Merge "Add secure settings to disable parts of the OTP filtering logic" into main

author: Nate Myren <ntmyren@google.com> 2025-02-10 11:35:55 -0800
committer: Android (Google) Code Review <android-gerrit@google.com> 2025-02-10 11:35:55 -0800
commit: eb9d92247a6aefb6638fe9b7260fbb20c3b0fd74 (patch)
tree: 96e4bb034fd3fa5613b02f1bb95a93661130fde0
parent: 52cb45a7e98b28cba214d43b15d460123d4119ed (diff)
parent: 884fedde3dd23812f77665ce85c2995d59701d0d (diff)
3 files changed, 85 insertions, 10 deletions
diff --git a/core/java/android/provider/Settings.java b/core/java/android/provider/Settings.java
index 3cd7a00591ca..f1a9514107da 100644
--- a/core/java/android/provider/Settings.java
+++ b/core/java/android/provider/Settings.java
@@ -13006,6 +13006,24 @@ public final class Settings {
         public static final String STYLUS_POINTER_ICON_ENABLED = "stylus_pointer_icon_enabled";
 
         /**
+         * Toggle for whether to redact OTP notification while connected to wifi. Defaults to
+         * false/0.
+         * @hide
+         */
+        @Readable
+        public static final String REDACT_OTP_NOTIFICATION_WHILE_CONNECTED_TO_WIFI =
+                "redact_otp_on_wifi";
+
+        /**
+         * Toggle for whether to immediately redact OTP notifications, or require the device to be
+         * locked for 10 minutes. Defaults to false/0
+         * @hide
+         */
+        @Readable
+        public static final String REDACT_OTP_NOTIFICATION_IMMEDIATELY =
+                "remove_otp_redaction_delay";
+
+        /**
          * These entries are considered common between the personal and the managed profile,
          * since the managed profile doesn't get to change them.
          */
diff --git a/packages/SettingsProvider/test/src/android/provider/SettingsBackupTest.java b/packages/SettingsProvider/test/src/android/provider/SettingsBackupTest.java
index 246aa7158cab..85617bad1a91 100644
--- a/packages/SettingsProvider/test/src/android/provider/SettingsBackupTest.java
+++ b/packages/SettingsProvider/test/src/android/provider/SettingsBackupTest.java
@@ -809,7 +809,9 @@ public class SettingsBackupTest {
                  Settings.Secure.DND_CONFIGS_MIGRATED,
                  Settings.Secure.NAVIGATION_MODE_RESTORE,
                  Settings.Secure.V_TO_U_RESTORE_ALLOWLIST,
-                 Settings.Secure.V_TO_U_RESTORE_DENYLIST);
+                 Settings.Secure.V_TO_U_RESTORE_DENYLIST,
+                 Settings.Secure.REDACT_OTP_NOTIFICATION_WHILE_CONNECTED_TO_WIFI,
+                 Settings.Secure.REDACT_OTP_NOTIFICATION_IMMEDIATELY);
 
     @Test
     public void systemSettingsBackedUpOrDenied() {
diff --git a/packages/SystemUI/src/com/android/systemui/statusbar/NotificationLockscreenUserManagerImpl.java b/packages/SystemUI/src/com/android/systemui/statusbar/NotificationLockscreenUserManagerImpl.java
index 25ebc8c1ffa1..f06565f1b6d2 100644
--- a/packages/SystemUI/src/com/android/systemui/statusbar/NotificationLockscreenUserManagerImpl.java
+++ b/packages/SystemUI/src/com/android/systemui/statusbar/NotificationLockscreenUserManagerImpl.java
@@ -24,8 +24,10 @@ import static android.app.admin.DevicePolicyManager.KEYGUARD_DISABLE_UNREDACTED_
 import static android.os.Flags.allowPrivateProfile;
 import static android.os.UserHandle.USER_ALL;
 import static android.os.UserHandle.USER_NULL;
+import static android.provider.Settings.Secure.REDACT_OTP_NOTIFICATION_IMMEDIATELY;
 import static android.provider.Settings.Secure.LOCK_SCREEN_ALLOW_PRIVATE_NOTIFICATIONS;
 import static android.provider.Settings.Secure.LOCK_SCREEN_SHOW_NOTIFICATIONS;
+import static android.provider.Settings.Secure.REDACT_OTP_NOTIFICATION_WHILE_CONNECTED_TO_WIFI;
 
 import static com.android.systemui.DejankUtils.whitelistIpcs;
 
@@ -44,6 +46,7 @@ import android.database.ContentObserver;
 import android.database.ExecutorContentObserver;
 import android.net.Uri;
 import android.os.Looper;
+import android.os.Process;
 import android.os.UserHandle;
 import android.os.UserManager;
 import android.provider.Settings;
@@ -118,6 +121,11 @@ public class NotificationLockscreenUserManagerImpl implements
             Settings.Secure.getUriFor(LOCK_SCREEN_SHOW_NOTIFICATIONS);
     private static final Uri SHOW_PRIVATE_LOCKSCREEN =
             Settings.Secure.getUriFor(LOCK_SCREEN_ALLOW_PRIVATE_NOTIFICATIONS);
+    private static final Uri REDACT_OTP_ON_WIFI =
+            Settings.Secure.getUriFor(REDACT_OTP_NOTIFICATION_WHILE_CONNECTED_TO_WIFI);
+
+    private static final Uri REDACT_OTP_IMMEDIATELY =
+            Settings.Secure.getUriFor(REDACT_OTP_NOTIFICATION_IMMEDIATELY);
 
     private static final long LOCK_TIME_FOR_SENSITIVE_REDACTION_MS =
             TimeUnit.MINUTES.toMillis(10);
@@ -307,6 +315,9 @@ public class NotificationLockscreenUserManagerImpl implements
     @VisibleForTesting
     protected final AtomicBoolean mConnectedToWifi = new AtomicBoolean(false);
 
+    protected final AtomicBoolean mRedactOtpOnWifi = new AtomicBoolean(true);
+    protected final AtomicBoolean mRedactOtpImmediately = new AtomicBoolean(false);
+
     protected int mCurrentUserId = 0;
 
     protected NotificationPresenter mPresenter;
@@ -363,6 +374,8 @@ public class NotificationLockscreenUserManagerImpl implements
 
         mLockScreenUris.add(SHOW_LOCKSCREEN);
         mLockScreenUris.add(SHOW_PRIVATE_LOCKSCREEN);
+        mLockScreenUris.add(REDACT_OTP_ON_WIFI);
+        mLockScreenUris.add(REDACT_OTP_IMMEDIATELY);
 
         dumpManager.registerDumpable(this);
 
@@ -432,6 +445,10 @@ public class NotificationLockscreenUserManagerImpl implements
                         changed |= updateUserShowSettings(user.getIdentifier());
                     } else if (SHOW_PRIVATE_LOCKSCREEN.equals(uri)) {
                         changed |= updateUserShowPrivateSettings(user.getIdentifier());
+                    } else if (REDACT_OTP_ON_WIFI.equals(uri)) {
+                        changed |= updateRedactOtpOnWifiSetting();
+                    } else if (REDACT_OTP_IMMEDIATELY.equals(uri)) {
+                        changed |= updateRedactOtpImmediatelySetting();
                     }
                 }
 
@@ -465,6 +482,14 @@ public class NotificationLockscreenUserManagerImpl implements
                 true,
                 mLockscreenSettingsObserver,
                 USER_ALL);
+        mSecureSettings.registerContentObserverAsync(
+                REDACT_OTP_ON_WIFI,
+                mLockscreenSettingsObserver
+        );
+        mSecureSettings.registerContentObserverAsync(
+                REDACT_OTP_IMMEDIATELY,
+                mLockscreenSettingsObserver
+        );
 
 
         mBroadcastDispatcher.registerReceiver(mAllUsersReceiver,
@@ -602,6 +627,28 @@ public class NotificationLockscreenUserManagerImpl implements
     }
 
     @WorkerThread
+    private boolean updateRedactOtpOnWifiSetting() {
+        boolean originalValue = mRedactOtpOnWifi.get();
+        boolean newValue = mSecureSettings.getIntForUser(
+                REDACT_OTP_NOTIFICATION_WHILE_CONNECTED_TO_WIFI,
+                0,
+                Process.myUserHandle().getIdentifier()) != 0;
+        mRedactOtpOnWifi.set(newValue);
+        return originalValue != newValue;
+    }
+
+    @WorkerThread
+    private boolean updateRedactOtpImmediatelySetting() {
+        boolean originalValue = mRedactOtpImmediately.get();
+        boolean newValue = mSecureSettings.getIntForUser(
+                REDACT_OTP_NOTIFICATION_IMMEDIATELY,
+                0,
+                Process.myUserHandle().getIdentifier()) != 0;
+        mRedactOtpImmediately.set(newValue);
+        return originalValue != newValue;
+    }
+
+    @WorkerThread
     private boolean updateGlobalKeyguardSettings() {
         final boolean oldValue = mKeyguardAllowingNotifications;
         mKeyguardAllowingNotifications = mKeyguardManager.getPrivateNotificationsAllowed();
@@ -769,23 +816,31 @@ public class NotificationLockscreenUserManagerImpl implements
             return false;
         }
 
-        if (mConnectedToWifi.get()) {
-            return false;
+        if (!mRedactOtpOnWifi.get()) {
+            if (mConnectedToWifi.get()) {
+                return false;
+            }
+
+            long lastWifiConnectTime = mLastWifiConnectionTime.get();
+            // If the device has connected to wifi since receiving the notification, do not redact
+            if (ent.getSbn().getPostTime() < lastWifiConnectTime) {
+                return false;
+            }
         }
 
         if (ent.getRanking() == null || !ent.getRanking().hasSensitiveContent()) {
             return false;
         }
 
-        long lastWifiConnectTime = mLastWifiConnectionTime.get();
-        // If the device has connected to wifi since receiving the notification, do not redact
-        if (ent.getSbn().getPostTime() < lastWifiConnectTime) {
-            return false;
+        long latestTimeForRedaction;
+        if (mRedactOtpImmediately.get()) {
+            latestTimeForRedaction = mLastLockTime.get();
+        } else {
+            // If the lock screen was not already locked for LOCK_TIME_FOR_SENSITIVE_REDACTION_MS
+            // when this notification arrived, do not redact
+            latestTimeForRedaction = mLastLockTime.get() + LOCK_TIME_FOR_SENSITIVE_REDACTION_MS;
         }
 
-        // If the lock screen was not already locked for LOCK_TIME_FOR_SENSITIVE_REDACTION_MS when
-        // this notification arrived, do not redact
-        long latestTimeForRedaction = mLastLockTime.get() + LOCK_TIME_FOR_SENSITIVE_REDACTION_MS;
         if (ent.getSbn().getPostTime() < latestTimeForRedaction) {
             return false;
         }
author	Nate Myren <ntmyren@google.com>	2025-02-10 11:35:55 -0800
committer	Android (Google) Code Review <android-gerrit@google.com>	2025-02-10 11:35:55 -0800
commit	eb9d92247a6aefb6638fe9b7260fbb20c3b0fd74 (patch)
tree	96e4bb034fd3fa5613b02f1bb95a93661130fde0
parent	52cb45a7e98b28cba214d43b15d460123d4119ed (diff)
parent	884fedde3dd23812f77665ce85c2995d59701d0d (diff)