
+                (cn == null) ? null : ComponentName.unflattenFromString(cn);
+        return trustAgentComponentInfo;
+    }
+}
--- a/src/com/android/settings/security/trustagent/TrustAgentSettings.java
+++ b/src/com/android/settings/security/trustagent/TrustAgentSettings.java
@@ -0,0 +1,205 @@
+/*
+ * Copyright (C) 2014 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.settings.security.trustagent;
+
+import static com.android.settingslib.RestrictedLockUtils.EnforcedAdmin;
+
+import android.app.admin.DevicePolicyManager;
+import android.content.ComponentName;
+import android.content.Context;
+import android.content.Intent;
+import android.content.pm.PackageManager;
+import android.content.pm.ResolveInfo;
+import android.graphics.drawable.Drawable;
+import android.os.Bundle;
+import android.os.UserHandle;
+import android.service.trust.TrustAgentService;
+import android.support.v14.preference.SwitchPreference;
+import android.support.v7.preference.Preference;
+import android.support.v7.preference.PreferenceGroup;
+import android.util.ArrayMap;
+import android.util.ArraySet;
+
+import com.android.internal.logging.nano.MetricsProto.MetricsEvent;
+import com.android.internal.widget.LockPatternUtils;
+import com.android.settings.R;
+import com.android.settings.SettingsPreferenceFragment;
+import com.android.settings.overlay.FeatureFactory;
+import com.android.settingslib.RestrictedLockUtils;
+import com.android.settingslib.RestrictedSwitchPreference;
+
+import java.util.List;
+
+public class TrustAgentSettings extends SettingsPreferenceFragment implements
+        Preference.OnPreferenceChangeListener {
+    private static final String SERVICE_INTERFACE = TrustAgentService.SERVICE_INTERFACE;
+
+    private ArrayMap<ComponentName, AgentInfo> mAvailableAgents;
+    private final ArraySet<ComponentName> mActiveAgents = new ArraySet<ComponentName>();
+    private LockPatternUtils mLockPatternUtils;
+    private DevicePolicyManager mDpm;
+    private TrustAgentManager mTrustAgentManager;
+
+    public static final class AgentInfo {
+        CharSequence label;
+        ComponentName component; // service that implements ITrustAgent
+        SwitchPreference preference;
+        public Drawable icon;
+
+        @Override
+        public boolean equals(Object other) {
+            if (other instanceof AgentInfo) {
+                return component.equals(((AgentInfo)other).component);
+            }
+            return true;
+        }
+
+        public int compareTo(AgentInfo other) {
+            return component.compareTo(other.component);
+        }
+    }
+
+    @Override
+    public int getMetricsCategory() {
+        return MetricsEvent.TRUST_AGENT;
+    }
+
+    @Override
+    protected int getHelpResource() {
+        return R.string.help_url_trust_agent;
+    }
+
+    @Override
+    public void onCreate(Bundle icicle) {
+        super.onCreate(icicle);
+        mDpm = getActivity().getSystemService(DevicePolicyManager.class);
+        mTrustAgentManager =
+            FeatureFactory.getFactory(getActivity()).getSecurityFeatureProvider()
+                .getTrustAgentManager();
+
+        addPreferencesFromResource(R.xml.trust_agent_settings);
+    }
+
+    public void onResume() {
+        super.onResume();
+        removePreference("dummy_preference");
+        updateAgents();
+    };
+
+    private void updateAgents() {
+        final Context context = getActivity();
+        if (mAvailableAgents == null) {
+            mAvailableAgents = findAvailableTrustAgents();
+        }
+        if (mLockPatternUtils == null) {
+            mLockPatternUtils = new LockPatternUtils(getActivity());
+        }
+        loadActiveAgents();
+        PreferenceGroup category =
+                (PreferenceGroup) getPreferenceScreen().findPreference("trust_agents");
+        category.removeAll();
+
+        final EnforcedAdmin admin = RestrictedLockUtils.checkIfKeyguardFeaturesDisabled(context,
+                DevicePolicyManager.KEYGUARD_DISABLE_TRUST_AGENTS, UserHandle.myUserId());
+
+        final int count = mAvailableAgents.size();
+        for (int i = 0; i < count; i++) {
+            AgentInfo agent = mAvailableAgents.valueAt(i);
+            final RestrictedSwitchPreference preference =
+                    new RestrictedSwitchPreference(getPrefContext());
+            preference.useAdminDisabledSummary(true);
+            agent.preference = preference;
+            preference.setPersistent(false);
+            preference.setTitle(agent.label);
+            preference.setIcon(agent.icon);
+            preference.setPersistent(false);
+            preference.setOnPreferenceChangeListener(this);
+            preference.setChecked(mActiveAgents.contains(agent.component));
+
+            if (admin != null
+                    && mDpm.getTrustAgentConfiguration(null, agent.component) == null) {
+                preference.setChecked(false);
+                preference.setDisabledByAdmin(admin);
+            }
+
+            category.addPreference(agent.preference);
+        }
+    }
+
+    private void loadActiveAgents() {
+        List<ComponentName> activeTrustAgents = mLockPatternUtils.getEnabledTrustAgents(
+                UserHandle.myUserId());
+        if (activeTrustAgents != null) {
+            mActiveAgents.addAll(activeTrustAgents);
+        }
+    }
+
+    private void saveActiveAgents() {
+        mLockPatternUtils.setEnabledTrustAgents(mActiveAgents,
+                UserHandle.myUserId());
+    }
+
+    private ArrayMap<ComponentName, AgentInfo> findAvailableTrustAgents() {
+        PackageManager pm = getActivity().getPackageManager();
+        Intent trustAgentIntent = new Intent(SERVICE_INTERFACE);
+        List<ResolveInfo> resolveInfos = pm.queryIntentServices(trustAgentIntent,
+                PackageManager.GET_META_DATA);
+
+        ArrayMap<ComponentName, AgentInfo> agents = new ArrayMap<ComponentName, AgentInfo>();
+        final int count = resolveInfos.size();
+        agents.ensureCapacity(count);
+        for (int i = 0; i < count; i++ ) {
+            ResolveInfo resolveInfo = resolveInfos.get(i);
+            if (resolveInfo.serviceInfo == null) {
+                continue;
+            }
+            if (!mTrustAgentManager.shouldProvideTrust(resolveInfo, pm)) {
+                continue;
+            }
+            ComponentName name = mTrustAgentManager.getComponentName(resolveInfo);
+            AgentInfo agentInfo = new AgentInfo();
+            agentInfo.label = resolveInfo.loadLabel(pm);
+            agentInfo.icon = resolveInfo.loadIcon(pm);
+            agentInfo.component = name;
+            agents.put(name, agentInfo);
+        }
+        return agents;
+    }
+
+    @Override
+    public boolean onPreferenceChange(Preference preference, Object newValue) {
+        if (preference instanceof SwitchPreference) {
+            final int count = mAvailableAgents.size();
+            for (int i = 0; i < count; i++) {
+                AgentInfo agent = mAvailableAgents.valueAt(i);
+                if (agent.preference == preference) {
+                    if ((Boolean) newValue) {
+                        if (!mActiveAgents.contains(agent.component)) {
+                            mActiveAgents.add(agent.component);
+                        }
+                    } else {
+                        mActiveAgents.remove(agent.component);
+                    }
+                    saveActiveAgents();
+                    return true;
+                }
+            }
+        }
+        return false;
+    }
+
+}