DivestOS/Patches/LineageOS-17.1/android_frameworks_base/389269-backport.patch

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Beverly <beverlyt@google.com>
Date: Thu, 18 Jan 2024 20:13:52 +0000
Subject: [PATCH] isUserInLockDown can be true when there are other strong auth
 requirements

Bug: 315206668
Bug: 218495634
Flag: None
Test: manual, atest LockPatternUtilsTest
(cherry picked from commit d341f1ecdb011d24b17358f115391b3f997cb179)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:ba8dfc68aada76127abafdb17d0f0896cc14447a)
Merged-In: I5e979a7822dd7254b4579ab28ecf96df1db44179
Change-Id: I5e979a7822dd7254b4579ab28ecf96df1db44179
---
 .../internal/widget/LockPatternUtils.java     |  4 +--
 .../internal/util/LockPatternUtilsTest.java   | 33 ++++++++++++++++---
 2 files changed, 30 insertions(+), 7 deletions(-)

diff --git a/core/java/com/android/internal/widget/LockPatternUtils.java b/core/java/com/android/internal/widget/LockPatternUtils.java
index 1f49cab98972..2857324d524c 100644
--- a/core/java/com/android/internal/widget/LockPatternUtils.java
+++ b/core/java/com/android/internal/widget/LockPatternUtils.java
@@ -1794,8 +1794,8 @@ public class LockPatternUtils {
     }
 
     public boolean isUserInLockdown(int userId) {
-        return getStrongAuthForUser(userId)
-                == StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN;
+        return (getStrongAuthForUser(userId)
+                & StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN) != 0;
     }
 
     private ICheckCredentialProgressCallback wrapCallback(
diff --git a/core/tests/utiltests/src/com/android/internal/util/LockPatternUtilsTest.java b/core/tests/utiltests/src/com/android/internal/util/LockPatternUtilsTest.java
index 9913531cdf13..517160e74ade 100644
--- a/core/tests/utiltests/src/com/android/internal/util/LockPatternUtilsTest.java
+++ b/core/tests/utiltests/src/com/android/internal/util/LockPatternUtilsTest.java
@@ -18,6 +18,8 @@ package com.android.internal.util;
 
 import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_MANAGED;
 import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED;
+import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_NOT_REQUIRED;
+import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN;
 
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertTrue;
@@ -48,12 +50,15 @@ import org.mockito.Mockito;
 @SmallTest
 public class LockPatternUtilsTest {
 
+    private ILockSettings mLockSettings;
+    private static final int USER_ID = 1;
     private static final int DEMO_USER_ID = 5;
 
     private LockPatternUtils mLockPatternUtils;
 
     private void configureTest(boolean isSecure, boolean isDemoUser, int deviceDemoMode)
             throws Exception {
+        mLockSettings = Mockito.mock(ILockSettings.class);
         final Context context = spy(new ContextWrapper(InstrumentationRegistry.getTargetContext()));
 
         final MockContentResolver cr = new MockContentResolver(context);
@@ -61,13 +66,12 @@ public class LockPatternUtilsTest {
         when(context.getContentResolver()).thenReturn(cr);
         Settings.Global.putInt(cr, Settings.Global.DEVICE_DEMO_MODE, deviceDemoMode);
 
-        final ILockSettings ils = Mockito.mock(ILockSettings.class);
-        when(ils.havePassword(DEMO_USER_ID)).thenReturn(isSecure);
-        when(ils.getLong("lockscreen.password_type", PASSWORD_QUALITY_UNSPECIFIED, DEMO_USER_ID))
-                .thenReturn((long) PASSWORD_QUALITY_MANAGED);
+        when(mLockSettings.getCredentialType(DEMO_USER_ID)).thenReturn(isSecure);
+        when(mLockSettings.getLong("lockscreen.password_type", PASSWORD_QUALITY_UNSPECIFIED,
+                DEMO_USER_ID)).thenReturn((long) PASSWORD_QUALITY_MANAGED);
         // TODO(b/63758238): stop spying the class under test
         mLockPatternUtils = spy(new LockPatternUtils(context));
-        when(mLockPatternUtils.getLockSettings()).thenReturn(ils);
+        when(mLockPatternUtils.getLockSettings()).thenReturn(mLockSettings);
         doReturn(true).when(mLockPatternUtils).hasSecureLockScreen();
 
         final UserInfo userInfo = Mockito.mock(UserInfo.class);
@@ -77,6 +81,25 @@ public class LockPatternUtilsTest {
         when(context.getSystemService(Context.USER_SERVICE)).thenReturn(um);
     }
 
+    @Test
+    public void isUserInLockDown() throws Exception {
+        configureTest(true, false, 2);
+        // GIVEN strong auth not required
+        when(mLockSettings.getStrongAuthForUser(USER_ID)).thenReturn(STRONG_AUTH_NOT_REQUIRED);
+        // THEN user isn't in lockdown
+        assertFalse(mLockPatternUtils.isUserInLockdown(USER_ID));
+        // GIVEN lockdown
+        when(mLockSettings.getStrongAuthForUser(USER_ID)).thenReturn(
+                STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN);
+        // THEN user is in lockdown
+        assertTrue(mLockPatternUtils.isUserInLockdown(USER_ID));
+        // GIVEN lockdown and lockout
+        when(mLockSettings.getStrongAuthForUser(USER_ID)).thenReturn(
+                STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN | STRONG_AUTH_REQUIRED_AFTER_LOCKOUT);
+        // THEN user is in lockdown
+        assertTrue(mLockPatternUtils.isUserInLockdown(USER_ID));
+    }
+
     @Test
     public void isLockScreenDisabled_isDemoUser_true() throws Exception {
         configureTest(false, true, 2);
Extra patch for 17.1 Signed-off-by: Tavi <tavi@divested.dev> 2024-05-07 06:05:28 -04:00			`From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001`
			`From: Beverly <beverlyt@google.com>`
			`Date: Thu, 18 Jan 2024 20:13:52 +0000`
			`Subject: [PATCH] isUserInLockDown can be true when there are other strong auth`
			`requirements`

			`Bug: 315206668`
			`Bug: 218495634`
			`Flag: None`
			`Test: manual, atest LockPatternUtilsTest`
			`(cherry picked from commit d341f1ecdb011d24b17358f115391b3f997cb179)`
			`(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:ba8dfc68aada76127abafdb17d0f0896cc14447a)`
			`Merged-In: I5e979a7822dd7254b4579ab28ecf96df1db44179`
			`Change-Id: I5e979a7822dd7254b4579ab28ecf96df1db44179`
			`---`
			`.../internal/widget/LockPatternUtils.java \| 4 +--`
			`.../internal/util/LockPatternUtilsTest.java \| 33 ++++++++++++++++---`
			`2 files changed, 30 insertions(+), 7 deletions(-)`

			`diff --git a/core/java/com/android/internal/widget/LockPatternUtils.java b/core/java/com/android/internal/widget/LockPatternUtils.java`
			`index 1f49cab98972..2857324d524c 100644`
			`--- a/core/java/com/android/internal/widget/LockPatternUtils.java`
			`+++ b/core/java/com/android/internal/widget/LockPatternUtils.java`
			`@@ -1794,8 +1794,8 @@ public class LockPatternUtils {`
			`}`

			`public boolean isUserInLockdown(int userId) {`
			`- return getStrongAuthForUser(userId)`
			`- == StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN;`
			`+ return (getStrongAuthForUser(userId)`
			`+ & StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN) != 0;`
			`}`

			`private ICheckCredentialProgressCallback wrapCallback(`
			`diff --git a/core/tests/utiltests/src/com/android/internal/util/LockPatternUtilsTest.java b/core/tests/utiltests/src/com/android/internal/util/LockPatternUtilsTest.java`
			`index 9913531cdf13..517160e74ade 100644`
			`--- a/core/tests/utiltests/src/com/android/internal/util/LockPatternUtilsTest.java`
			`+++ b/core/tests/utiltests/src/com/android/internal/util/LockPatternUtilsTest.java`
			`@@ -18,6 +18,8 @@ package com.android.internal.util;`

			`import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_MANAGED;`
			`import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED;`
			`+import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_NOT_REQUIRED;`
			`+import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN;`

			`import static org.junit.Assert.assertFalse;`
			`import static org.junit.Assert.assertTrue;`
			`@@ -48,12 +50,15 @@ import org.mockito.Mockito;`
			`@SmallTest`
			`public class LockPatternUtilsTest {`

			`+ private ILockSettings mLockSettings;`
			`+ private static final int USER_ID = 1;`
			`private static final int DEMO_USER_ID = 5;`

			`private LockPatternUtils mLockPatternUtils;`

			`private void configureTest(boolean isSecure, boolean isDemoUser, int deviceDemoMode)`
			`throws Exception {`
			`+ mLockSettings = Mockito.mock(ILockSettings.class);`
			`final Context context = spy(new ContextWrapper(InstrumentationRegistry.getTargetContext()));`

			`final MockContentResolver cr = new MockContentResolver(context);`
			`@@ -61,13 +66,12 @@ public class LockPatternUtilsTest {`
			`when(context.getContentResolver()).thenReturn(cr);`
			`Settings.Global.putInt(cr, Settings.Global.DEVICE_DEMO_MODE, deviceDemoMode);`

			`- final ILockSettings ils = Mockito.mock(ILockSettings.class);`
			`- when(ils.havePassword(DEMO_USER_ID)).thenReturn(isSecure);`
			`- when(ils.getLong("lockscreen.password_type", PASSWORD_QUALITY_UNSPECIFIED, DEMO_USER_ID))`
			`- .thenReturn((long) PASSWORD_QUALITY_MANAGED);`
			`+ when(mLockSettings.getCredentialType(DEMO_USER_ID)).thenReturn(isSecure);`
			`+ when(mLockSettings.getLong("lockscreen.password_type", PASSWORD_QUALITY_UNSPECIFIED,`
			`+ DEMO_USER_ID)).thenReturn((long) PASSWORD_QUALITY_MANAGED);`
			`// TODO(b/63758238): stop spying the class under test`
			`mLockPatternUtils = spy(new LockPatternUtils(context));`
			`- when(mLockPatternUtils.getLockSettings()).thenReturn(ils);`
			`+ when(mLockPatternUtils.getLockSettings()).thenReturn(mLockSettings);`
			`doReturn(true).when(mLockPatternUtils).hasSecureLockScreen();`

			`final UserInfo userInfo = Mockito.mock(UserInfo.class);`
			`@@ -77,6 +81,25 @@ public class LockPatternUtilsTest {`
			`when(context.getSystemService(Context.USER_SERVICE)).thenReturn(um);`
			`}`

			`+ @Test`
			`+ public void isUserInLockDown() throws Exception {`
			`+ configureTest(true, false, 2);`
			`+ // GIVEN strong auth not required`
			`+ when(mLockSettings.getStrongAuthForUser(USER_ID)).thenReturn(STRONG_AUTH_NOT_REQUIRED);`
			`+ // THEN user isn't in lockdown`
			`+ assertFalse(mLockPatternUtils.isUserInLockdown(USER_ID));`
			`+ // GIVEN lockdown`
			`+ when(mLockSettings.getStrongAuthForUser(USER_ID)).thenReturn(`
			`+ STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN);`
			`+ // THEN user is in lockdown`
			`+ assertTrue(mLockPatternUtils.isUserInLockdown(USER_ID));`
			`+ // GIVEN lockdown and lockout`
			`+ when(mLockSettings.getStrongAuthForUser(USER_ID)).thenReturn(`
			`+ STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN \| STRONG_AUTH_REQUIRED_AFTER_LOCKOUT);`
			`+ // THEN user is in lockdown`
			`+ assertTrue(mLockPatternUtils.isUserInLockdown(USER_ID));`
			`+ }`
			`+`
			`@Test`
			`public void isLockScreenDisabled_isDemoUser_true() throws Exception {`
			`configureTest(false, true, 2);`