From 3ea423ae0ff56d249b6844b3a68c67ee5eba243d Mon Sep 17 00:00:00 2001 From: Svetoslav Date: Thu, 16 Oct 2014 14:44:25 -0700 Subject: [PATCH] User to confirm credentials if an accessibility service changes encryption. When an accessibility service is enabled we are not using the user secure lock when encrypting the data. If the latter is already used for encryption we are decreasing the encryption level and therefore shall challenge the user with their secure lock. bug:17881324 Change-Id: If8905c05e20bc6bb6a6415e501871e5ad83f3d86 --- res/layout-sw600dp-land/confirm_lock_password.xml | 2 +- res/layout-sw600dp/confirm_lock_password.xml | 3 +- res/layout/confirm_lock_password.xml | 3 +- res/values/strings.xml | 15 +++++ .../android/settings/ChooseLockSettingsHelper.java | 8 ++- .../settings/ConfirmDeviceCredentialActivity.java | 9 +++ src/com/android/settings/ConfirmLockPassword.java | 14 ++++- ...ggleAccessibilityServicePreferenceFragment.java | 64 +++++++++++++++++++--- 8 files changed, 103 insertions(+), 15 deletions(-) diff --git a/res/layout-sw600dp-land/confirm_lock_password.xml b/res/layout-sw600dp-land/confirm_lock_password.xml index e3cc20c337..cbaad7ad8f 100644 --- a/res/layout-sw600dp-land/confirm_lock_password.xml +++ b/res/layout-sw600dp-land/confirm_lock_password.xml @@ -41,7 +41,7 @@ android:layout_marginBottom="10dip" android:gravity="start" android:ellipsize="marquee" - android:textAppearance="?android:attr/textAppearanceLarge" + android:textAppearance="?android:attr/textAppearanceMedium" /> diff --git a/res/layout-sw600dp/confirm_lock_password.xml b/res/layout-sw600dp/confirm_lock_password.xml index 9e236d58b6..12b6ab27fc 100644 --- a/res/layout-sw600dp/confirm_lock_password.xml +++ b/res/layout-sw600dp/confirm_lock_password.xml @@ -30,8 +30,7 @@ android:layout_width="fill_parent" android:layout_height="wrap_content" android:gravity="center" - android:lines="2" - android:textAppearance="?android:attr/textAppearanceLarge"/> + android:textAppearance="?android:attr/textAppearanceMedium"/> + android:textAppearance="?android:attr/textAppearanceMedium"/> Because you\'ve turned on an accessibility service, your device won’t use your screen lock to enhance data encryption. + + Turning on %1$s reduces data protection. + + + + Turning on %1$s reduces data protection. + + + + Turning on %1$s reduces data protection. + + Observe your actions diff --git a/src/com/android/settings/ChooseLockSettingsHelper.java b/src/com/android/settings/ChooseLockSettingsHelper.java index 5aa511a823..3086a7adf0 100644 --- a/src/com/android/settings/ChooseLockSettingsHelper.java +++ b/src/com/android/settings/ChooseLockSettingsHelper.java @@ -79,7 +79,7 @@ public final class ChooseLockSettingsHelper { case DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC: case DevicePolicyManager.PASSWORD_QUALITY_COMPLEX: // TODO: update UI layout for ConfirmPassword to show message and details - launched = confirmPassword(request, returnCredentials); + launched = confirmPassword(request, message, returnCredentials); break; } return launched; @@ -116,13 +116,17 @@ public final class ChooseLockSettingsHelper { /** * Launch screen to confirm the existing lock password. + * @param message shown in header of ConfirmLockPassword if not null * @param returnCredentials if true, put credentials into intent. * @see #onActivityResult(int, int, android.content.Intent) * @return true if we launched an activity to confirm password */ - private boolean confirmPassword(int request, boolean returnCredentials) { + private boolean confirmPassword(int request, CharSequence message, + boolean returnCredentials) { if (!mLockPatternUtils.isLockPasswordEnabled()) return false; final Intent intent = new Intent(); + // supply header text in the intent + intent.putExtra(ConfirmLockPattern.HEADER_TEXT, message); intent.setClassName("com.android.settings", returnCredentials ? ConfirmLockPassword.InternalActivity.class.getName() diff --git a/src/com/android/settings/ConfirmDeviceCredentialActivity.java b/src/com/android/settings/ConfirmDeviceCredentialActivity.java index 6b2bfd282a..beb2d97d6e 100644 --- a/src/com/android/settings/ConfirmDeviceCredentialActivity.java +++ b/src/com/android/settings/ConfirmDeviceCredentialActivity.java @@ -30,6 +30,15 @@ import android.util.Log; public class ConfirmDeviceCredentialActivity extends Activity { public static final String TAG = ConfirmDeviceCredentialActivity.class.getSimpleName(); + public static Intent createIntent(CharSequence title, CharSequence details) { + Intent intent = new Intent(); + intent.setClassName("com.android.settings", + ConfirmDeviceCredentialActivity.class.getName()); + intent.putExtra(KeyguardManager.EXTRA_TITLE, title); + intent.putExtra(KeyguardManager.EXTRA_DESCRIPTION, details); + return intent; + } + @Override public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); diff --git a/src/com/android/settings/ConfirmLockPassword.java b/src/com/android/settings/ConfirmLockPassword.java index a89d7183c0..c74e8617b0 100644 --- a/src/com/android/settings/ConfirmLockPassword.java +++ b/src/com/android/settings/ConfirmLockPassword.java @@ -16,6 +16,7 @@ package com.android.settings; +import android.text.TextUtils; import com.android.internal.widget.LockPatternUtils; import com.android.internal.widget.PasswordEntryKeyboardHelper; import com.android.internal.widget.PasswordEntryKeyboardView; @@ -44,6 +45,9 @@ import android.widget.TextView.OnEditorActionListener; public class ConfirmLockPassword extends SettingsActivity { + public static final String PACKAGE = "com.android.settings"; + public static final String HEADER_TEXT = PACKAGE + ".ConfirmLockPattern.header"; + public static class InternalActivity extends ConfirmLockPassword { } @@ -122,7 +126,15 @@ public class ConfirmLockPassword extends SettingsActivity { mIsAlpha = DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC == storedQuality || DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC == storedQuality || DevicePolicyManager.PASSWORD_QUALITY_COMPLEX == storedQuality; - mHeaderText.setText(getDefaultHeader()); + + Intent intent = getActivity().getIntent(); + if (intent != null) { + CharSequence headerMessage = intent.getCharSequenceExtra(HEADER_TEXT); + if (TextUtils.isEmpty(headerMessage)) { + headerMessage = getString(getDefaultHeader()); + } + mHeaderText.setText(headerMessage); + } final Activity activity = getActivity(); mKeyboardHelper = new PasswordEntryKeyboardHelper(activity, diff --git a/src/com/android/settings/accessibility/ToggleAccessibilityServicePreferenceFragment.java b/src/com/android/settings/accessibility/ToggleAccessibilityServicePreferenceFragment.java index 2375061dc8..71b5862871 100644 --- a/src/com/android/settings/accessibility/ToggleAccessibilityServicePreferenceFragment.java +++ b/src/com/android/settings/accessibility/ToggleAccessibilityServicePreferenceFragment.java @@ -17,8 +17,10 @@ package com.android.settings.accessibility; import android.accessibilityservice.AccessibilityServiceInfo; +import android.app.Activity; import android.app.AlertDialog; import android.app.Dialog; +import android.app.admin.DevicePolicyManager; import android.content.ComponentName; import android.content.Context; import android.content.DialogInterface; @@ -37,6 +39,7 @@ import android.widget.LinearLayout; import android.widget.TextView; import com.android.internal.widget.LockPatternUtils; +import com.android.settings.ConfirmDeviceCredentialActivity; import com.android.settings.R; import com.android.settings.widget.ToggleSwitch; import com.android.settings.widget.ToggleSwitch.OnBeforeCheckedChangeListener; @@ -52,6 +55,10 @@ public class ToggleAccessibilityServicePreferenceFragment private static final int DIALOG_ID_ENABLE_WARNING = 1; private static final int DIALOG_ID_DISABLE_WARNING = 2; + public static final int ACTIVITY_REQUEST_CONFIRM_CREDENTIAL = 1; + + private LockPatternUtils mLockPatternUtils; + private final SettingsContentObserver mSettingsContentObserver = new SettingsContentObserver(new Handler()) { @Override @@ -68,6 +75,12 @@ public class ToggleAccessibilityServicePreferenceFragment private int mShownDialogId; @Override + public void onCreate(Bundle savedInstanceState) { + super.onCreate(savedInstanceState); + mLockPatternUtils = new LockPatternUtils(getActivity()); + } + + @Override public void onResume() { mSettingsContentObserver.register(getContentResolver()); super.onResume(); @@ -270,26 +283,63 @@ public class ToggleAccessibilityServicePreferenceFragment } @Override + public void onActivityResult(int requestCode, int resultCode, Intent data) { + if (requestCode == ACTIVITY_REQUEST_CONFIRM_CREDENTIAL) { + if (resultCode == Activity.RESULT_OK) { + handleConfirmServiceEnabled(true); + } else { + handleConfirmServiceEnabled(false); + } + } + } + + @Override public void onClick(DialogInterface dialog, int which) { final boolean checked; switch (which) { case DialogInterface.BUTTON_POSITIVE: - checked = (mShownDialogId == DIALOG_ID_ENABLE_WARNING); - mSwitchBar.setCheckedInternal(checked); - getArguments().putBoolean(AccessibilitySettings.EXTRA_CHECKED, checked); - onPreferenceToggled(mPreferenceKey, checked); + if (mShownDialogId == DIALOG_ID_ENABLE_WARNING) { + if (LockPatternUtils.isDeviceEncrypted()) { + String title = createConfirmCredentialReasonMessage(); + Intent intent = ConfirmDeviceCredentialActivity.createIntent(title, null); + startActivityForResult(intent, ACTIVITY_REQUEST_CONFIRM_CREDENTIAL); + } else { + handleConfirmServiceEnabled(true); + } + } else { + handleConfirmServiceEnabled(false); + } break; case DialogInterface.BUTTON_NEGATIVE: checked = (mShownDialogId == DIALOG_ID_DISABLE_WARNING); - mSwitchBar.setCheckedInternal(checked); - getArguments().putBoolean(AccessibilitySettings.EXTRA_CHECKED, checked); - onPreferenceToggled(mPreferenceKey, checked); + handleConfirmServiceEnabled(checked); break; default: throw new IllegalArgumentException(); } } + private void handleConfirmServiceEnabled(boolean confirmed) { + mSwitchBar.setCheckedInternal(confirmed); + getArguments().putBoolean(AccessibilitySettings.EXTRA_CHECKED, confirmed); + onPreferenceToggled(mPreferenceKey, confirmed); + } + + private String createConfirmCredentialReasonMessage() { + int resId = R.string.enable_service_password_reason; + switch (mLockPatternUtils.getKeyguardStoredPasswordQuality()) { + case DevicePolicyManager.PASSWORD_QUALITY_SOMETHING: { + resId = R.string.enable_service_pattern_reason; + } break; + case DevicePolicyManager.PASSWORD_QUALITY_NUMERIC: + case DevicePolicyManager.PASSWORD_QUALITY_NUMERIC_COMPLEX: { + resId = R.string.enable_service_pin_reason; + } break; + } + return getString(resId, getAccessibilityServiceInfo().getResolveInfo() + .loadLabel(getPackageManager())); + } + @Override protected void onInstallSwitchBarToggleSwitch() { super.onInstallSwitchBarToggleSwitch(); -- 2.11.0