From 11efbaacc4ef75f379b42180314a3fe4d942fd8e Mon Sep 17 00:00:00 2001
From: Mihai Adrian Carare <48995920+mcarare@users.noreply.github.com>
Date: Wed, 19 May 2021 19:07:33 +0300
Subject: [PATCH] For #18507 - Prevent screenshots on credit card screens.
 (#19560)

---
 .../java/org/mozilla/fenix/HomeActivity.kt    |  8 +++--
 .../java/org/mozilla/fenix/SecureFragment.kt  | 34 +++++++++++++++++++
 .../java/org/mozilla/fenix/ext/Fragment.kt    | 19 +++++++++++
 .../creditcards/CreditCardEditorFragment.kt   |  4 +--
 .../CreditCardsManagementFragment.kt          |  4 +--
 5 files changed, 63 insertions(+), 6 deletions(-)
 create mode 100644 app/src/main/java/org/mozilla/fenix/SecureFragment.kt

diff --git a/app/src/main/java/org/mozilla/fenix/HomeActivity.kt b/app/src/main/java/org/mozilla/fenix/HomeActivity.kt
index 452496ca06..53ff667c9c 100644
--- a/app/src/main/java/org/mozilla/fenix/HomeActivity.kt
+++ b/app/src/main/java/org/mozilla/fenix/HomeActivity.kt
@@ -302,9 +302,12 @@ open class HomeActivity : LocaleAwareAppCompatActivity(), NavHostActivity {
         super.onResume()
 
         // Even if screenshots are allowed, we hide private content in the recents screen in onPause
-        // so onResume we should go back to setting these flags with the user screenshot setting
+        // only when we are in private mode, so in onResume we should go back to setting these flags
+        // with the user screenshot setting only when we are in private mode.
         // See https://github.com/mozilla-mobile/fenix/issues/11153
-        updateSecureWindowFlags(settings().lastKnownMode)
+        if (settings().lastKnownMode == BrowsingMode.Private) {
+            updateSecureWindowFlags(settings().lastKnownMode)
+        }
 
         // Diagnostic breadcrumb for "Display already aquired" crash:
         // https://github.com/mozilla-mobile/android-components/issues/7960
@@ -372,6 +375,7 @@ open class HomeActivity : LocaleAwareAppCompatActivity(), NavHostActivity {
             components.core.store.state.getNormalOrPrivateTabs(private = false).isNotEmpty()
 
         // Even if screenshots are allowed, we want to hide private content in the recents screen
+        // only when we are in private mode
         // See https://github.com/mozilla-mobile/fenix/issues/11153
         if (settings().lastKnownMode.isPrivate) {
             window.addFlags(FLAG_SECURE)
diff --git a/app/src/main/java/org/mozilla/fenix/SecureFragment.kt b/app/src/main/java/org/mozilla/fenix/SecureFragment.kt
new file mode 100644
index 0000000000..24d2edf3c1
--- /dev/null
+++ b/app/src/main/java/org/mozilla/fenix/SecureFragment.kt
@@ -0,0 +1,34 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+package org.mozilla.fenix
+
+import android.os.Bundle
+import androidx.annotation.LayoutRes
+import androidx.fragment.app.Fragment
+import org.mozilla.fenix.ext.removeSecure
+import org.mozilla.fenix.ext.secure
+
+/**
+ * A [Fragment] implementation that can be used to secure screens displaying sensitive information
+ * by not allowing taking screenshots of their content.
+ *
+ * Fragments displaying such screens should extend [SecureFragment] instead of [Fragment] class.
+ */
+open class SecureFragment(@LayoutRes contentLayoutId: Int) : Fragment(contentLayoutId) {
+
+    constructor() : this(0) {
+        Fragment()
+    }
+
+    override fun onCreate(savedInstanceState: Bundle?) {
+        this.secure()
+        super.onCreate(savedInstanceState)
+    }
+
+    override fun onDestroy() {
+        this.removeSecure()
+        super.onDestroy()
+    }
+}
diff --git a/app/src/main/java/org/mozilla/fenix/ext/Fragment.kt b/app/src/main/java/org/mozilla/fenix/ext/Fragment.kt
index 45fb19f661..fb2a7b112f 100644
--- a/app/src/main/java/org/mozilla/fenix/ext/Fragment.kt
+++ b/app/src/main/java/org/mozilla/fenix/ext/Fragment.kt
@@ -4,6 +4,7 @@
 
 package org.mozilla.fenix.ext
 
+import android.view.WindowManager
 import androidx.annotation.IdRes
 import androidx.annotation.StringRes
 import androidx.appcompat.app.AppCompatActivity
@@ -90,3 +91,21 @@ fun Fragment.breadcrumb(
         )
     )
 }
+
+/**
+ * Sets the [WindowManager.LayoutParams.FLAG_SECURE] flag for the current activity window.
+ */
+fun Fragment.secure() {
+    this.activity?.window?.addFlags(
+        WindowManager.LayoutParams.FLAG_SECURE
+    )
+}
+
+/**
+ * Clears the [WindowManager.LayoutParams.FLAG_SECURE] flag for the current activity window.
+ */
+fun Fragment.removeSecure() {
+    this.activity?.window?.clearFlags(
+        WindowManager.LayoutParams.FLAG_SECURE
+    )
+}
diff --git a/app/src/main/java/org/mozilla/fenix/settings/creditcards/CreditCardEditorFragment.kt b/app/src/main/java/org/mozilla/fenix/settings/creditcards/CreditCardEditorFragment.kt
index 708292caf2..20f91c480d 100644
--- a/app/src/main/java/org/mozilla/fenix/settings/creditcards/CreditCardEditorFragment.kt
+++ b/app/src/main/java/org/mozilla/fenix/settings/creditcards/CreditCardEditorFragment.kt
@@ -9,11 +9,11 @@ import android.view.Menu
 import android.view.MenuInflater
 import android.view.MenuItem
 import android.view.View
-import androidx.fragment.app.Fragment
 import androidx.lifecycle.lifecycleScope
 import androidx.navigation.fragment.findNavController
 import androidx.navigation.fragment.navArgs
 import org.mozilla.fenix.R
+import org.mozilla.fenix.SecureFragment
 import org.mozilla.fenix.ext.components
 import org.mozilla.fenix.ext.showToolbar
 import org.mozilla.fenix.settings.creditcards.controller.DefaultCreditCardEditorController
@@ -24,7 +24,7 @@ import org.mozilla.fenix.settings.creditcards.view.CreditCardEditorView
 /**
  * Display a credit card editor for adding and editing a credit card.
  */
-class CreditCardEditorFragment : Fragment(R.layout.fragment_credit_card_editor) {
+class CreditCardEditorFragment : SecureFragment(R.layout.fragment_credit_card_editor) {
 
     private lateinit var creditCardEditorState: CreditCardEditorState
     private lateinit var creditCardEditorView: CreditCardEditorView
diff --git a/app/src/main/java/org/mozilla/fenix/settings/creditcards/CreditCardsManagementFragment.kt b/app/src/main/java/org/mozilla/fenix/settings/creditcards/CreditCardsManagementFragment.kt
index be0ceaffaf..e45feb6596 100644
--- a/app/src/main/java/org/mozilla/fenix/settings/creditcards/CreditCardsManagementFragment.kt
+++ b/app/src/main/java/org/mozilla/fenix/settings/creditcards/CreditCardsManagementFragment.kt
@@ -8,7 +8,6 @@ import android.os.Bundle
 import android.view.LayoutInflater
 import android.view.View
 import android.view.ViewGroup
-import androidx.fragment.app.Fragment
 import androidx.lifecycle.lifecycleScope
 import androidx.navigation.fragment.findNavController
 import kotlinx.android.synthetic.main.fragment_saved_cards.view.*
@@ -17,6 +16,7 @@ import kotlinx.coroutines.ExperimentalCoroutinesApi
 import kotlinx.coroutines.launch
 import mozilla.components.lib.state.ext.consumeFrom
 import org.mozilla.fenix.R
+import org.mozilla.fenix.SecureFragment
 import org.mozilla.fenix.components.StoreProvider
 import org.mozilla.fenix.ext.components
 import org.mozilla.fenix.ext.showToolbar
@@ -28,7 +28,7 @@ import org.mozilla.fenix.settings.creditcards.view.CreditCardsManagementView
 /**
  * Displays a list of saved credit cards.
  */
-class CreditCardsManagementFragment : Fragment() {
+class CreditCardsManagementFragment : SecureFragment() {
 
     private lateinit var creditCardsStore: CreditCardsFragmentStore
     private lateinit var interactor: CreditCardsManagementInteractor