Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2016 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | package com.android.systemui.statusbar.policy; |
| 18 | |
Jason Monk | 3cfedd7 | 2016-12-09 09:31:37 -0500 | [diff] [blame] | 19 | import static org.junit.Assert.assertEquals; |
| 20 | import static org.junit.Assert.assertFalse; |
| 21 | import static org.junit.Assert.assertTrue; |
Chalard Jean | 5b0c7c6 | 2018-03-09 20:52:15 +0900 | [diff] [blame] | 22 | import static org.mockito.Matchers.any; |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 23 | import static org.mockito.Matchers.anyInt; |
Chalard Jean | 5b0c7c6 | 2018-03-09 20:52:15 +0900 | [diff] [blame] | 24 | import static org.mockito.Matchers.argThat; |
Jason Monk | 3cfedd7 | 2016-12-09 09:31:37 -0500 | [diff] [blame] | 25 | import static org.mockito.Mockito.mock; |
Chalard Jean | 5b0c7c6 | 2018-03-09 20:52:15 +0900 | [diff] [blame] | 26 | import static org.mockito.Mockito.times; |
| 27 | import static org.mockito.Mockito.verify; |
Brett Chabot | 84151d9 | 2019-02-27 15:37:59 -0800 | [diff] [blame] | 28 | import static org.mockito.Mockito.when; |
Jason Monk | 3cfedd7 | 2016-12-09 09:31:37 -0500 | [diff] [blame] | 29 | |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 30 | import android.app.admin.DevicePolicyManager; |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 31 | import android.content.ComponentName; |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 32 | import android.content.Context; |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 33 | import android.content.Intent; |
| 34 | import android.content.pm.StringParceledListSlice; |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 35 | import android.content.pm.UserInfo; |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 36 | import android.net.ConnectivityManager; |
Chalard Jean | 5b0c7c6 | 2018-03-09 20:52:15 +0900 | [diff] [blame] | 37 | import android.net.ConnectivityManager.NetworkCallback; |
Chalard Jean | 5b0c7c6 | 2018-03-09 20:52:15 +0900 | [diff] [blame] | 38 | import android.net.NetworkRequest; |
Jason Monk | 61936ee | 2018-12-21 12:41:34 -0500 | [diff] [blame] | 39 | import android.os.Handler; |
| 40 | import android.os.Looper; |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 41 | import android.os.UserManager; |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 42 | import android.security.IKeyChainService; |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 43 | import android.test.suitebuilder.annotation.SmallTest; |
| 44 | |
Brett Chabot | 84151d9 | 2019-02-27 15:37:59 -0800 | [diff] [blame] | 45 | import androidx.test.runner.AndroidJUnit4; |
Jason Monk | 3cfedd7 | 2016-12-09 09:31:37 -0500 | [diff] [blame] | 46 | |
Brett Chabot | 84151d9 | 2019-02-27 15:37:59 -0800 | [diff] [blame] | 47 | import com.android.systemui.SysuiTestCase; |
| 48 | import com.android.systemui.statusbar.policy.SecurityController.SecurityControllerCallback; |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 49 | |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 50 | import org.junit.After; |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 51 | import org.junit.Before; |
| 52 | import org.junit.Test; |
| 53 | import org.junit.runner.RunWith; |
| 54 | |
Brett Chabot | 84151d9 | 2019-02-27 15:37:59 -0800 | [diff] [blame] | 55 | import java.util.ArrayList; |
| 56 | import java.util.Arrays; |
| 57 | import java.util.List; |
| 58 | import java.util.concurrent.CountDownLatch; |
| 59 | import java.util.concurrent.TimeUnit; |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 60 | |
| 61 | @SmallTest |
| 62 | @RunWith(AndroidJUnit4.class) |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 63 | public class SecurityControllerTest extends SysuiTestCase implements SecurityControllerCallback { |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 64 | private final DevicePolicyManager mDevicePolicyManager = mock(DevicePolicyManager.class); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 65 | private final IKeyChainService.Stub mKeyChainService = mock(IKeyChainService.Stub.class); |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 66 | private final UserManager mUserManager = mock(UserManager.class); |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 67 | private SecurityControllerImpl mSecurityController; |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 68 | private CountDownLatch mStateChangedLatch; |
Chalard Jean | 5b0c7c6 | 2018-03-09 20:52:15 +0900 | [diff] [blame] | 69 | private ConnectivityManager mConnectivityManager = mock(ConnectivityManager.class); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 70 | |
| 71 | // implementing SecurityControllerCallback |
| 72 | @Override |
| 73 | public void onStateChanged() { |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 74 | mStateChangedLatch.countDown(); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 75 | } |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 76 | |
| 77 | @Before |
| 78 | public void setUp() throws Exception { |
Jason Monk | 3cfedd7 | 2016-12-09 09:31:37 -0500 | [diff] [blame] | 79 | mContext.addMockSystemService(Context.DEVICE_POLICY_SERVICE, mDevicePolicyManager); |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 80 | mContext.addMockSystemService(Context.USER_SERVICE, mUserManager); |
Chalard Jean | 5b0c7c6 | 2018-03-09 20:52:15 +0900 | [diff] [blame] | 81 | mContext.addMockSystemService(Context.CONNECTIVITY_SERVICE, mConnectivityManager); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 82 | |
| 83 | Intent intent = new Intent(IKeyChainService.class.getName()); |
| 84 | ComponentName comp = intent.resolveSystemService(mContext.getPackageManager(), 0); |
| 85 | mContext.addMockService(comp, mKeyChainService); |
| 86 | |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 87 | when(mUserManager.getUserInfo(anyInt())).thenReturn(new UserInfo()); |
| 88 | |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 89 | when(mKeyChainService.getUserCaAliases()) |
| 90 | .thenReturn(new StringParceledListSlice(new ArrayList<String>())); |
| 91 | // Without this line, mKeyChainService gets wrapped in a proxy when Stub.asInterface() is |
| 92 | // used on it, and the mocking above does not work. |
| 93 | when(mKeyChainService.queryLocalInterface("android.security.IKeyChainService")) |
| 94 | .thenReturn(mKeyChainService); |
| 95 | |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 96 | // Wait for callbacks from 1) the CACertLoader and 2) the onUserSwitched() function in the |
| 97 | // constructor of mSecurityController |
| 98 | mStateChangedLatch = new CountDownLatch(2); |
Jason Monk | 61936ee | 2018-12-21 12:41:34 -0500 | [diff] [blame] | 99 | // TODO: Migrate this test to TestableLooper and use a handler attached |
| 100 | // to that. |
| 101 | mSecurityController = new SecurityControllerImpl(mContext, |
| 102 | new Handler(Looper.getMainLooper()), this); |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 103 | } |
| 104 | |
| 105 | @After |
| 106 | public void tearDown() { |
| 107 | mSecurityController.removeCallback(this); |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 108 | } |
| 109 | |
| 110 | @Test |
| 111 | public void testIsDeviceManaged() { |
| 112 | when(mDevicePolicyManager.isDeviceManaged()).thenReturn(true); |
| 113 | assertTrue(mSecurityController.isDeviceManaged()); |
| 114 | |
| 115 | when(mDevicePolicyManager.isDeviceManaged()).thenReturn(false); |
| 116 | assertFalse(mSecurityController.isDeviceManaged()); |
| 117 | } |
| 118 | |
| 119 | @Test |
| 120 | public void testGetDeviceOwnerOrganizationName() { |
| 121 | when(mDevicePolicyManager.getDeviceOwnerOrganizationName()).thenReturn("organization"); |
| 122 | assertEquals("organization", mSecurityController.getDeviceOwnerOrganizationName()); |
| 123 | } |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 124 | |
| 125 | @Test |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 126 | public void testWorkAccount() throws Exception { |
| 127 | // Wait for the callbacks from setUp() |
| 128 | assertTrue(mStateChangedLatch.await(1, TimeUnit.SECONDS)); |
| 129 | assertFalse(mSecurityController.hasCACertInCurrentUser()); |
| 130 | |
| 131 | final int PRIMARY_USER_ID = 0; |
| 132 | final int MANAGED_USER_ID = 1; |
| 133 | List<UserInfo> profiles = Arrays.asList(new UserInfo(PRIMARY_USER_ID, "Primary", |
| 134 | UserInfo.FLAG_PRIMARY), |
| 135 | new UserInfo(MANAGED_USER_ID, "Working", |
| 136 | UserInfo.FLAG_MANAGED_PROFILE)); |
| 137 | when(mUserManager.getProfiles(anyInt())).thenReturn(profiles); |
| 138 | assertTrue(mSecurityController.hasWorkProfile()); |
| 139 | assertFalse(mSecurityController.hasCACertInWorkProfile()); |
| 140 | |
| 141 | mStateChangedLatch = new CountDownLatch(1); |
| 142 | |
| 143 | when(mKeyChainService.getUserCaAliases()) |
| 144 | .thenReturn(new StringParceledListSlice(Arrays.asList("One CA Alias"))); |
| 145 | |
| 146 | mSecurityController.new CACertLoader() |
| 147 | .execute(MANAGED_USER_ID); |
| 148 | |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 149 | assertTrue(mStateChangedLatch.await(3, TimeUnit.SECONDS)); |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 150 | assertTrue(mSecurityController.hasCACertInWorkProfile()); |
| 151 | } |
| 152 | |
| 153 | @Test |
| 154 | public void testCaCertLoader() throws Exception { |
| 155 | // Wait for the callbacks from setUp() |
| 156 | assertTrue(mStateChangedLatch.await(1, TimeUnit.SECONDS)); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 157 | assertFalse(mSecurityController.hasCACertInCurrentUser()); |
| 158 | |
| 159 | // With a CA cert |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 160 | mStateChangedLatch = new CountDownLatch(1); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 161 | |
| 162 | when(mKeyChainService.getUserCaAliases()) |
| 163 | .thenReturn(new StringParceledListSlice(Arrays.asList("One CA Alias"))); |
| 164 | |
| 165 | mSecurityController.new CACertLoader() |
| 166 | .execute(0); |
| 167 | |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 168 | assertTrue(mStateChangedLatch.await(3, TimeUnit.SECONDS)); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 169 | assertTrue(mSecurityController.hasCACertInCurrentUser()); |
| 170 | |
| 171 | // Exception |
| 172 | |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 173 | mStateChangedLatch = new CountDownLatch(1); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 174 | |
| 175 | when(mKeyChainService.getUserCaAliases()) |
| 176 | .thenThrow(new AssertionError("Test AssertionError")) |
| 177 | .thenReturn(new StringParceledListSlice(new ArrayList<String>())); |
| 178 | |
| 179 | mSecurityController.new CACertLoader() |
| 180 | .execute(0); |
| 181 | |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 182 | assertFalse(mStateChangedLatch.await(1, TimeUnit.SECONDS)); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 183 | assertTrue(mSecurityController.hasCACertInCurrentUser()); |
| 184 | // The retry takes 30s |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 185 | //assertTrue(mStateChangedLatch.await(31, TimeUnit.SECONDS)); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 186 | //assertFalse(mSecurityController.hasCACertInCurrentUser()); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 187 | } |
Chalard Jean | 5b0c7c6 | 2018-03-09 20:52:15 +0900 | [diff] [blame] | 188 | |
| 189 | @Test |
| 190 | public void testNetworkRequest() { |
| 191 | verify(mConnectivityManager, times(1)).registerNetworkCallback(argThat( |
| 192 | (NetworkRequest request) -> request.networkCapabilities.getUids() == null |
| 193 | && request.networkCapabilities.getCapabilities().length == 0 |
| 194 | ), any(NetworkCallback.class)); |
| 195 | } |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 196 | } |