Fix display of BiometricPrompt wipe warning dialogs
Ensure that both local wipe dialogs are shown by the BiometricPrompt
credential view as appropriate:
- A "last attempt" warning dialog when the user is one failure from a wipe
- The "now wiping" dialog shows before the prompt is dismissed
Test: Manual:
1. Create a work profile via TestDPC (go/testdpc)
2. Set a work profile lock pattern/PIN/password via Settings > Security
3. Launch the work profile instance of TestDPC
4. Scroll down to "Lock screen"
5. Tap "Lock screen restrictions"
6. Select the "Work profile" tab
7. Set "Max password failures for local wipe" to 3
8. Lock & unlock the screen
9. Launch work profile app
10. Enter the wrong pattern/PIN/password three times
Fixes: 152016710
Change-Id: I3771d222aaaacef5fa70c1246432a6fd1afdcd42
diff --git a/packages/SystemUI/res/values/strings.xml b/packages/SystemUI/res/values/strings.xml
index c8c35c7..8a3a16e 100644
--- a/packages/SystemUI/res/values/strings.xml
+++ b/packages/SystemUI/res/values/strings.xml
@@ -374,9 +374,31 @@
<string name="biometric_dialog_wrong_password">Wrong password</string>
<!-- Error string shown when the user enters too many incorrect attempts [CHAR LIMIT=120]-->
<string name="biometric_dialog_credential_too_many_attempts">Too many incorrect attempts.\nTry again in <xliff:g id="number">%d</xliff:g> seconds.</string>
+
<!-- Error string shown when the user enters an incorrect PIN/pattern/password and it counts towards the max attempts before the data on the device is wiped. [CHAR LIMIT=NONE]-->
<string name="biometric_dialog_credential_attempts_before_wipe">Try again. Attempt <xliff:g id="attempts" example="1">%1$d</xliff:g> of <xliff:g id="max_attempts" example="3">%2$d</xliff:g>.</string>
+ <!-- Title of a dialog shown when the user only has one attempt left to provide the correct PIN/pattern/password before the device, one of its users, or a work profile is wiped. [CHAR LIMIT=NONE] -->
+ <string name="biometric_dialog_last_attempt_before_wipe_dialog_title">Your data will be deleted</string>
+ <!-- Content of a dialog shown when the user only has one attempt left to provide the correct lock pattern before the device is wiped. [CHAR LIMIT=NONE] -->
+ <string name="biometric_dialog_last_pattern_attempt_before_wipe_device">If you enter an incorrect pattern on the next attempt, this device\u2019s data will be deleted.</string>
+ <!-- Content of a dialog shown when the user only has one attempt left to provide the correct PIN before the device is wiped. [CHAR LIMIT=NONE] -->
+ <string name="biometric_dialog_last_pin_attempt_before_wipe_device">If you enter an incorrect PIN on the next attempt, this device\u2019s data will be deleted.</string>
+ <!-- Content of a dialog shown when the user only has one attempt left to provide the correct password before the device is wiped. [CHAR LIMIT=NONE] -->
+ <string name="biometric_dialog_last_password_attempt_before_wipe_device">If you enter an incorrect password on the next attempt, this device\u2019s data will be deleted.</string>
+ <!-- Content of a dialog shown when the user only has one attempt left to provide the correct lock pattern before the user is removed. [CHAR LIMIT=NONE] -->
+ <string name="biometric_dialog_last_pattern_attempt_before_wipe_user">If you enter an incorrect pattern on the next attempt, this user will be deleted.</string>
+ <!-- Content of a dialog shown when the user only has one attempt left to provide the correct PIN before the user is removed. [CHAR LIMIT=NONE] -->
+ <string name="biometric_dialog_last_pin_attempt_before_wipe_user">If you enter an incorrect PIN on the next attempt, this user will be deleted.</string>
+ <!-- Content of a dialog shown when the user only has one attempt left to provide the correct password before the user is removed. [CHAR LIMIT=NONE] -->
+ <string name="biometric_dialog_last_password_attempt_before_wipe_user">If you enter an incorrect password on the next attempt, this user will be deleted.</string>
+ <!-- Content of a dialog shown when the user only has one attempt left to provide the correct pattern before the work profile is removed. [CHAR LIMIT=NONE] -->
+ <string name="biometric_dialog_last_pattern_attempt_before_wipe_profile">If you enter an incorrect pattern on the next attempt, your work profile and its data will be deleted.</string>
+ <!-- Content of a dialog shown when the user only has one attempt left to provide the correct PIN before the work profile is removed. [CHAR LIMIT=NONE] -->
+ <string name="biometric_dialog_last_pin_attempt_before_wipe_profile">If you enter an incorrect PIN on the next attempt, your work profile and its data will be deleted.</string>
+ <!-- Content of a dialog shown when the user only has one attempt left to provide the correct password before the work profile is removed. [CHAR LIMIT=NONE] -->
+ <string name="biometric_dialog_last_password_attempt_before_wipe_profile">If you enter an incorrect password on the next attempt, your work profile and its data will be deleted.</string>
+
<!-- Content of a dialog shown when the user has failed to provide the device lock too many times and the device is wiped. [CHAR LIMIT=NONE] -->
<string name="biometric_dialog_failed_attempts_now_wiping_device">Too many incorrect attempts. This device\u2019s data will be deleted.</string>
<!-- Content of a dialog shown when the user has failed to provide the user lock too many times and the user is removed. [CHAR LIMIT=NONE] -->
diff --git a/packages/SystemUI/src/com/android/systemui/biometrics/AuthCredentialView.java b/packages/SystemUI/src/com/android/systemui/biometrics/AuthCredentialView.java
index 13f3c0f..b006bc1 100644
--- a/packages/SystemUI/src/com/android/systemui/biometrics/AuthCredentialView.java
+++ b/packages/SystemUI/src/com/android/systemui/biometrics/AuthCredentialView.java
@@ -347,21 +347,35 @@
showError(message);
}
- // Only show popup dialog before wipe.
+ // Only show dialog if <=1 attempts are left before wiping.
final int remainingAttempts = maxAttempts - numAttempts;
- if (remainingAttempts <= 0) {
- showNowWipingMessage();
- mContainerView.animateAway(AuthDialogCallback.DISMISSED_ERROR);
+ if (remainingAttempts == 1) {
+ showLastAttemptBeforeWipeDialog();
+ } else if (remainingAttempts <= 0) {
+ showNowWipingDialog();
}
return true;
}
- private void showNowWipingMessage() {
+ private void showLastAttemptBeforeWipeDialog() {
+ final AlertDialog alertDialog = new AlertDialog.Builder(mContext)
+ .setTitle(R.string.biometric_dialog_last_attempt_before_wipe_dialog_title)
+ .setMessage(
+ getLastAttemptBeforeWipeMessageRes(getUserTypeForWipe(), mCredentialType))
+ .setPositiveButton(android.R.string.ok, null)
+ .create();
+ alertDialog.getWindow().setType(WindowManager.LayoutParams.TYPE_STATUS_BAR_SUB_PANEL);
+ alertDialog.show();
+ }
+
+ private void showNowWipingDialog() {
final AlertDialog alertDialog = new AlertDialog.Builder(mContext)
.setMessage(getNowWipingMessageRes(getUserTypeForWipe()))
.setPositiveButton(R.string.biometric_dialog_now_wiping_dialog_dismiss, null)
+ .setOnDismissListener(
+ dialog -> mContainerView.animateAway(AuthDialogCallback.DISMISSED_ERROR))
.create();
- alertDialog.getWindow().setType(WindowManager.LayoutParams.TYPE_SYSTEM_ALERT);
+ alertDialog.getWindow().setType(WindowManager.LayoutParams.TYPE_STATUS_BAR_SUB_PANEL);
alertDialog.show();
}
@@ -377,6 +391,59 @@
}
}
+ private static @StringRes int getLastAttemptBeforeWipeMessageRes(
+ @UserType int userType, @Utils.CredentialType int credentialType) {
+ switch (userType) {
+ case USER_TYPE_PRIMARY:
+ return getLastAttemptBeforeWipeDeviceMessageRes(credentialType);
+ case USER_TYPE_MANAGED_PROFILE:
+ return getLastAttemptBeforeWipeProfileMessageRes(credentialType);
+ case USER_TYPE_SECONDARY:
+ return getLastAttemptBeforeWipeUserMessageRes(credentialType);
+ default:
+ throw new IllegalArgumentException("Unrecognized user type:" + userType);
+ }
+ }
+
+ private static @StringRes int getLastAttemptBeforeWipeDeviceMessageRes(
+ @Utils.CredentialType int credentialType) {
+ switch (credentialType) {
+ case Utils.CREDENTIAL_PIN:
+ return R.string.biometric_dialog_last_pin_attempt_before_wipe_device;
+ case Utils.CREDENTIAL_PATTERN:
+ return R.string.biometric_dialog_last_pattern_attempt_before_wipe_device;
+ case Utils.CREDENTIAL_PASSWORD:
+ default:
+ return R.string.biometric_dialog_last_password_attempt_before_wipe_device;
+ }
+ }
+
+ private static @StringRes int getLastAttemptBeforeWipeProfileMessageRes(
+ @Utils.CredentialType int credentialType) {
+ switch (credentialType) {
+ case Utils.CREDENTIAL_PIN:
+ return R.string.biometric_dialog_last_pin_attempt_before_wipe_profile;
+ case Utils.CREDENTIAL_PATTERN:
+ return R.string.biometric_dialog_last_pattern_attempt_before_wipe_profile;
+ case Utils.CREDENTIAL_PASSWORD:
+ default:
+ return R.string.biometric_dialog_last_password_attempt_before_wipe_profile;
+ }
+ }
+
+ private static @StringRes int getLastAttemptBeforeWipeUserMessageRes(
+ @Utils.CredentialType int credentialType) {
+ switch (credentialType) {
+ case Utils.CREDENTIAL_PIN:
+ return R.string.biometric_dialog_last_pin_attempt_before_wipe_user;
+ case Utils.CREDENTIAL_PATTERN:
+ return R.string.biometric_dialog_last_pattern_attempt_before_wipe_user;
+ case Utils.CREDENTIAL_PASSWORD:
+ default:
+ return R.string.biometric_dialog_last_password_attempt_before_wipe_user;
+ }
+ }
+
private static @StringRes int getNowWipingMessageRes(@UserType int userType) {
switch (userType) {
case USER_TYPE_PRIMARY: