Merge "Include the biometricEnabled state in the fingerprintEnabled state" into main

/**

 * Acts as source of truth for biometric authentication related settings like enrollments, device

 * policy, etc.

 * policy specifically for device entry usage.

 *

 * Abstracts-away data sources and their schemas so the rest of the app doesn't need to worry about

 * upstream changes.

interface BiometricSettingsRepository {

    /**

     * If the current user can enter the device using fingerprint. This is true if user has enrolled

     * fingerprints and fingerprint auth is not disabled through settings/device policy

     * fingerprints and fingerprint auth is not disabled for device entry through settings and

     * device policy

     */

    val isFingerprintEnrolledAndEnabled: StateFlow<Boolean>

            }

        }

    private val isFaceEnabledByBiometricsManagerForCurrentUser: Flow<Boolean> =

    private val areBiometricsEnabledForCurrentUser: Flow<Boolean> =

        userRepository.selectedUserInfo.flatMapLatest { userInfo ->

            isFaceEnabledByBiometricsManager.map { biometricsEnabledForUser[userInfo.id] ?: false }

            areBiometricsEnabledForDeviceEntryFromUserSetting.map {

                biometricsEnabledForUser[userInfo.id] ?: false

            }

        }

    private val isFaceEnabledByDevicePolicy: Flow<Boolean> =

            .distinctUntilChanged()

    private val isFaceAuthenticationEnabled: Flow<Boolean> =

        combine(isFaceEnabledByBiometricsManagerForCurrentUser, isFaceEnabledByDevicePolicy) {

        combine(areBiometricsEnabledForCurrentUser, isFaceEnabledByDevicePolicy) {

            biometricsManagerSetting,

            devicePolicySetting ->

            biometricsManagerSetting && devicePolicySetting

        }

    private val isFaceEnabledByBiometricsManager: Flow<Pair<Int, Boolean>> =

    private val areBiometricsEnabledForDeviceEntryFromUserSetting: Flow<Pair<Int, Boolean>> =

        conflatedCallbackFlow {

                val callback =

                    object : IBiometricEnabledOnKeyguardCallback.Stub() {

    override val isFingerprintEnrolledAndEnabled: StateFlow<Boolean> =

        isFingerprintEnrolled

            .and(areBiometricsEnabledForCurrentUser)

            .and(isFingerprintEnabledByDevicePolicy)

            .stateIn(scope, SharingStarted.Eagerly, false)

    fun fingerprintEnrollmentChange() =

        testScope.runTest {

            createBiometricSettingsRepository()

            biometricsAreEnabledBySettings()

            val fingerprintAllowed = collectLastValue(underTest.isFingerprintEnrolledAndEnabled)

            runCurrent()

            assertThat(fingerprintAllowed()).isFalse()

        }

    @Test

    fun fingerprintEnabledStateChange() =

        testScope.runTest {

            createBiometricSettingsRepository()

            biometricsAreEnabledBySettings()

            val fingerprintAllowed = collectLastValue(underTest.isFingerprintEnrolledAndEnabled)

            runCurrent()

            // start state

            whenever(authController.isFingerprintEnrolled(anyInt())).thenReturn(true)

            enrollmentChange(UNDER_DISPLAY_FINGERPRINT, PRIMARY_USER_ID, true)

            assertThat(fingerprintAllowed()).isTrue()

            // when biometrics are not enabled by settings

            biometricsAreNotEnabledBySettings()

            assertThat(fingerprintAllowed()).isFalse()

            // when biometrics are enabled by settings

            biometricsAreEnabledBySettings()

            assertThat(fingerprintAllowed()).isTrue()

        }

    @Test

    fun strongBiometricAllowedChange() =

        testScope.runTest {

            fingerprintIsEnrolled()

            doNotDisableKeyguardAuthFeatures()

            createBiometricSettingsRepository()

            biometricsAreEnabledBySettings()

            val strongBiometricAllowed by

                collectLastValue(underTest.isFingerprintAuthCurrentlyAllowed)

            createBiometricSettingsRepository()

            val convenienceFaceAuthAllowed by collectLastValue(underTest.isFaceAuthCurrentlyAllowed)

            doNotDisableKeyguardAuthFeatures()

            faceAuthIsEnabledByBiometricManager()

            biometricsAreEnabledBySettings()

            onStrongAuthChanged(STRONG_AUTH_NOT_REQUIRED, PRIMARY_USER_ID)

            onNonStrongAuthChanged(true, PRIMARY_USER_ID)

            faceAuthIsNonStrongBiometric()

            faceAuthIsEnrolled()

            doNotDisableKeyguardAuthFeatures()

            biometricsAreEnabledBySettings()

            val convenienceBiometricAllowed = collectLastValue(underTest.isFaceAuthCurrentlyAllowed)

            runCurrent()

            faceAuthIsEnrolled()

            createBiometricSettingsRepository()

            doNotDisableKeyguardAuthFeatures()

            faceAuthIsEnabledByBiometricManager()

            biometricsAreEnabledBySettings()

            runCurrent()

            val convenienceBiometricAllowed by

        testScope.runTest {

            fingerprintIsEnrolled(PRIMARY_USER_ID)

            createBiometricSettingsRepository()

            biometricsAreEnabledBySettings()

            val fingerprintEnabledByDevicePolicy =

                collectLastValue(underTest.isFingerprintEnrolledAndEnabled)

            createBiometricSettingsRepository()

            val faceAuthAllowed = collectLastValue(underTest.isFaceAuthEnrolledAndEnabled)

            faceAuthIsEnabledByBiometricManager()

            biometricsAreEnabledBySettings()

            doNotDisableKeyguardAuthFeatures(PRIMARY_USER_ID)

            assertThat(faceAuthAllowed()).isTrue()

        }

    private fun faceAuthIsEnabledByBiometricManager(userId: Int = PRIMARY_USER_ID) {

    private fun biometricsAreEnabledBySettings(userId: Int = PRIMARY_USER_ID) {

        verify(biometricManager, atLeastOnce())

            .registerEnabledOnKeyguardCallback(biometricManagerCallback.capture())

        biometricManagerCallback.value.onChanged(true, userId)

    }

    private fun biometricsAreNotEnabledBySettings(userId: Int = PRIMARY_USER_ID) {

        verify(biometricManager, atLeastOnce())

            .registerEnabledOnKeyguardCallback(biometricManagerCallback.capture())

        biometricManagerCallback.value.onChanged(false, userId)

    }

    @Test

    fun faceEnrollmentStatusOfNewUserUponUserSwitch() =

        testScope.runTest {

            faceAuthIsEnrolled()

            createBiometricSettingsRepository()

            faceAuthIsEnabledByBiometricManager()

            biometricsAreEnabledBySettings()

            doNotDisableKeyguardAuthFeatures()

            mobileConnectionsRepository.isAnySimSecure.value = false

            runCurrent()

            deviceIsInPostureThatSupportsFaceAuth()

            doNotDisableKeyguardAuthFeatures()

            faceAuthIsStrongBiometric()

            faceAuthIsEnabledByBiometricManager()

            biometricsAreEnabledBySettings()

            mobileConnectionsRepository.isAnySimSecure.value = false

            onStrongAuthChanged(STRONG_AUTH_NOT_REQUIRED, PRIMARY_USER_ID)

            deviceIsInPostureThatSupportsFaceAuth()

            doNotDisableKeyguardAuthFeatures()

            faceAuthIsStrongBiometric()

            faceAuthIsEnabledByBiometricManager()

            biometricsAreEnabledBySettings()

            onStrongAuthChanged(STRONG_AUTH_NOT_REQUIRED, PRIMARY_USER_ID)

            onNonStrongAuthChanged(false, PRIMARY_USER_ID)

            deviceIsInPostureThatSupportsFaceAuth()

            doNotDisableKeyguardAuthFeatures()

            faceAuthIsNonStrongBiometric()

            faceAuthIsEnabledByBiometricManager()

            biometricsAreEnabledBySettings()

            onStrongAuthChanged(STRONG_AUTH_NOT_REQUIRED, PRIMARY_USER_ID)

            onNonStrongAuthChanged(false, PRIMARY_USER_ID)

    fun fpAuthCurrentlyAllowed_dependsOnNonStrongAuthBiometricSetting_ifFpIsNotStrong() =

        testScope.runTest {

            createBiometricSettingsRepository()

            biometricsAreEnabledBySettings()

            val isFingerprintCurrentlyAllowed by

                collectLastValue(underTest.isFingerprintAuthCurrentlyAllowed)

    fun fpAuthCurrentlyAllowed_dependsOnStrongAuthBiometricSetting_ifFpIsStrong() =

        testScope.runTest {

            createBiometricSettingsRepository()

            biometricsAreEnabledBySettings()

            val isFingerprintCurrentlyAllowed by

                collectLastValue(underTest.isFingerprintAuthCurrentlyAllowed)