Do a few things in this cl
- Use correct way to work with controller.
- Refactor xml file.
- Separate content of footer to two parts.
- First paragraph should become top intro.
- Rest should keep in footer.
Test: Build apk and see the screen
Bug: 173087905
Change-Id: Icb16dedf6b36542b833527471579aaadb5407d87
Screenshot: https://screenshot.googleplex.com/92Jx6zKyTZU8LJa.png
1) Adds a layout for multi-biometric selection in BiometricEnrollActivity
2) Adds widgets for checkboxes
3) Shows ConfirmLock*/ChooseLock* for multi-biometric devices in
BiometricEnrollActivity
4) finish()'s when loses foreground
5) Adds default string for ChooseLock* and multi-biometrics, e.g.
"Set up Password + Biometrics", as well as associated plumbing
to bring the user back to BiometricEnrollActivity once the
credential is enrolled
6) When max templates enrolled, checkbox becomes disabled and
description string is updated
Bug: 162341940
Bug: 152242790
Fixes: 161742393
No effect on existing devices with the following:
Test: adb shell am start -a android.settings.BIOMETRIC_ENROLL
Test: SUW
Test: make -j RunSettingsRoboTests
Exempt-From-Owner-Approval: Biometric-related change
to EncryptionInterstitial
Change-Id: I855460d50228ace24d4ec5fbe330f02ab406cc02
LockSettingsService returns a handle to the gatekeeper password
instead of the password itself now. As such, update areas of code
accordingly.
Bug: 161765592
Test: RunSettingsRoboTests
Run the following on face/fingerprint devices
Test: Remove credential
adb shell am start -a android.app.action.SET_NEW_PASSWORD
Set up credential + fingerprint
Test: Remove credential,
adb shell am start -a android.settings.FINGERPRINT_SETTINGS
This tests the ChooseLock* logic in FingerprintSettings
Test: Set up credential,
adb shell am start -a android.settings.FINGERPRINT_SETTINGS
This tests the ConfirmLock* logic in FingerprintSettings
Test: Remove device credential, enroll fingerprint/face. Succeeds.
This tests the ChooseLock* returning SP path from
BiometricEnrollIntro
Test: With credential and fingerprint/face enrolled, go to
fingerprint/face settings and enroll. This tests the
ConfirmLock* path in Fingerprint/FaceSettings
Test: Remove device credential, enroll credential-only, enroll
fingerprint/face separately. Succeeds. This tests the
ConfirmLock* returning SP path in BiometricEnrollIntro
Test: In SUW, set up credential, then biometric. This tests
the ChooseLock* path in SUW
Test: In SUW, set up credential, go back, then set up biometric.
This tests the ConfirmLock* path in SUW
Change-Id: Ibc71ec88f8192620d041bfd125f400371708b296
Biometric enrollment will not request a Gatekeeper HAT during
initial credential setup or credential confirmation anymore.
Instead, it is broken down into the following steps now.
Bug: 161765592
1) Request credential setup / confirmation to return a
Gatekeeper Password
2) Biometric enrollment will generate a challenge
3) Biometric enrollment will request LockSettingsService to
verify(GatekeeperPassword, challenge), and upon verification,
the Gatekeeper HAT will be returned.
Since both LockSettingsService and Biometric enroll/settings
make use of biometric challenges, this allows us to make the
challenge ownership/lifecycle clear (vs. previously, where
LockSettingsService has no idea who the challenge belongs to).
Exempt-From-Owner-Approval:For files not owned by our team,
(StorageWizard), this change is just a method rename
Test: RunSettingsRoboTests
Run the following on face/fingerprint devices
Test: Remove credential
adb shell am start -a android.app.action.SET_NEW_PASSWORD
Set up credential + fingerprint
Test: Remove credential,
adb shell am start -a android.settings.FINGERPRINT_SETTINGS
This tests the ChooseLock* logic in FingerprintSettings
Test: Set up credential,
adb shell am start -a android.settings.FINGERPRINT_SETTINGS
This tests the ConfirmLock* logic in FingerprintSettings
Test: Remove device credential, enroll fingerprint/face. Succeeds.
This tests the ChooseLock* returning SP path from
BiometricEnrollIntro
Test: With credential and fingerprint/face enrolled, go to
fingerprint/face settings and enroll. This tests the
ConfirmLock* path in Fingerprint/FaceSettings
Test: Remove device credential, enroll credential-only, enroll
fingerprint/face separately. Succeeds. This tests the
ConfirmLock* returning SP path in BiometricEnrollIntro
Test: In SUW, set up credential, then biometric. This tests
the ChooseLock* path in SUW
Test: In SUW, set up credential, go back, then set up biometric.
This tests the ConfirmLock* path in SUW
Change-Id: Idf6fcb43f7497323d089eb9c37125294e7a7f5dc
The multitude of slightly different launchConfirmationActivity(*)
methods are a big unsustainable pyramid. It's too difficult to
read, too difficult to track which clients are interested in which
parameters, and too difficult to add new parameters, since we need to
1) Read through all of them and find one that's the closest
2) Try not to affect other callers, so potentially add yet another
3) Modify the internal paths, which all basically call each other
until it reaches the biggest launchConfirmationActivity which
has ALL of the parameters
This change should have no behavioral change.
Note: CredentialStorage doesn't need returnCredentials anymore as of
ag/6073449
Test: make -j56 RunSettingsRoboTests
Test: Manually traced code paths for each invocation. A few hidden
dependencies (such as explicitly setting challenge=0 with
hasChallenge=true) were found. Left them the way they were in
case they were intended
Test: Enroll face, fingerprint
Test: Enable developer options
Test: Change to PIN, Pattern, Password, then back to PIN (so each
type requests confirmation)
Test: adb shell am start -a android.app.action.CONFIRM_DEVICE_CREDENTIAL,
authenticate
Test: adb shell am start -a android.app.action.CONFIRM_FRP_CREDENTIAL
(shows confirm credential screen)
Fixes: 138453993
Change-Id: Ic82ef3c3ac2e14d624281921f2d816bcdacbd82b
The internal implementation of generate/revoke in system_server is now
asynchronous. To keep existing clients working, the manager classes
introduce a blocking version of the generateChallenge calls. This change
updates Settings to use the backward-compatible blocking calls.
Bug: 157790417
Test: Enroll fingerprint/face
Test: After enrollment, toggle setFeature or do subsequent enrollment
in face/fingerprint settings
Change-Id: Ib4dfdc5f12530b938ab9b1745f5a19cd9e2eceee
Sometimes Settings Search show the items that are not supported by
the hardware. e.g. FaceLock.
Add log to check the HW status when the problem occurred.
Bug: 156667203
Test: watch the log output.
Change-Id: Ie6a89f338aac6f7bdefc69fc84cfa5bf848ed015
In current design, we only check the hardware support for face unlock to
show/hide the face unlock results in Settings Search. However the face
settings page is not launchable when the user doesn't enroll the face
unlock. It will cause user confused that face unlock results is no
response when they click them. Therefore, it's more making sense to add
enrolled status checking to index the face unlock results.
Test: manual and robotests
Fixes: 157954564
Change-Id: I5dd36e15fe48d537ee499c73cc172fc913b39554
setActiveUser is removed from the @hide API surface and is no longer
necessary. The framework ensures that the correct user is set without
an explicit call, since userId is sent as a parameter to each of the
methods already.
Bug: 157790417
Test: See testing from frameworks/base change (12/n) from the same
gerrit topic
Change-Id: Id88b818ed0bb1f75f18ac8e9ba7aff2a9b80b319
Add the check condition in the getNonIndexableKeys to
check if the FaceManager exist or not.
Fixes: 147076221
Test: manual
Change-Id: I898c936403ce90869a9da28aa14297eb6bf5d730
Currently, there are some biometric security setting and enrollment
screens which remain open after the user has backgrounded them. This
means that they can later be resumed without requiring the user to
confirm their device credential as normal.
This commit fixes the issue in AOSP by adding logic to the affected
biometric enrollment/setting activities in to finish() with
RESULT_TIMEOUT in onStop(). We don't want to finish() these activities
prematurely if the user is currently in a wizard setup flow, however. In
that case, this commit ensures that the newly added logic will not run.
Test: Pixel 3 - Background at each step of fingerprint enroll => finish
Test: Pixel 3 - Rotate at each step of fingerprint enroll => no finish
Test: Pixel 3 - Proceed though fingerprint setup wizard => no change
Bug: 142544519
Change-Id: I8ec0fa1e30bafe097d9dc82991ff786ebf24844b
- Index the delete face unlock preference and set up face unlock preference.
Fixes: 147031175
Test: manual
Change-Id: Ia984a116947d0c2e6a909f53914d081e25496f87
- FaceSettingsLockscreenBypassPreferenceController's preference key
is different from that in xml. Use DashboardFragment generic way to
create PreferenceController which bind the preference key defined in
xml.
- Also refine the way of fixing b/140878309
Fixes: 145893081
Test: manual check FaceSettings and Notification Settings
Change-Id: Ia80e755e3f86b44e771b0cf80c9bf53a8ef8f430
Bug: 140878309
Test: the option is not grayed out for secondary user.
Change-Id: I2413aa3c634e89a90d104e9ad60df15e49c75ed2
(cherry picked from commit e17caeea3f)
- We destoryed the MediaPlayer when VideoPreference is onPause().
When VideoPreference is onResumed, MediaPlayer always start from
pause state, we don't need a data save/restore current video state.
Bug: 143270527
Test: robolectric, manual
Change-Id: I544e933e4237f6d92aeff8a7eb04b52e89d74a4a
- Use SettingsLib Indexable
- Directly use resource id in getPreferenceScreenResId
Bug: 135053028
Test: roboletric
Change-Id: I05f493b55e8b6e2091301e9231ba5615215618e6
- Add function getXmlResourceId, Fragments don't need to write
xml resource id twice.
- Remove getPreferenceControllers from Indexable.java. Because it will
move to SettingsLib later for other apps which don't need this function
Bug: 135053028
Test: robolectric
Change-Id: I1e74519aecdea3dde64a5aea79f08d766dbc0003
Users may have trouble finding this setting in face auth.
Heard this from dogfood/executive feedback and customer support discussion.
So add Skip Lock Screen preference in
Display > Lock screen display > What to show >
and
App & Notifications > Notifications > Lock Screen >
Bug: 138458558
Test: robotest & manual
Change-Id: I10e420821423821743d65b00c8b7e6d4d1224e00
If user enters face settings but does not enter the password, then
turns off the screen, it's possible the challenge is invalidated. Instead,
we should finish() the device credential screen as well as FaceSettings.
This prevents
1) The user from being prompted for credential with lack of context
2) Credential returning a HAT that wraps an invalidated challenge
The user will be returned to the security settings screen, where they
have more context and can decide if they want to enter face settings again.
Fixes: 138273242
Test: 1) Open face settings, do not enter password
2) Press power button
3) Unlock keyguard
4) User is not presented with credential screen
Test: Go through SUW, turning on/off the screen at various security
screens. Able to enroll successfully
Change-Id: I3c3d4600138012821bb0eea7d2927df00011cdb0
1) Should only be shown for owner profile
2) Should be disabled if A) not enrolled, B) DevicePolicyManager, C) HAL issue
Fixes: 134700640
Test: Manual test of conditions above
Change-Id: Id72db59c662df6c529c98aafd610de8c86c77ebd
1) FaceSettings now gets closed when it loses foreground. This prevents
A) Keyguard/LockSettingsService's resetLockout's revokeChallenge from
leaving FaceSettings with a stale HAT which prevents users from
enrolling or toggling elements that require the HAT.
B) generateChallenge has a timeout, which may already have been met
C) User may have forgotten FaceSettings was open and lost context. Thus
it makes no sense to show ConfirmLock* since the user may have no idea
why it's showing anymore.
2) FaceSettings now generatesChallenge in onResume. onCreate is too early
since again, FaceSettings can be launched via intent while on Keyguard.
Similarly, we must ensure that Settings's challenge is generated
late enough (e.g. when it actually gains foregroundness)
Fixes: 133440610
Fixes: 133498264
Test: Open face settings, confirm password, lock screen. After unlocking,
user needs to re-open face settings.
Test: Modify HAL/framework to show re-enroll notification
Tap re-enroll notificaton on keyguard
Delete and re-enroll in settings, successful
Test: FaceSettings enroll works accross orientation change
Test: Tapping enroll button doesn't cause challenge to be revoked
due to onStop()
Change-Id: I60f606314c458a61e9c1b4f4b66bc27bc44287da
This reverts commit d59150eca6.
Bug: 133498264
Bug: 133440610
Reason for revert: Fixing in a different way
Change-Id: Ie444278a9e8b8aac259c31d311757ab8a39567f4
Fixes: 133498264
Fixes: 133440610
Test: open FaceSettings from Settings with and without an enrolled face
Test: open FaceSettings from the notification that asks to re-enroll
Change-Id: I80ca7644f96a538614962232fb3951d1a91d87c7
