From 94b8579607c6f1201cea9d6601e88cec897b2ff6 Mon Sep 17 00:00:00 2001 From: Arc Wang Date: Wed, 29 Jul 2020 15:13:28 +0800 Subject: [PATCH] [Wi-Fi] Check if domain field is not empty when users choose a ca certificate Domain is required for client to validate server's certificate. This change disable Save button for a new Wi-Fi network of a specified CA certificate but empty domain. Bug: 161378819 Test: make RunSettingsRoboTests ROBOTEST_FILTER=WifiConfigControllerTest make RunSettingsRoboTests ROBOTEST_FILTER=WifiConfigController2Test manual 1. Install a certificate. 2. Add a new Wi-Fi network of EAP method PEAP 3. Set CA certificate to the certificate installed at 1. 4. Save button should be disabled. 5. Input something in domain field. 6. Save button should be enabled. Change-Id: I65c8b29ec7a03b21403ddbfc087ce48c2a4a69e4 --- .../settings/wifi/WifiConfigController.java | 16 +++++----- .../settings/wifi/WifiConfigController2.java | 16 +++++----- .../wifi/WifiConfigController2Test.java | 29 +++++++++++++++++++ .../wifi/WifiConfigControllerTest.java | 29 +++++++++++++++++++ 4 files changed, 72 insertions(+), 18 deletions(-) diff --git a/src/com/android/settings/wifi/WifiConfigController.java b/src/com/android/settings/wifi/WifiConfigController.java index 1579188cffe..45cc8e510ea 100644 --- a/src/com/android/settings/wifi/WifiConfigController.java +++ b/src/com/android/settings/wifi/WifiConfigController.java @@ -554,12 +554,11 @@ public class WifiConfigController implements TextWatcher, // Disallow submit if the user has not selected a CA certificate for an EAP network // configuration. enabled = false; - } - if (caCertSelection.equals(mUseSystemCertsString) + } else if (!caCertSelection.equals(mDoNotValidateEapServerString) && mEapDomainView != null && mView.findViewById(R.id.l_domain).getVisibility() != View.GONE && TextUtils.isEmpty(mEapDomainView.getText().toString())) { - // Disallow submit if the user chooses to use system certificates for EAP server + // Disallow submit if the user chooses to use a certificate for EAP server // validation, but does not provide a domain. enabled = false; } @@ -595,14 +594,12 @@ public class WifiConfigController implements TextWatcher, // Display warning if user chooses not to validate the EAP server with a // user-supplied CA certificate in an EAP network configuration. mView.findViewById(R.id.no_ca_cert_warning).setVisibility(View.VISIBLE); - } - if (caCertSelection.equals(mUseSystemCertsString) + } else if (!caCertSelection.equals(mUnspecifiedCertString) && mEapDomainView != null && mView.findViewById(R.id.l_domain).getVisibility() != View.GONE && TextUtils.isEmpty(mEapDomainView.getText().toString())) { - // Display warning if user chooses to use pre-installed public CA certificates - // without restricting the server domain that these certificates can be used to - // validate. + // Display warning if user chooses to use a certificate without restricting the + // server domain that these certificates can be used to validate. mView.findViewById(R.id.no_domain_warning).setVisibility(View.VISIBLE); } } @@ -1713,7 +1710,8 @@ public class WifiConfigController implements TextWatcher, mContext.getResources().getStringArray(contentStringArrayResId)); } - private ArrayAdapter getSpinnerAdapter( + @VisibleForTesting + ArrayAdapter getSpinnerAdapter( String[] contentStringArray) { ArrayAdapter spinnerAdapter = new ArrayAdapter<>(mContext, android.R.layout.simple_spinner_item, contentStringArray); diff --git a/src/com/android/settings/wifi/WifiConfigController2.java b/src/com/android/settings/wifi/WifiConfigController2.java index 99907f3223f..d80873fc40d 100644 --- a/src/com/android/settings/wifi/WifiConfigController2.java +++ b/src/com/android/settings/wifi/WifiConfigController2.java @@ -533,12 +533,11 @@ public class WifiConfigController2 implements TextWatcher, // Disallow submit if the user has not selected a CA certificate for an EAP network // configuration. enabled = false; - } - if (caCertSelection.equals(mUseSystemCertsString) + } else if (!caCertSelection.equals(mDoNotValidateEapServerString) && mEapDomainView != null && mView.findViewById(R.id.l_domain).getVisibility() != View.GONE && TextUtils.isEmpty(mEapDomainView.getText().toString())) { - // Disallow submit if the user chooses to use system certificates for EAP server + // Disallow submit if the user chooses to use a certificate for EAP server // validation, but does not provide a domain. enabled = false; } @@ -574,14 +573,12 @@ public class WifiConfigController2 implements TextWatcher, // Display warning if user chooses not to validate the EAP server with a // user-supplied CA certificate in an EAP network configuration. mView.findViewById(R.id.no_ca_cert_warning).setVisibility(View.VISIBLE); - } - if (caCertSelection.equals(mUseSystemCertsString) + } else if (!caCertSelection.equals(mUnspecifiedCertString) && mEapDomainView != null && mView.findViewById(R.id.l_domain).getVisibility() != View.GONE && TextUtils.isEmpty(mEapDomainView.getText().toString())) { - // Display warning if user chooses to use pre-installed public CA certificates - // without restricting the server domain that these certificates can be used to - // validate. + // Display warning if user chooses to use a certificate without restricting the + // server domain that these certificates can be used to validate. mView.findViewById(R.id.no_domain_warning).setVisibility(View.VISIBLE); } } @@ -1696,7 +1693,8 @@ public class WifiConfigController2 implements TextWatcher, mContext.getResources().getStringArray(contentStringArrayResId)); } - private ArrayAdapter getSpinnerAdapter( + @VisibleForTesting + ArrayAdapter getSpinnerAdapter( String[] contentStringArray) { ArrayAdapter spinnerAdapter = new ArrayAdapter<>(mContext, android.R.layout.simple_spinner_item, contentStringArray); diff --git a/tests/robotests/src/com/android/settings/wifi/WifiConfigController2Test.java b/tests/robotests/src/com/android/settings/wifi/WifiConfigController2Test.java index e588799d6a4..06697fb5d74 100644 --- a/tests/robotests/src/com/android/settings/wifi/WifiConfigController2Test.java +++ b/tests/robotests/src/com/android/settings/wifi/WifiConfigController2Test.java @@ -224,6 +224,35 @@ public class WifiConfigController2Test { assertThat(mController.isSubmittable()).isTrue(); } + @Test + public void isSubmittable_caCertWithoutDomain_shouldReturnFalse() { + when(mWifiEntry.getSecurity()).thenReturn(WifiEntry.SECURITY_EAP); + mController = new TestWifiConfigController2(mConfigUiBase, mView, mWifiEntry, + WifiConfigUiBase2.MODE_CONNECT); + mView.findViewById(R.id.l_ca_cert).setVisibility(View.VISIBLE); + final Spinner eapCaCertSpinner = mView.findViewById(R.id.ca_cert); + eapCaCertSpinner.setAdapter(mController.getSpinnerAdapter(new String[]{"certificate"})); + eapCaCertSpinner.setSelection(0); + mView.findViewById(R.id.l_domain).setVisibility(View.VISIBLE); + + assertThat(mController.isSubmittable()).isFalse(); + } + + @Test + public void isSubmittable_caCertWithDomain_shouldReturnTrue() { + when(mWifiEntry.getSecurity()).thenReturn(WifiEntry.SECURITY_EAP); + mController = new TestWifiConfigController2(mConfigUiBase, mView, mWifiEntry, + WifiConfigUiBase2.MODE_CONNECT); + mView.findViewById(R.id.l_ca_cert).setVisibility(View.VISIBLE); + final Spinner eapCaCertSpinner = mView.findViewById(R.id.ca_cert); + eapCaCertSpinner.setAdapter(mController.getSpinnerAdapter(new String[]{"certificate"})); + eapCaCertSpinner.setSelection(0); + mView.findViewById(R.id.l_domain).setVisibility(View.VISIBLE); + ((TextView) mView.findViewById(R.id.domain)).setText("fakeDomain"); + + assertThat(mController.isSubmittable()).isTrue(); + } + @Test public void getSignalString_notReachable_shouldHaveNoSignalString() { when(mWifiEntry.getLevel()).thenReturn(WifiEntry.WIFI_LEVEL_UNREACHABLE); diff --git a/tests/robotests/src/com/android/settings/wifi/WifiConfigControllerTest.java b/tests/robotests/src/com/android/settings/wifi/WifiConfigControllerTest.java index 9146998a6f6..39f9cda33dc 100644 --- a/tests/robotests/src/com/android/settings/wifi/WifiConfigControllerTest.java +++ b/tests/robotests/src/com/android/settings/wifi/WifiConfigControllerTest.java @@ -218,6 +218,35 @@ public class WifiConfigControllerTest { assertThat(mController.isSubmittable()).isTrue(); } + @Test + public void isSubmittable_caCertWithoutDomain_shouldReturnFalse() { + when(mAccessPoint.getSecurity()).thenReturn(AccessPoint.SECURITY_EAP); + mController = new TestWifiConfigController(mConfigUiBase, mView, mAccessPoint, + WifiConfigUiBase.MODE_CONNECT); + mView.findViewById(R.id.l_ca_cert).setVisibility(View.VISIBLE); + final Spinner eapCaCertSpinner = mView.findViewById(R.id.ca_cert); + eapCaCertSpinner.setAdapter(mController.getSpinnerAdapter(new String[]{"certificate"})); + eapCaCertSpinner.setSelection(0); + mView.findViewById(R.id.l_domain).setVisibility(View.VISIBLE); + + assertThat(mController.isSubmittable()).isFalse(); + } + + @Test + public void isSubmittable_caCertWithDomain_shouldReturnTrue() { + when(mAccessPoint.getSecurity()).thenReturn(AccessPoint.SECURITY_EAP); + mController = new TestWifiConfigController(mConfigUiBase, mView, mAccessPoint, + WifiConfigUiBase.MODE_CONNECT); + mView.findViewById(R.id.l_ca_cert).setVisibility(View.VISIBLE); + final Spinner eapCaCertSpinner = mView.findViewById(R.id.ca_cert); + eapCaCertSpinner.setAdapter(mController.getSpinnerAdapter(new String[]{"certificate"})); + eapCaCertSpinner.setSelection(0); + mView.findViewById(R.id.l_domain).setVisibility(View.VISIBLE); + ((TextView) mView.findViewById(R.id.domain)).setText("fakeDomain"); + + assertThat(mController.isSubmittable()).isTrue(); + } + @Test public void getSignalString_notReachable_shouldHaveNoSignalString() { when(mAccessPoint.isReachable()).thenReturn(false);