diff --git a/src/com/android/email/SecurityPolicy.java b/src/com/android/email/SecurityPolicy.java index 047eb9f59..a2dc97ccc 100644 --- a/src/com/android/email/SecurityPolicy.java +++ b/src/com/android/email/SecurityPolicy.java @@ -483,6 +483,11 @@ public class SecurityPolicy { (passwordMode != PASSWORD_MODE_STRONG)) { throw new IllegalArgumentException("password mode"); } + // If we're only requiring a simple password, set complex chars to zero; note + // that EAS can erroneously send non-zero values in this case + if (passwordMode == PASSWORD_MODE_SIMPLE) { + passwordComplexChars = 0; + } // The next four values have hard limits which cannot be supported if exceeded. if (minPasswordLength > PASSWORD_LENGTH_MAX) { throw new IllegalArgumentException("password length"); diff --git a/tests/src/com/android/email/SecurityPolicyTests.java b/tests/src/com/android/email/SecurityPolicyTests.java index 1b89e024f..0d2b370dc 100644 --- a/tests/src/com/android/email/SecurityPolicyTests.java +++ b/tests/src/com/android/email/SecurityPolicyTests.java @@ -112,12 +112,15 @@ public class SecurityPolicyTests extends ProviderTestCase2 { fail("Illegal password mode allowed"); } catch (IllegalArgumentException e) { } + PolicySet ps = new PolicySet(0, PolicySet.PASSWORD_MODE_SIMPLE, 0, PolicySet.SCREEN_LOCK_TIME_MAX + 1, false, 0, 0, 0); assertEquals(PolicySet.SCREEN_LOCK_TIME_MAX, ps.getMaxScreenLockTime()); + ps = new PolicySet(0, PolicySet.PASSWORD_MODE_SIMPLE, PolicySet.PASSWORD_MAX_FAILS_MAX + 1, 0, false, 0, 0, 0); assertEquals(PolicySet.PASSWORD_MAX_FAILS_MAX, ps.getMaxPasswordFails()); + // All password related fields should be zero when password mode is NONE // Illegal values for these fields should be ignored ps = new PolicySet(999/*length*/, PolicySet.PASSWORD_MODE_NONE, @@ -129,6 +132,12 @@ public class SecurityPolicyTests extends ProviderTestCase2 { assertEquals(0, ps.mPasswordExpiration); assertEquals(0, ps.mPasswordHistory); assertEquals(0, ps.mPasswordComplexChars); + + // With a simple password, we should set complex chars to zero + ps = new PolicySet(4/*length*/, PolicySet.PASSWORD_MODE_SIMPLE, + 0, 0, false, 0, 0, 3/*complex*/); + assertEquals(4, ps.mMinPasswordLength); + assertEquals(0, ps.mPasswordComplexChars); } /** @@ -303,9 +312,9 @@ public class SecurityPolicyTests extends ProviderTestCase2 { assertEquals(0, p.mPasswordComplexChars); assertFalse(p.mRequireRemoteWipe); - p = new PolicySet(0, PolicySet.PASSWORD_MODE_SIMPLE, 0, 0, false, 0, 0, + p = new PolicySet(0, PolicySet.PASSWORD_MODE_STRONG, 0, 0, false, 0, 0, PolicySet.PASSWORD_COMPLEX_CHARS_MAX); - assertEquals(PolicySet.PASSWORD_MODE_SIMPLE, p.mPasswordMode); + assertEquals(PolicySet.PASSWORD_MODE_STRONG, p.mPasswordMode); assertEquals(0, p.mMinPasswordLength); assertEquals(0, p.mMaxPasswordFails); assertEquals(0, p.mMaxScreenLockTime);