• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2015 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package com.android.cts.deviceandprofileowner;
18 
19 import android.accounts.Account;
20 import android.accounts.AccountManager;
21 import android.accounts.AuthenticatorException;
22 import android.accounts.OperationCanceledException;
23 import android.app.admin.DevicePolicyManager;
24 import android.content.Context;
25 import android.os.Bundle;
26 import android.os.UserManager;
27 
28 import java.io.IOException;
29 
30 /**
31  * These tests verify that the device / profile owner can use account management APIs to add
32  * accounts even when policies are set. The policies tested are
33  * {@link DevicePolicyManager#setAccountManagementDisabled} and
34  * {@link UserManager#DISALLOW_MODIFY_ACCOUNTS}.
35  *
36  * This test depends on {@link com.android.cts.devicepolicy.accountmanagement.MockAccountService},
37  * which provides authenticator for a mock account type.
38  */
39 public class AllowedAccountManagementTest extends BaseDeviceAdminTest {
40 
41     // Account type for MockAccountAuthenticator
42     private final static String ACCOUNT_TYPE_1 =
43             "com.android.cts.devicepolicy.accountmanagement.account.type";
44     private final static String ACCOUNT_TYPE_2 = "com.dummy.account";
45     private final static Account ACCOUNT = new Account("user0", ACCOUNT_TYPE_1);
46 
47     private AccountManager mAccountManager;
48 
49     @Override
setUp()50     protected void setUp() throws Exception {
51         super.setUp();
52         mAccountManager = (AccountManager) mContext.getSystemService(Context.ACCOUNT_SERVICE);
53         clearAllAccountManagementDisabled();
54         mDevicePolicyManager.clearUserRestriction(ADMIN_RECEIVER_COMPONENT,
55                 UserManager.DISALLOW_MODIFY_ACCOUNTS);
56     }
57 
58     @Override
tearDown()59     protected void tearDown() throws Exception {
60         clearAllAccountManagementDisabled();
61         mDevicePolicyManager.clearUserRestriction(ADMIN_RECEIVER_COMPONENT,
62                 UserManager.DISALLOW_MODIFY_ACCOUNTS);
63         super.tearDown();
64     }
65 
testAccountManagementDisabled_setterAndGetter()66     public void testAccountManagementDisabled_setterAndGetter() {
67         // Some local tests: adding and removing disabled accounts and make sure
68         // DevicePolicyManager keeps track of the disabled set correctly
69         assertEquals(0, mDevicePolicyManager.getAccountTypesWithManagementDisabled().length);
70 
71         mDevicePolicyManager.setAccountManagementDisabled(ADMIN_RECEIVER_COMPONENT, ACCOUNT_TYPE_1,
72                 true);
73         // Test if disabling ACCOUNT_TYPE_2 affects ACCOUNT_TYPE_1
74         mDevicePolicyManager.setAccountManagementDisabled(ADMIN_RECEIVER_COMPONENT, ACCOUNT_TYPE_2,
75                 false);
76         assertEquals(1, mDevicePolicyManager.getAccountTypesWithManagementDisabled().length);
77         assertEquals(ACCOUNT_TYPE_1,
78                 mDevicePolicyManager.getAccountTypesWithManagementDisabled()[0]);
79 
80         mDevicePolicyManager.setAccountManagementDisabled(ADMIN_RECEIVER_COMPONENT, ACCOUNT_TYPE_1,
81                 false);
82         assertEquals(0, mDevicePolicyManager.getAccountTypesWithManagementDisabled().length);
83     }
84 
testAccountManagementDisabled_profileAndDeviceOwnerCanAddAccount()85     public void testAccountManagementDisabled_profileAndDeviceOwnerCanAddAccount()
86             throws AuthenticatorException, IOException, OperationCanceledException {
87         mDevicePolicyManager.setAccountManagementDisabled(ADMIN_RECEIVER_COMPONENT, ACCOUNT_TYPE_1,
88                 true);
89 
90         assertEquals(0, mAccountManager.getAccountsByType(ACCOUNT_TYPE_1).length);
91         // Management is disabled, but the device / profile owner is still allowed to use the APIs
92         Bundle result = mAccountManager.addAccount(ACCOUNT_TYPE_1,
93                 null, null, null, null, null, null).getResult();
94 
95         // Normally the expected result of addAccount() is AccountManager returning
96         // an intent to start the authenticator activity for adding new accounts.
97         // But MockAccountAuthenticator returns a new account straightway.
98         assertEquals(ACCOUNT_TYPE_1, result.getString(AccountManager.KEY_ACCOUNT_TYPE));
99     }
100 
testUserRestriction_profileAndDeviceOwnerCanAddAndRemoveAccount()101     public void testUserRestriction_profileAndDeviceOwnerCanAddAndRemoveAccount()
102             throws AuthenticatorException, IOException, OperationCanceledException {
103         mDevicePolicyManager.addUserRestriction(ADMIN_RECEIVER_COMPONENT,
104                 UserManager.DISALLOW_MODIFY_ACCOUNTS);
105 
106         assertEquals(0, mAccountManager.getAccountsByType(ACCOUNT_TYPE_1).length);
107         // Management is disabled, but the device / profile owner is still allowed to use the APIs
108         Bundle result = mAccountManager.addAccount(ACCOUNT_TYPE_1,
109                 null, null, null, null, null, null).getResult();
110 
111         // Normally the expected result of addAccount() is AccountManager returning
112         // an intent to start the authenticator activity for adding new accounts.
113         // But MockAccountAuthenticator returns a new account straightway.
114         assertEquals(ACCOUNT_TYPE_1, result.getString(AccountManager.KEY_ACCOUNT_TYPE));
115 
116         result = mAccountManager.removeAccount(ACCOUNT, null, null, null).getResult();
117         assertTrue(result.getBoolean(AccountManager.KEY_BOOLEAN_RESULT));
118     }
119 
testRemoveAccount_noUserRestriction()120     public void testRemoveAccount_noUserRestriction()
121             throws AuthenticatorException, IOException, OperationCanceledException {
122         // We only want to verify removeAccount can through to AccountManagerService without
123         // throwing an Exception, so it's not necessary to add the account before removal.
124         Bundle result = mAccountManager.removeAccount(ACCOUNT, null, null, null).getResult();
125         assertTrue(result.getBoolean(AccountManager.KEY_BOOLEAN_RESULT));
126     }
127 
clearAllAccountManagementDisabled()128     private void clearAllAccountManagementDisabled() {
129         for (String accountType : mDevicePolicyManager.getAccountTypesWithManagementDisabled()) {
130             mDevicePolicyManager.setAccountManagementDisabled(ADMIN_RECEIVER_COMPONENT, accountType,
131                     false);
132         }
133         assertEquals(0, mDevicePolicyManager.getAccountTypesWithManagementDisabled().length);
134     }
135 }
136