• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2022 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package com.android.devicelockcontroller.storage;
18 
19 import android.content.Context;
20 import android.content.SharedPreferences;
21 import android.os.Build;
22 import android.util.ArraySet;
23 
24 import androidx.annotation.Nullable;
25 
26 import com.android.devicelockcontroller.common.DeviceLockConstants.DeviceProvisionState;
27 
28 import java.util.ArrayList;
29 import java.util.Set;
30 
31 /**
32  * Stores global parameters.
33  * <p>
34  * Note that, these parameter values are common across all users which means any users can read or
35  * write them. Due to this reason, unlike {@link UserParameters}, they must be accessed all the time
36  * via the {@link GlobalParametersClient}.
37  */
38 final class GlobalParameters {
39     private static final String FILENAME = "global-params";
40     private static final String KEY_KIOSK_SIGNING_CERT = "kiosk_signing_cert";
41     private static final String KEY_LOCK_TASK_ALLOWLIST = "lock_task_allowlist";
42     private static final String KEY_NEED_CHECK_IN = "need_check_in";
43     private static final String KEY_REGISTERED_DEVICE_ID = "registered_device_id";
44     private static final String KEY_FORCED_PROVISION = "forced_provision";
45     private static final String KEY_ENROLLMENT_TOKEN = "enrollment_token";
46     private static final String KEY_LAST_RECEIVED_PROVISION_STATE = "last-received-provision-state";
47 
48 
GlobalParameters()49     private GlobalParameters() {
50     }
51 
getSharedPreferences(Context context)52     private static SharedPreferences getSharedPreferences(Context context) {
53         final Context deviceContext = context.createDeviceProtectedStorageContext();
54 
55         return deviceContext.getSharedPreferences(FILENAME, Context.MODE_PRIVATE);
56     }
57 
58     /**
59      * Get the kiosk app signature.
60      *
61      * @param context Context used to get the shared preferences.
62      * @return the kiosk app signature.
63      */
64     @Nullable
getKioskSignature(Context context)65     static String getKioskSignature(Context context) {
66         return getSharedPreferences(context).getString(KEY_KIOSK_SIGNING_CERT, null);
67     }
68 
69     /**
70      * Sets the kiosk app signature.
71      *
72      * @param context   Context used to get the shared preferences.
73      * @param signature Kiosk app signature.
74      */
setKioskSignature(Context context, String signature)75     static void setKioskSignature(Context context, String signature) {
76         getSharedPreferences(context).edit().putString(KEY_KIOSK_SIGNING_CERT, signature).apply();
77     }
78 
79     /**
80      * Gets the list of packages allowlisted in lock task mode.
81      *
82      * @param context Context used to get the shared preferences.
83      * @return List of packages that are allowed in lock task mode.
84      */
getLockTaskAllowlist(Context context)85     static ArrayList<String> getLockTaskAllowlist(Context context) {
86         final ArrayList<String> allowlistArray = new ArrayList<>();
87         SharedPreferences sharedPreferences = getSharedPreferences(context);
88         final Set<String> allowlist =
89                 sharedPreferences.getStringSet(KEY_LOCK_TASK_ALLOWLIST, /* defValue= */ null);
90         if (allowlist != null) {
91             allowlistArray.addAll(allowlist);
92         }
93 
94         return allowlistArray;
95     }
96 
97     /**
98      * Sets the list of packages allowlisted in lock task mode.
99      *
100      * @param context   Context used to get the shared preferences.
101      * @param allowlist List of packages that are allowed in lock task mode.
102      */
setLockTaskAllowlist(Context context, ArrayList<String> allowlist)103     static void setLockTaskAllowlist(Context context, ArrayList<String> allowlist) {
104         final Set<String> allowlistSet = new ArraySet<>(allowlist);
105 
106         getSharedPreferences(context)
107                 .edit()
108                 .putStringSet(KEY_LOCK_TASK_ALLOWLIST, allowlistSet)
109                 .apply();
110     }
111 
112     /**
113      * Checks if a check-in request needs to be performed.
114      *
115      * @param context Context used to get the shared preferences.
116      * @return true if check-in request needs to be performed.
117      */
needCheckIn(Context context)118     static boolean needCheckIn(Context context) {
119         return getSharedPreferences(context).getBoolean(KEY_NEED_CHECK_IN, /* defValue= */ true);
120     }
121 
122     /**
123      * Sets the value of whether this device needs to perform check-in request.
124      *
125      * @param context     Context used to get the shared preferences.
126      * @param needCheckIn new state of whether the device needs to perform check-in request.
127      */
setNeedCheckIn(Context context, boolean needCheckIn)128     static void setNeedCheckIn(Context context, boolean needCheckIn) {
129         getSharedPreferences(context)
130                 .edit()
131                 .putBoolean(KEY_NEED_CHECK_IN, needCheckIn)
132                 .apply();
133     }
134 
135     /**
136      * Gets the unique identifier that is regisered to DeviceLock backend server.
137      *
138      * @param context Context used to get the shared preferences.
139      * @return The registered device unique identifier; null if device has never checked in with
140      * backed server.
141      */
142     @Nullable
getRegisteredDeviceId(Context context)143     static String getRegisteredDeviceId(Context context) {
144         SharedPreferences preferences = getSharedPreferences(context);
145         return preferences.getString(KEY_REGISTERED_DEVICE_ID, null);
146     }
147 
148     /**
149      * Set the unique identifier that is registered to DeviceLock backend server.
150      *
151      * @param context            Context used to get the shared preferences.
152      * @param registeredDeviceId The registered device unique identifier.
153      */
setRegisteredDeviceId(Context context, String registeredDeviceId)154     static void setRegisteredDeviceId(Context context, String registeredDeviceId) {
155         getSharedPreferences(context)
156                 .edit()
157                 .putString(KEY_REGISTERED_DEVICE_ID, registeredDeviceId)
158                 .apply();
159     }
160 
161     /**
162      * Check if provision should be forced.
163      *
164      * @param context Context used to get the shared preferences.
165      * @return True if the provision should be forced without any delays.
166      */
isProvisionForced(Context context)167     static boolean isProvisionForced(Context context) {
168         return getSharedPreferences(context).getBoolean(KEY_FORCED_PROVISION, false);
169     }
170 
171     /**
172      * Set provision is forced
173      *
174      * @param context  Context used to get the shared preferences.
175      * @param isForced The new value of the forced provision flag.
176      */
setProvisionForced(Context context, boolean isForced)177     static void setProvisionForced(Context context, boolean isForced) {
178         getSharedPreferences(context)
179                 .edit()
180                 .putBoolean(KEY_FORCED_PROVISION, isForced)
181                 .apply();
182     }
183 
184     /**
185      * Get the enrollment token assigned by the Device Lock backend server.
186      *
187      * @param context Context used to get the shared preferences.
188      * @return A string value of the enrollment token.
189      */
190     @Nullable
getEnrollmentToken(Context context)191     static String getEnrollmentToken(Context context) {
192         return getSharedPreferences(context).getString(KEY_ENROLLMENT_TOKEN, null);
193     }
194 
195     /**
196      * Set the enrollment token assigned by the Device Lock backend server.
197      *
198      * @param context Context used to get the shared preferences.
199      * @param token   The string value of the enrollment token.
200      */
setEnrollmentToken(Context context, String token)201     static void setEnrollmentToken(Context context, String token) {
202         getSharedPreferences(context)
203                 .edit()
204                 .putString(KEY_ENROLLMENT_TOKEN, token)
205                 .apply();
206     }
207 
208     @DeviceProvisionState
getLastReceivedProvisionState(Context context)209     static int getLastReceivedProvisionState(Context context) {
210         return getSharedPreferences(context).getInt(KEY_LAST_RECEIVED_PROVISION_STATE,
211                 DeviceProvisionState.PROVISION_STATE_UNSPECIFIED);
212     }
213 
setLastReceivedProvisionState(Context context, @DeviceProvisionState int provisionState)214     static void setLastReceivedProvisionState(Context context,
215             @DeviceProvisionState int provisionState) {
216         getSharedPreferences(context)
217                 .edit()
218                 .putInt(KEY_LAST_RECEIVED_PROVISION_STATE, provisionState)
219                 .apply();
220     }
221 
clear(Context context)222     static void clear(Context context) {
223         if (!Build.isDebuggable()) {
224             throw new SecurityException("Clear is not allowed in non-debuggable build!");
225         }
226         getSharedPreferences(context).edit().clear().commit();
227     }
228 }
229