/*
|
* Copyright (C) 2016 The Android Open Source Project
|
*
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
* you may not use this file except in compliance with the License.
|
* You may obtain a copy of the License at
|
*
|
* http://www.apache.org/licenses/LICENSE-2.0
|
*
|
* Unless required by applicable law or agreed to in writing, software
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
* See the License for the specific language governing permissions and
|
* limitations under the License.
|
*/
|
|
package com.android.settings.password;
|
|
import static android.app.admin.DevicePolicyManager.ACTION_SET_NEW_PASSWORD;
|
import static android.app.admin.DevicePolicyManager.KEYGUARD_DISABLE_FACE;
|
import static android.app.admin.DevicePolicyManager.KEYGUARD_DISABLE_FINGERPRINT;
|
import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_SOMETHING;
|
|
import static com.android.internal.util.Preconditions.checkNotNull;
|
|
import android.annotation.Nullable;
|
import android.app.ActivityManager;
|
import android.app.admin.DevicePolicyManager;
|
import android.content.Context;
|
import android.content.Intent;
|
import android.content.pm.PackageManager;
|
import android.hardware.face.FaceManager;
|
import android.hardware.fingerprint.FingerprintManager;
|
import android.os.Bundle;
|
import android.os.IBinder;
|
import android.os.UserManager;
|
|
import androidx.annotation.VisibleForTesting;
|
|
import com.android.internal.widget.LockPatternUtils;
|
import com.android.settings.Utils;
|
|
/**
|
* Business logic for {@link SetNewPasswordActivity}.
|
*
|
* <p>On devices that supports fingerprint, this controller directs the user to configure
|
* fingerprint + a backup password if the device admin allows fingerprint for keyguard and
|
* the user has never configured a fingerprint before.
|
*/
|
final class SetNewPasswordController {
|
|
interface Ui {
|
/** Starts the {@link ChooseLockGeneric} activity with the given extras. */
|
void launchChooseLock(Bundle chooseLockFingerprintExtras);
|
}
|
|
/**
|
* Which user is setting new password.
|
*/
|
private final int mTargetUserId;
|
private final PackageManager mPackageManager;
|
@Nullable
|
private final FingerprintManager mFingerprintManager;
|
@Nullable
|
private final FaceManager mFaceManager;
|
private final DevicePolicyManager mDevicePolicyManager;
|
private final Ui mUi;
|
|
public static SetNewPasswordController create(Context context, Ui ui, Intent intent,
|
IBinder activityToken) {
|
// Trying to figure out which user is setting new password. If it is
|
// ACTION_SET_NEW_PARENT_PROFILE_PASSWORD or the calling user is not allowed to set
|
// separate profile challenge, it is the current user to set new password. Otherwise,
|
// it is the user who starts this activity setting new password.
|
int userId = ActivityManager.getCurrentUser();
|
if (ACTION_SET_NEW_PASSWORD.equals(intent.getAction())) {
|
final int callingUserId = Utils.getSecureTargetUser(activityToken,
|
UserManager.get(context), null, intent.getExtras()).getIdentifier();
|
final LockPatternUtils lockPatternUtils = new LockPatternUtils(context);
|
if (lockPatternUtils.isSeparateProfileChallengeAllowed(callingUserId)) {
|
userId = callingUserId;
|
}
|
}
|
// Create a wrapper of FingerprintManager for testing, see IFingerPrintManager for details.
|
final FingerprintManager fingerprintManager = Utils.getFingerprintManagerOrNull(context);
|
final FaceManager faceManager = Utils.getFaceManagerOrNull(context);
|
return new SetNewPasswordController(userId,
|
context.getPackageManager(),
|
fingerprintManager, faceManager,
|
(DevicePolicyManager) context.getSystemService(Context.DEVICE_POLICY_SERVICE), ui);
|
}
|
|
@VisibleForTesting
|
SetNewPasswordController(
|
int targetUserId,
|
PackageManager packageManager,
|
FingerprintManager fingerprintManager,
|
FaceManager faceManager,
|
DevicePolicyManager devicePolicyManager,
|
Ui ui) {
|
mTargetUserId = targetUserId;
|
mPackageManager = checkNotNull(packageManager);
|
mFingerprintManager = fingerprintManager;
|
mFaceManager = faceManager;
|
mDevicePolicyManager = checkNotNull(devicePolicyManager);
|
mUi = checkNotNull(ui);
|
}
|
|
/**
|
* Dispatches the set new password intent to the correct activity that handles it.
|
*/
|
public void dispatchSetNewPasswordIntent() {
|
final Bundle extras;
|
// TODO: handle the case with multiple biometrics, perhaps take an arg for biometric type?
|
if (mPackageManager.hasSystemFeature(PackageManager.FEATURE_FACE)
|
&& mFaceManager != null
|
&& mFaceManager.isHardwareDetected()
|
&& !mFaceManager.hasEnrolledTemplates(mTargetUserId)
|
&& !isFaceDisabledByAdmin()) {
|
extras = getFaceChooseLockExtras();
|
} else if (mPackageManager.hasSystemFeature(PackageManager.FEATURE_FINGERPRINT)
|
&& mFingerprintManager != null
|
&& mFingerprintManager.isHardwareDetected()
|
&& !mFingerprintManager.hasEnrolledFingerprints(mTargetUserId)
|
&& !isFingerprintDisabledByAdmin()) {
|
extras = getFingerprintChooseLockExtras();
|
} else {
|
extras = new Bundle();
|
}
|
// No matter we show fingerprint options or not, we should tell the next activity which
|
// user is setting new password.
|
extras.putInt(Intent.EXTRA_USER_ID, mTargetUserId);
|
mUi.launchChooseLock(extras);
|
}
|
|
private Bundle getFingerprintChooseLockExtras() {
|
Bundle chooseLockExtras = new Bundle();
|
long challenge = mFingerprintManager.preEnroll();
|
chooseLockExtras.putInt(ChooseLockGeneric.ChooseLockGenericFragment.MINIMUM_QUALITY_KEY,
|
PASSWORD_QUALITY_SOMETHING);
|
chooseLockExtras.putBoolean(
|
ChooseLockGeneric.ChooseLockGenericFragment.HIDE_DISABLED_PREFS, true);
|
chooseLockExtras.putBoolean(ChooseLockSettingsHelper.EXTRA_KEY_HAS_CHALLENGE, true);
|
chooseLockExtras.putLong(ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE, challenge);
|
chooseLockExtras.putBoolean(ChooseLockSettingsHelper.EXTRA_KEY_FOR_FINGERPRINT, true);
|
return chooseLockExtras;
|
}
|
|
private Bundle getFaceChooseLockExtras() {
|
Bundle chooseLockExtras = new Bundle();
|
long challenge = mFaceManager.generateChallenge();
|
chooseLockExtras.putInt(ChooseLockGeneric.ChooseLockGenericFragment.MINIMUM_QUALITY_KEY,
|
PASSWORD_QUALITY_SOMETHING);
|
chooseLockExtras.putBoolean(
|
ChooseLockGeneric.ChooseLockGenericFragment.HIDE_DISABLED_PREFS, true);
|
chooseLockExtras.putBoolean(ChooseLockSettingsHelper.EXTRA_KEY_HAS_CHALLENGE, true);
|
chooseLockExtras.putLong(ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE, challenge);
|
chooseLockExtras.putBoolean(ChooseLockSettingsHelper.EXTRA_KEY_FOR_FACE, true);
|
return chooseLockExtras;
|
}
|
|
private boolean isFingerprintDisabledByAdmin() {
|
int disabledFeatures =
|
mDevicePolicyManager.getKeyguardDisabledFeatures(null, mTargetUserId);
|
return (disabledFeatures & KEYGUARD_DISABLE_FINGERPRINT) != 0;
|
}
|
|
private boolean isFaceDisabledByAdmin() {
|
int disabledFeatures =
|
mDevicePolicyManager.getKeyguardDisabledFeatures(null, mTargetUserId);
|
return (disabledFeatures & KEYGUARD_DISABLE_FACE) != 0;
|
}
|
}
|
