1345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler/* 2345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Copyright (C) 2010 The Android Open Source Project 3345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * 4345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Licensed under the Apache License, Version 2.0 (the "License"); 5345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * you may not use this file except in compliance with the License. 6345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * You may obtain a copy of the License at 7345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * 8345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * http://www.apache.org/licenses/LICENSE-2.0 9345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * 10345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Unless required by applicable law or agreed to in writing, software 11345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * distributed under the License is distributed on an "AS IS" BASIS, 12345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * See the License for the specific language governing permissions and 14345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * limitations under the License. 15345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 16345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 17345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerpackage com.android.email; 18345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 19505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komaloimport android.app.admin.DevicePolicyManager; 20505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komaloimport android.content.Context; 21505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komaloimport android.content.ContextWrapper; 22505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komaloimport android.test.ProviderTestCase2; 23505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komaloimport android.test.suitebuilder.annotation.MediumTest; 24505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komaloimport android.test.suitebuilder.annotation.SmallTest; 257037a0bd3d8e925a9115f475f5c0d05ddae2eeeeJerry Xieimport android.test.suitebuilder.annotation.Suppress; 26505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo 271ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadlerimport com.android.email.provider.ContentCache; 289ba506c4dd498150555f6c59aa758f7467bf9236Marc Blankimport com.android.email.provider.EmailProvider; 299ba506c4dd498150555f6c59aa758f7467bf9236Marc Blankimport com.android.email.provider.ProviderTestUtils; 30f5418f1f93b02e7fab9f15eb201800b65510998eMarc Blankimport com.android.emailcommon.provider.Account; 31a7bc0319a75184ad706bb35c049af107ac3688e6Marc Blankimport com.android.emailcommon.provider.EmailContent; 32a7bc0319a75184ad706bb35c049af107ac3688e6Marc Blankimport com.android.emailcommon.provider.EmailContent.Message; 3353ea83ebf91f820692e8fa8e781f5cc982dd94dbBen Komaloimport com.android.emailcommon.provider.Mailbox; 34aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blankimport com.android.emailcommon.provider.Policy; 35aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blankimport com.android.emailcommon.service.LegacyPolicySet; 36345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 37345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler/** 38345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * This is a series of unit tests for backup/restore of the SecurityPolicy class. 392b2b3448ec200f3d649e5f57309908d28ce3bfc7Marc Blank * 409b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank * You can run this entire test case with: 419b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank * runtest -c com.android.email.SecurityPolicyTests email 42345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 439b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank 447037a0bd3d8e925a9115f475f5c0d05ddae2eeeeJerry Xie// TODO: after b/12085240 gets fixed, we need to see if this test can be enabled 457037a0bd3d8e925a9115f475f5c0d05ddae2eeeeJerry Xie@Suppress 46345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler@MediumTest 47345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerpublic class SecurityPolicyTests extends ProviderTestCase2<EmailProvider> { 48345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler private Context mMockContext; 49aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private SecurityPolicy mSecurityPolicy; 50d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler 51345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler public SecurityPolicyTests() { 5231d9acbf0623872f9d4a2b3210b5970854b654c7Marc Blank super(EmailProvider.class, EmailContent.AUTHORITY); 53345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 54345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 55aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private static final Policy EMPTY_POLICY = new Policy(); 56aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank 57345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler @Override 58345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler protected void setUp() throws Exception { 59345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler super.setUp(); 60aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mMockContext = new MockContext2(getMockContext(), mContext); 611ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Invalidate all caches, since we reset the database for each test 626e418aa41a17136be0dddb816d843428a0a1e722Marc Blank ContentCache.invalidateAllCaches(); 63345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 64345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 65345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler /** 66345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Delete any dummy accounts we set up for this test 67345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 68345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler @Override 69345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler protected void tearDown() throws Exception { 70345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler super.tearDown(); 71345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 72345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 73345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler /** 740fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki * Private context wrapper used to add back getPackageName() for these tests. 750fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki * 76a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler * This class also implements {@link Context} method(s) that are called during tests. 77d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler */ 78d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler private static class MockContext2 extends ContextWrapper { 79d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler 80d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler private final Context mRealContext; 81d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler 82d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler public MockContext2(Context mockContext, Context realContext) { 83d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler super(mockContext); 84d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler mRealContext = realContext; 85d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler } 86d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler 87d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler @Override 880fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki public Context getApplicationContext() { 890fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki return this; 900fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki } 910fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki 920fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki @Override 93d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler public String getPackageName() { 94d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler return mRealContext.getPackageName(); 95d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler } 96a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler 97a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler @Override 98a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler public Object getSystemService(String name) { 99a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler return mRealContext.getSystemService(name); 100a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler } 101d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler } 102d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler 103d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler /** 104aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank * Create a Policy using the arguments formerly used to create a PolicySet; this minimizes the 105aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank * changes needed for re-using the PolicySet unit test logic 106345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 107aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private Policy setupPolicy(int minPasswordLength, int passwordMode, int maxPasswordFails, 108aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank int maxScreenLockTime, boolean requireRemoteWipe, int passwordExpirationDays, 109aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank int passwordHistory, int passwordComplexChars, boolean requireEncryption, 110e76962b1b9c66ecc3fd49cd4c956f234365bfe5cBen Komalo boolean dontAllowCamera) 111d09cff08882e553afce919865a2cc60b657d4659Ben Komalo throws IllegalArgumentException { 112aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy policy = new Policy(); 113aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank policy.mPasswordMinLength = minPasswordLength; 114aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank policy.mPasswordMode = passwordMode; 115aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank policy.mPasswordMaxFails = maxPasswordFails; 116aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank policy.mMaxScreenLockTime = maxScreenLockTime; 117aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank policy.mRequireRemoteWipe = requireRemoteWipe; 118aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank policy.mPasswordExpirationDays = passwordExpirationDays; 119aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank policy.mPasswordHistory = passwordHistory; 120aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank policy.mPasswordComplexChars = passwordComplexChars; 121aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank policy.mRequireEncryption = requireEncryption; 122d09cff08882e553afce919865a2cc60b657d4659Ben Komalo policy.mDontAllowCamera = dontAllowCamera; 123aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank return policy; 1241d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank } 1251d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank 126345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler /** 127345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Test business logic of aggregating accounts with policies 128345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 129345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler public void testAggregator() { 130aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mSecurityPolicy = SecurityPolicy.getInstance(mMockContext); 131345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 132d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler // with no accounts, should return empty set 133aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertEquals(EMPTY_POLICY, mSecurityPolicy.computeAggregatePolicy()); 134345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 135d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler // with accounts having no security, empty set 136aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank ProviderTestUtils.setupAccount("no-sec-1", true, mMockContext); 137aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank ProviderTestUtils.setupAccount("no-sec-2", true, mMockContext); 138aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertEquals(EMPTY_POLICY, mSecurityPolicy.computeAggregatePolicy()); 139345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 140345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // with a single account in security mode, should return same security as in account 1413d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler // first test with partially-populated policies 142aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a3 = ProviderTestUtils.setupAccount("sec-3", true, mMockContext); 143aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p3ain = setupPolicy(10, Policy.PASSWORD_MODE_SIMPLE, 0, 0, false, 0, 0, 0, 144e76962b1b9c66ecc3fd49cd4c956f234365bfe5cBen Komalo false, false); 14517d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie SecurityPolicy.setAccountPolicy(mMockContext, a3, p3ain, null); 146aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p3aout = mSecurityPolicy.computeAggregatePolicy(); 1473d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler assertNotNull(p3aout); 1483d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler assertEquals(p3ain, p3aout); 1493d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler 1503d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler // Repeat that test with fully-populated policies 151aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p3bin = setupPolicy(10, Policy.PASSWORD_MODE_SIMPLE, 15, 16, false, 6, 2, 3, 152e76962b1b9c66ecc3fd49cd4c956f234365bfe5cBen Komalo false, false); 15317d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie SecurityPolicy.setAccountPolicy(mMockContext, a3, p3bin, null); 154aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p3bout = mSecurityPolicy.computeAggregatePolicy(); 1553d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler assertNotNull(p3bout); 1563d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler assertEquals(p3bin, p3bout); 157345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 158345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // add another account which mixes it up (some fields will change, others will not) 159345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // pw length and pw mode - max logic - will change because larger #s here 160345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // fail count and lock timer - min logic - will *not* change because larger #s here 161345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // wipe required - OR logic - will *not* change here because false 1621ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // expiration - will not change because 0 (unspecified) 1631ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // max complex chars - max logic - will change 164469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler // encryption required - OR logic - will *not* change here because false 165d09cff08882e553afce919865a2cc60b657d4659Ben Komalo // don't allow camera - OR logic - will change here because it's true 166aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p4in = setupPolicy(20, Policy.PASSWORD_MODE_STRONG, 25, 26, false, 0, 5, 7, 167e76962b1b9c66ecc3fd49cd4c956f234365bfe5cBen Komalo false, true); 168aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a4 = ProviderTestUtils.setupAccount("sec-4", true, mMockContext); 16917d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie SecurityPolicy.setAccountPolicy(mMockContext, a4, p4in, null); 170aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p4out = mSecurityPolicy.computeAggregatePolicy(); 171345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertNotNull(p4out); 172aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertEquals(20, p4out.mPasswordMinLength); 173aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertEquals(Policy.PASSWORD_MODE_STRONG, p4out.mPasswordMode); 174aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertEquals(15, p4out.mPasswordMaxFails); 175345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(16, p4out.mMaxScreenLockTime); 1761ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(6, p4out.mPasswordExpirationDays); 1779b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(5, p4out.mPasswordHistory); 1789b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(7, p4out.mPasswordComplexChars); 179345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertFalse(p4out.mRequireRemoteWipe); 180469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertFalse(p4out.mRequireEncryption); 1817fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler assertFalse(p4out.mRequireEncryptionExternal); 182d09cff08882e553afce919865a2cc60b657d4659Ben Komalo assertTrue(p4out.mDontAllowCamera); 183345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 184345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // add another account which mixes it up (the remaining fields will change) 185345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // pw length and pw mode - max logic - will *not* change because smaller #s here 186345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // fail count and lock timer - min logic - will change because smaller #s here 187345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // wipe required - OR logic - will change here because true 1881ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // expiration time - min logic - will change because lower here 1891ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // history & complex chars - will not change because 0 (unspecified) 190469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler // encryption required - OR logic - will change here because true 191d09cff08882e553afce919865a2cc60b657d4659Ben Komalo // don't allow camera - OR logic - will *not* change here because it's already true 192aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p5in = setupPolicy(4, Policy.PASSWORD_MODE_SIMPLE, 5, 6, true, 1, 0, 0, 193e76962b1b9c66ecc3fd49cd4c956f234365bfe5cBen Komalo true, false); 194aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a5 = ProviderTestUtils.setupAccount("sec-5", true, mMockContext); 19517d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie SecurityPolicy.setAccountPolicy(mMockContext, a5, p5in, null); 196aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p5out = mSecurityPolicy.computeAggregatePolicy(); 197345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertNotNull(p5out); 198aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertEquals(20, p5out.mPasswordMinLength); 199aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertEquals(Policy.PASSWORD_MODE_STRONG, p5out.mPasswordMode); 200aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertEquals(5, p5out.mPasswordMaxFails); 201345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(6, p5out.mMaxScreenLockTime); 2021ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(1, p5out.mPasswordExpirationDays); 203469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertEquals(5, p5out.mPasswordHistory); 204469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertEquals(7, p5out.mPasswordComplexChars); 205345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertTrue(p5out.mRequireRemoteWipe); 2067fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler assertFalse(p5out.mRequireEncryptionExternal); 207d09cff08882e553afce919865a2cc60b657d4659Ben Komalo assertTrue(p5out.mDontAllowCamera); 208345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 209345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 210505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo private long assertAccountPolicyConsistent(long accountId, long oldKey) { 211505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo Account account = Account.restoreAccountWithId(mMockContext, accountId); 212505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo long policyKey = account.mPolicyKey; 213505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo 214505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo assertTrue(policyKey > 0); 215505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo 216505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo // Found a policy. Ensure it matches. 217505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo Policy policy = Policy.restorePolicyWithId(mMockContext, policyKey); 218505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo assertNotNull(policy); 219505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo assertEquals(account.mPolicyKey, policy.mId); 220505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo assertEquals( 221505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo accountId, 222505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo Policy.getAccountIdWithPolicyKey(mMockContext, policy.mId)); 223505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo 224505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo // Assert the old one isn't there. 225505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo if (oldKey > 0) { 226505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo assertNull("old policy not cleaned up", 227505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo Policy.restorePolicyWithId(mMockContext, oldKey)); 228505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo } 229505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo 230505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo return policyKey; 231505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo } 232505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo 233505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo @SmallTest 234505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo public void testSettingAccountPolicy() { 235505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo Account account = ProviderTestUtils.setupAccount("testaccount", true, mMockContext); 236505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo long accountId = account.mId; 237505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo Policy initial = setupPolicy(10, Policy.PASSWORD_MODE_SIMPLE, 0, 0, false, 0, 0, 0, 238e76962b1b9c66ecc3fd49cd4c956f234365bfe5cBen Komalo false, false); 23917d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie SecurityPolicy.setAccountPolicy(mMockContext, account, initial, null); 240505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo 241505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo long oldKey = assertAccountPolicyConsistent(account.mId, 0); 242505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo 243505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo Policy updated = setupPolicy(10, Policy.PASSWORD_MODE_SIMPLE, 0, 0, false, 0, 0, 0, 244e76962b1b9c66ecc3fd49cd4c956f234365bfe5cBen Komalo false, false); 24517d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie SecurityPolicy.setAccountPolicy(mMockContext, account, updated, null); 246505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo oldKey = assertAccountPolicyConsistent(account.mId, oldKey); 247505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo 248505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo // Remove the policy 24917d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie SecurityPolicy.clearAccountPolicy( 250505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo mMockContext, Account.restoreAccountWithId(mMockContext, accountId)); 251505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo assertNull("old policy not cleaned up", 252505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo Policy.restorePolicyWithId(mMockContext, oldKey)); 253505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo } 254505ac4b09bbe13ff099e40d94e45963e46a9261fBen Komalo 255345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler /** 2569b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank * Test equality. Note, the tests for inequality are poor, as each field should 257345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * be tested individually. 258345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 259345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler @SmallTest 2609b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank public void testEquals() { 261aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p1 = 262e76962b1b9c66ecc3fd49cd4c956f234365bfe5cBen Komalo setupPolicy(1, Policy.PASSWORD_MODE_STRONG, 3, 4, true, 7, 8, 9, false, false); 263aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p2 = 264e76962b1b9c66ecc3fd49cd4c956f234365bfe5cBen Komalo setupPolicy(1, Policy.PASSWORD_MODE_STRONG, 3, 4, true, 7, 8, 9, false, false); 265aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p3 = 266e76962b1b9c66ecc3fd49cd4c956f234365bfe5cBen Komalo setupPolicy(2, Policy.PASSWORD_MODE_SIMPLE, 5, 6, true, 7, 8, 9, false, false); 267d09cff08882e553afce919865a2cc60b657d4659Ben Komalo Policy p4 = 268e76962b1b9c66ecc3fd49cd4c956f234365bfe5cBen Komalo setupPolicy(1, Policy.PASSWORD_MODE_STRONG, 3, 4, true, 7, 8, 9, false, true); 269345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertTrue(p1.equals(p2)); 270345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertFalse(p2.equals(p3)); 271d09cff08882e553afce919865a2cc60b657d4659Ben Komalo assertFalse(p1.equals(p4)); 272345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 273345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 2742a5eeea9213005060256054ec773e72406415ce4Andrew Stadler /** 2752a5eeea9213005060256054ec773e72406415ce4Andrew Stadler * Test the API to set/clear policy hold flags in an account 2762a5eeea9213005060256054ec773e72406415ce4Andrew Stadler */ 2772a5eeea9213005060256054ec773e72406415ce4Andrew Stadler public void testSetClearHoldFlag() { 2782a5eeea9213005060256054ec773e72406415ce4Andrew Stadler Account a2 = ProviderTestUtils.setupAccount("holdflag-2", false, mMockContext); 27917d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie a2.mFlags = Account.FLAGS_SYNC_DISABLED | Account.FLAGS_SECURITY_HOLD; 2802a5eeea9213005060256054ec773e72406415ce4Andrew Stadler a2.save(mMockContext); 2812a5eeea9213005060256054ec773e72406415ce4Andrew Stadler 2822a5eeea9213005060256054ec773e72406415ce4Andrew Stadler // confirm set until cleared 2832a5eeea9213005060256054ec773e72406415ce4Andrew Stadler Account a2a = Account.restoreAccountWithId(mMockContext, a2.mId); 28417d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie assertEquals(Account.FLAGS_SYNC_DISABLED | Account.FLAGS_SECURITY_HOLD, a2a.mFlags); 28517d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie 28617d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie // set account hold flag off 287aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank SecurityPolicy.setAccountHoldFlag(mMockContext, a2, false); 28817d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie assertEquals(Account.FLAGS_SYNC_DISABLED, a2.mFlags); 28917d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie 29017d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie // confirm account hold flag set 2912a5eeea9213005060256054ec773e72406415ce4Andrew Stadler Account a2b = Account.restoreAccountWithId(mMockContext, a2.mId); 29217d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie assertEquals(Account.FLAGS_SYNC_DISABLED, a2b.mFlags); 2932a5eeea9213005060256054ec773e72406415ce4Andrew Stadler } 2942a5eeea9213005060256054ec773e72406415ce4Andrew Stadler 2952a5eeea9213005060256054ec773e72406415ce4Andrew Stadler /** 296af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler * Test the response to disabling DeviceAdmin status 297af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler */ 298af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler public void testDisableAdmin() { 299aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a1 = ProviderTestUtils.setupAccount("disable-1", true, mMockContext); 300aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p1 = setupPolicy(10, Policy.PASSWORD_MODE_SIMPLE, 0, 0, false, 0, 0, 0, 301e76962b1b9c66ecc3fd49cd4c956f234365bfe5cBen Komalo false, false); 30217d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie SecurityPolicy.setAccountPolicy(mMockContext, a1, p1, "security-sync-key-1"); 303af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler 304aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a2 = ProviderTestUtils.setupAccount("disable-2", true, mMockContext); 305aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p2 = setupPolicy(20, Policy.PASSWORD_MODE_STRONG, 25, 26, false, 0, 0, 0, 306e76962b1b9c66ecc3fd49cd4c956f234365bfe5cBen Komalo false, false); 30717d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie SecurityPolicy.setAccountPolicy(mMockContext, a2, p2, "security-sync-key-2"); 308af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler 309aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a3 = ProviderTestUtils.setupAccount("disable-3", true, mMockContext); 31017d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie SecurityPolicy.clearAccountPolicy(mMockContext, a3); 311af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler 312aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mSecurityPolicy = SecurityPolicy.getInstance(mMockContext); 313af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler 314aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank // Confirm that "enabling" device admin does not change security status (policy & sync key) 315aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy before = mSecurityPolicy.getAggregatePolicy(); 316aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mSecurityPolicy.onAdminEnabled(true); // "enabled" should not change anything 317aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy after1 = mSecurityPolicy.getAggregatePolicy(); 318af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler assertEquals(before, after1); 319af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler Account a1a = Account.restoreAccountWithId(mMockContext, a1.mId); 320af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler assertNotNull(a1a.mSecuritySyncKey); 321aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertTrue(a1a.mPolicyKey > 0); 322af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler Account a2a = Account.restoreAccountWithId(mMockContext, a2.mId); 323af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler assertNotNull(a2a.mSecuritySyncKey); 324aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertTrue(a2a.mPolicyKey > 0); 325af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler Account a3a = Account.restoreAccountWithId(mMockContext, a3.mId); 326af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler assertNull(a3a.mSecuritySyncKey); 327aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertTrue(a3a.mPolicyKey == 0); 328af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler 3294e4aba9ebc43c6a83190f3a883fa05bb7d5100b3Marc Blank mSecurityPolicy.deleteSecuredAccounts(mMockContext); 3304e4aba9ebc43c6a83190f3a883fa05bb7d5100b3Marc Blank Policy after2 = mSecurityPolicy.getAggregatePolicy(); 3314e4aba9ebc43c6a83190f3a883fa05bb7d5100b3Marc Blank assertEquals(EMPTY_POLICY, after2); 3324e4aba9ebc43c6a83190f3a883fa05bb7d5100b3Marc Blank Account a1b = Account.restoreAccountWithId(mMockContext, a1.mId); 3334e4aba9ebc43c6a83190f3a883fa05bb7d5100b3Marc Blank assertNull(a1b); 3344e4aba9ebc43c6a83190f3a883fa05bb7d5100b3Marc Blank Account a2b = Account.restoreAccountWithId(mMockContext, a2.mId); 3354e4aba9ebc43c6a83190f3a883fa05bb7d5100b3Marc Blank assertNull(a2b); 3364e4aba9ebc43c6a83190f3a883fa05bb7d5100b3Marc Blank Account a3b = Account.restoreAccountWithId(mMockContext, a3.mId); 3374e4aba9ebc43c6a83190f3a883fa05bb7d5100b3Marc Blank assertNull(a3b.mSecuritySyncKey); 3381ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler } 3391ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3401ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler /** 3411ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler * Test the scanner that finds expiring accounts 3421ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler */ 3431ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler public void testFindExpiringAccount() { 344aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank ProviderTestUtils.setupAccount("expiring-1", true, mMockContext); 3451ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3461ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // With no expiring accounts, this should return null. 3477fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler long nextExpiringAccountId = SecurityPolicy.findShortestExpiration(mMockContext); 3481ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(-1, nextExpiringAccountId); 3491ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3501ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add a single expiring account 351aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a2 = 352aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank ProviderTestUtils.setupAccount("expiring-2", true, mMockContext); 353aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p2 = setupPolicy(20, Policy.PASSWORD_MODE_STRONG, 25, 26, false, 30, 0, 0, 354e76962b1b9c66ecc3fd49cd4c956f234365bfe5cBen Komalo false, true); 35517d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie SecurityPolicy.setAccountPolicy(mMockContext, a2, p2, null); 3561ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3571ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // The expiring account should be returned 3587fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler nextExpiringAccountId = SecurityPolicy.findShortestExpiration(mMockContext); 3591ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(a2.mId, nextExpiringAccountId); 3601ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3611ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add an account with a longer expiration 362aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a3 = ProviderTestUtils.setupAccount("expiring-3", true, mMockContext); 363aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p3 = setupPolicy(20, Policy.PASSWORD_MODE_STRONG, 25, 26, false, 60, 0, 0, 364e76962b1b9c66ecc3fd49cd4c956f234365bfe5cBen Komalo false, true); 36517d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie SecurityPolicy.setAccountPolicy(mMockContext, a3, p3, null); 3661ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3671ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // The original expiring account (a2) should be returned 3687fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler nextExpiringAccountId = SecurityPolicy.findShortestExpiration(mMockContext); 3691ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(a2.mId, nextExpiringAccountId); 3701ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3711ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add an account with a shorter expiration 372aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a4 = ProviderTestUtils.setupAccount("expiring-4", true, mMockContext); 373aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p4 = setupPolicy(20, Policy.PASSWORD_MODE_STRONG, 25, 26, false, 15, 0, 0, 374e76962b1b9c66ecc3fd49cd4c956f234365bfe5cBen Komalo false, true); 37517d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie SecurityPolicy.setAccountPolicy(mMockContext, a4, p4, null); 3761ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3771ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // The new expiring account (a4) should be returned 3787fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler nextExpiringAccountId = SecurityPolicy.findShortestExpiration(mMockContext); 3791ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(a4.mId, nextExpiringAccountId); 3801ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler } 3811ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3821ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler /** 3831ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler * Test the scanner that wipes expiring accounts 3841ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler */ 3851ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler public void testWipeExpiringAccounts() { 386aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mSecurityPolicy = SecurityPolicy.getInstance(mMockContext); 3871ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3881ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Two accounts - a1 is normal, a2 has security (but no expiration) 3891ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Account a1 = ProviderTestUtils.setupAccount("expired-1", true, mMockContext); 390aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a2 = ProviderTestUtils.setupAccount("expired-2", true, mMockContext); 391aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p2 = setupPolicy(20, Policy.PASSWORD_MODE_STRONG, 25, 26, false, 0, 0, 0, 392e76962b1b9c66ecc3fd49cd4c956f234365bfe5cBen Komalo false, true); 39317d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie SecurityPolicy.setAccountPolicy(mMockContext, a2, p2, null); 3941ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3951ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add a mailbox & messages to each account 3961ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long account1Id = a1.mId; 3971ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long account2Id = a2.mId; 3981ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Mailbox box1 = ProviderTestUtils.setupMailbox("box1", account1Id, true, mMockContext); 3991ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long box1Id = box1.mId; 4001ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message1", account1Id, box1Id, false, true, mMockContext); 4011ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message2", account1Id, box1Id, false, true, mMockContext); 4021ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Mailbox box2 = ProviderTestUtils.setupMailbox("box2", account2Id, true, mMockContext); 4031ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long box2Id = box2.mId; 4041ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message3", account2Id, box2Id, false, true, mMockContext); 4051ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message4", account2Id, box2Id, false, true, mMockContext); 4061ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4071ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Run the expiration code - should do nothing 40817d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie boolean wiped = SecurityPolicy.wipeExpiredAccounts(mMockContext); 4091ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertFalse(wiped); 4101ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // check mailboxes & messages not wiped 4111ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(2, EmailContent.count(mMockContext, Account.CONTENT_URI)); 4121ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(2, EmailContent.count(mMockContext, Mailbox.CONTENT_URI)); 4131ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(4, EmailContent.count(mMockContext, Message.CONTENT_URI)); 4141ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4151ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add 3rd account that really expires 416aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a3 = ProviderTestUtils.setupAccount("expired-3", true, mMockContext); 417aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p3 = setupPolicy(20, Policy.PASSWORD_MODE_STRONG, 25, 26, false, 30, 0, 0, 418e76962b1b9c66ecc3fd49cd4c956f234365bfe5cBen Komalo false, true); 41917d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie SecurityPolicy.setAccountPolicy(mMockContext, a3, p3, null); 4201ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4211ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add mailbox & messages to 3rd account 4221ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long account3Id = a3.mId; 4231ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Mailbox box3 = ProviderTestUtils.setupMailbox("box3", account3Id, true, mMockContext); 4241ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long box3Id = box3.mId; 4251ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message5", account3Id, box3Id, false, true, mMockContext); 4261ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message6", account3Id, box3Id, false, true, mMockContext); 4271ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4281ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // check new counts 4291ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(3, EmailContent.count(mMockContext, Account.CONTENT_URI)); 4301ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(3, EmailContent.count(mMockContext, Mailbox.CONTENT_URI)); 4311ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(6, EmailContent.count(mMockContext, Message.CONTENT_URI)); 4321ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4331ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Run the expiration code - wipe acct #3 43417d3a29c9d8f7a27c463239f190bdcc4e0804527Jerry Xie wiped = SecurityPolicy.wipeExpiredAccounts(mMockContext); 4351ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertTrue(wiped); 4361ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // check new counts - account survives but data is wiped 4371ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(3, EmailContent.count(mMockContext, Account.CONTENT_URI)); 4381ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(2, EmailContent.count(mMockContext, Mailbox.CONTENT_URI)); 4391ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(4, EmailContent.count(mMockContext, Message.CONTENT_URI)); 4401ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4411ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Check security hold states - only #3 should be in hold 4421ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Account account = Account.restoreAccountWithId(mMockContext, account1Id); 4431ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, account.mFlags & Account.FLAGS_SECURITY_HOLD); 4441ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler account = Account.restoreAccountWithId(mMockContext, account2Id); 4451ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, account.mFlags & Account.FLAGS_SECURITY_HOLD); 4461ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler account = Account.restoreAccountWithId(mMockContext, account3Id); 4471ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(Account.FLAGS_SECURITY_HOLD, account.mFlags & Account.FLAGS_SECURITY_HOLD); 4481ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler } 449a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler 450a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler /** 45122759bacd95385d95d3d9321f490763df1aba89dAndy Stadler * Test the code that converts from exchange-style quality to DPM/Lockscreen style quality. 45222759bacd95385d95d3d9321f490763df1aba89dAndy Stadler */ 45322759bacd95385d95d3d9321f490763df1aba89dAndy Stadler public void testGetDPManagerPasswordQuality() { 454aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank // Policy.PASSWORD_MODE_NONE -> DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED 455aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p1 = setupPolicy(0, Policy.PASSWORD_MODE_NONE, 456e76962b1b9c66ecc3fd49cd4c956f234365bfe5cBen Komalo 0, 0, false, 0, 0, 0, false, false); 45722759bacd95385d95d3d9321f490763df1aba89dAndy Stadler assertEquals(DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, 45822759bacd95385d95d3d9321f490763df1aba89dAndy Stadler p1.getDPManagerPasswordQuality()); 45922759bacd95385d95d3d9321f490763df1aba89dAndy Stadler 46022759bacd95385d95d3d9321f490763df1aba89dAndy Stadler // PASSWORD_MODE_SIMPLE -> PASSWORD_QUALITY_NUMERIC 461aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p2 = setupPolicy(4, Policy.PASSWORD_MODE_SIMPLE, 462e76962b1b9c66ecc3fd49cd4c956f234365bfe5cBen Komalo 0, 0, false, 0, 0, 0, false, false); 46322759bacd95385d95d3d9321f490763df1aba89dAndy Stadler assertEquals(DevicePolicyManager.PASSWORD_QUALITY_NUMERIC, 46422759bacd95385d95d3d9321f490763df1aba89dAndy Stadler p2.getDPManagerPasswordQuality()); 46522759bacd95385d95d3d9321f490763df1aba89dAndy Stadler 46622759bacd95385d95d3d9321f490763df1aba89dAndy Stadler // PASSWORD_MODE_STRONG -> PASSWORD_QUALITY_ALPHANUMERIC 467aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p3 = setupPolicy(4, Policy.PASSWORD_MODE_STRONG, 468e76962b1b9c66ecc3fd49cd4c956f234365bfe5cBen Komalo 0, 0, false, 0, 0, 0, false, false); 46922759bacd95385d95d3d9321f490763df1aba89dAndy Stadler assertEquals(DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC, 47022759bacd95385d95d3d9321f490763df1aba89dAndy Stadler p3.getDPManagerPasswordQuality()); 47122759bacd95385d95d3d9321f490763df1aba89dAndy Stadler 47222759bacd95385d95d3d9321f490763df1aba89dAndy Stadler // PASSWORD_MODE_STRONG + complex chars -> PASSWORD_QUALITY_COMPLEX 473aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p4 = setupPolicy(4, Policy.PASSWORD_MODE_STRONG, 474e76962b1b9c66ecc3fd49cd4c956f234365bfe5cBen Komalo 0, 0, false, 0, 0 , 2, false, false); 47522759bacd95385d95d3d9321f490763df1aba89dAndy Stadler assertEquals(DevicePolicyManager.PASSWORD_QUALITY_COMPLEX, 47622759bacd95385d95d3d9321f490763df1aba89dAndy Stadler p4.getDPManagerPasswordQuality()); 47722759bacd95385d95d3d9321f490763df1aba89dAndy Stadler } 478aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank 479aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private boolean policySetEqualsPolicy(PolicySet ps, Policy policy) { 480aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank if ((ps.mPasswordMode >> LegacyPolicySet.PASSWORD_MODE_SHIFT) != policy.mPasswordMode) { 481aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank return false; 482aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank } 483aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank if (ps.mMinPasswordLength != policy.mPasswordMinLength) return false; 484aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank if (ps.mPasswordComplexChars != policy.mPasswordComplexChars) return false; 485aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank if (ps.mPasswordHistory != policy.mPasswordHistory) return false; 486aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank if (ps.mPasswordExpirationDays != policy.mPasswordExpirationDays) return false; 487aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank if (ps.mMaxPasswordFails != policy.mPasswordMaxFails) return false; 488aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank if (ps.mMaxScreenLockTime != policy.mMaxScreenLockTime) return false; 489aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank if (ps.mRequireRemoteWipe != policy.mRequireRemoteWipe) return false; 490aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank if (ps.mRequireEncryption != policy.mRequireEncryption) return false; 491aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank if (ps.mRequireEncryptionExternal != policy.mRequireEncryptionExternal) return false; 492aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank return true; 493aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank } 494aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank 495aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank public void testPolicyFlagsToPolicy() { 496aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank // Policy flags; the three sets included here correspond to policies for three test 497aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank // accounts that, between them, use all of the possible policies 498aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank long flags = 67096612L; 499aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank PolicySet ps = new PolicySet(flags); 500aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy policy = LegacyPolicySet.flagsToPolicy(flags); 501aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertTrue(policySetEqualsPolicy(ps, policy)); 502aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank flags = 52776591691846L; 503aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank ps = new PolicySet(flags); 504aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank policy = LegacyPolicySet.flagsToPolicy(flags); 505aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertTrue(policySetEqualsPolicy(ps, policy)); 506aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank flags = 1689605957029924L; 507aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank ps = new PolicySet(flags); 508aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank policy = LegacyPolicySet.flagsToPolicy(flags); 509aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertTrue(policySetEqualsPolicy(ps, policy)); 510aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank } 511aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank 512aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank /** 513aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank * The old PolicySet class fields and constructor; we use this to test conversion to the 514aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank * new Policy table scheme 515aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank */ 516aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private static class PolicySet { 517aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private final int mMinPasswordLength; 518aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private final int mPasswordMode; 519aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private final int mMaxPasswordFails; 520aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private final int mMaxScreenLockTime; 521aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private final boolean mRequireRemoteWipe; 522aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private final int mPasswordExpirationDays; 523aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private final int mPasswordHistory; 524aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private final int mPasswordComplexChars; 525aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private final boolean mRequireEncryption; 526aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private final boolean mRequireEncryptionExternal; 527aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank 528aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank /** 529aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank * Create from values encoded in an account flags int 530aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank */ 531aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private PolicySet(long flags) { 532aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mMinPasswordLength = (int) ((flags & LegacyPolicySet.PASSWORD_LENGTH_MASK) 533aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank >> LegacyPolicySet.PASSWORD_LENGTH_SHIFT); 534aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mPasswordMode = 535aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank (int) (flags & LegacyPolicySet.PASSWORD_MODE_MASK); 536aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mMaxPasswordFails = (int) ((flags & LegacyPolicySet.PASSWORD_MAX_FAILS_MASK) 537aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank >> LegacyPolicySet.PASSWORD_MAX_FAILS_SHIFT); 538aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mMaxScreenLockTime = (int) ((flags & LegacyPolicySet.SCREEN_LOCK_TIME_MASK) 539aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank >> LegacyPolicySet.SCREEN_LOCK_TIME_SHIFT); 540aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mRequireRemoteWipe = 0 != (flags & LegacyPolicySet.REQUIRE_REMOTE_WIPE); 541aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mPasswordExpirationDays = (int) ((flags & LegacyPolicySet.PASSWORD_EXPIRATION_MASK) 542aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank >> LegacyPolicySet.PASSWORD_EXPIRATION_SHIFT); 543aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mPasswordHistory = (int) ((flags & LegacyPolicySet.PASSWORD_HISTORY_MASK) 544aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank >> LegacyPolicySet.PASSWORD_HISTORY_SHIFT); 545aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mPasswordComplexChars = (int) ((flags & LegacyPolicySet.PASSWORD_COMPLEX_CHARS_MASK) 546aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank >> LegacyPolicySet.PASSWORD_COMPLEX_CHARS_SHIFT); 547aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mRequireEncryption = 0 != (flags & LegacyPolicySet.REQUIRE_ENCRYPTION); 548aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mRequireEncryptionExternal = 0 != (flags & LegacyPolicySet.REQUIRE_ENCRYPTION_EXTERNAL); 549aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank } 550aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank } 551345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler} 552