OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/policy/cloud_policy_controller.h" | 5 #include "chrome/browser/policy/cloud_policy_controller.h" |
6 | 6 |
7 #include "base/memory/scoped_temp_dir.h" | 7 #include "base/memory/scoped_temp_dir.h" |
8 #include "base/message_loop.h" | 8 #include "base/message_loop.h" |
9 #include "chrome/browser/policy/device_management_service.h" | 9 #include "chrome/browser/policy/device_management_service.h" |
10 #include "chrome/browser/policy/device_token_fetcher.h" | 10 #include "chrome/browser/policy/device_token_fetcher.h" |
(...skipping 21 matching lines...) Expand all Loading... |
32 using ::testing::Return; | 32 using ::testing::Return; |
33 | 33 |
34 class MockCloudPolicyIdentityStrategy : public CloudPolicyIdentityStrategy { | 34 class MockCloudPolicyIdentityStrategy : public CloudPolicyIdentityStrategy { |
35 public: | 35 public: |
36 MockCloudPolicyIdentityStrategy() {} | 36 MockCloudPolicyIdentityStrategy() {} |
37 virtual ~MockCloudPolicyIdentityStrategy() {} | 37 virtual ~MockCloudPolicyIdentityStrategy() {} |
38 | 38 |
39 MOCK_METHOD0(GetDeviceToken, std::string()); | 39 MOCK_METHOD0(GetDeviceToken, std::string()); |
40 MOCK_METHOD0(GetDeviceID, std::string()); | 40 MOCK_METHOD0(GetDeviceID, std::string()); |
41 MOCK_METHOD0(GetMachineID, std::string()); | 41 MOCK_METHOD0(GetMachineID, std::string()); |
| 42 MOCK_METHOD0(GetMachineModel, std::string()); |
42 MOCK_METHOD0(GetPolicyType, std::string()); | 43 MOCK_METHOD0(GetPolicyType, std::string()); |
43 MOCK_METHOD0(GetPolicyRegisterType, em::DeviceRegisterRequest_Type()); | 44 MOCK_METHOD0(GetPolicyRegisterType, em::DeviceRegisterRequest_Type()); |
44 | 45 |
45 MOCK_METHOD2(GetCredentials, bool(std::string*, std::string*)); | 46 MOCK_METHOD2(GetCredentials, bool(std::string*, std::string*)); |
46 virtual void OnDeviceTokenAvailable(const std::string&) {} | 47 virtual void OnDeviceTokenAvailable(const std::string&) {} |
47 | 48 |
48 private: | 49 private: |
49 DISALLOW_COPY_AND_ASSIGN(MockCloudPolicyIdentityStrategy); | 50 DISALLOW_COPY_AND_ASSIGN(MockCloudPolicyIdentityStrategy); |
50 }; | 51 }; |
51 | 52 |
52 ACTION_P2(MockCloudPolicyIdentityStrategyGetCredentials, username, auth_token) { | 53 ACTION_P2(MockCloudPolicyIdentityStrategyGetCredentials, username, auth_token) { |
53 *arg0 = username; | 54 *arg0 = username; |
54 *arg1 = auth_token; | 55 *arg1 = auth_token; |
55 return true; | 56 return true; |
56 } | 57 } |
57 | 58 |
58 class MockDeviceTokenFetcher : public DeviceTokenFetcher { | 59 class MockDeviceTokenFetcher : public DeviceTokenFetcher { |
59 public: | 60 public: |
60 explicit MockDeviceTokenFetcher(CloudPolicyCacheBase* cache) | 61 explicit MockDeviceTokenFetcher(CloudPolicyCacheBase* cache) |
61 : DeviceTokenFetcher(NULL, cache, NULL) {} | 62 : DeviceTokenFetcher(NULL, cache, NULL) {} |
62 virtual ~MockDeviceTokenFetcher() {} | 63 virtual ~MockDeviceTokenFetcher() {} |
63 | 64 |
64 MOCK_METHOD0(GetDeviceToken, const std::string&()); | 65 MOCK_METHOD0(GetDeviceToken, const std::string&()); |
65 MOCK_METHOD4(FetchToken, | 66 MOCK_METHOD5(FetchToken, |
66 void(const std::string&, const std::string&, | 67 void(const std::string&, const std::string&, |
67 em::DeviceRegisterRequest_Type, const std::string&)); | 68 em::DeviceRegisterRequest_Type, |
| 69 const std::string&, const std::string&)); |
68 MOCK_METHOD0(SetUnmanagedState, void()); | 70 MOCK_METHOD0(SetUnmanagedState, void()); |
69 | 71 |
70 private: | 72 private: |
71 DISALLOW_COPY_AND_ASSIGN(MockDeviceTokenFetcher); | 73 DISALLOW_COPY_AND_ASSIGN(MockDeviceTokenFetcher); |
72 }; | 74 }; |
73 | 75 |
74 class CloudPolicyControllerTest : public testing::Test { | 76 class CloudPolicyControllerTest : public testing::Test { |
75 public: | 77 public: |
76 CloudPolicyControllerTest() | 78 CloudPolicyControllerTest() |
77 : ui_thread_(BrowserThread::UI, &loop_), | 79 : ui_thread_(BrowserThread::UI, &loop_), |
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
117 cache_->GetManagedPolicyProvider()->Provide(&store); | 119 cache_->GetManagedPolicyProvider()->Provide(&store); |
118 FundamentalValue expected(true); | 120 FundamentalValue expected(true); |
119 ASSERT_TRUE(store.Get(kPolicyDisableSpdy) != NULL); | 121 ASSERT_TRUE(store.Get(kPolicyDisableSpdy) != NULL); |
120 EXPECT_TRUE(store.Get(kPolicyDisableSpdy)->Equals(&expected)); | 122 EXPECT_TRUE(store.Get(kPolicyDisableSpdy)->Equals(&expected)); |
121 } | 123 } |
122 | 124 |
123 void SetupIdentityStrategy( | 125 void SetupIdentityStrategy( |
124 const std::string& device_token, | 126 const std::string& device_token, |
125 const std::string& device_id, | 127 const std::string& device_id, |
126 const std::string& machine_id, | 128 const std::string& machine_id, |
| 129 const std::string& machine_model, |
127 const std::string& policy_type, | 130 const std::string& policy_type, |
128 const em::DeviceRegisterRequest_Type& policy_register_type, | 131 const em::DeviceRegisterRequest_Type& policy_register_type, |
129 const std::string& user_name, | 132 const std::string& user_name, |
130 const std::string& auth_token) { | 133 const std::string& auth_token) { |
131 EXPECT_CALL(identity_strategy_, GetDeviceToken()).WillRepeatedly( | 134 EXPECT_CALL(identity_strategy_, GetDeviceToken()).WillRepeatedly( |
132 Return(device_token)); | 135 Return(device_token)); |
133 EXPECT_CALL(identity_strategy_, GetDeviceID()).WillRepeatedly( | 136 EXPECT_CALL(identity_strategy_, GetDeviceID()).WillRepeatedly( |
134 Return(device_id)); | 137 Return(device_id)); |
135 EXPECT_CALL(identity_strategy_, GetMachineID()).WillRepeatedly( | 138 EXPECT_CALL(identity_strategy_, GetMachineID()).WillRepeatedly( |
136 Return(machine_id)); | 139 Return(machine_id)); |
| 140 EXPECT_CALL(identity_strategy_, GetMachineModel()).WillRepeatedly( |
| 141 Return(machine_model)); |
137 EXPECT_CALL(identity_strategy_, GetPolicyType()).WillRepeatedly( | 142 EXPECT_CALL(identity_strategy_, GetPolicyType()).WillRepeatedly( |
138 Return(policy_type)); | 143 Return(policy_type)); |
139 EXPECT_CALL(identity_strategy_, GetPolicyRegisterType()).WillRepeatedly( | 144 EXPECT_CALL(identity_strategy_, GetPolicyRegisterType()).WillRepeatedly( |
140 Return(policy_register_type)); | 145 Return(policy_register_type)); |
141 if (!user_name.empty()) { | 146 if (!user_name.empty()) { |
142 EXPECT_CALL(identity_strategy_, GetCredentials(_, _)).WillRepeatedly( | 147 EXPECT_CALL(identity_strategy_, GetCredentials(_, _)).WillRepeatedly( |
143 MockCloudPolicyIdentityStrategyGetCredentials(user_name, auth_token)); | 148 MockCloudPolicyIdentityStrategyGetCredentials(user_name, auth_token)); |
144 } | 149 } |
145 } | 150 } |
146 | 151 |
(...skipping 12 matching lines...) Expand all Loading... |
159 BrowserThread ui_thread_; | 164 BrowserThread ui_thread_; |
160 BrowserThread file_thread_; | 165 BrowserThread file_thread_; |
161 | 166 |
162 DISALLOW_COPY_AND_ASSIGN(CloudPolicyControllerTest); | 167 DISALLOW_COPY_AND_ASSIGN(CloudPolicyControllerTest); |
163 }; | 168 }; |
164 | 169 |
165 // If a device token is present when the controller starts up, it should | 170 // If a device token is present when the controller starts up, it should |
166 // fetch and apply policy. | 171 // fetch and apply policy. |
167 TEST_F(CloudPolicyControllerTest, StartupWithDeviceToken) { | 172 TEST_F(CloudPolicyControllerTest, StartupWithDeviceToken) { |
168 SetupIdentityStrategy("fake_device_token", "device_id", "machine_id", | 173 SetupIdentityStrategy("fake_device_token", "device_id", "machine_id", |
169 "google/chromeos/user", | 174 "machine_model", "google/chromeos/user", |
170 em::DeviceRegisterRequest::USER, "", ""); | 175 em::DeviceRegisterRequest::USER, "", ""); |
171 EXPECT_CALL(backend_, ProcessPolicyRequest(_, _, _, _)).WillOnce( | 176 EXPECT_CALL(backend_, ProcessPolicyRequest(_, _, _, _)).WillOnce( |
172 MockDeviceManagementBackendSucceedSpdyCloudPolicy()); | 177 MockDeviceManagementBackendSucceedSpdyCloudPolicy()); |
173 CreateNewController(); | 178 CreateNewController(); |
174 loop_.RunAllPending(); | 179 loop_.RunAllPending(); |
175 ExpectHasSpdyPolicy(); | 180 ExpectHasSpdyPolicy(); |
176 } | 181 } |
177 | 182 |
178 // If no device token is present when the controller starts up, it should | 183 // If no device token is present when the controller starts up, it should |
179 // instruct the token_fetcher_ to fetch one. | 184 // instruct the token_fetcher_ to fetch one. |
180 TEST_F(CloudPolicyControllerTest, StartupWithoutDeviceToken) { | 185 TEST_F(CloudPolicyControllerTest, StartupWithoutDeviceToken) { |
181 SetupIdentityStrategy("", "device_id", "machine_id", "google/chromeos/user", | 186 SetupIdentityStrategy("", "device_id", "machine_id", "machine_model", |
182 em::DeviceRegisterRequest::USER, | 187 "google/chromeos/user", em::DeviceRegisterRequest::USER, |
183 "a@b.com", "auth_token"); | 188 "a@b.com", "auth_token"); |
184 EXPECT_CALL(*token_fetcher_.get(), FetchToken(_, _, _, _)).Times(1); | 189 EXPECT_CALL(*token_fetcher_.get(), FetchToken(_, _, _, _, _)).Times(1); |
185 CreateNewController(); | 190 CreateNewController(); |
186 loop_.RunAllPending(); | 191 loop_.RunAllPending(); |
187 } | 192 } |
188 | 193 |
189 // If the current user belongs to a known non-managed domain, no token fetch | 194 // If the current user belongs to a known non-managed domain, no token fetch |
190 // should be initiated. | 195 // should be initiated. |
191 TEST_F(CloudPolicyControllerTest, StartupUnmanagedUser) { | 196 TEST_F(CloudPolicyControllerTest, StartupUnmanagedUser) { |
192 SetupIdentityStrategy("", "device_id", "machine_id", "google/chromeos/user", | 197 SetupIdentityStrategy("", "device_id", "machine_id", "machine_mode", |
193 em::DeviceRegisterRequest::USER, | 198 "google/chromeos/user", em::DeviceRegisterRequest::USER, |
194 "DannoHelper@gmail.com", "auth_token"); | 199 "DannoHelper@gmail.com", "auth_token"); |
195 EXPECT_CALL(*token_fetcher_.get(), FetchToken(_, _, _, _)).Times(0); | 200 EXPECT_CALL(*token_fetcher_.get(), FetchToken(_, _, _, _, _)).Times(0); |
196 CreateNewController(); | 201 CreateNewController(); |
197 loop_.RunAllPending(); | 202 loop_.RunAllPending(); |
198 } | 203 } |
199 | 204 |
200 // After policy has been fetched successfully, a new fetch should be triggered | 205 // After policy has been fetched successfully, a new fetch should be triggered |
201 // after the refresh interval has timed out. | 206 // after the refresh interval has timed out. |
202 TEST_F(CloudPolicyControllerTest, RefreshAfterSuccessfulPolicy) { | 207 TEST_F(CloudPolicyControllerTest, RefreshAfterSuccessfulPolicy) { |
203 SetupIdentityStrategy("device_token", "device_id", "machine_id", | 208 SetupIdentityStrategy("device_token", "device_id", "machine_id", |
204 "google/chromeos/user", em::DeviceRegisterRequest::USER, | 209 "machine_model", "google/chromeos/user", |
| 210 em::DeviceRegisterRequest::USER, |
205 "DannoHelperDelegate@b.com", "auth_token"); | 211 "DannoHelperDelegate@b.com", "auth_token"); |
206 EXPECT_CALL(backend_, ProcessPolicyRequest(_, _, _, _)).WillOnce( | 212 EXPECT_CALL(backend_, ProcessPolicyRequest(_, _, _, _)).WillOnce( |
207 MockDeviceManagementBackendSucceedSpdyCloudPolicy()).WillOnce( | 213 MockDeviceManagementBackendSucceedSpdyCloudPolicy()).WillOnce( |
208 MockDeviceManagementBackendFailPolicy( | 214 MockDeviceManagementBackendFailPolicy( |
209 DeviceManagementBackend::kErrorRequestFailed)); | 215 DeviceManagementBackend::kErrorRequestFailed)); |
210 CreateNewController(0, 0, 0, 1000 * 1000); | 216 CreateNewController(0, 0, 0, 1000 * 1000); |
211 loop_.RunAllPending(); | 217 loop_.RunAllPending(); |
212 ExpectHasSpdyPolicy(); | 218 ExpectHasSpdyPolicy(); |
213 } | 219 } |
214 | 220 |
215 // If policy fetching failed, it should be retried. | 221 // If policy fetching failed, it should be retried. |
216 TEST_F(CloudPolicyControllerTest, RefreshAfterError) { | 222 TEST_F(CloudPolicyControllerTest, RefreshAfterError) { |
217 SetupIdentityStrategy("device_token", "device_id", "machine_id", | 223 SetupIdentityStrategy("device_token", "device_id", "machine_id", |
218 "google/chromeos/user", em::DeviceRegisterRequest::USER, | 224 "machine_model", "google/chromeos/user", |
| 225 em::DeviceRegisterRequest::USER, |
219 "DannoHelperDelegateImpl@b.com", "auth_token"); | 226 "DannoHelperDelegateImpl@b.com", "auth_token"); |
220 EXPECT_CALL(backend_, ProcessPolicyRequest(_, _, _, _)).WillOnce( | 227 EXPECT_CALL(backend_, ProcessPolicyRequest(_, _, _, _)).WillOnce( |
221 MockDeviceManagementBackendFailPolicy( | 228 MockDeviceManagementBackendFailPolicy( |
222 DeviceManagementBackend::kErrorRequestFailed)).WillOnce( | 229 DeviceManagementBackend::kErrorRequestFailed)).WillOnce( |
223 MockDeviceManagementBackendSucceedSpdyCloudPolicy()); | 230 MockDeviceManagementBackendSucceedSpdyCloudPolicy()); |
224 CreateNewController(1000 * 1000, 0, 0, 0); | 231 CreateNewController(1000 * 1000, 0, 0, 0); |
225 loop_.RunAllPending(); | 232 loop_.RunAllPending(); |
226 ExpectHasSpdyPolicy(); | 233 ExpectHasSpdyPolicy(); |
227 } | 234 } |
228 | 235 |
229 // If the backend reports that the device token was invalid, the controller | 236 // If the backend reports that the device token was invalid, the controller |
230 // should instruct the token fetcher to fetch a new token. | 237 // should instruct the token fetcher to fetch a new token. |
231 TEST_F(CloudPolicyControllerTest, InvalidToken) { | 238 TEST_F(CloudPolicyControllerTest, InvalidToken) { |
232 SetupIdentityStrategy("device_token", "device_id", "machine_id", | 239 SetupIdentityStrategy("device_token", "device_id", "machine_id", |
233 "google/chromeos/user", em::DeviceRegisterRequest::USER, | 240 "machine_model", "google/chromeos/user", |
| 241 em::DeviceRegisterRequest::USER, |
234 "standup@ten.am", "auth"); | 242 "standup@ten.am", "auth"); |
235 EXPECT_CALL(backend_, ProcessPolicyRequest(_, _, _, _)).WillOnce( | 243 EXPECT_CALL(backend_, ProcessPolicyRequest(_, _, _, _)).WillOnce( |
236 MockDeviceManagementBackendFailPolicy( | 244 MockDeviceManagementBackendFailPolicy( |
237 DeviceManagementBackend::kErrorServiceManagementTokenInvalid)); | 245 DeviceManagementBackend::kErrorServiceManagementTokenInvalid)); |
238 EXPECT_CALL(*token_fetcher_.get(), FetchToken(_, _, _, _)).Times(1); | 246 EXPECT_CALL(*token_fetcher_.get(), FetchToken(_, _, _, _, _)).Times(1); |
239 CreateNewController(1000 * 1000, 0, 0, 0); | 247 CreateNewController(1000 * 1000, 0, 0, 0); |
240 loop_.RunAllPending(); | 248 loop_.RunAllPending(); |
241 } | 249 } |
242 | 250 |
243 // If the backend reports that the device is unknown to the server, the | 251 // If the backend reports that the device is unknown to the server, the |
244 // controller should instruct the token fetcher to fetch a new token. | 252 // controller should instruct the token fetcher to fetch a new token. |
245 TEST_F(CloudPolicyControllerTest, DeviceNotFound) { | 253 TEST_F(CloudPolicyControllerTest, DeviceNotFound) { |
246 SetupIdentityStrategy("device_token", "device_id", "machine_id", | 254 SetupIdentityStrategy("device_token", "device_id", "machine_id", |
247 "google/chromeos/user", em::DeviceRegisterRequest::USER, | 255 "machine_model", "google/chromeos/user", |
| 256 em::DeviceRegisterRequest::USER, |
248 "me@you.com", "auth"); | 257 "me@you.com", "auth"); |
249 EXPECT_CALL(backend_, ProcessPolicyRequest(_, _, _, _)).WillOnce( | 258 EXPECT_CALL(backend_, ProcessPolicyRequest(_, _, _, _)).WillOnce( |
250 MockDeviceManagementBackendFailPolicy( | 259 MockDeviceManagementBackendFailPolicy( |
251 DeviceManagementBackend::kErrorServiceDeviceNotFound)); | 260 DeviceManagementBackend::kErrorServiceDeviceNotFound)); |
252 EXPECT_CALL(*token_fetcher_.get(), FetchToken(_, _, _, _)).Times(1); | 261 EXPECT_CALL(*token_fetcher_.get(), FetchToken(_, _, _, _, _)).Times(1); |
253 CreateNewController(1000 * 1000, 0, 0, 0); | 262 CreateNewController(1000 * 1000, 0, 0, 0); |
254 loop_.RunAllPending(); | 263 loop_.RunAllPending(); |
255 } | 264 } |
256 | 265 |
257 // If the backend reports that the device is no longer managed, the controller | 266 // If the backend reports that the device is no longer managed, the controller |
258 // should instruct the token fetcher to fetch a new token (which will in turn | 267 // should instruct the token fetcher to fetch a new token (which will in turn |
259 // set and persist the correct 'unmanaged' state). | 268 // set and persist the correct 'unmanaged' state). |
260 TEST_F(CloudPolicyControllerTest, NoLongerManaged) { | 269 TEST_F(CloudPolicyControllerTest, NoLongerManaged) { |
261 SetupIdentityStrategy("device_token", "device_id", "machine_id", | 270 SetupIdentityStrategy("device_token", "device_id", "machine_id", |
262 "google/chromeos/user", em::DeviceRegisterRequest::USER, | 271 "machine_model", "google/chromeos/user", |
| 272 em::DeviceRegisterRequest::USER, |
263 "who@what.com", "auth"); | 273 "who@what.com", "auth"); |
264 EXPECT_CALL(backend_, ProcessPolicyRequest(_, _, _, _)).WillOnce( | 274 EXPECT_CALL(backend_, ProcessPolicyRequest(_, _, _, _)).WillOnce( |
265 MockDeviceManagementBackendFailPolicy( | 275 MockDeviceManagementBackendFailPolicy( |
266 DeviceManagementBackend::kErrorServiceManagementNotSupported)); | 276 DeviceManagementBackend::kErrorServiceManagementNotSupported)); |
267 EXPECT_CALL(*token_fetcher_.get(), SetUnmanagedState()).Times(1); | 277 EXPECT_CALL(*token_fetcher_.get(), SetUnmanagedState()).Times(1); |
268 CreateNewController(0, 0, 0, 1000 * 1000); | 278 CreateNewController(0, 0, 0, 1000 * 1000); |
269 loop_.RunAllPending(); | 279 loop_.RunAllPending(); |
270 } | 280 } |
271 | 281 |
272 } // namespace policy | 282 } // namespace policy |
OLD | NEW |