Create public version for authentication error notifications

Don't expose account name or error details when Android is configured to hide sensitive information on the lock screen.
2021-12-08 02:36:59 +01:00 · 2021-12-08 02:36:59 +01:00 · 4da9e023be
commit 4da9e023be
parent 57d7616d5a
2 changed files with 26 additions and 5 deletions
--- a/app/core/src/main/java/com/fsck/k9/notification/AuthenticationErrorNotificationController.kt
+++ b/app/core/src/main/java/com/fsck/k9/notification/AuthenticationErrorNotificationController.kt
@ -1,5 +1,6 @@
 package com.fsck.k9.notification

+import android.app.Notification
 import android.app.PendingIntent
 import androidx.core.app.NotificationCompat
 import androidx.core.app.NotificationManagerCompat
@ -26,7 +27,7 @@ internal open class AuthenticationErrorNotificationController(
            .setContentText(text)
            .setContentIntent(editServerSettingsPendingIntent)
            .setStyle(NotificationCompat.BigTextStyle().bigText(text))
-            .setVisibility(NotificationCompat.VISIBILITY_PUBLIC)
+            .setPublicVersion(createLockScreenNotification(account))
            .setCategory(NotificationCompat.CATEGORY_ERROR)

        notificationHelper.configureNotification(
@ -54,6 +55,15 @@ internal open class AuthenticationErrorNotificationController(
        }
    }

+    private fun createLockScreenNotification(account: Account): Notification {
+        return notificationHelper
+            .createNotificationBuilder(account, NotificationChannelManager.ChannelType.MISCELLANEOUS)
+            .setSmallIcon(resourceProvider.iconWarning)
+            .setWhen(System.currentTimeMillis())
+            .setContentTitle(resourceProvider.authenticationErrorTitle())
+            .build()
+    }
+
    private val notificationManager: NotificationManagerCompat
        get() = notificationHelper.getNotificationManager()
 }
--- a/app/core/src/test/java/com/fsck/k9/notification/AuthenticationErrorNotificationControllerTest.kt
+++ b/app/core/src/test/java/com/fsck/k9/notification/AuthenticationErrorNotificationControllerTest.kt
@ -13,6 +13,7 @@ import org.mockito.Mockito.verify
 import org.mockito.kotlin.any
 import org.mockito.kotlin.doReturn
 import org.mockito.kotlin.mock
+import org.mockito.kotlin.never

 private const val INCOMING = true
 private const val OUTGOING = false
@ -22,9 +23,15 @@ private const val ACCOUNT_NAME = "TestAccount"
 class AuthenticationErrorNotificationControllerTest : RobolectricTest() {
    private val resourceProvider = TestNotificationResourceProvider()
    private val notification = mock<Notification>()
+    private val lockScreenNotification = mock<Notification>()
    private val notificationManager = mock<NotificationManagerCompat>()
    private val builder = createFakeNotificationBuilder(notification)
-    private val notificationHelper = createFakeNotificationHelper(notificationManager, builder)
+    private val lockScreenNotificationBuilder = createFakeNotificationBuilder(lockScreenNotification)
+    private val notificationHelper = createFakeNotificationHelper(
+        notificationManager,
+        builder,
+        lockScreenNotificationBuilder
+    )
    private val account = createFakeAccount()
    private val controller = TestAuthenticationErrorNotificationController()
    private val contentIntent = mock<PendingIntent>()
@ -73,7 +80,10 @@ class AuthenticationErrorNotificationControllerTest : RobolectricTest() {
        verify(builder).setContentTitle("Authentication failed")
        verify(builder).setContentText("Authentication failed for $ACCOUNT_NAME. Update your server settings.")
        verify(builder).setContentIntent(contentIntent)
-        verify(builder).setVisibility(NotificationCompat.VISIBILITY_PUBLIC)
+        verify(builder).setPublicVersion(lockScreenNotification)
+        verify(lockScreenNotificationBuilder).setContentTitle("Authentication failed")
+        verify(lockScreenNotificationBuilder, never()).setContentText(any())
+        verify(lockScreenNotificationBuilder, never()).setTicker(any())
    }

    private fun createFakeNotificationBuilder(notification: Notification): NotificationCompat.Builder {
@ -84,12 +94,13 @@ class AuthenticationErrorNotificationControllerTest : RobolectricTest() {

    private fun createFakeNotificationHelper(
        notificationManager: NotificationManagerCompat,
-        builder: NotificationCompat.Builder
+        notificationBuilder: NotificationCompat.Builder,
+        lockScreenNotificationBuilder: NotificationCompat.Builder
    ): NotificationHelper {
        return mock {
            on { getContext() } doReturn ApplicationProvider.getApplicationContext()
            on { getNotificationManager() } doReturn notificationManager
-            on { createNotificationBuilder(any(), any()) } doReturn builder
+            on { createNotificationBuilder(any(), any()) }.doReturn(notificationBuilder, lockScreenNotificationBuilder)
        }
    }