SecurityPolicyTests.java revision 1ca111c19c83d54ad23bd8615d9c648e09ec3366
1345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler/* 2345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Copyright (C) 2010 The Android Open Source Project 3345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * 4345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Licensed under the Apache License, Version 2.0 (the "License"); 5345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * you may not use this file except in compliance with the License. 6345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * You may obtain a copy of the License at 7345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * 8345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * http://www.apache.org/licenses/LICENSE-2.0 9345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * 10345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Unless required by applicable law or agreed to in writing, software 11345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * distributed under the License is distributed on an "AS IS" BASIS, 12345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * See the License for the specific language governing permissions and 14345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * limitations under the License. 15345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 16345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 17345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerpackage com.android.email; 18345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 19345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerimport com.android.email.SecurityPolicy.PolicySet; 201ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadlerimport com.android.email.provider.ContentCache; 211ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadlerimport com.android.email.provider.EmailContent; 22345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerimport com.android.email.provider.EmailProvider; 23345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerimport com.android.email.provider.ProviderTestUtils; 24345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerimport com.android.email.provider.EmailContent.Account; 25345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerimport com.android.email.provider.EmailContent.AccountColumns; 261ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadlerimport com.android.email.provider.EmailContent.Mailbox; 271ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadlerimport com.android.email.provider.EmailContent.Message; 28345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 29345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerimport android.content.ContentUris; 30345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerimport android.content.ContentValues; 31345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerimport android.content.Context; 32d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadlerimport android.content.ContextWrapper; 33345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerimport android.net.Uri; 34345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerimport android.test.ProviderTestCase2; 35345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerimport android.test.suitebuilder.annotation.MediumTest; 36345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerimport android.test.suitebuilder.annotation.SmallTest; 37345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 38345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler/** 39345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * This is a series of unit tests for backup/restore of the SecurityPolicy class. 402b2b3448ec200f3d649e5f57309908d28ce3bfc7Marc Blank * 419b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank * You can run this entire test case with: 429b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank * runtest -c com.android.email.SecurityPolicyTests email 43345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 449b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank 45345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler@MediumTest 46345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerpublic class SecurityPolicyTests extends ProviderTestCase2<EmailProvider> { 47345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 48345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler private Context mMockContext; 49345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 50d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler private static final PolicySet EMPTY_POLICY_SET = 519b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank new PolicySet(0, PolicySet.PASSWORD_MODE_NONE, 0, 0, false, 0, 0, 0); 52d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler 53345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler public SecurityPolicyTests() { 54345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler super(EmailProvider.class, EmailProvider.EMAIL_AUTHORITY); 55345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 56345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 57345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler @Override 58345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler protected void setUp() throws Exception { 59345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler super.setUp(); 60d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler mMockContext = new MockContext2(getMockContext(), this.mContext); 611ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Invalidate all caches, since we reset the database for each test 621ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ContentCache.invalidateAllCachesForTest(); 63345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 64345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 65345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler /** 66345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Delete any dummy accounts we set up for this test 67345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 68345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler @Override 69345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler protected void tearDown() throws Exception { 70345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler super.tearDown(); 71345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 72345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 73345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler /** 740fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki * Private context wrapper used to add back getPackageName() for these tests. 750fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki * 760fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki * This class also implements {@link Context} method(s) that is called during tests. 77d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler */ 78d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler private static class MockContext2 extends ContextWrapper { 79d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler 80d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler private final Context mRealContext; 81d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler 82d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler public MockContext2(Context mockContext, Context realContext) { 83d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler super(mockContext); 84d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler mRealContext = realContext; 85d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler } 86d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler 87d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler @Override 880fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki public Context getApplicationContext() { 890fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki return this; 900fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki } 910fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki 920fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki @Override 93d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler public String getPackageName() { 94d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler return mRealContext.getPackageName(); 95d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler } 96d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler } 97d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler 98d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler /** 99345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Retrieve the security policy object, and inject the mock context so it works as expected 100345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 101345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler private SecurityPolicy getSecurityPolicy() { 102345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler SecurityPolicy sp = SecurityPolicy.getInstance(mMockContext); 103345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler sp.setContext(mMockContext); 104345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler return sp; 105345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 106345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 1071d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank public void testPolicySetConstructor() { 1081d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank // We know that EMPTY_POLICY_SET doesn't generate an Exception or we wouldn't be here 1091d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank // Try some illegal parameters 1101d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank try { 111c263810b08943541135a24e2b7520692152455ccMarc Blank new PolicySet(100, PolicySet.PASSWORD_MODE_SIMPLE, 0, 0, false, 0, 0, 0); 1121d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank fail("Too-long password allowed"); 1131d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank } catch (IllegalArgumentException e) { 1141d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank } 1151d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank try { 1169b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank new PolicySet(0, PolicySet.PASSWORD_MODE_STRONG + 1, 0, 0, false, 0, 0, 0); 1171d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank fail("Illegal password mode allowed"); 1181d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank } catch (IllegalArgumentException e) { 1191d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank } 12061911d4ff70132fa21c5ee7a987303479e8ef6aeMarc Blank 121c263810b08943541135a24e2b7520692152455ccMarc Blank PolicySet ps = new PolicySet(0, PolicySet.PASSWORD_MODE_SIMPLE, 0, 122b91eea011961889b355a3c5ad837745099c7749aMarc Blank PolicySet.SCREEN_LOCK_TIME_MAX + 1, false, 0, 0, 0); 1236278dcdeafadc55fe1a57eec42a0807874377f62Andy Stadler assertEquals(PolicySet.SCREEN_LOCK_TIME_MAX, ps.getMaxScreenLockTimeForTest()); 12461911d4ff70132fa21c5ee7a987303479e8ef6aeMarc Blank 125c263810b08943541135a24e2b7520692152455ccMarc Blank ps = new PolicySet(0, PolicySet.PASSWORD_MODE_SIMPLE, 126b91eea011961889b355a3c5ad837745099c7749aMarc Blank PolicySet.PASSWORD_MAX_FAILS_MAX + 1, 0, false, 0, 0, 0); 1276278dcdeafadc55fe1a57eec42a0807874377f62Andy Stadler assertEquals(PolicySet.PASSWORD_MAX_FAILS_MAX, ps.getMaxPasswordFailsForTest()); 128c263810b08943541135a24e2b7520692152455ccMarc Blank // All password related fields should be zero when password mode is NONE 129c263810b08943541135a24e2b7520692152455ccMarc Blank // Illegal values for these fields should be ignored 130c263810b08943541135a24e2b7520692152455ccMarc Blank ps = new PolicySet(999/*length*/, PolicySet.PASSWORD_MODE_NONE, 131c263810b08943541135a24e2b7520692152455ccMarc Blank 999/*fails*/, 9999/*screenlock*/, false, 999/*expir*/, 999/*history*/, 132c263810b08943541135a24e2b7520692152455ccMarc Blank 999/*complex*/); 133c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(0, ps.mMinPasswordLength); 134c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(0, ps.mMaxScreenLockTime); 135c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(0, ps.mMaxPasswordFails); 1361ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, ps.mPasswordExpirationDays); 137c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(0, ps.mPasswordHistory); 138c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(0, ps.mPasswordComplexChars); 13961911d4ff70132fa21c5ee7a987303479e8ef6aeMarc Blank 14061911d4ff70132fa21c5ee7a987303479e8ef6aeMarc Blank // With a simple password, we should set complex chars to zero 14161911d4ff70132fa21c5ee7a987303479e8ef6aeMarc Blank ps = new PolicySet(4/*length*/, PolicySet.PASSWORD_MODE_SIMPLE, 14261911d4ff70132fa21c5ee7a987303479e8ef6aeMarc Blank 0, 0, false, 0, 0, 3/*complex*/); 14361911d4ff70132fa21c5ee7a987303479e8ef6aeMarc Blank assertEquals(4, ps.mMinPasswordLength); 14461911d4ff70132fa21c5ee7a987303479e8ef6aeMarc Blank assertEquals(0, ps.mPasswordComplexChars); 1451d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank } 1461d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank 147345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler /** 148345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Test business logic of aggregating accounts with policies 149345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 150345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler public void testAggregator() { 151345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler SecurityPolicy sp = getSecurityPolicy(); 152345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 153d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler // with no accounts, should return empty set 1549b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(EMPTY_POLICY_SET, sp.computeAggregatePolicy()); 155345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 156d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler // with accounts having no security, empty set 157345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler Account a1 = ProviderTestUtils.setupAccount("no-sec-1", false, mMockContext); 158345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler a1.mSecurityFlags = 0; 159345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler a1.save(mMockContext); 160345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler Account a2 = ProviderTestUtils.setupAccount("no-sec-2", false, mMockContext); 161345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler a2.mSecurityFlags = 0; 162345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler a2.save(mMockContext); 1639b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(EMPTY_POLICY_SET, sp.computeAggregatePolicy()); 164345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 165345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // with a single account in security mode, should return same security as in account 1663d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler // first test with partially-populated policies 167345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler Account a3 = ProviderTestUtils.setupAccount("sec-3", false, mMockContext); 1689b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank PolicySet p3ain = new PolicySet(10, PolicySet.PASSWORD_MODE_SIMPLE, 0, 0, false, 0, 0, 0); 1693d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler p3ain.writeAccount(a3, null, true, mMockContext); 1703d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler PolicySet p3aout = sp.computeAggregatePolicy(); 1713d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler assertNotNull(p3aout); 1723d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler assertEquals(p3ain, p3aout); 1733d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler 1743d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler // Repeat that test with fully-populated policies 1751ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler PolicySet p3bin = new PolicySet(10, PolicySet.PASSWORD_MODE_SIMPLE, 15, 16, false, 6, 2, 3); 1763d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler p3bin.writeAccount(a3, null, true, mMockContext); 1773d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler PolicySet p3bout = sp.computeAggregatePolicy(); 1783d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler assertNotNull(p3bout); 1793d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler assertEquals(p3bin, p3bout); 180345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 181345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // add another account which mixes it up (some fields will change, others will not) 182345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // pw length and pw mode - max logic - will change because larger #s here 183345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // fail count and lock timer - min logic - will *not* change because larger #s here 184345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // wipe required - OR logic - will *not* change here because false 1851ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // expiration - will not change because 0 (unspecified) 1861ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // max complex chars - max logic - will change 1879b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank PolicySet p4in = new PolicySet(20, PolicySet.PASSWORD_MODE_STRONG, 25, 26, false, 0, 5, 7); 188345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler Account a4 = ProviderTestUtils.setupAccount("sec-4", false, mMockContext); 1893d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler p4in.writeAccount(a4, null, true, mMockContext); 190345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler PolicySet p4out = sp.computeAggregatePolicy(); 191345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertNotNull(p4out); 192345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(20, p4out.mMinPasswordLength); 193345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(PolicySet.PASSWORD_MODE_STRONG, p4out.mPasswordMode); 194345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(15, p4out.mMaxPasswordFails); 195345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(16, p4out.mMaxScreenLockTime); 1961ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(6, p4out.mPasswordExpirationDays); 1979b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(5, p4out.mPasswordHistory); 1989b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(7, p4out.mPasswordComplexChars); 199345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertFalse(p4out.mRequireRemoteWipe); 200345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 201345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // add another account which mixes it up (the remaining fields will change) 202345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // pw length and pw mode - max logic - will *not* change because smaller #s here 203345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // fail count and lock timer - min logic - will change because smaller #s here 204345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // wipe required - OR logic - will change here because true 2051ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // expiration time - min logic - will change because lower here 2061ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // history & complex chars - will not change because 0 (unspecified) 2071ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler PolicySet p5in = new PolicySet(4, PolicySet.PASSWORD_MODE_SIMPLE, 5, 6, true, 1, 0, 0); 208345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler Account a5 = ProviderTestUtils.setupAccount("sec-5", false, mMockContext); 2093d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler p5in.writeAccount(a5, null, true, mMockContext); 210345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler PolicySet p5out = sp.computeAggregatePolicy(); 211345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertNotNull(p5out); 212345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(20, p5out.mMinPasswordLength); 213345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(PolicySet.PASSWORD_MODE_STRONG, p5out.mPasswordMode); 214345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(5, p5out.mMaxPasswordFails); 215345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(6, p5out.mMaxScreenLockTime); 2161ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(1, p5out.mPasswordExpirationDays); 2179b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(5, p4out.mPasswordHistory); 2189b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(7, p4out.mPasswordComplexChars); 219345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertTrue(p5out.mRequireRemoteWipe); 220345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 221345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 222345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler /** 223345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Make sure aggregator (and any other direct DB accessors) handle the case of upgraded 224345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * accounts properly (where the security flags will be NULL instead of zero). 225345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 226345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler public void testNullFlags() { 227345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler SecurityPolicy sp = getSecurityPolicy(); 228345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 229345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler Account a1 = ProviderTestUtils.setupAccount("null-sec-1", true, mMockContext); 230345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler ContentValues cv = new ContentValues(); 231345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler cv.putNull(AccountColumns.SECURITY_FLAGS); 232345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler Uri uri = ContentUris.withAppendedId(Account.CONTENT_URI, a1.mId); 233345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler mMockContext.getContentResolver().update(uri, cv, null, null); 234345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 235345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler Account a2 = ProviderTestUtils.setupAccount("no-sec-2", false, mMockContext); 236345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler a2.mSecurityFlags = 0; 237345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler a2.save(mMockContext); 2389b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(EMPTY_POLICY_SET, sp.computeAggregatePolicy()); 239345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 240345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 241345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler /** 242345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Make sure the fields are encoded properly for their max ranges. This is looking 243345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * for any encoding mask/shift errors, which would cause bits to overflow into other fields. 244345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 245345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler @SmallTest 246a843d40ba1d3eb77e76b4a28aa911588f0fd81a1Andrew Stadler public void testFieldIsolation() { 247c263810b08943541135a24e2b7520692152455ccMarc Blank PolicySet p = new PolicySet(PolicySet.PASSWORD_LENGTH_MAX, PolicySet.PASSWORD_MODE_SIMPLE, 248c263810b08943541135a24e2b7520692152455ccMarc Blank 0, 0, false, 0, 0 ,0); 249c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(PolicySet.PASSWORD_MODE_SIMPLE, p.mPasswordMode); 250345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(PolicySet.PASSWORD_LENGTH_MAX, p.mMinPasswordLength); 251345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(0, p.mMaxPasswordFails); 252345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(0, p.mMaxScreenLockTime); 2531ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, p.mPasswordExpirationDays); 2549b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordHistory); 2559b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordComplexChars); 256345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertFalse(p.mRequireRemoteWipe); 257345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 2589b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank p = new PolicySet(0, PolicySet.PASSWORD_MODE_STRONG, 0, 0, false, 0, 0, 0); 259345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(PolicySet.PASSWORD_MODE_STRONG, p.mPasswordMode); 260c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(0, p.mMinPasswordLength); 261345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(0, p.mMaxPasswordFails); 262345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(0, p.mMaxScreenLockTime); 2631ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, p.mPasswordExpirationDays); 2649b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordHistory); 2659b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordComplexChars); 266345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertFalse(p.mRequireRemoteWipe); 267345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 268c263810b08943541135a24e2b7520692152455ccMarc Blank p = new PolicySet(0, PolicySet.PASSWORD_MODE_SIMPLE, PolicySet.PASSWORD_MAX_FAILS_MAX, 0, 269c263810b08943541135a24e2b7520692152455ccMarc Blank false, 0, 0, 0); 270c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(PolicySet.PASSWORD_MODE_SIMPLE, p.mPasswordMode); 271345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(0, p.mMinPasswordLength); 272345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(PolicySet.PASSWORD_MAX_FAILS_MAX, p.mMaxPasswordFails); 273345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(0, p.mMaxScreenLockTime); 2741ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, p.mPasswordExpirationDays); 2759b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordHistory); 2769b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordComplexChars); 277345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertFalse(p.mRequireRemoteWipe); 278345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 279c263810b08943541135a24e2b7520692152455ccMarc Blank p = new PolicySet(0, PolicySet.PASSWORD_MODE_SIMPLE, 0, PolicySet.SCREEN_LOCK_TIME_MAX, 280c263810b08943541135a24e2b7520692152455ccMarc Blank false, 0, 0, 0); 281c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(PolicySet.PASSWORD_MODE_SIMPLE, p.mPasswordMode); 282345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(0, p.mMinPasswordLength); 283345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(0, p.mMaxPasswordFails); 284345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(PolicySet.SCREEN_LOCK_TIME_MAX, p.mMaxScreenLockTime); 2851ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, p.mPasswordExpirationDays); 2869b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordHistory); 2879b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordComplexChars); 288345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertFalse(p.mRequireRemoteWipe); 289345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 290c263810b08943541135a24e2b7520692152455ccMarc Blank p = new PolicySet(0, PolicySet.PASSWORD_MODE_NONE, 0, 0, true, 0, 0, 0); 291c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(PolicySet.PASSWORD_MODE_NONE, p.mPasswordMode); 292345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(0, p.mMinPasswordLength); 293345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(0, p.mMaxPasswordFails); 294345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(0, p.mMaxScreenLockTime); 2951ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, p.mPasswordExpirationDays); 2969b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordHistory); 2979b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordComplexChars); 298345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertTrue(p.mRequireRemoteWipe); 2999b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank 300c263810b08943541135a24e2b7520692152455ccMarc Blank p = new PolicySet(0, PolicySet.PASSWORD_MODE_SIMPLE, 0, 0, false, 301c263810b08943541135a24e2b7520692152455ccMarc Blank PolicySet.PASSWORD_EXPIRATION_MAX, 0, 0); 302c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(PolicySet.PASSWORD_MODE_SIMPLE, p.mPasswordMode); 3039b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mMinPasswordLength); 3049b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mMaxPasswordFails); 3059b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mMaxScreenLockTime); 3061ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(PolicySet.PASSWORD_EXPIRATION_MAX, p.mPasswordExpirationDays); 3079b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordHistory); 3089b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordComplexChars); 3099b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertFalse(p.mRequireRemoteWipe); 3109b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank 311c263810b08943541135a24e2b7520692152455ccMarc Blank p = new PolicySet(0, PolicySet.PASSWORD_MODE_SIMPLE, 0, 0, false, 0, 312c263810b08943541135a24e2b7520692152455ccMarc Blank PolicySet.PASSWORD_HISTORY_MAX, 0); 313c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(PolicySet.PASSWORD_MODE_SIMPLE, p.mPasswordMode); 3149b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mMinPasswordLength); 3159b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mMaxPasswordFails); 3169b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mMaxScreenLockTime); 3171ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, p.mPasswordExpirationDays); 3189b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(PolicySet.PASSWORD_HISTORY_MAX, p.mPasswordHistory); 3199b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordComplexChars); 3209b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertFalse(p.mRequireRemoteWipe); 3219b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank 32261911d4ff70132fa21c5ee7a987303479e8ef6aeMarc Blank p = new PolicySet(0, PolicySet.PASSWORD_MODE_STRONG, 0, 0, false, 0, 0, 323c263810b08943541135a24e2b7520692152455ccMarc Blank PolicySet.PASSWORD_COMPLEX_CHARS_MAX); 32461911d4ff70132fa21c5ee7a987303479e8ef6aeMarc Blank assertEquals(PolicySet.PASSWORD_MODE_STRONG, p.mPasswordMode); 3259b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mMinPasswordLength); 3269b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mMaxPasswordFails); 3279b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mMaxScreenLockTime); 3281ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, p.mPasswordExpirationDays); 3299b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordHistory); 3309b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(PolicySet.PASSWORD_COMPLEX_CHARS_MAX, p.mPasswordComplexChars); 3319b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertFalse(p.mRequireRemoteWipe); 332345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 333345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 334345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler /** 335345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Test encoding into an Account and out again 336345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 337345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler @SmallTest 338345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler public void testAccountEncoding() { 3399b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank PolicySet p1 = new PolicySet(1, PolicySet.PASSWORD_MODE_STRONG, 3, 4, true, 7, 8, 9); 340345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler Account a = new Account(); 341345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler final String SYNC_KEY = "test_sync_key"; 3423d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler p1.writeAccount(a, SYNC_KEY, false, null); 343345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler PolicySet p2 = new PolicySet(a); 344345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(p1, p2); 345345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 346345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 347345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler /** 3489b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank * Test equality. Note, the tests for inequality are poor, as each field should 349345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * be tested individually. 350345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 351345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler @SmallTest 3529b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank public void testEquals() { 3539b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank PolicySet p1 = new PolicySet(1, PolicySet.PASSWORD_MODE_STRONG, 3, 4, true, 7, 8, 9); 3549b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank PolicySet p2 = new PolicySet(1, PolicySet.PASSWORD_MODE_STRONG, 3, 4, true, 7, 8, 9); 3559b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank PolicySet p3 = new PolicySet(2, PolicySet.PASSWORD_MODE_SIMPLE, 5, 6, true, 7, 8, 9); 356345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertTrue(p1.equals(p2)); 357345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertFalse(p2.equals(p3)); 358345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 359345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 3602a5eeea9213005060256054ec773e72406415ce4Andrew Stadler /** 3612a5eeea9213005060256054ec773e72406415ce4Andrew Stadler * Test the API to set/clear policy hold flags in an account 3622a5eeea9213005060256054ec773e72406415ce4Andrew Stadler */ 3632a5eeea9213005060256054ec773e72406415ce4Andrew Stadler public void testSetClearHoldFlag() { 3642a5eeea9213005060256054ec773e72406415ce4Andrew Stadler SecurityPolicy sp = getSecurityPolicy(); 3652a5eeea9213005060256054ec773e72406415ce4Andrew Stadler 3662a5eeea9213005060256054ec773e72406415ce4Andrew Stadler Account a1 = ProviderTestUtils.setupAccount("holdflag-1", false, mMockContext); 3672a5eeea9213005060256054ec773e72406415ce4Andrew Stadler a1.mFlags = Account.FLAGS_NOTIFY_NEW_MAIL; 3682a5eeea9213005060256054ec773e72406415ce4Andrew Stadler a1.save(mMockContext); 3692a5eeea9213005060256054ec773e72406415ce4Andrew Stadler Account a2 = ProviderTestUtils.setupAccount("holdflag-2", false, mMockContext); 3709e2ddca59d048fc9ac55278b193ee36b330a7981Jim Shuma a2.mFlags = Account.FLAGS_VIBRATE_ALWAYS | Account.FLAGS_SECURITY_HOLD; 3712a5eeea9213005060256054ec773e72406415ce4Andrew Stadler a2.save(mMockContext); 3722a5eeea9213005060256054ec773e72406415ce4Andrew Stadler 3732a5eeea9213005060256054ec773e72406415ce4Andrew Stadler // confirm clear until set 3742a5eeea9213005060256054ec773e72406415ce4Andrew Stadler Account a1a = Account.restoreAccountWithId(mMockContext, a1.mId); 3752a5eeea9213005060256054ec773e72406415ce4Andrew Stadler assertEquals(Account.FLAGS_NOTIFY_NEW_MAIL, a1a.mFlags); 3761ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler sp.setAccountHoldFlag(mMockContext, a1, true); 3772a5eeea9213005060256054ec773e72406415ce4Andrew Stadler assertEquals(Account.FLAGS_NOTIFY_NEW_MAIL | Account.FLAGS_SECURITY_HOLD, a1.mFlags); 3782a5eeea9213005060256054ec773e72406415ce4Andrew Stadler Account a1b = Account.restoreAccountWithId(mMockContext, a1.mId); 3792a5eeea9213005060256054ec773e72406415ce4Andrew Stadler assertEquals(Account.FLAGS_NOTIFY_NEW_MAIL | Account.FLAGS_SECURITY_HOLD, a1b.mFlags); 3802a5eeea9213005060256054ec773e72406415ce4Andrew Stadler 3812a5eeea9213005060256054ec773e72406415ce4Andrew Stadler // confirm set until cleared 3822a5eeea9213005060256054ec773e72406415ce4Andrew Stadler Account a2a = Account.restoreAccountWithId(mMockContext, a2.mId); 3839e2ddca59d048fc9ac55278b193ee36b330a7981Jim Shuma assertEquals(Account.FLAGS_VIBRATE_ALWAYS | Account.FLAGS_SECURITY_HOLD, a2a.mFlags); 3841ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler sp.setAccountHoldFlag(mMockContext, a2, false); 3859e2ddca59d048fc9ac55278b193ee36b330a7981Jim Shuma assertEquals(Account.FLAGS_VIBRATE_ALWAYS, a2.mFlags); 3862a5eeea9213005060256054ec773e72406415ce4Andrew Stadler Account a2b = Account.restoreAccountWithId(mMockContext, a2.mId); 3879e2ddca59d048fc9ac55278b193ee36b330a7981Jim Shuma assertEquals(Account.FLAGS_VIBRATE_ALWAYS, a2b.mFlags); 3882a5eeea9213005060256054ec773e72406415ce4Andrew Stadler } 3892a5eeea9213005060256054ec773e72406415ce4Andrew Stadler 3901ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// private static class MockController extends Controller { 3911ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// protected MockController(Context context) { 3921ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// super(context); 3931ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// } 3941ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// } 39502d59d21949a77c60859b615312f02e6d8003490Marc Blank 3962a5eeea9213005060256054ec773e72406415ce4Andrew Stadler /** 397af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler * Test the response to disabling DeviceAdmin status 3981ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler * 3991ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler * TODO: Reenable the 2nd portion of this test - it fails because it gets into the Controller 4001ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler * and spins up an account backup on another thread. 401af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler */ 402af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler public void testDisableAdmin() { 403af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler Account a1 = ProviderTestUtils.setupAccount("disable-1", false, mMockContext); 4049b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank PolicySet p1 = new PolicySet(10, PolicySet.PASSWORD_MODE_SIMPLE, 0, 0, false, 0, 0, 0); 405af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler p1.writeAccount(a1, "sync-key-1", true, mMockContext); 406af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler 407af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler Account a2 = ProviderTestUtils.setupAccount("disable-2", false, mMockContext); 4089b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank PolicySet p2 = new PolicySet(20, PolicySet.PASSWORD_MODE_STRONG, 25, 26, false, 0, 0, 0); 409af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler p2.writeAccount(a2, "sync-key-2", true, mMockContext); 410af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler 411af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler Account a3 = ProviderTestUtils.setupAccount("disable-3", false, mMockContext); 412af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler a3.mSecurityFlags = 0; 413af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler a3.mSecuritySyncKey = null; 414af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler a3.save(mMockContext); 415af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler 416af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler SecurityPolicy sp = getSecurityPolicy(); 417af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler 418af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler // Confirm that "enabling" device admin does not change security status (flags & sync key) 419af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler PolicySet before = sp.getAggregatePolicy(); 420af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler sp.onAdminEnabled(true); // "enabled" should not change anything 421af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler PolicySet after1 = sp.getAggregatePolicy(); 422af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler assertEquals(before, after1); 423af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler Account a1a = Account.restoreAccountWithId(mMockContext, a1.mId); 424af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler assertNotNull(a1a.mSecuritySyncKey); 425af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler Account a2a = Account.restoreAccountWithId(mMockContext, a2.mId); 426af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler assertNotNull(a2a.mSecuritySyncKey); 427af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler Account a3a = Account.restoreAccountWithId(mMockContext, a3.mId); 428af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler assertNull(a3a.mSecuritySyncKey); 429af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler 43002d59d21949a77c60859b615312f02e6d8003490Marc Blank // Simulate revoke of device admin; directly call deleteSecuredAccounts, which is normally 43102d59d21949a77c60859b615312f02e6d8003490Marc Blank // called from a background thread 4321ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// MockController mockController = new MockController(mMockContext); 4331ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// Controller.injectMockControllerForTest(mockController); 4341ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// try { 4351ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// sp.deleteSecuredAccounts(mMockContext); 4361ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// PolicySet after2 = sp.getAggregatePolicy(); 4371ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// assertEquals(SecurityPolicy.NO_POLICY_SET, after2); 4381ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// Account a1b = Account.restoreAccountWithId(mMockContext, a1.mId); 4391ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// assertNull(a1b); 4401ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// Account a2b = Account.restoreAccountWithId(mMockContext, a2.mId); 4411ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// assertNull(a2b); 4421ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// Account a3b = Account.restoreAccountWithId(mMockContext, a3.mId); 4431ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// assertNull(a3b.mSecuritySyncKey); 4441ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// } finally { 4451ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// Controller.injectMockControllerForTest(null); 4461ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// } 4471ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler } 4481ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4491ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler /** 4501ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler * Test the scanner that finds expiring accounts 4511ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler */ 4521ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler public void testFindExpiringAccount() { 4531ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler SecurityPolicy sp = getSecurityPolicy(); 4541ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4551ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Account a1 = ProviderTestUtils.setupAccount("expiring-1", true, mMockContext); 4561ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4571ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // With no expiring accounts, this should return null. 4581ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long nextExpiringAccountId = sp.findShortestExpiration(mMockContext); 4591ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(-1, nextExpiringAccountId); 4601ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4611ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add a single expiring account 4621ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Account a2 = ProviderTestUtils.setupAccount("expiring-2", false, mMockContext); 4631ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler PolicySet p2 = new PolicySet(20, PolicySet.PASSWORD_MODE_STRONG, 25, 26, false, 30, 0, 0); 4641ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler p2.writeAccount(a2, "sync-key-2", true, mMockContext); 4651ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4661ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // The expiring account should be returned 4671ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler nextExpiringAccountId = sp.findShortestExpiration(mMockContext); 4681ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(a2.mId, nextExpiringAccountId); 4691ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4701ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add an account with a longer expiration 4711ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Account a3 = ProviderTestUtils.setupAccount("expiring-3", false, mMockContext); 4721ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler PolicySet p3 = new PolicySet(20, PolicySet.PASSWORD_MODE_STRONG, 25, 26, false, 60, 0, 0); 4731ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler p3.writeAccount(a3, "sync-key-3", true, mMockContext); 4741ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4751ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // The original expiring account (a2) should be returned 4761ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler nextExpiringAccountId = sp.findShortestExpiration(mMockContext); 4771ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(a2.mId, nextExpiringAccountId); 4781ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4791ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add an account with a shorter expiration 4801ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Account a4 = ProviderTestUtils.setupAccount("expiring-4", false, mMockContext); 4811ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler PolicySet p4 = new PolicySet(20, PolicySet.PASSWORD_MODE_STRONG, 25, 26, false, 15, 0, 0); 4821ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler p4.writeAccount(a4, "sync-key-4", true, mMockContext); 4831ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4841ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // The new expiring account (a4) should be returned 4851ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler nextExpiringAccountId = sp.findShortestExpiration(mMockContext); 4861ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(a4.mId, nextExpiringAccountId); 4871ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler } 4881ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4891ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler /** 4901ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler * Lightweight subclass of the Controller class allows injection of mock context 4911ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler */ 4921ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler public static class TestController extends Controller { 4931ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4941ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler protected TestController(Context providerContext, Context systemContext) { 4951ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler super(systemContext); 4961ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler setProviderContext(providerContext); 49702d59d21949a77c60859b615312f02e6d8003490Marc Blank } 498af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler } 4991ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5001ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler /** 5011ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler * Test the scanner that wipes expiring accounts 5021ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler */ 5031ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler public void testWipeExpiringAccounts() { 5041ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler SecurityPolicy sp = getSecurityPolicy(); 5051ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler TestController testController = new TestController(mMockContext, getContext()); 5061ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5071ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Two accounts - a1 is normal, a2 has security (but no expiration) 5081ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Account a1 = ProviderTestUtils.setupAccount("expired-1", true, mMockContext); 5091ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Account a2 = ProviderTestUtils.setupAccount("expired-2", false, mMockContext); 5101ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler PolicySet p2 = new PolicySet(20, PolicySet.PASSWORD_MODE_STRONG, 25, 26, false, 0, 0, 0); 5111ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler p2.writeAccount(a2, "sync-key-2", true, mMockContext); 5121ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5131ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add a mailbox & messages to each account 5141ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long account1Id = a1.mId; 5151ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long account2Id = a2.mId; 5161ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Mailbox box1 = ProviderTestUtils.setupMailbox("box1", account1Id, true, mMockContext); 5171ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long box1Id = box1.mId; 5181ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message1", account1Id, box1Id, false, true, mMockContext); 5191ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message2", account1Id, box1Id, false, true, mMockContext); 5201ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Mailbox box2 = ProviderTestUtils.setupMailbox("box2", account2Id, true, mMockContext); 5211ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long box2Id = box2.mId; 5221ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message3", account2Id, box2Id, false, true, mMockContext); 5231ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message4", account2Id, box2Id, false, true, mMockContext); 5241ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5251ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Run the expiration code - should do nothing 5261ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler boolean wiped = sp.wipeExpiredAccounts(mMockContext, testController); 5271ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertFalse(wiped); 5281ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // check mailboxes & messages not wiped 5291ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(2, EmailContent.count(mMockContext, Account.CONTENT_URI)); 5301ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(2, EmailContent.count(mMockContext, Mailbox.CONTENT_URI)); 5311ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(4, EmailContent.count(mMockContext, Message.CONTENT_URI)); 5321ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5331ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add 3rd account that really expires 5341ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Account a3 = ProviderTestUtils.setupAccount("expired-3", false, mMockContext); 5351ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler PolicySet p3 = new PolicySet(20, PolicySet.PASSWORD_MODE_STRONG, 25, 26, false, 30, 0, 0); 5361ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler p3.writeAccount(a3, "sync-key-3", true, mMockContext); 5371ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5381ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add mailbox & messages to 3rd account 5391ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long account3Id = a3.mId; 5401ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Mailbox box3 = ProviderTestUtils.setupMailbox("box3", account3Id, true, mMockContext); 5411ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long box3Id = box3.mId; 5421ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message5", account3Id, box3Id, false, true, mMockContext); 5431ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message6", account3Id, box3Id, false, true, mMockContext); 5441ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5451ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // check new counts 5461ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(3, EmailContent.count(mMockContext, Account.CONTENT_URI)); 5471ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(3, EmailContent.count(mMockContext, Mailbox.CONTENT_URI)); 5481ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(6, EmailContent.count(mMockContext, Message.CONTENT_URI)); 5491ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5501ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Run the expiration code - wipe acct #3 5511ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler wiped = sp.wipeExpiredAccounts(mMockContext, testController); 5521ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertTrue(wiped); 5531ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // check new counts - account survives but data is wiped 5541ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(3, EmailContent.count(mMockContext, Account.CONTENT_URI)); 5551ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(2, EmailContent.count(mMockContext, Mailbox.CONTENT_URI)); 5561ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(4, EmailContent.count(mMockContext, Message.CONTENT_URI)); 5571ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5581ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Check security hold states - only #3 should be in hold 5591ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Account account = Account.restoreAccountWithId(mMockContext, account1Id); 5601ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, account.mFlags & Account.FLAGS_SECURITY_HOLD); 5611ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler account = Account.restoreAccountWithId(mMockContext, account2Id); 5621ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, account.mFlags & Account.FLAGS_SECURITY_HOLD); 5631ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler account = Account.restoreAccountWithId(mMockContext, account3Id); 5641ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(Account.FLAGS_SECURITY_HOLD, account.mFlags & Account.FLAGS_SECURITY_HOLD); 5651ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler } 566345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler} 567