Disable PS entry point and Activity when PS is not allowed.
In this change we disable:
1. Security Center Entry point
2. PrivateSpaceAuthenticationActivity
when private profile is not present and cannot be added.
Additionally, the intent exposing PrivateSpaceAuthenticationActivity
is also non-exported and changed to a better name.
Bug: 328578044
Test: Manual build and flash
Change-Id: I13d298316c6d719d0b06e4969989ea1da83dd4c6
diff --git a/AndroidManifest.xml b/AndroidManifest.xml
index 8730b42..8a2ac6b 100644
--- a/AndroidManifest.xml
+++ b/AndroidManifest.xml
@@ -5103,9 +5103,9 @@
<activity
android:name=".privatespace.PrivateSpaceAuthenticationActivity"
android:theme="@*android:style/Theme.DeviceDefault.Settings.Dialog.NoActionBar"
- android:exported="true">
+ android:exported="false">
<intent-filter>
- <action android:name="com.android.settings.action.PRIVATE_SPACE_SETUP_FLOW" />
+ <action android:name="com.android.settings.action.OPEN_PRIVATE_SPACE_SETTINGS" />
<category android:name="android.intent.category.DEFAULT"/>
</intent-filter>
</activity>
@@ -5117,6 +5117,14 @@
android:exported="false">
</activity>
+ <receiver android:name=".privatespace.PrivateSpaceBroadcastReceiver"
+ android:exported="true">
+ <intent-filter>
+ <action android:name="android.intent.action.PRE_BOOT_COMPLETED"/>
+ <action android:name="android.intent.action.BOOT_COMPLETED"/>
+ </intent-filter>
+ </receiver>
+
<activity-alias android:name="UsageStatsActivity"
android:exported="true"
android:label="@string/testing_usage_stats"
diff --git a/src/com/android/settings/privatespace/PrivateSpaceAuthenticationActivity.java b/src/com/android/settings/privatespace/PrivateSpaceAuthenticationActivity.java
index 53d6b22..f61f7bb 100644
--- a/src/com/android/settings/privatespace/PrivateSpaceAuthenticationActivity.java
+++ b/src/com/android/settings/privatespace/PrivateSpaceAuthenticationActivity.java
@@ -50,7 +50,7 @@
* This class represents an activity responsible for user authentication before starting the private
* space setup flow or accessing the private space settings page if already created. Also prompts
* user to set a device lock if not set with an alert dialog. This can be launched using the intent
- * com.android.settings.action.PRIVATE_SPACE_SETUP_FLOW.
+ * com.android.settings.action.OPEN_PRIVATE_SPACE_SETTINGS.
*/
public class PrivateSpaceAuthenticationActivity extends FragmentActivity {
private static final String TAG = "PrivateSpaceAuthCheck";
diff --git a/src/com/android/settings/privatespace/PrivateSpaceBroadcastReceiver.java b/src/com/android/settings/privatespace/PrivateSpaceBroadcastReceiver.java
new file mode 100644
index 0000000..4c59ab9
--- /dev/null
+++ b/src/com/android/settings/privatespace/PrivateSpaceBroadcastReceiver.java
@@ -0,0 +1,55 @@
+/*
+ * Copyright (C) 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.settings.privatespace;
+
+import android.content.BroadcastReceiver;
+import android.content.ComponentName;
+import android.content.Context;
+import android.content.Intent;
+import android.content.pm.PackageManager;
+import android.os.UserManager;
+import android.util.Log;
+
+/** Broadcast receiver for enabling/disabling Private Space Root Activity. */
+public class PrivateSpaceBroadcastReceiver extends BroadcastReceiver {
+
+ private static final String TAG = "PrivateSpaceBroadcastReceiver";
+
+ @Override
+ public void onReceive(Context context, Intent intent) {
+ if (android.multiuser.Flags.enablePrivateSpaceFeatures()
+ && android.multiuser.Flags.blockPrivateSpaceCreation()) {
+ Log.d("Here", "Intent: " + intent.getAction());
+ PrivateSpaceMaintainer privateSpaceMaintainer =
+ PrivateSpaceMaintainer.getInstance(context);
+ // Disable the PrivateSpaceAuthenticationActivity when
+ // -Private Profile is not present and
+ // -Private Profile cannot be added.
+ final int enableState = privateSpaceMaintainer.doesPrivateSpaceExist()
+ || context.getSystemService(UserManager.class).canAddPrivateProfile()
+ ? PackageManager.COMPONENT_ENABLED_STATE_ENABLED
+ : PackageManager.COMPONENT_ENABLED_STATE_DISABLED;
+ ComponentName privateSpaceAuth = new ComponentName(context,
+ PrivateSpaceAuthenticationActivity.class);
+ Log.d(TAG, "Setting component " + privateSpaceAuth + " state: " + enableState);
+ context.getPackageManager().setComponentEnabledSetting(
+ privateSpaceAuth,
+ enableState,
+ PackageManager.DONT_KILL_APP);
+ }
+ }
+}
diff --git a/src/com/android/settings/privatespace/PrivateSpaceMaintainer.java b/src/com/android/settings/privatespace/PrivateSpaceMaintainer.java
index 3fb9b15..6623516 100644
--- a/src/com/android/settings/privatespace/PrivateSpaceMaintainer.java
+++ b/src/com/android/settings/privatespace/PrivateSpaceMaintainer.java
@@ -155,7 +155,7 @@
return true;
}
- List<UserInfo> users = mUserManager.getProfiles(0);
+ List<UserInfo> users = mUserManager.getProfiles(mContext.getUserId());
for (UserInfo user : users) {
if (user.isPrivateProfile()) {
mUserHandle = user.getUserHandle();
diff --git a/src/com/android/settings/privatespace/PrivateSpaceSafetySource.java b/src/com/android/settings/privatespace/PrivateSpaceSafetySource.java
index 4e1741a..3272f12 100644
--- a/src/com/android/settings/privatespace/PrivateSpaceSafetySource.java
+++ b/src/com/android/settings/privatespace/PrivateSpaceSafetySource.java
@@ -44,11 +44,27 @@
return;
}
- // Check the profile type - we don't want to show this for anything other than primary user.
UserManager userManager = context.getSystemService(UserManager.class);
- if (userManager != null && !userManager.isMainUser()) {
- Log.i(TAG, "setSafetySourceData not main user");
- return;
+ PrivateSpaceMaintainer privateSpaceMaintainer =
+ PrivateSpaceMaintainer.getInstance(context);
+ if (android.multiuser.Flags.enablePrivateSpaceFeatures()
+ && android.multiuser.Flags.blockPrivateSpaceCreation()) {
+ // Do not add the entry point when
+ // -Private Profile is not present and
+ // -Private Profile cannot be added.
+ if (!privateSpaceMaintainer.doesPrivateSpaceExist()
+ && userManager != null
+ && !userManager.canAddPrivateProfile()) {
+ Log.i(TAG, "Private Space not allowed for user " + context.getUser());
+ return;
+ }
+ } else {
+ // Check the profile type - we don't want to show this for anything other than primary
+ // user.
+ if (userManager != null && !userManager.isMainUser()) {
+ Log.i(TAG, "setSafetySourceData not main user");
+ return;
+ }
}
if (!Flags.allowPrivateProfile()