/*
* Copyright (C) 2016 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.android.cts.deviceadmin;
import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_COMPLEX;
import android.app.admin.DevicePolicyManager;
/**
* Tests for {@link DevicePolicyManager#resetPassword} for complex cases.
*
* This needs to be run as device owner, because in NYC DA can't clear or change the password.
*/
public class DeviceOwnerPasswordTest extends BaseDeviceAdminTest {
@Override
protected void setUp() throws Exception {
super.setUp();
assertDeviceOwner();
clearPassword();
}
@Override
protected void tearDown() throws Exception {
clearPassword();
super.tearDown();
}
public void testPasswordQuality_something() {
dpm.setPasswordQuality(mAdminComponent,
DevicePolicyManager.PASSWORD_QUALITY_SOMETHING);
assertEquals(DevicePolicyManager.PASSWORD_QUALITY_SOMETHING,
dpm.getPasswordQuality(mAdminComponent));
assertPasswordSufficiency(false);
String caseDescription = "initial";
assertPasswordSucceeds("1234", caseDescription);
assertPasswordSucceeds("abcd", caseDescription); // can't change.
assertPasswordSucceeds("abcd1234", caseDescription);
dpm.setPasswordMinimumLength(mAdminComponent, 10);
caseDescription = "minimum password length = 10";
assertEquals(10, dpm.getPasswordMinimumLength(mAdminComponent));
assertPasswordSufficiency(true); // length not checked for this quality
// TODO(ascull): fix resetPassword() logic so these succeed
assertPasswordFails("1234", caseDescription);
assertPasswordFails("abcd", caseDescription);
assertPasswordFails("abcd1234", caseDescription);
dpm.setPasswordMinimumLength(mAdminComponent, 4);
caseDescription = "minimum password length = 4";
assertEquals(4, dpm.getPasswordMinimumLength(
mAdminComponent));
assertPasswordSufficiency(true);
assertPasswordSucceeds("1234", caseDescription);
assertPasswordSucceeds("abcd", caseDescription);
assertPasswordSucceeds("abcd1234", caseDescription);
}
public void testPasswordQuality_numeric() {
dpm.setPasswordQuality(mAdminComponent,
DevicePolicyManager.PASSWORD_QUALITY_NUMERIC);
assertEquals(DevicePolicyManager.PASSWORD_QUALITY_NUMERIC,
dpm.getPasswordQuality(mAdminComponent));
assertPasswordSufficiency(false); // failure
String caseDescription = "initial";
assertPasswordSucceeds("1234", caseDescription);
assertPasswordSucceeds("abcd", caseDescription);
assertPasswordSucceeds("abcd1234", caseDescription);
dpm.setPasswordMinimumLength(mAdminComponent, 10);
caseDescription = "minimum password length = 10";
assertEquals(10, dpm.getPasswordMinimumLength(mAdminComponent));
assertPasswordSufficiency(false);
assertPasswordFails("1234", caseDescription);
assertPasswordFails("abcd", caseDescription);
assertPasswordFails("abcd1234", caseDescription);
dpm.setPasswordMinimumLength(mAdminComponent, 4);
caseDescription = "minimum password length = 4";
assertEquals(4, dpm.getPasswordMinimumLength(
mAdminComponent));
assertPasswordSufficiency(true);
assertPasswordSucceeds("1234", caseDescription);
assertPasswordSucceeds("abcd", caseDescription);
assertPasswordSucceeds("abcd1234", caseDescription);
}
public void testPasswordQuality_alphabetic() {
dpm.setPasswordQuality(mAdminComponent,
DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC);
assertEquals(DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC,
dpm.getPasswordQuality(mAdminComponent));
assertPasswordSufficiency(false);
String caseDescription = "initial";
assertPasswordFails("1234", caseDescription); // can't change
assertPasswordSucceeds("abcd", caseDescription);
assertPasswordSucceeds("abcd1234", caseDescription);
dpm.setPasswordMinimumLength(mAdminComponent, 10);
caseDescription = "minimum password length = 10";
assertEquals(10, dpm.getPasswordMinimumLength(mAdminComponent));
assertPasswordSufficiency(false);
assertPasswordFails("1234", caseDescription);
assertPasswordFails("abcd", caseDescription);
assertPasswordFails("abcd1234", caseDescription);
dpm.setPasswordMinimumLength(mAdminComponent, 4);
caseDescription = "minimum password length = 4";
assertEquals(4, dpm.getPasswordMinimumLength(
mAdminComponent));
assertPasswordSufficiency(true);
assertPasswordFails("1234", caseDescription);
assertPasswordSucceeds("abcd", caseDescription);
assertPasswordSucceeds("abcd1234", caseDescription);
}
public void testPasswordQuality_alphanumeric() {
dpm.setPasswordQuality(mAdminComponent,
DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC);
assertEquals(DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC,
dpm.getPasswordQuality(mAdminComponent));
assertPasswordSufficiency(false);
String caseDescription = "initial";
assertPasswordFails("1234", caseDescription);
assertPasswordFails("abcd", caseDescription);
assertPasswordSucceeds("abcd1234", caseDescription);
dpm.setPasswordMinimumLength(mAdminComponent, 10);
caseDescription = "minimum password length = 10";
assertEquals(10, dpm.getPasswordMinimumLength(mAdminComponent));
assertPasswordSufficiency(false);
assertPasswordFails("1234", caseDescription);
assertPasswordFails("abcd", caseDescription);
assertPasswordFails("abcd1234", caseDescription);
dpm.setPasswordMinimumLength(mAdminComponent, 4);
caseDescription = "minimum password length = 4";
assertEquals(4, dpm.getPasswordMinimumLength(
mAdminComponent));
assertPasswordSufficiency(true);
assertPasswordFails("1234", caseDescription);
assertPasswordFails("abcd", caseDescription);
assertPasswordSucceeds("abcd1234", caseDescription);
}
public void testPasswordQuality_complexUpperCase() {
dpm.setPasswordQuality(mAdminComponent, PASSWORD_QUALITY_COMPLEX);
assertEquals(PASSWORD_QUALITY_COMPLEX, dpm.getPasswordQuality(mAdminComponent));
resetComplexPasswordRestrictions();
String caseDescription = "minimum UpperCase=0";
assertPasswordSucceeds("abc1", caseDescription);
assertPasswordSucceeds("aBc1", caseDescription);
assertPasswordSucceeds("ABC1", caseDescription);
assertPasswordSucceeds("ABCD", caseDescription);
assertPasswordFails("123", caseDescription); // too short
dpm.setPasswordMinimumUpperCase(mAdminComponent, 1);
assertEquals(1, dpm.getPasswordMinimumUpperCase(mAdminComponent));
caseDescription = "minimum UpperCase=1";
assertPasswordFails("abc1", caseDescription);
assertPasswordSucceeds("aBc1", caseDescription);
assertPasswordSucceeds("ABC1", caseDescription);
assertPasswordSucceeds("ABCD", caseDescription);
assertPasswordFails("123", caseDescription); // too short
dpm.setPasswordMinimumUpperCase(mAdminComponent, 3);
assertEquals(3, dpm.getPasswordMinimumUpperCase(mAdminComponent));
caseDescription = "minimum UpperCase=3";
assertPasswordFails("abc1", caseDescription);
assertPasswordFails("aBC1", caseDescription);
assertPasswordSucceeds("ABC1", caseDescription);
assertPasswordSucceeds("ABCD", caseDescription);
assertPasswordFails("123", caseDescription); // too short
}
public void testPasswordQuality_complexLowerCase() {
dpm.setPasswordQuality(mAdminComponent, PASSWORD_QUALITY_COMPLEX);
assertEquals(PASSWORD_QUALITY_COMPLEX, dpm.getPasswordQuality(mAdminComponent));
resetComplexPasswordRestrictions();
String caseDescription = "minimum LowerCase=0";
assertPasswordSucceeds("ABCD", caseDescription);
assertPasswordSucceeds("aBC1", caseDescription);
assertPasswordSucceeds("abc1", caseDescription);
assertPasswordSucceeds("abcd", caseDescription);
assertPasswordFails("123", caseDescription); // too short
dpm.setPasswordMinimumLowerCase(mAdminComponent, 1);
assertEquals(1, dpm.getPasswordMinimumLowerCase(mAdminComponent));
caseDescription = "minimum LowerCase=1";
assertPasswordFails("ABCD", caseDescription);
assertPasswordSucceeds("aBC1", caseDescription);
assertPasswordSucceeds("abc1", caseDescription);
assertPasswordSucceeds("abcd", caseDescription);
assertPasswordFails("123", caseDescription); // too short
dpm.setPasswordMinimumLowerCase(mAdminComponent, 3);
assertEquals(3, dpm.getPasswordMinimumLowerCase(mAdminComponent));
caseDescription = "minimum LowerCase=3";
assertPasswordFails("ABCD", caseDescription);
assertPasswordFails("aBC1", caseDescription);
assertPasswordSucceeds("abc1", caseDescription);
assertPasswordSucceeds("abcd", caseDescription);
assertPasswordFails("123", caseDescription); // too short
}
public void testPasswordQuality_complexLetters() {
dpm.setPasswordQuality(mAdminComponent, PASSWORD_QUALITY_COMPLEX);
assertEquals(PASSWORD_QUALITY_COMPLEX, dpm.getPasswordQuality(mAdminComponent));
resetComplexPasswordRestrictions();
String caseDescription = "minimum Letters=0";
assertPasswordSucceeds("1234", caseDescription);
assertPasswordSucceeds("a123", caseDescription);
assertPasswordSucceeds("abc1", caseDescription);
assertPasswordSucceeds("abcd", caseDescription);
assertPasswordFails("123", caseDescription); // too short
dpm.setPasswordMinimumLetters(mAdminComponent, 1);
assertEquals(1, dpm.getPasswordMinimumLetters(mAdminComponent));
caseDescription = "minimum Letters=1";
assertPasswordFails("1234", caseDescription);
assertPasswordSucceeds("a123", caseDescription);
assertPasswordSucceeds("abc1", caseDescription);
assertPasswordSucceeds("abcd", caseDescription);
assertPasswordFails("123", caseDescription); // too short
dpm.setPasswordMinimumLetters(mAdminComponent, 3);
assertEquals(3, dpm.getPasswordMinimumLetters(mAdminComponent));
caseDescription = "minimum Letters=3";
assertPasswordFails("1234", caseDescription);
assertPasswordFails("a123", caseDescription);
assertPasswordSucceeds("abc1", caseDescription);
assertPasswordSucceeds("abcd", caseDescription);
assertPasswordFails("123", caseDescription); // too short
}
public void testPasswordQuality_complexNumeric() {
dpm.setPasswordQuality(mAdminComponent, PASSWORD_QUALITY_COMPLEX);
assertEquals(PASSWORD_QUALITY_COMPLEX, dpm.getPasswordQuality(mAdminComponent));
resetComplexPasswordRestrictions();
String caseDescription = "minimum Numeric=0";
assertPasswordSucceeds("abcd", caseDescription);
assertPasswordSucceeds("1abc", caseDescription);
assertPasswordSucceeds("123a", caseDescription);
assertPasswordSucceeds("1234", caseDescription);
assertPasswordFails("123", caseDescription); // too short
dpm.setPasswordMinimumNumeric(mAdminComponent, 1);
assertEquals(1, dpm.getPasswordMinimumNumeric(mAdminComponent));
caseDescription = "minimum Numeric=1";
assertPasswordFails("abcd", caseDescription);
assertPasswordSucceeds("1abc", caseDescription);
assertPasswordSucceeds("123a", caseDescription);
assertPasswordSucceeds("1234", caseDescription);
assertPasswordFails("123", caseDescription); // too short
dpm.setPasswordMinimumNumeric(mAdminComponent, 3);
assertEquals(3, dpm.getPasswordMinimumNumeric(mAdminComponent));
caseDescription = "minimum Numeric=3";
assertPasswordFails("abcd", caseDescription);
assertPasswordFails("1abc", caseDescription);
assertPasswordSucceeds("123a", caseDescription);
assertPasswordSucceeds("1234", caseDescription);
assertPasswordFails("123", caseDescription); // too short
}
public void testPasswordQuality_complexSymbols() {
dpm.setPasswordQuality(mAdminComponent, PASSWORD_QUALITY_COMPLEX);
assertEquals(PASSWORD_QUALITY_COMPLEX, dpm.getPasswordQuality(mAdminComponent));
resetComplexPasswordRestrictions();
String caseDescription = "minimum Symbols=0";
assertPasswordSucceeds("abcd", caseDescription);
assertPasswordSucceeds("_bc1", caseDescription);
assertPasswordSucceeds("@#!1", caseDescription);
assertPasswordSucceeds("_@#!", caseDescription);
assertPasswordFails("123", caseDescription); // too short
dpm.setPasswordMinimumSymbols(mAdminComponent, 1);
assertEquals(1, dpm.getPasswordMinimumSymbols(mAdminComponent));
caseDescription = "minimum Symbols=1";
assertPasswordFails("abcd", caseDescription);
assertPasswordSucceeds("_bc1", caseDescription);
assertPasswordSucceeds("@#!1", caseDescription);
assertPasswordSucceeds("_@#!", caseDescription);
assertPasswordFails("123", caseDescription); // too short
dpm.setPasswordMinimumSymbols(mAdminComponent, 3);
assertEquals(3, dpm.getPasswordMinimumSymbols(mAdminComponent));
caseDescription = "minimum Symbols=3";
assertPasswordFails("abcd", caseDescription);
assertPasswordFails("_bc1", caseDescription);
assertPasswordSucceeds("@#!1", caseDescription);
assertPasswordSucceeds("_@#!", caseDescription);
assertPasswordFails("123", caseDescription); // too short
}
public void testPasswordQuality_complexNonLetter() {
dpm.setPasswordQuality(mAdminComponent, PASSWORD_QUALITY_COMPLEX);
assertEquals(PASSWORD_QUALITY_COMPLEX, dpm.getPasswordQuality(mAdminComponent));
resetComplexPasswordRestrictions();
String caseDescription = "minimum NonLetter=0";
assertPasswordSucceeds("Abcd", caseDescription);
assertPasswordSucceeds("_bcd", caseDescription);
assertPasswordSucceeds("3bcd", caseDescription);
assertPasswordSucceeds("_@3c", caseDescription);
assertPasswordSucceeds("_25!", caseDescription);
assertPasswordFails("123", caseDescription); // too short
dpm.setPasswordMinimumNonLetter(mAdminComponent, 1);
assertEquals(1, dpm.getPasswordMinimumNonLetter(mAdminComponent));
caseDescription = "minimum NonLetter=1";
assertPasswordFails("Abcd", caseDescription);
assertPasswordSucceeds("_bcd", caseDescription);
assertPasswordSucceeds("3bcd", caseDescription);
assertPasswordSucceeds("_@3c", caseDescription);
assertPasswordSucceeds("_25!", caseDescription);
assertPasswordFails("123", caseDescription); // too short
dpm.setPasswordMinimumNonLetter(mAdminComponent, 3);
assertEquals(3, dpm.getPasswordMinimumNonLetter(mAdminComponent));
caseDescription = "minimum NonLetter=3";
assertPasswordFails("Abcd", caseDescription);
assertPasswordFails("_bcd", caseDescription);
assertPasswordFails("3bcd", caseDescription);
assertPasswordSucceeds("_@3c", caseDescription);
assertPasswordSucceeds("_25!", caseDescription);
assertPasswordFails("123", caseDescription); // too short
}
private void assertPasswordFails(String password, String restriction) {
try {
boolean passwordResetResult = dpm.resetPassword(password, /* flags= */0);
assertFalse("Password '" + password + "' should have failed on " + restriction,
passwordResetResult);
} catch (IllegalArgumentException e) {
// yesss, we have failed!
}
}
private void assertPasswordSucceeds(String password, String restriction) {
boolean passwordResetResult = dpm.resetPassword(password, /* flags= */0);
assertTrue("Password '" + password + "' failed on " + restriction, passwordResetResult);
assertPasswordSufficiency(true);
}
private void assertPasswordSufficiency(boolean expectPasswordSufficient) {
int retries = 15;
// isActivePasswordSufficient() gets the result asynchronously so let's retry a few times
while (retries >= 0 && dpm.isActivePasswordSufficient() != expectPasswordSufficient) {
retries--;
try {
Thread.sleep(200);
} catch (InterruptedException e) {
break;
}
}
assertEquals(expectPasswordSufficient, dpm.isActivePasswordSufficient());
}
}