- Add SwitchPreference to allow user to control the pin auto confirm feature
- Add Checkbox option during the PIN setup in Security app
- Disable the opt-in checkbox during SUW entry point for PIN setup
- Update SwitchPreference availability appropriately according to current PIN length
- Update the pin_auto_confirm setting appropriately according to state of switchPreference or checkbox state (in PIN setup)
- Update the error-message when PIN Too short to let user know six digit is recommended
Bug: 262926000
Bug: 262936383
Bug: 262934702
Bug: 262935305
Test: Manual Test
Test: atest SettingsRoboTests
Change-Id: Ib9e09bd5ce44652158e77f80e8be19c4dd50f3bf
Since the SetupChooseLockPattern include header icon
header title, header sub-title, pattern state description,
LockPatternView and FooterBar, there was a limited room
for LockPatternView especially in the confirm steps which
both header title and pattern description occupy 2 lines space.
Hance the PatternView size used to inconsistence in-between
1st draw and 2nd confirm draw, besides it's visual looks
jumping and small on some device which have smaller display.
This solution includes 3 changes:
1. Organized the pattern view message to leverage
header sub-title view, then we can resever more space.
(Set minHeight=2 for sub-title)
2. Set screen_lock_options button visibilty to GONE when
the stage in 2nd confirmation.(Previously it's INVISIBLE
and reserve additional space)
3. Let LockPatternView align bottom of FrameLayout to prevent
the view juming and flicker.
4. Clean up unused forAnyBiometric flag and code.
5. GlifLayout.getDescriptionTextView() == mHeaderView
Need setDescriptionText() to make the view from GONE -> VISIBLE
6. Polish the stage flow and ensure IntroductionStage show
correct message
7. Add ChooseLockPattern into embeded activity white list
Force show ChooseLockPattern in fullscreen in case the Pattern
view truncated in `NeedToConfirmStage` where the title showing
2 lines and push pattern view down, and get bad UX in the
device which integrate a shorter display.
8. Add test cases for all stage and polish legacy test code.
Test: make RunSettingsRoboTests ROBOTEST_FILTER= \
"com.android.settings.password.SetupChooseLockPatternTest"
Test: make RunSettingsRoboTests ROBOTEST_FILTER= \
"com.android.settings.password.ChooseLockPatternTest"
Bug: 249974175
Bug: 260027850
Change-Id: I868af9b14ba99af5d78a05f6c2a570ccc07aea15
Support for Full Disk Encryption was removed in Android 13, since now
File Based Encryption is always used instead. It turns out that I
missed a fairly large chunk of obsolete code: EncryptionInterstitial,
which is the screen that asks whether the device will require the
primary user's lockscreen credential when it starts up. This used to be
shown when setting the primary user's lockscreen credential, to
determine whether the full-disk encryption key would be tied to that
lockscreen credential or not. But now it's unused code.
This CL removes all this unused code.
This should not change any behavior, with one very minor exception:
Settings will no longer explicitly set the REQUIRE_PASSWORD_TO_DECRYPT
setting to 0 whenever the primary user's lockscreen credential is
changed. (This happened in SaveChosenLockWorkerBase.) This setting is
a @SystemApi, but it no longer has any meaning, since it is never set to
1 anymore. If there is a reason to keep it explicitly set to 0, instead
of unset, we should make LockSettingsService in system_server set it.
Test: Went through SUW, set a PIN, cleared the PIN, set a PIN again (all
using the UI). Nothing unusual seen.
Bug: 208476087
Change-Id: I039cc7a284e3f43e1e284970a5869958c909d1b7
This commit is part of a large scale change to fix errorprone
errors that have been downgraded to warnings in the android
source tree, so that they can be promoted to errors again.
The full list of changes include the following, but not all
will be present in any one individual commit:
BadAnnotationImplementation
BadShiftAmount
BanJNDI
BoxedPrimitiveEquality
ComparableType
ComplexBooleanConstant
CollectionToArraySafeParameter
ConditionalExpressionNumericPromotion
DangerousLiteralNull
DoubleBraceInitialization
DurationFrom
DurationTemporalUnit
EmptyTopLevelDeclaration
EqualsNull
EqualsReference
FormatString
FromTemporalAccessor
GetClassOnAnnotation
GetClassOnClass
HashtableContains
IdentityBinaryExpression
IdentityHashMapBoxing
InstantTemporalUnit
InvalidTimeZoneID
InvalidZoneId
IsInstanceIncompatibleType
JUnitParameterMethodNotFound
LockOnBoxedPrimitive
MathRoundIntLong
MislabeledAndroidString
MisusedDayOfYear
MissingSuperCall
MisusedWeekYear
ModifyingCollectionWithItself
NoCanIgnoreReturnValueOnClasses
NonRuntimeAnnotation
NullableOnContainingClass
NullTernary
OverridesJavaxInjectableMethod
ParcelableCreator
PeriodFrom
PreconditionsInvalidPlaceholder
ProtoBuilderReturnValueIgnored
ProtoFieldNullComparison
RandomModInteger
RectIntersectReturnValueIgnored
ReturnValueIgnored
SelfAssignment
SelfComparison
SelfEquals
SizeGreaterThanOrEqualsZero
StringBuilderInitWithChar
TreeToString
TryFailThrowable
UnnecessaryCheckNotNull
UnusedCollectionModifiedInPlace
XorPower
See https://errorprone.info/bugpatterns for more
information on the checks.
Bug: 253827323
Test: m RUN_ERROR_PRONE=true javac-check
Change-Id: I29f691a22617b1fc834680ff1cf4ab4244203f06
Prevent ChooseLockPassword and ChooseLockPatten being projected to
remote views, add FLAG_SECURE for these screens.
Bug: 179725730
Test: Check these 2 screens not projected to chromecast
Test: robo test for SetupChooseLockPatternTest ChooseLockPatternTest
SetupChooseLockPasswordTest ChooseLockPasswordTest
Change-Id: I7449a24427c966c1aa4280a7b7e7e70b60997cca
Root cause:
- The new added description TextView is too large
- sud_layout_description was add in sud_layout_content
instead of sud_layout_header.
Solution:
- Set string lockpassword_choose_your_pattern_description
to GlifLayout as it's description.(Header description)
Bug: 233666752
Fixes 239892091
Test: manual in setup flow, check choose lock pattern layouts
showing expectedly on both phone & tablet
Test: make RunSettingsRoboTests
Change-Id: Iabe503066434f8983dffb88d1c93f2bbf773b860
Since emulated FBE is no longer supported, isFileEncryptedNativeOnly()
and isFileEncryptedNativeOrEmulated() are the same as the new method
isFileEncrypted(). Replace all calls to these deprecated methods in
this repository with isFileEncrypted().
Bug: 232458753
Change-Id: I95beea86ef771396c2e08f2d6a643fdc629ad89f
To distinguish the requirement between all numeric
and not all numeric when COMPLEXITY_HIGH.
Fix: 227149118
Fix: 173167839
Test: manual & robolectric
Change-Id: I1f682625d8e86963218dda43b626a9e55d169fb3
Replaces instances of the old fingerprint icon shown during Setup Wizard
or in Settings with either an updated version or an entirely different
icon.
Test: Manual
Fixes: 196600265
Change-Id: If78e8f0dbdb033f557614a019d4c9dde4493b6c6
PIN and face dialog of Set a PIN screen to avoid flash during transition.
bug:191181054
Test: SUW
Test: make -j RunSettingsRoboTests
Change-Id: I229b190de5e6dc714bbb8408e91c363e90b18f30
- Turn on the collapsing toolbar by default.
- Remove the silky flag from All apps page.
- Ignore tests of ChooseLockGenericTest and trace it on b/179136903.
- Remove silky flag.
Fixes: 183670633
Bug: 179136903
Test: robotests & visual
Change-Id: Iee2a9e7ccaebd1624f995af4fd45446142e5f500
Makes the following changes to strings related to Face Unlock:
- Standardize capitalization of "Face Unlock"
- Use latest versions of traffic light face enroll strings
- Use latest versions of combined biometrics settings strings
- Set SUW description strings programmatically instead of in XML
Test: Manually tested Face Unlock traffic light and grid UIs
Bug: 183649070
Change-Id: Ie67978ae2630493a5b03b00c3f8a639066ab8f3a
Detects the jank of page scrolling which is implemented by
InstrumentedPreferenceFragment.
Bug: 187306869
Test: verify with Perfetto
Change-Id: Icaa557d1b47a12374298f044e2f9568281589f64
* Move all logics around aggregating password policies
to the controller
* Replace HIDE_DISABLED_PREFS and MINIMUM_QUALITY_KEY
with HIDE_INSECURE_OPTIONS as all call sites are just
using them to hide insecure screenlock options.
* Remove password policy aggregation logic from
ChooseLockPassword and make it use policies passed in.
* Remove padlock from disabled screen lock options,
per UX mock.
* Increase char limit for some strings
Bug: 177638284
Bug: 177641868
Bug: 182561862
Test: m RunSettingsRoboTests -j ROBOTEST_FILTER=com.android.settings.password
Test: 1. set profile password quality/complexity and enroll device lock
2. set profile password quality/complexity and enroll work challenge
3. set parent password quality/complexity and enroll device lock
4. set parent password quality/complexity and enroll work challenge
5. set profile and parent password complexity, then enroll work challenge
6. set profile and parent password complexity, then unify work challenge
7. Enroll device lock during SUW
Change-Id: Iba1d37e6f33eba7b7e8e1f805f8e37aaec108404
ConfirmLockPassword enforces that ForceVerifyPath
can only be set when caller is launching InternalActivity,
so the builder needs to launch that activity instead.
This is regressed from Idf6fcb43f7497323d089eb9c37125294e7a7f5dc
Bug: 179172552
Test: m RunSettingsRoboTests -j ROBOTEST_FILTER=com.android.settings.password
Change-Id: I8e03fc69c4748d09f17c29edaa77594e233f79ea
When set, only enforce password requirement explicitly set device-wide.
As part of the change, restructure the code such that ChooseLockGeneric
becomes the central place for aggregating password requirements from
different parties, while ChooseLockPassword only enforces whatever
password reuirement it is told (by ChooseLockGeneric via intent extras)
Bug: 169832516
Test: m RunSettingsRoboTests ROBOTEST_FILTER=com.android.settings.password
Change-Id: I0acbea4819c13d4a8444c7b06928baccead18837
This change do the 2 things:
1. Add new junit tests files which replace robolectric
RobolectricTestRunner & RuntimeEnvironment with
AndroidX objects without problem.
2. Remove the robolectric test files which have it's new junit files.
This change migrate 103 files, there are still 1209
files to go.
Bug: 174728471
Test: atest
make RunSettingsRoboTests
Change-Id: I15ed3f4745b85862f720aabbf710ce1475aced93
Enforce a lock screen that adheres with the required complexity set by
the admin.
This is done by querying the DevicePolicyManager for the complexity set
for the given user, and merging it with the complexity from the "change
lock screen" intent (if any).
If the admin sets a higher complexity requirement than the app
triggering the lock screen change request, then the admin-set complexity
is enforced and the user is not shown information about the requesting
app.
Bug: 165573442
Test: Manually, set complexity using TestDPC and see it applies.
Test: m RunSettingsRoboTests ROBOTEST_FILTER=com.android.settings.password.ChooseLockGenericTest
Test: m RunSettingsRoboTests ROBOTEST_FILTER=com.android.settings.password.ChooseLockPasswordTest
Change-Id: If3f24f7430bdcbcd34265339f7d2a1ff82a44fc1
This is a transitional step towards truth 1.0.1, where these APIs have
been completely removed.
Bug: 168765701
Test: m checkbuild
Change-Id: I76f9c37cb699ce6ab8715ffe35d11668ccbceea1
1) Adds a layout for multi-biometric selection in BiometricEnrollActivity
2) Adds widgets for checkboxes
3) Shows ConfirmLock*/ChooseLock* for multi-biometric devices in
BiometricEnrollActivity
4) finish()'s when loses foreground
5) Adds default string for ChooseLock* and multi-biometrics, e.g.
"Set up Password + Biometrics", as well as associated plumbing
to bring the user back to BiometricEnrollActivity once the
credential is enrolled
6) When max templates enrolled, checkbox becomes disabled and
description string is updated
Bug: 162341940
Bug: 152242790
Fixes: 161742393
No effect on existing devices with the following:
Test: adb shell am start -a android.settings.BIOMETRIC_ENROLL
Test: SUW
Test: make -j RunSettingsRoboTests
Exempt-From-Owner-Approval: Biometric-related change
to EncryptionInterstitial
Change-Id: I855460d50228ace24d4ec5fbe330f02ab406cc02
LockSettingsService returns a handle to the gatekeeper password
instead of the password itself now. As such, update areas of code
accordingly.
Bug: 161765592
Test: RunSettingsRoboTests
Run the following on face/fingerprint devices
Test: Remove credential
adb shell am start -a android.app.action.SET_NEW_PASSWORD
Set up credential + fingerprint
Test: Remove credential,
adb shell am start -a android.settings.FINGERPRINT_SETTINGS
This tests the ChooseLock* logic in FingerprintSettings
Test: Set up credential,
adb shell am start -a android.settings.FINGERPRINT_SETTINGS
This tests the ConfirmLock* logic in FingerprintSettings
Test: Remove device credential, enroll fingerprint/face. Succeeds.
This tests the ChooseLock* returning SP path from
BiometricEnrollIntro
Test: With credential and fingerprint/face enrolled, go to
fingerprint/face settings and enroll. This tests the
ConfirmLock* path in Fingerprint/FaceSettings
Test: Remove device credential, enroll credential-only, enroll
fingerprint/face separately. Succeeds. This tests the
ConfirmLock* returning SP path in BiometricEnrollIntro
Test: In SUW, set up credential, then biometric. This tests
the ChooseLock* path in SUW
Test: In SUW, set up credential, go back, then set up biometric.
This tests the ConfirmLock* path in SUW
Change-Id: Ibc71ec88f8192620d041bfd125f400371708b296
Test: make -j56 RunSettingsRoboTests
Face Tests:
Test: Open face settings, remove face, add face
Test: Open face settings, but cancel credential confirmation.
Face settings does not show up
Test: adb shell am start -a android.app.action.SET_NEW_PASSWORD
Able to enroll face
Fingerprint Tests:
Test: Open fingerprint settings, add button is shown
Test: Open fingerprint settings, but cancel credential confirmation.
Fingerprint settings does not show up
Test: adb shell am start -a android.app.action.SET_NEW_PASSWORD
Able to enroll fingerprint
Bug: 162533680
Change-Id: Ie448ed086e73b0b545bd3a2e62437c543f7aad6c
Biometric enrollment will not request a Gatekeeper HAT during
initial credential setup or credential confirmation anymore.
Instead, it is broken down into the following steps now.
Bug: 161765592
1) Request credential setup / confirmation to return a
Gatekeeper Password
2) Biometric enrollment will generate a challenge
3) Biometric enrollment will request LockSettingsService to
verify(GatekeeperPassword, challenge), and upon verification,
the Gatekeeper HAT will be returned.
Since both LockSettingsService and Biometric enroll/settings
make use of biometric challenges, this allows us to make the
challenge ownership/lifecycle clear (vs. previously, where
LockSettingsService has no idea who the challenge belongs to).
Exempt-From-Owner-Approval:For files not owned by our team,
(StorageWizard), this change is just a method rename
Test: RunSettingsRoboTests
Run the following on face/fingerprint devices
Test: Remove credential
adb shell am start -a android.app.action.SET_NEW_PASSWORD
Set up credential + fingerprint
Test: Remove credential,
adb shell am start -a android.settings.FINGERPRINT_SETTINGS
This tests the ChooseLock* logic in FingerprintSettings
Test: Set up credential,
adb shell am start -a android.settings.FINGERPRINT_SETTINGS
This tests the ConfirmLock* logic in FingerprintSettings
Test: Remove device credential, enroll fingerprint/face. Succeeds.
This tests the ChooseLock* returning SP path from
BiometricEnrollIntro
Test: With credential and fingerprint/face enrolled, go to
fingerprint/face settings and enroll. This tests the
ConfirmLock* path in Fingerprint/FaceSettings
Test: Remove device credential, enroll credential-only, enroll
fingerprint/face separately. Succeeds. This tests the
ConfirmLock* returning SP path in BiometricEnrollIntro
Test: In SUW, set up credential, then biometric. This tests
the ChooseLock* path in SUW
Test: In SUW, set up credential, go back, then set up biometric.
This tests the ConfirmLock* path in SUW
Change-Id: Idf6fcb43f7497323d089eb9c37125294e7a7f5dc
The multitude of slightly different launchConfirmationActivity(*)
methods are a big unsustainable pyramid. It's too difficult to
read, too difficult to track which clients are interested in which
parameters, and too difficult to add new parameters, since we need to
1) Read through all of them and find one that's the closest
2) Try not to affect other callers, so potentially add yet another
3) Modify the internal paths, which all basically call each other
until it reaches the biggest launchConfirmationActivity which
has ALL of the parameters
This change should have no behavioral change.
Note: CredentialStorage doesn't need returnCredentials anymore as of
ag/6073449
Test: make -j56 RunSettingsRoboTests
Test: Manually traced code paths for each invocation. A few hidden
dependencies (such as explicitly setting challenge=0 with
hasChallenge=true) were found. Left them the way they were in
case they were intended
Test: Enroll face, fingerprint
Test: Enable developer options
Test: Change to PIN, Pattern, Password, then back to PIN (so each
type requests confirmation)
Test: adb shell am start -a android.app.action.CONFIRM_DEVICE_CREDENTIAL,
authenticate
Test: adb shell am start -a android.app.action.CONFIRM_FRP_CREDENTIAL
(shows confirm credential screen)
Fixes: 138453993
Change-Id: Ic82ef3c3ac2e14d624281921f2d816bcdacbd82b
