81610543a9
- change password category title to Privacy and move Location into it. - remove Advanced security preference category - remove SIM card preference category and move the SIM card lock preferece down. - move Encryption and Credential settings to a separate screen. Bug: 34976707 Test: make RunSettingsRoboTests Change-Id: Iebaba4a8aad135fa88f163de0b60b488fd9510d0
269 lines
10 KiB
Java
269 lines
10 KiB
Java
/*
|
|
* Copyright (C) 2007 The Android Open Source Project
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
package com.android.settings;
|
|
|
|
import android.app.Activity;
|
|
import android.app.admin.DevicePolicyManager;
|
|
import android.content.Context;
|
|
import android.content.Intent;
|
|
import android.content.res.Resources;
|
|
import android.os.Bundle;
|
|
import android.os.UserHandle;
|
|
import android.os.UserManager;
|
|
import android.provider.SearchIndexableResource;
|
|
import android.security.KeyStore;
|
|
import android.support.v7.preference.PreferenceGroup;
|
|
import android.support.v7.preference.PreferenceScreen;
|
|
|
|
import com.android.internal.logging.nano.MetricsProto.MetricsEvent;
|
|
import com.android.internal.widget.LockPatternUtils;
|
|
import com.android.settings.dashboard.DashboardFragment;
|
|
import com.android.settings.search.BaseSearchIndexProvider;
|
|
import com.android.settings.search.Indexable;
|
|
import com.android.settings.search.SearchIndexableRaw;
|
|
import com.android.settingslib.RestrictedLockUtils;
|
|
import com.android.settingslib.RestrictedPreference;
|
|
|
|
import java.util.ArrayList;
|
|
import java.util.List;
|
|
|
|
/**
|
|
* Encryption and Credential settings.
|
|
* TODO: Extends this from {@link DashboardFragment} instead
|
|
*/
|
|
public class EncryptionAndCredential extends SettingsPreferenceFragment implements Indexable {
|
|
|
|
private static final String TAG = "EncryptionAndCredential";
|
|
|
|
// Misc Settings
|
|
private static final String KEY_CREDENTIAL_STORAGE_TYPE = "credential_storage_type";
|
|
private static final String KEY_USER_CREDENTIALS = "user_credentials";
|
|
private static final String KEY_RESET_CREDENTIALS = "credentials_reset";
|
|
private static final String KEY_CREDENTIALS_INSTALL = "credentials_install";
|
|
private static final String KEY_CREDENTIALS_MANAGER = "credentials_management";
|
|
|
|
private static final int MY_USER_ID = UserHandle.myUserId();
|
|
|
|
private UserManager mUm;
|
|
|
|
private KeyStore mKeyStore;
|
|
private RestrictedPreference mResetCredentials;
|
|
|
|
private boolean mIsAdmin;
|
|
|
|
@Override
|
|
public int getMetricsCategory() {
|
|
return MetricsEvent.SECURITY;
|
|
}
|
|
|
|
@Override
|
|
public void onCreate(Bundle savedInstanceState) {
|
|
super.onCreate(savedInstanceState);
|
|
|
|
final Activity activity = getActivity();
|
|
|
|
mUm = UserManager.get(activity);
|
|
}
|
|
|
|
/**
|
|
* Important!
|
|
*
|
|
* Don't forget to update the SecuritySearchIndexProvider if you are doing any change in the
|
|
* logic or adding/removing preferences here.
|
|
*/
|
|
private PreferenceScreen createPreferenceHierarchy() {
|
|
PreferenceScreen root = getPreferenceScreen();
|
|
if (root != null) {
|
|
root.removeAll();
|
|
}
|
|
addPreferencesFromResource(R.xml.encryption_and_credential);
|
|
root = getPreferenceScreen();
|
|
|
|
// Add options for device encryption
|
|
mIsAdmin = mUm.isAdminUser();
|
|
|
|
if (mIsAdmin) {
|
|
if (LockPatternUtils.isDeviceEncryptionEnabled()) {
|
|
// The device is currently encrypted.
|
|
addPreferencesFromResource(R.xml.security_settings_encrypted);
|
|
} else {
|
|
// This device supports encryption but isn't encrypted.
|
|
addPreferencesFromResource(R.xml.security_settings_unencrypted);
|
|
}
|
|
}
|
|
|
|
|
|
// Credential storage
|
|
mKeyStore = KeyStore.getInstance(); // needs to be initialized for onResume()
|
|
|
|
if (!RestrictedLockUtils.hasBaseUserRestriction(getActivity(),
|
|
UserManager.DISALLOW_CONFIG_CREDENTIALS, MY_USER_ID)) {
|
|
RestrictedPreference userCredentials = (RestrictedPreference) root.findPreference(
|
|
KEY_USER_CREDENTIALS);
|
|
userCredentials.checkRestrictionAndSetDisabled(
|
|
UserManager.DISALLOW_CONFIG_CREDENTIALS);
|
|
RestrictedPreference credentialStorageType = (RestrictedPreference) root.findPreference(
|
|
KEY_CREDENTIAL_STORAGE_TYPE);
|
|
credentialStorageType.checkRestrictionAndSetDisabled(
|
|
UserManager.DISALLOW_CONFIG_CREDENTIALS);
|
|
RestrictedPreference installCredentials = (RestrictedPreference) root.findPreference(
|
|
KEY_CREDENTIALS_INSTALL);
|
|
installCredentials.checkRestrictionAndSetDisabled(
|
|
UserManager.DISALLOW_CONFIG_CREDENTIALS);
|
|
mResetCredentials = (RestrictedPreference) root.findPreference(KEY_RESET_CREDENTIALS);
|
|
mResetCredentials.checkRestrictionAndSetDisabled(
|
|
UserManager.DISALLOW_CONFIG_CREDENTIALS);
|
|
|
|
final int storageSummaryRes =
|
|
mKeyStore.isHardwareBacked() ? R.string.credential_storage_type_hardware
|
|
: R.string.credential_storage_type_software;
|
|
credentialStorageType.setSummary(storageSummaryRes);
|
|
} else {
|
|
PreferenceGroup credentialsManager = (PreferenceGroup)
|
|
root.findPreference(KEY_CREDENTIALS_MANAGER);
|
|
credentialsManager.removePreference(root.findPreference(KEY_RESET_CREDENTIALS));
|
|
credentialsManager.removePreference(root.findPreference(KEY_CREDENTIALS_INSTALL));
|
|
credentialsManager.removePreference(root.findPreference(KEY_CREDENTIAL_STORAGE_TYPE));
|
|
credentialsManager.removePreference(root.findPreference(KEY_USER_CREDENTIALS));
|
|
}
|
|
|
|
return root;
|
|
}
|
|
|
|
@Override
|
|
public void onResume() {
|
|
super.onResume();
|
|
|
|
// Make sure we reload the preference hierarchy since some of these settings
|
|
// depend on others...
|
|
createPreferenceHierarchy();
|
|
|
|
if (mResetCredentials != null && !mResetCredentials.isDisabledByAdmin()) {
|
|
mResetCredentials.setEnabled(!mKeyStore.isEmpty());
|
|
}
|
|
}
|
|
|
|
/**
|
|
* see confirmPatternThenDisableAndClear
|
|
*/
|
|
@Override
|
|
public void onActivityResult(int requestCode, int resultCode, Intent data) {
|
|
super.onActivityResult(requestCode, resultCode, data);
|
|
createPreferenceHierarchy();
|
|
}
|
|
|
|
@Override
|
|
protected int getHelpResource() {
|
|
return R.string.help_url_security;
|
|
}
|
|
|
|
/**
|
|
* For Search. Please keep it in sync when updating "createPreferenceHierarchy()"
|
|
*/
|
|
public static final SearchIndexProvider SEARCH_INDEX_DATA_PROVIDER =
|
|
new SecuritySearchIndexProvider();
|
|
|
|
private static class SecuritySearchIndexProvider extends BaseSearchIndexProvider {
|
|
|
|
@Override
|
|
public List<SearchIndexableResource> getXmlResourcesToIndex(
|
|
Context context, boolean enabled) {
|
|
final List<SearchIndexableResource> index = new ArrayList<SearchIndexableResource>();
|
|
|
|
final DevicePolicyManager dpm = (DevicePolicyManager)
|
|
context.getSystemService(Context.DEVICE_POLICY_SERVICE);
|
|
final UserManager um = UserManager.get(context);
|
|
|
|
if (um.isAdminUser()) {
|
|
switch (dpm.getStorageEncryptionStatus()) {
|
|
case DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE:
|
|
// The device is currently encrypted.
|
|
index.add(getSearchResource(context, R.xml.security_settings_encrypted));
|
|
break;
|
|
case DevicePolicyManager.ENCRYPTION_STATUS_INACTIVE:
|
|
// This device supports encryption but isn't encrypted.
|
|
index.add(getSearchResource(context, R.xml.security_settings_unencrypted));
|
|
break;
|
|
}
|
|
}
|
|
|
|
return index;
|
|
}
|
|
|
|
private SearchIndexableResource getSearchResource(Context context, int xmlResId) {
|
|
final SearchIndexableResource sir = new SearchIndexableResource(context);
|
|
sir.xmlResId = xmlResId;
|
|
return sir;
|
|
}
|
|
|
|
@Override
|
|
public List<SearchIndexableRaw> getRawDataToIndex(Context context, boolean enabled) {
|
|
final List<SearchIndexableRaw> result = new ArrayList<SearchIndexableRaw>();
|
|
final Resources res = context.getResources();
|
|
|
|
final String screenTitle = res.getString(
|
|
R.string.encryption_and_credential_settings_title);
|
|
|
|
SearchIndexableRaw data = new SearchIndexableRaw(context);
|
|
data.title = screenTitle;
|
|
data.screenTitle = screenTitle;
|
|
result.add(data);
|
|
|
|
final UserManager um = UserManager.get(context);
|
|
if (!um.isAdminUser()) {
|
|
int resId = um.isLinkedUser() ?
|
|
R.string.profile_info_settings_title : R.string.user_info_settings_title;
|
|
|
|
data = new SearchIndexableRaw(context);
|
|
data.title = res.getString(resId);
|
|
data.screenTitle = screenTitle;
|
|
result.add(data);
|
|
}
|
|
|
|
// Credential storage
|
|
if (!um.hasUserRestriction(UserManager.DISALLOW_CONFIG_CREDENTIALS)) {
|
|
KeyStore keyStore = KeyStore.getInstance();
|
|
|
|
final int storageSummaryRes = keyStore.isHardwareBacked() ?
|
|
R.string.credential_storage_type_hardware :
|
|
R.string.credential_storage_type_software;
|
|
|
|
data = new SearchIndexableRaw(context);
|
|
data.title = res.getString(storageSummaryRes);
|
|
data.screenTitle = screenTitle;
|
|
result.add(data);
|
|
}
|
|
|
|
return result;
|
|
}
|
|
|
|
@Override
|
|
public List<String> getNonIndexableKeys(Context context) {
|
|
final List<String> keys = new ArrayList<String>();
|
|
|
|
final UserManager um = UserManager.get(context);
|
|
|
|
if (um.hasUserRestriction(UserManager.DISALLOW_CONFIG_CREDENTIALS)) {
|
|
keys.add(KEY_CREDENTIALS_MANAGER);
|
|
}
|
|
|
|
return keys;
|
|
}
|
|
}
|
|
|
|
}
|