tests/devicepolicy/src/android/devicepolicy/cts/NetworkLoggingTest.java - platform/cts - Git at Google

 /*
  * Copyright (C) 2022 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 package android.devicepolicy.cts;

 import static com.android.bedstead.nene.permissions.CommonPermissions.INTERNET;

 import static com.google.common.truth.Truth.assertThat;

 import static org.testng.Assert.assertThrows;

 import android.stats.devicepolicy.EventId;

 import com.android.bedstead.harrier.BedsteadJUnit4;
 import com.android.bedstead.harrier.DeviceState;
 import com.android.bedstead.harrier.annotations.EnsureHasNoSecondaryUser;
 import com.android.bedstead.harrier.annotations.Postsubmit;
 import com.android.bedstead.harrier.annotations.enterprise.CanSetPolicyTest;
 import com.android.bedstead.harrier.annotations.enterprise.CannotSetPolicyTest;
 import com.android.bedstead.harrier.annotations.enterprise.PolicyAppliesTest;
 import com.android.bedstead.harrier.policies.NetworkLogging;
 import com.android.bedstead.metricsrecorder.EnterpriseMetricsRecorder;
 import com.android.bedstead.metricsrecorder.truth.MetricQueryBuilderSubject;
 import com.android.bedstead.nene.TestApis;
 import com.android.bedstead.nene.permissions.PermissionContext;

 import org.junit.ClassRule;
 import org.junit.Rule;
 import org.junit.runner.RunWith;

 import java.net.HttpURLConnection;
 import java.net.URL;

 // These tests currently only cover checking that the appropriate methods are callable. They should
 // be replaced with more complete tests once the other network logging tests are ready to be
 // migrated to the new infrastructure
 @RunWith(BedsteadJUnit4.class)
 public final class NetworkLoggingTest {

     @ClassRule @Rule
     public static final DeviceState sDeviceState = new DeviceState();

     private static final String[] URL_LIST = {
             "example.edu",
             "google.co.jp",
             "google.fr",
             "google.com.br",
             "google.com.tr",
             "google.co.uk",
             "google.de"
     };

     @Postsubmit(reason = "new test")
     @CannotSetPolicyTest(policy = NetworkLogging.class)
     public void isNetworkLoggingEnabled_notAllowed_throwsException() {
         assertThrows(SecurityException.class, () -> sDeviceState.dpc().devicePolicyManager()
                 .isNetworkLoggingEnabled(sDeviceState.dpc().componentName()));
     }

     @Postsubmit(reason = "new test")
     @CanSetPolicyTest(policy = NetworkLogging.class)
     @EnsureHasNoSecondaryUser
     public void isNetworkLoggingEnabled_networkLoggingIsEnabled_returnsTrue() throws Exception {
         try {
             sDeviceState.dpc().devicePolicyManager().setNetworkLoggingEnabled(
                     sDeviceState.dpc().componentName(), true);

             assertThat(sDeviceState.dpc().devicePolicyManager().isNetworkLoggingEnabled(
                     sDeviceState.dpc().componentName())).isTrue();
         } finally {
             sDeviceState.dpc().devicePolicyManager().setNetworkLoggingEnabled(
                     sDeviceState.dpc().componentName(), false);
         }
     }

     @Postsubmit(reason = "new test")
     @CanSetPolicyTest(policy = NetworkLogging.class)
     public void isNetworkLoggingEnabled_networkLoggingIsNotEnabled_returnsFalse() throws Exception {
         sDeviceState.dpc().devicePolicyManager().setNetworkLoggingEnabled(
                 sDeviceState.dpc().componentName(), false);

         assertThat(sDeviceState.dpc().devicePolicyManager().isNetworkLoggingEnabled(
                 sDeviceState.dpc().componentName())).isFalse();
     }

     @Postsubmit(reason = "new test")
     @PolicyAppliesTest(policy = NetworkLogging.class)
     public void setNetworkLoggingEnabled_networkLoggingIsEnabled() throws Exception {
         try {
             sDeviceState.dpc().devicePolicyManager().setNetworkLoggingEnabled(
                     sDeviceState.dpc().componentName(), true);
             for (String url : URL_LIST) {
                 connectToWebsite(url);
             }

             TestApis.devicePolicy().forceNetworkLogs();

             long batchToken = waitForBatchToken();

             assertThat(sDeviceState.dpc().devicePolicyManager().retrieveNetworkLogs(
                     sDeviceState.dpc().componentName(), batchToken)).isNotEmpty();
         } finally {
             sDeviceState.dpc().devicePolicyManager().setNetworkLoggingEnabled(
                     sDeviceState.dpc().componentName(), false);
         }
     }

     private long waitForBatchToken() {
         if (sDeviceState.dpc().isDelegate()) {
             return sDeviceState.dpc().events().delegateNetworkLogsAvailable()
                     .waitForEvent().batchToken();
         } else {
             return sDeviceState.dpc().events().networkLogsAvailable().waitForEvent().batchToken();
         }
     }

     private void connectToWebsite(String server) throws Exception {
         try (PermissionContext p = TestApis.permissions().withPermission(INTERNET)) {
             final URL url = new URL("http://" + server);
             HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection();
             try {
                 urlConnection.setConnectTimeout(2000);
                 urlConnection.setReadTimeout(2000);
                 urlConnection.getResponseCode();
             } finally {
                 urlConnection.disconnect();
             }
         }
     }

     @Postsubmit(reason = "new test")
     @CannotSetPolicyTest(policy = NetworkLogging.class)
     public void setNetworkLoggingEnabled_notAllowed_throwsException() {
         assertThrows(SecurityException.class, () -> sDeviceState.dpc().devicePolicyManager()
                 .setNetworkLoggingEnabled(sDeviceState.dpc().componentName(), true));
     }

     @Postsubmit(reason = "new test")
     @CannotSetPolicyTest(policy = NetworkLogging.class)
     public void retrieveNetworkLogs_notAllowed_throwsException() {
         assertThrows(SecurityException.class, () -> sDeviceState.dpc().devicePolicyManager()
                 .retrieveNetworkLogs(sDeviceState.dpc().componentName(), /*batchToken= */ 0));
     }

     @Postsubmit(reason = "new test")
     @CanSetPolicyTest(policy = NetworkLogging.class)
     public void setNetworkLoggingEnabled_true_logsEvent() {
         try (EnterpriseMetricsRecorder metrics = EnterpriseMetricsRecorder.create()) {
             sDeviceState.dpc().devicePolicyManager().setNetworkLoggingEnabled(
                     sDeviceState.dpc().componentName(), true);

             MetricQueryBuilderSubject.assertThat(metrics.query()
                     .whereType().isEqualTo(EventId.SET_NETWORK_LOGGING_ENABLED_VALUE)
                     .whereAdminPackageName().isEqualTo(
                             sDeviceState.dpc().packageName())
                             .whereBoolean().isEqualTo(sDeviceState.dpc().isDelegate())
                             .whereInteger().isEqualTo(1) // Enabled
                     ).wasLogged();
         } finally {
             sDeviceState.dpc().devicePolicyManager().setNetworkLoggingEnabled(
                     sDeviceState.dpc().componentName(), false);
         }
     }

     @Postsubmit(reason = "new test")
     @CanSetPolicyTest(policy = NetworkLogging.class)
     public void setNetworkLoggingEnabled_false_logsEvent() {
         sDeviceState.dpc().devicePolicyManager().setNetworkLoggingEnabled(
                 sDeviceState.dpc().componentName(), true);

         try (EnterpriseMetricsRecorder metrics = EnterpriseMetricsRecorder.create()) {
             sDeviceState.dpc().devicePolicyManager().setNetworkLoggingEnabled(
                     sDeviceState.dpc().componentName(), false);

             MetricQueryBuilderSubject.assertThat(metrics.query()
                     .whereType().isEqualTo(EventId.SET_NETWORK_LOGGING_ENABLED_VALUE)
                     .whereAdminPackageName().isEqualTo(
                             sDeviceState.dpc().packageName())
                     .whereBoolean().isEqualTo(sDeviceState.dpc().isDelegate())
                     .whereInteger().isEqualTo(0) // Disabled
             ).wasLogged();
         }
     }

     @Postsubmit(reason = "new test")
     @CanSetPolicyTest(policy = NetworkLogging.class)
     public void retrieveNetworkLogs_logsEvent() throws Exception {
         try (EnterpriseMetricsRecorder metrics = EnterpriseMetricsRecorder.create()) {
             sDeviceState.dpc().devicePolicyManager().setNetworkLoggingEnabled(
                     sDeviceState.dpc().componentName(), true);
             for (String url : URL_LIST) {
                 connectToWebsite(url);
             }
             TestApis.devicePolicy().forceNetworkLogs();
             long batchToken = waitForBatchToken();

             sDeviceState.dpc().devicePolicyManager().retrieveNetworkLogs(
                     sDeviceState.dpc().componentName(), batchToken);

             MetricQueryBuilderSubject.assertThat(metrics.query()
                     .whereType().isEqualTo(EventId.RETRIEVE_NETWORK_LOGS_VALUE)
                     .whereAdminPackageName().isEqualTo(
                             sDeviceState.dpc().packageName())
                     .whereBoolean().isEqualTo(sDeviceState.dpc().isDelegate())
             ).wasLogged();
         } finally {
             sDeviceState.dpc().devicePolicyManager().setNetworkLoggingEnabled(
                     sDeviceState.dpc().componentName(), false);
         }
     }
 }
	/*
	* Copyright (C) 2022 The Android Open Source Project
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	package android.devicepolicy.cts;

	import static com.android.bedstead.nene.permissions.CommonPermissions.INTERNET;

	import static com.google.common.truth.Truth.assertThat;

	import static org.testng.Assert.assertThrows;

	import android.stats.devicepolicy.EventId;

	import com.android.bedstead.harrier.BedsteadJUnit4;
	import com.android.bedstead.harrier.DeviceState;
	import com.android.bedstead.harrier.annotations.EnsureHasNoSecondaryUser;
	import com.android.bedstead.harrier.annotations.Postsubmit;
	import com.android.bedstead.harrier.annotations.enterprise.CanSetPolicyTest;
	import com.android.bedstead.harrier.annotations.enterprise.CannotSetPolicyTest;
	import com.android.bedstead.harrier.annotations.enterprise.PolicyAppliesTest;
	import com.android.bedstead.harrier.policies.NetworkLogging;
	import com.android.bedstead.metricsrecorder.EnterpriseMetricsRecorder;
	import com.android.bedstead.metricsrecorder.truth.MetricQueryBuilderSubject;
	import com.android.bedstead.nene.TestApis;
	import com.android.bedstead.nene.permissions.PermissionContext;

	import org.junit.ClassRule;
	import org.junit.Rule;
	import org.junit.runner.RunWith;

	import java.net.HttpURLConnection;
	import java.net.URL;

	// These tests currently only cover checking that the appropriate methods are callable. They should
	// be replaced with more complete tests once the other network logging tests are ready to be
	// migrated to the new infrastructure
	@RunWith(BedsteadJUnit4.class)
	public final class NetworkLoggingTest {

	@ClassRule @Rule
	public static final DeviceState sDeviceState = new DeviceState();

	private static final String[] URL_LIST = {
	"example.edu",
	"google.co.jp",
	"google.fr",
	"google.com.br",
	"google.com.tr",
	"google.co.uk",
	"google.de"
	};

	@Postsubmit(reason = "new test")
	@CannotSetPolicyTest(policy = NetworkLogging.class)
	public void isNetworkLoggingEnabled_notAllowed_throwsException() {
	assertThrows(SecurityException.class, () -> sDeviceState.dpc().devicePolicyManager()
	.isNetworkLoggingEnabled(sDeviceState.dpc().componentName()));
	}

	@Postsubmit(reason = "new test")
	@CanSetPolicyTest(policy = NetworkLogging.class)
	@EnsureHasNoSecondaryUser
	public void isNetworkLoggingEnabled_networkLoggingIsEnabled_returnsTrue() throws Exception {
	try {
	sDeviceState.dpc().devicePolicyManager().setNetworkLoggingEnabled(
	sDeviceState.dpc().componentName(), true);

	assertThat(sDeviceState.dpc().devicePolicyManager().isNetworkLoggingEnabled(
	sDeviceState.dpc().componentName())).isTrue();
	} finally {
	sDeviceState.dpc().devicePolicyManager().setNetworkLoggingEnabled(
	sDeviceState.dpc().componentName(), false);
	}
	}

	@Postsubmit(reason = "new test")
	@CanSetPolicyTest(policy = NetworkLogging.class)
	public void isNetworkLoggingEnabled_networkLoggingIsNotEnabled_returnsFalse() throws Exception {
	sDeviceState.dpc().devicePolicyManager().setNetworkLoggingEnabled(
	sDeviceState.dpc().componentName(), false);

	assertThat(sDeviceState.dpc().devicePolicyManager().isNetworkLoggingEnabled(
	sDeviceState.dpc().componentName())).isFalse();
	}

	@Postsubmit(reason = "new test")
	@PolicyAppliesTest(policy = NetworkLogging.class)
	public void setNetworkLoggingEnabled_networkLoggingIsEnabled() throws Exception {
	try {
	sDeviceState.dpc().devicePolicyManager().setNetworkLoggingEnabled(
	sDeviceState.dpc().componentName(), true);
	for (String url : URL_LIST) {
	connectToWebsite(url);
	}

	TestApis.devicePolicy().forceNetworkLogs();

	long batchToken = waitForBatchToken();

	assertThat(sDeviceState.dpc().devicePolicyManager().retrieveNetworkLogs(
	sDeviceState.dpc().componentName(), batchToken)).isNotEmpty();
	} finally {
	sDeviceState.dpc().devicePolicyManager().setNetworkLoggingEnabled(
	sDeviceState.dpc().componentName(), false);
	}
	}

	private long waitForBatchToken() {
	if (sDeviceState.dpc().isDelegate()) {
	return sDeviceState.dpc().events().delegateNetworkLogsAvailable()
	.waitForEvent().batchToken();
	} else {
	return sDeviceState.dpc().events().networkLogsAvailable().waitForEvent().batchToken();
	}
	}

	private void connectToWebsite(String server) throws Exception {
	try (PermissionContext p = TestApis.permissions().withPermission(INTERNET)) {
	final URL url = new URL("http://" + server);
	HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection();
	try {
	urlConnection.setConnectTimeout(2000);
	urlConnection.setReadTimeout(2000);
	urlConnection.getResponseCode();
	} finally {
	urlConnection.disconnect();
	}
	}
	}

	@Postsubmit(reason = "new test")
	@CannotSetPolicyTest(policy = NetworkLogging.class)
	public void setNetworkLoggingEnabled_notAllowed_throwsException() {
	assertThrows(SecurityException.class, () -> sDeviceState.dpc().devicePolicyManager()
	.setNetworkLoggingEnabled(sDeviceState.dpc().componentName(), true));
	}

	@Postsubmit(reason = "new test")
	@CannotSetPolicyTest(policy = NetworkLogging.class)
	public void retrieveNetworkLogs_notAllowed_throwsException() {
	assertThrows(SecurityException.class, () -> sDeviceState.dpc().devicePolicyManager()
	.retrieveNetworkLogs(sDeviceState.dpc().componentName(), /batchToken= / 0));
	}

	@Postsubmit(reason = "new test")
	@CanSetPolicyTest(policy = NetworkLogging.class)
	public void setNetworkLoggingEnabled_true_logsEvent() {
	try (EnterpriseMetricsRecorder metrics = EnterpriseMetricsRecorder.create()) {
	sDeviceState.dpc().devicePolicyManager().setNetworkLoggingEnabled(
	sDeviceState.dpc().componentName(), true);

	MetricQueryBuilderSubject.assertThat(metrics.query()
	.whereType().isEqualTo(EventId.SET_NETWORK_LOGGING_ENABLED_VALUE)
	.whereAdminPackageName().isEqualTo(
	sDeviceState.dpc().packageName())
	.whereBoolean().isEqualTo(sDeviceState.dpc().isDelegate())
	.whereInteger().isEqualTo(1) // Enabled
	).wasLogged();
	} finally {
	sDeviceState.dpc().devicePolicyManager().setNetworkLoggingEnabled(
	sDeviceState.dpc().componentName(), false);
	}
	}

	@Postsubmit(reason = "new test")
	@CanSetPolicyTest(policy = NetworkLogging.class)
	public void setNetworkLoggingEnabled_false_logsEvent() {
	sDeviceState.dpc().devicePolicyManager().setNetworkLoggingEnabled(
	sDeviceState.dpc().componentName(), true);

	try (EnterpriseMetricsRecorder metrics = EnterpriseMetricsRecorder.create()) {
	sDeviceState.dpc().devicePolicyManager().setNetworkLoggingEnabled(
	sDeviceState.dpc().componentName(), false);

	MetricQueryBuilderSubject.assertThat(metrics.query()
	.whereType().isEqualTo(EventId.SET_NETWORK_LOGGING_ENABLED_VALUE)
	.whereAdminPackageName().isEqualTo(
	sDeviceState.dpc().packageName())
	.whereBoolean().isEqualTo(sDeviceState.dpc().isDelegate())
	.whereInteger().isEqualTo(0) // Disabled
	).wasLogged();
	}
	}

	@Postsubmit(reason = "new test")
	@CanSetPolicyTest(policy = NetworkLogging.class)
	public void retrieveNetworkLogs_logsEvent() throws Exception {
	try (EnterpriseMetricsRecorder metrics = EnterpriseMetricsRecorder.create()) {
	sDeviceState.dpc().devicePolicyManager().setNetworkLoggingEnabled(
	sDeviceState.dpc().componentName(), true);
	for (String url : URL_LIST) {
	connectToWebsite(url);
	}
	TestApis.devicePolicy().forceNetworkLogs();
	long batchToken = waitForBatchToken();

	sDeviceState.dpc().devicePolicyManager().retrieveNetworkLogs(
	sDeviceState.dpc().componentName(), batchToken);

	MetricQueryBuilderSubject.assertThat(metrics.query()
	.whereType().isEqualTo(EventId.RETRIEVE_NETWORK_LOGS_VALUE)
	.whereAdminPackageName().isEqualTo(
	sDeviceState.dpc().packageName())
	.whereBoolean().isEqualTo(sDeviceState.dpc().isDelegate())
	).wasLogged();
	} finally {
	sDeviceState.dpc().devicePolicyManager().setNetworkLoggingEnabled(
	sDeviceState.dpc().componentName(), false);
	}
	}
	}