2 * Copyright (C) 2007 The Android Open Source Project
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 package com.android.settings;
20 import android.app.Activity;
21 import android.app.AlertDialog;
22 import android.app.admin.DevicePolicyManager;
23 import android.content.ComponentName;
24 import android.content.Context;
25 import android.content.DialogInterface;
26 import android.content.Intent;
27 import android.content.pm.PackageManager;
28 import android.content.pm.ResolveInfo;
29 import android.content.res.Resources;
30 import android.hardware.fingerprint.Fingerprint;
31 import android.hardware.fingerprint.FingerprintManager;
32 import android.os.Bundle;
33 import android.os.PersistableBundle;
34 import android.os.UserHandle;
35 import android.os.UserManager;
36 import android.preference.ListPreference;
37 import android.preference.Preference;
38 import android.preference.Preference.OnPreferenceChangeListener;
39 import android.preference.Preference.OnPreferenceClickListener;
40 import android.preference.PreferenceGroup;
41 import android.preference.PreferenceScreen;
42 import android.preference.SwitchPreference;
43 import android.provider.SearchIndexableResource;
44 import android.provider.Settings;
45 import android.security.KeyStore;
46 import android.service.trust.TrustAgentService;
47 import android.telephony.CarrierConfigManager;
48 import android.telephony.SubscriptionInfo;
49 import android.telephony.SubscriptionManager;
50 import android.telephony.TelephonyManager;
51 import android.text.TextUtils;
52 import android.util.Log;
54 import com.android.internal.logging.MetricsLogger;
55 import com.android.internal.widget.LockPatternUtils;
56 import com.android.settings.Settings.LockScreenSettingsActivity;
57 import com.android.settings.TrustAgentUtils.TrustAgentComponentInfo;
58 import com.android.settings.cyanogenmod.LiveLockScreenSettings;
59 import com.android.settings.fingerprint.FingerprintEnrollIntroduction;
60 import com.android.settings.fingerprint.FingerprintSettings;
61 import com.android.settings.search.BaseSearchIndexProvider;
62 import com.android.settings.search.Index;
63 import com.android.settings.search.Indexable;
64 import com.android.settings.search.SearchIndexableRaw;
66 import org.cyanogenmod.internal.util.CmLockPatternUtils;
68 import cyanogenmod.providers.CMSettings;
70 import java.util.ArrayList;
71 import java.util.List;
73 import static android.provider.Settings.System.SCREEN_OFF_TIMEOUT;
74 import static cyanogenmod.content.Intent.ACTION_OPEN_LIVE_LOCKSCREEN_SETTINGS;
77 * Gesture lock pattern settings.
79 public class SecuritySettings extends SettingsPreferenceFragment
80 implements OnPreferenceChangeListener, DialogInterface.OnClickListener, Indexable {
82 private static final String TAG = "SecuritySettings";
83 private static final String TRUST_AGENT_CLICK_INTENT = "trust_agent_click_intent";
84 private static final Intent TRUST_AGENT_INTENT =
85 new Intent(TrustAgentService.SERVICE_INTERFACE);
87 // Fitler types for this panel
88 protected static final String FILTER_TYPE_EXTRA = "filter_type";
89 protected static final int TYPE_LOCKSCREEN_EXTRA = 0;
90 private static final int TYPE_SECURITY_EXTRA = 1;
91 private static final int TYPE_EXTERNAL_RESOLUTION = 2;
94 private static final String KEY_UNLOCK_SET_OR_CHANGE = "unlock_set_or_change";
95 private static final String KEY_DIRECTLY_SHOW = "directlyshow";
96 private static final String KEY_VISIBLE_PATTERN = "visiblepattern";
97 private static final String KEY_VISIBLE_ERROR_PATTERN = "visible_error_pattern";
98 private static final String KEY_VISIBLE_DOTS = "visibledots";
99 private static final String KEY_SECURITY_CATEGORY = "security_category";
100 private static final String KEY_DEVICE_ADMIN_CATEGORY = "device_admin_category";
101 private static final String KEY_LOCK_AFTER_TIMEOUT = "lock_after_timeout";
102 private static final String KEY_OWNER_INFO_SETTINGS = "owner_info_settings";
103 private static final String KEY_ADVANCED_SECURITY = "advanced_security";
104 private static final String KEY_MANAGE_TRUST_AGENTS = "manage_trust_agents";
105 private static final String KEY_FINGERPRINT_SETTINGS = "fingerprint_settings";
107 private static final String KEY_LOCKSCREEN_ENABLED_INTERNAL = "lockscreen_enabled_internally";
109 private static final int SET_OR_CHANGE_LOCK_METHOD_REQUEST = 123;
110 private static final int CHANGE_TRUST_AGENT_SETTINGS = 126;
113 private static final String KEY_SIM_LOCK = "sim_lock";
114 private static final String KEY_SIM_LOCK_SETTINGS = "sim_lock_settings";
115 private static final String KEY_SHOW_PASSWORD = "show_password";
116 private static final String KEY_CREDENTIAL_STORAGE_TYPE = "credential_storage_type";
117 private static final String KEY_RESET_CREDENTIALS = "credentials_reset";
118 private static final String KEY_CREDENTIALS_INSTALL = "credentials_install";
119 private static final String KEY_TOGGLE_INSTALL_APPLICATIONS = "toggle_install_applications";
120 private static final String KEY_POWER_INSTANTLY_LOCKS = "power_button_instantly_locks";
121 private static final String KEY_CREDENTIALS_MANAGER = "credentials_management";
122 private static final String PACKAGE_MIME_TYPE = "application/vnd.android.package-archive";
123 private static final String KEY_TRUST_AGENT = "trust_agent";
124 private static final String KEY_SCREEN_PINNING = "screen_pinning_settings";
125 private static final String KEY_SMS_SECURITY_CHECK_PREF = "sms_security_check_limit";
126 private static final String KEY_GENERAL_CATEGORY = "general_category";
127 private static final String KEY_LIVE_LOCK_SCREEN = "live_lock_screen";
129 // These switch preferences need special handling since they're not all stored in Settings.
130 private static final String SWITCH_PREFERENCE_KEYS[] = { KEY_LOCK_AFTER_TIMEOUT,
131 KEY_VISIBLE_PATTERN, KEY_VISIBLE_ERROR_PATTERN, KEY_VISIBLE_DOTS, KEY_DIRECTLY_SHOW,
132 KEY_POWER_INSTANTLY_LOCKS, KEY_SHOW_PASSWORD, KEY_TOGGLE_INSTALL_APPLICATIONS };
134 // Only allow one trust agent on the platform.
135 private static final boolean ONLY_ONE_TRUST_AGENT = true;
137 protected static final int MY_USER_ID = UserHandle.myUserId();
139 protected static final String LIVE_LOCK_SCREEN_FEATURE = "org.cyanogenmod.livelockscreen";
141 private PackageManager mPM;
142 private DevicePolicyManager mDPM;
143 private SubscriptionManager mSubscriptionManager;
145 private ChooseLockSettingsHelper mChooseLockSettingsHelper;
146 private LockPatternUtils mLockPatternUtils;
147 private ListPreference mLockAfter;
149 private SwitchPreference mDirectlyShow;
150 private SwitchPreference mVisiblePattern;
151 private SwitchPreference mVisibleErrorPattern;
152 private SwitchPreference mVisibleDots;
154 private SwitchPreference mShowPassword;
156 private KeyStore mKeyStore;
157 private Preference mResetCredentials;
159 private SwitchPreference mToggleAppInstallation;
160 private DialogInterface mWarnInstallApps;
161 private SwitchPreference mPowerButtonInstantlyLocks;
163 private ListPreference mSmsSecurityCheck;
165 private boolean mIsPrimary;
167 private Intent mTrustAgentClickIntent;
169 private Preference mOwnerInfoPref;
170 private int mFilterType = TYPE_SECURITY_EXTRA;
172 private Preference mLockscreenDisabledPreference;
175 protected int getMetricsCategory() {
176 return MetricsLogger.SECURITY;
180 public void onCreate(Bundle savedInstanceState) {
181 super.onCreate(savedInstanceState);
183 // Ugly hack for legacy shortcuts :'(
184 Intent intent = getActivity().getIntent();
185 ComponentName componentName = intent.getComponent();
186 if (componentName.getClassName().equals(
187 LockScreenSettingsActivity.class.getName())) {
188 mFilterType = TYPE_LOCKSCREEN_EXTRA;
190 Bundle bundle = getArguments();
191 if (bundle != null) {
192 mFilterType = bundle.getInt(FILTER_TYPE_EXTRA, TYPE_SECURITY_EXTRA);
196 Bundle extras = getActivity().getIntent().getExtras();
197 // Even uglier hack to make cts verifier expectations make sense.
198 if (extras.get(SettingsActivity.EXTRA_SHOW_FRAGMENT_ARGUMENTS) != null &&
199 extras.get(SettingsActivity.EXTRA_SHOW_FRAGMENT_AS_SHORTCUT) == null) {
200 mFilterType = TYPE_EXTERNAL_RESOLUTION;
203 mSubscriptionManager = SubscriptionManager.from(getActivity());
205 mLockPatternUtils = new LockPatternUtils(getActivity());
207 mDPM = (DevicePolicyManager)getSystemService(Context.DEVICE_POLICY_SERVICE);
209 mChooseLockSettingsHelper = new ChooseLockSettingsHelper(getActivity());
211 if (savedInstanceState != null
212 && savedInstanceState.containsKey(TRUST_AGENT_CLICK_INTENT)) {
213 mTrustAgentClickIntent = savedInstanceState.getParcelable(TRUST_AGENT_CLICK_INTENT);
217 protected static int getResIdForLockUnlockScreen(Context context,
218 LockPatternUtils lockPatternUtils) {
220 if (!lockPatternUtils.isSecure(MY_USER_ID)) {
221 if (lockPatternUtils.isLockScreenDisabled(MY_USER_ID)) {
222 resid = R.xml.security_settings_lockscreen;
224 resid = R.xml.security_settings_chooser;
227 switch (lockPatternUtils.getKeyguardStoredPasswordQuality(MY_USER_ID)) {
228 case DevicePolicyManager.PASSWORD_QUALITY_SOMETHING:
229 resid = R.xml.security_settings_pattern;
231 case DevicePolicyManager.PASSWORD_QUALITY_NUMERIC:
232 case DevicePolicyManager.PASSWORD_QUALITY_NUMERIC_COMPLEX:
233 resid = R.xml.security_settings_pin;
235 case DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC:
236 case DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC:
237 case DevicePolicyManager.PASSWORD_QUALITY_COMPLEX:
238 resid = R.xml.security_settings_password;
248 * Don't forget to update the SecuritySearchIndexProvider if you are doing any change in the
249 * logic or adding/removing preferences here.
251 private PreferenceScreen createPreferenceHierarchy() {
252 PreferenceScreen root = getPreferenceScreen();
256 addPreferencesFromResource(R.xml.security_settings);
257 root = getPreferenceScreen();
259 // Add package manager to check if features are available
260 PackageManager pm = getPackageManager();
262 // Add options for device encryption
263 mIsPrimary = MY_USER_ID == UserHandle.USER_OWNER;
265 if (CMSettings.Secure.getIntForUser(getContentResolver(),
266 CMSettings.Secure.LOCKSCREEN_INTERNALLY_ENABLED, 1, UserHandle.USER_OWNER) != 1) {
267 // lock screen is disabled by quick settings tile, let the user know!~
268 mLockscreenDisabledPreference = new Preference(getActivity());
269 mLockscreenDisabledPreference.setKey(KEY_LOCKSCREEN_ENABLED_INTERNAL);
270 mLockscreenDisabledPreference.setTitle(R.string.lockscreen_disabled_by_qs_tile_title);
271 mLockscreenDisabledPreference.setSummary(R.string.lockscreen_disabled_by_qs_tile_summary);
272 root.addPreference(mLockscreenDisabledPreference);
275 final boolean securityOrExternal = mFilterType == TYPE_SECURITY_EXTRA
276 || mFilterType == TYPE_EXTERNAL_RESOLUTION;
277 final boolean lockscreenOrExternal = mFilterType == TYPE_LOCKSCREEN_EXTRA
278 || mFilterType == TYPE_EXTERNAL_RESOLUTION;
280 if (lockscreenOrExternal) {
281 // Add options for lock/unlock screen
282 final int resid = getResIdForLockUnlockScreen(getActivity(), mLockPatternUtils);
283 addPreferencesFromResource(resid);
285 mOwnerInfoPref = findPreference(KEY_OWNER_INFO_SETTINGS);
286 if (mOwnerInfoPref != null) {
287 mOwnerInfoPref.setOnPreferenceClickListener(new OnPreferenceClickListener() {
289 public boolean onPreferenceClick(Preference preference) {
290 OwnerInfoSettings.show(SecuritySettings.this);
297 if (mIsPrimary && securityOrExternal) {
298 if (LockPatternUtils.isDeviceEncryptionEnabled()) {
299 // The device is currently encrypted.
300 addPreferencesFromResource(R.xml.security_settings_encrypted);
302 // This device supports encryption but isn't encrypted.
303 addPreferencesFromResource(R.xml.security_settings_unencrypted);
307 if (lockscreenOrExternal) {
308 // Fingerprint and trust agents
309 PreferenceGroup securityCategory = (PreferenceGroup)
310 root.findPreference(KEY_SECURITY_CATEGORY);
311 if (securityCategory != null) {
312 maybeAddFingerprintPreference(securityCategory);
313 addTrustAgentSettings(securityCategory);
316 // lock after preference
317 mLockAfter = (ListPreference) root.findPreference(KEY_LOCK_AFTER_TIMEOUT);
318 if (mLockAfter != null) {
319 setupLockAfterPreference();
320 updateLockAfterPreferenceSummary();
324 mDirectlyShow = (SwitchPreference) root.findPreference(KEY_DIRECTLY_SHOW);
327 mVisiblePattern = (SwitchPreference) root.findPreference(KEY_VISIBLE_PATTERN);
329 // visible error pattern
330 mVisibleErrorPattern = (SwitchPreference) root.findPreference(
331 KEY_VISIBLE_ERROR_PATTERN);
334 mVisibleDots = (SwitchPreference) root.findPreference(KEY_VISIBLE_DOTS);
336 // lock instantly on power key press
337 mPowerButtonInstantlyLocks = (SwitchPreference) root.findPreference(
338 KEY_POWER_INSTANTLY_LOCKS);
339 Preference trustAgentPreference = root.findPreference(KEY_TRUST_AGENT);
340 if (mPowerButtonInstantlyLocks != null &&
341 trustAgentPreference != null &&
342 trustAgentPreference.getTitle().length() > 0) {
343 mPowerButtonInstantlyLocks.setSummary(getString(
344 R.string.lockpattern_settings_power_button_instantly_locks_summary,
345 trustAgentPreference.getTitle()));
348 // Add live lock screen preference if supported
349 PreferenceGroup generalCategory = (PreferenceGroup)
350 root.findPreference(KEY_GENERAL_CATEGORY);
351 if (pm.hasSystemFeature(LIVE_LOCK_SCREEN_FEATURE) && generalCategory != null) {
352 Preference liveLockPreference = new Preference(getContext(), null);
353 liveLockPreference.setIntent(new Intent(ACTION_OPEN_LIVE_LOCKSCREEN_SETTINGS));
354 liveLockPreference.setOrder(0);
355 liveLockPreference.setTitle(R.string.live_lock_screen_title);
356 liveLockPreference.setSummary(R.string.live_lock_screen_summary);
357 generalCategory.addPreference(liveLockPreference);
361 if (securityOrExternal) {
362 // Append the rest of the settings
363 addPreferencesFromResource(R.xml.security_settings_misc);
365 // Do not display SIM lock for devices without an Icc card
366 CarrierConfigManager cfgMgr = (CarrierConfigManager)
367 getActivity().getSystemService(Context.CARRIER_CONFIG_SERVICE);
368 PersistableBundle b = cfgMgr.getConfig();
369 PreferenceGroup iccLockGroup = (PreferenceGroup) root.findPreference(KEY_SIM_LOCK);
370 Preference iccLock = root.findPreference(KEY_SIM_LOCK_SETTINGS);
373 || b.getBoolean(CarrierConfigManager.KEY_HIDE_SIM_LOCK_SETTINGS_BOOL)) {
374 root.removePreference(iccLockGroup);
376 SubscriptionManager subMgr = SubscriptionManager.from(getActivity());
377 TelephonyManager tm = TelephonyManager.getDefault();
378 int numPhones = tm.getPhoneCount();
379 boolean hasAnySim = false;
381 for (int i = 0; i < numPhones; i++) {
382 final Preference pref;
385 SubscriptionInfo sir = subMgr.getActiveSubscriptionInfoForSimSlotIndex(i);
390 pref = new Preference(getActivity());
391 pref.setOrder(iccLock.getOrder());
392 pref.setTitle(getString(R.string.sim_card_lock_settings_title, i + 1));
393 pref.setSummary(sir.getDisplayName());
395 Intent intent = new Intent(getActivity(), IccLockSettings.class);
396 intent.putExtra(IccLockSettings.EXTRA_SUB_ID, sir.getSubscriptionId());
397 intent.putExtra(IccLockSettings.EXTRA_SUB_DISPLAY_NAME,
398 sir.getDisplayName());
399 pref.setIntent(intent);
401 iccLockGroup.addPreference(pref);
406 // Do not display SIM lock for devices without an Icc card
407 hasAnySim |= tm.hasIccCard(i);
409 int simState = tm.getSimState(i);
410 boolean simPresent = simState != TelephonyManager.SIM_STATE_ABSENT
411 && simState != TelephonyManager.SIM_STATE_UNKNOWN
412 && simState != TelephonyManager.SIM_STATE_CARD_IO_ERROR;
414 pref.setEnabled(false);
419 root.removePreference(iccLockGroup);
420 } else if (numPhones > 1) {
421 iccLockGroup.removePreference(iccLock);
425 if (Settings.System.getInt(getContentResolver(),
426 Settings.System.LOCK_TO_APP_ENABLED, 0) != 0) {
427 root.findPreference(KEY_SCREEN_PINNING).setSummary(
428 getResources().getString(R.string.switch_on_text));
431 // SMS rate limit security check
432 boolean isTelephony = pm.hasSystemFeature(PackageManager.FEATURE_TELEPHONY);
434 mSmsSecurityCheck = (ListPreference) root.findPreference(KEY_SMS_SECURITY_CHECK_PREF);
435 mSmsSecurityCheck.setOnPreferenceChangeListener(this);
436 int smsSecurityCheck = Integer.valueOf(mSmsSecurityCheck.getValue());
437 updateSmsSecuritySummary(smsSecurityCheck);
441 mShowPassword = (SwitchPreference) root.findPreference(KEY_SHOW_PASSWORD);
442 mResetCredentials = root.findPreference(KEY_RESET_CREDENTIALS);
444 // Credential storage
445 final UserManager um = (UserManager) getActivity().getSystemService(Context.USER_SERVICE);
446 mKeyStore = KeyStore.getInstance(); // needs to be initialized for onResume()
447 if (!um.hasUserRestriction(UserManager.DISALLOW_CONFIG_CREDENTIALS)) {
448 Preference credentialStorageType = root.findPreference(KEY_CREDENTIAL_STORAGE_TYPE);
450 final int storageSummaryRes =
451 mKeyStore.isHardwareBacked() ? R.string.credential_storage_type_hardware
452 : R.string.credential_storage_type_software;
453 credentialStorageType.setSummary(storageSummaryRes);
455 PreferenceGroup credentialsManager = (PreferenceGroup)
456 root.findPreference(KEY_CREDENTIALS_MANAGER);
457 credentialsManager.removePreference(root.findPreference(KEY_RESET_CREDENTIALS));
458 credentialsManager.removePreference(root.findPreference(KEY_CREDENTIALS_INSTALL));
459 credentialsManager.removePreference(root.findPreference(KEY_CREDENTIAL_STORAGE_TYPE));
462 // Application install
463 PreferenceGroup deviceAdminCategory = (PreferenceGroup)
464 root.findPreference(KEY_DEVICE_ADMIN_CATEGORY);
465 mToggleAppInstallation = (SwitchPreference) findPreference(
466 KEY_TOGGLE_INSTALL_APPLICATIONS);
467 mToggleAppInstallation.setChecked(isNonMarketAppsAllowed());
468 // Side loading of apps.
469 // Disable for restricted profiles. For others, check if policy disallows it.
470 mToggleAppInstallation.setEnabled(!um.getUserInfo(MY_USER_ID).isRestricted());
471 if (um.hasUserRestriction(UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES)
472 || um.hasUserRestriction(UserManager.DISALLOW_INSTALL_APPS)) {
473 mToggleAppInstallation.setEnabled(false);
476 // Advanced Security features
477 PreferenceGroup advancedCategory =
478 (PreferenceGroup)root.findPreference(KEY_ADVANCED_SECURITY);
479 if (advancedCategory != null) {
480 Preference manageAgents = advancedCategory.findPreference(KEY_MANAGE_TRUST_AGENTS);
481 if (manageAgents != null && !mLockPatternUtils.isSecure(MY_USER_ID)) {
482 manageAgents.setEnabled(false);
483 manageAgents.setSummary(R.string.disabled_because_no_backup_security);
487 // The above preferences come and go based on security state, so we need to update
488 // the index. This call is expected to be fairly cheap, but we may want to do something
489 // smarter in the future.
490 Index.getInstance(getActivity())
491 .updateFromClassNameResource(SecuritySettings.class.getName(), true, true);
493 for (int i = 0; i < SWITCH_PREFERENCE_KEYS.length; i++) {
494 final Preference pref = findPreference(SWITCH_PREFERENCE_KEYS[i]);
495 if (pref != null) pref.setOnPreferenceChangeListener(this);
501 private void maybeAddFingerprintPreference(PreferenceGroup securityCategory) {
502 FingerprintManager fpm = (FingerprintManager) getActivity().getSystemService(
503 Context.FINGERPRINT_SERVICE);
504 if (!fpm.isHardwareDetected()) {
505 Log.v(TAG, "No fingerprint hardware detected!!");
508 Preference fingerprintPreference = new Preference(securityCategory.getContext());
509 fingerprintPreference.setKey(KEY_FINGERPRINT_SETTINGS);
510 fingerprintPreference.setTitle(R.string.security_settings_fingerprint_preference_title);
511 Intent intent = new Intent();
512 final List<Fingerprint> items = fpm.getEnrolledFingerprints();
513 final int fingerprintCount = items != null ? items.size() : 0;
515 if (fingerprintCount > 0) {
516 fingerprintPreference.setSummary(getResources().getQuantityString(
517 R.plurals.security_settings_fingerprint_preference_summary,
518 fingerprintCount, fingerprintCount));
519 clazz = FingerprintSettings.class.getName();
521 fingerprintPreference.setSummary(
522 R.string.security_settings_fingerprint_preference_summary_none);
523 clazz = FingerprintEnrollIntroduction.class.getName();
525 intent.setClassName("com.android.settings", clazz);
526 fingerprintPreference.setIntent(intent);
527 securityCategory.addPreference(fingerprintPreference);
530 private void addTrustAgentSettings(PreferenceGroup securityCategory) {
531 final boolean hasSecurity = mLockPatternUtils.isSecure(MY_USER_ID);
532 ArrayList<TrustAgentComponentInfo> agents =
533 getActiveTrustAgents(getPackageManager(), mLockPatternUtils, mDPM);
534 for (int i = 0; i < agents.size(); i++) {
535 final TrustAgentComponentInfo agent = agents.get(i);
536 Preference trustAgentPreference =
537 new Preference(securityCategory.getContext());
538 trustAgentPreference.setKey(KEY_TRUST_AGENT);
539 trustAgentPreference.setTitle(agent.title);
540 trustAgentPreference.setSummary(agent.summary);
541 // Create intent for this preference.
542 Intent intent = new Intent();
543 intent.setComponent(agent.componentName);
544 intent.setAction(Intent.ACTION_MAIN);
545 trustAgentPreference.setIntent(intent);
546 // Add preference to the settings menu.
547 securityCategory.addPreference(trustAgentPreference);
549 if (agent.disabledByAdministrator) {
550 trustAgentPreference.setEnabled(false);
551 trustAgentPreference.setSummary(R.string.trust_agent_disabled_device_admin);
552 } else if (!hasSecurity) {
553 trustAgentPreference.setEnabled(false);
554 trustAgentPreference.setSummary(R.string.disabled_because_no_backup_security);
559 protected static ArrayList<TrustAgentComponentInfo> getActiveTrustAgents(
560 PackageManager pm, LockPatternUtils utils, DevicePolicyManager dpm) {
561 ArrayList<TrustAgentComponentInfo> result = new ArrayList<TrustAgentComponentInfo>();
562 List<ResolveInfo> resolveInfos = pm.queryIntentServices(TRUST_AGENT_INTENT,
563 PackageManager.GET_META_DATA);
564 List<ComponentName> enabledTrustAgents = utils.getEnabledTrustAgents(MY_USER_ID);
566 boolean disableTrustAgents = (dpm.getKeyguardDisabledFeatures(null)
567 & DevicePolicyManager.KEYGUARD_DISABLE_TRUST_AGENTS) != 0;
569 if (enabledTrustAgents != null && !enabledTrustAgents.isEmpty()) {
570 for (int i = 0; i < resolveInfos.size(); i++) {
571 ResolveInfo resolveInfo = resolveInfos.get(i);
572 if (resolveInfo.serviceInfo == null) continue;
573 if (!TrustAgentUtils.checkProvidePermission(resolveInfo, pm)) continue;
574 TrustAgentComponentInfo trustAgentComponentInfo =
575 TrustAgentUtils.getSettingsComponent(pm, resolveInfo);
576 if (trustAgentComponentInfo.componentName == null ||
577 !enabledTrustAgents.contains(
578 TrustAgentUtils.getComponentName(resolveInfo)) ||
579 TextUtils.isEmpty(trustAgentComponentInfo.title)) continue;
580 if (disableTrustAgents && dpm.getTrustAgentConfiguration(
581 null, TrustAgentUtils.getComponentName(resolveInfo)) == null) {
582 trustAgentComponentInfo.disabledByAdministrator = true;
584 result.add(trustAgentComponentInfo);
585 if (ONLY_ONE_TRUST_AGENT) break;
591 private boolean isNonMarketAppsAllowed() {
592 return Settings.Global.getInt(getContentResolver(),
593 Settings.Global.INSTALL_NON_MARKET_APPS, 0) > 0;
596 private void setNonMarketAppsAllowed(boolean enabled) {
597 final UserManager um = (UserManager) getActivity().getSystemService(Context.USER_SERVICE);
598 if (um.hasUserRestriction(UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES)) {
601 // Change the system setting
602 Settings.Global.putInt(getContentResolver(), Settings.Global.INSTALL_NON_MARKET_APPS,
606 private void warnAppInstallation() {
607 // TODO: DialogFragment?
608 mWarnInstallApps = new AlertDialog.Builder(getActivity()).setTitle(
609 getResources().getString(R.string.error_title))
610 .setIcon(com.android.internal.R.drawable.ic_dialog_alert)
611 .setMessage(getResources().getString(R.string.install_all_warning))
612 .setPositiveButton(android.R.string.yes, this)
613 .setNegativeButton(android.R.string.no, this)
618 public void onClick(DialogInterface dialog, int which) {
619 if (dialog == mWarnInstallApps) {
620 boolean turnOn = which == DialogInterface.BUTTON_POSITIVE;
621 setNonMarketAppsAllowed(turnOn);
622 if (mToggleAppInstallation != null) {
623 mToggleAppInstallation.setChecked(turnOn);
629 public void onDestroy() {
631 if (mWarnInstallApps != null) {
632 mWarnInstallApps.dismiss();
636 private void updateSmsSecuritySummary(int selection) {
637 String message = selection > 0
638 ? getString(R.string.sms_security_check_limit_summary, selection)
639 : getString(R.string.sms_security_check_limit_summary_none);
640 mSmsSecurityCheck.setSummary(message);
643 private void setupLockAfterPreference() {
644 // Compatible with pre-Froyo
645 long currentTimeout = Settings.Secure.getLong(getContentResolver(),
646 Settings.Secure.LOCK_SCREEN_LOCK_AFTER_TIMEOUT, 5000);
647 mLockAfter.setValue(String.valueOf(currentTimeout));
648 mLockAfter.setOnPreferenceChangeListener(this);
649 final long adminTimeout = (mDPM != null ? mDPM.getMaximumTimeToLock(null) : 0);
650 final long displayTimeout = Math.max(0,
651 Settings.System.getInt(getContentResolver(), SCREEN_OFF_TIMEOUT, 0));
652 if (adminTimeout > 0) {
653 // This setting is a slave to display timeout when a device policy is enforced.
654 // As such, maxLockTimeout = adminTimeout - displayTimeout.
655 // If there isn't enough time, shows "immediately" setting.
656 disableUnusableTimeouts(Math.max(0, adminTimeout - displayTimeout));
660 private void updateLockAfterPreferenceSummary() {
661 // Update summary message with current value
662 long currentTimeout = Settings.Secure.getLong(getContentResolver(),
663 Settings.Secure.LOCK_SCREEN_LOCK_AFTER_TIMEOUT, 5000);
664 final CharSequence[] entries = mLockAfter.getEntries();
665 final CharSequence[] values = mLockAfter.getEntryValues();
667 for (int i = 0; i < values.length; i++) {
668 long timeout = Long.valueOf(values[i].toString());
669 if (currentTimeout >= timeout) {
674 Preference preference = getPreferenceScreen().findPreference(KEY_TRUST_AGENT);
675 if (preference != null && preference.getTitle().length() > 0) {
676 if (Long.valueOf(values[best].toString()) == 0) {
677 mLockAfter.setSummary(getString(R.string.lock_immediately_summary_with_exception,
678 preference.getTitle()));
680 mLockAfter.setSummary(getString(R.string.lock_after_timeout_summary_with_exception,
681 entries[best], preference.getTitle()));
684 mLockAfter.setSummary(getString(R.string.lock_after_timeout_summary, entries[best]));
688 private void disableUnusableTimeouts(long maxTimeout) {
689 final CharSequence[] entries = mLockAfter.getEntries();
690 final CharSequence[] values = mLockAfter.getEntryValues();
691 ArrayList<CharSequence> revisedEntries = new ArrayList<CharSequence>();
692 ArrayList<CharSequence> revisedValues = new ArrayList<CharSequence>();
693 for (int i = 0; i < values.length; i++) {
694 long timeout = Long.valueOf(values[i].toString());
695 if (timeout <= maxTimeout) {
696 revisedEntries.add(entries[i]);
697 revisedValues.add(values[i]);
700 if (revisedEntries.size() != entries.length || revisedValues.size() != values.length) {
701 mLockAfter.setEntries(
702 revisedEntries.toArray(new CharSequence[revisedEntries.size()]));
703 mLockAfter.setEntryValues(
704 revisedValues.toArray(new CharSequence[revisedValues.size()]));
705 final int userPreference = Integer.valueOf(mLockAfter.getValue());
706 if (userPreference <= maxTimeout) {
707 mLockAfter.setValue(String.valueOf(userPreference));
709 // There will be no highlighted selection since nothing in the list matches
710 // maxTimeout. The user can still select anything less than maxTimeout.
711 // TODO: maybe append maxTimeout to the list and mark selected.
714 mLockAfter.setEnabled(revisedEntries.size() > 0);
718 public void onSaveInstanceState(Bundle outState) {
719 super.onSaveInstanceState(outState);
720 if (mTrustAgentClickIntent != null) {
721 outState.putParcelable(TRUST_AGENT_CLICK_INTENT, mTrustAgentClickIntent);
726 public void onResume() {
729 // Make sure we reload the preference hierarchy since some of these settings
730 // depend on others...
731 createPreferenceHierarchy();
733 final LockPatternUtils lockPatternUtils = mChooseLockSettingsHelper.utils();
734 final CmLockPatternUtils cmLockPatternUtils = mChooseLockSettingsHelper.cmUtils();
735 if (mDirectlyShow != null) {
736 mDirectlyShow.setChecked(cmLockPatternUtils.shouldPassToSecurityView(MY_USER_ID));
738 if (mVisiblePattern != null) {
739 mVisiblePattern.setChecked(lockPatternUtils.isVisiblePatternEnabled(MY_USER_ID));
741 if (mVisibleErrorPattern != null) {
742 mVisibleErrorPattern.setChecked(lockPatternUtils.isShowErrorPath(MY_USER_ID));
744 if (mVisibleDots != null) {
745 mVisibleDots.setChecked(lockPatternUtils.isVisibleDotsEnabled(MY_USER_ID));
747 if (mPowerButtonInstantlyLocks != null) {
748 mPowerButtonInstantlyLocks.setChecked(lockPatternUtils.getPowerButtonInstantlyLocks(
752 if (mShowPassword != null) {
753 mShowPassword.setChecked(Settings.System.getInt(getContentResolver(),
754 Settings.System.TEXT_SHOW_PASSWORD, 1) != 0);
757 if (mResetCredentials != null) {
758 mResetCredentials.setEnabled(!mKeyStore.isEmpty());
764 public void updateOwnerInfo() {
765 if (mOwnerInfoPref != null) {
766 mOwnerInfoPref.setSummary(mLockPatternUtils.isOwnerInfoEnabled(MY_USER_ID)
767 ? mLockPatternUtils.getOwnerInfo(MY_USER_ID)
768 : getString(R.string.owner_info_settings_summary));
773 public boolean onPreferenceTreeClick(PreferenceScreen preferenceScreen, Preference preference) {
774 final String key = preference.getKey();
775 if (KEY_UNLOCK_SET_OR_CHANGE.equals(key)) {
776 startFragment(this, "com.android.settings.ChooseLockGeneric$ChooseLockGenericFragment",
777 R.string.lock_settings_picker_title, SET_OR_CHANGE_LOCK_METHOD_REQUEST, null);
778 } else if (KEY_TRUST_AGENT.equals(key)) {
779 ChooseLockSettingsHelper helper =
780 new ChooseLockSettingsHelper(this.getActivity(), this);
781 mTrustAgentClickIntent = preference.getIntent();
782 boolean confirmationLaunched = helper.launchConfirmationActivity(
783 CHANGE_TRUST_AGENT_SETTINGS, preference.getTitle());
784 if (!confirmationLaunched && mTrustAgentClickIntent != null) {
785 // If this returns false, it means no password confirmation is required.
786 startActivity(mTrustAgentClickIntent);
787 mTrustAgentClickIntent = null;
789 } else if (KEY_LOCKSCREEN_ENABLED_INTERNAL.equals(key)) {
790 CMSettings.Secure.putIntForUser(getActivity().getContentResolver(),
791 CMSettings.Secure.LOCKSCREEN_INTERNALLY_ENABLED,
792 1, UserHandle.USER_CURRENT);
793 mLockscreenDisabledPreference.setEnabled(false);
794 mLockscreenDisabledPreference.setSummary(
795 R.string.lockscreen_disabled_by_qs_tile_summary_enabled);
797 // If we didn't handle it, let preferences handle it.
798 return super.onPreferenceTreeClick(preferenceScreen, preference);
804 * see confirmPatternThenDisableAndClear
807 public void onActivityResult(int requestCode, int resultCode, Intent data) {
808 super.onActivityResult(requestCode, resultCode, data);
809 if (requestCode == CHANGE_TRUST_AGENT_SETTINGS && resultCode == Activity.RESULT_OK) {
810 if (mTrustAgentClickIntent != null) {
811 startActivity(mTrustAgentClickIntent);
812 mTrustAgentClickIntent = null;
816 createPreferenceHierarchy();
820 public boolean onPreferenceChange(Preference preference, Object value) {
821 boolean result = true;
822 final String key = preference.getKey();
823 final LockPatternUtils lockPatternUtils = mChooseLockSettingsHelper.utils();
824 final CmLockPatternUtils cmLockPatternUtils = mChooseLockSettingsHelper.cmUtils();
825 if (KEY_LOCK_AFTER_TIMEOUT.equals(key)) {
826 int timeout = Integer.parseInt((String) value);
828 Settings.Secure.putInt(getContentResolver(),
829 Settings.Secure.LOCK_SCREEN_LOCK_AFTER_TIMEOUT, timeout);
830 } catch (NumberFormatException e) {
831 Log.e("SecuritySettings", "could not persist lockAfter timeout setting", e);
833 updateLockAfterPreferenceSummary();
834 } else if (KEY_DIRECTLY_SHOW.equals(key)) {
835 cmLockPatternUtils.setPassToSecurityView((Boolean) value, MY_USER_ID);
836 } else if (KEY_VISIBLE_PATTERN.equals(key)) {
837 lockPatternUtils.setVisiblePatternEnabled((Boolean) value, MY_USER_ID);
838 } else if (KEY_VISIBLE_ERROR_PATTERN.equals(key)) {
839 lockPatternUtils.setShowErrorPath((Boolean) value, MY_USER_ID);
840 } else if (KEY_VISIBLE_DOTS.equals(key)) {
841 lockPatternUtils.setVisibleDotsEnabled((Boolean) value, MY_USER_ID);
842 } else if (KEY_POWER_INSTANTLY_LOCKS.equals(key)) {
843 mLockPatternUtils.setPowerButtonInstantlyLocks((Boolean) value, MY_USER_ID);
844 } else if (KEY_SHOW_PASSWORD.equals(key)) {
845 Settings.System.putInt(getContentResolver(), Settings.System.TEXT_SHOW_PASSWORD,
846 ((Boolean) value) ? 1 : 0);
847 lockPatternUtils.setVisiblePasswordEnabled((Boolean) value, MY_USER_ID);
848 } else if (KEY_TOGGLE_INSTALL_APPLICATIONS.equals(key)) {
849 if ((Boolean) value) {
850 mToggleAppInstallation.setChecked(false);
851 warnAppInstallation();
852 // Don't change Switch status until user makes choice in dialog, so return false.
855 setNonMarketAppsAllowed(false);
857 } else if (KEY_SMS_SECURITY_CHECK_PREF.equals(key)) {
858 int smsSecurityCheck = Integer.valueOf((String) value);
859 Settings.Global.putInt(getContentResolver(), Settings.Global.SMS_OUTGOING_CHECK_MAX_COUNT,
861 updateSmsSecuritySummary(smsSecurityCheck);
867 protected int getHelpResource() {
868 return R.string.help_url_security;
872 * For Search. Please keep it in sync when updating "createPreferenceHierarchy()"
874 public static final SearchIndexProvider SEARCH_INDEX_DATA_PROVIDER =
875 new SecuritySearchIndexProvider();
877 private static class SecuritySearchIndexProvider extends BaseSearchIndexProvider {
881 public SecuritySearchIndexProvider() {
884 mIsPrimary = MY_USER_ID == UserHandle.USER_OWNER;
888 public List<SearchIndexableResource> getXmlResourcesToIndex(
889 Context context, boolean enabled) {
891 List<SearchIndexableResource> result = new ArrayList<SearchIndexableResource>();
894 SearchIndexableResource sir;
896 DevicePolicyManager dpm = (DevicePolicyManager)
897 context.getSystemService(Context.DEVICE_POLICY_SERVICE);
899 switch (dpm.getStorageEncryptionStatus()) {
900 case DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE:
901 // The device is currently encrypted.
902 resId = R.xml.security_settings_encrypted;
904 case DevicePolicyManager.ENCRYPTION_STATUS_INACTIVE:
905 // This device supports encryption but isn't encrypted.
906 resId = R.xml.security_settings_unencrypted;
910 sir = new SearchIndexableResource(context);
911 sir.xmlResId = resId;
915 // Append the rest of the settings
916 sir = new SearchIndexableResource(context);
917 sir.xmlResId = R.xml.security_settings_misc;
924 public List<SearchIndexableRaw> getRawDataToIndex(Context context, boolean enabled) {
925 final List<SearchIndexableRaw> result = new ArrayList<SearchIndexableRaw>();
926 final Resources res = context.getResources();
928 final String screenTitle = res.getString(R.string.security_settings_title);
930 SearchIndexableRaw data = new SearchIndexableRaw(context);
931 data.title = screenTitle;
932 data.screenTitle = screenTitle;
936 int resId = (UserManager.get(context).isLinkedUser()) ?
937 R.string.profile_info_settings_title : R.string.user_info_settings_title;
939 data = new SearchIndexableRaw(context);
940 data.title = res.getString(resId);
941 data.screenTitle = screenTitle;
945 // Credential storage
946 final UserManager um = (UserManager) context.getSystemService(Context.USER_SERVICE);
948 if (!um.hasUserRestriction(UserManager.DISALLOW_CONFIG_CREDENTIALS)) {
949 KeyStore keyStore = KeyStore.getInstance();
951 final int storageSummaryRes = keyStore.isHardwareBacked() ?
952 R.string.credential_storage_type_hardware :
953 R.string.credential_storage_type_software;
955 data = new SearchIndexableRaw(context);
956 data.title = res.getString(storageSummaryRes);
957 data.screenTitle = screenTitle;
962 final LockPatternUtils lockPatternUtils = new LockPatternUtils(context);
963 if (lockPatternUtils.isSecure(MY_USER_ID)) {
964 ArrayList<TrustAgentComponentInfo> agents =
965 getActiveTrustAgents(context.getPackageManager(), lockPatternUtils,
966 context.getSystemService(DevicePolicyManager.class));
967 for (int i = 0; i < agents.size(); i++) {
968 final TrustAgentComponentInfo agent = agents.get(i);
969 data = new SearchIndexableRaw(context);
970 data.title = agent.title;
971 data.screenTitle = screenTitle;
979 public List<String> getNonIndexableKeys(Context context) {
980 final List<String> keys = new ArrayList<String>();
982 LockPatternUtils lockPatternUtils = new LockPatternUtils(context);
983 // Add options for lock/unlock screen
984 int resId = getResIdForLockUnlockScreen(context, lockPatternUtils);
986 // Do not display SIM lock for devices without an Icc card
987 TelephonyManager tm = TelephonyManager.getDefault();
988 if (!mIsPrimary || !tm.hasIccCard()) {
989 keys.add(KEY_SIM_LOCK);
992 final UserManager um = (UserManager) context.getSystemService(Context.USER_SERVICE);
993 if (um.hasUserRestriction(UserManager.DISALLOW_CONFIG_CREDENTIALS)) {
994 keys.add(KEY_CREDENTIALS_MANAGER);
997 // TrustAgent settings disappear when the user has no primary security.
998 if (!lockPatternUtils.isSecure(MY_USER_ID)) {
999 keys.add(KEY_TRUST_AGENT);
1000 keys.add(KEY_MANAGE_TRUST_AGENTS);