Merge changes from topic "face-profile-qt-dev" into qt-dev

* changes: Enroll for the correct user Do not updateActiveGroup on a handler Launch ConfirmDeviceCredential with actual userId Settings should be per-profile
author: Kevin Chyn <kchyn@google.com> 2019-04-05 00:41:17 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2019-04-05 00:41:17 +0000
commit: b4863267a72e4392e3002c8594227f76f7946dcc (patch)
tree: 00243ad720959f775fa7d8eb10953c785cc77b22
parent: 3553de0d7d3ea2b0f0bdbdc13c3a931d72d771cd (diff)
parent: 1a878c1fba73802989e5ed8bf5ff3b9f755fb2ee (diff)
3 files changed, 46 insertions, 43 deletions
diff --git a/services/core/java/com/android/server/biometrics/BiometricService.java b/services/core/java/com/android/server/biometrics/BiometricService.java
index 516844d85484..2fee68ee2dcd 100644
--- a/services/core/java/com/android/server/biometrics/BiometricService.java
+++ b/services/core/java/com/android/server/biometrics/BiometricService.java
@@ -351,6 +351,11 @@ public class BiometricService extends SystemService {
     }
 
     private final class SettingObserver extends ContentObserver {
+
+        private static final boolean DEFAULT_KEYGUARD_ENABLED = true;
+        private static final boolean DEFAULT_APP_ENABLED = true;
+        private static final boolean DEFAULT_ALWAYS_REQUIRE_CONFIRMATION = false;
+
         private final Uri FACE_UNLOCK_KEYGUARD_ENABLED =
                 Settings.Secure.getUriFor(Settings.Secure.FACE_UNLOCK_KEYGUARD_ENABLED);
         private final Uri FACE_UNLOCK_APP_ENABLED =
@@ -359,9 +364,10 @@ public class BiometricService extends SystemService {
                 Settings.Secure.getUriFor(Settings.Secure.FACE_UNLOCK_ALWAYS_REQUIRE_CONFIRMATION);
 
         private final ContentResolver mContentResolver;
-        private boolean mFaceEnabledOnKeyguard;
-        private boolean mFaceEnabledForApps;
-        private boolean mFaceAlwaysRequireConfirmation;
+
+        private Map<Integer, Boolean> mFaceEnabledOnKeyguard = new HashMap<>();
+        private Map<Integer, Boolean> mFaceEnabledForApps = new HashMap<>();
+        private Map<Integer, Boolean> mFaceAlwaysRequireConfirmation = new HashMap<>();
 
         /**
          * Creates a content observer.
@@ -379,63 +385,61 @@ public class BiometricService extends SystemService {
             mContentResolver.registerContentObserver(FACE_UNLOCK_KEYGUARD_ENABLED,
                     false /* notifyForDescendents */,
                     this /* observer */,
-                    UserHandle.USER_CURRENT);
+                    UserHandle.USER_ALL);
             mContentResolver.registerContentObserver(FACE_UNLOCK_APP_ENABLED,
                     false /* notifyForDescendents */,
                     this /* observer */,
-                    UserHandle.USER_CURRENT);
+                    UserHandle.USER_ALL);
             mContentResolver.registerContentObserver(FACE_UNLOCK_ALWAYS_REQUIRE_CONFIRMATION,
                     false /* notifyForDescendents */,
                     this /* observer */,
-                    UserHandle.USER_CURRENT);
-
-            // Update the value immediately
-            onChange(true /* selfChange */, FACE_UNLOCK_KEYGUARD_ENABLED);
-            onChange(true /* selfChange */, FACE_UNLOCK_APP_ENABLED);
-            onChange(true /* selfChange */, FACE_UNLOCK_ALWAYS_REQUIRE_CONFIRMATION);
+                    UserHandle.USER_ALL);
         }
 
         @Override
-        public void onChange(boolean selfChange, Uri uri) {
+        public void onChange(boolean selfChange, Uri uri, int userId) {
             if (FACE_UNLOCK_KEYGUARD_ENABLED.equals(uri)) {
-                mFaceEnabledOnKeyguard =
-                        Settings.Secure.getIntForUser(
+                mFaceEnabledOnKeyguard.put(userId, Settings.Secure.getIntForUser(
                                 mContentResolver,
                                 Settings.Secure.FACE_UNLOCK_KEYGUARD_ENABLED,
-                                1 /* default */,
-                                UserHandle.USER_CURRENT) != 0;
-
-                List<EnabledOnKeyguardCallback> callbacks = mEnabledOnKeyguardCallbacks;
-                for (int i = 0; i < callbacks.size(); i++) {
-                    callbacks.get(i).notify(BiometricSourceType.FACE, mFaceEnabledOnKeyguard);
+                                DEFAULT_KEYGUARD_ENABLED ? 1 : 0 /* default */,
+                                userId) != 0);
+
+                if (userId == ActivityManager.getCurrentUser()) {
+                    List<EnabledOnKeyguardCallback> callbacks = mEnabledOnKeyguardCallbacks;
+                    for (int i = 0; i < callbacks.size(); i++) {
+                        callbacks.get(i).notify(BiometricSourceType.FACE,
+                                mFaceEnabledOnKeyguard.getOrDefault(userId,
+                                        DEFAULT_KEYGUARD_ENABLED));
+                    }
                 }
             } else if (FACE_UNLOCK_APP_ENABLED.equals(uri)) {
-                mFaceEnabledForApps =
-                        Settings.Secure.getIntForUser(
+                mFaceEnabledForApps.put(userId, Settings.Secure.getIntForUser(
                                 mContentResolver,
                                 Settings.Secure.FACE_UNLOCK_APP_ENABLED,
-                                1 /* default */,
-                                UserHandle.USER_CURRENT) != 0;
+                                DEFAULT_APP_ENABLED ? 1 : 0 /* default */,
+                                userId) != 0);
             } else if (FACE_UNLOCK_ALWAYS_REQUIRE_CONFIRMATION.equals(uri)) {
-                mFaceAlwaysRequireConfirmation =
-                        Settings.Secure.getIntForUser(
+                mFaceAlwaysRequireConfirmation.put(userId, Settings.Secure.getIntForUser(
                                 mContentResolver,
                                 Settings.Secure.FACE_UNLOCK_ALWAYS_REQUIRE_CONFIRMATION,
-                                0 /* default */,
-                                UserHandle.USER_CURRENT) != 0;
+                                DEFAULT_ALWAYS_REQUIRE_CONFIRMATION ? 1 : 0 /* default */,
+                                userId) != 0);
             }
         }
 
         boolean getFaceEnabledOnKeyguard() {
-            return mFaceEnabledOnKeyguard;
+            return mFaceEnabledOnKeyguard.getOrDefault(
+                    ActivityManager.getCurrentUser(), DEFAULT_KEYGUARD_ENABLED);
         }
 
-        boolean getFaceEnabledForApps() {
-            return mFaceEnabledForApps;
+        boolean getFaceEnabledForApps(int userId) {
+            return mFaceEnabledForApps.getOrDefault(userId, DEFAULT_APP_ENABLED);
         }
 
-        boolean getFaceAlwaysRequireConfirmation() {
-            return mFaceAlwaysRequireConfirmation;
+        boolean getFaceAlwaysRequireConfirmation(int userId) {
+            return mFaceAlwaysRequireConfirmation
+                    .getOrDefault(userId, DEFAULT_ALWAYS_REQUIRE_CONFIRMATION);
         }
     }
 
@@ -625,7 +629,7 @@ public class BiometricService extends SystemService {
                     mConfirmDeviceCredentialReceiver = receiver;
                     // Use this so we don't need to duplicate logic..
                     final Intent intent = kgm.createConfirmDeviceCredentialIntent(null /* title */,
-                            null /* description */);
+                            null /* description */, userId);
                     // Then give it the bundle to do magic behavior..
                     intent.putExtra(KeyguardManager.EXTRA_BIOMETRIC_PROMPT_BUNDLE, bundle);
                     // Create a new task with this activity located at the root.
@@ -884,7 +888,7 @@ public class BiometricService extends SystemService {
                 }
                 if (authenticator.hasEnrolledTemplates(userId)) {
                     hasTemplatesEnrolled = true;
-                    if (isEnabledForApp(modality)) {
+                    if (isEnabledForApp(modality, userId)) {
                         // TODO(b/110907543): When face settings (and other settings) have both a
                         // user toggle as well as a work profile settings page, this needs to be
                         // updated to reflect the correct setting.
@@ -909,14 +913,14 @@ public class BiometricService extends SystemService {
         return new Pair<>(modality, BiometricConstants.BIOMETRIC_SUCCESS);
     }
 
-    private boolean isEnabledForApp(int modality) {
+    private boolean isEnabledForApp(int modality, int userId) {
         switch(modality) {
             case TYPE_FINGERPRINT:
                 return true;
             case TYPE_IRIS:
                 return true;
             case TYPE_FACE:
-                return mSettingObserver.getFaceEnabledForApps();
+                return mSettingObserver.getFaceEnabledForApps(userId);
             default:
                 Slog.w(TAG, "Unsupported modality: " + modality);
                 return false;
@@ -1363,7 +1367,7 @@ public class BiometricService extends SystemService {
             if ((modality & TYPE_FACE) != 0) {
                 // Check if the user has forced confirmation to be required in Settings.
                 requireConfirmation = requireConfirmation
-                        || mSettingObserver.getFaceAlwaysRequireConfirmation();
+                        || mSettingObserver.getFaceAlwaysRequireConfirmation(userId);
             }
             // Generate random cookies to pass to the services that should prepare to start
             // authenticating. Store the cookie here and wait for all services to "ack"
diff --git a/services/core/java/com/android/server/biometrics/BiometricServiceBase.java b/services/core/java/com/android/server/biometrics/BiometricServiceBase.java
index d8e7b7db7b75..b631a93d7739 100644
--- a/services/core/java/com/android/server/biometrics/BiometricServiceBase.java
+++ b/services/core/java/com/android/server/biometrics/BiometricServiceBase.java
@@ -903,9 +903,8 @@ public abstract class BiometricServiceBase extends SystemService
     }
 
     protected void setActiveUserInternal(int userId) {
-        mHandler.post(() -> {
-            updateActiveGroup(userId, null /* clientPackage */);
-        });
+        // Do not put on handler, since it should finish before returning to caller.
+        updateActiveGroup(userId, null /* clientPackage */);
     }
 
     protected void removeInternal(RemovalClient client) {
diff --git a/services/core/java/com/android/server/biometrics/face/FaceService.java b/services/core/java/com/android/server/biometrics/face/FaceService.java
index c573bbb2e1f0..d67853ab0d1b 100644
--- a/services/core/java/com/android/server/biometrics/face/FaceService.java
+++ b/services/core/java/com/android/server/biometrics/face/FaceService.java
@@ -165,7 +165,7 @@ public class FaceService extends BiometricServiceBase {
                 }
             };
 
-            enrollInternal(client, UserHandle.getCallingUserId());
+            enrollInternal(client, mCurrentUserId);
         }
 
         @Override // Binder call
@@ -813,7 +813,7 @@ public class FaceService extends BiometricServiceBase {
                 com.android.internal.R.integer.config_faceMaxTemplatesPerUser);
         final int enrolled = FaceService.this.getEnrolledTemplates(userId).size();
         if (enrolled >= limit) {
-            Slog.w(TAG, "Too many faces registered");
+            Slog.w(TAG, "Too many faces registered, user: " + userId);
             return true;
         }
         return false;
author	Kevin Chyn <kchyn@google.com>	2019-04-05 00:41:17 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2019-04-05 00:41:17 +0000
commit	b4863267a72e4392e3002c8594227f76f7946dcc (patch)
tree	00243ad720959f775fa7d8eb10953c785cc77b22
parent	3553de0d7d3ea2b0f0bdbdc13c3a931d72d771cd (diff)
parent	1a878c1fba73802989e5ed8bf5ff3b9f755fb2ee (diff)