Merge "Consider Private DNS user restriction"
diff --git a/src/com/android/settings/network/PrivateDnsPreferenceController.java b/src/com/android/settings/network/PrivateDnsPreferenceController.java
index 5618010..8b3bfa0 100644
--- a/src/com/android/settings/network/PrivateDnsPreferenceController.java
+++ b/src/com/android/settings/network/PrivateDnsPreferenceController.java
@@ -34,6 +34,8 @@
import android.net.Uri;
import android.os.Handler;
import android.os.Looper;
+import android.os.UserHandle;
+import android.os.UserManager;
import android.provider.Settings;
import androidx.preference.Preference;
@@ -46,6 +48,8 @@
import com.android.settingslib.core.lifecycle.LifecycleObserver;
import com.android.settingslib.core.lifecycle.events.OnStart;
import com.android.settingslib.core.lifecycle.events.OnStop;
+import com.android.settingslib.RestrictedLockUtilsInternal;
+import com.android.settingslib.RestrictedLockUtils.EnforcedAdmin;
import java.net.InetAddress;
import java.util.List;
@@ -136,6 +140,19 @@
return "";
}
+ @Override
+ public void updateState(Preference preference) {
+ super.updateState(preference);
+ //TODO(b/112982691): Add policy transparency explaining why this setting is disabled.
+ preference.setEnabled(!isManagedByAdmin());
+ }
+
+ private boolean isManagedByAdmin() {
+ EnforcedAdmin enforcedAdmin = RestrictedLockUtilsInternal.checkIfRestrictionEnforced(
+ mContext, UserManager.DISALLOW_CONFIG_PRIVATE_DNS, UserHandle.myUserId());
+ return enforcedAdmin != null;
+ }
+
private class PrivateDnsSettingsObserver extends ContentObserver {
public PrivateDnsSettingsObserver(Handler h) {
super(h);
diff --git a/tests/robotests/src/com/android/settings/network/PrivateDnsPreferenceControllerTest.java b/tests/robotests/src/com/android/settings/network/PrivateDnsPreferenceControllerTest.java
index b475c7e..464b290 100644
--- a/tests/robotests/src/com/android/settings/network/PrivateDnsPreferenceControllerTest.java
+++ b/tests/robotests/src/com/android/settings/network/PrivateDnsPreferenceControllerTest.java
@@ -43,6 +43,7 @@
import static org.mockito.Mockito.when;
import static org.mockito.Mockito.withSettings;
+import android.content.ComponentName;
import android.content.ContentResolver;
import android.content.Context;
import android.net.ConnectivityManager;
@@ -50,6 +51,8 @@
import android.net.LinkProperties;
import android.net.Network;
import android.os.Handler;
+import android.os.UserHandle;
+import android.os.UserManager;
import android.provider.Settings;
import androidx.lifecycle.LifecycleOwner;
@@ -58,6 +61,8 @@
import com.android.settings.R;
import com.android.settings.testutils.SettingsRobolectricTestRunner;
+import com.android.settings.testutils.shadow.ShadowUserManager;
+import com.android.settings.testutils.shadow.ShadowDevicePolicyManager;
import com.android.settingslib.core.lifecycle.Lifecycle;
import org.junit.Before;
@@ -79,6 +84,10 @@
import java.util.List;
@RunWith(SettingsRobolectricTestRunner.class)
+@Config(shadows = {
+ ShadowUserManager.class,
+ ShadowDevicePolicyManager.class
+})
public class PrivateDnsPreferenceControllerTest {
private final static String HOSTNAME = "dns.example.com";
@@ -108,6 +117,7 @@
private ShadowContentResolver mShadowContentResolver;
private Lifecycle mLifecycle;
private LifecycleOwner mLifecycleOwner;
+ private ShadowUserManager mShadowUserManager;
@Before
public void setUp() {
@@ -127,6 +137,8 @@
mLifecycleOwner = () -> mLifecycle;
mLifecycle = new Lifecycle(mLifecycleOwner);
mLifecycle.addObserver(mController);
+
+ mShadowUserManager = ShadowUserManager.getShadow();
}
private void updateLinkProperties(LinkProperties lp) {
@@ -264,6 +276,31 @@
verify(mPreference).setSummary(getResourceString(R.string.private_dns_mode_opportunistic));
}
+ @Test
+ public void isEnabled_canBeDisabledByAdmin() {
+ final int userId = UserHandle.myUserId();
+ final List<UserManager.EnforcingUser> enforcingUsers = Collections.singletonList(
+ new UserManager.EnforcingUser(userId,
+ UserManager.RESTRICTION_SOURCE_DEVICE_OWNER)
+ );
+ mShadowUserManager.setUserRestrictionSources(
+ UserManager.DISALLOW_CONFIG_PRIVATE_DNS,
+ UserHandle.of(userId),
+ enforcingUsers);
+
+ ShadowDevicePolicyManager.getShadow().setDeviceOwnerComponentOnAnyUser(
+ new ComponentName("test", "test"));
+
+ mController.updateState(mPreference);
+ verify(mPreference).setEnabled(false);
+ }
+
+ @Test
+ public void isEnabled_isEnabledByDefault() {
+ mController.updateState(mPreference);
+ verify(mPreference).setEnabled(true);
+ }
+
private void setPrivateDnsMode(String mode) {
Settings.Global.putString(mContentResolver, PRIVATE_DNS_MODE, mode);
}