1 /* 2 * Copyright (C) 2011 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.admin.cts; 18 19 import android.app.admin.DevicePolicyManager; 20 import android.content.ComponentName; 21 import android.content.Context; 22 import android.content.Intent; 23 import android.content.IntentFilter; 24 import android.content.pm.PackageManager; 25 import android.os.UserManager; 26 import android.provider.Settings; 27 import android.test.AndroidTestCase; 28 import android.util.Log; 29 30 import java.util.List; 31 32 import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_COMPLEX; 33 34 /** 35 * Test that exercises {@link DevicePolicyManager}. The test requires that the 36 * CtsDeviceAdminReceiver be installed via the CtsDeviceAdmin.apk and be 37 * activated via "Settings > Location & security > Select device administrators". 38 */ 39 public class DevicePolicyManagerTest extends AndroidTestCase { 40 41 private static final String TAG = DevicePolicyManagerTest.class.getSimpleName(); 42 43 private DevicePolicyManager mDevicePolicyManager; 44 private ComponentName mComponent; 45 private ComponentName mSecondComponent; 46 private boolean mDeviceAdmin; 47 48 private static final String TEST_CA_STRING1 = 49 "-----BEGIN CERTIFICATE-----\n" + 50 "MIICVzCCAgGgAwIBAgIJAMvnLHnnfO/IMA0GCSqGSIb3DQEBBQUAMIGGMQswCQYD\n" + 51 "VQQGEwJJTjELMAkGA1UECAwCQVAxDDAKBgNVBAcMA0hZRDEVMBMGA1UECgwMSU1G\n" + 52 "TCBQVlQgTFREMRAwDgYDVQQLDAdJTUZMIE9VMRIwEAYDVQQDDAlJTUZMLklORk8x\n" + 53 "HzAdBgkqhkiG9w0BCQEWEHJhbWVzaEBpbWZsLmluZm8wHhcNMTMwODI4MDk0NDA5\n" + 54 "WhcNMjMwODI2MDk0NDA5WjCBhjELMAkGA1UEBhMCSU4xCzAJBgNVBAgMAkFQMQww\n" + 55 "CgYDVQQHDANIWUQxFTATBgNVBAoMDElNRkwgUFZUIExURDEQMA4GA1UECwwHSU1G\n" + 56 "TCBPVTESMBAGA1UEAwwJSU1GTC5JTkZPMR8wHQYJKoZIhvcNAQkBFhByYW1lc2hA\n" + 57 "aW1mbC5pbmZvMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ738cbTQlNIO7O6nV/f\n" + 58 "DJTMvWbPkyHYX8CQ7yXiAzEiZ5bzKJjDJmpRAkUrVinljKns2l6C4++l/5A7pFOO\n" + 59 "33kCAwEAAaNQME4wHQYDVR0OBBYEFOdbZP7LaMbgeZYPuds2CeSonmYxMB8GA1Ud\n" + 60 "IwQYMBaAFOdbZP7LaMbgeZYPuds2CeSonmYxMAwGA1UdEwQFMAMBAf8wDQYJKoZI\n" + 61 "hvcNAQEFBQADQQBdrk6J9koyylMtl/zRfiMAc2zgeC825fgP6421NTxs1rjLs1HG\n" + 62 "VcUyQ1/e7WQgOaBHi9TefUJi+4PSVSluOXon\n" + 63 "-----END CERTIFICATE-----"; 64 65 @Override setUp()66 protected void setUp() throws Exception { 67 super.setUp(); 68 mDevicePolicyManager = (DevicePolicyManager) 69 mContext.getSystemService(Context.DEVICE_POLICY_SERVICE); 70 mComponent = DeviceAdminInfoTest.getReceiverComponent(); 71 mSecondComponent = DeviceAdminInfoTest.getSecondReceiverComponent(); 72 mDeviceAdmin = 73 mContext.getPackageManager().hasSystemFeature(PackageManager.FEATURE_DEVICE_ADMIN); 74 setBlankPassword(); 75 } 76 77 @Override tearDown()78 protected void tearDown() throws Exception { 79 super.tearDown(); 80 setBlankPassword(); 81 } 82 setBlankPassword()83 private void setBlankPassword() { 84 if (!mDeviceAdmin) { 85 return; 86 } 87 // Reset the password to nothing for future tests... 88 mDevicePolicyManager.setPasswordQuality(mComponent, 89 DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED); 90 mDevicePolicyManager.setPasswordMinimumLength(mComponent, 0); 91 assertTrue(mDevicePolicyManager.resetPassword("", 0)); 92 } 93 testGetActiveAdmins()94 public void testGetActiveAdmins() { 95 if (!mDeviceAdmin) { 96 Log.w(TAG, "Skipping testGetActiveAdmins"); 97 return; 98 } 99 List<ComponentName> activeAdmins = mDevicePolicyManager.getActiveAdmins(); 100 assertFalse(activeAdmins.isEmpty()); 101 assertTrue(activeAdmins.contains(mComponent)); 102 assertTrue(mDevicePolicyManager.isAdminActive(mComponent)); 103 } 104 testGetMaximumFailedPasswordsForWipe()105 public void testGetMaximumFailedPasswordsForWipe() { 106 if (!mDeviceAdmin) { 107 Log.w(TAG, "Skipping testGetMaximumFailedPasswordsForWipe"); 108 return; 109 } 110 mDevicePolicyManager.setMaximumFailedPasswordsForWipe(mComponent, 3); 111 assertEquals(3, mDevicePolicyManager.getMaximumFailedPasswordsForWipe(mComponent)); 112 113 mDevicePolicyManager.setMaximumFailedPasswordsForWipe(mComponent, 5); 114 assertEquals(5, mDevicePolicyManager.getMaximumFailedPasswordsForWipe(mComponent)); 115 } 116 testPasswordQuality_something()117 public void testPasswordQuality_something() { 118 if (!mDeviceAdmin) { 119 Log.w(TAG, "Skipping testPasswordQuality_something"); 120 return; 121 } 122 mDevicePolicyManager.setPasswordQuality(mComponent, 123 DevicePolicyManager.PASSWORD_QUALITY_SOMETHING); 124 assertEquals(DevicePolicyManager.PASSWORD_QUALITY_SOMETHING, 125 mDevicePolicyManager.getPasswordQuality(mComponent)); 126 assertFalse(mDevicePolicyManager.isActivePasswordSufficient()); 127 128 assertTrue(mDevicePolicyManager.resetPassword("123", 0)); 129 assertTrue(mDevicePolicyManager.resetPassword("abcd", 0)); 130 assertTrue(mDevicePolicyManager.resetPassword("abcd123", 0)); 131 assertTrue(mDevicePolicyManager.isActivePasswordSufficient()); 132 133 mDevicePolicyManager.setPasswordMinimumLength(mComponent, 10); 134 assertEquals(10, mDevicePolicyManager.getPasswordMinimumLength(mComponent)); 135 assertFalse(mDevicePolicyManager.isActivePasswordSufficient()); 136 137 assertFalse(mDevicePolicyManager.resetPassword("123", 0)); 138 assertFalse(mDevicePolicyManager.resetPassword("abcd", 0)); 139 assertFalse(mDevicePolicyManager.resetPassword("abcd123", 0)); 140 141 mDevicePolicyManager.setPasswordMinimumLength(mComponent, 3); 142 assertEquals(3, mDevicePolicyManager.getPasswordMinimumLength(mComponent)); 143 assertTrue(mDevicePolicyManager.isActivePasswordSufficient()); 144 145 assertTrue(mDevicePolicyManager.resetPassword("123", 0)); 146 assertTrue(mDevicePolicyManager.resetPassword("abcd", 0)); 147 assertTrue(mDevicePolicyManager.resetPassword("abcd123", 0)); 148 } 149 testPasswordQuality_numeric()150 public void testPasswordQuality_numeric() { 151 if (!mDeviceAdmin) { 152 Log.w(TAG, "Skipping testPasswordQuality_numeric"); 153 return; 154 } 155 mDevicePolicyManager.setPasswordQuality(mComponent, 156 DevicePolicyManager.PASSWORD_QUALITY_NUMERIC); 157 assertEquals(DevicePolicyManager.PASSWORD_QUALITY_NUMERIC, 158 mDevicePolicyManager.getPasswordQuality(mComponent)); 159 assertFalse(mDevicePolicyManager.isActivePasswordSufficient()); 160 161 assertTrue(mDevicePolicyManager.resetPassword("123", 0)); 162 assertTrue(mDevicePolicyManager.resetPassword("abcd", 0)); 163 assertTrue(mDevicePolicyManager.resetPassword("abcd123", 0)); 164 assertTrue(mDevicePolicyManager.isActivePasswordSufficient()); 165 166 mDevicePolicyManager.setPasswordMinimumLength(mComponent, 10); 167 assertEquals(10, mDevicePolicyManager.getPasswordMinimumLength(mComponent)); 168 assertFalse(mDevicePolicyManager.isActivePasswordSufficient()); 169 170 assertFalse(mDevicePolicyManager.resetPassword("123", 0)); 171 assertFalse(mDevicePolicyManager.resetPassword("abcd", 0)); 172 assertFalse(mDevicePolicyManager.resetPassword("abcd123", 0)); 173 174 mDevicePolicyManager.setPasswordMinimumLength(mComponent, 3); 175 assertEquals(3, mDevicePolicyManager.getPasswordMinimumLength(mComponent)); 176 assertTrue(mDevicePolicyManager.isActivePasswordSufficient()); 177 178 assertTrue(mDevicePolicyManager.resetPassword("123", 0)); 179 assertTrue(mDevicePolicyManager.resetPassword("abcd", 0)); 180 assertTrue(mDevicePolicyManager.resetPassword("abcd123", 0)); 181 } 182 testPasswordQuality_alphabetic()183 public void testPasswordQuality_alphabetic() { 184 if (!mDeviceAdmin) { 185 Log.w(TAG, "Skipping testPasswordQuality_alphabetic"); 186 return; 187 } 188 mDevicePolicyManager.setPasswordQuality(mComponent, 189 DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC); 190 assertEquals(DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC, 191 mDevicePolicyManager.getPasswordQuality(mComponent)); 192 assertFalse(mDevicePolicyManager.isActivePasswordSufficient()); 193 194 assertFalse(mDevicePolicyManager.resetPassword("123", 0)); 195 assertTrue(mDevicePolicyManager.resetPassword("abcd", 0)); 196 assertTrue(mDevicePolicyManager.resetPassword("abcd123", 0)); 197 assertTrue(mDevicePolicyManager.isActivePasswordSufficient()); 198 199 mDevicePolicyManager.setPasswordMinimumLength(mComponent, 10); 200 assertEquals(10, mDevicePolicyManager.getPasswordMinimumLength(mComponent)); 201 assertFalse(mDevicePolicyManager.isActivePasswordSufficient()); 202 203 assertFalse(mDevicePolicyManager.resetPassword("123", 0)); 204 assertFalse(mDevicePolicyManager.resetPassword("abcd", 0)); 205 assertFalse(mDevicePolicyManager.resetPassword("abcd123", 0)); 206 207 mDevicePolicyManager.setPasswordMinimumLength(mComponent, 3); 208 assertEquals(3, mDevicePolicyManager.getPasswordMinimumLength(mComponent)); 209 assertTrue(mDevicePolicyManager.isActivePasswordSufficient()); 210 211 assertFalse(mDevicePolicyManager.resetPassword("123", 0)); 212 assertTrue(mDevicePolicyManager.resetPassword("abcd", 0)); 213 assertTrue(mDevicePolicyManager.resetPassword("abcd123", 0)); 214 } 215 testPasswordQuality_alphanumeric()216 public void testPasswordQuality_alphanumeric() { 217 if (!mDeviceAdmin) { 218 Log.w(TAG, "Skipping testPasswordQuality_alphanumeric"); 219 return; 220 } 221 mDevicePolicyManager.setPasswordQuality(mComponent, 222 DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC); 223 assertEquals(DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC, 224 mDevicePolicyManager.getPasswordQuality(mComponent)); 225 assertFalse(mDevicePolicyManager.isActivePasswordSufficient()); 226 227 assertFalse(mDevicePolicyManager.resetPassword("123", 0)); 228 assertFalse(mDevicePolicyManager.resetPassword("abcd", 0)); 229 assertTrue(mDevicePolicyManager.resetPassword("abcd123", 0)); 230 assertTrue(mDevicePolicyManager.isActivePasswordSufficient()); 231 232 mDevicePolicyManager.setPasswordMinimumLength(mComponent, 10); 233 assertEquals(10, mDevicePolicyManager.getPasswordMinimumLength(mComponent)); 234 assertFalse(mDevicePolicyManager.isActivePasswordSufficient()); 235 236 assertFalse(mDevicePolicyManager.resetPassword("123", 0)); 237 assertFalse(mDevicePolicyManager.resetPassword("abcd", 0)); 238 assertFalse(mDevicePolicyManager.resetPassword("abcd123", 0)); 239 240 mDevicePolicyManager.setPasswordMinimumLength(mComponent, 3); 241 assertEquals(3, mDevicePolicyManager.getPasswordMinimumLength(mComponent)); 242 assertTrue(mDevicePolicyManager.isActivePasswordSufficient()); 243 244 assertFalse(mDevicePolicyManager.resetPassword("123", 0)); 245 assertFalse(mDevicePolicyManager.resetPassword("abcd", 0)); 246 assertTrue(mDevicePolicyManager.resetPassword("abcd123", 0)); 247 } 248 testPasswordQuality_complexUpperCase()249 public void testPasswordQuality_complexUpperCase() { 250 if (!mDeviceAdmin) { 251 Log.w(TAG, "Skipping testPasswordQuality_complexUpperCase"); 252 return; 253 } 254 255 mDevicePolicyManager.setPasswordQuality(mComponent, PASSWORD_QUALITY_COMPLEX); 256 assertEquals(PASSWORD_QUALITY_COMPLEX, mDevicePolicyManager.getPasswordQuality(mComponent)); 257 resetComplexPasswordRestrictions(); 258 259 String caseDescription = "minimum UpperCase=0"; 260 assertPasswordSucceeds("abc", caseDescription); 261 assertPasswordSucceeds("aBc", caseDescription); 262 assertPasswordSucceeds("ABC", caseDescription); 263 assertPasswordSucceeds("ABCD", caseDescription); 264 265 mDevicePolicyManager.setPasswordMinimumUpperCase(mComponent, 1); 266 assertEquals(1, mDevicePolicyManager.getPasswordMinimumUpperCase(mComponent)); 267 caseDescription = "minimum UpperCase=1"; 268 assertPasswordFails("abc", caseDescription); 269 assertPasswordSucceeds("aBc", caseDescription); 270 assertPasswordSucceeds("ABC", caseDescription); 271 assertPasswordSucceeds("ABCD", caseDescription); 272 273 mDevicePolicyManager.setPasswordMinimumUpperCase(mComponent, 3); 274 assertEquals(3, mDevicePolicyManager.getPasswordMinimumUpperCase(mComponent)); 275 caseDescription = "minimum UpperCase=3"; 276 assertPasswordFails("abc", caseDescription); 277 assertPasswordFails("aBC", caseDescription); 278 assertPasswordSucceeds("ABC", caseDescription); 279 assertPasswordSucceeds("ABCD", caseDescription); 280 } 281 testPasswordQuality_complexLowerCase()282 public void testPasswordQuality_complexLowerCase() { 283 if (!mDeviceAdmin) { 284 Log.w(TAG, "Skipping testPasswordQuality_complexLowerCase"); 285 return; 286 } 287 288 mDevicePolicyManager.setPasswordQuality(mComponent, PASSWORD_QUALITY_COMPLEX); 289 assertEquals(PASSWORD_QUALITY_COMPLEX, mDevicePolicyManager.getPasswordQuality(mComponent)); 290 resetComplexPasswordRestrictions(); 291 292 String caseDescription = "minimum LowerCase=0"; 293 assertPasswordSucceeds("ABCD", caseDescription); 294 assertPasswordSucceeds("aBC", caseDescription); 295 assertPasswordSucceeds("abc", caseDescription); 296 assertPasswordSucceeds("abcd", caseDescription); 297 298 mDevicePolicyManager.setPasswordMinimumLowerCase(mComponent, 1); 299 assertEquals(1, mDevicePolicyManager.getPasswordMinimumLowerCase(mComponent)); 300 caseDescription = "minimum LowerCase=1"; 301 assertPasswordFails("ABCD", caseDescription); 302 assertPasswordSucceeds("aBC", caseDescription); 303 assertPasswordSucceeds("abc", caseDescription); 304 assertPasswordSucceeds("abcd", caseDescription); 305 306 mDevicePolicyManager.setPasswordMinimumLowerCase(mComponent, 3); 307 assertEquals(3, mDevicePolicyManager.getPasswordMinimumLowerCase(mComponent)); 308 caseDescription = "minimum LowerCase=3"; 309 assertPasswordFails("ABCD", caseDescription); 310 assertPasswordFails("aBC", caseDescription); 311 assertPasswordSucceeds("abc", caseDescription); 312 assertPasswordSucceeds("abcd", caseDescription); 313 } 314 testPasswordQuality_complexLetters()315 public void testPasswordQuality_complexLetters() { 316 if (!mDeviceAdmin) { 317 Log.w(TAG, "Skipping testPasswordQuality_complexLetters"); 318 return; 319 } 320 321 mDevicePolicyManager.setPasswordQuality(mComponent, PASSWORD_QUALITY_COMPLEX); 322 assertEquals(PASSWORD_QUALITY_COMPLEX, mDevicePolicyManager.getPasswordQuality(mComponent)); 323 resetComplexPasswordRestrictions(); 324 325 String caseDescription = "minimum Letters=0"; 326 assertPasswordSucceeds("1234", caseDescription); 327 assertPasswordSucceeds("a23", caseDescription); 328 assertPasswordSucceeds("abc", caseDescription); 329 assertPasswordSucceeds("abcd", caseDescription); 330 331 mDevicePolicyManager.setPasswordMinimumLetters(mComponent, 1); 332 assertEquals(1, mDevicePolicyManager.getPasswordMinimumLetters(mComponent)); 333 caseDescription = "minimum Letters=1"; 334 assertPasswordFails("1234", caseDescription); 335 assertPasswordSucceeds("a23", caseDescription); 336 assertPasswordSucceeds("abc", caseDescription); 337 assertPasswordSucceeds("abcd", caseDescription); 338 339 mDevicePolicyManager.setPasswordMinimumLetters(mComponent, 3); 340 assertEquals(3, mDevicePolicyManager.getPasswordMinimumLetters(mComponent)); 341 caseDescription = "minimum Letters=3"; 342 assertPasswordFails("1234", caseDescription); 343 assertPasswordFails("a23", caseDescription); 344 assertPasswordSucceeds("abc", caseDescription); 345 assertPasswordSucceeds("abcd", caseDescription); 346 } 347 testPasswordQuality_complexNumeric()348 public void testPasswordQuality_complexNumeric() { 349 if (!mDeviceAdmin) { 350 Log.w(TAG, "Skipping testPasswordQuality_complexNumeric"); 351 return; 352 } 353 354 mDevicePolicyManager.setPasswordQuality(mComponent, PASSWORD_QUALITY_COMPLEX); 355 assertEquals(PASSWORD_QUALITY_COMPLEX, mDevicePolicyManager.getPasswordQuality(mComponent)); 356 resetComplexPasswordRestrictions(); 357 358 String caseDescription = "minimum Numeric=0"; 359 assertPasswordSucceeds("abcd", caseDescription); 360 assertPasswordSucceeds("1bc", caseDescription); 361 assertPasswordSucceeds("123", caseDescription); 362 assertPasswordSucceeds("1234", caseDescription); 363 364 mDevicePolicyManager.setPasswordMinimumNumeric(mComponent, 1); 365 assertEquals(1, mDevicePolicyManager.getPasswordMinimumNumeric(mComponent)); 366 caseDescription = "minimum Numeric=1"; 367 assertPasswordFails("abcd", caseDescription); 368 assertPasswordSucceeds("1bc", caseDescription); 369 assertPasswordSucceeds("123", caseDescription); 370 assertPasswordSucceeds("1234", caseDescription); 371 372 mDevicePolicyManager.setPasswordMinimumNumeric(mComponent, 3); 373 assertEquals(3, mDevicePolicyManager.getPasswordMinimumNumeric(mComponent)); 374 caseDescription = "minimum Numeric=3"; 375 assertPasswordFails("abcd", caseDescription); 376 assertPasswordFails("1bc", caseDescription); 377 assertPasswordSucceeds("123", caseDescription); 378 assertPasswordSucceeds("1234", caseDescription); 379 } 380 testPasswordQuality_complexSymbols()381 public void testPasswordQuality_complexSymbols() { 382 if (!mDeviceAdmin) { 383 Log.w(TAG, "Skipping testPasswordQuality_complexSymbols"); 384 return; 385 } 386 387 mDevicePolicyManager.setPasswordQuality(mComponent, PASSWORD_QUALITY_COMPLEX); 388 assertEquals(PASSWORD_QUALITY_COMPLEX, mDevicePolicyManager.getPasswordQuality(mComponent)); 389 resetComplexPasswordRestrictions(); 390 391 String caseDescription = "minimum Symbols=0"; 392 assertPasswordSucceeds("abcd", caseDescription); 393 assertPasswordSucceeds("_bc", caseDescription); 394 assertPasswordSucceeds("@#!", caseDescription); 395 assertPasswordSucceeds("_@#!", caseDescription); 396 397 mDevicePolicyManager.setPasswordMinimumSymbols(mComponent, 1); 398 assertEquals(1, mDevicePolicyManager.getPasswordMinimumSymbols(mComponent)); 399 caseDescription = "minimum Symbols=1"; 400 assertPasswordFails("abcd", caseDescription); 401 assertPasswordSucceeds("_bc", caseDescription); 402 assertPasswordSucceeds("@#!", caseDescription); 403 assertPasswordSucceeds("_@#!", caseDescription); 404 405 mDevicePolicyManager.setPasswordMinimumSymbols(mComponent, 3); 406 assertEquals(3, mDevicePolicyManager.getPasswordMinimumSymbols(mComponent)); 407 caseDescription = "minimum Symbols=3"; 408 assertPasswordFails("abcd", caseDescription); 409 assertPasswordFails("_bc", caseDescription); 410 assertPasswordSucceeds("@#!", caseDescription); 411 assertPasswordSucceeds("_@#!", caseDescription); 412 } 413 testPasswordQuality_complexNonLetter()414 public void testPasswordQuality_complexNonLetter() { 415 if (!mDeviceAdmin) { 416 Log.w(TAG, "Skipping testPasswordQuality_complexNonLetter"); 417 return; 418 } 419 420 mDevicePolicyManager.setPasswordQuality(mComponent, PASSWORD_QUALITY_COMPLEX); 421 assertEquals(PASSWORD_QUALITY_COMPLEX, mDevicePolicyManager.getPasswordQuality(mComponent)); 422 resetComplexPasswordRestrictions(); 423 424 String caseDescription = "minimum NonLetter=0"; 425 assertPasswordSucceeds("Abcd", caseDescription); 426 assertPasswordSucceeds("_bcd", caseDescription); 427 assertPasswordSucceeds("3bcd", caseDescription); 428 assertPasswordSucceeds("_@3c", caseDescription); 429 assertPasswordSucceeds("_25!", caseDescription); 430 431 mDevicePolicyManager.setPasswordMinimumNonLetter(mComponent, 1); 432 assertEquals(1, mDevicePolicyManager.getPasswordMinimumNonLetter(mComponent)); 433 caseDescription = "minimum NonLetter=1"; 434 assertPasswordFails("Abcd", caseDescription); 435 assertPasswordSucceeds("_bcd", caseDescription); 436 assertPasswordSucceeds("3bcd", caseDescription); 437 assertPasswordSucceeds("_@3c", caseDescription); 438 assertPasswordSucceeds("_25!", caseDescription); 439 440 mDevicePolicyManager.setPasswordMinimumNonLetter(mComponent, 3); 441 assertEquals(3, mDevicePolicyManager.getPasswordMinimumNonLetter(mComponent)); 442 caseDescription = "minimum NonLetter=3"; 443 assertPasswordFails("Abcd", caseDescription); 444 assertPasswordFails("_bcd", caseDescription); 445 assertPasswordFails("3bcd", caseDescription); 446 assertPasswordSucceeds("c_@3c", caseDescription); 447 assertPasswordSucceeds("_25!", caseDescription); 448 } 449 testPasswordHistoryLength()450 public void testPasswordHistoryLength() { 451 if (!mDeviceAdmin) { 452 Log.w(TAG, "Skipping testPasswordHistoryLength"); 453 return; 454 } 455 // Password history length restriction is only imposed if password quality is at least 456 // numeric. 457 mDevicePolicyManager.setPasswordQuality(mComponent, 458 DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC); 459 int originalValue = mDevicePolicyManager.getPasswordHistoryLength(mComponent); 460 try { 461 mDevicePolicyManager.setPasswordHistoryLength(mComponent, 3); 462 assertEquals(3, mDevicePolicyManager.getPasswordHistoryLength(mComponent)); 463 // Although it would make sense we cannot test if password history restrictions 464 // are enforced as DevicePolicyManagerService.resetPassword fails to do so at the 465 // moment. See b/17707820 466 } finally { 467 mDevicePolicyManager.setPasswordHistoryLength(mComponent, originalValue); 468 } 469 } 470 testPasswordExpirationTimeout()471 public void testPasswordExpirationTimeout() { 472 if (!mDeviceAdmin) { 473 Log.w(TAG, "Skipping testPasswordExpirationTimeout"); 474 return; 475 } 476 long originalValue = mDevicePolicyManager.getPasswordExpirationTimeout(mComponent); 477 try { 478 for (long testLength : new long[] { 479 0L, 864000000L /* ten days */, 8640000000L /* 100 days */}) { 480 mDevicePolicyManager.setPasswordExpirationTimeout(mComponent, testLength); 481 assertEquals(testLength, 482 mDevicePolicyManager.getPasswordExpirationTimeout(mComponent)); 483 } 484 } finally { 485 mDevicePolicyManager.setPasswordExpirationTimeout(mComponent, originalValue); 486 } 487 } 488 testCreateUser_failIfNotDeviceOwner()489 public void testCreateUser_failIfNotDeviceOwner() { 490 if (!mDeviceAdmin) { 491 Log.w(TAG, "Skipping testCreateUser_failIfNotDeviceOwner"); 492 return; 493 } 494 try { 495 mDevicePolicyManager.createUser(mComponent, "user name"); 496 fail("did not throw expected SecurityException"); 497 } catch (SecurityException e) { 498 assertDeviceOwnerMessage(e.getMessage()); 499 } 500 } 501 testRemoveUser_failIfNotDeviceOwner()502 public void testRemoveUser_failIfNotDeviceOwner() { 503 if (!mDeviceAdmin) { 504 Log.w(TAG, "Skipping testRemoveUser_failIfNotDeviceOwner"); 505 return; 506 } 507 try { 508 mDevicePolicyManager.removeUser(mComponent, null); 509 fail("did not throw expected SecurityException"); 510 } catch (SecurityException e) { 511 assertDeviceOwnerMessage(e.getMessage()); 512 } 513 } 514 testSetApplicationHidden_failIfNotDeviceOrProfileOwner()515 public void testSetApplicationHidden_failIfNotDeviceOrProfileOwner() { 516 if (!mDeviceAdmin) { 517 Log.w(TAG, "Skipping testSetApplicationHidden_failIfNotDeviceOrProfileOwner"); 518 return; 519 } 520 try { 521 mDevicePolicyManager.setApplicationHidden(mComponent, "com.google.anything", true); 522 fail("did not throw expected SecurityException"); 523 } catch (SecurityException e) { 524 assertProfileOwnerMessage(e.getMessage()); 525 } 526 } 527 testIsApplicationHidden_failIfNotDeviceOrProfileOwner()528 public void testIsApplicationHidden_failIfNotDeviceOrProfileOwner() { 529 if (!mDeviceAdmin) { 530 Log.w(TAG, "Skipping testIsApplicationHidden_failIfNotDeviceOrProfileOwner"); 531 return; 532 } 533 try { 534 mDevicePolicyManager.isApplicationHidden(mComponent, "com.google.anything"); 535 fail("did not throw expected SecurityException"); 536 } catch (SecurityException e) { 537 assertProfileOwnerMessage(e.getMessage()); 538 } 539 } 540 testSetGlobalSetting_failIfNotDeviceOwner()541 public void testSetGlobalSetting_failIfNotDeviceOwner() { 542 if (!mDeviceAdmin) { 543 Log.w(TAG, "Skipping testSetGlobalSetting_failIfNotDeviceOwner"); 544 return; 545 } 546 try { 547 mDevicePolicyManager.setGlobalSetting(mComponent, 548 Settings.Global.WIFI_NETWORKS_AVAILABLE_NOTIFICATION_ON, "1"); 549 fail("did not throw expected SecurityException"); 550 } catch (SecurityException e) { 551 assertDeviceOwnerMessage(e.getMessage()); 552 } 553 } 554 testSetSecureSetting_failIfNotDeviceOrProfileOwner()555 public void testSetSecureSetting_failIfNotDeviceOrProfileOwner() { 556 if (!mDeviceAdmin) { 557 Log.w(TAG, "Skipping testSetSecureSetting_failIfNotDeviceOrProfileOwner"); 558 return; 559 } 560 try { 561 mDevicePolicyManager.setSecureSetting(mComponent, 562 Settings.Secure.INSTALL_NON_MARKET_APPS, "1"); 563 fail("did not throw expected SecurityException"); 564 } catch (SecurityException e) { 565 assertProfileOwnerMessage(e.getMessage()); 566 } 567 } 568 testSetMasterVolumeMuted_failIfNotDeviceOrProfileOwner()569 public void testSetMasterVolumeMuted_failIfNotDeviceOrProfileOwner() { 570 if (!mDeviceAdmin) { 571 Log.w(TAG, "Skipping testSetMasterVolumeMuted_failIfNotDeviceOrProfileOwner"); 572 return; 573 } 574 try { 575 mDevicePolicyManager.setMasterVolumeMuted(mComponent, true); 576 fail("did not throw expected SecurityException"); 577 } catch (SecurityException e) { 578 assertProfileOwnerMessage(e.getMessage()); 579 } 580 } 581 testIsMasterVolumeMuted_failIfNotDeviceOrProfileOwner()582 public void testIsMasterVolumeMuted_failIfNotDeviceOrProfileOwner() { 583 if (!mDeviceAdmin) { 584 Log.w(TAG, "Skipping testSetMasterVolumeMuted_failIfNotDeviceOrProfileOwner"); 585 return; 586 } 587 try { 588 mDevicePolicyManager.isMasterVolumeMuted(mComponent); 589 fail("did not throw expected SecurityException"); 590 } catch (SecurityException e) { 591 assertProfileOwnerMessage(e.getMessage()); 592 } 593 } 594 testSetRecommendedGlobalProxy_failIfNotDeviceOwner()595 public void testSetRecommendedGlobalProxy_failIfNotDeviceOwner() { 596 if (!mDeviceAdmin) { 597 Log.w(TAG, "Skipping testSetRecommendedGlobalProxy_failIfNotDeviceOwner"); 598 return; 599 } 600 try { 601 mDevicePolicyManager.setRecommendedGlobalProxy(mComponent, null); 602 fail("did not throw expected SecurityException"); 603 } catch (SecurityException e) { 604 assertDeviceOwnerMessage(e.getMessage()); 605 } 606 } 607 testSetLockTaskPackages_failIfNotDeviceOwner()608 public void testSetLockTaskPackages_failIfNotDeviceOwner() { 609 if (!mDeviceAdmin) { 610 Log.w(TAG, "Skipping testSetLockTaskPackages_failIfNotDeviceOwner"); 611 return; 612 } 613 try { 614 mDevicePolicyManager.setLockTaskPackages(mComponent, new String[] {"package"}); 615 fail("did not throw expected SecurityException"); 616 } catch (SecurityException e) { 617 } 618 } 619 testClearDeviceOwnerApp_failIfNotDeviceOwner()620 public void testClearDeviceOwnerApp_failIfNotDeviceOwner() { 621 if (!mDeviceAdmin) { 622 Log.w(TAG, "Skipping testClearDeviceOwnerApp_failIfNotDeviceOwner"); 623 return; 624 } 625 try { 626 mDevicePolicyManager.clearDeviceOwnerApp("android.deviceadmin.cts"); 627 fail("did not throw expected SecurityException"); 628 } catch (SecurityException e) { 629 assertDeviceOwnerMessage(e.getMessage()); 630 } 631 } 632 testSwitchUser_failIfNotDeviceOwner()633 public void testSwitchUser_failIfNotDeviceOwner() { 634 if (!mDeviceAdmin) { 635 Log.w(TAG, "Skipping testSwitchUser_failIfNotDeviceOwner"); 636 return; 637 } 638 try { 639 mDevicePolicyManager.switchUser(mComponent, null); 640 fail("did not throw expected SecurityException"); 641 } catch (SecurityException e) { 642 assertDeviceOwnerMessage(e.getMessage()); 643 } 644 } 645 testCreateAndInitializeUser_failIfNotDeviceOwner()646 public void testCreateAndInitializeUser_failIfNotDeviceOwner() { 647 if (!mDeviceAdmin) { 648 Log.w(TAG, "Skipping testCreateAndInitializeUser_failIfNotDeviceOwner"); 649 return; 650 } 651 try { 652 mDevicePolicyManager.createAndInitializeUser(mComponent, "name", "admin name", 653 mComponent, null); 654 fail("did not throw expected SecurityException"); 655 } catch (SecurityException e) { 656 assertDeviceOwnerMessage(e.getMessage()); 657 } 658 } 659 testInstallCaCert_failIfNotProfileOwner()660 public void testInstallCaCert_failIfNotProfileOwner() { 661 if (!mDeviceAdmin) { 662 Log.w(TAG, "Skipping testInstallCaCert_failIfNotProfileOwner"); 663 return; 664 } 665 try { 666 mDevicePolicyManager.installCaCert(mComponent, 667 TEST_CA_STRING1.getBytes()); 668 fail("did not throw expected SecurityException"); 669 } catch (SecurityException e) { 670 assertProfileOwnerMessage(e.getMessage()); 671 } 672 } 673 testUninstallCaCert_failIfNotProfileOwner()674 public void testUninstallCaCert_failIfNotProfileOwner() { 675 if (!mDeviceAdmin) { 676 Log.w(TAG, "Skipping testUninstallCaCert_failIfNotProfileOwner"); 677 return; 678 } 679 try { 680 mDevicePolicyManager.uninstallCaCert(mComponent, 681 TEST_CA_STRING1.getBytes()); 682 fail("did not throw expected SecurityException"); 683 } catch (SecurityException e) { 684 assertProfileOwnerMessage(e.getMessage()); 685 } 686 } 687 testGetInstalledCaCerts_failIfNotProfileOwner()688 public void testGetInstalledCaCerts_failIfNotProfileOwner() { 689 if (!mDeviceAdmin) { 690 Log.w(TAG, "Skipping testGetInstalledCaCerts_failIfNotProfileOwner"); 691 return; 692 } 693 try { 694 mDevicePolicyManager.getInstalledCaCerts(mComponent); 695 fail("did not throw expected SecurityException"); 696 } catch (SecurityException e) { 697 assertProfileOwnerMessage(e.getMessage()); 698 } 699 } 700 testHasCaCertInstalled_failIfNotProfileOwner()701 public void testHasCaCertInstalled_failIfNotProfileOwner() { 702 if (!mDeviceAdmin) { 703 Log.w(TAG, "Skipping testHasCaCertInstalled_failIfNotProfileOwner"); 704 return; 705 } 706 try { 707 mDevicePolicyManager.hasCaCertInstalled(mComponent, 708 TEST_CA_STRING1.getBytes()); 709 fail("did not throw expected SecurityException"); 710 } catch (SecurityException e) { 711 assertProfileOwnerMessage(e.getMessage()); 712 } 713 } 714 testUninstallAllUserCaCerts_failIfNotProfileOwner()715 public void testUninstallAllUserCaCerts_failIfNotProfileOwner() { 716 if (!mDeviceAdmin) { 717 Log.w(TAG, "Skipping testUninstallAllUserCaCerts_failIfNotProfileOwner"); 718 return; 719 } 720 try { 721 mDevicePolicyManager.uninstallAllUserCaCerts(mComponent); 722 fail("did not throw expected SecurityException"); 723 } catch (SecurityException e) { 724 assertProfileOwnerMessage(e.getMessage()); 725 } 726 } 727 testSetScreenCaptureDisabled_failIfNotProfileOwner()728 public void testSetScreenCaptureDisabled_failIfNotProfileOwner() { 729 if (!mDeviceAdmin) { 730 Log.w(TAG, "Skipping testSetScreenCaptureDisabled_failIfNotProfileOwner"); 731 return; 732 } 733 try { 734 mDevicePolicyManager.setScreenCaptureDisabled(mComponent, true); 735 fail("did not throw expected SecurityException"); 736 } catch (SecurityException e) { 737 assertProfileOwnerMessage(e.getMessage()); 738 } 739 } 740 testSetAutoTimeRequired_failIfNotDeviceOwner()741 public void testSetAutoTimeRequired_failIfNotDeviceOwner() { 742 if (!mDeviceAdmin) { 743 Log.w(TAG, "Skipping testSetAutoTimeRequired_failIfNotDeviceOwner"); 744 return; 745 } 746 try { 747 mDevicePolicyManager.setAutoTimeRequired(mComponent, true); 748 fail("did not throw expected SecurityException"); 749 } catch (SecurityException e) { 750 assertDeviceOwnerMessage(e.getMessage()); 751 } 752 } 753 testAddPersistentPreferredActivity_failIfNotProfileOwner()754 public void testAddPersistentPreferredActivity_failIfNotProfileOwner() { 755 if (!mDeviceAdmin) { 756 Log.w(TAG, "Skipping testAddPersistentPreferredActivity_failIfNotProfileOwner"); 757 return; 758 } 759 try { 760 mDevicePolicyManager.addPersistentPreferredActivity(mComponent, 761 new IntentFilter(Intent.ACTION_MAIN), 762 new ComponentName("android.admin.cts", "dummy")); 763 fail("did not throw expected SecurityException"); 764 } catch (SecurityException e) { 765 assertProfileOwnerMessage(e.getMessage()); 766 } 767 } 768 testClearPackagePersistentPreferredActivities_failIfNotProfileOwner()769 public void testClearPackagePersistentPreferredActivities_failIfNotProfileOwner() { 770 if (!mDeviceAdmin) { 771 Log.w(TAG, "Skipping testClearPackagePersistentPreferredActivities_failIfNotProfileOwner"); 772 return; 773 } 774 try { 775 mDevicePolicyManager.clearPackagePersistentPreferredActivities(mComponent, 776 "android.admin.cts"); 777 fail("did not throw expected SecurityException"); 778 } catch (SecurityException e) { 779 assertProfileOwnerMessage(e.getMessage()); 780 } 781 } 782 testSetApplicationRestrictions_failIfNotProfileOwner()783 public void testSetApplicationRestrictions_failIfNotProfileOwner() { 784 if (!mDeviceAdmin) { 785 Log.w(TAG, "Skipping testSetApplicationRestrictions_failIfNotProfileOwner"); 786 return; 787 } 788 try { 789 mDevicePolicyManager.setApplicationRestrictions(mComponent, 790 "android.admin.cts", null); 791 fail("did not throw expected SecurityException"); 792 } catch (SecurityException e) { 793 assertProfileOwnerMessage(e.getMessage()); 794 } 795 } 796 testAddUserRestriction_failIfNotProfileOwner()797 public void testAddUserRestriction_failIfNotProfileOwner() { 798 if (!mDeviceAdmin) { 799 Log.w(TAG, "Skipping testAddUserRestriction_failIfNotProfileOwner"); 800 return; 801 } 802 try { 803 mDevicePolicyManager.addUserRestriction(mComponent, 804 UserManager.DISALLOW_SMS); 805 fail("did not throw expected SecurityException"); 806 } catch (SecurityException e) { 807 assertProfileOwnerMessage(e.getMessage()); 808 } 809 } 810 testSetAccountManagementDisabled_failIfNotProfileOwner()811 public void testSetAccountManagementDisabled_failIfNotProfileOwner() { 812 if (!mDeviceAdmin) { 813 Log.w(TAG, "Skipping testSetAccountManagementDisabled_failIfNotProfileOwner"); 814 return; 815 } 816 try { 817 mDevicePolicyManager.setAccountManagementDisabled(mComponent, 818 "dummy", true); 819 fail("did not throw expected SecurityException"); 820 } catch (SecurityException e) { 821 assertProfileOwnerMessage(e.getMessage()); 822 } 823 } 824 testSetRestrictionsProvider_failIfNotProfileOwner()825 public void testSetRestrictionsProvider_failIfNotProfileOwner() { 826 if (!mDeviceAdmin) { 827 Log.w(TAG, "Skipping testSetRestrictionsProvider_failIfNotProfileOwner"); 828 return; 829 } 830 try { 831 mDevicePolicyManager.setRestrictionsProvider(mComponent, 832 new ComponentName("android.admin.cts", "dummy")); 833 fail("did not throw expected SecurityException"); 834 } catch (SecurityException e) { 835 assertProfileOwnerMessage(e.getMessage()); 836 } 837 } 838 testSetUninstallBlocked_failIfNotProfileOwner()839 public void testSetUninstallBlocked_failIfNotProfileOwner() { 840 if (!mDeviceAdmin) { 841 Log.w(TAG, "Skipping testSetUninstallBlocked_failIfNotProfileOwner"); 842 return; 843 } 844 try { 845 mDevicePolicyManager.setUninstallBlocked(mComponent, 846 "android.admin.cts", true); 847 fail("did not throw expected SecurityException"); 848 } catch (SecurityException e) { 849 assertProfileOwnerMessage(e.getMessage()); 850 } 851 } 852 testSetPermittedAccessibilityServices_failIfNotProfileOwner()853 public void testSetPermittedAccessibilityServices_failIfNotProfileOwner() { 854 if (!mDeviceAdmin) { 855 Log.w(TAG, "Skipping testSetPermittedAccessibilityServices_failIfNotProfileOwner"); 856 return; 857 } 858 try { 859 mDevicePolicyManager.setPermittedAccessibilityServices(mComponent, null); 860 fail("did not throw expected SecurityException"); 861 } catch (SecurityException e) { 862 assertProfileOwnerMessage(e.getMessage()); 863 } 864 } 865 testSetPermittedInputMethods_failIfNotProfileOwner()866 public void testSetPermittedInputMethods_failIfNotProfileOwner() { 867 if (!mDeviceAdmin) { 868 Log.w(TAG, "Skipping testSetPermittedInputMethods_failIfNotProfileOwner"); 869 return; 870 } 871 try { 872 mDevicePolicyManager.setPermittedInputMethods(mComponent, null); 873 fail("did not throw expected SecurityException"); 874 } catch (SecurityException e) { 875 assertProfileOwnerMessage(e.getMessage()); 876 } 877 } 878 assertDeviceOwnerMessage(String message)879 private void assertDeviceOwnerMessage(String message) { 880 assertTrue("message is: "+ message, message.contains("does not own the device") 881 || message.contains("can only be called by the device owner")); 882 } 883 assertProfileOwnerMessage(String message)884 private void assertProfileOwnerMessage(String message) { 885 assertTrue("message is: "+ message, 886 message.contains("does not own the profile")); 887 } 888 resetComplexPasswordRestrictions()889 private void resetComplexPasswordRestrictions() { 890 /** 891 * Not enough to reset only mComponent as 892 * {@link DevicePolicyManager#resetPassword(String, int)} checks restrictions across all 893 * admin components. 894 */ 895 for (ComponentName adminComponent : new ComponentName[] {mComponent, mSecondComponent}) { 896 mDevicePolicyManager.setPasswordMinimumLength(adminComponent, 0); 897 mDevicePolicyManager.setPasswordMinimumUpperCase(adminComponent, 0); 898 mDevicePolicyManager.setPasswordMinimumLowerCase(adminComponent, 0); 899 mDevicePolicyManager.setPasswordMinimumLetters(adminComponent, 0); 900 mDevicePolicyManager.setPasswordMinimumNumeric(adminComponent, 0); 901 mDevicePolicyManager.setPasswordMinimumSymbols(adminComponent, 0); 902 mDevicePolicyManager.setPasswordMinimumNonLetter(adminComponent, 0); 903 } 904 } 905 assertPasswordFails(String password, String restriction)906 private void assertPasswordFails(String password, String restriction) { 907 boolean passwordResetResult = mDevicePolicyManager.resetPassword(password, /* flags= */0); 908 assertFalse("Password '" + password + "' should have failed on " + restriction, 909 passwordResetResult); 910 } 911 assertPasswordSucceeds(String password, String restriction)912 private void assertPasswordSucceeds(String password, String restriction) { 913 boolean passwordResetResult = mDevicePolicyManager.resetPassword(password, /* flags= */0); 914 assertTrue("Password '" + password + "' failed on " + restriction, passwordResetResult); 915 assertTrue(mDevicePolicyManager.isActivePasswordSufficient()); 916 } 917 } 918