0b8788aae4
+ The SIM lock option will now appear if there is any SIM with locking capabilities. + Also, if the first slot does not have a SIM in it, then the SIM lock screen will disable the ability to lock the first slot. Bug: 18473536 Change-Id: Ib4e0ed6e94b00bc07c9febdad433fdb3c55294b8
864 lines
38 KiB
Java
864 lines
38 KiB
Java
/*
|
|
* Copyright (C) 2007 The Android Open Source Project
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
package com.android.settings;
|
|
|
|
|
|
import android.app.Activity;
|
|
import android.app.AlertDialog;
|
|
import android.app.admin.DevicePolicyManager;
|
|
import android.content.ComponentName;
|
|
import android.content.Context;
|
|
import android.content.DialogInterface;
|
|
import android.content.Intent;
|
|
import android.content.pm.PackageManager;
|
|
import android.content.pm.ResolveInfo;
|
|
import android.content.pm.UserInfo;
|
|
import android.content.res.Resources;
|
|
import android.os.Bundle;
|
|
import android.os.UserHandle;
|
|
import android.os.UserManager;
|
|
import android.preference.SwitchPreference;
|
|
import android.preference.ListPreference;
|
|
import android.preference.Preference;
|
|
import android.preference.Preference.OnPreferenceChangeListener;
|
|
import android.preference.PreferenceGroup;
|
|
import android.preference.PreferenceScreen;
|
|
import android.provider.SearchIndexableResource;
|
|
import android.provider.Settings;
|
|
import android.provider.Settings.SettingNotFoundException;
|
|
import android.security.KeyStore;
|
|
import android.service.trust.TrustAgentService;
|
|
import android.telephony.TelephonyManager;
|
|
import android.telephony.SubscriptionManager;
|
|
import android.telephony.SubscriptionInfo;
|
|
import android.text.TextUtils;
|
|
import android.util.Log;
|
|
|
|
import com.android.internal.widget.LockPatternUtils;
|
|
import com.android.settings.TrustAgentUtils.TrustAgentComponentInfo;
|
|
import com.android.settings.search.BaseSearchIndexProvider;
|
|
import com.android.settings.search.Index;
|
|
import com.android.settings.search.Indexable;
|
|
import com.android.settings.search.SearchIndexableRaw;
|
|
|
|
import java.util.ArrayList;
|
|
import java.util.List;
|
|
|
|
import static android.provider.Settings.System.SCREEN_OFF_TIMEOUT;
|
|
|
|
/**
|
|
* Gesture lock pattern settings.
|
|
*/
|
|
public class SecuritySettings extends SettingsPreferenceFragment
|
|
implements OnPreferenceChangeListener, DialogInterface.OnClickListener, Indexable {
|
|
private static final String TRUST_AGENT_CLICK_INTENT = "trust_agent_click_intent";
|
|
static final String TAG = "SecuritySettings";
|
|
private static final Intent TRUST_AGENT_INTENT =
|
|
new Intent(TrustAgentService.SERVICE_INTERFACE);
|
|
|
|
// Lock Settings
|
|
private static final String KEY_UNLOCK_SET_OR_CHANGE = "unlock_set_or_change";
|
|
private static final String KEY_BIOMETRIC_WEAK_IMPROVE_MATCHING =
|
|
"biometric_weak_improve_matching";
|
|
private static final String KEY_BIOMETRIC_WEAK_LIVELINESS = "biometric_weak_liveliness";
|
|
private static final String KEY_LOCK_ENABLED = "lockenabled";
|
|
private static final String KEY_VISIBLE_PATTERN = "visiblepattern";
|
|
private static final String KEY_SECURITY_CATEGORY = "security_category";
|
|
private static final String KEY_DEVICE_ADMIN_CATEGORY = "device_admin_category";
|
|
private static final String KEY_LOCK_AFTER_TIMEOUT = "lock_after_timeout";
|
|
private static final String KEY_OWNER_INFO_SETTINGS = "owner_info_settings";
|
|
private static final String KEY_ADVANCED_SECURITY = "advanced_security";
|
|
private static final String KEY_MANAGE_TRUST_AGENTS = "manage_trust_agents";
|
|
|
|
private static final int SET_OR_CHANGE_LOCK_METHOD_REQUEST = 123;
|
|
private static final int CONFIRM_EXISTING_FOR_BIOMETRIC_WEAK_IMPROVE_REQUEST = 124;
|
|
private static final int CONFIRM_EXISTING_FOR_BIOMETRIC_WEAK_LIVELINESS_OFF = 125;
|
|
private static final int CHANGE_TRUST_AGENT_SETTINGS = 126;
|
|
|
|
// Misc Settings
|
|
private static final String KEY_SIM_LOCK = "sim_lock";
|
|
private static final String KEY_SHOW_PASSWORD = "show_password";
|
|
private static final String KEY_CREDENTIAL_STORAGE_TYPE = "credential_storage_type";
|
|
private static final String KEY_RESET_CREDENTIALS = "credentials_reset";
|
|
private static final String KEY_CREDENTIALS_INSTALL = "credentials_install";
|
|
private static final String KEY_TOGGLE_INSTALL_APPLICATIONS = "toggle_install_applications";
|
|
private static final String KEY_POWER_INSTANTLY_LOCKS = "power_button_instantly_locks";
|
|
private static final String KEY_CREDENTIALS_MANAGER = "credentials_management";
|
|
private static final String PACKAGE_MIME_TYPE = "application/vnd.android.package-archive";
|
|
private static final String KEY_TRUST_AGENT = "trust_agent";
|
|
private static final String KEY_SCREEN_PINNING = "screen_pinning_settings";
|
|
|
|
// These switch preferences need special handling since they're not all stored in Settings.
|
|
private static final String SWITCH_PREFERENCE_KEYS[] = { KEY_LOCK_AFTER_TIMEOUT,
|
|
KEY_LOCK_ENABLED, KEY_VISIBLE_PATTERN, KEY_BIOMETRIC_WEAK_LIVELINESS,
|
|
KEY_POWER_INSTANTLY_LOCKS, KEY_SHOW_PASSWORD, KEY_TOGGLE_INSTALL_APPLICATIONS };
|
|
|
|
// Only allow one trust agent on the platform.
|
|
private static final boolean ONLY_ONE_TRUST_AGENT = true;
|
|
|
|
private DevicePolicyManager mDPM;
|
|
private SubscriptionManager mSubscriptionManager;
|
|
|
|
private ChooseLockSettingsHelper mChooseLockSettingsHelper;
|
|
private LockPatternUtils mLockPatternUtils;
|
|
private ListPreference mLockAfter;
|
|
|
|
private SwitchPreference mBiometricWeakLiveliness;
|
|
private SwitchPreference mVisiblePattern;
|
|
|
|
private SwitchPreference mShowPassword;
|
|
|
|
private KeyStore mKeyStore;
|
|
private Preference mResetCredentials;
|
|
|
|
private SwitchPreference mToggleAppInstallation;
|
|
private DialogInterface mWarnInstallApps;
|
|
private SwitchPreference mPowerButtonInstantlyLocks;
|
|
|
|
private boolean mIsPrimary;
|
|
|
|
private Intent mTrustAgentClickIntent;
|
|
|
|
@Override
|
|
public void onCreate(Bundle savedInstanceState) {
|
|
super.onCreate(savedInstanceState);
|
|
|
|
mSubscriptionManager = SubscriptionManager.from(getActivity());
|
|
|
|
mLockPatternUtils = new LockPatternUtils(getActivity());
|
|
|
|
mDPM = (DevicePolicyManager)getSystemService(Context.DEVICE_POLICY_SERVICE);
|
|
|
|
mChooseLockSettingsHelper = new ChooseLockSettingsHelper(getActivity());
|
|
|
|
if (savedInstanceState != null
|
|
&& savedInstanceState.containsKey(TRUST_AGENT_CLICK_INTENT)) {
|
|
mTrustAgentClickIntent = savedInstanceState.getParcelable(TRUST_AGENT_CLICK_INTENT);
|
|
}
|
|
}
|
|
|
|
private static int getResIdForLockUnlockScreen(Context context,
|
|
LockPatternUtils lockPatternUtils) {
|
|
int resid = 0;
|
|
if (!lockPatternUtils.isSecure()) {
|
|
// if there are multiple users, disable "None" setting
|
|
UserManager mUm = (UserManager) context. getSystemService(Context.USER_SERVICE);
|
|
List<UserInfo> users = mUm.getUsers(true);
|
|
final boolean singleUser = users.size() == 1;
|
|
|
|
if (singleUser && lockPatternUtils.isLockScreenDisabled()) {
|
|
resid = R.xml.security_settings_lockscreen;
|
|
} else {
|
|
resid = R.xml.security_settings_chooser;
|
|
}
|
|
} else if (lockPatternUtils.usingBiometricWeak() &&
|
|
lockPatternUtils.isBiometricWeakInstalled()) {
|
|
resid = R.xml.security_settings_biometric_weak;
|
|
} else {
|
|
switch (lockPatternUtils.getKeyguardStoredPasswordQuality()) {
|
|
case DevicePolicyManager.PASSWORD_QUALITY_SOMETHING:
|
|
resid = R.xml.security_settings_pattern;
|
|
break;
|
|
case DevicePolicyManager.PASSWORD_QUALITY_NUMERIC:
|
|
case DevicePolicyManager.PASSWORD_QUALITY_NUMERIC_COMPLEX:
|
|
resid = R.xml.security_settings_pin;
|
|
break;
|
|
case DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC:
|
|
case DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC:
|
|
case DevicePolicyManager.PASSWORD_QUALITY_COMPLEX:
|
|
resid = R.xml.security_settings_password;
|
|
break;
|
|
}
|
|
}
|
|
return resid;
|
|
}
|
|
|
|
/**
|
|
* Important!
|
|
*
|
|
* Don't forget to update the SecuritySearchIndexProvider if you are doing any change in the
|
|
* logic or adding/removing preferences here.
|
|
*/
|
|
private PreferenceScreen createPreferenceHierarchy() {
|
|
PreferenceScreen root = getPreferenceScreen();
|
|
if (root != null) {
|
|
root.removeAll();
|
|
}
|
|
addPreferencesFromResource(R.xml.security_settings);
|
|
root = getPreferenceScreen();
|
|
|
|
// Add options for lock/unlock screen
|
|
final int resid = getResIdForLockUnlockScreen(getActivity(), mLockPatternUtils);
|
|
addPreferencesFromResource(resid);
|
|
|
|
// Add options for device encryption
|
|
mIsPrimary = UserHandle.myUserId() == UserHandle.USER_OWNER;
|
|
|
|
if (!mIsPrimary) {
|
|
// Rename owner info settings
|
|
Preference ownerInfoPref = findPreference(KEY_OWNER_INFO_SETTINGS);
|
|
if (ownerInfoPref != null) {
|
|
if (UserManager.get(getActivity()).isLinkedUser()) {
|
|
ownerInfoPref.setTitle(R.string.profile_info_settings_title);
|
|
} else {
|
|
ownerInfoPref.setTitle(R.string.user_info_settings_title);
|
|
}
|
|
}
|
|
}
|
|
|
|
if (mIsPrimary) {
|
|
if (LockPatternUtils.isDeviceEncryptionEnabled()) {
|
|
// The device is currently encrypted.
|
|
addPreferencesFromResource(R.xml.security_settings_encrypted);
|
|
} else {
|
|
// This device supports encryption but isn't encrypted.
|
|
addPreferencesFromResource(R.xml.security_settings_unencrypted);
|
|
}
|
|
}
|
|
|
|
// Trust Agent preferences
|
|
PreferenceGroup securityCategory = (PreferenceGroup)
|
|
root.findPreference(KEY_SECURITY_CATEGORY);
|
|
if (securityCategory != null) {
|
|
final boolean hasSecurity = mLockPatternUtils.isSecure();
|
|
ArrayList<TrustAgentComponentInfo> agents =
|
|
getActiveTrustAgents(getPackageManager(), mLockPatternUtils);
|
|
for (int i = 0; i < agents.size(); i++) {
|
|
final TrustAgentComponentInfo agent = agents.get(i);
|
|
Preference trustAgentPreference =
|
|
new Preference(securityCategory.getContext());
|
|
trustAgentPreference.setKey(KEY_TRUST_AGENT);
|
|
trustAgentPreference.setTitle(agent.title);
|
|
trustAgentPreference.setSummary(agent.summary);
|
|
// Create intent for this preference.
|
|
Intent intent = new Intent();
|
|
intent.setComponent(agent.componentName);
|
|
intent.setAction(Intent.ACTION_MAIN);
|
|
trustAgentPreference.setIntent(intent);
|
|
// Add preference to the settings menu.
|
|
securityCategory.addPreference(trustAgentPreference);
|
|
if (!hasSecurity) {
|
|
trustAgentPreference.setEnabled(false);
|
|
trustAgentPreference.setSummary(R.string.disabled_because_no_backup_security);
|
|
}
|
|
}
|
|
}
|
|
|
|
// lock after preference
|
|
mLockAfter = (ListPreference) root.findPreference(KEY_LOCK_AFTER_TIMEOUT);
|
|
if (mLockAfter != null) {
|
|
setupLockAfterPreference();
|
|
updateLockAfterPreferenceSummary();
|
|
}
|
|
|
|
// biometric weak liveliness
|
|
mBiometricWeakLiveliness =
|
|
(SwitchPreference) root.findPreference(KEY_BIOMETRIC_WEAK_LIVELINESS);
|
|
|
|
// visible pattern
|
|
mVisiblePattern = (SwitchPreference) root.findPreference(KEY_VISIBLE_PATTERN);
|
|
|
|
// lock instantly on power key press
|
|
mPowerButtonInstantlyLocks = (SwitchPreference) root.findPreference(
|
|
KEY_POWER_INSTANTLY_LOCKS);
|
|
Preference trustAgentPreference = root.findPreference(KEY_TRUST_AGENT);
|
|
if (mPowerButtonInstantlyLocks != null &&
|
|
trustAgentPreference != null &&
|
|
trustAgentPreference.getTitle().length() > 0) {
|
|
mPowerButtonInstantlyLocks.setSummary(getString(
|
|
R.string.lockpattern_settings_power_button_instantly_locks_summary,
|
|
trustAgentPreference.getTitle()));
|
|
}
|
|
|
|
// don't display visible pattern if biometric and backup is not pattern
|
|
if (resid == R.xml.security_settings_biometric_weak &&
|
|
mLockPatternUtils.getKeyguardStoredPasswordQuality() !=
|
|
DevicePolicyManager.PASSWORD_QUALITY_SOMETHING) {
|
|
if (securityCategory != null && mVisiblePattern != null) {
|
|
securityCategory.removePreference(root.findPreference(KEY_VISIBLE_PATTERN));
|
|
}
|
|
}
|
|
|
|
// Append the rest of the settings
|
|
addPreferencesFromResource(R.xml.security_settings_misc);
|
|
|
|
// Do not display SIM lock for devices without an Icc card
|
|
TelephonyManager tm = TelephonyManager.getDefault();
|
|
if (!mIsPrimary || !isSimIccReady()) {
|
|
root.removePreference(root.findPreference(KEY_SIM_LOCK));
|
|
} else {
|
|
// Disable SIM lock if there is no ready SIM card.
|
|
root.findPreference(KEY_SIM_LOCK).setEnabled(isSimReady());
|
|
}
|
|
if (Settings.System.getInt(getContentResolver(),
|
|
Settings.System.LOCK_TO_APP_ENABLED, 0) != 0) {
|
|
root.findPreference(KEY_SCREEN_PINNING).setSummary(
|
|
getResources().getString(R.string.switch_on_text));
|
|
}
|
|
|
|
// Show password
|
|
mShowPassword = (SwitchPreference) root.findPreference(KEY_SHOW_PASSWORD);
|
|
mResetCredentials = root.findPreference(KEY_RESET_CREDENTIALS);
|
|
|
|
// Credential storage
|
|
final UserManager um = (UserManager) getActivity().getSystemService(Context.USER_SERVICE);
|
|
mKeyStore = KeyStore.getInstance(); // needs to be initialized for onResume()
|
|
if (!um.hasUserRestriction(UserManager.DISALLOW_CONFIG_CREDENTIALS)) {
|
|
Preference credentialStorageType = root.findPreference(KEY_CREDENTIAL_STORAGE_TYPE);
|
|
|
|
final int storageSummaryRes =
|
|
mKeyStore.isHardwareBacked() ? R.string.credential_storage_type_hardware
|
|
: R.string.credential_storage_type_software;
|
|
credentialStorageType.setSummary(storageSummaryRes);
|
|
} else {
|
|
PreferenceGroup credentialsManager = (PreferenceGroup)
|
|
root.findPreference(KEY_CREDENTIALS_MANAGER);
|
|
credentialsManager.removePreference(root.findPreference(KEY_RESET_CREDENTIALS));
|
|
credentialsManager.removePreference(root.findPreference(KEY_CREDENTIALS_INSTALL));
|
|
credentialsManager.removePreference(root.findPreference(KEY_CREDENTIAL_STORAGE_TYPE));
|
|
}
|
|
|
|
// Application install
|
|
PreferenceGroup deviceAdminCategory = (PreferenceGroup)
|
|
root.findPreference(KEY_DEVICE_ADMIN_CATEGORY);
|
|
mToggleAppInstallation = (SwitchPreference) findPreference(
|
|
KEY_TOGGLE_INSTALL_APPLICATIONS);
|
|
mToggleAppInstallation.setChecked(isNonMarketAppsAllowed());
|
|
// Side loading of apps.
|
|
// Disable for restricted profiles. For others, check if policy disallows it.
|
|
mToggleAppInstallation.setEnabled(!um.getUserInfo(UserHandle.myUserId()).isRestricted());
|
|
if (um.hasUserRestriction(UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES)
|
|
|| um.hasUserRestriction(UserManager.DISALLOW_INSTALL_APPS)) {
|
|
mToggleAppInstallation.setEnabled(false);
|
|
}
|
|
|
|
// Advanced Security features
|
|
PreferenceGroup advancedCategory =
|
|
(PreferenceGroup)root.findPreference(KEY_ADVANCED_SECURITY);
|
|
if (advancedCategory != null) {
|
|
Preference manageAgents = advancedCategory.findPreference(KEY_MANAGE_TRUST_AGENTS);
|
|
if (manageAgents != null && !mLockPatternUtils.isSecure()) {
|
|
manageAgents.setEnabled(false);
|
|
manageAgents.setSummary(R.string.disabled_because_no_backup_security);
|
|
}
|
|
}
|
|
|
|
// The above preferences come and go based on security state, so we need to update
|
|
// the index. This call is expected to be fairly cheap, but we may want to do something
|
|
// smarter in the future.
|
|
Index.getInstance(getActivity())
|
|
.updateFromClassNameResource(SecuritySettings.class.getName(), true, true);
|
|
|
|
for (int i = 0; i < SWITCH_PREFERENCE_KEYS.length; i++) {
|
|
final Preference pref = findPreference(SWITCH_PREFERENCE_KEYS[i]);
|
|
if (pref != null) pref.setOnPreferenceChangeListener(this);
|
|
}
|
|
return root;
|
|
}
|
|
|
|
/* Return true if a there is a Slot that has Icc.
|
|
*/
|
|
private boolean isSimIccReady() {
|
|
TelephonyManager tm = TelephonyManager.getDefault();
|
|
final List<SubscriptionInfo> subInfoList =
|
|
mSubscriptionManager.getActiveSubscriptionInfoList();
|
|
|
|
if (subInfoList != null) {
|
|
for (SubscriptionInfo subInfo : subInfoList) {
|
|
if (tm.hasIccCard(subInfo.getSubscriptionId())) {
|
|
return true;
|
|
}
|
|
}
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
/* Return true if a SIM is ready for locking.
|
|
* TODO: consider adding to TelephonyManager or SubscritpionManasger.
|
|
*/
|
|
private boolean isSimReady() {
|
|
int simState = TelephonyManager.SIM_STATE_UNKNOWN;
|
|
final List<SubscriptionInfo> subInfoList =
|
|
mSubscriptionManager.getActiveSubscriptionInfoList();
|
|
if (subInfoList != null) {
|
|
for (SubscriptionInfo subInfo : subInfoList) {
|
|
simState = TelephonyManager.getDefault().getSimState(subInfo.getSimSlotIndex());
|
|
if((simState != TelephonyManager.SIM_STATE_ABSENT) &&
|
|
(simState != TelephonyManager.SIM_STATE_UNKNOWN)){
|
|
return true;
|
|
}
|
|
}
|
|
}
|
|
return false;
|
|
}
|
|
|
|
private static ArrayList<TrustAgentComponentInfo> getActiveTrustAgents(
|
|
PackageManager pm, LockPatternUtils utils) {
|
|
ArrayList<TrustAgentComponentInfo> result = new ArrayList<TrustAgentComponentInfo>();
|
|
List<ResolveInfo> resolveInfos = pm.queryIntentServices(TRUST_AGENT_INTENT,
|
|
PackageManager.GET_META_DATA);
|
|
List<ComponentName> enabledTrustAgents = utils.getEnabledTrustAgents();
|
|
if (enabledTrustAgents != null && !enabledTrustAgents.isEmpty()) {
|
|
for (int i = 0; i < resolveInfos.size(); i++) {
|
|
ResolveInfo resolveInfo = resolveInfos.get(i);
|
|
if (resolveInfo.serviceInfo == null) continue;
|
|
if (!TrustAgentUtils.checkProvidePermission(resolveInfo, pm)) continue;
|
|
TrustAgentComponentInfo trustAgentComponentInfo =
|
|
TrustAgentUtils.getSettingsComponent(pm, resolveInfo);
|
|
if (trustAgentComponentInfo.componentName == null ||
|
|
!enabledTrustAgents.contains(
|
|
TrustAgentUtils.getComponentName(resolveInfo)) ||
|
|
TextUtils.isEmpty(trustAgentComponentInfo.title)) continue;
|
|
result.add(trustAgentComponentInfo);
|
|
if (ONLY_ONE_TRUST_AGENT) break;
|
|
}
|
|
}
|
|
return result;
|
|
}
|
|
|
|
private boolean isNonMarketAppsAllowed() {
|
|
return Settings.Global.getInt(getContentResolver(),
|
|
Settings.Global.INSTALL_NON_MARKET_APPS, 0) > 0;
|
|
}
|
|
|
|
private void setNonMarketAppsAllowed(boolean enabled) {
|
|
final UserManager um = (UserManager) getActivity().getSystemService(Context.USER_SERVICE);
|
|
if (um.hasUserRestriction(UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES)) {
|
|
return;
|
|
}
|
|
// Change the system setting
|
|
Settings.Global.putInt(getContentResolver(), Settings.Global.INSTALL_NON_MARKET_APPS,
|
|
enabled ? 1 : 0);
|
|
}
|
|
|
|
private void warnAppInstallation() {
|
|
// TODO: DialogFragment?
|
|
mWarnInstallApps = new AlertDialog.Builder(getActivity()).setTitle(
|
|
getResources().getString(R.string.error_title))
|
|
.setIcon(com.android.internal.R.drawable.ic_dialog_alert)
|
|
.setMessage(getResources().getString(R.string.install_all_warning))
|
|
.setPositiveButton(android.R.string.yes, this)
|
|
.setNegativeButton(android.R.string.no, this)
|
|
.show();
|
|
}
|
|
|
|
@Override
|
|
public void onClick(DialogInterface dialog, int which) {
|
|
if (dialog == mWarnInstallApps) {
|
|
boolean turnOn = which == DialogInterface.BUTTON_POSITIVE;
|
|
setNonMarketAppsAllowed(turnOn);
|
|
if (mToggleAppInstallation != null) {
|
|
mToggleAppInstallation.setChecked(turnOn);
|
|
}
|
|
}
|
|
}
|
|
|
|
@Override
|
|
public void onDestroy() {
|
|
super.onDestroy();
|
|
if (mWarnInstallApps != null) {
|
|
mWarnInstallApps.dismiss();
|
|
}
|
|
}
|
|
|
|
private void setupLockAfterPreference() {
|
|
// Compatible with pre-Froyo
|
|
long currentTimeout = Settings.Secure.getLong(getContentResolver(),
|
|
Settings.Secure.LOCK_SCREEN_LOCK_AFTER_TIMEOUT, 5000);
|
|
mLockAfter.setValue(String.valueOf(currentTimeout));
|
|
mLockAfter.setOnPreferenceChangeListener(this);
|
|
final long adminTimeout = (mDPM != null ? mDPM.getMaximumTimeToLock(null) : 0);
|
|
final long displayTimeout = Math.max(0,
|
|
Settings.System.getInt(getContentResolver(), SCREEN_OFF_TIMEOUT, 0));
|
|
if (adminTimeout > 0) {
|
|
// This setting is a slave to display timeout when a device policy is enforced.
|
|
// As such, maxLockTimeout = adminTimeout - displayTimeout.
|
|
// If there isn't enough time, shows "immediately" setting.
|
|
disableUnusableTimeouts(Math.max(0, adminTimeout - displayTimeout));
|
|
}
|
|
}
|
|
|
|
private void updateLockAfterPreferenceSummary() {
|
|
// Update summary message with current value
|
|
long currentTimeout = Settings.Secure.getLong(getContentResolver(),
|
|
Settings.Secure.LOCK_SCREEN_LOCK_AFTER_TIMEOUT, 5000);
|
|
final CharSequence[] entries = mLockAfter.getEntries();
|
|
final CharSequence[] values = mLockAfter.getEntryValues();
|
|
int best = 0;
|
|
for (int i = 0; i < values.length; i++) {
|
|
long timeout = Long.valueOf(values[i].toString());
|
|
if (currentTimeout >= timeout) {
|
|
best = i;
|
|
}
|
|
}
|
|
|
|
Preference preference = getPreferenceScreen().findPreference(KEY_TRUST_AGENT);
|
|
if (preference != null && preference.getTitle().length() > 0) {
|
|
mLockAfter.setSummary(getString(R.string.lock_after_timeout_summary_with_exception,
|
|
entries[best], preference.getTitle()));
|
|
} else {
|
|
mLockAfter.setSummary(getString(R.string.lock_after_timeout_summary, entries[best]));
|
|
}
|
|
}
|
|
|
|
private void disableUnusableTimeouts(long maxTimeout) {
|
|
final CharSequence[] entries = mLockAfter.getEntries();
|
|
final CharSequence[] values = mLockAfter.getEntryValues();
|
|
ArrayList<CharSequence> revisedEntries = new ArrayList<CharSequence>();
|
|
ArrayList<CharSequence> revisedValues = new ArrayList<CharSequence>();
|
|
for (int i = 0; i < values.length; i++) {
|
|
long timeout = Long.valueOf(values[i].toString());
|
|
if (timeout <= maxTimeout) {
|
|
revisedEntries.add(entries[i]);
|
|
revisedValues.add(values[i]);
|
|
}
|
|
}
|
|
if (revisedEntries.size() != entries.length || revisedValues.size() != values.length) {
|
|
mLockAfter.setEntries(
|
|
revisedEntries.toArray(new CharSequence[revisedEntries.size()]));
|
|
mLockAfter.setEntryValues(
|
|
revisedValues.toArray(new CharSequence[revisedValues.size()]));
|
|
final int userPreference = Integer.valueOf(mLockAfter.getValue());
|
|
if (userPreference <= maxTimeout) {
|
|
mLockAfter.setValue(String.valueOf(userPreference));
|
|
} else {
|
|
// There will be no highlighted selection since nothing in the list matches
|
|
// maxTimeout. The user can still select anything less than maxTimeout.
|
|
// TODO: maybe append maxTimeout to the list and mark selected.
|
|
}
|
|
}
|
|
mLockAfter.setEnabled(revisedEntries.size() > 0);
|
|
}
|
|
|
|
@Override
|
|
public void onSaveInstanceState(Bundle outState) {
|
|
super.onSaveInstanceState(outState);
|
|
if (mTrustAgentClickIntent != null) {
|
|
outState.putParcelable(TRUST_AGENT_CLICK_INTENT, mTrustAgentClickIntent);
|
|
}
|
|
}
|
|
|
|
@Override
|
|
public void onResume() {
|
|
super.onResume();
|
|
|
|
// Make sure we reload the preference hierarchy since some of these settings
|
|
// depend on others...
|
|
createPreferenceHierarchy();
|
|
|
|
final LockPatternUtils lockPatternUtils = mChooseLockSettingsHelper.utils();
|
|
if (mBiometricWeakLiveliness != null) {
|
|
mBiometricWeakLiveliness.setChecked(
|
|
lockPatternUtils.isBiometricWeakLivelinessEnabled());
|
|
}
|
|
if (mVisiblePattern != null) {
|
|
mVisiblePattern.setChecked(lockPatternUtils.isVisiblePatternEnabled());
|
|
}
|
|
if (mPowerButtonInstantlyLocks != null) {
|
|
mPowerButtonInstantlyLocks.setChecked(lockPatternUtils.getPowerButtonInstantlyLocks());
|
|
}
|
|
|
|
if (mShowPassword != null) {
|
|
mShowPassword.setChecked(Settings.System.getInt(getContentResolver(),
|
|
Settings.System.TEXT_SHOW_PASSWORD, 1) != 0);
|
|
}
|
|
|
|
if (mResetCredentials != null) {
|
|
mResetCredentials.setEnabled(!mKeyStore.isEmpty());
|
|
}
|
|
}
|
|
|
|
@Override
|
|
public boolean onPreferenceTreeClick(PreferenceScreen preferenceScreen, Preference preference) {
|
|
final String key = preference.getKey();
|
|
if (KEY_UNLOCK_SET_OR_CHANGE.equals(key)) {
|
|
startFragment(this, "com.android.settings.ChooseLockGeneric$ChooseLockGenericFragment",
|
|
R.string.lock_settings_picker_title, SET_OR_CHANGE_LOCK_METHOD_REQUEST, null);
|
|
} else if (KEY_BIOMETRIC_WEAK_IMPROVE_MATCHING.equals(key)) {
|
|
ChooseLockSettingsHelper helper =
|
|
new ChooseLockSettingsHelper(this.getActivity(), this);
|
|
if (!helper.launchConfirmationActivity(
|
|
CONFIRM_EXISTING_FOR_BIOMETRIC_WEAK_IMPROVE_REQUEST, null, null)) {
|
|
// If this returns false, it means no password confirmation is required, so
|
|
// go ahead and start improve.
|
|
// Note: currently a backup is required for biometric_weak so this code path
|
|
// can't be reached, but is here in case things change in the future
|
|
startBiometricWeakImprove();
|
|
}
|
|
} else if (KEY_TRUST_AGENT.equals(key)) {
|
|
ChooseLockSettingsHelper helper =
|
|
new ChooseLockSettingsHelper(this.getActivity(), this);
|
|
mTrustAgentClickIntent = preference.getIntent();
|
|
if (!helper.launchConfirmationActivity(CHANGE_TRUST_AGENT_SETTINGS, null, null) &&
|
|
mTrustAgentClickIntent != null) {
|
|
// If this returns false, it means no password confirmation is required.
|
|
startActivity(mTrustAgentClickIntent);
|
|
mTrustAgentClickIntent = null;
|
|
}
|
|
} else {
|
|
// If we didn't handle it, let preferences handle it.
|
|
return super.onPreferenceTreeClick(preferenceScreen, preference);
|
|
}
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* see confirmPatternThenDisableAndClear
|
|
*/
|
|
@Override
|
|
public void onActivityResult(int requestCode, int resultCode, Intent data) {
|
|
super.onActivityResult(requestCode, resultCode, data);
|
|
if (requestCode == CONFIRM_EXISTING_FOR_BIOMETRIC_WEAK_IMPROVE_REQUEST &&
|
|
resultCode == Activity.RESULT_OK) {
|
|
startBiometricWeakImprove();
|
|
return;
|
|
} else if (requestCode == CONFIRM_EXISTING_FOR_BIOMETRIC_WEAK_LIVELINESS_OFF &&
|
|
resultCode == Activity.RESULT_OK) {
|
|
final LockPatternUtils lockPatternUtils = mChooseLockSettingsHelper.utils();
|
|
lockPatternUtils.setBiometricWeakLivelinessEnabled(false);
|
|
// Setting the mBiometricWeakLiveliness checked value to false is handled when onResume
|
|
// is called by grabbing the value from lockPatternUtils. We can't set it here
|
|
// because mBiometricWeakLiveliness could be null
|
|
return;
|
|
} else if (requestCode == CHANGE_TRUST_AGENT_SETTINGS && resultCode == Activity.RESULT_OK) {
|
|
if (mTrustAgentClickIntent != null) {
|
|
startActivity(mTrustAgentClickIntent);
|
|
mTrustAgentClickIntent = null;
|
|
}
|
|
return;
|
|
}
|
|
createPreferenceHierarchy();
|
|
}
|
|
|
|
@Override
|
|
public boolean onPreferenceChange(Preference preference, Object value) {
|
|
boolean result = true;
|
|
final String key = preference.getKey();
|
|
final LockPatternUtils lockPatternUtils = mChooseLockSettingsHelper.utils();
|
|
if (KEY_LOCK_AFTER_TIMEOUT.equals(key)) {
|
|
int timeout = Integer.parseInt((String) value);
|
|
try {
|
|
Settings.Secure.putInt(getContentResolver(),
|
|
Settings.Secure.LOCK_SCREEN_LOCK_AFTER_TIMEOUT, timeout);
|
|
} catch (NumberFormatException e) {
|
|
Log.e("SecuritySettings", "could not persist lockAfter timeout setting", e);
|
|
}
|
|
updateLockAfterPreferenceSummary();
|
|
} else if (KEY_LOCK_ENABLED.equals(key)) {
|
|
lockPatternUtils.setLockPatternEnabled((Boolean) value);
|
|
} else if (KEY_VISIBLE_PATTERN.equals(key)) {
|
|
lockPatternUtils.setVisiblePatternEnabled((Boolean) value);
|
|
} else if (KEY_BIOMETRIC_WEAK_LIVELINESS.equals(key)) {
|
|
if ((Boolean) value) {
|
|
lockPatternUtils.setBiometricWeakLivelinessEnabled(true);
|
|
} else {
|
|
// In this case the user has just unchecked the checkbox, but this action requires
|
|
// them to confirm their password. We need to re-check the checkbox until
|
|
// they've confirmed their password
|
|
mBiometricWeakLiveliness.setChecked(true);
|
|
ChooseLockSettingsHelper helper =
|
|
new ChooseLockSettingsHelper(this.getActivity(), this);
|
|
if (!helper.launchConfirmationActivity(
|
|
CONFIRM_EXISTING_FOR_BIOMETRIC_WEAK_LIVELINESS_OFF, null, null)) {
|
|
// If this returns false, it means no password confirmation is required, so
|
|
// go ahead and uncheck it here.
|
|
// Note: currently a backup is required for biometric_weak so this code path
|
|
// can't be reached, but is here in case things change in the future
|
|
lockPatternUtils.setBiometricWeakLivelinessEnabled(false);
|
|
mBiometricWeakLiveliness.setChecked(false);
|
|
}
|
|
}
|
|
} else if (KEY_POWER_INSTANTLY_LOCKS.equals(key)) {
|
|
mLockPatternUtils.setPowerButtonInstantlyLocks((Boolean) value);
|
|
} else if (KEY_SHOW_PASSWORD.equals(key)) {
|
|
Settings.System.putInt(getContentResolver(), Settings.System.TEXT_SHOW_PASSWORD,
|
|
((Boolean) value) ? 1 : 0);
|
|
} else if (KEY_TOGGLE_INSTALL_APPLICATIONS.equals(key)) {
|
|
if ((Boolean) value) {
|
|
mToggleAppInstallation.setChecked(false);
|
|
warnAppInstallation();
|
|
// Don't change Switch status until user makes choice in dialog, so return false.
|
|
result = false;
|
|
} else {
|
|
setNonMarketAppsAllowed(false);
|
|
}
|
|
}
|
|
return result;
|
|
}
|
|
|
|
@Override
|
|
protected int getHelpResource() {
|
|
return R.string.help_url_security;
|
|
}
|
|
|
|
public void startBiometricWeakImprove(){
|
|
Intent intent = new Intent();
|
|
intent.setClassName("com.android.facelock", "com.android.facelock.AddToSetup");
|
|
startActivity(intent);
|
|
}
|
|
|
|
/**
|
|
* For Search. Please keep it in sync when updating "createPreferenceHierarchy()"
|
|
*/
|
|
public static final SearchIndexProvider SEARCH_INDEX_DATA_PROVIDER =
|
|
new SecuritySearchIndexProvider();
|
|
|
|
private static class SecuritySearchIndexProvider extends BaseSearchIndexProvider {
|
|
|
|
boolean mIsPrimary;
|
|
|
|
public SecuritySearchIndexProvider() {
|
|
super();
|
|
|
|
mIsPrimary = UserHandle.myUserId() == UserHandle.USER_OWNER;
|
|
}
|
|
|
|
@Override
|
|
public List<SearchIndexableResource> getXmlResourcesToIndex(
|
|
Context context, boolean enabled) {
|
|
|
|
List<SearchIndexableResource> result = new ArrayList<SearchIndexableResource>();
|
|
|
|
LockPatternUtils lockPatternUtils = new LockPatternUtils(context);
|
|
// Add options for lock/unlock screen
|
|
int resId = getResIdForLockUnlockScreen(context, lockPatternUtils);
|
|
|
|
SearchIndexableResource sir = new SearchIndexableResource(context);
|
|
sir.xmlResId = resId;
|
|
result.add(sir);
|
|
|
|
if (mIsPrimary) {
|
|
DevicePolicyManager dpm = (DevicePolicyManager)
|
|
context.getSystemService(Context.DEVICE_POLICY_SERVICE);
|
|
|
|
switch (dpm.getStorageEncryptionStatus()) {
|
|
case DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE:
|
|
// The device is currently encrypted.
|
|
resId = R.xml.security_settings_encrypted;
|
|
break;
|
|
case DevicePolicyManager.ENCRYPTION_STATUS_INACTIVE:
|
|
// This device supports encryption but isn't encrypted.
|
|
resId = R.xml.security_settings_unencrypted;
|
|
break;
|
|
}
|
|
|
|
sir = new SearchIndexableResource(context);
|
|
sir.xmlResId = resId;
|
|
result.add(sir);
|
|
}
|
|
|
|
// Append the rest of the settings
|
|
sir = new SearchIndexableResource(context);
|
|
sir.xmlResId = R.xml.security_settings_misc;
|
|
result.add(sir);
|
|
|
|
return result;
|
|
}
|
|
|
|
@Override
|
|
public List<SearchIndexableRaw> getRawDataToIndex(Context context, boolean enabled) {
|
|
final List<SearchIndexableRaw> result = new ArrayList<SearchIndexableRaw>();
|
|
final Resources res = context.getResources();
|
|
|
|
final String screenTitle = res.getString(R.string.security_settings_title);
|
|
|
|
SearchIndexableRaw data = new SearchIndexableRaw(context);
|
|
data.title = screenTitle;
|
|
data.screenTitle = screenTitle;
|
|
result.add(data);
|
|
|
|
if (!mIsPrimary) {
|
|
int resId = (UserManager.get(context).isLinkedUser()) ?
|
|
R.string.profile_info_settings_title : R.string.user_info_settings_title;
|
|
|
|
data = new SearchIndexableRaw(context);
|
|
data.title = res.getString(resId);
|
|
data.screenTitle = screenTitle;
|
|
result.add(data);
|
|
}
|
|
|
|
// Credential storage
|
|
final UserManager um = (UserManager) context.getSystemService(Context.USER_SERVICE);
|
|
|
|
if (!um.hasUserRestriction(UserManager.DISALLOW_CONFIG_CREDENTIALS)) {
|
|
KeyStore keyStore = KeyStore.getInstance();
|
|
|
|
final int storageSummaryRes = keyStore.isHardwareBacked() ?
|
|
R.string.credential_storage_type_hardware :
|
|
R.string.credential_storage_type_software;
|
|
|
|
data = new SearchIndexableRaw(context);
|
|
data.title = res.getString(storageSummaryRes);
|
|
data.screenTitle = screenTitle;
|
|
result.add(data);
|
|
}
|
|
|
|
// Advanced
|
|
final LockPatternUtils lockPatternUtils = new LockPatternUtils(context);
|
|
if (lockPatternUtils.isSecure()) {
|
|
ArrayList<TrustAgentComponentInfo> agents =
|
|
getActiveTrustAgents(context.getPackageManager(), lockPatternUtils);
|
|
for (int i = 0; i < agents.size(); i++) {
|
|
final TrustAgentComponentInfo agent = agents.get(i);
|
|
data = new SearchIndexableRaw(context);
|
|
data.title = agent.title;
|
|
data.screenTitle = screenTitle;
|
|
result.add(data);
|
|
}
|
|
}
|
|
return result;
|
|
}
|
|
|
|
@Override
|
|
public List<String> getNonIndexableKeys(Context context) {
|
|
final List<String> keys = new ArrayList<String>();
|
|
|
|
LockPatternUtils lockPatternUtils = new LockPatternUtils(context);
|
|
// Add options for lock/unlock screen
|
|
int resId = getResIdForLockUnlockScreen(context, lockPatternUtils);
|
|
|
|
// don't display visible pattern if biometric and backup is not pattern
|
|
if (resId == R.xml.security_settings_biometric_weak &&
|
|
lockPatternUtils.getKeyguardStoredPasswordQuality() !=
|
|
DevicePolicyManager.PASSWORD_QUALITY_SOMETHING) {
|
|
keys.add(KEY_VISIBLE_PATTERN);
|
|
}
|
|
|
|
// Do not display SIM lock for devices without an Icc card
|
|
TelephonyManager tm = TelephonyManager.getDefault();
|
|
if (!mIsPrimary || !tm.hasIccCard()) {
|
|
keys.add(KEY_SIM_LOCK);
|
|
}
|
|
|
|
final UserManager um = (UserManager) context.getSystemService(Context.USER_SERVICE);
|
|
if (um.hasUserRestriction(UserManager.DISALLOW_CONFIG_CREDENTIALS)) {
|
|
keys.add(KEY_CREDENTIALS_MANAGER);
|
|
}
|
|
|
|
// TrustAgent settings disappear when the user has no primary security.
|
|
if (!lockPatternUtils.isSecure()) {
|
|
keys.add(KEY_TRUST_AGENT);
|
|
keys.add(KEY_MANAGE_TRUST_AGENTS);
|
|
}
|
|
|
|
return keys;
|
|
}
|
|
}
|
|
|
|
}
|