From a73025b36f0da9296746867423bdffa6216a3609 Mon Sep 17 00:00:00 2001
From: Andrea Gottardo <andrea@tailscale.com>
Date: Mon, 15 Apr 2024 08:21:18 -0700
Subject: [PATCH] mdm: throw ErrNoSuchKey when a value not defined in Android
 syspolicy handler (#325)

---
 android/src/main/java/com/tailscale/ipn/App.kt         | 10 ++++++----
 .../src/main/java/com/tailscale/ipn/mdm/MDMSettings.kt |  5 +++++
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/android/src/main/java/com/tailscale/ipn/App.kt b/android/src/main/java/com/tailscale/ipn/App.kt
index ce20f33..7665ee7 100644
--- a/android/src/main/java/com/tailscale/ipn/App.kt
+++ b/android/src/main/java/com/tailscale/ipn/App.kt
@@ -453,17 +453,19 @@ class App : Application(), libtailscale.AppContext {
     return downloads
   }
 
-  @Throws(IOException::class, GeneralSecurityException::class)
+  @Throws(
+      IOException::class, GeneralSecurityException::class, MDMSettings.NoSuchKeyException::class)
   override fun getSyspolicyBooleanValue(key: String): Boolean {
     return getSyspolicyStringValue(key) == "true"
   }
 
-  @Throws(IOException::class, GeneralSecurityException::class)
+  @Throws(
+      IOException::class, GeneralSecurityException::class, MDMSettings.NoSuchKeyException::class)
   override fun getSyspolicyStringValue(key: String): String {
     return MDMSettings.allSettingsByKey[key]?.flow?.value?.toString()
         ?: run {
-          Log.d("MDM", "$key is not defined on Android. Returning empty.")
-          ""
+          Log.d("MDM", "$key is not defined on Android. Throwing NoSuchKeyException.")
+          throw MDMSettings.NoSuchKeyException()
         }
   }
 }
diff --git a/android/src/main/java/com/tailscale/ipn/mdm/MDMSettings.kt b/android/src/main/java/com/tailscale/ipn/mdm/MDMSettings.kt
index 24364c0..d1d9223 100644
--- a/android/src/main/java/com/tailscale/ipn/mdm/MDMSettings.kt
+++ b/android/src/main/java/com/tailscale/ipn/mdm/MDMSettings.kt
@@ -11,6 +11,11 @@ import kotlin.reflect.full.isSubclassOf
 import kotlin.reflect.jvm.jvmErasure
 
 object MDMSettings {
+  // The String message used in this NoSuchKeyException must match the value of
+  // syspolicy.ErrNoSuchKey defined in Go, since the backend checks the value
+  // returned by the handler for equality using errors.Is().
+  class NoSuchKeyException : Exception("no such key")
+
   val forceEnabled = BooleanMDMSetting("ForceEnabled", "Force Enabled Connection Toggle")
 
   val exitNodeID = StringMDMSetting("ExitNodeID", "Forced Exit Node: Stable ID")