Google Git
Sign in
android / platform / cts / b901e3eafdc7e02ee5ed1c07d2c0d8bf436d63d1 / . / hostsidetests / devicepolicy / app / DeviceAndProfileOwner / src / com / android / cts / deviceandprofileowner / userrestrictions / BaseUserRestrictionsTest.java
blob: 54bd5d4d1e2e4943426f6c34c925fa86f171ab1f [file] [log] [blame]
/*
* Copyright (C) 2016 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.android.cts.deviceandprofileowner.userrestrictions;
import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.os.Process;
import android.os.UserHandle;
import android.os.UserManager;
import com.android.compatibility.common.util.ShellIdentityUtils;
import com.android.cts.deviceandprofileowner.BaseDeviceAdminTest;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Set;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;
public abstract class BaseUserRestrictionsTest extends BaseDeviceAdminTest {
protected static final String[] ALL_USER_RESTRICTIONS = new String[]{
UserManager.DISALLOW_CONFIG_WIFI,
UserManager.DISALLOW_MODIFY_ACCOUNTS,
UserManager.DISALLOW_INSTALL_APPS,
UserManager.DISALLOW_UNINSTALL_APPS,
UserManager.DISALLOW_SHARE_LOCATION,
UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES,
UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES_GLOBALLY,
UserManager.DISALLOW_CONFIG_BLUETOOTH,
UserManager.DISALLOW_USB_FILE_TRANSFER,
UserManager.DISALLOW_CONFIG_CREDENTIALS,
UserManager.DISALLOW_REMOVE_USER,
UserManager.DISALLOW_DEBUGGING_FEATURES,
UserManager.DISALLOW_CONFIG_VPN,
UserManager.DISALLOW_CONFIG_TETHERING,
UserManager.DISALLOW_NETWORK_RESET,
UserManager.DISALLOW_FACTORY_RESET,
UserManager.DISALLOW_ADD_USER,
UserManager.ENSURE_VERIFY_APPS,
UserManager.DISALLOW_CONFIG_CELL_BROADCASTS,
UserManager.DISALLOW_CONFIG_MOBILE_NETWORKS,
UserManager.DISALLOW_APPS_CONTROL,
UserManager.DISALLOW_MOUNT_PHYSICAL_MEDIA,
UserManager.DISALLOW_UNMUTE_MICROPHONE,
UserManager.DISALLOW_ADJUST_VOLUME,
UserManager.DISALLOW_OUTGOING_CALLS,
UserManager.DISALLOW_SMS,
UserManager.DISALLOW_FUN,
UserManager.DISALLOW_CREATE_WINDOWS,
UserManager.DISALLOW_SYSTEM_ERROR_DIALOGS,
UserManager.DISALLOW_CROSS_PROFILE_COPY_PASTE,
UserManager.DISALLOW_OUTGOING_BEAM,
UserManager.DISALLOW_SAFE_BOOT,
UserManager.ALLOW_PARENT_PROFILE_APP_LINKING,
UserManager.DISALLOW_DATA_ROAMING,
UserManager.DISALLOW_SET_USER_ICON,
UserManager.DISALLOW_BLUETOOTH,
UserManager.DISALLOW_BLUETOOTH_SHARING,
UserManager.DISALLOW_CAMERA_TOGGLE,
UserManager.DISALLOW_MICROPHONE_TOGGLE,
};
/**
* Restrictions that affect all users when DO sets.
*/
protected static final String[] DO_GLOBAL_RESTRICTIONS = new String[] {
UserManager.DISALLOW_USB_FILE_TRANSFER,
UserManager.DISALLOW_CONFIG_TETHERING,
UserManager.DISALLOW_NETWORK_RESET,
UserManager.DISALLOW_FACTORY_RESET,
UserManager.DISALLOW_ADD_USER,
UserManager.DISALLOW_CONFIG_CELL_BROADCASTS,
UserManager.DISALLOW_CONFIG_MOBILE_NETWORKS,
UserManager.DISALLOW_MOUNT_PHYSICAL_MEDIA,
UserManager.DISALLOW_SMS,
UserManager.DISALLOW_FUN,
UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES_GLOBALLY,
UserManager.DISALLOW_SAFE_BOOT,
UserManager.DISALLOW_CREATE_WINDOWS,
UserManager.DISALLOW_BLUETOOTH,
// UserManager.DISALLOW_DATA_ROAMING, // Not set during CTS
UserManager.DISALLOW_CAMERA_TOGGLE,
UserManager.DISALLOW_MICROPHONE_TOGGLE,
// PO can set them too, but when DO sets them, they're global.
UserManager.DISALLOW_ADJUST_VOLUME,
UserManager.DISALLOW_UNMUTE_MICROPHONE,
UserManager.DISALLOW_SYSTEM_ERROR_DIALOGS
};
public static final String[] HIDDEN_AND_PROHIBITED = new String[] {
"no_record_audio",
"no_wallpaper",
"no_oem_unlock"
};
protected void assertLayeredRestriction(String restriction, boolean expected) {
assertEquals("Restriction " + restriction + ": expected=" + expected,
expected, mUserManager.hasUserRestriction(restriction));
}
protected void assertOwnerRestriction(String restriction, boolean expected) {
assertEquals("Restriction " + restriction + ": expected=" + expected,
expected, mDevicePolicyManager.getUserRestrictions(ADMIN_RECEIVER_COMPONENT)
.getBoolean(restriction));
}
/** Returns whether {@link UserManager} itself has applied the given restriction to the user. */
protected boolean hasBaseUserRestriction(String restriction, UserHandle userHandle) {
return ShellIdentityUtils.invokeMethodWithShellPermissions(mUserManager,
(um) -> um.hasBaseUserRestriction(restriction, userHandle));
}
/**
* Check that {@link UserManager#hasUserRestriction} gives the expected results for each
* restriction.
* @param expected the list of user restrictions that are expected to have been applied due
* to DO/PO
*/
protected void assertRestrictions(Set<String> expected) {
final UserHandle userHandle = Process.myUserHandle();
for (String r : ALL_USER_RESTRICTIONS) {
assertLayeredRestriction(r,
expected.contains(r) || hasBaseUserRestriction(r, userHandle));
}
}
/**
* Test that the given restriction can be set and cleared, then leave it set again.
*/
protected void assertSetClearUserRestriction(String restriction) {
final boolean hadRestriction = mUserManager.hasUserRestriction(restriction);
assertOwnerRestriction(restriction, false);
// Set. Shouldn't throw.
mDevicePolicyManager.addUserRestriction(ADMIN_RECEIVER_COMPONENT, restriction);
assertOwnerRestriction(restriction, true);
assertLayeredRestriction(restriction, true);
// Then clear.
assertClearUserRestriction(restriction);
assertLayeredRestriction(restriction, hadRestriction);
// Then set again.
mDevicePolicyManager.addUserRestriction(ADMIN_RECEIVER_COMPONENT, restriction);
}
/**
* Test that the given restriction can be cleared. (and leave it cleared.)
*/
protected void assertClearUserRestriction(String restriction) {
mDevicePolicyManager.clearUserRestriction(ADMIN_RECEIVER_COMPONENT, restriction);
assertOwnerRestriction(restriction, false);
}
protected void assertClearDefaultRestrictions() {
for (String restriction : getDefaultEnabledRestrictions()) {
assertClearUserRestriction(restriction);
}
}
/**
* Test that the given restriction *cannot* be set (or clear).
*/
protected void assertCannotSetUserRestriction(String restriction) {
final boolean hadRestriction = mUserManager.hasUserRestriction(restriction);
assertOwnerRestriction(restriction, false);
// Set should fail.
try {
mDevicePolicyManager.addUserRestriction(ADMIN_RECEIVER_COMPONENT, restriction);
fail("Restriction=" + restriction);
} catch (SecurityException e) {
assertTrue("Restriction=" + restriction + " Message was: " + e.getMessage(),
e.getMessage().contains("cannot set user restriction"));
}
// Shouldn't have changed.
assertOwnerRestriction(restriction, false);
assertLayeredRestriction(restriction, hadRestriction);
// Clear should fail too.
try {
mDevicePolicyManager.clearUserRestriction(ADMIN_RECEIVER_COMPONENT, restriction);
fail("Restriction=" + restriction);
} catch (SecurityException e) {
assertTrue("Restriction=" + restriction + " Message was: " + e.getMessage(),
e.getMessage().contains("cannot set user restriction"));
}
// Shouldn't have changed.
assertOwnerRestriction(restriction, false);
assertLayeredRestriction(restriction, hadRestriction);
}
/** For {@link #testSetAllRestrictions} */
protected abstract String[] getAllowedRestrictions();
/** For {@link #testSetAllRestrictions} */
protected abstract String[] getDisallowedRestrictions();
/** For {@link #testDefaultRestrictions()} */
protected abstract String[] getDefaultEnabledRestrictions();
/**
* Test restrictions that should be enabled by default
*/
public void testDefaultRestrictions() {
for (String restriction : getDefaultEnabledRestrictions()) {
assertOwnerRestriction(restriction, true);
}
Set<String> offByDefaultRestrictions = new HashSet<>(Arrays.asList(ALL_USER_RESTRICTIONS));
offByDefaultRestrictions.removeAll(
new HashSet<>(Arrays.asList(getDefaultEnabledRestrictions())));
for (String restriction : offByDefaultRestrictions) {
assertOwnerRestriction(restriction, false);
}
}
/**
* Set only one restriction, and make sure only that's set, and then clear it.
*/
public void testSetAllRestrictionsIndividually() {
assertClearDefaultRestrictions();
for (String r : getAllowedRestrictions()) {
// Set it.
assertSetClearUserRestriction(r);
assertRestrictions(new HashSet<>(Arrays.asList(new String[]{r})));
// Then clear it.
assertClearUserRestriction(r);
}
}
/**
* Make sure all allowed restrictions can be set, and the others can't.
*/
public void testSetAllRestrictions() {
assertClearDefaultRestrictions();
for (String r : getAllowedRestrictions()) {
assertSetClearUserRestriction(r);
}
for (String r : getDisallowedRestrictions()) {
assertCannotSetUserRestriction(r);
}
for (String r : HIDDEN_AND_PROHIBITED) {
assertCannotSetUserRestriction(r);
}
}
/**
* Clear all allowed restrictions.
*/
public void testClearAllRestrictions() {
for (String r : getAllowedRestrictions()) {
assertClearUserRestriction(r);
}
}
public void testBroadcast() throws Exception {
final CountDownLatch latch = new CountDownLatch(1);
final IntentFilter filter = new IntentFilter(UserManager.ACTION_USER_RESTRICTIONS_CHANGED);
mContext.registerReceiver(new BroadcastReceiver() {
@Override
public void onReceive(Context context, Intent intent) {
latch.countDown();
}
}, filter);
final String restriction = UserManager.DISALLOW_CONFIG_WIFI;
mDevicePolicyManager.addUserRestriction(ADMIN_RECEIVER_COMPONENT, restriction);
assertTrue("Didn't receive broadcast", latch.await(120, TimeUnit.SECONDS));
mDevicePolicyManager.clearUserRestriction(ADMIN_RECEIVER_COMPONENT, restriction);
}
}