Loading src/com/android/settings/Utils.java +11 −7 Original line number Diff line number Diff line Loading @@ -98,6 +98,7 @@ import androidx.annotation.ColorInt; import androidx.annotation.NonNull; import androidx.annotation.Nullable; import androidx.annotation.StringRes; import androidx.annotation.VisibleForTesting; import androidx.core.graphics.drawable.IconCompat; import androidx.core.graphics.drawable.RoundedBitmapDrawable; import androidx.core.graphics.drawable.RoundedBitmapDrawableFactory; Loading Loading @@ -704,23 +705,26 @@ public final class Utils extends com.android.settingslib.Utils { && bundle.getBoolean(ChooseLockSettingsHelper.EXTRA_KEY_ALLOW_ANY_USER, false); final int userId = bundle.getInt(Intent.EXTRA_USER_ID, UserHandle.myUserId()); if (userId == LockPatternUtils.USER_FRP) { return allowAnyUser ? userId : enforceSystemUser(context, userId); return allowAnyUser ? userId : checkUserOwnsFrpCredential(context, userId); } else { return allowAnyUser ? userId : enforceSameOwner(context, userId); } } /** * Returns the given user id if the current user is the system user. * Returns the given user id if the current user owns frp credential. * * @throws SecurityException if the current user is not the system user. * @throws SecurityException if the current user do not own the frp credential. */ public static int enforceSystemUser(Context context, int userId) { if (UserHandle.myUserId() == UserHandle.USER_SYSTEM) { @VisibleForTesting static int checkUserOwnsFrpCredential(Context context, int userId) { final UserManager um = context.getSystemService(UserManager.class); if (LockPatternUtils.userOwnsFrpCredential(context, um.getUserInfo(UserHandle.myUserId()))) { return userId; } throw new SecurityException("Given user id " + userId + " must only be used from " + "USER_SYSTEM, but current user is " + UserHandle.myUserId()); throw new SecurityException("Current user id " + UserHandle.myUserId() + " does not own frp credential."); } /** Loading tests/robotests/src/com/android/settings/UtilsTest.java +39 −6 Original line number Diff line number Diff line Loading @@ -18,6 +18,7 @@ package com.android.settings; import static com.google.common.truth.Truth.assertThat; import static org.junit.Assert.assertThrows; import static org.mockito.ArgumentMatchers.anyInt; import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.ArgumentMatchers.eq; Loading Loading @@ -59,6 +60,9 @@ import android.widget.TextView; import androidx.core.graphics.drawable.IconCompat; import androidx.fragment.app.FragmentActivity; import com.android.settings.testutils.shadow.ShadowLockPatternUtils; import org.junit.After; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; Loading @@ -67,6 +71,7 @@ import org.mockito.MockitoAnnotations; import org.robolectric.Robolectric; import org.robolectric.RobolectricTestRunner; import org.robolectric.RuntimeEnvironment; import org.robolectric.annotation.Config; import org.robolectric.shadows.ShadowBinder; import java.net.InetAddress; Loading @@ -74,6 +79,7 @@ import java.util.ArrayList; import java.util.List; @RunWith(RobolectricTestRunner.class) @Config(shadows = ShadowLockPatternUtils.class) public class UtilsTest { private static final String PACKAGE_NAME = "com.android.app"; Loading @@ -88,7 +94,7 @@ public class UtilsTest { @Mock private DevicePolicyManager mDevicePolicyManager; @Mock private UserManager mUserManager; private UserManager mMockUserManager; @Mock private PackageManager mPackageManager; @Mock Loading @@ -96,18 +102,27 @@ public class UtilsTest { @Mock private ApplicationInfo mApplicationInfo; private Context mContext; private UserManager mUserManager; private static final int FLAG_SYSTEM = 0x00000000; private static final int FLAG_MAIN = 0x00004000; @Before public void setUp() { MockitoAnnotations.initMocks(this); mContext = spy(RuntimeEnvironment.application); mUserManager = (UserManager) mContext.getSystemService(Context.USER_SERVICE); when(mContext.getSystemService(WifiManager.class)).thenReturn(wifiManager); when(mContext.getSystemService(Context.CONNECTIVITY_SERVICE)) .thenReturn(connectivityManager); when(mContext.getPackageManager()).thenReturn(mPackageManager); } @After public void tearDown() { ShadowLockPatternUtils.reset(); } @Test public void getWifiIpAddresses_succeeds() throws Exception { when(wifiManager.getCurrentNetwork()).thenReturn(network); Loading Loading @@ -173,7 +188,8 @@ public class UtilsTest { public void isProfileOrDeviceOwner_deviceOwnerApp_returnTrue() { when(mDevicePolicyManager.isDeviceOwnerAppOnAnyUser(PACKAGE_NAME)).thenReturn(true); assertThat(Utils.isProfileOrDeviceOwner(mUserManager, mDevicePolicyManager, PACKAGE_NAME)) assertThat( Utils.isProfileOrDeviceOwner(mMockUserManager, mDevicePolicyManager, PACKAGE_NAME)) .isTrue(); } Loading @@ -182,11 +198,12 @@ public class UtilsTest { final List<UserInfo> userInfos = new ArrayList<>(); userInfos.add(new UserInfo()); when(mUserManager.getUsers()).thenReturn(userInfos); when(mMockUserManager.getUsers()).thenReturn(userInfos); when(mDevicePolicyManager.getProfileOwnerAsUser(userInfos.get(0).id)) .thenReturn(new ComponentName(PACKAGE_NAME, "")); assertThat(Utils.isProfileOrDeviceOwner(mUserManager, mDevicePolicyManager, PACKAGE_NAME)) assertThat( Utils.isProfileOrDeviceOwner(mMockUserManager, mDevicePolicyManager, PACKAGE_NAME)) .isTrue(); } Loading Loading @@ -339,4 +356,20 @@ public class UtilsTest { assertThat(Utils.canCurrentUserDream(mockContext)).isFalse(); } @Test public void checkUserOwnsFrpCredential_userOwnsFrpCredential_returnUserId() { ShadowLockPatternUtils.setUserOwnsFrpCredential(true); assertThat(Utils.checkUserOwnsFrpCredential(mContext, 123)).isEqualTo(123); } @Test public void checkUserOwnsFrpCredential_userNotOwnsFrpCredential_returnUserId() { ShadowLockPatternUtils.setUserOwnsFrpCredential(false); assertThrows( SecurityException.class, () -> Utils.checkUserOwnsFrpCredential(mContext, 123)); } } tests/robotests/src/com/android/settings/testutils/shadow/ShadowLockPatternUtils.java +14 −0 Original line number Diff line number Diff line Loading @@ -19,6 +19,8 @@ package com.android.settings.testutils.shadow; import android.app.admin.DevicePolicyManager; import android.app.admin.PasswordMetrics; import android.content.ComponentName; import android.content.Context; import android.content.pm.UserInfo; import android.os.UserHandle; import com.android.internal.widget.LockPatternUtils; Loading @@ -42,6 +44,8 @@ public class ShadowLockPatternUtils { private static Map<Integer, PasswordMetrics> sUserToProfileMetricsMap = new HashMap<>(); private static Map<Integer, Boolean> sUserToIsSecureMap = new HashMap<>(); private static boolean sIsUserOwnsFrpCredential; @Resetter public static void reset() { sUserToComplexityMap.clear(); Loading @@ -50,6 +54,7 @@ public class ShadowLockPatternUtils { sUserToProfileMetricsMap.clear(); sUserToIsSecureMap.clear(); sDeviceEncryptionEnabled = false; sIsUserOwnsFrpCredential = false; } @Implementation Loading Loading @@ -122,6 +127,15 @@ public class ShadowLockPatternUtils { return complexity; } @Implementation public static boolean userOwnsFrpCredential(Context context, UserInfo info) { return sIsUserOwnsFrpCredential; } public static void setUserOwnsFrpCredential(boolean isUserOwnsFrpCredential) { sIsUserOwnsFrpCredential = isUserOwnsFrpCredential; } public static void setRequiredPasswordComplexity(int userHandle, int complexity) { sUserToComplexityMap.put(userHandle, complexity); } Loading Loading
src/com/android/settings/Utils.java +11 −7 Original line number Diff line number Diff line Loading @@ -98,6 +98,7 @@ import androidx.annotation.ColorInt; import androidx.annotation.NonNull; import androidx.annotation.Nullable; import androidx.annotation.StringRes; import androidx.annotation.VisibleForTesting; import androidx.core.graphics.drawable.IconCompat; import androidx.core.graphics.drawable.RoundedBitmapDrawable; import androidx.core.graphics.drawable.RoundedBitmapDrawableFactory; Loading Loading @@ -704,23 +705,26 @@ public final class Utils extends com.android.settingslib.Utils { && bundle.getBoolean(ChooseLockSettingsHelper.EXTRA_KEY_ALLOW_ANY_USER, false); final int userId = bundle.getInt(Intent.EXTRA_USER_ID, UserHandle.myUserId()); if (userId == LockPatternUtils.USER_FRP) { return allowAnyUser ? userId : enforceSystemUser(context, userId); return allowAnyUser ? userId : checkUserOwnsFrpCredential(context, userId); } else { return allowAnyUser ? userId : enforceSameOwner(context, userId); } } /** * Returns the given user id if the current user is the system user. * Returns the given user id if the current user owns frp credential. * * @throws SecurityException if the current user is not the system user. * @throws SecurityException if the current user do not own the frp credential. */ public static int enforceSystemUser(Context context, int userId) { if (UserHandle.myUserId() == UserHandle.USER_SYSTEM) { @VisibleForTesting static int checkUserOwnsFrpCredential(Context context, int userId) { final UserManager um = context.getSystemService(UserManager.class); if (LockPatternUtils.userOwnsFrpCredential(context, um.getUserInfo(UserHandle.myUserId()))) { return userId; } throw new SecurityException("Given user id " + userId + " must only be used from " + "USER_SYSTEM, but current user is " + UserHandle.myUserId()); throw new SecurityException("Current user id " + UserHandle.myUserId() + " does not own frp credential."); } /** Loading
tests/robotests/src/com/android/settings/UtilsTest.java +39 −6 Original line number Diff line number Diff line Loading @@ -18,6 +18,7 @@ package com.android.settings; import static com.google.common.truth.Truth.assertThat; import static org.junit.Assert.assertThrows; import static org.mockito.ArgumentMatchers.anyInt; import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.ArgumentMatchers.eq; Loading Loading @@ -59,6 +60,9 @@ import android.widget.TextView; import androidx.core.graphics.drawable.IconCompat; import androidx.fragment.app.FragmentActivity; import com.android.settings.testutils.shadow.ShadowLockPatternUtils; import org.junit.After; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; Loading @@ -67,6 +71,7 @@ import org.mockito.MockitoAnnotations; import org.robolectric.Robolectric; import org.robolectric.RobolectricTestRunner; import org.robolectric.RuntimeEnvironment; import org.robolectric.annotation.Config; import org.robolectric.shadows.ShadowBinder; import java.net.InetAddress; Loading @@ -74,6 +79,7 @@ import java.util.ArrayList; import java.util.List; @RunWith(RobolectricTestRunner.class) @Config(shadows = ShadowLockPatternUtils.class) public class UtilsTest { private static final String PACKAGE_NAME = "com.android.app"; Loading @@ -88,7 +94,7 @@ public class UtilsTest { @Mock private DevicePolicyManager mDevicePolicyManager; @Mock private UserManager mUserManager; private UserManager mMockUserManager; @Mock private PackageManager mPackageManager; @Mock Loading @@ -96,18 +102,27 @@ public class UtilsTest { @Mock private ApplicationInfo mApplicationInfo; private Context mContext; private UserManager mUserManager; private static final int FLAG_SYSTEM = 0x00000000; private static final int FLAG_MAIN = 0x00004000; @Before public void setUp() { MockitoAnnotations.initMocks(this); mContext = spy(RuntimeEnvironment.application); mUserManager = (UserManager) mContext.getSystemService(Context.USER_SERVICE); when(mContext.getSystemService(WifiManager.class)).thenReturn(wifiManager); when(mContext.getSystemService(Context.CONNECTIVITY_SERVICE)) .thenReturn(connectivityManager); when(mContext.getPackageManager()).thenReturn(mPackageManager); } @After public void tearDown() { ShadowLockPatternUtils.reset(); } @Test public void getWifiIpAddresses_succeeds() throws Exception { when(wifiManager.getCurrentNetwork()).thenReturn(network); Loading Loading @@ -173,7 +188,8 @@ public class UtilsTest { public void isProfileOrDeviceOwner_deviceOwnerApp_returnTrue() { when(mDevicePolicyManager.isDeviceOwnerAppOnAnyUser(PACKAGE_NAME)).thenReturn(true); assertThat(Utils.isProfileOrDeviceOwner(mUserManager, mDevicePolicyManager, PACKAGE_NAME)) assertThat( Utils.isProfileOrDeviceOwner(mMockUserManager, mDevicePolicyManager, PACKAGE_NAME)) .isTrue(); } Loading @@ -182,11 +198,12 @@ public class UtilsTest { final List<UserInfo> userInfos = new ArrayList<>(); userInfos.add(new UserInfo()); when(mUserManager.getUsers()).thenReturn(userInfos); when(mMockUserManager.getUsers()).thenReturn(userInfos); when(mDevicePolicyManager.getProfileOwnerAsUser(userInfos.get(0).id)) .thenReturn(new ComponentName(PACKAGE_NAME, "")); assertThat(Utils.isProfileOrDeviceOwner(mUserManager, mDevicePolicyManager, PACKAGE_NAME)) assertThat( Utils.isProfileOrDeviceOwner(mMockUserManager, mDevicePolicyManager, PACKAGE_NAME)) .isTrue(); } Loading Loading @@ -339,4 +356,20 @@ public class UtilsTest { assertThat(Utils.canCurrentUserDream(mockContext)).isFalse(); } @Test public void checkUserOwnsFrpCredential_userOwnsFrpCredential_returnUserId() { ShadowLockPatternUtils.setUserOwnsFrpCredential(true); assertThat(Utils.checkUserOwnsFrpCredential(mContext, 123)).isEqualTo(123); } @Test public void checkUserOwnsFrpCredential_userNotOwnsFrpCredential_returnUserId() { ShadowLockPatternUtils.setUserOwnsFrpCredential(false); assertThrows( SecurityException.class, () -> Utils.checkUserOwnsFrpCredential(mContext, 123)); } }
tests/robotests/src/com/android/settings/testutils/shadow/ShadowLockPatternUtils.java +14 −0 Original line number Diff line number Diff line Loading @@ -19,6 +19,8 @@ package com.android.settings.testutils.shadow; import android.app.admin.DevicePolicyManager; import android.app.admin.PasswordMetrics; import android.content.ComponentName; import android.content.Context; import android.content.pm.UserInfo; import android.os.UserHandle; import com.android.internal.widget.LockPatternUtils; Loading @@ -42,6 +44,8 @@ public class ShadowLockPatternUtils { private static Map<Integer, PasswordMetrics> sUserToProfileMetricsMap = new HashMap<>(); private static Map<Integer, Boolean> sUserToIsSecureMap = new HashMap<>(); private static boolean sIsUserOwnsFrpCredential; @Resetter public static void reset() { sUserToComplexityMap.clear(); Loading @@ -50,6 +54,7 @@ public class ShadowLockPatternUtils { sUserToProfileMetricsMap.clear(); sUserToIsSecureMap.clear(); sDeviceEncryptionEnabled = false; sIsUserOwnsFrpCredential = false; } @Implementation Loading Loading @@ -122,6 +127,15 @@ public class ShadowLockPatternUtils { return complexity; } @Implementation public static boolean userOwnsFrpCredential(Context context, UserInfo info) { return sIsUserOwnsFrpCredential; } public static void setUserOwnsFrpCredential(boolean isUserOwnsFrpCredential) { sIsUserOwnsFrpCredential = isUserOwnsFrpCredential; } public static void setRequiredPasswordComplexity(int userHandle, int complexity) { sUserToComplexityMap.put(userHandle, complexity); } Loading
