Merge cherrypicks of ['googleplex-android-review.googlesource.com/25705932',...

        XmlUtils.writeMapXml(mMap, out, this);

    }

    /**

     * Checks whether all keys and values are within the given character limit.

     * Note: Maximum character limit of String that can be saved to XML as part of bundle is 65535.

     * Otherwise IOException is thrown.

     * @param limit length of String keys and values in the PersistableBundle, including nested

     *                    PersistableBundles to check against.

     *

     * @hide

     */

    public boolean isBundleContentsWithinLengthLimit(int limit) {

        unparcel();

        if (mMap == null) {

            return true;

        }

        for (int i = 0; i < mMap.size(); i++) {

            if (mMap.keyAt(i) != null && mMap.keyAt(i).length() > limit) {

                return false;

            }

            final Object value = mMap.valueAt(i);

            if (value instanceof String && ((String) value).length() > limit) {

                return false;

            } else if (value instanceof String[]) {

                String[] stringArray =  (String[]) value;

                for (int j = 0; j < stringArray.length; j++) {

                    if (stringArray[j] != null

                            && stringArray[j].length() > limit) {

                        return false;

                    }

                }

            } else if (value instanceof PersistableBundle

                    && !((PersistableBundle) value).isBundleContentsWithinLengthLimit(limit)) {

                return false;

            }

        }

        return true;

    }

    /** @hide */

    static class MyReadMapCallback implements  XmlUtils.ReadMapCallback {

        @Override

    /** Whether the device is in headless system user mode; null until cached. */

    private static Boolean sIsHeadlessSystemUser = null;

    /** Maximum length of username.

     * @hide

     */

    public static final int MAX_USER_NAME_LENGTH = 100;

    /** Maximum length of user property String value.

     * @hide

     */

    public static final int MAX_ACCOUNT_STRING_LENGTH = 500;

    /** Maximum length of account options String values.

     * @hide

     */

    public static final int MAX_ACCOUNT_OPTIONS_LENGTH = 1000;

    /**

     * User type representing a {@link UserHandle#USER_SYSTEM system} user that is a human user.

     * This type of user cannot be created; it can only pre-exist on first boot.

     * This API should only be called if the current user is an {@link #isAdminUser() admin} user,

     * as otherwise the returned intent will not be able to create a user.

     *

     * @param userName Optional name to assign to the user.

     * @param userName Optional name to assign to the user. Character limit is 100.

     * @param accountName Optional account name that will be used by the setup wizard to initialize

     *                    the user.

     *                    the user. Character limit is 500.

     * @param accountType Optional account type for the account to be created. This is required

     *                    if the account name is specified.

     *                    if the account name is specified. Character limit is 500.

     * @param accountOptions Optional bundle of data to be passed in during account creation in the

     *                       new user via {@link AccountManager#addAccount(String, String, String[],

     *                       Bundle, android.app.Activity, android.accounts.AccountManagerCallback,

     *                       Handler)}.

     *                       Handler)}. Character limit is 1000.

     * @return An Intent that can be launched from an Activity.

     * @see #USER_CREATION_FAILED_NOT_PERMITTED

     * @see #USER_CREATION_FAILED_NO_MORE_USERS

        if (cantCreateUser) {

            setResult(UserManager.USER_CREATION_FAILED_NOT_PERMITTED);

            return null;

        } else if (!(isUserPropertyWithinLimit(mUserName, UserManager.MAX_USER_NAME_LENGTH)

                && isUserPropertyWithinLimit(mAccountName, UserManager.MAX_ACCOUNT_STRING_LENGTH)

                && isUserPropertyWithinLimit(mAccountType, UserManager.MAX_ACCOUNT_STRING_LENGTH))

                || (mAccountOptions != null && !mAccountOptions.isBundleContentsWithinLengthLimit(

                UserManager.MAX_ACCOUNT_OPTIONS_LENGTH))) {

            setResult(UserManager.USER_CREATION_FAILED_NOT_PERMITTED);

            Log.i(TAG, "User properties must not exceed their character limits");

            return null;

        } else if (cantCreateAnyMoreUsers) {

            setResult(UserManager.USER_CREATION_FAILED_NO_MORE_USERS);

            return null;

        }

        finish();

    }

    private boolean isUserPropertyWithinLimit(String property, int limit) {

        return property == null || property.length() <= limit;

    }

}

    }

    public boolean isUserInLockdown(int userId) {

        return getStrongAuthForUser(userId)

                == StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN;

        return (getStrongAuthForUser(userId)

                & StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN) != 0;

    }

    private static class WrappedCallback extends ICheckCredentialProgressCallback.Stub {

import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED;

import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.SOME_AUTH_REQUIRED_AFTER_TRUSTAGENT_EXPIRED;

import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_NOT_REQUIRED;

import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_LOCKOUT;

import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN;

import static com.google.common.truth.Truth.assertThat;

@SmallTest

public class LockPatternUtilsTest {

    private ILockSettings mLockSettings;

    private static final int USER_ID = 1;

    private static final int DEMO_USER_ID = 5;

    private LockPatternUtils mLockPatternUtils;

    private void configureTest(boolean isSecure, boolean isDemoUser, int deviceDemoMode)

            throws Exception {

        mLockSettings = Mockito.mock(ILockSettings.class);

        final Context context = spy(new ContextWrapper(InstrumentationRegistry.getTargetContext()));

        final MockContentResolver cr = new MockContentResolver(context);

        when(context.getContentResolver()).thenReturn(cr);

        Settings.Global.putInt(cr, Settings.Global.DEVICE_DEMO_MODE, deviceDemoMode);

        final ILockSettings ils = Mockito.mock(ILockSettings.class);

        when(ils.getCredentialType(DEMO_USER_ID)).thenReturn(

        when(mLockSettings.getCredentialType(DEMO_USER_ID)).thenReturn(

                isSecure ? LockPatternUtils.CREDENTIAL_TYPE_PASSWORD

                         : LockPatternUtils.CREDENTIAL_TYPE_NONE);

        when(ils.getLong("lockscreen.password_type", PASSWORD_QUALITY_UNSPECIFIED, DEMO_USER_ID))

                .thenReturn((long) PASSWORD_QUALITY_MANAGED);

        when(mLockSettings.getLong("lockscreen.password_type", PASSWORD_QUALITY_UNSPECIFIED,

                DEMO_USER_ID)).thenReturn((long) PASSWORD_QUALITY_MANAGED);

        // TODO(b/63758238): stop spying the class under test

        mLockPatternUtils = spy(new LockPatternUtils(context));

        when(mLockPatternUtils.getLockSettings()).thenReturn(ils);

        when(mLockPatternUtils.getLockSettings()).thenReturn(mLockSettings);

        doReturn(true).when(mLockPatternUtils).hasSecureLockScreen();

        final UserInfo userInfo = Mockito.mock(UserInfo.class);

        when(context.getSystemService(Context.USER_SERVICE)).thenReturn(um);

    }

    @Test

    public void isUserInLockDown() throws Exception {

        configureTest(true, false, 2);

        // GIVEN strong auth not required

        when(mLockSettings.getStrongAuthForUser(USER_ID)).thenReturn(STRONG_AUTH_NOT_REQUIRED);

        // THEN user isn't in lockdown

        assertFalse(mLockPatternUtils.isUserInLockdown(USER_ID));

        // GIVEN lockdown

        when(mLockSettings.getStrongAuthForUser(USER_ID)).thenReturn(

                STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN);

        // THEN user is in lockdown

        assertTrue(mLockPatternUtils.isUserInLockdown(USER_ID));

        // GIVEN lockdown and lockout

        when(mLockSettings.getStrongAuthForUser(USER_ID)).thenReturn(

                STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN | STRONG_AUTH_REQUIRED_AFTER_LOCKOUT);

        // THEN user is in lockdown

        assertTrue(mLockPatternUtils.isUserInLockdown(USER_ID));

    }

    @Test

    public void isLockScreenDisabled_isDemoUser_true() throws Exception {

        configureTest(false, true, 2);