private PreferenceScreen createPreferenceHierarchy() {
PreferenceScreen root = getPreferenceScreen();
if (root != null) {
root.removeAll();
}
// Location Settings
addPreferencesFromResource(R.xml.location_settings);
addPreferencesFromResource(R.xml.security_settings);
root = getPreferenceScreen();
// Location Settings
mNetwork = (CheckBoxPreference) root.findPreference(KEY_LOCATION_NETWORK);
mGps = (CheckBoxPreference) root.findPreference(KEY_LOCATION_GPS);
mAssistedGps = (CheckBoxPreference) root.findPreference(KEY_ASSISTED_GPS);
if (GoogleLocationSettingHelper.isAvailable(getActivity())) {
// GSF present, Add setting for 'Use My Location'
CheckBoxPreference useLocation = new CheckBoxPreference(getActivity());
useLocation.setKey(KEY_USE_LOCATION);
useLocation.setTitle(R.string.use_location_title);
useLocation.setSummary(R.string.use_location_summary);
useLocation.setChecked(
GoogleLocationSettingHelper.getUseLocationForServices(getActivity())
== GoogleLocationSettingHelper.USE_LOCATION_FOR_SERVICES_ON);
useLocation.setPersistent(false);
useLocation.setOnPreferenceChangeListener(this);
getPreferenceScreen().addPreference(useLocation);
mUseLocation = useLocation;
}
// Change the summary for wifi-only devices
if (Utils.isWifiOnly(getActivity())) {
mNetwork.setSummaryOn(R.string.location_neighborhood_level_wifi);
}
// Security Settings
// Add options for lock/unlock screen
int resid = 0;
if (!mLockPatternUtils.isSecure()) {
if (mLockPatternUtils.isLockScreenDisabled()) {
resid = R.xml.security_settings_lockscreen;
} else {
resid = R.xml.security_settings_chooser;
}
} else if (mLockPatternUtils.usingBiometricWeak()
&& mLockPatternUtils.isBiometricWeakInstalled()) {
resid = R.xml.security_settings_biometric_weak;
} else {
switch (mLockPatternUtils.getKeyguardStoredPasswordQuality()) {
case DevicePolicyManager.PASSWORD_QUALITY_SOMETHING:
resid = R.xml.security_settings_pattern;
break;
case DevicePolicyManager.PASSWORD_QUALITY_NUMERIC:
resid = R.xml.security_settings_pin;
break;
case DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC:
case DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC:
case DevicePolicyManager.PASSWORD_QUALITY_COMPLEX:
resid = R.xml.security_settings_password;
break;
}
}
addPreferencesFromResource(resid);
boolean isSystemEmmcDetect = false;
try {
Class c = Class.forName(SYSTEM_DETECT_HANDLER);
ISystemInfoDetectHandler handler = (ISystemInfoDetectHandler) c.newInstance();
isSystemEmmcDetect = handler.isFileSystemAutoDetect();
Log.i("SecuritySettings", "isSystemEmmcDetect = " + isSystemEmmcDetect);
} catch (Exception e) {
Log.i("SecuritySettings", "exception " + e);
isSystemEmmcDetect = false;
}
if ((DefaultQuery.SYSTEM_INFO_DETECT_ENABLED == 1)
|| ((DefaultQuery.SYSTEM_INFO_DETECT_ENABLED == 2) && isSystemEmmcDetect)) {
// Add options for device encryption
DevicePolicyManager dpm =
(DevicePolicyManager) getSystemService(Context.DEVICE_POLICY_SERVICE);
switch (dpm.getStorageEncryptionStatus()) {
case DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE:
// The device is currently encrypted.
addPreferencesFromResource(R.xml.security_settings_encrypted);
break;
case DevicePolicyManager.ENCRYPTION_STATUS_INACTIVE:
// This device supports encryption but isn't encrypted.
addPreferencesFromResource(R.xml.security_settings_unencrypted);
break;
}
}
// lock after preference
mLockAfter = (ListPreference) root.findPreference(KEY_LOCK_AFTER_TIMEOUT);
if (mLockAfter != null) {
setupLockAfterPreference();
updateLockAfterPreferenceSummary();
}
// visible pattern
mVisiblePattern = (CheckBoxPreference) root.findPreference(KEY_VISIBLE_PATTERN);
// lock instantly on power key press
mPowerButtonInstantlyLocks =
(CheckBoxPreference) root.findPreference(KEY_POWER_INSTANTLY_LOCKS);
// don't display visible pattern if biometric and backup is not
// pattern
if (resid == R.xml.security_settings_biometric_weak
&& mLockPatternUtils.getKeyguardStoredPasswordQuality()
!= DevicePolicyManager.PASSWORD_QUALITY_SOMETHING) {
PreferenceGroup securityCategory =
(PreferenceGroup) root.findPreference(KEY_SECURITY_CATEGORY);
if (securityCategory != null && mVisiblePattern != null) {
securityCategory.removePreference(root.findPreference(KEY_VISIBLE_PATTERN));
}
}
// tactile feedback. Should be common to all unlock preference
// screens.
mTactileFeedback = (CheckBoxPreference) root.findPreference(KEY_TACTILE_FEEDBACK_ENABLED);
if (!((Vibrator) getSystemService(Context.VIBRATOR_SERVICE)).hasVibrator()) {
PreferenceGroup securityCategory =
(PreferenceGroup) root.findPreference(KEY_SECURITY_CATEGORY);
if (securityCategory != null && mTactileFeedback != null) {
securityCategory.removePreference(mTactileFeedback);
}
}
// Append the rest of the settings
addPreferencesFromResource(R.xml.security_settings_misc);
MSimTelephonyManager tm = MSimTelephonyManager.getDefault();
int numPhones = TelephonyManager.getDefault().getPhoneCount();
boolean disableLock = false;
for (int i = 0; i < numPhones; i++) {
// Disable SIM lock if sim card is missing or unknown
// notice:cdma can also set sim lock
if ((tm.getSimState(i) == TelephonyManager.SIM_STATE_ABSENT)
|| (tm.getSimState(i) == TelephonyManager.SIM_STATE_UNKNOWN)) {
disableLock = true;
} else {
disableLock = false;
break;
}
}
if (disableLock) {
root.findPreference(KEY_SIM_LOCK).setEnabled(false);
}
// Show password
mShowPassword = (CheckBoxPreference) root.findPreference(KEY_SHOW_PASSWORD);
// SIM/RUIM lock
Preference iccLock = (Preference) root.findPreference(KEY_SIM_LOCK_SETTINGS);
Intent intent = new Intent();
if (tm.isMultiSimEnabled()) {
intent.setClassName(
"com.android.settings", "com.android.settings.multisimsettings.MultiSimSettingTab");
intent.putExtra(SelectSubscription.PACKAGE, "com.android.settings");
intent.putExtra(SelectSubscription.TARGET_CLASS, "com.android.settings.IccLockSettings");
} else {
intent.setClassName("com.android.settings", "com.android.settings.IccLockSettings");
}
iccLock.setIntent(intent);
// Credential storage
mResetCredentials = root.findPreference(KEY_RESET_CREDENTIALS);
mToggleAppInstallation = (CheckBoxPreference) findPreference(KEY_TOGGLE_INSTALL_APPLICATIONS);
mToggleAppInstallation.setChecked(isNonMarketAppsAllowed());
return root;
}
/**
* Revokes device encrypt policy on the device (Device external storage encryption).
*
* @param operation - Operation object.
*/
private void revokeEncryptPolicy(org.wso2.emm.agent.beans.Operation operation) {
boolean encryptStatus =
(devicePolicyManager.getStorageEncryptionStatus()
!= devicePolicyManager.ENCRYPTION_STATUS_UNSUPPORTED
&& (devicePolicyManager.getStorageEncryptionStatus()
== devicePolicyManager.ENCRYPTION_STATUS_ACTIVE
|| devicePolicyManager.getStorageEncryptionStatus()
== devicePolicyManager.ENCRYPTION_STATUS_ACTIVATING));
if (operation.isEnabled() && encryptStatus) {
devicePolicyManager.setStorageEncryption(deviceAdmin, false);
}
}
/**
* Mix in "encryption minimums" to any given quality value. This prevents users from downgrading
* the pattern/pin/password to a level below the minimums.
*
* <p>ASSUMPTION: Setting quality is sufficient (e.g. minimum lengths will be set
* appropriately.)
*/
private int upgradeQualityForEncryption(int quality) {
int encryptionStatus = mDPM.getStorageEncryptionStatus();
boolean encrypted =
(encryptionStatus == DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE)
|| (encryptionStatus == DevicePolicyManager.ENCRYPTION_STATUS_ACTIVATING);
if (encrypted) {
if (quality < CryptKeeperSettings.MIN_PASSWORD_QUALITY) {
quality = CryptKeeperSettings.MIN_PASSWORD_QUALITY;
}
}
return quality;
}
/**
* Encrypt/Decrypt device storage.
*
* @param code - Operation code.
* @param data - Data required(Encryption enable/disable switch).
* @param requestMode - Request mode(Normal mode or policy bundle mode).
*/
public void encryptStorage(String code, String data) {
boolean doEncrypt = true;
try {
JSONObject encryptData = new JSONObject(data);
if (!encryptData.isNull(resources.getString(R.string.intent_extra_function))
&& encryptData
.get(resources.getString(R.string.intent_extra_function))
.toString()
.equalsIgnoreCase(resources.getString(R.string.intent_extra_encrypt))) {
doEncrypt = true;
} else if (!encryptData.isNull(resources.getString(R.string.intent_extra_function))
&& encryptData
.get(resources.getString(R.string.intent_extra_function))
.toString()
.equalsIgnoreCase(resources.getString(R.string.intent_extra_decrypt))) {
doEncrypt = false;
} else if (!encryptData.isNull(resources.getString(R.string.intent_extra_function))) {
doEncrypt =
Boolean.parseBoolean(
encryptData.get(resources.getString(R.string.intent_extra_function)).toString());
}
} catch (JSONException e) {
Log.e(TAG, "Invalid JSON format." + e);
}
ComponentName admin = new ComponentName(context, AgentDeviceAdminReceiver.class);
if (doEncrypt
&& devicePolicyManager.getStorageEncryptionStatus()
!= DevicePolicyManager.ENCRYPTION_STATUS_UNSUPPORTED
&& (devicePolicyManager.getStorageEncryptionStatus()
== DevicePolicyManager.ENCRYPTION_STATUS_INACTIVE)) {
devicePolicyManager.setStorageEncryption(admin, doEncrypt);
Intent intent = new Intent(DevicePolicyManager.ACTION_START_ENCRYPTION);
intent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
context.startActivity(intent);
} else if (!doEncrypt
&& devicePolicyManager.getStorageEncryptionStatus()
!= DevicePolicyManager.ENCRYPTION_STATUS_UNSUPPORTED
&& (devicePolicyManager.getStorageEncryptionStatus()
== DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE
|| devicePolicyManager.getStorageEncryptionStatus()
== DevicePolicyManager.ENCRYPTION_STATUS_ACTIVATING)) {
devicePolicyManager.setStorageEncryption(admin, doEncrypt);
}
String status;
if (devicePolicyManager.getStorageEncryptionStatus()
!= DevicePolicyManager.ENCRYPTION_STATUS_UNSUPPORTED) {
status = resources.getString(R.string.shared_pref_default_status);
} else {
status = resources.getString(R.string.shared_pref_false_status);
}
resultBuilder.build(code, status);
}
/**
* Mix in "encryption minimums" to any given quality value. This prevents users from downgrading
* the pattern/pin/password to a level below the minimums.
*
* <p>ASSUMPTION: Setting quality is sufficient (e.g. minimum lengths will be set
* appropriately.)
*/
private int upgradeQualityForEncryption(int quality) {
// Don't upgrade quality for secondary users. Encryption requirements don't apply.
if (!Process.myUserHandle().equals(UserHandle.OWNER)) return quality;
int encryptionStatus = mDPM.getStorageEncryptionStatus();
boolean encrypted =
(encryptionStatus == DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE)
|| (encryptionStatus == DevicePolicyManager.ENCRYPTION_STATUS_ACTIVATING);
if (encrypted) {
if (quality < CryptKeeperSettings.MIN_PASSWORD_QUALITY) {
quality = CryptKeeperSettings.MIN_PASSWORD_QUALITY;
}
}
return quality;
}
/** Update the encryption password if it is enabled * */
private void updateEncryptionPassword(String password) {
DevicePolicyManager dpm = getDevicePolicyManager();
if (dpm.getStorageEncryptionStatus() != DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE) {
return;
}
IBinder service = ServiceManager.getService("mount");
if (service == null) {
Log.e(TAG, "Could not find the mount service to update the encryption password");
return;
}
IMountService mountService = IMountService.Stub.asInterface(service);
try {
mountService.changeEncryptionPassword(password);
} catch (RemoteException e) {
Log.e(TAG, "Error changing encryption password", e);
}
}