Merge "[flexiglass] Fixes lockdown" into main (1b5134c9) · Commits · e / os / android_frameworks_base

packages/SystemUI/multivalentTests/src/com/android/systemui/bouncer/ui/viewmodel/BouncerMessageViewModelTest.kt

+2 −2

Original line number	Diff line number	Diff line
		@@ -36,7 +36,7 @@ import com.android.systemui.biometrics.shared.model.SensorStrength
		import com.android.systemui.bouncer.domain.interactor.bouncerInteractor
		import com.android.systemui.bouncer.shared.flag.fakeComposeBouncerFlags
		import com.android.systemui.coroutines.collectLastValue
		import com.android.systemui.deviceentry.domain.interactor.DeviceEntryInteractor
		import com.android.systemui.deviceentry.domain.interactor.DeviceUnlockedInteractor
		import com.android.systemui.deviceentry.shared.model.ErrorFaceAuthenticationStatus
		import com.android.systemui.deviceentry.shared.model.FailedFaceAuthenticationStatus
		import com.android.systemui.deviceentry.shared.model.HelpFaceAuthenticationStatus
		@@ -83,7 +83,7 @@ class BouncerMessageViewModelTest : SysuiTestCase() {
		underTest = kosmos.bouncerMessageViewModel
		overrideResource(R.string.kg_trust_agent_disabled, "Trust agent is unavailable")
		kosmos.fakeSystemPropertiesHelper.set(
		DeviceEntryInteractor.SYS_BOOT_REASON_PROP,
		DeviceUnlockedInteractor.SYS_BOOT_REASON_PROP,
		"not mainline reboot"
		)
		}

packages/SystemUI/multivalentTests/src/com/android/systemui/deviceentry/domain/interactor/DeviceEntryInteractorTest.kt

+0 −240

Original line number	Diff line number	Diff line
		@@ -20,7 +20,6 @@ import android.testing.TestableLooper
		import androidx.test.ext.junit.runners.AndroidJUnit4
		import androidx.test.filters.SmallTest
		import com.android.compose.animation.scene.SceneKey
		import com.android.internal.widget.LockPatternUtils
		import com.android.systemui.SysuiTestCase
		import com.android.systemui.authentication.data.repository.FakeAuthenticationRepository
		import com.android.systemui.authentication.data.repository.fakeAuthenticationRepository
		@@ -32,27 +31,14 @@ import com.android.systemui.bouncer.domain.interactor.alternateBouncerInteractor
		import com.android.systemui.coroutines.collectLastValue
		import com.android.systemui.coroutines.collectValues
		import com.android.systemui.deviceentry.data.repository.fakeDeviceEntryRepository
		import com.android.systemui.deviceentry.shared.model.DeviceEntryRestrictionReason
		import com.android.systemui.deviceentry.shared.model.DeviceEntryRestrictionReason.AdaptiveAuthRequest
		import com.android.systemui.deviceentry.shared.model.DeviceEntryRestrictionReason.BouncerLockedOut
		import com.android.systemui.deviceentry.shared.model.DeviceEntryRestrictionReason.DeviceNotUnlockedSinceReboot
		import com.android.systemui.deviceentry.shared.model.DeviceEntryRestrictionReason.NonStrongBiometricsSecurityTimeout
		import com.android.systemui.deviceentry.shared.model.DeviceEntryRestrictionReason.PolicyLockdown
		import com.android.systemui.deviceentry.shared.model.DeviceEntryRestrictionReason.SecurityTimeout
		import com.android.systemui.deviceentry.shared.model.DeviceEntryRestrictionReason.TrustAgentDisabled
		import com.android.systemui.deviceentry.shared.model.DeviceEntryRestrictionReason.UnattendedUpdate
		import com.android.systemui.deviceentry.shared.model.DeviceEntryRestrictionReason.UserLockdown
		import com.android.systemui.flags.EnableSceneContainer
		import com.android.systemui.flags.fakeSystemPropertiesHelper
		import com.android.systemui.keyguard.data.repository.biometricSettingsRepository
		import com.android.systemui.keyguard.data.repository.deviceEntryFingerprintAuthRepository
		import com.android.systemui.keyguard.data.repository.fakeBiometricSettingsRepository
		import com.android.systemui.keyguard.data.repository.fakeDeviceEntryFaceAuthRepository
		import com.android.systemui.keyguard.data.repository.fakeDeviceEntryFingerprintAuthRepository
		import com.android.systemui.keyguard.data.repository.fakeKeyguardRepository
		import com.android.systemui.keyguard.data.repository.fakeKeyguardTransitionRepository
		import com.android.systemui.keyguard.data.repository.fakeTrustRepository
		import com.android.systemui.keyguard.shared.model.AuthenticationFlags
		import com.android.systemui.keyguard.shared.model.KeyguardState
		import com.android.systemui.keyguard.shared.model.SuccessFingerprintAuthenticationStatus
		import com.android.systemui.kosmos.testScope
		@@ -61,7 +47,6 @@ import com.android.systemui.scene.shared.model.Scenes
		import com.android.systemui.testKosmos
		import com.google.common.truth.Truth.assertThat
		import kotlinx.coroutines.ExperimentalCoroutinesApi
		import kotlinx.coroutines.test.TestScope
		import kotlinx.coroutines.test.runCurrent
		import kotlinx.coroutines.test.runTest
		import org.junit.Before
		@@ -438,231 +423,6 @@ class DeviceEntryInteractorTest : SysuiTestCase() {
		assertThat(isUnlocked).isTrue()
		}

		@Test
		fun deviceEntryRestrictionReason_whenFaceOrFingerprintOrTrust_alwaysNull() =
		testScope.runTest {
		kosmos.fakeBiometricSettingsRepository.setIsFaceAuthEnrolledAndEnabled(false)
		kosmos.fakeBiometricSettingsRepository.setIsFingerprintAuthEnrolledAndEnabled(false)
		kosmos.fakeTrustRepository.setTrustUsuallyManaged(false)
		runCurrent()

		verifyRestrictionReasonsForAuthFlags(
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_BOOT to null,
		LockPatternUtils.StrongAuthTracker.SOME_AUTH_REQUIRED_AFTER_USER_REQUEST to null,
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_LOCKOUT to null,
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_TIMEOUT to null,
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN to null,
		LockPatternUtils.StrongAuthTracker
		.STRONG_AUTH_REQUIRED_AFTER_NON_STRONG_BIOMETRICS_TIMEOUT to null,
		LockPatternUtils.StrongAuthTracker.SOME_AUTH_REQUIRED_AFTER_TRUSTAGENT_EXPIRED to
		null,
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_FOR_UNATTENDED_UPDATE to
		null,
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_DPM_LOCK_NOW to null
		)
		}

		@Test
		fun deviceEntryRestrictionReason_whenFaceIsEnrolledAndEnabled_mapsToAuthFlagsState() =
		testScope.runTest {
		kosmos.fakeBiometricSettingsRepository.setIsFaceAuthEnrolledAndEnabled(true)
		kosmos.fakeBiometricSettingsRepository.setIsFingerprintAuthEnrolledAndEnabled(false)
		kosmos.fakeTrustRepository.setTrustUsuallyManaged(false)
		kosmos.fakeSystemPropertiesHelper.set(
		DeviceEntryInteractor.SYS_BOOT_REASON_PROP,
		"not mainline reboot"
		)
		runCurrent()

		verifyRestrictionReasonsForAuthFlags(
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_BOOT to
		DeviceNotUnlockedSinceReboot,
		LockPatternUtils.StrongAuthTracker.SOME_AUTH_REQUIRED_AFTER_ADAPTIVE_AUTH_REQUEST to
		AdaptiveAuthRequest,
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_LOCKOUT to
		BouncerLockedOut,
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_TIMEOUT to
		SecurityTimeout,
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN to
		UserLockdown,
		LockPatternUtils.StrongAuthTracker
		.STRONG_AUTH_REQUIRED_AFTER_NON_STRONG_BIOMETRICS_TIMEOUT to
		NonStrongBiometricsSecurityTimeout,
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_FOR_UNATTENDED_UPDATE to
		UnattendedUpdate,
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_DPM_LOCK_NOW to
		PolicyLockdown,
		LockPatternUtils.StrongAuthTracker.SOME_AUTH_REQUIRED_AFTER_USER_REQUEST to null,
		LockPatternUtils.StrongAuthTracker.SOME_AUTH_REQUIRED_AFTER_TRUSTAGENT_EXPIRED to
		null,
		)
		}

		@Test
		fun deviceEntryRestrictionReason_whenFingerprintIsEnrolledAndEnabled_mapsToAuthFlagsState() =
		testScope.runTest {
		kosmos.fakeBiometricSettingsRepository.setIsFaceAuthEnrolledAndEnabled(false)
		kosmos.fakeBiometricSettingsRepository.setIsFingerprintAuthEnrolledAndEnabled(true)
		kosmos.fakeTrustRepository.setTrustUsuallyManaged(false)
		kosmos.fakeSystemPropertiesHelper.set(
		DeviceEntryInteractor.SYS_BOOT_REASON_PROP,
		"not mainline reboot"
		)
		runCurrent()

		verifyRestrictionReasonsForAuthFlags(
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_BOOT to
		DeviceNotUnlockedSinceReboot,
		LockPatternUtils.StrongAuthTracker.SOME_AUTH_REQUIRED_AFTER_ADAPTIVE_AUTH_REQUEST to
		AdaptiveAuthRequest,
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_LOCKOUT to
		BouncerLockedOut,
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_TIMEOUT to
		SecurityTimeout,
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN to
		UserLockdown,
		LockPatternUtils.StrongAuthTracker
		.STRONG_AUTH_REQUIRED_AFTER_NON_STRONG_BIOMETRICS_TIMEOUT to
		NonStrongBiometricsSecurityTimeout,
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_FOR_UNATTENDED_UPDATE to
		UnattendedUpdate,
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_DPM_LOCK_NOW to
		PolicyLockdown,
		LockPatternUtils.StrongAuthTracker.SOME_AUTH_REQUIRED_AFTER_USER_REQUEST to null,
		LockPatternUtils.StrongAuthTracker.SOME_AUTH_REQUIRED_AFTER_TRUSTAGENT_EXPIRED to
		null,
		)
		}

		@Test
		fun deviceEntryRestrictionReason_whenTrustAgentIsEnabled_mapsToAuthFlagsState() =
		testScope.runTest {
		kosmos.fakeBiometricSettingsRepository.setIsFaceAuthEnrolledAndEnabled(false)
		kosmos.fakeBiometricSettingsRepository.setIsFingerprintAuthEnrolledAndEnabled(false)
		kosmos.fakeTrustRepository.setTrustUsuallyManaged(true)
		kosmos.fakeTrustRepository.setCurrentUserTrustManaged(false)
		kosmos.fakeSystemPropertiesHelper.set(
		DeviceEntryInteractor.SYS_BOOT_REASON_PROP,
		"not mainline reboot"
		)
		runCurrent()

		verifyRestrictionReasonsForAuthFlags(
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_BOOT to
		DeviceNotUnlockedSinceReboot,
		LockPatternUtils.StrongAuthTracker.SOME_AUTH_REQUIRED_AFTER_ADAPTIVE_AUTH_REQUEST to
		AdaptiveAuthRequest,
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_LOCKOUT to
		BouncerLockedOut,
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_TIMEOUT to
		SecurityTimeout,
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN to
		UserLockdown,
		LockPatternUtils.StrongAuthTracker
		.STRONG_AUTH_REQUIRED_AFTER_NON_STRONG_BIOMETRICS_TIMEOUT to
		NonStrongBiometricsSecurityTimeout,
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_FOR_UNATTENDED_UPDATE to
		UnattendedUpdate,
		LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_DPM_LOCK_NOW to
		PolicyLockdown,
		LockPatternUtils.StrongAuthTracker.SOME_AUTH_REQUIRED_AFTER_USER_REQUEST to
		TrustAgentDisabled,
		LockPatternUtils.StrongAuthTracker.SOME_AUTH_REQUIRED_AFTER_TRUSTAGENT_EXPIRED to
		TrustAgentDisabled,
		)
		}

		@Test
		fun deviceEntryRestrictionReason_whenDeviceRebootedForMainlineUpdate_mapsToTheCorrectReason() =
		testScope.runTest {
		val deviceEntryRestrictionReason by
		collectLastValue(underTest.deviceEntryRestrictionReason)
		kosmos.fakeSystemPropertiesHelper.set(
		DeviceEntryInteractor.SYS_BOOT_REASON_PROP,
		DeviceEntryInteractor.REBOOT_MAINLINE_UPDATE
		)
		kosmos.fakeBiometricSettingsRepository.setAuthenticationFlags(
		AuthenticationFlags(
		userId = 1,
		flag = LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_BOOT
		)
		)
		runCurrent()

		kosmos.fakeBiometricSettingsRepository.setIsFaceAuthEnrolledAndEnabled(false)
		kosmos.fakeBiometricSettingsRepository.setIsFingerprintAuthEnrolledAndEnabled(false)
		kosmos.fakeTrustRepository.setTrustUsuallyManaged(false)
		runCurrent()

		assertThat(deviceEntryRestrictionReason).isNull()

		kosmos.fakeBiometricSettingsRepository.setIsFaceAuthEnrolledAndEnabled(true)
		runCurrent()

		assertThat(deviceEntryRestrictionReason)
		.isEqualTo(DeviceEntryRestrictionReason.DeviceNotUnlockedSinceMainlineUpdate)

		kosmos.fakeBiometricSettingsRepository.setIsFaceAuthEnrolledAndEnabled(false)
		kosmos.fakeBiometricSettingsRepository.setIsFingerprintAuthEnrolledAndEnabled(true)
		runCurrent()

		assertThat(deviceEntryRestrictionReason)
		.isEqualTo(DeviceEntryRestrictionReason.DeviceNotUnlockedSinceMainlineUpdate)

		kosmos.fakeBiometricSettingsRepository.setIsFingerprintAuthEnrolledAndEnabled(false)
		kosmos.fakeTrustRepository.setTrustUsuallyManaged(true)
		runCurrent()

		assertThat(deviceEntryRestrictionReason)
		.isEqualTo(DeviceEntryRestrictionReason.DeviceNotUnlockedSinceMainlineUpdate)
		}

		@Test
		fun reportUserPresent_whenDeviceEntered() =
		testScope.runTest {
		val isDeviceEntered by collectLastValue(underTest.isDeviceEntered)
		assertThat(isDeviceEntered).isFalse()
		assertThat(kosmos.fakeDeviceEntryRepository.userPresentCount).isEqualTo(0)

		kosmos.fakeDeviceEntryFingerprintAuthRepository.setAuthenticationStatus(
		SuccessFingerprintAuthenticationStatus(0, true)
		)
		runCurrent()
		switchToScene(Scenes.Gone)
		assertThat(isDeviceEntered).isTrue()
		assertThat(kosmos.fakeDeviceEntryRepository.userPresentCount).isEqualTo(1)

		switchToScene(Scenes.Lockscreen)
		assertThat(isDeviceEntered).isFalse()
		assertThat(kosmos.fakeDeviceEntryRepository.userPresentCount).isEqualTo(1)

		kosmos.fakeDeviceEntryFingerprintAuthRepository.setAuthenticationStatus(
		SuccessFingerprintAuthenticationStatus(0, true)
		)
		switchToScene(Scenes.Gone)
		assertThat(isDeviceEntered).isTrue()
		assertThat(kosmos.fakeDeviceEntryRepository.userPresentCount).isEqualTo(2)
		}

		private fun TestScope.verifyRestrictionReasonsForAuthFlags(
		vararg authFlagToDeviceEntryRestriction: Pair<Int, DeviceEntryRestrictionReason?>
		) {
		val deviceEntryRestrictionReason by collectLastValue(underTest.deviceEntryRestrictionReason)

		authFlagToDeviceEntryRestriction.forEach { (flag, expectedReason) ->
		kosmos.fakeBiometricSettingsRepository.setAuthenticationFlags(
		AuthenticationFlags(userId = 1, flag = flag)
		)
		runCurrent()

		if (expectedReason == null) {
		assertThat(deviceEntryRestrictionReason).isNull()
		} else {
		assertThat(deviceEntryRestrictionReason).isEqualTo(expectedReason)
		}
		}
		}

		private fun switchToScene(sceneKey: SceneKey) {
		sceneInteractor.changeScene(sceneKey, "reason")
		}

packages/SystemUI/multivalentTests/src/com/android/systemui/deviceentry/domain/interactor/DeviceUnlockedInteractorTest.kt

+244 −14

File changed.

Preview size limit exceeded, changes collapsed.

packages/SystemUI/src/com/android/systemui/authentication/data/repository/AuthenticationRepository.kt

+1 −0

Original line number	Diff line number	Diff line
		@@ -288,6 +288,7 @@ constructor(
		override suspend fun reportAuthenticationAttempt(isSuccessful: Boolean) {
		withContext(backgroundDispatcher) {
		if (isSuccessful) {
		lockPatternUtils.userPresent(selectedUserId)
		lockPatternUtils.reportSuccessfulPasswordAttempt(selectedUserId)
		_hasLockoutOccurred.value = false
		} else {

packages/SystemUI/src/com/android/systemui/bouncer/ui/viewmodel/BouncerMessageViewModel.kt

+5 −5

Original line number	Diff line number	Diff line
		@@ -32,7 +32,7 @@ import com.android.systemui.dagger.qualifiers.Application
		import com.android.systemui.deviceentry.domain.interactor.BiometricMessageInteractor
		import com.android.systemui.deviceentry.domain.interactor.DeviceEntryFaceAuthInteractor
		import com.android.systemui.deviceentry.domain.interactor.DeviceEntryFingerprintAuthInteractor
		import com.android.systemui.deviceentry.domain.interactor.DeviceEntryInteractor
		import com.android.systemui.deviceentry.domain.interactor.DeviceUnlockedInteractor
		import com.android.systemui.deviceentry.shared.model.DeviceEntryRestrictionReason
		import com.android.systemui.deviceentry.shared.model.FaceFailureMessage
		import com.android.systemui.deviceentry.shared.model.FaceLockoutMessage
		@@ -75,7 +75,7 @@ class BouncerMessageViewModel(
		private val clock: SystemClock,
		private val biometricMessageInteractor: BiometricMessageInteractor,
		private val faceAuthInteractor: DeviceEntryFaceAuthInteractor,
		private val deviceEntryInteractor: DeviceEntryInteractor,
		private val deviceUnlockedInteractor: DeviceUnlockedInteractor,
		private val fingerprintInteractor: DeviceEntryFingerprintAuthInteractor,
		flags: ComposeBouncerFlags,
		) {
		@@ -119,7 +119,7 @@ class BouncerMessageViewModel(
		}
		} else if (authMethod.isSecure) {
		combine(
		deviceEntryInteractor.deviceEntryRestrictionReason,
		deviceUnlockedInteractor.deviceEntryRestrictionReason,
		lockoutMessage,
		fingerprintInteractor.isFingerprintCurrentlyAllowedOnBouncer,
		resetToDefault,
		@@ -413,7 +413,7 @@ object BouncerMessageViewModelModule {
		clock: SystemClock,
		biometricMessageInteractor: BiometricMessageInteractor,
		faceAuthInteractor: DeviceEntryFaceAuthInteractor,
		deviceEntryInteractor: DeviceEntryInteractor,
		deviceUnlockedInteractor: DeviceUnlockedInteractor,
		fingerprintInteractor: DeviceEntryFingerprintAuthInteractor,
		flags: ComposeBouncerFlags,
		userSwitcherViewModel: UserSwitcherViewModel,
		@@ -427,7 +427,7 @@ object BouncerMessageViewModelModule {
		clock = clock,
		biometricMessageInteractor = biometricMessageInteractor,
		faceAuthInteractor = faceAuthInteractor,
		deviceEntryInteractor = deviceEntryInteractor,
		deviceUnlockedInteractor = deviceUnlockedInteractor,
		fingerprintInteractor = fingerprintInteractor,
		flags = flags,
		selectedUser = userSwitcherViewModel.selectedUser,