1 /* 2 * Copyright (C) 2010 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.settings; 18 19 import android.app.AppOpsManager; 20 21 import org.xmlpull.v1.XmlPullParserException; 22 23 import android.app.Activity; 24 import android.app.ActivityManagerNative; 25 import android.app.AlertDialog; 26 import android.app.Dialog; 27 import android.app.admin.DeviceAdminInfo; 28 import android.app.admin.DeviceAdminReceiver; 29 import android.app.admin.DevicePolicyManager; 30 import android.content.ComponentName; 31 import android.content.Context; 32 import android.content.DialogInterface; 33 import android.content.Intent; 34 import android.content.pm.ActivityInfo; 35 import android.content.pm.ApplicationInfo; 36 import android.content.pm.PackageInfo; 37 import android.content.pm.PackageManager; 38 import android.content.pm.PackageManager.NameNotFoundException; 39 import android.content.pm.ResolveInfo; 40 import android.content.res.Resources; 41 import android.os.Bundle; 42 import android.os.Handler; 43 import android.os.RemoteCallback; 44 import android.os.RemoteException; 45 import android.os.UserHandle; 46 import android.text.TextUtils.TruncateAt; 47 import android.util.EventLog; 48 import android.util.Log; 49 import android.view.Display; 50 import android.view.View; 51 import android.view.ViewGroup; 52 import android.view.ViewTreeObserver; 53 import android.view.WindowManager; 54 import android.widget.AppSecurityPermissions; 55 import android.widget.Button; 56 import android.widget.ImageView; 57 import android.widget.TextView; 58 59 import java.io.IOException; 60 import java.util.ArrayList; 61 import java.util.List; 62 63 public class DeviceAdminAdd extends Activity { 64 static final String TAG = "DeviceAdminAdd"; 65 66 static final int DIALOG_WARNING = 1; 67 68 private static final int MAX_ADD_MSG_LINES_PORTRAIT = 5; 69 private static final int MAX_ADD_MSG_LINES_LANDSCAPE = 2; 70 private static final int MAX_ADD_MSG_LINES = 15; 71 72 Handler mHandler; 73 74 DevicePolicyManager mDPM; 75 AppOpsManager mAppOps; 76 DeviceAdminInfo mDeviceAdmin; 77 CharSequence mAddMsgText; 78 String mProfileOwnerName; 79 80 ImageView mAdminIcon; 81 TextView mAdminName; 82 TextView mAdminDescription; 83 TextView mAddMsg; 84 TextView mProfileOwnerWarning; 85 ImageView mAddMsgExpander; 86 boolean mAddMsgEllipsized = true; 87 TextView mAdminWarning; 88 ViewGroup mAdminPolicies; 89 Button mActionButton; 90 Button mCancelButton; 91 92 boolean mAdding; 93 boolean mRefreshing; 94 boolean mWaitingForRemoveMsg; 95 boolean mAddingProfileOwner; 96 boolean mAdminPoliciesInitialized; 97 int mCurSysAppOpMode; 98 int mCurToastAppOpMode; 99 100 @Override 101 protected void onCreate(Bundle icicle) { 102 super.onCreate(icicle); 103 104 mHandler = new Handler(getMainLooper()); 105 106 mDPM = (DevicePolicyManager)getSystemService(Context.DEVICE_POLICY_SERVICE); 107 mAppOps = (AppOpsManager)getSystemService(Context.APP_OPS_SERVICE); 108 PackageManager packageManager = getPackageManager(); 109 110 if ((getIntent().getFlags()&Intent.FLAG_ACTIVITY_NEW_TASK) != 0) { 111 Log.w(TAG, "Cannot start ADD_DEVICE_ADMIN as a new task"); 112 finish(); 113 return; 114 } 115 116 String action = getIntent().getAction(); 117 ComponentName who = (ComponentName)getIntent().getParcelableExtra( 118 DevicePolicyManager.EXTRA_DEVICE_ADMIN); 119 if (who == null) { 120 Log.w(TAG, "No component specified in " + action); 121 finish(); 122 return; 123 } 124 125 if (action != null && action.equals(DevicePolicyManager.ACTION_SET_PROFILE_OWNER)) { 126 setResult(RESULT_CANCELED); 127 setFinishOnTouchOutside(true); 128 mAddingProfileOwner = true; 129 mProfileOwnerName = 130 getIntent().getStringExtra(DevicePolicyManager.EXTRA_PROFILE_OWNER_NAME); 131 String callingPackage = getCallingPackage(); 132 if (callingPackage == null || !callingPackage.equals(who.getPackageName())) { 133 Log.e(TAG, "Unknown or incorrect caller"); 134 finish(); 135 return; 136 } 137 try { 138 PackageInfo packageInfo = packageManager.getPackageInfo(callingPackage, 0); 139 if ((packageInfo.applicationInfo.flags & ApplicationInfo.FLAG_SYSTEM) == 0) { 140 Log.e(TAG, "Cannot set a non-system app as a profile owner"); 141 finish(); 142 return; 143 } 144 } catch (NameNotFoundException nnfe) { 145 Log.e(TAG, "Cannot find the package " + callingPackage); 146 finish(); 147 return; 148 } 149 } 150 151 ActivityInfo ai; 152 try { 153 ai = packageManager.getReceiverInfo(who, PackageManager.GET_META_DATA); 154 } catch (PackageManager.NameNotFoundException e) { 155 Log.w(TAG, "Unable to retrieve device policy " + who, e); 156 finish(); 157 return; 158 } 159 160 // When activating, make sure the given component name is actually a valid device admin. 161 // No need to check this when deactivating, because it is safe to deactivate an active 162 // invalid device admin. 163 if (!mDPM.isAdminActive(who)) { 164 List<ResolveInfo> avail = packageManager.queryBroadcastReceivers( 165 new Intent(DeviceAdminReceiver.ACTION_DEVICE_ADMIN_ENABLED), 166 PackageManager.GET_DISABLED_UNTIL_USED_COMPONENTS); 167 int count = avail == null ? 0 : avail.size(); 168 boolean found = false; 169 for (int i=0; i<count; i++) { 170 ResolveInfo ri = avail.get(i); 171 if (ai.packageName.equals(ri.activityInfo.packageName) 172 && ai.name.equals(ri.activityInfo.name)) { 173 try { 174 // We didn't retrieve the meta data for all possible matches, so 175 // need to use the activity info of this specific one that was retrieved. 176 ri.activityInfo = ai; 177 DeviceAdminInfo dpi = new DeviceAdminInfo(this, ri); 178 found = true; 179 } catch (XmlPullParserException e) { 180 Log.w(TAG, "Bad " + ri.activityInfo, e); 181 } catch (IOException e) { 182 Log.w(TAG, "Bad " + ri.activityInfo, e); 183 } 184 break; 185 } 186 } 187 if (!found) { 188 Log.w(TAG, "Request to add invalid device admin: " + who); 189 finish(); 190 return; 191 } 192 } 193 194 ResolveInfo ri = new ResolveInfo(); 195 ri.activityInfo = ai; 196 try { 197 mDeviceAdmin = new DeviceAdminInfo(this, ri); 198 } catch (XmlPullParserException e) { 199 Log.w(TAG, "Unable to retrieve device policy " + who, e); 200 finish(); 201 return; 202 } catch (IOException e) { 203 Log.w(TAG, "Unable to retrieve device policy " + who, e); 204 finish(); 205 return; 206 } 207 208 // This admin already exists, an we have two options at this point. If new policy 209 // bits are set, show the user the new list. If nothing has changed, simply return 210 // "OK" immediately. 211 if (DevicePolicyManager.ACTION_ADD_DEVICE_ADMIN.equals(getIntent().getAction())) { 212 mRefreshing = false; 213 if (mDPM.isAdminActive(who)) { 214 ArrayList<DeviceAdminInfo.PolicyInfo> newPolicies = mDeviceAdmin.getUsedPolicies(); 215 for (int i = 0; i < newPolicies.size(); i++) { 216 DeviceAdminInfo.PolicyInfo pi = newPolicies.get(i); 217 if (!mDPM.hasGrantedPolicy(who, pi.ident)) { 218 mRefreshing = true; 219 break; 220 } 221 } 222 if (!mRefreshing) { 223 // Nothing changed (or policies were removed) - return immediately 224 setResult(Activity.RESULT_OK); 225 finish(); 226 return; 227 } 228 } 229 } 230 231 // If we're trying to add a profile owner and user setup hasn't completed yet, no 232 // need to prompt for permission. Just add and finish. 233 if (mAddingProfileOwner && !mDPM.hasUserSetupCompleted()) { 234 addAndFinish(); 235 return; 236 } 237 238 mAddMsgText = getIntent().getCharSequenceExtra(DevicePolicyManager.EXTRA_ADD_EXPLANATION); 239 240 setContentView(R.layout.device_admin_add); 241 242 mAdminIcon = (ImageView)findViewById(R.id.admin_icon); 243 mAdminName = (TextView)findViewById(R.id.admin_name); 244 mAdminDescription = (TextView)findViewById(R.id.admin_description); 245 mProfileOwnerWarning = (TextView) findViewById(R.id.profile_owner_warning); 246 247 mAddMsg = (TextView)findViewById(R.id.add_msg); 248 mAddMsgExpander = (ImageView) findViewById(R.id.add_msg_expander); 249 final View.OnClickListener onClickListener = new View.OnClickListener() { 250 @Override 251 public void onClick(View v) { 252 toggleMessageEllipsis(mAddMsg); 253 } 254 }; 255 mAddMsgExpander.setOnClickListener(onClickListener); 256 mAddMsg.setOnClickListener(onClickListener); 257 258 // Determine whether the message can be collapsed - getLineCount() gives the correct 259 // number of lines only after a layout pass. 260 mAddMsg.getViewTreeObserver().addOnGlobalLayoutListener( 261 new ViewTreeObserver.OnGlobalLayoutListener() { 262 @Override 263 public void onGlobalLayout() { 264 final int maxLines = getEllipsizedLines(); 265 // hide the icon if number of visible lines does not exceed maxLines 266 boolean hideMsgExpander = mAddMsg.getLineCount() <= maxLines; 267 mAddMsgExpander.setVisibility(hideMsgExpander ? View.GONE : View.VISIBLE); 268 if (hideMsgExpander) { 269 mAddMsg.setOnClickListener(null); 270 ((View)mAddMsgExpander.getParent()).invalidate(); 271 } 272 mAddMsg.getViewTreeObserver().removeOnGlobalLayoutListener(this); 273 } 274 }); 275 276 // toggleMessageEllipsis also handles initial layout: 277 toggleMessageEllipsis(mAddMsg); 278 279 mAdminWarning = (TextView) findViewById(R.id.admin_warning); 280 mAdminPolicies = (ViewGroup) findViewById(R.id.admin_policies); 281 mCancelButton = (Button) findViewById(R.id.cancel_button); 282 mCancelButton.setFilterTouchesWhenObscured(true); 283 mCancelButton.setOnClickListener(new View.OnClickListener() { 284 public void onClick(View v) { 285 EventLog.writeEvent(EventLogTags.EXP_DET_DEVICE_ADMIN_DECLINED_BY_USER, 286 mDeviceAdmin.getActivityInfo().applicationInfo.uid); 287 finish(); 288 } 289 }); 290 mActionButton = (Button) findViewById(R.id.action_button); 291 mActionButton.setFilterTouchesWhenObscured(true); 292 mActionButton.setOnClickListener(new View.OnClickListener() { 293 public void onClick(View v) { 294 if (mAdding) { 295 addAndFinish(); 296 } else if (!mWaitingForRemoveMsg) { 297 try { 298 // Don't allow the admin to put a dialog up in front 299 // of us while we interact with the user. 300 ActivityManagerNative.getDefault().stopAppSwitches(); 301 } catch (RemoteException e) { 302 } 303 mWaitingForRemoveMsg = true; 304 mDPM.getRemoveWarning(mDeviceAdmin.getComponent(), 305 new RemoteCallback(mHandler) { 306 @Override 307 protected void onResult(Bundle bundle) { 308 CharSequence msg = bundle != null 309 ? bundle.getCharSequence( 310 DeviceAdminReceiver.EXTRA_DISABLE_WARNING) 311 : null; 312 continueRemoveAction(msg); 313 } 314 }); 315 // Don't want to wait too long. 316 getWindow().getDecorView().getHandler().postDelayed(new Runnable() { 317 @Override public void run() { 318 continueRemoveAction(null); 319 } 320 }, 2*1000); 321 } 322 } 323 }); 324 } 325 326 void addAndFinish() { 327 try { 328 mDPM.setActiveAdmin(mDeviceAdmin.getComponent(), mRefreshing); 329 EventLog.writeEvent(EventLogTags.EXP_DET_DEVICE_ADMIN_ACTIVATED_BY_USER, 330 mDeviceAdmin.getActivityInfo().applicationInfo.uid); 331 setResult(Activity.RESULT_OK); 332 } catch (RuntimeException e) { 333 // Something bad happened... could be that it was 334 // already set, though. 335 Log.w(TAG, "Exception trying to activate admin " 336 + mDeviceAdmin.getComponent(), e); 337 if (mDPM.isAdminActive(mDeviceAdmin.getComponent())) { 338 setResult(Activity.RESULT_OK); 339 } 340 } 341 if (mAddingProfileOwner) { 342 try { 343 mDPM.setProfileOwner(mDeviceAdmin.getComponent(), 344 mProfileOwnerName, UserHandle.myUserId()); 345 } catch (RuntimeException re) { 346 setResult(Activity.RESULT_CANCELED); 347 } 348 } 349 finish(); 350 } 351 352 void continueRemoveAction(CharSequence msg) { 353 if (!mWaitingForRemoveMsg) { 354 return; 355 } 356 mWaitingForRemoveMsg = false; 357 if (msg == null) { 358 try { 359 ActivityManagerNative.getDefault().resumeAppSwitches(); 360 } catch (RemoteException e) { 361 } 362 mDPM.removeActiveAdmin(mDeviceAdmin.getComponent()); 363 finish(); 364 } else { 365 try { 366 // Continue preventing anything from coming in front. 367 ActivityManagerNative.getDefault().stopAppSwitches(); 368 } catch (RemoteException e) { 369 } 370 Bundle args = new Bundle(); 371 args.putCharSequence( 372 DeviceAdminReceiver.EXTRA_DISABLE_WARNING, msg); 373 showDialog(DIALOG_WARNING, args); 374 } 375 } 376 377 @Override 378 protected void onResume() { 379 super.onResume(); 380 updateInterface(); 381 // As long as we are running, don't let this admin overlay stuff on top of the screen. 382 final int uid = mDeviceAdmin.getActivityInfo().applicationInfo.uid; 383 final String pkg = mDeviceAdmin.getActivityInfo().applicationInfo.packageName; 384 mCurSysAppOpMode = mAppOps.checkOp(AppOpsManager.OP_SYSTEM_ALERT_WINDOW, uid, pkg); 385 mCurToastAppOpMode = mAppOps.checkOp(AppOpsManager.OP_TOAST_WINDOW, uid, pkg); 386 mAppOps.setMode(AppOpsManager.OP_SYSTEM_ALERT_WINDOW, uid, pkg, AppOpsManager.MODE_IGNORED); 387 mAppOps.setMode(AppOpsManager.OP_TOAST_WINDOW, uid, pkg, AppOpsManager.MODE_IGNORED); 388 } 389 390 @Override 391 protected void onPause() { 392 super.onPause(); 393 // As long as we are running, don't let this admin overlay stuff on top of the screen. 394 final int uid = mDeviceAdmin.getActivityInfo().applicationInfo.uid; 395 final String pkg = mDeviceAdmin.getActivityInfo().applicationInfo.packageName; 396 mAppOps.setMode(AppOpsManager.OP_SYSTEM_ALERT_WINDOW, uid, pkg, mCurSysAppOpMode); 397 mAppOps.setMode(AppOpsManager.OP_TOAST_WINDOW, uid, pkg, mCurToastAppOpMode); 398 try { 399 ActivityManagerNative.getDefault().resumeAppSwitches(); 400 } catch (RemoteException e) { 401 } 402 } 403 404 @Override 405 protected Dialog onCreateDialog(int id, Bundle args) { 406 switch (id) { 407 case DIALOG_WARNING: { 408 CharSequence msg = args.getCharSequence(DeviceAdminReceiver.EXTRA_DISABLE_WARNING); 409 AlertDialog.Builder builder = new AlertDialog.Builder(this); 410 builder.setMessage(msg); 411 builder.setPositiveButton(R.string.dlg_ok, 412 new DialogInterface.OnClickListener() { 413 public void onClick(DialogInterface dialog, int which) { 414 try { 415 ActivityManagerNative.getDefault().resumeAppSwitches(); 416 } catch (RemoteException e) { 417 } 418 mDPM.removeActiveAdmin(mDeviceAdmin.getComponent()); 419 finish(); 420 } 421 }); 422 builder.setNegativeButton(R.string.dlg_cancel, null); 423 return builder.create(); 424 } 425 default: 426 return super.onCreateDialog(id, args); 427 428 } 429 } 430 431 void updateInterface() { 432 mAdminIcon.setImageDrawable(mDeviceAdmin.loadIcon(getPackageManager())); 433 mAdminName.setText(mDeviceAdmin.loadLabel(getPackageManager())); 434 try { 435 mAdminDescription.setText( 436 mDeviceAdmin.loadDescription(getPackageManager())); 437 mAdminDescription.setVisibility(View.VISIBLE); 438 } catch (Resources.NotFoundException e) { 439 mAdminDescription.setVisibility(View.GONE); 440 } 441 if (mAddingProfileOwner) { 442 mProfileOwnerWarning.setVisibility(View.VISIBLE); 443 } 444 if (mAddMsgText != null) { 445 mAddMsg.setText(mAddMsgText); 446 mAddMsg.setVisibility(View.VISIBLE); 447 } else { 448 mAddMsg.setVisibility(View.GONE); 449 mAddMsgExpander.setVisibility(View.GONE); 450 } 451 if (!mRefreshing && !mAddingProfileOwner 452 && mDPM.isAdminActive(mDeviceAdmin.getComponent())) { 453 addDeviceAdminPolicies(false /* showDescription */); 454 mAdminWarning.setText(getString(R.string.device_admin_status, 455 mDeviceAdmin.getActivityInfo().applicationInfo.loadLabel(getPackageManager()))); 456 setTitle(getText(R.string.active_device_admin_msg)); 457 mActionButton.setText(getText(R.string.remove_device_admin)); 458 mAdding = false; 459 } else { 460 addDeviceAdminPolicies(true /* showDescription */); 461 mAdminWarning.setText(getString(R.string.device_admin_warning, 462 mDeviceAdmin.getActivityInfo().applicationInfo.loadLabel(getPackageManager()))); 463 if (mAddingProfileOwner) { 464 setTitle(getText(R.string.profile_owner_add_title)); 465 } else { 466 setTitle(getText(R.string.add_device_admin_msg)); 467 } 468 mActionButton.setText(getText(R.string.add_device_admin)); 469 mAdding = true; 470 } 471 } 472 473 private void addDeviceAdminPolicies(boolean showDescription) { 474 if (!mAdminPoliciesInitialized) { 475 boolean isOwner = UserHandle.getCallingUserHandle().isOwner(); 476 for (DeviceAdminInfo.PolicyInfo pi : mDeviceAdmin.getUsedPolicies()) { 477 int descriptionId = isOwner ? pi.description : pi.descriptionForSecondaryUsers; 478 int labelId = isOwner ? pi.label : pi.labelForSecondaryUsers; 479 View view = AppSecurityPermissions.getPermissionItemView(this, getText(labelId), 480 showDescription ? getText(descriptionId) : "", true); 481 mAdminPolicies.addView(view); 482 } 483 mAdminPoliciesInitialized = true; 484 } 485 } 486 487 void toggleMessageEllipsis(View v) { 488 TextView tv = (TextView) v; 489 490 mAddMsgEllipsized = ! mAddMsgEllipsized; 491 tv.setEllipsize(mAddMsgEllipsized ? TruncateAt.END : null); 492 tv.setMaxLines(mAddMsgEllipsized ? getEllipsizedLines() : MAX_ADD_MSG_LINES); 493 494 mAddMsgExpander.setImageResource(mAddMsgEllipsized ? 495 com.android.internal.R.drawable.expander_ic_minimized : 496 com.android.internal.R.drawable.expander_ic_maximized); 497 } 498 499 int getEllipsizedLines() { 500 Display d = ((WindowManager) getSystemService(Context.WINDOW_SERVICE)) 501 .getDefaultDisplay(); 502 503 return d.getHeight() > d.getWidth() ? 504 MAX_ADD_MSG_LINES_PORTRAIT : MAX_ADD_MSG_LINES_LANDSCAPE; 505 } 506 507 } 508
