Activity for messaging installed CA certs, and icon in Settings.

Add the MonitoringCertInfoActivity, used by Settings, QuickSettings
and notification to explain about CA certs enabling network traffic
monitoring.
Add a button on the Security item in Settings when a cert is installed.

Bug: 10633199

Change-Id: Ic753fe22b66c30d837a9ba471a0632a07bb7471f
diff --git a/src/com/android/settings/MonitoringCertInfoActivity.java b/src/com/android/settings/MonitoringCertInfoActivity.java
new file mode 100644
index 0000000..e2ac5d0
--- /dev/null
+++ b/src/com/android/settings/MonitoringCertInfoActivity.java
@@ -0,0 +1,94 @@
+/*
+ * Copyright (C) 2013 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.settings;
+
+import android.app.Activity;
+import android.app.AlertDialog;
+import android.app.Dialog;
+import android.app.admin.DevicePolicyManager;
+import android.content.Context;
+import android.content.DialogInterface;
+import android.content.DialogInterface.OnClickListener;
+import android.content.Intent;
+import android.os.Bundle;
+import android.os.RemoteException;
+import android.view.WindowManager;
+import android.view.WindowManagerGlobal;
+
+/**
+ * Activity that shows a dialog explaining that a CA cert is allowing someone to monitor network
+ * traffic.
+ */
+public class MonitoringCertInfoActivity extends Activity implements OnClickListener {
+
+    private boolean hasDeviceOwner = false;
+
+    @Override
+    protected void onCreate(Bundle savedStates) {
+        super.onCreate(savedStates);
+
+        DevicePolicyManager dpm =
+                (DevicePolicyManager) getSystemService(Context.DEVICE_POLICY_SERVICE);
+
+        final AlertDialog.Builder builder = new AlertDialog.Builder(this);
+        builder.setTitle(R.string.ssl_ca_cert_dialog_title);
+        builder.setCancelable(true);
+        hasDeviceOwner = dpm.getDeviceOwner() != null;
+        int buttonLabel;
+        if (hasDeviceOwner) {
+            // Institutional case.  Show informational message.
+            String message = this.getResources().getString(R.string.ssl_ca_cert_info_message,
+                    dpm.getDeviceOwnerName());
+            builder.setMessage(message);
+            buttonLabel = R.string.done_button;
+        } else {
+            // Consumer case.  Show scary warning.
+            builder.setIcon(android.R.drawable.stat_notify_error);
+            builder.setMessage(R.string.ssl_ca_cert_warning_message);
+            buttonLabel = R.string.ssl_ca_cert_settings_button;
+        }
+
+        builder.setPositiveButton(buttonLabel, this);
+
+        final Dialog dialog = builder.create();
+        dialog.getWindow().setType(WindowManager.LayoutParams.TYPE_SYSTEM_ALERT);
+        try {
+            WindowManagerGlobal.getWindowManagerService().dismissKeyguard();
+        } catch (RemoteException e) {
+        }
+        dialog.setOnCancelListener(new DialogInterface.OnCancelListener() {
+            @Override public void onCancel(DialogInterface dialog) {
+                finish();
+            }
+        });
+
+        dialog.show();
+    }
+
+    @Override
+    public void onClick(DialogInterface dialog, int which) {
+        if (hasDeviceOwner) {
+            finish();
+        } else {
+            Intent intent =
+                    new Intent(android.provider.Settings.ACTION_TRUSTED_CREDENTIALS_USER);
+            intent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK | Intent.FLAG_ACTIVITY_CLEAR_TOP);
+            startActivity(intent);
+            finish();
+        }
+    }
+}
diff --git a/src/com/android/settings/Settings.java b/src/com/android/settings/Settings.java
index bcfffcb..6b6e704 100644
--- a/src/com/android/settings/Settings.java
+++ b/src/com/android/settings/Settings.java
@@ -19,6 +19,7 @@
 import android.accounts.Account;
 import android.accounts.AccountManager;
 import android.accounts.OnAccountsUpdateListener;
+import android.app.admin.DevicePolicyManager;
 import android.content.BroadcastReceiver;
 import android.content.ComponentName;
 import android.content.Context;
@@ -48,6 +49,7 @@
 import android.view.ViewGroup;
 import android.widget.ArrayAdapter;
 import android.widget.Button;
+import android.widget.ImageButton;
 import android.widget.ImageView;
 import android.widget.ListAdapter;
 import android.widget.Switch;
@@ -745,17 +747,21 @@
         static final int HEADER_TYPE_CATEGORY = 0;
         static final int HEADER_TYPE_NORMAL = 1;
         static final int HEADER_TYPE_SWITCH = 2;
-        private static final int HEADER_TYPE_COUNT = HEADER_TYPE_SWITCH + 1;
+        static final int HEADER_TYPE_BUTTON = 3;
+        private static final int HEADER_TYPE_COUNT = HEADER_TYPE_BUTTON + 1;
 
         private final WifiEnabler mWifiEnabler;
         private final BluetoothEnabler mBluetoothEnabler;
         private AuthenticatorHelper mAuthHelper;
+        private DevicePolicyManager mDevicePolicyManager;
 
         private static class HeaderViewHolder {
             ImageView icon;
             TextView title;
             TextView summary;
             Switch switch_;
+            ImageButton button_;
+            View divider_;
         }
 
         private LayoutInflater mInflater;
@@ -765,6 +771,8 @@
                 return HEADER_TYPE_CATEGORY;
             } else if (header.id == R.id.wifi_settings || header.id == R.id.bluetooth_settings) {
                 return HEADER_TYPE_SWITCH;
+            } else if (header.id == R.id.security_settings) {
+                return HEADER_TYPE_BUTTON;
             } else {
                 return HEADER_TYPE_NORMAL;
             }
@@ -797,7 +805,7 @@
         }
 
         public HeaderAdapter(Context context, List<Header> objects,
-                AuthenticatorHelper authenticatorHelper) {
+                AuthenticatorHelper authenticatorHelper, DevicePolicyManager dpm) {
             super(context, 0, objects);
 
             mAuthHelper = authenticatorHelper;
@@ -807,6 +815,7 @@
             // Switches inflated from their layouts. Must be done before adapter is set in super
             mWifiEnabler = new WifiEnabler(context, new Switch(context));
             mBluetoothEnabler = new BluetoothEnabler(context, new Switch(context));
+            mDevicePolicyManager = dpm;
         }
 
         @Override
@@ -836,6 +845,18 @@
                         holder.switch_ = (Switch) view.findViewById(R.id.switchWidget);
                         break;
 
+                    case HEADER_TYPE_BUTTON:
+                        view = mInflater.inflate(R.layout.preference_header_button_item, parent,
+                                false);
+                        holder.icon = (ImageView) view.findViewById(R.id.icon);
+                        holder.title = (TextView)
+                                view.findViewById(com.android.internal.R.id.title);
+                        holder.summary = (TextView)
+                                view.findViewById(com.android.internal.R.id.summary);
+                        holder.button_ = (ImageButton) view.findViewById(R.id.buttonWidget);
+                        holder.divider_ = view.findViewById(R.id.divider);
+                        break;
+
                     case HEADER_TYPE_NORMAL:
                         view = mInflater.inflate(
                                 R.layout.preference_header_item, parent,
@@ -866,38 +887,71 @@
                     } else {
                         mBluetoothEnabler.setSwitch(holder.switch_);
                     }
-                    // No break, fall through on purpose to update common fields
+                    updateCommonHeaderView(header, holder);
+                    break;
 
-                    //$FALL-THROUGH$
+                case HEADER_TYPE_BUTTON:
+                    if (header.id == R.id.security_settings) {
+                        boolean hasCert = DevicePolicyManager.hasAnyCaCertsInstalled();
+                        if (hasCert) {
+                            holder.button_.setVisibility(View.VISIBLE);
+                            holder.divider_.setVisibility(View.VISIBLE);
+                            boolean isManaged = mDevicePolicyManager.getDeviceOwner() != null;
+                            if (isManaged) {
+                                holder.button_.setImageResource(R.drawable.ic_qs_certificate_info);
+                            } else {
+                                holder.button_.setImageResource(
+                                        android.R.drawable.stat_notify_error);
+                            }
+                            holder.button_.setOnClickListener(new OnClickListener() {
+                                @Override
+                                public void onClick(View v) {
+                                    Intent intent = new Intent(
+                                            android.provider.Settings.ACTION_MONITORING_CERT_INFO);
+                                    getContext().startActivity(intent);
+                                }
+                            });
+                        } else {
+                            holder.button_.setVisibility(View.GONE);
+                            holder.divider_.setVisibility(View.GONE);
+                        }
+                    }
+                    updateCommonHeaderView(header, holder);
+                    break;
+
                 case HEADER_TYPE_NORMAL:
-                    if (header.extras != null &&
-                            header.extras.containsKey(ManageAccountsSettings.KEY_ACCOUNT_TYPE)) {
-                        String accType = header.extras.getString(
-                                ManageAccountsSettings.KEY_ACCOUNT_TYPE);
-                        Drawable icon = mAuthHelper.getDrawableForType(getContext(), accType);
-                        setHeaderIcon(holder, icon);
-                    } else if (header.extras != null &&
-                            header.extras.containsKey(HomeSettings.CURRENT_HOME)) {
-                        ActivityInfo ai = header.extras.getParcelable(HomeSettings.CURRENT_HOME);
-                        Drawable icon = ai.loadIcon(getContext().getPackageManager());
-                        setHeaderIcon(holder, icon);
-                    } else {
-                        holder.icon.setImageResource(header.iconRes);
-                    }
-                    holder.title.setText(header.getTitle(getContext().getResources()));
-                    CharSequence summary = header.getSummary(getContext().getResources());
-                    if (!TextUtils.isEmpty(summary)) {
-                        holder.summary.setVisibility(View.VISIBLE);
-                        holder.summary.setText(summary);
-                    } else {
-                        holder.summary.setVisibility(View.GONE);
-                    }
+                    updateCommonHeaderView(header, holder);
                     break;
             }
 
             return view;
         }
 
+        private void updateCommonHeaderView(Header header, HeaderViewHolder holder) {
+                if (header.extras != null
+                        && header.extras.containsKey(ManageAccountsSettings.KEY_ACCOUNT_TYPE)) {
+                    String accType = header.extras.getString(
+                            ManageAccountsSettings.KEY_ACCOUNT_TYPE);
+                    Drawable icon = mAuthHelper.getDrawableForType(getContext(), accType);
+                    setHeaderIcon(holder, icon);
+                } else if (header.extras != null &&
+                        header.extras.containsKey(HomeSettings.CURRENT_HOME)) {
+                    ActivityInfo ai = header.extras.getParcelable(HomeSettings.CURRENT_HOME);
+                    Drawable icon = ai.loadIcon(getContext().getPackageManager());
+                    setHeaderIcon(holder, icon);
+                } else {
+                    holder.icon.setImageResource(header.iconRes);
+                }
+                holder.title.setText(header.getTitle(getContext().getResources()));
+                CharSequence summary = header.getSummary(getContext().getResources());
+                if (!TextUtils.isEmpty(summary)) {
+                    holder.summary.setVisibility(View.VISIBLE);
+                    holder.summary.setText(summary);
+                } else {
+                    holder.summary.setVisibility(View.GONE);
+                }
+            }
+
         private void setHeaderIcon(HeaderViewHolder holder, Drawable icon) {
             ViewGroup.LayoutParams lp = holder.icon.getLayoutParams();
             lp.width = getContext().getResources().getDimensionPixelSize(
@@ -963,7 +1017,9 @@
         if (adapter == null) {
             super.setListAdapter(null);
         } else {
-            super.setListAdapter(new HeaderAdapter(this, getHeaders(), mAuthenticatorHelper));
+            DevicePolicyManager dpm =
+                    (DevicePolicyManager) getSystemService(Context.DEVICE_POLICY_SERVICE);
+            super.setListAdapter(new HeaderAdapter(this, getHeaders(), mAuthenticatorHelper, dpm));
         }
     }