1 /* 2 * Copyright (C) 2021 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.settings.biometrics; 18 19 import android.app.admin.DevicePolicyManager; 20 import android.content.ComponentName; 21 import android.content.Context; 22 import android.hardware.biometrics.BiometricAuthenticator; 23 import android.hardware.biometrics.ParentalControlsUtilsInternal; 24 import android.os.UserHandle; 25 import android.os.UserManager; 26 import android.util.Log; 27 28 import androidx.annotation.NonNull; 29 import androidx.annotation.Nullable; 30 31 import com.android.internal.annotations.VisibleForTesting; 32 import com.android.settingslib.RestrictedLockUtils; 33 34 /** 35 * Utilities for things at the cross-section of biometrics and parental controls. For example, 36 * determining if parental consent is required, determining which strings should be shown, etc. 37 */ 38 public class ParentalControlsUtils { 39 40 private static final String TAG = "ParentalControlsUtils"; 41 42 /** 43 * Public version that enables test paths, see 44 * {@link android.hardware.biometrics.ParentalControlsUtilsInternal#isTestModeEnabled(Context)} 45 * @return non-null EnforcedAdmin if parental consent is required 46 */ parentConsentRequired(@onNull Context context, @BiometricAuthenticator.Modality int modality)47 public static RestrictedLockUtils.EnforcedAdmin parentConsentRequired(@NonNull Context context, 48 @BiometricAuthenticator.Modality int modality) { 49 50 final UserHandle userHandle = new UserHandle(UserHandle.myUserId()); 51 if (ParentalControlsUtilsInternal.isTestModeEnabled(context)) { 52 Log.d(TAG, "Requiring consent for test flow"); 53 return new RestrictedLockUtils.EnforcedAdmin(null /* ComponentName */, 54 UserManager.DISALLOW_BIOMETRIC, userHandle); 55 } 56 57 final DevicePolicyManager dpm = context.getSystemService(DevicePolicyManager.class); 58 return parentConsentRequiredInternal(dpm, modality, userHandle); 59 } 60 61 /** 62 * Internal testable version. 63 * @return non-null EnforcedAdmin if parental consent is required 64 */ 65 @Nullable 66 @VisibleForTesting parentConsentRequiredInternal( @onNull DevicePolicyManager dpm, @BiometricAuthenticator.Modality int modality, @NonNull UserHandle userHandle)67 static RestrictedLockUtils.EnforcedAdmin parentConsentRequiredInternal( 68 @NonNull DevicePolicyManager dpm, @BiometricAuthenticator.Modality int modality, 69 @NonNull UserHandle userHandle) { 70 if (ParentalControlsUtilsInternal.parentConsentRequired(dpm, modality, 71 userHandle)) { 72 final ComponentName cn = 73 ParentalControlsUtilsInternal.getSupervisionComponentName(dpm, userHandle); 74 return new RestrictedLockUtils.EnforcedAdmin(cn, UserManager.DISALLOW_BIOMETRIC, 75 userHandle); 76 } else { 77 return null; 78 } 79 } 80 } 81