Require unlocked work profile to change notification settings

Require that the work profile be started and unlocked before the user
can change the notification settings for the work profile.

That prevents leaking of notifications from the work profile, which
could happen when the user set the work profile notifications to show
even if the profile was unlocked (an example scenario is a family member
of the user using the device while the work profile is locked).

Test: Manually with TestDPC
Bug: 75252682
Change-Id: I300d001b7439c0a1d0130d7dbc9ec4c2430be227

src/com/android/settings/notification/LockScreenNotificationPreferenceController.java

@@ -19,12 +19,16 @@ package com.android.settings.notification;
 import static android.app.admin.DevicePolicyManager.KEYGUARD_DISABLE_SECURE_NOTIFICATIONS;
 import static android.app.admin.DevicePolicyManager.KEYGUARD_DISABLE_UNREDACTED_NOTIFICATIONS;
 
+import android.app.ActivityManager;
 import android.app.admin.DevicePolicyManager;
+import android.app.KeyguardManager;
 import android.content.ContentResolver;
 import android.content.Context;
+import android.content.Intent;
 import android.database.ContentObserver;
 import android.net.Uri;
 import android.os.Handler;
+import android.os.RemoteException;
 import android.os.UserHandle;
 import android.os.UserManager;
 import android.provider.Settings;
@@ -213,10 +217,6 @@ public class LockScreenNotificationPreferenceController extends AbstractPreferen
     public boolean onPreferenceChange(Preference preference, Object newValue) {
         final String key = preference.getKey();
         if (TextUtils.equals(mWorkSettingKey, key)) {
-            if (Utils.startQuietModeDialogIfNecessary(mContext, UserManager.get(mContext),
-                    mProfileUserId)) {
-                return false;
-            }
             final int val = Integer.parseInt((String) newValue);
             if (val == mLockscreenSelectedValueProfile) {
                 return false;
@@ -244,6 +244,39 @@ public class LockScreenNotificationPreferenceController extends AbstractPreferen
         return false;
     }
 
+    @Override
+    public boolean handlePreferenceTreeClick(Preference preference) {
+        final String key = preference.getKey();
+        if (!TextUtils.equals(mWorkSettingKey, key)) {
+            return false;
+        }
+
+        // Check if the profile is started, first.
+        if (Utils.startQuietModeDialogIfNecessary(mContext, UserManager.get(mContext),
+                    mProfileUserId)) {
+            return true;
+        }
+
+        // Next, check if the profile is unlocked.
+        KeyguardManager manager =
+                (KeyguardManager) mContext.getSystemService(Context.KEYGUARD_SERVICE);
+        if (manager.isDeviceLocked(mProfileUserId)) {
+            //TODO: Figure out how to return the user to the current activity so they
+            //don't have to navigate to the settings again.
+            Intent intent = manager.createConfirmDeviceCredentialIntent(
+                    null, null, mProfileUserId);
+            try {
+                ActivityManager.getService().startConfirmDeviceCredentialIntent(intent,
+                        null /*options*/);
+            } catch (RemoteException ignored) {
+            }
+
+            return true;
+        }
+
+        return false;
+    }
+
     private void setRestrictedIfNotificationFeaturesDisabled(CharSequence entry,
             CharSequence entryValue, int keyguardNotificationFeatures) {
         RestrictedLockUtils.EnforcedAdmin admin =