From 8d5c8c2611adadbd5baf81d8157871005ff87497 Mon Sep 17 00:00:00 2001 From: Arc Wang Date: Wed, 29 Jul 2020 15:13:28 +0800 Subject: [PATCH] [Wi-Fi] Check if domain field is not empty when users choose a ca certificate Domain is required for client to validate server's certificate. This change disable Save button for a new Wi-Fi network of a specified CA certificate but empty domain. Bug: 161378819 Test: make RunSettingsRoboTests ROBOTEST_FILTER=WifiConfigControllerTest make RunSettingsRoboTests ROBOTEST_FILTER=WifiConfigController2Test manual 1. Install a certificate. 2. Add a new Wi-Fi network of EAP method PEAP 3. Set CA certificate to the certificate installed at 1. 4. Save button should be disabled. 5. Input something in domain field. 6. Save button should be enabled. Change-Id: I65c8b29ec7a03b21403ddbfc087ce48c2a4a69e4 --- .../settings/wifi/WifiConfigController.java | 16 +++++----- .../settings/wifi/WifiConfigController2.java | 16 +++++----- .../wifi/WifiConfigController2Test.java | 29 +++++++++++++++++++ .../wifi/WifiConfigControllerTest.java | 29 +++++++++++++++++++ 4 files changed, 72 insertions(+), 18 deletions(-) diff --git a/src/com/android/settings/wifi/WifiConfigController.java b/src/com/android/settings/wifi/WifiConfigController.java index 1579188cffe..45cc8e510ea 100644 --- a/src/com/android/settings/wifi/WifiConfigController.java +++ b/src/com/android/settings/wifi/WifiConfigController.java @@ -554,12 +554,11 @@ public class WifiConfigController implements TextWatcher, // Disallow submit if the user has not selected a CA certificate for an EAP network // configuration. enabled = false; - } - if (caCertSelection.equals(mUseSystemCertsString) + } else if (!caCertSelection.equals(mDoNotValidateEapServerString) && mEapDomainView != null && mView.findViewById(R.id.l_domain).getVisibility() != View.GONE && TextUtils.isEmpty(mEapDomainView.getText().toString())) { - // Disallow submit if the user chooses to use system certificates for EAP server + // Disallow submit if the user chooses to use a certificate for EAP server // validation, but does not provide a domain. enabled = false; } @@ -595,14 +594,12 @@ public class WifiConfigController implements TextWatcher, // Display warning if user chooses not to validate the EAP server with a // user-supplied CA certificate in an EAP network configuration. mView.findViewById(R.id.no_ca_cert_warning).setVisibility(View.VISIBLE); - } - if (caCertSelection.equals(mUseSystemCertsString) + } else if (!caCertSelection.equals(mUnspecifiedCertString) && mEapDomainView != null && mView.findViewById(R.id.l_domain).getVisibility() != View.GONE && TextUtils.isEmpty(mEapDomainView.getText().toString())) { - // Display warning if user chooses to use pre-installed public CA certificates - // without restricting the server domain that these certificates can be used to - // validate. + // Display warning if user chooses to use a certificate without restricting the + // server domain that these certificates can be used to validate. mView.findViewById(R.id.no_domain_warning).setVisibility(View.VISIBLE); } } @@ -1713,7 +1710,8 @@ public class WifiConfigController implements TextWatcher, mContext.getResources().getStringArray(contentStringArrayResId)); } - private ArrayAdapter getSpinnerAdapter( + @VisibleForTesting + ArrayAdapter getSpinnerAdapter( String[] contentStringArray) { ArrayAdapter spinnerAdapter = new ArrayAdapter<>(mContext, android.R.layout.simple_spinner_item, contentStringArray); diff --git a/src/com/android/settings/wifi/WifiConfigController2.java b/src/com/android/settings/wifi/WifiConfigController2.java index 3c82701f361..49de13cbe93 100644 --- a/src/com/android/settings/wifi/WifiConfigController2.java +++ b/src/com/android/settings/wifi/WifiConfigController2.java @@ -511,12 +511,11 @@ public class WifiConfigController2 implements TextWatcher, // Disallow submit if the user has not selected a CA certificate for an EAP network // configuration. enabled = false; - } - if (caCertSelection.equals(mUseSystemCertsString) + } else if (!caCertSelection.equals(mDoNotValidateEapServerString) && mEapDomainView != null && mView.findViewById(R.id.l_domain).getVisibility() != View.GONE && TextUtils.isEmpty(mEapDomainView.getText().toString())) { - // Disallow submit if the user chooses to use system certificates for EAP server + // Disallow submit if the user chooses to use a certificate for EAP server // validation, but does not provide a domain. enabled = false; } @@ -552,14 +551,12 @@ public class WifiConfigController2 implements TextWatcher, // Display warning if user chooses not to validate the EAP server with a // user-supplied CA certificate in an EAP network configuration. mView.findViewById(R.id.no_ca_cert_warning).setVisibility(View.VISIBLE); - } - if (caCertSelection.equals(mUseSystemCertsString) + } else if (!caCertSelection.equals(mUnspecifiedCertString) && mEapDomainView != null && mView.findViewById(R.id.l_domain).getVisibility() != View.GONE && TextUtils.isEmpty(mEapDomainView.getText().toString())) { - // Display warning if user chooses to use pre-installed public CA certificates - // without restricting the server domain that these certificates can be used to - // validate. + // Display warning if user chooses to use a certificate without restricting the + // server domain that these certificates can be used to validate. mView.findViewById(R.id.no_domain_warning).setVisibility(View.VISIBLE); } } @@ -1666,7 +1663,8 @@ public class WifiConfigController2 implements TextWatcher, mContext.getResources().getStringArray(contentStringArrayResId)); } - private ArrayAdapter getSpinnerAdapter( + @VisibleForTesting + ArrayAdapter getSpinnerAdapter( String[] contentStringArray) { ArrayAdapter spinnerAdapter = new ArrayAdapter<>(mContext, android.R.layout.simple_spinner_item, contentStringArray); diff --git a/tests/robotests/src/com/android/settings/wifi/WifiConfigController2Test.java b/tests/robotests/src/com/android/settings/wifi/WifiConfigController2Test.java index 9bd12cc03a5..1d333e14b6d 100644 --- a/tests/robotests/src/com/android/settings/wifi/WifiConfigController2Test.java +++ b/tests/robotests/src/com/android/settings/wifi/WifiConfigController2Test.java @@ -224,6 +224,35 @@ public class WifiConfigController2Test { assertThat(mController.isSubmittable()).isTrue(); } + @Test + public void isSubmittable_caCertWithoutDomain_shouldReturnFalse() { + when(mWifiEntry.getSecurity()).thenReturn(WifiEntry.SECURITY_EAP); + mController = new TestWifiConfigController2(mConfigUiBase, mView, mWifiEntry, + WifiConfigUiBase2.MODE_CONNECT); + mView.findViewById(R.id.l_ca_cert).setVisibility(View.VISIBLE); + final Spinner eapCaCertSpinner = mView.findViewById(R.id.ca_cert); + eapCaCertSpinner.setAdapter(mController.getSpinnerAdapter(new String[]{"certificate"})); + eapCaCertSpinner.setSelection(0); + mView.findViewById(R.id.l_domain).setVisibility(View.VISIBLE); + + assertThat(mController.isSubmittable()).isFalse(); + } + + @Test + public void isSubmittable_caCertWithDomain_shouldReturnTrue() { + when(mWifiEntry.getSecurity()).thenReturn(WifiEntry.SECURITY_EAP); + mController = new TestWifiConfigController2(mConfigUiBase, mView, mWifiEntry, + WifiConfigUiBase2.MODE_CONNECT); + mView.findViewById(R.id.l_ca_cert).setVisibility(View.VISIBLE); + final Spinner eapCaCertSpinner = mView.findViewById(R.id.ca_cert); + eapCaCertSpinner.setAdapter(mController.getSpinnerAdapter(new String[]{"certificate"})); + eapCaCertSpinner.setSelection(0); + mView.findViewById(R.id.l_domain).setVisibility(View.VISIBLE); + ((TextView) mView.findViewById(R.id.domain)).setText("fakeDomain"); + + assertThat(mController.isSubmittable()).isTrue(); + } + @Test public void getSignalString_notReachable_shouldHaveNoSignalString() { when(mWifiEntry.getLevel()).thenReturn(WifiEntry.WIFI_LEVEL_UNREACHABLE); diff --git a/tests/robotests/src/com/android/settings/wifi/WifiConfigControllerTest.java b/tests/robotests/src/com/android/settings/wifi/WifiConfigControllerTest.java index 9146998a6f6..39f9cda33dc 100644 --- a/tests/robotests/src/com/android/settings/wifi/WifiConfigControllerTest.java +++ b/tests/robotests/src/com/android/settings/wifi/WifiConfigControllerTest.java @@ -218,6 +218,35 @@ public class WifiConfigControllerTest { assertThat(mController.isSubmittable()).isTrue(); } + @Test + public void isSubmittable_caCertWithoutDomain_shouldReturnFalse() { + when(mAccessPoint.getSecurity()).thenReturn(AccessPoint.SECURITY_EAP); + mController = new TestWifiConfigController(mConfigUiBase, mView, mAccessPoint, + WifiConfigUiBase.MODE_CONNECT); + mView.findViewById(R.id.l_ca_cert).setVisibility(View.VISIBLE); + final Spinner eapCaCertSpinner = mView.findViewById(R.id.ca_cert); + eapCaCertSpinner.setAdapter(mController.getSpinnerAdapter(new String[]{"certificate"})); + eapCaCertSpinner.setSelection(0); + mView.findViewById(R.id.l_domain).setVisibility(View.VISIBLE); + + assertThat(mController.isSubmittable()).isFalse(); + } + + @Test + public void isSubmittable_caCertWithDomain_shouldReturnTrue() { + when(mAccessPoint.getSecurity()).thenReturn(AccessPoint.SECURITY_EAP); + mController = new TestWifiConfigController(mConfigUiBase, mView, mAccessPoint, + WifiConfigUiBase.MODE_CONNECT); + mView.findViewById(R.id.l_ca_cert).setVisibility(View.VISIBLE); + final Spinner eapCaCertSpinner = mView.findViewById(R.id.ca_cert); + eapCaCertSpinner.setAdapter(mController.getSpinnerAdapter(new String[]{"certificate"})); + eapCaCertSpinner.setSelection(0); + mView.findViewById(R.id.l_domain).setVisibility(View.VISIBLE); + ((TextView) mView.findViewById(R.id.domain)).setText("fakeDomain"); + + assertThat(mController.isSubmittable()).isTrue(); + } + @Test public void getSignalString_notReachable_shouldHaveNoSignalString() { when(mAccessPoint.isReachable()).thenReturn(false);