Fix 5783857: Device Policy Manager doesn't allow Face Unlock

This makes it so that if face unlock is enabled and then a device policy
manager that requires something more secure than face unlock is installed,
the user will be forced to choose a new acceptable lock type.

This was previously fixed for the case where the device had been reset, or
the shell was restarted after setting face unlock, but not for the case where the
device remained on between setting face unlock and setting up a device policy
manager.

Also changed the function ordering of saveLockPattern() so that the overloaded
wrapper function is next to the main function.

Change-Id: Ibed8c4ab137ebbc07fb143faef6f047bc6dc4474

core/java/com/android/internal/widget/LockPatternUtils.java

@@ -426,14 +426,6 @@ public class LockPatternUtils {
         return !isSecure() && getLong(DISABLE_LOCKSCREEN_KEY, 0) != 0;
     }
 
-    /**
-     * Save a lock pattern.
-     * @param pattern The new pattern to save.
-     */
-    public void saveLockPattern(List<LockPatternView.Cell> pattern) {
-        this.saveLockPattern(pattern, false);
-    }
-
     /**
      * Calls back SetupFaceLock to delete the temporary gallery file
      */
@@ -456,6 +448,14 @@ public class LockPatternUtils {
         }
     }
 
+    /**
+     * Save a lock pattern.
+     * @param pattern The new pattern to save.
+     */
+    public void saveLockPattern(List<LockPatternView.Cell> pattern) {
+        this.saveLockPattern(pattern, false);
+    }
+
     /**
      * Save a lock pattern.
      * @param pattern The new pattern to save.
@@ -482,14 +482,16 @@ public class LockPatternUtils {
                 if (!isFallback) {
                     deleteGallery();
                     setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING);
+                    dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_SOMETHING,
+                            pattern.size(), 0, 0, 0, 0, 0, 0);
                 } else {
                     setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK);
                     setLong(PASSWORD_TYPE_ALTERNATE_KEY,
                             DevicePolicyManager.PASSWORD_QUALITY_SOMETHING);
                     finishBiometricWeak();
+                    dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK,
+                            0, 0, 0, 0, 0, 0, 0);
                 }
-                dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_SOMETHING, pattern
-                        .size(), 0, 0, 0, 0, 0, 0);
             } else {
                 if (keyStore.isEmpty()) {
                     keyStore.reset();
@@ -600,40 +602,45 @@ public class LockPatternUtils {
                 if (!isFallback) {
                     deleteGallery();
                     setLong(PASSWORD_TYPE_KEY, Math.max(quality, computedQuality));
+                    if (computedQuality != DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) {
+                        int letters = 0;
+                        int uppercase = 0;
+                        int lowercase = 0;
+                        int numbers = 0;
+                        int symbols = 0;
+                        int nonletter = 0;
+                        for (int i = 0; i < password.length(); i++) {
+                            char c = password.charAt(i);
+                            if (c >= 'A' && c <= 'Z') {
+                                letters++;
+                                uppercase++;
+                            } else if (c >= 'a' && c <= 'z') {
+                                letters++;
+                                lowercase++;
+                            } else if (c >= '0' && c <= '9') {
+                                numbers++;
+                                nonletter++;
+                            } else {
+                                symbols++;
+                                nonletter++;
+                            }
+                        }
+                        dpm.setActivePasswordState(Math.max(quality, computedQuality),
+                                password.length(), letters, uppercase, lowercase,
+                                numbers, symbols, nonletter);
+                    } else {
+                        // The password is not anything.
+                        dpm.setActivePasswordState(
+                                DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED,
+                                0, 0, 0, 0, 0, 0, 0);
+                    }
                 } else {
+                    // Case where it's a fallback for biometric weak
                     setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK);
                     setLong(PASSWORD_TYPE_ALTERNATE_KEY, Math.max(quality, computedQuality));
                     finishBiometricWeak();
-                }
-                if (computedQuality != DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) {
-                    int letters = 0;
-                    int uppercase = 0;
-                    int lowercase = 0;
-                    int numbers = 0;
-                    int symbols = 0;
-                    int nonletter = 0;
-                    for (int i = 0; i < password.length(); i++) {
-                        char c = password.charAt(i);
-                        if (c >= 'A' && c <= 'Z') {
-                            letters++;
-                            uppercase++;
-                        } else if (c >= 'a' && c <= 'z') {
-                            letters++;
-                            lowercase++;
-                        } else if (c >= '0' && c <= '9') {
-                            numbers++;
-                            nonletter++;
-                        } else {
-                            symbols++;
-                            nonletter++;
-                        }
-                    }
-                    dpm.setActivePasswordState(Math.max(quality, computedQuality), password
-                            .length(), letters, uppercase, lowercase, numbers, symbols, nonletter);
-                } else {
-                    // The password is not anything.
-                    dpm.setActivePasswordState(
-                            DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, 0, 0, 0, 0, 0, 0, 0);
+                    dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK,
+                            0, 0, 0, 0, 0, 0, 0);
                 }
                 // Add the password to the password history. We assume all
                 // password

services/java/com/android/server/DevicePolicyManagerService.java

@@ -831,6 +831,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
     static void validateQualityConstant(int quality) {
         switch (quality) {
             case DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED:
+            case DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK:
             case DevicePolicyManager.PASSWORD_QUALITY_SOMETHING:
             case DevicePolicyManager.PASSWORD_QUALITY_NUMERIC:
             case DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC: