Merge "Convert biometrics to RestrictedPreference" into sc-dev am: 24b81dcffb
Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/14926710
Change-Id: I3924b671dbe1336e39fd153b5b809a2e3b7e3669
diff --git a/res/xml/security_dashboard_settings.xml b/res/xml/security_dashboard_settings.xml
index edfe582..b7829d4 100644
--- a/res/xml/security_dashboard_settings.xml
+++ b/res/xml/security_dashboard_settings.xml
@@ -43,19 +43,19 @@
android:summary="@string/summary_placeholder"
settings:keywords="@string/keywords_lockscreen" />
- <Preference
+ <com.android.settingslib.RestrictedPreference
android:key="fingerprint_settings"
android:title="@string/security_settings_fingerprint_preference_title"
android:summary="@string/summary_placeholder"
settings:keywords="@string/keywords_fingerprint_settings" />
- <Preference
+ <com.android.settingslib.RestrictedPreference
android:key="face_settings"
android:title="@string/security_settings_face_preference_title"
android:summary="@string/summary_placeholder"
settings:keywords="@string/keywords_face_settings" />
- <Preference
+ <com.android.settingslib.RestrictedPreference
android:key="biometric_settings"
android:title="@string/security_settings_biometric_preference_title"
android:summary="@string/summary_placeholder"
diff --git a/src/com/android/settings/biometrics/ParentalControlsUtils.java b/src/com/android/settings/biometrics/ParentalControlsUtils.java
new file mode 100644
index 0000000..1d7cf6a
--- /dev/null
+++ b/src/com/android/settings/biometrics/ParentalControlsUtils.java
@@ -0,0 +1,108 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.settings.biometrics;
+
+import android.app.admin.DevicePolicyManager;
+import android.content.ComponentName;
+import android.content.Context;
+import android.hardware.biometrics.BiometricAuthenticator;
+import android.os.Build;
+import android.os.UserHandle;
+import android.provider.Settings;
+import android.util.Log;
+
+import androidx.annotation.NonNull;
+import androidx.annotation.Nullable;
+
+import com.android.internal.annotations.VisibleForTesting;
+import com.android.settingslib.RestrictedLockUtils;
+
+/**
+ * Utilities for things at the cross-section of biometrics and parental controls. For example,
+ * determining if parental consent is required, determining which strings should be shown, etc.
+ */
+public class ParentalControlsUtils {
+
+ private static final String TAG = "ParentalControlsUtils";
+ private static final String TEST_ALWAYS_REQUIRE_CONSENT =
+ "com.android.settings.biometrics.ParentalControlsUtils.always_require_consent";
+
+ /**
+ * Public version that enables test paths based on {@link #TEST_ALWAYS_REQUIRE_CONSENT}
+ * @return non-null EnforcedAdmin if parental consent is required
+ */
+ public static RestrictedLockUtils.EnforcedAdmin parentConsentRequired(@NonNull Context context,
+ @BiometricAuthenticator.Modality int modality) {
+
+ final UserHandle userHandle = new UserHandle(UserHandle.myUserId());
+ if (Build.IS_USERDEBUG || Build.IS_ENG) {
+ final boolean testAlwaysRequireConsent = Settings.Secure.getInt(
+ context.getContentResolver(), TEST_ALWAYS_REQUIRE_CONSENT, 0) != 0;
+ if (testAlwaysRequireConsent) {
+ Log.d(TAG, "Requiring consent for test flow");
+ return new RestrictedLockUtils.EnforcedAdmin(null /* ComponentName */, userHandle);
+ }
+ }
+
+ final DevicePolicyManager dpm = context.getSystemService(DevicePolicyManager.class);
+ return parentConsentRequiredInternal(dpm, modality, userHandle);
+ }
+
+ /**
+ * Internal testable version.
+ * @return non-null EnforcedAdmin if parental consent is required
+ */
+ @Nullable
+ @VisibleForTesting
+ static RestrictedLockUtils.EnforcedAdmin parentConsentRequiredInternal(
+ @NonNull DevicePolicyManager dpm, @BiometricAuthenticator.Modality int modality,
+ @NonNull UserHandle userHandle) {
+ final ComponentName cn = dpm.getProfileOwnerOrDeviceOwnerSupervisionComponent(userHandle);
+ if (cn == null) {
+ return null;
+ }
+
+ final int keyguardDisabledFeatures = dpm.getKeyguardDisabledFeatures(cn);
+ final boolean dpmFpDisabled = containsFlag(keyguardDisabledFeatures,
+ DevicePolicyManager.KEYGUARD_DISABLE_FINGERPRINT);
+ final boolean dpmFaceDisabled = containsFlag(keyguardDisabledFeatures,
+ DevicePolicyManager.KEYGUARD_DISABLE_FACE);
+ final boolean dpmIrisDisabled = containsFlag(keyguardDisabledFeatures,
+ DevicePolicyManager.KEYGUARD_DISABLE_IRIS);
+
+ final boolean consentRequired;
+ if (containsFlag(modality, BiometricAuthenticator.TYPE_FINGERPRINT) && dpmFpDisabled) {
+ consentRequired = true;
+ } else if (containsFlag(modality, BiometricAuthenticator.TYPE_FACE) && dpmFaceDisabled) {
+ consentRequired = true;
+ } else if (containsFlag(modality, BiometricAuthenticator.TYPE_IRIS) && dpmIrisDisabled) {
+ consentRequired = true;
+ } else {
+ consentRequired = false;
+ }
+
+ if (consentRequired) {
+ return new RestrictedLockUtils.EnforcedAdmin(cn, userHandle);
+ } else {
+ return null;
+ }
+ }
+
+ private static boolean containsFlag(int haystack, int needle) {
+ return (haystack & needle) != 0;
+ }
+}
diff --git a/src/com/android/settings/biometrics/combination/CombinedBiometricStatusPreferenceController.java b/src/com/android/settings/biometrics/combination/CombinedBiometricStatusPreferenceController.java
index 6e989d8..9723d92 100644
--- a/src/com/android/settings/biometrics/combination/CombinedBiometricStatusPreferenceController.java
+++ b/src/com/android/settings/biometrics/combination/CombinedBiometricStatusPreferenceController.java
@@ -16,15 +16,22 @@
package com.android.settings.biometrics.combination;
import android.content.Context;
+import android.hardware.biometrics.BiometricAuthenticator;
import android.hardware.face.FaceManager;
import android.hardware.fingerprint.FingerprintManager;
import androidx.annotation.Nullable;
+import androidx.preference.Preference;
+import androidx.preference.PreferenceScreen;
+import com.android.internal.annotations.VisibleForTesting;
import com.android.settings.R;
import com.android.settings.Settings;
import com.android.settings.Utils;
import com.android.settings.biometrics.BiometricStatusPreferenceController;
+import com.android.settings.biometrics.ParentalControlsUtils;
+import com.android.settingslib.RestrictedLockUtils;
+import com.android.settingslib.RestrictedPreference;
/**
* Preference controller for biometrics settings page controlling the ability to unlock the phone
@@ -38,6 +45,8 @@
FingerprintManager mFingerprintManager;
@Nullable
FaceManager mFaceManager;
+ @VisibleForTesting
+ RestrictedPreference mPreference;
public CombinedBiometricStatusPreferenceController(Context context) {
this(context, KEY_BIOMETRIC_SETTINGS);
@@ -50,6 +59,12 @@
}
@Override
+ public void displayPreference(PreferenceScreen screen) {
+ super.displayPreference(screen);
+ mPreference = screen.findPreference(KEY_BIOMETRIC_SETTINGS);
+ }
+
+ @Override
protected boolean isDeviceSupported() {
return Utils.hasFingerprintHardware(mContext) && Utils.hasFaceHardware(mContext);
}
@@ -60,6 +75,24 @@
}
@Override
+ public void updateState(Preference preference) {
+ super.updateState(preference);
+ // This controller currently is shown if fingerprint&face exist on the device. If this
+ // changes in the future, the modalities passed into the below will need to be updated.
+ final RestrictedLockUtils.EnforcedAdmin admin = ParentalControlsUtils
+ .parentConsentRequired(mContext,
+ BiometricAuthenticator.TYPE_FACE | BiometricAuthenticator.TYPE_FINGERPRINT);
+ updateStateInternal(admin);
+ }
+
+ @VisibleForTesting
+ void updateStateInternal(@Nullable RestrictedLockUtils.EnforcedAdmin enforcedAdmin) {
+ if (enforcedAdmin != null && mPreference != null) {
+ mPreference.setDisabledByAdmin(enforcedAdmin);
+ }
+ }
+
+ @Override
protected String getSummaryTextEnrolled() {
// Note that this is currently never called (see the super class)
return mContext.getString(
diff --git a/src/com/android/settings/biometrics/face/FaceStatusPreferenceController.java b/src/com/android/settings/biometrics/face/FaceStatusPreferenceController.java
index 2ceaa0d..2b130ae 100644
--- a/src/com/android/settings/biometrics/face/FaceStatusPreferenceController.java
+++ b/src/com/android/settings/biometrics/face/FaceStatusPreferenceController.java
@@ -17,18 +17,29 @@
package com.android.settings.biometrics.face;
import android.content.Context;
+import android.hardware.biometrics.BiometricAuthenticator;
import android.hardware.face.FaceManager;
+import androidx.annotation.Nullable;
+import androidx.preference.Preference;
+import androidx.preference.PreferenceScreen;
+
+import com.android.internal.annotations.VisibleForTesting;
import com.android.settings.R;
import com.android.settings.Settings;
import com.android.settings.Utils;
import com.android.settings.biometrics.BiometricStatusPreferenceController;
+import com.android.settings.biometrics.ParentalControlsUtils;
+import com.android.settingslib.RestrictedLockUtils;
+import com.android.settingslib.RestrictedPreference;
public class FaceStatusPreferenceController extends BiometricStatusPreferenceController {
public static final String KEY_FACE_SETTINGS = "face_settings";
protected final FaceManager mFaceManager;
+ @VisibleForTesting
+ RestrictedPreference mPreference;
public FaceStatusPreferenceController(Context context) {
this(context, KEY_FACE_SETTINGS);
@@ -40,6 +51,12 @@
}
@Override
+ public void displayPreference(PreferenceScreen screen) {
+ super.displayPreference(screen);
+ mPreference = screen.findPreference(KEY_FACE_SETTINGS);
+ }
+
+ @Override
protected boolean isDeviceSupported() {
return !Utils.isMultipleBiometricsSupported(mContext) && Utils.hasFaceHardware(mContext);
}
@@ -50,6 +67,21 @@
}
@Override
+ public void updateState(Preference preference) {
+ super.updateState(preference);
+ final RestrictedLockUtils.EnforcedAdmin admin = ParentalControlsUtils
+ .parentConsentRequired(mContext, BiometricAuthenticator.TYPE_FACE);
+ updateStateInternal(admin);
+ }
+
+ @VisibleForTesting
+ void updateStateInternal(@Nullable RestrictedLockUtils.EnforcedAdmin enforcedAdmin) {
+ if (enforcedAdmin != null && mPreference != null) {
+ mPreference.setDisabledByAdmin(enforcedAdmin);
+ }
+ }
+
+ @Override
protected String getSummaryTextEnrolled() {
return mContext.getResources()
.getString(R.string.security_settings_face_preference_summary);
diff --git a/src/com/android/settings/biometrics/fingerprint/FingerprintStatusPreferenceController.java b/src/com/android/settings/biometrics/fingerprint/FingerprintStatusPreferenceController.java
index e53dbc4..5166bae 100644
--- a/src/com/android/settings/biometrics/fingerprint/FingerprintStatusPreferenceController.java
+++ b/src/com/android/settings/biometrics/fingerprint/FingerprintStatusPreferenceController.java
@@ -17,17 +17,28 @@
package com.android.settings.biometrics.fingerprint;
import android.content.Context;
+import android.hardware.biometrics.BiometricAuthenticator;
import android.hardware.fingerprint.FingerprintManager;
+import androidx.annotation.Nullable;
+import androidx.preference.Preference;
+import androidx.preference.PreferenceScreen;
+
+import com.android.internal.annotations.VisibleForTesting;
import com.android.settings.R;
import com.android.settings.Utils;
import com.android.settings.biometrics.BiometricStatusPreferenceController;
+import com.android.settings.biometrics.ParentalControlsUtils;
+import com.android.settingslib.RestrictedLockUtils;
+import com.android.settingslib.RestrictedPreference;
public class FingerprintStatusPreferenceController extends BiometricStatusPreferenceController {
private static final String KEY_FINGERPRINT_SETTINGS = "fingerprint_settings";
protected final FingerprintManager mFingerprintManager;
+ @VisibleForTesting
+ RestrictedPreference mPreference;
public FingerprintStatusPreferenceController(Context context) {
this(context, KEY_FINGERPRINT_SETTINGS);
@@ -39,6 +50,12 @@
}
@Override
+ public void displayPreference(PreferenceScreen screen) {
+ super.displayPreference(screen);
+ mPreference = screen.findPreference(KEY_FINGERPRINT_SETTINGS);
+ }
+
+ @Override
protected boolean isDeviceSupported() {
return !Utils.isMultipleBiometricsSupported(mContext)
&& Utils.hasFingerprintHardware(mContext);
@@ -50,6 +67,21 @@
}
@Override
+ public void updateState(Preference preference) {
+ super.updateState(preference);
+ final RestrictedLockUtils.EnforcedAdmin admin = ParentalControlsUtils
+ .parentConsentRequired(mContext, BiometricAuthenticator.TYPE_FINGERPRINT);
+ updateStateInternal(admin);
+ }
+
+ @VisibleForTesting
+ void updateStateInternal(@Nullable RestrictedLockUtils.EnforcedAdmin enforcedAdmin) {
+ if (enforcedAdmin != null && mPreference != null) {
+ mPreference.setDisabledByAdmin(enforcedAdmin);
+ }
+ }
+
+ @Override
protected String getSummaryTextEnrolled() {
final int numEnrolled = mFingerprintManager.getEnrolledFingerprints(getUserId()).size();
return mContext.getResources().getQuantityString(
diff --git a/tests/robotests/src/com/android/settings/biometrics/combination/CombinedBiometricStatusPreferenceControllerTest.java b/tests/robotests/src/com/android/settings/biometrics/combination/CombinedBiometricStatusPreferenceControllerTest.java
new file mode 100644
index 0000000..4f0381d
--- /dev/null
+++ b/tests/robotests/src/com/android/settings/biometrics/combination/CombinedBiometricStatusPreferenceControllerTest.java
@@ -0,0 +1,98 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.settings.biometrics.combination;
+
+import static org.mockito.ArgumentMatchers.anyInt;
+import static org.mockito.ArgumentMatchers.eq;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.spy;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+import android.content.Context;
+import android.content.pm.PackageManager;
+import android.hardware.face.FaceManager;
+import android.hardware.fingerprint.FingerprintManager;
+import android.os.UserManager;
+
+import androidx.preference.Preference;
+
+import com.android.internal.widget.LockPatternUtils;
+import com.android.settings.testutils.FakeFeatureFactory;
+import com.android.settingslib.RestrictedLockUtils;
+import com.android.settingslib.RestrictedPreference;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
+import org.robolectric.RobolectricTestRunner;
+import org.robolectric.RuntimeEnvironment;
+import org.robolectric.shadows.ShadowApplication;
+
+@RunWith(RobolectricTestRunner.class)
+public class CombinedBiometricStatusPreferenceControllerTest {
+
+ @Mock
+ private LockPatternUtils mLockPatternUtils;
+ @Mock
+ private FingerprintManager mFingerprintManager;
+ @Mock
+ private FaceManager mFaceManager;
+ @Mock
+ private UserManager mUm;
+ @Mock
+ private PackageManager mPackageManager;
+
+ private FakeFeatureFactory mFeatureFactory;
+ private Context mContext;
+ private CombinedBiometricStatusPreferenceController mController;
+ private Preference mPreference;
+
+ @Before
+ public void setUp() {
+ MockitoAnnotations.initMocks(this);
+ mContext = spy(RuntimeEnvironment.application);
+ when(mContext.getPackageManager()).thenReturn(mPackageManager);
+ when(mPackageManager.hasSystemFeature(PackageManager.FEATURE_FINGERPRINT)).thenReturn(true);
+ when(mPackageManager.hasSystemFeature(PackageManager.FEATURE_FACE)).thenReturn(true);
+ ShadowApplication.getInstance().setSystemService(Context.FINGERPRINT_SERVICE,
+ mFingerprintManager);
+ ShadowApplication.getInstance().setSystemService(Context.FACE_SERVICE, mFaceManager);
+ ShadowApplication.getInstance().setSystemService(Context.USER_SERVICE, mUm);
+ mPreference = new Preference(mContext);
+ mFeatureFactory = FakeFeatureFactory.setupForTest();
+ when(mFeatureFactory.securityFeatureProvider.getLockPatternUtils(mContext))
+ .thenReturn(mLockPatternUtils);
+ when(mUm.getProfileIdsWithDisabled(anyInt())).thenReturn(new int[] {1234});
+ mController = new CombinedBiometricStatusPreferenceController(mContext);
+ }
+
+ @Test
+ public void updateState_parentalConsentRequired_preferenceDisabled() {
+ when(mFaceManager.isHardwareDetected()).thenReturn(true);
+ when(mFingerprintManager.isHardwareDetected()).thenReturn(true);
+
+ RestrictedPreference restrictedPreference = mock(RestrictedPreference.class);
+ RestrictedLockUtils.EnforcedAdmin admin = mock(RestrictedLockUtils.EnforcedAdmin.class);
+
+ mController.mPreference = restrictedPreference;
+ mController.updateStateInternal(admin);
+ verify(restrictedPreference).setDisabledByAdmin(eq(admin));
+ }
+}
diff --git a/tests/robotests/src/com/android/settings/biometrics/face/FaceStatusPreferenceControllerTest.java b/tests/robotests/src/com/android/settings/biometrics/face/FaceStatusPreferenceControllerTest.java
index 2dfc347..0b10413 100644
--- a/tests/robotests/src/com/android/settings/biometrics/face/FaceStatusPreferenceControllerTest.java
+++ b/tests/robotests/src/com/android/settings/biometrics/face/FaceStatusPreferenceControllerTest.java
@@ -22,8 +22,10 @@
import static com.google.common.truth.Truth.assertThat;
import static org.mockito.ArgumentMatchers.anyInt;
+import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.spy;
+import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
import android.content.Context;
@@ -37,6 +39,8 @@
import com.android.internal.widget.LockPatternUtils;
import com.android.settings.R;
import com.android.settings.testutils.FakeFeatureFactory;
+import com.android.settingslib.RestrictedLockUtils;
+import com.android.settingslib.RestrictedPreference;
import org.junit.Before;
import org.junit.Test;
@@ -129,4 +133,16 @@
.getString(R.string.security_settings_face_preference_summary));
assertThat(mPreference.isVisible()).isTrue();
}
+
+ @Test
+ public void updateState_parentalConsentRequired_preferenceDisabled() {
+ when(mFaceManager.isHardwareDetected()).thenReturn(true);
+
+ RestrictedPreference restrictedPreference = mock(RestrictedPreference.class);
+ RestrictedLockUtils.EnforcedAdmin admin = mock(RestrictedLockUtils.EnforcedAdmin.class);
+
+ mController.mPreference = restrictedPreference;
+ mController.updateStateInternal(admin);
+ verify(restrictedPreference).setDisabledByAdmin(eq(admin));
+ }
}
diff --git a/tests/robotests/src/com/android/settings/biometrics/fingerprint/FingerprintStatusPreferenceControllerTest.java b/tests/robotests/src/com/android/settings/biometrics/fingerprint/FingerprintStatusPreferenceControllerTest.java
index 14ca1f8..b0137a1 100644
--- a/tests/robotests/src/com/android/settings/biometrics/fingerprint/FingerprintStatusPreferenceControllerTest.java
+++ b/tests/robotests/src/com/android/settings/biometrics/fingerprint/FingerprintStatusPreferenceControllerTest.java
@@ -22,8 +22,10 @@
import static com.google.common.truth.Truth.assertThat;
import static org.mockito.ArgumentMatchers.anyInt;
+import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.spy;
+import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
import android.content.Context;
@@ -37,6 +39,8 @@
import com.android.internal.widget.LockPatternUtils;
import com.android.settings.R;
import com.android.settings.testutils.FakeFeatureFactory;
+import com.android.settingslib.RestrictedLockUtils;
+import com.android.settingslib.RestrictedPreference;
import org.junit.Before;
import org.junit.Test;
@@ -130,4 +134,16 @@
R.plurals.security_settings_fingerprint_preference_summary, 1, 1));
assertThat(mPreference.isVisible()).isTrue();
}
+
+ @Test
+ public void updateState_parentalConsentRequired_preferenceDisabled() {
+ when(mFingerprintManager.isHardwareDetected()).thenReturn(true);
+
+ RestrictedPreference restrictedPreference = mock(RestrictedPreference.class);
+ RestrictedLockUtils.EnforcedAdmin admin = mock(RestrictedLockUtils.EnforcedAdmin.class);
+
+ mController.mPreference = restrictedPreference;
+ mController.updateStateInternal(admin);
+ verify(restrictedPreference).setDisabledByAdmin(eq(admin));
+ }
}
diff --git a/tests/unit/src/com/android/settings/biometrics/ParentalControlsUtilsTest.java b/tests/unit/src/com/android/settings/biometrics/ParentalControlsUtilsTest.java
new file mode 100644
index 0000000..a820d65
--- /dev/null
+++ b/tests/unit/src/com/android/settings/biometrics/ParentalControlsUtilsTest.java
@@ -0,0 +1,107 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.settings.biometrics;
+
+import static junit.framework.TestCase.assertNotNull;
+import static junit.framework.TestCase.assertNull;
+
+import static org.junit.Assert.assertEquals;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.eq;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+import android.app.admin.DevicePolicyManager;
+import android.content.ComponentName;
+import android.content.ContentResolver;
+import android.content.Context;
+import static android.hardware.biometrics.BiometricAuthenticator.TYPE_FACE;
+import static android.hardware.biometrics.BiometricAuthenticator.TYPE_FINGERPRINT;
+import static android.hardware.biometrics.BiometricAuthenticator.TYPE_IRIS;
+
+import android.hardware.biometrics.BiometricAuthenticator;
+import android.os.UserHandle;
+
+import androidx.annotation.Nullable;
+import androidx.test.ext.junit.runners.AndroidJUnit4;
+
+import com.android.settingslib.RestrictedLockUtils;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
+
+@RunWith(AndroidJUnit4.class)
+public class ParentalControlsUtilsTest {
+
+ @Mock
+ private Context mContext;
+ @Mock
+ private DevicePolicyManager mDpm;
+ private ComponentName mSupervisionComponentName = new ComponentName("pkg", "cls");
+
+ @Before
+ public void setUp() {
+ MockitoAnnotations.initMocks(this);
+ when(mContext.getContentResolver()).thenReturn(mock(ContentResolver.class));
+ }
+
+ /**
+ * Helper that sets the appropriate mocks and testing behavior before returning the actual
+ * EnforcedAdmin from ParentalControlsUtils.
+ */
+ @Nullable
+ private RestrictedLockUtils.EnforcedAdmin getEnforcedAdminForCombination(
+ @Nullable ComponentName supervisionComponentName,
+ @BiometricAuthenticator.Modality int modality, int keyguardDisabledFlags) {
+ when(mDpm.getProfileOwnerOrDeviceOwnerSupervisionComponent(any(UserHandle.class)))
+ .thenReturn(supervisionComponentName);
+ when(mDpm.getKeyguardDisabledFeatures(eq(supervisionComponentName)))
+ .thenReturn(keyguardDisabledFlags);
+
+ return ParentalControlsUtils.parentConsentRequiredInternal(mDpm, modality,
+ new UserHandle(UserHandle.myUserId()));
+ }
+
+ @Test
+ public void testEnforcedAdmin_whenDpmDisablesBiometricsAndSupervisionComponentExists() {
+ int[][] tests = {
+ {TYPE_FINGERPRINT, DevicePolicyManager.KEYGUARD_DISABLE_FINGERPRINT},
+ {TYPE_FACE, DevicePolicyManager.KEYGUARD_DISABLE_FACE},
+ {TYPE_IRIS, DevicePolicyManager.KEYGUARD_DISABLE_IRIS},
+ };
+
+ for (int i = 0; i < tests.length; i++) {
+ RestrictedLockUtils.EnforcedAdmin admin = getEnforcedAdminForCombination(
+ mSupervisionComponentName, tests[i][0] /* modality */,
+ tests[i][1] /* keyguardDisableFlags */);
+ assertNotNull(admin);
+ assertEquals(mSupervisionComponentName, admin.component);
+ }
+ }
+
+ @Test
+ public void testNoEnforcedAdmin_whenNoSupervisionComponent() {
+ // Even if DPM flag exists, returns null EnforcedAdmin when no supervision component exists
+ RestrictedLockUtils.EnforcedAdmin admin = getEnforcedAdminForCombination(
+ null /* supervisionComponentName */, TYPE_FINGERPRINT,
+ DevicePolicyManager.KEYGUARD_DISABLE_FINGERPRINT);
+ assertNull(admin);
+ }
+}