AccountSecurity.java revision 6d0016229adc13fefe68820fe4d6e46f530952ba 
1/*
2 * Copyright (C) 2010 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package com.android.email.activity.setup;
18
19import com.android.email.R;
20import com.android.email.SecurityPolicy;
21import com.android.email.provider.EmailContent.Account;
22
23import android.app.Activity;
24import android.app.admin.DevicePolicyManager;
25import android.content.Context;
26import android.content.Intent;
27import android.os.Bundle;
28
29/**
30 * Psuedo-activity (no UI) to bootstrap the user up to a higher desired security level.  This
31 * bootstrap requires the following steps.
32 *
33 * 1.  Confirm the account of interest has any security policies defined - exit early if not
34 * 2.  If not actively administrating the device, ask Device Policy Manager to start that
35 * 3.  When we are actively administrating, check current policies and see if they're sufficient
36 * 4.  If not, set policies
37 * 5.  If necessary, request for user to update device password
38 */
39public class AccountSecurity extends Activity {
40
41    private static final String EXTRA_ACCOUNT_ID = "com.android.email.activity.setup.ACCOUNT_ID";
42
43    private static final int REQUEST_ENABLE = 1;
44
45    /**
46     * Used for generating intent for this activity (which is intended to be launched
47     * from a notification.)
48     *
49     * @param context Calling context for building the intent
50     * @param accountId The account of interest
51     * @return an Intent which can be used to view that account
52     */
53    public static Intent actionUpdateSecurityIntent(Context context, long accountId) {
54        Intent intent = new Intent(context, AccountSecurity.class);
55        intent.putExtra(EXTRA_ACCOUNT_ID, accountId);
56        return intent;
57    }
58
59    @Override
60    public void onCreate(Bundle savedInstanceState) {
61        super.onCreate(savedInstanceState);
62
63        Intent i = getIntent();
64        long accountId = i.getLongExtra(EXTRA_ACCOUNT_ID, -1);
65        SecurityPolicy security = SecurityPolicy.getInstance(this);
66        security.clearNotification(accountId);
67        if (accountId != -1) {
68            // TODO: spin up a thread to do this in the background, because of DB ops
69            Account account = Account.restoreAccountWithId(this, accountId);
70            if (account != null) {
71                if (account.mSecurityFlags != 0) {
72                    // This account wants to control security
73                    if (!security.isActiveAdmin()) {
74                        // try to become active - must happen here in this activity, to get result
75                        Intent intent = new Intent(DevicePolicyManager.ACTION_ADD_DEVICE_ADMIN);
76                        intent.putExtra(DevicePolicyManager.EXTRA_DEVICE_ADMIN,
77                                security.getAdminComponent());
78                        intent.putExtra(DevicePolicyManager.EXTRA_ADD_EXPLANATION,
79                            this.getString(R.string.account_security_policy_explanation_fmt,
80                                    account.getDisplayName()));
81                        startActivityForResult(intent, REQUEST_ENABLE);
82                        // keep this activity on stack to process result
83                        return;
84                    } else {
85                        // already active - try to set actual policies, finish, and return
86                        setActivePolicies();
87                    }
88                }
89            }
90        }
91        finish();
92    }
93
94    /**
95     * Handle the eventual result of the user allowing us to become an active device admin
96     */
97    @Override
98    protected void onActivityResult(int requestCode, int resultCode, Intent data) {
99        switch (requestCode) {
100            case REQUEST_ENABLE:
101                if (resultCode == Activity.RESULT_OK) {
102                    // now active - try to set actual policies
103                    setActivePolicies();
104                } else {
105                    // failed - just give up and go away
106                }
107        }
108        finish();
109        super.onActivityResult(requestCode, resultCode, data);
110    }
111
112    /**
113     * Now that we are connected as an active device admin, try to set the device to the
114     * correct security level, and ask for a password if necessary.
115     */
116    private void setActivePolicies() {
117        SecurityPolicy sp = SecurityPolicy.getInstance(this);
118        // check current security level - if sufficient, we're done!
119        if (sp.isActive(null)) {
120            sp.clearAccountHoldFlags();
121            return;
122        }
123        // set current security level
124        sp.setActivePolicies();
125        // check current security level - if sufficient, we're done!
126        if (sp.isActive(null)) {
127            sp.clearAccountHoldFlags();
128            return;
129        }
130        // if not sufficient, launch the activity to have the user set a new password.
131        Intent intent = new Intent(DevicePolicyManager.ACTION_SET_NEW_PASSWORD);
132        startActivity(intent);
133    }
134
135}
136