Separate the demo user factory reset option with admin user factory reset option.

A security vulnerability was discovered by Android security. b/292548775 Within a short period of time after the device reboot, the user could enter the settings page and factory reset the device. Android Enterprise suggests to add DISALLOW_FACTORY_RESET user restriction to the device. However, DISALLOW_FACTORY_RESET will be enabled on all Android users, including both the admin user and the demo user. The existing behavior in Android settings is that once the user restriction is set, factory reset button will be greyed out, which makes the factory reset functionality in demo user go away. In demo user, the factory reset command will be forwarded to the current active device owner. So in this change, we separate the button for admin user and the button for demo user. In demo user, the button is still visible when the restriction is set. And in admin user, the button will be greyed out as expected. Once this change is in, then Pixel Retail Demo could set the user restriction properly and rely on its internal logic to do factory reset. If other applications are trying to do the factory reset, it will be denied by OS. BUG: 292548775 Change-Id: I9d2d47bb29bc2c1e05058b246908768cd2f95990
2023-09-07 02:57:28 +00:00
parent f2735decd6
commit a44e75d6ed
8 changed files with 147 additions and 23 deletions
--- a/src/com/android/settings/system/FactoryResetPreferenceController.java
+++ b/src/com/android/settings/system/FactoryResetPreferenceController.java
@@ -24,35 +24,26 @@ import androidx.preference.Preference;
 import com.android.settings.R;
 import com.android.settings.Settings;
 import com.android.settings.Utils;
-import com.android.settings.core.PreferenceControllerMixin;
-import com.android.settingslib.core.AbstractPreferenceController;
+import com.android.settings.core.BasePreferenceController;

-public class FactoryResetPreferenceController extends AbstractPreferenceController
-        implements PreferenceControllerMixin {
-    /** Key of the "Factory reset" preference in {@link R.xml.reset_dashboard_fragment}. */
-    private static final String KEY_FACTORY_RESET = "factory_reset";
+public class FactoryResetPreferenceController extends BasePreferenceController {

    private final UserManager mUm;

-    public FactoryResetPreferenceController(Context context) {
-        super(context);
+    public FactoryResetPreferenceController(Context context, String preferenceKey) {
+        super(context, preferenceKey);
        mUm = (UserManager) context.getSystemService(Context.USER_SERVICE);
    }

-    /** Hide "Factory reset" settings for secondary users, except demo users. */
+    /** Hide "Factory reset" settings for secondary users. */
    @Override
-    public boolean isAvailable() {
-        return mUm.isAdminUser() || Utils.isDemoUser(mContext);
-    }
-
-    @Override
-    public String getPreferenceKey() {
-        return KEY_FACTORY_RESET;
+    public int getAvailabilityStatus() {
+        return mUm.isAdminUser() ? AVAILABLE : DISABLED_FOR_USER;
    }

    @Override
    public boolean handlePreferenceTreeClick(Preference preference) {
-        if (KEY_FACTORY_RESET.equals(preference.getKey())) {
+        if (mPreferenceKey.equals(preference.getKey())) {
            final Intent intent = new Intent(mContext, Settings.FactoryResetActivity.class);
            mContext.startActivity(intent);
            return true;