Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Biometric prompt, Jailbreak / Root detection and screenshot prevention #8645

Open
wants to merge 17 commits into
base: main
Choose a base branch
from
Open

Biometric prompt, Jailbreak / Root detection and screenshot prevention #8645

wants to merge 17 commits into from
+1,811 −232

Conversation

enahum
Copy link
Contributor

@enahum enahum commented Mar 6, 2025

Summary

Added a security manager class to control the new security features introduced on a per-server level in addition to the app level managed by EMM providers.

This features are:

  • Prompt for biometric authentication
  • Jailbreak / root detection
  • Screen capture prevention

These features will work on a per-server basis only if not set with a EMM provider.

In order to prevent screenshots on iOS (the way it works is detailed in the library PR) we are adding a nativeID to views on screens and components where shielded means that it should be protected and skip.shielded means that we won't be protecting this view (for screens like the ones in the login flow)

Related PR's:
Server: mattermost/mattermost#30411
Library: mattermost/react-native-emm#18

Ticket Link

https://mattermost.atlassian.net/browse/MM-63362
https://mattermost.atlassian.net/browse/MM-63363
https://mattermost.atlassian.net/browse/MM-63364

Checklist

  • Added or updated unit tests (required for all new features)
  • Includes text changes and localization file updates
  • Have tested against the 5 core themes to ensure consistency between them.
  • Have run E2E tests by adding label E2E iOS tests for PR.

Device Information

This PR was tested on:
Android 14 & 15 emulators
iPhone 16 Pro and iPad 13 Pro iOS 18

Screenshots

Will add if requested

Release Note

Added the ability to configure per server (enterprise and premium) prompting for biometric authentication, preventing the use of the app if the device is jailbroken / rooted and prevent screen captures

enahum added 16 commits March 5, 2025 18:14
@enahum
Handle biometric authentication
cc9c0ce
@enahum
jailbreak/root detection and biometric small fixes
6ea96da
@enahum
remove server from initializeSecurityManager and fix loginEntry
4d2bd85
@enahum
Add screen capture prevention and other small fixes
81081e1
@enahum
added unit tests to SecurityManager
cff9dae
@enahum
added shielded nativeID to protect views
c784d92
@enahum
use MobilePreventScreenCapture instead of MobileAllowScreenshots in c…
9a69e23 
…onfig type definition
@enahum
Apply Swizzle for screen capture on iOS
a24ed36
@enahum
Apply patch to bottom sheet to prevent screen captures
906a84c
@enahum
fix ios sendReply
6f83f89
@enahum
Fix SDWebImage swizzle to use the correct session
84718f5
@enahum
Fix potential crash on Android when using hardware keyboard
72bde43
@enahum
rename patch for network library to remove warning
7db1ecb
@enahum
add temp emm reference
d833df3
@enahum
fix initializeSecurityManager tests
2be6a46
@enahum
fix translations
e8c2c5e
@enahum enahum added 2: Dev Review Requires review by a core commiter 3: QA Review Requires review by a QA tester labels Mar 6, 2025
@enahum enahum mentioned this pull request Mar 6, 2025
Open
@enahum enahum mentioned this pull request Mar 9, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@larkox larkox Awaiting requested review from larkox

@jwilander jwilander Awaiting requested review from jwilander

@yasserfaraazkhan yasserfaraazkhan Awaiting requested review from yasserfaraazkhan

@harshilsharma63 harshilsharma63 Awaiting requested review from harshilsharma63

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
2: Dev Review Requires review by a core commiter 3: QA Review Requires review by a QA tester release-note
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@enahum @mm-cloud-bot