Merge "Add BiometricActionDisabledByAdminController" into sc-dev am: c3e64b14

     */

    int TYPE_FACE = 1 << 3;

    /**

     * @hide

     */

    int TYPE_ANY_BIOMETRIC = TYPE_FINGERPRINT | TYPE_IRIS | TYPE_FACE;

    @IntDef(flag = true, value = {

            TYPE_NONE,

            TYPE_CREDENTIAL,

    public static final String DISALLOW_CAMERA_TOGGLE =

            "disallow_camera_toggle";

    /**

     * This is really not a user restriction in the normal sense. This can't be set to a user,

     * via UserManager nor via DevicePolicyManager. This is not even set in UserSettingsUtils.

     * This is defined here purely for convenience within the settings app.

     *

     * TODO(b/191306258): Refactor the Settings app to remove the need for this field, and delete it

     *

     * Specifies whether biometrics are available to the user. This is used internally only,

     * as a means of communications between biometric settings and

     * {@link com.android.settingslib.enterprise.ActionDisabledByAdminControllerFactory}.

     *

     * @see {@link android.hardware.biometrics.ParentalControlsUtilsInternal}

     * @see {@link com.android.settings.biometrics.ParentalControlsUtils}

     *

     * @hide

     */

    public static final String DISALLOW_BIOMETRIC = "disallow_biometric";

    /**

     * Application restriction key that is used to indicate the pending arrival

     * of real restrictions for the app.

            DISALLOW_MICROPHONE_TOGGLE,

            DISALLOW_CAMERA_TOGGLE,

            KEY_RESTRICTIONS_PENDING,

            DISALLOW_BIOMETRIC,

    })

    @Retention(RetentionPolicy.SOURCE)

    public @interface UserRestrictionKey {}

import android.annotation.UserIdInt;

import android.content.Context;

import android.content.DialogInterface;

import androidx.annotation.Nullable;

     * Updates the enforced admin

     */

    void updateEnforcedAdmin(RestrictedLockUtils.EnforcedAdmin admin, @UserIdInt int adminUserId);

    /**

     * Returns a listener for handling positive button clicks

     */

    @Nullable

    default DialogInterface.OnClickListener getPositiveButtonListener() {

        return null;

    }

}

import android.app.admin.DevicePolicyManager;

import android.content.Context;

import android.hardware.biometrics.BiometricAuthenticator;

import android.hardware.biometrics.ParentalControlsUtilsInternal;

import android.os.UserHandle;

import android.os.UserManager;

import android.text.TextUtils;

/**

 * A factory that returns the relevant instance of {@link ActionDisabledByAdminController}.

     * Returns the relevant instance of {@link ActionDisabledByAdminController}.

     */

    public static ActionDisabledByAdminController createInstance(Context context,

            DeviceAdminStringProvider stringProvider) {

        return isFinancedDevice(context)

                ? new FinancedDeviceActionDisabledByAdminController(stringProvider)

                : new ManagedDeviceActionDisabledByAdminController(stringProvider);

            String restriction, DeviceAdminStringProvider stringProvider) {

        if (doesBiometricRequireParentalConsent(context, restriction)) {

            return new BiometricActionDisabledByAdminController(stringProvider);

        } else if (isFinancedDevice(context)) {

            return new FinancedDeviceActionDisabledByAdminController(stringProvider);

        } else {

            return new ManagedDeviceActionDisabledByAdminController(stringProvider);

        }

    }

    /**

     * @return true if the restriction == UserManager.DISALLOW_BIOMETRIC and parental consent

     * is required.

     */

    private static boolean doesBiometricRequireParentalConsent(Context context,

            String restriction) {

        if (!TextUtils.equals(UserManager.DISALLOW_BIOMETRIC, restriction)) {

            return false;

        }

        DevicePolicyManager dpm = context.getSystemService(DevicePolicyManager.class);

        return ParentalControlsUtilsInternal.parentConsentRequired(context, dpm,

                BiometricAuthenticator.TYPE_ANY_BIOMETRIC, new UserHandle(UserHandle.myUserId()));

    }

    private static boolean isFinancedDevice(Context context) {

/*

 * Copyright (C) 2021 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package com.android.settingslib.enterprise;

import android.content.Context;

import android.content.DialogInterface;

import android.util.Log;

import androidx.annotation.Nullable;

public class BiometricActionDisabledByAdminController extends BaseActionDisabledByAdminController {

    private static final String TAG = "BiometricActionDisabledByAdminController";

    BiometricActionDisabledByAdminController(

            DeviceAdminStringProvider stringProvider) {

        super(stringProvider);

    }

    @Override

    public void setupLearnMoreButton(Context context) {

    }

    @Override

    public String getAdminSupportTitle(@Nullable String restriction) {

        return mStringProvider.getDisabledBiometricsParentConsentTitle();

    }

    @Override

    public CharSequence getAdminSupportContentString(Context context,

            @Nullable CharSequence supportMessage) {

        return mStringProvider.getDisabledBiometricsParentConsentContent();

    }

    @Override

    public DialogInterface.OnClickListener getPositiveButtonListener() {

        return (dialog, which) -> {

            Log.d(TAG, "Positive button clicked");

            // TODO(b/188847063) Launch appropriate intent

        };

    }

}