SecurityPolicyTests.java revision 31d9acbf0623872f9d4a2b3210b5970854b654c7
1345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler/* 2345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Copyright (C) 2010 The Android Open Source Project 3345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * 4345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Licensed under the Apache License, Version 2.0 (the "License"); 5345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * you may not use this file except in compliance with the License. 6345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * You may obtain a copy of the License at 7345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * 8345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * http://www.apache.org/licenses/LICENSE-2.0 9345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * 10345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Unless required by applicable law or agreed to in writing, software 11345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * distributed under the License is distributed on an "AS IS" BASIS, 12345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * See the License for the specific language governing permissions and 14345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * limitations under the License. 15345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 16345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 17345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerpackage com.android.email; 18345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 191ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadlerimport com.android.email.provider.ContentCache; 209ba506c4dd498150555f6c59aa758f7467bf9236Marc Blankimport com.android.email.provider.EmailProvider; 219ba506c4dd498150555f6c59aa758f7467bf9236Marc Blankimport com.android.email.provider.ProviderTestUtils; 22a7bc0319a75184ad706bb35c049af107ac3688e6Marc Blankimport com.android.emailcommon.provider.EmailContent; 23a7bc0319a75184ad706bb35c049af107ac3688e6Marc Blankimport com.android.emailcommon.provider.EmailContent.Account; 24a7bc0319a75184ad706bb35c049af107ac3688e6Marc Blankimport com.android.emailcommon.provider.EmailContent.AccountColumns; 25a7bc0319a75184ad706bb35c049af107ac3688e6Marc Blankimport com.android.emailcommon.provider.EmailContent.Mailbox; 26a7bc0319a75184ad706bb35c049af107ac3688e6Marc Blankimport com.android.emailcommon.provider.EmailContent.Message; 279ba506c4dd498150555f6c59aa758f7467bf9236Marc Blankimport com.android.emailcommon.service.PolicySet; 28345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 29a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadlerimport android.app.admin.DevicePolicyManager; 30345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerimport android.content.ContentUris; 31345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerimport android.content.ContentValues; 32345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerimport android.content.Context; 33d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadlerimport android.content.ContextWrapper; 34345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerimport android.net.Uri; 35345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerimport android.test.ProviderTestCase2; 36345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerimport android.test.suitebuilder.annotation.MediumTest; 37345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerimport android.test.suitebuilder.annotation.SmallTest; 38345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 39345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler/** 40345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * This is a series of unit tests for backup/restore of the SecurityPolicy class. 412b2b3448ec200f3d649e5f57309908d28ce3bfc7Marc Blank * 429b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank * You can run this entire test case with: 439b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank * runtest -c com.android.email.SecurityPolicyTests email 44345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 459b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank 46345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler@MediumTest 47345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerpublic class SecurityPolicyTests extends ProviderTestCase2<EmailProvider> { 48345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 49345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler private Context mMockContext; 50345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 51d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler private static final PolicySet EMPTY_POLICY_SET = 52469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler new PolicySet(0, PolicySet.PASSWORD_MODE_NONE, 0, 0, false, 0, 0, 0, false); 53d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler 54345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler public SecurityPolicyTests() { 5531d9acbf0623872f9d4a2b3210b5970854b654c7Marc Blank super(EmailProvider.class, EmailContent.AUTHORITY); 56345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 57345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 58345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler @Override 59345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler protected void setUp() throws Exception { 60345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler super.setUp(); 61d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler mMockContext = new MockContext2(getMockContext(), this.mContext); 621ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Invalidate all caches, since we reset the database for each test 631ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ContentCache.invalidateAllCachesForTest(); 64345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 65345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 66345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler /** 67345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Delete any dummy accounts we set up for this test 68345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 69345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler @Override 70345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler protected void tearDown() throws Exception { 71345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler super.tearDown(); 72345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 73345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 74345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler /** 750fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki * Private context wrapper used to add back getPackageName() for these tests. 760fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki * 77a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler * This class also implements {@link Context} method(s) that are called during tests. 78d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler */ 79d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler private static class MockContext2 extends ContextWrapper { 80d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler 81d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler private final Context mRealContext; 82d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler 83d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler public MockContext2(Context mockContext, Context realContext) { 84d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler super(mockContext); 85d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler mRealContext = realContext; 86d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler } 87d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler 88d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler @Override 890fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki public Context getApplicationContext() { 900fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki return this; 910fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki } 920fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki 930fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki @Override 94d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler public String getPackageName() { 95d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler return mRealContext.getPackageName(); 96d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler } 97a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler 98a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler @Override 99a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler public Object getSystemService(String name) { 100a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler return mRealContext.getSystemService(name); 101a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler } 102d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler } 103d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler 104d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler /** 105345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Retrieve the security policy object, and inject the mock context so it works as expected 106345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 107345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler private SecurityPolicy getSecurityPolicy() { 108345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler SecurityPolicy sp = SecurityPolicy.getInstance(mMockContext); 109345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler sp.setContext(mMockContext); 110345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler return sp; 111345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 112345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 1131d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank public void testPolicySetConstructor() { 1141d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank // We know that EMPTY_POLICY_SET doesn't generate an Exception or we wouldn't be here 1151d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank // Try some illegal parameters 1161d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank try { 117469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler new PolicySet(100, PolicySet.PASSWORD_MODE_SIMPLE, 0, 0, false, 0, 0, 0, false); 1181d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank fail("Too-long password allowed"); 1191d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank } catch (IllegalArgumentException e) { 1201d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank } 1211d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank try { 122469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler new PolicySet(0, PolicySet.PASSWORD_MODE_STRONG + 1, 0, 0, false, 0, 0, 0, false); 1231d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank fail("Illegal password mode allowed"); 1241d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank } catch (IllegalArgumentException e) { 1251d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank } 12661911d4ff70132fa21c5ee7a987303479e8ef6aeMarc Blank 127c263810b08943541135a24e2b7520692152455ccMarc Blank PolicySet ps = new PolicySet(0, PolicySet.PASSWORD_MODE_SIMPLE, 0, 128469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler PolicySet.SCREEN_LOCK_TIME_MAX + 1, false, 0, 0, 0, false); 1296278dcdeafadc55fe1a57eec42a0807874377f62Andy Stadler assertEquals(PolicySet.SCREEN_LOCK_TIME_MAX, ps.getMaxScreenLockTimeForTest()); 13061911d4ff70132fa21c5ee7a987303479e8ef6aeMarc Blank 131c263810b08943541135a24e2b7520692152455ccMarc Blank ps = new PolicySet(0, PolicySet.PASSWORD_MODE_SIMPLE, 132469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler PolicySet.PASSWORD_MAX_FAILS_MAX + 1, 0, false, 0, 0, 0, false); 1336278dcdeafadc55fe1a57eec42a0807874377f62Andy Stadler assertEquals(PolicySet.PASSWORD_MAX_FAILS_MAX, ps.getMaxPasswordFailsForTest()); 134c263810b08943541135a24e2b7520692152455ccMarc Blank // All password related fields should be zero when password mode is NONE 135c263810b08943541135a24e2b7520692152455ccMarc Blank // Illegal values for these fields should be ignored 136c263810b08943541135a24e2b7520692152455ccMarc Blank ps = new PolicySet(999/*length*/, PolicySet.PASSWORD_MODE_NONE, 137c263810b08943541135a24e2b7520692152455ccMarc Blank 999/*fails*/, 9999/*screenlock*/, false, 999/*expir*/, 999/*history*/, 138469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler 999/*complex*/, false); 139c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(0, ps.mMinPasswordLength); 140c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(0, ps.mMaxScreenLockTime); 141c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(0, ps.mMaxPasswordFails); 1421ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, ps.mPasswordExpirationDays); 143c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(0, ps.mPasswordHistory); 144c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(0, ps.mPasswordComplexChars); 14561911d4ff70132fa21c5ee7a987303479e8ef6aeMarc Blank 14661911d4ff70132fa21c5ee7a987303479e8ef6aeMarc Blank // With a simple password, we should set complex chars to zero 14761911d4ff70132fa21c5ee7a987303479e8ef6aeMarc Blank ps = new PolicySet(4/*length*/, PolicySet.PASSWORD_MODE_SIMPLE, 148469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler 0, 0, false, 0, 0, 3/*complex*/, false); 14961911d4ff70132fa21c5ee7a987303479e8ef6aeMarc Blank assertEquals(4, ps.mMinPasswordLength); 15061911d4ff70132fa21c5ee7a987303479e8ef6aeMarc Blank assertEquals(0, ps.mPasswordComplexChars); 1511d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank } 1521d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank 153345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler /** 154345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Test business logic of aggregating accounts with policies 155345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 156345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler public void testAggregator() { 157345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler SecurityPolicy sp = getSecurityPolicy(); 158345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 159d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler // with no accounts, should return empty set 1609b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(EMPTY_POLICY_SET, sp.computeAggregatePolicy()); 161345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 162d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler // with accounts having no security, empty set 163345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler Account a1 = ProviderTestUtils.setupAccount("no-sec-1", false, mMockContext); 164345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler a1.mSecurityFlags = 0; 165345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler a1.save(mMockContext); 166345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler Account a2 = ProviderTestUtils.setupAccount("no-sec-2", false, mMockContext); 167345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler a2.mSecurityFlags = 0; 168345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler a2.save(mMockContext); 1699b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(EMPTY_POLICY_SET, sp.computeAggregatePolicy()); 170345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 171345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // with a single account in security mode, should return same security as in account 1723d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler // first test with partially-populated policies 173345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler Account a3 = ProviderTestUtils.setupAccount("sec-3", false, mMockContext); 174469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler PolicySet p3ain = new PolicySet(10, PolicySet.PASSWORD_MODE_SIMPLE, 0, 0, false, 0, 0, 0, 175469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler false); 1763d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler p3ain.writeAccount(a3, null, true, mMockContext); 1773d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler PolicySet p3aout = sp.computeAggregatePolicy(); 1783d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler assertNotNull(p3aout); 1793d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler assertEquals(p3ain, p3aout); 1803d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler 1813d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler // Repeat that test with fully-populated policies 182469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler PolicySet p3bin = new PolicySet(10, PolicySet.PASSWORD_MODE_SIMPLE, 15, 16, false, 6, 2, 3, 183469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler false); 1843d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler p3bin.writeAccount(a3, null, true, mMockContext); 1853d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler PolicySet p3bout = sp.computeAggregatePolicy(); 1863d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler assertNotNull(p3bout); 1873d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler assertEquals(p3bin, p3bout); 188345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 189345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // add another account which mixes it up (some fields will change, others will not) 190345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // pw length and pw mode - max logic - will change because larger #s here 191345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // fail count and lock timer - min logic - will *not* change because larger #s here 192345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // wipe required - OR logic - will *not* change here because false 1931ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // expiration - will not change because 0 (unspecified) 1941ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // max complex chars - max logic - will change 195469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler // encryption required - OR logic - will *not* change here because false 196469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler PolicySet p4in = new PolicySet(20, PolicySet.PASSWORD_MODE_STRONG, 25, 26, false, 0, 5, 7, 197469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler false); 198345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler Account a4 = ProviderTestUtils.setupAccount("sec-4", false, mMockContext); 1993d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler p4in.writeAccount(a4, null, true, mMockContext); 200345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler PolicySet p4out = sp.computeAggregatePolicy(); 201345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertNotNull(p4out); 202345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(20, p4out.mMinPasswordLength); 203345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(PolicySet.PASSWORD_MODE_STRONG, p4out.mPasswordMode); 204345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(15, p4out.mMaxPasswordFails); 205345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(16, p4out.mMaxScreenLockTime); 2061ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(6, p4out.mPasswordExpirationDays); 2079b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(5, p4out.mPasswordHistory); 2089b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(7, p4out.mPasswordComplexChars); 209345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertFalse(p4out.mRequireRemoteWipe); 210469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertFalse(p4out.mRequireEncryption); 211345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 212345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // add another account which mixes it up (the remaining fields will change) 213345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // pw length and pw mode - max logic - will *not* change because smaller #s here 214345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // fail count and lock timer - min logic - will change because smaller #s here 215345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // wipe required - OR logic - will change here because true 2161ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // expiration time - min logic - will change because lower here 2171ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // history & complex chars - will not change because 0 (unspecified) 218469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler // encryption required - OR logic - will change here because true 219469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler PolicySet p5in = new PolicySet(4, PolicySet.PASSWORD_MODE_SIMPLE, 5, 6, true, 1, 0, 0, 220469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler true); 221345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler Account a5 = ProviderTestUtils.setupAccount("sec-5", false, mMockContext); 2223d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler p5in.writeAccount(a5, null, true, mMockContext); 223345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler PolicySet p5out = sp.computeAggregatePolicy(); 224345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertNotNull(p5out); 225345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(20, p5out.mMinPasswordLength); 226345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(PolicySet.PASSWORD_MODE_STRONG, p5out.mPasswordMode); 227345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(5, p5out.mMaxPasswordFails); 228345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(6, p5out.mMaxScreenLockTime); 2291ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(1, p5out.mPasswordExpirationDays); 230469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertEquals(5, p5out.mPasswordHistory); 231469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertEquals(7, p5out.mPasswordComplexChars); 232345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertTrue(p5out.mRequireRemoteWipe); 233469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertTrue(p5out.mRequireEncryption); 234345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 235345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 236345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler /** 237345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Make sure aggregator (and any other direct DB accessors) handle the case of upgraded 238345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * accounts properly (where the security flags will be NULL instead of zero). 239345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 240345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler public void testNullFlags() { 241345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler SecurityPolicy sp = getSecurityPolicy(); 242345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 243345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler Account a1 = ProviderTestUtils.setupAccount("null-sec-1", true, mMockContext); 244345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler ContentValues cv = new ContentValues(); 245345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler cv.putNull(AccountColumns.SECURITY_FLAGS); 246345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler Uri uri = ContentUris.withAppendedId(Account.CONTENT_URI, a1.mId); 247345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler mMockContext.getContentResolver().update(uri, cv, null, null); 248345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 249345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler Account a2 = ProviderTestUtils.setupAccount("no-sec-2", false, mMockContext); 250345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler a2.mSecurityFlags = 0; 251345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler a2.save(mMockContext); 2529b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(EMPTY_POLICY_SET, sp.computeAggregatePolicy()); 253345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 254345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 255345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler /** 256345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Make sure the fields are encoded properly for their max ranges. This is looking 257345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * for any encoding mask/shift errors, which would cause bits to overflow into other fields. 258345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 259345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler @SmallTest 260a843d40ba1d3eb77e76b4a28aa911588f0fd81a1Andrew Stadler public void testFieldIsolation() { 261469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler // Check PASSWORD_LENGTH 262c263810b08943541135a24e2b7520692152455ccMarc Blank PolicySet p = new PolicySet(PolicySet.PASSWORD_LENGTH_MAX, PolicySet.PASSWORD_MODE_SIMPLE, 263469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler 0, 0, false, 0, 0 ,0, false); 264c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(PolicySet.PASSWORD_MODE_SIMPLE, p.mPasswordMode); 265345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(PolicySet.PASSWORD_LENGTH_MAX, p.mMinPasswordLength); 266345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(0, p.mMaxPasswordFails); 267345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(0, p.mMaxScreenLockTime); 2681ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, p.mPasswordExpirationDays); 2699b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordHistory); 2709b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordComplexChars); 271345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertFalse(p.mRequireRemoteWipe); 272469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertFalse(p.mRequireEncryption); 273345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 274469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler // Check PASSWORD_MODE 275469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler p = new PolicySet(0, PolicySet.PASSWORD_MODE_STRONG, 0, 0, false, 0, 0, 0, false); 276345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(PolicySet.PASSWORD_MODE_STRONG, p.mPasswordMode); 277c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(0, p.mMinPasswordLength); 278345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(0, p.mMaxPasswordFails); 279345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(0, p.mMaxScreenLockTime); 2801ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, p.mPasswordExpirationDays); 2819b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordHistory); 2829b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordComplexChars); 283345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertFalse(p.mRequireRemoteWipe); 284469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertFalse(p.mRequireEncryption); 285345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 286469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler // Check PASSWORD_FAILS (note, mode must be set for this to be non-zero) 287c263810b08943541135a24e2b7520692152455ccMarc Blank p = new PolicySet(0, PolicySet.PASSWORD_MODE_SIMPLE, PolicySet.PASSWORD_MAX_FAILS_MAX, 0, 288469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler false, 0, 0, 0, false); 289c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(PolicySet.PASSWORD_MODE_SIMPLE, p.mPasswordMode); 290345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(0, p.mMinPasswordLength); 291345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(PolicySet.PASSWORD_MAX_FAILS_MAX, p.mMaxPasswordFails); 292345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(0, p.mMaxScreenLockTime); 2931ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, p.mPasswordExpirationDays); 2949b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordHistory); 2959b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordComplexChars); 296345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertFalse(p.mRequireRemoteWipe); 297469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertFalse(p.mRequireEncryption); 298345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 299469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler // Check SCREEN_LOCK_TIME (note, mode must be set for this to be non-zero) 300c263810b08943541135a24e2b7520692152455ccMarc Blank p = new PolicySet(0, PolicySet.PASSWORD_MODE_SIMPLE, 0, PolicySet.SCREEN_LOCK_TIME_MAX, 301469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler false, 0, 0, 0, false); 302c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(PolicySet.PASSWORD_MODE_SIMPLE, p.mPasswordMode); 303345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(0, p.mMinPasswordLength); 304345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(0, p.mMaxPasswordFails); 305345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(PolicySet.SCREEN_LOCK_TIME_MAX, p.mMaxScreenLockTime); 3061ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, p.mPasswordExpirationDays); 3079b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordHistory); 3089b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordComplexChars); 309345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertFalse(p.mRequireRemoteWipe); 310469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertFalse(p.mRequireEncryption); 311345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 312469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler // Check REQUIRE_REMOTE_WIPE 313469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler p = new PolicySet(0, PolicySet.PASSWORD_MODE_NONE, 0, 0, true, 0, 0, 0, false); 314c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(PolicySet.PASSWORD_MODE_NONE, p.mPasswordMode); 315345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(0, p.mMinPasswordLength); 316345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(0, p.mMaxPasswordFails); 317345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(0, p.mMaxScreenLockTime); 3181ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, p.mPasswordExpirationDays); 3199b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordHistory); 3209b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordComplexChars); 321345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertTrue(p.mRequireRemoteWipe); 322469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertFalse(p.mRequireEncryption); 3239b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank 324469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler // Check PASSWORD_EXPIRATION (note, mode must be set for this to be non-zero) 325c263810b08943541135a24e2b7520692152455ccMarc Blank p = new PolicySet(0, PolicySet.PASSWORD_MODE_SIMPLE, 0, 0, false, 326469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler PolicySet.PASSWORD_EXPIRATION_MAX, 0, 0, false); 327c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(PolicySet.PASSWORD_MODE_SIMPLE, p.mPasswordMode); 3289b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mMinPasswordLength); 3299b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mMaxPasswordFails); 3309b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mMaxScreenLockTime); 3311ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(PolicySet.PASSWORD_EXPIRATION_MAX, p.mPasswordExpirationDays); 3329b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordHistory); 3339b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordComplexChars); 3349b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertFalse(p.mRequireRemoteWipe); 335469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertFalse(p.mRequireEncryption); 3369b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank 337469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler // Check PASSWORD_HISTORY (note, mode must be set for this to be non-zero) 338c263810b08943541135a24e2b7520692152455ccMarc Blank p = new PolicySet(0, PolicySet.PASSWORD_MODE_SIMPLE, 0, 0, false, 0, 339469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler PolicySet.PASSWORD_HISTORY_MAX, 0, false); 340c263810b08943541135a24e2b7520692152455ccMarc Blank assertEquals(PolicySet.PASSWORD_MODE_SIMPLE, p.mPasswordMode); 3419b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mMinPasswordLength); 3429b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mMaxPasswordFails); 3439b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mMaxScreenLockTime); 3441ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, p.mPasswordExpirationDays); 3459b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(PolicySet.PASSWORD_HISTORY_MAX, p.mPasswordHistory); 3469b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordComplexChars); 3479b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertFalse(p.mRequireRemoteWipe); 348469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertFalse(p.mRequireEncryption); 3499b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank 350469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler // Check PASSWORD_COMPLEX_CHARS (note, mode must be set for this to be non-zero) 35161911d4ff70132fa21c5ee7a987303479e8ef6aeMarc Blank p = new PolicySet(0, PolicySet.PASSWORD_MODE_STRONG, 0, 0, false, 0, 0, 352469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler PolicySet.PASSWORD_COMPLEX_CHARS_MAX, false); 35361911d4ff70132fa21c5ee7a987303479e8ef6aeMarc Blank assertEquals(PolicySet.PASSWORD_MODE_STRONG, p.mPasswordMode); 3549b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mMinPasswordLength); 3559b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mMaxPasswordFails); 3569b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mMaxScreenLockTime); 3571ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, p.mPasswordExpirationDays); 3589b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(0, p.mPasswordHistory); 3599b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(PolicySet.PASSWORD_COMPLEX_CHARS_MAX, p.mPasswordComplexChars); 3609b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertFalse(p.mRequireRemoteWipe); 361469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertFalse(p.mRequireEncryption); 362469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler 363469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler // Check REQUIRE_ENCRYPTION 364469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler p = new PolicySet(0, PolicySet.PASSWORD_MODE_NONE, 0, 0, false, 0, 0, 0, true); 365469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertEquals(PolicySet.PASSWORD_MODE_NONE, p.mPasswordMode); 366469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertEquals(0, p.mMinPasswordLength); 367469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertEquals(0, p.mMaxPasswordFails); 368469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertEquals(0, p.mMaxScreenLockTime); 369469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertEquals(0, p.mPasswordExpirationDays); 370469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertEquals(0, p.mPasswordHistory); 371469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertEquals(0, p.mPasswordComplexChars); 372469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertFalse(p.mRequireRemoteWipe); 373469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertTrue(p.mRequireEncryption); 374345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 375345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 376345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler /** 377345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Test encoding into an Account and out again 378345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 379345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler @SmallTest 380345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler public void testAccountEncoding() { 381469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler PolicySet p1 = new PolicySet(1, PolicySet.PASSWORD_MODE_STRONG, 3, 4, true, 7, 8, 9, false); 382345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler Account a = new Account(); 383345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler final String SYNC_KEY = "test_sync_key"; 3843d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler p1.writeAccount(a, SYNC_KEY, false, null); 385345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler PolicySet p2 = new PolicySet(a); 386345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(p1, p2); 387345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 388345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 389345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler /** 3909b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank * Test equality. Note, the tests for inequality are poor, as each field should 391345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * be tested individually. 392345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 393345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler @SmallTest 3949b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank public void testEquals() { 395469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler PolicySet p1 = new PolicySet(1, PolicySet.PASSWORD_MODE_STRONG, 3, 4, true, 7, 8, 9, false); 396469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler PolicySet p2 = new PolicySet(1, PolicySet.PASSWORD_MODE_STRONG, 3, 4, true, 7, 8, 9, false); 397469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler PolicySet p3 = new PolicySet(2, PolicySet.PASSWORD_MODE_SIMPLE, 5, 6, true, 7, 8, 9, false); 398345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertTrue(p1.equals(p2)); 399345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertFalse(p2.equals(p3)); 400345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 401345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 4022a5eeea9213005060256054ec773e72406415ce4Andrew Stadler /** 4032a5eeea9213005060256054ec773e72406415ce4Andrew Stadler * Test the API to set/clear policy hold flags in an account 4042a5eeea9213005060256054ec773e72406415ce4Andrew Stadler */ 4052a5eeea9213005060256054ec773e72406415ce4Andrew Stadler public void testSetClearHoldFlag() { 4062a5eeea9213005060256054ec773e72406415ce4Andrew Stadler SecurityPolicy sp = getSecurityPolicy(); 4072a5eeea9213005060256054ec773e72406415ce4Andrew Stadler 4082a5eeea9213005060256054ec773e72406415ce4Andrew Stadler Account a1 = ProviderTestUtils.setupAccount("holdflag-1", false, mMockContext); 4092a5eeea9213005060256054ec773e72406415ce4Andrew Stadler a1.mFlags = Account.FLAGS_NOTIFY_NEW_MAIL; 4102a5eeea9213005060256054ec773e72406415ce4Andrew Stadler a1.save(mMockContext); 4112a5eeea9213005060256054ec773e72406415ce4Andrew Stadler Account a2 = ProviderTestUtils.setupAccount("holdflag-2", false, mMockContext); 4129e2ddca59d048fc9ac55278b193ee36b330a7981Jim Shuma a2.mFlags = Account.FLAGS_VIBRATE_ALWAYS | Account.FLAGS_SECURITY_HOLD; 4132a5eeea9213005060256054ec773e72406415ce4Andrew Stadler a2.save(mMockContext); 4142a5eeea9213005060256054ec773e72406415ce4Andrew Stadler 4152a5eeea9213005060256054ec773e72406415ce4Andrew Stadler // confirm clear until set 4162a5eeea9213005060256054ec773e72406415ce4Andrew Stadler Account a1a = Account.restoreAccountWithId(mMockContext, a1.mId); 4172a5eeea9213005060256054ec773e72406415ce4Andrew Stadler assertEquals(Account.FLAGS_NOTIFY_NEW_MAIL, a1a.mFlags); 4181ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler sp.setAccountHoldFlag(mMockContext, a1, true); 4192a5eeea9213005060256054ec773e72406415ce4Andrew Stadler assertEquals(Account.FLAGS_NOTIFY_NEW_MAIL | Account.FLAGS_SECURITY_HOLD, a1.mFlags); 4202a5eeea9213005060256054ec773e72406415ce4Andrew Stadler Account a1b = Account.restoreAccountWithId(mMockContext, a1.mId); 4212a5eeea9213005060256054ec773e72406415ce4Andrew Stadler assertEquals(Account.FLAGS_NOTIFY_NEW_MAIL | Account.FLAGS_SECURITY_HOLD, a1b.mFlags); 4222a5eeea9213005060256054ec773e72406415ce4Andrew Stadler 4232a5eeea9213005060256054ec773e72406415ce4Andrew Stadler // confirm set until cleared 4242a5eeea9213005060256054ec773e72406415ce4Andrew Stadler Account a2a = Account.restoreAccountWithId(mMockContext, a2.mId); 4259e2ddca59d048fc9ac55278b193ee36b330a7981Jim Shuma assertEquals(Account.FLAGS_VIBRATE_ALWAYS | Account.FLAGS_SECURITY_HOLD, a2a.mFlags); 4261ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler sp.setAccountHoldFlag(mMockContext, a2, false); 4279e2ddca59d048fc9ac55278b193ee36b330a7981Jim Shuma assertEquals(Account.FLAGS_VIBRATE_ALWAYS, a2.mFlags); 4282a5eeea9213005060256054ec773e72406415ce4Andrew Stadler Account a2b = Account.restoreAccountWithId(mMockContext, a2.mId); 4299e2ddca59d048fc9ac55278b193ee36b330a7981Jim Shuma assertEquals(Account.FLAGS_VIBRATE_ALWAYS, a2b.mFlags); 4302a5eeea9213005060256054ec773e72406415ce4Andrew Stadler } 4312a5eeea9213005060256054ec773e72406415ce4Andrew Stadler 4321ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// private static class MockController extends Controller { 4331ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// protected MockController(Context context) { 4341ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// super(context); 4351ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// } 4361ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// } 43702d59d21949a77c60859b615312f02e6d8003490Marc Blank 4382a5eeea9213005060256054ec773e72406415ce4Andrew Stadler /** 439af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler * Test the response to disabling DeviceAdmin status 4401ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler * 4411ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler * TODO: Reenable the 2nd portion of this test - it fails because it gets into the Controller 4421ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler * and spins up an account backup on another thread. 443af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler */ 444af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler public void testDisableAdmin() { 445af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler Account a1 = ProviderTestUtils.setupAccount("disable-1", false, mMockContext); 446469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler PolicySet p1 = new PolicySet(10, PolicySet.PASSWORD_MODE_SIMPLE, 0, 0, false, 0, 0, 0, 447469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler false); 448af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler p1.writeAccount(a1, "sync-key-1", true, mMockContext); 449af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler 450af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler Account a2 = ProviderTestUtils.setupAccount("disable-2", false, mMockContext); 451469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler PolicySet p2 = new PolicySet(20, PolicySet.PASSWORD_MODE_STRONG, 25, 26, false, 0, 0, 0, 452469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler false); 453af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler p2.writeAccount(a2, "sync-key-2", true, mMockContext); 454af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler 455af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler Account a3 = ProviderTestUtils.setupAccount("disable-3", false, mMockContext); 456af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler a3.mSecurityFlags = 0; 457af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler a3.mSecuritySyncKey = null; 458af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler a3.save(mMockContext); 459af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler 460af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler SecurityPolicy sp = getSecurityPolicy(); 461af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler 462af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler // Confirm that "enabling" device admin does not change security status (flags & sync key) 463af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler PolicySet before = sp.getAggregatePolicy(); 464af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler sp.onAdminEnabled(true); // "enabled" should not change anything 465af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler PolicySet after1 = sp.getAggregatePolicy(); 466af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler assertEquals(before, after1); 467af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler Account a1a = Account.restoreAccountWithId(mMockContext, a1.mId); 468af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler assertNotNull(a1a.mSecuritySyncKey); 469af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler Account a2a = Account.restoreAccountWithId(mMockContext, a2.mId); 470af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler assertNotNull(a2a.mSecuritySyncKey); 471af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler Account a3a = Account.restoreAccountWithId(mMockContext, a3.mId); 472af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler assertNull(a3a.mSecuritySyncKey); 473af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler 47402d59d21949a77c60859b615312f02e6d8003490Marc Blank // Simulate revoke of device admin; directly call deleteSecuredAccounts, which is normally 47502d59d21949a77c60859b615312f02e6d8003490Marc Blank // called from a background thread 4761ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// MockController mockController = new MockController(mMockContext); 4771ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// Controller.injectMockControllerForTest(mockController); 4781ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// try { 4791ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// sp.deleteSecuredAccounts(mMockContext); 4801ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// PolicySet after2 = sp.getAggregatePolicy(); 4811ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// assertEquals(SecurityPolicy.NO_POLICY_SET, after2); 4821ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// Account a1b = Account.restoreAccountWithId(mMockContext, a1.mId); 4831ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// assertNull(a1b); 4841ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// Account a2b = Account.restoreAccountWithId(mMockContext, a2.mId); 4851ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// assertNull(a2b); 4861ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// Account a3b = Account.restoreAccountWithId(mMockContext, a3.mId); 4871ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// assertNull(a3b.mSecuritySyncKey); 4881ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// } finally { 4891ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// Controller.injectMockControllerForTest(null); 4901ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler// } 4911ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler } 4921ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4931ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler /** 4941ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler * Test the scanner that finds expiring accounts 4951ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler */ 4961ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler public void testFindExpiringAccount() { 4971ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler SecurityPolicy sp = getSecurityPolicy(); 4981ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4991ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Account a1 = ProviderTestUtils.setupAccount("expiring-1", true, mMockContext); 5001ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5011ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // With no expiring accounts, this should return null. 5021ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long nextExpiringAccountId = sp.findShortestExpiration(mMockContext); 5031ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(-1, nextExpiringAccountId); 5041ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5051ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add a single expiring account 5061ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Account a2 = ProviderTestUtils.setupAccount("expiring-2", false, mMockContext); 507469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler PolicySet p2 = new PolicySet(20, PolicySet.PASSWORD_MODE_STRONG, 25, 26, false, 30, 0, 0, 508469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler false); 5091ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler p2.writeAccount(a2, "sync-key-2", true, mMockContext); 5101ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5111ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // The expiring account should be returned 5121ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler nextExpiringAccountId = sp.findShortestExpiration(mMockContext); 5131ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(a2.mId, nextExpiringAccountId); 5141ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5151ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add an account with a longer expiration 5161ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Account a3 = ProviderTestUtils.setupAccount("expiring-3", false, mMockContext); 517469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler PolicySet p3 = new PolicySet(20, PolicySet.PASSWORD_MODE_STRONG, 25, 26, false, 60, 0, 0, 518469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler false); 5191ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler p3.writeAccount(a3, "sync-key-3", true, mMockContext); 5201ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5211ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // The original expiring account (a2) should be returned 5221ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler nextExpiringAccountId = sp.findShortestExpiration(mMockContext); 5231ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(a2.mId, nextExpiringAccountId); 5241ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5251ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add an account with a shorter expiration 5261ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Account a4 = ProviderTestUtils.setupAccount("expiring-4", false, mMockContext); 527469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler PolicySet p4 = new PolicySet(20, PolicySet.PASSWORD_MODE_STRONG, 25, 26, false, 15, 0, 0, 528469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler false); 5291ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler p4.writeAccount(a4, "sync-key-4", true, mMockContext); 5301ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5311ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // The new expiring account (a4) should be returned 5321ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler nextExpiringAccountId = sp.findShortestExpiration(mMockContext); 5331ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(a4.mId, nextExpiringAccountId); 5341ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler } 5351ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5361ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler /** 5371ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler * Lightweight subclass of the Controller class allows injection of mock context 5381ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler */ 5391ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler public static class TestController extends Controller { 5401ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5411ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler protected TestController(Context providerContext, Context systemContext) { 5421ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler super(systemContext); 5431ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler setProviderContext(providerContext); 54402d59d21949a77c60859b615312f02e6d8003490Marc Blank } 545af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler } 5461ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5471ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler /** 5481ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler * Test the scanner that wipes expiring accounts 5491ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler */ 5501ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler public void testWipeExpiringAccounts() { 5511ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler SecurityPolicy sp = getSecurityPolicy(); 5521ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler TestController testController = new TestController(mMockContext, getContext()); 5531ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5541ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Two accounts - a1 is normal, a2 has security (but no expiration) 5551ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Account a1 = ProviderTestUtils.setupAccount("expired-1", true, mMockContext); 5561ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Account a2 = ProviderTestUtils.setupAccount("expired-2", false, mMockContext); 557469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler PolicySet p2 = new PolicySet(20, PolicySet.PASSWORD_MODE_STRONG, 25, 26, false, 0, 0, 0, 558469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler false); 5591ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler p2.writeAccount(a2, "sync-key-2", true, mMockContext); 5601ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5611ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add a mailbox & messages to each account 5621ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long account1Id = a1.mId; 5631ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long account2Id = a2.mId; 5641ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Mailbox box1 = ProviderTestUtils.setupMailbox("box1", account1Id, true, mMockContext); 5651ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long box1Id = box1.mId; 5661ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message1", account1Id, box1Id, false, true, mMockContext); 5671ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message2", account1Id, box1Id, false, true, mMockContext); 5681ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Mailbox box2 = ProviderTestUtils.setupMailbox("box2", account2Id, true, mMockContext); 5691ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long box2Id = box2.mId; 5701ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message3", account2Id, box2Id, false, true, mMockContext); 5711ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message4", account2Id, box2Id, false, true, mMockContext); 5721ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5731ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Run the expiration code - should do nothing 5741ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler boolean wiped = sp.wipeExpiredAccounts(mMockContext, testController); 5751ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertFalse(wiped); 5761ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // check mailboxes & messages not wiped 5771ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(2, EmailContent.count(mMockContext, Account.CONTENT_URI)); 5781ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(2, EmailContent.count(mMockContext, Mailbox.CONTENT_URI)); 5791ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(4, EmailContent.count(mMockContext, Message.CONTENT_URI)); 5801ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5811ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add 3rd account that really expires 5821ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Account a3 = ProviderTestUtils.setupAccount("expired-3", false, mMockContext); 583469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler PolicySet p3 = new PolicySet(20, PolicySet.PASSWORD_MODE_STRONG, 25, 26, false, 30, 0, 0, 584469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler false); 5851ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler p3.writeAccount(a3, "sync-key-3", true, mMockContext); 5861ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5871ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add mailbox & messages to 3rd account 5881ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long account3Id = a3.mId; 5891ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Mailbox box3 = ProviderTestUtils.setupMailbox("box3", account3Id, true, mMockContext); 5901ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long box3Id = box3.mId; 5911ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message5", account3Id, box3Id, false, true, mMockContext); 5921ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message6", account3Id, box3Id, false, true, mMockContext); 5931ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5941ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // check new counts 5951ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(3, EmailContent.count(mMockContext, Account.CONTENT_URI)); 5961ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(3, EmailContent.count(mMockContext, Mailbox.CONTENT_URI)); 5971ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(6, EmailContent.count(mMockContext, Message.CONTENT_URI)); 5981ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 5991ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Run the expiration code - wipe acct #3 6001ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler wiped = sp.wipeExpiredAccounts(mMockContext, testController); 6011ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertTrue(wiped); 6021ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // check new counts - account survives but data is wiped 6031ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(3, EmailContent.count(mMockContext, Account.CONTENT_URI)); 6041ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(2, EmailContent.count(mMockContext, Mailbox.CONTENT_URI)); 6051ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(4, EmailContent.count(mMockContext, Message.CONTENT_URI)); 6061ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 6071ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Check security hold states - only #3 should be in hold 6081ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Account account = Account.restoreAccountWithId(mMockContext, account1Id); 6091ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, account.mFlags & Account.FLAGS_SECURITY_HOLD); 6101ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler account = Account.restoreAccountWithId(mMockContext, account2Id); 6111ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, account.mFlags & Account.FLAGS_SECURITY_HOLD); 6121ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler account = Account.restoreAccountWithId(mMockContext, account3Id); 6131ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(Account.FLAGS_SECURITY_HOLD, account.mFlags & Account.FLAGS_SECURITY_HOLD); 6141ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler } 615a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler 616a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler /** 617a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler * Test the code that clears unsupported policies 618a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler * TODO inject a mock DPM so we can directly control & test all cases, no matter what device 619a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler */ 620a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler public void testClearUnsupportedPolicies() { 621a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler PolicySet p1 = new PolicySet(1, PolicySet.PASSWORD_MODE_STRONG, 3, 4, true, 7, 8, 9, false); 622a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler PolicySet p2 = new PolicySet(1, PolicySet.PASSWORD_MODE_STRONG, 3, 4, true, 7, 8, 9, true); 623a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler 624a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler SecurityPolicy sp = getSecurityPolicy(); 625a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler DevicePolicyManager dpm = sp.getDPM(); 626a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler boolean hasEncryption = 627a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler dpm.getStorageEncryptionStatus() != DevicePolicyManager.ENCRYPTION_STATUS_UNSUPPORTED; 628a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler 629a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler PolicySet p1Result = sp.clearUnsupportedPolicies(p1); 630a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler PolicySet p2Result = sp.clearUnsupportedPolicies(p2); 631a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler 632a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler // No changes expected when encryptionRequested was false 633a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler assertEquals(p1, p1Result); 634a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler if (hasEncryption) { 635a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler // No changes expected 636a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler assertEquals(p2, p2Result); 637a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler } else { 638a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler PolicySet p2Expect = 639a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler new PolicySet(1, PolicySet.PASSWORD_MODE_STRONG, 3, 4, true, 7, 8, 9, false); 640a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler assertEquals(p2Expect, p2Result); 641a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler } 642a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler } 643345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler} 644