1 /* 2 * Copyright (C) 2016 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 package com.android.cts.deviceowner; 17 18 import android.app.admin.SecurityLog.SecurityEvent; 19 import android.os.Parcel; 20 import android.os.SystemClock; 21 22 import java.util.Arrays; 23 import java.util.List; 24 import java.util.concurrent.TimeUnit; 25 26 public class SecurityLoggingTest extends BaseDeviceOwnerTest { 27 28 /** 29 * Test: retrieving security logs can only be done if there's one user on the device or all 30 * secondary users / profiles are affiliated. 31 */ testRetrievingSecurityLogsThrowsSecurityException()32 public void testRetrievingSecurityLogsThrowsSecurityException() { 33 try { 34 mDevicePolicyManager.retrieveSecurityLogs(getWho()); 35 fail("did not throw expected SecurityException"); 36 } catch (SecurityException expected) { 37 } 38 } 39 40 /** 41 * Test: retrieving previous security logs can only be done if there's one user on the device or 42 * all secondary users / profiles are affiliated. 43 */ testRetrievingPreviousSecurityLogsThrowsSecurityException()44 public void testRetrievingPreviousSecurityLogsThrowsSecurityException() { 45 try { 46 mDevicePolicyManager.retrievePreRebootSecurityLogs(getWho()); 47 fail("did not throw expected SecurityException"); 48 } catch (SecurityException expected) { 49 } 50 } 51 52 /** 53 * Test: retrieving security logs. This test has should be called when security logging is 54 * enabled and directly after reboot with device owner installed so that security logging 55 * actually takes place and fetching the logs isn't subject to rate limiting. 56 */ testGetSecurityLogs()57 public void testGetSecurityLogs() { 58 List<SecurityEvent> events = mDevicePolicyManager.retrieveSecurityLogs(getWho()); 59 60 // There must be at least some events, e.g. PackageManager logs all process launches. 61 assertTrue("Unable to get events", events != null && events.size() > 0); 62 63 // We don't know much about the events, so just call public API methods. 64 for (int i = 0; i < events.size(); i++) { 65 SecurityEvent event = events.get(i); 66 67 // Test parcelling: flatten to a parcel. 68 Parcel p = Parcel.obtain(); 69 event.writeToParcel(p, 0); 70 p.setDataPosition(0); 71 72 // Restore from parcel and check contents. 73 SecurityEvent restored = SecurityEvent.CREATOR.createFromParcel(p); 74 p.recycle(); 75 76 // For some events data is encapsulated into Object array. 77 if (event.getData() instanceof Object[]) { 78 assertTrue("Parcelling changed the array returned by getData", 79 Arrays.equals((Object[]) event.getData(), (Object[]) restored.getData())); 80 } else { 81 assertEquals("Parcelling changed the result of getData", 82 event.getData(), restored.getData()); 83 } 84 assertEquals("Parcelling changed the result of getTag", 85 event.getTag(), restored.getTag()); 86 assertEquals("Parcelling changed the result of getTimeNanos", 87 event.getTimeNanos(), restored.getTimeNanos()); 88 assertEquals("Parcelling changed the result of describeContents", 89 event.describeContents(), restored.describeContents()); 90 } 91 } 92 93 /** 94 * Test: Test enabling security logging. This test should be executed after installing a device 95 * owner so that we check that logging is not enabled by default. This test has a side effect: 96 * security logging is enabled after its execution. 97 */ testEnablingSecurityLogging()98 public void testEnablingSecurityLogging() { 99 assertFalse(mDevicePolicyManager.isSecurityLoggingEnabled(getWho())); 100 mDevicePolicyManager.setSecurityLoggingEnabled(getWho(), true); 101 assertTrue(mDevicePolicyManager.isSecurityLoggingEnabled(getWho())); 102 } 103 104 /** 105 * Test: Test disabling security logging. This test has a side effect: security logging is 106 * disabled after its execution. 107 */ testDisablingSecurityLogging()108 public void testDisablingSecurityLogging() { 109 mDevicePolicyManager.setSecurityLoggingEnabled(getWho(), false); 110 assertFalse(mDevicePolicyManager.isSecurityLoggingEnabled(getWho())); 111 } 112 113 /** 114 * Test: retrieving security logs should be rate limited - subsequent attempts should return 115 * null. 116 */ testRetrievingSecurityLogsNotPossibleImmediatelyAfterPreviousSuccessfulRetrieval()117 public void testRetrievingSecurityLogsNotPossibleImmediatelyAfterPreviousSuccessfulRetrieval() { 118 List<SecurityEvent> logs = mDevicePolicyManager.retrieveSecurityLogs(getWho()); 119 // if logs is null it means that that attempt was rate limited => test PASS 120 if (logs != null) { 121 assertNull(mDevicePolicyManager.retrieveSecurityLogs(getWho())); 122 assertNull(mDevicePolicyManager.retrieveSecurityLogs(getWho())); 123 } 124 } 125 } 126