/* * Copyright (C) 2007 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.android.settings; import android.app.Activity; import android.app.AlertDialog; import android.app.admin.DevicePolicyManager; import android.content.ComponentName; import android.content.Context; import android.content.DialogInterface; import android.content.Intent; import android.content.pm.PackageManager; import android.content.pm.ResolveInfo; import android.content.pm.UserInfo; import android.content.res.Resources; import android.os.Bundle; import android.os.UserHandle; import android.os.UserManager; import android.preference.SwitchPreference; import android.preference.ListPreference; import android.preference.Preference; import android.preference.Preference.OnPreferenceChangeListener; import android.preference.PreferenceGroup; import android.preference.PreferenceScreen; import android.provider.SearchIndexableResource; import android.provider.Settings; import android.provider.Settings.SettingNotFoundException; import android.security.KeyStore; import android.service.trust.TrustAgentService; import android.telephony.TelephonyManager; import android.text.TextUtils; import android.util.Log; import com.android.internal.widget.LockPatternUtils; import com.android.settings.TrustAgentUtils.TrustAgentComponentInfo; import com.android.settings.search.BaseSearchIndexProvider; import com.android.settings.search.Index; import com.android.settings.search.Indexable; import com.android.settings.search.SearchIndexableRaw; import java.util.ArrayList; import java.util.List; import static android.provider.Settings.System.SCREEN_OFF_TIMEOUT; /** * Gesture lock pattern settings. */ public class SecuritySettings extends SettingsPreferenceFragment implements OnPreferenceChangeListener, DialogInterface.OnClickListener, Indexable { static final String TAG = "SecuritySettings"; private static final Intent TRUST_AGENT_INTENT = new Intent(TrustAgentService.SERVICE_INTERFACE); // Lock Settings private static final String KEY_UNLOCK_SET_OR_CHANGE = "unlock_set_or_change"; private static final String KEY_BIOMETRIC_WEAK_IMPROVE_MATCHING = "biometric_weak_improve_matching"; private static final String KEY_BIOMETRIC_WEAK_LIVELINESS = "biometric_weak_liveliness"; private static final String KEY_LOCK_ENABLED = "lockenabled"; private static final String KEY_VISIBLE_PATTERN = "visiblepattern"; private static final String KEY_SECURITY_CATEGORY = "security_category"; private static final String KEY_DEVICE_ADMIN_CATEGORY = "device_admin_category"; private static final String KEY_LOCK_AFTER_TIMEOUT = "lock_after_timeout"; private static final String KEY_OWNER_INFO_SETTINGS = "owner_info_settings"; private static final String KEY_ADVANCED_SECURITY = "advanced_security"; private static final String KEY_MANAGE_TRUST_AGENTS = "manage_trust_agents"; private static final int SET_OR_CHANGE_LOCK_METHOD_REQUEST = 123; private static final int CONFIRM_EXISTING_FOR_BIOMETRIC_WEAK_IMPROVE_REQUEST = 124; private static final int CONFIRM_EXISTING_FOR_BIOMETRIC_WEAK_LIVELINESS_OFF = 125; private static final int CHANGE_TRUST_AGENT_SETTINGS = 126; // Misc Settings private static final String KEY_SIM_LOCK = "sim_lock"; private static final String KEY_SHOW_PASSWORD = "show_password"; private static final String KEY_CREDENTIAL_STORAGE_TYPE = "credential_storage_type"; private static final String KEY_RESET_CREDENTIALS = "credentials_reset"; private static final String KEY_CREDENTIALS_INSTALL = "credentials_install"; private static final String KEY_TOGGLE_INSTALL_APPLICATIONS = "toggle_install_applications"; private static final String KEY_POWER_INSTANTLY_LOCKS = "power_button_instantly_locks"; private static final String KEY_CREDENTIALS_MANAGER = "credentials_management"; private static final String PACKAGE_MIME_TYPE = "application/vnd.android.package-archive"; private static final String KEY_TRUST_AGENT = "trust_agent"; private static final String KEY_SCREEN_PINNING = "screen_pinning_settings"; // These switch preferences need special handling since they're not all stored in Settings. private static final String SWITCH_PREFERENCE_KEYS[] = { KEY_LOCK_AFTER_TIMEOUT, KEY_LOCK_ENABLED, KEY_VISIBLE_PATTERN, KEY_BIOMETRIC_WEAK_LIVELINESS, KEY_POWER_INSTANTLY_LOCKS, KEY_SHOW_PASSWORD, KEY_TOGGLE_INSTALL_APPLICATIONS }; // Only allow one trust agent on the platform. private static final boolean ONLY_ONE_TRUST_AGENT = true; private DevicePolicyManager mDPM; private ChooseLockSettingsHelper mChooseLockSettingsHelper; private LockPatternUtils mLockPatternUtils; private ListPreference mLockAfter; private SwitchPreference mBiometricWeakLiveliness; private SwitchPreference mVisiblePattern; private SwitchPreference mShowPassword; private KeyStore mKeyStore; private Preference mResetCredentials; private SwitchPreference mToggleAppInstallation; private DialogInterface mWarnInstallApps; private SwitchPreference mPowerButtonInstantlyLocks; private boolean mIsPrimary; private Preference mClickedTrustAgentPreference; @Override public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); mLockPatternUtils = new LockPatternUtils(getActivity()); mDPM = (DevicePolicyManager)getSystemService(Context.DEVICE_POLICY_SERVICE); mChooseLockSettingsHelper = new ChooseLockSettingsHelper(getActivity()); } private static int getResIdForLockUnlockScreen(Context context, LockPatternUtils lockPatternUtils) { int resid = 0; if (!lockPatternUtils.isSecure()) { // if there are multiple users, disable "None" setting UserManager mUm = (UserManager) context. getSystemService(Context.USER_SERVICE); List users = mUm.getUsers(true); final boolean singleUser = users.size() == 1; if (singleUser && lockPatternUtils.isLockScreenDisabled()) { resid = R.xml.security_settings_lockscreen; } else { resid = R.xml.security_settings_chooser; } } else if (lockPatternUtils.usingBiometricWeak() && lockPatternUtils.isBiometricWeakInstalled()) { resid = R.xml.security_settings_biometric_weak; } else { switch (lockPatternUtils.getKeyguardStoredPasswordQuality()) { case DevicePolicyManager.PASSWORD_QUALITY_SOMETHING: resid = R.xml.security_settings_pattern; break; case DevicePolicyManager.PASSWORD_QUALITY_NUMERIC: case DevicePolicyManager.PASSWORD_QUALITY_NUMERIC_COMPLEX: resid = R.xml.security_settings_pin; break; case DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC: case DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC: case DevicePolicyManager.PASSWORD_QUALITY_COMPLEX: resid = R.xml.security_settings_password; break; } } return resid; } /** * Important! * * Don't forget to update the SecuritySearchIndexProvider if you are doing any change in the * logic or adding/removing preferences here. */ private PreferenceScreen createPreferenceHierarchy() { PreferenceScreen root = getPreferenceScreen(); if (root != null) { root.removeAll(); } addPreferencesFromResource(R.xml.security_settings); root = getPreferenceScreen(); // Add options for lock/unlock screen final int resid = getResIdForLockUnlockScreen(getActivity(), mLockPatternUtils); addPreferencesFromResource(resid); // Add options for device encryption mIsPrimary = UserHandle.myUserId() == UserHandle.USER_OWNER; if (!mIsPrimary) { // Rename owner info settings Preference ownerInfoPref = findPreference(KEY_OWNER_INFO_SETTINGS); if (ownerInfoPref != null) { if (UserManager.get(getActivity()).isLinkedUser()) { ownerInfoPref.setTitle(R.string.profile_info_settings_title); } else { ownerInfoPref.setTitle(R.string.user_info_settings_title); } } } if (mIsPrimary) { switch (mDPM.getStorageEncryptionStatus()) { case DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE: // The device is currently encrypted. addPreferencesFromResource(R.xml.security_settings_encrypted); break; case DevicePolicyManager.ENCRYPTION_STATUS_INACTIVE: // This device supports encryption but isn't encrypted. addPreferencesFromResource(R.xml.security_settings_unencrypted); break; } } // Trust Agent preferences PreferenceGroup securityCategory = (PreferenceGroup) root.findPreference(KEY_SECURITY_CATEGORY); if (securityCategory != null && mLockPatternUtils.isSecure()) { ArrayList agents = getActiveTrustAgents(getPackageManager(), mLockPatternUtils); for (int i = 0; i < agents.size(); i++) { final TrustAgentComponentInfo agent = agents.get(i); Preference trustAgentPreference = new Preference(securityCategory.getContext()); trustAgentPreference.setKey(KEY_TRUST_AGENT); trustAgentPreference.setTitle(agent.title); trustAgentPreference.setSummary(agent.summary); // Create intent for this preference. Intent intent = new Intent(); intent.setComponent(agent.componentName); intent.setAction(Intent.ACTION_MAIN); trustAgentPreference.setIntent(intent); // Add preference to the settings menu. securityCategory.addPreference(trustAgentPreference); } } // lock after preference mLockAfter = (ListPreference) root.findPreference(KEY_LOCK_AFTER_TIMEOUT); if (mLockAfter != null) { setupLockAfterPreference(); updateLockAfterPreferenceSummary(); } // biometric weak liveliness mBiometricWeakLiveliness = (SwitchPreference) root.findPreference(KEY_BIOMETRIC_WEAK_LIVELINESS); // visible pattern mVisiblePattern = (SwitchPreference) root.findPreference(KEY_VISIBLE_PATTERN); // lock instantly on power key press mPowerButtonInstantlyLocks = (SwitchPreference) root.findPreference( KEY_POWER_INSTANTLY_LOCKS); Preference trustAgentPreference = root.findPreference(KEY_TRUST_AGENT); if (mPowerButtonInstantlyLocks != null && trustAgentPreference != null && trustAgentPreference.getTitle().length() > 0) { mPowerButtonInstantlyLocks.setSummary(getString( R.string.lockpattern_settings_power_button_instantly_locks_summary, trustAgentPreference.getTitle())); } // don't display visible pattern if biometric and backup is not pattern if (resid == R.xml.security_settings_biometric_weak && mLockPatternUtils.getKeyguardStoredPasswordQuality() != DevicePolicyManager.PASSWORD_QUALITY_SOMETHING) { if (securityCategory != null && mVisiblePattern != null) { securityCategory.removePreference(root.findPreference(KEY_VISIBLE_PATTERN)); } } // Append the rest of the settings addPreferencesFromResource(R.xml.security_settings_misc); // Do not display SIM lock for devices without an Icc card TelephonyManager tm = TelephonyManager.getDefault(); if (!mIsPrimary || !tm.hasIccCard()) { root.removePreference(root.findPreference(KEY_SIM_LOCK)); } else { // Disable SIM lock if sim card is missing or unknown if ((TelephonyManager.getDefault().getSimState() == TelephonyManager.SIM_STATE_ABSENT) || (TelephonyManager.getDefault().getSimState() == TelephonyManager.SIM_STATE_UNKNOWN)) { root.findPreference(KEY_SIM_LOCK).setEnabled(false); } } if (Settings.System.getInt(getContentResolver(), Settings.System.LOCK_TO_APP_ENABLED, 0) != 0) { root.findPreference(KEY_SCREEN_PINNING).setSummary( getResources().getString(R.string.switch_on_text)); } // Show password mShowPassword = (SwitchPreference) root.findPreference(KEY_SHOW_PASSWORD); mResetCredentials = root.findPreference(KEY_RESET_CREDENTIALS); // Credential storage final UserManager um = (UserManager) getActivity().getSystemService(Context.USER_SERVICE); mKeyStore = KeyStore.getInstance(); // needs to be initialized for onResume() if (!um.hasUserRestriction(UserManager.DISALLOW_CONFIG_CREDENTIALS)) { Preference credentialStorageType = root.findPreference(KEY_CREDENTIAL_STORAGE_TYPE); final int storageSummaryRes = mKeyStore.isHardwareBacked() ? R.string.credential_storage_type_hardware : R.string.credential_storage_type_software; credentialStorageType.setSummary(storageSummaryRes); } else { PreferenceGroup credentialsManager = (PreferenceGroup) root.findPreference(KEY_CREDENTIALS_MANAGER); credentialsManager.removePreference(root.findPreference(KEY_RESET_CREDENTIALS)); credentialsManager.removePreference(root.findPreference(KEY_CREDENTIALS_INSTALL)); credentialsManager.removePreference(root.findPreference(KEY_CREDENTIAL_STORAGE_TYPE)); } // Application install PreferenceGroup deviceAdminCategory = (PreferenceGroup) root.findPreference(KEY_DEVICE_ADMIN_CATEGORY); mToggleAppInstallation = (SwitchPreference) findPreference( KEY_TOGGLE_INSTALL_APPLICATIONS); mToggleAppInstallation.setChecked(isNonMarketAppsAllowed()); // Side loading of apps. mToggleAppInstallation.setEnabled(mIsPrimary); if (um.hasUserRestriction(UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES) || um.hasUserRestriction(UserManager.DISALLOW_INSTALL_APPS)) { mToggleAppInstallation.setEnabled(false); } // Advanced Security features PreferenceGroup advancedCategory = (PreferenceGroup)root.findPreference(KEY_ADVANCED_SECURITY); if (advancedCategory != null && !mLockPatternUtils.isSecure()) { Preference manageAgents = advancedCategory.findPreference(KEY_MANAGE_TRUST_AGENTS); if (manageAgents != null) advancedCategory.removePreference(manageAgents); } // The above preferences come and go based on security state, so we need to update // the index. This call is expected to be fairly cheap, but we may want to do something // smarter in the future. Index.getInstance(getActivity()) .updateFromClassNameResource(SecuritySettings.class.getName(), true, true); for (int i = 0; i < SWITCH_PREFERENCE_KEYS.length; i++) { final Preference pref = findPreference(SWITCH_PREFERENCE_KEYS[i]); if (pref != null) pref.setOnPreferenceChangeListener(this); } return root; } private static ArrayList getActiveTrustAgents( PackageManager pm, LockPatternUtils utils) { ArrayList result = new ArrayList(); List resolveInfos = pm.queryIntentServices(TRUST_AGENT_INTENT, PackageManager.GET_META_DATA); List enabledTrustAgents = utils.getEnabledTrustAgents(); if (enabledTrustAgents != null && !enabledTrustAgents.isEmpty()) { for (int i = 0; i < resolveInfos.size(); i++) { ResolveInfo resolveInfo = resolveInfos.get(i); if (resolveInfo.serviceInfo == null) continue; if (!TrustAgentUtils.checkProvidePermission(resolveInfo, pm)) continue; TrustAgentComponentInfo trustAgentComponentInfo = TrustAgentUtils.getSettingsComponent(pm, resolveInfo); if (trustAgentComponentInfo.componentName == null || !enabledTrustAgents.contains( TrustAgentUtils.getComponentName(resolveInfo)) || TextUtils.isEmpty(trustAgentComponentInfo.title)) continue; result.add(trustAgentComponentInfo); if (ONLY_ONE_TRUST_AGENT) break; } } return result; } private boolean isNonMarketAppsAllowed() { return Settings.Global.getInt(getContentResolver(), Settings.Global.INSTALL_NON_MARKET_APPS, 0) > 0; } private void setNonMarketAppsAllowed(boolean enabled) { final UserManager um = (UserManager) getActivity().getSystemService(Context.USER_SERVICE); if (um.hasUserRestriction(UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES)) { return; } // Change the system setting Settings.Global.putInt(getContentResolver(), Settings.Global.INSTALL_NON_MARKET_APPS, enabled ? 1 : 0); } private void warnAppInstallation() { // TODO: DialogFragment? mWarnInstallApps = new AlertDialog.Builder(getActivity()).setTitle( getResources().getString(R.string.error_title)) .setIcon(com.android.internal.R.drawable.ic_dialog_alert) .setMessage(getResources().getString(R.string.install_all_warning)) .setPositiveButton(android.R.string.yes, this) .setNegativeButton(android.R.string.no, null) .show(); } @Override public void onClick(DialogInterface dialog, int which) { if (dialog == mWarnInstallApps && which == DialogInterface.BUTTON_POSITIVE) { setNonMarketAppsAllowed(true); if (mToggleAppInstallation != null) { mToggleAppInstallation.setChecked(true); } } } @Override public void onDestroy() { super.onDestroy(); if (mWarnInstallApps != null) { mWarnInstallApps.dismiss(); } } private void setupLockAfterPreference() { // Compatible with pre-Froyo long currentTimeout = Settings.Secure.getLong(getContentResolver(), Settings.Secure.LOCK_SCREEN_LOCK_AFTER_TIMEOUT, 5000); mLockAfter.setValue(String.valueOf(currentTimeout)); mLockAfter.setOnPreferenceChangeListener(this); final long adminTimeout = (mDPM != null ? mDPM.getMaximumTimeToLock(null) : 0); final long displayTimeout = Math.max(0, Settings.System.getInt(getContentResolver(), SCREEN_OFF_TIMEOUT, 0)); if (adminTimeout > 0) { // This setting is a slave to display timeout when a device policy is enforced. // As such, maxLockTimeout = adminTimeout - displayTimeout. // If there isn't enough time, shows "immediately" setting. disableUnusableTimeouts(Math.max(0, adminTimeout - displayTimeout)); } } private void updateLockAfterPreferenceSummary() { // Update summary message with current value long currentTimeout = Settings.Secure.getLong(getContentResolver(), Settings.Secure.LOCK_SCREEN_LOCK_AFTER_TIMEOUT, 5000); final CharSequence[] entries = mLockAfter.getEntries(); final CharSequence[] values = mLockAfter.getEntryValues(); int best = 0; for (int i = 0; i < values.length; i++) { long timeout = Long.valueOf(values[i].toString()); if (currentTimeout >= timeout) { best = i; } } Preference preference = getPreferenceScreen().findPreference(KEY_TRUST_AGENT); if (preference != null && preference.getTitle().length() > 0) { mLockAfter.setSummary(getString(R.string.lock_after_timeout_summary_with_exception, entries[best], preference.getTitle())); } else { mLockAfter.setSummary(getString(R.string.lock_after_timeout_summary, entries[best])); } } private void disableUnusableTimeouts(long maxTimeout) { final CharSequence[] entries = mLockAfter.getEntries(); final CharSequence[] values = mLockAfter.getEntryValues(); ArrayList revisedEntries = new ArrayList(); ArrayList revisedValues = new ArrayList(); for (int i = 0; i < values.length; i++) { long timeout = Long.valueOf(values[i].toString()); if (timeout <= maxTimeout) { revisedEntries.add(entries[i]); revisedValues.add(values[i]); } } if (revisedEntries.size() != entries.length || revisedValues.size() != values.length) { mLockAfter.setEntries( revisedEntries.toArray(new CharSequence[revisedEntries.size()])); mLockAfter.setEntryValues( revisedValues.toArray(new CharSequence[revisedValues.size()])); final int userPreference = Integer.valueOf(mLockAfter.getValue()); if (userPreference <= maxTimeout) { mLockAfter.setValue(String.valueOf(userPreference)); } else { // There will be no highlighted selection since nothing in the list matches // maxTimeout. The user can still select anything less than maxTimeout. // TODO: maybe append maxTimeout to the list and mark selected. } } mLockAfter.setEnabled(revisedEntries.size() > 0); } @Override public void onResume() { super.onResume(); // Make sure we reload the preference hierarchy since some of these settings // depend on others... createPreferenceHierarchy(); final LockPatternUtils lockPatternUtils = mChooseLockSettingsHelper.utils(); if (mBiometricWeakLiveliness != null) { mBiometricWeakLiveliness.setChecked( lockPatternUtils.isBiometricWeakLivelinessEnabled()); } if (mVisiblePattern != null) { mVisiblePattern.setChecked(lockPatternUtils.isVisiblePatternEnabled()); } if (mPowerButtonInstantlyLocks != null) { mPowerButtonInstantlyLocks.setChecked(lockPatternUtils.getPowerButtonInstantlyLocks()); } if (mShowPassword != null) { mShowPassword.setChecked(Settings.System.getInt(getContentResolver(), Settings.System.TEXT_SHOW_PASSWORD, 1) != 0); } if (mResetCredentials != null) { mResetCredentials.setEnabled(!mKeyStore.isEmpty()); } } @Override public boolean onPreferenceTreeClick(PreferenceScreen preferenceScreen, Preference preference) { final String key = preference.getKey(); if (KEY_UNLOCK_SET_OR_CHANGE.equals(key)) { startFragment(this, "com.android.settings.ChooseLockGeneric$ChooseLockGenericFragment", R.string.lock_settings_picker_title, SET_OR_CHANGE_LOCK_METHOD_REQUEST, null); } else if (KEY_BIOMETRIC_WEAK_IMPROVE_MATCHING.equals(key)) { ChooseLockSettingsHelper helper = new ChooseLockSettingsHelper(this.getActivity(), this); if (!helper.launchConfirmationActivity( CONFIRM_EXISTING_FOR_BIOMETRIC_WEAK_IMPROVE_REQUEST, null, null)) { // If this returns false, it means no password confirmation is required, so // go ahead and start improve. // Note: currently a backup is required for biometric_weak so this code path // can't be reached, but is here in case things change in the future startBiometricWeakImprove(); } } else if (KEY_TRUST_AGENT.equals(key)) { ChooseLockSettingsHelper helper = new ChooseLockSettingsHelper(this.getActivity(), this); mClickedTrustAgentPreference = preference; if (!helper.launchConfirmationActivity(CHANGE_TRUST_AGENT_SETTINGS, null, null) && preference.getIntent() != null) { // If this returns false, it means no password confirmation is required. startActivity(preference.getIntent()); mClickedTrustAgentPreference = null; } } else { // If we didn't handle it, let preferences handle it. return super.onPreferenceTreeClick(preferenceScreen, preference); } return true; } /** * see confirmPatternThenDisableAndClear */ @Override public void onActivityResult(int requestCode, int resultCode, Intent data) { super.onActivityResult(requestCode, resultCode, data); if (requestCode == CONFIRM_EXISTING_FOR_BIOMETRIC_WEAK_IMPROVE_REQUEST && resultCode == Activity.RESULT_OK) { startBiometricWeakImprove(); return; } else if (requestCode == CONFIRM_EXISTING_FOR_BIOMETRIC_WEAK_LIVELINESS_OFF && resultCode == Activity.RESULT_OK) { final LockPatternUtils lockPatternUtils = mChooseLockSettingsHelper.utils(); lockPatternUtils.setBiometricWeakLivelinessEnabled(false); // Setting the mBiometricWeakLiveliness checked value to false is handled when onResume // is called by grabbing the value from lockPatternUtils. We can't set it here // because mBiometricWeakLiveliness could be null return; } else if (requestCode == CHANGE_TRUST_AGENT_SETTINGS && resultCode == Activity.RESULT_OK) { if (mClickedTrustAgentPreference != null) { Intent intent = mClickedTrustAgentPreference.getIntent(); if (intent != null) { startActivity(intent); } mClickedTrustAgentPreference = null; } } createPreferenceHierarchy(); } @Override public boolean onPreferenceChange(Preference preference, Object value) { final String key = preference.getKey(); final LockPatternUtils lockPatternUtils = mChooseLockSettingsHelper.utils(); if (KEY_LOCK_AFTER_TIMEOUT.equals(key)) { int timeout = Integer.parseInt((String) value); try { Settings.Secure.putInt(getContentResolver(), Settings.Secure.LOCK_SCREEN_LOCK_AFTER_TIMEOUT, timeout); } catch (NumberFormatException e) { Log.e("SecuritySettings", "could not persist lockAfter timeout setting", e); } updateLockAfterPreferenceSummary(); } else if (KEY_LOCK_ENABLED.equals(key)) { lockPatternUtils.setLockPatternEnabled((Boolean) value); } else if (KEY_VISIBLE_PATTERN.equals(key)) { lockPatternUtils.setVisiblePatternEnabled((Boolean) value); } else if (KEY_BIOMETRIC_WEAK_LIVELINESS.equals(key)) { if ((Boolean) value) { lockPatternUtils.setBiometricWeakLivelinessEnabled(true); } else { // In this case the user has just unchecked the checkbox, but this action requires // them to confirm their password. We need to re-check the checkbox until // they've confirmed their password mBiometricWeakLiveliness.setChecked(true); ChooseLockSettingsHelper helper = new ChooseLockSettingsHelper(this.getActivity(), this); if (!helper.launchConfirmationActivity( CONFIRM_EXISTING_FOR_BIOMETRIC_WEAK_LIVELINESS_OFF, null, null)) { // If this returns false, it means no password confirmation is required, so // go ahead and uncheck it here. // Note: currently a backup is required for biometric_weak so this code path // can't be reached, but is here in case things change in the future lockPatternUtils.setBiometricWeakLivelinessEnabled(false); mBiometricWeakLiveliness.setChecked(false); } } } else if (KEY_POWER_INSTANTLY_LOCKS.equals(key)) { mLockPatternUtils.setPowerButtonInstantlyLocks((Boolean) value); } else if (KEY_SHOW_PASSWORD.equals(key)) { Settings.System.putInt(getContentResolver(), Settings.System.TEXT_SHOW_PASSWORD, ((Boolean) value) ? 1 : 0); } else if (KEY_TOGGLE_INSTALL_APPLICATIONS.equals(key)) { if ((Boolean) value) { mToggleAppInstallation.setChecked(false); warnAppInstallation(); } else { setNonMarketAppsAllowed(false); } } return true; } @Override protected int getHelpResource() { return R.string.help_url_security; } public void startBiometricWeakImprove(){ Intent intent = new Intent(); intent.setClassName("com.android.facelock", "com.android.facelock.AddToSetup"); startActivity(intent); } /** * For Search. Please keep it in sync when updating "createPreferenceHierarchy()" */ public static final SearchIndexProvider SEARCH_INDEX_DATA_PROVIDER = new SecuritySearchIndexProvider(); private static class SecuritySearchIndexProvider extends BaseSearchIndexProvider { boolean mIsPrimary; public SecuritySearchIndexProvider() { super(); mIsPrimary = UserHandle.myUserId() == UserHandle.USER_OWNER; } @Override public List getXmlResourcesToIndex( Context context, boolean enabled) { List result = new ArrayList(); LockPatternUtils lockPatternUtils = new LockPatternUtils(context); // Add options for lock/unlock screen int resId = getResIdForLockUnlockScreen(context, lockPatternUtils); SearchIndexableResource sir = new SearchIndexableResource(context); sir.xmlResId = resId; result.add(sir); if (mIsPrimary) { DevicePolicyManager dpm = (DevicePolicyManager) context.getSystemService(Context.DEVICE_POLICY_SERVICE); switch (dpm.getStorageEncryptionStatus()) { case DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE: // The device is currently encrypted. resId = R.xml.security_settings_encrypted; break; case DevicePolicyManager.ENCRYPTION_STATUS_INACTIVE: // This device supports encryption but isn't encrypted. resId = R.xml.security_settings_unencrypted; break; } sir = new SearchIndexableResource(context); sir.xmlResId = resId; result.add(sir); } // Append the rest of the settings sir = new SearchIndexableResource(context); sir.xmlResId = R.xml.security_settings_misc; result.add(sir); return result; } @Override public List getRawDataToIndex(Context context, boolean enabled) { final List result = new ArrayList(); final Resources res = context.getResources(); final String screenTitle = res.getString(R.string.security_settings_title); SearchIndexableRaw data = new SearchIndexableRaw(context); data.title = screenTitle; data.screenTitle = screenTitle; result.add(data); if (!mIsPrimary) { int resId = (UserManager.get(context).isLinkedUser()) ? R.string.profile_info_settings_title : R.string.user_info_settings_title; data = new SearchIndexableRaw(context); data.title = res.getString(resId); data.screenTitle = screenTitle; result.add(data); } // Credential storage final UserManager um = (UserManager) context.getSystemService(Context.USER_SERVICE); if (!um.hasUserRestriction(UserManager.DISALLOW_CONFIG_CREDENTIALS)) { KeyStore keyStore = KeyStore.getInstance(); final int storageSummaryRes = keyStore.isHardwareBacked() ? R.string.credential_storage_type_hardware : R.string.credential_storage_type_software; data = new SearchIndexableRaw(context); data.title = res.getString(storageSummaryRes); data.screenTitle = screenTitle; result.add(data); } // Advanced final LockPatternUtils lockPatternUtils = new LockPatternUtils(context); if (lockPatternUtils.isSecure()) { ArrayList agents = getActiveTrustAgents(context.getPackageManager(), lockPatternUtils); for (int i = 0; i < agents.size(); i++) { final TrustAgentComponentInfo agent = agents.get(i); data = new SearchIndexableRaw(context); data.title = agent.title; data.screenTitle = screenTitle; result.add(data); } } return result; } @Override public List getNonIndexableKeys(Context context) { final List keys = new ArrayList(); LockPatternUtils lockPatternUtils = new LockPatternUtils(context); // Add options for lock/unlock screen int resId = getResIdForLockUnlockScreen(context, lockPatternUtils); // don't display visible pattern if biometric and backup is not pattern if (resId == R.xml.security_settings_biometric_weak && lockPatternUtils.getKeyguardStoredPasswordQuality() != DevicePolicyManager.PASSWORD_QUALITY_SOMETHING) { keys.add(KEY_VISIBLE_PATTERN); } // Do not display SIM lock for devices without an Icc card TelephonyManager tm = TelephonyManager.getDefault(); if (!mIsPrimary || !tm.hasIccCard()) { keys.add(KEY_SIM_LOCK); } final UserManager um = (UserManager) context.getSystemService(Context.USER_SERVICE); if (um.hasUserRestriction(UserManager.DISALLOW_CONFIG_CREDENTIALS)) { keys.add(KEY_CREDENTIALS_MANAGER); } // TrustAgent settings disappear when the user has no primary security. if (!lockPatternUtils.isSecure()) { keys.add(KEY_TRUST_AGENT); keys.add(KEY_MANAGE_TRUST_AGENTS); } return keys; } } }