Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 7b9eb419e35f12963eeea119b51a241146029b74^! / .
commit7b9eb419e35f12963eeea119b51a241146029b74[log] [tgz]
authorRicky Wai <rickywai@google.com>Thu May 12 17:29:12 2016 +0100
committerRicky Wai <rickywai@google.com>Wed May 25 15:38:34 2016 +0100
treee69d4e638d99d3849f34586fc9259ad74eb2705f
parentd398244513c62c9ea14a0f1c6ffef832e803c16f [diff]
Store work lock type even it uses unified lock

If we are not storing this, LockPatternUtils.isSecure(workUserId)
will return false, and cause some methods like trySetQuietModeDisabled()
cannot show screen lock correctly.

Bug: 28738725
Change-Id: I7d0b61022b0afff2dac4cdae72d558118ea892e7

diff --git a/services/core/java/com/android/server/LockSettingsService.java b/services/core/java/com/android/server/LockSettingsService.java
index 1d8bb6b..bc54012 100644
--- a/services/core/java/com/android/server/LockSettingsService.java
+++ b/services/core/java/com/android/server/LockSettingsService.java

@@ -235,6 +235,11 @@
             randomLockSeed = SecureRandom.getInstance("SHA1PRNG").generateSeed(40);
             String newPassword = String.valueOf(HexEncoding.encode(randomLockSeed));
             setLockPasswordInternal(newPassword, managedUserPassword, managedUserId);
+            // We store a private credential for the managed user that's unlocked by the primary
+            // account holder's credential. As such, the user will never be prompted to enter this
+            // password directly, so we always store a password.
+            setLong(LockPatternUtils.PASSWORD_TYPE_KEY,
+                    DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC, managedUserId);
             tieProfileLockToParent(managedUserId, newPassword);
         } catch (NoSuchAlgorithmException | RemoteException e) {
             Slog.e(TAG, "Fail to tie managed profile", e);
@@ -535,6 +540,30 @@
                 setString("migrated_lockscreen_disabled", "true", 0);
                 Slog.i(TAG, "Migrated lockscreen disabled flag");
             }
+
+            final List<UserInfo> users = mUserManager.getUsers();
+            for (int i = 0; i < users.size(); i++) {
+                final UserInfo userInfo = users.get(i);
+                if (userInfo.isManagedProfile() && mStorage.hasChildProfileLock(userInfo.id)) {
+                    // When managed profile has a unified lock, the password quality stored has 2
+                    // possibilities only.
+                    // 1). PASSWORD_QUALITY_UNSPECIFIED, which is upgraded from dp2, and we are
+                    // going to set it back to PASSWORD_QUALITY_ALPHANUMERIC.
+                    // 2). PASSWORD_QUALITY_ALPHANUMERIC, which is the actual password quality for
+                    // unified lock.
+                    final long quality = getLong(LockPatternUtils.PASSWORD_TYPE_KEY,
+                            DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, userInfo.id);
+                    if (quality == DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) {
+                        // Only possible when it's upgraded from nyc dp3
+                        Slog.i(TAG, "Migrated tied profile lock type");
+                        setLong(LockPatternUtils.PASSWORD_TYPE_KEY,
+                                DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC, userInfo.id);
+                    } else if (quality != DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC) {
+                        // It should not happen
+                        Slog.e(TAG, "Invalid tied profile lock type: " + quality);
+                    }
+                }
+            }
         } catch (RemoteException re) {
             Slog.e(TAG, "Unable to migrate old data", re);
         }