Merge "Consider Private DNS user restriction"
This commit is contained in:
TreeHugger Robot
committed by
Android (Google) Code Review
Android (Google) Code Review
commit
1e6455be09
@@ -34,6 +34,8 @@ import android.net.Network;
|
|||||||
import android.net.Uri;
|
import android.net.Uri;
|
||||||
import android.os.Handler;
|
import android.os.Handler;
|
||||||
import android.os.Looper;
|
import android.os.Looper;
|
||||||
|
import android.os.UserHandle;
|
||||||
|
import android.os.UserManager;
|
||||||
import android.provider.Settings;
|
import android.provider.Settings;
|
||||||
|
|
||||||
import androidx.preference.Preference;
|
import androidx.preference.Preference;
|
||||||
@@ -46,6 +48,8 @@ import com.android.settings.core.PreferenceControllerMixin;
|
|||||||
import com.android.settingslib.core.lifecycle.LifecycleObserver;
|
import com.android.settingslib.core.lifecycle.LifecycleObserver;
|
||||||
import com.android.settingslib.core.lifecycle.events.OnStart;
|
import com.android.settingslib.core.lifecycle.events.OnStart;
|
||||||
import com.android.settingslib.core.lifecycle.events.OnStop;
|
import com.android.settingslib.core.lifecycle.events.OnStop;
|
||||||
|
import com.android.settingslib.RestrictedLockUtilsInternal;
|
||||||
|
import com.android.settingslib.RestrictedLockUtils.EnforcedAdmin;
|
||||||
|
|
||||||
import java.net.InetAddress;
|
import java.net.InetAddress;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
@@ -136,6 +140,19 @@ public class PrivateDnsPreferenceController extends BasePreferenceController
|
|||||||
return "";
|
return "";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void updateState(Preference preference) {
|
||||||
|
super.updateState(preference);
|
||||||
|
//TODO(b/112982691): Add policy transparency explaining why this setting is disabled.
|
||||||
|
preference.setEnabled(!isManagedByAdmin());
|
||||||
|
}
|
||||||
|
|
||||||
|
private boolean isManagedByAdmin() {
|
||||||
|
EnforcedAdmin enforcedAdmin = RestrictedLockUtilsInternal.checkIfRestrictionEnforced(
|
||||||
|
mContext, UserManager.DISALLOW_CONFIG_PRIVATE_DNS, UserHandle.myUserId());
|
||||||
|
return enforcedAdmin != null;
|
||||||
|
}
|
||||||
|
|
||||||
private class PrivateDnsSettingsObserver extends ContentObserver {
|
private class PrivateDnsSettingsObserver extends ContentObserver {
|
||||||
public PrivateDnsSettingsObserver(Handler h) {
|
public PrivateDnsSettingsObserver(Handler h) {
|
||||||
super(h);
|
super(h);
|
||||||
|
|||||||
@@ -43,6 +43,7 @@ import static org.mockito.Mockito.verify;
|
|||||||
import static org.mockito.Mockito.when;
|
import static org.mockito.Mockito.when;
|
||||||
import static org.mockito.Mockito.withSettings;
|
import static org.mockito.Mockito.withSettings;
|
||||||
|
|
||||||
|
import android.content.ComponentName;
|
||||||
import android.content.ContentResolver;
|
import android.content.ContentResolver;
|
||||||
import android.content.Context;
|
import android.content.Context;
|
||||||
import android.net.ConnectivityManager;
|
import android.net.ConnectivityManager;
|
||||||
@@ -50,6 +51,8 @@ import android.net.ConnectivityManager.NetworkCallback;
|
|||||||
import android.net.LinkProperties;
|
import android.net.LinkProperties;
|
||||||
import android.net.Network;
|
import android.net.Network;
|
||||||
import android.os.Handler;
|
import android.os.Handler;
|
||||||
|
import android.os.UserHandle;
|
||||||
|
import android.os.UserManager;
|
||||||
import android.provider.Settings;
|
import android.provider.Settings;
|
||||||
|
|
||||||
import androidx.lifecycle.LifecycleOwner;
|
import androidx.lifecycle.LifecycleOwner;
|
||||||
@@ -58,6 +61,8 @@ import androidx.preference.PreferenceScreen;
|
|||||||
|
|
||||||
import com.android.settings.R;
|
import com.android.settings.R;
|
||||||
import com.android.settings.testutils.SettingsRobolectricTestRunner;
|
import com.android.settings.testutils.SettingsRobolectricTestRunner;
|
||||||
|
import com.android.settings.testutils.shadow.ShadowUserManager;
|
||||||
|
import com.android.settings.testutils.shadow.ShadowDevicePolicyManager;
|
||||||
import com.android.settingslib.core.lifecycle.Lifecycle;
|
import com.android.settingslib.core.lifecycle.Lifecycle;
|
||||||
|
|
||||||
import org.junit.Before;
|
import org.junit.Before;
|
||||||
@@ -79,6 +84,10 @@ import java.util.Collections;
|
|||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
@RunWith(SettingsRobolectricTestRunner.class)
|
@RunWith(SettingsRobolectricTestRunner.class)
|
||||||
|
@Config(shadows = {
|
||||||
|
ShadowUserManager.class,
|
||||||
|
ShadowDevicePolicyManager.class
|
||||||
|
})
|
||||||
public class PrivateDnsPreferenceControllerTest {
|
public class PrivateDnsPreferenceControllerTest {
|
||||||
|
|
||||||
private final static String HOSTNAME = "dns.example.com";
|
private final static String HOSTNAME = "dns.example.com";
|
||||||
@@ -108,6 +117,7 @@ public class PrivateDnsPreferenceControllerTest {
|
|||||||
private ShadowContentResolver mShadowContentResolver;
|
private ShadowContentResolver mShadowContentResolver;
|
||||||
private Lifecycle mLifecycle;
|
private Lifecycle mLifecycle;
|
||||||
private LifecycleOwner mLifecycleOwner;
|
private LifecycleOwner mLifecycleOwner;
|
||||||
|
private ShadowUserManager mShadowUserManager;
|
||||||
|
|
||||||
@Before
|
@Before
|
||||||
public void setUp() {
|
public void setUp() {
|
||||||
@@ -127,6 +137,8 @@ public class PrivateDnsPreferenceControllerTest {
|
|||||||
mLifecycleOwner = () -> mLifecycle;
|
mLifecycleOwner = () -> mLifecycle;
|
||||||
mLifecycle = new Lifecycle(mLifecycleOwner);
|
mLifecycle = new Lifecycle(mLifecycleOwner);
|
||||||
mLifecycle.addObserver(mController);
|
mLifecycle.addObserver(mController);
|
||||||
|
|
||||||
|
mShadowUserManager = ShadowUserManager.getShadow();
|
||||||
}
|
}
|
||||||
|
|
||||||
private void updateLinkProperties(LinkProperties lp) {
|
private void updateLinkProperties(LinkProperties lp) {
|
||||||
@@ -264,6 +276,31 @@ public class PrivateDnsPreferenceControllerTest {
|
|||||||
verify(mPreference).setSummary(getResourceString(R.string.private_dns_mode_opportunistic));
|
verify(mPreference).setSummary(getResourceString(R.string.private_dns_mode_opportunistic));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void isEnabled_canBeDisabledByAdmin() {
|
||||||
|
final int userId = UserHandle.myUserId();
|
||||||
|
final List<UserManager.EnforcingUser> enforcingUsers = Collections.singletonList(
|
||||||
|
new UserManager.EnforcingUser(userId,
|
||||||
|
UserManager.RESTRICTION_SOURCE_DEVICE_OWNER)
|
||||||
|
);
|
||||||
|
mShadowUserManager.setUserRestrictionSources(
|
||||||
|
UserManager.DISALLOW_CONFIG_PRIVATE_DNS,
|
||||||
|
UserHandle.of(userId),
|
||||||
|
enforcingUsers);
|
||||||
|
|
||||||
|
ShadowDevicePolicyManager.getShadow().setDeviceOwnerComponentOnAnyUser(
|
||||||
|
new ComponentName("test", "test"));
|
||||||
|
|
||||||
|
mController.updateState(mPreference);
|
||||||
|
verify(mPreference).setEnabled(false);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void isEnabled_isEnabledByDefault() {
|
||||||
|
mController.updateState(mPreference);
|
||||||
|
verify(mPreference).setEnabled(true);
|
||||||
|
}
|
||||||
|
|
||||||
private void setPrivateDnsMode(String mode) {
|
private void setPrivateDnsMode(String mode) {
|
||||||
Settings.Global.putString(mContentResolver, PRIVATE_DNS_MODE, mode);
|
Settings.Global.putString(mContentResolver, PRIVATE_DNS_MODE, mode);
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user