Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / b643fb0e67460344ade2e3db92738999f8168496 / . / services / tests / servicestests / src / com / android / server / devicepolicy / DevicePolicyManagerTest.java
blob: 0072f526bd951e553c6f0f927c097f1b2f9edc2f [file] [log] [blame]
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]1/*
2 * Copyright (C) 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]16package com.android.server.devicepolicy;
17
18import com.android.server.LocalServices;
19
Makoto Onukif76b06a2015-09-22 15:03:44 -0700[diff] [blame]20import android.Manifest.permission;
21import android.app.Activity;
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]22import android.app.admin.DeviceAdminReceiver;
23import android.app.admin.DevicePolicyManager;
24import android.app.admin.DevicePolicyManagerInternal;
Makoto Onukif76b06a2015-09-22 15:03:44 -0700[diff] [blame]25import android.content.BroadcastReceiver;
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]26import android.content.ComponentName;
27import android.content.Intent;
Makoto Onukif76b06a2015-09-22 15:03:44 -0700[diff] [blame]28import android.content.pm.ApplicationInfo;
29import android.content.pm.IPackageManager;
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]30import android.content.pm.PackageManager;
31import android.content.pm.ResolveInfo;
Makoto Onukif76b06a2015-09-22 15:03:44 -0700[diff] [blame]32import android.os.Bundle;
Makoto Onukib643fb02015-09-22 15:03:44 -0700[diff] [blame^]33import android.content.pm.PackageInfo;
34import android.content.pm.UserInfo;
35import android.os.UserHandle;
36import android.util.Pair;
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]37
38import org.mockito.ArgumentCaptor;
Makoto Onukib643fb02015-09-22 15:03:44 -0700[diff] [blame^]39import org.mockito.invocation.InvocationOnMock;
40import org.mockito.stubbing.Answer;
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]41
Makoto Onukib643fb02015-09-22 15:03:44 -0700[diff] [blame^]42import java.util.HashMap;
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]43import java.util.List;
Makoto Onukib643fb02015-09-22 15:03:44 -0700[diff] [blame^]44import java.util.Map;
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]45
46import static org.mockito.Matchers.any;
Makoto Onukif76b06a2015-09-22 15:03:44 -0700[diff] [blame]47import static org.mockito.Matchers.anyString;
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]48import static org.mockito.Matchers.eq;
Makoto Onukif76b06a2015-09-22 15:03:44 -0700[diff] [blame]49import static org.mockito.Matchers.isNull;
Makoto Onukib643fb02015-09-22 15:03:44 -0700[diff] [blame^]50import static org.mockito.Mockito.doAnswer;
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]51import static org.mockito.Mockito.doReturn;
52import static org.mockito.Mockito.times;
53import static org.mockito.Mockito.verify;
54import static org.mockito.Mockito.when;
55
56/**
Makoto Onukif76b06a2015-09-22 15:03:44 -0700[diff] [blame]57 * Tests for DevicePolicyManager( and DevicePolicyManagerService).
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]58 *
59 m FrameworksServicesTests &&
60 adb install \
61 -r out/target/product/hammerhead/data/app/FrameworksServicesTests/FrameworksServicesTests.apk &&
62 adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest \
63 -w com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
64
65 (mmma frameworks/base/services/tests/servicestests/ for non-ninja build)
66 */
67public class DevicePolicyManagerTest extends DpmTestBase {
68
Makoto Onukif76b06a2015-09-22 15:03:44 -0700[diff] [blame]69
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]70 private DpmMockContext mContext;
71 public DevicePolicyManager dpm;
72 public DevicePolicyManagerServiceTestable dpms;
Makoto Onukif76b06a2015-09-22 15:03:44 -0700[diff] [blame]73 public ComponentName admin1;
74 public ComponentName admin2;
75 public ComponentName admin3;
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]76
77 @Override
78 protected void setUp() throws Exception {
79 super.setUp();
80
81 mContext = getContext();
82
83 when(mContext.packageManager.hasSystemFeature(eq(PackageManager.FEATURE_DEVICE_ADMIN)))
84 .thenReturn(true);
85
86 LocalServices.removeServiceForTest(DevicePolicyManagerInternal.class);
87 dpms = new DevicePolicyManagerServiceTestable(mContext, dataDir);
88 dpm = new DevicePolicyManagerTestable(mContext, dpms);
Makoto Onukif76b06a2015-09-22 15:03:44 -0700[diff] [blame]89
90 admin1 = new ComponentName(mRealTestContext, DummyDeviceAdmins.Admin1.class);
91 admin2 = new ComponentName(mRealTestContext, DummyDeviceAdmins.Admin2.class);
92 admin3 = new ComponentName(mRealTestContext, DummyDeviceAdmins.Admin3.class);
93
94 setUpPackageManagerForAdmin(admin1);
95 setUpPackageManagerForAdmin(admin2);
96 setUpPackageManagerForAdmin(admin3);
97
98 setUpApplicationInfo(PackageManager.COMPONENT_ENABLED_STATE_DISABLED_UNTIL_USED);
Makoto Onukib643fb02015-09-22 15:03:44 -0700[diff] [blame^]99 setUpPackageInfo();
100 setUpUserManager();
Makoto Onukif76b06a2015-09-22 15:03:44 -0700[diff] [blame]101 }
102
103 /**
104 * Set up a mock result for {@link PackageManager#queryBroadcastReceivers}. We'll return
105 * the actual ResolveInfo for the admin component, but we need to mock PM so it'll return
106 * it for user {@link DpmMockContext#CALLER_USER_HANDLE}.
107 */
108 private void setUpPackageManagerForAdmin(ComponentName admin) {
109 final Intent resolveIntent = new Intent();
110 resolveIntent.setComponent(admin);
111 final List<ResolveInfo> realResolveInfo =
112 mRealTestContext.getPackageManager().queryBroadcastReceivers(
113 resolveIntent,
114 PackageManager.GET_META_DATA);
115 assertNotNull(realResolveInfo);
116 assertEquals(1, realResolveInfo.size());
117
118 // We need to rewrite the UID in the activity info.
119 realResolveInfo.get(0).activityInfo.applicationInfo.uid = DpmMockContext.CALLER_UID;
120
121 doReturn(realResolveInfo).when(mContext.packageManager).queryBroadcastReceivers(
122 MockUtils.checkIntentComponent(admin),
123 eq(PackageManager.GET_META_DATA
124 | PackageManager.GET_DISABLED_UNTIL_USED_COMPONENTS),
125 eq(DpmMockContext.CALLER_USER_HANDLE)
126 );
127 }
128
129 /**
130 * Set up a mock result for {@link IPackageManager#getApplicationInfo} for user
131 * {@link DpmMockContext#CALLER_USER_HANDLE}.
132 */
133 private void setUpApplicationInfo(int enabledSetting) throws Exception {
134 final ApplicationInfo ai = mRealTestContext.getPackageManager().getApplicationInfo(
135 admin1.getPackageName(),
136 PackageManager.GET_DISABLED_UNTIL_USED_COMPONENTS);
137
138 ai.enabledSetting = enabledSetting;
139
140 doReturn(ai).when(mContext.ipackageManager).getApplicationInfo(
141 eq(admin1.getPackageName()),
142 eq(PackageManager.GET_DISABLED_UNTIL_USED_COMPONENTS),
143 eq(DpmMockContext.CALLER_USER_HANDLE));
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]144 }
145
Makoto Onukib643fb02015-09-22 15:03:44 -0700[diff] [blame^]146 /**
147 * Set up a mock result for {@link IPackageManager#getPackageInfo(String, int, int)} for user
148 * {@link DpmMockContext#CALLER_USER_HANDLE} as well as the system user.
149 */
150 private void setUpPackageInfo() throws Exception {
151 final PackageInfo pi = mRealTestContext.getPackageManager().getPackageInfo(
152 admin1.getPackageName(), 0);
153 assertTrue(pi.applicationInfo.flags != 0);
154
155 doReturn(pi).when(mContext.ipackageManager).getPackageInfo(
156 eq(admin1.getPackageName()),
157 eq(0),
158 eq(DpmMockContext.CALLER_USER_HANDLE));
159 doReturn(pi).when(mContext.ipackageManager).getPackageInfo(
160 eq(admin1.getPackageName()),
161 eq(0),
162 eq(UserHandle.USER_SYSTEM));
163 }
164
165 private void setUpUserManager() {
166 // Emulate UserManager.set/getApplicationRestriction().
167 final Map<Pair<String, UserHandle>, Bundle> appRestrictions = new HashMap<>();
168
169 // UM.setApplicationRestrictions() will save to appRestrictions.
170 doAnswer(new Answer<Void>() {
171 @Override
172 public Void answer(InvocationOnMock invocation) throws Throwable {
173 String pkg = (String) invocation.getArguments()[0];
174 Bundle bundle = (Bundle) invocation.getArguments()[1];
175 UserHandle user = (UserHandle) invocation.getArguments()[2];
176
177 appRestrictions.put(Pair.create(pkg, user), bundle);
178
179 return null;
180 }
181 }).when(mContext.userManager).setApplicationRestrictions(
182 anyString(), any(Bundle.class), any(UserHandle.class));
183
184 // UM.getApplicationRestrictions() will read from appRestrictions.
185 doAnswer(new Answer<Bundle>() {
186 @Override
187 public Bundle answer(InvocationOnMock invocation) throws Throwable {
188 String pkg = (String) invocation.getArguments()[0];
189 UserHandle user = (UserHandle) invocation.getArguments()[1];
190
191 return appRestrictions.get(Pair.create(pkg, user));
192 }
193 }).when(mContext.userManager).getApplicationRestrictions(
194 anyString(), any(UserHandle.class));
195
196 // System user is always running.
197 when(mContext.userManager.isUserRunning(MockUtils.checkUserHandle(UserHandle.USER_SYSTEM)))
198 .thenReturn(true);
199
200 // Set up (default) UserInfo for CALLER_USER_HANDLE.
201 final UserInfo uh = new UserInfo(DpmMockContext.CALLER_USER_HANDLE,
202 "user" + DpmMockContext.CALLER_USER_HANDLE, 0);
203
204 when(mContext.userManager.getUserInfo(eq(DpmMockContext.CALLER_USER_HANDLE)))
205 .thenReturn(uh);
206 }
207
208 private void setAsProfileOwner(ComponentName admin) {
209 mContext.callerPermissions.add(permission.MANAGE_DEVICE_ADMINS);
210 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS);
211
212 final UserInfo uh = new UserInfo(DpmMockContext.CALLER_USER_HANDLE, "user", 0);
213
214 // DO needs to be an DA.
215 dpm.setActiveAdmin(admin, /* replace =*/ false);
216
217 // Fire!
218 assertTrue(dpm.setProfileOwner(admin, "owner-name", DpmMockContext.CALLER_USER_HANDLE));
219
220 // Check
221 assertEquals(admin1, dpm.getProfileOwnerAsUser(DpmMockContext.CALLER_USER_HANDLE));
222 }
223
224 public void testHasNoFeature() throws Exception {
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]225 when(mContext.packageManager.hasSystemFeature(eq(PackageManager.FEATURE_DEVICE_ADMIN)))
226 .thenReturn(false);
227
228 LocalServices.removeServiceForTest(DevicePolicyManagerInternal.class);
229 new DevicePolicyManagerServiceTestable(mContext, dataDir);
230
231 // If the device has no DPMS feature, it shouldn't register the local service.
232 assertNull(LocalServices.getService(DevicePolicyManagerInternal.class));
233 }
234
235 /**
236 * Caller doesn't have proper permissions.
237 */
238 public void testSetActiveAdmin_SecurityException() {
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]239 // 1. Failure cases.
240
241 // Caller doesn't have MANAGE_DEVICE_ADMINS.
242 try {
Makoto Onukif76b06a2015-09-22 15:03:44 -0700[diff] [blame]243 dpm.setActiveAdmin(admin1, false);
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]244 fail("Didn't throw SecurityException");
245 } catch (SecurityException expected) {
246 }
247
248 // Caller has MANAGE_DEVICE_ADMINS, but for different user.
249 mContext.callerPermissions.add(android.Manifest.permission.MANAGE_DEVICE_ADMINS);
250 try {
Makoto Onukif76b06a2015-09-22 15:03:44 -0700[diff] [blame]251 dpm.setActiveAdmin(admin1, false, DpmMockContext.CALLER_USER_HANDLE + 1);
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]252 fail("Didn't throw SecurityException");
253 } catch (SecurityException expected) {
254 }
255 }
256
Makoto Onukif76b06a2015-09-22 15:03:44 -0700[diff] [blame]257 /**
258 * Test for:
259 * {@link DevicePolicyManager#setActiveAdmin}
260 * with replace=false and replace=true
261 * {@link DevicePolicyManager#isAdminActive}
262 * {@link DevicePolicyManager#isAdminActiveAsUser}
263 * {@link DevicePolicyManager#getActiveAdmins}
264 * {@link DevicePolicyManager#getActiveAdminsAsUser}
265 */
266 public void testSetActiveAdmin() throws Exception {
267 // 1. Make sure the caller has proper permissions.
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]268 mContext.callerPermissions.add(android.Manifest.permission.MANAGE_DEVICE_ADMINS);
269
Makoto Onukif76b06a2015-09-22 15:03:44 -0700[diff] [blame]270 // 2. Call the API.
271 dpm.setActiveAdmin(admin1, /* replace =*/ false);
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]272
273 // 3. Verify internal calls.
274
275 // Check if the boradcast is sent.
Makoto Onukif76b06a2015-09-22 15:03:44 -0700[diff] [blame]276 verify(mContext.spiedContext).sendBroadcastAsUser(
277 MockUtils.checkIntentAction(
278 DevicePolicyManager.ACTION_DEVICE_POLICY_MANAGER_STATE_CHANGED),
279 MockUtils.checkUserHandle(DpmMockContext.CALLER_USER_HANDLE));
280 verify(mContext.spiedContext).sendBroadcastAsUser(
281 MockUtils.checkIntentAction(
282 DeviceAdminReceiver.ACTION_DEVICE_ADMIN_ENABLED),
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]283 MockUtils.checkUserHandle(DpmMockContext.CALLER_USER_HANDLE));
284
Makoto Onukif76b06a2015-09-22 15:03:44 -0700[diff] [blame]285 verify(mContext.ipackageManager, times(1)).setApplicationEnabledSetting(
286 eq(admin1.getPackageName()),
287 eq(PackageManager.COMPONENT_ENABLED_STATE_DEFAULT),
288 eq(PackageManager.DONT_KILL_APP),
289 eq(DpmMockContext.CALLER_USER_HANDLE),
290 anyString());
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]291
292 // TODO Verify other calls too.
Makoto Onukif76b06a2015-09-22 15:03:44 -0700[diff] [blame]293
294 // Make sure it's active admin1.
295 assertTrue(dpm.isAdminActive(admin1));
296 assertFalse(dpm.isAdminActive(admin2));
297 assertFalse(dpm.isAdminActive(admin3));
298
299 // But not admin1 for a different user.
300
301 // For this to work, caller needs android.permission.INTERACT_ACROSS_USERS_FULL.
302 // (Because we're checking a different user's status from CALLER_USER_HANDLE.)
303 mContext.callerPermissions.add("android.permission.INTERACT_ACROSS_USERS_FULL");
304
305 assertFalse(dpm.isAdminActiveAsUser(admin1, DpmMockContext.CALLER_USER_HANDLE + 1));
306 assertFalse(dpm.isAdminActiveAsUser(admin2, DpmMockContext.CALLER_USER_HANDLE + 1));
307
308 mContext.callerPermissions.remove("android.permission.INTERACT_ACROSS_USERS_FULL");
309
310 // Next, add one more admin.
311 // Before doing so, update the application info, now it's enabled.
312 setUpApplicationInfo(PackageManager.COMPONENT_ENABLED_STATE_ENABLED);
313
314 dpm.setActiveAdmin(admin2, /* replace =*/ false);
315
316 // Now we have two admins.
317 assertTrue(dpm.isAdminActive(admin1));
318 assertTrue(dpm.isAdminActive(admin2));
319 assertFalse(dpm.isAdminActive(admin3));
320
321 // Admin2 was already enabled, so setApplicationEnabledSetting() shouldn't have called
322 // again. (times(1) because it was previously called for admin1)
323 verify(mContext.ipackageManager, times(1)).setApplicationEnabledSetting(
324 eq(admin1.getPackageName()),
325 eq(PackageManager.COMPONENT_ENABLED_STATE_DEFAULT),
326 eq(PackageManager.DONT_KILL_APP),
327 eq(DpmMockContext.CALLER_USER_HANDLE),
328 anyString());
329
330 // 4. Add the same admin1 again without replace, which should throw.
331 try {
332 dpm.setActiveAdmin(admin1, /* replace =*/ false);
333 fail("Didn't throw");
334 } catch (IllegalArgumentException expected) {
335 }
336
337 // 5. Add the same admin1 again with replace, which should succeed.
338 dpm.setActiveAdmin(admin1, /* replace =*/ true);
339
340 // TODO make sure it's replaced.
341
342 // 6. Test getActiveAdmins()
343 List<ComponentName> admins = dpm.getActiveAdmins();
344 assertEquals(2, admins.size());
345 assertEquals(admin1, admins.get(0));
346 assertEquals(admin2, admins.get(1));
347
348 // Another user has no admins.
349 mContext.callerPermissions.add("android.permission.INTERACT_ACROSS_USERS_FULL");
350
351 assertEquals(0, DpmTestUtils.getListSizeAllowingNull(
352 dpm.getActiveAdminsAsUser(DpmMockContext.CALLER_USER_HANDLE + 1)));
353
354 mContext.callerPermissions.remove("android.permission.INTERACT_ACROSS_USERS_FULL");
355 }
356
357 /**
358 * Test for:
359 * {@link DevicePolicyManager#setActiveAdmin}
360 * with replace=false
361 */
362 public void testSetActiveAdmin_twiceWithoutReplace() throws Exception {
363 // 1. Make sure the caller has proper permissions.
364 mContext.callerPermissions.add(android.Manifest.permission.MANAGE_DEVICE_ADMINS);
365
366 dpm.setActiveAdmin(admin1, /* replace =*/ false);
367 assertTrue(dpm.isAdminActive(admin1));
368
369 // Add the same admin1 again without replace, which should throw.
370 try {
371 dpm.setActiveAdmin(admin1, /* replace =*/ false);
372 fail("Didn't throw");
373 } catch (IllegalArgumentException expected) {
374 }
375 }
376
377 /**
378 * Test for:
379 * {@link DevicePolicyManager#removeActiveAdmin}
380 */
381 public void testRemoveActiveAdmin_SecurityException() {
382 mContext.callerPermissions.add(android.Manifest.permission.MANAGE_DEVICE_ADMINS);
383
384 // Add admin.
385
386 dpm.setActiveAdmin(admin1, /* replace =*/ false);
387
388 assertTrue(dpm.isAdminActive(admin1));
389
390 assertFalse(dpm.isRemovingAdmin(admin1, DpmMockContext.CALLER_USER_HANDLE));
391
392 // Directly call the DPMS method with a different userid, which should fail.
393 try {
394 dpms.removeActiveAdmin(admin1, DpmMockContext.CALLER_USER_HANDLE + 1);
395 fail("Didn't throw SecurityException");
396 } catch (SecurityException expected) {
397 }
398
399 // Try to remove active admin with a different caller userid should fail too, without
400 // having MANAGE_DEVICE_ADMINS.
401 mContext.callerPermissions.clear();
402
403 mContext.binder.callingUid = 1234567;
404 try {
405 dpm.removeActiveAdmin(admin1);
406 fail("Didn't throw SecurityException");
407 } catch (SecurityException expected) {
408 }
409 }
410
411 /**
412 * Test for:
413 * {@link DevicePolicyManager#removeActiveAdmin}
414 */
415 public void testRemoveActiveAdmin_fromDifferentUserWithMINTERACT_ACROSS_USERS_FULL() {
416 mContext.callerPermissions.add(android.Manifest.permission.MANAGE_DEVICE_ADMINS);
417
418 // Add admin1.
419
420 dpm.setActiveAdmin(admin1, /* replace =*/ false);
421
422 assertTrue(dpm.isAdminActive(admin1));
423 assertFalse(dpm.isRemovingAdmin(admin1, DpmMockContext.CALLER_USER_HANDLE));
424
425 // Different user, but should work, because caller has proper permissions.
426 mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS_FULL);
427 mContext.binder.callingUid = 1234567;
428 dpm.removeActiveAdmin(admin1);
429
430 assertTrue(dpm.isRemovingAdmin(admin1, DpmMockContext.CALLER_USER_HANDLE));
431
432 // TODO DO Still can't be removed in this case.
433 }
434
435 /**
436 * Test for:
437 * {@link DevicePolicyManager#removeActiveAdmin}
438 */
439 public void testRemoveActiveAdmin_sameUserNoMANAGE_DEVICE_ADMINS() {
440 // Need MANAGE_DEVICE_ADMINS for setActiveAdmin. We'll remove it later.
441 mContext.callerPermissions.add(android.Manifest.permission.MANAGE_DEVICE_ADMINS);
442
443 // Add admin1.
444
445 dpm.setActiveAdmin(admin1, /* replace =*/ false);
446
447 assertTrue(dpm.isAdminActive(admin1));
448 assertFalse(dpm.isRemovingAdmin(admin1, DpmMockContext.CALLER_USER_HANDLE));
449
450 // Broadcast from saveSettingsLocked().
451 verify(mContext.spiedContext, times(1)).sendBroadcastAsUser(
452 MockUtils.checkIntentAction(
453 DevicePolicyManager.ACTION_DEVICE_POLICY_MANAGER_STATE_CHANGED),
454 MockUtils.checkUserHandle(DpmMockContext.CALLER_USER_HANDLE));
455
456 // Remove. No permissions, but same user, so it'll work.
457 mContext.callerPermissions.clear();
458 dpm.removeActiveAdmin(admin1);
459
460 final ArgumentCaptor<BroadcastReceiver> brCap =
461 ArgumentCaptor.forClass(BroadcastReceiver.class);
462
463 // Is removing now, but not removed yet.
464 assertTrue(dpm.isAdminActive(admin1));
465 assertTrue(dpm.isRemovingAdmin(admin1, DpmMockContext.CALLER_USER_HANDLE));
466
467 verify(mContext.spiedContext).sendOrderedBroadcastAsUser(
468 MockUtils.checkIntentAction(
469 DeviceAdminReceiver.ACTION_DEVICE_ADMIN_DISABLED),
470 MockUtils.checkUserHandle(DpmMockContext.CALLER_USER_HANDLE),
471 isNull(String.class),
472 brCap.capture(),
473 eq(dpms.mHandler),
474 eq(Activity.RESULT_OK),
475 isNull(String.class),
476 isNull(Bundle.class));
477
478 brCap.getValue().onReceive(mContext, null);
479
480 assertFalse(dpm.isAdminActive(admin1));
481 assertFalse(dpm.isRemovingAdmin(admin1, DpmMockContext.CALLER_USER_HANDLE));
482
483 // Again broadcast from saveSettingsLocked().
484 verify(mContext.spiedContext, times(2)).sendBroadcastAsUser(
485 MockUtils.checkIntentAction(
486 DevicePolicyManager.ACTION_DEVICE_POLICY_MANAGER_STATE_CHANGED),
487 MockUtils.checkUserHandle(DpmMockContext.CALLER_USER_HANDLE));
488
489 // TODO Check other internal calls.
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]490 }
Makoto Onukib643fb02015-09-22 15:03:44 -0700[diff] [blame^]491
492 /**
493 * Test for: {@link DevicePolicyManager#setDeviceOwner} DO on system user installs
494 * successfully.
495 */
496 public void testSetDeviceOwner() throws Exception {
497 mContext.callerPermissions.add(permission.MANAGE_DEVICE_ADMINS);
498 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS);
499 mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS_FULL);
500
501 // Call from a process on the system user.
502 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID;
503
504 // DO needs to be an DA.
505 dpm.setActiveAdmin(admin1, /* replace =*/ false);
506
507 // Fire!
508 assertTrue(dpm.setDeviceOwner(admin1.getPackageName(), "owner-name"));
509
510 // Verify internal calls.
511 verify(mContext.iactivityManager, times(1)).updateDeviceOwner(
512 eq(admin1.getPackageName()));
513
514 // TODO We should check if the caller has called clearCallerIdentity().
515 verify(mContext.ibackupManager, times(1)).setBackupServiceActive(
516 eq(UserHandle.USER_SYSTEM), eq(false));
517
518 verify(mContext.spiedContext, times(1)).sendBroadcastAsUser(
519 MockUtils.checkIntentAction(DevicePolicyManager.ACTION_DEVICE_OWNER_CHANGED),
520 MockUtils.checkUserHandle(UserHandle.USER_SYSTEM));
521
522 assertEquals(admin1.getPackageName(), dpm.getDeviceOwner());
523
524 // TODO Test getDeviceOwnerName() too. To do so, we need to change
525 // DPMS.getApplicationLabel() because Context.createPackageContextAsUser() is not mockable.
526 }
527
528 /**
529 * Test for: {@link DevicePolicyManager#setDeviceOwner} Package doesn't exist.
530 */
531 public void testSetDeviceOwner_noSuchPackage() {
532 mContext.callerPermissions.add(permission.MANAGE_DEVICE_ADMINS);
533 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS);
534 mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS_FULL);
535
536 // Call from a process on the system user.
537 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID;
538
539 // DO needs to be an DA.
540 dpm.setActiveAdmin(admin1, /* replace =*/ false);
541 try {
542 dpm.setDeviceOwner("a.b.c");
543 fail("Didn't throw IllegalArgumentException");
544 } catch (IllegalArgumentException expected) {
545 }
546 }
547
548 public void testSetDeviceOwner_failures() throws Exception {
549 // TODO Test more failure cases. Basically test all chacks in enforceCanSetDeviceOwner().
550 }
551
552 public void testSetProfileOwner() throws Exception {
553 setAsProfileOwner(admin1);
554 }
555
556 public void testSetProfileOwner_failures() throws Exception {
557 // TODO Test more failure cases. Basically test all chacks in enforceCanSetProfileOwner().
558 }
559
560 public void testSetGetApplicationRestriction() {
561 setAsProfileOwner(admin1);
562
563 {
564 Bundle rest = new Bundle();
565 rest.putString("KEY_STRING", "Foo1");
566 dpm.setApplicationRestrictions(admin1, "pkg1", rest);
567 }
568
569 {
570 Bundle rest = new Bundle();
571 rest.putString("KEY_STRING", "Foo2");
572 dpm.setApplicationRestrictions(admin1, "pkg2", rest);
573 }
574
575 {
576 Bundle returned = dpm.getApplicationRestrictions(admin1, "pkg1");
577 assertNotNull(returned);
578 assertEquals(returned.size(), 1);
579 assertEquals(returned.get("KEY_STRING"), "Foo1");
580 }
581
582 {
583 Bundle returned = dpm.getApplicationRestrictions(admin1, "pkg2");
584 assertNotNull(returned);
585 assertEquals(returned.size(), 1);
586 assertEquals(returned.get("KEY_STRING"), "Foo2");
587 }
588
589 dpm.setApplicationRestrictions(admin1, "pkg2", new Bundle());
590 assertEquals(0, dpm.getApplicationRestrictions(admin1, "pkg2").size());
591 }
Makoto Onukicc4bbeb2015-09-17 10:28:24 -0700[diff] [blame]592}