Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 562470c2 authored by Antoan Angelov's avatar Antoan Angelov Committed by Automerger Merge Worker
Browse files

Merge "Show disclosure for organization-owned work profile" into rvc-dev am: db364714 

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/11818612

Change-Id: I5a8706e3dd8381062c1bc6b04e6f64b476f873e1
parents 179de3ff db364714

packages/SystemUI/res/values/strings.xml

+32 −32
Original line number Original line Diff line number Diff line
@@ -1091,11 +1091,11 @@ 
    <!-- Message shown when face authentication fails and the pin pad is visible. [CHAR LIMIT=60] -->

    <!-- Message shown when face authentication fails and the pin pad is visible. [CHAR LIMIT=60] -->

    <string name="keyguard_retry">Swipe up to try again</string>

    <string name="keyguard_retry">Swipe up to try again</string>





    <!-- Text on keyguard screen and in Quick Settings footer indicating that the device is enterprise-managed by a Device Owner [CHAR LIMIT=60] -->

    <!-- Text on keyguard screen and in Quick Settings footer indicating that the user's device belongs to their organization. [CHAR LIMIT=60] -->

    <string name="do_disclosure_generic">This device is managed by your organization</string>

    <string name="do_disclosure_generic">This device belongs to your organization</string>





    <!-- Text on keyguard screen and in Quick Settings footer indicating that the device is enterprise-managed by a Device Owner [CHAR LIMIT=40] -->

    <!-- Text on keyguard screen and in Quick Settings footer indicating that user's device belongs to their organization. [CHAR LIMIT=40] -->

    <string name="do_disclosure_with_name">This device is managed by <xliff:g id="organization_name" example="Foo, Inc.">%s</xliff:g></string>

    <string name="do_disclosure_with_name">This device belongs to <xliff:g id="organization_name" example="Foo, Inc.">%s</xliff:g></string>





    <!-- Shows when people have clicked on the phone icon [CHAR LIMIT=60] -->

    <!-- Shows when people have clicked on the phone icon [CHAR LIMIT=60] -->

    <string name="phone_hint">Swipe from icon for phone</string>

    <string name="phone_hint">Swipe from icon for phone</string>
@@ -1288,29 +1288,29 @@ 
    <!-- Footer vpn present text [CHAR LIMIT=50] -->

    <!-- Footer vpn present text [CHAR LIMIT=50] -->

    <string name="branded_vpn_footer">Network may be monitored</string>

    <string name="branded_vpn_footer">Network may be monitored</string>





    <!-- Disclosure at the bottom of Quick Settings that indicates that the device has a device owner that can monitor the network traffic [CHAR LIMIT=100] -->

    <!-- Disclosure at the bottom of Quick Settings that indicates that the user's device belongs to their organization, and the organization can monitor network traffic on that device. [CHAR LIMIT=100] -->

    <string name="quick_settings_disclosure_management_monitoring">Your organization manages this device and may monitor network traffic</string>

    <string name="quick_settings_disclosure_management_monitoring">Your organization owns this device and may monitor network traffic</string>





    <!-- Disclosure at the bottom of Quick Settings that indicates that the device has a device owner that can monitor the network traffic [CHAR LIMIT=100] -->

    <!-- Disclosure at the bottom of Quick Settings that indicates that the user's device belongs to their organization, and the organization can monitor network traffic on that device. The placeholder is the organization's name. [CHAR LIMIT=100] -->

    <string name="quick_settings_disclosure_named_management_monitoring"><xliff:g id="organization_name" example="Foo, Inc.">%1$s</xliff:g> manages this device and may monitor network traffic</string>

    <string name="quick_settings_disclosure_named_management_monitoring"><xliff:g id="organization_name" example="Foo, Inc.">%1$s</xliff:g> owns this device and may monitor network traffic</string>





    <!-- Disclosure at the bottom of Quick Settings that indicates that the device has a device owner and is connected to a VPN [CHAR LIMIT=100] -->

    <!-- Disclosure at the bottom of Quick Settings that indicates that the user's device belongs to their organization, and the device is connected to a VPN. The placeholder is the VPN name. [CHAR LIMIT=100] -->

    <string name="quick_settings_disclosure_management_named_vpn">Device is managed by your organization and connected to <xliff:g id="vpn_app" example="Foo VPN App">%1$s</xliff:g></string>

    <string name="quick_settings_disclosure_management_named_vpn">This device belongs to your organization and is connected to <xliff:g id="vpn_app" example="Foo VPN App">%1$s</xliff:g></string>





    <!-- Disclosure at the bottom of Quick Settings that indicates that the device has a device owner and is connected to a VPN [CHAR LIMIT=100] -->

    <!-- Disclosure at the bottom of Quick Settings that indicates that the user's device belongs to their organization, and the device is connected to a VPN. The first placeholder is the organization name, and the second placeholder is the VPN name. [CHAR LIMIT=100] -->

    <string name="quick_settings_disclosure_named_management_named_vpn">Device is managed by <xliff:g id="organization_name" example="Foo, Inc.">%1$s</xliff:g> and connected to <xliff:g id="vpn_app" example="Foo VPN App">%2$s</xliff:g></string>

    <string name="quick_settings_disclosure_named_management_named_vpn">This device belongs to <xliff:g id="organization_name" example="Foo, Inc.">%1$s</xliff:g> and is connected to <xliff:g id="vpn_app" example="Foo VPN App">%2$s</xliff:g></string>





    <!-- Disclosure at the bottom of Quick Settings that indicates that the device has a device owner [CHAR LIMIT=100] -->

    <!-- Disclosure at the bottom of Quick Settings that indicates that the user's device belongs to their organization. [CHAR LIMIT=100] -->

    <string name="quick_settings_disclosure_management">Device is managed by your organization</string>

    <string name="quick_settings_disclosure_management">This device belongs to your organization</string>





    <!-- Disclosure at the bottom of Quick Settings that indicates that the device has a device owner [CHAR LIMIT=100] -->

    <!-- Disclosure at the bottom of Quick Settings that indicates that the user's device belongs to their organization. The placeholder is the organization's name. [CHAR LIMIT=100] -->

    <string name="quick_settings_disclosure_named_management">Device is managed by <xliff:g id="organization_name" example="Foo, Inc.">%1$s</xliff:g></string>

    <string name="quick_settings_disclosure_named_management">This device belongs to <xliff:g id="organization_name" example="Foo, Inc.">%1$s</xliff:g></string>





    <!-- Disclosure at the bottom of Quick Settings that indicates that the device has a device owner and is connected to two VPNs, one in the current user, one in the managed profile [CHAR LIMIT=100] -->

    <!-- Disclosure at the bottom of Quick Settings that indicates that the user's device belongs to their organization, and the device is connected to multiple VPNs. [CHAR LIMIT=100] -->

    <string name="quick_settings_disclosure_management_vpns">Device is managed by your organization and connected to VPNs</string>

    <string name="quick_settings_disclosure_management_vpns">This device belongs to your organization and is connected to VPNs</string>





    <!-- Disclosure at the bottom of Quick Settings that indicates that the device has a device owner and is connected to two VPNs, one in the current user, one in the managed profile [CHAR LIMIT=100] -->

    <!-- Disclosure at the bottom of Quick Settings that indicates that the user's device belongs to their organization, and the device is connected to multiple VPNs. The placeholder is the organization's name. [CHAR LIMIT=100] -->

    <string name="quick_settings_disclosure_named_management_vpns">Device is managed by <xliff:g id="organization_name" example="Foo, Inc.">%1$s</xliff:g> and connected to VPNs</string>

    <string name="quick_settings_disclosure_named_management_vpns">This device belongs to <xliff:g id="organization_name" example="Foo, Inc.">%1$s</xliff:g> and is connected to VPNs</string>





    <!-- Disclosure at the bottom of Quick Settings that indicates that the device has a managed profile which can be monitored by the profile owner [CHAR LIMIT=100] -->

    <!-- Disclosure at the bottom of Quick Settings that indicates that the device has a managed profile which can be monitored by the profile owner [CHAR LIMIT=100] -->

    <string name="quick_settings_disclosure_managed_profile_monitoring">Your organization may monitor network traffic in your work profile</string>

    <string name="quick_settings_disclosure_managed_profile_monitoring">Your organization may monitor network traffic in your work profile</string>
@@ -1321,17 +1321,17 @@ 
    <!-- Disclosure at the bottom of Quick Settings that indicates that a certificate authorithy is installed on this device and the traffic might be monitored [CHAR LIMIT=100] -->

    <!-- Disclosure at the bottom of Quick Settings that indicates that a certificate authorithy is installed on this device and the traffic might be monitored [CHAR LIMIT=100] -->

    <string name="quick_settings_disclosure_monitoring">Network may be monitored</string>

    <string name="quick_settings_disclosure_monitoring">Network may be monitored</string>





    <!-- Disclosure at the bottom of Quick Settings that indicates that the device is connected to two VPNs, one in the current user, one in the managed profile [CHAR LIMIT=100] -->

    <!-- Disclosure at the bottom of Quick Settings that indicates that the device is connected to multiple VPNs. [CHAR LIMIT=100] -->

    <string name="quick_settings_disclosure_vpns">Device connected to VPNs</string>

    <string name="quick_settings_disclosure_vpns">This device is connected to VPNs</string>





    <!-- Disclosure at the bottom of Quick Settings that indicates that the device is connected to a VPN in the work profile [CHAR LIMIT=100] -->

    <!-- Disclosure at the bottom of Quick Settings that indicates that the device is connected to a VPN in the work profile. The placeholder is the VPN name. [CHAR LIMIT=100] -->

    <string name="quick_settings_disclosure_managed_profile_named_vpn">Work profile connected to <xliff:g id="vpn_app" example="Foo VPN App">%1$s</xliff:g></string>

    <string name="quick_settings_disclosure_managed_profile_named_vpn">Your work profile is connected to <xliff:g id="vpn_app" example="Foo VPN App">%1$s</xliff:g></string>





    <!-- Disclosure at the bottom of Quick Settings that indicates that the device is connected to a VPN in the personal profile (as opposed to the work profile) [CHAR LIMIT=100] -->

    <!-- Disclosure at the bottom of Quick Settings that indicates that the device is connected to a VPN in the personal profile (instead of the work profile). The placeholder is the VPN name. [CHAR LIMIT=100] -->

    <string name="quick_settings_disclosure_personal_profile_named_vpn">Personal profile connected to <xliff:g id="vpn_app" example="Foo VPN App">%1$s</xliff:g></string>

    <string name="quick_settings_disclosure_personal_profile_named_vpn">Your personal profile is connected to <xliff:g id="vpn_app" example="Foo VPN App">%1$s</xliff:g></string>





    <!-- Disclosure at the bottom of Quick Settings that indicates that the device is connected to a VPN [CHAR LIMIT=100] -->

    <!-- Disclosure at the bottom of Quick Settings that indicates that the device is connected to a VPN. The placeholder is the VPN name. [CHAR LIMIT=100] -->

    <string name="quick_settings_disclosure_named_vpn">Device connected to <xliff:g id="vpn_app" example="Foo VPN App">%1$s</xliff:g></string>

    <string name="quick_settings_disclosure_named_vpn">This device is connected to <xliff:g id="vpn_app" example="Foo VPN App">%1$s</xliff:g></string>





    <!-- Monitoring dialog title for device owned devices [CHAR LIMIT=35] -->

    <!-- Monitoring dialog title for device owned devices [CHAR LIMIT=35] -->

    <string name="monitoring_title_device_owned">Device management</string>

    <string name="monitoring_title_device_owned">Device management</string>
@@ -1361,11 +1361,11 @@ 
    <!-- Monitoring dialog label for button opening a page with more information on the admin's abilities [CHAR LIMIT=30] -->

    <!-- Monitoring dialog label for button opening a page with more information on the admin's abilities [CHAR LIMIT=30] -->

    <string name="monitoring_button_view_policies">View Policies</string>

    <string name="monitoring_button_view_policies">View Policies</string>





    <!-- Monitoring dialog: Description of the device owner by name. [CHAR LIMIT=NONE]-->

    <!-- Dialog that a user can access via Quick Settings. The dialog describes what the IT admin can monitor (and the changes they can make) on the user's device. [CHAR LIMIT=NONE]-->

    <string name="monitoring_description_named_management">Your device is managed by <xliff:g id="organization_name" example="Foo, Inc.">%1$s</xliff:g>.\n\nYour admin can monitor and manage settings, corporate access, apps, data associated with your device, and your device\'s location information.\n\nFor more information, contact your admin.</string>

    <string name="monitoring_description_named_management">This device belongs to <xliff:g id="organization_name" example="Foo, Inc.">%1$s</xliff:g>.\n\nYour IT admin can monitor and manage settings, corporate access, apps, data associated with your device, and your device\'s location information.\n\nFor more information, contact your IT admin.</string>





    <!-- Monitoring dialog: Description of a device owner. [CHAR LIMIT=NONE]-->

    <!-- Dialog that a user can access via Quick Settings. The dialog describes what the IT admin can monitor (and the changes they can make) on the user's device. [CHAR LIMIT=NONE]-->

    <string name="monitoring_description_management">Your device is managed by your organization.\n\nYour admin can monitor and manage settings, corporate access, apps, data associated with your device, and your device\'s location information.\n\nFor more information, contact your admin.</string>

    <string name="monitoring_description_management">This device belongs to your organization.\n\nYour IT admin can monitor and manage settings, corporate access, apps, data associated with your device, and your device\'s location information.\n\nFor more information, contact your IT admin.</string>





    <!-- Monitoring dialog: Description of a CA Certificate. [CHAR LIMIT=NONE]-->

    <!-- Monitoring dialog: Description of a CA Certificate. [CHAR LIMIT=NONE]-->

    <string name="monitoring_description_management_ca_certificate">Your organization installed a certificate authority on this device. Your secure network traffic may be monitored or modified.</string>

    <string name="monitoring_description_management_ca_certificate">Your organization installed a certificate authority on this device. Your secure network traffic may be monitored or modified.</string>

packages/SystemUI/src/com/android/systemui/qs/QSSecurityFooter.java

+20 −7
Original line number Original line Diff line number Diff line
@@ -148,14 +148,19 @@ public class QSSecurityFooter implements OnClickListener, DialogInterface.OnClic 
        final String vpnName = mSecurityController.getPrimaryVpnName();

        final String vpnName = mSecurityController.getPrimaryVpnName();

        final String vpnNameWorkProfile = mSecurityController.getWorkProfileVpnName();

        final String vpnNameWorkProfile = mSecurityController.getWorkProfileVpnName();

        final CharSequence organizationName = mSecurityController.getDeviceOwnerOrganizationName();

        final CharSequence organizationName = mSecurityController.getDeviceOwnerOrganizationName();

        final CharSequence workProfileName = mSecurityController.getWorkProfileOrganizationName();

        final CharSequence workProfileOrganizationName =

                mSecurityController.getWorkProfileOrganizationName();

        final boolean isProfileOwnerOfOrganizationOwnedDevice =

                mSecurityController.isProfileOwnerOfOrganizationOwnedDevice();

        // Update visibility of footer

        // Update visibility of footer

        mIsVisible = (isDeviceManaged && !isDemoDevice) || hasCACerts || hasCACertsInWorkProfile ||

        mIsVisible = (isDeviceManaged && !isDemoDevice) || hasCACerts || hasCACertsInWorkProfile

            vpnName != null || vpnNameWorkProfile != null;

                || vpnName != null || vpnNameWorkProfile != null

                || isProfileOwnerOfOrganizationOwnedDevice;

        // Update the string

        // Update the string

        mFooterTextContent = getFooterText(isDeviceManaged, hasWorkProfile,

        mFooterTextContent = getFooterText(isDeviceManaged, hasWorkProfile,

                hasCACerts, hasCACertsInWorkProfile, isNetworkLoggingEnabled, vpnName,

                hasCACerts, hasCACertsInWorkProfile, isNetworkLoggingEnabled, vpnName,

                vpnNameWorkProfile, organizationName, workProfileName);

                vpnNameWorkProfile, organizationName, workProfileOrganizationName,

                isProfileOwnerOfOrganizationOwnedDevice);

        // Update the icon

        // Update the icon

        int footerIconId = R.drawable.ic_info_outline;

        int footerIconId = R.drawable.ic_info_outline;

        if (vpnName != null || vpnNameWorkProfile != null) {

        if (vpnName != null || vpnNameWorkProfile != null) {
@@ -175,7 +180,8 @@ public class QSSecurityFooter implements OnClickListener, DialogInterface.OnClic 
    protected CharSequence getFooterText(boolean isDeviceManaged, boolean hasWorkProfile,

    protected CharSequence getFooterText(boolean isDeviceManaged, boolean hasWorkProfile,

            boolean hasCACerts, boolean hasCACertsInWorkProfile, boolean isNetworkLoggingEnabled,

            boolean hasCACerts, boolean hasCACertsInWorkProfile, boolean isNetworkLoggingEnabled,

            String vpnName, String vpnNameWorkProfile, CharSequence organizationName,

            String vpnName, String vpnNameWorkProfile, CharSequence organizationName,

            CharSequence workProfileName) {

            CharSequence workProfileOrganizationName,

            boolean isProfileOwnerOfOrganizationOwnedDevice) {

        if (isDeviceManaged || DEBUG_FORCE_VISIBLE) {

        if (isDeviceManaged || DEBUG_FORCE_VISIBLE) {

            if (hasCACerts || hasCACertsInWorkProfile || isNetworkLoggingEnabled) {

            if (hasCACerts || hasCACertsInWorkProfile || isNetworkLoggingEnabled) {

                if (organizationName == null) {

                if (organizationName == null) {
@@ -211,13 +217,13 @@ public class QSSecurityFooter implements OnClickListener, DialogInterface.OnClic 
                    organizationName);

                    organizationName);

        } // end if(isDeviceManaged)

        } // end if(isDeviceManaged)

        if (hasCACertsInWorkProfile) {

        if (hasCACertsInWorkProfile) {

            if (workProfileName == null) {

            if (workProfileOrganizationName == null) {

                return mContext.getString(

                return mContext.getString(

                        R.string.quick_settings_disclosure_managed_profile_monitoring);

                        R.string.quick_settings_disclosure_managed_profile_monitoring);

            }

            }

            return mContext.getString(

            return mContext.getString(

                    R.string.quick_settings_disclosure_named_managed_profile_monitoring,

                    R.string.quick_settings_disclosure_named_managed_profile_monitoring,

                    workProfileName);

                    workProfileOrganizationName);

        }

        }

        if (hasCACerts) {

        if (hasCACerts) {

            return mContext.getString(R.string.quick_settings_disclosure_monitoring);

            return mContext.getString(R.string.quick_settings_disclosure_monitoring);
@@ -238,6 +244,13 @@ public class QSSecurityFooter implements OnClickListener, DialogInterface.OnClic 
            return mContext.getString(R.string.quick_settings_disclosure_named_vpn,

            return mContext.getString(R.string.quick_settings_disclosure_named_vpn,

                    vpnName);

                    vpnName);

        }

        }

        if (isProfileOwnerOfOrganizationOwnedDevice) {

            if (workProfileOrganizationName == null) {

                return mContext.getString(R.string.quick_settings_disclosure_management);

            }

            return mContext.getString(R.string.quick_settings_disclosure_named_management,

                    workProfileOrganizationName);

        }

        return null;

        return null;

    }

    }

packages/SystemUI/src/com/android/systemui/statusbar/policy/SecurityController.java

+2 −0
Original line number Original line Diff line number Diff line
@@ -24,6 +24,8 @@ public interface SecurityController extends CallbackController<SecurityControlle 
    boolean isDeviceManaged();

    boolean isDeviceManaged();

    boolean hasProfileOwner();

    boolean hasProfileOwner();

    boolean hasWorkProfile();

    boolean hasWorkProfile();

    /** Whether this device is organization-owned with a work profile **/

    boolean isProfileOwnerOfOrganizationOwnedDevice();

    String getDeviceOwnerName();

    String getDeviceOwnerName();

    String getProfileOwnerName();

    String getProfileOwnerName();

    CharSequence getDeviceOwnerOrganizationName();

    CharSequence getDeviceOwnerOrganizationName();

packages/SystemUI/src/com/android/systemui/statusbar/policy/SecurityControllerImpl.java

+5 −0
Original line number Original line Diff line number Diff line
@@ -206,6 +206,11 @@ public class SecurityControllerImpl extends CurrentUserTracker implements Securi 
        return getWorkProfileUserId(mCurrentUserId) != UserHandle.USER_NULL;

        return getWorkProfileUserId(mCurrentUserId) != UserHandle.USER_NULL;

    }

    }





    @Override

    public boolean isProfileOwnerOfOrganizationOwnedDevice() {

        return mDevicePolicyManager.isOrganizationOwnedDeviceWithManagedProfile();

    }



    @Override

    @Override

    public String getWorkProfileVpnName() {

    public String getWorkProfileVpnName() {

        final int profileId = getWorkProfileUserId(mVpnUserId);

        final int profileId = getWorkProfileUserId(mVpnUserId);

packages/SystemUI/tests/src/com/android/systemui/qs/QSSecurityFooterTest.java

+28 −0
Original line number Original line Diff line number Diff line
@@ -96,6 +96,7 @@ public class QSSecurityFooterTest extends SysuiTestCase { 
    @Test

    @Test

    public void testUnmanaged() {

    public void testUnmanaged() {

        when(mSecurityController.isDeviceManaged()).thenReturn(false);

        when(mSecurityController.isDeviceManaged()).thenReturn(false);

        when(mSecurityController.isProfileOwnerOfOrganizationOwnedDevice()).thenReturn(false);

        mFooter.refreshState();

        mFooter.refreshState();





        TestableLooper.get(this).processAllMessages();

        TestableLooper.get(this).processAllMessages();
@@ -316,6 +317,33 @@ public class QSSecurityFooterTest extends SysuiTestCase { 
                     mFooterText.getText());

                     mFooterText.getText());

    }

    }





    @Test

    public void testProfileOwnerOfOrganizationOwnedDeviceNoName() {

        when(mSecurityController.isProfileOwnerOfOrganizationOwnedDevice()).thenReturn(true);



        mFooter.refreshState();

        TestableLooper.get(this).processAllMessages();



        assertEquals(mContext.getString(

                R.string.quick_settings_disclosure_management),

                mFooterText.getText());

    }



    @Test

    public void testProfileOwnerOfOrganizationOwnedDeviceWithName() {

        when(mSecurityController.isProfileOwnerOfOrganizationOwnedDevice()).thenReturn(true);

        when(mSecurityController.getWorkProfileOrganizationName())

                .thenReturn(MANAGING_ORGANIZATION);



        mFooter.refreshState();

        TestableLooper.get(this).processAllMessages();



        assertEquals(mContext.getString(

                R.string.quick_settings_disclosure_named_management,

                MANAGING_ORGANIZATION),

                mFooterText.getText());

    }



    @Test

    @Test

    public void testVpnEnabled() {

    public void testVpnEnabled() {

        when(mSecurityController.isVpnEnabled()).thenReturn(true);

        when(mSecurityController.isVpnEnabled()).thenReturn(true);