Consider Private DNS user restriction

As a new user restriction, to disallow changing Private DNS settings, was added, make the Private DNS mode dialog preference consider whether to let the user modify it or not based on the presence of this restriction. Bug: 112982691 Test: atest com.android.cts.devicepolicy.DeviceOwnerTest#testPrivateDnsPolicy Test: m -j RunSettingsRoboTests ROBOTEST_FILTER=PrivateDnsPreferenceControllerTest Test: Manual, using TestDPC Change-Id: If815860ace3aadf6f79fd23173f0a2c80a29f0e1
2018-10-03 17:05:48 +01:00
parent d69be7df8d
commit 717194c87c
2 changed files with 54 additions and 0 deletions
--- a/src/com/android/settings/network/PrivateDnsPreferenceController.java
+++ b/src/com/android/settings/network/PrivateDnsPreferenceController.java
@@ -34,6 +34,8 @@ import android.net.Network;
 import android.net.Uri;
 import android.os.Handler;
 import android.os.Looper;
 import android.os.UserHandle;
 import android.os.UserManager;
 import android.provider.Settings;
 import androidx.preference.Preference;
@@ -46,6 +48,8 @@ import com.android.settings.core.PreferenceControllerMixin;
 import com.android.settingslib.core.lifecycle.LifecycleObserver;
 import com.android.settingslib.core.lifecycle.events.OnStart;
 import com.android.settingslib.core.lifecycle.events.OnStop;
 import com.android.settingslib.RestrictedLockUtilsInternal;
 import com.android.settingslib.RestrictedLockUtils.EnforcedAdmin;
 import java.net.InetAddress;
 import java.util.List;
@@ -136,6 +140,19 @@ public class PrivateDnsPreferenceController extends BasePreferenceController
        return "";
    }
    @Override
    public void updateState(Preference preference) {
        super.updateState(preference);
        //TODO(b/112982691): Add policy transparency explaining why this setting is disabled.
        preference.setEnabled(!isManagedByAdmin());
    }
    private boolean isManagedByAdmin() {
        EnforcedAdmin enforcedAdmin = RestrictedLockUtilsInternal.checkIfRestrictionEnforced(
                mContext, UserManager.DISALLOW_CONFIG_PRIVATE_DNS, UserHandle.myUserId());
        return enforcedAdmin != null;
    }
    private class PrivateDnsSettingsObserver extends ContentObserver {
        public PrivateDnsSettingsObserver(Handler h) {
            super(h);
--- a/tests/robotests/src/com/android/settings/network/PrivateDnsPreferenceControllerTest.java
+++ b/tests/robotests/src/com/android/settings/network/PrivateDnsPreferenceControllerTest.java
@@ -43,6 +43,7 @@ import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 import static org.mockito.Mockito.withSettings;
 import android.content.ComponentName;
 import android.content.ContentResolver;
 import android.content.Context;
 import android.net.ConnectivityManager;
@@ -50,6 +51,8 @@ import android.net.ConnectivityManager.NetworkCallback;
 import android.net.LinkProperties;
 import android.net.Network;
 import android.os.Handler;
 import android.os.UserHandle;
 import android.os.UserManager;
 import android.provider.Settings;
 import androidx.lifecycle.LifecycleOwner;
@@ -58,6 +61,8 @@ import androidx.preference.PreferenceScreen;
 import com.android.settings.R;
 import com.android.settings.testutils.SettingsRobolectricTestRunner;
 import com.android.settings.testutils.shadow.ShadowUserManager;
 import com.android.settings.testutils.shadow.ShadowDevicePolicyManager;
 import com.android.settingslib.core.lifecycle.Lifecycle;
 import org.junit.Before;
@@ -79,6 +84,10 @@ import java.util.Collections;
 import java.util.List;
@RunWith(SettingsRobolectricTestRunner.class)
@Config(shadows = {
    ShadowUserManager.class,
    ShadowDevicePolicyManager.class
 })
 public class PrivateDnsPreferenceControllerTest {
    private final static String HOSTNAME = "dns.example.com";
@@ -108,6 +117,7 @@ public class PrivateDnsPreferenceControllerTest {
    private ShadowContentResolver mShadowContentResolver;
    private Lifecycle mLifecycle;
    private LifecycleOwner mLifecycleOwner;
    private ShadowUserManager mShadowUserManager;
    @Before
    public void setUp() {
@@ -127,6 +137,8 @@ public class PrivateDnsPreferenceControllerTest {
        mLifecycleOwner = () -> mLifecycle;
        mLifecycle = new Lifecycle(mLifecycleOwner);
        mLifecycle.addObserver(mController);
        mShadowUserManager = ShadowUserManager.getShadow();
    }
    private void updateLinkProperties(LinkProperties lp) {
@@ -264,6 +276,31 @@ public class PrivateDnsPreferenceControllerTest {
        verify(mPreference).setSummary(getResourceString(R.string.private_dns_mode_opportunistic));
    }
    @Test
    public void isEnabled_canBeDisabledByAdmin() {
        final int userId = UserHandle.myUserId();
        final List<UserManager.EnforcingUser> enforcingUsers = Collections.singletonList(
                new UserManager.EnforcingUser(userId,
                        UserManager.RESTRICTION_SOURCE_DEVICE_OWNER)
        );
        mShadowUserManager.setUserRestrictionSources(
                UserManager.DISALLOW_CONFIG_PRIVATE_DNS,
                UserHandle.of(userId),
                enforcingUsers);
        ShadowDevicePolicyManager.getShadow().setDeviceOwnerComponentOnAnyUser(
                new ComponentName("test", "test"));
        mController.updateState(mPreference);
        verify(mPreference).setEnabled(false);
    }
    @Test
    public void isEnabled_isEnabledByDefault() {
        mController.updateState(mPreference);
        verify(mPreference).setEnabled(true);
    }
    private void setPrivateDnsMode(String mode) {
        Settings.Global.putString(mContentResolver, PRIVATE_DNS_MODE, mode);
    }