DevicePolicyManagerTest.java revision 2dbf9ae67a972e83f248eab06c583ff988da7422
1/* 2 * Copyright (C) 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16package com.android.server.devicepolicy; 17 18import static android.os.UserManagerInternal.CAMERA_DISABLED_GLOBALLY; 19import static android.os.UserManagerInternal.CAMERA_DISABLED_LOCALLY; 20import static android.os.UserManagerInternal.CAMERA_NOT_DISABLED; 21 22import android.Manifest.permission; 23import android.app.Activity; 24import android.app.admin.DeviceAdminReceiver; 25import android.app.admin.DevicePolicyManager; 26import android.app.admin.DevicePolicyManagerInternal; 27import android.content.BroadcastReceiver; 28import android.content.ComponentName; 29import android.content.Context; 30import android.content.Intent; 31import android.content.ServiceConnection; 32import android.content.pm.ApplicationInfo; 33import android.content.pm.PackageInfo; 34import android.content.pm.PackageManager; 35import android.content.res.Resources; 36import android.graphics.Color; 37import android.net.IIpConnectivityMetrics; 38import android.content.pm.UserInfo; 39import android.net.wifi.WifiInfo; 40import android.os.Build.VERSION_CODES; 41import android.os.Bundle; 42import android.os.IBinder; 43import android.os.Process; 44import android.os.UserHandle; 45import android.os.UserManager; 46import android.os.UserManagerInternal; 47import android.provider.Settings; 48import android.telephony.TelephonyManager; 49import android.test.MoreAsserts; 50import android.test.suitebuilder.annotation.SmallTest; 51import android.util.ArraySet; 52import android.util.Pair; 53 54import com.android.internal.R; 55import com.android.server.LocalServices; 56import com.android.server.SystemService; 57import com.android.server.pm.UserRestrictionsUtils; 58 59import org.mockito.invocation.InvocationOnMock; 60import org.mockito.stubbing.Answer; 61 62import java.util.ArrayList; 63import java.util.Arrays; 64import java.util.Collections; 65import java.util.HashMap; 66import java.util.List; 67import java.util.Map; 68import java.util.Set; 69import java.util.concurrent.TimeUnit; 70 71import static android.app.admin.DevicePolicyManager.DELEGATION_APP_RESTRICTIONS; 72import static android.app.admin.DevicePolicyManager.DELEGATION_CERT_INSTALL; 73 74import static org.mockito.Matchers.any; 75import static org.mockito.Matchers.anyInt; 76import static org.mockito.Matchers.anyLong; 77import static org.mockito.Matchers.anyObject; 78import static org.mockito.Matchers.anyString; 79import static org.mockito.Matchers.eq; 80import static org.mockito.Matchers.isNull; 81import static org.mockito.Mockito.atLeast; 82import static org.mockito.Mockito.doAnswer; 83import static org.mockito.Mockito.doReturn; 84import static org.mockito.Mockito.never; 85import static org.mockito.Mockito.reset; 86import static org.mockito.Mockito.times; 87import static org.mockito.Mockito.verify; 88import static org.mockito.Mockito.verifyZeroInteractions; 89import static org.mockito.Mockito.when; 90 91/** 92 * Tests for DevicePolicyManager( and DevicePolicyManagerService). 93 * You can run them via: 94 m FrameworksServicesTests && 95 adb install \ 96 -r ${ANDROID_PRODUCT_OUT}/data/app/FrameworksServicesTests/FrameworksServicesTests.apk && 97 adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest \ 98 -w com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner 99 100 (mmma frameworks/base/services/tests/servicestests/ for non-ninja build) 101 * 102 * , or: 103 * runtest -c com.android.server.devicepolicy.DevicePolicyManagerTest frameworks-services 104 */ 105@SmallTest 106public class DevicePolicyManagerTest extends DpmTestBase { 107 private static final List<String> OWNER_SETUP_PERMISSIONS = Arrays.asList( 108 permission.MANAGE_DEVICE_ADMINS, permission.MANAGE_PROFILE_AND_DEVICE_OWNERS, 109 permission.MANAGE_USERS, permission.INTERACT_ACROSS_USERS_FULL); 110 111 private DpmMockContext mContext; 112 public DevicePolicyManager dpm; 113 public DevicePolicyManagerServiceTestable dpms; 114 115 @Override 116 protected void setUp() throws Exception { 117 super.setUp(); 118 119 mContext = getContext(); 120 121 when(mContext.packageManager.hasSystemFeature(eq(PackageManager.FEATURE_DEVICE_ADMIN))) 122 .thenReturn(true); 123 124 // By default, pretend all users are running and unlocked. 125 when(mContext.userManager.isUserUnlocked(anyInt())).thenReturn(true); 126 127 initializeDpms(); 128 129 setUpPackageManagerForAdmin(admin1, DpmMockContext.CALLER_UID); 130 setUpPackageManagerForAdmin(admin2, DpmMockContext.CALLER_UID); 131 setUpPackageManagerForAdmin(admin3, DpmMockContext.CALLER_UID); 132 setUpPackageManagerForAdmin(adminNoPerm, DpmMockContext.CALLER_UID); 133 134 setUpUserManager(); 135 } 136 137 private void initializeDpms() { 138 // Need clearCallingIdentity() to pass permission checks. 139 final long ident = mContext.binder.clearCallingIdentity(); 140 try { 141 LocalServices.removeServiceForTest(DevicePolicyManagerInternal.class); 142 143 dpms = new DevicePolicyManagerServiceTestable(mContext, dataDir); 144 145 dpms.systemReady(SystemService.PHASE_LOCK_SETTINGS_READY); 146 dpms.systemReady(SystemService.PHASE_BOOT_COMPLETED); 147 148 dpm = new DevicePolicyManagerTestable(mContext, dpms); 149 } finally { 150 mContext.binder.restoreCallingIdentity(ident); 151 } 152 } 153 154 private void setUpUserManager() { 155 // Emulate UserManager.set/getApplicationRestriction(). 156 final Map<Pair<String, UserHandle>, Bundle> appRestrictions = new HashMap<>(); 157 158 // UM.setApplicationRestrictions() will save to appRestrictions. 159 doAnswer(new Answer<Void>() { 160 @Override 161 public Void answer(InvocationOnMock invocation) throws Throwable { 162 String pkg = (String) invocation.getArguments()[0]; 163 Bundle bundle = (Bundle) invocation.getArguments()[1]; 164 UserHandle user = (UserHandle) invocation.getArguments()[2]; 165 166 appRestrictions.put(Pair.create(pkg, user), bundle); 167 168 return null; 169 } 170 }).when(mContext.userManager).setApplicationRestrictions( 171 anyString(), any(Bundle.class), any(UserHandle.class)); 172 173 // UM.getApplicationRestrictions() will read from appRestrictions. 174 doAnswer(new Answer<Bundle>() { 175 @Override 176 public Bundle answer(InvocationOnMock invocation) throws Throwable { 177 String pkg = (String) invocation.getArguments()[0]; 178 UserHandle user = (UserHandle) invocation.getArguments()[1]; 179 180 return appRestrictions.get(Pair.create(pkg, user)); 181 } 182 }).when(mContext.userManager).getApplicationRestrictions( 183 anyString(), any(UserHandle.class)); 184 185 // Add the first secondary user. 186 mContext.addUser(DpmMockContext.CALLER_USER_HANDLE, 0); 187 } 188 189 private void setAsProfileOwner(ComponentName admin) { 190 mContext.callerPermissions.add(permission.MANAGE_DEVICE_ADMINS); 191 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 192 193 // PO needs to be an DA. 194 dpm.setActiveAdmin(admin, /* replace =*/ false); 195 196 // Fire! 197 assertTrue(dpm.setProfileOwner(admin, "owner-name", DpmMockContext.CALLER_USER_HANDLE)); 198 199 // Check 200 assertEquals(admin, dpm.getProfileOwnerAsUser(DpmMockContext.CALLER_USER_HANDLE)); 201 } 202 203 public void testHasNoFeature() throws Exception { 204 when(mContext.packageManager.hasSystemFeature(eq(PackageManager.FEATURE_DEVICE_ADMIN))) 205 .thenReturn(false); 206 207 LocalServices.removeServiceForTest(DevicePolicyManagerInternal.class); 208 new DevicePolicyManagerServiceTestable(mContext, dataDir); 209 210 // If the device has no DPMS feature, it shouldn't register the local service. 211 assertNull(LocalServices.getService(DevicePolicyManagerInternal.class)); 212 } 213 214 /** 215 * Caller doesn't have proper permissions. 216 */ 217 public void testSetActiveAdmin_SecurityException() { 218 // 1. Failure cases. 219 220 // Caller doesn't have MANAGE_DEVICE_ADMINS. 221 try { 222 dpm.setActiveAdmin(admin1, false); 223 fail("Didn't throw SecurityException"); 224 } catch (SecurityException expected) { 225 } 226 227 // Caller has MANAGE_DEVICE_ADMINS, but for different user. 228 mContext.callerPermissions.add(android.Manifest.permission.MANAGE_DEVICE_ADMINS); 229 try { 230 dpm.setActiveAdmin(admin1, false, DpmMockContext.CALLER_USER_HANDLE + 1); 231 fail("Didn't throw SecurityException"); 232 } catch (SecurityException expected) { 233 } 234 } 235 236 /** 237 * Test for: 238 * {@link DevicePolicyManager#setActiveAdmin} 239 * with replace=false and replace=true 240 * {@link DevicePolicyManager#isAdminActive} 241 * {@link DevicePolicyManager#isAdminActiveAsUser} 242 * {@link DevicePolicyManager#getActiveAdmins} 243 * {@link DevicePolicyManager#getActiveAdminsAsUser} 244 */ 245 public void testSetActiveAdmin() throws Exception { 246 // 1. Make sure the caller has proper permissions. 247 mContext.callerPermissions.add(android.Manifest.permission.MANAGE_DEVICE_ADMINS); 248 249 // 2. Call the API. 250 dpm.setActiveAdmin(admin1, /* replace =*/ false); 251 252 // 3. Verify internal calls. 253 254 // Check if the boradcast is sent. 255 verify(mContext.spiedContext).sendBroadcastAsUser( 256 MockUtils.checkIntentAction( 257 DevicePolicyManager.ACTION_DEVICE_POLICY_MANAGER_STATE_CHANGED), 258 MockUtils.checkUserHandle(DpmMockContext.CALLER_USER_HANDLE)); 259 verify(mContext.spiedContext).sendBroadcastAsUser( 260 MockUtils.checkIntentAction( 261 DeviceAdminReceiver.ACTION_DEVICE_ADMIN_ENABLED), 262 MockUtils.checkUserHandle(DpmMockContext.CALLER_USER_HANDLE)); 263 264 verify(mContext.ipackageManager, times(1)).setApplicationEnabledSetting( 265 eq(admin1.getPackageName()), 266 eq(PackageManager.COMPONENT_ENABLED_STATE_DEFAULT), 267 eq(PackageManager.DONT_KILL_APP), 268 eq(DpmMockContext.CALLER_USER_HANDLE), 269 anyString()); 270 271 // TODO Verify other calls too. 272 273 // Make sure it's active admin1. 274 assertTrue(dpm.isAdminActive(admin1)); 275 assertFalse(dpm.isAdminActive(admin2)); 276 assertFalse(dpm.isAdminActive(admin3)); 277 278 // But not admin1 for a different user. 279 280 // For this to work, caller needs android.permission.INTERACT_ACROSS_USERS_FULL. 281 // (Because we're checking a different user's status from CALLER_USER_HANDLE.) 282 mContext.callerPermissions.add("android.permission.INTERACT_ACROSS_USERS_FULL"); 283 284 assertFalse(dpm.isAdminActiveAsUser(admin1, DpmMockContext.CALLER_USER_HANDLE + 1)); 285 assertFalse(dpm.isAdminActiveAsUser(admin2, DpmMockContext.CALLER_USER_HANDLE + 1)); 286 287 mContext.callerPermissions.remove("android.permission.INTERACT_ACROSS_USERS_FULL"); 288 289 // Next, add one more admin. 290 // Before doing so, update the application info, now it's enabled. 291 setUpPackageManagerForAdmin(admin2, DpmMockContext.CALLER_UID, 292 PackageManager.COMPONENT_ENABLED_STATE_ENABLED); 293 294 dpm.setActiveAdmin(admin2, /* replace =*/ false); 295 296 // Now we have two admins. 297 assertTrue(dpm.isAdminActive(admin1)); 298 assertTrue(dpm.isAdminActive(admin2)); 299 assertFalse(dpm.isAdminActive(admin3)); 300 301 // Admin2 was already enabled, so setApplicationEnabledSetting() shouldn't have called 302 // again. (times(1) because it was previously called for admin1) 303 verify(mContext.ipackageManager, times(1)).setApplicationEnabledSetting( 304 eq(admin1.getPackageName()), 305 eq(PackageManager.COMPONENT_ENABLED_STATE_DEFAULT), 306 eq(PackageManager.DONT_KILL_APP), 307 eq(DpmMockContext.CALLER_USER_HANDLE), 308 anyString()); 309 310 // 4. Add the same admin1 again without replace, which should throw. 311 try { 312 dpm.setActiveAdmin(admin1, /* replace =*/ false); 313 fail("Didn't throw"); 314 } catch (IllegalArgumentException expected) { 315 } 316 317 // 5. Add the same admin1 again with replace, which should succeed. 318 dpm.setActiveAdmin(admin1, /* replace =*/ true); 319 320 // TODO make sure it's replaced. 321 322 // 6. Test getActiveAdmins() 323 List<ComponentName> admins = dpm.getActiveAdmins(); 324 assertEquals(2, admins.size()); 325 assertEquals(admin1, admins.get(0)); 326 assertEquals(admin2, admins.get(1)); 327 328 // Another user has no admins. 329 mContext.callerPermissions.add("android.permission.INTERACT_ACROSS_USERS_FULL"); 330 331 assertEquals(0, DpmTestUtils.getListSizeAllowingNull( 332 dpm.getActiveAdminsAsUser(DpmMockContext.CALLER_USER_HANDLE + 1))); 333 334 mContext.callerPermissions.remove("android.permission.INTERACT_ACROSS_USERS_FULL"); 335 } 336 337 public void testSetActiveAdmin_multiUsers() throws Exception { 338 339 final int ANOTHER_USER_ID = 100; 340 final int ANOTHER_ADMIN_UID = UserHandle.getUid(ANOTHER_USER_ID, 20456); 341 342 mMockContext.addUser(ANOTHER_USER_ID, 0); // Add one more user. 343 344 // Set up pacakge manager for the other user. 345 setUpPackageManagerForAdmin(admin2, ANOTHER_ADMIN_UID); 346 347 mContext.callerPermissions.add(android.Manifest.permission.MANAGE_DEVICE_ADMINS); 348 349 dpm.setActiveAdmin(admin1, /* replace =*/ false); 350 351 mMockContext.binder.callingUid = ANOTHER_ADMIN_UID; 352 dpm.setActiveAdmin(admin2, /* replace =*/ false); 353 354 355 mMockContext.binder.callingUid = DpmMockContext.CALLER_UID; 356 assertTrue(dpm.isAdminActive(admin1)); 357 assertFalse(dpm.isAdminActive(admin2)); 358 359 mMockContext.binder.callingUid = ANOTHER_ADMIN_UID; 360 assertFalse(dpm.isAdminActive(admin1)); 361 assertTrue(dpm.isAdminActive(admin2)); 362 } 363 364 /** 365 * Test for: 366 * {@link DevicePolicyManager#setActiveAdmin} 367 * with replace=false 368 */ 369 public void testSetActiveAdmin_twiceWithoutReplace() throws Exception { 370 // 1. Make sure the caller has proper permissions. 371 mContext.callerPermissions.add(android.Manifest.permission.MANAGE_DEVICE_ADMINS); 372 373 dpm.setActiveAdmin(admin1, /* replace =*/ false); 374 assertTrue(dpm.isAdminActive(admin1)); 375 376 // Add the same admin1 again without replace, which should throw. 377 try { 378 dpm.setActiveAdmin(admin1, /* replace =*/ false); 379 fail("Didn't throw"); 380 } catch (IllegalArgumentException expected) { 381 } 382 } 383 384 /** 385 * Test for: 386 * {@link DevicePolicyManager#setActiveAdmin} when the admin isn't protected with 387 * BIND_DEVICE_ADMIN. 388 */ 389 public void testSetActiveAdmin_permissionCheck() throws Exception { 390 // 1. Make sure the caller has proper permissions. 391 mContext.callerPermissions.add(android.Manifest.permission.MANAGE_DEVICE_ADMINS); 392 393 try { 394 dpm.setActiveAdmin(adminNoPerm, /* replace =*/ false); 395 fail(); 396 } catch (IllegalArgumentException expected) { 397 assertTrue(expected.getMessage().contains(permission.BIND_DEVICE_ADMIN)); 398 } 399 assertFalse(dpm.isAdminActive(adminNoPerm)); 400 401 // Change the target API level to MNC. Now it can be set as DA. 402 setUpPackageManagerForAdmin(adminNoPerm, DpmMockContext.CALLER_UID, null, 403 VERSION_CODES.M); 404 dpm.setActiveAdmin(adminNoPerm, /* replace =*/ false); 405 assertTrue(dpm.isAdminActive(adminNoPerm)); 406 407 // TODO Test the "load from the file" case where DA will still be loaded even without 408 // BIND_DEVICE_ADMIN and target API is N. 409 } 410 411 /** 412 * Test for: 413 * {@link DevicePolicyManager#removeActiveAdmin} 414 */ 415 public void testRemoveActiveAdmin_SecurityException() { 416 mContext.callerPermissions.add(android.Manifest.permission.MANAGE_DEVICE_ADMINS); 417 418 // Add admin. 419 420 dpm.setActiveAdmin(admin1, /* replace =*/ false); 421 422 assertTrue(dpm.isAdminActive(admin1)); 423 424 assertFalse(dpm.isRemovingAdmin(admin1, DpmMockContext.CALLER_USER_HANDLE)); 425 426 // Directly call the DPMS method with a different userid, which should fail. 427 try { 428 dpms.removeActiveAdmin(admin1, DpmMockContext.CALLER_USER_HANDLE + 1); 429 fail("Didn't throw SecurityException"); 430 } catch (SecurityException expected) { 431 } 432 433 // Try to remove active admin with a different caller userid should fail too, without 434 // having MANAGE_DEVICE_ADMINS. 435 mContext.callerPermissions.clear(); 436 437 // Change the caller, and call into DPMS directly with a different user-id. 438 439 mContext.binder.callingUid = 1234567; 440 try { 441 dpms.removeActiveAdmin(admin1, DpmMockContext.CALLER_USER_HANDLE); 442 fail("Didn't throw SecurityException"); 443 } catch (SecurityException expected) { 444 } 445 } 446 447 /** 448 * {@link DevicePolicyManager#removeActiveAdmin} should fail with the user is not unlocked 449 * (because we can't send the remove broadcast). 450 */ 451 public void testRemoveActiveAdmin_userNotRunningOrLocked() { 452 mContext.callerPermissions.add(android.Manifest.permission.MANAGE_DEVICE_ADMINS); 453 454 mContext.binder.callingUid = DpmMockContext.CALLER_UID; 455 456 // Add admin. 457 458 dpm.setActiveAdmin(admin1, /* replace =*/ false); 459 460 assertTrue(dpm.isAdminActive(admin1)); 461 462 assertFalse(dpm.isRemovingAdmin(admin1, DpmMockContext.CALLER_USER_HANDLE)); 463 464 // 1. User not unlocked. 465 when(mContext.userManager.isUserUnlocked(eq(DpmMockContext.CALLER_USER_HANDLE))) 466 .thenReturn(false); 467 try { 468 dpm.removeActiveAdmin(admin1); 469 fail("Didn't throw IllegalStateException"); 470 } catch (IllegalStateException expected) { 471 MoreAsserts.assertContainsRegex( 472 "User must be running and unlocked", expected.getMessage()); 473 } 474 475 assertFalse(dpm.isRemovingAdmin(admin1, DpmMockContext.CALLER_USER_HANDLE)); 476 477 // 2. User unlocked. 478 when(mContext.userManager.isUserUnlocked(eq(DpmMockContext.CALLER_USER_HANDLE))) 479 .thenReturn(true); 480 481 dpm.removeActiveAdmin(admin1); 482 assertFalse(dpm.isAdminActiveAsUser(admin1, DpmMockContext.CALLER_USER_HANDLE)); 483 } 484 485 /** 486 * Test for: 487 * {@link DevicePolicyManager#removeActiveAdmin} 488 */ 489 public void testRemoveActiveAdmin_fromDifferentUserWithINTERACT_ACROSS_USERS_FULL() { 490 mContext.callerPermissions.add(android.Manifest.permission.MANAGE_DEVICE_ADMINS); 491 492 // Add admin1. 493 494 dpm.setActiveAdmin(admin1, /* replace =*/ false); 495 496 assertTrue(dpm.isAdminActive(admin1)); 497 assertFalse(dpm.isRemovingAdmin(admin1, DpmMockContext.CALLER_USER_HANDLE)); 498 499 // Different user, but should work, because caller has proper permissions. 500 mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS_FULL); 501 502 // Change the caller, and call into DPMS directly with a different user-id. 503 mContext.binder.callingUid = 1234567; 504 505 dpms.removeActiveAdmin(admin1, DpmMockContext.CALLER_USER_HANDLE); 506 assertFalse(dpm.isAdminActiveAsUser(admin1, DpmMockContext.CALLER_USER_HANDLE)); 507 508 // TODO DO Still can't be removed in this case. 509 } 510 511 /** 512 * Test for: 513 * {@link DevicePolicyManager#removeActiveAdmin} 514 */ 515 public void testRemoveActiveAdmin_sameUserNoMANAGE_DEVICE_ADMINS() { 516 // Need MANAGE_DEVICE_ADMINS for setActiveAdmin. We'll remove it later. 517 mContext.callerPermissions.add(android.Manifest.permission.MANAGE_DEVICE_ADMINS); 518 519 // Add admin1. 520 521 dpm.setActiveAdmin(admin1, /* replace =*/ false); 522 523 assertTrue(dpm.isAdminActive(admin1)); 524 assertFalse(dpm.isRemovingAdmin(admin1, DpmMockContext.CALLER_USER_HANDLE)); 525 526 // Broadcast from saveSettingsLocked(). 527 verify(mContext.spiedContext, times(1)).sendBroadcastAsUser( 528 MockUtils.checkIntentAction( 529 DevicePolicyManager.ACTION_DEVICE_POLICY_MANAGER_STATE_CHANGED), 530 MockUtils.checkUserHandle(DpmMockContext.CALLER_USER_HANDLE)); 531 532 // Remove. No permissions, but same user, so it'll work. 533 mContext.callerPermissions.clear(); 534 dpm.removeActiveAdmin(admin1); 535 536 verify(mContext.spiedContext).sendOrderedBroadcastAsUser( 537 MockUtils.checkIntentAction( 538 DeviceAdminReceiver.ACTION_DEVICE_ADMIN_DISABLED), 539 MockUtils.checkUserHandle(DpmMockContext.CALLER_USER_HANDLE), 540 isNull(String.class), 541 any(BroadcastReceiver.class), 542 eq(dpms.mHandler), 543 eq(Activity.RESULT_OK), 544 isNull(String.class), 545 isNull(Bundle.class)); 546 547 assertFalse(dpm.isAdminActiveAsUser(admin1, DpmMockContext.CALLER_USER_HANDLE)); 548 549 // Again broadcast from saveSettingsLocked(). 550 verify(mContext.spiedContext, times(2)).sendBroadcastAsUser( 551 MockUtils.checkIntentAction( 552 DevicePolicyManager.ACTION_DEVICE_POLICY_MANAGER_STATE_CHANGED), 553 MockUtils.checkUserHandle(DpmMockContext.CALLER_USER_HANDLE)); 554 555 // TODO Check other internal calls. 556 } 557 558 /** 559 * Test for: @{link DevicePolicyManager#setActivePasswordState} 560 * 561 * Validates that when the password for a user changes, the notification broadcast intent 562 * {@link DeviceAdminReceiver#ACTION_PASSWORD_CHANGED} is sent to managed profile owners, in 563 * addition to ones in the original user. 564 */ 565 public void testSetActivePasswordState_sendToProfiles() throws Exception { 566 mContext.callerPermissions.add(permission.BIND_DEVICE_ADMIN); 567 568 final int MANAGED_PROFILE_USER_ID = 78; 569 final int MANAGED_PROFILE_ADMIN_UID = 570 UserHandle.getUid(MANAGED_PROFILE_USER_ID, DpmMockContext.SYSTEM_UID); 571 572 // Setup device owner. 573 mContext.binder.callingUid = DpmMockContext.SYSTEM_UID; 574 mContext.packageName = admin1.getPackageName(); 575 setupDeviceOwner(); 576 577 // Add a managed profile belonging to the system user. 578 addManagedProfile(admin1, MANAGED_PROFILE_ADMIN_UID, admin1); 579 580 // Change the parent user's password. 581 dpm.reportPasswordChanged(UserHandle.USER_SYSTEM); 582 583 // Both the device owner and the managed profile owner should receive this broadcast. 584 final Intent intent = new Intent(DeviceAdminReceiver.ACTION_PASSWORD_CHANGED); 585 intent.setComponent(admin1); 586 intent.putExtra(Intent.EXTRA_USER, UserHandle.of(UserHandle.USER_SYSTEM)); 587 588 verify(mContext.spiedContext, times(1)).sendBroadcastAsUser( 589 MockUtils.checkIntent(intent), 590 MockUtils.checkUserHandle(UserHandle.USER_SYSTEM)); 591 verify(mContext.spiedContext, times(1)).sendBroadcastAsUser( 592 MockUtils.checkIntent(intent), 593 MockUtils.checkUserHandle(MANAGED_PROFILE_USER_ID)); 594 } 595 596 /** 597 * Test for: @{link DevicePolicyManager#setActivePasswordState} 598 * 599 * Validates that when the password for a managed profile changes, the notification broadcast 600 * intent {@link DeviceAdminReceiver#ACTION_PASSWORD_CHANGED} is only sent to the profile, not 601 * its parent. 602 */ 603 public void testSetActivePasswordState_notSentToParent() throws Exception { 604 mContext.callerPermissions.add(permission.BIND_DEVICE_ADMIN); 605 606 final int MANAGED_PROFILE_USER_ID = 78; 607 final int MANAGED_PROFILE_ADMIN_UID = 608 UserHandle.getUid(MANAGED_PROFILE_USER_ID, DpmMockContext.SYSTEM_UID); 609 610 // Setup device owner. 611 mContext.binder.callingUid = DpmMockContext.SYSTEM_UID; 612 mContext.packageName = admin1.getPackageName(); 613 doReturn(true).when(mContext.lockPatternUtils) 614 .isSeparateProfileChallengeEnabled(MANAGED_PROFILE_USER_ID); 615 setupDeviceOwner(); 616 617 // Add a managed profile belonging to the system user. 618 addManagedProfile(admin1, MANAGED_PROFILE_ADMIN_UID, admin1); 619 620 // Change the profile's password. 621 dpm.reportPasswordChanged(MANAGED_PROFILE_USER_ID); 622 623 // Both the device owner and the managed profile owner should receive this broadcast. 624 final Intent intent = new Intent(DeviceAdminReceiver.ACTION_PASSWORD_CHANGED); 625 intent.setComponent(admin1); 626 intent.putExtra(Intent.EXTRA_USER, UserHandle.of(MANAGED_PROFILE_USER_ID)); 627 628 verify(mContext.spiedContext, never()).sendBroadcastAsUser( 629 MockUtils.checkIntent(intent), 630 MockUtils.checkUserHandle(UserHandle.USER_SYSTEM)); 631 verify(mContext.spiedContext, times(1)).sendBroadcastAsUser( 632 MockUtils.checkIntent(intent), 633 MockUtils.checkUserHandle(MANAGED_PROFILE_USER_ID)); 634 } 635 /** 636 * Test for: {@link DevicePolicyManager#setDeviceOwner} DO on system user installs successfully. 637 */ 638 public void testSetDeviceOwner() throws Exception { 639 setDeviceOwner(); 640 641 // Try to set a profile owner on the same user, which should fail. 642 setUpPackageManagerForAdmin(admin2, DpmMockContext.CALLER_SYSTEM_USER_UID); 643 dpm.setActiveAdmin(admin2, /* refreshing= */ true, UserHandle.USER_SYSTEM); 644 try { 645 dpm.setProfileOwner(admin2, "owner-name", UserHandle.USER_SYSTEM); 646 fail("IllegalStateException not thrown"); 647 } catch (IllegalStateException expected) { 648 assertTrue("Message was: " + expected.getMessage(), 649 expected.getMessage().contains("already has a device owner")); 650 } 651 652 // DO admin can't be deactivated. 653 dpm.removeActiveAdmin(admin1); 654 assertTrue(dpm.isAdminActive(admin1)); 655 656 // TODO Test getDeviceOwnerName() too. To do so, we need to change 657 // DPMS.getApplicationLabel() because Context.createPackageContextAsUser() is not mockable. 658 } 659 660 private void setDeviceOwner() throws Exception { 661 mContext.callerPermissions.add(permission.MANAGE_DEVICE_ADMINS); 662 mContext.callerPermissions.add(permission.MANAGE_USERS); 663 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 664 mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS_FULL); 665 666 // In this test, change the caller user to "system". 667 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 668 669 // Make sure admin1 is installed on system user. 670 setUpPackageManagerForAdmin(admin1, DpmMockContext.CALLER_SYSTEM_USER_UID); 671 672 // Check various get APIs. 673 checkGetDeviceOwnerInfoApi(dpm, /* hasDeviceOwner =*/ false); 674 675 // DO needs to be an DA. 676 dpm.setActiveAdmin(admin1, /* replace =*/ false); 677 678 // Fire! 679 assertTrue(dpm.setDeviceOwner(admin1, "owner-name")); 680 681 // getDeviceOwnerComponent should return the admin1 component. 682 assertEquals(admin1, dpm.getDeviceOwnerComponentOnCallingUser()); 683 assertEquals(admin1, dpm.getDeviceOwnerComponentOnAnyUser()); 684 685 // Check various get APIs. 686 checkGetDeviceOwnerInfoApi(dpm, /* hasDeviceOwner =*/ true); 687 688 // getDeviceOwnerComponent should *NOT* return the admin1 component for other users. 689 mContext.binder.callingUid = DpmMockContext.CALLER_UID; 690 assertEquals(null, dpm.getDeviceOwnerComponentOnCallingUser()); 691 assertEquals(admin1, dpm.getDeviceOwnerComponentOnAnyUser()); 692 693 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 694 695 // Verify internal calls. 696 verify(mContext.iactivityManager, times(1)).updateDeviceOwner( 697 eq(admin1.getPackageName())); 698 699 // TODO We should check if the caller has called clearCallerIdentity(). 700 verify(mContext.ibackupManager, times(1)).setBackupServiceActive( 701 eq(UserHandle.USER_SYSTEM), eq(false)); 702 703 verify(mContext.spiedContext, times(1)).sendBroadcastAsUser( 704 MockUtils.checkIntentAction(DevicePolicyManager.ACTION_DEVICE_OWNER_CHANGED), 705 MockUtils.checkUserHandle(UserHandle.USER_SYSTEM)); 706 707 assertEquals(admin1, dpm.getDeviceOwnerComponentOnAnyUser()); 708 } 709 710 private void checkGetDeviceOwnerInfoApi(DevicePolicyManager dpm, boolean hasDeviceOwner) { 711 final int origCallingUser = mContext.binder.callingUid; 712 final List origPermissions = new ArrayList(mContext.callerPermissions); 713 mContext.callerPermissions.clear(); 714 715 mContext.callerPermissions.add(permission.MANAGE_USERS); 716 717 mContext.binder.callingUid = Process.SYSTEM_UID; 718 719 // TODO Test getDeviceOwnerName() too. To do so, we need to change 720 // DPMS.getApplicationLabel() because Context.createPackageContextAsUser() is not mockable. 721 if (hasDeviceOwner) { 722 assertTrue(dpm.isDeviceOwnerApp(admin1.getPackageName())); 723 assertTrue(dpm.isDeviceOwnerAppOnCallingUser(admin1.getPackageName())); 724 assertEquals(admin1, dpm.getDeviceOwnerComponentOnCallingUser()); 725 726 assertTrue(dpm.isDeviceOwnerAppOnAnyUser(admin1.getPackageName())); 727 assertEquals(admin1, dpm.getDeviceOwnerComponentOnAnyUser()); 728 assertEquals(UserHandle.USER_SYSTEM, dpm.getDeviceOwnerUserId()); 729 } else { 730 assertFalse(dpm.isDeviceOwnerApp(admin1.getPackageName())); 731 assertFalse(dpm.isDeviceOwnerAppOnCallingUser(admin1.getPackageName())); 732 assertEquals(null, dpm.getDeviceOwnerComponentOnCallingUser()); 733 734 assertFalse(dpm.isDeviceOwnerAppOnAnyUser(admin1.getPackageName())); 735 assertEquals(null, dpm.getDeviceOwnerComponentOnAnyUser()); 736 assertEquals(UserHandle.USER_NULL, dpm.getDeviceOwnerUserId()); 737 } 738 739 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 740 if (hasDeviceOwner) { 741 assertTrue(dpm.isDeviceOwnerApp(admin1.getPackageName())); 742 assertTrue(dpm.isDeviceOwnerAppOnCallingUser(admin1.getPackageName())); 743 assertEquals(admin1, dpm.getDeviceOwnerComponentOnCallingUser()); 744 745 assertTrue(dpm.isDeviceOwnerAppOnAnyUser(admin1.getPackageName())); 746 assertEquals(admin1, dpm.getDeviceOwnerComponentOnAnyUser()); 747 assertEquals(UserHandle.USER_SYSTEM, dpm.getDeviceOwnerUserId()); 748 } else { 749 assertFalse(dpm.isDeviceOwnerApp(admin1.getPackageName())); 750 assertFalse(dpm.isDeviceOwnerAppOnCallingUser(admin1.getPackageName())); 751 assertEquals(null, dpm.getDeviceOwnerComponentOnCallingUser()); 752 753 assertFalse(dpm.isDeviceOwnerAppOnAnyUser(admin1.getPackageName())); 754 assertEquals(null, dpm.getDeviceOwnerComponentOnAnyUser()); 755 assertEquals(UserHandle.USER_NULL, dpm.getDeviceOwnerUserId()); 756 } 757 758 mContext.binder.callingUid = DpmMockContext.CALLER_UID; 759 // Still with MANAGE_USERS. 760 assertFalse(dpm.isDeviceOwnerApp(admin1.getPackageName())); 761 assertFalse(dpm.isDeviceOwnerAppOnCallingUser(admin1.getPackageName())); 762 assertEquals(null, dpm.getDeviceOwnerComponentOnCallingUser()); 763 764 if (hasDeviceOwner) { 765 assertTrue(dpm.isDeviceOwnerAppOnAnyUser(admin1.getPackageName())); 766 assertEquals(admin1, dpm.getDeviceOwnerComponentOnAnyUser()); 767 assertEquals(UserHandle.USER_SYSTEM, dpm.getDeviceOwnerUserId()); 768 } else { 769 assertFalse(dpm.isDeviceOwnerAppOnAnyUser(admin1.getPackageName())); 770 assertEquals(null, dpm.getDeviceOwnerComponentOnAnyUser()); 771 assertEquals(UserHandle.USER_NULL, dpm.getDeviceOwnerUserId()); 772 } 773 774 mContext.binder.callingUid = Process.SYSTEM_UID; 775 mContext.callerPermissions.remove(permission.MANAGE_USERS); 776 // System can still call "OnAnyUser" without MANAGE_USERS. 777 if (hasDeviceOwner) { 778 assertTrue(dpm.isDeviceOwnerApp(admin1.getPackageName())); 779 assertTrue(dpm.isDeviceOwnerAppOnCallingUser(admin1.getPackageName())); 780 assertEquals(admin1, dpm.getDeviceOwnerComponentOnCallingUser()); 781 782 assertTrue(dpm.isDeviceOwnerAppOnAnyUser(admin1.getPackageName())); 783 assertEquals(admin1, dpm.getDeviceOwnerComponentOnAnyUser()); 784 assertEquals(UserHandle.USER_SYSTEM, dpm.getDeviceOwnerUserId()); 785 } else { 786 assertFalse(dpm.isDeviceOwnerApp(admin1.getPackageName())); 787 assertFalse(dpm.isDeviceOwnerAppOnCallingUser(admin1.getPackageName())); 788 assertEquals(null, dpm.getDeviceOwnerComponentOnCallingUser()); 789 790 assertFalse(dpm.isDeviceOwnerAppOnAnyUser(admin1.getPackageName())); 791 assertEquals(null, dpm.getDeviceOwnerComponentOnAnyUser()); 792 assertEquals(UserHandle.USER_NULL, dpm.getDeviceOwnerUserId()); 793 } 794 795 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 796 // Still no MANAGE_USERS. 797 if (hasDeviceOwner) { 798 assertTrue(dpm.isDeviceOwnerApp(admin1.getPackageName())); 799 assertTrue(dpm.isDeviceOwnerAppOnCallingUser(admin1.getPackageName())); 800 assertEquals(admin1, dpm.getDeviceOwnerComponentOnCallingUser()); 801 } else { 802 assertFalse(dpm.isDeviceOwnerApp(admin1.getPackageName())); 803 assertFalse(dpm.isDeviceOwnerAppOnCallingUser(admin1.getPackageName())); 804 assertEquals(null, dpm.getDeviceOwnerComponentOnCallingUser()); 805 } 806 807 try { 808 dpm.isDeviceOwnerAppOnAnyUser(admin1.getPackageName()); 809 fail(); 810 } catch (SecurityException expected) { 811 } 812 try { 813 dpm.getDeviceOwnerComponentOnAnyUser(); 814 fail(); 815 } catch (SecurityException expected) { 816 } 817 try { 818 dpm.getDeviceOwnerUserId(); 819 fail(); 820 } catch (SecurityException expected) { 821 } 822 try { 823 dpm.getDeviceOwnerNameOnAnyUser(); 824 fail(); 825 } catch (SecurityException expected) { 826 } 827 828 mContext.binder.callingUid = DpmMockContext.CALLER_UID; 829 // Still no MANAGE_USERS. 830 assertFalse(dpm.isDeviceOwnerApp(admin1.getPackageName())); 831 assertFalse(dpm.isDeviceOwnerAppOnCallingUser(admin1.getPackageName())); 832 assertEquals(null, dpm.getDeviceOwnerComponentOnCallingUser()); 833 834 try { 835 dpm.isDeviceOwnerAppOnAnyUser(admin1.getPackageName()); 836 fail(); 837 } catch (SecurityException expected) { 838 } 839 try { 840 dpm.getDeviceOwnerComponentOnAnyUser(); 841 fail(); 842 } catch (SecurityException expected) { 843 } 844 try { 845 dpm.getDeviceOwnerUserId(); 846 fail(); 847 } catch (SecurityException expected) { 848 } 849 try { 850 dpm.getDeviceOwnerNameOnAnyUser(); 851 fail(); 852 } catch (SecurityException expected) { 853 } 854 855 // Restore. 856 mContext.binder.callingUid = origCallingUser; 857 mContext.callerPermissions.addAll(origPermissions); 858 } 859 860 861 /** 862 * Test for: {@link DevicePolicyManager#setDeviceOwner} Package doesn't exist. 863 */ 864 public void testSetDeviceOwner_noSuchPackage() { 865 mContext.callerPermissions.add(permission.MANAGE_DEVICE_ADMINS); 866 mContext.callerPermissions.add(permission.MANAGE_USERS); 867 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 868 mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS_FULL); 869 870 // Call from a process on the system user. 871 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 872 873 try { 874 dpm.setDeviceOwner(new ComponentName("a.b.c", ".def")); 875 fail("Didn't throw IllegalArgumentException"); 876 } catch (IllegalArgumentException expected) { 877 assertTrue("Message was: " + expected.getMessage(), 878 expected.getMessage().contains("Invalid component")); 879 } 880 } 881 882 public void testSetDeviceOwner_failures() throws Exception { 883 // TODO Test more failure cases. Basically test all chacks in enforceCanSetDeviceOwner(). 884 } 885 886 public void testClearDeviceOwner() throws Exception { 887 mContext.callerPermissions.add(permission.MANAGE_DEVICE_ADMINS); 888 mContext.callerPermissions.add(permission.MANAGE_USERS); 889 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 890 mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS_FULL); 891 892 // Set admin1 as a DA to the secondary user. 893 setUpPackageManagerForAdmin(admin1, DpmMockContext.CALLER_UID); 894 895 dpm.setActiveAdmin(admin1, /* replace =*/ false); 896 897 // Set admin 1 as the DO to the system user. 898 899 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 900 setUpPackageManagerForAdmin(admin1, DpmMockContext.CALLER_SYSTEM_USER_UID); 901 dpm.setActiveAdmin(admin1, /* replace =*/ false); 902 assertTrue(dpm.setDeviceOwner(admin1, "owner-name")); 903 904 // Verify internal calls. 905 verify(mContext.iactivityManager, times(1)).updateDeviceOwner( 906 eq(admin1.getPackageName())); 907 908 assertEquals(admin1, dpm.getDeviceOwnerComponentOnAnyUser()); 909 910 dpm.addUserRestriction(admin1, UserManager.DISALLOW_ADD_USER); 911 912 assertTrue(dpm.isAdminActive(admin1)); 913 assertFalse(dpm.isRemovingAdmin(admin1, UserHandle.USER_SYSTEM)); 914 915 // Set up other mocks. 916 when(mContext.userManager.getUserRestrictions()).thenReturn(new Bundle()); 917 918 // Now call clear. 919 doReturn(DpmMockContext.CALLER_SYSTEM_USER_UID).when(mContext.packageManager).getPackageUidAsUser( 920 eq(admin1.getPackageName()), 921 anyInt()); 922 923 // But first pretend the user is locked. Then it should fail. 924 when(mContext.userManager.isUserUnlocked(anyInt())).thenReturn(false); 925 try { 926 dpm.clearDeviceOwnerApp(admin1.getPackageName()); 927 fail("Didn't throw IllegalStateException"); 928 } catch (IllegalStateException expected) { 929 MoreAsserts.assertContainsRegex( 930 "User must be running and unlocked", expected.getMessage()); 931 } 932 933 when(mContext.userManager.isUserUnlocked(anyInt())).thenReturn(true); 934 reset(mContext.userManagerInternal); 935 dpm.clearDeviceOwnerApp(admin1.getPackageName()); 936 937 // Now DO shouldn't be set. 938 assertNull(dpm.getDeviceOwnerComponentOnAnyUser()); 939 940 verify(mContext.userManagerInternal).setDevicePolicyUserRestrictions( 941 eq(UserHandle.USER_SYSTEM), 942 eq(null), 943 eq(true), eq(CAMERA_NOT_DISABLED)); 944 945 assertFalse(dpm.isAdminActiveAsUser(admin1, UserHandle.USER_SYSTEM)); 946 947 // ACTION_DEVICE_OWNER_CHANGED should be sent twice, once for setting the device owner 948 // and once for clearing it. 949 verify(mContext.spiedContext, times(2)).sendBroadcastAsUser( 950 MockUtils.checkIntentAction(DevicePolicyManager.ACTION_DEVICE_OWNER_CHANGED), 951 MockUtils.checkUserHandle(UserHandle.USER_SYSTEM)); 952 // TODO Check other calls. 953 } 954 955 public void testClearDeviceOwner_fromDifferentUser() throws Exception { 956 mContext.callerPermissions.add(permission.MANAGE_DEVICE_ADMINS); 957 mContext.callerPermissions.add(permission.MANAGE_USERS); 958 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 959 mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS_FULL); 960 961 // Set admin1 as a DA to the secondary user. 962 setUpPackageManagerForAdmin(admin1, DpmMockContext.CALLER_UID); 963 964 dpm.setActiveAdmin(admin1, /* replace =*/ false); 965 966 // Set admin 1 as the DO to the system user. 967 968 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 969 setUpPackageManagerForAdmin(admin1, DpmMockContext.CALLER_SYSTEM_USER_UID); 970 dpm.setActiveAdmin(admin1, /* replace =*/ false); 971 assertTrue(dpm.setDeviceOwner(admin1, "owner-name")); 972 973 // Verify internal calls. 974 verify(mContext.iactivityManager, times(1)).updateDeviceOwner( 975 eq(admin1.getPackageName())); 976 977 assertEquals(admin1, dpm.getDeviceOwnerComponentOnAnyUser()); 978 979 // Now call clear from the secondary user, which should throw. 980 mContext.binder.callingUid = DpmMockContext.CALLER_UID; 981 982 // Now call clear. 983 doReturn(DpmMockContext.CALLER_UID).when(mContext.packageManager).getPackageUidAsUser( 984 eq(admin1.getPackageName()), 985 anyInt()); 986 try { 987 dpm.clearDeviceOwnerApp(admin1.getPackageName()); 988 fail("Didn't throw"); 989 } catch (SecurityException e) { 990 assertEquals("clearDeviceOwner can only be called by the device owner", e.getMessage()); 991 } 992 993 // DO shouldn't be removed. 994 assertTrue(dpm.isDeviceManaged()); 995 } 996 997 public void testSetProfileOwner() throws Exception { 998 setAsProfileOwner(admin1); 999 1000 // PO admin can't be deactivated. 1001 dpm.removeActiveAdmin(admin1); 1002 assertTrue(dpm.isAdminActive(admin1)); 1003 1004 // Try setting DO on the same user, which should fail. 1005 setUpPackageManagerForAdmin(admin2, DpmMockContext.CALLER_UID); 1006 dpm.setActiveAdmin(admin2, /* refreshing= */ true, DpmMockContext.CALLER_USER_HANDLE); 1007 try { 1008 dpm.setDeviceOwner(admin2, "owner-name", DpmMockContext.CALLER_USER_HANDLE); 1009 fail("IllegalStateException not thrown"); 1010 } catch (IllegalStateException expected) { 1011 assertTrue("Message was: " + expected.getMessage(), 1012 expected.getMessage().contains("already has a profile owner")); 1013 } 1014 } 1015 1016 public void testClearProfileOwner() throws Exception { 1017 setAsProfileOwner(admin1); 1018 1019 mContext.binder.callingUid = DpmMockContext.CALLER_UID; 1020 1021 assertTrue(dpm.isProfileOwnerApp(admin1.getPackageName())); 1022 assertFalse(dpm.isRemovingAdmin(admin1, DpmMockContext.CALLER_USER_HANDLE)); 1023 1024 // First try when the user is locked, which should fail. 1025 when(mContext.userManager.isUserUnlocked(anyInt())) 1026 .thenReturn(false); 1027 try { 1028 dpm.clearProfileOwner(admin1); 1029 fail("Didn't throw IllegalStateException"); 1030 } catch (IllegalStateException expected) { 1031 MoreAsserts.assertContainsRegex( 1032 "User must be running and unlocked", expected.getMessage()); 1033 } 1034 // Clear, really. 1035 when(mContext.userManager.isUserUnlocked(anyInt())) 1036 .thenReturn(true); 1037 dpm.clearProfileOwner(admin1); 1038 1039 // Check 1040 assertFalse(dpm.isProfileOwnerApp(admin1.getPackageName())); 1041 assertFalse(dpm.isAdminActiveAsUser(admin1, DpmMockContext.CALLER_USER_HANDLE)); 1042 } 1043 1044 public void testSetProfileOwner_failures() throws Exception { 1045 // TODO Test more failure cases. Basically test all chacks in enforceCanSetProfileOwner(). 1046 } 1047 1048 public void testGetDeviceOwnerAdminLocked() throws Exception { 1049 checkDeviceOwnerWithMultipleDeviceAdmins(); 1050 } 1051 1052 private void checkDeviceOwnerWithMultipleDeviceAdmins() throws Exception { 1053 // In ths test, we use 3 users (system + 2 secondary users), set some device admins to them, 1054 // set admin2 on CALLER_USER_HANDLE as DO, then call getDeviceOwnerAdminLocked() to 1055 // make sure it gets the right component from the right user. 1056 1057 final int ANOTHER_USER_ID = 100; 1058 final int ANOTHER_ADMIN_UID = UserHandle.getUid(ANOTHER_USER_ID, 456); 1059 1060 mMockContext.addUser(ANOTHER_USER_ID, 0); // Add one more user. 1061 1062 mContext.callerPermissions.add(permission.MANAGE_DEVICE_ADMINS); 1063 mContext.callerPermissions.add(permission.MANAGE_USERS); 1064 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 1065 mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS_FULL); 1066 1067 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 1068 1069 when(mContext.userManagerForMock.isSplitSystemUser()).thenReturn(true); 1070 1071 // Make sure the admin packge is installed to each user. 1072 setUpPackageManagerForAdmin(admin1, DpmMockContext.CALLER_SYSTEM_USER_UID); 1073 setUpPackageManagerForAdmin(admin3, DpmMockContext.CALLER_SYSTEM_USER_UID); 1074 1075 setUpPackageManagerForAdmin(admin1, DpmMockContext.CALLER_UID); 1076 setUpPackageManagerForAdmin(admin2, DpmMockContext.CALLER_UID); 1077 1078 setUpPackageManagerForAdmin(admin2, ANOTHER_ADMIN_UID); 1079 1080 1081 // Set active admins to the users. 1082 dpm.setActiveAdmin(admin1, /* replace =*/ false); 1083 dpm.setActiveAdmin(admin3, /* replace =*/ false); 1084 1085 dpm.setActiveAdmin(admin1, /* replace =*/ false, DpmMockContext.CALLER_USER_HANDLE); 1086 dpm.setActiveAdmin(admin2, /* replace =*/ false, DpmMockContext.CALLER_USER_HANDLE); 1087 1088 dpm.setActiveAdmin(admin2, /* replace =*/ false, ANOTHER_USER_ID); 1089 1090 // Set DO on the first non-system user. 1091 mContext.setUserRunning(DpmMockContext.CALLER_USER_HANDLE, true); 1092 assertTrue(dpm.setDeviceOwner(admin2, "owner-name", DpmMockContext.CALLER_USER_HANDLE)); 1093 1094 assertEquals(admin2, dpms.getDeviceOwnerComponent(/* callingUserOnly =*/ false)); 1095 1096 // Then check getDeviceOwnerAdminLocked(). 1097 assertEquals(admin2, dpms.getDeviceOwnerAdminLocked().info.getComponent()); 1098 assertEquals(DpmMockContext.CALLER_UID, dpms.getDeviceOwnerAdminLocked().getUid()); 1099 } 1100 1101 /** 1102 * This essentially tests 1103 * {@code DevicePolicyManagerService.findOwnerComponentIfNecessaryLocked()}. (which is 1104 * private.) 1105 * 1106 * We didn't use to persist the DO component class name, but now we do, and the above method 1107 * finds the right component from a package name upon migration. 1108 */ 1109 public void testDeviceOwnerMigration() throws Exception { 1110 when(mContext.userManagerForMock.isSplitSystemUser()).thenReturn(true); 1111 checkDeviceOwnerWithMultipleDeviceAdmins(); 1112 1113 // Overwrite the device owner setting and clears the clas name. 1114 dpms.mOwners.setDeviceOwner( 1115 new ComponentName(admin2.getPackageName(), ""), 1116 "owner-name", DpmMockContext.CALLER_USER_HANDLE); 1117 dpms.mOwners.writeDeviceOwner(); 1118 1119 // Make sure the DO component name doesn't have a class name. 1120 assertEquals("", dpms.getDeviceOwnerComponent(/* callingUserOnly =*/ false).getClassName()); 1121 1122 // Then create a new DPMS to have it load the settings from files. 1123 when(mContext.userManager.getUserRestrictions(any(UserHandle.class))) 1124 .thenReturn(new Bundle()); 1125 initializeDpms(); 1126 1127 // Now the DO component name is a full name. 1128 // *BUT* because both admin1 and admin2 belong to the same package, we think admin1 is the 1129 // DO. 1130 assertEquals(admin1, dpms.getDeviceOwnerComponent(/* callingUserOnly =*/ false)); 1131 } 1132 1133 public void testSetGetApplicationRestriction() { 1134 setAsProfileOwner(admin1); 1135 mContext.packageName = admin1.getPackageName(); 1136 1137 { 1138 Bundle rest = new Bundle(); 1139 rest.putString("KEY_STRING", "Foo1"); 1140 dpm.setApplicationRestrictions(admin1, "pkg1", rest); 1141 } 1142 1143 { 1144 Bundle rest = new Bundle(); 1145 rest.putString("KEY_STRING", "Foo2"); 1146 dpm.setApplicationRestrictions(admin1, "pkg2", rest); 1147 } 1148 1149 { 1150 Bundle returned = dpm.getApplicationRestrictions(admin1, "pkg1"); 1151 assertNotNull(returned); 1152 assertEquals(returned.size(), 1); 1153 assertEquals(returned.get("KEY_STRING"), "Foo1"); 1154 } 1155 1156 { 1157 Bundle returned = dpm.getApplicationRestrictions(admin1, "pkg2"); 1158 assertNotNull(returned); 1159 assertEquals(returned.size(), 1); 1160 assertEquals(returned.get("KEY_STRING"), "Foo2"); 1161 } 1162 1163 dpm.setApplicationRestrictions(admin1, "pkg2", new Bundle()); 1164 assertEquals(0, dpm.getApplicationRestrictions(admin1, "pkg2").size()); 1165 } 1166 1167 /** 1168 * Setup a package in the package manager mock. Useful for faking installed applications. 1169 * 1170 * @param packageName the name of the package to be setup 1171 * @param appId the application ID to be given to the package 1172 * @return the UID of the package as known by the mock package manager 1173 */ 1174 private int setupPackageInPackageManager(final String packageName, final int appId) 1175 throws Exception { 1176 // Make the PackageManager return the package instead of throwing a NameNotFoundException 1177 final PackageInfo pi = new PackageInfo(); 1178 pi.applicationInfo = new ApplicationInfo(); 1179 pi.applicationInfo.flags = ApplicationInfo.FLAG_HAS_CODE; 1180 doReturn(pi).when(mContext.ipackageManager).getPackageInfo( 1181 eq(packageName), 1182 anyInt(), 1183 eq(DpmMockContext.CALLER_USER_HANDLE)); 1184 // Setup application UID with the PackageManager 1185 final int uid = UserHandle.getUid(DpmMockContext.CALLER_USER_HANDLE, appId); 1186 doReturn(uid).when(mContext.packageManager).getPackageUidAsUser( 1187 eq(packageName), 1188 eq(DpmMockContext.CALLER_USER_HANDLE)); 1189 // Associate packageName to uid 1190 doReturn(packageName).when(mContext.ipackageManager).getNameForUid(eq(uid)); 1191 doReturn(new String[]{packageName}) 1192 .when(mContext.ipackageManager).getPackagesForUid(eq(uid)); 1193 return uid; 1194 } 1195 1196 /** 1197 * Simple test for delegate set/get and general delegation. Tests verifying that delegated 1198 * privileges can acually be exercised by a delegate are not covered here. 1199 */ 1200 public void testDelegation() throws Exception { 1201 setAsProfileOwner(admin1); 1202 1203 final int userHandle = DpmMockContext.CALLER_USER_HANDLE; 1204 1205 // Given two packages 1206 final String CERT_DELEGATE = "com.delegate.certs"; 1207 final String RESTRICTIONS_DELEGATE = "com.delegate.apprestrictions"; 1208 final int CERT_DELEGATE_UID = setupPackageInPackageManager(CERT_DELEGATE, 20988); 1209 final int RESTRICTIONS_DELEGATE_UID = setupPackageInPackageManager(RESTRICTIONS_DELEGATE, 1210 20989); 1211 1212 // On delegation 1213 mContext.binder.callingUid = DpmMockContext.CALLER_UID; 1214 mContext.packageName = admin1.getPackageName(); 1215 dpm.setCertInstallerPackage(admin1, CERT_DELEGATE); 1216 dpm.setApplicationRestrictionsManagingPackage(admin1, RESTRICTIONS_DELEGATE); 1217 1218 // DPMS correctly stores and retrieves the delegates 1219 DevicePolicyManagerService.DevicePolicyData policy = dpms.mUserData.get(userHandle); 1220 assertEquals(2, policy.mDelegationMap.size()); 1221 MoreAsserts.assertContentsInAnyOrder(policy.mDelegationMap.get(CERT_DELEGATE), 1222 DELEGATION_CERT_INSTALL); 1223 MoreAsserts.assertContentsInAnyOrder(dpm.getDelegatedScopes(admin1, CERT_DELEGATE), 1224 DELEGATION_CERT_INSTALL); 1225 assertEquals(CERT_DELEGATE, dpm.getCertInstallerPackage(admin1)); 1226 MoreAsserts.assertContentsInAnyOrder(policy.mDelegationMap.get(RESTRICTIONS_DELEGATE), 1227 DELEGATION_APP_RESTRICTIONS); 1228 MoreAsserts.assertContentsInAnyOrder(dpm.getDelegatedScopes(admin1, RESTRICTIONS_DELEGATE), 1229 DELEGATION_APP_RESTRICTIONS); 1230 assertEquals(RESTRICTIONS_DELEGATE, dpm.getApplicationRestrictionsManagingPackage(admin1)); 1231 1232 // On calling install certificate APIs from an unauthorized process 1233 mContext.binder.callingUid = RESTRICTIONS_DELEGATE_UID; 1234 mContext.packageName = RESTRICTIONS_DELEGATE; 1235 1236 // DPMS throws a SecurityException 1237 try { 1238 dpm.installCaCert(null, null); 1239 fail("Didn't throw SecurityException on unauthorized access"); 1240 } catch (SecurityException expected) { 1241 } 1242 1243 // On calling install certificate APIs from an authorized process 1244 mContext.binder.callingUid = CERT_DELEGATE_UID; 1245 mContext.packageName = CERT_DELEGATE; 1246 1247 // DPMS executes without a SecurityException 1248 try { 1249 dpm.installCaCert(null, null); 1250 } catch (SecurityException unexpected) { 1251 fail("Threw SecurityException on authorized access"); 1252 } catch (NullPointerException expected) { 1253 } 1254 1255 // On removing a delegate 1256 mContext.binder.callingUid = DpmMockContext.CALLER_UID; 1257 mContext.packageName = admin1.getPackageName(); 1258 dpm.setCertInstallerPackage(admin1, null); 1259 1260 // DPMS does not allow access to ex-delegate 1261 mContext.binder.callingUid = CERT_DELEGATE_UID; 1262 mContext.packageName = CERT_DELEGATE; 1263 try { 1264 dpm.installCaCert(null, null); 1265 fail("Didn't throw SecurityException on unauthorized access"); 1266 } catch (SecurityException expected) { 1267 } 1268 1269 // But still allows access to other existing delegates 1270 mContext.binder.callingUid = RESTRICTIONS_DELEGATE_UID; 1271 mContext.packageName = RESTRICTIONS_DELEGATE; 1272 try { 1273 dpm.getApplicationRestrictions(null, "pkg"); 1274 } catch (SecurityException expected) { 1275 fail("Threw SecurityException on authorized access"); 1276 } 1277 } 1278 1279 public void testApplicationRestrictionsManagingApp() throws Exception { 1280 setAsProfileOwner(admin1); 1281 1282 final String nonExistAppRestrictionsManagerPackage = "com.google.app.restrictions.manager2"; 1283 final String appRestrictionsManagerPackage = "com.google.app.restrictions.manager"; 1284 final int appRestrictionsManagerAppId = 20987; 1285 final int appRestrictionsManagerUid = setupPackageInPackageManager( 1286 appRestrictionsManagerPackage, appRestrictionsManagerAppId); 1287 1288 // appRestrictionsManager package shouldn't be able to manage restrictions as the PO hasn't 1289 // delegated that permission yet. 1290 mContext.binder.callingUid = DpmMockContext.CALLER_UID; 1291 mContext.packageName = admin1.getPackageName(); 1292 assertFalse(dpm.isCallerApplicationRestrictionsManagingPackage()); 1293 Bundle rest = new Bundle(); 1294 rest.putString("KEY_STRING", "Foo1"); 1295 try { 1296 dpm.setApplicationRestrictions(null, "pkg1", rest); 1297 fail("Didn't throw expected SecurityException"); 1298 } catch (SecurityException expected) { 1299 MoreAsserts.assertContainsRegex( 1300 "Caller with uid \\d+ is not a delegate of scope delegation-app-restrictions.", 1301 expected.getMessage()); 1302 } 1303 try { 1304 dpm.getApplicationRestrictions(null, "pkg1"); 1305 fail("Didn't throw expected SecurityException"); 1306 } catch (SecurityException expected) { 1307 MoreAsserts.assertContainsRegex( 1308 "Caller with uid \\d+ is not a delegate of scope delegation-app-restrictions.", 1309 expected.getMessage()); 1310 } 1311 1312 // Check via the profile owner that no restrictions were set. 1313 mContext.binder.callingUid = DpmMockContext.CALLER_UID; 1314 mContext.packageName = admin1.getPackageName(); 1315 assertEquals(0, dpm.getApplicationRestrictions(admin1, "pkg1").size()); 1316 1317 // Check the API does not allow setting a non-existent package 1318 try { 1319 dpm.setApplicationRestrictionsManagingPackage(admin1, 1320 nonExistAppRestrictionsManagerPackage); 1321 fail("Non-existent app set as app restriction manager."); 1322 } catch (PackageManager.NameNotFoundException expected) { 1323 MoreAsserts.assertContainsRegex( 1324 nonExistAppRestrictionsManagerPackage, expected.getMessage()); 1325 } 1326 1327 // Let appRestrictionsManagerPackage manage app restrictions 1328 dpm.setApplicationRestrictionsManagingPackage(admin1, appRestrictionsManagerPackage); 1329 assertEquals(appRestrictionsManagerPackage, 1330 dpm.getApplicationRestrictionsManagingPackage(admin1)); 1331 1332 // Now that package should be able to set and retrieve app restrictions. 1333 mContext.binder.callingUid = appRestrictionsManagerUid; 1334 mContext.packageName = appRestrictionsManagerPackage; 1335 assertTrue(dpm.isCallerApplicationRestrictionsManagingPackage()); 1336 dpm.setApplicationRestrictions(null, "pkg1", rest); 1337 Bundle returned = dpm.getApplicationRestrictions(null, "pkg1"); 1338 assertEquals(1, returned.size(), 1); 1339 assertEquals("Foo1", returned.get("KEY_STRING")); 1340 1341 // The same app running on a separate user shouldn't be able to manage app restrictions. 1342 mContext.binder.callingUid = UserHandle.getUid( 1343 UserHandle.USER_SYSTEM, appRestrictionsManagerAppId); 1344 assertFalse(dpm.isCallerApplicationRestrictionsManagingPackage()); 1345 try { 1346 dpm.setApplicationRestrictions(null, "pkg1", rest); 1347 fail("Didn't throw expected SecurityException"); 1348 } catch (SecurityException expected) { 1349 MoreAsserts.assertContainsRegex( 1350 "Caller with uid \\d+ is not a delegate of scope delegation-app-restrictions.", 1351 expected.getMessage()); 1352 } 1353 1354 // The DPM is still able to manage app restrictions, even if it allowed another app to do it 1355 // too. 1356 mContext.binder.callingUid = DpmMockContext.CALLER_UID; 1357 mContext.packageName = admin1.getPackageName(); 1358 assertEquals(returned, dpm.getApplicationRestrictions(admin1, "pkg1")); 1359 dpm.setApplicationRestrictions(admin1, "pkg1", null); 1360 assertEquals(0, dpm.getApplicationRestrictions(admin1, "pkg1").size()); 1361 1362 // Removing the ability for the package to manage app restrictions. 1363 dpm.setApplicationRestrictionsManagingPackage(admin1, null); 1364 assertNull(dpm.getApplicationRestrictionsManagingPackage(admin1)); 1365 mContext.binder.callingUid = appRestrictionsManagerUid; 1366 mContext.packageName = appRestrictionsManagerPackage; 1367 assertFalse(dpm.isCallerApplicationRestrictionsManagingPackage()); 1368 try { 1369 dpm.setApplicationRestrictions(null, "pkg1", null); 1370 fail("Didn't throw expected SecurityException"); 1371 } catch (SecurityException expected) { 1372 MoreAsserts.assertContainsRegex( 1373 "Caller with uid \\d+ is not a delegate of scope delegation-app-restrictions.", 1374 expected.getMessage()); 1375 } 1376 } 1377 1378 public void testSetUserRestriction_asDo() throws Exception { 1379 mContext.callerPermissions.add(permission.MANAGE_DEVICE_ADMINS); 1380 mContext.callerPermissions.add(permission.MANAGE_USERS); 1381 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 1382 mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS_FULL); 1383 1384 // First, set DO. 1385 1386 // Call from a process on the system user. 1387 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 1388 1389 // Make sure admin1 is installed on system user. 1390 setUpPackageManagerForAdmin(admin1, DpmMockContext.CALLER_SYSTEM_USER_UID); 1391 1392 // Call. 1393 dpm.setActiveAdmin(admin1, /* replace =*/ false, UserHandle.USER_SYSTEM); 1394 assertTrue(dpm.setDeviceOwner(admin1, "owner-name", 1395 UserHandle.USER_SYSTEM)); 1396 1397 // Check that the user restrictions that are enabled by default are set. Then unset them. 1398 String[] defaultRestrictions = UserRestrictionsUtils 1399 .getDefaultEnabledForDeviceOwner().toArray(new String[0]); 1400 DpmTestUtils.assertRestrictions( 1401 DpmTestUtils.newRestrictions(defaultRestrictions), 1402 dpms.getDeviceOwnerAdminLocked().ensureUserRestrictions() 1403 ); 1404 DpmTestUtils.assertRestrictions( 1405 DpmTestUtils.newRestrictions(defaultRestrictions), 1406 dpm.getUserRestrictions(admin1) 1407 ); 1408 verify(mContext.userManagerInternal).setDevicePolicyUserRestrictions( 1409 eq(UserHandle.USER_SYSTEM), 1410 MockUtils.checkUserRestrictions(defaultRestrictions), 1411 eq(true) /* isDeviceOwner */, 1412 eq(CAMERA_NOT_DISABLED) 1413 ); 1414 reset(mContext.userManagerInternal); 1415 1416 for (String restriction : defaultRestrictions) { 1417 dpm.clearUserRestriction(admin1, restriction); 1418 } 1419 1420 assertNoDeviceOwnerRestrictions(); 1421 reset(mContext.userManagerInternal); 1422 1423 dpm.addUserRestriction(admin1, UserManager.DISALLOW_ADD_USER); 1424 verify(mContext.userManagerInternal).setDevicePolicyUserRestrictions( 1425 eq(UserHandle.USER_SYSTEM), 1426 MockUtils.checkUserRestrictions(UserManager.DISALLOW_ADD_USER), 1427 eq(true), eq(CAMERA_NOT_DISABLED)); 1428 reset(mContext.userManagerInternal); 1429 1430 dpm.addUserRestriction(admin1, UserManager.DISALLOW_OUTGOING_CALLS); 1431 verify(mContext.userManagerInternal).setDevicePolicyUserRestrictions( 1432 eq(UserHandle.USER_SYSTEM), 1433 MockUtils.checkUserRestrictions(UserManager.DISALLOW_OUTGOING_CALLS, 1434 UserManager.DISALLOW_ADD_USER), 1435 eq(true), eq(CAMERA_NOT_DISABLED)); 1436 reset(mContext.userManagerInternal); 1437 1438 DpmTestUtils.assertRestrictions( 1439 DpmTestUtils.newRestrictions( 1440 UserManager.DISALLOW_ADD_USER, UserManager.DISALLOW_OUTGOING_CALLS), 1441 dpms.getDeviceOwnerAdminLocked().ensureUserRestrictions() 1442 ); 1443 DpmTestUtils.assertRestrictions( 1444 DpmTestUtils.newRestrictions( 1445 UserManager.DISALLOW_ADD_USER, UserManager.DISALLOW_OUTGOING_CALLS), 1446 dpm.getUserRestrictions(admin1) 1447 ); 1448 1449 dpm.clearUserRestriction(admin1, UserManager.DISALLOW_ADD_USER); 1450 verify(mContext.userManagerInternal).setDevicePolicyUserRestrictions( 1451 eq(UserHandle.USER_SYSTEM), 1452 MockUtils.checkUserRestrictions(UserManager.DISALLOW_OUTGOING_CALLS), 1453 eq(true), eq(CAMERA_NOT_DISABLED)); 1454 reset(mContext.userManagerInternal); 1455 1456 DpmTestUtils.assertRestrictions( 1457 DpmTestUtils.newRestrictions(UserManager.DISALLOW_OUTGOING_CALLS), 1458 dpms.getDeviceOwnerAdminLocked().ensureUserRestrictions() 1459 ); 1460 DpmTestUtils.assertRestrictions( 1461 DpmTestUtils.newRestrictions(UserManager.DISALLOW_OUTGOING_CALLS), 1462 dpm.getUserRestrictions(admin1) 1463 ); 1464 1465 dpm.clearUserRestriction(admin1, UserManager.DISALLOW_OUTGOING_CALLS); 1466 verify(mContext.userManagerInternal).setDevicePolicyUserRestrictions( 1467 eq(UserHandle.USER_SYSTEM), 1468 MockUtils.checkUserRestrictions(), 1469 eq(true), eq(CAMERA_NOT_DISABLED)); 1470 reset(mContext.userManagerInternal); 1471 1472 assertNoDeviceOwnerRestrictions(); 1473 1474 // DISALLOW_ADJUST_VOLUME and DISALLOW_UNMUTE_MICROPHONE are PO restrictions, but when 1475 // DO sets them, the scope is global. 1476 dpm.addUserRestriction(admin1, UserManager.DISALLOW_ADJUST_VOLUME); 1477 reset(mContext.userManagerInternal); 1478 dpm.addUserRestriction(admin1, UserManager.DISALLOW_UNMUTE_MICROPHONE); 1479 verify(mContext.userManagerInternal).setDevicePolicyUserRestrictions( 1480 eq(UserHandle.USER_SYSTEM), 1481 MockUtils.checkUserRestrictions(UserManager.DISALLOW_ADJUST_VOLUME, 1482 UserManager.DISALLOW_UNMUTE_MICROPHONE), 1483 eq(true), eq(CAMERA_NOT_DISABLED)); 1484 reset(mContext.userManagerInternal); 1485 1486 dpm.clearUserRestriction(admin1, UserManager.DISALLOW_ADJUST_VOLUME); 1487 dpm.clearUserRestriction(admin1, UserManager.DISALLOW_UNMUTE_MICROPHONE); 1488 reset(mContext.userManagerInternal); 1489 1490 // More tests. 1491 dpm.addUserRestriction(admin1, UserManager.DISALLOW_ADD_USER); 1492 verify(mContext.userManagerInternal).setDevicePolicyUserRestrictions( 1493 eq(UserHandle.USER_SYSTEM), 1494 MockUtils.checkUserRestrictions(UserManager.DISALLOW_ADD_USER), 1495 eq(true), eq(CAMERA_NOT_DISABLED)); 1496 reset(mContext.userManagerInternal); 1497 1498 dpm.addUserRestriction(admin1, UserManager.DISALLOW_FUN); 1499 verify(mContext.userManagerInternal).setDevicePolicyUserRestrictions( 1500 eq(UserHandle.USER_SYSTEM), 1501 MockUtils.checkUserRestrictions(UserManager.DISALLOW_FUN, 1502 UserManager.DISALLOW_ADD_USER), 1503 eq(true), eq(CAMERA_NOT_DISABLED)); 1504 reset(mContext.userManagerInternal); 1505 1506 dpm.setCameraDisabled(admin1, true); 1507 verify(mContext.userManagerInternal).setDevicePolicyUserRestrictions( 1508 eq(UserHandle.USER_SYSTEM), 1509 // DISALLOW_CAMERA will be applied to both local and global. 1510 MockUtils.checkUserRestrictions(UserManager.DISALLOW_FUN, 1511 UserManager.DISALLOW_ADD_USER), 1512 eq(true), eq(CAMERA_DISABLED_GLOBALLY)); 1513 reset(mContext.userManagerInternal); 1514 1515 // Set up another DA and let it disable camera. Now DISALLOW_CAMERA will only be applied 1516 // locally. 1517 dpm.setCameraDisabled(admin1, false); 1518 reset(mContext.userManagerInternal); 1519 1520 setUpPackageManagerForAdmin(admin2, DpmMockContext.CALLER_SYSTEM_USER_UID); 1521 dpm.setActiveAdmin(admin2, /* replace =*/ false, UserHandle.USER_SYSTEM); 1522 dpm.setCameraDisabled(admin2, true); 1523 1524 verify(mContext.userManagerInternal).setDevicePolicyUserRestrictions( 1525 eq(UserHandle.USER_SYSTEM), 1526 // DISALLOW_CAMERA will be applied to both local and global. <- TODO: fix this 1527 MockUtils.checkUserRestrictions(UserManager.DISALLOW_FUN, 1528 UserManager.DISALLOW_ADD_USER), 1529 eq(true), eq(CAMERA_DISABLED_LOCALLY)); 1530 reset(mContext.userManagerInternal); 1531 // TODO Make sure restrictions are written to the file. 1532 } 1533 1534 public void testSetUserRestriction_asPo() { 1535 setAsProfileOwner(admin1); 1536 1537 DpmTestUtils.assertRestrictions( 1538 DpmTestUtils.newRestrictions(), 1539 dpms.getProfileOwnerAdminLocked(DpmMockContext.CALLER_USER_HANDLE) 1540 .ensureUserRestrictions() 1541 ); 1542 1543 dpm.addUserRestriction(admin1, UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES); 1544 verify(mContext.userManagerInternal).setDevicePolicyUserRestrictions( 1545 eq(DpmMockContext.CALLER_USER_HANDLE), 1546 MockUtils.checkUserRestrictions(UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES), 1547 eq(false), eq(CAMERA_NOT_DISABLED)); 1548 reset(mContext.userManagerInternal); 1549 1550 dpm.addUserRestriction(admin1, UserManager.DISALLOW_OUTGOING_CALLS); 1551 verify(mContext.userManagerInternal).setDevicePolicyUserRestrictions( 1552 eq(DpmMockContext.CALLER_USER_HANDLE), 1553 MockUtils.checkUserRestrictions(UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES, 1554 UserManager.DISALLOW_OUTGOING_CALLS), 1555 eq(false), eq(CAMERA_NOT_DISABLED)); 1556 reset(mContext.userManagerInternal); 1557 1558 DpmTestUtils.assertRestrictions( 1559 DpmTestUtils.newRestrictions( 1560 UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES, 1561 UserManager.DISALLOW_OUTGOING_CALLS 1562 ), 1563 dpms.getProfileOwnerAdminLocked(DpmMockContext.CALLER_USER_HANDLE) 1564 .ensureUserRestrictions() 1565 ); 1566 DpmTestUtils.assertRestrictions( 1567 DpmTestUtils.newRestrictions( 1568 UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES, 1569 UserManager.DISALLOW_OUTGOING_CALLS 1570 ), 1571 dpm.getUserRestrictions(admin1) 1572 ); 1573 1574 dpm.clearUserRestriction(admin1, UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES); 1575 verify(mContext.userManagerInternal).setDevicePolicyUserRestrictions( 1576 eq(DpmMockContext.CALLER_USER_HANDLE), 1577 MockUtils.checkUserRestrictions(UserManager.DISALLOW_OUTGOING_CALLS), 1578 eq(false), eq(CAMERA_NOT_DISABLED)); 1579 reset(mContext.userManagerInternal); 1580 1581 DpmTestUtils.assertRestrictions( 1582 DpmTestUtils.newRestrictions( 1583 UserManager.DISALLOW_OUTGOING_CALLS 1584 ), 1585 dpms.getProfileOwnerAdminLocked(DpmMockContext.CALLER_USER_HANDLE) 1586 .ensureUserRestrictions() 1587 ); 1588 DpmTestUtils.assertRestrictions( 1589 DpmTestUtils.newRestrictions( 1590 UserManager.DISALLOW_OUTGOING_CALLS 1591 ), 1592 dpm.getUserRestrictions(admin1) 1593 ); 1594 1595 dpm.clearUserRestriction(admin1, UserManager.DISALLOW_OUTGOING_CALLS); 1596 verify(mContext.userManagerInternal).setDevicePolicyUserRestrictions( 1597 eq(DpmMockContext.CALLER_USER_HANDLE), 1598 MockUtils.checkUserRestrictions(), 1599 eq(false), eq(CAMERA_NOT_DISABLED)); 1600 reset(mContext.userManagerInternal); 1601 1602 DpmTestUtils.assertRestrictions( 1603 DpmTestUtils.newRestrictions(), 1604 dpms.getProfileOwnerAdminLocked(DpmMockContext.CALLER_USER_HANDLE) 1605 .ensureUserRestrictions() 1606 ); 1607 DpmTestUtils.assertRestrictions( 1608 DpmTestUtils.newRestrictions(), 1609 dpm.getUserRestrictions(admin1) 1610 ); 1611 1612 // DISALLOW_ADJUST_VOLUME and DISALLOW_UNMUTE_MICROPHONE can be set by PO too, even 1613 // though when DO sets them they'll be applied globally. 1614 dpm.addUserRestriction(admin1, UserManager.DISALLOW_ADJUST_VOLUME); 1615 reset(mContext.userManagerInternal); 1616 dpm.addUserRestriction(admin1, UserManager.DISALLOW_UNMUTE_MICROPHONE); 1617 verify(mContext.userManagerInternal).setDevicePolicyUserRestrictions( 1618 eq(DpmMockContext.CALLER_USER_HANDLE), 1619 MockUtils.checkUserRestrictions(UserManager.DISALLOW_ADJUST_VOLUME, 1620 UserManager.DISALLOW_UNMUTE_MICROPHONE), 1621 eq(false), eq(CAMERA_NOT_DISABLED)); 1622 reset(mContext.userManagerInternal); 1623 1624 dpm.setCameraDisabled(admin1, true); 1625 verify(mContext.userManagerInternal).setDevicePolicyUserRestrictions( 1626 eq(DpmMockContext.CALLER_USER_HANDLE), 1627 MockUtils.checkUserRestrictions(UserManager.DISALLOW_ADJUST_VOLUME, 1628 UserManager.DISALLOW_UNMUTE_MICROPHONE), 1629 eq(false), eq(CAMERA_DISABLED_LOCALLY)); 1630 reset(mContext.userManagerInternal); 1631 1632 // TODO Make sure restrictions are written to the file. 1633 } 1634 1635 1636 public void testDefaultEnabledUserRestrictions() throws Exception { 1637 mContext.callerPermissions.add(permission.MANAGE_DEVICE_ADMINS); 1638 mContext.callerPermissions.add(permission.MANAGE_USERS); 1639 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 1640 mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS_FULL); 1641 1642 // First, set DO. 1643 1644 // Call from a process on the system user. 1645 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 1646 1647 // Make sure admin1 is installed on system user. 1648 setUpPackageManagerForAdmin(admin1, DpmMockContext.CALLER_SYSTEM_USER_UID); 1649 1650 dpm.setActiveAdmin(admin1, /* replace =*/ false, UserHandle.USER_SYSTEM); 1651 assertTrue(dpm.setDeviceOwner(admin1, "owner-name", 1652 UserHandle.USER_SYSTEM)); 1653 1654 // Check that the user restrictions that are enabled by default are set. Then unset them. 1655 String[] defaultRestrictions = UserRestrictionsUtils 1656 .getDefaultEnabledForDeviceOwner().toArray(new String[0]); 1657 assertTrue(defaultRestrictions.length > 0); 1658 DpmTestUtils.assertRestrictions( 1659 DpmTestUtils.newRestrictions(defaultRestrictions), 1660 dpms.getDeviceOwnerAdminLocked().ensureUserRestrictions() 1661 ); 1662 DpmTestUtils.assertRestrictions( 1663 DpmTestUtils.newRestrictions(defaultRestrictions), 1664 dpm.getUserRestrictions(admin1) 1665 ); 1666 verify(mContext.userManagerInternal).setDevicePolicyUserRestrictions( 1667 eq(UserHandle.USER_SYSTEM), 1668 MockUtils.checkUserRestrictions(defaultRestrictions), 1669 eq(true) /* isDeviceOwner */, 1670 eq(CAMERA_NOT_DISABLED) 1671 ); 1672 reset(mContext.userManagerInternal); 1673 1674 for (String restriction : defaultRestrictions) { 1675 dpm.clearUserRestriction(admin1, restriction); 1676 } 1677 1678 assertNoDeviceOwnerRestrictions(); 1679 1680 // Initialize DPMS again and check that the user restriction wasn't enabled again. 1681 reset(mContext.userManagerInternal); 1682 initializeDpms(); 1683 assertTrue(dpm.isDeviceOwnerApp(admin1.getPackageName())); 1684 assertNotNull(dpms.getDeviceOwnerAdminLocked()); 1685 1686 assertNoDeviceOwnerRestrictions(); 1687 1688 // Add a new restriction to the default set, initialize DPMS, and check that the restriction 1689 // is set as it wasn't enabled during setDeviceOwner. 1690 final String newDefaultEnabledRestriction = UserManager.DISALLOW_REMOVE_MANAGED_PROFILE; 1691 assertFalse(UserRestrictionsUtils 1692 .getDefaultEnabledForDeviceOwner().contains(newDefaultEnabledRestriction)); 1693 UserRestrictionsUtils 1694 .getDefaultEnabledForDeviceOwner().add(newDefaultEnabledRestriction); 1695 try { 1696 reset(mContext.userManagerInternal); 1697 initializeDpms(); 1698 assertTrue(dpm.isDeviceOwnerApp(admin1.getPackageName())); 1699 assertNotNull(dpms.getDeviceOwnerAdminLocked()); 1700 1701 DpmTestUtils.assertRestrictions( 1702 DpmTestUtils.newRestrictions(newDefaultEnabledRestriction), 1703 dpms.getDeviceOwnerAdminLocked().ensureUserRestrictions() 1704 ); 1705 DpmTestUtils.assertRestrictions( 1706 DpmTestUtils.newRestrictions(newDefaultEnabledRestriction), 1707 dpm.getUserRestrictions(admin1) 1708 ); 1709 verify(mContext.userManagerInternal, atLeast(1)).setDevicePolicyUserRestrictions( 1710 eq(UserHandle.USER_SYSTEM), 1711 MockUtils.checkUserRestrictions(newDefaultEnabledRestriction), 1712 eq(true) /* isDeviceOwner */, 1713 eq(CAMERA_NOT_DISABLED) 1714 ); 1715 reset(mContext.userManagerInternal); 1716 1717 // Remove the restriction. 1718 dpm.clearUserRestriction(admin1, newDefaultEnabledRestriction); 1719 1720 // Initialize DPMS again. The restriction shouldn't be enabled for a second time. 1721 initializeDpms(); 1722 assertTrue(dpm.isDeviceOwnerApp(admin1.getPackageName())); 1723 assertNotNull(dpms.getDeviceOwnerAdminLocked()); 1724 assertNoDeviceOwnerRestrictions(); 1725 } finally { 1726 UserRestrictionsUtils 1727 .getDefaultEnabledForDeviceOwner().remove(newDefaultEnabledRestriction); 1728 } 1729 } 1730 1731 private void assertNoDeviceOwnerRestrictions() { 1732 DpmTestUtils.assertRestrictions( 1733 DpmTestUtils.newRestrictions(), 1734 dpms.getDeviceOwnerAdminLocked().ensureUserRestrictions() 1735 ); 1736 DpmTestUtils.assertRestrictions( 1737 DpmTestUtils.newRestrictions(), 1738 dpm.getUserRestrictions(admin1) 1739 ); 1740 } 1741 1742 public void testGetMacAddress() throws Exception { 1743 mContext.callerPermissions.add(permission.MANAGE_DEVICE_ADMINS); 1744 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 1745 mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS_FULL); 1746 1747 // In this test, change the caller user to "system". 1748 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 1749 1750 // Make sure admin1 is installed on system user. 1751 setUpPackageManagerForAdmin(admin1, DpmMockContext.CALLER_SYSTEM_USER_UID); 1752 1753 // Test 1. Caller doesn't have DO or DA. 1754 try { 1755 dpm.getWifiMacAddress(admin1); 1756 fail(); 1757 } catch (SecurityException e) { 1758 MoreAsserts.assertContainsRegex("No active admin", e.getMessage()); 1759 } 1760 1761 // DO needs to be an DA. 1762 dpm.setActiveAdmin(admin1, /* replace =*/ false); 1763 assertTrue(dpm.isAdminActive(admin1)); 1764 1765 // Test 2. Caller has DA, but not DO. 1766 try { 1767 dpm.getWifiMacAddress(admin1); 1768 fail(); 1769 } catch (SecurityException e) { 1770 MoreAsserts.assertContainsRegex("does not own the device", e.getMessage()); 1771 } 1772 1773 // Test 3. Caller has PO, but not DO. 1774 assertTrue(dpm.setProfileOwner(admin1, null, UserHandle.USER_SYSTEM)); 1775 try { 1776 dpm.getWifiMacAddress(admin1); 1777 fail(); 1778 } catch (SecurityException e) { 1779 MoreAsserts.assertContainsRegex("does not own the device", e.getMessage()); 1780 } 1781 1782 // Remove PO. 1783 dpm.clearProfileOwner(admin1); 1784 dpm.setActiveAdmin(admin1, false); 1785 // Test 4, Caller is DO now. 1786 assertTrue(dpm.setDeviceOwner(admin1, null, UserHandle.USER_SYSTEM)); 1787 1788 // 4-1. But no WifiInfo. 1789 assertNull(dpm.getWifiMacAddress(admin1)); 1790 1791 // 4-2. Returns WifiInfo, but with the default MAC. 1792 when(mContext.wifiManager.getConnectionInfo()).thenReturn(new WifiInfo()); 1793 assertNull(dpm.getWifiMacAddress(admin1)); 1794 1795 // 4-3. With a real MAC address. 1796 final WifiInfo wi = new WifiInfo(); 1797 wi.setMacAddress("11:22:33:44:55:66"); 1798 when(mContext.wifiManager.getConnectionInfo()).thenReturn(wi); 1799 assertEquals("11:22:33:44:55:66", dpm.getWifiMacAddress(admin1)); 1800 } 1801 1802 public void testReboot() throws Exception { 1803 mContext.callerPermissions.add(permission.MANAGE_DEVICE_ADMINS); 1804 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 1805 1806 // In this test, change the caller user to "system". 1807 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 1808 1809 // Make sure admin1 is installed on system user. 1810 setUpPackageManagerForAdmin(admin1, DpmMockContext.CALLER_SYSTEM_USER_UID); 1811 1812 // Set admin1 as DA. 1813 dpm.setActiveAdmin(admin1, false); 1814 assertTrue(dpm.isAdminActive(admin1)); 1815 try { 1816 dpm.reboot(admin1); 1817 fail("DA calls DPM.reboot(), did not throw expected SecurityException"); 1818 } catch (SecurityException expected) { 1819 MoreAsserts.assertContainsRegex("does not own the device", expected.getMessage()); 1820 } 1821 1822 // Set admin1 as PO. 1823 assertTrue(dpm.setProfileOwner(admin1, null, UserHandle.USER_SYSTEM)); 1824 try { 1825 dpm.reboot(admin1); 1826 fail("PO calls DPM.reboot(), did not throw expected SecurityException"); 1827 } catch (SecurityException expected) { 1828 MoreAsserts.assertContainsRegex("does not own the device", expected.getMessage()); 1829 } 1830 1831 // Remove PO and add DO. 1832 dpm.clearProfileOwner(admin1); 1833 dpm.setActiveAdmin(admin1, false); 1834 assertTrue(dpm.setDeviceOwner(admin1, null, UserHandle.USER_SYSTEM)); 1835 1836 // admin1 is DO. 1837 // Set current call state of device to ringing. 1838 when(mContext.telephonyManager.getCallState()) 1839 .thenReturn(TelephonyManager.CALL_STATE_RINGING); 1840 try { 1841 dpm.reboot(admin1); 1842 fail("DPM.reboot() called when receiveing a call, should thrown IllegalStateException"); 1843 } catch (IllegalStateException expected) { 1844 MoreAsserts.assertContainsRegex("ongoing call on the device", expected.getMessage()); 1845 } 1846 1847 // Set current call state of device to dialing/active. 1848 when(mContext.telephonyManager.getCallState()) 1849 .thenReturn(TelephonyManager.CALL_STATE_OFFHOOK); 1850 try { 1851 dpm.reboot(admin1); 1852 fail("DPM.reboot() called when dialing, should thrown IllegalStateException"); 1853 } catch (IllegalStateException expected) { 1854 MoreAsserts.assertContainsRegex("ongoing call on the device", expected.getMessage()); 1855 } 1856 1857 // Set current call state of device to idle. 1858 when(mContext.telephonyManager.getCallState()).thenReturn(TelephonyManager.CALL_STATE_IDLE); 1859 dpm.reboot(admin1); 1860 } 1861 1862 public void testSetGetSupportText() { 1863 mContext.callerPermissions.add(permission.MANAGE_DEVICE_ADMINS); 1864 dpm.setActiveAdmin(admin1, true); 1865 dpm.setActiveAdmin(admin2, true); 1866 mContext.callerPermissions.remove(permission.MANAGE_DEVICE_ADMINS); 1867 1868 // Null default support messages. 1869 { 1870 assertNull(dpm.getLongSupportMessage(admin1)); 1871 assertNull(dpm.getShortSupportMessage(admin1)); 1872 mContext.binder.callingUid = DpmMockContext.SYSTEM_UID; 1873 assertNull(dpm.getShortSupportMessageForUser(admin1, 1874 DpmMockContext.CALLER_USER_HANDLE)); 1875 assertNull(dpm.getLongSupportMessageForUser(admin1, 1876 DpmMockContext.CALLER_USER_HANDLE)); 1877 mMockContext.binder.callingUid = DpmMockContext.CALLER_UID; 1878 } 1879 1880 // Only system can call the per user versions. 1881 { 1882 try { 1883 dpm.getShortSupportMessageForUser(admin1, 1884 DpmMockContext.CALLER_USER_HANDLE); 1885 fail("Only system should be able to call getXXXForUser versions"); 1886 } catch (SecurityException expected) { 1887 MoreAsserts.assertContainsRegex("message for user", expected.getMessage()); 1888 } 1889 try { 1890 dpm.getLongSupportMessageForUser(admin1, 1891 DpmMockContext.CALLER_USER_HANDLE); 1892 fail("Only system should be able to call getXXXForUser versions"); 1893 } catch (SecurityException expected) { 1894 MoreAsserts.assertContainsRegex("message for user", expected.getMessage()); 1895 } 1896 } 1897 1898 // Can't set message for admin in another uid. 1899 { 1900 mContext.binder.callingUid = DpmMockContext.CALLER_UID + 1; 1901 try { 1902 dpm.setShortSupportMessage(admin1, "Some text"); 1903 fail("Admins should only be able to change their own support text."); 1904 } catch (SecurityException expected) { 1905 MoreAsserts.assertContainsRegex("is not owned by uid", expected.getMessage()); 1906 } 1907 mContext.binder.callingUid = DpmMockContext.CALLER_UID; 1908 } 1909 1910 // Set/Get short returns what it sets and other admins text isn't changed. 1911 { 1912 final String supportText = "Some text to test with."; 1913 dpm.setShortSupportMessage(admin1, supportText); 1914 assertEquals(supportText, dpm.getShortSupportMessage(admin1)); 1915 assertNull(dpm.getLongSupportMessage(admin1)); 1916 assertNull(dpm.getShortSupportMessage(admin2)); 1917 1918 mContext.binder.callingUid = DpmMockContext.SYSTEM_UID; 1919 assertEquals(supportText, dpm.getShortSupportMessageForUser(admin1, 1920 DpmMockContext.CALLER_USER_HANDLE)); 1921 assertNull(dpm.getShortSupportMessageForUser(admin2, 1922 DpmMockContext.CALLER_USER_HANDLE)); 1923 assertNull(dpm.getLongSupportMessageForUser(admin1, 1924 DpmMockContext.CALLER_USER_HANDLE)); 1925 mMockContext.binder.callingUid = DpmMockContext.CALLER_UID; 1926 1927 dpm.setShortSupportMessage(admin1, null); 1928 assertNull(dpm.getShortSupportMessage(admin1)); 1929 } 1930 1931 // Set/Get long returns what it sets and other admins text isn't changed. 1932 { 1933 final String supportText = "Some text to test with.\nWith more text."; 1934 dpm.setLongSupportMessage(admin1, supportText); 1935 assertEquals(supportText, dpm.getLongSupportMessage(admin1)); 1936 assertNull(dpm.getShortSupportMessage(admin1)); 1937 assertNull(dpm.getLongSupportMessage(admin2)); 1938 1939 mContext.binder.callingUid = DpmMockContext.SYSTEM_UID; 1940 assertEquals(supportText, dpm.getLongSupportMessageForUser(admin1, 1941 DpmMockContext.CALLER_USER_HANDLE)); 1942 assertNull(dpm.getLongSupportMessageForUser(admin2, 1943 DpmMockContext.CALLER_USER_HANDLE)); 1944 assertNull(dpm.getShortSupportMessageForUser(admin1, 1945 DpmMockContext.CALLER_USER_HANDLE)); 1946 mMockContext.binder.callingUid = DpmMockContext.CALLER_UID; 1947 1948 dpm.setLongSupportMessage(admin1, null); 1949 assertNull(dpm.getLongSupportMessage(admin1)); 1950 } 1951 } 1952 1953 public void testCreateAdminSupportIntent() throws Exception { 1954 // Setup device owner. 1955 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 1956 setupDeviceOwner(); 1957 1958 // Nonexisting permission returns null 1959 Intent intent = dpm.createAdminSupportIntent("disallow_nothing"); 1960 assertNull(intent); 1961 1962 // Existing permission that is not set returns null 1963 intent = dpm.createAdminSupportIntent(UserManager.DISALLOW_ADJUST_VOLUME); 1964 assertNull(intent); 1965 1966 // Existing permission that is not set by device/profile owner returns null 1967 when(mContext.userManager.hasUserRestriction( 1968 eq(UserManager.DISALLOW_ADJUST_VOLUME), 1969 eq(UserHandle.getUserHandleForUid(mContext.binder.callingUid)))) 1970 .thenReturn(true); 1971 intent = dpm.createAdminSupportIntent(UserManager.DISALLOW_ADJUST_VOLUME); 1972 assertNull(intent); 1973 1974 // Permission that is set by device owner returns correct intent 1975 when(mContext.userManager.getUserRestrictionSource( 1976 eq(UserManager.DISALLOW_ADJUST_VOLUME), 1977 eq(UserHandle.getUserHandleForUid(mContext.binder.callingUid)))) 1978 .thenReturn(UserManager.RESTRICTION_SOURCE_DEVICE_OWNER); 1979 intent = dpm.createAdminSupportIntent(UserManager.DISALLOW_ADJUST_VOLUME); 1980 assertNotNull(intent); 1981 assertEquals(Settings.ACTION_SHOW_ADMIN_SUPPORT_DETAILS, intent.getAction()); 1982 assertEquals(UserHandle.getUserId(DpmMockContext.CALLER_SYSTEM_USER_UID), 1983 intent.getIntExtra(Intent.EXTRA_USER_ID, -1)); 1984 assertEquals(admin1, 1985 (ComponentName) intent.getParcelableExtra(DevicePolicyManager.EXTRA_DEVICE_ADMIN)); 1986 assertEquals(UserManager.DISALLOW_ADJUST_VOLUME, 1987 intent.getStringExtra(DevicePolicyManager.EXTRA_RESTRICTION)); 1988 1989 // Try with POLICY_DISABLE_CAMERA and POLICY_DISABLE_SCREEN_CAPTURE, which are not 1990 // user restrictions 1991 1992 // Camera is not disabled 1993 intent = dpm.createAdminSupportIntent(DevicePolicyManager.POLICY_DISABLE_CAMERA); 1994 assertNull(intent); 1995 1996 // Camera is disabled 1997 dpm.setCameraDisabled(admin1, true); 1998 intent = dpm.createAdminSupportIntent(DevicePolicyManager.POLICY_DISABLE_CAMERA); 1999 assertNotNull(intent); 2000 assertEquals(DevicePolicyManager.POLICY_DISABLE_CAMERA, 2001 intent.getStringExtra(DevicePolicyManager.EXTRA_RESTRICTION)); 2002 2003 // Screen capture is not disabled 2004 intent = dpm.createAdminSupportIntent(DevicePolicyManager.POLICY_DISABLE_SCREEN_CAPTURE); 2005 assertNull(intent); 2006 2007 // Screen capture is disabled 2008 dpm.setScreenCaptureDisabled(admin1, true); 2009 intent = dpm.createAdminSupportIntent(DevicePolicyManager.POLICY_DISABLE_SCREEN_CAPTURE); 2010 assertNotNull(intent); 2011 assertEquals(DevicePolicyManager.POLICY_DISABLE_SCREEN_CAPTURE, 2012 intent.getStringExtra(DevicePolicyManager.EXTRA_RESTRICTION)); 2013 2014 // Same checks for different user 2015 mContext.binder.callingUid = DpmMockContext.CALLER_UID; 2016 // Camera should be disabled by device owner 2017 intent = dpm.createAdminSupportIntent(DevicePolicyManager.POLICY_DISABLE_CAMERA); 2018 assertNotNull(intent); 2019 assertEquals(DevicePolicyManager.POLICY_DISABLE_CAMERA, 2020 intent.getStringExtra(DevicePolicyManager.EXTRA_RESTRICTION)); 2021 assertEquals(UserHandle.getUserId(DpmMockContext.CALLER_SYSTEM_USER_UID), 2022 intent.getIntExtra(Intent.EXTRA_USER_ID, -1)); 2023 // ScreenCapture should not be disabled by device owner 2024 intent = dpm.createAdminSupportIntent(DevicePolicyManager.POLICY_DISABLE_SCREEN_CAPTURE); 2025 assertNull(intent); 2026 } 2027 2028 /** 2029 * Test for: 2030 * {@link DevicePolicyManager#setAffiliationIds} 2031 * {@link DevicePolicyManager#getAffiliationIds} 2032 * {@link DevicePolicyManager#isAffiliatedUser} 2033 */ 2034 public void testUserAffiliation() throws Exception { 2035 mContext.callerPermissions.add(permission.MANAGE_DEVICE_ADMINS); 2036 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2037 mContext.callerPermissions.add(permission.INTERACT_ACROSS_USERS_FULL); 2038 2039 // Check that the system user is unaffiliated. 2040 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 2041 assertFalse(dpm.isAffiliatedUser()); 2042 2043 // Set a device owner on the system user. Check that the system user becomes affiliated. 2044 setUpPackageManagerForAdmin(admin1, DpmMockContext.CALLER_SYSTEM_USER_UID); 2045 dpm.setActiveAdmin(admin1, /* replace =*/ false); 2046 assertTrue(dpm.setDeviceOwner(admin1, "owner-name")); 2047 assertTrue(dpm.isAffiliatedUser()); 2048 assertTrue(dpm.getAffiliationIds(admin1).isEmpty()); 2049 2050 // Install a profile owner. Check that the test user is unaffiliated. 2051 mContext.binder.callingUid = DpmMockContext.CALLER_UID; 2052 setAsProfileOwner(admin2); 2053 assertFalse(dpm.isAffiliatedUser()); 2054 assertTrue(dpm.getAffiliationIds(admin2).isEmpty()); 2055 2056 // Have the profile owner specify a set of affiliation ids. Check that the test user remains 2057 // unaffiliated. 2058 final List<String> userAffiliationIds = new ArrayList<>(); 2059 userAffiliationIds.add("red"); 2060 userAffiliationIds.add("green"); 2061 userAffiliationIds.add("blue"); 2062 dpm.setAffiliationIds(admin2, userAffiliationIds); 2063 MoreAsserts.assertContentsInAnyOrder(dpm.getAffiliationIds(admin2), "red", "green", "blue"); 2064 assertFalse(dpm.isAffiliatedUser()); 2065 2066 // Have the device owner specify a set of affiliation ids that do not intersect with those 2067 // specified by the profile owner. Check that the test user remains unaffiliated. 2068 final List<String> deviceAffiliationIds = new ArrayList<>(); 2069 deviceAffiliationIds.add("cyan"); 2070 deviceAffiliationIds.add("yellow"); 2071 deviceAffiliationIds.add("magenta"); 2072 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 2073 dpm.setAffiliationIds(admin1, deviceAffiliationIds); 2074 MoreAsserts.assertContentsInAnyOrder( 2075 dpm.getAffiliationIds(admin1), "cyan", "yellow", "magenta"); 2076 mContext.binder.callingUid = DpmMockContext.CALLER_UID; 2077 assertFalse(dpm.isAffiliatedUser()); 2078 2079 // Have the profile owner specify a set of affiliation ids that intersect with those 2080 // specified by the device owner. Check that the test user becomes affiliated. 2081 userAffiliationIds.add("yellow"); 2082 dpm.setAffiliationIds(admin2, userAffiliationIds); 2083 MoreAsserts.assertContentsInAnyOrder( 2084 dpm.getAffiliationIds(admin2), "red", "green", "blue", "yellow"); 2085 assertTrue(dpm.isAffiliatedUser()); 2086 2087 // Clear affiliation ids for the profile owner. The user becomes unaffiliated. 2088 dpm.setAffiliationIds(admin2, Collections.emptyList()); 2089 assertTrue(dpm.getAffiliationIds(admin2).isEmpty()); 2090 assertFalse(dpm.isAffiliatedUser()); 2091 2092 // Check that the system user remains affiliated. 2093 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 2094 assertTrue(dpm.isAffiliatedUser()); 2095 } 2096 2097 public void testGetUserProvisioningState_defaultResult() { 2098 assertEquals(DevicePolicyManager.STATE_USER_UNMANAGED, dpm.getUserProvisioningState()); 2099 } 2100 2101 public void testSetUserProvisioningState_permission() throws Exception { 2102 setupProfileOwner(); 2103 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2104 2105 exerciseUserProvisioningTransitions(DpmMockContext.CALLER_USER_HANDLE, 2106 DevicePolicyManager.STATE_USER_SETUP_FINALIZED); 2107 } 2108 2109 public void testSetUserProvisioningState_unprivileged() throws Exception { 2110 setupProfileOwner(); 2111 try { 2112 dpm.setUserProvisioningState(DevicePolicyManager.STATE_USER_SETUP_FINALIZED, 2113 DpmMockContext.CALLER_USER_HANDLE); 2114 fail("Expected SecurityException"); 2115 } catch (SecurityException expected) { 2116 } 2117 } 2118 2119 public void testSetUserProvisioningState_noManagement() { 2120 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2121 try { 2122 dpm.setUserProvisioningState(DevicePolicyManager.STATE_USER_SETUP_FINALIZED, 2123 DpmMockContext.CALLER_USER_HANDLE); 2124 fail("IllegalStateException expected"); 2125 } catch (IllegalStateException e) { 2126 MoreAsserts.assertContainsRegex("change provisioning state unless a .* owner is set", 2127 e.getMessage()); 2128 } 2129 assertEquals(DevicePolicyManager.STATE_USER_UNMANAGED, dpm.getUserProvisioningState()); 2130 } 2131 2132 public void testSetUserProvisioningState_deviceOwnerFromSetupWizard() throws Exception { 2133 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 2134 setupDeviceOwner(); 2135 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2136 2137 exerciseUserProvisioningTransitions(UserHandle.USER_SYSTEM, 2138 DevicePolicyManager.STATE_USER_SETUP_COMPLETE, 2139 DevicePolicyManager.STATE_USER_SETUP_FINALIZED); 2140 } 2141 2142 public void testSetUserProvisioningState_deviceOwnerFromSetupWizardAlternative() 2143 throws Exception { 2144 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 2145 setupDeviceOwner(); 2146 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2147 2148 exerciseUserProvisioningTransitions(UserHandle.USER_SYSTEM, 2149 DevicePolicyManager.STATE_USER_SETUP_INCOMPLETE, 2150 DevicePolicyManager.STATE_USER_SETUP_FINALIZED); 2151 } 2152 2153 public void testSetUserProvisioningState_deviceOwnerWithoutSetupWizard() throws Exception { 2154 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 2155 setupDeviceOwner(); 2156 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2157 2158 exerciseUserProvisioningTransitions(UserHandle.USER_SYSTEM, 2159 DevicePolicyManager.STATE_USER_SETUP_FINALIZED); 2160 } 2161 2162 public void testSetUserProvisioningState_managedProfileFromSetupWizard_primaryUser() 2163 throws Exception { 2164 setupProfileOwner(); 2165 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2166 2167 exerciseUserProvisioningTransitions(DpmMockContext.CALLER_USER_HANDLE, 2168 DevicePolicyManager.STATE_USER_PROFILE_COMPLETE, 2169 DevicePolicyManager.STATE_USER_UNMANAGED); 2170 } 2171 2172 public void testSetUserProvisioningState_managedProfileFromSetupWizard_managedProfile() 2173 throws Exception { 2174 setupProfileOwner(); 2175 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2176 2177 exerciseUserProvisioningTransitions(DpmMockContext.CALLER_USER_HANDLE, 2178 DevicePolicyManager.STATE_USER_SETUP_COMPLETE, 2179 DevicePolicyManager.STATE_USER_SETUP_FINALIZED); 2180 } 2181 2182 public void testSetUserProvisioningState_managedProfileWithoutSetupWizard() throws Exception { 2183 setupProfileOwner(); 2184 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2185 2186 exerciseUserProvisioningTransitions(DpmMockContext.CALLER_USER_HANDLE, 2187 DevicePolicyManager.STATE_USER_SETUP_FINALIZED); 2188 } 2189 2190 public void testSetUserProvisioningState_illegalTransitionOutOfFinalized1() throws Exception { 2191 setupProfileOwner(); 2192 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2193 2194 try { 2195 exerciseUserProvisioningTransitions(DpmMockContext.CALLER_USER_HANDLE, 2196 DevicePolicyManager.STATE_USER_SETUP_FINALIZED, 2197 DevicePolicyManager.STATE_USER_UNMANAGED); 2198 fail("Expected IllegalStateException"); 2199 } catch (IllegalStateException e) { 2200 MoreAsserts.assertContainsRegex("Cannot move to user provisioning state", 2201 e.getMessage()); 2202 } 2203 } 2204 2205 public void testSetUserProvisioningState_illegalTransitionToAnotherInProgressState() 2206 throws Exception { 2207 setupProfileOwner(); 2208 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2209 2210 try { 2211 exerciseUserProvisioningTransitions(DpmMockContext.CALLER_USER_HANDLE, 2212 DevicePolicyManager.STATE_USER_SETUP_INCOMPLETE, 2213 DevicePolicyManager.STATE_USER_SETUP_COMPLETE); 2214 fail("Expected IllegalStateException"); 2215 } catch (IllegalStateException e) { 2216 MoreAsserts.assertContainsRegex("Cannot move to user provisioning state", 2217 e.getMessage()); 2218 } 2219 } 2220 2221 private void exerciseUserProvisioningTransitions(int userId, int... states) { 2222 assertEquals(DevicePolicyManager.STATE_USER_UNMANAGED, dpm.getUserProvisioningState()); 2223 for (int state : states) { 2224 dpm.setUserProvisioningState(state, userId); 2225 assertEquals(state, dpm.getUserProvisioningState()); 2226 } 2227 } 2228 2229 private void setupProfileOwner() throws Exception { 2230 mContext.callerPermissions.addAll(OWNER_SETUP_PERMISSIONS); 2231 2232 setUpPackageManagerForAdmin(admin1, DpmMockContext.CALLER_UID); 2233 dpm.setActiveAdmin(admin1, false); 2234 assertTrue(dpm.setProfileOwner(admin1, null, DpmMockContext.CALLER_USER_HANDLE)); 2235 2236 mContext.callerPermissions.removeAll(OWNER_SETUP_PERMISSIONS); 2237 } 2238 2239 private void setupDeviceOwner() throws Exception { 2240 mContext.callerPermissions.addAll(OWNER_SETUP_PERMISSIONS); 2241 2242 setUpPackageManagerForAdmin(admin1, DpmMockContext.CALLER_SYSTEM_USER_UID); 2243 dpm.setActiveAdmin(admin1, false); 2244 assertTrue(dpm.setDeviceOwner(admin1, null, UserHandle.USER_SYSTEM)); 2245 2246 mContext.callerPermissions.removeAll(OWNER_SETUP_PERMISSIONS); 2247 } 2248 2249 public void testSetMaximumTimeToLock() { 2250 mContext.callerPermissions.add(android.Manifest.permission.MANAGE_DEVICE_ADMINS); 2251 2252 dpm.setActiveAdmin(admin1, /* replace =*/ false); 2253 dpm.setActiveAdmin(admin2, /* replace =*/ false); 2254 2255 reset(mMockContext.powerManagerInternal); 2256 reset(mMockContext.settings); 2257 2258 dpm.setMaximumTimeToLock(admin1, 0); 2259 verifyScreenTimeoutCall(null, false); 2260 reset(mMockContext.powerManagerInternal); 2261 reset(mMockContext.settings); 2262 2263 dpm.setMaximumTimeToLock(admin1, 1); 2264 verifyScreenTimeoutCall(1, true); 2265 reset(mMockContext.powerManagerInternal); 2266 reset(mMockContext.settings); 2267 2268 dpm.setMaximumTimeToLock(admin2, 10); 2269 verifyScreenTimeoutCall(null, false); 2270 reset(mMockContext.powerManagerInternal); 2271 reset(mMockContext.settings); 2272 2273 dpm.setMaximumTimeToLock(admin1, 5); 2274 verifyScreenTimeoutCall(5, true); 2275 reset(mMockContext.powerManagerInternal); 2276 reset(mMockContext.settings); 2277 2278 dpm.setMaximumTimeToLock(admin2, 4); 2279 verifyScreenTimeoutCall(4, true); 2280 reset(mMockContext.powerManagerInternal); 2281 reset(mMockContext.settings); 2282 2283 dpm.setMaximumTimeToLock(admin1, 0); 2284 reset(mMockContext.powerManagerInternal); 2285 reset(mMockContext.settings); 2286 2287 dpm.setMaximumTimeToLock(admin2, Integer.MAX_VALUE); 2288 verifyScreenTimeoutCall(Integer.MAX_VALUE, true); 2289 reset(mMockContext.powerManagerInternal); 2290 reset(mMockContext.settings); 2291 2292 dpm.setMaximumTimeToLock(admin2, Integer.MAX_VALUE + 1); 2293 verifyScreenTimeoutCall(Integer.MAX_VALUE, true); 2294 reset(mMockContext.powerManagerInternal); 2295 reset(mMockContext.settings); 2296 2297 dpm.setMaximumTimeToLock(admin2, 10); 2298 verifyScreenTimeoutCall(10, true); 2299 reset(mMockContext.powerManagerInternal); 2300 reset(mMockContext.settings); 2301 2302 // There's no restriction; shold be set to MAX. 2303 dpm.setMaximumTimeToLock(admin2, 0); 2304 verifyScreenTimeoutCall(Integer.MAX_VALUE, false); 2305 } 2306 2307 public void testSetRequiredStrongAuthTimeout_DeviceOwner() throws Exception { 2308 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 2309 setupDeviceOwner(); 2310 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2311 2312 final long MINIMUM_STRONG_AUTH_TIMEOUT_MS = TimeUnit.HOURS.toMillis(1); 2313 final long ONE_MINUTE = TimeUnit.MINUTES.toMillis(1); 2314 final long MIN_PLUS_ONE_MINUTE = MINIMUM_STRONG_AUTH_TIMEOUT_MS + ONE_MINUTE; 2315 final long MAX_MINUS_ONE_MINUTE = DevicePolicyManager.DEFAULT_STRONG_AUTH_TIMEOUT_MS 2316 - ONE_MINUTE; 2317 2318 // verify that the minimum timeout cannot be modified on user builds (system property is 2319 // not being read) 2320 mContext.buildMock.isDebuggable = false; 2321 2322 dpm.setRequiredStrongAuthTimeout(admin1, MAX_MINUS_ONE_MINUTE); 2323 assertEquals(dpm.getRequiredStrongAuthTimeout(admin1), MAX_MINUS_ONE_MINUTE); 2324 assertEquals(dpm.getRequiredStrongAuthTimeout(null), MAX_MINUS_ONE_MINUTE); 2325 2326 verify(mContext.systemProperties, never()).getLong(anyString(), anyLong()); 2327 2328 // restore to the debuggable build state 2329 mContext.buildMock.isDebuggable = true; 2330 2331 // Always return the default (second arg) when getting system property for long type 2332 when(mContext.systemProperties.getLong(anyString(), anyLong())).thenAnswer( 2333 new Answer<Long>() { 2334 @Override 2335 public Long answer(InvocationOnMock invocation) throws Throwable { 2336 return (Long) invocation.getArguments()[1]; 2337 } 2338 } 2339 ); 2340 2341 // reset to default (0 means the admin is not participating, so default should be returned) 2342 dpm.setRequiredStrongAuthTimeout(admin1, 0); 2343 2344 // aggregation should be the default if unset by any admin 2345 assertEquals(dpm.getRequiredStrongAuthTimeout(null), 2346 DevicePolicyManager.DEFAULT_STRONG_AUTH_TIMEOUT_MS); 2347 2348 // admin not participating by default 2349 assertEquals(dpm.getRequiredStrongAuthTimeout(admin1), 0); 2350 2351 //clamping from the top 2352 dpm.setRequiredStrongAuthTimeout(admin1, 2353 DevicePolicyManager.DEFAULT_STRONG_AUTH_TIMEOUT_MS + ONE_MINUTE); 2354 assertEquals(dpm.getRequiredStrongAuthTimeout(admin1), 2355 DevicePolicyManager.DEFAULT_STRONG_AUTH_TIMEOUT_MS); 2356 assertEquals(dpm.getRequiredStrongAuthTimeout(null), 2357 DevicePolicyManager.DEFAULT_STRONG_AUTH_TIMEOUT_MS); 2358 2359 // 0 means the admin is not participating, so default should be returned 2360 dpm.setRequiredStrongAuthTimeout(admin1, 0); 2361 assertEquals(dpm.getRequiredStrongAuthTimeout(admin1), 0); 2362 assertEquals(dpm.getRequiredStrongAuthTimeout(null), 2363 DevicePolicyManager.DEFAULT_STRONG_AUTH_TIMEOUT_MS); 2364 2365 // clamping from the bottom 2366 dpm.setRequiredStrongAuthTimeout(admin1, MINIMUM_STRONG_AUTH_TIMEOUT_MS - ONE_MINUTE); 2367 assertEquals(dpm.getRequiredStrongAuthTimeout(admin1), MINIMUM_STRONG_AUTH_TIMEOUT_MS); 2368 assertEquals(dpm.getRequiredStrongAuthTimeout(null), MINIMUM_STRONG_AUTH_TIMEOUT_MS); 2369 2370 // values within range 2371 dpm.setRequiredStrongAuthTimeout(admin1, MIN_PLUS_ONE_MINUTE); 2372 assertEquals(dpm.getRequiredStrongAuthTimeout(admin1), MIN_PLUS_ONE_MINUTE); 2373 assertEquals(dpm.getRequiredStrongAuthTimeout(null), MIN_PLUS_ONE_MINUTE); 2374 2375 dpm.setRequiredStrongAuthTimeout(admin1, MAX_MINUS_ONE_MINUTE); 2376 assertEquals(dpm.getRequiredStrongAuthTimeout(admin1), MAX_MINUS_ONE_MINUTE); 2377 assertEquals(dpm.getRequiredStrongAuthTimeout(null), MAX_MINUS_ONE_MINUTE); 2378 2379 // reset to default 2380 dpm.setRequiredStrongAuthTimeout(admin1, 0); 2381 assertEquals(dpm.getRequiredStrongAuthTimeout(admin1), 0); 2382 assertEquals(dpm.getRequiredStrongAuthTimeout(null), 2383 DevicePolicyManager.DEFAULT_STRONG_AUTH_TIMEOUT_MS); 2384 2385 // negative value 2386 try { 2387 dpm.setRequiredStrongAuthTimeout(admin1, -ONE_MINUTE); 2388 fail("Didn't throw IllegalArgumentException"); 2389 } catch (IllegalArgumentException iae) { 2390 } 2391 } 2392 2393 private void verifyScreenTimeoutCall(Integer expectedTimeout, 2394 boolean shouldStayOnWhilePluggedInBeCleared) { 2395 if (expectedTimeout == null) { 2396 verify(mMockContext.powerManagerInternal, times(0)) 2397 .setMaximumScreenOffTimeoutFromDeviceAdmin(anyInt()); 2398 } else { 2399 verify(mMockContext.powerManagerInternal, times(1)) 2400 .setMaximumScreenOffTimeoutFromDeviceAdmin(eq(expectedTimeout)); 2401 } 2402 // TODO Verify calls to settingsGlobalPutInt. Tried but somehow mockito threw 2403 // UnfinishedVerificationException. 2404 } 2405 2406 private void setup_DeviceAdminFeatureOff() throws Exception { 2407 when(mContext.packageManager.hasSystemFeature(PackageManager.FEATURE_DEVICE_ADMIN)) 2408 .thenReturn(false); 2409 when(mContext.ipackageManager.hasSystemFeature(PackageManager.FEATURE_MANAGED_USERS, 0)) 2410 .thenReturn(false); 2411 initializeDpms(); 2412 when(mContext.userManagerForMock.isSplitSystemUser()).thenReturn(false); 2413 when(mContext.userManager.canAddMoreManagedProfiles(UserHandle.USER_SYSTEM, true)) 2414 .thenReturn(true); 2415 setUserSetupCompleteForUser(false, UserHandle.USER_SYSTEM); 2416 2417 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 2418 } 2419 2420 public void testIsProvisioningAllowed_DeviceAdminFeatureOff() throws Exception { 2421 setup_DeviceAdminFeatureOff(); 2422 mContext.packageName = admin1.getPackageName(); 2423 setUpPackageManagerForAdmin(admin1, mContext.binder.callingUid); 2424 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE, false); 2425 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, false); 2426 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE, 2427 false); 2428 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_USER, false); 2429 } 2430 2431 public void testCheckProvisioningPreCondition_DeviceAdminFeatureOff() throws Exception { 2432 setup_DeviceAdminFeatureOff(); 2433 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2434 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE, 2435 DevicePolicyManager.CODE_DEVICE_ADMIN_NOT_SUPPORTED); 2436 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2437 DevicePolicyManager.CODE_DEVICE_ADMIN_NOT_SUPPORTED); 2438 assertCheckProvisioningPreCondition( 2439 DevicePolicyManager.ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE, 2440 DevicePolicyManager.CODE_DEVICE_ADMIN_NOT_SUPPORTED); 2441 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_USER, 2442 DevicePolicyManager.CODE_DEVICE_ADMIN_NOT_SUPPORTED); 2443 } 2444 2445 private void setup_ManagedProfileFeatureOff() throws Exception { 2446 when(mContext.ipackageManager.hasSystemFeature(PackageManager.FEATURE_MANAGED_USERS, 0)) 2447 .thenReturn(false); 2448 initializeDpms(); 2449 when(mContext.userManagerForMock.isSplitSystemUser()).thenReturn(false); 2450 when(mContext.userManager.canAddMoreManagedProfiles(UserHandle.USER_SYSTEM, true)) 2451 .thenReturn(true); 2452 setUserSetupCompleteForUser(false, UserHandle.USER_SYSTEM); 2453 2454 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 2455 } 2456 2457 public void testIsProvisioningAllowed_ManagedProfileFeatureOff() throws Exception { 2458 setup_ManagedProfileFeatureOff(); 2459 mContext.packageName = admin1.getPackageName(); 2460 setUpPackageManagerForAdmin(admin1, mContext.binder.callingUid); 2461 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE, true); 2462 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, false); 2463 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE, 2464 false); 2465 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_USER, false); 2466 2467 // Test again when split user is on 2468 when(mContext.userManagerForMock.isSplitSystemUser()).thenReturn(true); 2469 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE, true); 2470 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, false); 2471 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE, 2472 true); 2473 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_USER, false); 2474 } 2475 2476 public void testCheckProvisioningPreCondition_ManagedProfileFeatureOff() throws Exception { 2477 setup_ManagedProfileFeatureOff(); 2478 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2479 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE, 2480 DevicePolicyManager.CODE_OK); 2481 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2482 DevicePolicyManager.CODE_MANAGED_USERS_NOT_SUPPORTED); 2483 assertCheckProvisioningPreCondition( 2484 DevicePolicyManager.ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE, 2485 DevicePolicyManager.CODE_NOT_SYSTEM_USER_SPLIT); 2486 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_USER, 2487 DevicePolicyManager.CODE_MANAGED_USERS_NOT_SUPPORTED); 2488 2489 // Test again when split user is on 2490 when(mContext.userManagerForMock.isSplitSystemUser()).thenReturn(true); 2491 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE, 2492 DevicePolicyManager.CODE_OK); 2493 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2494 DevicePolicyManager.CODE_MANAGED_USERS_NOT_SUPPORTED); 2495 assertCheckProvisioningPreCondition( 2496 DevicePolicyManager.ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE, 2497 DevicePolicyManager.CODE_OK); 2498 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_USER, 2499 DevicePolicyManager.CODE_MANAGED_USERS_NOT_SUPPORTED); 2500 } 2501 2502 private void setup_nonSplitUser_firstBoot_primaryUser() throws Exception { 2503 when(mContext.ipackageManager.hasSystemFeature(PackageManager.FEATURE_MANAGED_USERS, 0)) 2504 .thenReturn(true); 2505 when(mContext.userManagerForMock.isSplitSystemUser()).thenReturn(false); 2506 when(mContext.userManager.canAddMoreManagedProfiles(UserHandle.USER_SYSTEM, true)) 2507 .thenReturn(true); 2508 setUserSetupCompleteForUser(false, UserHandle.USER_SYSTEM); 2509 2510 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 2511 } 2512 2513 public void testIsProvisioningAllowed_nonSplitUser_firstBoot_primaryUser() throws Exception { 2514 setup_nonSplitUser_firstBoot_primaryUser(); 2515 mContext.packageName = admin1.getPackageName(); 2516 setUpPackageManagerForAdmin(admin1, mContext.binder.callingUid); 2517 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE, true); 2518 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, true); 2519 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE, 2520 false /* because of non-split user */); 2521 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_USER, 2522 false /* because of non-split user */); 2523 } 2524 2525 public void testCheckProvisioningPreCondition_nonSplitUser_firstBoot_primaryUser() 2526 throws Exception { 2527 setup_nonSplitUser_firstBoot_primaryUser(); 2528 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2529 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE, 2530 DevicePolicyManager.CODE_OK); 2531 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2532 DevicePolicyManager.CODE_OK); 2533 assertCheckProvisioningPreCondition( 2534 DevicePolicyManager.ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE, 2535 DevicePolicyManager.CODE_NOT_SYSTEM_USER_SPLIT); 2536 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_USER, 2537 DevicePolicyManager.CODE_NOT_SYSTEM_USER_SPLIT); 2538 } 2539 2540 private void setup_nonSplitUser_afterDeviceSetup_primaryUser() throws Exception { 2541 when(mContext.ipackageManager.hasSystemFeature(PackageManager.FEATURE_MANAGED_USERS, 0)) 2542 .thenReturn(true); 2543 when(mContext.userManagerForMock.isSplitSystemUser()).thenReturn(false); 2544 when(mContext.userManager.canAddMoreManagedProfiles(UserHandle.USER_SYSTEM, true)) 2545 .thenReturn(true); 2546 setUserSetupCompleteForUser(true, UserHandle.USER_SYSTEM); 2547 2548 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 2549 } 2550 2551 private void setup_nonSplitUser_withDo_primaryUser() throws Exception { 2552 setDeviceOwner(); 2553 setup_nonSplitUser_afterDeviceSetup_primaryUser(); 2554 setUpPackageManagerForFakeAdmin(adminAnotherPackage, DpmMockContext.ANOTHER_UID, admin2); 2555 } 2556 2557 private void setup_nonSplitUser_withDo_primaryUser_ManagedProfile() throws Exception { 2558 setup_nonSplitUser_withDo_primaryUser(); 2559 final int MANAGED_PROFILE_USER_ID = 18; 2560 final int MANAGED_PROFILE_ADMIN_UID = UserHandle.getUid(MANAGED_PROFILE_USER_ID, 1308); 2561 addManagedProfile(admin1, MANAGED_PROFILE_ADMIN_UID, admin1); 2562 when(mContext.userManager.canAddMoreManagedProfiles(UserHandle.USER_SYSTEM, 2563 false /* we can't remove a managed profile */)).thenReturn(false); 2564 when(mContext.userManager.canAddMoreManagedProfiles(UserHandle.USER_SYSTEM, 2565 true)).thenReturn(true); 2566 } 2567 2568 public void testIsProvisioningAllowed_nonSplitUser_afterDeviceSetup_primaryUser() 2569 throws Exception { 2570 setup_nonSplitUser_afterDeviceSetup_primaryUser(); 2571 mContext.packageName = admin1.getPackageName(); 2572 setUpPackageManagerForAdmin(admin1, mContext.binder.callingUid); 2573 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE, 2574 false/* because of completed device setup */); 2575 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, true); 2576 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE, 2577 false/* because of non-split user */); 2578 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_USER, 2579 false/* because of non-split user */); 2580 } 2581 2582 public void testCheckProvisioningPreCondition_nonSplitUser_afterDeviceSetup_primaryUser() 2583 throws Exception { 2584 setup_nonSplitUser_afterDeviceSetup_primaryUser(); 2585 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2586 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE, 2587 DevicePolicyManager.CODE_USER_SETUP_COMPLETED); 2588 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2589 DevicePolicyManager.CODE_OK); 2590 assertCheckProvisioningPreCondition( 2591 DevicePolicyManager.ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE, 2592 DevicePolicyManager.CODE_NOT_SYSTEM_USER_SPLIT); 2593 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_USER, 2594 DevicePolicyManager.CODE_NOT_SYSTEM_USER_SPLIT); 2595 } 2596 2597 public void testProvisioning_nonSplitUser_withDo_primaryUser() throws Exception { 2598 setup_nonSplitUser_withDo_primaryUser(); 2599 mContext.packageName = admin1.getPackageName(); 2600 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2601 2602 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE, 2603 DevicePolicyManager.CODE_HAS_DEVICE_OWNER); 2604 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE, false); 2605 2606 // COMP mode is allowed. 2607 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2608 DevicePolicyManager.CODE_OK); 2609 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, true); 2610 2611 // And other DPCs can also provision a managed profile (DO + BYOD case). 2612 assertCheckProvisioningPreCondition( 2613 DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2614 DpmMockContext.ANOTHER_PACKAGE_NAME, 2615 DevicePolicyManager.CODE_OK); 2616 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, true, 2617 DpmMockContext.ANOTHER_PACKAGE_NAME, DpmMockContext.ANOTHER_UID); 2618 } 2619 2620 public void testProvisioning_nonSplitUser_withDo_primaryUser_restrictedByDo() throws Exception { 2621 setup_nonSplitUser_withDo_primaryUser(); 2622 mContext.packageName = admin1.getPackageName(); 2623 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2624 // The DO should be allowed to initiate provisioning if it set the restriction itself, but 2625 // other packages should be forbidden. 2626 when(mContext.userManager.hasUserRestriction( 2627 eq(UserManager.DISALLOW_ADD_MANAGED_PROFILE), 2628 eq(UserHandle.getUserHandleForUid(mContext.binder.callingUid)))) 2629 .thenReturn(true); 2630 when(mContext.userManager.getUserRestrictionSource( 2631 eq(UserManager.DISALLOW_ADD_MANAGED_PROFILE), 2632 eq(UserHandle.getUserHandleForUid(mContext.binder.callingUid)))) 2633 .thenReturn(UserManager.RESTRICTION_SOURCE_DEVICE_OWNER); 2634 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2635 DevicePolicyManager.CODE_OK); 2636 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, true); 2637 assertCheckProvisioningPreCondition( 2638 DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2639 DpmMockContext.ANOTHER_PACKAGE_NAME, 2640 DevicePolicyManager.CODE_ADD_MANAGED_PROFILE_DISALLOWED); 2641 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, false, 2642 DpmMockContext.ANOTHER_PACKAGE_NAME, DpmMockContext.ANOTHER_UID); 2643 } 2644 2645 public void testProvisioning_nonSplitUser_withDo_primaryUser_restrictedBySystem() 2646 throws Exception { 2647 setup_nonSplitUser_withDo_primaryUser(); 2648 mContext.packageName = admin1.getPackageName(); 2649 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2650 // The DO should not be allowed to initiate provisioning if the restriction is set by 2651 // another entity. 2652 when(mContext.userManager.hasUserRestriction( 2653 eq(UserManager.DISALLOW_ADD_MANAGED_PROFILE), 2654 eq(UserHandle.getUserHandleForUid(mContext.binder.callingUid)))) 2655 .thenReturn(true); 2656 when(mContext.userManager.getUserRestrictionSource( 2657 eq(UserManager.DISALLOW_ADD_MANAGED_PROFILE), 2658 eq(UserHandle.getUserHandleForUid(mContext.binder.callingUid)))) 2659 .thenReturn(UserManager.RESTRICTION_SOURCE_SYSTEM); 2660 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2661 DevicePolicyManager.CODE_ADD_MANAGED_PROFILE_DISALLOWED); 2662 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, false); 2663 2664 assertCheckProvisioningPreCondition( 2665 DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2666 DpmMockContext.ANOTHER_PACKAGE_NAME, 2667 DevicePolicyManager.CODE_ADD_MANAGED_PROFILE_DISALLOWED); 2668 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, false, 2669 DpmMockContext.ANOTHER_PACKAGE_NAME, DpmMockContext.ANOTHER_UID); 2670 } 2671 2672 public void testCheckProvisioningPreCondition_nonSplitUser_comp() throws Exception { 2673 setup_nonSplitUser_withDo_primaryUser_ManagedProfile(); 2674 mContext.packageName = admin1.getPackageName(); 2675 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2676 2677 // We can delete the managed profile to create a new one, so provisioning is allowed. 2678 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2679 DevicePolicyManager.CODE_OK); 2680 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, true); 2681 assertCheckProvisioningPreCondition( 2682 DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2683 DpmMockContext.ANOTHER_PACKAGE_NAME, 2684 DevicePolicyManager.CODE_OK); 2685 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, true, 2686 DpmMockContext.ANOTHER_PACKAGE_NAME, DpmMockContext.ANOTHER_UID); 2687 } 2688 2689 public void testCheckProvisioningPreCondition_nonSplitUser_comp_cannot_remove_profile() 2690 throws Exception { 2691 setup_nonSplitUser_withDo_primaryUser_ManagedProfile(); 2692 mContext.packageName = admin1.getPackageName(); 2693 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2694 when(mContext.userManager.hasUserRestriction( 2695 eq(UserManager.DISALLOW_REMOVE_MANAGED_PROFILE), 2696 eq(UserHandle.SYSTEM))) 2697 .thenReturn(true); 2698 when(mContext.userManager.getUserRestrictionSource( 2699 eq(UserManager.DISALLOW_REMOVE_MANAGED_PROFILE), 2700 eq(UserHandle.SYSTEM))) 2701 .thenReturn(UserManager.RESTRICTION_SOURCE_DEVICE_OWNER); 2702 2703 // We can't remove the profile to create a new one. 2704 assertCheckProvisioningPreCondition( 2705 DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2706 DpmMockContext.ANOTHER_PACKAGE_NAME, 2707 DevicePolicyManager.CODE_CANNOT_ADD_MANAGED_PROFILE); 2708 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, false, 2709 DpmMockContext.ANOTHER_PACKAGE_NAME, DpmMockContext.ANOTHER_UID); 2710 2711 // But the device owner can still do it because it has set the restriction itself. 2712 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2713 DevicePolicyManager.CODE_OK); 2714 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, true); 2715 } 2716 2717 private void setup_splitUser_firstBoot_systemUser() throws Exception { 2718 when(mContext.ipackageManager.hasSystemFeature(PackageManager.FEATURE_MANAGED_USERS, 0)) 2719 .thenReturn(true); 2720 when(mContext.userManagerForMock.isSplitSystemUser()).thenReturn(true); 2721 when(mContext.userManager.canAddMoreManagedProfiles(UserHandle.USER_SYSTEM, true)) 2722 .thenReturn(false); 2723 setUserSetupCompleteForUser(false, UserHandle.USER_SYSTEM); 2724 2725 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 2726 } 2727 2728 public void testIsProvisioningAllowed_splitUser_firstBoot_systemUser() throws Exception { 2729 setup_splitUser_firstBoot_systemUser(); 2730 mContext.packageName = admin1.getPackageName(); 2731 setUpPackageManagerForAdmin(admin1, mContext.binder.callingUid); 2732 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE, true); 2733 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2734 false /* because canAddMoreManagedProfiles returns false */); 2735 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE, 2736 true); 2737 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_USER, 2738 false/* because calling uid is system user */); 2739 } 2740 2741 public void testCheckProvisioningPreCondition_splitUser_firstBoot_systemUser() 2742 throws Exception { 2743 setup_splitUser_firstBoot_systemUser(); 2744 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2745 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE, 2746 DevicePolicyManager.CODE_OK); 2747 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2748 DevicePolicyManager.CODE_SPLIT_SYSTEM_USER_DEVICE_SYSTEM_USER); 2749 assertCheckProvisioningPreCondition( 2750 DevicePolicyManager.ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE, 2751 DevicePolicyManager.CODE_OK); 2752 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_USER, 2753 DevicePolicyManager.CODE_SYSTEM_USER); 2754 } 2755 2756 private void setup_splitUser_afterDeviceSetup_systemUser() throws Exception { 2757 when(mContext.ipackageManager.hasSystemFeature(PackageManager.FEATURE_MANAGED_USERS, 0)) 2758 .thenReturn(true); 2759 when(mContext.userManagerForMock.isSplitSystemUser()).thenReturn(true); 2760 when(mContext.userManager.canAddMoreManagedProfiles(UserHandle.USER_SYSTEM, true)) 2761 .thenReturn(false); 2762 setUserSetupCompleteForUser(true, UserHandle.USER_SYSTEM); 2763 2764 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 2765 } 2766 2767 public void testIsProvisioningAllowed_splitUser_afterDeviceSetup_systemUser() throws Exception { 2768 setup_splitUser_afterDeviceSetup_systemUser(); 2769 mContext.packageName = admin1.getPackageName(); 2770 setUpPackageManagerForAdmin(admin1, mContext.binder.callingUid); 2771 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE, 2772 true/* it's undefined behavior. Can be changed into false in the future */); 2773 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2774 false /* because canAddMoreManagedProfiles returns false */); 2775 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE, 2776 true/* it's undefined behavior. Can be changed into false in the future */); 2777 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_USER, 2778 false/* because calling uid is system user */); 2779 } 2780 2781 public void testCheckProvisioningPreCondition_splitUser_afterDeviceSetup_systemUser() 2782 throws Exception { 2783 setup_splitUser_afterDeviceSetup_systemUser(); 2784 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2785 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE, 2786 DevicePolicyManager.CODE_OK); 2787 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2788 DevicePolicyManager.CODE_SPLIT_SYSTEM_USER_DEVICE_SYSTEM_USER); 2789 assertCheckProvisioningPreCondition( 2790 DevicePolicyManager.ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE, 2791 DevicePolicyManager.CODE_OK); 2792 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_USER, 2793 DevicePolicyManager.CODE_SYSTEM_USER); 2794 } 2795 2796 private void setup_splitUser_firstBoot_primaryUser() throws Exception { 2797 when(mContext.ipackageManager.hasSystemFeature(PackageManager.FEATURE_MANAGED_USERS, 0)) 2798 .thenReturn(true); 2799 when(mContext.userManagerForMock.isSplitSystemUser()).thenReturn(true); 2800 when(mContext.userManager.canAddMoreManagedProfiles(DpmMockContext.CALLER_USER_HANDLE, 2801 true)).thenReturn(true); 2802 setUserSetupCompleteForUser(false, DpmMockContext.CALLER_USER_HANDLE); 2803 2804 mContext.binder.callingUid = DpmMockContext.CALLER_UID; 2805 } 2806 2807 public void testIsProvisioningAllowed_splitUser_firstBoot_primaryUser() throws Exception { 2808 setup_splitUser_firstBoot_primaryUser(); 2809 mContext.packageName = admin1.getPackageName(); 2810 setUpPackageManagerForAdmin(admin1, mContext.binder.callingUid); 2811 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE, true); 2812 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, true); 2813 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE, 2814 true); 2815 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_USER, true); 2816 } 2817 2818 public void testCheckProvisioningPreCondition_splitUser_firstBoot_primaryUser() 2819 throws Exception { 2820 setup_splitUser_firstBoot_primaryUser(); 2821 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2822 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE, 2823 DevicePolicyManager.CODE_OK); 2824 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2825 DevicePolicyManager.CODE_OK); 2826 assertCheckProvisioningPreCondition( 2827 DevicePolicyManager.ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE, 2828 DevicePolicyManager.CODE_OK); 2829 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_USER, 2830 DevicePolicyManager.CODE_OK); 2831 } 2832 2833 private void setup_splitUser_afterDeviceSetup_primaryUser() throws Exception { 2834 when(mContext.ipackageManager.hasSystemFeature(PackageManager.FEATURE_MANAGED_USERS, 0)) 2835 .thenReturn(true); 2836 when(mContext.userManagerForMock.isSplitSystemUser()).thenReturn(true); 2837 when(mContext.userManager.canAddMoreManagedProfiles(DpmMockContext.CALLER_USER_HANDLE, 2838 true)).thenReturn(true); 2839 setUserSetupCompleteForUser(true, DpmMockContext.CALLER_USER_HANDLE); 2840 2841 mContext.binder.callingUid = DpmMockContext.CALLER_UID; 2842 } 2843 2844 public void testIsProvisioningAllowed_splitUser_afterDeviceSetup_primaryUser() 2845 throws Exception { 2846 setup_splitUser_afterDeviceSetup_primaryUser(); 2847 mContext.packageName = admin1.getPackageName(); 2848 setUpPackageManagerForAdmin(admin1, mContext.binder.callingUid); 2849 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE, 2850 true/* it's undefined behavior. Can be changed into false in the future */); 2851 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, true); 2852 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE, 2853 true/* it's undefined behavior. Can be changed into false in the future */); 2854 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_USER, 2855 false/* because user setup completed */); 2856 } 2857 2858 public void testCheckProvisioningPreCondition_splitUser_afterDeviceSetup_primaryUser() 2859 throws Exception { 2860 setup_splitUser_afterDeviceSetup_primaryUser(); 2861 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2862 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_DEVICE, 2863 DevicePolicyManager.CODE_OK); 2864 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2865 DevicePolicyManager.CODE_OK); 2866 assertCheckProvisioningPreCondition( 2867 DevicePolicyManager.ACTION_PROVISION_MANAGED_SHAREABLE_DEVICE, 2868 DevicePolicyManager.CODE_OK); 2869 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_USER, 2870 DevicePolicyManager.CODE_USER_SETUP_COMPLETED); 2871 } 2872 2873 private void setup_provisionManagedProfileWithDeviceOwner_systemUser() throws Exception { 2874 setDeviceOwner(); 2875 2876 when(mContext.ipackageManager.hasSystemFeature(PackageManager.FEATURE_MANAGED_USERS, 0)) 2877 .thenReturn(true); 2878 when(mContext.userManagerForMock.isSplitSystemUser()).thenReturn(true); 2879 when(mContext.userManager.canAddMoreManagedProfiles(UserHandle.USER_SYSTEM, true)) 2880 .thenReturn(false); 2881 setUserSetupCompleteForUser(true, UserHandle.USER_SYSTEM); 2882 2883 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 2884 } 2885 2886 public void testIsProvisioningAllowed_provisionManagedProfileWithDeviceOwner_systemUser() 2887 throws Exception { 2888 setup_provisionManagedProfileWithDeviceOwner_systemUser(); 2889 mContext.packageName = admin1.getPackageName(); 2890 setUpPackageManagerForAdmin(admin1, mContext.binder.callingUid); 2891 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2892 false /* can't provision managed profile on system user */); 2893 } 2894 2895 public void testCheckProvisioningPreCondition_provisionManagedProfileWithDeviceOwner_systemUser() 2896 throws Exception { 2897 setup_provisionManagedProfileWithDeviceOwner_systemUser(); 2898 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2899 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2900 DevicePolicyManager.CODE_SPLIT_SYSTEM_USER_DEVICE_SYSTEM_USER); 2901 } 2902 2903 private void setup_provisionManagedProfileWithDeviceOwner_primaryUser() throws Exception { 2904 setDeviceOwner(); 2905 2906 when(mContext.ipackageManager.hasSystemFeature(PackageManager.FEATURE_MANAGED_USERS, 0)) 2907 .thenReturn(true); 2908 when(mContext.userManagerForMock.isSplitSystemUser()).thenReturn(true); 2909 when(mContext.userManager.canAddMoreManagedProfiles(DpmMockContext.CALLER_USER_HANDLE, 2910 true)).thenReturn(true); 2911 setUserSetupCompleteForUser(false, DpmMockContext.CALLER_USER_HANDLE); 2912 2913 mContext.binder.callingUid = DpmMockContext.CALLER_UID; 2914 } 2915 2916 public void testIsProvisioningAllowed_provisionManagedProfileWithDeviceOwner_primaryUser() 2917 throws Exception { 2918 setup_provisionManagedProfileWithDeviceOwner_primaryUser(); 2919 setUpPackageManagerForAdmin(admin1, mContext.binder.callingUid); 2920 mContext.packageName = admin1.getPackageName(); 2921 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, true); 2922 } 2923 2924 public void testCheckProvisioningPreCondition_provisionManagedProfileWithDeviceOwner_primaryUser() 2925 throws Exception { 2926 setup_provisionManagedProfileWithDeviceOwner_primaryUser(); 2927 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2928 2929 // COMP mode is allowed. 2930 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2931 DevicePolicyManager.CODE_OK); 2932 } 2933 2934 private void setup_provisionManagedProfileCantRemoveUser_primaryUser() throws Exception { 2935 setDeviceOwner(); 2936 2937 when(mContext.ipackageManager.hasSystemFeature(PackageManager.FEATURE_MANAGED_USERS, 0)) 2938 .thenReturn(true); 2939 when(mContext.userManagerForMock.isSplitSystemUser()).thenReturn(true); 2940 when(mContext.userManager.hasUserRestriction( 2941 eq(UserManager.DISALLOW_REMOVE_MANAGED_PROFILE), 2942 eq(UserHandle.of(DpmMockContext.CALLER_USER_HANDLE)))) 2943 .thenReturn(true); 2944 when(mContext.userManager.canAddMoreManagedProfiles(DpmMockContext.CALLER_USER_HANDLE, 2945 false /* we can't remove a managed profile */)).thenReturn(false); 2946 when(mContext.userManager.canAddMoreManagedProfiles(DpmMockContext.CALLER_USER_HANDLE, 2947 true)).thenReturn(true); 2948 setUserSetupCompleteForUser(false, DpmMockContext.CALLER_USER_HANDLE); 2949 2950 mContext.binder.callingUid = DpmMockContext.CALLER_UID; 2951 } 2952 2953 public void testIsProvisioningAllowed_provisionManagedProfileCantRemoveUser_primaryUser() 2954 throws Exception { 2955 setup_provisionManagedProfileCantRemoveUser_primaryUser(); 2956 mContext.packageName = admin1.getPackageName(); 2957 setUpPackageManagerForAdmin(admin1, mContext.binder.callingUid); 2958 assertProvisioningAllowed(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, false); 2959 } 2960 2961 public void testCheckProvisioningPreCondition_provisionManagedProfileCantRemoveUser_primaryUser() 2962 throws Exception { 2963 setup_provisionManagedProfileCantRemoveUser_primaryUser(); 2964 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2965 assertCheckProvisioningPreCondition(DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, 2966 DevicePolicyManager.CODE_CANNOT_ADD_MANAGED_PROFILE); 2967 } 2968 2969 public void testCheckProvisioningPreCondition_permission() { 2970 // GIVEN the permission MANAGE_PROFILE_AND_DEVICE_OWNERS is not granted 2971 try { 2972 dpm.checkProvisioningPreCondition( 2973 DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE, "some.package"); 2974 fail("Didn't throw SecurityException"); 2975 } catch (SecurityException expected) { 2976 } 2977 } 2978 2979 public void testForceUpdateUserSetupComplete_permission() { 2980 // GIVEN the permission MANAGE_PROFILE_AND_DEVICE_OWNERS is not granted 2981 try { 2982 dpm.forceUpdateUserSetupComplete(); 2983 fail("Didn't throw SecurityException"); 2984 } catch (SecurityException expected) { 2985 } 2986 } 2987 2988 public void testForceUpdateUserSetupComplete_systemUser() { 2989 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 2990 // GIVEN calling from user 20 2991 mContext.binder.callingUid = DpmMockContext.CALLER_UID; 2992 try { 2993 dpm.forceUpdateUserSetupComplete(); 2994 fail("Didn't throw SecurityException"); 2995 } catch (SecurityException expected) { 2996 } 2997 } 2998 2999 public void testForceUpdateUserSetupComplete_userbuild() { 3000 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 3001 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 3002 3003 final int userId = UserHandle.USER_SYSTEM; 3004 // GIVEN userComplete is false in SettingsProvider 3005 setUserSetupCompleteForUser(false, userId); 3006 3007 // GIVEN userComplete is true in DPM 3008 DevicePolicyManagerService.DevicePolicyData userData = 3009 new DevicePolicyManagerService.DevicePolicyData(userId); 3010 userData.mUserSetupComplete = true; 3011 dpms.mUserData.put(UserHandle.USER_SYSTEM, userData); 3012 3013 // GIVEN it's user build 3014 mContext.buildMock.isDebuggable = false; 3015 3016 assertTrue(dpms.hasUserSetupCompleted()); 3017 3018 dpm.forceUpdateUserSetupComplete(); 3019 3020 // THEN the state in dpms is not changed 3021 assertTrue(dpms.hasUserSetupCompleted()); 3022 } 3023 3024 public void testForceUpdateUserSetupComplete_userDebugbuild() { 3025 mContext.callerPermissions.add(permission.MANAGE_PROFILE_AND_DEVICE_OWNERS); 3026 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 3027 3028 final int userId = UserHandle.USER_SYSTEM; 3029 // GIVEN userComplete is false in SettingsProvider 3030 setUserSetupCompleteForUser(false, userId); 3031 3032 // GIVEN userComplete is true in DPM 3033 DevicePolicyManagerService.DevicePolicyData userData = 3034 new DevicePolicyManagerService.DevicePolicyData(userId); 3035 userData.mUserSetupComplete = true; 3036 dpms.mUserData.put(UserHandle.USER_SYSTEM, userData); 3037 3038 // GIVEN it's userdebug build 3039 mContext.buildMock.isDebuggable = true; 3040 3041 assertTrue(dpms.hasUserSetupCompleted()); 3042 3043 dpm.forceUpdateUserSetupComplete(); 3044 3045 // THEN the state in dpms is not changed 3046 assertFalse(dpms.hasUserSetupCompleted()); 3047 } 3048 3049 private void clearDeviceOwner() throws Exception { 3050 final long ident = mContext.binder.clearCallingIdentity(); 3051 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 3052 doReturn(DpmMockContext.CALLER_SYSTEM_USER_UID).when(mContext.packageManager) 3053 .getPackageUidAsUser(eq(admin1.getPackageName()), anyInt()); 3054 dpm.clearDeviceOwnerApp(admin1.getPackageName()); 3055 mContext.binder.restoreCallingIdentity(ident); 3056 } 3057 3058 public void testGetLastSecurityLogRetrievalTime() throws Exception { 3059 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 3060 setupDeviceOwner(); 3061 3062 // setUp() adds a secondary user for CALLER_USER_HANDLE. Remove it as otherwise the 3063 // feature is disabled because there are non-affiliated secondary users. 3064 mContext.removeUser(DpmMockContext.CALLER_USER_HANDLE); 3065 when(mContext.resources.getBoolean(R.bool.config_supportPreRebootSecurityLogs)) 3066 .thenReturn(true); 3067 3068 // No logs were retrieved so far. 3069 assertEquals(-1, dpm.getLastSecurityLogRetrievalTime()); 3070 3071 // Enabling logging should not change the timestamp. 3072 dpm.setSecurityLoggingEnabled(admin1, true); 3073 verify(mContext.settings) 3074 .securityLogSetLoggingEnabledProperty(true); 3075 when(mContext.settings.securityLogGetLoggingEnabledProperty()) 3076 .thenReturn(true); 3077 assertEquals(-1, dpm.getLastSecurityLogRetrievalTime()); 3078 3079 // Retrieving the logs should update the timestamp. 3080 final long beforeRetrieval = System.currentTimeMillis(); 3081 dpm.retrieveSecurityLogs(admin1); 3082 final long firstSecurityLogRetrievalTime = dpm.getLastSecurityLogRetrievalTime(); 3083 final long afterRetrieval = System.currentTimeMillis(); 3084 assertTrue(firstSecurityLogRetrievalTime >= beforeRetrieval); 3085 assertTrue(firstSecurityLogRetrievalTime <= afterRetrieval); 3086 3087 // Retrieving the pre-boot logs should update the timestamp. 3088 Thread.sleep(2); 3089 dpm.retrievePreRebootSecurityLogs(admin1); 3090 final long secondSecurityLogRetrievalTime = dpm.getLastSecurityLogRetrievalTime(); 3091 assertTrue(secondSecurityLogRetrievalTime > firstSecurityLogRetrievalTime); 3092 3093 // Checking the timestamp again should not change it. 3094 Thread.sleep(2); 3095 assertEquals(secondSecurityLogRetrievalTime, dpm.getLastSecurityLogRetrievalTime()); 3096 3097 // Retrieving the logs again should update the timestamp. 3098 dpm.retrieveSecurityLogs(admin1); 3099 final long thirdSecurityLogRetrievalTime = dpm.getLastSecurityLogRetrievalTime(); 3100 assertTrue(thirdSecurityLogRetrievalTime > secondSecurityLogRetrievalTime); 3101 3102 // Disabling logging should not change the timestamp. 3103 Thread.sleep(2); 3104 dpm.setSecurityLoggingEnabled(admin1, false); 3105 assertEquals(thirdSecurityLogRetrievalTime, dpm.getLastSecurityLogRetrievalTime()); 3106 3107 // Restarting the DPMS should not lose the timestamp. 3108 initializeDpms(); 3109 assertEquals(thirdSecurityLogRetrievalTime, dpm.getLastSecurityLogRetrievalTime()); 3110 3111 // Any uid holding MANAGE_USERS permission can retrieve the timestamp. 3112 mContext.binder.callingUid = 1234567; 3113 mContext.callerPermissions.add(permission.MANAGE_USERS); 3114 assertEquals(thirdSecurityLogRetrievalTime, dpm.getLastSecurityLogRetrievalTime()); 3115 mContext.callerPermissions.remove(permission.MANAGE_USERS); 3116 3117 // System can retrieve the timestamp. 3118 mContext.binder.clearCallingIdentity(); 3119 assertEquals(thirdSecurityLogRetrievalTime, dpm.getLastSecurityLogRetrievalTime()); 3120 3121 // Removing the device owner should clear the timestamp. 3122 clearDeviceOwner(); 3123 assertEquals(-1, dpm.getLastSecurityLogRetrievalTime()); 3124 } 3125 3126 public void testGetLastBugReportRequestTime() throws Exception { 3127 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 3128 setupDeviceOwner(); 3129 3130 mContext.packageName = admin1.getPackageName(); 3131 mContext.applicationInfo = new ApplicationInfo(); 3132 when(mContext.resources.getColor(eq(R.color.notification_action_list), anyObject())) 3133 .thenReturn(Color.WHITE); 3134 when(mContext.resources.getColor(eq(R.color.notification_material_background_color), 3135 anyObject())).thenReturn(Color.WHITE); 3136 3137 // setUp() adds a secondary user for CALLER_USER_HANDLE. Remove it as otherwise the 3138 // feature is disabled because there are non-affiliated secondary users. 3139 mContext.removeUser(DpmMockContext.CALLER_USER_HANDLE); 3140 3141 // No bug reports were requested so far. 3142 assertEquals(-1, dpm.getLastBugReportRequestTime()); 3143 3144 // Requesting a bug report should update the timestamp. 3145 final long beforeRequest = System.currentTimeMillis(); 3146 dpm.requestBugreport(admin1); 3147 final long bugReportRequestTime = dpm.getLastBugReportRequestTime(); 3148 final long afterRequest = System.currentTimeMillis(); 3149 assertTrue(bugReportRequestTime >= beforeRequest); 3150 assertTrue(bugReportRequestTime <= afterRequest); 3151 3152 // Checking the timestamp again should not change it. 3153 Thread.sleep(2); 3154 assertEquals(bugReportRequestTime, dpm.getLastBugReportRequestTime()); 3155 3156 // Restarting the DPMS should not lose the timestamp. 3157 initializeDpms(); 3158 assertEquals(bugReportRequestTime, dpm.getLastBugReportRequestTime()); 3159 3160 // Any uid holding MANAGE_USERS permission can retrieve the timestamp. 3161 mContext.binder.callingUid = 1234567; 3162 mContext.callerPermissions.add(permission.MANAGE_USERS); 3163 assertEquals(bugReportRequestTime, dpm.getLastBugReportRequestTime()); 3164 mContext.callerPermissions.remove(permission.MANAGE_USERS); 3165 3166 // System can retrieve the timestamp. 3167 mContext.binder.clearCallingIdentity(); 3168 assertEquals(bugReportRequestTime, dpm.getLastBugReportRequestTime()); 3169 3170 // Removing the device owner should clear the timestamp. 3171 clearDeviceOwner(); 3172 assertEquals(-1, dpm.getLastBugReportRequestTime()); 3173 } 3174 3175 public void testGetLastNetworkLogRetrievalTime() throws Exception { 3176 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 3177 setupDeviceOwner(); 3178 mContext.packageName = admin1.getPackageName(); 3179 mContext.applicationInfo = new ApplicationInfo(); 3180 when(mContext.resources.getColor(eq(R.color.notification_action_list), anyObject())) 3181 .thenReturn(Color.WHITE); 3182 when(mContext.resources.getColor(eq(R.color.notification_material_background_color), 3183 anyObject())).thenReturn(Color.WHITE); 3184 3185 // setUp() adds a secondary user for CALLER_USER_HANDLE. Remove it as otherwise the 3186 // feature is disabled because there are non-affiliated secondary users. 3187 mContext.removeUser(DpmMockContext.CALLER_USER_HANDLE); 3188 when(mContext.iipConnectivityMetrics.registerNetdEventCallback(anyObject())) 3189 .thenReturn(true); 3190 3191 // No logs were retrieved so far. 3192 assertEquals(-1, dpm.getLastNetworkLogRetrievalTime()); 3193 3194 // Attempting to retrieve logs without enabling logging should not change the timestamp. 3195 dpm.retrieveNetworkLogs(admin1, 0 /* batchToken */); 3196 assertEquals(-1, dpm.getLastNetworkLogRetrievalTime()); 3197 3198 // Enabling logging should not change the timestamp. 3199 dpm.setNetworkLoggingEnabled(admin1, true); 3200 assertEquals(-1, dpm.getLastNetworkLogRetrievalTime()); 3201 3202 // Retrieving the logs should update the timestamp. 3203 final long beforeRetrieval = System.currentTimeMillis(); 3204 dpm.retrieveNetworkLogs(admin1, 0 /* batchToken */); 3205 final long firstNetworkLogRetrievalTime = dpm.getLastNetworkLogRetrievalTime(); 3206 final long afterRetrieval = System.currentTimeMillis(); 3207 assertTrue(firstNetworkLogRetrievalTime >= beforeRetrieval); 3208 assertTrue(firstNetworkLogRetrievalTime <= afterRetrieval); 3209 3210 // Checking the timestamp again should not change it. 3211 Thread.sleep(2); 3212 assertEquals(firstNetworkLogRetrievalTime, dpm.getLastNetworkLogRetrievalTime()); 3213 3214 // Retrieving the logs again should update the timestamp. 3215 dpm.retrieveNetworkLogs(admin1, 0 /* batchToken */); 3216 final long secondNetworkLogRetrievalTime = dpm.getLastNetworkLogRetrievalTime(); 3217 assertTrue(secondNetworkLogRetrievalTime > firstNetworkLogRetrievalTime); 3218 3219 // Disabling logging should not change the timestamp. 3220 Thread.sleep(2); 3221 dpm.setNetworkLoggingEnabled(admin1, false); 3222 assertEquals(secondNetworkLogRetrievalTime, dpm.getLastNetworkLogRetrievalTime()); 3223 3224 // Restarting the DPMS should not lose the timestamp. 3225 initializeDpms(); 3226 assertEquals(secondNetworkLogRetrievalTime, dpm.getLastNetworkLogRetrievalTime()); 3227 3228 // Any uid holding MANAGE_USERS permission can retrieve the timestamp. 3229 mContext.binder.callingUid = 1234567; 3230 mContext.callerPermissions.add(permission.MANAGE_USERS); 3231 assertEquals(secondNetworkLogRetrievalTime, dpm.getLastNetworkLogRetrievalTime()); 3232 mContext.callerPermissions.remove(permission.MANAGE_USERS); 3233 3234 // System can retrieve the timestamp. 3235 mContext.binder.clearCallingIdentity(); 3236 assertEquals(secondNetworkLogRetrievalTime, dpm.getLastNetworkLogRetrievalTime()); 3237 3238 // Removing the device owner should clear the timestamp. 3239 clearDeviceOwner(); 3240 assertEquals(-1, dpm.getLastNetworkLogRetrievalTime()); 3241 } 3242 3243 public void testGetBindDeviceAdminTargetUsers() throws Exception { 3244 // Setup device owner. 3245 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 3246 setupDeviceOwner(); 3247 3248 // Only device owner is setup, the result list should be empty. 3249 List<UserHandle> targetUsers = dpm.getBindDeviceAdminTargetUsers(admin1); 3250 MoreAsserts.assertEmpty(targetUsers); 3251 3252 // Setup a managed profile managed by the same admin. 3253 final int MANAGED_PROFILE_USER_ID = 15; 3254 final int MANAGED_PROFILE_ADMIN_UID = UserHandle.getUid(MANAGED_PROFILE_USER_ID, 20456); 3255 addManagedProfile(admin1, MANAGED_PROFILE_ADMIN_UID, admin1); 3256 3257 // Add a secondary user, it should never talk with. 3258 final int ANOTHER_USER_ID = 36; 3259 mContext.addUser(ANOTHER_USER_ID, 0); 3260 3261 // Since the managed profile is not affiliated, they should not be allowed to talk to each 3262 // other. 3263 targetUsers = dpm.getBindDeviceAdminTargetUsers(admin1); 3264 MoreAsserts.assertEmpty(targetUsers); 3265 3266 mContext.binder.callingUid = MANAGED_PROFILE_ADMIN_UID; 3267 targetUsers = dpm.getBindDeviceAdminTargetUsers(admin1); 3268 MoreAsserts.assertEmpty(targetUsers); 3269 3270 // Setting affiliation ids 3271 final List<String> userAffiliationIds = Arrays.asList("some.affiliation-id"); 3272 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 3273 dpm.setAffiliationIds(admin1, userAffiliationIds); 3274 3275 mContext.binder.callingUid = MANAGED_PROFILE_ADMIN_UID; 3276 dpm.setAffiliationIds(admin1, userAffiliationIds); 3277 3278 // Calling from device owner admin, the result list should just contain the managed 3279 // profile user id. 3280 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 3281 targetUsers = dpm.getBindDeviceAdminTargetUsers(admin1); 3282 MoreAsserts.assertContentsInAnyOrder(targetUsers, UserHandle.of(MANAGED_PROFILE_USER_ID)); 3283 3284 // Calling from managed profile admin, the result list should just contain the system 3285 // user id. 3286 mContext.binder.callingUid = MANAGED_PROFILE_ADMIN_UID; 3287 targetUsers = dpm.getBindDeviceAdminTargetUsers(admin1); 3288 MoreAsserts.assertContentsInAnyOrder(targetUsers, UserHandle.SYSTEM); 3289 3290 // Changing affiliation ids in one 3291 dpm.setAffiliationIds(admin1, Arrays.asList("some-different-affiliation-id")); 3292 3293 // Since the managed profile is not affiliated any more, they should not be allowed to talk 3294 // to each other. 3295 targetUsers = dpm.getBindDeviceAdminTargetUsers(admin1); 3296 MoreAsserts.assertEmpty(targetUsers); 3297 3298 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 3299 targetUsers = dpm.getBindDeviceAdminTargetUsers(admin1); 3300 MoreAsserts.assertEmpty(targetUsers); 3301 } 3302 3303 public void testGetBindDeviceAdminTargetUsers_differentPackage() throws Exception { 3304 // Setup a device owner. 3305 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 3306 setupDeviceOwner(); 3307 3308 // Set up a managed profile managed by different package. 3309 final int MANAGED_PROFILE_USER_ID = 15; 3310 final int MANAGED_PROFILE_ADMIN_UID = UserHandle.getUid(MANAGED_PROFILE_USER_ID, 20456); 3311 final ComponentName adminDifferentPackage = 3312 new ComponentName("another.package", "whatever.class"); 3313 addManagedProfile(adminDifferentPackage, MANAGED_PROFILE_ADMIN_UID, admin2); 3314 3315 // Setting affiliation ids 3316 final List<String> userAffiliationIds = Arrays.asList("some-affiliation-id"); 3317 dpm.setAffiliationIds(admin1, userAffiliationIds); 3318 3319 mContext.binder.callingUid = MANAGED_PROFILE_ADMIN_UID; 3320 dpm.setAffiliationIds(adminDifferentPackage, userAffiliationIds); 3321 3322 // Calling from device owner admin, we should get zero bind device admin target users as 3323 // their packages are different. 3324 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 3325 List<UserHandle> targetUsers = dpm.getBindDeviceAdminTargetUsers(admin1); 3326 MoreAsserts.assertEmpty(targetUsers); 3327 3328 // Calling from managed profile admin, we should still get zero target users for the same 3329 // reason. 3330 mContext.binder.callingUid = MANAGED_PROFILE_ADMIN_UID; 3331 targetUsers = dpm.getBindDeviceAdminTargetUsers(adminDifferentPackage); 3332 MoreAsserts.assertEmpty(targetUsers); 3333 } 3334 3335 public void testIsDeviceManaged() throws Exception { 3336 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 3337 setupDeviceOwner(); 3338 3339 // The device owner itself, any uid holding MANAGE_USERS permission and the system can 3340 // find out that the device has a device owner. 3341 assertTrue(dpm.isDeviceManaged()); 3342 mContext.binder.callingUid = 1234567; 3343 mContext.callerPermissions.add(permission.MANAGE_USERS); 3344 assertTrue(dpm.isDeviceManaged()); 3345 mContext.callerPermissions.remove(permission.MANAGE_USERS); 3346 mContext.binder.clearCallingIdentity(); 3347 assertTrue(dpm.isDeviceManaged()); 3348 3349 clearDeviceOwner(); 3350 3351 // Any uid holding MANAGE_USERS permission and the system can find out that the device does 3352 // not have a device owner. 3353 mContext.binder.callingUid = 1234567; 3354 mContext.callerPermissions.add(permission.MANAGE_USERS); 3355 assertFalse(dpm.isDeviceManaged()); 3356 mContext.callerPermissions.remove(permission.MANAGE_USERS); 3357 mContext.binder.clearCallingIdentity(); 3358 assertFalse(dpm.isDeviceManaged()); 3359 } 3360 3361 public void testDeviceOwnerOrganizationName() throws Exception { 3362 mContext.binder.callingUid = DpmMockContext.CALLER_SYSTEM_USER_UID; 3363 setupDeviceOwner(); 3364 3365 dpm.setOrganizationName(admin1, "organization"); 3366 3367 // Device owner can retrieve organization managing the device. 3368 assertEquals("organization", dpm.getDeviceOwnerOrganizationName()); 3369 3370 // Any uid holding MANAGE_USERS permission can retrieve organization managing the device. 3371 mContext.binder.callingUid = 1234567; 3372 mContext.callerPermissions.add(permission.MANAGE_USERS); 3373 assertEquals("organization", dpm.getDeviceOwnerOrganizationName()); 3374 mContext.callerPermissions.remove(permission.MANAGE_USERS); 3375 3376 // System can retrieve organization managing the device. 3377 mContext.binder.clearCallingIdentity(); 3378 assertEquals("organization", dpm.getDeviceOwnerOrganizationName()); 3379 3380 // Removing the device owner clears the organization managing the device. 3381 clearDeviceOwner(); 3382 assertNull(dpm.getDeviceOwnerOrganizationName()); 3383 } 3384 3385 public void testWipeDataManagedProfile() throws Exception { 3386 final int MANAGED_PROFILE_USER_ID = 15; 3387 final int MANAGED_PROFILE_ADMIN_UID = UserHandle.getUid(MANAGED_PROFILE_USER_ID, 19436); 3388 addManagedProfile(admin1, MANAGED_PROFILE_ADMIN_UID, admin1); 3389 mContext.binder.callingUid = MANAGED_PROFILE_ADMIN_UID; 3390 3391 // Even if the caller is the managed profile, the current user is the user 0 3392 when(mContext.iactivityManager.getCurrentUser()) 3393 .thenReturn(new UserInfo(UserHandle.USER_SYSTEM, "user system", 0)); 3394 3395 dpm.wipeData(0); 3396 verify(mContext.userManagerInternal).removeUserEvenWhenDisallowed( 3397 MANAGED_PROFILE_USER_ID); 3398 } 3399 3400 public void testWipeDataManagedProfileDisallowed() throws Exception { 3401 final int MANAGED_PROFILE_USER_ID = 15; 3402 final int MANAGED_PROFILE_ADMIN_UID = UserHandle.getUid(MANAGED_PROFILE_USER_ID, 19436); 3403 addManagedProfile(admin1, MANAGED_PROFILE_ADMIN_UID, admin1); 3404 3405 // Even if the caller is the managed profile, the current user is the user 0 3406 when(mContext.iactivityManager.getCurrentUser()) 3407 .thenReturn(new UserInfo(UserHandle.USER_SYSTEM, "user system", 0)); 3408 3409 when(mContext.userManager.getUserRestrictionSource( 3410 UserManager.DISALLOW_REMOVE_MANAGED_PROFILE, 3411 UserHandle.of(MANAGED_PROFILE_USER_ID))) 3412 .thenReturn(UserManager.RESTRICTION_SOURCE_SYSTEM); 3413 mContext.binder.callingUid = MANAGED_PROFILE_ADMIN_UID; 3414 try { 3415 // The PO is not allowed to remove the profile if the user restriction was set on the 3416 // profile by the system 3417 dpm.wipeData(0); 3418 fail("SecurityException not thrown"); 3419 } catch (SecurityException expected) { 3420 } 3421 } 3422 3423 public void testWipeDataDeviceOwner() throws Exception { 3424 setDeviceOwner(); 3425 when(mContext.userManager.getUserRestrictionSource( 3426 UserManager.DISALLOW_FACTORY_RESET, 3427 UserHandle.SYSTEM)) 3428 .thenReturn(UserManager.RESTRICTION_SOURCE_DEVICE_OWNER); 3429 3430 dpm.wipeData(0); 3431 verify(mContext.recoverySystem).rebootWipeUserData( 3432 /*shutdown=*/ eq(false), anyString(), /*force=*/ eq(true)); 3433 } 3434 3435 public void testWipeDataDeviceOwnerDisallowed() throws Exception { 3436 setDeviceOwner(); 3437 when(mContext.userManager.getUserRestrictionSource( 3438 UserManager.DISALLOW_FACTORY_RESET, 3439 UserHandle.SYSTEM)) 3440 .thenReturn(UserManager.RESTRICTION_SOURCE_SYSTEM); 3441 try { 3442 // The DO is not allowed to wipe the device if the user restriction was set 3443 // by the system 3444 dpm.wipeData(0); 3445 fail("SecurityException not thrown"); 3446 } catch (SecurityException expected) { 3447 } 3448 } 3449 3450 public void testMaximumFailedPasswordAttemptsReachedManagedProfile() throws Exception { 3451 final int MANAGED_PROFILE_USER_ID = 15; 3452 final int MANAGED_PROFILE_ADMIN_UID = UserHandle.getUid(MANAGED_PROFILE_USER_ID, 19436); 3453 addManagedProfile(admin1, MANAGED_PROFILE_ADMIN_UID, admin1); 3454 3455 // Even if the caller is the managed profile, the current user is the user 0 3456 when(mContext.iactivityManager.getCurrentUser()) 3457 .thenReturn(new UserInfo(UserHandle.USER_SYSTEM, "user system", 0)); 3458 3459 when(mContext.userManager.getUserRestrictionSource( 3460 UserManager.DISALLOW_REMOVE_MANAGED_PROFILE, 3461 UserHandle.of(MANAGED_PROFILE_USER_ID))) 3462 .thenReturn(UserManager.RESTRICTION_SOURCE_PROFILE_OWNER); 3463 3464 mContext.binder.callingUid = MANAGED_PROFILE_ADMIN_UID; 3465 dpm.setMaximumFailedPasswordsForWipe(admin1, 3); 3466 3467 mContext.binder.callingUid = DpmMockContext.SYSTEM_UID; 3468 mContext.callerPermissions.add(permission.BIND_DEVICE_ADMIN); 3469 // Failed password attempts on the parent user are taken into account, as there isn't a 3470 // separate work challenge. 3471 dpm.reportFailedPasswordAttempt(UserHandle.USER_SYSTEM); 3472 dpm.reportFailedPasswordAttempt(UserHandle.USER_SYSTEM); 3473 dpm.reportFailedPasswordAttempt(UserHandle.USER_SYSTEM); 3474 3475 // The profile should be wiped even if DISALLOW_REMOVE_MANAGED_PROFILE is enabled, because 3476 // both the user restriction and the policy were set by the PO. 3477 verify(mContext.userManagerInternal).removeUserEvenWhenDisallowed( 3478 MANAGED_PROFILE_USER_ID); 3479 verifyZeroInteractions(mContext.recoverySystem); 3480 } 3481 3482 public void testMaximumFailedPasswordAttemptsReachedManagedProfileDisallowed() 3483 throws Exception { 3484 final int MANAGED_PROFILE_USER_ID = 15; 3485 final int MANAGED_PROFILE_ADMIN_UID = UserHandle.getUid(MANAGED_PROFILE_USER_ID, 19436); 3486 addManagedProfile(admin1, MANAGED_PROFILE_ADMIN_UID, admin1); 3487 3488 // Even if the caller is the managed profile, the current user is the user 0 3489 when(mContext.iactivityManager.getCurrentUser()) 3490 .thenReturn(new UserInfo(UserHandle.USER_SYSTEM, "user system", 0)); 3491 3492 when(mContext.userManager.getUserRestrictionSource( 3493 UserManager.DISALLOW_REMOVE_MANAGED_PROFILE, 3494 UserHandle.of(MANAGED_PROFILE_USER_ID))) 3495 .thenReturn(UserManager.RESTRICTION_SOURCE_SYSTEM); 3496 3497 mContext.binder.callingUid = MANAGED_PROFILE_ADMIN_UID; 3498 dpm.setMaximumFailedPasswordsForWipe(admin1, 3); 3499 3500 mContext.binder.callingUid = DpmMockContext.SYSTEM_UID; 3501 mContext.callerPermissions.add(permission.BIND_DEVICE_ADMIN); 3502 // Failed password attempts on the parent user are taken into account, as there isn't a 3503 // separate work challenge. 3504 dpm.reportFailedPasswordAttempt(UserHandle.USER_SYSTEM); 3505 dpm.reportFailedPasswordAttempt(UserHandle.USER_SYSTEM); 3506 dpm.reportFailedPasswordAttempt(UserHandle.USER_SYSTEM); 3507 3508 // DISALLOW_REMOVE_MANAGED_PROFILE was set by the system, not the PO, so the profile is 3509 // not wiped. 3510 verify(mContext.userManagerInternal, never()) 3511 .removeUserEvenWhenDisallowed(anyInt()); 3512 verifyZeroInteractions(mContext.recoverySystem); 3513 } 3514 3515 public void testMaximumFailedPasswordAttemptsReachedDeviceOwner() throws Exception { 3516 setDeviceOwner(); 3517 when(mContext.userManager.getUserRestrictionSource( 3518 UserManager.DISALLOW_FACTORY_RESET, 3519 UserHandle.SYSTEM)) 3520 .thenReturn(UserManager.RESTRICTION_SOURCE_DEVICE_OWNER); 3521 3522 dpm.setMaximumFailedPasswordsForWipe(admin1, 3); 3523 3524 mContext.binder.callingUid = DpmMockContext.SYSTEM_UID; 3525 mContext.callerPermissions.add(permission.BIND_DEVICE_ADMIN); 3526 dpm.reportFailedPasswordAttempt(UserHandle.USER_SYSTEM); 3527 dpm.reportFailedPasswordAttempt(UserHandle.USER_SYSTEM); 3528 dpm.reportFailedPasswordAttempt(UserHandle.USER_SYSTEM); 3529 3530 // The device should be wiped even if DISALLOW_FACTORY_RESET is enabled, because both the 3531 // user restriction and the policy were set by the DO. 3532 verify(mContext.recoverySystem).rebootWipeUserData( 3533 /*shutdown=*/ eq(false), anyString(), /*force=*/ eq(true)); 3534 } 3535 3536 public void testMaximumFailedPasswordAttemptsReachedDeviceOwnerDisallowed() throws Exception { 3537 setDeviceOwner(); 3538 when(mContext.userManager.getUserRestrictionSource( 3539 UserManager.DISALLOW_FACTORY_RESET, 3540 UserHandle.SYSTEM)) 3541 .thenReturn(UserManager.RESTRICTION_SOURCE_SYSTEM); 3542 3543 dpm.setMaximumFailedPasswordsForWipe(admin1, 3); 3544 3545 mContext.binder.callingUid = DpmMockContext.SYSTEM_UID; 3546 mContext.callerPermissions.add(permission.BIND_DEVICE_ADMIN); 3547 dpm.reportFailedPasswordAttempt(UserHandle.USER_SYSTEM); 3548 dpm.reportFailedPasswordAttempt(UserHandle.USER_SYSTEM); 3549 dpm.reportFailedPasswordAttempt(UserHandle.USER_SYSTEM); 3550 3551 // DISALLOW_FACTORY_RESET was set by the system, not the DO, so the device is not wiped. 3552 verifyZeroInteractions(mContext.recoverySystem); 3553 verify(mContext.userManagerInternal, never()) 3554 .removeUserEvenWhenDisallowed(anyInt()); 3555 } 3556 3557 public void testGetPermissionGrantState() throws Exception { 3558 final String permission = "some.permission"; 3559 final String app1 = "com.example.app1"; 3560 final String app2 = "com.example.app2"; 3561 3562 when(mContext.ipackageManager.checkPermission(eq(permission), eq(app1), anyInt())) 3563 .thenReturn(PackageManager.PERMISSION_GRANTED); 3564 doReturn(PackageManager.FLAG_PERMISSION_POLICY_FIXED).when(mContext.packageManager) 3565 .getPermissionFlags(permission, app1, UserHandle.SYSTEM); 3566 when(mContext.packageManager.getPermissionFlags(permission, app1, 3567 UserHandle.of(DpmMockContext.CALLER_USER_HANDLE))) 3568 .thenReturn(PackageManager.FLAG_PERMISSION_POLICY_FIXED); 3569 when(mContext.ipackageManager.checkPermission(eq(permission), eq(app2), anyInt())) 3570 .thenReturn(PackageManager.PERMISSION_DENIED); 3571 doReturn(0).when(mContext.packageManager).getPermissionFlags(permission, app2, 3572 UserHandle.SYSTEM); 3573 when(mContext.packageManager.getPermissionFlags(permission, app2, 3574 UserHandle.of(DpmMockContext.CALLER_USER_HANDLE))).thenReturn(0); 3575 3576 // System can retrieve permission grant state. 3577 mContext.binder.callingUid = DpmMockContext.SYSTEM_UID; 3578 mContext.packageName = "com.example.system"; 3579 assertEquals(DevicePolicyManager.PERMISSION_GRANT_STATE_GRANTED, 3580 dpm.getPermissionGrantState(null, app1, permission)); 3581 assertEquals(DevicePolicyManager.PERMISSION_GRANT_STATE_DEFAULT, 3582 dpm.getPermissionGrantState(null, app2, permission)); 3583 3584 // A regular app cannot retrieve permission grant state. 3585 mContext.binder.callingUid = setupPackageInPackageManager(app1, 1); 3586 mContext.packageName = app1; 3587 try { 3588 dpm.getPermissionGrantState(null, app1, permission); 3589 fail("Didn't throw SecurityException"); 3590 } catch (SecurityException expected) { 3591 } 3592 3593 // Profile owner can retrieve permission grant state. 3594 mContext.binder.callingUid = DpmMockContext.CALLER_UID; 3595 mContext.packageName = admin1.getPackageName(); 3596 setAsProfileOwner(admin1); 3597 assertEquals(DevicePolicyManager.PERMISSION_GRANT_STATE_GRANTED, 3598 dpm.getPermissionGrantState(admin1, app1, permission)); 3599 assertEquals(DevicePolicyManager.PERMISSION_GRANT_STATE_DEFAULT, 3600 dpm.getPermissionGrantState(admin1, app2, permission)); 3601 } 3602 3603 private void setUserSetupCompleteForUser(boolean isUserSetupComplete, int userhandle) { 3604 when(mContext.settings.settingsSecureGetIntForUser(Settings.Secure.USER_SETUP_COMPLETE, 0, 3605 userhandle)).thenReturn(isUserSetupComplete ? 1 : 0); 3606 dpms.notifyChangeToContentObserver( 3607 Settings.Secure.getUriFor(Settings.Secure.USER_SETUP_COMPLETE), userhandle); 3608 } 3609 3610 private void assertProvisioningAllowed(String action, boolean expected) { 3611 assertEquals("isProvisioningAllowed(" + action + ") returning unexpected result", expected, 3612 dpm.isProvisioningAllowed(action)); 3613 } 3614 3615 private void assertProvisioningAllowed(String action, boolean expected, String packageName, 3616 int uid) { 3617 String previousPackageName = mContext.packageName; 3618 int previousUid = mMockContext.binder.callingUid; 3619 3620 // Call assertProvisioningAllowed with the packageName / uid passed as arguments. 3621 mContext.packageName = packageName; 3622 mMockContext.binder.callingUid = uid; 3623 assertProvisioningAllowed(action, expected); 3624 3625 // Set the previous package name / calling uid to go back to the initial state. 3626 mContext.packageName = previousPackageName; 3627 mMockContext.binder.callingUid = previousUid; 3628 } 3629 3630 private void assertCheckProvisioningPreCondition(String action, int provisioningCondition) { 3631 assertCheckProvisioningPreCondition(action, admin1.getPackageName(), provisioningCondition); 3632 } 3633 3634 private void assertCheckProvisioningPreCondition( 3635 String action, String packageName, int provisioningCondition) { 3636 assertEquals("checkProvisioningPreCondition(" 3637 + action + ", " + packageName + ") returning unexpected result", 3638 provisioningCondition, dpm.checkProvisioningPreCondition(action, packageName)); 3639 } 3640 3641 /** 3642 * Setup a managed profile with the specified admin and its uid. 3643 * @param admin ComponentName that's visible to the test code, which doesn't have to exist. 3644 * @param adminUid uid of the admin package. 3645 * @param copyFromAdmin package information for {@code admin} will be built based on this 3646 * component's information. 3647 */ 3648 private void addManagedProfile( 3649 ComponentName admin, int adminUid, ComponentName copyFromAdmin) throws Exception { 3650 final int userId = UserHandle.getUserId(adminUid); 3651 mContext.addUser(userId, UserInfo.FLAG_MANAGED_PROFILE, UserHandle.USER_SYSTEM); 3652 mContext.callerPermissions.addAll(OWNER_SETUP_PERMISSIONS); 3653 setUpPackageManagerForFakeAdmin(admin, adminUid, copyFromAdmin); 3654 dpm.setActiveAdmin(admin, false, userId); 3655 assertTrue(dpm.setProfileOwner(admin, null, userId)); 3656 mContext.callerPermissions.removeAll(OWNER_SETUP_PERMISSIONS); 3657 } 3658} 3659