By default, all subscriptions are wiped on first boot after a factory
reset. This ensures that if data is wiped outside of userspace (e.g.
in fastboot/recovery), the profiles are wiped, as there's no way to
offer this option to users in those modes - the radio isn't available
for us to access the eUICC.
This API provides a way to bypass this wipe if the user opts to retain
the policies for a wipe done from userspace (e.g. by unchecking the
"Wipe eUICC" checkbox in platform settings before wiping). We tell the
LPA to note this and skip the wipe on the ensuing factory reset.
Change-Id: I2fe472417497e28b043841a5aa2dc9efa45ebbff
Test: TreeHugger
Fixes: 62681577
The AutofillSession.getFillEventHistory() method returns only the event history
for the last onFillRequest(). In the scenario where the user switches
activities and the server has multiple sessions open, only the events for the
last session should be recorded.
Test: existing CtsAutoFillServiceTestCases pass
Test: LoginActivityTest.checkFillSelectionFromPreviousSessionIsDiscarded
Fixes: 62802026
Change-Id: I447ed77c2167095867b35d616b5cf2ae43aa28db
updateAutofillValue() was crashing some apps when the mText was not set at the
time it was called. One solution would be to not set mText at all - since the
Autofill Service should rely only on getAutofillValue() - but that could break
existing services.
Hence, a safer solution is to set that field if it's null.
Test: existing CtsAutoFillServiceTestCases tests pass
Test: manual verification using Fly Delta app
Fixes: 62751039
Change-Id: I91a8e0ed5db4148f5eb5729b8e254aa3531f15e4
Session was using findViewNodesByAutofillIds(ids) before, which not only was
not optimal, but error prone (for example, it could return a non-empty array
with an empty value).
Test: CtsAutoFillServiceTestCases pass
Fixes: 62532979
Change-Id: If984f1263cc3f2aac1d1e098687fe02d73c55211
Hiding color extraction into WallpaperColors.
This enables us to create WallpaperColors from a a Bitmap
or Drawable.
Fixes: 62197187
Fixes: 62490115
Test: runtest --path cts/tests/app/src/android/app/cts/WallpaperColorsTest.java
Change-Id: I614cfa205e02b551a141642eac6de21251c3bff6
The calling package is important for the UI to be able to tell the
user who is asking to perform the operation which needs consent. For
example, it should be able to tell the user which carrier app is
asking to download a profile.
Bug: 38049463
Test: TreeHugger + E2E verification
Change-Id: I890f811405cb05672e1271f092ddca60501e7ddc
Test: existing CtsAutoFillServiceTestCases pass
Test: manual verification using Contacts app
Test: manual verification adding a CTS test case that crashes the app, but such
test cannot be commit because once the issue is fixed, it crashes the
service (the right way to test this fix is through unit tests against
exceptional conditions, but we don't support those on Autofill yet).
Fixes: 62649290
Change-Id: I8fc01fa929270219cd40035ff02eaf0dda5ecbfa
The (currently) undocumented behavior of oneway AIDLs is to serialize
IPCs made from the same client IBinder object. This is undesirable in
EuiccService as we want to respond to short-lived calls (like listing
subscriptions or getting the EID) while long-lived calls (like
download) are in progress. Introduce our own thread pool to work
around this behavior.
This also fixes a bug where uncaught exceptions thrown in the
implementation of an EuiccService method would be logged but never
trigger a callback on the client. Such exceptions now correctly crash
the app and trigger error callbacks in any active callers.
Bug: 62535655
Test: TreeHugger + verified subscription list during a download
Change-Id: I8b75af7fdc72117a163d81f7bf1447f6cc12ec6d
-Remove result classes in cases that a simple int will do. Split the
int error code space (now shared across all calls) into two parts -
predefined errors (0 or negative) and custom errors (positive).
-Replace "generic error" with "error" in naming.
-Remove detailed code from any result returned by the LPA. There is
still a detailed code in the platform API, which is equal to the
result code returned by the LPA.
Fixes: 38206601
Test: TreeHugger
Change-Id: I304081db2127a22d6dd67b6494b4f3279614d19c
Otherwise, it will fail to call onSaveRequest() in scenarios where the service
required a field that was pre-populated for the app. For example, when the
service requires both a username and password, the app pre-populates the
username, and the user fills the password.
Test: new LoginActivityTest.testSaveOnlyTwoRequiredFieldsOnePrefilled() pass
Test: existing CtsAutoFillServiceTestCases pass
Bug: 62270740
Change-Id: Idbb11a8c2dab6741c18549c55dfdb71b483c2447
Most @SystemApi methods should be protected with system (or higher)
permissions, so annotate common methods with @RequiresPermission to
make automatic verification easier.
Verification is really only relevant when calling into system
services (where permissions checking can happen on the other side of
a Binder call), so annotate managers with the new @SystemService
annotation, which is now automatically documented.
This is purely a docs change; no logic changes are being made.
Test: make -j32 update-api && make -j32 offline-sdk-docs
Bug: 62263906
Change-Id: I2554227202d84465676aa4ab0dd336b5c45fc651
- It is possible for the session to be requested to be hidden before it
gets the message to be shown and completes showing. This leads to an
inconsistency where the voice interaction service implementation will be
in a different state than the system for the session. Instead, we can
cancel any pending show messages, and also clean up the pending show
callback list immediately when the session is hidden.
- Also fixing up some error message codes when starting the assistant
activity.
Bug: 38379130
Test: android.server.cts.ActivityManagerAssistantStackTests
Test: CtsVoiceInteractionTestCases
Test: CtsAlarmClockTestCases
Change-Id: I0d0e9c024367a47bda82d6a29ca89e18b7d69527
- Adds a facility to store a credential handle that survives factory reset
- Adds a method to KeyguardManager for verifying the stored credential for SetupWizard
- Dark launches persisting the primary user's credential as the FRP credential (behind a default-off flag)
Future work:
- Use a separate GK handle / synthetic password for the FRP credential
- Enroll the FRP credential in verifyCredential for the upgrade case
Bug: 36814845
Test: runtest -x core/tests/coretests/src/com/android/internal/widget/LockPatternUtilsTest.java && runtest -x services/tests/servicestests/src/com/android/server/LockSettingsStorageTests.java && runtest -x services/tests/servicestests/src/com/android/server/SyntheticPasswordTests.java
Change-Id: Ia739408c5ecb169e5f09670cd9ceaa7febc2b1cc
Includes:
-getDefaultDownloadableSubscriptionList, which returns a list of
default subscriptions available for the device.
-getEuiccInfo, which returns an EuiccInfo object containing
non-sensitive information about the eUICC device.
-deleteSubscription, to delete a subscription.
-switchToSubscription, to switch to (or away from) a subscription.
-updateSubscriptionNickname, to update the nickname of a subscription
which is saved to the eUICC.
-eraseSubscriptions, to factory reset the eUICC.
-Settings.Global#DEFAULT_SM_DP_PLUS, a default SM-DP+ server which is
used to query for default subscriptions in
getDefaultDownloadableSubscriptionList.
These APIs follow the template of the APIs which have already been
implemented.
This completes the baseline implementation as designed; any additional
APIs or tweaks to the APIs will be tracked as separate bugs.
Fixes: 33075886
Test: Build/boot
Change-Id: I8057757c874f94e0c816af1ca071d656c8f145b9
Two new APIs will list all embedded subscriptions along with any
active ones. One API requires the ability to read phone state and
returns all subscriptions. The other requires no special permissions
but will only return those subscriptions which the caller may manage
according to their metadata.
A list result from the LPA includes whether the current eUICC is
removable. If true, subscriptions in the list are considered
transient and always removed upon the next list update (i.e. SIM card
state change) unless that update includes the subscription. Otherwise,
they will be retained across future list operations for which the
current eUICC is removable. This allows callers to retain knowledge
about available embedded subscriptions on an inactive but still
accessible eUICC, as long as that eUICC is permanent.
The LPA may request a refresh of the list at any time; this is
intended to be used of the list or metadata is updated through a
non-API operation, e.g. a server-initiated metadata update. For
operations driven through a platform API, the list will be refreshed
automatically.
Bug: 33075886
Test: TreeHugger
Change-Id: I1887cbca835c304b9eb285fd972c7c8eaffa6e1d
We now
- cache AutofillId -> ViewNode
- look for all AutofillIds at the same time (instead of one by one)
Bug: 37997043
Test: CtsAutoFillServiceTestCases
Change-Id: I094468ad885eed0cc506b4b62ff09c4af48570ff
If a dataset needs to be authenticated the fill service
may not have the values but needs to tell the system for
which fields to show the fill UI. We now allow passing
a null value to mean the view is a part of the dataset
semantically but its value should remain unchanged.
If a dataset has no values, i.e. the related autofill ids
are mapped to null, we cannot properly filter. In this case
we always match such items regardless what the user typed.
While at this improved accessibility support for filtering
to announce when the number of items being filtered changes.
Also while at this allowed a dataset authentication to return
a response which replaces the current response and refreshes
the UI. Matching datasets with null values to any text plus
allowing a response to be returned from a dataset auth enables
the use case where there is always "Import" item at the
end of the list which when clicked can show arbitrarily more
data entries associated to other apps.
Another change is that we now provide the client state
bundle on both request and dataset auth.
Finally, this change gets rid of dataset waiting auth and
response waiting auth concepts since the reference to the
response and the dataset is piped with the auth request.
Fixed a bug where the width of the autofill UI was not
properly measured by going over all items in the adapter.
Now we measure enough height to fit the first three and the
width id the width of the widest item in the adapter.
Test: Added LoginActivityTest#testDatasetAuthTwoFieldsReplaceResponse
Added LoginActivityTest#testDatasetAuthTwoFieldsNoValues
Added LiginActivityTest#filterTextNullValuesAlwaysMatched
All autofill CTS tests pass
bug:37724701
bug:37424539
Change-Id: Ic19e5d7cbdbb7d110c9e7da0ad60b540cbf1aecf
