1 /* 2 * Copyright (C) 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License 15 */ 16 17 package com.android.server.net; 18 19 import static org.mockito.Mockito.when; 20 21 import android.Manifest; 22 import android.Manifest.permission; 23 import android.app.AppOpsManager; 24 import android.app.admin.DeviceAdminInfo; 25 import android.app.admin.DevicePolicyManagerInternal; 26 import android.content.Context; 27 import android.content.pm.PackageManager; 28 import android.telephony.TelephonyManager; 29 30 import com.android.server.LocalServices; 31 32 import junit.framework.TestCase; 33 34 import org.mockito.Mock; 35 import org.mockito.MockitoAnnotations; 36 37 public class NetworkStatsAccessTest extends TestCase { 38 private static final String TEST_PKG = "com.example.test"; 39 private static final int TEST_UID = 12345; 40 41 @Mock private Context mContext; 42 @Mock private DevicePolicyManagerInternal mDpmi; 43 @Mock private TelephonyManager mTm; 44 @Mock private AppOpsManager mAppOps; 45 46 // Hold the real service so we can restore it when tearing down the test. 47 private DevicePolicyManagerInternal mSystemDpmi; 48 49 @Override setUp()50 public void setUp() throws Exception { 51 super.setUp(); 52 MockitoAnnotations.initMocks(this); 53 54 mSystemDpmi = LocalServices.getService(DevicePolicyManagerInternal.class); 55 LocalServices.removeServiceForTest(DevicePolicyManagerInternal.class); 56 LocalServices.addService(DevicePolicyManagerInternal.class, mDpmi); 57 58 when(mContext.getSystemService(Context.TELEPHONY_SERVICE)).thenReturn(mTm); 59 when(mContext.getSystemService(Context.APP_OPS_SERVICE)).thenReturn(mAppOps); 60 } 61 62 @Override tearDown()63 public void tearDown() throws Exception { 64 LocalServices.removeServiceForTest(DevicePolicyManagerInternal.class); 65 LocalServices.addService(DevicePolicyManagerInternal.class, mSystemDpmi); 66 super.tearDown(); 67 } 68 testCheckAccessLevel_hasCarrierPrivileges()69 public void testCheckAccessLevel_hasCarrierPrivileges() throws Exception { 70 setHasCarrierPrivileges(true); 71 setIsDeviceOwner(false); 72 setIsProfileOwner(false); 73 setHasAppOpsPermission(AppOpsManager.MODE_DEFAULT, false); 74 setHasReadHistoryPermission(false); 75 assertEquals(NetworkStatsAccess.Level.DEVICE, 76 NetworkStatsAccess.checkAccessLevel(mContext, TEST_UID, TEST_PKG)); 77 } 78 testCheckAccessLevel_isDeviceOwner()79 public void testCheckAccessLevel_isDeviceOwner() throws Exception { 80 setHasCarrierPrivileges(false); 81 setIsDeviceOwner(true); 82 setIsProfileOwner(false); 83 setHasAppOpsPermission(AppOpsManager.MODE_DEFAULT, false); 84 setHasReadHistoryPermission(false); 85 assertEquals(NetworkStatsAccess.Level.DEVICE, 86 NetworkStatsAccess.checkAccessLevel(mContext, TEST_UID, TEST_PKG)); 87 } 88 testCheckAccessLevel_isProfileOwner()89 public void testCheckAccessLevel_isProfileOwner() throws Exception { 90 setHasCarrierPrivileges(false); 91 setIsDeviceOwner(false); 92 setIsProfileOwner(true); 93 setHasAppOpsPermission(AppOpsManager.MODE_DEFAULT, false); 94 setHasReadHistoryPermission(false); 95 assertEquals(NetworkStatsAccess.Level.USER, 96 NetworkStatsAccess.checkAccessLevel(mContext, TEST_UID, TEST_PKG)); 97 } 98 testCheckAccessLevel_hasAppOpsBitAllowed()99 public void testCheckAccessLevel_hasAppOpsBitAllowed() throws Exception { 100 setHasCarrierPrivileges(false); 101 setIsDeviceOwner(false); 102 setIsProfileOwner(true); 103 setHasAppOpsPermission(AppOpsManager.MODE_ALLOWED, false); 104 setHasReadHistoryPermission(false); 105 assertEquals(NetworkStatsAccess.Level.USER, 106 NetworkStatsAccess.checkAccessLevel(mContext, TEST_UID, TEST_PKG)); 107 } 108 testCheckAccessLevel_hasAppOpsBitDefault_grantedPermission()109 public void testCheckAccessLevel_hasAppOpsBitDefault_grantedPermission() throws Exception { 110 setHasCarrierPrivileges(false); 111 setIsDeviceOwner(false); 112 setIsProfileOwner(true); 113 setHasAppOpsPermission(AppOpsManager.MODE_DEFAULT, true); 114 setHasReadHistoryPermission(false); 115 assertEquals(NetworkStatsAccess.Level.USER, 116 NetworkStatsAccess.checkAccessLevel(mContext, TEST_UID, TEST_PKG)); 117 } 118 testCheckAccessLevel_hasReadHistoryPermission()119 public void testCheckAccessLevel_hasReadHistoryPermission() throws Exception { 120 setHasCarrierPrivileges(false); 121 setIsDeviceOwner(false); 122 setIsProfileOwner(true); 123 setHasAppOpsPermission(AppOpsManager.MODE_DEFAULT, false); 124 setHasReadHistoryPermission(true); 125 assertEquals(NetworkStatsAccess.Level.USER, 126 NetworkStatsAccess.checkAccessLevel(mContext, TEST_UID, TEST_PKG)); 127 } 128 testCheckAccessLevel_deniedAppOpsBit()129 public void testCheckAccessLevel_deniedAppOpsBit() throws Exception { 130 setHasCarrierPrivileges(false); 131 setIsDeviceOwner(false); 132 setIsProfileOwner(false); 133 setHasAppOpsPermission(AppOpsManager.MODE_ERRORED, true); 134 setHasReadHistoryPermission(false); 135 assertEquals(NetworkStatsAccess.Level.DEFAULT, 136 NetworkStatsAccess.checkAccessLevel(mContext, TEST_UID, TEST_PKG)); 137 } 138 testCheckAccessLevel_deniedAppOpsBit_deniedPermission()139 public void testCheckAccessLevel_deniedAppOpsBit_deniedPermission() throws Exception { 140 setHasCarrierPrivileges(false); 141 setIsDeviceOwner(false); 142 setIsProfileOwner(false); 143 setHasAppOpsPermission(AppOpsManager.MODE_DEFAULT, false); 144 setHasReadHistoryPermission(false); 145 assertEquals(NetworkStatsAccess.Level.DEFAULT, 146 NetworkStatsAccess.checkAccessLevel(mContext, TEST_UID, TEST_PKG)); 147 } 148 setHasCarrierPrivileges(boolean hasPrivileges)149 private void setHasCarrierPrivileges(boolean hasPrivileges) { 150 when(mTm.checkCarrierPrivilegesForPackage(TEST_PKG)).thenReturn( 151 hasPrivileges ? TelephonyManager.CARRIER_PRIVILEGE_STATUS_HAS_ACCESS 152 : TelephonyManager.CARRIER_PRIVILEGE_STATUS_NO_ACCESS); 153 } 154 setIsDeviceOwner(boolean isOwner)155 private void setIsDeviceOwner(boolean isOwner) { 156 when(mDpmi.isActiveAdminWithPolicy(TEST_UID, DeviceAdminInfo.USES_POLICY_DEVICE_OWNER)) 157 .thenReturn(isOwner); 158 } 159 setIsProfileOwner(boolean isOwner)160 private void setIsProfileOwner(boolean isOwner) { 161 when(mDpmi.isActiveAdminWithPolicy(TEST_UID, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER)) 162 .thenReturn(isOwner); 163 } 164 setHasAppOpsPermission(int appOpsMode, boolean hasPermission)165 private void setHasAppOpsPermission(int appOpsMode, boolean hasPermission) { 166 when(mAppOps.checkOp(AppOpsManager.OP_GET_USAGE_STATS, TEST_UID, TEST_PKG)) 167 .thenReturn(appOpsMode); 168 when(mContext.checkCallingPermission(Manifest.permission.PACKAGE_USAGE_STATS)).thenReturn( 169 hasPermission ? PackageManager.PERMISSION_GRANTED 170 : PackageManager.PERMISSION_DENIED); 171 } 172 setHasReadHistoryPermission(boolean hasPermission)173 private void setHasReadHistoryPermission(boolean hasPermission) { 174 when(mContext.checkCallingOrSelfPermission(permission.READ_NETWORK_USAGE_HISTORY)) 175 .thenReturn(hasPermission ? PackageManager.PERMISSION_GRANTED 176 : PackageManager.PERMISSION_DENIED); 177 } 178 } 179