AccountSecurity.java revision 3d2b3b3b3554be2ac23d9a49fee00faa9693e857
1/* 2 * Copyright (C) 2010 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17package com.android.email.activity.setup; 18 19import com.android.email.R; 20import com.android.email.SecurityPolicy; 21import com.android.email.provider.EmailContent.Account; 22 23import android.app.Activity; 24import android.app.DevicePolicyManager; 25import android.content.Context; 26import android.content.Intent; 27import android.os.Bundle; 28import android.util.Log; 29 30/** 31 * Psuedo-activity (no UI) to bootstrap the user up to a higher desired security level. This 32 * bootstrap requires the following steps. 33 * 34 * 1. Confirm the account of interest has any security policies defined - exit early if not 35 * 2. If not actively administrating the device, ask Device Policy Manager to start that 36 * 3. When we are actively administrating, check current policies and see if they're sufficient 37 * 4. If not, set policies 38 * 5. If necessary, request for user to update device password 39 */ 40public class AccountSecurity extends Activity { 41 42 private static final String EXTRA_ACCOUNT_ID = "com.android.email.activity.setup.ACCOUNT_ID"; 43 44 private static final int REQUEST_ENABLE = 1; 45 46 /** 47 * Used for generating intent for this activity (which is intended to be launched 48 * from a notification.) 49 * 50 * @param context Calling context for building the intent 51 * @param accountId The account of interest 52 * @return an Intent which can be used to view that account 53 */ 54 public static Intent actionUpdateSecurityIntent(Context context, long accountId) { 55 Intent intent = new Intent(context, AccountSecurity.class); 56 intent.putExtra(EXTRA_ACCOUNT_ID, accountId); 57 return intent; 58 } 59 60 @Override 61 public void onCreate(Bundle savedInstanceState) { 62 super.onCreate(savedInstanceState); 63 64 Intent i = getIntent(); 65 long accountId = i.getLongExtra(EXTRA_ACCOUNT_ID, -1); 66 SecurityPolicy security = SecurityPolicy.getInstance(this); 67 security.clearNotification(accountId); 68 if (accountId != -1) { 69 // TODO: spin up a thread to do this in the background, because of DB ops 70 Account account = Account.restoreAccountWithId(this, accountId); 71 if (account != null) { 72 if (account.mSecurityFlags != 0) { 73 // This account wants to control security 74 if (!security.isActiveAdmin()) { 75 // try to become active - must happen here in this activity, to get result 76 Intent intent = new Intent(DevicePolicyManager.ACTION_ADD_DEVICE_ADMIN); 77 intent.putExtra(DevicePolicyManager.EXTRA_DEVICE_ADMIN, 78 security.getAdminComponent()); 79 intent.putExtra(DevicePolicyManager.EXTRA_ADD_EXPLANATION, 80 this.getString(R.string.account_security_policy_explanation_fmt, 81 account.getDisplayName())); 82 startActivityForResult(intent, REQUEST_ENABLE); 83 // keep this activity on stack to process result 84 return; 85 } else { 86 // already active - try to set actual policies, finish, and return 87 setActivePolicies(); 88 } 89 } 90 } 91 } 92 finish(); 93 } 94 95 /** 96 * Handle the eventual result of the user allowing us to become an active device admin 97 */ 98 @Override 99 protected void onActivityResult(int requestCode, int resultCode, Intent data) { 100 switch (requestCode) { 101 case REQUEST_ENABLE: 102 if (resultCode == Activity.RESULT_OK) { 103 // now active - try to set actual policies 104 setActivePolicies(); 105 } else { 106 // failed - just give up and go away 107 } 108 } 109 finish(); 110 super.onActivityResult(requestCode, resultCode, data); 111 } 112 113 /** 114 * Now that we are connected as an active device admin, try to set the device to the 115 * correct security level, and ask for a password if necessary. 116 */ 117 private void setActivePolicies() { 118 SecurityPolicy sp = SecurityPolicy.getInstance(this); 119 // check current security level - if sufficient, we're done! 120 if (sp.isActive(null)) { 121 return; 122 } 123 // set current security level 124 sp.setActivePolicies(); 125 // check current security level - if sufficient, we're done! 126 if (sp.isActive(null)) { 127 return; 128 } 129 // if not sufficient, launch the activity to have the user set a new password. 130 Intent intent = new Intent(DevicePolicyManager.ACTION_SET_NEW_PASSWORD); 131 startActivity(intent); 132 } 133 134} 135