DISALLOW_CONFIG_CREDENTIALS blocks user credentials

All settings preferences related to credentials of any kind should be stopped by this user restriction. Bug: 26879958 Change-Id: I983c6e58081bd4022bb006942499cba4b74954e7
2016-03-11 16:22:23 +00:00
parent f19001f2c0
commit c421db78f0
3 changed files with 37 additions and 12 deletions
--- a/src/com/android/settings/UserCredentialsSettings.java
+++ b/src/com/android/settings/UserCredentialsSettings.java
@@ -28,6 +28,8 @@ import android.os.Bundle;
 import android.os.Parcel;
 import android.os.Parcelable;
 import android.os.RemoteException;
+import android.os.UserHandle;
+import android.os.UserManager;
 import android.security.Credentials;
 import android.security.IKeyChainService;
 import android.security.KeyChain;
@@ -44,6 +46,8 @@ import android.widget.ListView;
 import android.widget.TextView;

 import com.android.internal.logging.MetricsProto.MetricsEvent;
+import com.android.settingslib.RestrictedLockUtils;
+import com.android.settingslib.RestrictedLockUtils.EnforcedAdmin;

 import java.util.EnumSet;
 import java.util.Set;
@@ -118,19 +122,34 @@ public class UserCredentialsSettings extends InstrumentedFragment implements OnI
                    new Credential[] {item}).getView(0, null, null);
            infoContainer.addView(view);

-            return new AlertDialog.Builder(getActivity())
+            UserManager userManager
+                    = (UserManager) getContext().getSystemService(Context.USER_SERVICE);
+
+            AlertDialog.Builder builder = new AlertDialog.Builder(getActivity())
                    .setView(root)
                    .setTitle(R.string.user_credential_title)
-                    .setPositiveButton(R.string.done, null)
-                    .setNegativeButton(R.string.trusted_credentials_remove_label,
-                            new DialogInterface.OnClickListener() {
-                                @Override public void onClick(DialogInterface dialog, int id) {
-                                    new RemoveCredentialsTask(getContext(), getTargetFragment())
-                                            .execute(item.alias);
-                                    dialog.dismiss();
-                                }
-                            })
-                    .create();
+                    .setPositiveButton(R.string.done, null);
+
+            final String restriction = UserManager.DISALLOW_CONFIG_CREDENTIALS;
+            final int myUserId = UserHandle.myUserId();
+            if (!RestrictedLockUtils.hasBaseUserRestriction(getContext(), restriction, myUserId)) {
+                DialogInterface.OnClickListener listener = new DialogInterface.OnClickListener() {
+                    @Override public void onClick(DialogInterface dialog, int id) {
+                        final EnforcedAdmin admin = RestrictedLockUtils.checkIfRestrictionEnforced(
+                                getContext(), restriction, myUserId);
+                        if (admin != null) {
+                            RestrictedLockUtils.sendShowAdminSupportDetailsIntent(getContext(),
+                                    admin);
+                        } else {
+                            new RemoveCredentialsTask(getContext(), getTargetFragment())
+                                    .execute(item.alias);
+                        }
+                        dialog.dismiss();
+                    }
+                };
+                builder.setNegativeButton(R.string.trusted_credentials_remove_label, listener);
+            }
+            return builder.create();
        }

        private class RemoveCredentialsTask extends AsyncTask<String, Void, Void> {