Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2016 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | package com.android.systemui.statusbar.policy; |
| 18 | |
Jason Monk | 3cfedd7 | 2016-12-09 09:31:37 -0500 | [diff] [blame] | 19 | import static org.junit.Assert.assertEquals; |
| 20 | import static org.junit.Assert.assertFalse; |
| 21 | import static org.junit.Assert.assertTrue; |
Chalard Jean | 5b0c7c6 | 2018-03-09 20:52:15 +0900 | [diff] [blame] | 22 | import static org.mockito.Matchers.any; |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 23 | import static org.mockito.Matchers.anyInt; |
Chalard Jean | 5b0c7c6 | 2018-03-09 20:52:15 +0900 | [diff] [blame] | 24 | import static org.mockito.Matchers.argThat; |
Jason Monk | 3cfedd7 | 2016-12-09 09:31:37 -0500 | [diff] [blame] | 25 | import static org.mockito.Mockito.mock; |
| 26 | import static org.mockito.Mockito.when; |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 27 | import static org.mockito.Mockito.doThrow; |
| 28 | import static org.mockito.Mockito.doNothing; |
Chalard Jean | 5b0c7c6 | 2018-03-09 20:52:15 +0900 | [diff] [blame] | 29 | import static org.mockito.Mockito.times; |
| 30 | import static org.mockito.Mockito.verify; |
Jason Monk | 3cfedd7 | 2016-12-09 09:31:37 -0500 | [diff] [blame] | 31 | |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 32 | import android.app.admin.DevicePolicyManager; |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 33 | import android.content.ComponentName; |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 34 | import android.content.Context; |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 35 | import android.content.Intent; |
| 36 | import android.content.pm.StringParceledListSlice; |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 37 | import android.content.pm.UserInfo; |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 38 | import android.net.ConnectivityManager; |
Chalard Jean | 5b0c7c6 | 2018-03-09 20:52:15 +0900 | [diff] [blame] | 39 | import android.net.ConnectivityManager.NetworkCallback; |
| 40 | import android.net.NetworkCapabilities; |
| 41 | import android.net.NetworkRequest; |
Jason Monk | 61936ee | 2018-12-21 12:41:34 -0500 | [diff] [blame] | 42 | import android.os.Handler; |
| 43 | import android.os.Looper; |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 44 | import android.os.UserManager; |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 45 | import android.security.IKeyChainService; |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 46 | import android.support.test.runner.AndroidJUnit4; |
| 47 | import android.test.suitebuilder.annotation.SmallTest; |
| 48 | |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 49 | import com.android.systemui.statusbar.policy.SecurityController.SecurityControllerCallback; |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 50 | import com.android.systemui.SysuiTestCase; |
Jason Monk | 3cfedd7 | 2016-12-09 09:31:37 -0500 | [diff] [blame] | 51 | |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 52 | import java.util.ArrayList; |
| 53 | import java.util.Arrays; |
| 54 | import java.util.concurrent.CountDownLatch; |
| 55 | import java.util.concurrent.TimeUnit; |
| 56 | import java.util.List; |
| 57 | |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 58 | import org.junit.After; |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 59 | import org.junit.Before; |
Jason Monk | 7903c20 | 2017-05-08 13:35:23 -0400 | [diff] [blame] | 60 | import org.junit.Ignore; |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 61 | import org.junit.Test; |
| 62 | import org.junit.runner.RunWith; |
| 63 | |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 64 | |
| 65 | @SmallTest |
| 66 | @RunWith(AndroidJUnit4.class) |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 67 | public class SecurityControllerTest extends SysuiTestCase implements SecurityControllerCallback { |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 68 | private final DevicePolicyManager mDevicePolicyManager = mock(DevicePolicyManager.class); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 69 | private final IKeyChainService.Stub mKeyChainService = mock(IKeyChainService.Stub.class); |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 70 | private final UserManager mUserManager = mock(UserManager.class); |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 71 | private SecurityControllerImpl mSecurityController; |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 72 | private CountDownLatch mStateChangedLatch; |
Chalard Jean | 5b0c7c6 | 2018-03-09 20:52:15 +0900 | [diff] [blame] | 73 | private ConnectivityManager mConnectivityManager = mock(ConnectivityManager.class); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 74 | |
| 75 | // implementing SecurityControllerCallback |
| 76 | @Override |
| 77 | public void onStateChanged() { |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 78 | mStateChangedLatch.countDown(); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 79 | } |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 80 | |
| 81 | @Before |
| 82 | public void setUp() throws Exception { |
Jason Monk | 3cfedd7 | 2016-12-09 09:31:37 -0500 | [diff] [blame] | 83 | mContext.addMockSystemService(Context.DEVICE_POLICY_SERVICE, mDevicePolicyManager); |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 84 | mContext.addMockSystemService(Context.USER_SERVICE, mUserManager); |
Chalard Jean | 5b0c7c6 | 2018-03-09 20:52:15 +0900 | [diff] [blame] | 85 | mContext.addMockSystemService(Context.CONNECTIVITY_SERVICE, mConnectivityManager); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 86 | |
| 87 | Intent intent = new Intent(IKeyChainService.class.getName()); |
| 88 | ComponentName comp = intent.resolveSystemService(mContext.getPackageManager(), 0); |
| 89 | mContext.addMockService(comp, mKeyChainService); |
| 90 | |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 91 | when(mUserManager.getUserInfo(anyInt())).thenReturn(new UserInfo()); |
| 92 | |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 93 | when(mKeyChainService.getUserCaAliases()) |
| 94 | .thenReturn(new StringParceledListSlice(new ArrayList<String>())); |
| 95 | // Without this line, mKeyChainService gets wrapped in a proxy when Stub.asInterface() is |
| 96 | // used on it, and the mocking above does not work. |
| 97 | when(mKeyChainService.queryLocalInterface("android.security.IKeyChainService")) |
| 98 | .thenReturn(mKeyChainService); |
| 99 | |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 100 | // Wait for callbacks from 1) the CACertLoader and 2) the onUserSwitched() function in the |
| 101 | // constructor of mSecurityController |
| 102 | mStateChangedLatch = new CountDownLatch(2); |
Jason Monk | 61936ee | 2018-12-21 12:41:34 -0500 | [diff] [blame] | 103 | // TODO: Migrate this test to TestableLooper and use a handler attached |
| 104 | // to that. |
| 105 | mSecurityController = new SecurityControllerImpl(mContext, |
| 106 | new Handler(Looper.getMainLooper()), this); |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 107 | } |
| 108 | |
| 109 | @After |
| 110 | public void tearDown() { |
| 111 | mSecurityController.removeCallback(this); |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 112 | } |
| 113 | |
| 114 | @Test |
| 115 | public void testIsDeviceManaged() { |
| 116 | when(mDevicePolicyManager.isDeviceManaged()).thenReturn(true); |
| 117 | assertTrue(mSecurityController.isDeviceManaged()); |
| 118 | |
| 119 | when(mDevicePolicyManager.isDeviceManaged()).thenReturn(false); |
| 120 | assertFalse(mSecurityController.isDeviceManaged()); |
| 121 | } |
| 122 | |
| 123 | @Test |
| 124 | public void testGetDeviceOwnerOrganizationName() { |
| 125 | when(mDevicePolicyManager.getDeviceOwnerOrganizationName()).thenReturn("organization"); |
| 126 | assertEquals("organization", mSecurityController.getDeviceOwnerOrganizationName()); |
| 127 | } |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 128 | |
| 129 | @Test |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 130 | public void testWorkAccount() throws Exception { |
| 131 | // Wait for the callbacks from setUp() |
| 132 | assertTrue(mStateChangedLatch.await(1, TimeUnit.SECONDS)); |
| 133 | assertFalse(mSecurityController.hasCACertInCurrentUser()); |
| 134 | |
| 135 | final int PRIMARY_USER_ID = 0; |
| 136 | final int MANAGED_USER_ID = 1; |
| 137 | List<UserInfo> profiles = Arrays.asList(new UserInfo(PRIMARY_USER_ID, "Primary", |
| 138 | UserInfo.FLAG_PRIMARY), |
| 139 | new UserInfo(MANAGED_USER_ID, "Working", |
| 140 | UserInfo.FLAG_MANAGED_PROFILE)); |
| 141 | when(mUserManager.getProfiles(anyInt())).thenReturn(profiles); |
| 142 | assertTrue(mSecurityController.hasWorkProfile()); |
| 143 | assertFalse(mSecurityController.hasCACertInWorkProfile()); |
| 144 | |
| 145 | mStateChangedLatch = new CountDownLatch(1); |
| 146 | |
| 147 | when(mKeyChainService.getUserCaAliases()) |
| 148 | .thenReturn(new StringParceledListSlice(Arrays.asList("One CA Alias"))); |
| 149 | |
| 150 | mSecurityController.new CACertLoader() |
| 151 | .execute(MANAGED_USER_ID); |
| 152 | |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 153 | assertTrue(mStateChangedLatch.await(3, TimeUnit.SECONDS)); |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 154 | assertTrue(mSecurityController.hasCACertInWorkProfile()); |
| 155 | } |
| 156 | |
| 157 | @Test |
| 158 | public void testCaCertLoader() throws Exception { |
| 159 | // Wait for the callbacks from setUp() |
| 160 | assertTrue(mStateChangedLatch.await(1, TimeUnit.SECONDS)); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 161 | assertFalse(mSecurityController.hasCACertInCurrentUser()); |
| 162 | |
| 163 | // With a CA cert |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 164 | mStateChangedLatch = new CountDownLatch(1); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 165 | |
| 166 | when(mKeyChainService.getUserCaAliases()) |
| 167 | .thenReturn(new StringParceledListSlice(Arrays.asList("One CA Alias"))); |
| 168 | |
| 169 | mSecurityController.new CACertLoader() |
| 170 | .execute(0); |
| 171 | |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 172 | assertTrue(mStateChangedLatch.await(3, TimeUnit.SECONDS)); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 173 | assertTrue(mSecurityController.hasCACertInCurrentUser()); |
| 174 | |
| 175 | // Exception |
| 176 | |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 177 | mStateChangedLatch = new CountDownLatch(1); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 178 | |
| 179 | when(mKeyChainService.getUserCaAliases()) |
| 180 | .thenThrow(new AssertionError("Test AssertionError")) |
| 181 | .thenReturn(new StringParceledListSlice(new ArrayList<String>())); |
| 182 | |
| 183 | mSecurityController.new CACertLoader() |
| 184 | .execute(0); |
| 185 | |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 186 | assertFalse(mStateChangedLatch.await(1, TimeUnit.SECONDS)); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 187 | assertTrue(mSecurityController.hasCACertInCurrentUser()); |
| 188 | // The retry takes 30s |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 189 | //assertTrue(mStateChangedLatch.await(31, TimeUnit.SECONDS)); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 190 | //assertFalse(mSecurityController.hasCACertInCurrentUser()); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 191 | } |
Chalard Jean | 5b0c7c6 | 2018-03-09 20:52:15 +0900 | [diff] [blame] | 192 | |
| 193 | @Test |
| 194 | public void testNetworkRequest() { |
| 195 | verify(mConnectivityManager, times(1)).registerNetworkCallback(argThat( |
| 196 | (NetworkRequest request) -> request.networkCapabilities.getUids() == null |
| 197 | && request.networkCapabilities.getCapabilities().length == 0 |
| 198 | ), any(NetworkCallback.class)); |
| 199 | } |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 200 | } |