Merge "Remove face auth from setup wizard when configured as a convenience." into sc-v2-dev
diff --git a/src/com/android/settings/biometrics/BiometricEnrollActivity.java b/src/com/android/settings/biometrics/BiometricEnrollActivity.java
index 690ef13..c74e85e 100644
--- a/src/com/android/settings/biometrics/BiometricEnrollActivity.java
+++ b/src/com/android/settings/biometrics/BiometricEnrollActivity.java
@@ -32,6 +32,7 @@
import android.hardware.biometrics.BiometricManager;
import android.hardware.biometrics.BiometricManager.Authenticators;
import android.hardware.biometrics.BiometricManager.BiometricError;
+import android.hardware.biometrics.SensorProperties;
import android.hardware.face.FaceManager;
import android.hardware.face.FaceSensorPropertiesInternal;
import android.hardware.fingerprint.FingerprintManager;
@@ -175,8 +176,22 @@
mHasFeatureFingerprint = pm.hasSystemFeature(PackageManager.FEATURE_FINGERPRINT);
mHasFeatureFace = pm.hasSystemFeature(PackageManager.FEATURE_FACE);
+ // Default behavior is to enroll BIOMETRIC_WEAK or above. See ACTION_BIOMETRIC_ENROLL.
+ final int authenticators = getIntent().getIntExtra(
+ EXTRA_BIOMETRIC_AUTHENTICATORS_ALLOWED, Authenticators.BIOMETRIC_WEAK);
+ Log.d(TAG, "Authenticators: " + authenticators);
+
+ mParentalOptionsRequired = intent.getBooleanExtra(EXTRA_REQUIRE_PARENTAL_CONSENT, false);
+ mSkipReturnToParent = intent.getBooleanExtra(EXTRA_SKIP_RETURN_TO_PARENT, false);
+
// determine what can be enrolled
final boolean isSetupWizard = WizardManagerHelper.isAnySetupWizard(getIntent());
+ final boolean isMultiSensor = mHasFeatureFace && mHasFeatureFingerprint;
+
+ Log.d(TAG, "parentalOptionsRequired: " + mParentalOptionsRequired
+ + ", skipReturnToParent: " + mSkipReturnToParent
+ + ", isSetupWizard: " + isSetupWizard
+ + ", isMultiSensor: " + isMultiSensor);
if (mHasFeatureFace) {
final FaceManager faceManager = getSystemService(FaceManager.class);
@@ -185,11 +200,23 @@
final int maxFacesEnrollableIfSUW = getApplicationContext().getResources()
.getInteger(R.integer.suw_max_faces_enrollable);
if (!faceProperties.isEmpty()) {
+ final FaceSensorPropertiesInternal props = faceProperties.get(0);
final int maxEnrolls =
- isSetupWizard ? maxFacesEnrollableIfSUW
- : faceProperties.get(0).maxEnrollmentsPerUser;
+ isSetupWizard ? maxFacesEnrollableIfSUW : props.maxEnrollmentsPerUser;
mIsFaceEnrollable =
faceManager.getEnrolledFaces(mUserId).size() < maxEnrolls;
+
+ // exclude face enrollment from setup wizard if configured as a convenience
+ // isSetupWizard is always false for unicorn enrollment, so if consent is
+ // required check if setup has completed instead.
+ final boolean isSettingUp = isSetupWizard || (mParentalOptionsRequired
+ && !WizardManagerHelper.isUserSetupComplete(this));
+ if (isSettingUp && isMultiSensor && mIsFaceEnrollable) {
+ if (props.sensorStrength == SensorProperties.STRENGTH_CONVENIENCE) {
+ Log.i(TAG, "Excluding face from SuW enrollment (STRENGTH_CONVENIENCE)");
+ mIsFaceEnrollable = false;
+ }
+ }
}
}
if (mHasFeatureFingerprint) {
@@ -207,13 +234,6 @@
}
}
- mParentalOptionsRequired = intent.getBooleanExtra(EXTRA_REQUIRE_PARENTAL_CONSENT, false);
- mSkipReturnToParent = intent.getBooleanExtra(EXTRA_SKIP_RETURN_TO_PARENT, false);
-
- Log.d(TAG, "parentalOptionsRequired: " + mParentalOptionsRequired
- + ", skipReturnToParent: " + mSkipReturnToParent
- + ", isSetupWizard: " + isSetupWizard);
-
// TODO(b/195128094): remove this restriction
// Consent can only be recorded when this activity is launched directly from the kids
// module. This can be removed when there is a way to notify consent status out of band.
@@ -247,19 +267,10 @@
setOrConfirmCredentialsNow();
} else {
// Start enrollment process if we haven't bailed out yet
- startEnroll();
+ startEnrollWith(authenticators, isSetupWizard);
}
}
- private void startEnroll() {
- // Default behavior is to enroll BIOMETRIC_WEAK or above. See ACTION_BIOMETRIC_ENROLL.
- final int authenticators = getIntent().getIntExtra(
- EXTRA_BIOMETRIC_AUTHENTICATORS_ALLOWED, Authenticators.BIOMETRIC_WEAK);
- Log.d(TAG, "Authenticators: " + authenticators);
-
- startEnrollWith(authenticators, WizardManagerHelper.isAnySetupWizard(getIntent()));
- }
-
private void startEnrollWith(@Authenticators.Types int authenticators, boolean setupWizard) {
// If the caller is not setup wizard, and the user has something enrolled, finish.
// Allow parental consent flow to skip this check, since one modality could be consented
@@ -339,7 +350,9 @@
final boolean fpConsentRequired = ParentalControlsUtils
.parentConsentRequired(this, BiometricAuthenticator.TYPE_FINGERPRINT) != null;
- final boolean requestFaceConsent = faceConsentRequired && mHasFeatureFace;
+ final boolean requestFaceConsent = faceConsentRequired
+ && mHasFeatureFace
+ && mIsFaceEnrollable;
final boolean requestFpConsent = fpConsentRequired && mHasFeatureFingerprint;
Log.d(TAG, "faceConsentRequired: " + faceConsentRequired