Google Git
Sign in
android / platform / cts / 46c031b7d8c22e66765e566558a3d633f81224c0 / . / tests / devicepolicy / src / android / devicepolicy / cts / DevicePolicyManagementRoleHolderTest.java
blob: bfb00d1f428e083e56e9c829df7183942cf04966 [file] [log] [blame]
/*
* Copyright (C) 2022 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.devicepolicy.cts;
import static android.app.admin.DevicePolicyManager.ACTION_ROLE_HOLDER_PROVISION_FINALIZATION;
import static android.app.admin.DevicePolicyManager.ACTION_ROLE_HOLDER_PROVISION_MANAGED_DEVICE_FROM_TRUSTED_SOURCE;
import static android.app.admin.DevicePolicyManager.ACTION_ROLE_HOLDER_PROVISION_MANAGED_PROFILE;
import static android.content.Intent.ACTION_MANAGED_PROFILE_AVAILABLE;
import static android.content.Intent.ACTION_MANAGED_PROFILE_REMOVED;
import static android.content.Intent.ACTION_MANAGED_PROFILE_UNAVAILABLE;
import static android.content.pm.PackageManager.FEATURE_MANAGED_USERS;
import static com.android.bedstead.nene.permissions.CommonPermissions.MANAGE_PROFILE_AND_DEVICE_OWNERS;
import static com.android.queryable.queries.ActivityQuery.activity;
import static com.android.queryable.queries.IntentFilterQuery.intentFilter;
import static com.google.common.truth.Truth.assertThat;
import android.app.admin.DevicePolicyManager;
import android.app.admin.ManagedProfileProvisioningParams;
import android.app.admin.ProvisioningException;
import android.content.ComponentName;
import android.content.Context;
import android.os.UserHandle;
import com.android.bedstead.deviceadminapp.DeviceAdminApp;
import com.android.bedstead.harrier.BedsteadJUnit4;
import com.android.bedstead.harrier.DeviceState;
import com.android.bedstead.harrier.annotations.EnsureHasNoSecondaryUser;
import com.android.bedstead.harrier.annotations.EnsureHasPermission;
import com.android.bedstead.harrier.annotations.Postsubmit;
import com.android.bedstead.harrier.annotations.RequireFeature;
import com.android.bedstead.harrier.annotations.RequireRunOnPrimaryUser;
import com.android.bedstead.harrier.annotations.enterprise.EnsureHasDeviceOwner;
import com.android.bedstead.harrier.annotations.enterprise.EnsureHasNoDpc;
import com.android.bedstead.nene.TestApis;
import com.android.bedstead.nene.packages.Package;
import com.android.bedstead.nene.users.UserReference;
import com.android.bedstead.remotedpc.RemoteDpc;
import com.android.bedstead.testapp.TestApp;
import com.android.bedstead.testapp.TestAppInstance;
import com.android.eventlib.truth.EventLogsSubject;
import com.android.queryable.queries.ActivityQuery;
import org.junit.ClassRule;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
// TODO(b/228016400): replace usages of createAndProvisionManagedProfile with a nene API
@RunWith(BedsteadJUnit4.class)
public class DevicePolicyManagementRoleHolderTest {
@ClassRule
@Rule
public static final DeviceState sDeviceState = new DeviceState();
private static final Context sContext = TestApis.context().instrumentedContext();
private static final ComponentName DEVICE_ADMIN_COMPONENT_NAME =
DeviceAdminApp.deviceAdminComponentName(sContext);
private static final String PROFILE_OWNER_NAME = "testDeviceAdmin";
private static final ManagedProfileProvisioningParams MANAGED_PROFILE_PROVISIONING_PARAMS =
createManagedProfileProvisioningParamsBuilder().build();
private static final DevicePolicyManager sDevicePolicyManager =
sContext.getSystemService(DevicePolicyManager.class);
private static final ActivityQuery<?> sQueryForRoleHolderTrustedSourceAction =
activity().intentFilters().contains(
intentFilter().actions().contains(
ACTION_ROLE_HOLDER_PROVISION_MANAGED_DEVICE_FROM_TRUSTED_SOURCE));
private static final ActivityQuery<?> sQueryForRoleHolderManagedProfileAction =
activity().intentFilters().contains(
intentFilter().actions().contains(
ACTION_ROLE_HOLDER_PROVISION_MANAGED_PROFILE));
private static final ActivityQuery<?> sQueryForRoleHolderFinalizationAction =
activity().intentFilters().contains(
intentFilter().actions().contains(
ACTION_ROLE_HOLDER_PROVISION_FINALIZATION));
private static final TestApp sRoleHolderApp = sDeviceState.testApps()
.query()
.whereActivities()
.contains(
sQueryForRoleHolderTrustedSourceAction,
sQueryForRoleHolderManagedProfileAction,
sQueryForRoleHolderFinalizationAction)
.get();
private static final String MANAGED_USER_NAME = "managed user name";
@Postsubmit(reason = "new test")
@RequireFeature(FEATURE_MANAGED_USERS)
@EnsureHasPermission(MANAGE_PROFILE_AND_DEVICE_OWNERS)
@RequireRunOnPrimaryUser
@EnsureHasNoDpc
@EnsureHasNoSecondaryUser
@Test
public void createAndProvisionManagedProfile_roleHolderIsInWorkProfile()
throws ProvisioningException, InterruptedException {
UserHandle profile = null;
String roleHolderPackageName = null;
try (TestAppInstance roleHolderApp = sRoleHolderApp.install()) {
roleHolderPackageName = roleHolderApp.packageName();
TestApis.devicePolicy().setDevicePolicyManagementRoleHolder(roleHolderPackageName);
profile = sDevicePolicyManager.createAndProvisionManagedProfile(
MANAGED_PROFILE_PROVISIONING_PARAMS);
assertThat(TestApis.packages().installedForUser(UserReference.of(profile)))
.contains(Package.of(roleHolderApp.packageName()));
} finally {
if (profile != null) {
TestApis.users().find(profile).remove();
}
if (roleHolderPackageName != null) {
TestApis.devicePolicy()
.unsetDevicePolicyManagementRoleHolder(roleHolderPackageName);
}
}
}
@Postsubmit(reason = "new test")
@RequireFeature(FEATURE_MANAGED_USERS)
@EnsureHasDeviceOwner
@RequireRunOnPrimaryUser
@EnsureHasNoSecondaryUser
@Test
public void createAndManageUser_roleHolderIsInManagedUser() throws InterruptedException {
UserHandle managedUser = null;
String roleHolderPackageName = null;
try (TestAppInstance roleHolderApp = sRoleHolderApp.install()) {
roleHolderPackageName = roleHolderApp.packageName();
TestApis.devicePolicy().setDevicePolicyManagementRoleHolder(roleHolderPackageName);
managedUser = sDeviceState.dpc().devicePolicyManager().createAndManageUser(
RemoteDpc.DPC_COMPONENT_NAME,
MANAGED_USER_NAME,
RemoteDpc.DPC_COMPONENT_NAME,
/* adminExtras= */ null,
/* flags= */ 0);
assertThat(TestApis.packages().installedForUser(UserReference.of(managedUser)))
.contains(Package.of(roleHolderApp.packageName()));
} finally {
if (managedUser != null) {
TestApis.users().find(managedUser).remove();
}
if (roleHolderPackageName != null) {
TestApis.devicePolicy()
.unsetDevicePolicyManagementRoleHolder(roleHolderPackageName);
}
}
}
@Postsubmit(reason = "new test")
@RequireFeature(FEATURE_MANAGED_USERS)
@EnsureHasPermission(MANAGE_PROFILE_AND_DEVICE_OWNERS)
@RequireRunOnPrimaryUser
@EnsureHasNoDpc
@EnsureHasNoSecondaryUser
@Test
public void profileRemoved_roleHolderReceivesBroadcast() throws Exception {
String roleHolderPackageName = null;
try (TestAppInstance roleHolderApp = sRoleHolderApp.install()) {
roleHolderPackageName = roleHolderApp.packageName();
TestApis.devicePolicy().setDevicePolicyManagementRoleHolder(roleHolderPackageName);
UserHandle profile = sDevicePolicyManager.createAndProvisionManagedProfile(
MANAGED_PROFILE_PROVISIONING_PARAMS);
TestApis.users().find(profile).remove();
EventLogsSubject.assertThat(roleHolderApp.events().broadcastReceived()
.whereIntent().action().isEqualTo(ACTION_MANAGED_PROFILE_REMOVED))
.eventOccurred();
} finally {
if (roleHolderPackageName != null) {
TestApis.devicePolicy().unsetDevicePolicyManagementRoleHolder(
roleHolderPackageName);
}
}
}
@Postsubmit(reason = "new test")
@RequireFeature(FEATURE_MANAGED_USERS)
@EnsureHasPermission(MANAGE_PROFILE_AND_DEVICE_OWNERS)
@RequireRunOnPrimaryUser
@EnsureHasNoDpc
@EnsureHasNoSecondaryUser
@Test
public void profilePaused_roleHolderReceivesBroadcast() throws Exception {
String roleHolderPackageName = null;
try (TestAppInstance roleHolderApp = sRoleHolderApp.install()) {
roleHolderPackageName = roleHolderApp.packageName();
TestApis.devicePolicy().setDevicePolicyManagementRoleHolder(roleHolderPackageName);
UserHandle profile = sDevicePolicyManager.createAndProvisionManagedProfile(
MANAGED_PROFILE_PROVISIONING_PARAMS);
TestApis.users().find(profile).setQuietMode(true);
EventLogsSubject.assertThat(roleHolderApp.events().broadcastReceived()
.whereIntent().action().isEqualTo(ACTION_MANAGED_PROFILE_UNAVAILABLE))
.eventOccurred();
} finally {
if (roleHolderPackageName != null) {
TestApis.devicePolicy().unsetDevicePolicyManagementRoleHolder(
roleHolderPackageName);
}
}
}
@Postsubmit(reason = "new test")
@RequireFeature(FEATURE_MANAGED_USERS)
@EnsureHasPermission(MANAGE_PROFILE_AND_DEVICE_OWNERS)
@RequireRunOnPrimaryUser
@EnsureHasNoDpc
@EnsureHasNoSecondaryUser
@Test
public void profileStarted_roleHolderReceivesBroadcast() throws Exception {
String roleHolderPackageName = null;
try (TestAppInstance roleHolderApp = sRoleHolderApp.install()) {
roleHolderPackageName = roleHolderApp.packageName();
TestApis.devicePolicy().setDevicePolicyManagementRoleHolder(roleHolderPackageName);
UserHandle profile = sDevicePolicyManager.createAndProvisionManagedProfile(
MANAGED_PROFILE_PROVISIONING_PARAMS);
TestApis.users().find(profile).setQuietMode(true);
TestApis.users().find(profile).setQuietMode(false);
EventLogsSubject.assertThat(roleHolderApp.events().broadcastReceived()
.whereIntent().action().isEqualTo(ACTION_MANAGED_PROFILE_AVAILABLE))
.eventOccurred();
} finally {
if (roleHolderPackageName != null) {
TestApis.devicePolicy().unsetDevicePolicyManagementRoleHolder(
roleHolderPackageName);
}
}
}
private static ManagedProfileProvisioningParams.Builder
createManagedProfileProvisioningParamsBuilder() {
return new ManagedProfileProvisioningParams.Builder(
DEVICE_ADMIN_COMPONENT_NAME,
PROFILE_OWNER_NAME);
}
}