AccountSecurity.java revision 3d2b3b3b3554be2ac23d9a49fee00faa9693e857 
1/*
2 * Copyright (C) 2010 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package com.android.email.activity.setup;
18
19import com.android.email.R;
20import com.android.email.SecurityPolicy;
21import com.android.email.provider.EmailContent.Account;
22
23import android.app.Activity;
24import android.app.DevicePolicyManager;
25import android.content.Context;
26import android.content.Intent;
27import android.os.Bundle;
28import android.util.Log;
29
30/**
31 * Psuedo-activity (no UI) to bootstrap the user up to a higher desired security level.  This
32 * bootstrap requires the following steps.
33 *
34 * 1.  Confirm the account of interest has any security policies defined - exit early if not
35 * 2.  If not actively administrating the device, ask Device Policy Manager to start that
36 * 3.  When we are actively administrating, check current policies and see if they're sufficient
37 * 4.  If not, set policies
38 * 5.  If necessary, request for user to update device password
39 */
40public class AccountSecurity extends Activity {
41
42    private static final String EXTRA_ACCOUNT_ID = "com.android.email.activity.setup.ACCOUNT_ID";
43
44    private static final int REQUEST_ENABLE = 1;
45
46    /**
47     * Used for generating intent for this activity (which is intended to be launched
48     * from a notification.)
49     *
50     * @param context Calling context for building the intent
51     * @param accountId The account of interest
52     * @return an Intent which can be used to view that account
53     */
54    public static Intent actionUpdateSecurityIntent(Context context, long accountId) {
55        Intent intent = new Intent(context, AccountSecurity.class);
56        intent.putExtra(EXTRA_ACCOUNT_ID, accountId);
57        return intent;
58    }
59
60    @Override
61    public void onCreate(Bundle savedInstanceState) {
62        super.onCreate(savedInstanceState);
63
64        Intent i = getIntent();
65        long accountId = i.getLongExtra(EXTRA_ACCOUNT_ID, -1);
66        SecurityPolicy security = SecurityPolicy.getInstance(this);
67        security.clearNotification(accountId);
68        if (accountId != -1) {
69            // TODO: spin up a thread to do this in the background, because of DB ops
70            Account account = Account.restoreAccountWithId(this, accountId);
71            if (account != null) {
72                if (account.mSecurityFlags != 0) {
73                    // This account wants to control security
74                    if (!security.isActiveAdmin()) {
75                        // try to become active - must happen here in this activity, to get result
76                        Intent intent = new Intent(DevicePolicyManager.ACTION_ADD_DEVICE_ADMIN);
77                        intent.putExtra(DevicePolicyManager.EXTRA_DEVICE_ADMIN,
78                                security.getAdminComponent());
79                        intent.putExtra(DevicePolicyManager.EXTRA_ADD_EXPLANATION,
80                            this.getString(R.string.account_security_policy_explanation_fmt,
81                                    account.getDisplayName()));
82                        startActivityForResult(intent, REQUEST_ENABLE);
83                        // keep this activity on stack to process result
84                        return;
85                    } else {
86                        // already active - try to set actual policies, finish, and return
87                        setActivePolicies();
88                    }
89                }
90            }
91        }
92        finish();
93    }
94
95    /**
96     * Handle the eventual result of the user allowing us to become an active device admin
97     */
98    @Override
99    protected void onActivityResult(int requestCode, int resultCode, Intent data) {
100        switch (requestCode) {
101            case REQUEST_ENABLE:
102                if (resultCode == Activity.RESULT_OK) {
103                    // now active - try to set actual policies
104                    setActivePolicies();
105                } else {
106                    // failed - just give up and go away
107                }
108        }
109        finish();
110        super.onActivityResult(requestCode, resultCode, data);
111    }
112
113    /**
114     * Now that we are connected as an active device admin, try to set the device to the
115     * correct security level, and ask for a password if necessary.
116     */
117    private void setActivePolicies() {
118        SecurityPolicy sp = SecurityPolicy.getInstance(this);
119        // check current security level - if sufficient, we're done!
120        if (sp.isActive(null)) {
121            return;
122        }
123        // set current security level
124        sp.setActivePolicies();
125        // check current security level - if sufficient, we're done!
126        if (sp.isActive(null)) {
127            return;
128        }
129        // if not sufficient, launch the activity to have the user set a new password.
130        Intent intent = new Intent(DevicePolicyManager.ACTION_SET_NEW_PASSWORD);
131        startActivity(intent);
132    }
133
134}
135