Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e4fd9d17 authored by Pavel Grafov's avatar Pavel Grafov Committed by Automerger Merge Worker
Browse files

Merge "Keep escrow data for test users" into main am: 971b08f8 

Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/3506634



Change-Id: Ic4622cfd2d84f74b7881addc630bee4328a6b15e
Signed-off-by: default avatarAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
parents 50723c3f 971b08f8

services/core/java/com/android/server/locksettings/LockSettingsService.java

+6 −0
Original line number Diff line number Diff line
@@ -3618,6 +3618,12 @@ public class LockSettingsService extends ILockSettings.Stub { 
            return;

        }



        UserInfo userInfo = mInjector.getUserManagerInternal().getUserInfo(userId);

        if (userInfo != null && userInfo.isForTesting()) {

            Slog.i(TAG, "Keeping escrow data for test-only user");

            return;

        }



        // Disable escrow token permanently on all other device/user types.

        Slogf.i(TAG, "Permanently disabling support for escrow tokens on user %d", userId);

        mSpManager.destroyEscrowData(userId);

services/tests/servicestests/src/com/android/server/locksettings/SyntheticPasswordTests.java

+42 −0
Original line number Diff line number Diff line
@@ -16,6 +16,7 @@ 


package com.android.server.locksettings;



import static android.content.pm.UserInfo.FLAG_FOR_TESTING;

import static android.content.pm.UserInfo.FLAG_FULL;

import static android.content.pm.UserInfo.FLAG_MAIN;

import static android.content.pm.UserInfo.FLAG_PRIMARY;
@@ -44,6 +45,8 @@ import static org.mockito.Mockito.when; 


import android.app.PropertyInvalidatedCache;

import android.app.admin.PasswordMetrics;

import android.content.ComponentName;

import android.content.pm.UserInfo;

import android.os.RemoteException;

import android.platform.test.annotations.Presubmit;
@@ -356,6 +359,45 @@ public class SyntheticPasswordTests extends BaseLockSettingsServiceTests { 
        assertArrayEquals(storageKey, mStorageManager.getUserUnlockToken(PRIMARY_USER_ID));

    }



    @Test

    public void testEscrowDataRetainedWhenManagedUserVerifiesCredential() throws RemoteException {

        when(mDeviceStateCache.isUserOrganizationManaged(anyInt())).thenReturn(true);



        LockscreenCredential password = newPassword("password");

        initSpAndSetCredential(PRIMARY_USER_ID, password);



        mService.verifyCredential(password, PRIMARY_USER_ID, 0 /* flags */);



        assertTrue("Escrow data was destroyed", mSpManager.hasEscrowData(PRIMARY_USER_ID));

    }



    @Test

    public void testEscrowDataRetainedWhenUnmanagedTestUserVerifiesCredential()

            throws RemoteException {

        when(mDeviceStateCache.isUserOrganizationManaged(anyInt())).thenReturn(false);

        UserInfo userInfo = mUserManagerInternal.getUserInfo(PRIMARY_USER_ID);

        userInfo.flags |= FLAG_FOR_TESTING;



        LockscreenCredential password = newPassword("password");

        initSpAndSetCredential(PRIMARY_USER_ID, password);



        mService.verifyCredential(password, PRIMARY_USER_ID, 0 /* flags */);



        assertTrue("Escrow data was destroyed", mSpManager.hasEscrowData(PRIMARY_USER_ID));

    }



    @Test

    public void testEscrowDataDeletedWhenUnmanagedUserVerifiesCredential() throws RemoteException {

        when(mDeviceStateCache.isUserOrganizationManaged(anyInt())).thenReturn(false);



        LockscreenCredential password = newPassword("password");

        initSpAndSetCredential(PRIMARY_USER_ID, password);



        mService.verifyCredential(password, PRIMARY_USER_ID, 0 /* flags */);



        assertFalse("Escrow data wasn't destroyed", mSpManager.hasAnyEscrowData(PRIMARY_USER_ID));

    }



    @Test

    public void testTokenBasedClearPassword() throws RemoteException {

        LockscreenCredential password = newPassword("password");