AccountSecurity.java revision cc0185f07c9198008d8dc685ae9979f3e35e8539
1/* 2 * Copyright (C) 2010 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17package com.android.email.activity.setup; 18 19import android.app.Activity; 20import android.app.AlertDialog; 21import android.app.Dialog; 22import android.app.DialogFragment; 23import android.app.FragmentManager; 24import android.app.admin.DevicePolicyManager; 25import android.content.Context; 26import android.content.DialogInterface; 27import android.content.Intent; 28import android.content.res.Resources; 29import android.os.Bundle; 30import android.util.Log; 31 32import com.android.email.R; 33import com.android.email.SecurityPolicy; 34import com.android.email.activity.ActivityHelper; 35import com.android.email2.ui.MailActivityEmail; 36import com.android.emailcommon.provider.Account; 37import com.android.emailcommon.provider.HostAuth; 38import com.android.emailcommon.utility.Utility; 39 40/** 41 * Psuedo-activity (no UI) to bootstrap the user up to a higher desired security level. This 42 * bootstrap requires the following steps. 43 * 44 * 1. Confirm the account of interest has any security policies defined - exit early if not 45 * 2. If not actively administrating the device, ask Device Policy Manager to start that 46 * 3. When we are actively administrating, check current policies and see if they're sufficient 47 * 4. If not, set policies 48 * 5. If necessary, request for user to update device password 49 * 6. If necessary, request for user to activate device encryption 50 */ 51public class AccountSecurity extends Activity { 52 private static final String TAG = "Email/AccountSecurity"; 53 54 private static final boolean DEBUG = true; // STOPSHIP Don't ship with this set to true 55 56 private static final String EXTRA_ACCOUNT_ID = "ACCOUNT_ID"; 57 private static final String EXTRA_SHOW_DIALOG = "SHOW_DIALOG"; 58 private static final String EXTRA_PASSWORD_EXPIRING = "EXPIRING"; 59 private static final String EXTRA_PASSWORD_EXPIRED = "EXPIRED"; 60 61 private static final int REQUEST_ENABLE = 1; 62 private static final int REQUEST_PASSWORD = 2; 63 private static final int REQUEST_ENCRYPTION = 3; 64 65 private boolean mTriedAddAdministrator = false; 66 private boolean mTriedSetPassword = false; 67 private boolean mTriedSetEncryption = false; 68 private Account mAccount; 69 70 /** 71 * Used for generating intent for this activity (which is intended to be launched 72 * from a notification.) 73 * 74 * @param context Calling context for building the intent 75 * @param accountId The account of interest 76 * @param showDialog If true, a simple warning dialog will be shown before kicking off 77 * the necessary system settings. Should be true anywhere the context of the security settings 78 * is not clear (e.g. any time after the account has been set up). 79 * @return an Intent which can be used to view that account 80 */ 81 public static Intent actionUpdateSecurityIntent(Context context, long accountId, 82 boolean showDialog) { 83 Intent intent = new Intent(context, AccountSecurity.class); 84 intent.putExtra(EXTRA_ACCOUNT_ID, accountId); 85 intent.putExtra(EXTRA_SHOW_DIALOG, showDialog); 86 return intent; 87 } 88 89 /** 90 * Used for generating intent for this activity (which is intended to be launched 91 * from a notification.) This is a special mode of this activity which exists only 92 * to give the user a dialog (for context) about a device pin/password expiration event. 93 */ 94 public static Intent actionDevicePasswordExpirationIntent(Context context, long accountId, 95 boolean expired) { 96 Intent intent = new ForwardingIntent(context, AccountSecurity.class); 97 intent.putExtra(EXTRA_ACCOUNT_ID, accountId); 98 intent.putExtra(expired ? EXTRA_PASSWORD_EXPIRED : EXTRA_PASSWORD_EXPIRING, true); 99 return intent; 100 } 101 102 @Override 103 public void onCreate(Bundle savedInstanceState) { 104 super.onCreate(savedInstanceState); 105 ActivityHelper.debugSetWindowFlags(this); 106 107 Intent i = getIntent(); 108 final long accountId = i.getLongExtra(EXTRA_ACCOUNT_ID, -1); 109 final boolean showDialog = i.getBooleanExtra(EXTRA_SHOW_DIALOG, false); 110 final boolean passwordExpiring = i.getBooleanExtra(EXTRA_PASSWORD_EXPIRING, false); 111 final boolean passwordExpired = i.getBooleanExtra(EXTRA_PASSWORD_EXPIRED, false); 112 SecurityPolicy security = SecurityPolicy.getInstance(this); 113 security.clearNotification(); 114 if (accountId == -1) { 115 finish(); 116 return; 117 } 118 119 mAccount = Account.restoreAccountWithId(AccountSecurity.this, accountId); 120 if (mAccount == null) { 121 finish(); 122 return; 123 } 124 125 // Special handling for password expiration events 126 if (passwordExpiring || passwordExpired) { 127 FragmentManager fm = getFragmentManager(); 128 if (fm.findFragmentByTag("password_expiration") == null) { 129 PasswordExpirationDialog dialog = 130 PasswordExpirationDialog.newInstance(mAccount.getDisplayName(), 131 passwordExpired); 132 if (MailActivityEmail.DEBUG || DEBUG) { 133 Log.d(TAG, "Showing password expiration dialog"); 134 } 135 dialog.show(fm, "password_expiration"); 136 } 137 return; 138 } 139 // Otherwise, handle normal security settings flow 140 if (mAccount.mPolicyKey != 0) { 141 // This account wants to control security 142 if (showDialog) { 143 // Show dialog first, unless already showing (e.g. after rotation) 144 FragmentManager fm = getFragmentManager(); 145 if (fm.findFragmentByTag("security_needed") == null) { 146 SecurityNeededDialog dialog = 147 SecurityNeededDialog.newInstance(mAccount.getDisplayName()); 148 if (MailActivityEmail.DEBUG || DEBUG) { 149 Log.d(TAG, "Showing security needed dialog"); 150 } 151 dialog.show(fm, "security_needed"); 152 } 153 } else { 154 // Go directly to security settings 155 tryAdvanceSecurity(mAccount); 156 } 157 return; 158 } 159 finish(); 160 } 161 162 /** 163 * After any of the activities return, try to advance to the "next step" 164 */ 165 @Override 166 protected void onActivityResult(int requestCode, int resultCode, Intent data) { 167 tryAdvanceSecurity(mAccount); 168 super.onActivityResult(requestCode, resultCode, data); 169 } 170 171 /** 172 * Walk the user through the required steps to become an active administrator and with 173 * the requisite security settings for the given account. 174 * 175 * These steps will be repeated each time we return from a given attempt (e.g. asking the 176 * user to choose a device pin/password). In a typical activation, we may repeat these 177 * steps a few times. It may go as far as step 5 (password) or step 6 (encryption), but it 178 * will terminate when step 2 (isActive()) succeeds. 179 * 180 * If at any point we do not advance beyond a given user step, (e.g. the user cancels 181 * instead of setting a password) we simply repost the security notification, and exit. 182 * We never want to loop here. 183 */ 184 private void tryAdvanceSecurity(Account account) { 185 SecurityPolicy security = SecurityPolicy.getInstance(this); 186 // Step 1. Check if we are an active device administrator, and stop here to activate 187 if (!security.isActiveAdmin()) { 188 if (mTriedAddAdministrator) { 189 if (MailActivityEmail.DEBUG || DEBUG) { 190 Log.d(TAG, "Not active admin: repost notification"); 191 } 192 repostNotification(account, security); 193 finish(); 194 } else { 195 mTriedAddAdministrator = true; 196 // retrieve name of server for the format string 197 HostAuth hostAuth = HostAuth.restoreHostAuthWithId(this, account.mHostAuthKeyRecv); 198 if (hostAuth == null) { 199 if (MailActivityEmail.DEBUG || DEBUG) { 200 Log.d(TAG, "No HostAuth: repost notification"); 201 } 202 repostNotification(account, security); 203 finish(); 204 } else { 205 if (MailActivityEmail.DEBUG || DEBUG) { 206 Log.d(TAG, "Not active admin: post initial notification"); 207 } 208 // try to become active - must happen here in activity, to get result 209 Intent intent = new Intent(DevicePolicyManager.ACTION_ADD_DEVICE_ADMIN); 210 intent.putExtra(DevicePolicyManager.EXTRA_DEVICE_ADMIN, 211 security.getAdminComponent()); 212 intent.putExtra(DevicePolicyManager.EXTRA_ADD_EXPLANATION, 213 this.getString(R.string.account_security_policy_explanation_fmt, 214 hostAuth.mAddress)); 215 startActivityForResult(intent, REQUEST_ENABLE); 216 } 217 } 218 return; 219 } 220 221 // Step 2. Check if the current aggregate security policy is being satisfied by the 222 // DevicePolicyManager (the current system security level). 223 if (security.isActive(null)) { 224 if (MailActivityEmail.DEBUG || DEBUG) { 225 Log.d(TAG, "Security active; clear holds"); 226 } 227 Account.clearSecurityHoldOnAllAccounts(this); 228 security.clearNotification(); 229 finish(); 230 return; 231 } 232 233 // Step 3. Try to assert the current aggregate security requirements with the system. 234 security.setActivePolicies(); 235 236 // Step 4. Recheck the security policy, and determine what changes are needed (if any) 237 // to satisfy the requirements. 238 int inactiveReasons = security.getInactiveReasons(null); 239 240 // Step 5. If password is needed, try to have the user set it 241 if ((inactiveReasons & SecurityPolicy.INACTIVE_NEED_PASSWORD) != 0) { 242 if (mTriedSetPassword) { 243 if (MailActivityEmail.DEBUG || DEBUG) { 244 Log.d(TAG, "Password needed; repost notification"); 245 } 246 repostNotification(account, security); 247 finish(); 248 } else { 249 if (MailActivityEmail.DEBUG || DEBUG) { 250 Log.d(TAG, "Password needed; request it via DPM"); 251 } 252 mTriedSetPassword = true; 253 // launch the activity to have the user set a new password. 254 Intent intent = new Intent(DevicePolicyManager.ACTION_SET_NEW_PASSWORD); 255 startActivityForResult(intent, REQUEST_PASSWORD); 256 } 257 return; 258 } 259 260 // Step 6. If encryption is needed, try to have the user set it 261 if ((inactiveReasons & SecurityPolicy.INACTIVE_NEED_ENCRYPTION) != 0) { 262 if (mTriedSetEncryption) { 263 if (MailActivityEmail.DEBUG || DEBUG) { 264 Log.d(TAG, "Encryption needed; repost notification"); 265 } 266 repostNotification(account, security); 267 finish(); 268 } else { 269 if (MailActivityEmail.DEBUG || DEBUG) { 270 Log.d(TAG, "Encryption needed; request it via DPM"); 271 } 272 mTriedSetEncryption = true; 273 // launch the activity to start up encryption. 274 Intent intent = new Intent(DevicePolicyManager.ACTION_START_ENCRYPTION); 275 startActivityForResult(intent, REQUEST_ENCRYPTION); 276 } 277 return; 278 } 279 280 // Step 7. No problems were found, so clear holds and exit 281 if (MailActivityEmail.DEBUG || DEBUG) { 282 Log.d(TAG, "Policies enforced; clear holds"); 283 } 284 Account.clearSecurityHoldOnAllAccounts(this); 285 security.clearNotification(); 286 finish(); 287 } 288 289 /** 290 * Mark an account as not-ready-for-sync and post a notification to bring the user back here 291 * eventually. 292 */ 293 private void repostNotification(final Account account, final SecurityPolicy security) { 294 if (account == null) return; 295 Utility.runAsync(new Runnable() { 296 @Override 297 public void run() { 298 security.policiesRequired(account.mId); 299 } 300 }); 301 } 302 303 /** 304 * Dialog briefly shown in some cases, to indicate the user that a security update is needed. 305 * If the user clicks OK, we proceed into the "tryAdvanceSecurity" flow. If the user cancels, 306 * we repost the notification and finish() the activity. 307 */ 308 public static class SecurityNeededDialog extends DialogFragment 309 implements DialogInterface.OnClickListener { 310 private static final String BUNDLE_KEY_ACCOUNT_NAME = "account_name"; 311 312 /** 313 * Create a new dialog. 314 */ 315 public static SecurityNeededDialog newInstance(String accountName) { 316 final SecurityNeededDialog dialog = new SecurityNeededDialog(); 317 Bundle b = new Bundle(); 318 b.putString(BUNDLE_KEY_ACCOUNT_NAME, accountName); 319 dialog.setArguments(b); 320 return dialog; 321 } 322 323 @Override 324 public Dialog onCreateDialog(Bundle savedInstanceState) { 325 final String accountName = getArguments().getString(BUNDLE_KEY_ACCOUNT_NAME); 326 327 final Context context = getActivity(); 328 final Resources res = context.getResources(); 329 final AlertDialog.Builder b = new AlertDialog.Builder(context); 330 b.setTitle(R.string.account_security_dialog_title); 331 b.setIconAttribute(android.R.attr.alertDialogIcon); 332 b.setMessage(res.getString(R.string.account_security_dialog_content_fmt, accountName)); 333 b.setPositiveButton(R.string.okay_action, this); 334 b.setNegativeButton(R.string.cancel_action, this); 335 if (MailActivityEmail.DEBUG || DEBUG) { 336 Log.d(TAG, "Posting security needed dialog"); 337 } 338 return b.create(); 339 } 340 341 @Override 342 public void onClick(DialogInterface dialog, int which) { 343 dismiss(); 344 AccountSecurity activity = (AccountSecurity) getActivity(); 345 if (activity.mAccount == null) { 346 // Clicked before activity fully restored - probably just monkey - exit quickly 347 activity.finish(); 348 return; 349 } 350 switch (which) { 351 case DialogInterface.BUTTON_POSITIVE: 352 if (MailActivityEmail.DEBUG || DEBUG) { 353 Log.d(TAG, "User accepts; advance to next step"); 354 } 355 activity.tryAdvanceSecurity(activity.mAccount); 356 break; 357 case DialogInterface.BUTTON_NEGATIVE: 358 if (MailActivityEmail.DEBUG || DEBUG) { 359 Log.d(TAG, "User declines; repost notification"); 360 } 361 activity.repostNotification( 362 activity.mAccount, SecurityPolicy.getInstance(activity)); 363 activity.finish(); 364 break; 365 } 366 } 367 } 368 369 /** 370 * Dialog briefly shown in some cases, to indicate the user that the PIN/Password is expiring 371 * or has expired. If the user clicks OK, we launch the password settings screen. 372 */ 373 public static class PasswordExpirationDialog extends DialogFragment 374 implements DialogInterface.OnClickListener { 375 private static final String BUNDLE_KEY_ACCOUNT_NAME = "account_name"; 376 private static final String BUNDLE_KEY_EXPIRED = "expired"; 377 378 /** 379 * Create a new dialog. 380 */ 381 public static PasswordExpirationDialog newInstance(String accountName, boolean expired) { 382 final PasswordExpirationDialog dialog = new PasswordExpirationDialog(); 383 Bundle b = new Bundle(); 384 b.putString(BUNDLE_KEY_ACCOUNT_NAME, accountName); 385 b.putBoolean(BUNDLE_KEY_EXPIRED, expired); 386 dialog.setArguments(b); 387 return dialog; 388 } 389 390 /** 391 * Note, this actually creates two slightly different dialogs (for expiring vs. expired) 392 */ 393 @Override 394 public Dialog onCreateDialog(Bundle savedInstanceState) { 395 final String accountName = getArguments().getString(BUNDLE_KEY_ACCOUNT_NAME); 396 final boolean expired = getArguments().getBoolean(BUNDLE_KEY_EXPIRED); 397 final int titleId = expired 398 ? R.string.password_expired_dialog_title 399 : R.string.password_expire_warning_dialog_title; 400 final int contentId = expired 401 ? R.string.password_expired_dialog_content_fmt 402 : R.string.password_expire_warning_dialog_content_fmt; 403 404 final Context context = getActivity(); 405 final Resources res = context.getResources(); 406 final AlertDialog.Builder b = new AlertDialog.Builder(context); 407 b.setTitle(titleId); 408 b.setIconAttribute(android.R.attr.alertDialogIcon); 409 b.setMessage(res.getString(contentId, accountName)); 410 b.setPositiveButton(R.string.okay_action, this); 411 b.setNegativeButton(R.string.cancel_action, this); 412 return b.create(); 413 } 414 415 @Override 416 public void onClick(DialogInterface dialog, int which) { 417 dismiss(); 418 AccountSecurity activity = (AccountSecurity) getActivity(); 419 if (which == DialogInterface.BUTTON_POSITIVE) { 420 Intent intent = new Intent(DevicePolicyManager.ACTION_SET_NEW_PASSWORD); 421 activity.startActivity(intent); 422 } 423 activity.finish(); 424 } 425 } 426} 427