diff --git a/src/com/android/settings/MainClear.java b/src/com/android/settings/MainClear.java index 9d219d783ba..9dadcb9600d 100644 --- a/src/com/android/settings/MainClear.java +++ b/src/com/android/settings/MainClear.java @@ -182,10 +182,13 @@ public class MainClear extends InstrumentedFragment implements OnGlobalLayoutLis } if (requestCode == KEYGUARD_REQUEST) { + final int userId = getActivity().getUserId(); if (Utils.requestBiometricAuthenticationForMandatoryBiometrics(getActivity(), false /* biometricsSuccessfullyAuthenticated */, - false /* biometricsAuthenticationRequested */)) { - Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRICS_REQUEST); + false /* biometricsAuthenticationRequested */, + userId)) { + Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRICS_REQUEST, + userId); return; } } diff --git a/src/com/android/settings/Utils.java b/src/com/android/settings/Utils.java index e94769ad61a..add5604a617 100644 --- a/src/com/android/settings/Utils.java +++ b/src/com/android/settings/Utils.java @@ -1487,23 +1487,25 @@ public final class Utils extends com.android.settingslib.Utils { /** * Request biometric authentication if all requirements for mandatory biometrics is satisfied. - * @param context of the corresponding activity/fragment + * + * @param context of the corresponding activity/fragment * @param biometricsSuccessfullyAuthenticated if the user has already authenticated using * biometrics - * @param biometricsAuthenticationRequested if the activity/fragment has already requested for - * biometric prompt + * @param biometricsAuthenticationRequested if the activity/fragment has already requested for + * biometric prompt + * @param userId user id for the authentication request * @return true if all requirements for mandatory biometrics is satisfied */ public static boolean requestBiometricAuthenticationForMandatoryBiometrics( @NonNull Context context, boolean biometricsSuccessfullyAuthenticated, - boolean biometricsAuthenticationRequested) { + boolean biometricsAuthenticationRequested, int userId) { final BiometricManager biometricManager = context.getSystemService(BiometricManager.class); if (biometricManager == null) { Log.e(TAG, "Biometric Manager is null."); return false; } - final int status = biometricManager.canAuthenticate( + final int status = biometricManager.canAuthenticate(userId, BiometricManager.Authenticators.MANDATORY_BIOMETRICS); return android.hardware.biometrics.Flags.mandatoryBiometrics() && status == BiometricManager.BIOMETRIC_SUCCESS @@ -1513,15 +1515,16 @@ public final class Utils extends com.android.settingslib.Utils { /** * Launch biometric prompt for mandatory biometrics. Call - * {@link #requestBiometricAuthenticationForMandatoryBiometrics(Context, boolean, boolean)} + * {@link #requestBiometricAuthenticationForMandatoryBiometrics(Context, boolean, boolean, int)} * to check if all requirements for mandatory biometrics is satisfied * before launching biometric prompt. * - * @param fragment corresponding fragment of the surface + * @param fragment corresponding fragment of the surface * @param requestCode for starting the new activity + * @param userId user id for the authentication request */ public static void launchBiometricPromptForMandatoryBiometrics(@NonNull Fragment fragment, - int requestCode) { + int requestCode, int userId) { final Intent intent = new Intent(); intent.putExtra(BIOMETRIC_PROMPT_AUTHENTICATORS, BiometricManager.Authenticators.MANDATORY_BIOMETRICS); @@ -1529,8 +1532,10 @@ public final class Utils extends com.android.settingslib.Utils { fragment.getString(R.string.cancel)); intent.putExtra(KeyguardManager.EXTRA_DESCRIPTION, fragment.getString(R.string.mandatory_biometrics_prompt_description)); + intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_ALLOW_ANY_USER, true); + intent.putExtra(EXTRA_USER_ID, userId); intent.setClassName(SETTINGS_PACKAGE_NAME, - ConfirmDeviceCredentialActivity.class.getName()); + ConfirmDeviceCredentialActivity.InternalActivity.class.getName()); fragment.startActivityForResult(intent, requestCode); } diff --git a/src/com/android/settings/biometrics/combination/BiometricsSettingsBase.java b/src/com/android/settings/biometrics/combination/BiometricsSettingsBase.java index b9a0b939a6b..835f3a87d68 100644 --- a/src/com/android/settings/biometrics/combination/BiometricsSettingsBase.java +++ b/src/com/android/settings/biometrics/combination/BiometricsSettingsBase.java @@ -144,9 +144,10 @@ public abstract class BiometricsSettingsBase extends DashboardFragment { launchChooseOrConfirmLock(); } else if (Utils.requestBiometricAuthenticationForMandatoryBiometrics( getActivity(), mBiometricsSuccessfullyAuthenticated, - mBiometricsAuthenticationRequested)) { + mBiometricsAuthenticationRequested, mUserId)) { mBiometricsAuthenticationRequested = true; - Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST); + Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST, + mUserId); } updateUnlockPhonePreferenceSummary(); @@ -161,10 +162,11 @@ public abstract class BiometricsSettingsBase extends DashboardFragment { public void onResume() { super.onResume(); if (Utils.requestBiometricAuthenticationForMandatoryBiometrics(getActivity(), - mBiometricsSuccessfullyAuthenticated, mBiometricsAuthenticationRequested) + mBiometricsSuccessfullyAuthenticated, mBiometricsAuthenticationRequested, mUserId) && mGkPwHandle != 0L) { mBiometricsAuthenticationRequested = true; - Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST); + Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST, + mUserId); } if (!mConfirmCredential) { mDoNotFinishActivity = false; diff --git a/src/com/android/settings/biometrics/face/FaceSettings.java b/src/com/android/settings/biometrics/face/FaceSettings.java index 2a0dd83a491..305d6703cfe 100644 --- a/src/com/android/settings/biometrics/face/FaceSettings.java +++ b/src/com/android/settings/biometrics/face/FaceSettings.java @@ -289,9 +289,11 @@ public class FaceSettings extends DashboardFragment { finish(); } } else if (Utils.requestBiometricAuthenticationForMandatoryBiometrics(getActivity(), - mBiometricsSuccessfullyAuthenticated, mBiometricsAuthenticationRequested)) { + mBiometricsSuccessfullyAuthenticated, mBiometricsAuthenticationRequested, + mUserId)) { mBiometricsAuthenticationRequested = true; - Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST); + Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST, + mUserId); } else { mAttentionController.setToken(mToken); mEnrollController.setToken(mToken); diff --git a/src/com/android/settings/biometrics/fingerprint/FingerprintSettings.java b/src/com/android/settings/biometrics/fingerprint/FingerprintSettings.java index c4bbcdeea07..815c08e0de1 100644 --- a/src/com/android/settings/biometrics/fingerprint/FingerprintSettings.java +++ b/src/com/android/settings/biometrics/fingerprint/FingerprintSettings.java @@ -485,9 +485,11 @@ public class FingerprintSettings extends SubSettings { mLaunchedConfirm = true; launchChooseOrConfirmLock(); } else if (Utils.requestBiometricAuthenticationForMandatoryBiometrics(getActivity(), - mBiometricsSuccessfullyAuthenticated, mBiometricsAuthenticationRequested)) { + mBiometricsSuccessfullyAuthenticated, mBiometricsAuthenticationRequested, + mUserId)) { mBiometricsAuthenticationRequested = true; - Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST); + Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST, + mUserId); } else if (!mHasFirstEnrolled) { mIsEnrolling = true; addFirstFingerprint(null); @@ -777,9 +779,11 @@ public class FingerprintSettings extends SubSettings { .getUdfpsEnrollCalibrator(getActivity().getApplicationContext(), null, null); if (Utils.requestBiometricAuthenticationForMandatoryBiometrics(getActivity(), - mBiometricsSuccessfullyAuthenticated, mBiometricsAuthenticationRequested)) { + mBiometricsSuccessfullyAuthenticated, mBiometricsAuthenticationRequested, + mUserId)) { mBiometricsAuthenticationRequested = true; - Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST); + Utils.launchBiometricPromptForMandatoryBiometrics(this, + BIOMETRIC_AUTH_REQUEST, mUserId); } } diff --git a/src/com/android/settings/password/ChooseLockGeneric.java b/src/com/android/settings/password/ChooseLockGeneric.java index b4f13e8d77b..d5d079ecf6d 100644 --- a/src/com/android/settings/password/ChooseLockGeneric.java +++ b/src/com/android/settings/password/ChooseLockGeneric.java @@ -492,9 +492,10 @@ public class ChooseLockGeneric extends SettingsActivity { : null; updatePreferencesOrFinish(false /* isRecreatingActivity */); if (Utils.requestBiometricAuthenticationForMandatoryBiometrics(getContext(), - mBiometricsAuthSuccessful, mWaitingForConfirmation)) { + mBiometricsAuthSuccessful, mWaitingForConfirmation, mUserId)) { mWaitingForConfirmation = true; - Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST); + Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST, + mUserId); } } else if (requestCode == BIOMETRIC_AUTH_REQUEST) { if (resultCode == Activity.RESULT_OK) { diff --git a/tests/robotests/src/com/android/settings/MainClearTest.java b/tests/robotests/src/com/android/settings/MainClearTest.java index 187fce113f9..26a430b161c 100644 --- a/tests/robotests/src/com/android/settings/MainClearTest.java +++ b/tests/robotests/src/com/android/settings/MainClearTest.java @@ -140,8 +140,8 @@ public class MainClearTest { when(mScrollView.getChildCount()).thenReturn(1); doReturn(mMockActivity).when(mMainClear).getActivity(); when(mMockActivity.getSystemService(BiometricManager.class)).thenReturn(mBiometricManager); - when(mBiometricManager.canAuthenticate( - BiometricManager.Authenticators.MANDATORY_BIOMETRICS)) + when(mBiometricManager.canAuthenticate(anyInt(), + eq(BiometricManager.Authenticators.MANDATORY_BIOMETRICS))) .thenReturn(BiometricManager.BIOMETRIC_ERROR_HW_UNAVAILABLE); } @@ -370,8 +370,8 @@ public class MainClearTest { when(mContext.getResources()).thenReturn(mResources); when(mMockActivity.getSystemService(BiometricManager.class)).thenReturn(mBiometricManager); when(mResources.getString(anyInt())).thenReturn(TEST_ACCOUNT_NAME); - when(mBiometricManager.canAuthenticate( - BiometricManager.Authenticators.MANDATORY_BIOMETRICS)) + when(mBiometricManager.canAuthenticate(anyInt(), + eq(BiometricManager.Authenticators.MANDATORY_BIOMETRICS))) .thenReturn(BiometricManager.BIOMETRIC_SUCCESS); doReturn(true).when(mMainClear).isValidRequestCode(eq(MainClear.KEYGUARD_REQUEST)); doNothing().when(mMainClear).startActivityForResult(any(), anyInt()); diff --git a/tests/robotests/src/com/android/settings/UtilsTest.java b/tests/robotests/src/com/android/settings/UtilsTest.java index fd97b78d2ec..b36e9d63e32 100644 --- a/tests/robotests/src/com/android/settings/UtilsTest.java +++ b/tests/robotests/src/com/android/settings/UtilsTest.java @@ -81,6 +81,7 @@ import androidx.fragment.app.Fragment; import androidx.fragment.app.FragmentActivity; import com.android.internal.widget.LockPatternUtils; +import com.android.settings.password.ChooseLockSettingsHelper; import com.android.settings.password.ConfirmDeviceCredentialActivity; import com.android.settings.testutils.shadow.ShadowLockPatternUtils; @@ -532,31 +533,45 @@ public class UtilsTest { when(mContext.getSystemService(BiometricManager.class)).thenReturn(null); assertThat(Utils.requestBiometricAuthenticationForMandatoryBiometrics(mContext, false /* biometricsSuccessfullyAuthenticated */, - false /* biometricsAuthenticationRequested */)).isFalse(); + false /* biometricsAuthenticationRequested */, USER_ID)).isFalse(); } @Test @EnableFlags(Flags.FLAG_MANDATORY_BIOMETRICS) public void testRequestBiometricAuthentication_biometricManagerReturnsSuccess_shouldReturnTrue() { - when(mBiometricManager.canAuthenticate( + when(mBiometricManager.canAuthenticate(USER_ID, BiometricManager.Authenticators.MANDATORY_BIOMETRICS)) .thenReturn(BiometricManager.BIOMETRIC_SUCCESS); - boolean requestBiometricAuthenticationForMandatoryBiometrics = + final boolean requestBiometricAuthenticationForMandatoryBiometrics = Utils.requestBiometricAuthenticationForMandatoryBiometrics(mContext, - true /* biometricsSuccessfullyAuthenticated */, - false /* biometricsAuthenticationRequested */); - assertThat(requestBiometricAuthenticationForMandatoryBiometrics).isFalse(); + false /* biometricsSuccessfullyAuthenticated */, + false /* biometricsAuthenticationRequested */, USER_ID); + assertThat(requestBiometricAuthenticationForMandatoryBiometrics).isTrue(); } @Test @EnableFlags(Flags.FLAG_MANDATORY_BIOMETRICS) public void testRequestBiometricAuthentication_biometricManagerReturnsError_shouldReturnFalse() { - when(mBiometricManager.canAuthenticate( - BiometricManager.Authenticators.MANDATORY_BIOMETRICS)) + when(mBiometricManager.canAuthenticate(anyInt(), + eq(BiometricManager.Authenticators.MANDATORY_BIOMETRICS))) .thenReturn(BiometricManager.BIOMETRIC_ERROR_HW_UNAVAILABLE); assertThat(Utils.requestBiometricAuthenticationForMandatoryBiometrics(mContext, false /* biometricsSuccessfullyAuthenticated */, - false /* biometricsAuthenticationRequested */)).isFalse(); + false /* biometricsAuthenticationRequested */, USER_ID)).isFalse(); + } + + @Test + @EnableFlags(Flags.FLAG_MANDATORY_BIOMETRICS) + public void testRequestBiometricAuthentication_biometricManagerReturnsSuccessForDifferentUser_shouldReturnFalse() { + when(mBiometricManager.canAuthenticate(anyInt(), + eq(BiometricManager.Authenticators.MANDATORY_BIOMETRICS))) + .thenReturn(BiometricManager.BIOMETRIC_ERROR_HW_UNAVAILABLE); + when(mBiometricManager.canAuthenticate(0 /* userId */, + BiometricManager.Authenticators.MANDATORY_BIOMETRICS)) + .thenReturn(BiometricManager.BIOMETRIC_SUCCESS); + assertThat(Utils.requestBiometricAuthenticationForMandatoryBiometrics(mContext, + false /* biometricsSuccessfullyAuthenticated */, + false /* biometricsAuthenticationRequested */, USER_ID)).isFalse(); } @Test @@ -566,7 +581,7 @@ public class UtilsTest { final int requestCode = 1; final ArgumentCaptor intentArgumentCaptor = ArgumentCaptor.forClass(Intent.class); - Utils.launchBiometricPromptForMandatoryBiometrics(mFragment, requestCode); + Utils.launchBiometricPromptForMandatoryBiometrics(mFragment, requestCode, USER_ID); verify(mFragment).startActivityForResult(intentArgumentCaptor.capture(), eq(requestCode)); @@ -576,9 +591,12 @@ public class UtilsTest { BiometricManager.Authenticators.MANDATORY_BIOMETRICS); assertThat(intent.getExtra(BIOMETRIC_PROMPT_NEGATIVE_BUTTON_TEXT)).isNotNull(); assertThat(intent.getExtra(KeyguardManager.EXTRA_DESCRIPTION)).isNotNull(); + assertThat(intent.getBooleanExtra(ChooseLockSettingsHelper.EXTRA_KEY_ALLOW_ANY_USER, false)) + .isTrue(); + assertThat(intent.getIntExtra(Intent.EXTRA_USER_ID, 0)).isEqualTo(USER_ID); assertThat(intent.getComponent().getPackageName()).isEqualTo(SETTINGS_PACKAGE_NAME); assertThat(intent.getComponent().getClassName()).isEqualTo( - ConfirmDeviceCredentialActivity.class.getName()); + ConfirmDeviceCredentialActivity.InternalActivity.class.getName()); } private void setUpForConfirmCredentialString(boolean isEffectiveUserManagedProfile) { diff --git a/tests/robotests/src/com/android/settings/biometrics/combination/CombinedBiometricProfileSettingsTest.java b/tests/robotests/src/com/android/settings/biometrics/combination/CombinedBiometricProfileSettingsTest.java index a775731df59..4f8860e8832 100644 --- a/tests/robotests/src/com/android/settings/biometrics/combination/CombinedBiometricProfileSettingsTest.java +++ b/tests/robotests/src/com/android/settings/biometrics/combination/CombinedBiometricProfileSettingsTest.java @@ -127,8 +127,8 @@ public class CombinedBiometricProfileSettingsTest { mFragment = spy(new TestCombinedBiometricProfileSettings(mContext)); doReturn(mActivity).when(mFragment).getActivity(); doReturn(mBiometricManager).when(mActivity).getSystemService(BiometricManager.class); - when(mBiometricManager.canAuthenticate( - BiometricManager.Authenticators.MANDATORY_BIOMETRICS)) + when(mBiometricManager.canAuthenticate(anyInt(), + eq(BiometricManager.Authenticators.MANDATORY_BIOMETRICS))) .thenReturn(BiometricManager.BIOMETRIC_ERROR_HW_UNAVAILABLE); ReflectionHelpers.setField(mFragment, "mDashboardFeatureProvider", @@ -181,8 +181,8 @@ public class CombinedBiometricProfileSettingsTest { public void testLaunchBiometricPrompt_onCreateFragment() { ArgumentCaptor intentArgumentCaptor = ArgumentCaptor.forClass(Intent.class); doNothing().when(mFragment).startActivityForResult(any(), anyInt()); - when(mBiometricManager.canAuthenticate( - BiometricManager.Authenticators.MANDATORY_BIOMETRICS)) + when(mBiometricManager.canAuthenticate(anyInt(), + eq(BiometricManager.Authenticators.MANDATORY_BIOMETRICS))) .thenReturn(BiometricManager.BIOMETRIC_SUCCESS); mFragment.onAttach(mContext); @@ -193,7 +193,7 @@ public class CombinedBiometricProfileSettingsTest { Intent intent = intentArgumentCaptor.getValue(); assertThat(intent.getComponent().getClassName()).isEqualTo( - ConfirmDeviceCredentialActivity.class.getName()); + ConfirmDeviceCredentialActivity.InternalActivity.class.getName()); } @Test diff --git a/tests/robotests/src/com/android/settings/biometrics/fingerprint/FingerprintSettingsFragmentTest.java b/tests/robotests/src/com/android/settings/biometrics/fingerprint/FingerprintSettingsFragmentTest.java index a34b6de5335..29b29614133 100644 --- a/tests/robotests/src/com/android/settings/biometrics/fingerprint/FingerprintSettingsFragmentTest.java +++ b/tests/robotests/src/com/android/settings/biometrics/fingerprint/FingerprintSettingsFragmentTest.java @@ -176,7 +176,7 @@ public class FingerprintSettingsFragmentTest { Intent intent = intentArgumentCaptor.getValue(); assertThat(intent.getComponent().getClassName()).isEqualTo( - ConfirmDeviceCredentialActivity.class.getName()); + ConfirmDeviceCredentialActivity.InternalActivity.class.getName()); } // Test the case when FingerprintAuthenticateSidecar receives an error callback from the