PawletOS/app_Settings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add cred mng app metrics to Settings

Browse Source 
Log:
* package name
* number of remote apps/URIs
* request accepted
* request failed
* request cancelled
* removed

Bug: 165641221
Test: manual
Change-Id: I629b95626c9581da8d7f1ea6758120768471a60e
This commit is contained in:
Alex Johnston
2021-01-10 15:26:13 +00:00
parent 606e8b1f88
commit c3b31dd94c
2 changed files with 50 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/com/android/settings/security/CredentialManagementAppButtonsController.java
View File

@@ -17,6 +17,7 @@
package com.android.settings.security; package com.android.settings.security;
import android.app.AppOpsManager; import android.app.AppOpsManager;
import android.app.admin.DevicePolicyEventLogger;
import android.content.Context; import android.content.Context;
import android.content.pm.ApplicationInfo; import android.content.pm.ApplicationInfo;
import android.content.pm.PackageManager; import android.content.pm.PackageManager;
@@ -25,6 +26,7 @@ import android.os.Looper;
import android.os.RemoteException; import android.os.RemoteException;
import android.security.IKeyChainService; import android.security.IKeyChainService;
import android.security.KeyChain; import android.security.KeyChain;
import android.stats.devicepolicy.DevicePolicyEnums;
import android.util.Log; import android.util.Log;
import androidx.preference.PreferenceScreen; import androidx.preference.PreferenceScreen;
@@ -98,6 +100,9 @@ public class CredentialManagementAppButtonsController extends BasePreferenceCont
try { try {
IKeyChainService service = KeyChain.bind(mContext).getService(); IKeyChainService service = KeyChain.bind(mContext).getService();
service.removeCredentialManagementApp(); service.removeCredentialManagementApp();
DevicePolicyEventLogger
.createEvent(DevicePolicyEnums.CREDENTIAL_MANAGEMENT_APP_REMOVED)
.write();
} catch (InterruptedException | RemoteException e) { } catch (InterruptedException | RemoteException e) {
Log.e(TAG, "Unable to remove the credential management app"); Log.e(TAG, "Unable to remove the credential management app");
} }

45
src/com/android/settings/security/RequestManageCredentials.java
View File

@@ -18,9 +18,11 @@ package com.android.settings.security;
import android.annotation.Nullable; import android.annotation.Nullable;
import android.app.Activity; import android.app.Activity;
import android.app.admin.DevicePolicyEventLogger;
import android.app.admin.DevicePolicyManager; import android.app.admin.DevicePolicyManager;
import android.content.Context; import android.content.Context;
import android.content.pm.UserInfo; import android.content.pm.UserInfo;
import android.net.Uri;
import android.os.Bundle; import android.os.Bundle;
import android.os.Handler; import android.os.Handler;
import android.os.HandlerThread; import android.os.HandlerThread;
@@ -30,6 +32,7 @@ import android.os.UserManager;
import android.security.AppUriAuthenticationPolicy; import android.security.AppUriAuthenticationPolicy;
import android.security.Credentials; import android.security.Credentials;
import android.security.KeyChain; import android.security.KeyChain;
import android.stats.devicepolicy.DevicePolicyEnums;
import android.text.TextUtils; import android.text.TextUtils;
import android.util.Log; import android.util.Log;
import android.view.View; import android.view.View;
@@ -45,6 +48,8 @@ import com.android.settings.R;
import com.google.android.material.floatingactionbutton.ExtendedFloatingActionButton; import com.google.android.material.floatingactionbutton.ExtendedFloatingActionButton;
import java.util.Map;
/** /**
* Displays a full screen to the user asking whether the calling app can manage the user's * Displays a full screen to the user asking whether the calling app can manage the user's
* KeyChain credentials. This screen includes the authentication policy highlighting what apps and * KeyChain credentials. This screen includes the authentication policy highlighting what apps and
@@ -86,21 +91,28 @@ public class RequestManageCredentials extends Activity {
if (!Credentials.ACTION_MANAGE_CREDENTIALS.equals(getIntent().getAction())) { if (!Credentials.ACTION_MANAGE_CREDENTIALS.equals(getIntent().getAction())) {
Log.e(TAG, "Unable to start activity because intent action is not " Log.e(TAG, "Unable to start activity because intent action is not "
+ Credentials.ACTION_MANAGE_CREDENTIALS); + Credentials.ACTION_MANAGE_CREDENTIALS);
logRequestFailure();
finishWithResultCancelled(); finishWithResultCancelled();
return; return;
} }
if (isManagedDevice()) { if (isManagedDevice()) {
Log.e(TAG, "Credential management on managed devices should be done by the Device " Log.e(TAG, "Credential management on managed devices should be done by the Device "
+ "Policy Controller, not a credential management app"); + "Policy Controller, not a credential management app");
logRequestFailure();
finishWithResultCancelled(); finishWithResultCancelled();
return; return;
} }
mCredentialManagerPackage = getLaunchedFromPackage(); mCredentialManagerPackage = getLaunchedFromPackage();
if (TextUtils.isEmpty(mCredentialManagerPackage)) { if (TextUtils.isEmpty(mCredentialManagerPackage)) {
Log.e(TAG, "Unknown credential manager app"); Log.e(TAG, "Unknown credential manager app");
logRequestFailure();
finishWithResultCancelled(); finishWithResultCancelled();
return; return;
} }
DevicePolicyEventLogger
.createEvent(DevicePolicyEnums.CREDENTIAL_MANAGEMENT_APP_REQUEST_NAME)
.setStrings(mCredentialManagerPackage)
.write();
setContentView(R.layout.request_manage_credentials); setContentView(R.layout.request_manage_credentials);
mKeyChainTread = new HandlerThread("KeyChainConnection"); mKeyChainTread = new HandlerThread("KeyChainConnection");
@@ -111,10 +123,16 @@ public class RequestManageCredentials extends Activity {
getIntent().getParcelableExtra(KeyChain.EXTRA_AUTHENTICATION_POLICY); getIntent().getParcelableExtra(KeyChain.EXTRA_AUTHENTICATION_POLICY);
if (!isValidAuthenticationPolicy(policy)) { if (!isValidAuthenticationPolicy(policy)) {
Log.e(TAG, "Invalid authentication policy"); Log.e(TAG, "Invalid authentication policy");
logRequestFailure();
finishWithResultCancelled(); finishWithResultCancelled();
return; return;
} }
mAuthenticationPolicy = policy; mAuthenticationPolicy = policy;
DevicePolicyEventLogger
.createEvent(DevicePolicyEnums.CREDENTIAL_MANAGEMENT_APP_REQUEST_POLICY)
.setStrings(getNumberOfAuthenticationPolicyApps(mAuthenticationPolicy),
getNumberOfAuthenticationPolicyUris(mAuthenticationPolicy))
.write();
loadRecyclerView(); loadRecyclerView();
loadButtons(); loadButtons();
@@ -185,6 +203,9 @@ public class RequestManageCredentials extends Activity {
Button allowButton = findViewById(R.id.allow_button); Button allowButton = findViewById(R.id.allow_button);
dontAllowButton.setOnClickListener(b -> { dontAllowButton.setOnClickListener(b -> {
DevicePolicyEventLogger
.createEvent(DevicePolicyEnums.CREDENTIAL_MANAGEMENT_APP_REQUEST_DENIED)
.write();
finishWithResultCancelled(); finishWithResultCancelled();
}); });
allowButton.setOnClickListener(b -> setOrUpdateCredentialManagementApp()); allowButton.setOnClickListener(b -> setOrUpdateCredentialManagementApp());
@@ -203,8 +224,12 @@ public class RequestManageCredentials extends Activity {
try { try {
mKeyChainConnection.getService().setCredentialManagementApp( mKeyChainConnection.getService().setCredentialManagementApp(
mCredentialManagerPackage, mAuthenticationPolicy); mCredentialManagerPackage, mAuthenticationPolicy);
DevicePolicyEventLogger
.createEvent(DevicePolicyEnums.CREDENTIAL_MANAGEMENT_APP_REQUEST_ACCEPTED)
.write();
} catch (RemoteException e) { } catch (RemoteException e) {
Log.e(TAG, "Unable to set credential manager app", e); Log.e(TAG, "Unable to set credential manager app", e);
logRequestFailure();
} }
finish(); finish();
} }
@@ -269,4 +294,24 @@ public class RequestManageCredentials extends Activity {
setResult(RESULT_CANCELED); setResult(RESULT_CANCELED);
finish(); finish();
} }
private void logRequestFailure() {
DevicePolicyEventLogger
.createEvent(DevicePolicyEnums.CREDENTIAL_MANAGEMENT_APP_REQUEST_FAILED)
.write();
}
private String getNumberOfAuthenticationPolicyUris(AppUriAuthenticationPolicy policy) {
int numberOfUris = 0;
for (Map.Entry<String, Map<Uri, String>> appsToUris :
policy.getAppAndUriMappings().entrySet()) {
numberOfUris += appsToUris.getValue().size();
}
return String.valueOf(numberOfUris);
}
private String getNumberOfAuthenticationPolicyApps(AppUriAuthenticationPolicy policy) {
return String.valueOf(policy.getAppAndUriMappings().size());
}
} }