Merge tag 'LA.QSSI.14.0.r1-17300-qssi.0' into uminekoumineko

"LA.QSSI.14.0.r1-17300-qssi.0" Change-Id: Ic8d2950a108ae3a0c6ca86c63104bb67fe522640
author: alk3pInjection <webmaster@raspii.tech> 2024-09-27 15:12:48 +0800
committer: alk3pInjection <webmaster@raspii.tech> 2024-09-27 15:12:48 +0800
commit: a59d1c8a5f74934a88d60ef8a55e91c5e639eb79 (patch)
tree: 3052fdc41efa5888c7809d7cf6bf81f400e70b8d
parent: aa857838dc0263ab0b1bd86ab0a955ee0477c21c (diff)
parent: 4a2ac1077cdf162a64bf8752e0d8f58f89a9a719 (diff)
3 files changed, 66 insertions, 0 deletions
diff --git a/res/values/styles.xml b/res/values/styles.xml
index 0221e27ab0..8eb2ac43f6 100644
--- a/res/values/styles.xml
+++ b/res/values/styles.xml
@@ -121,6 +121,7 @@
         <item name="android:textAppearance">@android:style/TextAppearance.DeviceDefault.Medium</item>
         <item name="android:textColorHint">?android:attr/textColorSecondary</item>
         <item name="android:minHeight">@dimen/min_tap_target_size</item>
+        <item name="android:maxLength">500</item>
     </style>
 
     <style name="wifi_section">
diff --git a/src/com/android/settings/accounts/AccountTypePreferenceLoader.java b/src/com/android/settings/accounts/AccountTypePreferenceLoader.java
index f1b5be109d..16519af673 100644
--- a/src/com/android/settings/accounts/AccountTypePreferenceLoader.java
+++ b/src/com/android/settings/accounts/AccountTypePreferenceLoader.java
@@ -33,6 +33,10 @@ import android.os.UserHandle;
 import android.text.TextUtils;
 import android.util.Log;
 
+import androidx.annotation.NonNull;
+import androidx.annotation.Nullable;
+import androidx.annotation.VisibleForTesting;
+import androidx.collection.ArraySet;
 import androidx.preference.Preference;
 import androidx.preference.Preference.OnPreferenceClickListener;
 import androidx.preference.PreferenceFragmentCompat;
@@ -46,6 +50,8 @@ import com.android.settings.utils.LocalClassLoaderContextThemeWrapper;
 import com.android.settingslib.accounts.AuthenticatorHelper;
 import com.android.settingslib.core.instrumentation.Instrumentable;
 
+import java.util.Set;
+
 /**
  * Class to load the preference screen to be added to the settings page for the specific account
  * type as specified in the account-authenticator.
@@ -83,6 +89,7 @@ public class AccountTypePreferenceLoader {
             try {
                 desc = mAuthenticatorHelper.getAccountTypeDescription(accountType);
                 if (desc != null && desc.accountPreferencesId != 0) {
+                    Set<String> fragmentAllowList = generateFragmentAllowlist(parent);
                     // Load the context of the target package, then apply the
                     // base Settings theme (no references to local resources)
                     // and create a context theme wrapper so that we get the
@@ -98,6 +105,12 @@ public class AccountTypePreferenceLoader {
                     themedCtx.getTheme().setTo(baseTheme);
                     prefs = mFragment.getPreferenceManager().inflateFromResource(themedCtx,
                             desc.accountPreferencesId, parent);
+                    // Ignore Fragments provided dynamically, as these are coming from external
+                    // applications which must not have access to internal Settings' fragments.
+                    // These preferences are rendered into Settings, so they also won't have access
+                    // to their own Fragments, meaning there is no acceptable usage of
+                    // android:fragment here.
+                    filterBlockedFragments(prefs, fragmentAllowList);
                 }
             } catch (PackageManager.NameNotFoundException e) {
                 Log.w(TAG, "Couldn't load preferences.xml file from " + desc.packageName);
@@ -185,6 +198,48 @@ public class AccountTypePreferenceLoader {
         }
     }
 
+    // Build allowlist from existing Fragments in PreferenceGroup
+    @VisibleForTesting
+    Set<String> generateFragmentAllowlist(@Nullable PreferenceGroup prefs) {
+        Set<String> fragmentAllowList = new ArraySet<>();
+        if (prefs == null) {
+            return fragmentAllowList;
+        }
+
+        for (int i = 0; i < prefs.getPreferenceCount(); i++) {
+            Preference pref = prefs.getPreference(i);
+            if (pref instanceof PreferenceGroup) {
+                fragmentAllowList.addAll(generateFragmentAllowlist((PreferenceGroup) pref));
+            }
+
+            String fragmentName = pref.getFragment();
+            if (!TextUtils.isEmpty(fragmentName)) {
+                fragmentAllowList.add(fragmentName);
+            }
+        }
+        return fragmentAllowList;
+    }
+
+    // Block clicks on any Preference with android:fragment that is not contained in the allowlist
+    @VisibleForTesting
+    void filterBlockedFragments(@Nullable PreferenceGroup prefs,
+            @NonNull Set<String> allowedFragments) {
+        if (prefs == null) {
+            return;
+        }
+        for (int i = 0; i < prefs.getPreferenceCount(); i++) {
+            Preference pref = prefs.getPreference(i);
+            if (pref instanceof PreferenceGroup) {
+                filterBlockedFragments((PreferenceGroup) pref, allowedFragments);
+            }
+
+            String fragmentName = pref.getFragment();
+            if (fragmentName != null && !allowedFragments.contains(fragmentName)) {
+                pref.setOnPreferenceClickListener(preference -> true);
+            }
+        }
+    }
+
     /**
      * Determines if the supplied Intent is safe. A safe intent is one that is
      * will launch a exported=true activity or owned by the same uid as the
diff --git a/src/com/android/settings/homepage/SettingsHomepageActivity.java b/src/com/android/settings/homepage/SettingsHomepageActivity.java
index 829a89c6f0..c399c6f3a9 100644
--- a/src/com/android/settings/homepage/SettingsHomepageActivity.java
+++ b/src/com/android/settings/homepage/SettingsHomepageActivity.java
@@ -175,6 +175,16 @@ public class SettingsHomepageActivity extends FragmentActivity implements
     protected void onCreate(Bundle savedInstanceState) {
         super.onCreate(savedInstanceState);
 
+        // Ensure device is provisioned in order to access Settings home
+        // TODO(b/331254029): This should later be replaced in favor of an allowlist
+        boolean unprovisioned = android.provider.Settings.Global.getInt(getContentResolver(),
+                android.provider.Settings.Global.DEVICE_PROVISIONED, 0) == 0;
+        if (unprovisioned) {
+            Log.e(TAG, "Device is not provisioned, exiting Settings");
+            finish();
+            return;
+        }
+
         mIsEmbeddingActivityEnabled = ActivityEmbeddingUtils.isEmbeddingActivityEnabled(this);
         if (mIsEmbeddingActivityEnabled) {
             final UserManager um = getSystemService(UserManager.class);
author	alk3pInjection <webmaster@raspii.tech>	2024-09-27 15:12:48 +0800
committer	alk3pInjection <webmaster@raspii.tech>	2024-09-27 15:12:48 +0800
commit	a59d1c8a5f74934a88d60ef8a55e91c5e639eb79 (patch)
tree	3052fdc41efa5888c7809d7cf6bf81f400e70b8d
parent	aa857838dc0263ab0b1bd86ab0a955ee0477c21c (diff)
parent	4a2ac1077cdf162a64bf8752e0d8f58f89a9a719 (diff)