1 /*
2  * Copyright (C) 2013 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package com.android.settings;
18 
19 import static android.app.admin.DevicePolicyResources.Strings.Settings.DEVICE_OWNER_INSTALLED_CERTIFICATE_AUTHORITY_WARNING;
20 import static android.app.admin.DevicePolicyResources.Strings.Settings.WORK_PROFILE_INSTALLED_CERTIFICATE_AUTHORITY_WARNING;
21 
22 import android.app.Activity;
23 import android.app.admin.DevicePolicyManager;
24 import android.content.DialogInterface;
25 import android.content.DialogInterface.OnClickListener;
26 import android.content.DialogInterface.OnDismissListener;
27 import android.content.Intent;
28 import android.icu.text.MessageFormat;
29 import android.os.Bundle;
30 import android.os.UserHandle;
31 import android.provider.Settings;
32 
33 import androidx.appcompat.app.AlertDialog;
34 
35 import com.android.settingslib.RestrictedLockUtils;
36 import com.android.settingslib.utils.StringUtil;
37 
38 import java.util.HashMap;
39 import java.util.Locale;
40 import java.util.Map;
41 
42 /**
43  * Activity that shows a dialog explaining that a CA cert is allowing someone to monitor network
44  * traffic. This activity should be launched for the user into which the CA cert is installed
45  * unless Intent.EXTRA_USER_ID is provided.
46  */
47 public class MonitoringCertInfoActivity extends Activity implements OnClickListener,
48         OnDismissListener {
49 
50     private int mUserId;
51 
52     @Override
onCreate(Bundle savedStates)53     protected void onCreate(Bundle savedStates) {
54         super.onCreate(savedStates);
55 
56         mUserId = getIntent().getIntExtra(Intent.EXTRA_USER_ID, UserHandle.myUserId());
57 
58         final UserHandle user;
59         if (mUserId == UserHandle.USER_NULL) {
60             user = null;
61         } else {
62             user = UserHandle.of(mUserId);
63         }
64 
65         DevicePolicyManager dpm = getSystemService(DevicePolicyManager.class);
66         final int numberOfCertificates = getIntent().getIntExtra(
67                 Settings.EXTRA_NUMBER_OF_CERTIFICATES, 1);
68         final int titleId = RestrictedLockUtils.getProfileOrDeviceOwner(this, user) != null
69                 ? R.string.ssl_ca_cert_settings_button // Check certificate
70                 : R.string.ssl_ca_cert_dialog_title; // Trust or remove certificate
71         final CharSequence title = StringUtil.getIcuPluralsString(this, numberOfCertificates,
72                 titleId);
73         setTitle(title);
74 
75         final AlertDialog.Builder builder = new AlertDialog.Builder(this);
76         builder.setTitle(title);
77         builder.setCancelable(true);
78         builder.setPositiveButton(StringUtil.getIcuPluralsString(this, numberOfCertificates,
79                 R.string.ssl_ca_cert_settings_button) , this);
80         builder.setNeutralButton(R.string.cancel, null);
81         builder.setOnDismissListener(this);
82 
83         if (dpm.getProfileOwnerAsUser(mUserId) != null) {
84             MessageFormat msgFormat = new MessageFormat(
85                     dpm.getResources().getString(
86                             WORK_PROFILE_INSTALLED_CERTIFICATE_AUTHORITY_WARNING,
87                             () -> getString(R.string.ssl_ca_cert_info_message)),
88                     Locale.getDefault());
89 
90             Map<String, Object> arguments = new HashMap<>();
91             arguments.put("numberOfCertificates", numberOfCertificates);
92             arguments.put("orgName", dpm.getProfileOwnerNameAsUser(mUserId));
93 
94             builder.setMessage(msgFormat.format(arguments));
95         } else if (dpm.getDeviceOwnerComponentOnCallingUser() != null) {
96             MessageFormat msgFormat = new MessageFormat(
97                     dpm.getResources()
98                             .getString(DEVICE_OWNER_INSTALLED_CERTIFICATE_AUTHORITY_WARNING,
99                                     () -> getResources().getString(
100                                             R.string.ssl_ca_cert_info_message_device_owner)),
101                     Locale.getDefault());
102 
103             Map<String, Object> arguments = new HashMap<>();
104             arguments.put("numberOfCertificates", numberOfCertificates);
105             arguments.put("orgName", dpm.getDeviceOwnerNameOnAnyUser());
106 
107             builder.setMessage(msgFormat.format(arguments));
108         } else  {
109             // Consumer case.  Show scary warning.
110             builder.setIcon(android.R.drawable.stat_notify_error);
111             builder.setMessage(R.string.ssl_ca_cert_warning_message);
112         }
113 
114         builder.show();
115     }
116 
117     @Override
onClick(DialogInterface dialog, int which)118     public void onClick(DialogInterface dialog, int which) {
119         Intent intent = new Intent(android.provider.Settings.ACTION_TRUSTED_CREDENTIALS_USER);
120         intent.setPackage(getPackageName());
121         intent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK | Intent.FLAG_ACTIVITY_CLEAR_TOP);
122         intent.putExtra(TrustedCredentialsSettings.ARG_SHOW_NEW_FOR_USER, mUserId);
123         startActivity(intent);
124         finish();
125     }
126 
127     @Override
onDismiss(DialogInterface dialogInterface)128     public void onDismiss(DialogInterface dialogInterface) {
129         finish();
130     }
131 }
132