SecurityPolicyTests.java revision d09cff08882e553afce919865a2cc60b657d4659
1345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler/* 2345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Copyright (C) 2010 The Android Open Source Project 3345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * 4345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Licensed under the Apache License, Version 2.0 (the "License"); 5345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * you may not use this file except in compliance with the License. 6345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * You may obtain a copy of the License at 7345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * 8345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * http://www.apache.org/licenses/LICENSE-2.0 9345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * 10345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Unless required by applicable law or agreed to in writing, software 11345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * distributed under the License is distributed on an "AS IS" BASIS, 12345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * See the License for the specific language governing permissions and 14345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * limitations under the License. 15345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 16345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 17345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerpackage com.android.email; 18345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 191ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadlerimport com.android.email.provider.ContentCache; 209ba506c4dd498150555f6c59aa758f7467bf9236Marc Blankimport com.android.email.provider.EmailProvider; 219ba506c4dd498150555f6c59aa758f7467bf9236Marc Blankimport com.android.email.provider.ProviderTestUtils; 22f5418f1f93b02e7fab9f15eb201800b65510998eMarc Blankimport com.android.emailcommon.provider.Account; 23a7bc0319a75184ad706bb35c049af107ac3688e6Marc Blankimport com.android.emailcommon.provider.EmailContent; 24a7bc0319a75184ad706bb35c049af107ac3688e6Marc Blankimport com.android.emailcommon.provider.EmailContent.Message; 2553ea83ebf91f820692e8fa8e781f5cc982dd94dbBen Komaloimport com.android.emailcommon.provider.Mailbox; 26aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blankimport com.android.emailcommon.provider.Policy; 27aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blankimport com.android.emailcommon.service.LegacyPolicySet; 28345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 29a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadlerimport android.app.admin.DevicePolicyManager; 30345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerimport android.content.Context; 31d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadlerimport android.content.ContextWrapper; 32345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerimport android.test.ProviderTestCase2; 33345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerimport android.test.suitebuilder.annotation.MediumTest; 34345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerimport android.test.suitebuilder.annotation.SmallTest; 35345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 36345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler/** 37345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * This is a series of unit tests for backup/restore of the SecurityPolicy class. 382b2b3448ec200f3d649e5f57309908d28ce3bfc7Marc Blank * 399b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank * You can run this entire test case with: 409b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank * runtest -c com.android.email.SecurityPolicyTests email 41345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 429b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank 43345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler@MediumTest 44345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadlerpublic class SecurityPolicyTests extends ProviderTestCase2<EmailProvider> { 45345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 46345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler private Context mMockContext; 47aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private SecurityPolicy mSecurityPolicy; 48d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler 49345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler public SecurityPolicyTests() { 5031d9acbf0623872f9d4a2b3210b5970854b654c7Marc Blank super(EmailProvider.class, EmailContent.AUTHORITY); 51345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 52345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 53aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private static final Policy EMPTY_POLICY = new Policy(); 54aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank 55345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler @Override 56345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler protected void setUp() throws Exception { 57345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler super.setUp(); 58aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mMockContext = new MockContext2(getMockContext(), mContext); 591ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Invalidate all caches, since we reset the database for each test 601ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ContentCache.invalidateAllCachesForTest(); 61345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 62345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 63345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler /** 64345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Delete any dummy accounts we set up for this test 65345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 66345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler @Override 67345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler protected void tearDown() throws Exception { 68345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler super.tearDown(); 69345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 70345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 71345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler /** 720fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki * Private context wrapper used to add back getPackageName() for these tests. 730fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki * 74a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler * This class also implements {@link Context} method(s) that are called during tests. 75d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler */ 76d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler private static class MockContext2 extends ContextWrapper { 77d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler 78d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler private final Context mRealContext; 79d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler 80d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler public MockContext2(Context mockContext, Context realContext) { 81d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler super(mockContext); 82d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler mRealContext = realContext; 83d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler } 84d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler 85d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler @Override 860fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki public Context getApplicationContext() { 870fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki return this; 880fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki } 890fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki 900fb092b38912c7cff776a51872840bb2089ebe08Makoto Onuki @Override 91d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler public String getPackageName() { 92d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler return mRealContext.getPackageName(); 93d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler } 94a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler 95a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler @Override 96a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler public Object getSystemService(String name) { 97a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler return mRealContext.getSystemService(name); 98a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler } 99d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler } 100d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler 101d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler /** 102aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank * Create a Policy using the arguments formerly used to create a PolicySet; this minimizes the 103aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank * changes needed for re-using the PolicySet unit test logic 104345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 105aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private Policy setupPolicy(int minPasswordLength, int passwordMode, int maxPasswordFails, 106aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank int maxScreenLockTime, boolean requireRemoteWipe, int passwordExpirationDays, 107aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank int passwordHistory, int passwordComplexChars, boolean requireEncryption, 108d09cff08882e553afce919865a2cc60b657d4659Ben Komalo boolean requireEncryptionExternal, boolean dontAllowCamera) 109d09cff08882e553afce919865a2cc60b657d4659Ben Komalo throws IllegalArgumentException { 110aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy policy = new Policy(); 111aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank policy.mPasswordMinLength = minPasswordLength; 112aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank policy.mPasswordMode = passwordMode; 113aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank policy.mPasswordMaxFails = maxPasswordFails; 114aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank policy.mMaxScreenLockTime = maxScreenLockTime; 115aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank policy.mRequireRemoteWipe = requireRemoteWipe; 116aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank policy.mPasswordExpirationDays = passwordExpirationDays; 117aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank policy.mPasswordHistory = passwordHistory; 118aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank policy.mPasswordComplexChars = passwordComplexChars; 119aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank policy.mRequireEncryption = requireEncryption; 120aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank policy.mRequireEncryptionExternal = requireEncryptionExternal; 121d09cff08882e553afce919865a2cc60b657d4659Ben Komalo policy.mDontAllowCamera = dontAllowCamera; 122aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank return policy; 1231d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank } 1241d6dab29562eca7978f179be5f5c75f22f44d734Marc Blank 125345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler /** 126345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * Test business logic of aggregating accounts with policies 127345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 128345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler public void testAggregator() { 129aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mSecurityPolicy = SecurityPolicy.getInstance(mMockContext); 130345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 131d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler // with no accounts, should return empty set 132aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertEquals(EMPTY_POLICY, mSecurityPolicy.computeAggregatePolicy()); 133345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 134d62860821c2dbc14ab493b888cb129bd5addd53dAndrew Stadler // with accounts having no security, empty set 135aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank ProviderTestUtils.setupAccount("no-sec-1", true, mMockContext); 136aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank ProviderTestUtils.setupAccount("no-sec-2", true, mMockContext); 137aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertEquals(EMPTY_POLICY, mSecurityPolicy.computeAggregatePolicy()); 138345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 139345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // with a single account in security mode, should return same security as in account 1403d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler // first test with partially-populated policies 141aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a3 = ProviderTestUtils.setupAccount("sec-3", true, mMockContext); 142aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p3ain = setupPolicy(10, Policy.PASSWORD_MODE_SIMPLE, 0, 0, false, 0, 0, 0, 143d09cff08882e553afce919865a2cc60b657d4659Ben Komalo false, false, false); 144fae5ebbfd202b930296a1bbc67459152f1a6c6ceMarc Blank Policy.setAccountPolicy(mMockContext, a3, p3ain, null); 145aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p3aout = mSecurityPolicy.computeAggregatePolicy(); 1463d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler assertNotNull(p3aout); 1473d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler assertEquals(p3ain, p3aout); 1483d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler 1493d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler // Repeat that test with fully-populated policies 150aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p3bin = setupPolicy(10, Policy.PASSWORD_MODE_SIMPLE, 15, 16, false, 6, 2, 3, 151d09cff08882e553afce919865a2cc60b657d4659Ben Komalo false, false, false); 152fae5ebbfd202b930296a1bbc67459152f1a6c6ceMarc Blank Policy.setAccountPolicy(mMockContext, a3, p3bin, null); 153aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p3bout = mSecurityPolicy.computeAggregatePolicy(); 1543d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler assertNotNull(p3bout); 1553d2b3b3b3554be2ac23d9a49fee00faa9693e857Andrew Stadler assertEquals(p3bin, p3bout); 156345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 157345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // add another account which mixes it up (some fields will change, others will not) 158345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // pw length and pw mode - max logic - will change because larger #s here 159345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // fail count and lock timer - min logic - will *not* change because larger #s here 160345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // wipe required - OR logic - will *not* change here because false 1611ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // expiration - will not change because 0 (unspecified) 1621ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // max complex chars - max logic - will change 163469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler // encryption required - OR logic - will *not* change here because false 1647fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler // encryption external req'd - OR logic - will *not* change here because false 165d09cff08882e553afce919865a2cc60b657d4659Ben Komalo // don't allow camera - OR logic - will change here because it's true 166aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p4in = setupPolicy(20, Policy.PASSWORD_MODE_STRONG, 25, 26, false, 0, 5, 7, 167d09cff08882e553afce919865a2cc60b657d4659Ben Komalo false, false, true); 168aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a4 = ProviderTestUtils.setupAccount("sec-4", true, mMockContext); 169fae5ebbfd202b930296a1bbc67459152f1a6c6ceMarc Blank Policy.setAccountPolicy(mMockContext, a4, p4in, null); 170aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p4out = mSecurityPolicy.computeAggregatePolicy(); 171345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertNotNull(p4out); 172aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertEquals(20, p4out.mPasswordMinLength); 173aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertEquals(Policy.PASSWORD_MODE_STRONG, p4out.mPasswordMode); 174aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertEquals(15, p4out.mPasswordMaxFails); 175345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(16, p4out.mMaxScreenLockTime); 1761ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(6, p4out.mPasswordExpirationDays); 1779b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(5, p4out.mPasswordHistory); 1789b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank assertEquals(7, p4out.mPasswordComplexChars); 179345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertFalse(p4out.mRequireRemoteWipe); 180469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertFalse(p4out.mRequireEncryption); 1817fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler assertFalse(p4out.mRequireEncryptionExternal); 182d09cff08882e553afce919865a2cc60b657d4659Ben Komalo assertTrue(p4out.mDontAllowCamera); 183345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 184345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // add another account which mixes it up (the remaining fields will change) 185345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // pw length and pw mode - max logic - will *not* change because smaller #s here 186345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // fail count and lock timer - min logic - will change because smaller #s here 187345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler // wipe required - OR logic - will change here because true 1881ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // expiration time - min logic - will change because lower here 1891ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // history & complex chars - will not change because 0 (unspecified) 190469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler // encryption required - OR logic - will change here because true 1917fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler // encryption external req'd - OR logic - will *not* change here because false 192d09cff08882e553afce919865a2cc60b657d4659Ben Komalo // don't allow camera - OR logic - will *not* change here because it's already true 193aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p5in = setupPolicy(4, Policy.PASSWORD_MODE_SIMPLE, 5, 6, true, 1, 0, 0, 194d09cff08882e553afce919865a2cc60b657d4659Ben Komalo true, false, false); 195aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a5 = ProviderTestUtils.setupAccount("sec-5", true, mMockContext); 196fae5ebbfd202b930296a1bbc67459152f1a6c6ceMarc Blank Policy.setAccountPolicy(mMockContext, a5, p5in, null); 197aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p5out = mSecurityPolicy.computeAggregatePolicy(); 198345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertNotNull(p5out); 199aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertEquals(20, p5out.mPasswordMinLength); 200aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertEquals(Policy.PASSWORD_MODE_STRONG, p5out.mPasswordMode); 201aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertEquals(5, p5out.mPasswordMaxFails); 202345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertEquals(6, p5out.mMaxScreenLockTime); 2031ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(1, p5out.mPasswordExpirationDays); 204469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertEquals(5, p5out.mPasswordHistory); 205469f2987dc11d153434e50eb04dd6b83b924d09dAndy Stadler assertEquals(7, p5out.mPasswordComplexChars); 206345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertTrue(p5out.mRequireRemoteWipe); 2077fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler assertFalse(p5out.mRequireEncryptionExternal); 208d09cff08882e553afce919865a2cc60b657d4659Ben Komalo assertTrue(p5out.mDontAllowCamera); 2097fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler 2107fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler // add another account that continues to mutate fields 2117fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler // encryption external req'd - OR logic - will change here because true 212aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p6in = setupPolicy(0, Policy.PASSWORD_MODE_NONE, 0, 0, false, 0, 0, 0, 213d09cff08882e553afce919865a2cc60b657d4659Ben Komalo false, true, false); 214aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a6 = ProviderTestUtils.setupAccount("sec-6", true, mMockContext); 215fae5ebbfd202b930296a1bbc67459152f1a6c6ceMarc Blank Policy.setAccountPolicy(mMockContext, a6, p6in, null); 216aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p6out = mSecurityPolicy.computeAggregatePolicy(); 2177fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler assertNotNull(p6out); 2187fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler assertTrue(p6out.mRequireEncryptionExternal); 219345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 220345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 221345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler /** 2229b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank * Test equality. Note, the tests for inequality are poor, as each field should 223345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler * be tested individually. 224345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler */ 225345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler @SmallTest 2269b4988de43dbee6c06066caab63806e8c8303d7dMarc Blank public void testEquals() { 227aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p1 = 228d09cff08882e553afce919865a2cc60b657d4659Ben Komalo setupPolicy(1, Policy.PASSWORD_MODE_STRONG, 3, 4, true, 7, 8, 9, false, false, false); 229aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p2 = 230d09cff08882e553afce919865a2cc60b657d4659Ben Komalo setupPolicy(1, Policy.PASSWORD_MODE_STRONG, 3, 4, true, 7, 8, 9, false, false, false); 231aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p3 = 232d09cff08882e553afce919865a2cc60b657d4659Ben Komalo setupPolicy(2, Policy.PASSWORD_MODE_SIMPLE, 5, 6, true, 7, 8, 9, false, false, false); 233d09cff08882e553afce919865a2cc60b657d4659Ben Komalo Policy p4 = 234d09cff08882e553afce919865a2cc60b657d4659Ben Komalo setupPolicy(1, Policy.PASSWORD_MODE_STRONG, 3, 4, true, 7, 8, 9, false, false, true); 235345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertTrue(p1.equals(p2)); 236345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler assertFalse(p2.equals(p3)); 237d09cff08882e553afce919865a2cc60b657d4659Ben Komalo assertFalse(p1.equals(p4)); 238345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler } 239345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler 2402a5eeea9213005060256054ec773e72406415ce4Andrew Stadler /** 2412a5eeea9213005060256054ec773e72406415ce4Andrew Stadler * Test the API to set/clear policy hold flags in an account 2422a5eeea9213005060256054ec773e72406415ce4Andrew Stadler */ 2432a5eeea9213005060256054ec773e72406415ce4Andrew Stadler public void testSetClearHoldFlag() { 2442a5eeea9213005060256054ec773e72406415ce4Andrew Stadler Account a1 = ProviderTestUtils.setupAccount("holdflag-1", false, mMockContext); 2452a5eeea9213005060256054ec773e72406415ce4Andrew Stadler a1.mFlags = Account.FLAGS_NOTIFY_NEW_MAIL; 2462a5eeea9213005060256054ec773e72406415ce4Andrew Stadler a1.save(mMockContext); 2472a5eeea9213005060256054ec773e72406415ce4Andrew Stadler Account a2 = ProviderTestUtils.setupAccount("holdflag-2", false, mMockContext); 2489e2ddca59d048fc9ac55278b193ee36b330a7981Jim Shuma a2.mFlags = Account.FLAGS_VIBRATE_ALWAYS | Account.FLAGS_SECURITY_HOLD; 2492a5eeea9213005060256054ec773e72406415ce4Andrew Stadler a2.save(mMockContext); 2502a5eeea9213005060256054ec773e72406415ce4Andrew Stadler 2512a5eeea9213005060256054ec773e72406415ce4Andrew Stadler // confirm clear until set 2522a5eeea9213005060256054ec773e72406415ce4Andrew Stadler Account a1a = Account.restoreAccountWithId(mMockContext, a1.mId); 2532a5eeea9213005060256054ec773e72406415ce4Andrew Stadler assertEquals(Account.FLAGS_NOTIFY_NEW_MAIL, a1a.mFlags); 254aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank SecurityPolicy.setAccountHoldFlag(mMockContext, a1, true); 2552a5eeea9213005060256054ec773e72406415ce4Andrew Stadler assertEquals(Account.FLAGS_NOTIFY_NEW_MAIL | Account.FLAGS_SECURITY_HOLD, a1.mFlags); 2562a5eeea9213005060256054ec773e72406415ce4Andrew Stadler Account a1b = Account.restoreAccountWithId(mMockContext, a1.mId); 2572a5eeea9213005060256054ec773e72406415ce4Andrew Stadler assertEquals(Account.FLAGS_NOTIFY_NEW_MAIL | Account.FLAGS_SECURITY_HOLD, a1b.mFlags); 2582a5eeea9213005060256054ec773e72406415ce4Andrew Stadler 2592a5eeea9213005060256054ec773e72406415ce4Andrew Stadler // confirm set until cleared 2602a5eeea9213005060256054ec773e72406415ce4Andrew Stadler Account a2a = Account.restoreAccountWithId(mMockContext, a2.mId); 2619e2ddca59d048fc9ac55278b193ee36b330a7981Jim Shuma assertEquals(Account.FLAGS_VIBRATE_ALWAYS | Account.FLAGS_SECURITY_HOLD, a2a.mFlags); 262aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank SecurityPolicy.setAccountHoldFlag(mMockContext, a2, false); 2639e2ddca59d048fc9ac55278b193ee36b330a7981Jim Shuma assertEquals(Account.FLAGS_VIBRATE_ALWAYS, a2.mFlags); 2642a5eeea9213005060256054ec773e72406415ce4Andrew Stadler Account a2b = Account.restoreAccountWithId(mMockContext, a2.mId); 2659e2ddca59d048fc9ac55278b193ee36b330a7981Jim Shuma assertEquals(Account.FLAGS_VIBRATE_ALWAYS, a2b.mFlags); 2662a5eeea9213005060256054ec773e72406415ce4Andrew Stadler } 2672a5eeea9213005060256054ec773e72406415ce4Andrew Stadler 268aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private static class MockController extends Controller { 269aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank protected MockController(Context context) { 270aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank super(context); 271aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank } 272aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank 273d09cff08882e553afce919865a2cc60b657d4659Ben Komalo @Override 274aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank protected void backupAccounts(Context context) { 275aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank // For testing, we don't want to back up our accounts 276aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank } 277aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank } 27802d59d21949a77c60859b615312f02e6d8003490Marc Blank 2792a5eeea9213005060256054ec773e72406415ce4Andrew Stadler /** 280af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler * Test the response to disabling DeviceAdmin status 281af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler */ 282af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler public void testDisableAdmin() { 283aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a1 = ProviderTestUtils.setupAccount("disable-1", true, mMockContext); 284aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p1 = setupPolicy(10, Policy.PASSWORD_MODE_SIMPLE, 0, 0, false, 0, 0, 0, 285d09cff08882e553afce919865a2cc60b657d4659Ben Komalo false, false, false); 286fae5ebbfd202b930296a1bbc67459152f1a6c6ceMarc Blank Policy.setAccountPolicy(mMockContext, a1, p1, "security-sync-key-1"); 287af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler 288aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a2 = ProviderTestUtils.setupAccount("disable-2", true, mMockContext); 289aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p2 = setupPolicy(20, Policy.PASSWORD_MODE_STRONG, 25, 26, false, 0, 0, 0, 290d09cff08882e553afce919865a2cc60b657d4659Ben Komalo false, false, false); 291fae5ebbfd202b930296a1bbc67459152f1a6c6ceMarc Blank Policy.setAccountPolicy(mMockContext, a2, p2, "security-sync-key-2"); 292af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler 293aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a3 = ProviderTestUtils.setupAccount("disable-3", true, mMockContext); 294aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy.clearAccountPolicy(mMockContext, a3); 295af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler 296aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mSecurityPolicy = SecurityPolicy.getInstance(mMockContext); 297af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler 298aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank // Confirm that "enabling" device admin does not change security status (policy & sync key) 299aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy before = mSecurityPolicy.getAggregatePolicy(); 300aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mSecurityPolicy.onAdminEnabled(true); // "enabled" should not change anything 301aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy after1 = mSecurityPolicy.getAggregatePolicy(); 302af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler assertEquals(before, after1); 303af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler Account a1a = Account.restoreAccountWithId(mMockContext, a1.mId); 304af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler assertNotNull(a1a.mSecuritySyncKey); 305aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertTrue(a1a.mPolicyKey > 0); 306af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler Account a2a = Account.restoreAccountWithId(mMockContext, a2.mId); 307af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler assertNotNull(a2a.mSecuritySyncKey); 308aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertTrue(a2a.mPolicyKey > 0); 309af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler Account a3a = Account.restoreAccountWithId(mMockContext, a3.mId); 310af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler assertNull(a3a.mSecuritySyncKey); 311aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertTrue(a3a.mPolicyKey == 0); 312af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler 31302d59d21949a77c60859b615312f02e6d8003490Marc Blank // Simulate revoke of device admin; directly call deleteSecuredAccounts, which is normally 31402d59d21949a77c60859b615312f02e6d8003490Marc Blank // called from a background thread 315aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank MockController mockController = new MockController(mMockContext); 316aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Controller.injectMockControllerForTest(mockController); 317aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank try { 318aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mSecurityPolicy.deleteSecuredAccounts(mMockContext); 319aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy after2 = mSecurityPolicy.getAggregatePolicy(); 320aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertEquals(EMPTY_POLICY, after2); 321aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a1b = Account.restoreAccountWithId(mMockContext, a1.mId); 322aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertNull(a1b); 323aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a2b = Account.restoreAccountWithId(mMockContext, a2.mId); 324aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertNull(a2b); 325aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a3b = Account.restoreAccountWithId(mMockContext, a3.mId); 326aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertNull(a3b.mSecuritySyncKey); 327aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank } finally { 328aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Controller.injectMockControllerForTest(null); 329aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank } 3301ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler } 3311ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3321ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler /** 3331ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler * Test the scanner that finds expiring accounts 3341ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler */ 3351ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler public void testFindExpiringAccount() { 336aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank ProviderTestUtils.setupAccount("expiring-1", true, mMockContext); 3371ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3381ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // With no expiring accounts, this should return null. 3397fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler long nextExpiringAccountId = SecurityPolicy.findShortestExpiration(mMockContext); 3401ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(-1, nextExpiringAccountId); 3411ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3421ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add a single expiring account 343aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a2 = 344aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank ProviderTestUtils.setupAccount("expiring-2", true, mMockContext); 345aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p2 = setupPolicy(20, Policy.PASSWORD_MODE_STRONG, 25, 26, false, 30, 0, 0, 346d09cff08882e553afce919865a2cc60b657d4659Ben Komalo false, false, true); 347fae5ebbfd202b930296a1bbc67459152f1a6c6ceMarc Blank Policy.setAccountPolicy(mMockContext, a2, p2, null); 3481ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3491ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // The expiring account should be returned 3507fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler nextExpiringAccountId = SecurityPolicy.findShortestExpiration(mMockContext); 3511ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(a2.mId, nextExpiringAccountId); 3521ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3531ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add an account with a longer expiration 354aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a3 = ProviderTestUtils.setupAccount("expiring-3", true, mMockContext); 355aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p3 = setupPolicy(20, Policy.PASSWORD_MODE_STRONG, 25, 26, false, 60, 0, 0, 356d09cff08882e553afce919865a2cc60b657d4659Ben Komalo false, false, true); 357fae5ebbfd202b930296a1bbc67459152f1a6c6ceMarc Blank Policy.setAccountPolicy(mMockContext, a3, p3, null); 3581ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3591ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // The original expiring account (a2) should be returned 3607fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler nextExpiringAccountId = SecurityPolicy.findShortestExpiration(mMockContext); 3611ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(a2.mId, nextExpiringAccountId); 3621ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3631ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add an account with a shorter expiration 364aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a4 = ProviderTestUtils.setupAccount("expiring-4", true, mMockContext); 365aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p4 = setupPolicy(20, Policy.PASSWORD_MODE_STRONG, 25, 26, false, 15, 0, 0, 366d09cff08882e553afce919865a2cc60b657d4659Ben Komalo false, false, true); 367fae5ebbfd202b930296a1bbc67459152f1a6c6ceMarc Blank Policy.setAccountPolicy(mMockContext, a4, p4, null); 3681ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3691ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // The new expiring account (a4) should be returned 3707fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler nextExpiringAccountId = SecurityPolicy.findShortestExpiration(mMockContext); 3711ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(a4.mId, nextExpiringAccountId); 3721ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler } 3731ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3741ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler /** 3751ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler * Lightweight subclass of the Controller class allows injection of mock context 3761ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler */ 3771ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler public static class TestController extends Controller { 3781ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3791ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler protected TestController(Context providerContext, Context systemContext) { 3801ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler super(systemContext); 3811ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler setProviderContext(providerContext); 38202d59d21949a77c60859b615312f02e6d8003490Marc Blank } 383af55e3e436991fde91cdc80efe2786eb8f509d15Andrew Stadler } 3841ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3851ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler /** 3861ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler * Test the scanner that wipes expiring accounts 3871ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler */ 3881ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler public void testWipeExpiringAccounts() { 389aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mSecurityPolicy = SecurityPolicy.getInstance(mMockContext); 3901ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler TestController testController = new TestController(mMockContext, getContext()); 3911ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3921ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Two accounts - a1 is normal, a2 has security (but no expiration) 3931ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Account a1 = ProviderTestUtils.setupAccount("expired-1", true, mMockContext); 394aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a2 = ProviderTestUtils.setupAccount("expired-2", true, mMockContext); 395aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p2 = setupPolicy(20, Policy.PASSWORD_MODE_STRONG, 25, 26, false, 0, 0, 0, 396d09cff08882e553afce919865a2cc60b657d4659Ben Komalo false, false, true); 397fae5ebbfd202b930296a1bbc67459152f1a6c6ceMarc Blank Policy.setAccountPolicy(mMockContext, a2, p2, null); 3981ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 3991ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add a mailbox & messages to each account 4001ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long account1Id = a1.mId; 4011ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long account2Id = a2.mId; 4021ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Mailbox box1 = ProviderTestUtils.setupMailbox("box1", account1Id, true, mMockContext); 4031ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long box1Id = box1.mId; 4041ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message1", account1Id, box1Id, false, true, mMockContext); 4051ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message2", account1Id, box1Id, false, true, mMockContext); 4061ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Mailbox box2 = ProviderTestUtils.setupMailbox("box2", account2Id, true, mMockContext); 4071ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long box2Id = box2.mId; 4081ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message3", account2Id, box2Id, false, true, mMockContext); 4091ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message4", account2Id, box2Id, false, true, mMockContext); 4101ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4111ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Run the expiration code - should do nothing 412aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank boolean wiped = SecurityPolicy.wipeExpiredAccounts(mMockContext, testController); 4131ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertFalse(wiped); 4141ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // check mailboxes & messages not wiped 4151ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(2, EmailContent.count(mMockContext, Account.CONTENT_URI)); 4161ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(2, EmailContent.count(mMockContext, Mailbox.CONTENT_URI)); 4171ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(4, EmailContent.count(mMockContext, Message.CONTENT_URI)); 4181ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4191ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add 3rd account that really expires 420aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Account a3 = ProviderTestUtils.setupAccount("expired-3", true, mMockContext); 421aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p3 = setupPolicy(20, Policy.PASSWORD_MODE_STRONG, 25, 26, false, 30, 0, 0, 422d09cff08882e553afce919865a2cc60b657d4659Ben Komalo false, false, true); 423fae5ebbfd202b930296a1bbc67459152f1a6c6ceMarc Blank Policy.setAccountPolicy(mMockContext, a3, p3, null); 4241ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4251ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Add mailbox & messages to 3rd account 4261ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long account3Id = a3.mId; 4271ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Mailbox box3 = ProviderTestUtils.setupMailbox("box3", account3Id, true, mMockContext); 4281ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler long box3Id = box3.mId; 4291ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message5", account3Id, box3Id, false, true, mMockContext); 4301ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler ProviderTestUtils.setupMessage("message6", account3Id, box3Id, false, true, mMockContext); 4311ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4321ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // check new counts 4331ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(3, EmailContent.count(mMockContext, Account.CONTENT_URI)); 4341ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(3, EmailContent.count(mMockContext, Mailbox.CONTENT_URI)); 4351ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(6, EmailContent.count(mMockContext, Message.CONTENT_URI)); 4361ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4371ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Run the expiration code - wipe acct #3 438aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank wiped = SecurityPolicy.wipeExpiredAccounts(mMockContext, testController); 4391ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertTrue(wiped); 4401ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // check new counts - account survives but data is wiped 4411ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(3, EmailContent.count(mMockContext, Account.CONTENT_URI)); 4421ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(2, EmailContent.count(mMockContext, Mailbox.CONTENT_URI)); 4431ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(4, EmailContent.count(mMockContext, Message.CONTENT_URI)); 4441ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler 4451ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler // Check security hold states - only #3 should be in hold 4461ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler Account account = Account.restoreAccountWithId(mMockContext, account1Id); 4471ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, account.mFlags & Account.FLAGS_SECURITY_HOLD); 4481ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler account = Account.restoreAccountWithId(mMockContext, account2Id); 4491ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(0, account.mFlags & Account.FLAGS_SECURITY_HOLD); 4501ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler account = Account.restoreAccountWithId(mMockContext, account3Id); 4511ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler assertEquals(Account.FLAGS_SECURITY_HOLD, account.mFlags & Account.FLAGS_SECURITY_HOLD); 4521ca111c19c83d54ad23bd8615d9c648e09ec3366Andy Stadler } 453a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler 454a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler /** 455a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler * Test the code that clears unsupported policies 456a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler * TODO inject a mock DPM so we can directly control & test all cases, no matter what device 457a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler */ 458a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler public void testClearUnsupportedPolicies() { 459aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p1 = 460d09cff08882e553afce919865a2cc60b657d4659Ben Komalo setupPolicy(1, Policy.PASSWORD_MODE_STRONG, 3, 4, true, 7, 8, 9, false, false, false); 461aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p2 = 462d09cff08882e553afce919865a2cc60b657d4659Ben Komalo setupPolicy(1, Policy.PASSWORD_MODE_STRONG, 3, 4, true, 7, 8, 9, true, false, false); 463aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p3 = 464d09cff08882e553afce919865a2cc60b657d4659Ben Komalo setupPolicy(1, Policy.PASSWORD_MODE_STRONG, 3, 4, true, 7, 8, 9, false, true, false); 465aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank 466aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mSecurityPolicy = SecurityPolicy.getInstance(mMockContext); 467aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank DevicePolicyManager dpm = mSecurityPolicy.getDPM(); 468a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler boolean hasEncryption = 469a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler dpm.getStorageEncryptionStatus() != DevicePolicyManager.ENCRYPTION_STATUS_UNSUPPORTED; 470a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler 471aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p1Result = mSecurityPolicy.clearUnsupportedPolicies(p1); 472aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p2Result = mSecurityPolicy.clearUnsupportedPolicies(p2); 473aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p3Result = mSecurityPolicy.clearUnsupportedPolicies(p3); 474a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler 4757fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler // No changes expected when encryptionRequested bits were false 476a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler assertEquals(p1, p1Result); 477a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler if (hasEncryption) { 478a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler // No changes expected 4797fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler // NOTE: TODO: Modify to check for external encryption cleared on devices that 4807fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler // won't support it (e.g. having only unencrypted, removable storage.) 481a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler assertEquals(p2, p2Result); 4827fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler assertEquals(p3, p3Result); 483a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler } else { 4847fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler // If encryption is unsupported, encryption policy bits are cleared 485aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy policyExpect = 486aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank setupPolicy(1, Policy.PASSWORD_MODE_STRONG, 3, 4, true, 7, 8, 9, false, 487d09cff08882e553afce919865a2cc60b657d4659Ben Komalo false, false); 4887fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler assertEquals(policyExpect, p2Result); 4897fd14be80447de15bd5360321fa80e34f60fa251Andy Stadler assertEquals(policyExpect, p3Result); 490a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler } 491a0d080558ff06f88f000cf424803c8241dd8d2ebAndy Stadler } 49222759bacd95385d95d3d9321f490763df1aba89dAndy Stadler 49322759bacd95385d95d3d9321f490763df1aba89dAndy Stadler /** 49422759bacd95385d95d3d9321f490763df1aba89dAndy Stadler * Test the code that converts from exchange-style quality to DPM/Lockscreen style quality. 49522759bacd95385d95d3d9321f490763df1aba89dAndy Stadler */ 49622759bacd95385d95d3d9321f490763df1aba89dAndy Stadler public void testGetDPManagerPasswordQuality() { 497aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank // Policy.PASSWORD_MODE_NONE -> DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED 498aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p1 = setupPolicy(0, Policy.PASSWORD_MODE_NONE, 499d09cff08882e553afce919865a2cc60b657d4659Ben Komalo 0, 0, false, 0, 0, 0, false, false, false); 50022759bacd95385d95d3d9321f490763df1aba89dAndy Stadler assertEquals(DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, 50122759bacd95385d95d3d9321f490763df1aba89dAndy Stadler p1.getDPManagerPasswordQuality()); 50222759bacd95385d95d3d9321f490763df1aba89dAndy Stadler 50322759bacd95385d95d3d9321f490763df1aba89dAndy Stadler // PASSWORD_MODE_SIMPLE -> PASSWORD_QUALITY_NUMERIC 504aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p2 = setupPolicy(4, Policy.PASSWORD_MODE_SIMPLE, 505d09cff08882e553afce919865a2cc60b657d4659Ben Komalo 0, 0, false, 0, 0, 0, false, false, false); 50622759bacd95385d95d3d9321f490763df1aba89dAndy Stadler assertEquals(DevicePolicyManager.PASSWORD_QUALITY_NUMERIC, 50722759bacd95385d95d3d9321f490763df1aba89dAndy Stadler p2.getDPManagerPasswordQuality()); 50822759bacd95385d95d3d9321f490763df1aba89dAndy Stadler 50922759bacd95385d95d3d9321f490763df1aba89dAndy Stadler // PASSWORD_MODE_STRONG -> PASSWORD_QUALITY_ALPHANUMERIC 510aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p3 = setupPolicy(4, Policy.PASSWORD_MODE_STRONG, 511d09cff08882e553afce919865a2cc60b657d4659Ben Komalo 0, 0, false, 0, 0, 0, false, false, false); 51222759bacd95385d95d3d9321f490763df1aba89dAndy Stadler assertEquals(DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC, 51322759bacd95385d95d3d9321f490763df1aba89dAndy Stadler p3.getDPManagerPasswordQuality()); 51422759bacd95385d95d3d9321f490763df1aba89dAndy Stadler 51522759bacd95385d95d3d9321f490763df1aba89dAndy Stadler // PASSWORD_MODE_STRONG + complex chars -> PASSWORD_QUALITY_COMPLEX 516aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy p4 = setupPolicy(4, Policy.PASSWORD_MODE_STRONG, 517d09cff08882e553afce919865a2cc60b657d4659Ben Komalo 0, 0, false, 0, 0 , 2, false, false, false); 51822759bacd95385d95d3d9321f490763df1aba89dAndy Stadler assertEquals(DevicePolicyManager.PASSWORD_QUALITY_COMPLEX, 51922759bacd95385d95d3d9321f490763df1aba89dAndy Stadler p4.getDPManagerPasswordQuality()); 52022759bacd95385d95d3d9321f490763df1aba89dAndy Stadler } 521aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank 522aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private boolean policySetEqualsPolicy(PolicySet ps, Policy policy) { 523aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank if ((ps.mPasswordMode >> LegacyPolicySet.PASSWORD_MODE_SHIFT) != policy.mPasswordMode) { 524aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank return false; 525aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank } 526aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank if (ps.mMinPasswordLength != policy.mPasswordMinLength) return false; 527aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank if (ps.mPasswordComplexChars != policy.mPasswordComplexChars) return false; 528aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank if (ps.mPasswordHistory != policy.mPasswordHistory) return false; 529aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank if (ps.mPasswordExpirationDays != policy.mPasswordExpirationDays) return false; 530aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank if (ps.mMaxPasswordFails != policy.mPasswordMaxFails) return false; 531aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank if (ps.mMaxScreenLockTime != policy.mMaxScreenLockTime) return false; 532aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank if (ps.mRequireRemoteWipe != policy.mRequireRemoteWipe) return false; 533aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank if (ps.mRequireEncryption != policy.mRequireEncryption) return false; 534aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank if (ps.mRequireEncryptionExternal != policy.mRequireEncryptionExternal) return false; 535aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank return true; 536aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank } 537aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank 538aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank public void testPolicyFlagsToPolicy() { 539aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank // Policy flags; the three sets included here correspond to policies for three test 540aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank // accounts that, between them, use all of the possible policies 541aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank long flags = 67096612L; 542aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank PolicySet ps = new PolicySet(flags); 543aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank Policy policy = LegacyPolicySet.flagsToPolicy(flags); 544aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertTrue(policySetEqualsPolicy(ps, policy)); 545aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank flags = 52776591691846L; 546aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank ps = new PolicySet(flags); 547aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank policy = LegacyPolicySet.flagsToPolicy(flags); 548aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertTrue(policySetEqualsPolicy(ps, policy)); 549aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank flags = 1689605957029924L; 550aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank ps = new PolicySet(flags); 551aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank policy = LegacyPolicySet.flagsToPolicy(flags); 552aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank assertTrue(policySetEqualsPolicy(ps, policy)); 553aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank } 554aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank 555aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank /** 556aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank * The old PolicySet class fields and constructor; we use this to test conversion to the 557aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank * new Policy table scheme 558aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank */ 559aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private static class PolicySet { 560aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private final int mMinPasswordLength; 561aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private final int mPasswordMode; 562aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private final int mMaxPasswordFails; 563aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private final int mMaxScreenLockTime; 564aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private final boolean mRequireRemoteWipe; 565aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private final int mPasswordExpirationDays; 566aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private final int mPasswordHistory; 567aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private final int mPasswordComplexChars; 568aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private final boolean mRequireEncryption; 569aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private final boolean mRequireEncryptionExternal; 570aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank 571aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank /** 572aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank * Create from values encoded in an account flags int 573aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank */ 574aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank private PolicySet(long flags) { 575aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mMinPasswordLength = (int) ((flags & LegacyPolicySet.PASSWORD_LENGTH_MASK) 576aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank >> LegacyPolicySet.PASSWORD_LENGTH_SHIFT); 577aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mPasswordMode = 578aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank (int) (flags & LegacyPolicySet.PASSWORD_MODE_MASK); 579aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mMaxPasswordFails = (int) ((flags & LegacyPolicySet.PASSWORD_MAX_FAILS_MASK) 580aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank >> LegacyPolicySet.PASSWORD_MAX_FAILS_SHIFT); 581aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mMaxScreenLockTime = (int) ((flags & LegacyPolicySet.SCREEN_LOCK_TIME_MASK) 582aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank >> LegacyPolicySet.SCREEN_LOCK_TIME_SHIFT); 583aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mRequireRemoteWipe = 0 != (flags & LegacyPolicySet.REQUIRE_REMOTE_WIPE); 584aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mPasswordExpirationDays = (int) ((flags & LegacyPolicySet.PASSWORD_EXPIRATION_MASK) 585aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank >> LegacyPolicySet.PASSWORD_EXPIRATION_SHIFT); 586aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mPasswordHistory = (int) ((flags & LegacyPolicySet.PASSWORD_HISTORY_MASK) 587aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank >> LegacyPolicySet.PASSWORD_HISTORY_SHIFT); 588aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mPasswordComplexChars = (int) ((flags & LegacyPolicySet.PASSWORD_COMPLEX_CHARS_MASK) 589aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank >> LegacyPolicySet.PASSWORD_COMPLEX_CHARS_SHIFT); 590aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mRequireEncryption = 0 != (flags & LegacyPolicySet.REQUIRE_ENCRYPTION); 591aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank mRequireEncryptionExternal = 0 != (flags & LegacyPolicySet.REQUIRE_ENCRYPTION_EXTERNAL); 592aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank } 593aeee10e57ef4d931e7708fde218d590453a82aeaMarc Blank } 594345fb8b737c1632fb2a7e69ac44b8612be6237edAndrew Stadler} 595