Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit f58dbdaa authored by Eric Biggers's avatar Eric Biggers
Browse files

Don't show "unified challenge" for profile with non-shareable credential 

The terms "unified challenge" and "separate challenge" apply only in the
context of a profile whose credential is shareable with its parent.  It
is possible for a profile's credential to not be shareable with its
parent.  Update TrustManagerService's dump method to not show "profile
with unified challenge" for such profiles.  To make this possible, also
add a new method LockPatternUtils#isProfileWithUnifiedChallenge().

Bug: 296464083
Test: dumpsys trust
Flag: exempt, just changes dumpsys
Change-Id: I52a5c68633b3be969863c10cd1740f700af9cc07
parent 91755c24

core/java/com/android/internal/widget/LockPatternUtils.java

+14 −1
Original line number Diff line number Diff line
@@ -897,12 +897,25 @@ public class LockPatternUtils { 
    }



    /**

     * Returns true if {@code userHandle} is a managed profile with separate challenge.

     * Returns true if {@code userHandle} is a profile with separate challenge.

     * <p>

     * Returns false if {@code userHandle} is a profile with unified challenge, a profile whose

     * credential is not shareable with its parent, or a non-profile user.

     */

    public boolean isSeparateProfileChallengeEnabled(int userHandle) {

        return isCredentialSharableWithParent(userHandle) && hasSeparateChallenge(userHandle);

    }



    /**

     * Returns true if {@code userHandle} is a profile with unified challenge.

     * <p>

     * Returns false if {@code userHandle} is a profile with separate challenge, a profile whose

     * credential is not shareable with its parent, or a non-profile user.

     */

    public boolean isProfileWithUnifiedChallenge(int userHandle) {

        return isCredentialSharableWithParent(userHandle) && !hasSeparateChallenge(userHandle);

    }



    /**

     * Returns true if {@code userHandle} is a managed profile with unified challenge.

     */

services/core/java/com/android/server/trust/TrustManagerService.java

+6 −8
Original line number Diff line number Diff line
@@ -1657,14 +1657,12 @@ public class TrustManagerService extends SystemService { 
                    user.name, user.id, user.flags);

            if (!user.supportsSwitchToByUser()) {

                final boolean locked;

                if (user.isProfile()) {

                    if (mLockPatternUtils.isSeparateProfileChallengeEnabled(user.id)) {

                        fout.print(" (profile with separate challenge)");

                        locked = isDeviceLockedInner(user.id);

                    } else {

                if (mLockPatternUtils.isProfileWithUnifiedChallenge(user.id)) {

                    fout.print(" (profile with unified challenge)");

                    locked = isDeviceLockedInner(resolveProfileParent(user.id));

                    }

                } else if (mLockPatternUtils.isSeparateProfileChallengeEnabled(user.id)) {

                    fout.print(" (profile with separate challenge)");

                    locked = isDeviceLockedInner(user.id);

                } else {

                    fout.println(" (user that cannot be switched to)");

                    locked = isDeviceLockedInner(user.id);