Update KeyguardManager.isDeviceLocked API
Bug: 18414067
Change-Id: I0715714c2c9a122f578ec0c6f508faae12e6f752
diff --git a/api/current.txt b/api/current.txt
index c480a1b..8b33c03 100644
--- a/api/current.txt
+++ b/api/current.txt
@@ -4412,7 +4412,7 @@
method public android.content.Intent createConfirmDeviceCredentialIntent(java.lang.CharSequence, java.lang.CharSequence);
method public deprecated void exitKeyguardSecurely(android.app.KeyguardManager.OnKeyguardExitResult);
method public boolean inKeyguardRestrictedInputMode();
- method public boolean isKeyguardInTrustedState();
+ method public boolean isDeviceLocked();
method public boolean isKeyguardLocked();
method public boolean isKeyguardSecure();
method public deprecated android.app.KeyguardManager.KeyguardLock newKeyguardLock(java.lang.String);
diff --git a/core/java/android/app/KeyguardManager.java b/core/java/android/app/KeyguardManager.java
index 5038df9..ddd21e6 100644
--- a/core/java/android/app/KeyguardManager.java
+++ b/core/java/android/app/KeyguardManager.java
@@ -225,28 +225,28 @@
}
/**
- * Return whether unlocking the device is currently not requiring a password
- * because of a trust agent.
+ * Returns whether the device is currently locked and requires a PIN, pattern or
+ * password to unlock.
*
- * @return true if the keyguard can currently be unlocked without entering credentials
- * because the device is in a trusted environment.
+ * @return true if unlocking the device currently requires a PIN, pattern or
+ * password.
*/
- public boolean isKeyguardInTrustedState() {
- return isKeyguardInTrustedState(UserHandle.getCallingUserId());
+ public boolean isDeviceLocked() {
+ return isDeviceLocked(UserHandle.getCallingUserId());
}
/**
- * Return whether unlocking the device is currently not requiring a password
- * because of a trust agent.
+ * Returns whether the device is currently locked and requires a PIN, pattern or
+ * password to unlock.
*
- * @param userId the user for which the trusted state should be reported.
- * @return true if the keyguard can currently be unlocked without entering credentials
- * because the device is in a trusted environment.
+ * @param userId the user for which the locked state should be reported.
+ * @return true if unlocking the device currently requires a PIN, pattern or
+ * password.
* @hide
*/
- public boolean isKeyguardInTrustedState(int userId) {
+ public boolean isDeviceLocked(int userId) {
try {
- return mTrustManager.isTrusted(userId);
+ return mTrustManager.isDeviceLocked(userId);
} catch (RemoteException e) {
return false;
}
diff --git a/core/java/android/app/trust/ITrustManager.aidl b/core/java/android/app/trust/ITrustManager.aidl
index 0193711..89156da 100644
--- a/core/java/android/app/trust/ITrustManager.aidl
+++ b/core/java/android/app/trust/ITrustManager.aidl
@@ -29,5 +29,5 @@
void reportRequireCredentialEntry(int userId);
void registerTrustListener(in ITrustListener trustListener);
void unregisterTrustListener(in ITrustListener trustListener);
- boolean isTrusted(int userId);
+ boolean isDeviceLocked(int userId);
}
diff --git a/core/java/com/android/internal/widget/LockPatternUtils.java b/core/java/com/android/internal/widget/LockPatternUtils.java
index 3ccced5..8d3db5b 100644
--- a/core/java/com/android/internal/widget/LockPatternUtils.java
+++ b/core/java/com/android/internal/widget/LockPatternUtils.java
@@ -384,8 +384,16 @@
* @return Whether a saved pattern exists.
*/
public boolean savedPatternExists() {
+ return savedPatternExists(getCurrentOrCallingUserId());
+ }
+
+ /**
+ * Check to see if the user has stored a lock pattern.
+ * @return Whether a saved pattern exists.
+ */
+ public boolean savedPatternExists(int userId) {
try {
- return getLockSettings().havePattern(getCurrentOrCallingUserId());
+ return getLockSettings().havePattern(userId);
} catch (RemoteException re) {
return false;
}
@@ -396,8 +404,16 @@
* @return Whether a saved pattern exists.
*/
public boolean savedPasswordExists() {
+ return savedPasswordExists(getCurrentOrCallingUserId());
+ }
+
+ /**
+ * Check to see if the user has stored a lock pattern.
+ * @return Whether a saved pattern exists.
+ */
+ public boolean savedPasswordExists(int userId) {
try {
- return getLockSettings().havePassword(getCurrentOrCallingUserId());
+ return getLockSettings().havePassword(userId);
} catch (RemoteException re) {
return false;
}
@@ -955,8 +971,15 @@
* @return true if the lockscreen method is set to biometric weak
*/
public boolean usingBiometricWeak() {
- int quality =
- (int) getLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED);
+ return usingBiometricWeak(getCurrentOrCallingUserId());
+ }
+
+ /**
+ * @return true if the lockscreen method is set to biometric weak
+ */
+ public boolean usingBiometricWeak(int userId) {
+ int quality = (int) getLong(
+ PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, userId);
return quality == DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK;
}
@@ -1096,15 +1119,22 @@
* @return Whether the lock pattern is enabled, or if it is set as a backup for biometric weak
*/
public boolean isLockPatternEnabled() {
+ return isLockPatternEnabled(getCurrentOrCallingUserId());
+ }
+
+ /**
+ * @return Whether the lock pattern is enabled, or if it is set as a backup for biometric weak
+ */
+ public boolean isLockPatternEnabled(int userId) {
final boolean backupEnabled =
getLong(PASSWORD_TYPE_ALTERNATE_KEY,
- DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED)
+ DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, userId)
== DevicePolicyManager.PASSWORD_QUALITY_SOMETHING;
- return getBoolean(Settings.Secure.LOCK_PATTERN_ENABLED, false)
- && (getLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED)
- == DevicePolicyManager.PASSWORD_QUALITY_SOMETHING ||
- (usingBiometricWeak() && backupEnabled));
+ return getBoolean(Settings.Secure.LOCK_PATTERN_ENABLED, false, userId)
+ && (getLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED,
+ userId) == DevicePolicyManager.PASSWORD_QUALITY_SOMETHING
+ || (usingBiometricWeak(userId) && backupEnabled));
}
/**
@@ -1485,15 +1515,20 @@
}
public boolean isSecure() {
- long mode = getKeyguardStoredPasswordQuality();
+ return isSecure(getCurrentOrCallingUserId());
+ }
+
+ public boolean isSecure(int userId) {
+ long mode = getKeyguardStoredPasswordQuality(userId);
final boolean isPattern = mode == DevicePolicyManager.PASSWORD_QUALITY_SOMETHING;
final boolean isPassword = mode == DevicePolicyManager.PASSWORD_QUALITY_NUMERIC
|| mode == DevicePolicyManager.PASSWORD_QUALITY_NUMERIC_COMPLEX
|| mode == DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC
|| mode == DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC
|| mode == DevicePolicyManager.PASSWORD_QUALITY_COMPLEX;
- final boolean secure = isPattern && isLockPatternEnabled() && savedPatternExists()
- || isPassword && savedPasswordExists();
+ final boolean secure =
+ isPattern && isLockPatternEnabled(userId) && savedPatternExists(userId)
+ || isPassword && savedPasswordExists(userId);
return secure;
}
diff --git a/packages/Keyguard/test/SampleTrustAgent/res/layout/sample_trust_agent_settings.xml b/packages/Keyguard/test/SampleTrustAgent/res/layout/sample_trust_agent_settings.xml
index 63694a8..bb72c12 100644
--- a/packages/Keyguard/test/SampleTrustAgent/res/layout/sample_trust_agent_settings.xml
+++ b/packages/Keyguard/test/SampleTrustAgent/res/layout/sample_trust_agent_settings.xml
@@ -48,11 +48,11 @@
<LinearLayout
android:layout_width="match_parent"
android:layout_height="wrap_content">
- <Button android:id="@+id/check_trusted"
+ <Button android:id="@+id/check_device_locked"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
- android:text="Keyguard in trusted state?" />
- <TextView android:id="@+id/check_trusted_result"
+ android:text="Device locked?" />
+ <TextView android:id="@+id/check_device_locked_result"
android:layout_width="0dp"
android:layout_height="wrap_content"
android:layout_weight="1" />
diff --git a/packages/Keyguard/test/SampleTrustAgent/src/com/android/trustagent/test/SampleTrustAgentSettings.java b/packages/Keyguard/test/SampleTrustAgent/src/com/android/trustagent/test/SampleTrustAgentSettings.java
index 39a599e..7edf2bb 100644
--- a/packages/Keyguard/test/SampleTrustAgent/src/com/android/trustagent/test/SampleTrustAgentSettings.java
+++ b/packages/Keyguard/test/SampleTrustAgent/src/com/android/trustagent/test/SampleTrustAgentSettings.java
@@ -32,7 +32,7 @@
private CheckBox mReportUnlockAttempts;
private CheckBox mManagingTrust;
- private TextView mCheckTrustedStateResult;
+ private TextView mCheckDeviceLockedResult;
private KeyguardManager mKeyguardManager;
@@ -48,7 +48,7 @@
findViewById(R.id.enable_trust).setOnClickListener(this);
findViewById(R.id.revoke_trust).setOnClickListener(this);
findViewById(R.id.crash).setOnClickListener(this);
- findViewById(R.id.check_trusted).setOnClickListener(this);
+ findViewById(R.id.check_device_locked).setOnClickListener(this);
mReportUnlockAttempts = (CheckBox) findViewById(R.id.report_unlock_attempts);
mReportUnlockAttempts.setOnCheckedChangeListener(this);
@@ -56,7 +56,7 @@
mManagingTrust = (CheckBox) findViewById(R.id.managing_trust);
mManagingTrust.setOnCheckedChangeListener(this);
- mCheckTrustedStateResult = (TextView) findViewById(R.id.check_trusted_result);
+ mCheckDeviceLockedResult = (TextView) findViewById(R.id.check_device_locked_result);
}
@Override
@@ -77,7 +77,7 @@
SampleTrustAgent.sendRevokeTrust(this);
} else if (id == R.id.crash) {
throw new RuntimeException("crash");
- } else if (id == R.id.check_trusted) {
+ } else if (id == R.id.check_device_locked) {
updateTrustedState();
}
}
@@ -92,7 +92,7 @@
}
private void updateTrustedState() {
- mCheckTrustedStateResult.setText(Boolean.toString(
- mKeyguardManager.isKeyguardInTrustedState()));
+ mCheckDeviceLockedResult.setText(Boolean.toString(
+ mKeyguardManager.isDeviceLocked()));
}
}
diff --git a/services/core/java/com/android/server/trust/TrustManagerService.java b/services/core/java/com/android/server/trust/TrustManagerService.java
index 2388c85..361f0e6 100644
--- a/services/core/java/com/android/server/trust/TrustManagerService.java
+++ b/services/core/java/com/android/server/trust/TrustManagerService.java
@@ -61,6 +61,8 @@
import android.util.Slog;
import android.util.SparseBooleanArray;
import android.util.Xml;
+import android.view.WindowManagerGlobal;
+import android.view.WindowManagerInternal;
import java.io.FileDescriptor;
import java.io.IOException;
@@ -590,13 +592,26 @@
}
@Override
- public boolean isTrusted(int userId) throws RemoteException {
+ public boolean isDeviceLocked(int userId) throws RemoteException {
userId = ActivityManager.handleIncomingUser(getCallingPid(), getCallingUid(), userId,
- false /* allowAll */, true /* requireFull */, "isTrusted", null);
+ false /* allowAll */, true /* requireFull */, "isDeviceLocked", null);
userId = resolveProfileParent(userId);
+
+ boolean isSecure = mLockPatternUtils.isSecure(userId);
+
+ boolean isTrusted;
synchronized (mUserIsTrusted) {
- return mUserIsTrusted.get(userId);
+ isTrusted = mUserIsTrusted.get(userId);
}
+
+ boolean isLocked;
+ if (ActivityManager.getCurrentUser() != userId) {
+ isLocked = true;
+ } else {
+ isLocked = WindowManagerGlobal.getWindowManagerService().isKeyguardLocked();
+ }
+
+ return isSecure && isLocked && !isTrusted;
}
private void enforceReportPermission() {