Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2016 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | package com.android.systemui.statusbar.policy; |
| 18 | |
Jason Monk | 3cfedd7 | 2016-12-09 09:31:37 -0500 | [diff] [blame] | 19 | import static org.junit.Assert.assertEquals; |
| 20 | import static org.junit.Assert.assertFalse; |
| 21 | import static org.junit.Assert.assertTrue; |
Chalard Jean | 5b0c7c6 | 2018-03-09 20:52:15 +0900 | [diff] [blame] | 22 | import static org.mockito.Matchers.any; |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 23 | import static org.mockito.Matchers.anyInt; |
Chalard Jean | 5b0c7c6 | 2018-03-09 20:52:15 +0900 | [diff] [blame] | 24 | import static org.mockito.Matchers.argThat; |
Jason Monk | 3cfedd7 | 2016-12-09 09:31:37 -0500 | [diff] [blame] | 25 | import static org.mockito.Mockito.mock; |
Chalard Jean | 5b0c7c6 | 2018-03-09 20:52:15 +0900 | [diff] [blame] | 26 | import static org.mockito.Mockito.times; |
| 27 | import static org.mockito.Mockito.verify; |
Brett Chabot | 84151d9 | 2019-02-27 15:37:59 -0800 | [diff] [blame] | 28 | import static org.mockito.Mockito.when; |
Jason Monk | 3cfedd7 | 2016-12-09 09:31:37 -0500 | [diff] [blame] | 29 | |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 30 | import android.app.admin.DevicePolicyManager; |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 31 | import android.content.ComponentName; |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 32 | import android.content.Context; |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 33 | import android.content.Intent; |
| 34 | import android.content.pm.StringParceledListSlice; |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 35 | import android.content.pm.UserInfo; |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 36 | import android.net.ConnectivityManager; |
Chalard Jean | 5b0c7c6 | 2018-03-09 20:52:15 +0900 | [diff] [blame] | 37 | import android.net.ConnectivityManager.NetworkCallback; |
Chalard Jean | 5b0c7c6 | 2018-03-09 20:52:15 +0900 | [diff] [blame] | 38 | import android.net.NetworkRequest; |
Jason Monk | 61936ee | 2018-12-21 12:41:34 -0500 | [diff] [blame] | 39 | import android.os.Handler; |
| 40 | import android.os.Looper; |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 41 | import android.os.UserManager; |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 42 | import android.security.IKeyChainService; |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 43 | import android.test.suitebuilder.annotation.SmallTest; |
| 44 | |
Brett Chabot | 84151d9 | 2019-02-27 15:37:59 -0800 | [diff] [blame] | 45 | import androidx.test.runner.AndroidJUnit4; |
Jason Monk | 3cfedd7 | 2016-12-09 09:31:37 -0500 | [diff] [blame] | 46 | |
Brett Chabot | 84151d9 | 2019-02-27 15:37:59 -0800 | [diff] [blame] | 47 | import com.android.systemui.SysuiTestCase; |
Fabian Kozynski | 5ca7a51 | 2019-10-16 19:56:11 +0000 | [diff] [blame] | 48 | import com.android.systemui.broadcast.BroadcastDispatcher; |
Brett Chabot | 84151d9 | 2019-02-27 15:37:59 -0800 | [diff] [blame] | 49 | import com.android.systemui.statusbar.policy.SecurityController.SecurityControllerCallback; |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 50 | |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 51 | import org.junit.After; |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 52 | import org.junit.Before; |
| 53 | import org.junit.Test; |
| 54 | import org.junit.runner.RunWith; |
| 55 | |
Brett Chabot | 84151d9 | 2019-02-27 15:37:59 -0800 | [diff] [blame] | 56 | import java.util.ArrayList; |
| 57 | import java.util.Arrays; |
| 58 | import java.util.List; |
| 59 | import java.util.concurrent.CountDownLatch; |
| 60 | import java.util.concurrent.TimeUnit; |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 61 | |
| 62 | @SmallTest |
| 63 | @RunWith(AndroidJUnit4.class) |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 64 | public class SecurityControllerTest extends SysuiTestCase implements SecurityControllerCallback { |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 65 | private final DevicePolicyManager mDevicePolicyManager = mock(DevicePolicyManager.class); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 66 | private final IKeyChainService.Stub mKeyChainService = mock(IKeyChainService.Stub.class); |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 67 | private final UserManager mUserManager = mock(UserManager.class); |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 68 | private SecurityControllerImpl mSecurityController; |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 69 | private CountDownLatch mStateChangedLatch; |
Chalard Jean | 5b0c7c6 | 2018-03-09 20:52:15 +0900 | [diff] [blame] | 70 | private ConnectivityManager mConnectivityManager = mock(ConnectivityManager.class); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 71 | |
| 72 | // implementing SecurityControllerCallback |
| 73 | @Override |
| 74 | public void onStateChanged() { |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 75 | mStateChangedLatch.countDown(); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 76 | } |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 77 | |
| 78 | @Before |
| 79 | public void setUp() throws Exception { |
Jason Monk | 3cfedd7 | 2016-12-09 09:31:37 -0500 | [diff] [blame] | 80 | mContext.addMockSystemService(Context.DEVICE_POLICY_SERVICE, mDevicePolicyManager); |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 81 | mContext.addMockSystemService(Context.USER_SERVICE, mUserManager); |
Chalard Jean | 5b0c7c6 | 2018-03-09 20:52:15 +0900 | [diff] [blame] | 82 | mContext.addMockSystemService(Context.CONNECTIVITY_SERVICE, mConnectivityManager); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 83 | |
| 84 | Intent intent = new Intent(IKeyChainService.class.getName()); |
| 85 | ComponentName comp = intent.resolveSystemService(mContext.getPackageManager(), 0); |
| 86 | mContext.addMockService(comp, mKeyChainService); |
| 87 | |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 88 | when(mUserManager.getUserInfo(anyInt())).thenReturn(new UserInfo()); |
| 89 | |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 90 | when(mKeyChainService.getUserCaAliases()) |
| 91 | .thenReturn(new StringParceledListSlice(new ArrayList<String>())); |
| 92 | // Without this line, mKeyChainService gets wrapped in a proxy when Stub.asInterface() is |
| 93 | // used on it, and the mocking above does not work. |
| 94 | when(mKeyChainService.queryLocalInterface("android.security.IKeyChainService")) |
| 95 | .thenReturn(mKeyChainService); |
| 96 | |
phweiss | 1a50c52 | 2019-10-21 19:41:09 +0200 | [diff] [blame] | 97 | // Wait for callbacks from the onUserSwitched() function in the |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 98 | // constructor of mSecurityController |
phweiss | 1a50c52 | 2019-10-21 19:41:09 +0200 | [diff] [blame] | 99 | mStateChangedLatch = new CountDownLatch(1); |
Jason Monk | 61936ee | 2018-12-21 12:41:34 -0500 | [diff] [blame] | 100 | // TODO: Migrate this test to TestableLooper and use a handler attached |
| 101 | // to that. |
| 102 | mSecurityController = new SecurityControllerImpl(mContext, |
Fabian Kozynski | 5ca7a51 | 2019-10-16 19:56:11 +0000 | [diff] [blame] | 103 | new Handler(Looper.getMainLooper()), mock(BroadcastDispatcher.class), this); |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 104 | } |
| 105 | |
| 106 | @After |
| 107 | public void tearDown() { |
| 108 | mSecurityController.removeCallback(this); |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 109 | } |
| 110 | |
| 111 | @Test |
| 112 | public void testIsDeviceManaged() { |
| 113 | when(mDevicePolicyManager.isDeviceManaged()).thenReturn(true); |
| 114 | assertTrue(mSecurityController.isDeviceManaged()); |
| 115 | |
| 116 | when(mDevicePolicyManager.isDeviceManaged()).thenReturn(false); |
| 117 | assertFalse(mSecurityController.isDeviceManaged()); |
| 118 | } |
| 119 | |
| 120 | @Test |
| 121 | public void testGetDeviceOwnerOrganizationName() { |
| 122 | when(mDevicePolicyManager.getDeviceOwnerOrganizationName()).thenReturn("organization"); |
| 123 | assertEquals("organization", mSecurityController.getDeviceOwnerOrganizationName()); |
| 124 | } |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 125 | |
| 126 | @Test |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 127 | public void testWorkAccount() throws Exception { |
| 128 | // Wait for the callbacks from setUp() |
| 129 | assertTrue(mStateChangedLatch.await(1, TimeUnit.SECONDS)); |
| 130 | assertFalse(mSecurityController.hasCACertInCurrentUser()); |
| 131 | |
| 132 | final int PRIMARY_USER_ID = 0; |
| 133 | final int MANAGED_USER_ID = 1; |
| 134 | List<UserInfo> profiles = Arrays.asList(new UserInfo(PRIMARY_USER_ID, "Primary", |
| 135 | UserInfo.FLAG_PRIMARY), |
| 136 | new UserInfo(MANAGED_USER_ID, "Working", |
| 137 | UserInfo.FLAG_MANAGED_PROFILE)); |
| 138 | when(mUserManager.getProfiles(anyInt())).thenReturn(profiles); |
| 139 | assertTrue(mSecurityController.hasWorkProfile()); |
| 140 | assertFalse(mSecurityController.hasCACertInWorkProfile()); |
| 141 | |
| 142 | mStateChangedLatch = new CountDownLatch(1); |
| 143 | |
| 144 | when(mKeyChainService.getUserCaAliases()) |
| 145 | .thenReturn(new StringParceledListSlice(Arrays.asList("One CA Alias"))); |
| 146 | |
| 147 | mSecurityController.new CACertLoader() |
| 148 | .execute(MANAGED_USER_ID); |
| 149 | |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 150 | assertTrue(mStateChangedLatch.await(3, TimeUnit.SECONDS)); |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 151 | assertTrue(mSecurityController.hasCACertInWorkProfile()); |
| 152 | } |
| 153 | |
| 154 | @Test |
| 155 | public void testCaCertLoader() throws Exception { |
| 156 | // Wait for the callbacks from setUp() |
| 157 | assertTrue(mStateChangedLatch.await(1, TimeUnit.SECONDS)); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 158 | assertFalse(mSecurityController.hasCACertInCurrentUser()); |
| 159 | |
| 160 | // With a CA cert |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 161 | mStateChangedLatch = new CountDownLatch(1); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 162 | |
| 163 | when(mKeyChainService.getUserCaAliases()) |
| 164 | .thenReturn(new StringParceledListSlice(Arrays.asList("One CA Alias"))); |
| 165 | |
| 166 | mSecurityController.new CACertLoader() |
| 167 | .execute(0); |
| 168 | |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 169 | assertTrue(mStateChangedLatch.await(3, TimeUnit.SECONDS)); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 170 | assertTrue(mSecurityController.hasCACertInCurrentUser()); |
| 171 | |
| 172 | // Exception |
Justin Klaassen | 6b47643 | 2017-05-08 07:11:46 -0700 | [diff] [blame] | 173 | mStateChangedLatch = new CountDownLatch(1); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 174 | |
| 175 | when(mKeyChainService.getUserCaAliases()) |
| 176 | .thenThrow(new AssertionError("Test AssertionError")) |
| 177 | .thenReturn(new StringParceledListSlice(new ArrayList<String>())); |
| 178 | |
| 179 | mSecurityController.new CACertLoader() |
| 180 | .execute(0); |
| 181 | |
phweiss | 0dbf959 | 2017-05-11 15:31:27 +0200 | [diff] [blame] | 182 | assertFalse(mStateChangedLatch.await(1, TimeUnit.SECONDS)); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 183 | assertTrue(mSecurityController.hasCACertInCurrentUser()); |
phweiss | 1a50c52 | 2019-10-21 19:41:09 +0200 | [diff] [blame] | 184 | |
| 185 | mSecurityController.new CACertLoader() |
| 186 | .execute(0); |
| 187 | |
| 188 | assertTrue(mStateChangedLatch.await(1, TimeUnit.SECONDS)); |
| 189 | assertFalse(mSecurityController.hasCACertInCurrentUser()); |
phweiss | e375fc4 | 2017-04-19 20:15:06 +0200 | [diff] [blame] | 190 | } |
Chalard Jean | 5b0c7c6 | 2018-03-09 20:52:15 +0900 | [diff] [blame] | 191 | |
| 192 | @Test |
| 193 | public void testNetworkRequest() { |
| 194 | verify(mConnectivityManager, times(1)).registerNetworkCallback(argThat( |
| 195 | (NetworkRequest request) -> request.networkCapabilities.getUids() == null |
| 196 | && request.networkCapabilities.getCapabilities().length == 0 |
| 197 | ), any(NetworkCallback.class)); |
| 198 | } |
Bartosz Fabianowski | 46bea2e | 2016-12-06 01:20:29 +0100 | [diff] [blame] | 199 | } |