Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c30ecdc7 authored by Hani Kazmi's avatar Hani Kazmi
Browse files

Update Special App Access Compose Components for ECM 

This is the first in a series of changes to wire up all app settings to
be ECM restrictable. We introduce a new method in
RestrictedLockUtilsInternal which determines whether or not a setting is
restricted based on a passed in key. It currently duplicates the current
implementation, but will eventually be replaced by a call to permissions
mainline.

The settings under SpaPrivileged are then updated to have a new
BlockedByEcm which is decided by the RestrictedLockUtilsInternal call.

Enable ECM restrictions for Usage Access and Device Admin

Bug: 297372999
Test: Manually tested on device. Automated Tests at end of chain
Change-Id: I4da9cb3309723682101b7c40af4e66683e5917e7
parent 874cb8e5

packages/SettingsLib/SpaPrivileged/src/com/android/settingslib/spaprivileged/model/enterprise/RestrictedMode.kt

+16 −0
Original line number Original line Diff line number Diff line
@@ -18,6 +18,7 @@ package com.android.settingslib.spaprivileged.model.enterprise 




import android.app.admin.DevicePolicyResources.Strings.Settings

import android.app.admin.DevicePolicyResources.Strings.Settings

import android.content.Context

import android.content.Context

import android.content.Intent

import com.android.settingslib.RestrictedLockUtils

import com.android.settingslib.RestrictedLockUtils

import com.android.settingslib.widget.restricted.R

import com.android.settingslib.widget.restricted.R
@@ -32,6 +33,11 @@ interface BlockedByAdmin : RestrictedMode { 
    fun sendShowAdminSupportDetailsIntent()

    fun sendShowAdminSupportDetailsIntent()

}

}





interface BlockedByEcm : RestrictedMode {

    fun showRestrictedSettingsDetails()

}





internal data class BlockedByAdminImpl(

internal data class BlockedByAdminImpl(

    private val context: Context,

    private val context: Context,

    private val enforcedAdmin: RestrictedLockUtils.EnforcedAdmin,

    private val enforcedAdmin: RestrictedLockUtils.EnforcedAdmin,
@@ -55,3 +61,13 @@ internal data class BlockedByAdminImpl( 
        RestrictedLockUtils.sendShowAdminSupportDetailsIntent(context, enforcedAdmin)

        RestrictedLockUtils.sendShowAdminSupportDetailsIntent(context, enforcedAdmin)

    }

    }

}

}



internal data class BlockedByEcmImpl(

    private val context: Context,

    private val intent: Intent,

) : BlockedByEcm {



    override fun showRestrictedSettingsDetails() {

        context.startActivity(intent)

    }

}

packages/SettingsLib/SpaPrivileged/src/com/android/settingslib/spaprivileged/model/enterprise/RestrictionsProvider.kt

+19 −1
Original line number Original line Diff line number Diff line
@@ -29,10 +29,20 @@ import kotlinx.coroutines.Dispatchers 
import kotlinx.coroutines.flow.flow

import kotlinx.coroutines.flow.flow

import kotlinx.coroutines.flow.flowOn

import kotlinx.coroutines.flow.flowOn





data class EnhancedConfirmation(

    val key: String,

    val uid: Int,

    val packageName: String,

)

data class Restrictions(

data class Restrictions(

    val userId: Int = UserHandle.myUserId(),

    val userId: Int = UserHandle.myUserId(),

    val keys: List<String>,

    val keys: List<String>,

)

    val enhancedConfirmation: EnhancedConfirmation? = null,

) {

    fun isEmpty(): Boolean {

        return keys.isEmpty() && enhancedConfirmation == null

    }

}





interface RestrictionsProvider {

interface RestrictionsProvider {

    @Composable

    @Composable
@@ -77,6 +87,14 @@ internal class RestrictionsProviderImpl( 
                .checkIfRestrictionEnforced(context, key, restrictions.userId)

                .checkIfRestrictionEnforced(context, key, restrictions.userId)

                ?.let { return BlockedByAdminImpl(context = context, enforcedAdmin = it) }

                ?.let { return BlockedByAdminImpl(context = context, enforcedAdmin = it) }

        }

        }



        restrictions.enhancedConfirmation?.let { ec ->

            RestrictedLockUtilsInternal

                    .checkIfRequiresEnhancedConfirmation(context, ec.key,

                        ec.uid, ec.packageName)

                    ?.let { intent -> return BlockedByEcmImpl(context = context, intent = intent) }

        }



        return NoRestricted

        return NoRestricted

    }

    }

}
 
}

packages/SettingsLib/SpaPrivileged/src/com/android/settingslib/spaprivileged/template/app/AppOpPermissionAppList.kt

+3 −0
Original line number Original line Diff line number Diff line
@@ -47,6 +47,9 @@ abstract class AppOpPermissionListModel( 
    abstract val appOp: Int

    abstract val appOp: Int

    abstract val permission: String

    abstract val permission: String





    override val enhancedConfirmationKey: String?

        get() = AppOpsManager.opToPublicName(appOp)



    /**

    /**

     * When set, specifies the broader permission who trumps the [permission].

     * When set, specifies the broader permission who trumps the [permission].

     *

     *

packages/SettingsLib/SpaPrivileged/src/com/android/settingslib/spaprivileged/template/app/TogglePermissionAppInfoPage.kt

+7 −1
Original line number Original line Diff line number Diff line
@@ -41,6 +41,7 @@ import com.android.settingslib.spaprivileged.model.app.AppRecord 
import com.android.settingslib.spaprivileged.model.app.IPackageManagers

import com.android.settingslib.spaprivileged.model.app.IPackageManagers

import com.android.settingslib.spaprivileged.model.app.PackageManagers

import com.android.settingslib.spaprivileged.model.app.PackageManagers

import com.android.settingslib.spaprivileged.model.app.toRoute

import com.android.settingslib.spaprivileged.model.app.toRoute

import com.android.settingslib.spaprivileged.model.enterprise.EnhancedConfirmation

import com.android.settingslib.spaprivileged.model.enterprise.Restrictions

import com.android.settingslib.spaprivileged.model.enterprise.Restrictions

import com.android.settingslib.spaprivileged.model.enterprise.RestrictionsProviderFactory

import com.android.settingslib.spaprivileged.model.enterprise.RestrictionsProviderFactory

import com.android.settingslib.spaprivileged.model.enterprise.RestrictionsProviderImpl

import com.android.settingslib.spaprivileged.model.enterprise.RestrictionsProviderImpl
@@ -154,7 +155,12 @@ internal fun <T : AppRecord> TogglePermissionAppListModel<T>.TogglePermissionApp 
            override val changeable = { isChangeable }

            override val changeable = { isChangeable }

            override val onCheckedChange: (Boolean) -> Unit = { setAllowed(record, it) }

            override val onCheckedChange: (Boolean) -> Unit = { setAllowed(record, it) }

        }

        }

        val restrictions = Restrictions(userId, switchRestrictionKeys)

        val restrictions = Restrictions(userId = userId,

            keys = switchRestrictionKeys,

            enhancedConfirmation = enhancedConfirmationKey?.let { EnhancedConfirmation(

                key = it,

                uid = checkNotNull(applicationInfo).uid,

                packageName = packageName) })

        RestrictedSwitchPreference(switchModel, restrictions, restrictionsProviderFactory)

        RestrictedSwitchPreference(switchModel, restrictions, restrictionsProviderFactory)

    }

    }

}

}

packages/SettingsLib/SpaPrivileged/src/com/android/settingslib/spaprivileged/template/app/TogglePermissionAppList.kt

+3 −0
Original line number Original line Diff line number Diff line
@@ -36,6 +36,9 @@ interface TogglePermissionAppListModel<T : AppRecord> { 
    val switchRestrictionKeys: List<String>

    val switchRestrictionKeys: List<String>

        get() = emptyList()

        get() = emptyList()





    val enhancedConfirmationKey: String?

        get() = null



    /**

    /**

     * Loads the extra info for the App List, and generates the [AppRecord] List.

     * Loads the extra info for the App List, and generates the [AppRecord] List.

     *

     *