1 /*
2  * Copyright (C) 2023 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.devicepolicy.cts;
18 
19 import static com.google.common.truth.Truth.assertThat;
20 
21 import com.android.bedstead.harrier.BedsteadJUnit4;
22 import com.android.bedstead.harrier.DeviceState;
23 import com.android.bedstead.harrier.annotations.RequireRunOnAdditionalUser;
24 import com.android.bedstead.harrier.annotations.RequireRunOnSystemUser;
25 import com.android.bedstead.harrier.annotations.RequireStorageEncryptionSupported;
26 import com.android.bedstead.harrier.annotations.RequireStorageEncryptionUnsupported;
27 import com.android.bedstead.enterprise.annotations.CanSetPolicyTest;
28 import com.android.bedstead.harrier.policies.StorageEncryption;
29 
30 import org.junit.ClassRule;
31 import org.junit.Rule;
32 import org.junit.runner.RunWith;
33 
34 @RunWith(BedsteadJUnit4.class)
35 public final class StorageEncryptionTest {
36 
37     @ClassRule @Rule
38     public static final DeviceState sDeviceState = new DeviceState();
39 
40     private static final int ENCRYPTION_STATUS_UNSUPPORTED = 0;
41     private static final int ENCRYPTION_STATUS_INACTIVE = 1;
42     private static final int ENCRYPTION_STATUS_ACTIVE = 3;
43 
44     @CanSetPolicyTest(policy = StorageEncryption.class)
45     @RequireRunOnSystemUser
46     @RequireStorageEncryptionSupported
setStorageEncryption_runOnSystemUser_enable_isEnabled()47     public void setStorageEncryption_runOnSystemUser_enable_isEnabled() {
48         try {
49             assertThat(sDeviceState.dpc().devicePolicyManager().setStorageEncryption(
50                     sDeviceState.dpc().componentName(), /* encrypt= */ true))
51                     .isEqualTo(ENCRYPTION_STATUS_ACTIVE);
52 
53             assertThat(sDeviceState.dpc().devicePolicyManager().getStorageEncryption(
54                     sDeviceState.dpc().componentName())).isTrue();
55         } finally {
56             sDeviceState.dpc().devicePolicyManager().setStorageEncryption(
57                     sDeviceState.dpc().componentName(), /* encrypt= */ false);
58         }
59     }
60 
61     @CanSetPolicyTest(policy = StorageEncryption.class)
62     @RequireRunOnAdditionalUser
setStorageEncryption_runOnNonSystemUser_enable_isNotSupported()63     public void setStorageEncryption_runOnNonSystemUser_enable_isNotSupported() {
64         try {
65             assertThat(sDeviceState.dpc().devicePolicyManager().setStorageEncryption(
66                     sDeviceState.dpc().componentName(), /* encrypt= */ true))
67                     .isEqualTo(ENCRYPTION_STATUS_UNSUPPORTED);
68 
69             assertThat(sDeviceState.dpc().devicePolicyManager().getStorageEncryption(
70                     sDeviceState.dpc().componentName())).isFalse();
71         } finally {
72             sDeviceState.dpc().devicePolicyManager().setStorageEncryption(
73                     sDeviceState.dpc().componentName(), /* encrypt= */ false);
74         }
75     }
76 
77     @CanSetPolicyTest(policy = StorageEncryption.class)
78     @RequireRunOnSystemUser
79     @RequireStorageEncryptionSupported
setStorageEncryption_runOnSystemUser_disable_isDisabled()80     public void setStorageEncryption_runOnSystemUser_disable_isDisabled() {
81         assertThat(sDeviceState.dpc().devicePolicyManager().setStorageEncryption(
82                 sDeviceState.dpc().componentName(), /* encrypt= */ false))
83                 .isEqualTo(ENCRYPTION_STATUS_INACTIVE);
84 
85         assertThat(sDeviceState.dpc().devicePolicyManager().getStorageEncryption(
86                 sDeviceState.dpc().componentName())).isFalse();
87     }
88 
89     @CanSetPolicyTest(policy = StorageEncryption.class)
90     @RequireRunOnSystemUser
91     @RequireStorageEncryptionUnsupported
setStorageEncryption_runOnSystemUser_isNotSupported_isDisabled()92     public void setStorageEncryption_runOnSystemUser_isNotSupported_isDisabled() {
93         assertThat(sDeviceState.dpc().devicePolicyManager().getStorageEncryption(
94                 sDeviceState.dpc().componentName())).isFalse();
95     }
96 
97     @CanSetPolicyTest(policy = StorageEncryption.class)
98     @RequireRunOnAdditionalUser
setStorageEncryption_runOnNonSystemUser_disable_isNotSupported()99     public void setStorageEncryption_runOnNonSystemUser_disable_isNotSupported() {
100         assertThat(sDeviceState.dpc().devicePolicyManager().setStorageEncryption(
101                 sDeviceState.dpc().componentName(), /* encrypt= */ false))
102                 .isEqualTo(ENCRYPTION_STATUS_UNSUPPORTED);
103 
104         assertThat(sDeviceState.dpc().devicePolicyManager().getStorageEncryption(
105                 sDeviceState.dpc().componentName())).isFalse();
106     }
107 
108 }
109