Make sure `isNonStrongBiometricAllowed` value is correct after reboot
- LockPatternUtils defaults `isNonStrongBiometricAllowed` to true after reboot
- We have to combine it with strong auth flags on whether primary auth is required after reboot to ensure the value is correct
Test: BiometricSettingsRepositoryTest
Fixes: 285523886
Bug: 285516490
Change-Id: I38d45acb38b735405335ae0e114fd208b5b2a6ae
diff --git a/packages/SystemUI/src/com/android/systemui/keyguard/data/repository/BiometricSettingsRepository.kt b/packages/SystemUI/src/com/android/systemui/keyguard/data/repository/BiometricSettingsRepository.kt
index 0b6c7c4..ff3e77c 100644
--- a/packages/SystemUI/src/com/android/systemui/keyguard/data/repository/BiometricSettingsRepository.kt
+++ b/packages/SystemUI/src/com/android/systemui/keyguard/data/repository/BiometricSettingsRepository.kt
@@ -325,6 +325,9 @@
private class StrongAuthTracker(private val userRepository: UserRepository, context: Context?) :
LockPatternUtils.StrongAuthTracker(context) {
+ private val selectedUserId =
+ userRepository.selectedUserInfo.map { it.id }.distinctUntilChanged()
+
// Backing field for onStrongAuthRequiredChanged
private val _authFlags =
MutableStateFlow(AuthenticationFlags(currentUserId, getStrongAuthForUser(currentUserId)))
@@ -336,15 +339,12 @@
)
val currentUserAuthFlags: Flow<AuthenticationFlags> =
- userRepository.selectedUserInfo
- .map { it.id }
- .distinctUntilChanged()
- .flatMapLatest { userId ->
- _authFlags
- .map { AuthenticationFlags(userId, getStrongAuthForUser(userId)) }
- .onEach { Log.d(TAG, "currentUser authFlags changed, new value: $it") }
- .onStart { emit(AuthenticationFlags(userId, getStrongAuthForUser(userId))) }
- }
+ selectedUserId.flatMapLatest { userId ->
+ _authFlags
+ .map { AuthenticationFlags(userId, getStrongAuthForUser(userId)) }
+ .onEach { Log.d(TAG, "currentUser authFlags changed, new value: $it") }
+ .onStart { emit(AuthenticationFlags(userId, getStrongAuthForUser(userId))) }
+ }
/** isStrongBiometricAllowed for the current user. */
val isStrongBiometricAllowed: Flow<Boolean> =
@@ -352,16 +352,17 @@
/** isNonStrongBiometricAllowed for the current user. */
val isNonStrongBiometricAllowed: Flow<Boolean> =
- userRepository.selectedUserInfo
- .map { it.id }
- .distinctUntilChanged()
+ selectedUserId
.flatMapLatest { userId ->
_nonStrongBiometricAllowed
.filter { it.first == userId }
.map { it.second }
- .onEach { Log.d(TAG, "isNonStrongBiometricAllowed changed for current user") }
+ .onEach {
+ Log.d(TAG, "isNonStrongBiometricAllowed changed for current user: $it")
+ }
.onStart { emit(isNonStrongBiometricAllowedAfterIdleTimeout(userId)) }
}
+ .and(isStrongBiometricAllowed)
private val currentUserId
get() = userRepository.getSelectedUserInfo().id
@@ -387,3 +388,6 @@
private fun DevicePolicyManager.isNotActive(userId: Int, policy: Int): Boolean =
(getKeyguardDisabledFeatures(null, userId) and policy) == 0
+
+private fun Flow<Boolean>.and(anotherFlow: Flow<Boolean>): Flow<Boolean> =
+ this.combine(anotherFlow) { a, b -> a && b }
diff --git a/packages/SystemUI/tests/src/com/android/systemui/keyguard/data/repository/BiometricSettingsRepositoryTest.kt b/packages/SystemUI/tests/src/com/android/systemui/keyguard/data/repository/BiometricSettingsRepositoryTest.kt
index f9070b3..c6a2fa5 100644
--- a/packages/SystemUI/tests/src/com/android/systemui/keyguard/data/repository/BiometricSettingsRepositoryTest.kt
+++ b/packages/SystemUI/tests/src/com/android/systemui/keyguard/data/repository/BiometricSettingsRepositoryTest.kt
@@ -162,11 +162,11 @@
@Test
fun convenienceBiometricAllowedChange() =
testScope.runTest {
+ overrideResource(com.android.internal.R.bool.config_strongAuthRequiredOnBoot, false)
createBiometricSettingsRepository()
val convenienceBiometricAllowed =
collectLastValue(underTest.isNonStrongBiometricAllowed)
runCurrent()
-
onNonStrongAuthChanged(true, PRIMARY_USER_ID)
assertThat(convenienceBiometricAllowed()).isTrue()
@@ -175,6 +175,45 @@
onNonStrongAuthChanged(false, PRIMARY_USER_ID)
assertThat(convenienceBiometricAllowed()).isFalse()
+ mContext.orCreateTestableResources.removeOverride(
+ com.android.internal.R.bool.config_strongAuthRequiredOnBoot
+ )
+ }
+
+ @Test
+ fun whenStrongAuthRequiredAfterBoot_nonStrongBiometricNotAllowed() =
+ testScope.runTest {
+ overrideResource(com.android.internal.R.bool.config_strongAuthRequiredOnBoot, true)
+ createBiometricSettingsRepository()
+
+ val convenienceBiometricAllowed =
+ collectLastValue(underTest.isNonStrongBiometricAllowed)
+ runCurrent()
+ onNonStrongAuthChanged(true, PRIMARY_USER_ID)
+
+ assertThat(convenienceBiometricAllowed()).isFalse()
+ mContext.orCreateTestableResources.removeOverride(
+ com.android.internal.R.bool.config_strongAuthRequiredOnBoot
+ )
+ }
+
+ @Test
+ fun whenStrongBiometricAuthIsNotAllowed_nonStrongBiometrics_alsoNotAllowed() =
+ testScope.runTest {
+ overrideResource(com.android.internal.R.bool.config_strongAuthRequiredOnBoot, false)
+ createBiometricSettingsRepository()
+
+ val convenienceBiometricAllowed =
+ collectLastValue(underTest.isNonStrongBiometricAllowed)
+ runCurrent()
+ onNonStrongAuthChanged(true, PRIMARY_USER_ID)
+ assertThat(convenienceBiometricAllowed()).isTrue()
+
+ onStrongAuthChanged(STRONG_AUTH_REQUIRED_AFTER_TIMEOUT, PRIMARY_USER_ID)
+ assertThat(convenienceBiometricAllowed()).isFalse()
+ mContext.orCreateTestableResources.removeOverride(
+ com.android.internal.R.bool.config_strongAuthRequiredOnBoot
+ )
}
private fun onStrongAuthChanged(flags: Int, userId: Int) {