Integrate policies into account setup process
* Rename SECURITY_POLICIES_REQUIRED to SECURITY_POLICIES_UNSUPPORTED
* Create new pathway for SECURITY_POLICIES_REQUIRED, making it advisory
* Cleaned up strings for account setup error dialogs
* Refactored AccountSetupExchange.onActivityResult() to split up the
three primary use cases, making them more readable.
* Always finish() in AcccountSetupAccountScreen, because it's usually
cleaner to return to the previous screen (enter username & password).
diff --git a/res/values/strings.xml b/res/values/strings.xml
index 3a50a47..99d374c 100644
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -19,25 +19,7 @@
<!-- Deprecated strings - Move the identifiers to this section, mark as DO NOT TRANSLATE,
and remove the actual text. These will be removed in a bulk operation. -->
<!-- Do Not Translate. Unused string. -->
- <string name="special_mailbox_name_inbox"></string>
- <!-- Do Not Translate. Unused string. -->
- <string name="special_mailbox_display_name_inbox"></string>
- <!-- Do Not Translate. Unused string. -->
- <string name="special_mailbox_display_name_outbox"></string>
- <!-- Do Not Translate. Unused string. -->
- <string name="special_mailbox_display_name_drafts"></string>
- <!-- Do Not Translate. Unused string. -->
- <string name="special_mailbox_display_name_trash"></string>
- <!-- Do Not Translate. Unused string. -->
- <string name="special_mailbox_display_name_sent"></string>
- <!-- Do Not Translate. Unused string. -->
- <string name="special_mailbox_display_name_junk"></string>
- <!-- Do Not Translate. Unused string. -->
- <string name="account_setup_incoming_delete_policy_7days_label"></string>
- <!-- Do Not Translate. Unused string. -->
- <string name="account_setup_incoming_security_ssl_optional_label"></string>
- <!-- Do Not Translate. Unused string. -->
- <string name="account_setup_incoming_security_tls_optional_label"></string>
+ <string name="account_setup_failed_security_policies_required"></string>
<!-- Permissions label for reading attachments -->
<string name="read_attachment_label">Read Email attachments</string>
@@ -505,8 +487,20 @@
<string name="account_setup_failed_security">Unable to open connection to server due to security error.</string>
<!-- Additional diagnostic text when server connection failed due to io error (connection) -->
<string name="account_setup_failed_ioerror">Unable to open connection to server.</string>
- <!-- Additional diagnostic text when validation failed due to required provisioning not being supported -->
- <string name="account_setup_failed_security_policies_required">This Exchange ActiveSync server requires security features your phone does not support.</string>
+
+ <!-- Dialog title when validation requires security provisioning (e.g. support
+ for device lock PIN, or remote wipe.) and we ask the user permission before continuing -->
+ <string name="account_setup_security_required_title">Remote security administration</string>
+ <!-- Additional diagnostic text when validation requires security provisioning (e.g. support
+ for device lock PIN, or remote wipe.) and we ask the user permission before continuing. -->
+ <string name="account_setup_security_policies_required_fmt">
+ The server <xliff:g id="server">%s</xliff:g> requires that you allow it to remotely control
+ some security features of your phone. Do you wish to finish setting up this account?
+ </string>
+ <!-- Additional diagnostic text when validation failed due to required provisioning not
+ being supported -->
+ <string name="account_setup_failed_security_policies_unsupported">
+ This server requires security features your phone does not support.</string>
<!-- "Setup could not finish" dialog action button -->
<string name="account_setup_failed_dlg_edit_details_action">Edit details</string>
diff --git a/src/com/android/exchange/EasSyncService.java b/src/com/android/exchange/EasSyncService.java
index b9241b9..b15dac7 100644
--- a/src/com/android/exchange/EasSyncService.java
+++ b/src/com/android/exchange/EasSyncService.java
@@ -257,8 +257,19 @@
resp = svc.sendHttpClientPost("FolderSync", s.toByteArray());
code = resp.getStatusLine().getStatusCode();
if (code == HttpStatus.SC_FORBIDDEN) {
- throw new MessagingException(MessagingException.SECURITY_POLICIES_REQUIRED);
+ throw new MessagingException(MessagingException.SECURITY_POLICIES_UNSUPPORTED);
}
+ // PLACEHOLDER: Replace the above simple check with a more sophisticated
+ // check of server-mandated security policy support. There are three outcomes.
+ // 1. As below, if no policies required, simply return here as-is.
+ // 2. As above, if policies are required that we do not support, throw
+ // MessagingException.SECURITY_POLICIES_UNSUPPORTED. This is a validation
+ // failure.
+ // 3. New code: If policies are required that we *do* support, throw
+ // MessagingException.SECURITY_POLICIES_REQUIRED. This is an advisory to the
+ // UI that new policies will be required in order to use this account.
+ // See also: isSupported(PolicySet policies)
+
userLog("Validation successful");
return;
}