From 79cb59e618138c89d9b006adf9228886117cb4cf Mon Sep 17 00:00:00 2001 From: Julia Reynolds Date: Tue, 7 Mar 2023 15:44:29 -0500 Subject: [PATCH 1/4] Don't show NLSes with excessively long component names Test: install test app with long CN Test: ServiceListingTest Bug: 260570119 Change-Id: I3ffd02f6cf6bf282e7fc264fd070ed3add4d8571 Merged-In: I3ffd02f6cf6bf282e7fc264fd070ed3add4d8571 --- .../notification/NotificationAccessSettings.java | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/com/android/settings/notification/NotificationAccessSettings.java b/src/com/android/settings/notification/NotificationAccessSettings.java index 9df548c53bb..71e58e40b55 100644 --- a/src/com/android/settings/notification/NotificationAccessSettings.java +++ b/src/com/android/settings/notification/NotificationAccessSettings.java @@ -57,6 +57,9 @@ import java.util.List; @SearchIndexable public class NotificationAccessSettings extends EmptyTextSettings { private static final String TAG = "NotifAccessSettings"; + + private static final int MAX_CN_LENGTH = 500; + private static final ManagedServiceSettings.Config CONFIG = new ManagedServiceSettings.Config.Builder() .setTag(TAG) @@ -91,6 +94,12 @@ public class NotificationAccessSettings extends EmptyTextSettings { .setNoun(CONFIG.noun) .setSetting(CONFIG.setting) .setTag(CONFIG.tag) + .setValidator(info -> { + if (info.getComponentName().flattenToString().length() > MAX_CN_LENGTH) { + return false; + } + return true; + }) .build(); mServiceListing.addCallback(this::updateList); setPreferenceScreen(getPreferenceManager().createPreferenceScreen(mContext)); From 52a102cc2a408657230c757054e6979e1c76d6fb Mon Sep 17 00:00:00 2001 From: Julia Reynolds Date: Tue, 7 Mar 2023 15:44:29 -0500 Subject: [PATCH 2/4] Don't show NLSes with excessively long component names Test: install test app with long CN Test: ServiceListingTest Bug: 260570119 Change-Id: I3ffd02f6cf6bf282e7fc264fd070ed3add4d8571 Merged-In: I3ffd02f6cf6bf282e7fc264fd070ed3add4d8571 --- .../settings/notification/NotificationAccessSettings.java | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/com/android/settings/notification/NotificationAccessSettings.java b/src/com/android/settings/notification/NotificationAccessSettings.java index 10954a185e1..d94498e68f7 100644 --- a/src/com/android/settings/notification/NotificationAccessSettings.java +++ b/src/com/android/settings/notification/NotificationAccessSettings.java @@ -62,6 +62,7 @@ public class NotificationAccessSettings extends EmptyTextSettings { private static final String TAG = "NotifAccessSettings"; private static final String ALLOWED_KEY = "allowed"; private static final String NOT_ALLOWED_KEY = "not_allowed"; + private static final int MAX_CN_LENGTH = 500; private static final ManagedServiceSettings.Config CONFIG = new ManagedServiceSettings.Config.Builder() @@ -98,6 +99,12 @@ public class NotificationAccessSettings extends EmptyTextSettings { .setNoun(CONFIG.noun) .setSetting(CONFIG.setting) .setTag(CONFIG.tag) + .setValidator(info -> { + if (info.getComponentName().flattenToString().length() > MAX_CN_LENGTH) { + return false; + } + return true; + }) .build(); mServiceListing.addCallback(this::updateList); From cc53f44d493906392dd21c2c2e72130b234b10e2 Mon Sep 17 00:00:00 2001 From: Weng Su Date: Tue, 28 Mar 2023 19:27:01 +0000 Subject: [PATCH 3/4] Revert "Disallow screenshot on Wi-Fi QR code settings" This reverts commit 950837b20f418df7a0583f5fa78df00a74a88c31. Reason for revert: The security issue is downgraded to NSI, remove the screenshot protection to rollback the original design. Change-Id: Iecaf7e4e19dc3452a7d2aeaf32bf38619e760c76 --- .../settings/wifi/dpp/WifiDppConfiguratorActivity.java | 2 -- .../wifi/dpp/WifiDppConfiguratorActivityTest.java | 10 ---------- 2 files changed, 12 deletions(-) diff --git a/src/com/android/settings/wifi/dpp/WifiDppConfiguratorActivity.java b/src/com/android/settings/wifi/dpp/WifiDppConfiguratorActivity.java index 6c9d4980f44..e6f0b31f384 100644 --- a/src/com/android/settings/wifi/dpp/WifiDppConfiguratorActivity.java +++ b/src/com/android/settings/wifi/dpp/WifiDppConfiguratorActivity.java @@ -28,7 +28,6 @@ import android.os.UserManager; import android.provider.Settings; import android.util.EventLog; import android.util.Log; -import android.view.WindowManager; import androidx.annotation.VisibleForTesting; import androidx.fragment.app.FragmentTransaction; @@ -100,7 +99,6 @@ public class WifiDppConfiguratorActivity extends WifiDppBaseActivity implements @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); - getWindow().addFlags(WindowManager.LayoutParams.FLAG_SECURE); if (savedInstanceState != null) { String qrCode = savedInstanceState.getString(KEY_QR_CODE); diff --git a/tests/robotests/src/com/android/settings/wifi/dpp/WifiDppConfiguratorActivityTest.java b/tests/robotests/src/com/android/settings/wifi/dpp/WifiDppConfiguratorActivityTest.java index 88fa83afbf7..d8605ded829 100644 --- a/tests/robotests/src/com/android/settings/wifi/dpp/WifiDppConfiguratorActivityTest.java +++ b/tests/robotests/src/com/android/settings/wifi/dpp/WifiDppConfiguratorActivityTest.java @@ -16,10 +16,6 @@ package com.android.settings.wifi.dpp; -import static android.view.WindowManager.LayoutParams.FLAG_SECURE; - -import static com.google.common.truth.Truth.assertThat; - import static org.mockito.Mockito.doNothing; import static org.mockito.Mockito.never; import static org.mockito.Mockito.spy; @@ -76,12 +72,6 @@ public class WifiDppConfiguratorActivityTest { Robolectric.setupActivity(WifiDppConfiguratorActivity.class); } - @Test - public void launchActivity_shouldAddFlagSecure() { - assertThat(mActivity.getWindow().getAttributes().flags & FLAG_SECURE) - .isEqualTo(FLAG_SECURE); - } - @Test public void handleIntent_isGuestUser_shouldFinish() { when(mUserManager.isGuestUser()).thenReturn(true); From 3abf4d9d5f0662064819979948422db2c2cecec7 Mon Sep 17 00:00:00 2001 From: Weng Su Date: Wed, 29 Mar 2023 18:11:05 +0800 Subject: [PATCH 4/4] Restrict DataUsageSummary for guest user - Don't show DataUsageSummary if the user is a guest Bug: 262243574 Test: manual test make RunSettingsRoboTests ROBOTEST_FILTER=DataUsageSummaryTest Change-Id: I94d0fd18a81dc0f0adba544340e648d58c5d3358 --- .../settings/datausage/DataUsageSummary.java | 16 +++++++ .../datausage/DataUsageSummaryTest.java | 48 ++++++++++++++++--- 2 files changed, 57 insertions(+), 7 deletions(-) diff --git a/src/com/android/settings/datausage/DataUsageSummary.java b/src/com/android/settings/datausage/DataUsageSummary.java index fabf0596b77..ec68babb3bf 100644 --- a/src/com/android/settings/datausage/DataUsageSummary.java +++ b/src/com/android/settings/datausage/DataUsageSummary.java @@ -19,6 +19,7 @@ import android.app.settings.SettingsEnums; import android.content.Context; import android.net.NetworkTemplate; import android.os.Bundle; +import android.os.UserManager; import android.telephony.SubscriptionInfo; import android.telephony.SubscriptionManager; import android.text.BidiFormatter; @@ -27,6 +28,8 @@ import android.text.SpannableString; import android.text.TextUtils; import android.text.format.Formatter; import android.text.style.RelativeSizeSpan; +import android.util.EventLog; +import android.util.Log; import androidx.annotation.VisibleForTesting; import androidx.preference.Preference; @@ -83,6 +86,12 @@ public class DataUsageSummary extends DataUsageBaseFragment implements DataUsage public void onCreate(Bundle icicle) { super.onCreate(icicle); Context context = getContext(); + if (isGuestUser(context)) { + Log.e(TAG, "This setting isn't available due to user restriction."); + EventLog.writeEvent(0x534e4554, "262243574", -1 /* UID */, "Guest user"); + finish(); + return; + } if (!isSimHardwareVisible(context)) { finish(); @@ -282,4 +291,11 @@ public class DataUsageSummary extends DataUsageBaseFragment implements DataUsage updateState(); mSummaryController.updateState(mSummaryPreference); } + + private static boolean isGuestUser(Context context) { + if (context == null) return false; + final UserManager userManager = context.getSystemService(UserManager.class); + if (userManager == null) return false; + return userManager.isGuestUser(); + } } diff --git a/tests/robotests/src/com/android/settings/datausage/DataUsageSummaryTest.java b/tests/robotests/src/com/android/settings/datausage/DataUsageSummaryTest.java index 68d49fc6352..4ac73877c21 100644 --- a/tests/robotests/src/com/android/settings/datausage/DataUsageSummaryTest.java +++ b/tests/robotests/src/com/android/settings/datausage/DataUsageSummaryTest.java @@ -31,13 +31,14 @@ import android.app.usage.NetworkStatsManager; import android.content.Context; import android.content.res.Resources; import android.net.NetworkPolicyManager; +import android.os.UserManager; import android.telephony.SubscriptionManager; import android.telephony.TelephonyManager; import androidx.fragment.app.FragmentActivity; +import androidx.test.core.app.ApplicationProvider; import com.android.settings.R; - import com.android.settings.testutils.shadow.ShadowDashboardFragment; import com.android.settings.testutils.shadow.ShadowDataUsageUtils; import com.android.settings.testutils.shadow.ShadowUserManager; @@ -45,13 +46,15 @@ import com.android.settings.testutils.shadow.ShadowUtils; import org.junit.Before; import org.junit.Ignore; +import org.junit.Rule; import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.Mock; -import org.mockito.MockitoAnnotations; +import org.mockito.Spy; +import org.mockito.junit.MockitoJUnit; +import org.mockito.junit.MockitoRule; import org.robolectric.Robolectric; import org.robolectric.RobolectricTestRunner; -import org.robolectric.RuntimeEnvironment; import org.robolectric.Shadows; import org.robolectric.annotation.Config; import org.robolectric.shadows.ShadowApplication; @@ -66,16 +69,22 @@ import org.robolectric.shadows.ShadowTelephonyManager; }) @RunWith(RobolectricTestRunner.class) public class DataUsageSummaryTest { - + @Rule + public final MockitoRule mMockitoRule = MockitoJUnit.rule(); + @Spy + Context mContext = ApplicationProvider.getApplicationContext(); + @Mock + private UserManager mUserManager; @Mock private NetworkPolicyManager mNetworkPolicyManager; @Mock private NetworkStatsManager mNetworkStatsManager; private TelephonyManager mTelephonyManager; - private Context mContext; private Resources mResources; private FragmentActivity mActivity; + private DataUsageSummary mDataUsageSummary; + /** * This set up is contrived to get a passing test so that the build doesn't block without tests. * These tests should be updated as code gets refactored to improve testability. @@ -83,12 +92,13 @@ public class DataUsageSummaryTest { @Before public void setUp() { - MockitoAnnotations.initMocks(this); + doReturn(mUserManager).when(mContext).getSystemService(UserManager.class); + doReturn(false).when(mUserManager).isGuestUser(); + ShadowApplication shadowContext = ShadowApplication.getInstance(); ShadowUserManager.getShadow().setIsAdminUser(true); shadowContext.setSystemService(Context.NETWORK_POLICY_SERVICE, mNetworkPolicyManager); - mContext = spy(RuntimeEnvironment.application); mTelephonyManager = mContext.getSystemService(TelephonyManager.class); final ShadowTelephonyManager shadowTelephonyManager = Shadows.shadowOf(mTelephonyManager); shadowTelephonyManager.setTelephonyManagerForSubscriptionId( @@ -101,6 +111,12 @@ public class DataUsageSummaryTest { doReturn(true).when(mResources).getBoolean(R.bool.config_show_sim_info); doReturn(mNetworkStatsManager).when(mActivity).getSystemService(NetworkStatsManager.class); + + mDataUsageSummary = spy(new DataUsageSummary()); + doReturn(mContext).when(mDataUsageSummary).getContext(); + doNothing().when(mDataUsageSummary).enableProxySubscriptionManager(any()); + doReturn(true).when(mDataUsageSummary).removePreference(anyString()); + doNothing().when(mDataUsageSummary).addWifiSection(); } @Test @@ -201,4 +217,22 @@ public class DataUsageSummaryTest { verify(dataUsageSummary).addWifiSection(); verify(dataUsageSummary, never()).addMobileSection(anyInt()); } + + @Test + public void onCreate_isNotGuestUser_shouldNotFinish() { + doReturn(false).when(mUserManager).isGuestUser(); + + mDataUsageSummary.onCreate(null); + + verify(mDataUsageSummary, never()).finish(); + } + + @Test + public void onCreate_isGuestUser_shouldFinish() { + doReturn(true).when(mUserManager).isGuestUser(); + + mDataUsageSummary.onCreate(null); + + verify(mDataUsageSummary).finish(); + } }